[IPFIX] WG Review: Recharter of IP Flow Information Export (ipfix)

[IESG Secretary <iesg-secretary at ietf.org>]

A modified charter has been submitted for the IP Flow Information Export
(ipfix) working group in the Operations and Management Area of the IETF. 
The IESG has not made any determination as yet.  The modified charter is
provided below for informational purposes only.  Please send your comments
to the IESG mailing list (iesg at ietf.org) by Tuesday, September 22, 2009

IP Flow Information Export (ipfix)
--------------------------------------------
Current Status: Active Working Group

Last Modified: 2009-09-01

Chair(s):

* Nevil Brownlee (n.brownlee at auckland.ac.nz)
* Juergen Quittek (quittek at netlab.nec.de)

Operations and Management Area Director(s):

* Dan Romascanu (dromasca at avaya.com)
* Ronald Bonica (rbonica at juniper.net)

Operations and Management Area Advisor:

* Dan Romascanu (dromasca at avaya.com)

Mailing Lists:
General Discussion: ipfix at ietf.org
To Subscribe: http://www.ietf.org/mailman/listinfo/ipfix
Archive: http://www.ietf.org/mail-archive/web/ipfix

Description of Working Group:

The IPFIX working group has specified the Information Model (to 
describe IP flows) and the IPFIX protocol (to transfer IP flow data 
from IPFIX exporters to collectors). Several implementers have already 
built applications using the IPFIX protocol. As a result of a series of 
IPFIX interoperability testing events the WG has produced guidelines 
for IPFIX implementation and testing as well as recommendations for 
handling special cases such as bidirectional flow reporting and 
reducing redundancy in flow records.

Practical experiences with IPFIX implementations exposed new
requirements for the IPFIX protocol that so far have not been addressed
by the WG. The major current goal of the WG is developing solutions 
that meet the new requirements without modifying the core IPFIX 
protocol specifications.

1. The IPFIX WG has developed a MIB module for monitoring IPFIX
implementations. Means for configuring these devices have not been
standardized yet. The WG will develop an XML-based configuration data
model that can be used for configuring IPFIX devices and for storing,
modifying and managing IPFIX configurations parameter sets. This work
will be performed in close collaboration with the NETCONF WG.

2. First applications of IPFIX at large operator networks showed the
need for mediation of flow information, for example, for aggregating
huge amounts of flow data and for anomymization of flow information.
The IPFIX WG will investigate this issue and produce a problem 
Statement and a framework for IPFIX flow mediation.

3. The PSAMP WG has developed a protocol for reporting observed 
packets. The PSAMP protocol is an extension of the IPFIX protocol. The 
IPFIX WG will develop a MIB module for monitoring PSAMP 
implementations. The new MIB module will be an extension of the IPFIX 
MIB module.

4. Anonymization of flow information has been identified as a
requirement for flow information export already in RFC 3917. However,
technologies for flow anonymization are still a research issue and have
so far not been considered to be mature enough for standardization.
As one step in this direction, the IPFIX WG will develop guidelines for
the implementation of anonymized data export and storage over IPFIX and
define an information model for configuring and reporting anonymization
applied at IPFIX devices.

5. The IPFIX and PSAMP WGs have defined standards for selecting 
observed IP packets and collecting information in flow records.
In order to reduce the amount of data to be processed, packet selection
methods have been defined. Another method for reducing flow data is 
flow selection. The IPFIX WG will define methods for flow selection and
provide an information model for configuring and reporting flow
selection applied at IPFIX devices.

6. Being designed for the export of flow records the IPFIX protocol
provides very limited means for structuring information elements within
IPFIX records. With the increasing number of IPFIX applications there 
is a need for exporting more complex information. The IPFIX WG will 
develop an extension of the IPFIX protocol that supports hierarchically
structured data and lists (sequences) of Information Elements in data
records.

Goals and Milestones:

Oct 2009 Submit Mediation Problem Statement I-D to IESG
for publication as Informational RFC
Oct 2009 Submit initial draft on anonymization support
Oct 2009 Submit initial draft on flow selection
Oct 2009 Submit initial draft on structuring information elements
Jan 2010 Submit Configuration Data Model draft to IESG
for publication as Standards track RFC
Jan 2010 Submit Mediation Framework I-D to IESG
for publication as Informational RFC
Jan 2010 Submit final version of PSAMP MIB module
Jun 2010 Submit anonymization support I-D to IESG
for publication as Experimental RFC
Jun 2010 Submit flow selection I-D to IESG
for publication as Standards Track RFC
Jun 2010 Submit structuring information elements I-D to IESG
for publication as Standards Track RFC