IETF 79 Proceedings

Introduction  |  Area, Working Goup & BoF Reports  |  Plenaries  |  Training  |  Internet Research Task Force

IP Flow Information Export (ipfix) (WG)

Minutes  | Audio Archives  |  Jabber Logs  |  Mailing List Archives

Additional information is available at tools.ietf.org/wg/ipfix

Chair(s):

Operations and Management Area Director(s):

Operations and Management Area Advisor:

Meeting Slides

Internet-Drafts:

Request for Comments:

Charter (as of 2010-08-11)

The IPFIX working group has specified the Information Model (to describe
IP flows) and the IPFIX protocol (to transfer IP flow data from IPFIX
exporters to collectors). Several implementers have already built
applications using the IPFIX protocol. As a result of a series of IPFIX
interoperability testing events the WG has produced guidelines for IPFIX
implementation and testing as well as recommendations for handling
special cases such as bidirectional flow reporting and reducing
redundancy in flow records.

Practical experiences with IPFIX implementations exposed new
requirements for the IPFIX protocol that so far have not been addressed
by the WG. The major current goal of the WG is developing solutions that
meet the new requirements without modifying the core IPFIX protocol
specifications.

1. The IPFIX WG has developed a MIB module for monitoring IPFIX
implementations. Means for configuring these devices have not been
standardized yet. The WG will develop an XML-based configuration data
model that can be used for configuring IPFIX devices and for storing,
modifying and managing IPFIX configurations parameter sets. This work
will be performed in close collaboration with the NETCONF WG.

2. First applications of IPFIX at large operator networks showed the
need for mediation of flow information, for example, for aggregating
huge amounts of flow data and for anomymization of flow information.
The IPFIX WG will investigate this issue and produce a problem statement
and a framework for IPFIX flow mediation.

3. The PSAMP WG has developed a protocol for reporting observed packets.
The PSAMP protocol is an extension of the IPFIX protocol. The IPFIX WG
will develop a MIB module for monitoring PSAMP implementations. The new
MIB module will be an extension of the IPFIX MIB module.

4. Anonymization of flow information has been identified as a
requirement for flow information export already in RFC 3917. However,
technologies for flow anonymization are still a research issue and have
so far not been considered to be mature enough for standardization.
As one step in this direction, the IPFIX WG will develop guidelines for
the implementation of anonymized data export and storage over IPFIX and
define an information model for configuring and reporting anonymization
applied at IPFIX devices.

5. The IPFIX and PSAMP WGs have defined standards for selecting observed
IP packets and collecting information in flow records.
In order to reduce the amount of data to be processed, packet selection
methods have been defined. Another method for reducing flow data is flow
selection. The IPFIX WG will define methods for flow selection and
provide an information model for configuring and reporting flow
selection applied at IPFIX devices.

6. Being designed for the export of flow records the IPFIX protocol
provides very limited means for structuring information elements within
IPFIX records. With the increasing number of IPFIX applications there is
a need for exporting more complex information. The IPFIX WG will develop
an extension of the IPFIX protocol that supports hierarchically
structured data and lists (sequences) of Information Elements in data
records.

Goals and Milestones:

Done  Submit Revised Internet-Draft on IP Flow Export Requirements
Done  Submit Internet-Draft on IP Flow Export Architecture
Done  Submit Internet-Draft on IP Flow Export Data Model
Done  Submit Internet-Draft on IPFIX Protocol Evaluation Report
Done  Submit Internet-Draft on IP Flow Export Applicability Statement
Done  Select IPFIX protocol, revise Architecture and Data Model drafts
Done  Submit IPFX-REQUIREMENTS to IESG for publication as Informational RFC
Done  Submit IPFIX Protocol Evaluation Report to IESG for publication as Informational RFC
Done  Submit IPFX-ARCHITECTURE to IESG for publication as Proposed Standard RFC
Done  Submit IPFX-INFO_MODEL to IESG for publication as Informational RFC
Done  Submit IPFX-APPLICABILITY to IESG for publication as Informational RFC
Done  Submit IPFX-PROTOCOL to IESG for publication as Proposed Standard RFC
Done  Publish Internet Draft on IPFIX Implementation Guidelines
Done  Publish Internet Draft on Reducing Redundancy in IPFIX data transfer
Done  Publish Internet Draft on Handling IPFIX Bidirectional Flows
Done  Publish Internet Draft on IPFIX Testing
Done  Publish Internet Draft on IPFIX MIB
Done  Submit IPFIX Implementation Guidelines draft to IESG for publication as Informational RFC
Done  Submit IPFIX Reducing Redundancy draft to IESG for publication as Informational RFC
Done  Submit IPFIX Testing draft to IESG for publication as Informational RFC
Done  Submit IPFIX Biflows draft to IESG for publication as Standards Track RFC
Done  Publish Internet draft on IPFIX Type Information Export
Done  Publish Internet draft on IPFIX File Format
Done  Publish Internet draft on IPFIX Configuration Data Model
Done  Publish Internet draft on Single SCTP Stream Reporting
Done  Submit File Format draft to IESG for publication as Standards track RFC
Done  Publish Internet draft on IPFIX Mediation Problem Statement
Done  Submit IPFIX MIB draft to IESG for publication as Standards track RFC
Done  Submit Type Export draft to IESG for publication as Standards track RFC
Done  Submit Single SCTP Stream draft to IESG for publication as Informational RFC
Done  Submit Mediation Problem Statement I-D to IESG for publication as Informational RFC
Done  Submit initial draft on anonymization support
Done  Submit initial draft on flow selection
Done  Submit initial draft on structuring information elements
Aug 2010  Submit final version of PSAMP MIB module
Aug 2010  Submit Configuration Data Model draft to IESG for publication as Standards track RFC
Aug 2010  Submit Mediation Framework I-D to IESG for publication as Informational RFC
Oct 2010  Submit anonymization support I-D to IESG for publication as Experimental RFC
Dec 2010  Submit flow selection I-D to IESG for publication as Standards Track RFC
Dec 2010  Submit structuring information elements I-D to IESG for publication as Standards Track RFC