Network Working Group C. Lin Internet-Draft New H3C Technologies Intended status: Standards Track Y. Liu Expires: 25 August 2025 China Mobile 21 February 2025 Export of QUIC Information in IP Flow Information Export (IPFIX) draft-lin-opsawg-ipfix-quic-header-00 Abstract This document introduces new IP Flow Information Export (IPFIX) Information Elements to identify a set of QUIC related information which contained QUIC Header, QUIC Frame and Stream that traffic is being forwarded with. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 25 August 2025. Copyright Notice Copyright (c) 2025 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License. Lin & Liu Expires 25 August 2025 [Page 1] Internet-Draft Export of QUIC Information in IPFIX February 2025 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. New IPFIX QUIC Information Elements . . . . . . . . . . . . . 3 4. Sample Use Cases . . . . . . . . . . . . . . . . . . . . . . 5 5. Security Considerations . . . . . . . . . . . . . . . . . . . 5 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 6.1. New IPFIX QUIC Information Elements . . . . . . . . . . . 5 6.1.1. quicHeaderFlag . . . . . . . . . . . . . . . . . . . 6 6.1.2. quicVersion . . . . . . . . . . . . . . . . . . . . . 6 6.1.3. quicDestinationConnectionID . . . . . . . . . . . . . 7 6.1.4. quicSourceConnectionID . . . . . . . . . . . . . . . 7 6.1.5. quicSupportedVersion . . . . . . . . . . . . . . . . 8 6.1.6. quicPacketNumber . . . . . . . . . . . . . . . . . . 8 6.1.7. quicFrameType . . . . . . . . . . . . . . . . . . . . 8 6.1.8. quicStreamID . . . . . . . . . . . . . . . . . . . . 9 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 7.1. Normative References . . . . . . . . . . . . . . . . . . 9 7.2. Informative References . . . . . . . . . . . . . . . . . 10 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 10 1. Introduction QUIC Packets are carried in UDP datagrams and exchanged for communication of QUIC endpoints [RFC9000]. A QUIC packet consists of a QUIC header and a QUIC payload. QUIC Header is divided into Long Header and Short Header. Long Headers are used for packets that are sent prior to the establishment of 1-RTT keys. The Long Header contains an 8-bit Public Flag, a 32-bit QUIC Version, a variable-length Destination Connection ID, a variable-length Source Connection ID and Type-Specific field which has different content based on the Packet type. The Packet types that use the long header contain Version Negotiation Packet, Initial Packet, 0-RTT Packet, Handshake Packet and Retry Packet. Once 1-RTT keys are available, a sender switches to sending packets using the Short Header. The Short Header includes an 8-bit Public Flag, a variable-length Destination Connection ID and a Packet Number. QUIC payload MAY contain a sequence of Frames which begin with a Frame Type. In the generic Frame Layout, the Frame Type is followed by additional type-dependent fields. Since Stream in QUIC is the one core component to provide a lightweight, ordered byte-stream abstraction to an application, the Stream ID of Frames related to Stream is an important information that indicates the stream in which the Frame is located or that the Frame affects. Lin & Liu Expires 25 August 2025 [Page 2] Internet-Draft Export of QUIC Information in IPFIX February 2025 This document specifies several new IPFIX Information Elements (IEs) within the "IPFIX Information Elements" registry [RFC7012] for purposes of getting QUIC information. These IEs are used to export the main parameters of QUIC Header, QUIC Frame and Stream. 2. Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. This document makes use of the terms defined in [RFC7011] and [RFC9000]. The following terms are used as defined in [RFC7011]: * IPFIX * IPFIX Information Elements The following terms are used as defined in [RFC9000]: * QUIC * Endpoint * Server * QUIC packet * Frame * Connection ID * Stream * Application 3. New IPFIX QUIC Information Elements This section specifies the new IPFIX QUIC IEs. quicHeaderFlag 8-bit flag defined in the QUIC Header (Section 17.2 and 17.3 of [RFC9000]), as the first byte of QUIC Packet, which primarily indicates the Packet Type and the Length of followed fields. Lin & Liu Expires 25 August 2025 [Page 3] Internet-Draft Export of QUIC Information in IPFIX February 2025 quicVersion 32-bit QUIC Version that is in use and determines how the rest of the protocol packet fields are interpreted. quicDestinationConnectionID The Destination Connection ID included in the Long Header or Short Header of QUIC Packet. The Destination Connection ID is chosen by the recipient of the packet and is used to provide consistent routing. quicSourceConnectionID The Source Connection ID included by the Long Header of QUIC Packet. The Source Connection ID is used to set the Destination Connection ID used by the peer. quicSupportedVersion 32-bit Supported Version included by Version Negotiation packet with the Long Header. quicPacketNumber The Packet Number that appears in some packet types such as Initial packet, 0-RTT packet and Handshake packet. The underlying packet number increases with each packet sent in a given packet number space. The Packet Number is an integer in the range 0 to 262-1. When present in a Long or Short Header, packet numbers are reduced and encoded in 1 to 4 bytes. quicFrameType Frame Type that indicates the type of Frame contained in the Payload of QUIC Packet. The Frame Type value uses a variable- length integer encoding which means that integers are encoded on 1, 2, 4, or 8 bytes and can encode 6-, 14-, 30-, or 62-bit values, respectively. Some Frame Types are defined in section 12.4 of [RFC9000]. quicStreamID The Stream ID included in the Frame related to Stream such as RESET_STREAM frame, STOP_SENDING frame, STREAM frame and MAX_STREAM_DATA frame. A stream ID is a 62-bit integer (0 to 262-1) that is unique for all streams on a connection. Stream IDs are encoded as variable-length integers, which means that integers are encoded on 1, 2, 4, or 8 bytes and can encode 6-, 14-, 30-, or 62-bit values, respectively. The two least significant bits from a stream ID identify the stream types defined in section 2.1 of [RFC9000]. Lin & Liu Expires 25 August 2025 [Page 4] Internet-Draft Export of QUIC Information in IPFIX February 2025 4. Sample Use Cases The IPFIX IEs listed in the Section 3, forwardingStatus (89) [RFC7270] and some existing counter information [IANA-IPFIX] provide answers to the following questions (amongst others). * How many packets are forwarded or dropped using QUIC in a network? * If dropped, for which reasons? * What is the type of QUIC packet? * What is the QUIC version that is in use? * What is the Destination or Source Connection ID of QUIC packet? * Have all the QUIC packets been fully received? * Which frames does the QUIC packet carry? * Which stream is the QUIC packet located in? * Which stream is affected by the QUIC packet? 5. Security Considerations There exists no extra security considerations regarding allocation of these new IPFIX IEs compared to [RFC7012]. 6. IANA Considerations 6.1. New IPFIX QUIC Information Elements This document requests IANA to add new IPFIX QUIC IEs to the "IPFIX Information Elements" registry [RFC7012] available at [IANA-IPFIX]. Table 1 lists the new IPFIX QUIC IEs: Lin & Liu Expires 25 August 2025 [Page 5] Internet-Draft Export of QUIC Information in IPFIX February 2025 +============+=============================+===============+ | Element ID | Name | Reference | +============+=============================+===============+ | TBD1 | quicHeaderFlag | This document | +------------+-----------------------------+---------------+ | TBD2 | quicVersion | This document | +------------+-----------------------------+---------------+ | TBD3 | quicDestinationConnectionID | This document | +------------+-----------------------------+---------------+ | TBD4 | quicSourceConnectionID | This document | +------------+-----------------------------+---------------+ | TBD5 | quicSupportedVersion | This document | +------------+-----------------------------+---------------+ | TBD6 | quicPacketNumber | This document | +------------+-----------------------------+---------------+ | TBD7 | quicFrameType | This document | +------------+-----------------------------+---------------+ | TBD8 | quicStreamID | This document | +------------+-----------------------------+---------------+ Table 1: New QUIC IEs in the "IPFIX Information Elements" Registry 6.1.1. quicHeaderFlag Name: quicHeaderFlag ElementID: TBD1 Description: The 8-bit flag defined in the QUIC Header (Section 17.2 and 17.3 of [RFC9000]). The meanings of the flag are provided in the first byte of the QUIC Header Packet [RFC9000]. Abstract Data Type: unsigned8 Data Type Semantics: flags Additional Information: See RFC9000 for the QUIC Header specification. Reference: [this document] 6.1.2. quicVersion Name: quicVersion ElementID: TBD2 Description: 32-bit unsigned integer defining the number of Version, Lin & Liu Expires 25 August 2025 [Page 6] Internet-Draft Export of QUIC Information in IPFIX February 2025 which is in use and determines how the rest of the protocol packet fields are interpreted. Its values are provided in the "QUIC Versions" IANA registry. Abstract Data Type: unsigned32 Data Type Semantics: default Additional Information: See the assignments in the "QUIC Versions" IANA registry at https://www.iana.org/assignments/quic/ quic.xhtml#quic-versions. See also RFC9000 for the QUIC Versions specification. Reference: [this document] 6.1.3. quicDestinationConnectionID Name: quicDestinationConnectionID ElementID: TBD3 Description: The Destination Connection ID as defined in Section 7.2 of [RFC9000] as a series of octets in IPFIX. Abstract Data Type: octetArray Data Type Semantics: default Additional Information: See Section 7.2 of [RFC9000] for more details about The Destination Connection ID. Reference: [this document] 6.1.4. quicSourceConnectionID Name: quicSourceConnectionID ElementID: TBD4 Description: The Source Connection ID as defined in Section 7.2 of [RFC9000] as a series of octets in IPFIX. Abstract Data Type: octetArray Data Type Semantics: default Additional Information: See Section 7.2 of [RFC9000] for more details about The Source Connection ID. Lin & Liu Expires 25 August 2025 [Page 7] Internet-Draft Export of QUIC Information in IPFIX February 2025 Reference: [this document] 6.1.5. quicSupportedVersion Name: quicSupportedVersion ElementID: TBD5 Description: 32-bit unsigned integer defining the number of Version, which indicates the supported QUIC version of server. Its values are provided in the "QUIC Versions" IANA registry. Abstract Data Type: unsigned32 Data Type Semantics: default Additional Information: See the assignments in the "QUIC Versions" IANA registry at https://www.iana.org/assignments/quic/ quic.xhtml#quic-versions. See also RFC9000 for the QUIC Versions specification. Reference: [this document] 6.1.6. quicPacketNumber Name: quicPacketNumber ElementID: TBD6 Description: 8~32-bit unsigned integer defining the packet number of QUIC Header, which is used in determining the cryptographic nonce for packet protection. Abstract Data Type: unsigned32 Data Type Semantics: default Additional Information: See Section 12.3 of [RFC9000] for more details about The Packet Number. Reference: [this document] 6.1.7. quicFrameType Name: quicFrameType ElementID: TBD7 Lin & Liu Expires 25 August 2025 [Page 8] Internet-Draft Export of QUIC Information in IPFIX February 2025 Description: 62-bit unsigned integer defining the value of Frame Type, which indicates the type of QUIC Frame. Its values are provided in the "QUIC Frame Types" IANA registry. Abstract Data Type: unsigned64 Data Type Semantics: default Additional Information: See the assignments in the "QUIC Frame Types" IANA registry at https://www.iana.org/assignments/quic/ quic.xhtml#quic-frame-types. See also RFC9000 for the Frame Types specification of QUIC. Reference: [this document] 6.1.8. quicStreamID Name: quicStreamID ElementID: TBD8 Description: 62-bit unsigned integer defining the value of Stream ID, which identifies a Stream. The two least significant bits from a stream ID identify the stream types defined in section 2.1 of [RFC9000]. Abstract Data Type: unsigned64 Data Type Semantics: identifier Additional Information: See Section 2.1 of [RFC9000] for more details about The Stream ID. Reference: [this document] 7. References 7.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . Lin & Liu Expires 25 August 2025 [Page 9] Internet-Draft Export of QUIC Information in IPFIX February 2025 [RFC7011] Claise, B., Ed., Trammell, B., Ed., and P. Aitken, "Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of Flow Information", STD 77, RFC 7011, DOI 10.17487/RFC7011, September 2013, . [RFC7012] Claise, B., Ed. and B. Trammell, Ed., "Information Model for IP Flow Information Export (IPFIX)", RFC 7012, DOI 10.17487/RFC7012, September 2013, . [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . [RFC9000] Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based Multiplexed and Secure Transport", RFC 9000, DOI 10.17487/RFC9000, May 2021, . 7.2. Informative References [IANA-IPFIX] "IANA, "IP Flow Information Export (IPFIX) Entities"", . [RFC7270] Yourtchenko, A., Aitken, P., and B. Claise, "Cisco- Specific Information Elements Reused in IP Flow Information Export (IPFIX)", RFC 7270, DOI 10.17487/RFC7270, June 2014, . Authors' Addresses Changwang Lin New H3C Technologies 8 Yongjia North Road Beijing Haidian District, 100094 China Email: linchangwang.04414@h3c.com Lin & Liu Expires 25 August 2025 [Page 10] Internet-Draft Export of QUIC Information in IPFIX February 2025 Yisong Liu China Mobile 32 Xuanwumen West Street Beijing Xicheng District, 100053 China Email: liuyisong@chinamobile.com Lin & Liu Expires 25 August 2025 [Page 11]