DRAFT Minutes of the IP Flow Information eXport (IPFIX) WG 66th IETF, Montreal, Tuesday, 11 June 06 submitted by Nevil Brownlee and Juergen Quittek (co-chairs) based on notes from Cyndi Mills The text messaging log is available here: http://www.ietf.org/meetings/ietf-logs/ipfix/2006-07-11.html The meeting agenda and slides are available on the IETF66 'Session Agendas and Presentations' web page. ---- IPFIX's new charter was approved by IESG late in June, with Nevil Brownlee and Juergen Quittek as its co-chairs. Juergen opened the meeting by thanking Dave Plonka for the five years work he has done as co-chair of IPFIX. ---- IPFIX Drafts Status Nevil Brownlee reported that all four of the IPFIX drafts had completed IETF Last Call. The editors of the Applicability Statement (AS) and Information Model drafts are revising them in response to the comments received. The Architecture and Protocol drafts have been reviewed by IESG; Architecture will be revised in response to comments, the Protocol draft has quite a few 'Discuss' issues as well as many comments. Benoit Claise presented the issues for the Protocol draft. Most of them concern transport, and will be addressed by adding more text to explain when/how the various protocols should be used with IPFIX. On the question of how to handle 'out of sequence' errors, consensus was that maintaining a counter and reporting periodically may be sufficient. More detailed logging recommendations will be documented in the Implementation Guidelines There are also security concerns; it was suggested since most of our security concerns are the same as syslog's, we should consider adopting their approach to security. Their choices are TLS, Bleep or IPsec; TLS has IPR issues, they expect to decide by 19 July. In our case, using TLS with PR-SCTP could depend on an as-yet-unfinished draft. Also, we are considering using port 4740 for TLS connections (in addition to 4739 for ordinary connections). The draft editors and co-chairs will discuss the security issues with Sam Hartman and Cullen Jennings for advice. Tanja Zseby presented the AS draft. She is working on a new revision that will remove the 'more exotic' usage scenarios, and will provide more guidance on how to use IPFIX for accounting (and the degree of reliability it can require). The editors of all four drafts will correspond by email with all the IESG members who raised issues, so that we have a consistent set of drafts ready for IESG as soon as possible. ---- Work items in the new charter Juergen pointed out that the new charter has five work items, each of which was prompted by existing work, and that we needed to formally designate the various drafts as IPFIX work items, so that the authors can publish new versions as IPFIX drafts. Elisa Boschi presented the Implementation Guidelines draft. This has been revised recently, it needs one further revision. It was accepted as an IPFIX work item. Elisa presented the Testing Guidelines draft; this is essentially a specification for conformance tests of an IPFIX implementation. A new revision should be ready in August. It was accepted as an IPFIX work item. Elisa presented the Reducing Redundancy draft; this has recently been revised, with considerable input from Benoit Claise. The draft explains how to use IPFIX effectively, and how to construct templates so as to minimise the amount of redundant information being exported. This is particularly important for exporting PSAMP (per packet) data. The draft was accepted as an IPFIX work item. Since neither of the IPFIX MIB editors was presented, Juergen presented the IPFIX MIB draft. This has been developed from the PSAMP and IPFIX Concentrator MIBs, and has two Modules, one for IPFIX Exporters, the other for collectors. It was accepted as an IPFIX work item. Brian Trammel presented the Bi-flows draft. It discusses three ways of implementing bi-directional flows in IPFIX, concluding that the simplest way to do this is by defining a set of new, 'reverse' Information Elements (IEs), e.g. counters for packets to/from the flow destination (where 'destination' is decided by the Exporter's best effort). Since there are many IEs which have sensible 'reverse' versions, we need a simple way to establish them. The draft proposes (as a fourth way to implement bi-flows) to use a vendor-specific set of IEs, with one of its bits designated as the 'reverse' bit. Attempts to export a non-implemented 'reverse' IE would be treated as an error. There was considerable discussion of this proposal, with consensus that it was a promising proposal; the draft was accepted as an an IPFIX work item. ---- Other Items In the 20 minutes left of the session, Brian Trammel presented his 'IPFIX file format' draft, pointing out that it would be very useful to have a standard way of recording IPFIX data. In essence, the draft treats 'file' as a fourth transport for the IPFIX protocol, producing self-describing archive files. This seems a very worthwhile project - Brian was encouraged to continue its development and testing, so that when some of the current work items have been completed, this draft could become an IPFIX work item. At that point, no time was left to discuss Gerhard Muenz's IPFIX Configuration Data Model draft. ---- In closing the session, Nevil pointed out that our five new drafts were well under way, therefore there was no need to revise the Milestones as they are set out in our new (now current) charter. ------------------------------------------------------------------