IP Flow Information Export (ipfix)

Last Modified: 2007-11-26

Additional information is available at tools.ietf.org/wg/ipfix

Chair(s):

  • Nevil Brownlee <n.brownlee@auckland.ac.nz>

  • Juergen Quittek <quittek@netlab.nec.de>

    Operations and Management Area Director(s):

  • Dan Romascanu <dromasca@avaya.com>
  • Ronald Bonica <rbonica@juniper.net>

    Operations and Management Area Advisor:

  • Dan Romascanu <dromasca@avaya.com>

    Mailing Lists:

    General Discussion: ipfix@ietf.org
    To Subscribe: http://www1.ietf.org/mailman/listinfo/ipfix
    Archive: http://www1.ietf.org/mail-archive/web/ipfix/current/index.html

    Description of Working Group:

    There are a number of IP flow information export systems in common
    use.  These systems differ significantly, even though some have
    adopted a common transport mechanism; such differences make it
    difficult to develop generalized flow analysis tools.  As such, there
    is a need in industry and the Internet research community for IP
    devices such as routers to export flow information in a standard way
    to external systems such as mediation systems, accounting/billing
    systems, and network management systems to facilitate services such as
    Internet research, measurement, accounting, and billing.

    An IP flow information export system includes a data model, which
    represents the flow information, and a transport protocol.  An
    "exporter," which is typically an IP router or IP traffic measurement
    device, will employ the IP flow information export system to report
    information about "IP flows," these being series of related IP packets
    that have been either forwarded or dropped.  The reported flow
    information will include both (1) those attributes derived from the IP
    packet headers such as source and destination address, protocol, and
    port number and (2) those attributes often known only to the exporter
    such as ingress and egress ports, IP (sub)net mask, autonomous system
    numbers and perhaps sub-IP-layer information.

    This group will select a protocol by which IP flow information can be
    transferred in a timely fashion from an "exporter" to a collection
    station or stations and define an architecture which employs it.  The
    protocol must run over an IETF approved congestion-aware transport
    protocol such as TCP or SCTP.


    Specific Goals

    o Define the notion of a "standard IP flow."  The flow definition
      will be a practical one, similar to those currently in use by
      existing non-standard flow information export protocols which
      have attempted to achieve similar goals but have not documented
      their flow definition.

    o Devise data encodings that support analysis of IPv4 and IPv6
      unicast and multicast flows traversing a network element at
      packet header level and other levels of aggregation as requested
      by the network operator according to the capabilities of the
      given router implementation.

    o Consider the notion of IP flow information export based upon
      packet sampling.


    o Identify and address any security privacy concerns affecting
      flow data.  Determine technology for securing the flow information
      export data, e.g. TLS.

    o Specify the transport mapping for carrying IP flow information,
      one which is amenable to router and instrumentation implementers,
      and to deployment.

    o Ensure that the flow export system is reliable in that it will
      minimize the likelihood of flow data being lost due to resource
      constraints in the exporter or receiver and to accurately report
      such loss if it occurs.

    Goals and Milestones:

    Done  Submit Revised Internet-Draft on IP Flow Export Requirements
    Done  Submit Internet-Draft on IP Flow Export Architecture
    Done  Submit Internet-Draft on IP Flow Export Data Model
    Done  Submit Internet-Draft on IPFIX Protocol Evaluation Report
    Done  Submit Internet-Draft on IP Flow Export Applicability Statement
    Done  Select IPFIX protocol, revise Architecture and Data Model drafts
    Done  Submit IPFX-REQUIREMENTS to IESG for publication as Informational RFC
    Done  Submit IPFIX Protocol Evaluation Report to IESG for publication as Informational RFC
    Done  Submit IPFX-ARCHITECTURE to IESG for publication as Proposed Standard RFC
    Done  Submit IPFX-INFO_MODEL to IESG for publication as Informational RFC
    Done  Submit IPFX-APPLICABILITY to IESG for publication as Informational RFC
    Done  Submit IPFX-PROTOCOL to IESG for publication as Proposed Standard RFC
    Done  Publish Internet Draft on IPFIX Implementation Guidelines
    Done  Publish Internet Draft on Reducing Redundancy in IPFIX data transfer
    Done  Publish Internet Draft on Handling IPFIX Bidirectional Flows
    Done  Publish Internet Draft on IPFIX Testing
    Done  Publish Internet Draft on IPFIX MIB
    Done  Submit IPFIX Implementation Guidelines draft to IESG for publication as Informational RFC
    Done  Submit IPFIX Reducing Redundancy draft to IESG for publication as Informational RFC
    Done  Submit IPFIX Testing draft to IESG for publication as Informational RFC
    Done  Submit IPFIX Biflows draft to IESG for publication as Standards Track RFC
    Done  Submit IPFIX MIB draft to IESG for publication as Standards track RFC
    Nov 2007  Submit IPFIX Testing draft to IESG for publication as Informational RFC
    Nov 2007  Submit IPFIX MIB draft to IESG for publication as Standards track RFC
    Dec 2007  Publish Internet draft on IPFIX Type Information Export
    Dec 2007  Publish Internet draft on IPFIX Configuration Data Model
    Dec 2007  Publish Internet draft on IPFIX File Format
    Dec 2007  Publish Internet draft on Single SCTP Stream Reporting
    Jan 2008  Publish Internet draft on IPFIX Mediation Problem Statement
    Jan 2008  Submit File Format draft to IESG for publication as Standards track RFC
    Jun 2008  Submit Type Export draft to IESG for publication as Standards track RFC
    Jun 2008  Submit Single SCTP Stream draft to IESG for publication as Informational RFC
    Oct 2008  Submit Configuration Data Model draft to IESG for publication as Standards track RFC
    Oct 2008  Submit Mediation Problem draft to IESG for publication as Informational RFC

    Internet-Drafts:

    Architecture for IP Flow Information Export (66507 bytes)
    IPFIX Applicability (76478 bytes)
    IPFIX Implementation Guidelines (85005 bytes)
    Reducing Redundancy in IP Flow Information Export (IPFIX) and Packet Sampling (PSAMP) Reports (76733 bytes)
    Guidelines for IP Flow Information eXport (IPFIX) Testing (79850 bytes)
    Definitions of Managed Objects for IP Flow Information Export (87894 bytes)
    An IPFIX-Based File Format (120661 bytes)
    Exporting Type Information for IPFIX Information Elements (37583 bytes)

    Request For Comments:

    Requirements for IP Flow Information Export (RFC 3917) (81615 bytes)
    Evaluation of Candidate Protocols for IP Flow Information Export (IPFIX) (RFC 3955) (55143 bytes)
    Bidirectional Flow Export using IP Flow Information Export (IPFIX) (RFC 5103) (0 bytes)
    Information Model for IP Flow Information Export (RFC 5102) (0 bytes)
    Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information (RFC 5101) (0 bytes)
    IETF Secretariat - Please send questions, comments, and/or suggestions to ietf-web@ietf.org.

    Return to working group directory.

    Return to IETF home page.