IETF Logo Mail Archive

[apps-discuss] Apps Area Review of draft-grow-mrt-13

Eliot Lear <lear@cisco.com> Mon, 13 September 2010 09:40 UTC

Return-Path: <lear@cisco.com>
X-Original-To: apps-discuss@core3.amsl.com
Delivered-To: apps-discuss@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9A44C3A6950 for <apps-discuss@core3.amsl.com>; Mon, 13 Sep 2010 02:40:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -107.998
X-Spam-Level:
X-Spam-Status: No, score=-107.998 tagged_above=-999 required=5 tests=[BAYES_50=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SVrkAn7Sn9Dg for <apps-discuss@core3.amsl.com>; Mon, 13 Sep 2010 02:40:53 -0700 (PDT)
Received: from rtp-iport-2.cisco.com (rtp-iport-2.cisco.com [64.102.122.149]) by core3.amsl.com (Postfix) with ESMTP id 2A6A63A67EC for <apps-discuss@ietf.org>; Mon, 13 Sep 2010 02:40:53 -0700 (PDT)
Authentication-Results: rtp-iport-2.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av0EAAOPjUxAZnwM/2dsb2JhbACDGp4rcaM5iXyRBYJwgVx0BIon
X-IronPort-AV: E=Sophos; i="4.56,358,1280707200"; d="scan'208,217"; a="158682368"
Received: from rtp-core-1.cisco.com ([64.102.124.12]) by rtp-iport-2.cisco.com with ESMTP; 13 Sep 2010 09:41:19 +0000
Received: from dhcp-wdata-vlan18-22-251.cisco.com (dhcp-wdata-vlan18-22-251.cisco.com [144.254.22.251]) by rtp-core-1.cisco.com (8.13.8/8.14.3) with ESMTP id o8D9fHJP018401; Mon, 13 Sep 2010 09:41:18 GMT
Message-ID: <4C8DF1CC.2010306@cisco.com>
Date: Mon, 13 Sep 2010 11:41:32 +0200
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.9) Gecko/20100825 Lightning/1.0b2 Thunderbird/3.1.3
MIME-Version: 1.0
To: "apps-discuss@ietf.org" <apps-discuss@ietf.org>
X-Enigmail-Version: 1.1.1
Content-Type: multipart/alternative; boundary="------------000309060906020709010203"
Cc: draft-ietf-grow-mrt@tools.ietf.org, grow-chairs@tools.ietf.org
Subject: [apps-discuss] Apps Area Review of draft-grow-mrt-13
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Sep 2010 09:40:55 -0000

 I have been selected as the Applications Area Review Team reviewer for
this draft (for background on apps-review, please see
http://www.apps.ietf.org/content/applications-area-review-team).

Please resolve these comments along with any other Last Call comments
you may receive. Please wait for direction from your document shepherd
or AD before posting a new version of the draft.

Document: draft-ietf-grow-mrt-13
Reviewer: Eliot Lear
Review Date: 13 September 2010

Summary:

This draft is not yet ready for publication, but will require at least a
review of the issues mentioned below.

Major Issues:

This specification suffers from two complicating effects:

    * The fact that it already deployed, and hence is attempting to
      document existing practice; and
    * there is substantial "feature creep" in an attempt to continue to
      use the same collector, while extending capabilities.

Consideration should be given to breaking this effort into two: an
informational document that explains what is going on today, and a new
clean specification for standardization.

This specification could perhaps benefit from review of those who
developed IPFIX and PSAMP.  In particular, consistent terminology would
be nice.

Specific issues:

   1. Section 3.  There is no versioning information in the packet
      header.  This means that format upgrades will require external
      information to identify their changes.
   2. Section 3. There are several 32-bit timestamp values, which will
      mean that a wrap will occur in 2038.  For most *protocols* this is
      not a problem because one can manage with wrap conditions. 
      However, this is a data export format meant for researchers. 
      Researchers tend to want to do longitudinal studies, and as such,
      it may prove difficult to use conventional wrapping mechanisms.  
      (The 32bit value also varies from the POSIX time_t definition; a
      nit to be sure, but an annoying one).
   3. Sections 5.2 and 5.3.  There are  two table dump mechanisms
      (TABLE_DUMP and TABLE_DUMP_V2) defined.  This  complicates
      implementations without any justification.  Very limited guidance
      is given as to when one is needed versus the other.  The authors
      are advised to strongly consider deprecating TABLE_DUMP in favor
      of TABLE_DUMP_V2, or in the alternative, providing much clearer
      guidance as to when one should be used by an exporter.  This
      problem replays itself throughout the document in other
      circumstances (c.f.., BGP4MP_MESSAGE & BGP4MP_MESSAGE_AS4).
   4. In Section 5.4.1 & 5.4.2 it appears that IANA-specified values are
      listed, and are as such limited.  This seems unnecessarily
      restrictive, and would force updates of this document when work is
      done on BGP.  That might prove necessary anyway becasue there may
      be insufficient length information to ignore a single table entry.
   5. The TABLE_DUMP_V2 subtypes are not sufficiently specified.  A good
      example of how to specify something sufficiently is the MRT
      header, where all fields are defined and explained.  For instance,
      in the case of TABLE_DUMP*, is a single entry encoded with format
      specified in Figures 3-5?  the use of records versus messages
      isn't clear.  In part this is due to inconsistent or poorly
      defined use of terminology (record versus message) A diagram or
      example should be included in the text that says:

>    The MRT records which follow the PEER_INDEX_TABLE MRT record contain
>    the RIB entries and include a header which specifies a sequence
>    number, NLRI, and a count of the number of RIB entries which follow.

   6. There is not a single example in the document.  This further
      hinders implementation of an already unclear specification.


Minor issues:

   7. Section 4.  There seems to be a desired to deprecate START and
      I_AM_DEAD from the outset.  While I can easily envision uses for
      this information, and for archival purposes, it seems useful to
      indicate start and end collection times (e.g., it may be useful to
      know when someone thought they were collecting routing updates but
      had in fact none), perhaps a bit more discussion and guidance
      should be given to implementors.
   8. The document really should have a glossary of terms.


Nits:

   9. NLRI is not defined.


Other (not within Apps charter):

  10. Section 8: Security Considerations do not describe data privacy
      concerns (consider the case where information being exported might
      indicate connectivity of specific individuals or systems, as could
      be possible with IGP information).  A fuller review is recommended.

v2.23.0 | Report a Bug | By Email