idnits 2.17.1 draft-bryant-ipfix-vendor-ie-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 170: '...s template record. This MUST match the...' RFC 2119 keyword, line 247: '... This MUST be half the option sco...' RFC 2119 keyword, line 252: '... Flowset. This MUST be half the opti...' RFC 2119 keyword, line 278: '...emplate flowsets MUST reflect the size...' RFC 2119 keyword, line 279: '... flowsets and MAY differ from the va...' Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (October 2003) is 7496 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Possible downref: Non-RFC (?) normative reference: ref. 'IPFIXPROT' -- Possible downref: Non-RFC (?) normative reference: ref. 'IPFIXIM' Summary: 2 errors (**), 0 flaws (~~), 2 warnings (==), 4 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 IPFIX Working Group Stewart Bryant 2 Internet Draft Ganesh Sadasivan 3 Document: Cisco Systems 4 Expires: March 2004 5 October 2003 7 IPFIX Vendor Specific Information Elements 9 Status of this Memo 11 This document is an Internet-Draft and is in full conformance with 12 all provisions of section 10 of RFC2026. 14 Internet-Drafts are working documents of the Internet Engineering 15 Task Force (IETF), its areas, and its working groups. Note that other 16 groups may also distribute working documents as Internet-Drafts. 18 Internet-Drafts are draft documents valid for a maximum of six months 19 and may be updated, replaced, or obsoleted by other documents at any 20 time. It is inappropriate to use Internet-Drafts as reference 21 material or to cite them other than as "work in progress". 23 The list of current Internet-Drafts can be accessed at 24 http://www.ietf.org/ietf/1id-abstracts.txt The list of 25 Internet-Draft Shadow Directories can be accessed at 26 http://www.ietf.org/shadow.html. 28 Abstract 30 Both IPFIX and PSAMP need methods whereby vendors can add proprietary 31 information elements (IEs) to data flowsets. This draft proposes two 32 possible methods of providing vendor specific IEs. The extension of 33 these methods to provide vendor specific scope and options is also 34 described. 36 Table of Contents 38 Status of this Memo.......................................... 1 40 1. Introduction............................................. 3 42 2. Two Possible Methods..................................... 3 44 3. Parallel Template Flowset................................ 3 45 3.1 Parallel Options Template Flowset.................... 6 46 3.2 Compressed Parallel Template Flowset................. 8 47 3.3 Strengths and Weaknesses............................. 8 49 4. VI Qualified Template Flowset............................ 9 50 4.1 VI Qualified Option Template Flowset................. 11 51 4.2 Compressed VI Qualified Template Flowset.............. 13 52 4.3 Compressed VI Qualified Option Template Flowset....... 16 53 4.3 Strengths and Weaknesses............................. 18 55 5. Security Considerations.................................. 18 57 6. IANA Considerations...................................... 18 59 1. Introduction 61 Both IPFIX and PSAMP need methods whereby vendors can add proprietary 62 information elements (IEs) to data flowsets, and to options data 63 flowsets. This may be because they are delivering pre-standards 64 product, or it may be because the IE is in some way commercially 65 sensitive or of minority interest. 67 This draft proposes two possible methods of providing vendor specific 68 IEs (VSIE). 70 2. Two Possible Methods 72 The two methods proposed in this draft are the parallel template 73 flowset, and extended template flowset. The parallel template 74 flowset is an addition flowset that complements the information in 75 the normal template flowset with the vendor identifier (VI) for each 76 field type. The extended template flowset is a new flowset type that 77 uses a new field type identifier that contains both the VI and the 78 field type specified by the vendor. 80 In both cases backwards compatibility with existing implementations 81 is achieved by partitioning the field type codepoint into an IANA 82 allocated range, and a vendor specific range. 84 3. Parallel Template Flowset 86 The parallel template flowset is a flowset that complements the 87 normal template flowset, carrying the VI information. 89 The normal template flowset is as defined in [IPFIXPROT], and is 90 reproduced for reference in Figure 1. 92 0 1 2 3 93 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 94 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 95 | FlowSet ID = 0 | Length | 96 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 97 | Template ID 1 | Field Count | 98 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 99 | Field Type 1 | Field Length 1 | 100 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 101 | Field Type 2 | Field Length 2 | 102 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 103 | ... | ... | 104 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 105 | Field Type N | Field Length N | 106 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 107 | Template ID 2 | Field Count | 108 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 109 | Field Type 1 | Field Length 1 | 110 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 111 | Field Type 2 | Field Length 2 | 112 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 113 | ... | ... | 114 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 115 | Field Type M | Field Length M | 116 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 118 Figure 1: Normal Template Flowset 120 If the normal template flowset only uses IETF defined field types 121 [IPFIXIM], this template is sufficient to describe the data flowset. 123 If the template flowset includes a vendor specific field type, then a 124 VI template flowset is sent qualifying the field type with the 125 identity of the design authority that defined it. This is shown in 126 Figure 2. A Flowset ID of 2 is used to identify the Flowset as a VI 127 template flowset. 129 0 1 2 3 130 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 131 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 132 | Flowset ID = 2 | Length | 133 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 134 | Template ID 1 | Field Count | 135 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 136 | VI 1.1 | 137 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 138 | VI 1.2 | 139 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 140 | ... | ... | 141 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 142 | VI 1.N | 143 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 144 | Template ID 2 | Field Count | 145 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 146 | VI 2.1 | 147 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 148 | VI 2.2 | 149 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 150 | ... | ... | 151 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 152 | VI 2.M | 153 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 155 Figure 2: VI Template Flowset 157 The following are the VI Template Flowset Field Descriptions 159 Flowset ID 160 Flowset ID value of 2 is reserved for VI Template Flowset. 162 Length 163 Total length of this Flowset. 165 Template ID 166 The Template ID of the matching template containing the 167 matching template record. 169 Field Count 170 Number of fields in this template record. This MUST match the 171 number of fields in the corresponding normal template record. 173 VI 174 IANA enterprise number of the authority defining the field 175 type in this template record. 177 3.1 Parallel Options Template Flowset 179 A corresponding change must also be made to the options template 180 flowset to allow vendors to add new scopes and options. Scope will 181 usually reflext the structure of the system being monitored and hence 182 may be unique to a particular vendor, for example a white goods 183 vendor might want to specify the scope as the shelf of their 184 proverbial internet fridge. 186 For reference the Options Template FlowSet is shown in Figure 3. 188 0 1 2 3 189 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 190 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 191 | FlowSet ID = 1 | Length | 192 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 193 | Template ID | Option Scope Length | 194 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 195 | Option Length | Scope 1 Field Type | 196 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 197 | Scope 1 Field Length | ... | 198 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 199 | Scope N Field Length | Option 1 Field Type | 200 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 201 | Option 1 Field Length | ... | 202 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 203 | Option M Field Length | Padding | 204 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 206 Figure 3: Options Template Flowset 208 The options VI template flowset is shown in Figure 4. 210 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 211 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 212 | Flowset ID = 3 | Length | 213 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 214 | Template ID | Number Scope VI | 215 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 216 | Number Option VI | Reserved must be zero | 217 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 218 | Scope 1 VI | 219 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 220 | ... | 221 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 222 | Scope N VI | 223 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 224 | Option 1 VI | 225 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 226 | ... | 227 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 228 | Option N VI | 229 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 231 Figure 4: Options VI Template Flowset 233 The Options VI Template Flowset field definitions are as follows: 235 Flowset ID = 3 236 A Flowset ID value of 3 is reserved for an Options VI Template 237 Flowset 239 Length 240 Total length of this Flowset. 242 Template ID 243 Template ID of the corresponding Options Template. 245 Number Scope VI 246 The number of Scope VIs in the Options VI Template Flowset. 247 This MUST be half the option scope length in the corresponding 248 options template flowset. 250 Number Option VI 251 The number of Option VIs in the Options VI Template 252 Flowset. This MUST be half the option length in the 253 corresponding options template flowset. 255 Reserved must be zero 256 Alignment padding 258 Scope VI 259 IANA enterprise number of the authority defining the 260 scope type in this template record. 262 Option VI 263 IANA enterprise number of the authority defining the 264 option type in this template record. 266 3.2 Compressed Parallel Template Flowset 268 This method is a variation of the parallel template flowset that is 269 compressed by removing the IETF VI. If a range of Field Type 270 codepoints is reserved for IETF defined field types, and a different 271 range of field type codepoints is reserved as private space for 272 vendors to define their own field types, there is no ambiguity, and 273 it is possible to eliminate the need to identify IETF Field Types. A 274 variant of this proposal is therefore to compress the parallel 275 template flowsets by omitting the IETF VIs from the VI Template 276 Flowset and from the Options VI Template Flowset. Note that if this 277 compression is used, the flowset length and field count values in the 278 VI template flowsets MUST reflect the size of the VI template 279 flowsets and MAY differ from the values in the normal template 280 flowsets. 282 3.3 Strengths and Weaknesses 284 This approach is backwards compatible with existing Netflow version 9 285 implementations. A collector receiving a template flowset containing 286 a mixture of IETF and VSIEs, but which did not understand the VI 287 Template Flowset would discard the VI Template Flowset and any 288 information elements in the data flow set that it did not understand. 290 The weakness of this approach is that it is necessary to marry the 291 two template flowsets at the collector, rather than present the 292 collector with a single data structure that describes the flowset. 294 4. VI Qualified Template Flowset 296 This method uses a new record type in which the Field Type is 297 qualified with a VI. The VI is the vendor's IANA Enterprise Number. 298 The format of the VI qualified record type is shown in Figure 5. 300 0 1 2 3 301 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 302 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 303 | VI | 304 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 305 | Field Type | Field Length | 306 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 308 Figure 5: VI qualified field type 310 Template Record Field Descriptions 312 VI 313 IANA enterprise number of the authority defining the 314 field type in this template record. 316 Field Type 317 A numeric value that represents the type of the field. 319 Field Length 320 The length of the corresponding Field Type, in bytes. 322 The format of the Template Flowset is shown in Figure 6. A Flowset ID 323 of 2 is used to distinguish this Template Flowset from a Template 324 Flowset that exclusively uses IETF defined Field Types and hence does 325 not need a VI to qualify any of the Field Types. 327 0 1 2 3 328 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 329 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 330 | Flowset ID = 2 | Length | 331 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 332 | Template ID 1 | Field Count | 333 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 334 | VI 1.1 | 335 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 336 | Field Type 1 | Field Length 1 | 337 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 338 | VI 1.2 | 339 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 340 | Field Type 2 | Field Length 2 | 341 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 342 | ... | ... | 343 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 344 | VI 1.N | 345 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 346 | Field Type N | Field Length N | 347 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 348 | Template ID 2 | Field Count | 349 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 350 | VI 2.1 | 351 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 352 | Field Type 1 | Field Length 1 | 353 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 354 | VI 2.2 | 355 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 356 | Field Type 2 | Field Length 2 | 357 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 358 | ... | ... | 359 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 360 | VI 2.M | 361 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 362 | Field Type M | Field Length M | 363 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 365 Figure 6: VI Qualified Template Flowset 367 The VI Qualified Template Flowset field descriptions are as follows: 369 Flowset ID 370 Flowset ID value of 2 is reserved for VI Qualified 371 Template Flowset. 373 Length 374 Total length of this Flowset. 376 Template ID 377 Each of the newly generated Template Records is given a 378 unique Template ID, as described in [IPFIXPROT] 380 Field Count 381 Number of fields in this Template Record. 383 VI 384 IANA enterprise number of the authority defining the 385 field type in this template record. Where the field 386 type is defined by a IANA a VI of zero is used. 388 Field Type 389 A numeric value that represents the type of the field. 391 Field Length 392 The length of the corresponding Field Type, in bytes. 394 4.1 VI Qualified Option Template Flowset 396 The VI qualified option template flowset would be as shown in Figure 397 7. 399 0 1 2 3 400 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 401 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 402 | Flowset ID = 3 | Length | 403 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 404 | Template ID | Option Scope Length | 405 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 406 | Option Length | Reserved must be zero | 407 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 408 | Scope 1 VI | 409 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 410 | Scope 1 Field Type | Scope 1 Field Length | 411 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 412 | ... | 413 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 414 | Scope N VI | 415 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 416 | Scope N Field Type | Scope N Field Length | 417 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 418 | Option 1 VI | 419 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 420 | Option 1 Field Type | Option 1 Field Length | 421 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 422 | ... | 423 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 424 | Option N VI | 425 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 426 | Option N Field Type | Option N Field Length | 427 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 429 Figure 7: VI Qualified Options Template Flowset 431 The VI Qualified Options Template Flowset Field Definition are: 433 Flowset ID = 3 434 A Flowset ID value of 3 is reserved for a VI Qualified 435 Options Template. 437 Length 438 Total length of this Flowset. 440 Template ID 441 Template ID of this Options Template. This value is greater 442 than 255. 444 Option Scope Length 445 The length in bytes of any Scope fields definition contained 446 in the Options Template Record 448 Option Length 449 The length (in bytes) of any options field definitions 450 contained in this Options Template Record. 452 Reserved must be zero 453 Alignment padding 455 Scope 1 Field Type 456 The relevant portion of the Exporting Process/Metering 457 Process to which the Options Template Record refers. 459 Scope 1 Field Length 460 The length (in bytes) of the scope field, as it would appear 461 in an Options Data Record. 463 Option 1 Field Type 464 A numeric value that represents the type of field that would 465 appear in the Options Template Record. Refer to the Field 466 Type Definitions section. 468 Option 1 Field Length 469 The length (in bytes) of the Option Field. 471 4.2 Compressed VI Qualified Template Flowset 473 This method is a variation of the VI qualified template flowset that 474 is compressed by removing the IETF VI. If a range of Field Type 475 codepoints is reserved for IETF defined field types, and a different 476 range of field type codepoints is reserved as private space for 477 vendors to define their own field types, there is no ambiguity and it 478 is possible to eliminate the need to identify IETF Field Types. The 479 format of IETF defined field remains the same as it exists today. 481 0 1 2 3 482 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 483 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 484 | Field Type | Field Length | 485 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 487 Figure 8: IETF defined Field Type 489 Where 491 Field Type 492 A numeric value that represents the type of the field 494 Field Length 495 The length of the corresponding Field Type, in bytes. 497 The format of the VI qualified template record type is shown in 498 Figure 9. 500 0 1 2 3 501 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 502 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 503 | Field Type | Field Length | 504 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 505 | VI | 506 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 508 Figure 9: VI qualified Field Type 510 Where 512 Field Type 513 A numeric value that represents the type of the field 515 Field Length 516 The length of the corresponding Field Type, in bytes. 518 VI 519 IANA enterprise number of the authority defining the 520 field type in this template record. 522 Note that it is important that the VI be placed after the Field Type, 523 Field Length pair to avoid any aliasing of IETF defined Field Types 524 by VIs. 526 A template can contain a mixture of fields which are IETF defined and 527 defined by the vendor. Based on the Field Type an interpretation of 528 the template structure can be made by the collector. The format of 529 the Template Flowset is shown in Figure 10. 531 0 1 2 3 532 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 533 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 534 | Flowset ID = 2 | Length | 535 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 536 | Template ID 1 | Field Count | 537 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 538 | Field Type 1 | Field Length 1 | 539 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 540 | VI 1.1 | 541 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 542 | Field Type 2 | Field Length 2 | 543 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 544 | ... | ... | 545 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 546 | Field Type N | Field Length N | 547 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 548 | VI 2.N | 549 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 550 | Template ID 2 | Field Count | 551 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 552 | Field Type 1 | Field Length 1 | 553 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 554 | Field Type 2 | Field Length 2 | 555 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 556 | VI 2.2 | 557 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 558 | ... | ... | 559 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 560 | Field Type M | Field Length M | 561 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 562 | VI 2.M | 563 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 565 Figure 10: Compressed VI Qualified Template Flowset 567 Where: 569 Flowset ID 570 Flowset ID value of 2 is reserved for VI Qualified 571 Template Flowset. 573 Length 574 Total length of this Flowset. 576 Template ID 577 Each of the newly generated Template Records is given a 578 unique Template ID, as described in [IPFIXPROT] 580 Field Count 581 Number of fields in this Template Record. 583 VI 584 IANA enterprise number of the authority defining the 585 field type in this template record. 587 Field Type 588 A numeric value that represents the type of the field. 590 Field Length 591 The length of the corresponding Field Type, in bytes. 593 4.3 Compressed VI Qualified Option Template Flowset 595 The compressed VI qualified option template flowset would be as shown 596 in Figure 11. 598 0 1 2 3 599 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 600 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 601 | Flowset ID = 3 | Length | 602 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 603 | Template ID | Option Scope Length | 604 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 605 | Option Length | Reserved must be zero | 606 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 607 | Scope 1 Field Type | Scope 1 Field Length | 608 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 609 | ... | 610 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 611 | Scope N Field Type | Scope N Field Length | 612 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 613 | Scope N VI | 614 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 615 | Option 1 Field Type | Option 1 Field Length | 616 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 617 | Option 1 VI | 618 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 619 | ... | 620 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 621 | Option N Field Type | Option N Field Length | 622 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 624 Figure 11: Compressed VI Qualified Option Template Flowset 626 The compressed VI qualified option template Flowset field definition 627 are: 629 Flowset ID = 3 630 A Flowset ID value of 3 is reserved for a VI Qualified 631 Options Template. 633 Length 634 Total length of this Flowset. 636 Template ID 637 Template ID of this Options Template. This value is greater 638 than 255. 640 Option Scope Length 641 The length in bytes of any Scope fields definition contained 642 in the Options Template Record 644 Option Length 645 The length in bytes of any options field definitions 646 contained in this Options Template Record. 648 Reserved must be zero 649 Alignment padding 651 Scope 1 Field Type 652 The relevant portion of the Exporting Process/Metering 653 Process to which the Options Template Record refers. 655 Scope 1 Field Length 656 The length, in bytes, of the scope field, as it would appear 657 in an Options Data Record. 659 Option 1 Field Type 660 A numeric value that represents the type of field that would 661 appear in the Options Template Record. Refer to the Field 662 Type Definitions section. 664 Option 1 Field Length 665 The length (in bytes) of the Option Field. 667 4.3 Strengths and Weaknesses 669 This approach can seamlessly carry all the information pertinent to a 670 field type in a template in a single template flowset, removing the 671 need to combine the template flowset and the VI template flowset. 672 This is a more natural approach. 674 The weakness of this approach is that it is not backwards compatible 675 with existing Netflow version 9 implementations. 677 5. Security Considerations 679 The IPFIX collector must note the size and position of any VSIE that 680 it does not understand and discard the IE from the data flow. 682 6. IANA Considerations 684 A Flowset ID (assumed to be a value of 2) must be assigned to the 685 template flowset used to provide VSIEs. 687 A Flowset ID (assumed to be a value of 3) must be assigned to the 688 options template flowset. 690 Both of the compressed formats require the field type codepoints to 691 be split into an IETF specified range, allocated by IANA, and a 692 private range that may be allocated by the vendors. It is suggested 693 that the range <0..32767> be administered by IANA, and <32768..65535> 694 be allocated for private use by vendors. 696 Similarly the scope and option codepoints need to be split between 697 IANA administered and private ranges. 699 Both of the uncompressed formats require that an enterprise 700 identifier be allocated to the IETF. It would be convenient if the 701 value 0 was used. 703 Normative References 705 Internet-drafts are works in progress available from 706 708 [IPFIXPROT] B. Claise et al, IPFIX Protocol Specifications, 709 , June 2003, 710 work in progress. 711 [IPFIXIM] 713 Authors' Addresses 715 Stewart Bryant 716 Cisco Systems Ltd, 717 250, Longwater, 718 Green Park, 719 Reading, RG2 6GB, 720 United Kingdom. Email: stbryant@cisco.com 722 Ganesh Sadasivan 723 Cisco Systems, Inc., 724 170 W. Tasman Dr., 725 San Jose, CA 95134, 726 USA. Email: gsadasiv@cisco.com 728 Full copyright statement 730 Copyright (C) The Internet Society (2002). 731 All Rights Reserved. 733 This document and translations of it may be copied and 734 furnished to others, and derivative works that comment 735 on or otherwise explain it or assist in its implementation 736 may be prepared, copied, published and distributed, in 737 whole or in part, without restriction of any kind, 738 provided that the above copyright notice and this 739 paragraph are included on all such copies and derivative works. 740 However, this document itself may not be modified in any way, 741 such as by removing the copyright notice or references to the 742 Internet Society or other Internet organizations, except as 743 needed for the purpose of developing Internet standards in 744 which case the procedures for copyrights defined in the 745 Internet Standards process must be followed, or as required to 746 translate it into languages other than English. 748 The limited permissions granted above are perpetual and will 749 not be revoked by the Internet Society or its successors or assigns. 751 This document and the information contained herein is provided 752 on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET 753 ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR 754 IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE 755 USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS 756 OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS 757 FOR A PARTICULAR PURPOSE.