idnits 2.17.1 draft-aitken-ipfix-equivalent-ies-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (July 4, 2014) is 3577 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Possible downref: Non-RFC (?) normative reference: ref. 'IANA-IPFIX' -- Possible downref: Non-RFC (?) normative reference: ref. 'IPFIX-MIB-VARIABLE-EXPORT' Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 IPFIX Working Group P. Aitken 3 Internet-Draft Cisco Systems 4 Intended status: Standards Track 5 Expires: July 4, 2015 July 4, 2014 7 Reporting Equivalent IPFIX Information Elements 8 draft-aitken-ipfix-equivalent-ies-02 10 Abstract 12 This document specifies a method for an 13 IPFIX Exporting Process to inform an IPFIX Collecting Process 14 of equivalence between different Information Elements, so 15 that the Collecting Process can understand the equivalence 16 and be enabled to process data across a change of 17 Information Elements. 19 Status of this Memo 21 This Internet-Draft is submitted in full conformance with the 22 provisions of BCP 78 and BCP 79. 24 Internet-Drafts are working documents of the Internet 25 Engineering Task Force (IETF). Note that other groups may 26 also distribute working documents as Internet-Drafts. The 27 list of current Internet-Drafts is at 28 http://datatracker.ietf.org/drafts/current/. 30 Internet-Drafts are draft documents valid for a maximum of 31 six months and may be updated, replaced, or obsoleted by 32 other documents at any time. It is inappropriate to use 33 Internet-Drafts as reference material or to cite them other 34 than as "work in progress." 36 This Internet-Draft will expire on July 1, 2014. 38 Copyright Notice 40 Copyright (c) 2014 IETF Trust and the persons identified as 41 the document authors. All rights reserved. 43 This document is subject to BCP 78 and the IETF Trust's Legal 44 Provisions Relating to IETF Documents 45 (http://trustee.ietf.org/license-info) in effect on the date 46 of publication of this document. Please review these 47 documents carefully, as they describe your rights and 48 restrictions with respect to this document. Code Components 49 extracted from this document must include Simplified BSD 50 License text as described in Section 4.e of the Trust Legal 51 Provisions and are provided without warranty as described in 52 the Simplified BSD License. 54 Conventions used in this document 56 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL 57 NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and 58 "OPTIONAL" in this document are to be interpreted as described 59 in RFC 2119 [RFC2119]. 61 Table of Contents 63 1 Introduction ........................................... 4 64 2 Terminology ............................................ 6 65 3 Method ................................................. 6 66 3.1 Equivalence Message Format ............................. 6 67 4 The Collecting Process's Side .......................... 9 68 5 Security Considerations ................................ 9 69 6 IANA Considerations .................................... 10 70 7 References ............................................. 11 71 7.1 Normative References ................................... 11 72 7.2 Informative References ................................. 12 73 8 Acknowledgements ....................................... 12 74 9 Author's Addresses ..................................... 12 76 1 Introduction 78 The IPFIX Protocol [RFC7011] can export a large number of 79 Information Elements, including standard Information Elements 80 specified in the IPFIX information model [RFC7012], 81 Information Elements in IANA's IPFIX registry [IANA-IPFIX], 82 enterprise-specific Information Elements [RFC7011], and 83 Information Elements that are backwards compatible with 84 NetFlow Version 9 [RFC3954]. 86 From time to time, an Exporting Process may export the same 87 information using different Information Elements from before. 89 Use cases include: 91 * Enterprise-specific Information Elements have been 92 standardized, so the Exporting Process is changed to 93 export the IANA standard Information Elements [IANA-IPFIX] 94 rather than the enterprise-specific Information Elements. 96 * The Exporting Process is changed to export IANA standard 97 Information Elements [IANA-IPFIX] rather than NetFlow 98 version 9 fields [RFC3954]. 100 * The Exporting Process is updated to export different 101 enterprise-specific Information Elements. 103 * An updated Metering Process requests that the Exporting 104 Process exports using different Information Elements from 105 before. 107 * An Exporting Process which does not implement 108 [IPFIX-MIB-VARIABLE-EXPORT] indicates that an 109 enterprise-specific Information Element contains the same 110 information as a specific MIB OID. 112 In each case it's important to note that the same information 113 is being exported. The only change is in the Information 114 Element used to export the information. 116 Since different Information Elements are now being used to 117 express the same information, the Collecting Process cannot 118 process data received before the change with data received 119 after the change, because the Collecting Process does not know 120 that these Information Elements are related. It's not possible 121 to compare, aggregate, or sort data across such a change 122 without first understanding that the old and new Information 123 Elements are equivalent. 125 Furthermore, it's impossible for every Collecting Process to 126 know how each IANA standard Information Element [IANA-IPFIX] 127 relates to every company's enterprise-specific Information 128 Elements. i.e., a Collecting Process from company X cannot be 129 expected to know that company Y's Exporting Process exports 131 enterprise-specific field Z which is equivalent to a certain 132 IANA standard element. 134 This document specifies a method for an Exporting Process to 135 inform a Collecting Process of such equivalence, so that the 136 Collecting Process is able to process data across the change. 138 2 Terminology 140 Original Information Element: 141 The Original Information Element specifies the old 142 Information Element which has been exported until now. 144 Equivalent Information Element: 145 The Equivalent Information Element specifies the new 146 Information Element which will been exported in future. 148 IE: 149 Shorthand for "Information Element" in the figures. 151 Other terms used in this document are defined in the 152 Terminology section of the IPFIX Protocol [RFC7011] and are to 153 be interpreted as defined there. 155 3 Method 157 An Exporting Process informs a Collecting Process of the 158 equivalence of a pair of IPFIX Information Elements by 159 exporting an IPFIX Equivalence Message. Equivalence Messages 160 SHOULD be sent by the Exporting Process upon opening a new 161 Transport Session, before any other IPFIX Messages are 162 exported. In any case, an Equivalence Message MUST be sent 163 before exporting the Equivalent Information Element(s) to which 164 it pertains. i.e. Equivalence Messages do not apply 165 retrospectively. 167 An Equivalence Message may be sent in an Options Record Scoped 168 to the Exporter. Multiple Equivalence Messages may be sent 169 using IPFIX Structured Data [RFC6313]. 171 3.1 Equivalence Message Format 173 The Equivalence Message consists of an original Information 174 Element in the "informationElementId" field (#303), followed by 175 the equivalent Information Element in the "equivalentElementId" 176 field (#TBD), using the Template shown in Figure 1 and Data 177 Record shown in Figure 2: 179 0 1 2 3 180 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 181 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 182 |E| informationElementId #303 | Field Length | 183 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 184 |E| equivalentElementId #TBD | Field Length | 185 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 187 Figure 1: Template for Equivalence Message 189 --+-+---------------+-+---------------+-- 190 ... |E| Original IE |E| Equivalent IE | ... 191 --+-+---------------+-+---------------+-- 193 Figure 2: Equivalence Message Data Record 195 The encoding of these Information Elements follows the rules 196 specified in [RFC7011]. 198 3.1.1 Equivalence between IANA standard Information Elements 200 When the Original Information Element and the 201 Equivalent Information Element are both IANA standard elements 202 [IANA-IPFIX], both of the E bits are zero and the Equivalence 203 Message is as shown in Figure 1. 205 3.1.2 Equivalence Message with an Enterprise-Specific 206 Original Information Element 208 When the Original Information Element is enterprise-specific, 209 the Original Information Element's E bit is set and the 210 Information Element number is immediately followed by the 211 corresponding Private Enterprise Number [PEN], as shown in 212 Figure 3: 214 +-+---------------+----------------------------------+-+---------------+ 215 |1| Original IE | Private Enterprise Number |0| Equivalent IE | 216 +-+---------------+----------------------------------+-+---------------+ 218 Figure 3: Equivalence Message with an Enterprise-Specific 219 Original Information Element 221 This allows an enterprise-specific Information Element to be 222 specified as equivalent to an IANA standard Information 223 Element. 225 3.1.3 Equivalence Message with an Enterprise-Specific 226 Equivalent Information Element 228 When the Equivalent Information Element is enterprise-specific, 229 the Equivalent Information Element's E bit is set and the 230 Information Element number is immediately followed by the 231 corresponding Private Enterprise Number [PEN] as shown in 232 Figure 4: 234 +-+---------------+-+---------------+----------------------------------+ 235 |0| Original IE |1| Equivalent IE | Private Enterprise Number | 236 +-+---------------+-+---------------+----------------------------------+ 238 Figure 4: Equivalence Message with an Enterprise-Specific 239 Equivalent Information Element 241 This allows an IANA standard Information Element to be 242 specified as equivalent to an enterprise-specific Information 243 Element. 245 3.1.4 Equivalence Message with an 246 Enterprise-Specific Original Information Element and 247 Enterprise-Specific Equivalent Information Element 249 When both of the Information Elements are enterprise-specific, 250 both of the E bits are set and both Information Element numbers 251 are immediately followed by their corresponding Private 252 Enterprise Number [PEN] as shown in Figure 5: 254 +-+---------------+----------------------------------+ 255 |1| Original IE | Private Enterprise Number | ... 256 +-+---------------+----------------------------------+ 257 +-+---------------+----------------------------------+ 258 ... |1| Equivalent IE | Private Enterprise Number | 259 +-+---------------+----------------------------------+ 261 Figure 5: Equivalence Message with two enterprise-specific 262 Information Elements 264 This allows two enterprise-specific Information Elements to be 265 specified as equivalent. 267 Note that the Private Enterprise Numbers do not have to be 268 equal. i.e., the Information Elements may belong to different 269 Private Enterprises. 271 3.1.5 Equivalence Message with a 272 MIB Object Original Information Element 274 In this special case, the Equivalence Message Template contains 275 a MIB Object Identifier [IPFIX-MIB-VARIABLE-EXPORT] with the 276 corresponding E bit set to zero, followed by the 277 equivalentElementId, as shown in Figure 6: 279 0 1 2 3 280 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 281 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 282 |0| mibObjectIdentifier #MIB | Field Length | 283 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 284 |E| equivalentElementId #TBD | Field Length | 285 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 287 Figure 6: Template for MIB Object Equivalence Message 289 The MIB object details for the Original Information Element are 290 specified per [IPFIX-MIB-VARIABLE-EXPORT]. 292 The Equivalent Information Element may be an IANA standard 293 Information Element as shown in Figure 7, or an 294 enterprise-specific Information Element as shown in Figure 8. 296 +-+---------------+-+---------------+ 297 |0|mibObjectIdent.|0| Equivalent IE | 298 +-+---------------+-+---------------+ 300 Figure 7: MIB Equivalence Message with an 301 IANA-standard Information Element 303 +-+---------------+-+---------------+----------------------------------+ 304 |0|mibObjectIdent.|1| Equivalent IE | Private Enterprise Number | 305 +-+---------------+-+---------------+----------------------------------+ 307 Figure 8: MIB Equivalence Message with an 308 Enterprise-Specific Information Element 310 4 The Collecting Process's Side 312 Equivalence Messages have global scope, unless they're sent in 313 an Options Message with a more restrictive scope, e.g. an 314 Options Record Scoped to the Exporter. 316 i.e., unless otherwise restricted, the specified equivalence 317 applies to all devices. Therefore the Collecting Process does 318 not need to maintain equivalence per device. 320 5 Security Considerations 322 The same security considerations apply as for the IPFIX 323 Protocol [RFC7011]. 325 6 IANA Considerations 327 A new Information Element "equivalentElementId" must be 328 allocated in IANA's IPFIX registry, [IANA-IPFIX]: 330 Description: This Information Element contains the ID of an 331 equivalent Information Element, which is specified in an 332 IPFIX Equivalence Message. 334 Abstract Data Type: Unsigned16 336 Data Type Semantics: identifier 338 ElementId: TBD 340 Status: current 342 Reference: [this document] 344 [RFC-EDITOR: The assigned value "TBD" is to be replaced 345 throughout this document.] 347 7 References 349 7.1 Normative References 351 [RFC7011] Claise, B., Ed., Trammell, B., Ed., and P. Aitken, 352 "Specification of the 353 IP Flow Information Export (IPFIX) 354 Protocol for the Exchange of Flow Information", 355 STD 77, RFC 7011, September 2013. 356 [RFC7012] Claise, B., Ed., and B. Trammell, Ed., 357 "Information Model for 358 IP Flow Information Export (IPFIX)", 359 RFC 7012, September 2013. 360 [IANA-IPFIX] 361 IANA, "IPFIX Information Elements registry", 362 . 363 [IPFIX-MIB-VARIABLE-EXPORT] 364 Aitken, P, Claise, B, McDowell, C, and Schonwalder, J, 365 "Exporting MIB Variables using the IPFIX Protocol" 366 (WIP) 367 [RFC2119] S. Bradner, Key words for use in RFCs to Indicate 368 Requirement Levels, BCP 14, RFC 2119, March 1997 370 7.2 Informative References 372 [RFC3954] Claise, B., Ed., "Cisco Systems NetFlow Services 373 Export Version 9", RFC 3954, October 2004. 374 [RFC6313] Claise, B., Dhandapani, G., Aitken, P., and S. Yates, 375 "Export of Structured Data in IP Flow Information Export 376 (IPFIX)", RFC 6313, July 2011. 377 [PEN] IANA, "Private Enterprise Numbers registry", 378 . 380 8 Acknowledgements 382 Thanks to you, dear reader. 384 9 Author's Address 386 Paul Aitken 387 Cisco Systems, Inc. 388 96 Commercial Quay 389 Commercial Street 390 Edinburgh, EH6 6LX, 391 UK 392 Phone: +44 131 561 3616 393 Email: paitken@cisco.com