Internet DRAFT - draft-clemm-ippm-pam-ipfix
draft-clemm-ippm-pam-ipfix
IPPM A. Clemm, Ed.
Internet-Draft Futurewei
Intended status: Standards Track M. Boucadair
Expires: 7 June 2024 Orange
G. Mirsky
Ericsson
5 December 2023
Export of Flow Precision Availability Metrics Using IPFIX
draft-clemm-ippm-pam-ipfix-00
Abstract
This document defines a set of IP Flow Information Export (IPFIX)
Information Elements to export precision availability data associated
with Flows, specifically Flows that are associated with stringent
Service Level Objectives (SLOs) such as latency or packet delay
variation.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on 7 June 2024.
Copyright Notice
Copyright (c) 2023 IETF Trust and the persons identified as the
document authors. All rights reserved.
Clemm, et al. Expires 7 June 2024 [Page 1]
Internet-Draft pam-ipfix December 2023
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components
extracted from this document must include Revised BSD License text as
described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Revised BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Precision Availability Information Elements . . . . . . . . . 4
3.1. IEs Based on Precision Availability Metrics . . . . . . . 4
3.1.1. Violated Intervals Count . . . . . . . . . . . . . . 4
3.1.2. Violation-Free Intervals Count . . . . . . . . . . . 5
3.1.3. Violated Packet Count . . . . . . . . . . . . . . . . 5
3.1.4. Severely Violated Intervals Count . . . . . . . . . . 5
3.1.5. Severely Violated Packet Count . . . . . . . . . . . 6
3.1.6. Mean Time Between VIs . . . . . . . . . . . . . . . . 6
3.1.7. Mean Number of Packets Between VIs . . . . . . . . . 7
3.2. IEs Representing SLO Manifest Information . . . . . . . . 7
3.2.1. Precision Availability Interval Length . . . . . . . 8
3.2.2. SLO Identifier . . . . . . . . . . . . . . . . . . . 8
3.3. Precision Availability Metrics Not Considered . . . . . . 8
4. Security Considerations . . . . . . . . . . . . . . . . . . . 9
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9
6. References . . . . . . . . . . . . . . . . . . . . . . . . . 10
6.1. Normative References . . . . . . . . . . . . . . . . . . 10
6.2. Informative References . . . . . . . . . . . . . . . . . 11
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 11
1. Introduction
IP Flow Information Export (IPFIX) [RFC7011] is a protocol that is
widely deployed in operators networks to collect Records containing a
wide array of statistics about Flows. The Records are used for many
purposes, including network security (e.g., detection of denial-of-
service attacks), accounting (e.g., identifying "top talkers"),
monitoring and service assurance (e.g., detection of anomalies and
abnormal behaviors), and network planning (e.g., maintaining traffic
matrices and detecting usage trends). To that aim, IPFIX relies upon
a set of basic data items that can be maintained by network devices
and exported as part of a Flow Record. These data items are commonly
referred to as Information Elements (IEs) [RFC7012].
Clemm, et al. Expires 7 June 2024 [Page 2]
Internet-Draft pam-ipfix December 2023
Increasingly, to be provided with mere connectivity is no longer
sufficient for many networking applications. There is a growing
demand for high-precision services that underly stringent Service
Level Objectives (SLOs), such as a given latency that must be met by
the (connectivity) service. When a guaranteed property of a service
(typically, traffic performance metrics) is not met, this is
considered in many cases as equivalent to the service not being
available. This is particularly the case in which an application
relying upon the service does not degrade gracefully with
deteriorating service levels (e.g., video or voice), but in which
violation of an SLO will cause the application to abruptly cease to
function (e.g., industrial control and Control-as-a-Service
applications or telehaptics).
Existing IPFIX IEs largely focus on statistics such as traffic
volume, packet lengths, header fields, or route properties. However,
there is a lack of IEs that indicate a Flow's "quality".
Specifically, IPFIX does not support IEs that indicate compliance of
a Flow with an SLO. This specification fills that void by defining a
set of IEs that are based upon Precision Availability Metrics (PAM)
[I-D.ietf-ippm-pam]. PAMs can thus be exported as part of Flow
Records using IPFIX.
2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
This document uses the IPFIX-specific terminology (Information
Element, Template, Collector, Data Record, Flow Record, Exporting
Process, Collecting Process, etc.) defined in Section 2 of [RFC7011].
As in [RFC7011], these IPFIX-specific terms have the first letter of
a word capitalized.
Also, this document uses terminology associated with Precision
Availability Metrics (PAM), as defined in Section 2 of
[I-D.ietf-ippm-pam]. For the reader's convenience, some of the
acronyms that are used in the document are provided below:
IE: Information Element
IPFIX: IP Flow Information Export
PAM: Precision Availability Metric
Clemm, et al. Expires 7 June 2024 [Page 3]
Internet-Draft pam-ipfix December 2023
SLO: Service Level Objective
VI: Violated Interval
VFI: Violation-Free Interval
3. Precision Availability Information Elements
The following subsections define a set of IEs to export precision
availability data as part of Flow Records. At the core of PAMs is
the notion of an "interval", i.e. an observation interval (a small
unit of time) for which the presence or absence of violations is
noted. What constitutes a violation or not depends on the definition
of the service, i.e., the length of the interval (e.g., a
millisecond) and the SLO (e.g., a not-to-exceed latency threshold or
packet inter-arrival delay threshold).
Accordingly, IEs are grouped into two categories. The first category
contains IEs that reflect PAMs per [I-D.ietf-ippm-pam]. The second
category contains IEs that are used to define the context that is
necessary to adequately interpret the IEs in the first category, such
as the SLO that underlies the definition of precision availability
for that particular Flow. This context can be thought of as a
manifest for that Flow Record.
3.1. IEs Based on Precision Availability Metrics
3.1.1. Violated Intervals Count
Name: violatedIntervalsCount
ElementID: TBD1
Description: Contains a count of intervals over the duration of the
Flow during which the service was not available with the required
precision. That is, a count of intervals for which an SLO
violation was observed for the Flow.
Abstract Data Type: unsigned
Data Type Semantics: quantity
Additional Information: See [I-D.ietf-ippm-pam] for the general
definition of PAM.
Reference: This-Document
Clemm, et al. Expires 7 June 2024 [Page 4]
Internet-Draft pam-ipfix December 2023
3.1.2. Violation-Free Intervals Count
Name: violationFreeIntervalsCount
ElementID: TBD2
Description: Contains a count of intervals over the duration of the
Flow during which the required precision was available, i.e., the
period during which the Flow was in compliance with its SLO. In
practical terms, the violationFreeIntervalsCount corresponds to
the number of intervals over the duration of the Flow minus the
violatedIntervalsCount.
Abstract Data Type: unsigned
Data Type Semantics: quantity
Additional Information: See [I-D.ietf-ippm-pam] for the general
definition of PAM.
Reference: This-Document
TBD: Assess size of this parameter (for the case of long Flow
durations with short interval durations).
3.1.3. Violated Packet Count
Name: violatedPacketCount
ElementID: TBD3
Description: Contains a count of packets for which packet-level
violations of an SLO were observed for the Flow.
Abstract Data Type: unsigned
Data Type Semantics: quantity
Additional Information: See [I-D.ietf-ippm-pam] for the general
definition of PAM.
Reference: This-Document
3.1.4. Severely Violated Intervals Count
Name: severelyViolatedIntervalsCount
ElementID: TBD4
Clemm, et al. Expires 7 June 2024 [Page 5]
Internet-Draft pam-ipfix December 2023
Description: Contains a count of intervals over the duration of a
Flow during which a particularly severe violation was observed.
Abstract Data Type: unsigned
Data Type Semantics: quantity
Additional Information: See [I-D.ietf-ippm-pam] for the general
definition of PAM.
Reference: This-Document
3.1.5. Severely Violated Packet Count
Name: severelyViolatedPacketCount
ElementID: TBD5
Description: Contains a count of packets for which particularly
severe packet-level violations of an SLO were observed for the
Flow.
Abstract Data Type: unsigned
Data Type Semantics: quantity
Additional Information: See [I-D.ietf-ippm-pam] for the general
definition of PAM.
Reference: This-Document
3.1.6. Mean Time Between VIs
Name: meanTimeBetweenViolatedIntervals
ElementID: TBD6
Description: Contains the Mean Time Between Violated Intervals over
the duration of the Flow.
The mean time is indicated by the number of intervals and thus
corresponds to mean number of intervals between violated
intervals.
If severelyViolatedIntervalsCount is equal to 0, then the
meanTimeBetweenViolatedIntervals must be 0.
If severelyViolatedIntervalsCount is equal to 0, then the
Clemm, et al. Expires 7 June 2024 [Page 6]
Internet-Draft pam-ipfix December 2023
meanTimeBetweenViolatedIntervals must be
violationFreeIntervalsCount DIV 2.
Abstract Data Type: unsigned
Data Type Semantics: quantity
Additional Information: See [I-D.ietf-ippm-pam] for the general
definition of PAM.
Reference: This-Document
3.1.7. Mean Number of Packets Between VIs
Name: meanNumberPacketsBetweenViolatedIntervals
ElementID: TBD7
Description: Contains the mean number of packets between packet-
level violations over the duration of the Flow.
if violatedPacketCount is equal to 0, then the
meanNumberPacketsBetweenViolatedIntervals does not apply.
Abstract Data Type: unsigned
Data Type Semantics: quantity
Additional Information: See [I-D.ietf-ippm-pam] for the general
definition of PAM.
Reference: This-Document
TBD: Which special value to use to indicate that the
meanNumberPacketsBetweenViolatedIntervals does not apply.
3.2. IEs Representing SLO Manifest Information
The following IEs provide context regarding what "violations" and
"severe violations" mean for a particular Flow.
Clemm, et al. Expires 7 June 2024 [Page 7]
Internet-Draft pam-ipfix December 2023
In this version, IEs for the interval length and for a reference to
an SLO are defined. Whether SLOs themselves are to be encoded,
including the service level parameter subjected to the SLO (e.g.,
latency or packet delay variation), the objective itself (upper not-
to-exceed threshold or lower threshold and threshold value) is for
further study. Likewise, IEs to represent manifest information
regarding severity semantics (for severe violations) are for further
study.
3.2.1. Precision Availability Interval Length
Name: precisionAvailabilityIntervalLength
ElementID: TBD8
Description: Indicates the duration of an availability interval.
Abstract Data Type: unsigned
Data Type Semantics: identifier
Additional Information: See [I-D.ietf-ippm-pam] for the general
definition of PAM.
Reference: This-Document
3.2.2. SLO Identifier
Name: sloId
ElementID: TBD9
Description: A reference to an SLO defining the semantics of what is
considered precision availability for the Flow.
Abstract Data Type: unsigned
Data Type Semantics: identifier
Additional Information: See [I-D.ietf-ippm-pam] for the general
definition of PAM.
Reference: This-Document
3.3. Precision Availability Metrics Not Considered
[I-D.ietf-ippm-pam] lists a number of additional metrics for which no
corresponding IEs are defined for the following reasons:
Clemm, et al. Expires 7 June 2024 [Page 8]
Internet-Draft pam-ipfix December 2023
Time since the last violated interval: This is a metric that is of
interest while a Flow is in progress, but arguably not applicable
for export in a Flow Record once the Flow has concluded.
Number of packets since the last violated packet: By the same token,
this is a metric that is of interest while a Flow is in progress,
not for export in a Flow Record once the Flow has concluded.
Time since the last severely violated interval: Analogous reason as
for "time since the last violated interval".
Number of packets since the last severely violated packet: :Analogous
reason as for "number of packets since the last violated interval".
Mean time between SVIs: For further study.
Mean packets between SVIs: For further study.
Violated Interval Ratio: This can be easily computed by the
processor of the Record and does not warrant a separate IE.
Severely Violated Interval Ratio: This can be easily computed by the
processor of the Record and does not warrant a separate IE.
4. Security Considerations
IPFIX security considerations are discussed in Section 8 of
[RFC7012].
5. IANA Considerations
This document requests IANA to add the following new IPFIX IEs to the
IANA IPFIX registry [IANA-IPFIX]:
Clemm, et al. Expires 7 June 2024 [Page 9]
Internet-Draft pam-ipfix December 2023
+=====+===========================================+===============+
|Value| Name | Reference |
+=====+===========================================+===============+
|TBD1 | violatedIntervalsCount | Section 3.1.1 |
| | | of This- |
| | | Document |
+-----+-------------------------------------------+---------------+
|TBD2 | violationFreeIntervalsCount | Section 3.1.2 |
| | | of This- |
| | | Document |
+-----+-------------------------------------------+---------------+
|TBD3 | violatedPacketCount | Section 3.1.3 |
| | | of This- |
| | | Document |
+-----+-------------------------------------------+---------------+
|TBD4 | severelyViolatedIntervalsCount | Section 3.1.4 |
| | | of This- |
| | | Document |
+-----+-------------------------------------------+---------------+
|TBD5 | severelyViolatedPacketCount | Section 3.1.5 |
| | | of This- |
| | | Document |
+-----+-------------------------------------------+---------------+
|TBD6 | meanTimeBetweenViolatedIntervals | Section 3.1.6 |
| | | of This- |
| | | Document |
+-----+-------------------------------------------+---------------+
|TBD7 | meanNumberPacketsBetweenViolatedIntervals | Section 3.1.7 |
| | | of This- |
| | | Document |
+-----+-------------------------------------------+---------------+
|TBD8 | precisionAvailabilityIntervalLength | Section 3.2.1 |
| | | of This- |
| | | Document |
+-----+-------------------------------------------+---------------+
|TBD9 | sloId | Section 3.2.2 |
| | | of This- |
| | | Document |
+-----+-------------------------------------------+---------------+
Table 1: New IPFIX Information Elements
6. References
6.1. Normative References
Clemm, et al. Expires 7 June 2024 [Page 10]
Internet-Draft pam-ipfix December 2023
[I-D.ietf-ippm-pam]
Mirsky, G., Halpern, J. M., Min, X., Clemm, A., Strassner,
J., and J. François, "Precision Availability Metrics for
Services Governed by Service Level Objectives (SLOs)",
Work in Progress, Internet-Draft, draft-ietf-ippm-pam-09,
1 December 2023, <https://datatracker.ietf.org/doc/html/
draft-ietf-ippm-pam-09>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/rfc/rfc2119>.
[RFC7011] Claise, B., Ed., Trammell, B., Ed., and P. Aitken,
"Specification of the IP Flow Information Export (IPFIX)
Protocol for the Exchange of Flow Information", STD 77,
RFC 7011, DOI 10.17487/RFC7011, September 2013,
<https://www.rfc-editor.org/rfc/rfc7011>.
[RFC7012] Claise, B., Ed. and B. Trammell, Ed., "Information Model
for IP Flow Information Export (IPFIX)", RFC 7012,
DOI 10.17487/RFC7012, September 2013,
<https://www.rfc-editor.org/rfc/rfc7012>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/rfc/rfc8174>.
6.2. Informative References
[IANA-IPFIX]
IANA, "IP Flow Information Export (IPFIX) Entities",
<https://www.iana.org/assignments/ipfix/ipfix.xhtml>.
Authors' Addresses
Alexander Clemm (editor)
Futurewei
2220 Central Expressway
Santa Clara, CA 95050
United States of America
Email: ludwig@clemm.org
Mohamed Boucadair
Orange
35000 Rennes
France
Clemm, et al. Expires 7 June 2024 [Page 11]
Internet-Draft pam-ipfix December 2023
Email: mohamed.boucadair@orange.com
Greg Mirsky
Ericsson
United States of America
Email: gregimirsky@gmail.com
Clemm, et al. Expires 7 June 2024 [Page 12]