[00:24:54] --- bert has joined
[00:26:23] --- nevil has joined
[00:27:28] --- ggm has joined
[00:28:12] <ggm> IPFIX Jurgen in the chair
[00:28:35] <ggm> WG docs. review. listed on screen
[00:29:15] <ggm> second doc: eval of candidate protocols for ipfix. draft-leinen- IS a WG doc.
[00:29:15] <ggm> agenda as posted to list.
[00:29:32] <ggm> request for agenda bashing... no takers
[00:29:54] <ggm> first 2 drafts. already in IESG review. requirements, eval.
[00:30:17] <ggm> discussed on ML if security requirements, encryption mandatory to implement for all compliant IPFIX impls. too heavyweight to be implemented.
[00:30:35] <ggm> Bert, AD said we can hold progress and think about it
[00:31:10] --- sleinen has joined
[00:31:29] <ggm> as far as discussion went, decided to continue with draft as-is. not that we prefer, probly get majority for change. but Bert said, IESG wont let it pass if put back to how it was before. IESG request to add it. not likely to pass if weakened. small comments answered. simon to speak to eval draft
[00:31:42] <ggm> simon speaking. no slides
[00:31:59] <ggm> in january, got comments from AD on document. prepared revised draft 02. based on comments. very useful
[00:32:17] <ggm> apart from editorial things, was issue with status of refs to eval documents. found a solution which will prevent this from being blocked
[00:32:50] <ggm> some docs under review have expired
[00:32:55] <ggm> no substantial changes from 01
[00:33:03] <ggm> Jurgen: refs to drafts not RFCs?
[00:33:24] <ggm> Simon yes. at least the reqts draft. and references to drafts for some of the protocols, but I have an alternative ref to other docs for most
[00:33:55] <ggm> Jurgen. same in midcom, doc in Q for more than year, ref to doc not yet pub. ed. says "wait" and pub with RFCref. not big problem for us, if late but we should be prepared
[00:34:05] <ggm> sorry juergen.
[00:34:11] <ggm> now current drafts
[00:34:31] <ggm> four. arch doc , proto doc, inf. model doc and applicability statement.
[00:34:51] <ggm> focus on unresolved issues in protocol/inf-model. presentations.
[00:35:01] <ggm> benoit.
[00:35:06] <ggm> (sorry, no URL for slides)
[00:35:17] <ggm> [if you want comments/Q let me know -ggm]
[00:35:23] <ggm> Benoit.
[00:35:30] <ggm> 2 iterations of draft later.
[00:35:37] <ggm> changes in 1->2
[00:35:48] <ggm> time sync proposal.
[00:36:08] <ggm> secs 10.1->4 detail micro,milli,nano and multiple precisions
[00:36:14] <ggm> (@ last ietf)
[00:37:49] <ggm> Juergen. current draft,. does it say choose which to take? don't have to support all inf ?
[00:38:19] <ggm> Benoit? do we need to support all different elements? only microseconds. will check.
[00:38:29] <ggm> changes 1->2 cont
[00:38:53] <ggm> new section on linkage with inf. model. encoding rules for bool/byte/u_byte,short.. (needs to be completed)
[00:39:01] <ggm> section on reduced size encoding of integral types
[00:39:22] --- tomphelan has joined
[00:39:45] <ggm> byte count in inf. model is unsigned long. max size defined. exporter can export small number of bytes, doesnt need 64bit
[00:39:50] --- tomphelan has left
[00:40:01] <ggm> new sec 15 on IPSEC.
[00:40:09] <ggm> please review.
[00:40:15] <ggm> now have Vendor specific elements.
[00:40:30] <ggm> two new flowsets. 4 total, with ids.
[00:41:07] <ggm> Juergen: was the discussion, started on ML. said flowsets which include VSAs are just. in extreme case, look exactly like IETF exclusive ones. Q is, why need IETF exclusive ones, if defined by the others?
[00:41:26] <ggm> Benoit. keep 0 1 reserved, could use 2 and 3 only. in case of non VSA, == 0 and 1.
[00:42:01] <ggm> Juergen. compliance to version number. already not compliant header fields differences.
[00:42:22] <ggm> Juergen maybe not a problem. but don't have to define any more in protocol.
[00:42:34] <ggm> Benoit contd
[00:42:50] <ggm> new section 9.1 metering process stats option template -consensus of ML at the time. proposal
[00:43:07] <ggm> at mininum ipfixOption, observationDomain, lostFlows, time
[00:43:20] <ggm> but new proposal on ML from ?venizio? so we need to discuss. (sorry don't know names)
[00:43:25] <ggm> ed changes.
[00:43:30] <ggm> new IPFIX overview section
[00:43:44] <ggm> changes to header as agreed.
[00:43:58] <ggm> normative vs informative refs fixed, minor nits
[00:44:24] <ggm> now versions 2->3 changes
[00:44:37] <ggm> now in sinc between -PROTO and -ARCH. terminology consistent
[00:44:55] <ggm> no new version of -ARCH Ganesh missed deadline :-( but for next version, will be in sync
[00:45:31] <ggm> SCTP: MUST be implemented by all compliant impls. finally agreed after years of discussions. msg from neville was, MUST. udp/tcp are MAY
[00:45:52] <ggm> SCTP SHOULD be used where links congestable. TCP MAY but SCTP preferred.
[00:45:56] <ggm> Esp PR.
[00:46:07] <ggm> UDP may be used over dedicated links, no congestion
[00:46:21] --- nevil has left
[00:46:28] <ggm> Juergen. not completely clear. PR-SCTP. if I *only* do PR-SCTP am I compliant, or *any* SCTP choices I have?
[00:46:33] <ggm> Benoit. ask nevill
[00:47:03] <ggm> but, if we don't impl PR, then we're missing the point. sensitive issue. want chair to respond
[00:47:16] <ggm> Benoit need text for TCP/UDP now valid protocols
[00:47:30] <ggm> Juergen: volunteer to define how to run IPFIX over TCP or UDP? ....
[00:47:46] --- mattz has joined
[00:47:52] <ggm> Simon Lienen proposed himself. Ganesh also wants to. synchronize work..
[00:48:00] <ggm> Benoit
[00:48:20] <ggm> FLow Sync issue. FLow Expiration. now sync with -ARCH. also Export
[00:48:22] --- nevil has joined
[00:48:40] <ggm> [nev: comment on the PR-SCTP issue. is it any SCTP or specifically MUST PR-SCTP =ggm]
[00:48:49] <ggm> mainly process done by exporting process
[00:48:56] <ggm> Editorial changes.
[00:49:00] <ggm> Abstract modified
[00:49:16] <ggm> Structure changed. 9 specific reporting requirements, 91. metering process stats.
[00:49:28] <ggm> Change option data record format can have multiple scopes. figure updated.
[00:49:32] <ggm> minor editorial changes
[00:50:17] <ggm> List of open issues/actions.
[00:50:17] <ggm> 30 identified.
[00:50:18] <ggm> please give feedback and text to ML. discuss.
[00:51:15] <ggm>
[00:51:23] <ggm> Openissue: exporter time accuracy.
[00:51:46] <ggm> meeting minutes was to use UTC based sec/microsec. RFC3418 gives centisec requirement MUST
[00:52:05] <ggm> what if exporter cant report timestamps with microsec acc but only centisecond?
[00:52:13] <ggm> must we find a way to report the time accuracy? or dont care?
[00:52:35] <ggm> Simon:
[00:53:11] <ggm> yes, should support exporters which cannot do microsec. less precise than the flow they want to export in. and yes, I think we should be able to export the resolution. options template, meter details.
[00:53:22] <ggm> Benoit yes, could do it. I think answer is yes. need to find a way.
[00:53:32] <ggm> Juergen. little effort, one more field to state precision
[00:53:40] <ggm> Benoit will put to ML with proposal
[00:53:50] <ggm> Benoit
[00:53:59] <ggm> Openissue: encapsulated packet.
[00:54:18] <ggm> should we add .... or encapsulated IP packets? (to definition text)
[00:54:32] <ggm> IPFIX-REQ requires MPLS label separation of flows.
[00:56:20] <ggm> change flow definition to 'set of packets?'
[00:56:27] <ggm> Juergen. like idea to say packets not IP packets.
[00:57:22] <ggm> depends how you treat it. IP MPLS label, can see as switch detail. defn restricting to IP packets, treatment of packet is way which distinguishes flows. label just a different entry in switching table, treated differently to other packets still covered by orig. definition
[00:57:29] <ggm> but MPLS with non-IP?
[00:57:36] <ggm> Juergen. no, its not covered.
[00:57:41] <ggm> Benoit but should cover in IPFIX.
[00:57:48] <ggm> Juergen cover NON IP PACKETS??
[00:57:51] <ggm> Benoit? yes.
[00:58:09] <ggm> Benoit eg capacity planning for link with MP usage. need to count packets and size
[00:58:47] <ggm> Juergen but SDH/SONET same thing. planning for subnet layer do different things. selected MPLS because its 'special' but not everything. not ATM. not IP over lambda. open too wide
[00:59:05] <ggm> Benoit. concerned if just specified IP, problems in future if want flow elem, from non IP. maybe in future... ?
[00:59:40] --- nevil has left: Disconnected
[00:59:42] <ggm> Juergen. in extreme case, no real IP, just outer encaps thing to distinguish them. charter is IP, allows for encaps. but look for IP packets.
[00:59:58] <ggm> Benoit: PSAMP look at atom.
[01:00:19] <ggm> Dave: long discussion when group created, charter approved IF IP SPECIFIC. don't put other things in IIRC
[01:00:30] <ggm> Dave want to look how much in scope.
[01:00:43] <ggm> Benoit: personal view
[01:00:56] <ggm> Dave: loose focus. been going on too long. slow progress.
[01:01:02] <ggm> focuson IP, hooks to do other stuff later.
[01:01:20] <ggm> Benoit not adding extra work, just being open, want to to inf-elem later.. can do.
[01:01:21] <bert> don't try to boil the ocean I would say!
[01:01:27] <ggm> Dave if make more open, the other stuff is still out of scope.
[01:01:36] <bert> Note, I am not phisycally in the meeting room
[01:01:45] <ggm> Juergen. the point is, stick to IP, no problem if somebody else adopts technology
[01:02:05] <bert> can someone in the meeting room relay my comment?
[01:02:06] <ggm> made exception for MPLS, important special case.
[01:02:29] <ggm> go ahead bert
[01:02:38] <ggm> Simon. PSAM is separate application
[01:03:10] <ggm> Juergen. lets get back to it when bert has something to say
[01:03:16] <ggm> Benoit continues
[01:03:18] <ggm> Padding.
[01:03:34] <ggm> draft says exporting process should insert padding bytes. collecter MUST accept padding
[01:04:03] <ggm> Q. padding as MAY SHOULD or MUST
[01:04:09] <ggm> proposal padding a MAY
[01:04:41] --- nevil has joined
[01:05:36] <ggm> Juergen
[01:06:03] <ggm> Inf model.
[01:06:07] <ggm> changes since 02.
[01:06:13] <ggm> several editorial changes.
[01:06:22] <ggm> changed XML represnetation. of inf. model
[01:06:41] <ggm> replaced rep.of IPFIX prot fields, added field template, added ADTs.
[01:06:49] <ggm> C programmers can make this C or whatever.
[01:07:12] <ggm> in previous versions, just the defin of protofields in XML. now the tags and fields.
[01:07:43] <ggm> complex doc interaction model. cannot ASCII-art it.
[01:08:19] <ggm> XML used to generated I-D text. and .xsd and .xml appended as ... appendicies.
[01:08:35] <ggm> translated with XSLT scripts. using mtr tool
[01:09:17] <ggm> can use this to make code-inputs. so coders can use stds doc to make inputs for headers classes etc. should make better compliance.
[01:09:22] <ggm> Issues
[01:09:35] <ggm> Issue 1. Datatypes. long list on slide. want feedback.
[01:09:36] --- nevil is now known as AIM/nevil
[01:10:11] <ggm> mant Datatypes not used. eg no use of signed integers.
[01:10:20] <ggm> removed.
[01:10:30] --- AIM/nevil is now known as AIM
[01:11:16] <ggm> short/long not defined, so adopted bit-specific defined types
[01:11:53] --- AIM is now known as nevil
[01:12:07] <ggm> hexbinary was annoying people. ascii rep of digits. went with octetArray
[01:12:25] <ggm> Issue 2
[01:12:26] <ggm> field IDs
[01:12:27] --- nevil is now known as AIM
[01:12:49] <ggm> compatible with NFv9 fieldIDs. future alloc will be delegated to IANA. some we do NOT want to use.
[01:12:56] <ggm> label 'reserved for NFv9'
[01:13:24] --- AIM is now known as nevil
[01:13:35] <ggm> list of unused NFv9 fields need to be checked for candidates to include in IPFIX
[01:14:41] <ggm> slides discussing NFv9 field issues. very dense.
[01:14:52] --- nevil has left: Disconnected
[01:14:59] <ggm> counting model doesn't match IPFIX.
[01:15:17] <ggm> IPFIX not (alwaus) direction sensitive
[01:15:36] <ggm> eg probe no arrival departure just seen
[01:15:53] <ggm> could take in- out- Octets from NF, rename without in and out?
[01:16:28] <ggm> could say support in and out as legacy counters from NF, own counters in addition for byte/octet. makes sense to do this? ideas how to deal with problem?
[01:16:38] <ggm> Open issue. have to find solution
[01:17:10] <ggm> Nfv9 mask is integers. for 4 and 6. keep separation, or allow both fields to be used in arbitrary ways
[01:17:29] <ggm> samplingInteval and -Algoritm. PSAM showed this is not sufficient.
[01:18:04] <ggm> can live with this, reserve for these, don't talk about sampling in IPFIX, use PSAM method? whats good idea?
[01:18:22] <ggm> Tania. Do it the PSAM way
[01:18:37] <ggm> Benoit. PSAM will define more complex. why define IPFIX and not used? may have issue with charter.
[01:18:55] --- nevil has joined
[01:19:08] <ggm> Juergen not big issue take as defined, then not using. if sampling, discuss potential collision, if used PSAM model, don't use these out of IPFIX. maybe way to deal with it
[01:19:37] <ggm> List of not uet used NFv9 fields. lots labelled. stuart. all candidates to be used in IPFIX
[01:19:57] <ggm> dont know what enginetype/ID . can somebody speak to these?
[01:20:21] <ggm> Simon can use combination of these values in Cisco to disambiguate the sequence counts
[01:20:29] <ggm> Juergen. useful to have in standard?
[01:20:32] <ggm> Simon sure.
[01:21:21] <ggm> Benoit. when say need exporter ID. two things. one is IP addr, other is sub-instance on the box eg line card. need both.
[01:21:42] <ggm> v4 src/dst prefix. just not in because didn't have time to discuss.
[01:23:08] <ggm> but worth discussing is MPLS stuff. want TOPLabel. TOPLabelIPadd. derived from label. also non critical. is this the right approach, how to solve? further labels on the stack, how to deal with. NFv9 have 10 fields defined. take same way? smarter way to deal with?
[01:23:43] --- nevil has left: Disconnected
[01:23:45] <ggm> Discuss on ML.
[01:24:09] <ggm> destClassofService. unknown.
[01:24:26] <ggm> Simon. ipfix devince might rewrite TOS byte. could be way to express that
[01:24:43] --- nevil has joined
[01:24:49] <ggm> Juergen. fine if measure before rewriting. if measure after, may not be ideal.
[01:25:17] <ggm> Simon. classofService is internal TOS tag. something internal to router. not something seen in packet
[01:25:45] <ggm> Simon. not general enough. want to express. leave open for the moment
[01:26:11] <ggm> made vendor dependant? dont want to hold up the progress of IPFIX
[01:26:48] <ggm> this just list with question marks. not immediately obvious. effort on ML, to decide.
[01:27:19] <ggm> next 4 src/dst MACadd and VLAN id. useful. not as bert says 'boiling the ocean' just further attr of flow. probe should be able to report. easy
[01:27:36] <ggm> direction, ingress or egress.
[01:27:41] <ggm> semantics: what does it mean?
[01:27:53] <ggm> Juergen didn't understand, why not putin. put to ML. ask for clarification
[01:28:18] <ggm> v6Option headers have coding issues. mplsTOPlabelIPv6Addr. should be in as well.
[01:28:31] <ggm> INf. model done.
[01:28:36] <ggm> general comments or statements on model?
[01:28:52] <ggm> Juergen. now move on in agenda.
[01:29:15] <ggm> Martin to speak about IPFIX impl at middleboxes. draft-quittek-ipfix-middlebox-00.txt
[01:29:41] <ggm> Q is should this become WG item.
[01:29:48] <ggm> Martin Stiemerling.
[01:30:01] <ggm> defn of middlebox. intermediate device.
[01:30:10] --- resnick has joined
[01:30:16] --- resnick has left
[01:30:34] <ggm> list . 22 types. specifically NATs but also all sorts of proxies anonymisers etc.
[01:30:43] <ggm> some clarifications, only some considered.
[01:30:48] <ggm> flow scenarios discussed.
[01:31:00] <ggm> uni to uni cast
[01:31:04] <ggm> uni to multicast
[01:31:08] <ggm> bi-di unicast to unicast
[01:31:34] <ggm> bidi to tunnel(s)
[01:31:46] <ggm> location point of observation. must indicate where location of observation is.
[01:32:04] <ggm> obs point in middlebox. gives ambiguous results. packets CHANGE in middlebox
[01:32:18] <ggm> so NAT must be clear if reported src addres observed before or after addr trans.
[01:32:44] --- nevil has left
[01:32:46] <ggm> obs points outside of middlebox is only way, except for composed boxes. eg if dual firewall/<other> must observe inbetween
[01:32:53] <ggm> middle box internal reporting.
[01:33:06] <ggm> even if obs point outside, reporting internals useful.
[01:33:09] --- nevil has joined
[01:33:16] <ggm> eg packets dropped DSCP changed, addr changed.
[01:33:29] <ggm> SHOULD report number of pkts dropped per flow.
[01:33:49] <ggm> types of middlebox which conciously do drop eg NAT.
[01:34:01] <ggm> missed one slide sorry. DSCP change report
[01:34:04] <ggm> addr changes
[01:34:14] <ggm> SHOULD report trans value beside obs. value
[01:34:37] <ggm> potentially modify version, src, dst, tcp src, dest port, udp ditto. eg NAT redirect, load balance boxes
[01:35:02] <ggm> tunnel endpoints shoudl report tunnel ID
[01:35:14] <ggm> open issues
[01:35:23] <ggm> do NATS change DSCP of flows? or leave intact.
[01:35:32] <ggm> investigate security implications.
[01:35:39] <ggm> should this be IPFIX WG item?
[01:36:10] <ggm> Tanja. middle box applic statement draft, but then removed. asked for separate draft. therefore this should be WG draft, in scope.
[01:36:35] <ggm> Juergen yes. I think this was agreement. if follow this, want to beable to follow this, need inf. fields in inf. model. cannot be some doc which
[01:36:47] <ggm> is additon. integrated. not sure. wonder if better to integrate into other docs
[01:37:03] <ggm> normative lang. dont know if appropriate.
[01:37:13] <ggm> Benoit
[01:37:40] <ggm> I am not sure. trying to export, with guideline of how to do the metering process, we are maybe out of scope. been trying to avoid but have not read draft.
[01:37:48] <ggm> MArtin good to know where to observe
[01:38:10] <ggm> backbone routers change DSCP frequently therefore middlebox.
[01:38:14] <ggm> LiXia I think
[01:38:45] <ggm> Juergen. according to the RFC3234. backbone router changing DSCP is a composed device. has both roles. but changing DSCP is not function of base router.
[01:38:57] <ggm> in taxonomy done for middleboxes, does not belong to routing function
[01:39:31] <ggm> <?> not sure should be or not WG item. point of obs MUST be reported.
[01:39:37] <ggm> cut and paste into other doc.
[01:40:51] <ggm> Juergen report obs point is part of protocol.
[01:41:03] <ggm> <4?> limit to ingress ? we do NOT.
[01:41:05] <ggm> Juergen agree.,
[01:41:09] <ggm> Juergen
[01:41:21] <ggm> what to do with this work. decide now? or wait?
[01:41:34] <ggm> want to make sure what is suggested here can be realized with information model.
[01:41:52] <ggm> not sure how to integrate. something to decide later. no important for now, use in inf. model
[01:41:54] --- nevil has left
[01:42:04] <ggm> finished with presentations.
[01:42:08] <ggm> Juergen has one final issue left
[01:42:18] <ggm> schedule.
[01:42:26] <ggm> all deliverables outstanding are for May 04.
[01:42:55] <ggm> doubt if make it in time for any docs.
[01:43:15] <ggm> dont have to agree on new milestones, WG chairs not present, need to discuss. get estimations of when we think these can be ready
[01:43:23] <ggm> to enter WG last call
[01:43:31] <ggm> one progressing most quickly is ARCH doc.
[01:43:45] <ggm> idea of when ready?
[01:44:03] <ggm> Benoit. one or two iteratoons before next IETF.
[01:44:32] <ggm> for INF model. say same thing. 2 iterations before next mtg. optimistic. simple document. proto is much more complex issue
[01:44:50] --- nevil has joined
[01:44:50] <ggm> Tanja APPLIC. Ihaven't received comments. no new version. everyone busy with protocol.
[01:47:17] <ggm> DONE. AOB?
[01:47:18] <ggm> ISSUE?
[01:47:28] <ggm> CLOSED.
[01:47:51] --- ggm has left
[01:51:39] --- sleinen has left
[01:53:34] --- nevil has left
[01:54:14] --- bert has left
[02:23:09] --- mattz has left