Internet DRAFT - draft-boydseda-ipfix-psamp-bulk-data-yang-model
draft-boydseda-ipfix-psamp-bulk-data-yang-model
Network Working Group J. Boyd
Internet-Draft ADTRAN
Obsoletes: 6728 (if approved) M. Seda
Intended status: Standards Track Calix
Expires: September 10, 2020 March 9, 2020
YANG Data Models for the IP Flow Information Export (IPFIX) Protocol,
Packet Sampling (PSAMP) Protocol, and Bulk Data Export
draft-boydseda-ipfix-psamp-bulk-data-yang-model-03
Abstract
This document defines a flexible, modular YANG model for packet
sampling (PSAMP) and bulk data collection and export via the IPFIX
protocol. This new model replaces the model defined in RFC 6728,
"Configuration Data Model for the IP Flow Information Export (IPFIX)
and Packet Sampling (PSAMP) Protocols". All functionality modeled in
RFC 6728 has been carried over to this new model.
The YANG data models in this document conform to the Network
Management Datastore Architecture (NMDA) defined in RFC 8342.
This document obsoletes RFC 6728 (if approved).
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 10, 2020.
Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved.
Boyd & Seda Expires September 10, 2020 [Page 1]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Historical Perspective . . . . . . . . . . . . . . . . . 4
1.2. Relationship to RFC 6728 . . . . . . . . . . . . . . . . 5
1.3. Terminology . . . . . . . . . . . . . . . . . . . . . . . 6
1.4. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 14
2. Objectives . . . . . . . . . . . . . . . . . . . . . . . . . 14
3. Structure of the Configuration Data Model . . . . . . . . . . 14
3.1. PSAMP-IPFIX Metered Model . . . . . . . . . . . . . . . . 16
3.1.1. Metering Process Decomposition in Selection Process
and Cache . . . . . . . . . . . . . . . . . . . . . . 16
3.1.2. Exporter Configuration . . . . . . . . . . . . . . . 17
3.2. Collector/Exporter Model . . . . . . . . . . . . . . . . 19
3.2.1. Collector/Exporter Decomposition . . . . . . . . . . 20
3.3. Bulk Data Exporter Model . . . . . . . . . . . . . . . . 20
3.3.1. Bulk Data Exporter Decomposition . . . . . . . . . . 20
4. Configuration and State Parameters . . . . . . . . . . . . . 21
4.1. Observation Point Class . . . . . . . . . . . . . . . . . 21
4.2. Selection Process Class . . . . . . . . . . . . . . . . . 23
4.2.1. Selection Process Class Method . . . . . . . . . . . 24
4.2.2. Selection Process Filter Classes . . . . . . . . . . 27
4.3. Cache Class . . . . . . . . . . . . . . . . . . . . . . . 30
4.3.1. Immediate Cache Type Class . . . . . . . . . . . . . 31
4.3.2. Timeout Cache, Natural Cache, and Permanent Cache
Type Class . . . . . . . . . . . . . . . . . . . . . 32
4.3.3. Cache Layout Class . . . . . . . . . . . . . . . . . 34
4.4. Exporting Process Class . . . . . . . . . . . . . . . . . 37
4.4.1. SCTP Exporter Class . . . . . . . . . . . . . . . . . 39
4.4.2. UDP Exporter Class . . . . . . . . . . . . . . . . . 42
4.4.3. TCP Exporter Class . . . . . . . . . . . . . . . . . 44
4.4.4. File Writer Class . . . . . . . . . . . . . . . . . . 44
4.4.5. Options Class . . . . . . . . . . . . . . . . . . . . 46
4.5. Collecting Process Class . . . . . . . . . . . . . . . . 47
4.5.1. SCTP Collector Class . . . . . . . . . . . . . . . . 48
4.5.2. UDP Collector Class . . . . . . . . . . . . . . . . . 49
4.5.3. TCP Collector Class . . . . . . . . . . . . . . . . . 50
4.5.4. File Reader Class . . . . . . . . . . . . . . . . . . 51
Boyd & Seda Expires September 10, 2020 [Page 2]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
4.6. Transport Layer Security Class . . . . . . . . . . . . . 52
4.7. Transport Session Class . . . . . . . . . . . . . . . . . 55
4.8. Template Class . . . . . . . . . . . . . . . . . . . . . 58
4.9. Bulk Data Class . . . . . . . . . . . . . . . . . . . . . 60
5. Adaptation to Device Capabilities . . . . . . . . . . . . . . 62
6. YANG Modules . . . . . . . . . . . . . . . . . . . . . . . . 64
6.1. ietf-ipfix . . . . . . . . . . . . . . . . . . . . . . . 64
6.1.1. ietf-ipfix Module Structure . . . . . . . . . . . . . 64
6.1.2. ietf-ipfix YANG Module . . . . . . . . . . . . . . . 65
6.2. ietf-ipfix-packet-sampling . . . . . . . . . . . . . . . 112
6.2.1. ietf-ipfix-packet-sampling Module Structure . . . . . 112
6.2.2. ietf-ipfix-packet-sampling YANG module . . . . . . . 113
6.3. ietf-ipfix-bulk-data-export . . . . . . . . . . . . . . . 143
6.3.1. ietf-ipfix-bulk-data-export Module Structure . . . . 143
6.3.2. ietf-ipfix-bulk-data-export YANG module . . . . . . . 144
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 150
8. Security Considerations . . . . . . . . . . . . . . . . . . . 151
9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 153
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 153
10.1. Normative References . . . . . . . . . . . . . . . . . . 153
10.2. Informative References . . . . . . . . . . . . . . . . . 156
Appendix A. Example: ietf-ipfix Usage . . . . . . . . . . . . . 157
Appendix B. Example: ietf-ipfix-packet-sampling Usage . . . . . 159
Appendix C. Example: ietf-ipfix-bulk-data-export Usage . . . . . 162
Appendix D. Tree diagrams . . . . . . . . . . . . . . . . . . . 164
D.1. ietf-ipfix . . . . . . . . . . . . . . . . . . . . . . . 164
D.2. ietf-ipfix-packet-sampling . . . . . . . . . . . . . . . 175
D.3. ietf-ipfix-bulk-data-export . . . . . . . . . . . . . . . 178
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 179
1. Introduction
Bulk data collection is an automated collection of device data that
is packaged together and delivered to an IPFIX collector. The IPFIX
protocol may be used to transport bulk data such as:
o Sampled (metered) Packet SAMPling (PSAMP) data: [RFC5476] defines
PSAMP operations that a device may implement to sample packets
passing through a network element for reporting purposes.
o Statistics from interfaces and sessions: YANG models define
statistics that can be retrieved via protocols such as NETCONF
[RFC6241] or RESTCONF [RFC8040]. These statistics can be streamed
using an IPFIX transport to an IPFIX collector that supports
analytics tools. An operator may wish to take the bulk data and
analyze it for trend analysis purposes or other usages (e.g.,
collect octet counts every 5 minutes for service level agreement
Boyd & Seda Expires September 10, 2020 [Page 3]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
purposes or collect reported device temperature for network health
purposes).
IPFIX can also be used to meet the bulk transport requirements of
other protocols. For example:
o [BBF.TR-352] ICTP (Inter-Channel Transport Protocol): ICTP uses
IPFIX to transport dynamic data (e.g., lease information) across
participating NG-PON2 (Next-Generation Passive Optical Network 2)
systems.
The YANG data models in this document conform to the Network
Management Datastore Architecture (NMDA) defined in [RFC8342].
1.1. Historical Perspective
Below is a historical timeline of IETF IPFIX and YANG RFCs:
o [RFC7011] (2013) defines the IPFIX protocol; it obsoleted RFC 5101
(2008).
o [RFC5476] (2009) defines the PSAMP operations of selection (random
selection, deterministic selection or hash-based selection) for
capturing or metering packets arriving on a device.
o RFC 6020 (2010) and [RFC7950] (2016) define v1.0 and v1.1 of the
YANG data modeling language (respectively), and [RFC8342] (2018)
updates RFC 7950 to define NMDA (Network Management Datastore
Architecture).
o [RFC6728] (2012) defined a Packet SAMPling (PSAMP) YANG model for
devices that use PSAMP for capturing (for metering purposes) a
subset of all packets traversing a device.
o [RFC8343] (2018) defines a YANG data model for interfaces; it
obsoleted RFC 7223 (2014).
o IETF, IEEE, Broadband Forum etc. (2015 to 2018) have incorporated
reporting of statistics into corresponding YANG models (G.fast,
PON, etc.).
[RFC6728] defines a single YANG module for the IP Flow Information
Export (IPFIX) and Packet Sampling (PSAMP) protocols. The PSAMP
collecting process and the IPFIX exporting process are tightly
coupled in this module. Moreover, the exporting process requires a
device to support SCTP. This coupling and transport requirement
makes it difficult for a device, which does not support SCTP, to use
the model for collecting and exporting non-PSAMP bulk data.
Boyd & Seda Expires September 10, 2020 [Page 4]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
o [BBF.TR-352] supports only TCP and TLS as IPFIX transport
protocols. The [RFC6728] YANG model does not allow for explicit
non-support for SCTP, therefore requiring the need for YANG
deviations to announce non-support.
o The PSAMP meter does not need to be configured if the observation
point is already defined by other YANG models. One could attempt
to augment PSAMP YANG to reference where the observation point is
being configured (but then would have to express feature "non-
support" on features unlikely to be needed or required by
devices).
Rather than this approach, a new YANG model has been developed where
functionality is separated into different modules such that the
functions can be independently leveraged.
These are some of the other issues with the current model:
o The PSAMP YANG model defines the frequency of export in the PSAMP
cache. Bulk data needs the export frequency to be controlled by
the exporting process.
o The PSAMP YANG model supports IPFIX mediators. Devices may need
to support large IPFIX mediation functions.
o The PSAMP YANG model contains references which correlate to MIB
definitions. For example, interfaces are referenced via ifIndex.
For most NETCONF managed devices, interfaces are referenced by
name as defined in [RFC8343].
1.2. Relationship to RFC 6728
This RFC adheres to all principles defined in [RFC6728], however, in
order to address the issues identified in the previous section, the
YANG model has changed as follows:
o The YANG model is divided into the following three modules:
* ietf-ipfix: Defines the IPFIX collector and exporter functions.
* ietf-ipfix-packet-sampling: Defines the PSAMP functions for
configuring a device to sample/meter a subset of packets from
the network.
* ietf-ipfix-bulk-data-export: Defines the bulk data IPFIX
templates used to export bulk data.
Boyd & Seda Expires September 10, 2020 [Page 5]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
o SCTP data nodes are made optional via the 'sctp' feature for
applications not requiring to support SCTP.
o The YANG model adds support for [RFC8343] interface and [RFC8348]
hardware component references.
* The ability to reference via the interface list in ietf-
interfaces [RFC8343] is added alongside the ifName and ifIndex.
* The ability to reference via the hardware component list in
ietf-hardware [RFC8348] is added alongside the entPhysicalName
and entPhysicalIndex.
o IPFIX transport sessions allow transport session information to be
retrieved individually.
* The transport sessions are modeled such that they can be
retrieved individually in addition to retrieving the entire
list (which may be quite large for devices such as an NG-PON2
OLT).
o Source and destination address type choice statements are added to
improve extensibility of the model.
o This RFC conforms to the [RFC8407] YANG data model guidelines.
Applications that use this RFC are expected to only need to import
the applicable YANG modules. For example:
o PSAMP uses the ietf-ipfix and ietf-ipfix-packet-sampling modules.
o Bulk data export uses the ietf-ipfix and ietf-ipfix-bulk-data-
export modules.
o Mediators and file readers/writers use only the ietf-ipfix module.
1.3. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
The following terms are used in this RFC:
Bulk Data
Boyd & Seda Expires September 10, 2020 [Page 6]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
Bulk data is the collection of configuration and/or state data
from a device.
Cache
The Cache is a functional block in a Metering Process that
generates IPFIX Flow Records or PSAMP Packet Reports from a
Selected Packet Stream, in accordance with its configuration. If
Flow Records are generated, the Cache performs tasks like creating
new records, updating existing ones, computing Flow statistics,
deriving further Flow properties, detecting Flow expiration,
passing Flow Records to the Exporting Process, and deleting Flow
Records. If Packet Reports are generated, the Cache performs
tasks like extracting packet contents and derived packet
properties from the Selected Packet Stream, creating new records,
and passing them as Packet Reports to the Exporting Process.
Cache Layout
The Cache Layout defines the superset of fields that are included
in the Packet Reports or Flow Records maintained by the Cache.
The fields are specified by the corresponding Information
Elements. In general, the largest possible subset of the
specified fields is derived for every Packet Report or Flow
Record. More specific rules about which fields must be included
are given in Section 4.3.3.
Collector
A device that hosts one or more Collecting Processes is termed a
Collector. [RFC7011]
Collecting Process
A Collecting Process received IPFIX messages from one or more
Exporting Processes. The Collecting Process might process or
store received Flow Records received within these Messages, but
such actions are out of scope for this document. [RFC7011]
Composite Selector
A Composite Selector is an ordered composition of Selectors, in
which the output Packet Stream issuing from one Selector forms the
input Packet Stream to the succeeding Selector. [RFC5476]
Data Record
A Data Record is a record that contains values of the parameters
corresponding to a Template Record. [RFC7011]
Exporter
A device that hosts one or more Exporting Process is termed an
Exporter. [RFC7011]
Boyd & Seda Expires September 10, 2020 [Page 7]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
Exporting Process
Depending on its deployment as part of an IPFIX Device or PSAMP
Device, the Exporting Process sends IPFIX Flow Records or PSAMP
Packet Reports to one or more Collecting Processes. The IPFIX
Flow Records or PSAMP Packet Reports are generated by one or more
Metering Processes.
Filtering
A filter is a Selector that selects a packet deterministically
based on the Packet Content, or its treatment, or functions of
these occurring in the Selection State. Two examples are:
* Property Match filtering: A packet is selected if the specific
field in the packet equals a predefined value.
* Hash-based Selection: A Hash Function is applied to the packet
content and the packet is selected if the result falls in a
specific range. [RFC5476]
Flow Key
Each of the fields that:
* belong to the packet header (e.g., destination IP address), or
* are a property of the packet itself (e.g., packet length), or
* are derived from Packet Treatment (e.g., Autonomous System (AS)
number),
and that are used to define a Flow (i.e., are the properties
common to all packets in the Flow) are termed Flow Keys. As an
example, the traditional '5-tuple' Flow Key of source and
destination IP address, source and destination transport port, and
transport protocol, groups together all packets belonging to a
single direction of communication on a single socket. [RFC7011]
Flow Record
A Flow Record contains information about a specific Flow that was
observed at an Observation Point. A Flow Record contains measured
properties of the Flow (e.g., the total number of bytes for all
the Flow's packets) and usually contains characteristic properties
of the Flow (e.g., source IP address). [RFC7011]
Information Element
An Information Element is a protocol and encoding independent
description of an attribute that may appear in an IPFIX record.
Information Elements are defined in the [IANA-IPFIX] Registry].
The type associated with an Information Element indicates
Boyd & Seda Expires September 10, 2020 [Page 8]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
constraints on what it may contain and also determines the valid
encoding mechanisms for use in IPFIX. [RFC7011]
IPFIX Device
An IPFIX Device hosts at least one Exporting Process. It may host
further Exporting Processes as well as arbitrary number of
Observation Points and Metering Processes. [RFC7011]
IPFIX File
An IPFIX File is a serialized stream of IPFIX Messages; this
stream may be stored in a filesystem or transported using some
technique customarily used for files. Any IPFIX Message stream
that would be considered valid when transported over one or more
of the specified IPFIX transports (Stream Control Transmission
Protocol (SCTP), TCP, or UDP) as defined in [RFC7011] is
considered an IPFIX File. [RFC5655] extends that definition with
recommendations on the construction of IPFIX Files. [RFC5655]
IPFIX File Writer
An IPFIX File Writer is a process that writes IPFIX Files to a
filesystem. An IPFIX File Writer operates as an IPFIX Exporting
Process as specified in [RFC7011] except as modified by [RFC5655].
IPFIX Mediator
An IPFIX Mediator is an IPFIX Device that provides IPFIX Mediation
by receiving a record stream from some data sources, hosting one
or more Intermediate Processes to transform that stream, and
exporting the transformed record stream into IPFIX Messages via an
Exporting Process. In the common case, an IPFIX Mediator receives
a record stream from a Collecting Process, but it could also
receive a record stream from the data sources not encoded using
IPFIX, e.g., in the case of conversion from the Netflow V9
protocol [RFC3954] to IPFIX protocol. [RFC7119]
IPFIX Message
An IPFIX Message is a message that originates at the Exporting
Process and carries the IPFIX records of this Exporting Process
and whose destination is a Collecting Process. An IPFIX Message
is encapsulated at the transport layer. [RFC7011]
Metering Process
The Metering Process is split into two functional blocks:
* Selection Process: A Selection Process takes the Observed
Packet Stream as its input and selects a subset of that stream
as its output.
Boyd & Seda Expires September 10, 2020 [Page 9]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
* Cache: The Cache is a functional block in a Metering Process
that generates IPFIX Flow Records or PSAMP Packet Reports from
a Selected Packet Stream, in accordance with its configuration.
The Metering Process generates IPFIX Flow Records or PSAMP Packet
Reports, depending on its deployment as part of an IPFIX Device or
PSAMP Device. If IPFIX Flow Records are generated, the Metering
Process MUST NOT aggregate packets observed at different
Observation Domains in the same Flow.
Monitoring Device
A Monitoring Device implements at least one of the functional
blocks specified in the context of IPFIX or PSAMP. In particular,
the term Monitoring Device encompasses Exporters, Collectors,
IPFIX Devices, and PSAMP Devices.
Observation Domain
An Observation Domain is the largest set of Observation Points for
which Flow Information can be aggregated by a Metering Process.
For example, a router line card may be an Observation Domain if it
is composed of several interfaces, each of which is an Observation
Point. If the IPFIX Message it generates, the Observation Domain
includes it Observation Domain ID, which is unique per Exporting
Process. That way, the Collecting Process can identify the
specific Observation Domain from the Exporter that sends the IPFIX
Messages. Every Observation Point is associated with an
Observation Domain. It is RECOMMENDED that Observation Domain IDs
also be unique per IPFIX Device. [RFC7011]
Observation Point
An Observation Point is a location in the network where packets
can be observed. Examples include a line to which a probe is
attached, a shared medium, such as an Ethernet based LAN, a single
port of a router, or a set of interfaces (physical or logical) of
a router. Note that every Observation Point is associated with an
Observation Domain and that one Observation Point may be a
superset of several other Observation Points. For example, on
Observation Point can be an entire line card. That would be a
subset of the individual Observation Points at the line card's
interfaces. [RFC7011]
Options Template Record
An Options Template Record is a Template Record that defines the
structure and interpretation of fields in a Data Record, including
defining how to scope the applicability of the Data Record.
[RFC7011]
Options Template/Options Template Set
Boyd & Seda Expires September 10, 2020 [Page 10]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
An Options Template Set is a collection of one or more Options
Template Records that have been grouped together in an IPFIX
Message. [RFC7011]
Packet Report
Packet Reports comprise a configurable subset of a packet's input
to the Selection Process include the packet content, information
relating to its treatment (e.g., the output interface) and its
associated selection state (e.g., the hash of a packet content).
[RFC5476]
Primitive Selector
A Selector is primitive if it is not a Composite Selector.
[RFC5476]
PSAMP Device
A PSAMP device is a device hosting at least an Observation Point,
a Selection Process and an Exporting Process. Typically
corresponding Observation Point(s), Selection Process(es) and
Exporting Process(es) are co-located at this device, for example,
at a router. [RFC5476]
Reverse Information Element
An Information Element defined as corresponding to a normal (or
forward) Information Element, but associated with the reverse
direction of a Biflow. [RFC5103]
Sampling
A Selector that is not a filter is called a Sampling operation.
This reflects the intuitive notion that if the selection of a
packet cannot be determine from its content alone, there must be
some type of Sampling taking place. [RFC5476]
Selected Packet Stream
The Selected Packet Stream is the set of all packets selected by a
Selection Process.
Selection Process
A Selection Process takes the Observed Packet Stream as its input
and selects a subset of that stream as its output. [RFC5476]
Selection Sequence
From all the packets observed at an Observation Point, only a few
packets are selected by one or more Selectors. The Selection
Sequence is a unique value per Observation Domain describing the
Observation Point and the Selector IDs through the packets are
selected. [RFC5476]
Boyd & Seda Expires September 10, 2020 [Page 11]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
Selection Sequence Report Interpretation
Each Packet Report contains a selectionSequenceId Information
Element that identifies the particular combination of Observation
Point and Selector(s) used for its selection. For every
selectionSequenceId Information Element in use, the PSAMP Device
MUST export a Selection Sequence Report Interpretation using an
Options Template. [RFC5476]
Selection Sequence Statistics Report Interpretation
A Selector MAY be used in multiple Selection Sequences. However,
each use of a Selector must be independent, so each separate
logical instance of a Selector MUST maintain its own individual
Selection State and statistics. The Selection Sequence Statistics
Report Interpretation MUST include the number of observed packets
(Population Size) and the number of packets selected (Sample Size)
by each instance of its Primitive Selectors. [RFC5476]
Selection State
A Selection Process may maintain state information for use by the
Selection Process. At a given time, the Selection State may
depend on packets observed at and before that time, and other
variables. Examples include:
* sequence numbers of packets at the input of Selectors
* a timestamp of observation of the packet at the Observation
Point
* iterators for pseudorandom number generators
* hash values calculated during selection
* indicators of whether the packet was selected by a given
Selector
Selection Processes may change portions of the Selection State as
a result of processing a packet. Selection state for a packet is
to reflect the state after processing the packet. [RFC5476]
Selector
A Selector defines the action of a Selection Process on a single
packet of its input. If selected, the packet becomes an element
of the output Packet Stream. The Selector can make use of the
following information in determining whether a packet is selected:
* the packet content
Boyd & Seda Expires September 10, 2020 [Page 12]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
* information derived from the packet's treatment at the
Observation Point
* any selection state that may be maintained by the Selection
Process [RFC5476]
Selector Report Interpretation
An IPFIX Data Record, defined by an Options Template Record, MUST
be used to send the configuration details of every Selector in
use. The Options Template Record MUST contain:
* selectorId Information Element as the Scope field
* SelectorAlgorithm Information Element [RFC5476]
Template Record
A Template Record defines the structure and interpretation of
fields in a Data Record. [RFC7011]
Template/Template Set
A Template Set is a collection of one or more Template Records
that have been grouped together in an IPFIX Message. [RFC7011]
Traffic Flow or Flow
A Flow is defined as a set of packets or frames passing an
Observation Point in the network during a certain time interval.
All packets belonging to a particular Flow have a set of common
properties. Each property is defined as the result of applying a
function to the values of:
* one or more packet header fields (e.g., destination IP
address), transport header fields (e.g., destination port
number), or application header fields (e.g., RTP header fields)
* one or more characteristics of the packet itself (e.g., number
of MPLS labels, etc.)
* one or more of the fields derived from Packet Treatment (e.g.,
next-hop IP address, the output interface, etc.)
A packet is defined as belonging to a Flow if it completely
satisfies all the defined properties of the Flow. Note that the
set of packets represented by a Flow may be empty; that is, a Flow
may represent zero or more packets. As sampling is a Packet
Treatment, this definition includes packets selected by a sampling
mechanism. [RFC7011]
Boyd & Seda Expires September 10, 2020 [Page 13]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
1.4. Tree Diagrams
Tree diagrams used in this document follow the notation defined in
[RFC8340].
2. Objectives
This document defines a YANG data model for the configuration and
state retrieval of basic IPFIX functionality as well as PSAMP and
bulk data export applications over IPFIX. The YANG modules in this
document conform to the Network Management Datastore Architecture
(NMDA) [RFC8342] and [RFC8407] YANG guidelines.
3. Structure of the Configuration Data Model
The reference model described in this RFC describes the following
models:
o A PSAMP/IPFIX metered model where a PSAMP/IPFIX device configures
a meter that samples packets passing through a device, applies an
IPFIX template to those packets, and exports IPFIX templates/data
records to an IPFIX collector.
o An IPFIX collector/exporter model where an IPFIX device can:
* terminate multiple IPFIX sessions to a collection process and
then export those IPFIX packets to an external IPFIX collector
or
* read an IPFIX formatted file into the collection process and
export that file to a destination location.
o A bulk data model where an IPFIX template is applied to configured
reference resource that can export bulk data (e.g., statistics,
[BBF.TR-352] ICTP IPFIX data).
Figure 1 illustrates the PSAMP metered UML model for a PSAMP/IPFIX
monitoring device. The metering process is contained in the ietf-
ipfix-packet-sampling module. The metering process comprises a
selection-process and cache that refers to an exporting-process.
Further explanations about the relationship between selection-process
and cache are given in Section 3.1.1. Section 4.4 describes the
exporting-process configuration.
Boyd & Seda Expires September 10, 2020 [Page 14]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
+--------------------------------------------------------------+
| +--------------------+ Metering Process |
| | Module: ietf-ipfix | |
| | -packet-sampling| |
| |--------------------|<------------------------+ |
| | |<--------+ 1 | |
| +--------------------+ | +-------------+-----------+ |
| ^ | | list: selection-process | |
| | | |-------------------------| |
| 1 | | | | |
| +--------+-------------+ | +-----------------+-------+ |
| | list: observation-pt | | ^ | |
| |----------------------| selection-process-ref | | |
| | +-------|---------------+ | |
| +----------------------+ | 0..* | |
| 1 | | |
| +-------+-------+ | |
| | list: cache | | |
| |---------------| 0..1 | |
| | |<----------+ |
| +---------------+ cache-ref |
+--------------------------------+-----------------------------+
+--------------------+ |
| Module: ietf-ipfix | |
|--------------------| |
| | |
+--------------------+ |
^ | exporting-process-ref
| |
1 | |
+---------+---------------+ |
| list: exporting-process | |
|-------------------------| |
| |<----+
+-------------------------+ 0..*
Figure 1: PSAMP-IPFIX metered model
PSAMP/IPFIX monitoring device implementations usually maintain the
separation of various functional blocks, although they do not
necessarily implement all of them. The configuration data model
enables the setting of commonly available configuration parameters
for selection-processes and caches, and supports optional
configuration for features like the [RFC2863] IF-MIB and [RFC6933]
ENTITY-MIB.
Boyd & Seda Expires September 10, 2020 [Page 15]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
3.1. PSAMP-IPFIX Metered Model
3.1.1. Metering Process Decomposition in Selection Process and Cache
In a monitoring device implementation, the functionality of the
metering process is split into the selection process and cache.
Figure 2 shows a metering process example. The selection-process
takes an observed packet stream as its input and selects a subset of
that stream as its output (selected packet stream). The action of
the selection-process on a single packet of its input is defined by
one selector (called a primitive selector) or an ordered composition
of multiple selectors (called a composite selector). The cache
generates flow records or packet reports from the selected packet
stream, depending on its configuration.
+------------------------------------+
| Metering Process |
| +------------+ Selected |
Observed | | selection- | Packet +-------+ | Stream of
Packet -->| process |---------->| cache |--> Flow Records or
Stream | +------------+ Stream +-------+ | Packet Reports
+------------------------------------+
Figure 2: Selection Process and Cache forming a Metering Process
A metering process must always have a selection-process. It is
possible to select all packets in the observed packet stream, and
pass them to the cache unfiltered by configuring the selector-method
to "select-all".
A metering process can be configured to support multiple selection
processes that receive packets from multiple observation points
within the same observation domain. In this case, the observed
packet streams of the observation points are processed in independent
selection sequences. As specified in [RFC5476], a distinct set of
selector instances needs to be maintained per selection sequence in
order to keep the selection states and statistics separate.
With the configuration data model, it is possible to configure a
metering process with multiple selection processes whose output is
processed by a single cache. This is illustrated in Figure 3.
Boyd & Seda Expires September 10, 2020 [Page 16]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
+--------------------------------------+
| Metering Process |
| +------------+ Selected |
Observed | | selection- | Packet |
Packet -->| process |----------+ +-------+ |
Stream | +------------+ Stream +->| | | Stream of
| ... | cache |--> Flow Records or
| +------------+ Selected +->| | | Packet Reports
Observed | | selection- | Packet | +-------+ |
Packet -->| process |----------+ |
Stream | +------------+ Stream |
+--------------------------------------+
Figure 3: Metering Process with multiple Selection Processes
The observed packet streams at the input of a metering process may
originate from observation points belonging to different observation
domains. By definition of the observation domain (see [RFC7011]), a
cache must not aggregate packets observed at different observation
domains in the same flow. Hence, if the cache is configured to
generate flow records, it needs to distinguish packets according to
their observation domains.
3.1.2. Exporter Configuration
Figure 4 below shows the main classes of the configuration data model
that are involved in the configuration of an IPFIX or PSAMP Exporter.
The role of the classes can be briefly summarized as follows:
o The ObservationPoint class specifies an observation-point (e.g.,
an interface or line card) of the Monitoring Device that captures
packets for traffic measurements. An observation-point may be
associated with one or more instances of the SelectionProcess
class when a device is capable of processing observed packets in
parallel.
* When an observation-point is configured without references to
the selection-process, the captured packets are not considered
part of the metering process.
o The SelectionProcess class contains the configuration and state
parameters of a selection-process. The selection-process may be
composed of a single selector or a sequence of selectors, defining
a primitive or composite Selector, respectively. The selection-
process selects packets from one or more observed packet streams,
each originating from a different observation-point. A selection-
process instance may be referred to from one or more observation-
point instances.
Boyd & Seda Expires September 10, 2020 [Page 17]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
* A selection process may pass the selected packet stream to a
cache. Therefore, the selection-process class contains a
reference to an instance of the cache class.
* If a selection-process is configured without any reference to a
cache, the selected packets are not accounted in any packet
report or flow record.
o The Cache class contains configuration and state parameters of a
cache. A cache may receive the output of one or more selection
processes and maintains corresponding packet reports or flow
records. Therefore, an instance of the cache class may be
referred to from multiple selection process instances.
Configuration parameters of the cache class specify the size of
the cache, the cache layout, and expiration parameters if
applicable. The cache configuration also determines whether
packet reports or flow records are generated.
* A cache may pass its output to one or more exporting processes.
Therefore, the cache class enables references to one or more
instances of the exporting process class.
* If a cache instance does not specify any reference to an
exporting process instance, the cache output is dropped.
o The ExportingProcess class contains configuration and state
parameters of an exporting-process. It includes various
transport-protocol-specific parameters and the export
destinations.
* An instance of the exporting process class may be referred to
from multiple instances of the cache class.
Boyd & Seda Expires September 10, 2020 [Page 18]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
+-------------------+
| observation-point |
+---------+---------+
0..* |
|
0..* v
+-------------------+
| selection-process |
+---------+---------+
0..* |
|
0..1 v
+-------------------+
| cache |
+---------+---------+
0..* |
|
0..* v
+-------------------+
| exporting-process |
+-------------------+
Figure 4: Class diagram of Exporter configuration
3.2. Collector/Exporter Model
+--------------------+
| Module: ietf-ipfix |
|--------------------|<------------------+
| | 1 |
+--------------------+ +-------------+------------+
^ | list: collecting-process |
| |--------------------------|
| +-------------+------------+
| |
1 | |
+---------+---------------+ |
| list: exporting-process | |
|-------------------------| 0..* |
| |<-------------+
+-------------------------+ exporting-process-ref
Figure 5: Collector/Exporter Model
Boyd & Seda Expires September 10, 2020 [Page 19]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
3.2.1. Collector/Exporter Decomposition
Figure 5 shows the main classes of the configuration data model that
are involved in the configuration of a collector. An instance of the
CollectingProcess class specifies the local IP addresses, transport
protocols, and port numbers of a collecting-process.
A collecting-process MAY be configured as a File Reader according to
[RFC5655].
A CollectingProcess class instance may refer to one or more
exporting-process instances configuring exporting processes that re-
export the received data. As an example, an exporting process can be
configured as a file-writer in order to save the received IPFIX
messages in a file.
3.3. Bulk Data Exporter Model
+------------------------------------+
| module:ietf-ipfix-bulk-data-export |
|------------------------------------|
+------------------------------------+
^
|
1 |
+------------+------------+ +---------------+
| list:bulk-data-template | | list:resource |
|-------------------------|------------->+---------------|
+------------+------------+ 0..* +---------------+
|
0..* | exporting-process-ref
v
+-------------------------+
| list:exporting-process |
|-------------------------|
+-------------------------+
Figure 6: Bulk Data Exporter Model
3.3.1. Bulk Data Exporter Decomposition
Figure 6 shows the main classes of the configuration model that are
involved in bulk data export. A device that has a resource instance
capable of reporting bulk data through IPFIX does not need an IPFIX
meter to be created. Instead a bulk-data template is created and
applied to that resource instance.
Boyd & Seda Expires September 10, 2020 [Page 20]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
The ExportingProcess class contains configuration and state
parameters of an exporting-process. It includes various transport-
protocol-specific parameters and the export destinations. The bulk-
data-template may refer to multiple instances of the ExportingProcess
class.
4. Configuration and State Parameters
This section specifies the configuration and state parameters of the
configuration data model separately for each class.
4.1. Observation Point Class
Figure 7 shows the observation-point attributes of an IPFIX
monitoring device. As defined in [RFC7011], an observation point can
be any location where packets are observed. A IPFIX monitoring
device potentially has more than one such location. An instance of
observation-point defines which location is associated with a
specific observation point. For this purpose, interfaces (ietf-
interfaces module [RFC8343]) and hardware components (ietf-hardware
module [RFC8348]) are identified using their names.
o Alternatively, index values of the corresponding entries in the
ifTable (IF-MIB module [RFC2863]) or the entPhysicalTable (ENTITY-
MIB module [RFC6933]) can be used as identifiers. However,
indices should only be used as identifiers if an SNMP agent on the
same monitoring device enables access to the corresponding mib
tables.
By its definition in [RFC7011], an observation point may be
associated with a set of interfaces. Therefore, the configuration
data model allows configuring multiple interfaces and hardware
components for a single observation point. The observation-point-id
(i.e., the value of the information element observationPointId
[IANA-IPFIX]) is assigned by the monitoring device.
Boyd & Seda Expires September 10, 2020 [Page 21]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
+--rw observation-point* [name]
+--rw name ietf-ipfix:name-type
+--rw observation-domain-id uint32
+--rw interface-ref* if:interface-ref
+--rw if-name* if-name-type {if-mib}?
+--rw if-index* uint32 {if-mib}?
+--rw hardware-ref* hardware-ref
+--rw ent-physical-name* string {entity-mib}?
+--rw ent-physical-index* uint32 {entity-mib}?
+--rw direction? direction
+--ro observation-point-id? uint32
+--rw selection-process*
-> /ietf-ipfix:ipfix/psamp/selection-process/name
Figure 7: Observation Point Attributes
The configuration parameters of the observation point are:
observation-domain-id
This parameter defines the identifier of the observation domain
that the observation point belongs to. Observation points that
are configured with the same observation domain ID belong to the
same observation domain. Note that this parameter corresponds to
ipfixObservationPointObservationDomainId in the IPFIX MIB module
[RFC6615].
interface-ref
This parameter identifies the interface (via the interface
reference [RFC8343]) on the monitoring device that is associated
with the given observation point.
if-name
This parameter identifies the interface (via the ifName in the IF-
MIB [RFC2863]) on the monitoring device that is associated with
the given observation point. if-name should only be used if an
SNMP agent enables access to the ifTable.
if-index
This parameter identifies the interface (via the ifIndex value in
the IF-MIB [RFC2863]) on the monitoring device that is associated
with the given observation point. if-index should only be used if
an SNMP agent enables access to the ifTable.
hardware-ref
This parameter identifies a hardware component (via the hardware
reference [RFC8348]) on the monitoring device that is associated
with the given observation point.
Boyd & Seda Expires September 10, 2020 [Page 22]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
ent-physical-name
This parameter identifies a physical entity (via the
entPhysicalName in the ENTITY-MIB module [RFC6933]) on the
monitoring device that is associated with the given observation
point. ent-physical-name should only be used if an SNMP agent
enables access to the entPhysicalTable.
ent-physical-index
This parameter identifies a physical entity (via the
entPhysicalIndex in the ENTITY-MIB module [RFC6933]) on the
monitoring device that is associated with the given observation
point. ent-physical-name should only be used if an SNMP agent
enables access to the entPhysicalTable.
direction
This parameter specifies if ingress traffic, egress traffic, or
both ingress and egress traffic is captured, using the values
"ingress", "egress", and "both", respectively. if not configured,
ingress and egress traffic is captured (i.e., the default value is
"both"). If not applicable (e.g., in the case of a sniffing
interface in promiscuous mode), the value of this parameter is
ignored.
selection-process-reference
An observation-point instance may refer to one or more selection-
process instances that process the observed packets in parallel.
4.2. Selection Process Class
Figure 8 shows the selection-process attributes. The selection-
process class contains the configuration and state parameters of a
selection process that selects packets from one or more observed
packet streams and generates a selected packet stream as its output.
A non-empty ordered list defines a sequence of selectors. The
actions defined by the selectors are applied to the stream of
incoming packets in the specified order.
If the selection process receives packets from multiple observation
points, the observed packet streams need to be processed
independently in separate selection sequences. Each selection
sequence is identified by a selection sequence id that is unique
within the observation domain the observation point belongs to (see
[RFC5477]). Selection sequence ids are assigned by the monitoring
device.
As state parameters, the selection-process class contains a list of
(observation-domain-id, selection-sequence-id) tuples specifying the
assigned selection sequence ids and corresponding observation domain
Boyd & Seda Expires September 10, 2020 [Page 23]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
ids. With this information, it is possible to associate selection
sequence (statistics) report interpretations exported according to
the PSAMP protocol specification [RFC5476] with the corresponding
selection-process instance.
A selection-process instance may include a reference to a cache class
instance to generate packet reports or flow records from the selected
packet stream.
+--rw selection-process* [name]
+--rw name ietf-ipfix:name-type
+--rw selector* [name]
| +--rw name
| | ietf-ipfix:name-type
| +--rw (method)
| | +--:(select-all)
| | | +--rw select-all? empty
| | +--:(samp-count-based)
| | | ...
| | +--:(samp-time-based)
| | | ...
| | +--:(samp-rand-out-of-n)
| | | ...
| | +--:(samp-uni-prob)
| | | ...
| | +--:(filter-match)
| | | ...
| | +--:(filter-hash)
| | | ...
| +--ro packets-observed? yang:counter64
| +--ro packets-dropped? yang:counter64
| +--ro selector-discontinuity-time? yang:date-and-time
+--rw cache?
| -> /ietf-ipfix:ipfix/psamp/cache/name
+--ro selection-sequence* []
+--ro observation-domain-id? uint32
+--ro selection-sequence-id? uint64
Figure 8: Selection Process Attributes
4.2.1. Selection Process Class Method
Standardized PSAMP sampling and filtering methods are described in
[RFC5475]; their configuration parameters are specified in the
classes samp-count-based, samp-time-based, samp-rand-out-of-n, samp-
uni-prob, filter-match, and filter-hash. In addition, the select-all
class, which has no parameters, is used for a selector that selects
Boyd & Seda Expires September 10, 2020 [Page 24]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
all packets. The selector class includes exactly one of these
sampler and filter classes, depending on the applied method.
+--rw selection-process* [name]
+--rw name ietf-ipfix:name-type
+--rw selector* [name]
| +--rw name
| | ietf-ipfix:name-type
| | ...
| +--ro packets-observed? yang:counter64
| +--ro packets-dropped? yang:counter64
| +--ro selector-discontinuity-time? yang:date-and-time
Figure 9: Selector Class Attributes
The selector class, shown in Figure 9 contains the selector
statistics packets-observed and packets-dropped as well as selector-
discontinuity-time, which correspond to the IPFIX MIB module objects
ipfixSelectionProcessStatsPacketsObserved,
ipfixSelectionProcessStatsPacketsDropped, and
ipfixSelectionProcessStatsDiscontinuityTime, respectively [RFC6615]:
packets-observed
The total number of packets observed at the input of the selector.
If this is the first selector in the selection process, this
counter corresponds to the total number of packets in all observed
packet streams at the input of the selection process. Otherwise,
the counter corresponds to the total number of packets at the
output of the preceding selector. Discontinuities in the value of
this counter can occur at re-initialization of the management
system, and at other times as indicated by the value of selector-
discontinuity-time.
packets-dropped
The total number of packets discarded by the selector.
Discontinuities in the value of this counter can occur at re-
initialization of the management system, and at other times as
indicated by the value of selector-discontinuity-time.
selector-discontinuity-time
Timestamp of the most recent occasion at which one or more of the
selector counters suffered a discontinuity. In contrast to
ipfixSelectionProcessStatsDiscontinuityTime, the time is absolute
and not relative to sys-uptime.
Note that packets-observed and packets-dropped are aggregate
statistics calculated over all selection sequences of the selection
process. This is in contrast to the counter values in the selection
Boyd & Seda Expires September 10, 2020 [Page 25]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
sequence statistics report interpretation [RFC5476], which are
related to a single selection sequence only.
4.2.1.1. Selection Process Class Method: Sampler Methods
| | +--:(samp-count-based)
| | | +--rw samp-count-based {psamp-samp-count-based}?
| | | +--rw packet-interval uint32
| | | +--rw packet-space uint32
| | +--:(samp-time-based)
| | | +--rw samp-time-based {psamp-samp-time-based}?
| | | +--rw time-interval uint32
| | | +--rw time-space uint32
| | +--:(samp-rand-out-of-n)
| | | +--rw samp-rand-out-of-n
| | | {psamp-samp-rand-out-of-n}?
| | | +--rw size uint32
| | | +--rw population uint32
| | +--:(samp-uni-prob)
| | | +--rw samp-uni-prob {psamp-samp-uni-prob}?
| | | +--rw probability decimal64
Figure 10: Sampler Method Attributes
Figure 10 shows the following sampler methods:
samp-count-based (Systematic Count-based Sampling): The following
attributes are configurable:
packet-interval
The number of packets that are consecutively sampled between gaps
of length packet-space. This parameter corresponds with the
Information Element samplingPacketInterval and
psampSampCountBasedInterval attribute [RFC5477].
packet-space:
The number of unsampled packets between two sampling intervals.
This parameter corresponds to the Information Element
samplingPacketSpace and psampSampCountBasedSpace attribute
[RFC6727].
Samp-Time-Based (Systematic Time-based Sampling): The following
attributes are configurable:
time-interval
The time interval during which all arriving packets are sampled.
The unit is microseconds. This parameter corresponds to
Boyd & Seda Expires September 10, 2020 [Page 26]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
corresponds to the Information Element samplingTimeInterval and to
psampSampTimeBasedInterval attribute [RFC6727].
time-space
The gap between two Sampling intervals, in microseconds. This
parameter corresponds to Information Element samplingTimeSpace and
to psampSampTimeBasedSpace attribute [RFC6727].
Samp-Rand-Out-of-N: The following attributes are configurable:
size
The number of elements taken from the parent population. This
parameter corresponds to Information Element samplingSize and
psampSampRandOutOfNSize attribute [RFC6727].
population
The number of elements in the parent population. These parameters
correspond to Information Element samplingPopulation and
psampSampRandOutOfNPopulation attribute [RFC6727].
samp-uni-prob: The following attributes are configurable:
probability
The probability for uniform probabilistic sampling. The
probability is expressed as a value between 0 and 1. This
parameter corresponds to Information Element samplingProbability
and psampSampUniProbProbability attribute [RFC6727].
4.2.2. Selection Process Filter Classes
Boyd & Seda Expires September 10, 2020 [Page 27]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
| | +--:(filter-match)
| | | +--rw filter-match {psamp-filter-match}?
| | | +--rw (information-element)
| | | | +--:(ie-name)
| | | | | +--rw ie-name?
| | | | | ietf-ipfix:ie-name-type
| | | | +--:(ie-id)
| | | | +--rw ie-id?
| | | | ietf-ipfix:ie-id-type
| | | +--rw ie-enterprise-number? uint32
| | | +--rw value string
| | +--:(filter-hash)
| | +--rw filter-hash {psamp-filter-hash}?
| | +--rw hash-function? identityref
| | +--rw initializer-value? uint64
| | +--rw ip-payload-offset? uint64
| | +--rw ip-payload-size? uint64
| | +--rw digest-output? boolean
| | +--rw selected-range* [name]
| | | +--rw name ietf-ipfix:name-type
| | | +--rw min? uint64
| | | +--rw max? uint64
| | +--ro output-range-min? uint64
| | +--ro output-range-max? uint64
Figure 11: Filter Method Attributes
Figure 11 shows the following filter methods:
Property-Match Filtering: The following attributes are configurable:
Filtering based on ie-id, ie-name, ie-enterprise-number
The property to be matched is specified by either ie-id or ie-
name, specifying the identifier or name of the Information
Element, respectively. If ie-enterprise-number is zero (which is
the default), this Information Element is registered in the IANA
registry of IPFIX Information Elements [IANA-IPFIX]. A non-zero
value of ie-enterprise-number specifies an enterprise specific
Information Element [IANA-ENTERPRISE-NUMBERS].
value
The matching value.
For hash-based filtering, the configuration and state attributes are:
hash-function
The following values are defined:
Boyd & Seda Expires September 10, 2020 [Page 28]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
* BOB: BOB Hash Function as specified in [RFC5475], Appendix A.2
* IPSX: IP Shift-XOR (IPSX) Hash Function as specified in
[RFC5475], Appendix A.1
* CRC: CRC-32 function as specified in [RFC1141] Default value is
"BOB". This parameter corresponds to the PSAMP MIB object
psampFiltHashFunction [RFC6727].
initializer-value
This parameter corresponds to the Information Element
hashInitialiserValue [RFC5477], as well as to the PSAMP MIB object
psampFiltHashInitializerValue [RFC6727]. If not configured by the
user, the Monitoring Device arbitrarily chooses an initializer
value.
ip-payload-offset
Configures the offset of the payload section used as input to the
hash function. Default value is 0 (minimum configurable values
according to [RFC5476], Section 6.5.2.6.). This parameter
corresponds to the Information Element hashIPPayloadOffset
[RFC5477] as well as to the PSAMP MIB object
psampFiltHashIpPayloadOffset [RFC6727].
ip-payload-size
Configures the size of the payload section used as input to the
hash function. Default value is 8 (minimum configurable values
according to [RFC5476], Section 6.5.2.6.). This parameter
corresponds to the Information Element hashIPPayloadSize
[RFC5477], as well as to the PSAMP MIB object
psampFiltHashIpPayloadSize [RFC6727].
digest-output
Enables or disables the inclusion of the packet digest in the
resulting PSAMP Packet Report. This requires that the Cache
Layout of the Cache generating the Packet Reports includes a
digest-hash-value field. This parameter corresponds to the
Information Element hashDigestOutput [RFC5477].
output-range-min
Defines the beginning of the hash's function potential output
range. This parameter correspond to the Information Element
hashOutputRangeMin [RFC5477], as well as to the PSAMP MIB object
psampFiltHashOutputRangeMin [RFC6727].
output-range-max
Defines the end of the hash function's potential output range.
This parameter correspond to the Information Element
Boyd & Seda Expires September 10, 2020 [Page 29]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
hashOutputRangeMax [RFC5477], as well as to the PSAMP MIB object
psampFiltHashOutputRangeMax [RFC6727].
One or more ranges of matching hash values are defined by the min and
max parameters of the selected-range subclass. These parameters
correspond to the Information Elements hashSelectedRangeMin and
hashSelectedRangeMax [RFC5477], as well as to the PSAMP MIB objects
psampFiltHashSelectedRangeMin and psampFiltHashSelectedRangeMax
[RFC6727].
4.3. Cache Class
Figure 12 shows the cache class that contains the configuration and
state parameters of a cache. Most of these parameters are specific
to the type of the cache and therefore contained in the subclasses
immediate-cache, timeout-cache, natural-cache, and permanent-cache,
which are presented below in Section 4.3.1 and Section 4.3.2.
+--rw cache* [name]
+--rw name ietf-ipfix:name-type
+--rw enabled boolean
+--ro metering-process-id? uint32
+--ro data-records? yang:counter64
+--ro cache-discontinuity-time? yang:date-and-time
+--rw (cache-type)
| +--:(immediate-cache)
| | ...
| +--:(timeout-cache)
| | ...
| +--:(natural-cache)
| | ...
| +--:(permanent-cache)
| | ...
+--rw exporting-process*
-> /ietf-ipfix:ipfix/exporting-process/name
{ietf-ipfix:exporter}?
Figure 12: Cache Attributes
The following configuration and state parameters are common to all
caches and therefore included in the cache class itself:
enabled
Enables the cache so that specified data may be exported. The
default is "enabled".
metering-process-id
Boyd & Seda Expires September 10, 2020 [Page 30]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
The identifier of the metering process that cache belongs to.
This parameter corresponds to the information element
meteringProcessId [IANA-IPFIX]. Its occurrence helps to associate
metering process (reliability) statistics exported according to
the IPFIX protocol specification [RFC7011] with the corresponding
MeteringProcess class identifier.
data-records
The number of data records generated by this cache.
discontinuities
The value of this counter can occur at re-initialization of the
management system, and at other times as indicated by the value of
cache-discontinuity-time. Note that this parameter corresponds to
ipfixMeteringProcessDataRecords in the IPFIX MIB module [RFC6615].
cache-discontinuity-time
The timestamp of the most recent occasion at which datarecords
suffered a discontinuity. The time is absolute and not relative
to sysUpTime. Note that this parameter functionally corresponds
to ipfixMeteringProcessDiscontinuityTime in the IPFIX MIB module
[RFC6615].
A cache object may refer to one or more exporting-process instances.
4.3.1. Immediate Cache Type Class
The immediate-cache type class depicted in Figure 13 is used to
configure a cache that generates a PSAMP Packet Report for each
packet at its input. The fields contained in the generated data
records are defined in an object of the cache-layout, which is
defined below in Section 4.3.3.
Boyd & Seda Expires September 10, 2020 [Page 31]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
+--rw (cache-type)
| +--:(immediate-cache)
| | +--rw immediate-cache {immediate-cache}?
| | +--rw cache-layout
| | +--rw cache-field* [name]
| | +--rw name
| | | ietf-ipfix:name-type
| | +--rw (information-element)
| | | +--:(ie-name)
| | | | +--rw ie-name?
| | | | ietf-ipfix:ie-name-type
| | | +--:(ie-id)
| | | +--rw ie-id?
| | | ietf-ipfix:ie-id-type
| | +--rw ie-length? uint16
| | +--rw ie-enterprise-number? uint32
| | +--rw is-flow-key? empty
Figure 13: Immediate Cache Attributes
4.3.2. Timeout Cache, Natural Cache, and Permanent Cache Type Class
Figure 14 shows the timeout-cache, natural-cache, and permanent-cache
type classes. These classes are used to configure a cache that
aggregates the packets at its input and generates IPFIX flow records.
+--rw (cache-type)
| +--:(timeout-cache)
| | +--rw timeout-cache {timeout-cache}?
| | +--rw max-flows? uint32
| | +--rw active-timeout? uint32
| | +--rw idle-timeout? uint32
| | +--rw export-interval? uint32
| | +--rw cache-layout
| | | ...
| | +--ro active-flows? yang:gauge32
| | +--ro unused-cache-entries? yang:gauge32
| +--:(natural-cache)
| | +--rw natural-cache {natural-cache}?
| | { same as timeout-cache }
| +--:(permanent-cache)
| +--rw permanent-cache {permanent-cache}?
| { same as timeout-cache }
Figure 14: Timeout, Natural and Permanent Cache Attributes
The three classes differ in when flows expire:
Boyd & Seda Expires September 10, 2020 [Page 32]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
timeout-cache
Flows expire after active or idle timeout.
natural-cache
Flows expire after active or idle timeout, or on natural
termination (e.g., TCP FIN or TCP RST) of the flow.
permanent-cache
Flows never expire, but are periodically exported with the
interval set by export-interval.
The following configuration and state parameters are common to the
three classes:
max-flows
This parameter configures the maximum number of entries in the
cache, which is the maximum number of flows that can be measured
simultaneously. If this parameter is configured, the monitoring
device must ensure that sufficient resources are available to
store the configured maximum number of flows. If the maximum
number of cache entries is in use, no additional flows can be
measured. However, traffic that pertains to existing flows can
continue to be measured.
active-flows
This state parameter indicates the number of flows currently
active in this cache (i.e., the number of cache entries currently
in use). Note that this parameter corresponds to
ipfixmeteringprocesscacheactiveflows in the IPFIX MIB module
[RFC6615].
unused-cache-entries
The number of unused cache entries. Note that the sum of active-
flows and unused-cache-entries equals max-flows if max-flows is
configured. Note that this parameter corresponds to
ipfixMeteringProcessCacheUnusedCacheEntries in the IPFIX MIB
module [RFC6615].
The following timeout parameters are only available in the timeout-
cache and the natural-cache cache-types:
active-timeout
This parameter configures the time in seconds after which a flow
is expired even though packets matching this flow are still
received by the cache. The parameter value zero indicates
infinity, meaning that there is no active timeout. If not
configured by the user, the monitoring device sets this parameter.
Note that this parameter corresponds to
Boyd & Seda Expires September 10, 2020 [Page 33]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
ipfixMeteringProcessCacheActiveTimeout in the IPFIX MIB module
[RFC6615].
idle-timeout
This parameter configures the time in seconds after which a flow
is expired if no more packets matching this flow are received by
the cache. The parameter value zero indicates infinity, meaning
that there is no idle timeout. If not configured by the user, the
monitoring device sets this parameter. Note that this parameter
corresponds to ipfixMeteringProcessCacheIdleTimeout in the IPFIX
MIB module [RFC6615].
The following interval parameter is only available in the permanent-
cache class:
export-interval
This parameter configures the interval (in seconds) for periodical
export of flow records. If not configured by the user, the
monitoring device sets this parameter.
Every generated flow record must be associated with a single
observation domain. Hence, although a cache may be configured to
process packets observed at multiple observation domains, the cache
must not aggregate packets observed at different observation domains
in the same flow.
An object of the cache class contains an object of the cache-layout
class that defines which fields are included in the flow records.
4.3.3. Cache Layout Class
A cache generates and maintains packet reports or flow records
containing information that has been extracted from the incoming
stream of packets. Using the cache-field class, the cache-layout
class specifies the superset of fields that are included in the
packet reports or flow records (see Figure 15).
If packet reports are generated (i.e., if immediate-cache class is
used to configure the cache), every field specified by the cache-
layout must be included in the resulting packet report unless the
corresponding information element is not applicable or cannot be
derived from the content or treatment of the incoming packet. Any
other field specified by the cache layout may only be included in the
packet report if it is obvious from the field value itself or from
the values of other fields in same packet report that the field value
was not determined from the packet.
Boyd & Seda Expires September 10, 2020 [Page 34]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
For example, if a field is configured to contain the TCP source port
(information element tcpSourcePort [IANA-IPFIX]), the field must be
included in all packet reports that are related to TCP packets.
Although the field value cannot be determined for non-TCP packets,
the field may be included in the packet reports if another field
contains the transport protocol identifier (information element
protocolIdentifier [IANA-IPFIX]).
If flow records are generated (i.e., if timeout-cache, natural-cache,
or permanent-cache class is used to configure the cache), the cache
layout differentiates between flow key fields and non-key fields.
Every flow key field specified by the cache layout must be included
as flow key in the resulting flow record unless the corresponding
information element is not applicable or cannot be derived from the
content or treatment of the incoming packet. Any other flow key
field specified by the cache layout may only be included in the flow
record if it is obvious from the field value itself or from the
values of other flow key fields in the same flow record that the
field value was not determined from the packet. Two packets are
accounted by the same flow record if none of their flow key fields
differ. If a flow key field can be determined for one packet but not
for the other, the two packets are accounted in different flow
records.
Every non-key field specified by the cache layout must be included in
the resulting flow record unless the corresponding information
element is not applicable or cannot be derived for the given flow.
Any other non-key field specified by the cache layout may only be
included in the flow record if it is obvious from the field value
itself or from the values of other fields in same flow record that
the field value was not determined from the packet. Packets which
are accounted by the same flow record may differ in their non-key
fields, or one or more of the non-key fields can be undetermined for
all or some of the packets.
For example, if a non-key field specifies an information element
whose value is determined by the first packet observed within a flow
(which is the default rule according to [RFC7012] unless specified
differently in the description of the information element), this
field must be included in the resulting flow record if it can be
determined from the first packet of the flow.
Boyd & Seda Expires September 10, 2020 [Page 35]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
| | +--rw cache-layout
| | | +--rw cache-field* [name]
| | | +--rw name
| | | | ietf-ipfix:name-type
| | | +--rw (information-element)
| | | | +--:(ie-name)
| | | | | +--rw ie-name?
| | | | | ietf-ipfix:ie-name-type
| | | | +--:(ie-id)
| | | | +--rw ie-id?
| | | | ietf-ipfix:ie-id-type
| | | +--rw ie-length? uint16
| | | +--rw ie-enterprise-number? uint32
| | | +--rw is-flow-key? empty
Figure 15: Cache Field Attributes
The cache-layout class does not have any parameters. The
configuration parameters of the cache-field class (see Figure 15) are
as follows:
ie-name
Specifies the information element name to be used. Either ie-id
or ie-name must be specified.
ie-id
Specifies the information element identifier to be used. Either
ie-id or ie-name must be specified.
ie-length
This parameter specifies the length of the field in octets. A
value of 65535 means that the field is encoded as a variable-
length information element. For information elements of integer
and float type, the field length may be set to a smaller value
than the standard length of the abstract data type if the rules of
reduced size encoding are fulfilled (see [RFC7011], section 6.2).
If not configured by the user, the field length is set by the
monitoring device.
ie-enterprise-number
Specifies the enterprise ID of the ie-id or ie-name. If the ie-
enterprise-number is zero (which is the default), this information
element is registered in the IANA registry of IPFIX information
elements [IANA-IPFIX]. A non-zero value of ie-enterprise-number
specifies an enterprise-specific information element
[IANA-ENTERPRISE-NUMBERS]. If the enterprise number is set to
29305, this field contains a reverse information element. In this
Boyd & Seda Expires September 10, 2020 [Page 36]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
case, the cache must generate data records in accordance to
[RFC5103].
is-flow-key
If present, this field is a flow key. If the field contains a
reverse information element, it must not be configured as flow
key. This parameter is not available if the cache is configured
using the immediate-cache class since there is no distinction
between flow key fields and non-key fields in packet reports.
Note that the use of information elements can be restricted to
certain cache types as well as to flow key or non-key fields. Such
restrictions may result from information element definitions or from
device-specific constraints. According to Section 5, the monitoring
device must notify the user if a cache field cannot be configured
with the given information element.
4.4. Exporting Process Class
The ExportingProcess class in Figure 16) specifies destinations to
which the incoming packet reports and flow records are exported using
objects of the destination class. The destination class includes a
choice of type of exporter (sctp-exporter, udp-exporter, tcp-
exporter, or file-writer) which contains further configuration
parameters. Those exporter type classes are described in
Section 4.4.1, Section 4.4.2, Section 4.4.3, and Section 4.4.4.
The ExportingProcess class contains the identifier of the exporting
process (exporting-process-id). This parameter corresponds to the
information element exportingProcessId [IANA-IPFIX]. Its occurrence
helps to associate exporting process reliability statistics exported
according to the IPFIX protocol specification [RFC7011] with the
corresponding object of the ExportingProcess class.
The order in which destination instances appear has a specific
meaning only if the export-mode parameter is set to "fallback".
Boyd & Seda Expires September 10, 2020 [Page 37]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
+--rw exporting-process* [name] {exporter}?
+--rw name name-type
+--rw enabled? boolean
+--rw export-mode? identityref
+--rw destination* [name]
| +--rw name name-type
| +--rw (destination-parameters)
| +--:(tcp-exporter)
| ...
| +--:(udp-exporter)
| ...
| +--:(sctp-exporter)
| ...
| +--:(file-writer)
| ...
+--rw options* [name]
| +--rw name name-type
| +--rw options-type identityref
| +--rw options-timeout? uint32
+--ro exporting-process-id? uint32
Figure 16: Exporting Process Class
The Exporting Process parameters are defined as follows:
enabled
Enables the exporting process to begin exporting data. The
default is "enabled".
export-mode
Determines to which configured destination(s) the incoming data
records are exported. The following parameter values are
specified by the configuration data model:
* parallel: every data record is exported to all configured
destinations in parallel
* load-balancing: every data record is exported to exactly one
configured destination according to a device-specific load-
balancing policy
* fallback: every data record is exported to exactly one
configured destination according to the fallback policy
described below
If export-mode is set to "fallback", the first destination instance
defines the primary destination, the second destination instance
defines the secondary destination, and so on. If the exporting
Boyd & Seda Expires September 10, 2020 [Page 38]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
process fails to export data records to the primary destination, it
tries to export them to the secondary one. If the secondary
destination fails as well, it continues with the tertiary, etc.
"parallel" is the default value if exportmode is not configured.
Note that the export-mode parameter is related to the
ipfixExportMemberType object in [RFC6615]. If export-mode is
"parallel", the ipfixExportMemberType values of the corresponding
entries in IpfixExportTable are set to parallel(3). If export-mode
is "load-balancing", the ipfixExportMemberType values of the
corresponding entries in IpfixExportTable are set to
loadBalancing(4). If exportmode is "fallback", the
ipfixExportMemberType value that refers to the primary destination is
set to primary(1); the ipfixExportMemberType values that refer to the
remaining destinations need to be set to secondary(2). The IPFIX mib
module does not define any value for tertiary destination, etc.
The reporting of information with options templates is defined with
objects of the Options class.
The exporting process may modify the packet reports and flow records
to enable a more efficient transmission or storage under the
condition that no information is changed or suppressed. For example,
the exporting process may shorten the length of a field according to
the rules of reduced size encoding [RFC7011]. The exporting process
may also export certain fields in a separate data record as described
in [RFC5476].
4.4.1. SCTP Exporter Class
The SctpExporter class shown in Figure 17 contains the configuration
parameters of an SCTP export destination.
Boyd & Seda Expires September 10, 2020 [Page 39]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
+--:(sctp-exporter)
+--rw sctp-exporter {sctp-transport}?
+--rw ipfix-version? uint16
+--rw destination-port?
| inet:port-number
+--rw send-buffer-size? uint32
+--rw rate-limit? uint32
+--rw transport-layer-security!
| ...
+--rw source
| +--rw (source-method)?
| +--:(source-address)
| | +--rw source-address? inet:host
| +--:(interface-ref)
| | +--rw interface-ref? if:interface-ref
| +--:(if-index) {if-mib}?
| | +--rw if-index? uint32
| +--:(if-name) {if-mib}?
| +--rw if-name? string
+--rw destination
| +--rw (destination-method)
| +--:(destination-address)
| +--rw destination-address? inet:host
+--rw timed-reliability? uint32
+--ro transport-session
...
Figure 17: SCTP Exporter Class
The configuration parameters are:
ipfix-version
Version number of the IPFIX protocol used. If omitted, the
default value is 10 (=0x000a) as specified in [RFC7011].
source-address
List of source IP addresses used by the exporting process. If
configured, the specified addresses are eligible local IP
addresses of the multihomed SCTP endpoint. If not configured, all
locally assigned IP addresses are eligible local IP addresses.
destination-address
One or more IP addresses of the collecting process to which IPFIX
Messages are sent. The user must ensure that all configured IP
addresses belong to the same collecting process. The exporting
process tries to establish an SCTP association to any of the
configured destination IP addresses.
Boyd & Seda Expires September 10, 2020 [Page 40]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
destination-port
Destination port number to be used. If not configured, standard
port 4739 (IPFIX without TLS and DTLS) or 4740 (IPFIX over TLS or
DTLS) is used.
if-index
The index of the interface used by the exporting process to export
IPFIX Messages to the given destination MAY be specified according
to corresponding objects in the IF-MIB [RFC2863]. If omitted, the
Exporting Process selects the outgoing interface based on local
routing decision and accepts return traffic, such as transport-
layer acknowledgments, on all available interfaces.
if-name
The name of the interface used by the exporting process to export
IPFIX Messages to the given destination MAY be specified according
to corresponding objects in the IF-MIB [RFC2863]. If omitted, the
Exporting Process selects the outgoing interface based on local
routing decision and accepts return traffic, such as transport-
layer acknowledgments, on all available interfaces.
send-buffersize
Size of the socket send buffer in bytes. If not configured by the
user, the buffer size is set by the monitoring device.
rate-limit
Maximum number of bytes per second the exporting process may
export to the given destination as required by [RFC5476]. The
number of bytes is calculated from the lengths of the IPFIX
Messages exported. If this parameter is not configured, no rate
limiting is performed for this destination.
timed-reliability
Lifetime in milliseconds until an IPFIX message containing data
sets only is "abandoned" due to the timed reliability mechanism of
the partial reliability extension of SCTP (pr-SCTP) [RFC3758]. if
this parameter is set to zero, reliable SCTP transport must be
used for all data records. Regardless of the value of this
parameter, the exporting process may use reliable SCTP transport
for data sets associated with certain options templates, such as
the data record reliability options template specified in
[RFC6526].
Using the TransportLayerSecurity class described in Section 4.6,
Datagram Transport Layer Security (DTLS) is enabled and configured
for this export destination.
The TransportSession class is discussed in Section 4.7.
Boyd & Seda Expires September 10, 2020 [Page 41]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
4.4.2. UDP Exporter Class
The UdpExporter class shown in Figure 18 contains the configuration
parameters of a UDP export destination. The parameters ipfix-
version, destination-port, if-name, if-index, send-buffer-size, and
rate-limit have the same meaning as in the SctpExporter class (see
Section 4.4.1).
+--:(udp-exporter)
+--rw udp-exporter {udp-transport}?
+--rw ipfix-version? uint16
+--rw destination-port?
| inet:port-number
+--rw send-buffer-size? uint32
+--rw rate-limit? uint32
+--rw transport-layer-security!
| ...
+--rw source
| +--rw (source-method)?
| +--:(source-address)
| | +--rw source-address? inet:host
| +--:(interface-ref)
| | +--rw interface-ref? if:interface-ref
| +--:(if-index) {if-mib}?
| | +--rw if-index? uint32
| +--:(if-name) {if-mib}?
| +--rw if-name? string
+--rw destination
| +--rw (destination-method)
| +--:(destination-address)
| +--rw destination-address? inet:host
+--rw maximum-packet-size? uint16
+--rw template-refresh-timeout? uint32
+--rw options-template-refresh-timeout? uint32
+--rw template-refresh-packet? uint32
+--rw options-template-refresh-packet? uint32
+--ro transport-session
....
Figure 18: UDP Exporter Class
The remaining configuration parameters are:
source-address
This parameter specifies the source IP address used by the
exporting process. If this parameter is omitted, the IP address
assigned to the outgoing interface is used as the source IP
address.
Boyd & Seda Expires September 10, 2020 [Page 42]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
destination-address
Destination IP address to which IPFIX messages are sent (i.e., the
IP address of the collecting process).
max-packet-size
This parameter specifies the maximum size of IP packets sent to
the collector. If set to zero, the exporting device must derive
the maximum packet size from path mtu discovery mechanisms. If
not configured by the user, this parameter is set by the
monitoring device.
template-refresh-timeout
This parameter specifies when templates are refreshed by the
exporting process. This timeout is specified in seconds between
re-sending of templates. If omitted, the default value of 600
seconds (10 minutes) is used [RFC7011]. This parameter
corresponds to ipfixTransportSessionTemplateRefreshTimeout in the
IPFIX MIB module [RFC6615].
options-template-refresh-timeout
This parameter specifies when options templates are refreshed by
the exporting process. This timeout is specified in seconds
between re-sending of options templates. If omitted, the default
value of 600 seconds (10 minutes) is used [RFC7011]. This
parameter corresponds to
ipfixTransportSessionOptionsTemplateRefreshTimeout in the IPFIX
MIB module [RFC6615].
template-refresh-packet
This parameter specifies the number of IPFIX messages after which
templates are re-sent. If omitted, the templates are only resent
after timeout. This parameter corresponds to
ipfixTransportSessionTemplateRefreshTimeout in the IPFIX MIB
module [RFC6615].
options-template-refresh-packet
This parameter specifies the number of IPFIX messages after which
options templates are re-sent. If omitted, the options templates
are only resent after timeout. This parameter corresponds to
ipfixTransportSessionOptionsTemplateRefreshTimeout in the IPFIX
MIB module [RFC6615].
Note that the values configured for template-refresh-timeout and
options-template-refresh-timeout must be adapted to the template-
lifetime and options-template-lifetime parameter settings at the
receiving collecting process (see Section 4.5.2).
Boyd & Seda Expires September 10, 2020 [Page 43]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
Using the TransportLayerSecurity class described in Section 4.6, DTLS
is enabled and configured for this export destination. The
TransportSession class is specified in Section 4.7.
4.4.3. TCP Exporter Class
The TcpExporter class shown in Figure 19 contains the configuration
parameters of a TCP export destination. The parameters have the same
meaning as in the UdpExporter class (see Section 4.4.2).
Using the TransportLayerSecurity class described in Section 4.6,
Transport Layer Security (TLS) is enabled and configured for this
export destination.
The TransportSession class is specified in Section 4.7.
+--:(tcp-exporter)
+--rw tcp-exporter {tcp-transport}?
+--rw ipfix-version? uint16
+--rw destination-port?
| inet:port-number
+--rw send-buffer-size? uint32
+--rw rate-limit? uint32
+--rw transport-layer-security!
| ...
+--rw source
| +--rw (source-method)?
| +--:(source-address)
| | +--rw source-address? inet:host
| +--:(interface-ref)
| | +--rw interface-ref? if:interface-ref
| +--:(if-index) {if-mib}?
| | +--rw if-index? uint32
| +--:(if-name) {if-mib}?
| +--rw if-name? string
+--rw destination
| +--rw (destination-method)
| +--:(destination-address)
| +--rw destination-address? inet:host
+--ro transport-session
Figure 19: TCP Exporter Class
4.4.4. File Writer Class
If file-writer instance is included in an object of the destination
class, IPFIX messages are written into a file as specified in
[RFC5655].
Boyd & Seda Expires September 10, 2020 [Page 44]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
+--:(file-writer)
+--rw file-writer {file-writer}?
+--rw ipfix-version? uint16
+--rw file inet:uri
+--ro file-writer-state
+--ro bytes?
| yang:counter64
+--ro messages?
| yang:counter64
+--ro discarded-messages?
| yang:counter64
+--ro records?
| yang:counter64
+--ro templates?
| yang:counter32
+--ro options-templates?
| yang:counter32
+--ro file-writer-discontinuity-time?
| yang:date-and-time
+--ro template* []
+--ro observation-domain-id? uint32
+--ro template-id? uint16
+--ro set-id? uint16
+--ro access-time?
| yang:date-and-time
+--ro template-data-records?
| yang:counter64
+--ro template-discontinuity-time?
| yang:date-and-time
+--ro field* []
+--ro ie-id? ie-id-type
+--ro ie-length? uint16
+--ro ie-enterprise-number? uint32
+--ro is-flow-key? empty
+--ro is-scope? empty
Figure 20: File Writer Class
The FileWriter class contains the following configuration parameters:
ipfix-version
Version number of the IPFIX protocol used. If omitted, the
default value is 10 (=0x000a) as specified in [RFC7011].
file
File name and location specified as URI.
The state parameters of the FileWriter class are:
Boyd & Seda Expires September 10, 2020 [Page 45]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
bytes, messages, records, templates, options-templates
The number of bytes, IPFIX messages, data records, template
records, and options template records written by the file writer.
Discontinuities in the values of these counters can occur at re-
initialization of the management system, and at other times as
indicated by the value of file-writer-discontinuity-time.
discarded-messages
The number of IPFIX messages that could not be written by the file
writer due to internal buffer overflows, limited storage capacity,
etc. Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other times as
indicated by the value of file-writer-discontinuity-time.
file-writer-discontinuity-time
Timestamp of the most recent occasion at which one or more file
writer counters suffered a discontinuity. The time is absolute
and not relative to sysUpTime.
Each FileWriter class instance includes statistics about the
templates written to the file. The Template class is specified in
Section 4.8.
4.4.5. Options Class
The Options class in Figure 21 defines the type of specific
information to be reported, such as statistics, flow keys, sampling
and filtering parameters, etc. [RFC7011] and [RFC5476] specify
several types of reporting information that may be exported.
+--rw options* [name]
+--rw name name-type
+--rw options-type identityref
+--rw options-timeout? uint32
Figure 21: Options Class
The following parameter values are specified by the configuration
data model:
metering-statistics
Export of metering process statistics using the metering process
statistics options template [RFC7011].
metering-reliability
Export of metering process reliability statistics using the
metering process reliability statistics options template
[RFC7011].
Boyd & Seda Expires September 10, 2020 [Page 46]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
exporting-reliability
Export of exporting process reliability statistics using the
exporting process reliability statistics options template
[RFC7011].
flow-keys
Export of the flow key specification using the flow keys options
template [RFC7011].
selection-sequence
Export of selection sequence report interpretation and selector
report interpretation [RFC5476].
selection-statistics
Export of selection sequence statistics report interpretation
[RFC5476].
accuracy
Export of accuracy report interpretation [RFC5476].
reducing-redundancy
Enables the utilization of options templates to reduce redundancy
in the exported data records according to [RFC5473]. The
exporting process decides when to apply these options templates.
extended-type-information
Export of extended type information for enterprise-specific
information elements used in the exported templates [RFC5610].
The exporting process must choose a template definition according to
the options type and available options data. The options-timeout
parameter specifies the reporting interval (in milliseconds) for
periodic export of the option data. A parameter value of zero means
that the export of the option data is not triggered periodically, but
whenever the available option data has changed. this is the typical
setting for options types flow-keys, selection-sequence, accuracy,
and reducing-redundancy. If options-timeout is not configured by the
user, it is set by the monitoring device.
4.5. Collecting Process Class
Figure 22 shows the CollectingProcess class that contains the
configuration and state parameters of a collecting process. The
sctp-collector, udp-collector, and TcpCollector classes specify how
IPFIX messages are received from remote exporters. The collecting
process can also be configured as a file reader using the FileReader
class. These classes are described in Section 4.5.1, Section 4.5.2,
Section 4.5.3, and Section 4.5.4.
Boyd & Seda Expires September 10, 2020 [Page 47]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
A collecting-process instance may refer to one or more exporting-
process instances configuring exporting processes that export the
received data without modifications to a file or to another remote
collector.
+--rw collecting-process* [name] {collector}?
+--rw name name-type
+--rw tcp-collector* [name] {tcp-transport}?
...
+--rw udp-collector* [name] {udp-transport}?
...
+--rw sctp-collector* [name] {sctp-transport}?
...
+--rw file-reader* [name] {file-reader}?
...
+--rw exporting-process* -> /ipfix/exporting-process/name
{exporter}?
Figure 22: Collecting Process Class
4.5.1. SCTP Collector Class
The SctpCollector class contains the configuration parameters of a
listening SCTP socket at a collecting process.
+--rw sctp-collector* [name] {sctp-transport}?
+--rw name name-type
+--rw local-port? inet:port-number
| +--rw transport-layer-security!
| | ...
+--rw (local-address-method)?
| +--:(local-address)
| +--rw local-address* inet:host
+--ro transport-session* [name]
...
Figure 23: SCTP Collector Class
The parameters are:
local-ip-address
List of local IP addresses on which the collecting process listens
for IPFIX messages. The IP addresses are used as eligible local
IP addresses of the multihomed SCTP endpoint [RFC4960]. IF
omitted, the collecting process listens on all local IP addresses.
local-port
Boyd & Seda Expires September 10, 2020 [Page 48]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
Local port number on which the collecting process listens for
IPFIX messages. If omitted, standard port 4739 (IPFIX without TLS
and DTLS) or 4740 (IPFIX over TLS or DTLS) is used.
Using the TransportLayerSecurity class described in Section 4.6, DTLS
is enabled and configured for this receiving socket.
The TransportSession class is specified in Section 4.7.
4.5.2. UDP Collector Class
The UdpCollector class shown in Figure 24 contains the configuration
parameters of a listening UDP socket at a collecting process. The
parameter local-port has the same meaning as in the SctpCollector
class (see Section 4.5.1).
+--rw udp-collector* [name] {udp-transport}?
+--rw name name-type
+--rw local-port? inet:port-number
+--rw transport-layer-security!
| ...
+--rw (local-address-method)?
| +--:(local-address)
| +--rw local-address* inet:host
+--rw template-life-time? uint32
+--rw options-template-life-time? uint32
+--rw template-life-packet? uint32
+--rw options-template-life-packet? uint32
+--ro transport-session* [name]
...
Figure 24: UDP Collector Class
The remaining parameters are:
local-ip-address
List of local IP addresses on which the collecting process listens
for IPFIX messages. If omitted, the collecting process listens on
all local IP addresses.
template-life-time, options-template-life-time
(options) template lifetime in seconds for all UDP transport
sessions terminating at this UDP socket. (options) templates that
are not received again within the configured lifetime become
invalid at the collecting process. As specified in [RFC7011],
section 10.3.7, the lifetime of templates and options templates
must be at least three times higher than the template-refresh-
timeout and option-templates-refresh-timeout parameter values
Boyd & Seda Expires September 10, 2020 [Page 49]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
configured on the corresponding exporting processes. If not
configured, the default value 1800 is used, which is three times
the default (options) template refresh timeout (see Section 4.4.2)
as specified in [RFC7011]. Note that these parameters correspond
to ipfixTransportSessionTemplateRefreshTimeout and
ipfixTransportSessionOptionsTemplateRefreshTimeout in the IPFIX
MIB module [RFC6615].
template-life-packet, options-template-life-packet
If template-life-packet is configured, templates defined in a UDP
transport session become invalid if they are neither included in a
sequence of more than this number of IPFIX messages nor received
again within the period of time specified by template-lifetime.
Similarly, if options-template-life-packet is configured, options
templates become invalid if they are neither included in a
sequence of more than this number of IPFIX messages nor received
again within the period of time specified by options-template-
lifetime. If not configured, templates and options templates only
become invalid according to the lifetimes specified by template-
lifetime and options-template-lifetime, respectively. Note that
these parameters correspond to
ipfixTransportSessionTemplateRefreshPacket and
ipfixTransportSessionOptionsTemplateRefreshPacket in the IPFIX MIB
module [RFC6615].
Using the TransportLayerSecurity class described in Section 4.6, DTLS
is enabled and configured for this receiving socket.
The TransportSession class is specified in Section 4.7.
4.5.3. TCP Collector Class
The TcpCollector class contains the configuration parameters of a
listening TCP socket at a collecting process. The parameters have
the same meaning as in the UdpCollector class (Section 4.5.2).
Using the TransportLayerSecurity class described in Section 4.6, TLS
is enabled and configured for this receiving socket.
The TransportSession class is specified in Section 4.7.
Boyd & Seda Expires September 10, 2020 [Page 50]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
+--rw tcp-collector* [name] {tcp-transport}?
+--rw name name-type
+--rw local-port? inet:port-number
+--rw transport-layer-security!
| ...
+--rw (local-address-method)?
| +--:(local-address)
| +--rw local-address* inet:host
+--ro transport-session* [name]
...
Figure 25: TCP Collector Class
4.5.4. File Reader Class
Figure 26 shows the FileReader class via which the collecting process
may import IPFIX messages from a file as specified in [RFC5655].
+--rw file-reader* [name] {file-reader}?
+--rw name name-type
+--rw file inet:uri
+--ro file-reader-state
+--ro bytes? yang:counter64
+--ro messages? yang:counter64
+--ro records? yang:counter64
+--ro templates? yang:counter32
+--ro options-templates? yang:counter32
+--ro file-reader-discontinuity-time?
| yang:date-and-time
+--ro template* []
...
Figure 26: File Reader Class
The FileReader class defines the following configuration parameter:
file
File name and location specified as URI.
The state parameters of the FileReader class are:
bytes, messages, records, templates, options-templates
The number of bytes, IPFIX messages, data records, template
records, and options template records read by the file reader.
Discontinuities in the values of these counters can occur at re-
initialization of the management system, and at other times as
indicated by the value of file-reader-discontinuity-time.
Boyd & Seda Expires September 10, 2020 [Page 51]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
file-reader-discontinuity-time
Timestamp of the most recent occasion at which one or more file
reader counters suffered a discontinuity. The time is absolute
and not relative to sysUpTime.
The FileReader class includes information about the Template class
and statistics. The Template class is specified in Section 4.8.
4.6. Transport Layer Security Class
Figure 27 shows the TransportLayerSecurity class which is used in the
exporting process's sctp-exporter, udp-exporter, and TcpExporter
classes, and the collecting process's SctpCollector, UdpCollector,
and TcpCollector classes to enable and configure TLS/DTLS for IPFIX.
If TLS/DTLS is enabled, the endpoint must use DTLS [RFC6347] if the
transport protocol is SCTP or UDP and TLS [RFC8446] if the transport
protocol is TCP.
[RFC7011] mandates strong mutual authentication of exporting
processes and collecting process as follows. IPFIX exporting
processes and IPFIX collecting processes are identified by the fully
qualified domain name (FQDN) of the interface on which IPFIX messages
are sent or received, for purposes of X.509 client and server
certificates as in [RFC5280]. To prevent man-in-the-middle attacks
from impostor exporting or collecting processes, the acceptance of
data from an unauthorized exporting process, or the export of data to
an unauthorized collecting process, strong mutual authentication via
asymmetric keys must be used for both TLS and DTLS. Each of the
IPFIX exporting and collecting processes must verify the identity of
its peer against its authorized certificates, and must verify that
the peer's certificate matches its fully qualified domain name, or,
in the case of SCTP, the fully qualified domain name of one of its
endpoints.
The fully qualified domain name used to identify an IPFIX collecting
process or exporting process may be stored either in a subjectaltname
extension of type dnsname, or in the most specific common name field
of the subject field of the x.509 certificate. If both are present,
the subjectaltname extension is given preference.
In order to use TLS/DTLS, appropriate certificates and keys have to
be previously installed on the monitoring devices. For security
reasons, the configuration data model does not offer the possibility
to upload any certificates or keys on a monitoring device. If TLS/
DTLS is enabled on a monitoring device that does not dispose of
appropriate certificates and keys, the configuration must be rejected
with an error.
Boyd & Seda Expires September 10, 2020 [Page 52]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
The configuration data model allows restricting the authorization of
remote endpoints to certificates issued by specific certification
authorities or identifying specific fqdns for authorization.
Furthermore, the configuration data model allows restricting the
utilization of certificates identifying the local endpoint. This is
useful if the monitoring device disposes of more than one certificate
for the given local endpoint.
+--rw transport-layer-security!
+--rw local-certification-authority-dn* string
+--rw local-subject-dn* string
+--rw local-subject-fqdn* inet:domain-name
+--rw remote-certification-authority-dn* string
+--rw remote-subject-dn* string
+--rw remote-subject-fqdn* inet:domain-name
Figure 27: Transport Layer Security Class
The configuration parameters are defined as follows:
local-certification-authority-dn
This parameter may appear one or more times to restrict the
identification of the local endpoint during the tls/dtls handshake
to certificates issued by the configured certification
authorities. each occurrence of this parameter contains the
distinguished name of one certification authority. To identify
the local endpoint, the exporting process or collecting process
must use a certificate issued by one of the configured
certification authorities. Certificates issued by any other
certification authority must not be sent to the remote peer during
TLS/DTLS handshake. If none of the certificates installed on the
monitoring device fulfills the specified restrictions, the
configuration must be rejected with an error. If local-
certification-authority-dn is not configured, the choice of
certificates identifying the local endpoint is not restricted with
respect to the issuing certification authority.
local-subject-dn, local-subject-fqdn
Each of these parameters may appear one or more times to restrict
the identification of the local endpoint during the TLS/DTLS
handshake to certificates issued for specific subjects or for
specific FQDNs. Each occurrence of local-subject-dn contains a
distinguished name identifying the local endpoint. Each
occurrence of local-subject-fqdn contains a FQDN which is assigned
to the local endpoint. To identify the local endpoint, the
exporting process or collecting process must use a certificate
that contains either one of the configured distinguished names in
the subject field or at least one of the configured FQDNs in a
Boyd & Seda Expires September 10, 2020 [Page 53]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
dnsname component of the subject alternative extension field or in
the most specific commonname component of the subject field. If
none of the certificates installed on the monitoring device
fulfills the specified restrictions, the configuration must be
rejected with an error. If any of the parameters local-subject-dn
and local-subject-fqdn is configured at the same time as the
local-certification-authority-dn parameter, certificates must also
fulfill the specified restrictions regarding the certification
authority. If local-subject-dn and local-subject-fqdn are not
configured, the choice of certificates identifying the local
endpoint is not restricted with respect to the subject's
distinguished name or FQDN.
remote-certification-authority-dn
This parameter may appear one or more times to restrict the
authentication of remote endpoints during the TLS/DTLS handshake
to certificates issued by the configured certification
authorities. Each occurrence of this parameter contains the
distinguished name of one certification authority. To
authenticate the remote endpoint, the remote exporting process or
collecting process must provide a certificate issued by one of the
configured certification authorities. Certificates issued by any
other certification authority must be rejected during TLS/DTLS
handshake. If the monitoring device is not able to validate
certificates issued by the configured certification authorities
(e.g., because of missing public keys), the configuration must be
rejected with an error. If remote-certification-authority-dn is
not configured, the authorization of remote endpoints is not
restricted with respect to the issuing certification authority of
the delivered certificate.
remote-subject-dn, remote-subject-fqdn
Each of these parameters may appear one or more times to restrict
the authentication of remote endpoints during the TLS/DTLS
handshake to certificates issued for specific subjects or for
specific FQDNs. Each occurrence of remote-subject-dn contains a
distinguished name identifying a remote endpoint. Each occurrence
of remote-subject-fqdn contains a FQDN that is assigned to a
remote endpoint. To authenticate a remote endpoint, the remote
exporting process or collecting process must provide a certificate
that contains either one of the configured distinguished names in
the subject field or at least one of the configured FQDNs in a
dnsname component of the subject alternative extension field or in
the most specific common name component of the subject field.
Certificates not fulfilling this condition must be rejected during
TLS/DTLS handshake. If any of the parameters remote-subject-dn
and remote-subject-fqdn is configured at the same time as the
remote-certification-authority-dn parameter, certificates must
Boyd & Seda Expires September 10, 2020 [Page 54]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
also fulfill the specified restrictions regarding the
certification authority in order to be accepted. If remote-
subject-dn and remote-subject-FQDN are not configured, the
authorization of remote endpoints is not restricted with respect
to the subject's distinguished name or FQDN of the delivered
certificate.
4.7. Transport Session Class
The TransportSession class contains state data about transport
sessions originating from an exporting process or terminating at a
collecting process. If SCTP is the transport protocol, the exporter
or collector may be multihomed SCTP endpoints (see [RFC4960],
Section 6.4), in which case more than one IP address will be used.
The following attributes are supported:
ipfix-version
Used for exporting processes, this parameter contains the version
number of the IPFIX protocol that the exporter uses to export its
data in this transport session. Hence, it is identical to the
value of the configuration parameter ipfix-version of the sctp-
exporter, udp-exporter, or tcp-exporter object. When used for
collecting processes, this parameter contains the version-number
of the IPFIX protocol it receives for this transport session. If
IPFIX messages of different IPFIX protocol versions are received,
this parameter contains the maximum version number. This state
parameter is identical to ipfixTransportSessionIpfixVersion in the
IPFIX MIB module [RFC6615].
source-address, destination-address
If TCP or UDP is the transport protocol, source-address contains
the IP address of the exporter, and destination-address contains
the IP addresses of the collector. Hence, the two parameters have
identical values as ipfixTransportSessionSourceAddress and
ipfixTransportSessionDestinationAddress in the IPFIX MIB module
[RFC6615]. if SCTP is the transport protocol, source-address
contains one of the IP addresses of the exporter and destination-
address one of the IP addresses of the collector. Preferably, the
IP addresses of the path that is usually selected by the exporter
to send IPFIX messages to the collector should be contained.
source-port, destination-port
These state parameters contain the transport-protocol port numbers
of the exporter and the collector of the transport session and
thus are identical to ipfixTransportSessionSourcePort and
ipfixTransportSessionDestinationPort in the IPFIX MIB module
[RFC6615].
Boyd & Seda Expires September 10, 2020 [Page 55]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
sctp-assoc-id
The association id used for the SCTP session between the exporter
and the collector of the transport session. It is equal to the
sctpassocid entry in the SctpAssocTable defined in the SCTP-MIB
[RFC3871]. This parameter is only available if the transport
protocol is SCTP and if an SNMP agent on the same monitoring
device enables access to the corresponding MIB objects in the
SctpAssocTable. This state parameter is identical to
ipfixTransportSessionSctpAssocId in the IPFIX MIB module
[RFC6615].
status
Status of the transport session, which can be one of the
following:
* inactive: transport session is established, but no IPFIX
messages are currently transferred (e.g., because this is a
backup (secondary) session)
* active: transport session is established and transfers IPFIX
messages
* unknown: transport session status cannot be determined; this
state parameter is identical to ipfixTransportSessionStatus in
the IPFIX MIB module [RFC6615]
rate
The number of bytes per second transmitted by the exporting
process or received by the collecting process. This parameter is
updated every second. This state parameter is identical to
ipfixtransportsessionrate in the IPFIX MIB module [RFC6615].
bytes, messages, records, templates, options-templates
The number of bytes, IPFIX messages, data records, template
records, and options template records transmitted by the exporting
process or received by the collecting process. Discontinuities in
the values of these counters can occur at re-initialization of the
management system, and at other times as indicated by the value of
transport-session-discontinuity-time.
discarded-messages
Used for exporting processes, this parameter indicates the number
of messages that could not be sent due to internal buffer
overflows, network congestion, routing issues, etc. Used for
collecting process, this parameter indicates the number of
received IPFIX messages that are malformed, cannot be decoded, are
received in the wrong order or are missing according to the
sequence number. Discontinuities in the value of this counter can
Boyd & Seda Expires September 10, 2020 [Page 56]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
occur at re-initialization of the management system, and at other
times as indicated by the value of transport-session-
discontinuity-time.
transport-session-start-time
Timestamp of the start of the given transport session.
transport-session-discontinuity-time
Timestamp of the most recent occasion at which one or more of the
transport session counters suffered a discontinuity. The time is
absolute and not relative to sysUpTime. Note that, if used for
exporting processes, the values of the state parameters
destination-address and destination-port match the values of the
configuration parameters destination-ip-address and destination-
port of the sctp-exporter, tcp-exporter, and udp-exporter (in the
case of sctp-exporter, one of the configured destination-ip-
address values); if the transport protocol is UDP or SCTP and if
the parameter source-ip-address is configured in the udp-exporter
or sctp-exporter object, the value of source-address equals the
configured value or one of the configured values. Used for
collecting processes, the value of destination-address equals the
value (or one of the values) of the parameter local-ip-address if
this parameter is configured in the udp-collector, tcp-collector,
or sctp-collector; destination-port equals the value of the
configuration parameter local-port.
The TransportSession class includes Template class information and
statistics about the templates transmitted or received on the given
transport session. The Template class is specified in Section 4.8.
Boyd & Seda Expires September 10, 2020 [Page 57]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
+--ro transport-session* [name]
+--ro name name-type
+--ro ipfix-version? uint16
+--ro source-address? inet:host
+--ro destination-address? inet:host
+--ro source-port?
| inet:port-number
+--ro destination-port?
| inet:port-number
+--ro status?
| transport-session-status
+--ro rate?
| yang:gauge32
+--ro bytes?
| yang:counter64
+--ro messages?
| yang:counter64
+--ro discarded-messages?
| yang:counter64
+--ro records?
| yang:counter64
+--ro templates?
| yang:counter32
+--ro options-templates?
| yang:counter32
+--ro transport-session-start-time?
| yang:date-and-time
+--ro transport-session-discontinuity-time?
| yang:date-and-time
+--ro template* []
...
Figure 28: Transport Session Class
4.8. Template Class
Figure 29 shows the Template class which contains state data about
templates used by an exporting process or received by a collecting
process in a specific transport session. The field class defines one
field of the template.
Boyd & Seda Expires September 10, 2020 [Page 58]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
+--ro template* []
+--ro observation-domain-id? uint32
+--ro template-id? uint16
+--ro set-id? uint16
+--ro access-time? yang:date-and-time
+--ro template-data-records? yang:counter64
+--ro template-discontinuity-time? yang:date-and-time
+--ro field* []
+--ro ie-id? ie-id-type
+--ro ie-length? uint16
+--ro ie-enterprise-number? uint32
+--ro is-flow-key? empty
+--ro is-scope? empty
Figure 29: Template Class
The names and semantics of the state parameters correspond to the
managed objects in the ipfixTemplateTable,
ipfixTemplateDefinitionTable, and ipfixTemplateStatsTable of the
IPFIX MIB module [RFC6615]:
observation-domain-id
The identifier of the observation domain for which this template
is defined.
template-id
This number indicates the template identifier in the IPFIX
Message.
set-id
This number indicates the set identifier of this template.
Currently, there are two values defined [RFC7011]. The value 2 is
used for sets containing template definitions. The value 3 is
used for sets containing options template definitions.
access-time
Used for exporting processes, this parameter contains the time
when this (Options) Template was last sent to the Collector or
written to the file. Used for Collecting Processes, this
parameter contains the time when this (Options) Template was last
received from the Exporter or read from the file.
template-data-records
The number of transmitted or received data records defined by this
(options) template since the point in time indicated by template-
definition-time.
template-discontinuity-time
Boyd & Seda Expires September 10, 2020 [Page 59]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
Timestamp of the most recent occasion at which the counter
template-data-records suffered a discontinuity. The time is
absolute and not relative to sysUpTime.
ie-id, ie-length, ie-enterprise-number
Information Element identifier, length, and enterprise number of a
field in the template. If this is not an enterprise-specific
Information Element, ie-enterprise-number is zero. These state
parameters are identical to ipfixTemplateDefinitionIeId,
ipfixTemplateDefinitionIeLength, and
ipfixTemplateDefinitionIeEnterpriseNumber in the IPFIX MIB module
[RFC6615].
is-flow-key
If this state parameter is present, this is a flow key field.
This parameter is only available for non-Options Templates (i.e.,
if setId is 2).
is-scope
If this state parameter is present, this is a scope field. This
parameter is only available for options templates (i.e., if setId
is 3).
4.9. Bulk Data Class
The BulkDataProcess class in Figure 30 specifies the bulk data
template to be applied to resource or set of resources and provides
state information about the template records.
Boyd & Seda Expires September 10, 2020 [Page 60]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
+--rw bulk-data-export
+--rw template* [name]
+--rw name ietf-ipfix:name-type
+--rw enabled? boolean
+--rw export-interval? uint32
+--rw observation-domain-id? uint32
+--rw field-layout
| +--rw field* [name]
| +--rw name ietf-ipfix:name-type
| +--rw (identifier)
| | +--:(ie-id)
| | +--rw ie-id? ietf-ipfix:ie-id-type
| +--rw ie-length? uint16
| +--rw ie-enterprise-number? uint32
+--rw exporting-process*
| -> /ietf-ipfix:ipfix/exporting-process/name
| {ietf-ipfix:exporter}?
+--rw resource* resource
+--ro data-records? yang:counter64
+--ro discontinuity-time? yang:date-and-time
Figure 30: Bulk Data Class
The following attributes are supported:
enabled
Enables the template so that specified data may be exported. The
default is "enabled".
export-interval
The interval (in seconds) for periodical export of data records.
observation-domain-id
The Observation Domain that is locally unique to an Exporting
Process
field-layout
The IPFIX template to be applied to the resource. The following
attributes are configurable:
* ie-id: Identifies the Information Element identifier.
* ie-enterprise-id: Identifies the enterprise identifier of the
Information Element. If 0, the enterprise ID is an IANA based
Information Element.
* ie-length: Identifies the length of the Information Element.
Boyd & Seda Expires September 10, 2020 [Page 61]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
A bulk data instance may refer to:
o one or more exporting-process instances
o one or more resource instances (e.g., different interface
instances on a line card)
The following state information is available;
data-records
Reports the number of data records generated for this bulk data
template.
discontinuity-time
Timestamp of the most recent occasion at which the counter data
records suffered a discontinuity.
5. Adaptation to Device Capabilities
The configuration data model standardizes a superset of common IPFIX
and PSAMP configuration parameters. A typical monitoring device
implementation will not support the entire range of possible
configurations. Certain functions may not be supported, such as the
collecting process that does not exist on a monitoring device that is
conceived as exporter only. The configuration of other functions may
be subject to resource limitations or functional restrictions. For
example, the cache size is typically limited according to the
available memory on the device. It is also possible that a
monitoring device implementation requires the configuration of
additional parameters that are not part of the configuration data
model in order to function properly.
The configuration data model for IPFIX and PSAMP covers the
configuration of Exporters, Collectors, and devices that may act as
both. As Exporters and Collectors implement different functions, the
corresponding portions of the model are conditional on the following
features:
exporter
If this feature is supported, Exporting Processes can be
configured.
collector
If this feature is supported, Collecting Processes can be
configured.
Exporters do not necessarily implement any Selection Processes,
Caches, or even Observation Points in particular cases. Therefore,
Boyd & Seda Expires September 10, 2020 [Page 62]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
the corresponding portions of the model are conditional on the
following feature:
Additional features refer to different PSAMP Sampling and Filtering
methods as well as to the supported types of Caches:
psamp-samp-count-based
If this feature is supported, Sampling method samp-count-based can
be configured.
psamp-samp-time-based
If this feature is supported, Sampling method samp-time-based can
be configured.
psamp-samp-rand-out-of-n
If this feature is supported, Sampling method samp-rand-out-of-n
can be configured.
psamp-samp-uni-prob
If this feature is supported, Sampling method samp-uni-prob can be
configured.
psampfilter-match
If this feature is supported, Filtering method filter-match can be
configured.
psamp-filter-hash
If this feature is supported, Filtering method filter-hash can be
configured.
immediate-cache
If this feature is supported, a Cache generating PSAMP Packet
Reports can be configured using the Immediate Cache class.
timeout-cache
If this feature is supported, a Cache generating IPFIX Flow
Records can be configured using the Timeout Cache class.
natural-cache
If this feature is supported, a Cache generating IPFIX Flow
Records can be configured using the Natural Cache class.
permanent-cache
If this feature is supported, a Cache generating IPFIX Flow
Records can be configured using the Permanent Cache class.
The following features concern the support of UDP and TCP as
transport protocols and the support of File Readers and File Writers:
Boyd & Seda Expires September 10, 2020 [Page 63]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
sctp-transport
If this feature is supported, SCTP can be used as transport
protocol by Exporting Processes and Collecting Processes.
udp-transport
If this feature is supported, UDP can be used as transport
protocol by Exporting Processes and Collecting Processes.
tcp-transport
If this feature is supported, TCP can be used as transport
protocol by Exporting Processes and Collecting Processes.
file-reader
If this feature is supported, File Readers can be configured as
part of Collecting Processes.
file-writer
If this feature is supported, File Writers can be configured as
part of Exporting Processes.
6. YANG Modules
This document defines three YANG modules:
ietf-ipfix
Defines the IPFIX collector and exporter functions.
ietf-ipfix-packet-sampling
Defines the PSAMP functions for configuring a device to sample/
meter a subset of packets from the network.
ietf-ipfix-bulk-data-export
Defines the bulk data IPFIX templates used to export bulk data.
6.1. ietf-ipfix
6.1.1. ietf-ipfix Module Structure
This document defines the YANG module "ietf-ipfix", which has the
following structure:
Boyd & Seda Expires September 10, 2020 [Page 64]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
module: ietf-ipfix
+--rw ipfix
+--rw collecting-process* [name] {collector}?
| +--rw name name-type
| +--rw tcp-collector* [name] {tcp-transport}?
| | ...
| +--rw udp-collector* [name] {udp-transport}?
| | ...
| +--rw sctp-collector* [name] {sctp-transport}?
| | ...
| +--rw file-reader* [name] {file-reader}?
| | ...
| +--rw exporting-process* -> /ipfix/exporting-process/name
| {exporter}?
+--rw exporting-process* [name] {exporter}?
+--rw name name-type
+--rw enabled? boolean
+--rw export-mode? identityref
+--rw destination* [name]
| ...
+--rw options* [name]
| ...
+--ro exporting-process-id? uint32
6.1.2. ietf-ipfix YANG Module
This YANG Module imports typedefs from [RFC6991].
<CODE BEGINS> file "ietf-ipfix@2018-10-22.yang"
module ietf-ipfix {
yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-ipfix";
prefix ietf-ipfix;
import ietf-inet-types {
prefix inet;
reference
"RFC 6991: Common YANG Data Types";
}
import ietf-yang-types {
prefix yang;
reference
"RFC 6991: Common YANG Data Types";
}
Boyd & Seda Expires September 10, 2020 [Page 65]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
import ietf-interfaces {
prefix if;
reference
"RFC 8343: A YANG Model for Interface Management";
}
organization
"IETF";
contact
"Web: TBD
List: TBD
Editor: Joey Boyd
<mailto:joey.boyd@adtran.com>
Editor: Marta Seda
<mailto:marta.seda@calix.com>";
// RFC Ed.: replace XXXX with actual RFC numbers and
// remove this note.
description
"This module contains a collection of YANG definitions for the
management of IP Flow Information Export (IPFIX).
This data model is designed for the Network Management Datastore
Architecture defined in RFC 8342.
The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
'MAY', and 'OPTIONAL' in this document are to be interpreted as
described in BCP 14 (RFC 2119) (RFC 8174) when, and only when,
they appear in all capitals, as shown here.
Copyright (c) 2019 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject to
the license terms contained in, the Simplified BSD License set
forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(https://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX
(https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself
for full legal notices.";
Boyd & Seda Expires September 10, 2020 [Page 66]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
revision 2020-03-05 {
description
"Initial revision.";
reference
"RFC XXXX: YANG Data Models for the IP Flow Information Export
(IPFIX) Protocol, Packet Sampling (PSAMP) Protocol,
and Bulk Data Export";
}
feature exporter {
description
"If supported, the Monitoring Device can be used as
an Exporter. Exporting Processes can be configured.";
}
feature collector {
description
"If supported, the Monitoring Device can be used as
a Collector. Collecting Processes can be configured.";
}
feature tcp-transport {
description
"If supported, the Monitoring Device supports TCP
as the transport protocol.";
}
feature udp-transport {
description
"If supported, the Monitoring Device supports UDP
as the transport protocol.";
}
feature sctp-transport {
description
"If supported, the Monitoring Device supports SCTP
as the transport protocol.";
}
feature file-reader {
description
"If supported, the Monitoring Device supports the
configuration of Collecting Processes as File Readers.";
}
feature file-writer {
description
"If supported, the Monitoring Device supports the
Boyd & Seda Expires September 10, 2020 [Page 67]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
configuration of Exporting Processes as File Writers.";
}
feature if-mib {
description
"This feature indicates that the device implements
the IF-MIB.";
reference
"RFC 2863: The Interfaces Group MIB";
}
identity export-mode {
description
"Base identity for different usages of export
destinations configured for an Exporting Process.";
reference
"RFC 6615, Section 8 (ipfixExportMemberType)";
}
identity parallel {
base export-mode;
description
"Parallel export of Data Records to all destinations configured
for the Exporting Process.";
reference
"RFC 6615, Section 8 (ipfixExportMemberType)";
}
identity load-balancing {
base export-mode;
description
"Load-balancing between the different destinations
configured for the Exporting Process.";
reference
"RFC 6615, Section 8 (ipfixExportMemberType)";
}
identity fallback {
base export-mode;
description
"Export to the primary destination (i.e., the first
destination configured for the Exporting Process). If the
export to the primary destination fails, the Exporting Process
tries to export to the secondary destination. If the
secondary destination fails as well, it continues with the
tertiary, etc.";
reference
"RFC 6615, Section 8 (ipfixExportMemberType)";
Boyd & Seda Expires September 10, 2020 [Page 68]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
}
identity options-type {
description
"Base identity for report types exported with
options templates.";
}
identity metering-statistics {
base options-type;
description
"Metering Process Statistics.";
reference
"RFC 7011, Section 4.1";
}
identity metering-reliability {
base options-type;
description
"Metering Process Reliability Statistics.";
reference
"RFC 7011, Section 4.2";
}
identity exporting-reliability {
base options-type;
description
"Exporting Process Reliability Statistics.";
reference
"RFC 7011, Section 4.3";
}
identity flow-keys {
base options-type;
description
"Flow Keys.";
reference
"RFC 7011, Section 4.4";
}
identity selection-sequence {
base options-type;
description
"Selection Sequence and Selector Reports.";
reference
"RFC 5476, Sections 6.5.1 and 6.5.2";
}
Boyd & Seda Expires September 10, 2020 [Page 69]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
identity selection-statistics {
base options-type;
description
"Selection Sequence Statistics Report.";
reference
"RFC 5476, Sections 6.5.3";
}
identity accuracy {
base options-type;
description
"Accuracy Report.";
reference
"RFC 5476, Section 6.5.4";
}
identity reducing-redundancy {
base options-type;
description
"Enables the utilization of Options Templates to reduce
redundancy in the exported Data Records.";
reference
"RFC 5473";
}
identity extended-type-information {
base options-type;
description
"Export of extended type information for enterprise-specific
Information Elements used in the exported Templates.";
reference
"RFC 5610";
}
typedef ie-name-type {
type string {
length "1..max";
pattern '\S+';
}
description
"Type for Information Element names. Whitespaces are not
allowed.";
}
typedef name-type {
type string {
length "1..max";
pattern '\S(.*\S)?';
Boyd & Seda Expires September 10, 2020 [Page 70]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
}
description
"Type for 'name' leafs, which are used to identify specific
instances within lists, etc.
Leading and trailing whitespaces are not allowed.";
}
typedef ie-id-type {
type uint16 {
range "1..32767";
}
description
"Type for Information Element identifiers.";
}
typedef transport-session-status {
type enumeration {
enum "inactive" {
value 0;
description
"This value MUST be used for Transport Sessions that are
specified in the system but currently not active.
The value can be used for Transport Sessions that are
backup (secondary) sessions.";
}
enum "active" {
value 1;
description
"This value MUST be used for Transport Sessions that are
currently active and transmitting or receiving data.";
}
enum "unknown" {
value 2;
description
"This value MUST be used if the status of the Transport
Sessions cannot be detected by the device.
This value should be avoided as far as possible.";
}
}
description
"Status of a Transport Session.";
reference
"RFC 6615, Section 8 (ipfixTransportSessionStatus)";
}
Boyd & Seda Expires September 10, 2020 [Page 71]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
grouping transport-layer-security-parameters {
description
"TLS or DTLS parameters.";
container transport-layer-security {
presence
"The presence of this container indicates TLS is enabled.";
description
"TLS or DTLS configuration.";
leaf-list local-certification-authority-dn {
type string;
description
"Distinguished names of certification authorities whose
certificates may be used to identify the local endpoint.";
reference
"RFC 5280";
}
leaf-list local-subject-dn {
type string;
description
"Distinguished names that may be used in the certificates
to identify the local endpoint.";
reference
"RFC 5280.";
}
leaf-list local-subject-fqdn {
type inet:domain-name;
description
"Fully qualified domain names that may be used in the
certificates to identify the local endpoint.";
reference
"RFC 5280";
}
leaf-list remote-certification-authority-dn {
type string;
description
"Distinguished names of certification authorities whose
certificates are accepted to authorize remote endpoints.";
reference
"RFC 5280";
}
leaf-list remote-subject-dn {
type string;
Boyd & Seda Expires September 10, 2020 [Page 72]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
description
"Distinguished names which are accepted in certificates to
authorize remote endpoints.";
reference
"RFC 5280";
}
leaf-list remote-subject-fqdn {
type inet:domain-name;
description
"Fully qualified domain names that are accepted in
certificates to authorize remote endpoints.";
reference
"RFC 5280";
}
}
}
grouping transport-session-state-parameters {
description
"State parameters of a Transport Session originating from an
Exporting Process or terminating at a Collecting Process.
Parameter names and semantics correspond to the managed
objects in IPFIX-MIB.";
reference
"RFC 7011; RFC 6615, Section 8 (ipfixTransportSessionEntry,
ipfixTransportSessionStatsEntry)";
leaf ipfix-version {
type uint16;
description
"Used for Exporting Processes, this parameter contains the
version number of the IPFIX protocol that the Exporter uses
to export its data in this Transport Session.
Used for Collecting Processes, this parameter contains the
version number of the IPFIX protocol it receives for this
Transport Session. If IPFIX Messages of different IPFIX
protocol versions are received, this parameter contains the
maximum version number.
Note that this parameter corresponds to
ipfixTransportSessionIpfixVersion in the IPFIX MIB module.";
reference
"RFC 6615, Section 8
(ipfixTransportSessionIpfixVersion)";
}
Boyd & Seda Expires September 10, 2020 [Page 73]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
leaf source-address {
type inet:host;
description
"The source address of the Exporter of the IPFIX Transport
Session.";
reference
"RFC 6615, Section 8
(ipfixTransportSessionSourceAddressType,
ipfixTransportSessionSourceAddress);
RFC 4960, Section 6.4";
}
leaf destination-address {
type inet:host;
description
"The destination address of the path that is selected by the
Exporter to send IPFIX messages to the Collector.
In the case of TCP, it is possible that if an FQDN address
is configured it resolves into many addresses.
Note that this parameter functionally corresponds to
ipfixTransportSessionDestinationAddressType and
ipfixTransportSessionDestinationAddress in the IPFIX MIB
module.";
reference
"RFC 6615, Section 8
(ipfixTransportSessionDestinationAddressType,
ipfixTransportSessionDestinationAddress);
RFC 4960, Section 6.4";
}
leaf source-port {
type inet:port-number;
description
"The transport-protocol port number of the Exporter of the
IPFIX Transport Session.
Note that this parameter corresponds to
ipfixTransportSessionSourcePort in the IPFIX MIB module.";
reference
"RFC 6615, Section 8
(ipfixTransportSessionSourcePort).";
}
leaf destination-port {
type inet:port-number;
description
Boyd & Seda Expires September 10, 2020 [Page 74]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
"The transport-protocol port number of the Collector of the
IPFIX Transport Session.
Note that this parameter corresponds to
ipfixTransportSessionDestinationPort in the IPFIX MIB
module.";
reference
"RFC 6615, Section 8
(ipfixTransportSessionDestinationPort)";
}
leaf status {
type transport-session-status;
description
"Status of the Transport Session.
Note that this parameter corresponds to
ipfixTransportSessionStatus in the IPFIX MIB module.";
reference
"RFC 6615, Section 8 (ipfixTransportSessionStatus)";
}
leaf rate {
type yang:gauge32;
units "bytes per second";
description
"The number of bytes per second transmitted by the
Exporting Process or received by the Collecting Process.
This parameter is updated every second.
Note that this parameter corresponds to
ipfixTransportSessionRate in the IPFIX MIB module.";
reference
"RFC 6615, Section 8 (ipfixTransportSessionRate)";
}
leaf bytes {
type yang:counter64;
units "bytes";
description
"The number of bytes transmitted by the Exporting Process or
received by the Collecting Process.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
transport-session-discontinuity-time.
Boyd & Seda Expires September 10, 2020 [Page 75]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
Note that this parameter corresponds to
ipfixTransportSessionBytes in the IPFIX MIB module.";
reference
"RFC 6615, Section 8 (ipfixTransportSessionBytes)";
}
leaf messages {
type yang:counter64;
units "IPFIX Messages";
description
"The number of messages transmitted by the Exporting Process
or received by the Collecting Process.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
transport-session-discontinuity-time.
Note that this parameter corresponds to
ipfixTransportSessionMessages in the IPFIX MIB module.";
reference
"RFC 6615, Section 8
(ipfixTransportSessionMessages)";
}
leaf discarded-messages {
type yang:counter64;
units "IPFIX Messages";
description
"Used for Exporting Processes, this parameter indicates the
number of messages that could not be sent due to internal
buffer overflows, network congestion, routing issues, etc.
Used for Collecting Process, this parameter indicates the
number of received IPFIX Message that are malformed, cannot
be decoded, are received in the wrong order or are missing
according to the sequence number.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
transport-session-discontinuity-time.
Note that this parameter corresponds to
ipfixTransportSessionDiscardedMessages in the IPFIX MIB
module.";
reference
"RFC 6615, Section 8
(ipfixTransportSessionDiscardedMessages)";
Boyd & Seda Expires September 10, 2020 [Page 76]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
}
leaf records {
type yang:counter64;
units "Data Records";
description
"The number of Data Records transmitted by the Exporting
Process or received by the Collecting Process.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
transport-session-discontinuity-time.
Note that this parameter corresponds to
ipfixTransportSessionRecords in the IPFIX MIB module.";
reference
"RFC 6615, Section 8
(ipfixTransportSessionRecords)";
}
leaf templates {
type yang:counter32;
units "Templates";
description
"The number of Templates transmitted by the Exporting Process
or received by the Collecting Process.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
transport-session-discontinuity-time.
Note that this parameter corresponds to
ipfixTransportSessionTemplates in the IPFIX MIB module.";
reference
"RFC 6615, Section 8
(ipfixTransportSessionTemplates)";
}
leaf options-templates {
type yang:counter32;
units "Options Templates";
description
"The number of Option Templates transmitted by the Exporting
Process or received by the Collecting Process.
Discontinuities in the value of this counter can occur at
Boyd & Seda Expires September 10, 2020 [Page 77]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
re-initialization of the management system, and at other
times as indicated by the value of
transport-session-discontinuity-time.
Note that this parameter corresponds to
ipfixTransportSessionOptionsTemplates in the IPFIX MIB
module.";
reference
"RFC 6615, Section 8
(ipfixTransportSessionOptionsTemplates)";
}
leaf transport-session-start-time {
type yang:date-and-time;
description
"Timestamp of the start of the given Transport Session.
This state parameter does not correspond to any object in
the IPFIX MIB module.";
}
leaf transport-session-discontinuity-time {
type yang:date-and-time;
description
"Timestamp of the most recent occasion at which one or more
of the Transport Session counters suffered a discontinuity.
Note that this parameter functionally corresponds to
ipfixTransportSessionDiscontinuityTime in the IPFIX MIB
module. In contrast to
ipfixTransportSessionDiscontinuityTime, the time is
absolute and not relative to sysUpTime.";
reference
"RFC 6615, Section 8
(ipfixTransportSessionDiscontinuityTime)";
}
}
grouping collection-template-state-parameters {
description
"State parameters of a (Options) Template received by a
Collecting Process in a specific Transport Session or read by
the File Reader.
Parameter names and semantics correspond to the
managed objects in IPFIX-MIB";
reference
"RFC 7011; RFC 6615, Section 8 (ipfixTemplateEntry,
Boyd & Seda Expires September 10, 2020 [Page 78]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
ipfixTemplateDefinitionEntry, ipfixTemplateStatsEntry)";
list template {
key "name";
description
"This list contains the Templates and Options Templates that
are transmitted by the Exporting Process or received by the
Collecting Process.
Withdrawn or invalidated (Options) Templates MUST be removed
from this list.";
leaf name {
type name-type;
description
"An arbitrary string which uniquely identifies the
template.";
}
leaf observation-domain-id {
type uint32;
description
"The ID of the Observation Domain for which this Template
is defined.
Note that this parameter corresponds to
ipfixTemplateObservationDomainId in the IPFIX MIB
module.";
reference
"RFC 6615, Section 8
(ipfixTemplateObservationDomainId)";
}
leaf template-id {
type uint16 {
range "256..65535";
}
description
"This number indicates the Template ID in the IPFIX
message.
Note that this parameter corresponds to ipfixTemplateId in
the IPFIX MIB module.";
reference
"RFC 6615, Section 8 (ipfixTemplateId)";
}
leaf set-id {
Boyd & Seda Expires September 10, 2020 [Page 79]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
type uint16 {
range "2..3 | 256..65535";
}
description
"This number indicates the Set ID of the Template.
A value of 2 is reserved for Template Sets. A value of 3
is reserved for Options Template Sets. Values from 4 to
255 are reserved for future use. Values 256 and above
are used for Data Sets. The Set ID values of 0 and 1 are
not used for historical reasons.
Note that this parameter corresponds to ipfixTemplateSetId
in the IPFIX MIB module.";
reference
"RFC 7011, Section 3.3.2;
RFC 6615, Section 8 (ipfixTemplateSetId)";
}
leaf access-time {
type yang:date-and-time;
description
"This parameter contains the time when this (Options)
Template was last received from the Exporter or read from
the file.
Note that this parameter corresponds to
ipfixTemplateAccessTime in the IPFIX MIB module.";
reference
"RFC 6615, Section 8 (
ipfixTemplateAccessTime)";
}
leaf template-data-records {
type yang:counter64;
description
"The number of received Data Records defined by this
(Options) Template.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
template-discontinuity-time.
Note that this parameter corresponds to
ipfixTemplateDataRecords in the IPFIX MIB module.";
reference
"RFC 6615, Section 8 (ipfixTemplateDataRecords)";
}
Boyd & Seda Expires September 10, 2020 [Page 80]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
leaf template-discontinuity-time {
type yang:date-and-time;
description
"Timestamp of the most recent occasion at which the counter
template-data-records suffered a discontinuity.
Note that this parameter functionally corresponds to
ipfixTemplateDiscontinuityTime in the IPFIX MIB module. In
contrast to ipfixTemplateDiscontinuityTime, the time is
absolute and not relative to sysUpTime.";
reference
"RFC 6615, Section 8
(ipfixTemplateDiscontinuityTime)";
}
list field {
key "name";
description
"This list contains the (Options) Template fields of which
the (Options) Template is defined.
The order of the list corresponds to the order of the
fields in the (Option) Template Record.";
leaf name {
type name-type;
description
"An arbitrary string which uniquely identifies the
template field.";
}
leaf ie-id {
type ie-id-type;
description
"This parameter indicates the Information Element
identifier of the field.
Note that this parameter corresponds to
ipfixTemplateDefinitionIeId in the IPFIX MIB module.";
reference
"RFC 7011; RFC 6615, Section 8
(ipfixTemplateDefinitionIeId).";
}
leaf ie-length {
type uint16;
units "octets";
description
Boyd & Seda Expires September 10, 2020 [Page 81]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
"This parameter indicates the length of the Information
Element of the field.
Note that this parameter corresponds to
ipfixTemplateDefinitionIeLength in the IPFIX MIB
module.";
reference
"RFC 7011; RFC 6615, Section 8
(ipfixTemplateDefinitionIeLength)";
}
leaf ie-enterprise-number {
type uint32;
description
"This parameter indicates the IANA enterprise number of
the authority defining the Information Element
identifier.
If the Information Element is not enterprise-specific,
this state parameter is zero.
Note that this parameter corresponds to
ipfixTemplateDefinitionIeEnterpriseNumber in the IPFIX
MIB module.";
reference
"RFC 6615, Section 8
(ipfixTemplateDefinitionIeEnterpriseNumber);
IANA registry for Private Enterprise Numbers,
http://www.iana.org/assignments/enterprise-numbers";
}
leaf is-flow-key {
when "../../set-id = 2" {
description
"This parameter is available for non-Options Templates
(Set ID is 2).";
}
type empty;
description
"If present, this is a Flow Key field.
Note that this corresponds to flowKey(1) being set in
ipfixTemplateDefinitionFlags.";
reference
"RFC 6615, Section 8
(ipfixTemplateDefinitionFlags)";
}
Boyd & Seda Expires September 10, 2020 [Page 82]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
leaf is-scope {
when "../../set-id = 3" {
description
"This parameter is available for Options
Templates (Set ID is 3).";
}
type empty;
description
"If present, this is a scope field.
Note that this corresponds to scope(0) being set in
ipfixTemplateDefinitionFlags.";
reference
"RFC 6615, Section 8
(ipfixTemplateDefinitionFlags)";
}
}
}
}
grouping common-collector-parameters {
description
"Parameters of a Collecting Process that are common to all
transport protocols.";
choice local-address-method {
description
"Method to configure the local address of the collecting
process. Note that it is expected that other methods be
available. Those method can augment this choice.";
case local-address {
leaf-list local-address {
type inet:host;
description
"List of local addresses on which the Collecting
Process listens for IPFIX Messages.";
}
}
}
leaf local-port {
type inet:port-number;
description
"If not configured, the Monitoring Device uses the default
port number for IPFIX, which is 4739 without TLS or DTLS and
4740 if TLS or DTLS is activated.";
}
Boyd & Seda Expires September 10, 2020 [Page 83]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
}
grouping tcp-collector-parameters {
description
"Parameters of a listening TCP socket at a Collecting
Process.";
uses common-collector-parameters;
uses transport-layer-security-parameters;
}
grouping udp-collector-parameters {
description
"Parameters of a listening UDP socket at a Collecting
Process.";
uses common-collector-parameters;
leaf template-life-time {
type uint32;
units seconds;
default 1800;
description
"Sets the lifetime of Templates for all UDP Transport
Sessions terminating at this UDP socket. Templates that are
not received again within the configured lifetime become
invalid at the Collecting Process.
As specified in RFC 7011, the Template lifetime MUST be at
least three times higher than the template-refresh-timeout
parameter value configured on the corresponding Exporting
Processes.
Note that this parameter corresponds to
ipfixTransportSessionTemplateRefreshTimeout in the IPFIX
MIB module.";
reference
"RFC 7011, Section 10.3.7; RFC 6615, Section 8
(ipfixTransportSessionTemplateRefreshTimeout).";
}
leaf options-template-life-time {
type uint32;
units seconds;
default 1800;
description
"Sets the lifetime of Options Templates for all UDP Transport
Boyd & Seda Expires September 10, 2020 [Page 84]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
Sessions terminating at this UDP socket. Options Templates
that are not received again within the configured lifetime
become invalid at the Collecting Process.
As specified in RFC 7011, the Options Template lifetime MUST
be at least three times higher than the
options-template-refresh-timeout parameter value configured
on the corresponding Exporting Processes.
Note that this parameter corresponds to
ipfixTransportSessionOptionsTemplateRefreshTimeout in the
IPFIX MIB module.";
reference
"RFC 7011, Section 8.4; RFC 6615, Section 8
(ipfixTransportSessionOptionsTemplateRefreshTimeout).";
}
leaf template-life-packet {
type uint32;
units "IPFIX Messages";
description
"If this parameter is configured, Templates defined in a UDP
Transport Session become invalid if they are neither
included in a sequence of more than this number of IPFIX
Messages nor received again within the period of time
specified by template-life-time.
Note that this parameter corresponds to
ipfixTransportSessionTemplateRefreshPacket in the IPFIX
MIB module.";
reference
"RFC 7011, Section 8.4; RFC 6615, Section 8
(ipfixTransportSessionTemplateRefreshPacket).";
}
leaf options-template-life-packet {
type uint32;
units "IPFIX Messages";
description
"If this parameter is configured, Options Templates defined
in a UDP Transport Session become invalid if they are
neither included in a sequence of more than this number of
IPFIX Messages nor received again within the period of time
specified by options-template-life-time.
Note that this parameter corresponds to
ipfixTransportSessionOptionsTemplateRefreshPacket in the
IPFIX MIB module.";
Boyd & Seda Expires September 10, 2020 [Page 85]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
reference
"RFC 7011, Section 8.4; RFC 6615, Section 8
(ipfixTransportSessionOptionsTemplateRefreshPacket).";
}
leaf maximum-reordering-delay {
type uint32;
units seconds;
description
"The maximum delay for the template to be received at the
collector after the data record(s) has(have) been received.
The collector is expected to buffer the data records till
such a time.";
reference
"RFC 7011, Section 8.2";
}
uses transport-layer-security-parameters;
}
grouping sctp-collector-parameters {
description
"Parameters of a listening SCTP socket at a Collecting
Process.";
uses common-collector-parameters;
leaf maximum-reordering-delay {
type uint32;
units seconds;
description
"The maximum delay for the template to be received at the
collector after the data record(s) has(have) been received.
The collector is expected to buffer the data records till
such a time.";
reference
"RFC 7011, Section 8.2";
}
uses transport-layer-security-parameters;
}
grouping file-reader-state-parameters {
description
"State Parameters for the File Reader.";
container file-reader-state {
config false;
Boyd & Seda Expires September 10, 2020 [Page 86]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
description
"File Reader parameters.";
leaf bytes {
type yang:counter64;
units octets;
description
"The number of bytes read by the File Reader.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
file-reader-discontinuity-time.";
}
leaf messages {
type yang:counter64;
units "IPFIX Messages";
description
"The number of IPFIX Messages read by the File Reader.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
file-reader-discontinuity-time.";
}
leaf records {
type yang:counter64;
units "Data Records";
description
"The number of Data Records read by the File Reader.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
file-reader-discontinuity-time.";
}
leaf templates {
type yang:counter32;
units "Templates";
description
"The number of Template Records (excluding Options Template
Records) read by the File Reader.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
Boyd & Seda Expires September 10, 2020 [Page 87]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
times as indicated by the value of
file-reader-discontinuity-time.";
}
leaf options-templates {
type yang:counter32;
units "Options Templates";
description
"The number of Options Template Records read by the File
Reader.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
file-reader-discontinuity-time.";
}
leaf file-reader-discontinuity-time {
type yang:date-and-time;
description
"Timestamp of the most recent occasion at which one or more
File Reader counters suffered a discontinuity.
In contrast to discontinuity times in the IPFIX MIB
module, the time is absolute and not relative to
sysUpTime.";
}
uses collection-template-state-parameters;
}
}
grouping collecting-process-parameters {
description
"Parameters of a Collecting Process.";
list tcp-collector {
if-feature tcp-transport;
key "name";
description
"List of TCP receivers (sockets) on which the Collecting
Process receives IPFIX Messages.";
leaf name {
type name-type;
description
"An arbitrary string which uniquely identifies the TCP
collector.";
Boyd & Seda Expires September 10, 2020 [Page 88]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
}
uses tcp-collector-parameters;
list transport-session {
key name;
config false;
description
"This list contains the currently established Transport
Sessions terminating at the given socket.";
leaf name {
type name-type;
description
"An arbitrary string which uniquely identifies the
transport session.";
}
uses transport-session-state-parameters;
uses collection-template-state-parameters;
}
}
list udp-collector {
if-feature udp-transport;
key "name";
description
"List of UDP receivers (sockets) on which the Collecting
Process receives IPFIX Messages.";
leaf name {
type name-type;
description
"An arbitrary string which uniquely identifies the UDP
Collector.";
}
uses udp-collector-parameters;
list transport-session {
key name;
config false;
description
"This list contains the currently established Transport
Sessions terminating at the given socket.";
leaf name {
type name-type;
Boyd & Seda Expires September 10, 2020 [Page 89]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
description
"An arbitrary string which uniquely identifies the
transport session.";
}
uses transport-session-state-parameters;
uses collection-template-state-parameters;
}
}
list sctp-collector {
if-feature sctp-transport;
key "name";
description
"List of SCTP receivers on which the Collecting Process
receives IPFIX Messages.";
leaf name {
type name-type;
description
"An arbitrary string which uniquely identifies the SCTP
Collector.";
}
uses sctp-collector-parameters;
list transport-session {
key name;
config false;
description
"This list contains the currently established Transport
Sessions terminating at the given socket.";
leaf name {
type name-type;
description
"An arbitrary string which uniquely identifies the
transport session.";
}
leaf sctp-association-id {
type uint32;
config false;
description
"The association ID used for the SCTP session between the
Exporter and the Collector of the IPFIX Transport
Session. It is equal to the sctpAssocId entry in the
sctpAssocTable defined in the SCTP-MIB.
Boyd & Seda Expires September 10, 2020 [Page 90]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
This parameter is only available if the transport
protocol is SCTP and if an SNMP agent on the same
Monitoring Device enables access to the corresponding
MIB objects in the sctpAssocTable.
Note that this parameter corresponds to
ipfixTransportSessionSctpAssocId in the IPFIX MIB
module.";
reference
"RFC 6615, Section 8
(ipfixTransportSessionSctpAssocId);
RFC 3871";
}
uses transport-session-state-parameters;
uses collection-template-state-parameters;
}
}
list file-reader {
if-feature file-reader;
key "name";
description
"List of File Readers from which the Collecting Process reads
the IPFIX Messages.";
leaf name {
type name-type;
description
"An arbitrary string which uniquely identifies the File
Reader.";
}
leaf file {
type inet:uri;
mandatory true;
description
"URI specifying the location of the file.";
}
uses file-reader-state-parameters;
}
}
grouping export-template-state-parameters {
description
"State parameters of a (Options) Template used by an Exporting
Process in a specific Transport Session or by a File Writer.
Boyd & Seda Expires September 10, 2020 [Page 91]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
Parameter names and semantics correspond to the managed
objects in IPFIX-MIB.";
reference
"RFC 7011; RFC 6615, Section 8 (ipfixTemplateEntry,
ipfixTemplateDefinitionEntry, ipfixTemplateStatsEntry)";
list template {
key "name";
description
"This list contains the Templates and Options Templates that
are transmitted by the Exporting Process or written by the
File Writer.
Withdrawn or invalidated (Options) Templates MUST be removed
from this list.";
leaf name {
type name-type;
description
"An arbitrary string which uniquely identifies the
template.";
}
leaf observation-domain-id {
type uint32;
description
"The ID of the Observation Domain for which this Template
is defined.
Note that this parameter corresponds to
ipfixTemplateObservationDomainId in the IPFIX MIB
module.";
reference
"RFC 6615, Section 8
(ipfixTemplateObservationDomainId).";
}
leaf template-id {
type uint16 {
range "256..65535";
}
description
"This number indicates the Template ID in the IPFIX
message.
Note that this parameter corresponds to ipfixTemplateId in
the IPFIX MIB module.";
reference
Boyd & Seda Expires September 10, 2020 [Page 92]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
"RFC 6615, Section 8 (ipfixTemplateId).";
}
leaf set-id {
type uint16 {
range "2..3 | 256..65535";
}
description
"This number indicates the Set ID of the Template.
A value of 2 is reserved for Template Sets. A value of 3
is reserved for Options Template Sets. Values from 4 to
255 are reserved for future use. Values 256 and above
are used for Data Sets. The Set ID values of 0 and 1 are
not used for historical reasons.
Note that this parameter corresponds to ipfixTemplateSetId
in the IPFIX MIB module.";
reference
"RFC 7011, Section 3.3.2;
RFC 6615, Section 8 (ipfixTemplateSetId)";
}
leaf access-time {
type yang:date-and-time;
description
"This parameter contains the time when this (Options)
Template was last sent to the Collector(s) or written to
the file.
Note that this parameter corresponds to
ipfixTemplateAccessTime in the IPFIX MIB module.";
reference
"RFC 6615, Section 8 (
ipfixTemplateAccessTime).";
}
leaf template-data-records {
type yang:counter64;
description
"The number of transmitted Data Records defined by this
(Options) Template.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
template-discontinuity-time.
Note that this parameter corresponds to
Boyd & Seda Expires September 10, 2020 [Page 93]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
ipfixTemplateDataRecords in the IPFIX MIB module.";
reference
"RFC 6615, Section 8 (ipfixTemplateDataRecords).";
}
leaf template-discontinuity-time {
type yang:date-and-time;
description
"Timestamp of the most recent occasion at which the counter
template-data-records suffered a discontinuity.
Note that this parameter functionally
corresponds to ipfixTemplateDiscontinuityTime in the IPFIX
MIB module. In contrast to
ipfixTemplateDiscontinuityTime, the time is absolute and
not relative to sysUpTime.";
reference
"RFC 6615, Section 8
(ipfixTemplateDiscontinuityTime).";
}
list field {
key "name";
description
"This list contains the (Options) Template fields of which
the (Options) Template is defined.
The order of the list corresponds to the order
of the fields in the (Option) Template Record.";
leaf name {
type name-type;
description
"An arbitrary string which uniquely identifies the
template field.";
}
leaf ie-id {
type ie-id-type;
description
"This parameter indicates the Information Element
identifier of the field.
Note that this parameter corresponds to
ipfixTemplateDefinitionIeId in the IPFIX MIB module.";
reference
"RFC 7011; RFC 6615, Section 8
(ipfixTemplateDefinitionIeId).";
Boyd & Seda Expires September 10, 2020 [Page 94]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
}
leaf ie-length {
type uint16;
units "octets";
description
"This parameter indicates the length of the Information
Element of the field.
Note that this parameter corresponds to
ipfixTemplateDefinitionIeLength in the IPFIX MIB
module.";
reference
"RFC 7011; RFC 6615, Section 8
(ipfixTemplateDefinitionIeLength).";
}
leaf ie-enterprise-number {
type uint32;
description
"This parameter indicates the IANA enterprise number of
the authority defining the Information Element
identifier.
If the Information Element is not enterprise-specific,
this state parameter is zero.
Note that this parameter corresponds to
ipfixTemplateDefinitionIeEnterpriseNumber in the IPFIX
MIB module.";
reference
"RFC 6615, Section 8
(ipfixTemplateDefinitionIeEnterpriseNumber);
IANA registry for Private Enterprise Numbers,
http://www.iana.org/assignments/enterprise-numbers.";
}
leaf is-flow-key {
when "../../set-id = 2" {
description
"This parameter is available for non-Options Templates
(Set ID is 2).";
}
type empty;
description
"If present, this is a Flow Key field.
Note that this corresponds to flowKey(1) being set in
Boyd & Seda Expires September 10, 2020 [Page 95]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
ipfixTemplateDefinitionFlags.";
reference
"RFC 6615, Section 8
(ipfixTemplateDefinitionFlags).";
}
leaf is-scope {
when "../../set-id = 3" {
description
"This parameter is available for Options Templates
(Set ID is 3).";
}
type empty;
description
"If present, this is a scope field.
Note that this corresponds to scope(0) being set in
ipfixTemplateDefinitionFlags.";
reference
"RFC 6615, Section 8
(ipfixTemplateDefinitionFlags).";
}
}
}
}
grouping common-exporter-parameters {
description
"Parameters of an export destination that are common to all
transport protocols.";
leaf ipfix-version {
type uint16;
default '10';
description
"IPFIX version number.";
reference
"RFC 7011.";
}
container source {
description
"Configuration corresponding to how exporter's source IP
address is specified.";
choice source-method {
description
"Method to configure the source address of the exporter
Boyd & Seda Expires September 10, 2020 [Page 96]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
or the interface to be used by the exporter.
Note that it is expected that other methods be available.
Those methods can augment this choice.";
case interface-ref {
leaf interface-ref {
type if:interface-ref;
description
"The interface to be used by the Exporting Process.";
}
}
case if-index {
if-feature if-mib;
leaf if-index {
type uint32;
description
"Index of an interface as stored in the ifTable
of IF-MIB.";
reference
"RFC 2863.";
}
}
case if-name {
if-feature if-mib;
leaf if-name {
type string;
description
"Name of an interface as stored in the ifTable
of IF-MIB.";
reference
"RFC 2863.";
}
}
}
}
container destination {
description
"Configuration corresponding to how exporter's destination IP
address is specified.";
}
leaf destination-port {
type inet:port-number;
description
Boyd & Seda Expires September 10, 2020 [Page 97]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
"If not configured by the user, the Monitoring Device uses
the default port number for IPFIX, which is 4739 without TLS
or DTLS and 4740 if TLS or DTLS is activated.";
}
leaf send-buffer-size {
type uint32;
units "bytes";
description
"Size of the socket send buffer.
If not configured by the user, this parameter is set by
the Monitoring Device.";
}
leaf rate-limit {
type uint32;
units "bytes per second";
description
"Maximum number of bytes per second the Exporting Process may
export to the given destination. The number of bytes is
calculated from the lengths of the IPFIX Messages exported.
If not configured, no rate limiting is performed.";
reference
"RFC 5476, Section 6.3.";
}
}
grouping tcp-exporter-parameters {
description
"Parameters of a TCP export destination.";
uses common-exporter-parameters {
augment "source/source-method" {
description
"Augment the source method to add the source IP address or
hostname.";
case source-address {
leaf source-address {
type inet:host;
description
"The source IP address or hostname used by the
Exporting Process.";
}
}
}
Boyd & Seda Expires September 10, 2020 [Page 98]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
augment "destination" {
description
"Augment the destination method to add the destination
IP address or hostname.";
choice destination-method {
mandatory true;
description
"Method to configuring the destination address of the
Collection Process to which IPFIX Messages are sent.
Note it is expected that if other methods are available
that they would augment from this statement.";
case destination-address {
leaf destination-address {
type inet:host;
description
"The destination IP address or hostname of the
Collecting Process to which IPFIX Messages are sent.
A hostname may resolve to one or more IP
addresses.";
}
}
}
}
}
leaf connection-timeout {
type uint32;
units seconds;
description
"Time after which the exporting process deems the TCP
connection to have failed.";
reference
"RFC 7011, Sections 10.4.4 and 10.4.5.";
}
leaf retry-schedule {
type uint32 {
range "60..max";
}
units seconds;
description
"Time after which the exporting process retries the TCP
connection to a collector.";
reference
"RFC 7011, Section 10.4.4.";
Boyd & Seda Expires September 10, 2020 [Page 99]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
}
uses transport-layer-security-parameters;
}
grouping udp-exporter-parameters {
description
"Parameters of a UDP export destination.";
uses common-exporter-parameters {
augment "source/source-method" {
description
"Augment the source method to add the source IP address or
hostname.";
case source-address {
leaf source-address {
type inet:host;
description
"The source IP address or hostname used by the
Exporting Process.";
}
}
}
augment "destination" {
description
"Augment the destination method to add the destination
IP address or hostname.";
choice destination-method {
mandatory true;
description
"Method to configuring the destination address of the
Collection Process to which IPFIX Messages are sent.
Note it is expected that if other methods are available
that they would augment from this statement.";
case destination-address {
leaf destination-address {
type inet:host;
description
"The destination IP address or hostname of the
Collecting Process to which IPFIX Messages are sent.
A hostname may resolve to one or more IP
addresses.";
}
Boyd & Seda Expires September 10, 2020 [Page 100]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
}
}
}
}
leaf maximum-packet-size {
type uint16;
units octets;
description
"This parameter specifies the maximum size of IP packets sent
to the Collector. If set to zero, the Exporting Device MUST
derive the maximum packet size from path MTU discovery
mechanisms.
If not configured by the user, this parameter is set by
the Monitoring Device.";
}
leaf template-refresh-timeout {
type uint32;
units seconds;
default 600;
description
"Sets time after which Templates are resent in the UDP
Transport Session.
Note that the configured lifetime MUST be adapted to the
template-life-time parameter value at the receiving
Collecting Process.
Note that this parameter corresponds to
ipfixTransportSessionTemplateRefreshTimeout in the IPFIX
MIB module.";
reference
"RFC 7011, Section 8.4; RFC 6615, Section 8
(ipfixTransportSessionTemplateRefreshTimeout).";
}
leaf options-template-refresh-timeout {
type uint32;
units seconds;
default 600;
description
"Sets time after which Options Templates are resent in the
UDP Transport Session.
Note that the configured lifetime MUST be adapted to the
options-template-life-time parameter value at the receiving
Boyd & Seda Expires September 10, 2020 [Page 101]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
Collecting Process.
Note that this parameter corresponds to
ipfixTransportSessionOptionsTemplateRefreshTimeout in the
IPFIX MIB module.";
reference
"RFC 7011, Section 8.4; RFC 6615, Section 8
(ipfixTransportSessionOptionsTemplateRefreshTimeout).";
}
leaf template-refresh-packet {
type uint32;
units "IPFIX Messages";
description
"Sets number of IPFIX Messages after which Templates are
resent in the UDP Transport Session.
Note that this parameter corresponds to
ipfixTransportSessionTemplateRefreshPacket in the IPFIX
MIB module.
If omitted, Templates are only resent after timeout.";
reference
"RFC 7011, Section 8.4; RFC 6615, Section 8
(ipfixTransportSessionTemplateRefreshPacket).";
}
leaf options-template-refresh-packet {
type uint32;
units "IPFIX Messages";
description
"Sets number of IPFIX Messages after which Options Templates
are resent in the UDP Transport Session protocol.
Note that this parameter corresponds to
ipfixTransportSessionOptionsTemplateRefreshPacket in the
IPFIX MIB module.
If omitted, Templates are only resent after timeout.";
reference
"RFC 7011, Section 8.4; RFC 6615, Section 8
(ipfixTransportSessionOptionsTemplateRefreshPacket).";
}
uses transport-layer-security-parameters;
}
grouping sctp-exporter-parameters {
Boyd & Seda Expires September 10, 2020 [Page 102]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
description
"Parameters of a SCTP export destination.";
uses common-exporter-parameters {
augment "source/source-method" {
description
"Augment the source method to add the source IP address or
hostname.";
case source-address {
leaf-list source-address {
type inet:host;
description
"The source IP address(es) or hostname(s) used by the
Exporting Process.";
}
}
}
augment "destination" {
description
"Augment the destination method to add the destination
IP address or hostname.";
choice destination-method {
mandatory true;
description
"Method to configuring the destination address of the
Collection Process to which IPFIX Messages are sent.
Note it is expected that if other methods are available
that they would augment from this statement.";
case destination-address {
leaf-list destination-address {
type inet:host;
description
"List of destination IP addresses or hostnames.
A hostname may resolve to one or more IP addresses.
The user must ensure that all configured IP
addresses belong to the same Collecting Process.
The SCTP Exporting Processs tries to establish an
SCTP association to any of the configured
destination IP addresses.";
}
}
Boyd & Seda Expires September 10, 2020 [Page 103]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
}
}
}
leaf timed-reliability {
type uint32;
units milliseconds;
default 0;
description
"Lifetime in milliseconds until an IPFIX Message containing
Data Sets only is 'abandoned' due to the timed reliability
mechanism of PR-SCTP.
If this parameter is set to zero, reliable SCTP transport is
used for all Data Records.
Regardless of the value of this parameter, the Exporting
Process MAY use reliable SCTP transport for Data Sets
associated with Options Templates.";
reference
"RFC 3758; RFC 4960.";
}
leaf association-timeout {
type uint32;
units seconds;
description
"Time after which the exporting process deems the SCTP
association to have failed.";
reference
"RFC 7011, Sections 10.2.4 and 10.2.5.";
}
uses transport-layer-security-parameters;
}
grouping file-writer-state-parameters {
description
"State Parameters for the File Writer.";
container file-writer-state {
config false;
description
"File Writer parameters.";
leaf bytes {
type yang:counter64;
units octets;
Boyd & Seda Expires September 10, 2020 [Page 104]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
description
"The number of bytes written by the File Writer.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
file-writer-discontinuity-time.";
}
leaf messages {
type yang:counter64;
units "IPFIX Messages";
description
"The number of IPFIX Messages written by the File Writer.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
file-writer-discontinuity-time.";
}
leaf discarded-messages {
type yang:counter64;
units "IPFIX Messages";
description
"The number of IPFIX Messages that could not be written by
the File Writer due to internal buffer overflows, limited
storage capacity, etc.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
file-writer-discontinuity-time.";
}
leaf records {
type yang:counter64;
units "Data Records";
description
"The number of Data Records written by the File Writer.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
file-writer-discontinuity-time.";
}
leaf templates {
Boyd & Seda Expires September 10, 2020 [Page 105]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
type yang:counter32;
units "Templates";
description
"The number of Template Records (excluding Options Template
Records) written by the File Writer.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
file-writer-discontinuity-time.";
}
leaf options-templates {
type yang:counter32;
units "Options Templates";
description
"The number of Options Template Records written by the File
Writer.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
file-writer-discontinuity-time.";
}
leaf file-writer-discontinuity-time {
type yang:date-and-time;
description
"Timestamp of the most recent occasion at which one or more
File Writer counters suffered a discontinuity.
In contrast to discontinuity times in the IPFIX MIB
module, the time is absolute and not relative to
sysUpTime.";
}
uses export-template-state-parameters;
}
}
grouping exporting-process-parameters {
description
"Parameters of an Exporting Process.";
leaf export-mode {
type identityref {
base export-mode;
}
Boyd & Seda Expires September 10, 2020 [Page 106]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
default 'parallel';
description
"This parameter determines to which configured destination(s)
the incoming Data Records are exported.";
}
list destination {
key "name";
min-elements 1;
description
"List of export destinations.";
leaf name {
type name-type;
description
"An arbitrary string which uniquely identifies the export
destination.";
}
choice destination-parameters {
mandatory true;
description
"Destination configuration.";
case tcp-exporter {
container tcp-exporter {
if-feature tcp-transport;
description
"TCP parameters.";
uses tcp-exporter-parameters;
container transport-session {
config false;
description
"Transport session state data.";
uses transport-session-state-parameters;
uses export-template-state-parameters;
}
}
}
case udp-exporter {
container udp-exporter {
if-feature udp-transport;
description
"UDP parameters.";
Boyd & Seda Expires September 10, 2020 [Page 107]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
uses udp-exporter-parameters;
container transport-session {
config false;
description
"Transport session state data.";
uses transport-session-state-parameters;
uses export-template-state-parameters;
}
}
}
case sctp-exporter {
container sctp-exporter {
if-feature sctp-transport;
description
"SCTP parameters.";
uses sctp-exporter-parameters;
container transport-session {
config false;
description
"Transport session state data.";
leaf sctp-association-id {
type uint32;
description
"The association ID used for the SCTP session
between the Exporter and the Collector of the
IPFIX Transport Session. It is equal to the
sctpAssocId entry in the sctpAssocTable defined in
the SCTP-MIB.
This parameter is only available if the transport
protocol is SCTP and if an SNMP agent on the same
Monitoring Device enables access to the
corresponding MIB objects in the sctpAssocTable.
Note that this parameter corresponds to
ipfixTransportSessionSctpAssocId in the IPFIX MIB
module.";
reference
"RFC 6615, Section 8
(ipfixTransportSessionSctpAssocId);
RFC 3871";
}
Boyd & Seda Expires September 10, 2020 [Page 108]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
uses transport-session-state-parameters;
uses export-template-state-parameters;
}
}
}
case file-writer {
container file-writer {
if-feature file-writer;
description
"File Writer parameters.";
leaf ipfix-version {
type uint16;
default 10;
description
"IPFIX version number.";
reference
"RFC 7011.";
}
leaf file {
type inet:uri;
mandatory true;
description
"URI specifying the location of the file.";
}
uses file-writer-state-parameters;
}
}
}
}
list options {
key "name";
description
"List of options reported by the Exporting Process.";
leaf name {
type name-type;
description
"An arbitrary string which uniquely identifies the
option.";
}
uses options-parameters;
}
}
Boyd & Seda Expires September 10, 2020 [Page 109]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
grouping options-parameters {
description
"Parameters specifying the data export using an Options
Template.";
leaf options-type {
type identityref {
base options-type;
}
mandatory true;
description
"Type of the exported options data.";
}
leaf options-timeout {
type uint32;
units "milliseconds";
description
"Time interval for periodic export of the options data. If
set to zero, the export is triggered when the options data
has changed.
If not configured by the user, this parameter is set by the
Monitoring Device.";
}
}
container ipfix {
description
"IPFIX Exporter and/or Collector data nodes.";
list collecting-process {
if-feature collector;
key "name";
description
"Collecting Process of the Monitoring Device.";
leaf name {
type name-type;
description
"An arbitrary string which uniquely identifies the
Collecting Process.";
}
uses collecting-process-parameters;
leaf-list exporting-process {
if-feature exporter;
Boyd & Seda Expires September 10, 2020 [Page 110]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
type leafref {
path "/ietf-ipfix:ipfix"
+ "/ietf-ipfix:exporting-process"
+ "/ietf-ipfix:name";
}
description
"Export of received records without any modifications.
Records are processed by all Exporting Processes in the
list.";
}
}
list exporting-process {
if-feature exporter;
key "name";
description
"List of Exporting Processes of the IPFIX Monitoring Device
for which configuration will be applied.";
leaf name {
type name-type;
description
"An arbitrary string which uniquely identifies the
Exporting Process.";
}
leaf enabled {
type boolean;
default "true";
description
"If true, this Exporting Process is enabled for
exporting.";
}
uses exporting-process-parameters;
leaf exporting-process-id {
type uint32;
config false;
description
"The identifier of the Exporting Process. This parameter
corresponds to the Information Element exportingProcessId.
Its occurrence helps to associate Exporting Process
parameters with Exporing Process statistics exported by
the Monitoring Device using the Exporting Process
Reliability Statistics Template as defined by the IPFIX
protocol specification.";
reference
Boyd & Seda Expires September 10, 2020 [Page 111]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
"RFC 7011, Section 4.3; IANA registry for IPFIX
Entities, http://www.iana.org/assignments/ipfix.";
}
}
}
}
<CODE ENDS>
6.2. ietf-ipfix-packet-sampling
6.2.1. ietf-ipfix-packet-sampling Module Structure
This document defines the YANG module "ietf-ipfix-packet-sampling",
which has the following structure:
Boyd & Seda Expires September 10, 2020 [Page 112]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
module: ietf-ipfix-packet-sampling
augment /ipfix:ipfix:
+--rw psamp
+--rw observation-point* [name]
| +--rw name ipfix:name-type
| +--rw observation-domain-id uint32
| +--rw interface-ref* if:interface-ref
| +--rw if-name* if-name-type {if-mib}?
| +--rw if-index* uint32 {if-mib}?
| +--rw hardware-ref* hardware-ref
| +--rw ent-physical-name* string {entity-mib}?
| +--rw ent-physical-index* uint32 {entity-mib}?
| +--rw direction? direction
| +--rw selection-process*
| | -> /ipfix:ipfix/psamp/selection-process/name
| +--ro observation-point-id? uint32
+--rw selection-process* [name]
| +--rw name ipfix:name-type
| +--rw selector* [name]
| | ...
| +--rw cache?
| | -> /ipfix:ipfix/psamp/cache/name
| +--ro selection-sequence* []
| ...
+--rw cache* [name]
+--rw name ipfix:name-type
+--rw enabled? boolean
+--rw (cache-type)
| ...
+--rw exporting-process*
| -> /ipfix:ipfix/exporting-process/name
| {ipfix:exporter}?
+--ro metering-process-id? uint32
+--ro data-records? yang:counter64
+--ro cache-discontinuity-time? yang:date-and-time
6.2.2. ietf-ipfix-packet-sampling YANG module
This YANG Module imports typedefs from [RFC6991].
<CODE BEGINS> file "ietf-ipfix-packet-sampling@2018-10-22.yang"
module ietf-ipfix-packet-sampling {
yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-ipfix-packet-sampling";
prefix ips;
Boyd & Seda Expires September 10, 2020 [Page 113]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
import ietf-yang-types {
prefix yang;
reference
"RFC 6991: Common YANG Data Types";
}
import ietf-interfaces {
prefix if;
reference
"RFC 8343: A YANG Model for Interface Management";
}
import ietf-hardware {
prefix hw;
reference
"RFC 8348: A YANG Data Model for Hardware Management";
}
import ietf-ipfix {
prefix ipfix;
reference
"RFC XXXX: YANG Data Models for the IP Flow Information Export
(IPFIX) Protocol, Packet Sampling (PSAMP) Protocol, and Bulk
Data Export";
}
organization
"IETF";
contact
"Web: TBD
List: TBD
Editor: Joey Boyd
<mailto:joey.boyd@adtran.com>
Editor: Marta Seda
<mailto:marta.seda@calix.com>";
// RFC Ed.: replace XXXX with actual RFC numbers and
// remove this note.
description
"This module contains a collection of YANG definitions for the
management Packet Sampling (PSAMP) over IPFIX.
This data model is designed for the Network Management Datastore
Architecture defined in RFC 8342.
Boyd & Seda Expires September 10, 2020 [Page 114]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
'MAY', and 'OPTIONAL' in this document are to be interpreted as
described in BCP 14 (RFC 2119) (RFC 8174) when, and only when,
they appear in all capitals, as shown here.
Copyright (c) 2019 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject to
the license terms contained in, the Simplified BSD License set
forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(https://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX
(https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself
for full legal notices.";
revision 2020-03-05 {
description
"Initial revision.";
reference
"RFC XXXX: YANG Data Models for the IP Flow Information Export
(IPFIX) Protocol, Packet Sampling (PSAMP) Protocol,
and Bulk Data Export";
}
feature if-mib {
description
"This feature indicates that the device implements the
IF-MIB.";
reference
"RFC 2863: The Interfaces Group MIB";
}
feature entity-mib {
description
"This feature indicates that the device implements the
ENTITY-MIB.";
reference
"RFC 6933: Entity MIB (Version 4)";
}
feature psamp-samp-count-based {
description
"If supported, the Monitoring Device supports count-based
Boyd & Seda Expires September 10, 2020 [Page 115]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
sampling. The Selector method sampCountBased can be
configured.";
reference
"RFC 5475, Section 5.1";
}
feature psamp-samp-time-based {
description
"If supported, the Monitoring Device supports time-based
sampling. The Selector method sampTimeBased can be
configured.";
reference
"RFC 5475, Section 5.1";
}
feature psamp-samp-rand-out-of-n {
description
"If supported, the Monitoring Device supports random n-out-of-N
sampling. The Selector method sampRandOutOfN can be
configured.";
reference
"RFC 5475, Section 5.2.1";
}
feature psamp-samp-uni-prob {
description
"If supported, the Monitoring Device supports uniform
probabilistic sampling. The Selector method sampUniProb can be
configured.";
reference
"RFC 5475, Section 5.2.2";
}
feature psamp-filter-match {
description
"If supported, the Monitoring Device supports property match
filtering. The Selector method filterMatch can be
configured.";
reference
"RFC 5475, Section 6.1";
}
feature psamp-filter-hash {
description
"If supported, the Monitoring Device supports hash-based
filtering. The Selector method filterHash can be configured.";
reference
"RFC 5475, Section 6.2";
Boyd & Seda Expires September 10, 2020 [Page 116]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
}
feature immediate-cache {
description
"If supported, the Monitoring Device supports
Caches generating PSAMP Packet Reports by configuration with
immediateCache.";
}
feature timeout-cache {
description
"If supported, the Monitoring Device supports
Caches generating IPFIX Flow Records by configuration with
timeoutCache.";
}
feature natural-cache {
description
"If supported, the Monitoring Device supports
Caches generating IPFIX Flow Records by configuration with
naturalCache.";
}
feature permanent-cache {
description
"If supported, the Monitoring Device supports
Caches generating IPFIX Flow Records by configuration with
permanentCache.";
}
identity hash-function {
description
"Base identity for all hash functions used for
hash-based packet Filtering.";
}
identity bob {
base hash-function;
description
"BOB hash function.";
reference
"RFC 5475, Section 6.2.4.1";
}
identity ipsx {
base hash-function;
description
"IPSX hash function.";
Boyd & Seda Expires September 10, 2020 [Page 117]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
reference
"RFC 5475, Section 6.2.4.1";
}
identity crc {
base hash-function;
description
"CRC hash function.";
reference
"RFC 5475, Section 6.2.4.1";
}
typedef hardware-ref {
type leafref {
path "/hw:hardware/hw:component/hw:name";
}
description
"This type is used to reference hardware components.";
reference
"RFC 8348";
}
typedef if-name-type {
type string {
length "1..255";
}
description
"This corresponds to the DisplayString textual
convention of SNMPv2-TC, which is used for ifName in the IF
MIB module.";
reference
"RFC 2863 (ifName)";
}
typedef direction {
type enumeration {
enum "ingress" {
value 0;
description
"This value is used for monitoring incoming packets.";
}
enum "egress" {
value 1;
description
"This value is used for monitoring outgoing packets.";
}
enum "both" {
value 2;
Boyd & Seda Expires September 10, 2020 [Page 118]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
description
"This value is used for monitoring incoming and outgoing
packets.";
}
}
description
"Direction of packets going through an interface.";
}
grouping observation-point-parameters {
description
"Interface as input to Observation Point.";
leaf observation-domain-id {
type uint32;
mandatory true;
description
"The Observation Domain ID associates the Observation Point
to an Observation Domain. Observation Points with identical
Observation Domain IDs belong to the same Observation
Domain.
Note that this parameter corresponds to
ipfixObservationPointObservationDomainId in the IPFIX MIB
module.";
reference
"RFC 7011; RFC 6615, Section 8
(ipfixObservationPointObservationDomainId)";
}
leaf-list interface-ref {
type if:interface-ref;
description
"List of interfaces of the Monitoring Device. The
Observation Point observes packets at the specified
interfaces.";
}
leaf-list if-name {
if-feature if-mib;
type if-name-type;
description
"List of names identifying interfaces of the Monitoring
Device. The Observation Point observes packets at the
specified interfaces.";
}
leaf-list if-index {
Boyd & Seda Expires September 10, 2020 [Page 119]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
if-feature if-mib;
type uint32;
description
"List of if-index values pointing to entries in the ifTable
of the IF-MIB module maintained by the Monitoring
Device. The Observation Point observes packets at the
specified interfaces.
This parameter SHOULD only be used if an SNMP agent enables
access to the ifTable.
Note that this parameter corresponds to
ipfixObservationPointPhysicalInterface in the IPFIX MIB
module.";
reference
"RFC 2863; RFC 6615, Section 8
(ipfixObservationPointPhysicalInterface)";
}
leaf-list hardware-ref {
type hardware-ref;
description
"List of hardware components of the Monitoring Device.
The Observation Points observes packets at the specified
hardware components.";
reference
"RFC 8348";
}
leaf-list ent-physical-name {
if-feature entity-mib;
type string;
description
"List of names identifying physical entities of the
Monitoring Device. The Observation Point observes packets
at the specified entities.";
}
leaf-list ent-physical-index {
if-feature entity-mib;
type uint32;
description
"List of ent-physical-index values pointing to entries in the
entPhysicalTable of the ENTITY-MIB module maintained by the
Monitoring Device. The Observation Point observes packets
at the specified entities.
This parameter SHOULD only be used if an SNMP agent enables
Boyd & Seda Expires September 10, 2020 [Page 120]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
access to the entPhysicalTable.
Note that this parameter corresponds to
ipfixObservationPointPhysicalEntity in the IPFIX MIB
module.";
reference
"RFC 33; RFC 6615, Section 8
(ipfixObservationPointPhysicalInterface)";
}
leaf direction {
type direction;
default "both";
description
"Direction of packets. If not applicable (e.g., in the case
of a sniffing interface in promiscuous mode), this
parameter is ignored.";
}
}
grouping samp-count-based-parameters {
description
"Configuration parameters of a Selector applying systematic
count-based packet Sampling to the packet stream.";
reference
"RFC 5475, Section 5.1; RFC 5476, Section 6.5.2.1.";
leaf packet-interval {
type uint32;
units "packets";
mandatory true;
description
"The number of packets that are consecutively sampled between
gaps of length packetSpace.
This parameter corresponds to the Information Element
samplingPacketInterval and to psampSampCountBasedInterval
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.2.2; RFC 6727, Section 6
(psampSampCountBasedInterval)";
}
leaf packet-space {
type uint32;
units "packets";
mandatory true;
description
Boyd & Seda Expires September 10, 2020 [Page 121]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
"The number of unsampled packets between two Sampling
intervals.
This parameter corresponds to the Information Element
samplingPacketSpace and to psampSampCountBasedSpace
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.2.3; RFC 6727, Section 6
(psampSampCountBasedSpace)";
}
}
grouping samp-time-based-parameters {
description
"Configuration parameters of a Selector applying systematic
time-based packet Sampling to the packet stream.";
reference
"RFC 5475, Section 5.1; RFC 5476, Section 6.5.2.2";
leaf time-interval {
type uint32;
units "microseconds";
mandatory true;
description
"The time interval in microseconds during which all arriving
packets are sampled between gaps of length timeSpace.
This parameter corresponds to the Information Element
samplingTimeInterval and to psampSampTimeBasedInterval
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.2.4; RFC 6727, Section 6
(psampSampTimeBasedInterval)";
}
leaf time-space {
type uint32;
units "microseconds";
mandatory true;
description
"The time interval in microseconds during which no packets
are sampled between two Sampling intervals specified by
timeInterval.
This parameter corresponds to the Information Element
samplingTimeInterval and to psampSampTimeBasedSpace
in the PSAMP MIB module.";
reference
Boyd & Seda Expires September 10, 2020 [Page 122]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
"RFC 5477, Section 8.2.5; RFC 6727, Section 6
(psampSampTimeBasedSpace)";
}
}
grouping samp-rand-out-of-n-parameters {
description
"Configuration parameters of a Selector applying n-out-of-N
packet Sampling to the packet stream.";
reference
"RFC 5475, Section 5.2.1; RFC 5476, Section 6.5.2.3.";
leaf size {
type uint32;
units "packets";
mandatory true;
description
"The number of elements taken from the parent population.
This parameter corresponds to the Information Element
samplingSize and to psampSampRandOutOfNSize in the PSAMP
MIB module.";
reference
"RFC 5477, Section 8.2.6; RFC 6727, Section 6
(psampSampRandOutOfNSize)";
}
leaf population {
type uint32;
units "packets";
mandatory true;
description
"The number of elements in the parent population.
This parameter corresponds to the Information Element
samplingPopulation and to psampSampRandOutOfNPopulation
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.2.7; RFC 6727, Section 6
(psampSampRandOutOfNPopulation)";
}
}
grouping samp-uni-prob-parameters {
description
"Configuration parameters of a Selector applying uniform
probabilistic packet Sampling (with equal probability per
packet) to the packet stream.";
Boyd & Seda Expires September 10, 2020 [Page 123]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
reference
"RFC 5475, Section 5.2.2.1;
RFC 5476, Section 6.5.2.4";
leaf probability {
type decimal64 {
fraction-digits 18;
range "0..1";
}
mandatory true;
description
"Probability that a packet is sampled, expressed as a value
between 0 and 1. The probability is equal for every
packet.
This parameter corresponds to the Information Element
samplingProbability and to psampSampUniProbProbability
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.2.8; RFC 6727, Section 6
(psampSampUniProbProbability)";
}
}
grouping filter-match-parameters {
description
"Configuration parameters of a Selector applying property match
Filtering to the packet stream.
The field to be matched is specified as an Information
Element.";
reference
"RFC 5475, Section 6.1; RFC 5476, Section 6.5.2.5";
choice information-element {
mandatory true;
description
"The Information Element field to be matched.";
case ie-name {
leaf ie-name {
type ipfix:ie-name-type;
description
"Name of the Information Element.";
}
}
case ie-id {
Boyd & Seda Expires September 10, 2020 [Page 124]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
leaf ie-id {
type ipfix:ie-id-type;
description
"ID of the Information Element.";
}
}
}
leaf ie-enterprise-number {
type uint32;
default '0';
description
"If this parameter is zero, the Information Element is
registered in the IANA registry of IPFIX Information
Elements.
If this parameter is configured with a non-zero private
enterprise number, the Information Element is
enterprise-specific.";
reference
"IANA registry for Private Enterprise Numbers,
http://www.iana.org/assignments/enterprise-numbers;
IANA registry for IPFIX Entities,
http://www.iana.org/assignments/ipfix.";
}
leaf value {
type string;
mandatory true;
description
"Matching value of the Information Element";
}
}
grouping filter-hash-parameters {
description
"Configuration parameters of a Selector applying hash-based
Filtering to the packet stream.";
reference
"RFC 5475, Section 6.2; RFC 5476, Section 6.5.2.6";
leaf hash-function {
type identityref {
base hash-function;
}
default 'bob';
description
"Hash function to be applied. According to RFC 5475,
Boyd & Seda Expires September 10, 2020 [Page 125]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
Section 6.2.4.1, 'BOB' must be used in order to be compliant
with PSAMP.
This parameter functionally corresponds to
psampFiltHashFunction in the PSAMP MIB module.";
reference
"RFC 6727, Section 6 (psampFiltHashFunction)";
}
leaf initializer-value {
type uint64;
description
"Initializer value to the hash function.
If not configured by the user, the Monitoring Device
arbitrarily chooses an initializer value.
This parameter corresponds to the Information Element
hashInitialiserValue and to psampFiltHashInitializerValue
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.3.9; RFC 6727, Section 6
(psampFiltHashInitializerValue)";
}
leaf ip-payload-offset {
type uint64;
units "octets";
default '0';
description
"IP payload offset indicating the position of the first
payload byte considered as input to the hash function.
Default value 0 corresponds to the minimum offset that
must be configurable according to RFC 5476, Section
6.5.2.6.
This parameter corresponds to the Information Element
hashIPPayloadOffset and to psampFiltHashIpPayloadOffset
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.3.2; RFC 6727, Section 6
(psampFiltHashIpPayloadOffset)";
}
leaf ip-payload-size {
type uint64;
units "octets";
default '8';
Boyd & Seda Expires September 10, 2020 [Page 126]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
description
"Number of IP payload bytes used as input to the hash
function, counted from the payload offset. If the IP
payload is shorter than the payload range, all available
payload octets are used as input.
Default value 8 corresponds to the minimum IP payload
size that must be configurable according to RFC 5476,
Section 6.5.2.6.
This parameter corresponds to the Information Element
hashIPPayloadSize and to psampFiltHashIpPayloadSize
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.3.3; RFC 6727, Section 6
(psampFiltHashIpPayloadSize)";
}
leaf digest-output {
type boolean;
default 'false';
description
"If true, the output from this Selector is included in the
Packet Report as a packet digest. Therefore, the configured
Cache Layout needs to contain a digestHashValue field.
This parameter corresponds to the Information Element
hashDigestOutput.";
reference
"RFC 5477, Section 8.3.8";
}
list selected-range {
key "name";
min-elements 1;
description
"List of hash function return ranges for which packets are
selected.";
leaf name {
type ipfix:name-type;
description
"An arbitrary string which uniquely identifies the
hash function's selected range.";
}
leaf min {
type uint64;
Boyd & Seda Expires September 10, 2020 [Page 127]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
description
"Beginning of the hash function's selected range.
This parameter corresponds to the Information Element
hashSelectedRangeMin and to psampFiltHashSelectedRangeMin
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.3.6; RFC 6727, Section 6
(psampFiltHashSelectedRangeMin)";
}
leaf max {
type uint64;
description
"End of the hash function's selected range.
This parameter corresponds to the Information Element
hashSelectedRangeMax and to psampFiltHashSelectedRangeMax
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.3.7; RFC 6727, Section 6
(psampFiltHashSelectedRangeMax)";
}
}
}
grouping filter-hash-parameters-state {
description
"Configuration parameters of a Selector applying hash-based
Filtering to the packet stream.";
reference
"RFC 5475, Section 6.2; RFC 5476, Section 6.5.2.6";
leaf output-range-min {
type uint64;
config false;
description
"Beginning of the hash function's potential range.
This parameter corresponds to the Information Element
hashOutputRangeMin and to psampFiltHashOutputRangeMin
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.3.4; RFC 6727, Section 6
(psampFiltHashOutputRangeMin)";
}
leaf output-range-max {
Boyd & Seda Expires September 10, 2020 [Page 128]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
type uint64;
config false;
description
"End of the hash function's potential range.
This parameter corresponds to the Information Element
hashOutputRangeMax and to psampFiltHashOutputRangeMax
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.3.5; RFC 6727, Section 6
(psampFiltHashOutputRangeMax)";
}
}
grouping selector-parameters {
description
"Configuration and state parameters of a Selector.";
choice method {
mandatory true;
description
"Packet selection method applied by the Selector.";
case select-all {
leaf select-all {
type empty;
description
"Method that selects all packets.";
}
}
case samp-count-based {
container samp-count-based {
if-feature psamp-samp-count-based;
description
"Systematic count-based packet Sampling.";
uses samp-count-based-parameters;
}
}
case samp-time-based {
container samp-time-based {
if-feature psamp-samp-time-based;
description
"Systematic time-based packet Sampling.";
uses samp-time-based-parameters;
Boyd & Seda Expires September 10, 2020 [Page 129]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
}
}
case samp-rand-out-of-n {
container samp-rand-out-of-n {
if-feature psamp-samp-rand-out-of-n;
description
"n-out-of-N packet Sampling.";
uses samp-rand-out-of-n-parameters;
}
}
case samp-uni-prob {
container samp-uni-prob {
if-feature psamp-samp-uni-prob;
description
"Uniform probabilistic packet Sampling.";
uses samp-uni-prob-parameters;
}
}
case filter-match {
container filter-match {
if-feature psamp-filter-match;
description
"Property match Filtering.";
uses filter-match-parameters;
}
}
case filter-hash {
container filter-hash {
if-feature psamp-filter-hash;
description
"Hash-based Filtering.";
uses filter-hash-parameters;
uses filter-hash-parameters-state;
}
}
}
}
grouping selector-parameters-state {
description
Boyd & Seda Expires September 10, 2020 [Page 130]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
"Configuration and state parameters of a Selector.";
leaf packets-observed {
type yang:counter64;
config false;
description
"The number of packets observed at the input of the
Selector.
If this is the first Selector in the Selection Process,
this counter corresponds to the total number of packets in
all Observed Packet Streams at the input of the Selection
Process. Otherwise, the counter corresponds to the total
number of packets at the output of the preceding Selector.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
selectorDiscontinuityTime.
Note that this parameter corresponds to
ipfixSelectorStatsPacketsObserved in the IPFIX MIB
module.";
reference
"RFC 6615, Section 8
(ipfixSelectorStatsPacketsObserved)";
}
leaf packets-dropped {
type yang:counter64;
config false;
description
"The total number of packets discarded by the Selector.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
selectorDiscontinuityTime.
Note that this parameter corresponds to
ipfixSelectorStatsPacketsDropped in the IPFIX MIB
module.";
reference
"RFC 6615, Section 8
(ipfixSelectorStatsPacketsDropped)";
}
leaf selector-discontinuity-time {
Boyd & Seda Expires September 10, 2020 [Page 131]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
type yang:date-and-time;
config false;
description
"Timestamp of the most recent occasion at which one or more
of the Selector counters suffered a discontinuity.
Note that this parameter functionally corresponds to
ipfixSelectionProcessStatsDiscontinuityTime in the IPFIX
MIB module. In contrast to
ipfixSelectionProcessStatsDiscontinuityTime, the time is
absolute and not relative to sysUpTime.";
reference
"RFC 6615, Section 8
(ipfixSelectionProcessStatsDiscontinuityTime)";
}
}
grouping cache-layout-parameters {
description
"Cache Layout parameters used by immediate cache, timeout
cache, natural cache, and permanent cache.";
container cache-layout {
description
"Cache Layout parameters.";
list cache-field {
key "name";
min-elements 1;
description
"Superset of fields that are included in the Packet Reports
or Flow Records generated by the Cache.";
leaf name {
type ipfix:name-type;
description
"An arbitrary string which uniquely identifies the
cache field.";
}
choice information-element {
mandatory true;
description
"The Information Element to be added to the template.";
reference
"RFC 7012, Section 2; IANA registry for IPFIX
Entities, http://www.iana.org/assignments/ipfix";
Boyd & Seda Expires September 10, 2020 [Page 132]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
case ie-name {
leaf ie-name {
type ipfix:ie-name-type;
description
"Name of the Information Element.";
}
}
case ie-id {
leaf ie-id {
type ipfix:ie-id-type;
description
"ID of the Information Element.";
}
}
}
leaf ie-length {
type uint16;
units "octets";
description
"Length of the field in which the Information Element is
encoded. A value of 65535 specifies a variable-length
Information Element. For Information Elements of integer
and float type, the field length MAY be set to a smaller
value than the standard length of the abstract data type
if the rules of reduced size encoding are fulfilled.
If not configured by the user, this parameter is set by
the Monitoring Device.";
reference
"RFC 7011, Section 6.2";
}
leaf ie-enterprise-number {
type uint32;
default '0';
description
"If this parameter is zero, the Information Element is
registered in the IANA registry of IPFIX Information
Elements.
If this parameter is configured with a non-zero private
enterprise number, the Information Element is
enterprise-specific.
If the enterprise number is set to 29305, this field
contains a Reverse Information Element. In this case,
Boyd & Seda Expires September 10, 2020 [Page 133]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
the Cache MUST generate Data Records in accordance to
RFC 5103.";
reference
"RFC 7011; RFC 5103;
IANA registry for Private Enterprise Numbers,
http://www.iana.org/assignments/enterprise-numbers;
IANA registry for IPFIX Entities,
http://www.iana.org/assignments/ipfix";
}
}
}
}
grouping flow-cache-base-parameters {
description
"Configuration parameters of a Cache generating Flow Records
which are common to all Cache types.";
leaf max-flows {
type uint32;
units "flows";
description
"This parameter configures the maximum number of Flows in the
Cache, which is the maximum number of Flows that can be
measured simultaneously.
The Monitoring Device MUST ensure that sufficient resources
are available to store the configured maximum number of
Flows.
If the maximum number of Flows is measured, an additional
Flow can be measured only if an existing entry is removed.
However, traffic that pertains to existing Flows can
continue to be measured.";
}
}
grouping flow-permanent-cache-parameters {
description
"Configuration parameters of a Permanent Cache generating Flow
Records.";
uses flow-cache-base-parameters;
leaf export-interval {
type uint32;
units "seconds";
description
Boyd & Seda Expires September 10, 2020 [Page 134]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
"This parameter configures the interval (in seconds) for
periodical export of Flow Records.
If not configured by the user, the Monitoring Device sets
this parameter.";
}
}
grouping flow-timeout-natural-cache-parameters {
description
"Configuration parameters of a Timeout or Natural Cache
generating Flow Records.";
uses flow-cache-base-parameters;
leaf active-timeout {
type uint32;
units "seconds";
description
"This parameter configures the time in seconds after which a
Flow is expired even though packets matching this Flow are
still received by the Cache.
The parameter value zero indicates infinity, meaning that
there is no active timeout.
If not configured by the user, the Monitoring Device sets
this parameter.
Note that this parameter corresponds to
ipfixMeteringProcessCacheActiveTimeout in the IPFIX
MIB module.";
reference
"RFC 6615, Section 8
(ipfixMeteringProcessCacheActiveTimeout)";
}
leaf idle-timeout {
type uint32;
units "seconds";
description
"This parameter configures the time in seconds after which a
Flow is expired if no more packets matching this Flow are
received by the Cache.
The parameter value zero indicates infinity, meaning that
there is no idle timeout.
Boyd & Seda Expires September 10, 2020 [Page 135]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
If not configured by the user, the Monitoring Device sets
this parameter.
Note that this parameter corresponds to
ipfixMeteringProcessCacheIdleTimeout in the IPFIX
MIB module.";
reference
"RFC 6615, Section 8
(ipfixMeteringProcessCacheIdleTimeout)";
}
}
grouping flow-cache-parameters-state {
description
"State parameters of a Cache generating Flow Records.";
leaf active-flows {
type yang:gauge32;
units "flows";
config false;
description
"The number of Flows currently active in this Cache.
Note that this parameter corresponds to
ipfixMeteringProcessCacheActiveFlows in the IPFIX MIB
module.";
reference
"RFC 6615, Section 8
(ipfixMeteringProcessCacheActiveFlows)";
}
leaf unused-cache-entries {
type yang:gauge32;
units "flows";
config false;
description
"The number of unused Cache entries in this Cache.
Note that this parameter corresponds to
ipfixMeteringProcessCacheUnusedCacheEntries in the IPFIX
MIB module.";
reference
"RFC 6615, Section 8
(ipfixMeteringProcessCacheUnusedCacheEntries)";
}
}
augment '/ipfix:ipfix' {
Boyd & Seda Expires September 10, 2020 [Page 136]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
description
"Augment IPFIX to add PSAMP.";
container psamp {
description
"Container for PSAMP nodes.";
list observation-point {
key "name";
description
"Observation Point of the Monitoring Device.";
leaf name {
type ipfix:name-type;
description
"An arbitrary string which uniquely identifies the
Observation Point.";
}
uses observation-point-parameters;
leaf-list selection-process {
type leafref {
path "/ipfix:ipfix/psamp/selection-process/name";
}
description
"Selection Processes in this list process packets in
parallel.";
}
leaf observation-point-id {
type uint32;
config false;
description
"Observation Point ID (i.e., the value of the Information
Element observationPointId) assigned by the Monitoring
Device.";
reference
"IANA registry for IPFIX Entities,
http://www.iana.org/assignments/ipfix";
}
}
list selection-process {
key "name";
description
"Selection Process of the Monitoring Device.";
Boyd & Seda Expires September 10, 2020 [Page 137]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
leaf name {
type ipfix:name-type;
description
"An arbitrary string which uniquely identifies the
Selectiong Process.";
}
list selector {
key "name";
min-elements 1;
ordered-by user;
description
"List of Selectors that define the action of the
Selection Process on a single packet. The Selectors
are serially invoked in the same order as they appear
in this list.";
leaf name {
type ipfix:name-type;
description
"Name of the selector.";
}
uses selector-parameters;
uses selector-parameters-state;
}
leaf cache {
type leafref {
path "/ipfix:ipfix/psamp/cache/name";
}
description
"Cache that receives the output of the Selection
Process.";
}
list selection-sequence {
config false;
description
"This list contains the Selection Sequence IDs that are
assigned by the Monitoring Device to distinguish
different Selection Sequences passing through the
Selection Process.
As Selection Sequence IDs are unique per Observation
Domain, the corresponding Observation Domain IDs are
included as well.
Boyd & Seda Expires September 10, 2020 [Page 138]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
With this information, it is possible to associate
Selection Sequence (Statistics) Report Interpretations
exported according to the PSAMP protocol with a
Selection Process in the configuration data.";
reference
"RFC 5476";
leaf observation-domain-id {
type uint32;
description
"Observation Domain ID for which the
Selection Sequence ID is assigned.";
}
leaf selection-sequence-id {
type uint64;
description
"Selection Sequence ID used in the Selection
Sequence (Statistics) Report Interpretation.";
}
}
}
list cache {
key "name";
description
"Cache of the Monitoring Device.";
leaf name {
type ipfix:name-type;
description
"An arbitrary string which uniquely identifies the
cache.";
}
leaf enabled {
type boolean;
default "true";
description
"If true, this cache is enabled and the specified data is
able to be exported.";
}
choice cache-type {
mandatory true;
description
"Type of Cache and specific parameters.";
Boyd & Seda Expires September 10, 2020 [Page 139]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
case immediate-cache {
container immediate-cache {
if-feature immediate-cache;
description
"Flow expiration after the first packet; generation
of Packet Records.";
uses cache-layout-parameters;
}
}
case timeout-cache {
container timeout-cache {
if-feature timeout-cache;
description
"Flow expiration after active and idle timeout;
generation of Flow Records.";
uses flow-timeout-natural-cache-parameters;
uses cache-layout-parameters {
augment "cache-layout/cache-field" {
description
"Augment the Cache layout with timeout cache
specific configuration.";
leaf is-flow-key {
when
"../ie-enterprise-number != 29305" {
description
"This parameter is not available for Reverse
Information Elements (which have enterprise
number 29305).";
}
type empty;
description
"If present, this is a flow key.";
}
}
}
uses flow-cache-parameters-state;
}
}
case natural-cache {
container natural-cache {
if-feature natural-cache;
description
Boyd & Seda Expires September 10, 2020 [Page 140]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
"Flow expiration after active and idle timeout, or on
natural termination (e.g., TCP FIN or TCP RST) of
the Flow; generation of Flow Records.";
uses flow-timeout-natural-cache-parameters;
uses cache-layout-parameters {
augment "cache-layout/cache-field" {
description
"Augment the Cache layout with timeout cache
specific configuration.";
leaf is-flow-key {
when
"../ie-enterprise-number != 29305" {
description
"This parameter is not available for Reverse
Information Elements (which have enterprise
number 29305).";
}
type empty;
description
"If present, this is a flow key.";
}
}
}
uses flow-cache-parameters-state;
}
}
case permanent-cache {
container permanent-cache {
if-feature permanent-cache;
description
"No flow expiration, periodical export with time
interval exportInterval; generation of Flow
Records.";
uses flow-permanent-cache-parameters;
uses cache-layout-parameters {
augment "cache-layout/cache-field" {
description
"Augment the Cache layout with timeout cache
specific configuration.";
leaf is-flow-key {
when
"../ie-enterprise-number != 29305" {
description
"This parameter is not available for Reverse
Boyd & Seda Expires September 10, 2020 [Page 141]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
Information Elements (which have enterprise
number 29305).";
}
type empty;
description
"If present, this is a flow key.";
}
}
}
uses flow-cache-parameters-state;
}
}
}
leaf-list exporting-process {
if-feature ipfix:exporter;
type leafref {
path "/ipfix:ipfix"
+ "/ipfix:exporting-process"
+ "/ipfix:name";
}
description
"Records are exported by all Exporting Processes in the
list.";
}
leaf metering-process-id {
type uint32;
config false;
description
"The identifier of the Metering Process this Cache
belongs to.
This parameter corresponds to the Information Element
meteringProcessId. Its occurrence helps to associate
Cache parameters with Metering Process statistics
exported by the Monitoring Device using the Metering
Process (Reliability) Statistics Template as
defined by the IPFIX protocol specification.";
reference
"RFC 7011, Sections 4.1 and 4.2;
IANA registry for IPFIX Entities,
http://www.iana.org/assignments/ipfix";
}
leaf data-records {
type yang:counter64;
units "Data Records";
Boyd & Seda Expires September 10, 2020 [Page 142]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
config false;
description
"The number of Data Records generated by this Cache.
Discontinuities in the value of this counter can occur
at re-initialization of the management system, and at
other times as indicated by the value of
cacheDiscontinuityTime.
Note that this parameter corresponds to
ipfixMeteringProcessDataRecords in the IPFIX MIB
module.";
reference
"RFC 6615, Section 8
(ipfixMeteringProcessDataRecords)";
}
leaf cache-discontinuity-time {
type yang:date-and-time;
config false;
description
"Timestamp of the most recent occasion at which the
counter dataRecords suffered a discontinuity.
Note that this parameter functionally corresponds to
ipfixMeteringProcessDiscontinuityTime in the IPFIX MIB
module. In contrast to
ipfixMeteringProcessDiscontinuityTime, the time is
absolute and not relative to sysUpTime.";
reference
"RFC 6615, Section 8
(ipfixMeteringProcessDiscontinuityTime)";
}
}
}
}
}
<CODE ENDS>
6.3. ietf-ipfix-bulk-data-export
6.3.1. ietf-ipfix-bulk-data-export Module Structure
This document defines the YANG module "ietf-ipfix-bulk-data-export",
which has the following tentative structure:
Boyd & Seda Expires September 10, 2020 [Page 143]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
module: ietf-ipfix-bulk-data-export
augment /ipfix:ipfix:
+--rw bulk-data-export
+--rw template* [name]
+--rw name ipfix:name-type
+--rw enabled? boolean
+--rw export-interval? uint32
+--rw observation-domain-id? uint32
+--rw field-layout
| ...
+--rw exporting-process*
| -> /ipfix:ipfix/exporting-process/name
| {ipfix:exporter}?
+--rw (resource-identifier)?
| ...
+--ro data-records? yang:counter64
+--ro discontinuity-time? yang:date-and-time
6.3.2. ietf-ipfix-bulk-data-export YANG module
This YANG Module imports typedefs from [RFC6991].
<CODE BEGINS> file "ietf-ipfix-bulk-data-export@2018-11-15.yang"
module ietf-ipfix-bulk-data-export {
yang-version 1.1;
namespace
"urn:ietf:params:xml:ns:yang:ietf-ipfix-bulk-data-export";
prefix ibde;
import ietf-yang-types {
prefix yang;
reference
"RFC 6991: Common YANG Data Types";
}
import ietf-ipfix {
prefix ipfix;
reference
"RFC XXXX: YANG Data Models for the IP Flow Information Export
(IPFIX) Protocol, Packet Sampling (PSAMP) Protocol, and Bulk
Data Export";
}
organization
"IETF";
Boyd & Seda Expires September 10, 2020 [Page 144]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
contact
"Web: TBD
List: TBD
Editor: Joey Boyd
<mailto:joey.boyd@adtran.com>
Editor: Marta Seda
<mailto:marta.seda@calix.com>";
// RFC Ed.: replace XXXX with actual RFC numbers and
// remove this note.
description
"This module contains a collection of YANG definitions for the
management exporting bulk data over IPFIX.
This data model is designed for the Network Management Datastore
Architecture defined in RFC 8342.
The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
'MAY', and 'OPTIONAL' in this document are to be interpreted as
described in BCP 14 (RFC 2119) (RFC 8174) when, and only when,
they appear in all capitals, as shown here.
Copyright (c) 2019 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject to
the license terms contained in, the Simplified BSD License set
forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(https://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX
(https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself
for full legal notices.";
revision 2020-03-05 {
description
"Initial revision.";
reference
"RFC XXXX: YANG Data Models for the IP Flow Information Export
(IPFIX) Protocol, Packet Sampling (PSAMP) Protocol,
and Bulk Data Export";
}
Boyd & Seda Expires September 10, 2020 [Page 145]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
feature bulk-data {
description
"If supported, bulk data templates can be configured.";
}
typedef resource {
type instance-identifier {
require-instance false;
}
description
"A resource from which bulk data will be exported.";
}
grouping bulk-data-template-parameters {
description
"Field Layout parameters.";
leaf observation-domain-id {
type uint32;
default 0;
description
"An identifier of an Observation Domain that is locally
unique to an Exporting Process (see RFC 7011 Section 3.1).
Typically, this Information Element is for limiting the
scope of other Information Elements.
A value of 0 indicates that no specific Observation Domain
is identified by this Information Element.";
}
container field-layout {
description
"Field Layout parameters.";
list field {
key name;
min-elements 1;
description
"Superset of statistics field names or special field-names
(e.g., timestamps, etc) for interpreting statistics that
are included in the Packet Reports or Flow Records
generated by the device.";
leaf name {
type ipfix:name-type;
description
"An arbitrary string which uniquely identifies the
Boyd & Seda Expires September 10, 2020 [Page 146]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
field.";
}
choice identifier {
mandatory true;
description
"The Information Element to be added to the template.";
case ie-name {
leaf ie-name {
type ipfix:ie-name-type;
description
"Name of the Information Element.";
}
}
case ie-id {
leaf ie-id {
type ipfix:ie-id-type;
description
"ID of the Information Element.";
}
}
}
leaf ie-length {
type uint16;
units octets;
description
"Length of the field in which the Information Element is
encoded. A value of 65535 specifies a variable-length
Information Element. For Information Elements of
integer and float type, the field length MAY be set to a
smaller value than the standard length of the abstract
data type if the rules of reduced size encoding are
fulfilled.
If not configured by the user, this parameter is set by
the Monitoring Device.";
reference
"RFC 7011, Section 6.2";
}
leaf ie-enterprise-number {
type uint32;
default 0;
description
"If this parameter is zero, the Information Element is
Boyd & Seda Expires September 10, 2020 [Page 147]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
registered in the IANA registry of IPFIX Information
Elements or unspecified (if the Informational Element is
not IANA registered).
If this parameter is configured with a non-zero private
enterprise number, the Information Element is
enterprise-specific.";
reference
"RFC 7011; RFC 5103;
IANA registry for Private Enterprise Numbers,
http://www.iana.org/assignments/enterprise-numbers;
IANA registry for IPFIX Entities,
http://www.iana.org/assignments/ipfix";
}
}
}
}
augment "/ipfix:ipfix" {
description
"Augment IPFIX to add bulk data.";
container bulk-data-export {
description
"Container for bulk data export nodes.";
list template {
key name;
description
"List of bulk data templates of the Monitoring Device.";
leaf name {
type ipfix:name-type;
description
"An arbitrary string which uniquely identifies the
bulk data template.";
}
leaf enabled {
type boolean;
default "true";
description
"If true, this template is enabled and the specified
data is able to be exported.";
}
leaf export-interval {
type uint32;
Boyd & Seda Expires September 10, 2020 [Page 148]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
units "seconds";
description
"This parameter configures the interval (in seconds) for
periodical export of Flow Records.
If not configured by the user, the Monitoring Device
sets this parameter.";
}
uses bulk-data-template-parameters;
leaf-list exporting-process {
if-feature ipfix:exporter;
type leafref {
path "/ipfix:ipfix"
+ "/ipfix:exporting-process"
+ "/ipfix:name";
}
description
"Records are exported by all Exporting Processes in the
list.";
}
choice resource-identifier {
description
"Method to select the resources from which the records
are to be exported.";
case resource-instance {
leaf-list resource-instance {
type resource;
description
"Records are sourced from all the resources in
this list.";
}
}
}
leaf data-records {
type yang:counter64;
units "Data Records";
config false;
description
"The number of Data Records generated for this sampling
template.
Discontinuities in the value of this counter can occur
at re-initialization of the management system, and at
Boyd & Seda Expires September 10, 2020 [Page 149]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
other times as indicated by the value of Discontinuity
Time.";
}
leaf discontinuity-time {
type yang:date-and-time;
config false;
description
"Timestamp of the most recent occasion at which the
counter data records suffered a discontinuity.";
}
}
}
}
}
<CODE ENDS>
7. IANA Considerations
This document registers 3 URIs in the "IETF XML Registry".
[RFC3688]. Following the format in RFC 3688, the following
registrations have been made.
URI: urn:ietf:params:xml:ns:yang:ietf-ipfix
Registrant Contact: The IESG.
XML: N/A, the requested URI is an XML namespace.
URI: urn:ietf:params:xml:ns:yang:ietf-ipfix-packet-sampling
Registrant Contact: The IESG.
XML: N/A, the requested URI is an XML namespace.
URI: urn:ietf:params:xml:ns:yang:ietf-ipfix-bulk-data-export
Registrant Contact: The IESG.
XML: N/A, the requested URI is an XML namespace.
This document registers 3 YANG modules in the "YANG Module Names"
registry. Following the format in [RFC7950], the following have been
registered.
Name: ietf-ipfix
Namespace: urn:ietf:params:xml:ns:yang:ietf-ipfix
Prefix: ietf-ipfix
Reference: RFC XXXX: YANG Data Models for the IP Flow Information
Export (IPFIX) Protocol, Packet Sampling (PSAMP) Protocol,
and Bulk Data Export
Boyd & Seda Expires September 10, 2020 [Page 150]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
Name: ietf-ipfix-packet-sampling
Namespace: urn:ietf:params:xml:ns:yang:ietf-ipfix-packet-sampling
Prefix: ietf-ipfix-packet-sampling
Reference: RFC XXXX: YANG Data Models for the IP Flow Information
Export (IPFIX) Protocol, Packet Sampling (PSAMP) Protocol,
and Bulk Data Export
Name: ietf-ipfix-bulk-data-export
Namespace: urn:ietf:params:xml:ns:yang:ietf-ipfix-bulk-data-export
Prefix: ietf-bde
Reference: RFC XXXX: YANG Data Models for the IP Flow Information
Export (IPFIX) Protocol, Packet Sampling (PSAMP) Protocol,
and Bulk Data Export
8. Security Considerations
The YANG module specified in this document defines a schema for data
that is designed to be accessed via network management protocols such
as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer
is the secure transport layer, and the mandatory-to-implement secure
transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer
is HTTPS, and the mandatory-to-implement secure transport is TLS
[RFC8446].
The NETCONF access control model [RFC8341] provides the means to
restrict access for particular NETCONF or RESTCONF users to a
preconfigured subset of all available NETCONF or RESTCONF protocol
operations and content.
There are a number of data nodes defined in this YANG module that are
writable/creatable/deletable (i.e., config true, which is the
default). These data nodes may be considered sensitive or vulnerable
in some network environments. Write operations (e.g., NETCONF edit-
config) to these data nodes without proper protection can have a
negative effect on network operations. These are the subtrees and
data nodes and their sensitivity/vulnerability:
o /ipfix/psamp/observation-point: The configuration parameters in
this subtree specify where packets are observed and by which
Selection Processes they will be processed. Write access to this
subtree allows observing packets at arbitrary interfaces or
linecards of the Monitoring Device and may thus lead to the export
of sensitive traffic information.
o /ipfix/psamp/selection-process: The configuration parameters in
this subtree specify for which packets information will be
reported in Packet Reports or Flow Records. Write access to this
subtree allows changing the subset of packets for which
Boyd & Seda Expires September 10, 2020 [Page 151]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
information will be reported and may thus lead to the export of
sensitive traffic information.
o /ipfix/psamp/cache: The configuration parameters in this subtree
specify the fields included in Packet Reports or Flow Records.
Write access to this subtree allows adding fields which may
contain sensitive traffic information, such as IP addresses or
parts of the packet payload.
o /ipfix/exporting-process: The configuration parameters in this
subtree specify to which Collectors Packet Reports or Flow Records
are exported. Write access to this subtree allows exporting
potentially sensitive traffic information to illegitimate
Collectors. Furthermore, TLS/DTLS parameters can be changed,
which may affect the mutual authentication between Exporters and
Collectors as well as the encrypted transport of the data.
o /ipfix/collecting-process: The configuration parameters in this
subtree may specify that collected Packet Reports and Flow Records
are reexported to another Collector or written to a file. Write
access to this subtree potentially allows reexporting or storing
the sensitive traffic information.
o /ipfix/bulk-data-export/template: The configuration parameters in
this subtree specify the fields included in the bulk data export.
Write access to this subtree allows adding fields which may cause
export of sensitive configuration and/or statistics.
Some of the readable data nodes in this YANG module may be considered
sensitive or vulnerable in some network environments. It is thus
important to control read access (e.g., via get, get-config, or
notification) to these data nodes. These are the subtrees and data
nodes and their sensitivity/vulnerability:
o /ipfix/psamp/observation-point: Parameters in this subtree may be
sensitive because they reveal information about the Monitoring
Device itself and the network infrastructure.
o /ipfix/psamp/selection-process: Parameters in this subtree may be
sensitive because they reveal information about the Monitoring
Device itself and the observed traffic. For example, the counters
packetsObserved and packetsDropped inferring the number of
observed packets.
o /ipfix/psamp/cache: Parameters in this subtree may be sensitive
because they reveal information about the Monitoring Device itself
and the observed traffic. For example, the counters activeFlows
Boyd & Seda Expires September 10, 2020 [Page 152]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
and dataRecords allow inferring the number of measured Flows or
packets.
o /ipfix/exporting-process: Parameters in this subtree may be
sensitive because they reveal information about the network
infrastructure and the outgoing IPFIX Transport Sessions. For
example, it discloses the IP addresses of Collectors as well as
the deployed TLS/DTLS configuration, which may facilitate the
interception of outgoing IPFIX Messages.
o /ipfix/collecting-process: Parameters in this subtree may be
sensitive because they reveal information about the network
infrastructure and the incoming IPFIX Transport Sessions. For
example, it discloses the IP addresses of Exporters as well as the
deployed TLS/DTLS configuration, which may facilitate the
interception of incoming IPFIX Messages.
9. Acknowledgments
The authors would like to thank Anand Arokiaraj and William Lupton
for their contributions towards creation of this document and
associated YANG data models.
10. References
10.1. Normative References
[RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group
MIB", RFC 2863, DOI 10.17487/RFC2863, June 2000,
<https://www.rfc-editor.org/info/rfc2863>.
[RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
DOI 10.17487/RFC3688, January 2004,
<https://www.rfc-editor.org/info/rfc3688>.
[RFC3758] Stewart, R., Ramalho, M., Xie, Q., Tuexen, M., and P.
Conrad, "Stream Control Transmission Protocol (SCTP)
Partial Reliability Extension", RFC 3758,
DOI 10.17487/RFC3758, May 2004,
<https://www.rfc-editor.org/info/rfc3758>.
[RFC3871] Jones, G., Ed., "Operational Security Requirements for
Large Internet Service Provider (ISP) IP Network
Infrastructure", RFC 3871, DOI 10.17487/RFC3871, September
2004, <https://www.rfc-editor.org/info/rfc3871>.
Boyd & Seda Expires September 10, 2020 [Page 153]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
[RFC4960] Stewart, R., Ed., "Stream Control Transmission Protocol",
RFC 4960, DOI 10.17487/RFC4960, September 2007,
<https://www.rfc-editor.org/info/rfc4960>.
[RFC5103] Trammell, B. and E. Boschi, "Bidirectional Flow Export
Using IP Flow Information Export (IPFIX)", RFC 5103,
DOI 10.17487/RFC5103, January 2008,
<https://www.rfc-editor.org/info/rfc5103>.
[RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S.,
Housley, R., and W. Polk, "Internet X.509 Public Key
Infrastructure Certificate and Certificate Revocation List
(CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008,
<https://www.rfc-editor.org/info/rfc5280>.
[RFC5475] Zseby, T., Molina, M., Duffield, N., Niccolini, S., and F.
Raspall, "Sampling and Filtering Techniques for IP Packet
Selection", RFC 5475, DOI 10.17487/RFC5475, March 2009,
<https://www.rfc-editor.org/info/rfc5475>.
[RFC5476] Claise, B., Ed., Johnson, A., and J. Quittek, "Packet
Sampling (PSAMP) Protocol Specifications", RFC 5476,
DOI 10.17487/RFC5476, March 2009,
<https://www.rfc-editor.org/info/rfc5476>.
[RFC5477] Dietz, T., Claise, B., Aitken, P., Dressler, F., and G.
Carle, "Information Model for Packet Sampling Exports",
RFC 5477, DOI 10.17487/RFC5477, March 2009,
<https://www.rfc-editor.org/info/rfc5477>.
[RFC5610] Boschi, E., Trammell, B., Mark, L., and T. Zseby,
"Exporting Type Information for IP Flow Information Export
(IPFIX) Information Elements", RFC 5610,
DOI 10.17487/RFC5610, July 2009,
<https://www.rfc-editor.org/info/rfc5610>.
[RFC5655] Trammell, B., Boschi, E., Mark, L., Zseby, T., and A.
Wagner, "Specification of the IP Flow Information Export
(IPFIX) File Format", RFC 5655, DOI 10.17487/RFC5655,
October 2009, <https://www.rfc-editor.org/info/rfc5655>.
[RFC6347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer
Security Version 1.2", RFC 6347, DOI 10.17487/RFC6347,
January 2012, <https://www.rfc-editor.org/info/rfc6347>.
Boyd & Seda Expires September 10, 2020 [Page 154]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
[RFC6526] Claise, B., Aitken, P., Johnson, A., and G. Muenz, "IP
Flow Information Export (IPFIX) Per Stream Control
Transmission Protocol (SCTP) Stream", RFC 6526,
DOI 10.17487/RFC6526, March 2012,
<https://www.rfc-editor.org/info/rfc6526>.
[RFC6615] Dietz, T., Ed., Kobayashi, A., Claise, B., and G. Muenz,
"Definitions of Managed Objects for IP Flow Information
Export", RFC 6615, DOI 10.17487/RFC6615, June 2012,
<https://www.rfc-editor.org/info/rfc6615>.
[RFC6727] Dietz, T., Ed., Claise, B., and J. Quittek, "Definitions
of Managed Objects for Packet Sampling", RFC 6727,
DOI 10.17487/RFC6727, October 2012,
<https://www.rfc-editor.org/info/rfc6727>.
[RFC6933] Bierman, A., Romascanu, D., Quittek, J., and M.
Chandramouli, "Entity MIB (Version 4)", RFC 6933,
DOI 10.17487/RFC6933, May 2013,
<https://www.rfc-editor.org/info/rfc6933>.
[RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types",
RFC 6991, DOI 10.17487/RFC6991, July 2013,
<https://www.rfc-editor.org/info/rfc6991>.
[RFC7011] Claise, B., Ed., Trammell, B., Ed., and P. Aitken,
"Specification of the IP Flow Information Export (IPFIX)
Protocol for the Exchange of Flow Information", STD 77,
RFC 7011, DOI 10.17487/RFC7011, September 2013,
<https://www.rfc-editor.org/info/rfc7011>.
[RFC7012] Claise, B., Ed. and B. Trammell, Ed., "Information Model
for IP Flow Information Export (IPFIX)", RFC 7012,
DOI 10.17487/RFC7012, September 2013,
<https://www.rfc-editor.org/info/rfc7012>.
[RFC7119] Claise, B., Kobayashi, A., and B. Trammell, "Operation of
the IP Flow Information Export (IPFIX) Protocol on IPFIX
Mediators", RFC 7119, DOI 10.17487/RFC7119, February 2014,
<https://www.rfc-editor.org/info/rfc7119>.
[RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language",
RFC 7950, DOI 10.17487/RFC7950, August 2016,
<https://www.rfc-editor.org/info/rfc7950>.
Boyd & Seda Expires September 10, 2020 [Page 155]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
[RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K.,
and R. Wilton, "Network Management Datastore Architecture
(NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018,
<https://www.rfc-editor.org/info/rfc8342>.
[RFC8343] Bjorklund, M., "A YANG Data Model for Interface
Management", RFC 8343, DOI 10.17487/RFC8343, March 2018,
<https://www.rfc-editor.org/info/rfc8343>.
[RFC8348] Bierman, A., Bjorklund, M., Dong, J., and D. Romascanu, "A
YANG Data Model for Hardware Management", RFC 8348,
DOI 10.17487/RFC8348, March 2018,
<https://www.rfc-editor.org/info/rfc8348>.
10.2. Informative References
[BBF.TR-352]
Broadband Forum, "Multi-wavelength PON Inter-Channel-
Termination Protocol (ICTP) Specification", May 2017,
<https://www.broadband-forum.org/technical/download/TR-
352.pdf>.
[IANA-ENTERPRISE-NUMBERS]
IANA, "Private Enterprise Numbers",
<https://www.iana.org/assignments/enterprise-numbers>.
[IANA-IPFIX]
IANA, "IP Flow Information Export (IPFIX) Entities",
<https://www.iana.org/assignments/ipfix>.
[RFC1141] Mallory, T. and A. Kullberg, "Incremental updating of the
Internet checksum", RFC 1141, DOI 10.17487/RFC1141,
January 1990, <https://www.rfc-editor.org/info/rfc1141>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
[RFC3954] Claise, B., Ed., "Cisco Systems NetFlow Services Export
Version 9", RFC 3954, DOI 10.17487/RFC3954, October 2004,
<https://www.rfc-editor.org/info/rfc3954>.
[RFC5473] Boschi, E., Mark, L., and B. Claise, "Reducing Redundancy
in IP Flow Information Export (IPFIX) and Packet Sampling
(PSAMP) Reports", RFC 5473, DOI 10.17487/RFC5473, March
2009, <https://www.rfc-editor.org/info/rfc5473>.
Boyd & Seda Expires September 10, 2020 [Page 156]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
[RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed.,
and A. Bierman, Ed., "Network Configuration Protocol
(NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011,
<https://www.rfc-editor.org/info/rfc6241>.
[RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure
Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011,
<https://www.rfc-editor.org/info/rfc6242>.
[RFC6728] Muenz, G., Claise, B., and P. Aitken, "Configuration Data
Model for the IP Flow Information Export (IPFIX) and
Packet Sampling (PSAMP) Protocols", RFC 6728,
DOI 10.17487/RFC6728, October 2012,
<https://www.rfc-editor.org/info/rfc6728>.
[RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF
Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017,
<https://www.rfc-editor.org/info/rfc8040>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams",
BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018,
<https://www.rfc-editor.org/info/rfc8340>.
[RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration
Access Control Model", STD 91, RFC 8341,
DOI 10.17487/RFC8341, March 2018,
<https://www.rfc-editor.org/info/rfc8341>.
[RFC8407] Bierman, A., "Guidelines for Authors and Reviewers of
Documents Containing YANG Data Models", BCP 216, RFC 8407,
DOI 10.17487/RFC8407, October 2018,
<https://www.rfc-editor.org/info/rfc8407>.
[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
<https://www.rfc-editor.org/info/rfc8446>.
Appendix A. Example: ietf-ipfix Usage
This configuration example configures an IPFIX exporter for a
[BBF.TR-352] ICTP Proxy.
Boyd & Seda Expires September 10, 2020 [Page 157]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
<ipfix xmlns="urn:ietf:params:xml:ns:yang:ietf-ipfix">
<exporting-process>
<name>TR352-exporter</name>
<enabled>true</enabled>
<destination>
<name>ICTP-Proxy1-collector</name>
<tcp-exporter>
<source>
<source-address>192.100.2.1</source-address>
</source>
<destination>
<destination-address>proxy1.sys.com</destination-address>
</destination>
</tcp-exporter>
</destination>
<options>
<name>Options 1</name>
<options-type>extended-type-information</options-type>
<options-timeout>0</options-timeout>
</options>
</exporting-process>
</ipfix>
This configuration example configures an IPFIX mediator.
Boyd & Seda Expires September 10, 2020 [Page 158]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
<ipfix xmlns="urn:ietf:params:xml:ns:yang:ietf-ipfix">
<collecting-process>
<name>OLT-collector</name>
<tcp-collector>
<name>myolt-tcp-collector</name>
<local-address>192.100.2.1</local-address>
</tcp-collector>
<exporting-process>OLT-exporter</exporting-process>
</collecting-process>
<exporting-process>
<name>OLT-exporter</name>
<enabled>true</enabled>
<destination>
<name>big-collector</name>
<tcp-exporter>
<source>
<source-address>192.100.2.1</source-address>
</source>
<destination>
<destination-address>collect1.sys.com</destination-address>
</destination>
</tcp-exporter>
</destination>
<options>
<name>Options 1</name>
<options-type>extended-type-information</options-type>
<options-timeout>0</options-timeout>
</options>
</exporting-process>
</ipfix>
Appendix B. Example: ietf-ipfix-packet-sampling Usage
This configuration example configures two Observation Points
capturing ingress traffic at eth0 and all traffic at eth1. Both
Observed Packet Streams enter two different Selection Processes. The
first Selection Process implements a Composite Selector of a filter
for UDP packets and a random sampler. The second Selection Process
implements a Primitive Selector of an ICMP filter. The Selected
Packet Streams of both Selection Processes enter the same Cache. The
Cache generates a PSAMP Packet Report for every selected packet.
The associated Exporting Process exports to a Collector using PR-SCTP
and DTLS. The TLS/DTLS parameters specify that the collector must
supply a certificate for the FQDN collector.example.net. Valid
certificates from any certification authority will be accepted. As
the destination transport port is omitted, the standard IPFIX-over-
DTLS port 4740 is used.
Boyd & Seda Expires September 10, 2020 [Page 159]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
The parameters of the Selection Processes are reported as Selection
Sequence Report Interpretations and Selector Report Interpretations
[RFC5476]. There will be two Selection Sequence Report
Interpretations per Selection Process, one for each Observation
Point. Selection Sequence Statistics Report Interpretations are
exported every 30 seconds (30000 milliseconds).
<ipfix xmlns="urn:ietf:params:xml:ns:yang:ietf-ipfix">
<psamp xmlns=
"urn:ietf:params:xml:ns:yang:ietf-ipfix-packet-sampling">
<observation-point>
<name>OP at eth0 (ingress)</name>
<observation-domain-id>123</observation-domain-id>
<interface-ref>eth0</interface-ref>
<direction>ingress</direction>
<selection-process>Sampled UDP packets</selection-process>
<selection-process>ICMP packets</selection-process>
</observation-point>
<observation-point>
<name>OP at eth1</name>
<observation-domain-id>123</observation-domain-id>
<interface-ref>eth1</interface-ref>
<selection-process>Sampled UDP packets</selection-process>
<selection-process>ICMP packets</selection-process>
</observation-point>
<selection-process>
<name>Sampled UDP packets</name>
<selector>
<name>UDP filter</name>
<filter-match>
<ie-id>4</ie-id>
<value>17</value>
</filter-match>
</selector>
<selector>
<name>10-out-of-100 sampler</name>
<samp-rand-out-of-n>
<size>10</size>
<population>100</population>
</samp-rand-out-of-n>
</selector>
<cache>PSAMP cache</cache>
</selection-process>
<selection-process>
<name>ICMP packets</name>
Boyd & Seda Expires September 10, 2020 [Page 160]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
<selector>
<name>ICMP filter</name>
<filter-match>
<ie-id>4</ie-id>
<value>1</value>
</filter-match>
</selector>
<cache>PSAMP cache</cache>
</selection-process>
<cache>
<name>PSAMP cache</name>
<immediate-cache>
<cache-layout>
<cache-field>
<name>Field 1: ipHeaderPacketSection</name>
<ie-id>313</ie-id>
<ie-length>64</ie-length>
</cache-field>
<cache-field>
<name>Field 2: observationTimeMilliseconds</name>
<ie-id>322</ie-id>
</cache-field>
</cache-layout>
</immediate-cache>
<exporting-process>The only exporter</exporting-process>
</cache>
</psamp>
<exporting-process>
<name>The only exporter</name>
<enabled>true</enabled>
<destination>
<name>PR-SCTP collector</name>
<sctp-exporter>
<destination>
<destination-address>192.0.2.1</destination-address>
</destination>
<rate-limit>1000000</rate-limit>
<timed-reliability>500</timed-reliability>
<transport-layer-security>
<remote-subject-fqdn>coll-1.ex.net</remote-subject-fqdn>
</transport-layer-security>
</sctp-exporter>
</destination>
<options>
<name>Options 1</name>
<options-type>selection-sequence</options-type>
Boyd & Seda Expires September 10, 2020 [Page 161]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
<options-timeout>0</options-timeout>
</options>
<options>
<name>Options 2</name>
<options-type>selection-statistics</options-type>
<options-timeout>30000</options-timeout>
</options>
</exporting-process>
</ipfix>
Appendix C. Example: ietf-ipfix-bulk-data-export Usage
The configuration example configures a field-layout template to
export Ethernet statistics from eth0 and eth1.
Boyd & Seda Expires September 10, 2020 [Page 162]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
<ipfix xmlns="urn:ietf:params:xml:ns:yang:ietf-ipfix"
xmlns:if="urn:ietf:params:xml:ns:yang:ietf-interfaces">
<bulk-data-export xmlns=
"urn:ietf:params:xml:ns:yang:ietf-ipfix-bulk-data-export">
<template>
<name>Ethernet Statistics</name>
<enabled>true</enabled>
<export-interval>300</export-interval>
<observation-domain-id>123</observation-domain-id>
<field-layout>
<field>
<name>in-octets</name>
<ie-id>1001</ie-id>
<ie-length>4</ie-length>
<ie-enterprise-number>664</ie-enterprise-number>
</field>
<field>
<name>out-octets</name>
<ie-id>1002</ie-id>
<ie-length>4</ie-length>
<ie-enterprise-number>664</ie-enterprise-number>
</field>
</field-layout>
<exporting-process>The only one</exporting-process>
<resource-instance>/if:interfaces/if:interface[if:name='eth0']
</resource-instance>
<resource-instance>/if:interfaces/if:interface[if:name='eth1']
</resource-instance>
</template>
</bulk-data-export>
<exporting-process>
<name>The only one</name>
<enabled>true</enabled>
<destination>
<name>Bulk data collector</name>
<tcp-exporter>
<destination>
<destination-address>192.0.2.2</destination-address>
</destination>
<rate-limit>1000000</rate-limit>
<transport-layer-security>
<remote-subject-fqdn>coll-2.ex.net</remote-subject-fqdn>
</transport-layer-security>
</tcp-exporter>
</destination>
</exporting-process>
</ipfix>
Boyd & Seda Expires September 10, 2020 [Page 163]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
Appendix D. Tree diagrams
D.1. ietf-ipfix
The complete tree diagram for ietf-ipfix:
module: ietf-ipfix
+--rw ipfix
+--rw collecting-process* [name] {collector}?
| +--rw name name-type
| +--rw tcp-collector* [name] {tcp-transport}?
| | +--rw name name-type
| | +--rw (local-address-method)?
| | | +--:(local-address)
| | | +--rw local-address* inet:host
| | +--rw local-port? inet:port-number
| | +--rw transport-layer-security!
| | | +--rw local-certification-authority-dn* string
| | | +--rw local-subject-dn* string
| | | +--rw local-subject-fqdn*
| | | | inet:domain-name
| | | +--rw remote-certification-authority-dn* string
| | | +--rw remote-subject-dn* string
| | | +--rw remote-subject-fqdn*
| | | inet:domain-name
| | +--ro transport-session* [name]
| | +--ro name name-type
| | +--ro ipfix-version? uint16
| | +--ro source-address? inet:host
| | +--ro destination-address? inet:host
| | +--ro source-port?
| | | inet:port-number
| | +--ro destination-port?
| | | inet:port-number
| | +--ro status?
| | | transport-session-status
| | +--ro rate?
| | | yang:gauge32
| | +--ro bytes?
| | | yang:counter64
| | +--ro messages?
| | | yang:counter64
| | +--ro discarded-messages?
| | | yang:counter64
| | +--ro records?
| | | yang:counter64
| | +--ro templates?
| | | yang:counter32
Boyd & Seda Expires September 10, 2020 [Page 164]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
| | +--ro options-templates?
| | | yang:counter32
| | +--ro transport-session-start-time?
| | | yang:date-and-time
| | +--ro transport-session-discontinuity-time?
| | | yang:date-and-time
| | +--ro template* [name]
| | +--ro name name-type
| | +--ro observation-domain-id? uint32
| | +--ro template-id? uint16
| | +--ro set-id? uint16
| | +--ro access-time?
| | | yang:date-and-time
| | +--ro template-data-records? yang:counter64
| | +--ro template-discontinuity-time?
| | | yang:date-and-time
| | +--ro field* [name]
| | +--ro name name-type
| | +--ro ie-id? ie-id-type
| | +--ro ie-length? uint16
| | +--ro ie-enterprise-number? uint32
| | +--ro is-flow-key? empty
| | +--ro is-scope? empty
| +--rw udp-collector* [name] {udp-transport}?
| | +--rw name name-type
| | +--rw (local-address-method)?
| | | +--:(local-address)
| | | +--rw local-address* inet:host
| | +--rw local-port? inet:port-number
| | +--rw template-life-time? uint32
| | +--rw options-template-life-time? uint32
| | +--rw template-life-packet? uint32
| | +--rw options-template-life-packet? uint32
| | +--rw maximum-reordering-delay? uint32
| | +--rw transport-layer-security!
| | | +--rw local-certification-authority-dn* string
| | | +--rw local-subject-dn* string
| | | +--rw local-subject-fqdn*
| | | | inet:domain-name
| | | +--rw remote-certification-authority-dn* string
| | | +--rw remote-subject-dn* string
| | | +--rw remote-subject-fqdn*
| | | inet:domain-name
| | +--ro transport-session* [name]
| | +--ro name name-type
| | +--ro ipfix-version? uint16
| | +--ro source-address? inet:host
| | +--ro destination-address? inet:host
Boyd & Seda Expires September 10, 2020 [Page 165]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
| | +--ro source-port?
| | | inet:port-number
| | +--ro destination-port?
| | | inet:port-number
| | +--ro status?
| | | transport-session-status
| | +--ro rate?
| | | yang:gauge32
| | +--ro bytes?
| | | yang:counter64
| | +--ro messages?
| | | yang:counter64
| | +--ro discarded-messages?
| | | yang:counter64
| | +--ro records?
| | | yang:counter64
| | +--ro templates?
| | | yang:counter32
| | +--ro options-templates?
| | | yang:counter32
| | +--ro transport-session-start-time?
| | | yang:date-and-time
| | +--ro transport-session-discontinuity-time?
| | | yang:date-and-time
| | +--ro template* [name]
| | +--ro name name-type
| | +--ro observation-domain-id? uint32
| | +--ro template-id? uint16
| | +--ro set-id? uint16
| | +--ro access-time?
| | | yang:date-and-time
| | +--ro template-data-records? yang:counter64
| | +--ro template-discontinuity-time?
| | | yang:date-and-time
| | +--ro field* [name]
| | +--ro name name-type
| | +--ro ie-id? ie-id-type
| | +--ro ie-length? uint16
| | +--ro ie-enterprise-number? uint32
| | +--ro is-flow-key? empty
| | +--ro is-scope? empty
| +--rw sctp-collector* [name] {sctp-transport}?
| | +--rw name name-type
| | +--rw (local-address-method)?
| | | +--:(local-address)
| | | +--rw local-address* inet:host
| | +--rw local-port? inet:port-number
| | +--rw maximum-reordering-delay? uint32
Boyd & Seda Expires September 10, 2020 [Page 166]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
| | +--rw transport-layer-security!
| | | +--rw local-certification-authority-dn* string
| | | +--rw local-subject-dn* string
| | | +--rw local-subject-fqdn*
| | | | inet:domain-name
| | | +--rw remote-certification-authority-dn* string
| | | +--rw remote-subject-dn* string
| | | +--rw remote-subject-fqdn*
| | | inet:domain-name
| | +--ro transport-session* [name]
| | +--ro name name-type
| | +--ro sctp-association-id? uint32
| | +--ro ipfix-version? uint16
| | +--ro source-address? inet:host
| | +--ro destination-address? inet:host
| | +--ro source-port?
| | | inet:port-number
| | +--ro destination-port?
| | | inet:port-number
| | +--ro status?
| | | transport-session-status
| | +--ro rate?
| | | yang:gauge32
| | +--ro bytes?
| | | yang:counter64
| | +--ro messages?
| | | yang:counter64
| | +--ro discarded-messages?
| | | yang:counter64
| | +--ro records?
| | | yang:counter64
| | +--ro templates?
| | | yang:counter32
| | +--ro options-templates?
| | | yang:counter32
| | +--ro transport-session-start-time?
| | | yang:date-and-time
| | +--ro transport-session-discontinuity-time?
| | | yang:date-and-time
| | +--ro template* [name]
| | +--ro name name-type
| | +--ro observation-domain-id? uint32
| | +--ro template-id? uint16
| | +--ro set-id? uint16
| | +--ro access-time?
| | | yang:date-and-time
| | +--ro template-data-records? yang:counter64
| | +--ro template-discontinuity-time?
Boyd & Seda Expires September 10, 2020 [Page 167]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
| | | yang:date-and-time
| | +--ro field* [name]
| | +--ro name name-type
| | +--ro ie-id? ie-id-type
| | +--ro ie-length? uint16
| | +--ro ie-enterprise-number? uint32
| | +--ro is-flow-key? empty
| | +--ro is-scope? empty
| +--rw file-reader* [name] {file-reader}?
| | +--rw name name-type
| | +--rw file inet:uri
| | +--ro file-reader-state
| | +--ro bytes? yang:counter64
| | +--ro messages? yang:counter64
| | +--ro records? yang:counter64
| | +--ro templates? yang:counter32
| | +--ro options-templates? yang:counter32
| | +--ro file-reader-discontinuity-time?
| | | yang:date-and-time
| | +--ro template* [name]
| | +--ro name name-type
| | +--ro observation-domain-id? uint32
| | +--ro template-id? uint16
| | +--ro set-id? uint16
| | +--ro access-time?
| | | yang:date-and-time
| | +--ro template-data-records? yang:counter64
| | +--ro template-discontinuity-time?
| | | yang:date-and-time
| | +--ro field* [name]
| | +--ro name name-type
| | +--ro ie-id? ie-id-type
| | +--ro ie-length? uint16
| | +--ro ie-enterprise-number? uint32
| | +--ro is-flow-key? empty
| | +--ro is-scope? empty
| +--rw exporting-process* -> /ipfix/exporting-process/name
| {exporter}?
+--rw exporting-process* [name] {exporter}?
+--rw name name-type
+--rw enabled? boolean
+--rw export-mode? identityref
+--rw destination* [name]
| +--rw name name-type
| +--rw (destination-parameters)
| +--:(tcp-exporter)
| | +--rw tcp-exporter {tcp-transport}?
| | +--rw ipfix-version? uint16
Boyd & Seda Expires September 10, 2020 [Page 168]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
| | +--rw source
| | | +--rw (source-method)?
| | | +--:(interface-ref)
| | | | +--rw interface-ref? if:interface-ref
| | | +--:(if-index) {if-mib}?
| | | | +--rw if-index? uint32
| | | +--:(if-name) {if-mib}?
| | | | +--rw if-name? string
| | | +--:(source-address)
| | | +--rw source-address? inet:host
| | +--rw destination
| | | +--rw (destination-method)
| | | +--:(destination-address)
| | | +--rw destination-address? inet:host
| | +--rw destination-port?
| | | inet:port-number
| | +--rw send-buffer-size? uint32
| | +--rw rate-limit? uint32
| | +--rw connection-timeout? uint32
| | +--rw retry-schedule? uint32
| | +--rw transport-layer-security!
| | | +--rw local-certification-authority-dn*
| | | | string
| | | +--rw local-subject-dn*
| | | | string
| | | +--rw local-subject-fqdn*
| | | | inet:domain-name
| | | +--rw remote-certification-authority-dn*
| | | | string
| | | +--rw remote-subject-dn*
| | | | string
| | | +--rw remote-subject-fqdn*
| | | inet:domain-name
| | +--ro transport-session
| | +--ro ipfix-version?
| | | uint16
| | +--ro source-address?
| | | inet:host
| | +--ro destination-address?
| | | inet:host
| | +--ro source-port?
| | | inet:port-number
| | +--ro destination-port?
| | | inet:port-number
| | +--ro status?
| | | transport-session-status
| | +--ro rate?
| | | yang:gauge32
Boyd & Seda Expires September 10, 2020 [Page 169]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
| | +--ro bytes?
| | | yang:counter64
| | +--ro messages?
| | | yang:counter64
| | +--ro discarded-messages?
| | | yang:counter64
| | +--ro records?
| | | yang:counter64
| | +--ro templates?
| | | yang:counter32
| | +--ro options-templates?
| | | yang:counter32
| | +--ro transport-session-start-time?
| | | yang:date-and-time
| | +--ro transport-session-discontinuity-time?
| | | yang:date-and-time
| | +--ro template* [name]
| | +--ro name
| | | name-type
| | +--ro observation-domain-id? uint32
| | +--ro template-id? uint16
| | +--ro set-id? uint16
| | +--ro access-time?
| | | yang:date-and-time
| | +--ro template-data-records?
| | | yang:counter64
| | +--ro template-discontinuity-time?
| | | yang:date-and-time
| | +--ro field* [name]
| | +--ro name name-type
| | +--ro ie-id? ie-id-type
| | +--ro ie-length? uint16
| | +--ro ie-enterprise-number? uint32
| | +--ro is-flow-key? empty
| | +--ro is-scope? empty
| +--:(udp-exporter)
| | +--rw udp-exporter {udp-transport}?
| | +--rw ipfix-version? uint16
| | +--rw source
| | | +--rw (source-method)?
| | | +--:(interface-ref)
| | | | +--rw interface-ref? if:interface-ref
| | | +--:(if-index) {if-mib}?
| | | | +--rw if-index? uint32
| | | +--:(if-name) {if-mib}?
| | | | +--rw if-name? string
| | | +--:(source-address)
| | | +--rw source-address? inet:host
Boyd & Seda Expires September 10, 2020 [Page 170]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
| | +--rw destination
| | | +--rw (destination-method)
| | | +--:(destination-address)
| | | +--rw destination-address? inet:host
| | +--rw destination-port?
| | | inet:port-number
| | +--rw send-buffer-size? uint32
| | +--rw rate-limit? uint32
| | +--rw maximum-packet-size? uint16
| | +--rw template-refresh-timeout? uint32
| | +--rw options-template-refresh-timeout? uint32
| | +--rw template-refresh-packet? uint32
| | +--rw options-template-refresh-packet? uint32
| | +--rw transport-layer-security!
| | | +--rw local-certification-authority-dn*
| | | | string
| | | +--rw local-subject-dn*
| | | | string
| | | +--rw local-subject-fqdn*
| | | | inet:domain-name
| | | +--rw remote-certification-authority-dn*
| | | | string
| | | +--rw remote-subject-dn*
| | | | string
| | | +--rw remote-subject-fqdn*
| | | inet:domain-name
| | +--ro transport-session
| | +--ro ipfix-version?
| | | uint16
| | +--ro source-address?
| | | inet:host
| | +--ro destination-address?
| | | inet:host
| | +--ro source-port?
| | | inet:port-number
| | +--ro destination-port?
| | | inet:port-number
| | +--ro status?
| | | transport-session-status
| | +--ro rate?
| | | yang:gauge32
| | +--ro bytes?
| | | yang:counter64
| | +--ro messages?
| | | yang:counter64
| | +--ro discarded-messages?
| | | yang:counter64
| | +--ro records?
Boyd & Seda Expires September 10, 2020 [Page 171]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
| | | yang:counter64
| | +--ro templates?
| | | yang:counter32
| | +--ro options-templates?
| | | yang:counter32
| | +--ro transport-session-start-time?
| | | yang:date-and-time
| | +--ro transport-session-discontinuity-time?
| | | yang:date-and-time
| | +--ro template* [name]
| | +--ro name
| | | name-type
| | +--ro observation-domain-id? uint32
| | +--ro template-id? uint16
| | +--ro set-id? uint16
| | +--ro access-time?
| | | yang:date-and-time
| | +--ro template-data-records?
| | | yang:counter64
| | +--ro template-discontinuity-time?
| | | yang:date-and-time
| | +--ro field* [name]
| | +--ro name name-type
| | +--ro ie-id? ie-id-type
| | +--ro ie-length? uint16
| | +--ro ie-enterprise-number? uint32
| | +--ro is-flow-key? empty
| | +--ro is-scope? empty
| +--:(sctp-exporter)
| | +--rw sctp-exporter {sctp-transport}?
| | +--rw ipfix-version? uint16
| | +--rw source
| | | +--rw (source-method)?
| | | +--:(interface-ref)
| | | | +--rw interface-ref? if:interface-ref
| | | +--:(if-index) {if-mib}?
| | | | +--rw if-index? uint32
| | | +--:(if-name) {if-mib}?
| | | | +--rw if-name? string
| | | +--:(source-address)
| | | +--rw source-address* inet:host
| | +--rw destination
| | | +--rw (destination-method)
| | | +--:(destination-address)
| | | +--rw destination-address* inet:host
| | +--rw destination-port?
| | | inet:port-number
| | +--rw send-buffer-size? uint32
Boyd & Seda Expires September 10, 2020 [Page 172]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
| | +--rw rate-limit? uint32
| | +--rw timed-reliability? uint32
| | +--rw association-timeout? uint32
| | +--rw transport-layer-security!
| | | +--rw local-certification-authority-dn*
| | | | string
| | | +--rw local-subject-dn*
| | | | string
| | | +--rw local-subject-fqdn*
| | | | inet:domain-name
| | | +--rw remote-certification-authority-dn*
| | | | string
| | | +--rw remote-subject-dn*
| | | | string
| | | +--rw remote-subject-fqdn*
| | | inet:domain-name
| | +--ro transport-session
| | +--ro sctp-association-id?
| | | uint32
| | +--ro ipfix-version?
| | | uint16
| | +--ro source-address?
| | | inet:host
| | +--ro destination-address?
| | | inet:host
| | +--ro source-port?
| | | inet:port-number
| | +--ro destination-port?
| | | inet:port-number
| | +--ro status?
| | | transport-session-status
| | +--ro rate?
| | | yang:gauge32
| | +--ro bytes?
| | | yang:counter64
| | +--ro messages?
| | | yang:counter64
| | +--ro discarded-messages?
| | | yang:counter64
| | +--ro records?
| | | yang:counter64
| | +--ro templates?
| | | yang:counter32
| | +--ro options-templates?
| | | yang:counter32
| | +--ro transport-session-start-time?
| | | yang:date-and-time
| | +--ro transport-session-discontinuity-time?
Boyd & Seda Expires September 10, 2020 [Page 173]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
| | | yang:date-and-time
| | +--ro template* [name]
| | +--ro name
| | | name-type
| | +--ro observation-domain-id? uint32
| | +--ro template-id? uint16
| | +--ro set-id? uint16
| | +--ro access-time?
| | | yang:date-and-time
| | +--ro template-data-records?
| | | yang:counter64
| | +--ro template-discontinuity-time?
| | | yang:date-and-time
| | +--ro field* [name]
| | +--ro name name-type
| | +--ro ie-id? ie-id-type
| | +--ro ie-length? uint16
| | +--ro ie-enterprise-number? uint32
| | +--ro is-flow-key? empty
| | +--ro is-scope? empty
| +--:(file-writer)
| +--rw file-writer {file-writer}?
| +--rw ipfix-version? uint16
| +--rw file inet:uri
| +--ro file-writer-state
| +--ro bytes?
| | yang:counter64
| +--ro messages?
| | yang:counter64
| +--ro discarded-messages?
| | yang:counter64
| +--ro records?
| | yang:counter64
| +--ro templates?
| | yang:counter32
| +--ro options-templates?
| | yang:counter32
| +--ro file-writer-discontinuity-time?
| | yang:date-and-time
| +--ro template* [name]
| +--ro name
| | name-type
| +--ro observation-domain-id? uint32
| +--ro template-id? uint16
| +--ro set-id? uint16
| +--ro access-time?
| | yang:date-and-time
| +--ro template-data-records?
Boyd & Seda Expires September 10, 2020 [Page 174]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
| | yang:counter64
| +--ro template-discontinuity-time?
| | yang:date-and-time
| +--ro field* [name]
| +--ro name name-type
| +--ro ie-id? ie-id-type
| +--ro ie-length? uint16
| +--ro ie-enterprise-number? uint32
| +--ro is-flow-key? empty
| +--ro is-scope? empty
+--rw options* [name]
| +--rw name name-type
| +--rw options-type identityref
| +--rw options-timeout? uint32
+--ro exporting-process-id? uint32
D.2. ietf-ipfix-packet-sampling
The complete tree diagram for ietf-ipfix-packet-sampling:
module: ietf-ipfix-packet-sampling
augment /ipfix:ipfix:
+--rw psamp
+--rw observation-point* [name]
| +--rw name ipfix:name-type
| +--rw observation-domain-id uint32
| +--rw interface-ref* if:interface-ref
| +--rw if-name* if-name-type {if-mib}?
| +--rw if-index* uint32 {if-mib}?
| +--rw hardware-ref* hardware-ref
| +--rw ent-physical-name* string {entity-mib}?
| +--rw ent-physical-index* uint32 {entity-mib}?
| +--rw direction? direction
| +--rw selection-process*
| | -> /ipfix:ipfix/psamp/selection-process/name
| +--ro observation-point-id? uint32
+--rw selection-process* [name]
| +--rw name ipfix:name-type
| +--rw selector* [name]
| | +--rw name ipfix:name-type
| | +--rw (method)
| | | +--:(select-all)
| | | | +--rw select-all? empty
| | | +--:(samp-count-based)
| | | | +--rw samp-count-based {psamp-samp-count-based}?
| | | | +--rw packet-interval uint32
| | | | +--rw packet-space uint32
| | | +--:(samp-time-based)
Boyd & Seda Expires September 10, 2020 [Page 175]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
| | | | +--rw samp-time-based {psamp-samp-time-based}?
| | | | +--rw time-interval uint32
| | | | +--rw time-space uint32
| | | +--:(samp-rand-out-of-n)
| | | | +--rw samp-rand-out-of-n
| | | | {psamp-samp-rand-out-of-n}?
| | | | +--rw size uint32
| | | | +--rw population uint32
| | | +--:(samp-uni-prob)
| | | | +--rw samp-uni-prob {psamp-samp-uni-prob}?
| | | | +--rw probability decimal64
| | | +--:(filter-match)
| | | | +--rw filter-match {psamp-filter-match}?
| | | | +--rw (information-element)
| | | | | +--:(ie-name)
| | | | | | +--rw ie-name?
| | | | | | ipfix:ie-name-type
| | | | | +--:(ie-id)
| | | | | +--rw ie-id? ipfix:ie-id-type
| | | | +--rw ie-enterprise-number? uint32
| | | | +--rw value string
| | | +--:(filter-hash)
| | | +--rw filter-hash {psamp-filter-hash}?
| | | +--rw hash-function? identityref
| | | +--rw initializer-value? uint64
| | | +--rw ip-payload-offset? uint64
| | | +--rw ip-payload-size? uint64
| | | +--rw digest-output? boolean
| | | +--rw selected-range* [name]
| | | | +--rw name ipfix:name-type
| | | | +--rw min? uint64
| | | | +--rw max? uint64
| | | +--ro output-range-min? uint64
| | | +--ro output-range-max? uint64
| | +--ro packets-observed? yang:counter64
| | +--ro packets-dropped? yang:counter64
| | +--ro selector-discontinuity-time? yang:date-and-time
| +--rw cache?
| | -> /ipfix:ipfix/psamp/cache/name
| +--ro selection-sequence* []
| +--ro observation-domain-id? uint32
| +--ro selection-sequence-id? uint64
+--rw cache* [name]
+--rw name ipfix:name-type
+--rw enabled? boolean
+--rw (cache-type)
| +--:(immediate-cache)
| | +--rw immediate-cache {immediate-cache}?
Boyd & Seda Expires September 10, 2020 [Page 176]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
| | +--rw cache-layout
| | +--rw cache-field* [name]
| | +--rw name
| | | ipfix:name-type
| | +--rw (information-element)
| | | +--:(ie-name)
| | | | +--rw ie-name?
| | | | ipfix:ie-name-type
| | | +--:(ie-id)
| | | +--rw ie-id?
| | | ipfix:ie-id-type
| | +--rw ie-length? uint16
| | +--rw ie-enterprise-number? uint32
| +--:(timeout-cache)
| | +--rw timeout-cache {timeout-cache}?
| | +--rw max-flows? uint32
| | +--rw active-timeout? uint32
| | +--rw idle-timeout? uint32
| | +--rw cache-layout
| | | +--rw cache-field* [name]
| | | +--rw name
| | | | ipfix:name-type
| | | +--rw (information-element)
| | | | +--:(ie-name)
| | | | | +--rw ie-name?
| | | | | ipfix:ie-name-type
| | | | +--:(ie-id)
| | | | +--rw ie-id?
| | | | ipfix:ie-id-type
| | | +--rw ie-length? uint16
| | | +--rw ie-enterprise-number? uint32
| | | +--rw is-flow-key? empty
| | +--ro active-flows? yang:gauge32
| | +--ro unused-cache-entries? yang:gauge32
| +--:(natural-cache)
| | +--rw natural-cache {natural-cache}?
| | +--rw max-flows? uint32
| | +--rw active-timeout? uint32
| | +--rw idle-timeout? uint32
| | +--rw cache-layout
| | | +--rw cache-field* [name]
| | | +--rw name
| | | | ipfix:name-type
| | | +--rw (information-element)
| | | | +--:(ie-name)
| | | | | +--rw ie-name?
| | | | | ipfix:ie-name-type
| | | | +--:(ie-id)
Boyd & Seda Expires September 10, 2020 [Page 177]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
| | | | +--rw ie-id?
| | | | ipfix:ie-id-type
| | | +--rw ie-length? uint16
| | | +--rw ie-enterprise-number? uint32
| | | +--rw is-flow-key? empty
| | +--ro active-flows? yang:gauge32
| | +--ro unused-cache-entries? yang:gauge32
| +--:(permanent-cache)
| +--rw permanent-cache {permanent-cache}?
| +--rw max-flows? uint32
| +--rw export-interval? uint32
| +--rw cache-layout
| | +--rw cache-field* [name]
| | +--rw name
| | | ipfix:name-type
| | +--rw (information-element)
| | | +--:(ie-name)
| | | | +--rw ie-name?
| | | | ipfix:ie-name-type
| | | +--:(ie-id)
| | | +--rw ie-id?
| | | ipfix:ie-id-type
| | +--rw ie-length? uint16
| | +--rw ie-enterprise-number? uint32
| | +--rw is-flow-key? empty
| +--ro active-flows? yang:gauge32
| +--ro unused-cache-entries? yang:gauge32
+--rw exporting-process*
| -> /ipfix:ipfix/exporting-process/name
| {ipfix:exporter}?
+--ro metering-process-id? uint32
+--ro data-records? yang:counter64
+--ro cache-discontinuity-time? yang:date-and-time
D.3. ietf-ipfix-bulk-data-export
The complete tree diagram for ietf-ipfix-bulk-data-export:
Boyd & Seda Expires September 10, 2020 [Page 178]
Internet-Draft IPFIX/PSAMP/Bulk Data Export Data Models March 2020
module: ietf-ipfix-bulk-data-export
augment /ipfix:ipfix:
+--rw bulk-data-export
+--rw template* [name]
+--rw name ipfix:name-type
+--rw enabled? boolean
+--rw export-interval? uint32
+--rw observation-domain-id? uint32
+--rw field-layout
| +--rw field* [name]
| +--rw name ipfix:name-type
| +--rw (identifier)
| | +--:(ie-name)
| | | +--rw ie-name? ipfix:ie-name-type
| | +--:(ie-id)
| | +--rw ie-id? ipfix:ie-id-type
| +--rw ie-length? uint16
| +--rw ie-enterprise-number? uint32
+--rw exporting-process*
| -> /ipfix:ipfix/exporting-process/name
| {ipfix:exporter}?
+--rw (resource-identifier)?
| +--:(resource-instance)
| +--rw resource-instance* resource
+--ro data-records? yang:counter64
+--ro discontinuity-time? yang:date-and-time
Authors' Addresses
Joey Boyd
ADTRAN
Email: joey.boyd@adtran.com
Marta Seda
Calix
Email: marta.seda@calix.com
Boyd & Seda Expires September 10, 2020 [Page 179]