[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PSAMP] IPFIX/PSAMP-MIB: parameters of Property Match Filtering

To: psamp <psamp at ietf.org>, "ipfix at ietf.org" <ipfix at ietf.org>
Subject: [PSAMP] IPFIX/PSAMP-MIB: parameters of Property Match Filtering
From: Gerhard Muenz <muenz at net.in.tum.de>
Date: Tue, 31 Mar 2009 10:23:01 +0200
Delivered-to: psamp at core3.amsl.com
List-archive: <http://www.ietf.org/mail-archive/web/psamp>
List-help: <mailto:psamp-request@ietf.org?subject=help>
List-id: "This mailing list is used for discussion within the IETF packet sampling \(PSAMP\) WG" <psamp.ietf.org>
List-post: <mailto:psamp@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/psamp>, <mailto:psamp-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/psamp>, <mailto:psamp-request@ietf.org?subject=unsubscribe>
User-agent: Thunderbird 2.0.0.21 (Windows/20090302)

Hi all,

Regarding consistency of property match filtering parameters in RFC5475
(psamp-tech), RFC5476 (psamp-proto), PSAMP-MIB, and IPFIX-MIB:

From RFC5475:

   A packet is selected if Field=Value. Masks and ranges are only
   supported to the extent to which [RFC5102] allows them, e.g., by
   providing explicit fields like the netmasks for source and
   destination addresses.

This is consistent with RFC5476.

From psamp-mib-06:

   The match filtering method has no capabilities defined and contains
   four parameters in the psampFilterMatchParamSetTable: The
   psampFilterMatchFieldId contain the PSAMP or IPFIX field id defined
   in the information model as reference what to match.  The
   psampFilterMatchStartValue and psampFilterMatchStopValue contain the
   start and stop value to match the content against.  In this way you
   can match e.g., a range x-z of transport protocol ports by specifying
   the field id that represents the transport protocol port and giving x
   as start value and y as stop value.  If a single value should be
   matched than start and stop value must be equal.  A mask
   psampFilterMatchMask can be applied if it is applicable for the field
   id.  The encoding of the values is dependent on the field id and has
   to be done according to the PSAMP protocol document.

However, defining a range (startValue, stopValue) and mask is not
consistent with RFC5475/5476.

So, what are the plans for PSAMP-MIB?
Replace psampFilterMatchStartValue, psampFilterMatchStopvalue, and
psampFilterMatchMask by a single psampFilterMatchValue?

RFC5475/5476 allow multiple Field=Value conditions in a single Selector
(AND semantic. If PSAMP-MIB is changed as sketched above, every
Field=Value condition corresponds to a row in
psampFilterMatchParamSetTable.

In this case, there are consequences for IPFIX-MIB: The
ipfixSelectorTable in IPFIX-MIB should be changed to enable the linkage
between one Selector ID and multiple rows in
psampFilterMatchParamSetTable. At the moment, the ipfixSelectorTable
only allows linking the Selector ID to a single OID
(ipfixSelectorFunction) only, which restricts property match filtering
to a single Field=Value condition per Selector.

Regards,
Gerhard


-- 
Dipl.-Ing. Gerhard Münz
Chair for Network Architectures and Services (I8)
Department of Informatics
Technische Universität München
Boltzmannstr. 3, 85748 Garching bei München, Germany
Phone:  +49 89 289-18008       Fax: +49 89 289-18033
E-mail: muenz at net.in.tum.de    WWW: http://www.net.in.tum.de/~muenz

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Prev by Date: [PSAMP] FW: Initial Version I-D Submission Deadline Extended to March 4, 2009
Next by Date: [PSAMP] RFC 5475 on Sampling and Filtering Techniques for IP Packet Selection
Previous by thread: [PSAMP] FW: Initial Version I-D Submission Deadline Extended to March 4, 2009
Next by thread: [PSAMP] RFC 5475 on Sampling and Filtering Techniques for IP Packet Selection
Index(es):
- Date
- Thread