Internet DRAFT - draft-aitken-ipfix-equivalent-ies
draft-aitken-ipfix-equivalent-ies
IPFIX Working Group P. Aitken
Internet-Draft Cisco Systems
Intended status: Standards Track
Expires: July 4, 2015 July 4, 2014
Reporting Equivalent IPFIX Information Elements
draft-aitken-ipfix-equivalent-ies-02
Abstract
This document specifies a method for an
IPFIX Exporting Process to inform an IPFIX Collecting Process
of equivalence between different Information Elements, so
that the Collecting Process can understand the equivalence
and be enabled to process data across a change of
Information Elements.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet
Engineering Task Force (IETF). Note that other groups may
also distribute working documents as Internet-Drafts. The
list of current Internet-Drafts is at
http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of
six months and may be updated, replaced, or obsoleted by
other documents at any time. It is inappropriate to use
Internet-Drafts as reference material or to cite them other
than as "work in progress."
This Internet-Draft will expire on July 1, 2014.
Aitken Expires July 2015 [Page 1]
�Internet-Draft Reporting Equivalent IPFIX IEs July 2014
Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as
the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date
of publication of this document. Please review these
documents carefully, as they describe your rights and
restrictions with respect to this document. Code Components
extracted from this document must include Simplified BSD
License text as described in Section 4.e of the Trust Legal
Provisions and are provided without warranty as described in
the Simplified BSD License.
Conventions used in this document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described
in RFC 2119 [RFC2119].
Table of Contents
1 Introduction ........................................... 4
2 Terminology ............................................ 6
3 Method ................................................. 6
3.1 Equivalence Message Format ............................. 6
4 The Collecting Process's Side .......................... 9
5 Security Considerations ................................ 9
6 IANA Considerations .................................... 10
7 References ............................................. 11
7.1 Normative References ................................... 11
7.2 Informative References ................................. 12
8 Acknowledgements ....................................... 12
9 Author's Addresses ..................................... 12
Aitken Expires July 2015 [Page 2]
�Internet-Draft Reporting Equivalent IPFIX IEs July 2014
1 Introduction
The IPFIX Protocol [RFC7011] can export a large number of
Information Elements, including standard Information Elements
specified in the IPFIX information model [RFC7012],
Information Elements in IANA's IPFIX registry [IANA-IPFIX],
enterprise-specific Information Elements [RFC7011], and
Information Elements that are backwards compatible with
NetFlow Version 9 [RFC3954].
From time to time, an Exporting Process may export the same
information using different Information Elements from before.
Use cases include:
* Enterprise-specific Information Elements have been
standardized, so the Exporting Process is changed to
export the IANA standard Information Elements [IANA-IPFIX]
rather than the enterprise-specific Information Elements.
* The Exporting Process is changed to export IANA standard
Information Elements [IANA-IPFIX] rather than NetFlow
version 9 fields [RFC3954].
* The Exporting Process is updated to export different
enterprise-specific Information Elements.
* An updated Metering Process requests that the Exporting
Process exports using different Information Elements from
before.
* An Exporting Process which does not implement
[IPFIX-MIB-VARIABLE-EXPORT] indicates that an
enterprise-specific Information Element contains the same
information as a specific MIB OID.
In each case it's important to note that the same information
is being exported. The only change is in the Information
Element used to export the information.
Since different Information Elements are now being used to
express the same information, the Collecting Process cannot
process data received before the change with data received
after the change, because the Collecting Process does not know
that these Information Elements are related. It's not possible
to compare, aggregate, or sort data across such a change
without first understanding that the old and new Information
Elements are equivalent.
Aitken Expires July 2015 [Page 3]
�Internet-Draft Reporting Equivalent IPFIX IEs July 2014
Furthermore, it's impossible for every Collecting Process to
know how each IANA standard Information Element [IANA-IPFIX]
relates to every company's enterprise-specific Information
Elements. i.e., a Collecting Process from company X cannot be
expected to know that company Y's Exporting Process exports
enterprise-specific field Z which is equivalent to a certain
IANA standard element.
This document specifies a method for an Exporting Process to
inform a Collecting Process of such equivalence, so that the
Collecting Process is able to process data across the change.
2 Terminology
Original Information Element:
The Original Information Element specifies the old
Information Element which has been exported until now.
Equivalent Information Element:
The Equivalent Information Element specifies the new
Information Element which will been exported in future.
IE:
Shorthand for "Information Element" in the figures.
Other terms used in this document are defined in the
Terminology section of the IPFIX Protocol [RFC7011] and are to
be interpreted as defined there.
Aitken Expires July 2015 [Page 4]
�Internet-Draft Reporting Equivalent IPFIX IEs July 2014
3 Method
An Exporting Process informs a Collecting Process of the
equivalence of a pair of IPFIX Information Elements by
exporting an IPFIX Equivalence Message. Equivalence Messages
SHOULD be sent by the Exporting Process upon opening a new
Transport Session, before any other IPFIX Messages are
exported. In any case, an Equivalence Message MUST be sent
before exporting the Equivalent Information Element(s) to which
it pertains. i.e. Equivalence Messages do not apply
retrospectively.
An Equivalence Message may be sent in an Options Record Scoped
to the Exporter. Multiple Equivalence Messages may be sent
using IPFIX Structured Data [RFC6313].
3.1 Equivalence Message Format
The Equivalence Message consists of an original Information
Element in the "informationElementId" field (#303), followed by
the equivalent Information Element in the "equivalentElementId"
field (#TBD), using the Template shown in Figure 1 and Data
Record shown in Figure 2:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|E| informationElementId #303 | Field Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|E| equivalentElementId #TBD | Field Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 1: Template for Equivalence Message
--+-+---------------+-+---------------+--
... |E| Original IE |E| Equivalent IE | ...
--+-+---------------+-+---------------+--
Figure 2: Equivalence Message Data Record
The encoding of these Information Elements follows the rules
specified in [RFC7011].
Aitken Expires July 2015 [Page 5]
�Internet-Draft Reporting Equivalent IPFIX IEs July 2014
3.1.1 Equivalence between IANA standard Information Elements
When the Original Information Element and the
Equivalent Information Element are both IANA standard elements
[IANA-IPFIX], both of the E bits are zero and the Equivalence
Message is as shown in Figure 1.
3.1.2 Equivalence Message with an Enterprise-Specific
Original Information Element
When the Original Information Element is enterprise-specific,
the Original Information Element's E bit is set and the
Information Element number is immediately followed by the
corresponding Private Enterprise Number [PEN], as shown in
Figure 3:
+-+---------------+----------------------------------+-+---------------+
|1| Original IE | Private Enterprise Number |0| Equivalent IE |
+-+---------------+----------------------------------+-+---------------+
Figure 3: Equivalence Message with an Enterprise-Specific
Original Information Element
This allows an enterprise-specific Information Element to be
specified as equivalent to an IANA standard Information
Element.
3.1.3 Equivalence Message with an Enterprise-Specific
Equivalent Information Element
When the Equivalent Information Element is enterprise-specific,
the Equivalent Information Element's E bit is set and the
Information Element number is immediately followed by the
corresponding Private Enterprise Number [PEN] as shown in
Figure 4:
+-+---------------+-+---------------+----------------------------------+
|0| Original IE |1| Equivalent IE | Private Enterprise Number |
+-+---------------+-+---------------+----------------------------------+
Figure 4: Equivalence Message with an Enterprise-Specific
Equivalent Information Element
This allows an IANA standard Information Element to be
specified as equivalent to an enterprise-specific Information
Element.
Aitken Expires July 2015 [Page 6]
�Internet-Draft Reporting Equivalent IPFIX IEs July 2014
3.1.4 Equivalence Message with an
Enterprise-Specific Original Information Element and
Enterprise-Specific Equivalent Information Element
When both of the Information Elements are enterprise-specific,
both of the E bits are set and both Information Element numbers
are immediately followed by their corresponding Private
Enterprise Number [PEN] as shown in Figure 5:
+-+---------------+----------------------------------+
|1| Original IE | Private Enterprise Number | ...
+-+---------------+----------------------------------+
+-+---------------+----------------------------------+
... |1| Equivalent IE | Private Enterprise Number |
+-+---------------+----------------------------------+
Figure 5: Equivalence Message with two enterprise-specific
Information Elements
This allows two enterprise-specific Information Elements to be
specified as equivalent.
Note that the Private Enterprise Numbers do not have to be
equal. i.e., the Information Elements may belong to different
Private Enterprises.
Aitken Expires July 2015 [Page 7]
�Internet-Draft Reporting Equivalent IPFIX IEs July 2014
3.1.5 Equivalence Message with a
MIB Object Original Information Element
In this special case, the Equivalence Message Template contains
a MIB Object Identifier [IPFIX-MIB-VARIABLE-EXPORT] with the
corresponding E bit set to zero, followed by the
equivalentElementId, as shown in Figure 6:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0| mibObjectIdentifier #MIB | Field Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|E| equivalentElementId #TBD | Field Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 6: Template for MIB Object Equivalence Message
The MIB object details for the Original Information Element are
specified per [IPFIX-MIB-VARIABLE-EXPORT].
The Equivalent Information Element may be an IANA standard
Information Element as shown in Figure 7, or an
enterprise-specific Information Element as shown in Figure 8.
+-+---------------+-+---------------+
|0|mibObjectIdent.|0| Equivalent IE |
+-+---------------+-+---------------+
Figure 7: MIB Equivalence Message with an
IANA-standard Information Element
+-+---------------+-+---------------+----------------------------------+
|0|mibObjectIdent.|1| Equivalent IE | Private Enterprise Number |
+-+---------------+-+---------------+----------------------------------+
Figure 8: MIB Equivalence Message with an
Enterprise-Specific Information Element
4 The Collecting Process's Side
Equivalence Messages have global scope, unless they're sent in
an Options Message with a more restrictive scope, e.g. an
Options Record Scoped to the Exporter.
i.e., unless otherwise restricted, the specified equivalence
applies to all devices. Therefore the Collecting Process does
not need to maintain equivalence per device.
Aitken Expires July 2015 [Page 8]
�Internet-Draft Reporting Equivalent IPFIX IEs July 2014
5 Security Considerations
The same security considerations apply as for the IPFIX
Protocol [RFC7011].
6 IANA Considerations
A new Information Element "equivalentElementId" must be
allocated in IANA's IPFIX registry, [IANA-IPFIX]:
Description: This Information Element contains the ID of an
equivalent Information Element, which is specified in an
IPFIX Equivalence Message.
Abstract Data Type: Unsigned16
Data Type Semantics: identifier
ElementId: TBD
Status: current
Reference: [this document]
[RFC-EDITOR: The assigned value "TBD" is to be replaced
throughout this document.]
Aitken Expires July 2015 [Page 9]
�Internet-Draft Reporting Equivalent IPFIX IEs July 2014
7 References
7.1 Normative References
[RFC7011] Claise, B., Ed., Trammell, B., Ed., and P. Aitken,
"Specification of the
IP Flow Information Export (IPFIX)
Protocol for the Exchange of Flow Information",
STD 77, RFC 7011, September 2013.
[RFC7012] Claise, B., Ed., and B. Trammell, Ed.,
"Information Model for
IP Flow Information Export (IPFIX)",
RFC 7012, September 2013.
[IANA-IPFIX]
IANA, "IPFIX Information Elements registry",
<http://www.iana.org/assignments/ipfix/ipfix.xml>.
[IPFIX-MIB-VARIABLE-EXPORT]
Aitken, P, Claise, B, McDowell, C, and Schonwalder, J,
"Exporting MIB Variables using the IPFIX Protocol"
(WIP)
[RFC2119] S. Bradner, Key words for use in RFCs to Indicate
Requirement Levels, BCP 14, RFC 2119, March 1997
7.2 Informative References
[RFC3954] Claise, B., Ed., "Cisco Systems NetFlow Services
Export Version 9", RFC 3954, October 2004.
[RFC6313] Claise, B., Dhandapani, G., Aitken, P., and S. Yates,
"Export of Structured Data in IP Flow Information Export
(IPFIX)", RFC 6313, July 2011.
[PEN] IANA, "Private Enterprise Numbers registry",
<http://www.iana.org/assignments/enterprise-numbers>.
8 Acknowledgements
Thanks to you, dear reader.
Aitken Expires July 2015 [Page 10]
�Internet-Draft Reporting Equivalent IPFIX IEs July 2014
9 Author's Address
Paul Aitken
Cisco Systems, Inc.
96 Commercial Quay
Commercial Street
Edinburgh, EH6 6LX,
UK
Phone: +44 131 561 3616
Email: paitken@cisco.com
Aitken Expires July 2015 [Page 11]
�
