idnits 2.17.1 draft-coene-rserpool-applic-ipfix-18.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (July 04, 2014) is 3577 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- ** Obsolete normative reference: RFC 4960 (Obsoleted by RFC 9260) == Outdated reference: A later version (-34) exists of draft-dreibholz-rserpool-asap-hropt-14 == Outdated reference: A later version (-33) exists of draft-dreibholz-rserpool-delay-13 == Outdated reference: A later version (-31) exists of draft-dreibholz-rserpool-enrp-takeover-11 Summary: 1 error (**), 0 flaws (~~), 4 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group T. Dreibholz 3 Internet-Draft Simula Research Laboratory 4 Intended status: Informational L. Coene 5 Expires: January 5, 2015 Nokia Siemens Networks 6 P. Conrad 7 University of Delaware 8 July 04, 2014 10 Reliable Server Pooling Applicability for IP Flow Information Exchange 11 draft-coene-rserpool-applic-ipfix-18.txt 13 Abstract 15 This document describes the applicability of the Reliable Server 16 Pooling architecture to the IP Flow Information Exchange using the 17 Aggregate Server Access Protocol (ASAP) functionality of RSerPool 18 only. Data exchange in IPFIX between the router and the data 19 collector can be provided by a limited retransmission protocol. 21 Status of This Memo 23 This Internet-Draft is submitted in full conformance with the 24 provisions of BCP 78 and BCP 79. 26 Internet-Drafts are working documents of the Internet Engineering 27 Task Force (IETF). Note that other groups may also distribute 28 working documents as Internet-Drafts. The list of current Internet- 29 Drafts is at http://datatracker.ietf.org/drafts/current/. 31 Internet-Drafts are draft documents valid for a maximum of six months 32 and may be updated, replaced, or obsoleted by other documents at any 33 time. It is inappropriate to use Internet-Drafts as reference 34 material or to cite them other than as "work in progress." 36 This Internet-Draft will expire on January 5, 2015. 38 Copyright Notice 40 Copyright (c) 2014 IETF Trust and the persons identified as the 41 document authors. All rights reserved. 43 This document is subject to BCP 78 and the IETF Trust's Legal 44 Provisions Relating to IETF Documents 45 (http://trustee.ietf.org/license-info) in effect on the date of 46 publication of this document. Please review these documents 47 carefully, as they describe your rights and restrictions with respect 48 to this document. Code Components extracted from this document must 49 include Simplified BSD License text as described in Section 4.e of 50 the Trust Legal Provisions and are provided without warranty as 51 described in the Simplified BSD License. 53 Table of Contents 55 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 56 1.1. Scope . . . . . . . . . . . . . . . . . . . . . . . . . . 3 57 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 58 2. IPFIX using RSerPool . . . . . . . . . . . . . . . . . . . . 3 59 2.1. Architecture . . . . . . . . . . . . . . . . . . . . . . 3 60 3. Transport protocols suitable for IPFIX . . . . . . . . . . . 3 61 4. Security considerations . . . . . . . . . . . . . . . . . . . 4 62 5. Reference Implementation . . . . . . . . . . . . . . . . . . 4 63 6. Testbed Platform . . . . . . . . . . . . . . . . . . . . . . 5 64 7. Security Considerations . . . . . . . . . . . . . . . . . . . 5 65 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 66 9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 5 67 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 5 68 10.1. Normative References . . . . . . . . . . . . . . . . . . 5 69 10.2. Informative References . . . . . . . . . . . . . . . . . 6 70 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7 72 1. Introduction 74 Reliable Server Pooling provides protocols for providing highly 75 available services. The services are located in a pool of redundant 76 servers and if a server fails, another server will take over. The 77 only requirement put on these servers belonging to the pool is that 78 if state is maintained by the server, this state must be transferred 79 to the other server taking over. 81 The goal is to provide server-based redundancy. Transport and 82 network level redundancy are handle by the transport and network 83 layer protcols. 85 The application may choose to distribute its traffic over the servers 86 of the pool conforming to a certain policy. 88 The application wishing to make use of RSerPool protocols may use 89 different transport layers (such as UDP, TCP and SCTP). However, 90 some transport layers may have restrictions build in in the way they 91 might be operating in the RSerPool architecture and its protocols. 93 1.1. Scope 95 The scope of this document is to explain the way that a minimal 96 version of Reliable Server Pooling protocols have to be used in order 97 to provide a highly available service towards IP Flow Information 98 Exchange (IPFIX) protocols. 100 1.2. Terminology 102 The terms are commonly identified in related work and can be found in 103 the Aggregate Server Access Protocol and Endpoint Handlespace 104 Redundancy Protocol Common Parameters document [RFC5354] 106 2. IPFIX using RSerPool 108 2.1. Architecture 110 IP flow information is exchanged between observation points and 111 collector points. The observation points may try to find out via the 112 Aggregate Server Access Protocol (ASAP, see [RFC5352]) which 113 collector point(s) are active. Both the observation and the 114 collector point may have limitations for exchanging the information 115 (observation point may have limited buffer space and collectors 116 points may be overburdened with receiving lots of flow information 117 from different observation points). 119 The observation point will query the ENRP server for resolution of a 120 particular collector pool name and the ENRP server will return a list 121 of one or more collector points to the observation point. 123 The observation point will use its own transport protocols (TCP, UDP, 124 SCTP, SCTP with PR-SCTP extension) for exchanging the IPFIX data 125 between the observation point and the collector point. If a 126 collector point would fail, then the observation point will send its 127 data towards a different collector point, belonging to the same 128 collector pool. 130 Collector points will announce themselves to the ENRP server and will 131 be monitored for their availability. The observation point will only 132 query the ENRP server for server pool name resolution. 134 3. Transport protocols suitable for IPFIX 136 The exchange of IP flow information data between an observation point 137 and a collection point consists of massive amounts of data. 139 One collection point can service many observation points, therefore 140 transport protocols must do congestion control (example: modifying 141 the receive buffer space, thus reducing the incoming flow of data), 142 so that the collection point is not overburdened by its observation 143 points. Some data must arrive at the collector while other data 144 might arrive (if it gets lost: no problem). The choice of reliable 145 or partial reliable delivery has to be made by the observation point 146 These requirements demand a protocol which provides variable 147 transport reliability of its data: it should be able to chose the 148 reliability by the IPFIX protocols on a a per-message base. 150 SCTP [RFC4960] with PR-SCTP extension [RFC3758] is the only know 151 protocol which allows the choice of full, partial or unreliable 152 delivery of the message to its peer node. TCP will only allow fully 153 reliable delivery, while UDP only provides unreliable delivery and NO 154 congestion control. 156 4. Security considerations 158 The protocols used in the Reliable Server Pooling architecture only 159 try to increase the availability of the servers in the network. 160 RSerPool protocols do not contain any protocol mechanisms which are 161 directly related to user message authentication, integrity and 162 confidentiality functions. For such features, it depends on the 163 IPSEC protocols or on Transport Layer Security (TLS) protocols for 164 its own security and on the architecture and/or security features of 165 its user protocols. 167 The RSerPool architecture allows the use of different transport 168 protocols for its application and control data exchange. These 169 transport protocols may have mechanisms for reducing the risk of 170 blind denial-of-service attacks and/or masquerade attacks. If such 171 measures are required by the applications, then it is advised to 172 check the SCTP applicability statement RFC2057 [RFC3257] for guidance 173 on this issue. 175 5. Reference Implementation 177 The RSerPool reference implementation RSPLIB can be found at 178 [RSerPool-Website]. It supports the functionalities defined by 179 [RFC5351], [RFC5352], [RFC5353], [RFC5354] and [RFC5356] as well as 180 the options [I-D.dreibholz-rserpool-asap-hropt], 181 [I-D.dreibholz-rserpool-enrp-takeover] and 182 [I-D.dreibholz-rserpool-delay]. An introduction to this 183 implementation is provided in [Dre2006]. 185 6. Testbed Platform 187 A large-scale and realistic Internet testbed platform with support 188 for the multi-homing feature of the underlying SCTP protocol is 189 NorNet. A description of NorNet is provided in [PAMS2013-NorNet], 190 some further information can be found on the project website 191 [NorNet-Website]. 193 7. Security Considerations 195 Security considerations for RSerPool systems are described by 196 [RFC5355]. 198 8. IANA Considerations 200 This document introduces no additional considerations for IANA. 202 9. Acknowledgments 204 The authors wish to thank Maureen Stillman and many others for their 205 invaluable comments. 207 10. References 209 10.1. Normative References 211 [RFC3257] Coene, L., "Stream Control Transmission Protocol 212 Applicability Statement", RFC 3257, April 2002. 214 [RFC3758] Stewart, R., Ramalho, M., Xie, Q., Tuexen, M., and P. 215 Conrad, "Stream Control Transmission Protocol (SCTP) 216 Partial Reliability Extension", RFC 3758, May 2004. 218 [RFC4960] Stewart, R., "Stream Control Transmission Protocol", RFC 219 4960, September 2007. 221 [RFC5351] Lei, P., Ong, L., Tuexen, M., and T. Dreibholz, "An 222 Overview of Reliable Server Pooling Protocols", RFC 5351, 223 September 2008. 225 [RFC5352] Stewart, R., Xie, Q., Stillman, M., and M. Tuexen, 226 "Aggregate Server Access Protocol (ASAP)", RFC 5352, 227 September 2008. 229 [RFC5353] Xie, Q., Stewart, R., Stillman, M., Tuexen, M., and A. 230 Silverton, "Endpoint Handlespace Redundancy Protocol 231 (ENRP)", RFC 5353, September 2008. 233 [RFC5354] Stewart, R., Xie, Q., Stillman, M., and M. Tuexen, 234 "Aggregate Server Access Protocol (ASAP) and Endpoint 235 Handlespace Redundancy Protocol (ENRP) Parameters", RFC 236 5354, September 2008. 238 [RFC5355] Stillman, M., Gopal, R., Guttman, E., Sengodan, S., and M. 239 Holdrege, "Threats Introduced by Reliable Server Pooling 240 (RSerPool) and Requirements for Security in Response to 241 Threats", RFC 5355, September 2008. 243 [RFC5356] Dreibholz, T. and M. Tuexen, "Reliable Server Pooling 244 Policies", RFC 5356, September 2008. 246 [I-D.dreibholz-rserpool-asap-hropt] 247 Dreibholz, T., "Handle Resolution Option for ASAP", draft- 248 dreibholz-rserpool-asap-hropt-14 (work in progress), 249 January 2014. 251 [I-D.dreibholz-rserpool-delay] 252 Dreibholz, T. and X. Zhou, "Definition of a Delay 253 Measurement Infrastructure and Delay-Sensitive Least-Used 254 Policy for Reliable Server Pooling", draft-dreibholz- 255 rserpool-delay-13 (work in progress), January 2014. 257 [I-D.dreibholz-rserpool-enrp-takeover] 258 Dreibholz, T. and X. Zhou, "Takeover Suggestion Flag for 259 the ENRP Handle Update Message", draft-dreibholz-rserpool- 260 enrp-takeover-11 (work in progress), January 2014. 262 10.2. Informative References 264 [Dre2006] Dreibholz, T., "Reliable Server Pooling - Evaluation, 265 Optimization and Extension of a Novel IETF Architecture", 266 March 2007, . 270 [PAMS2013-NorNet] 271 Dreibholz, T. and E. Gran, "Design and Implementation of 272 the NorNet Core Research Testbed for Multi-Homed Systems", 273 Proceedings of the 3nd International Workshop on Protocols 274 and Applications with Multi-Homing Support (PAMS), Pages 275 1094-1100, ISBN 978-0-7695-4952-1, DOI 10.1109/ 276 WAINA.2013.71, March 2013, . 280 [RSerPool-Website] 281 Dreibholz, T., "Thomas Dreibholz's RSerPool Page", Online: 282 http://www.iem.uni-due.de/~dreibh/rserpool/, 2013, 283 . 285 [NorNet-Website] 286 Dreibholz, T., "NorNet -- A Real-World, Large-Scale Multi- 287 Homing Testbed", Online: https://www.nntb.no/, 2014, 288 . 290 Authors' Addresses 292 Thomas Dreibholz 293 Simula Research Laboratory, Network Systems Group 294 Martin Linges vei 17 295 1364 Fornebu, Akershus 296 Norway 298 Phone: +47-6782-8200 299 Fax: +47-6782-8201 300 Email: dreibh@simula.no 301 URI: http://www.iem.uni-due.de/~dreibh/ 303 Lode Coene 304 Nokia Siemens Networks 305 Atealaan 32 306 Herentals 2200 307 Belgium 309 Phone: +32-14-252081 310 Email: lode.coene@nsn.com 312 Phillip Conrad 313 University of Delaware 314 103 Smith Hall 315 Newark DE 19716 316 USA 318 Phone: +1-302-831-8622 319 Email: conrad@acm.org