One document matched: draft-ietf-ipfix-configuration-model-00.txt
IP Flow Information Export WG G. Muenz
Internet-Draft University of Tuebingen
Intended status: Standards Track B. Claise
Expires: January 5, 2009 Cisco Systems, Inc.
July 4, 2008
Configuration Data Model for IPFIX and PSAMP
<draft-ietf-ipfix-configuration-model-00>
Status of this Memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on January 5, 2009.
Abstract
This document specifies a data model for the configuration of caches,
selection processes, exporting processes, and collecting processes of
IPFIX and PSAMP compliant monitoring devices. The configuration data
model is encoded in Extensible Markup Language (XML). The structure
of the data model is specified in a YANG module to ensure
compatibility with the NETCONF protocol. A YANG-to-XSD converter is
available which allows generating an XML Schema Definition (XSD) of
the data model.
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 1]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
Table of Contents
1. Open and Solved Issues . . . . . . . . . . . . . . . . . . . . 3
2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
2.1. IPFIX Documents Overview . . . . . . . . . . . . . . . . . 5
2.2. PSAMP Documents Overview . . . . . . . . . . . . . . . . . 5
3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5
4. Structure of the Configuration Data Model . . . . . . . . . . 6
4.1. UML Representation . . . . . . . . . . . . . . . . . . . . 8
4.2. Exporter Configuration . . . . . . . . . . . . . . . . . . 8
4.3. Collector Configuration . . . . . . . . . . . . . . . . . 10
5. Configuration Parameters . . . . . . . . . . . . . . . . . . . 11
5.1. ObservationPoint Class . . . . . . . . . . . . . . . . . . 11
5.2. SelectionProcess Class . . . . . . . . . . . . . . . . . . 12
5.2.1. Sampler Classes . . . . . . . . . . . . . . . . . . . 13
5.2.2. Filter Classes . . . . . . . . . . . . . . . . . . . . 14
5.3. Cache Class . . . . . . . . . . . . . . . . . . . . . . . 14
5.3.1. CacheLayout Class . . . . . . . . . . . . . . . . . . 15
5.4. ExportingProcess Class . . . . . . . . . . . . . . . . . . 16
5.4.1. Destination Class . . . . . . . . . . . . . . . . . . 16
5.4.2. Export Parameters Classes . . . . . . . . . . . . . . 17
5.4.3. Option Class . . . . . . . . . . . . . . . . . . . . . 18
5.4.4. OptionTemplate Class . . . . . . . . . . . . . . . . . 19
5.5. CollectingProcess Class and Receiver Class . . . . . . . . 20
5.5.1. Receiver Parameters Classes . . . . . . . . . . . . . 21
6. YANG Module of the IPFIX/PSAMP Configuration Data Model . . . 21
7. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
7.1. PSAMP Device . . . . . . . . . . . . . . . . . . . . . . . 34
7.2. IPFIX Device . . . . . . . . . . . . . . . . . . . . . . . 36
7.3. Collector and File Writer . . . . . . . . . . . . . . . . 39
8. Security Considerations . . . . . . . . . . . . . . . . . . . 40
Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 40
9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 41
9.1. Normative References . . . . . . . . . . . . . . . . . . . 41
9.2. Informative References . . . . . . . . . . . . . . . . . . 41
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 43
Intellectual Property and Copyright Statements . . . . . . . . . . 45
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 2]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
1. Open and Solved Issues
Open issues:
o Add TLS/DTLS parameters.
o Review specification of configuration data model w/r to mandatory/
optional parameters and default values.
o Integrate operational data (read-only, non-configurable
parameters) from IPFIX MIB and PSAMP MIB as far as possible.
o Add notes on YANG usage for vendor-specific extensions of the
model.
Solved issues and answers to reviewer comments:
o Metering Process as envelop for Selection Processes and Cache was
removed because it caused some confusion. Observation Points now
refer to Selection Processes which process the observed packets.
A Selection Process can pass selected packets to another Selection
Process to form a Selection Sequence.
o Cache configuration includes "cacheLayout", which replaced
"template" parameter. Thus, Templates are not longer configurable
for Data Records. The Exporting Process generates Templates
automatically according to the Packet or Flows received from the
Cache.
o Premature support of IPFIX Mediators/Concentrators was removed.
o Several SCTP parameters have been added
o NETCONF compliance: ensured by using YANG instead of XSD.
o Direction attribute of interface/linecard can be on of "ingress",
"egress", or "both".
o observationPointId, exportingProcessId, and selectorId have been
added as optional configuration parameters, setting the values of
the corresponding Information Elements. Note that monitoring
device implementations are not obliged to support the
configuration of these ids, but may set them dynamically.
Currently not included are selectionSequenceId and
meteringProcessId.
o Request for additional parameters concerning the composition of
IPFIX Messages at the exporter, e.g. how long may the exporter
wait until an expired record is exported? Waiting may be useful
in order to fill up IPFIX Messages.
We (the authors) decided not to add such parameters for the
following reasons: 1) the composition of IPFIX Messages has not
been described as configurable or managable in any other IPFIX
document, and 2) today's configuration possibilities depend very
much on the device or manufacturer. We propose to use device or
manufacturer-dependent extensions of the configuration data model.
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 3]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
2. Introduction
IPFIX and PSAMP compliant monitoring devices (routers, switches,
monitoring probes, collectors etc.) offer various configuration
possibilities that allow adapting network monitoring to the goals and
purposes of the application, e.g. accounting and charging, traffic
analysis, performance monitoring, security monitoring. The use of a
common device-independent configuration data model for IPFIX and
PSAMP compliant monitoring devices facilitates network management and
configuration, especially if monitoring devices of different
implementers and/or manufacturers are deployed simultaneously. On
the one hand, a device-independent configuration data model helps
storing and managing the configuration data of monitoring devices in
a consistent format. On the other hand, it can be used for local and
remote configuration of monitoring devices. However, this requires
that monitoring devices natively support the configuration data
model, or that a mapping between the configuration data model and the
device-specific representation of configuration data is provided. An
appropriate transport protocol is needed in the case of remote
configuration.
The purpose of this document is the specification of a device-
independent configuration data model that covers the commonly
available configuration parameters of Caches and Selection Processes,
Exporting Processes, and Collecting Processes. The data model is
encoded in Extensible Markup Language (XML) [W3C.REC-xml-20040204].
An XML document conforming to the configuration data model contains
the configuration data of one monitoring device. In order to ensure
compatibility with the NETCONF protocol [RFC4741], YANG
[I-D.bjorklund-netconf-yang] is used as modeling language. If
required, the YANG specification of the configuration data model can
be converted into XML Schema language [W3C.REC-xmlschema-0-20041028]
using the pyang tool [YANG-WEB]. YANG provides mechanisms to augment
the configuration data model with additional device-specific or
vendor-specific parameters.
For the configuration of remote monitoring devices, an appropriate
protocol is needed to transfer the XML encoded configuration data.
The configuration data model is compatible with the NETCONF protocol
[RFC4741]. However, alternative protocols, such as the Simple Object
Access Protocol (SOAP) [W3C.REC-soap12-part1-20070427], are also
suitable for transferring XML data from a network management system
to a monitoring device.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 4]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
2.1. IPFIX Documents Overview
The IPFIX protocol [RFC5101] provides network administrators with
access to IP flow information. The architecture for the export of
measured IP flow information out of an IPFIX Exporting Process to a
Collecting Process is defined in [I-D.ietf-ipfix-architecture], per
the requirements defined in [RFC3917]. The IPFIX protocol [RFC5101]
specifies how IPFIX Data Records and Templates are carried via a
number of transport protocols from IPFIX Exporting Processes to IPFIX
Collecting Process. IPFIX has a formal description of IPFIX
Information Elements, their name, type and additional semantic
information, as specified in [RFC5102]. [I-D.ietf-ipfix-mib]
specifies the IPFIX Management Information Base. Finally,
[I-D.ietf-ipfix-as] describes what type of applications can use the
IPFIX protocol and how they can use the information provided. It
furthermore shows how the IPFIX framework relates to other
architectures and frameworks. The storage of IPFIX Messages in a
file is specified in [I-D.ietf-ipfix-file].
2.2. PSAMP Documents Overview
The framework for packet selection and reporting
[I-D.ietf-psamp-framework] enables network elements to select subsets
of packets by statistical and other methods, and to export a stream
of reports on the selected packets to a Collector. The set of packet
selection techniques (sampling, filtering, and hashing) standardized
by PSAMP are described in [I-D.ietf-psamp-sample-tech]. The PSAMP
protocol [I-D.ietf-psamp-protocol] specifies the export of packet
information from a PSAMP Exporting Process to a Collector. Like
IPFIX, PSAMP has a formal description of its Information Elements,
their name, type and additional semantic information. The PSAMP
information model is defined in [I-D.ietf-psamp-info].
[I-D.ietf-psamp-mib] describes the PSAMP Management Information Base.
3. Terminology
This document adopts the terminologies used in [RFC5101],
[I-D.ietf-ipfix-file], and [I-D.ietf-psamp-protocol]. As in
[RFC5101], these specific terms have the first letter of a word
capitalized when used in this document.
Cache: The Cache is a functional block in a Metering Process which
maintains IPFIX Flow Records or PSAMP Packet Records. According
to [RFC5101], the maintenance of Flow Records may include creating
new records, updating existing ones, computing Flow statistics,
deriving further Flow properties, detecting Flow expiration,
passing Flow Records to the Exporting Process, and deleting Flow
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 5]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
Records. The maintainence of Packet Records covers the same set
of functions.
Cache Layout: The Cache Layout specifies the fields that are
extracted from the packets entering the Cache. The available
fields MUST be included in the resulting Packet or Flow Record. A
content of a field is defined by the corresponding Information
Element.
Cache Type: The Cache Type specifies whether Packet Records or Flow
Records are generated by the Cache. In the case of Flow Records,
it also specifies the Flow expiration policy.
4. Structure of the Configuration Data Model
The IPFIX reference model in [I-D.ietf-ipfix-architecture] describes
Metering Processes, Exporting Processes, and Collecting Processes as
functional blocks of IPFIX Devices. The PSAMP framework
[I-D.ietf-psamp-framework] provides the corresponding information for
PSAMP Devices and introduces Selection Processes as functional blocks
within Metering Processes. Normative definitions of these terms are
given in [RFC5101] and [I-D.ietf-psamp-protocol]. In Section 3, the
Cache is defined as another functional block within Metering
Processes. Further explanations about the relationship between
Selection Processes and Caches are given in the next paragraph.
IPFIX File Reader and File Writer are defined as specific kinds of
Exporting and Collecting Processes in [I-D.ietf-ipfix-file]. IPFIX
and PSAMP compliant monitoring device implementations usually
maintain the separation of functional blocks although they do not
necessarily implement all of them. Furthermore, they provide various
configuration possibilities; some of them are specified as mandatory
by the IPFIX protocol [RFC5101]. The configuration data model
enables the setting of commonly available configuration parameters
for Caches, Selection Processes, Exporting Processes, and Collecting
Processes. In addition, it allows specifying the composition of
functional blocks within a monitoring device configuration and their
linkage with Observation Points.
In an IPFIX and PSAMP compliant monitoring device implementation, the
functionality of the Metering Process is commonly split into packet
filtering and sampling functions performed by Selection Processes,
and the maintainence of Flow and Packet Records performed by Caches.
Figure 1 illustrates this separation with the example of a simple
Metering Process consisting of one Selection Process and one Cache.
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 6]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
+-----------------------------------+
| Metering Process |
| +-----------+ Stream of |
Stream of | | Selection | selected +-------+ | Stream of
observed -->| Process |---------->| Cache |--> Flow Records or
packets | +-----------+ packets +-------+ | Packet Records
+-----------------------------------+
Figure 1: Selection Process and Cache forming a Metering Process
The configuration data model adopts this separation in order to
support the flexible configuration and combination of Selection
Processes and Caches. As described in [I-D.ietf-psamp-protocol],
Selection Processes can be configured to serially process the stream
of observed packets in a Selection Sequence. If the observed packets
are neither sampled nor filtered, this corresponds to a Selection
Process of type "selectAll" (cf. [I-D.ietf-ipfix-mib] and
[I-D.ietf-psamp-mib]). The resulting stream of selected packets
enters a Cache. In the case of a PSAMP Device, the Cache generates
Packet Records containing the Packet Reports. In the case of an
IPFIX Device, the Cache generates Flow Records. If Packet Records or
Flow Records are generated, is depends on the Cache Type.
The selection of parameters in the configuration data model is based
on configuration issues discussed in the IPFIX and PSAMP documents
[RFC3917], [RFC5101], [I-D.ietf-ipfix-architecture],
[I-D.ietf-psamp-protocol], [I-D.ietf-psamp-framework], and
[I-D.ietf-psamp-sample-tech]. Furthermore, the structure and content
of the IPFIX MIB module [I-D.ietf-ipfix-mib] and the PSAMP MIB module
[I-D.ietf-psamp-mib] were taken into consideration. Consistency
between the configuration data model and the IPFIX and PSAMP MIB
modules is an intended goal. Therefore, parameters in the
configuration data model are named according to corresponding managed
objects.
The next section explains how UML class diagrams are deployed to
illustrate the structure of the configuration data model.
Thereafter, Section 4.2 and Section 4.3 explain the class diagrams
for the configuration of Exporters and Collectors, respectively.
Each of the presented classes contains specific configuration
parameters which are specified in Section 5. The formal definition
of the configuration data model in YANG is given in Section 6.
Section 7 illustrates the usage of the model with example
configurations in XML.
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 7]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
4.1. UML Representation
In the following, we use Unified Modeling Language (UML) class
diagrams [UML] to explain the structure of the configuration data
model. According to UML, different arrow types are used to
distinguish two different types of relationship between UML classes:
aggregation and unidirectional association.
+---+ 0..* +---+ +---+ 0..* +---+
| A |<>------| B | | A |------->| B |
+---+ +---+ +---+ +---+
(a) Aggregation (b) Unidirectional association
Aggregation means that one class is part of the other. As an
example, class B is part of class A in example (a). An association
is a reference to an instance of another class. In example (b),
class A contains a reference to an instance of class B. In the
configuration data model, all associations are unidirectional. The
indicated numbers define the multiplicity:
"1": one only
"0..*": zero or more
"1..*": one or more
In UML class diagrams, all classes that occur with multiplicity
greater than one in an aggregation relationship, and all classes that
are referenced in associations MUST have a key which allows
distinguishing different instances of the class. This key MUST be
unique within the given scope. Regarding example (a), all instances
of class B belonging to the same instance of class A must have keys;
the scope is local to the given instance of class A. In example (b),
all instances of class B must have unique keys as they can be
referenced by multiple instances of class A (i.e., the scope is
global). In YANG, there exists a corresponding rule which mandates
the existence of a key for all elements which appear in lists
[I-D.bjorklund-netconf-yang]. In the configuration data model, the
key is a string parameter called "name" in all concerned classes.
4.2. Exporter Configuration
Figure 2 below shows the main classes of the configuration data model
which are involved in the configuration of an IPFIX or PSAMP
Exporter. The role of the classes can be briefly summarized as
follows:
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 8]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
o The ObservationPoint class specifies an Observation Point (i.e.,
an interface or linecard) of the monitoring device at which
packets are captured for traffic measurements. An instance of the
ObservationPoint class may be associated with one or more
instances of the SelectionProcess class which process the observed
packets in parallel. Each Selection Process associated with an
Observation Point represents the beginning of a Selection
Sequence. As long as an Observation Point is specified without
any references to Selection Processes, it is not deployed for
traffic measurements.
o The SelectionProcess class contains the configuration parameters
of a Selection Process, which is a Primitive Selector
[I-D.ietf-psamp-protocol]. A Selection Process may be part of
multiple Selection Sequences. Therefore, an instance of the
SelectionProcess class MAY be referred to from multiple instances
of the ObservationsPoint class or Selection Process class. The
output of a Selection Process may be processed by further
Selection Processes. In this case, the instance of the
SelectionProcess class contains a reference to another instance of
the SelectionProcess class. The last Selection Process in a
Selection Sequence passes the stream of selected packets to one or
more Caches that create or update the corresponding Packet or Flow
Records. Therefore, the SelectionProcess class enables references
to instances of the Cache class.
A Selection Process MAY be configured without any reference to
another Selection Process or Cache, which is useful for the
configuration of standby processes. In this case, the selected
packets are dropped.
In order to select all packets, a Selection Process of type
"selectAll" MUST be configured.
o The Cache class contains configuration parameters of a Cache. A
Cache may receive the output of one or more Selection Processes
and maintains the corresponding Packet or Flow Records.
Therefore, an instance of the Cache class MAY be referred to from
multiple Selection Processes. Configuration parameters of the
Cache class specify the size of the Cache, the Cache Type and
Layout, and expiration parameters. The Cache Type determines if
Packet Records or Flow Records are generated.
An instance of the Cache class MAY contain references to one or
multiple Exporting Processes which export the Packet or Flow
Records after expiration or timeout. A Cache without any
reference to an Exporting Processes represents a standby Cache.
In this case, the Cache output is dropped.
o The ExportingProcess class contains configuration parameters of an
Exporting Process. It includes various transport protocol
specific parameters and the export destinations. An instance of
the ExportingProcess class MAY be referred to from multiple
instances of the Cache class.
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 9]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
An Exporting Process MAY be configured as a File Writer according
to [I-D.ietf-ipfix-file].
+------------------+ 0..* +------------------+
| ObservationPoint |------->| SelectionProcess |<--+
+------------------+ +------------------+ | 0..*
| | |
| +-----+
0..* |
| +------------------+
+-->| Cache |
+------------------+
|
| 0..*
V
+------------------+
| ExportingProcess |
+------------------+
Figure 2: Class diagram of Exporter configuration
4.3. Collector Configuration
Figure 3 below shows the main classes of the configuration data model
which are involved in the configuration of an IPFIX or PSAMP
Collector. The CollectingProcess class configures interfaces,
transport protocols and port numbers of a Collecting Process using
the Receiver class. Alternatively, the Collecting Process MAY be
configured as a File Reader according to [I-D.ietf-ipfix-file]. In
this case, the Receiver class MUST specify the corresponding file
names.
An instance of the CollectingProcess class may refer to one or
multiple Exporting Processes which reexport the received Data
Records. As an example, an Exporting Process can be configured as a
File Writer in order to save the received Data Records in a file.
+-------------------+ 1..* +------------------+
| |<>------| Receiver |
| CollectingProcess | +------------------+
| |
| | 0..* +------------------+
| |------->| ExportingProcess |
+-------------------+ +------------------+
Figure 3: Class diagram of Collector configuration
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 10]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
5. Configuration Parameters
This section specifies the configuration parameters of the
configuration data model separately for each class. Parameters
serving as keys are depicted in brackets.
5.1. ObservationPoint Class
+---------------------+
| ObservationPoint |
+---------------------+ 1 +--------------------+
| [name] |<>--------| Interface/Linecard |
| observationPointId | +--------------------+
| observationDomainId |
| | 0..* +--------------------+
| |--------->| SelectionProcess |
+---------------------+ +--------------------+
+------------------+ +----------------------------------+
| Interface | | Linecard |
+------------------+ +----------------------------------+
| ifIndex/ifName | | entPhysicalIndex/entPhysicalName |
| direction | | direction |
+------------------+ +----------------------------------+
Figure 4: ObservationPoint class
The ObservationPoint class identifies an Observation Point of the
monitoring device, which is either an interface or a linecard. An
instance of the ObservationPoint class MAY specify the Observation
Domain ID as well as the Observation Point ID (i.e., the value of the
Information Element observationPointId [RFC5102]).
The configuration parameters to identify an interface or a linecard
are as follows:
ifIndex/ifName (interface only): Either the index or name of the
interface MUST be specified according to corresponding objects in
the IF-MIB [RFC2863].
entPhysicalIndex/entPhysicalName (linecard only): Either the index
or name of the linecard MUST be specified according to
corresponding objects in the ENTITY-MIB [RFC4133].
direction: This OPTIONAL parameter specifies if ingress traffic,
egress traffic, or both, ingress and egress traffic is captured.
If not present, ingress and egress traffic is captured. If not
applicable (e.g., in the case of a sniffing interface in
promiscuous mode), the value of this parameter MUST be ignored.
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 11]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
An instance of the ObservationPoint class MAY refer to one or
multiple Selection Processes which process the observed packets in
parallel.
5.2. SelectionProcess Class
+------------------+
| SelectionProcess |
+------------------+ 1 +------------------+
| [name] |<>------+ SelectAll/ |
| selectorId | | SampCountBased/ |
| | | SampTimeBased/ |
| | | SampRandOutOfN/ |
| | | SampUniProb/ |
| | | SampNonUniProb/ |
| | | SampFlowState/ |
| | | FilterMatch/ |
| | | FilterHash/ |
| | | FilterRState |
| | +------------------+
| |
| |<---+
| | | 0..*
| |----+
| |
| | 0..* +------------------+
| |------->| Cache |
+------------------+ +------------------+
Figure 5: SelectionProcess class
The SelectionProcess class contains the configuration parameters of a
Selection Process which selects packets from the input stream and
outputs the selected packets to another Selection Process or a Cache.
In the configuration data model, a Selection Process implements a
Primitive Selector according to [I-D.ietf-psamp-protocol].
Standardized PSAMP sampling and filtering methods are described in
[I-D.ietf-psamp-sample-tech]; their configuration parameters are
specified in corresponding sampler (SampCountBased, SampTimeBased,
SampRandOutOfN, SampUniProb, SampNonUniProb, SampFlowState) or filter
(FilterMatch, FilterHash, FilterRState) classes. The
SelectionProcess class contains exactly one of these classes,
depending on the applied method. Alternatively, the SelectionProcess
may include the SelectAll class which selects all packets and does
not offer any configurable parameters. An instance of the
SelectionProcess class MAY set the Selector ID (i.e., the value of
the Information Element selectorId [I-D.ietf-psamp-info]). In this
case, the configured Selector ID MUST be unique within the
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 12]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
Observation Domain. If not configured, the Selector ID is assigned
by the monitoring device.
The Selection Process may be part of one or more Selection Sequences.
Therefore, the Selection Process class includes references to itself,
meaning that one instance MAY refer to other instances of the
Selection Process class. Each referred Selection Process constitutes
the next Primitive Selector in a Selection Sequence. Within a
Selection Sequence, one instance of the SelectionProcess class MUST
NOT appear more than once. The last Selection Process in a Selection
Sequence includes references to one or more instances of the Cache
class which receive the selected packets and maintain the
corresponding Packet or Flow Records. An instance of the
SelectionProcess class MAY be referred to from multiple Observation
Points or Selection Processes.
5.2.1. Sampler Classes
+----------------+ +----------------+ +----------------+
| SampCountBased | | SampTimeBased | | SampRandOutOfN |
+----------------+ +----------------+ +----------------+
| interval | | interval | | population |
| spacing | | spacing | | sample |
+----------------+ +----------------+ +----------------+
+----------------+ +----------------+ +----------------+
| SampUniProb | | SampNonUniProb | | SampFlowState |
+----------------+ +----------------+ +----------------+
| probability | | function | | func |
| | | funcParam | | funcParam |
+----------------+ +----------------+ +----------------+
Figure 6: Sampler classes
The names and semantics of the configuration parameters correspond to
the managed objects in the PSAMP MIB module [I-D.ietf-psamp-mib].
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 13]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
5.2.2. Filter Classes
+----------------+ +----------------+ +----------------+
| FilterMatch | | FilterHash | | FilterRState |
+----------------+ +----------------+ +----------------+
| fieldId | | addrType | | function |
| startValue | | headerBits | | negate |
| stopValue | | payloadBytes | | ifIndex |
| mask | | payloadBits | | startAS |
| | | function | | stopAS |
| | | inputBits | | vendorFunc |
| | | outputBits | | |
| | | outputMask | | |
| | | selection | | |
+----------------+ +----------------+ +----------------+
Figure 7: Filter classes
The names and semantics of the configuration parameters correspond to
the managed objects in the PSAMP MIB module [I-D.ietf-psamp-mib].
5.3. Cache Class
+---------------+
| Cache |
+---------------+ 1 +-------------+
| [name] |<>-----| CacheLayout |
| cacheType | +-------------+
| maxRecords |
| activeTimeout | 0..* +------------------+
| idleTimeout |------>| ExportingProcess |
+---------------+ +------------------+
Figure 8: Cache class
The Cache class contains the configuration parameters of a Cache. A
Cache maintains Packet or Flows containing information which has been
extracted from a packet stream issued by one or more Selection
Processes. The configuration parameters of the Cache class are as
follows:
cacheType: Configures the Cache Type. The value of this parameter
MUST be one of the following:
* immediate: expiration after the first packet
* normal: expiration after active and idle timeout
* permanent: no expiration, but periodical export after active
timeout
In the case of "immediate", Packet Records are generated.
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 14]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
Otherwise, Flow Records are generated.
maxRecords: maximum number of records in the Cache.
activeTimeout: timeout in timeticks (i.e., hundredths of a second)
after which an active Flow is timed out anyway even if there is
still a continuous flow of packets.
idleTimeout: A Flow is considered to be timed out if no packets
belonging to the Flow have been observed for the amount of time
specified by this parameter. The unit is timeticks (i.e.,
hundredths of a second).
activeTimeout and idleTimeout MUST NOT be configured if the Cache
Type is "immediate". idleTimeout MUST NOT be used if the Cache Type
is "permanent".
An instance of the Cache class specifies the Cache Layout, i.e. the
set of fields maintained per Packet or Flow Record. Furthermore, it
MAY refer to one or multiple instances of the ExportingProcess class,
specifying the export parameters and destinations.
5.3.1. CacheLayout Class
+--------------+
| CacheLayout |
+--------------+ 1..* +------------------+
| [name] |<>------| Field |
| | +------------------+
| | | [name] |
| | | ieId/ieName |
| | | ieLength |
| | | enterpriseNumber |
| | | isFlowKey |
+--------------+ +------------------+
Figure 9: CacheLayout class
Using the Field class, the CacheLayout class specifies the fields
which are extracted from the incoming stream of packets and stored in
a Packet or Flow Record. Fields specified by the Cache Layout that
are available in an incoming packet MUST be included in the resulting
Packet or Flow Record. On the other hand, fields which are is not
present in an incoming packet MUST be omitted in the resulting Packet
or Flow Record.
The CacheLayout class does not have any parameters. The
configuration parameters of the Field class are as follows:
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 15]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
ieId, ieName, ieLength, enterpriseNumber: These parameters specify a
field by identifier, name, length, and enterprise number of an
Information Element. Either ieId or ieName MUST be specified.
ieLength MAY be omitted if a default length exists of the
specified Information Element. enterpriseNumber is only inserted
for enterprise-specific Information Elements.
isFlowKey: If present, this field is a Flow Key.
5.4. ExportingProcess Class
+--------------------+
| ExportingProcess |
+--------------------+ 0..* +-------------+
| [name] |<>------| Destination |
| exportingProcessId | +-------------+
+--------------------+
Figure 10: ExportingProcess class
The ExportingProcess class specifies a list of destinations to which
the measurement data are exported. An instance of the
ExportingProcess class MAY set the Exporting Process ID (i.e., the
value of the Information Element exportingProcessId [RFC5102]).
5.4.1. Destination Class
+-----------------+
| Destination |
+-----------------+ 1 +-----------------------+
| [name] |<>------| SctpExport/UdpExport/ |
| type | | TcpExport/FileWriter |
| | +-----------------------+
| |
| | 0..* +-----------------------+
| |<>------| Option |
+-----------------+ +-----------------------+
Figure 11: Destination class
The Destination class specifies one export destination of an
Exporting Process. The type parameter determines the Transport
Session type ("primary", "secondary", "duplicate", "load balancing",
or "unused") and corresponds to the
ipfixTransportSessionGroupMemberType object in [I-D.ietf-ipfix-mib].
The Destination class contains further configuration parameters that
are specific to the transport protocol used (SCTP, UDP, or TCP). It
is also possible to export the measurement data to a file as proposed
in [I-D.ietf-ipfix-file]. An instance of the ExportingProcess class
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 16]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
MAY specify the report of additional information with Option
Templates, using the Option class.
5.4.2. Export Parameters Classes
+--------------------------+ +--------------------------+
| SctpExport | | TcpExport |
+--------------------------+ +--------------------------+
| destinationIpAddress | | destinationIpAddress |
| destinationTransportPort | | destinationTransportPort |
| sourceIpAddress* | | sendBufferSize |
| sendBufferSize | +--------------------------+
| timedReliability |
| numberOfStreams |
| orderedDelivery |
+--------------------------+
+------------------------------+ +-------------+
| UdpExport | | FileWriter |
+------------------------------+ +-------------+
| destinationIpAddress | | uri |
| destinationTransportPort | +-------------+
| sourceIpAddress |
| sendBufferSize |
| templateRefreshTimeout |
| templateRefreshPacket |
| optionTemplateRefreshTimeout |
| optionTemplateRefreshPacket |
+------------------------------+
Figure 12: Export parameters classes
The export parameter classes SctpExport, TcpExport, UdpExport, and
FileWriter specify configuration parameters that are specific to an
export destination. The configuration parameters of the SctpExport,
TcpExport, and UdpExport classes are:
destinationIpAddress, destinationTransportPort: destination IP
address and destination transport to be used for export with SCTP,
UDP, or TCP. destinationIpAddress is a mandatory parameter. If
destinationTransportPort is omitted, 4739 is used as port number.
sendBufferSize: size of the socket send buffer in octets.
timedReliability (SctpExport only): lifetime in timeticks (i.e.,
hundredths of a second) until an IPFIX Message containing Data
Sets only is "abandoned" due to the timed reliability mechanism of
PR-SCTP [RFC3758]. If this parameter is omitted or set to zero,
reliable SCTP transport is used.
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 17]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
numberOfStreams (SctpExport only): number of outbound streams
requested for SCTP associations [RFC4960].
orderedDelivery (SctpExport only): boolean parameter controlling the
ordered delivery of IPFIX Messages containing Data Sets [RFC4960].
If this parameter is omitted, ordered delivery is enabled.
sourceIpAddress (not in TcpExport): In the case of UdpExport, this
optional parameter MAY appear once to set the source IP address.
If this parameter is omitted, the address assigned to the outgoing
interface is used.
In the case of SctpExport, this optional parameter MAY appear
multiple times to specify the list of eligible local IP addresses
of the SCTP association [RFC4960]. If omitted, all locally
assigned IP addresses are used by the SCTP endpoint.
templateRefreshTimeout, templateRefreshPacket,
optionTemplateRefreshTimeout, optionTemplateRefreshPacket (UdpExport
only): Template refresh parameters when using UDP as transport
protocol. templateRefreshTimeout and optionTemplateRefreshTimeout
are specified in timeticks (i.e., hundredths of a second),
templateRefreshPacket and optionTemplateRefreshPacket in number of
IPFIX Messages between resendings of Templates.
If the Exporting Process is configured as a File Writer, the
FileWriter class MUST be used with the following parameter:
uri: file name and location encoded as URI.
5.4.3. Option Class
+-----------+
| Option |
+-----------+ 0..1 +----------------+
| [name] |<>------| OptionTemplate |
| type | +----------------+
| timeout |
+-----------+
Figure 13: Option class
The Option class defines the type of additional information to be
reported, such as statistics, flow keys, sampling and filtering
parameters etc. [RFC5101] and [I-D.ietf-psamp-protocol] specify
several types of reporting information which may be exported. The
type MUST be one of the following:
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 18]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
meteringStatistics: export of Metering Process statistics using the
Metering Process Statistics Option Template [RFC5101].
meteringReliability: export of Metering Process reliability
statistics using the Metering Process Reliability Statistics
Option Template [RFC5101].
exportingReliability: export of Exporting Process reliability
statistics using the Exporting Process Reliability Statistics
Option Template [RFC5101].
flowKeys: export of the Flow Key specification using the Flow Keys
Option Template [RFC5101].
selectionSequence: export of Selection Sequence and Selector Report
Interpretation [I-D.ietf-psamp-protocol].
selectionStatistics: export of Selection Sequence Statistics Report
Interpretation [I-D.ietf-psamp-protocol].
accuracy: export of Accuracy Report Interpretation
[I-D.ietf-psamp-protocol].
reducingRedundancy: export of common properties according to
[I-D.ietf-ipfix-reducing-redundancy].
The option type is a mandatory parameter. The Option Template MAY be
configured, using the OptionTemplate class. If no Option Template is
specified, the Exporter MUST choose a template definition
automatically according to the option type and available option data.
The timeout parameter specifies the reporting interval. If the
timeout parameter is omitted or set to zero, the corresponding
reporting information will be exported only once. Otherwise, the
information is exported periodically.
5.4.4. OptionTemplate Class
+----------------+
| OptionTemplate |
+----------------+ 0..* +------------------+
| |<>------| OptionField |
| | +------------------+
| | | [name] |
| | | ieId |
| | | ieName |
| | | ieLength |
| | | enterpriseNumber |
| | | isScope |
+----------------+ +------------------+
Figure 14: OptionTemplate class
The Option Template class specifies the fields of an Option Template
using the OptionField class. The configuration parameters of the
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 19]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
OptionField class are the same as for the Field class (see
Section 5.3.1). If the additional parameter isScope is present, the
field is a scope field.
5.5. CollectingProcess Class and Receiver Class
+-------------------+
| CollectingProcess |
+-------------------+
| [name] | 1..* +-------------+
| |<>------| Receiver | +---------------+
| | +-------------+ 1 | SctpReceiver/ |
| | | [name] |<>----| UdpReceiver/ |
| | +-------------+ | TcpReceiver/ |
| | | FileReader |
| | +---------------+
| |
| | 0..* +------------------+
| |------->| ExportingProcess |
+-------------------+ +------------------+
Figure 15: CollectingProcess class and Receiver class
The CollectingProcess class contains one or multiple receivers
specified with the Receiver class. The Receiver class contains
further configuration parameters that are specific to the transport
protocol used (SCTP, UDP, or TCP). These parameters are provided by
the receiver parameter classes SctpReceiver, UdpReceiver, and
TcpReceiver classes. The Collecting Process can also be configured
as a File Reader using the FileReader class.
An instance of the CollectingProcess class MAY refer to one or
multiple instances of the ExportingProcess class in order to export
received Flow Records without modifications to a file or to another
Collector.
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 20]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
5.5.1. Receiver Parameters Classes
+-------------------+ +----------------+
| SctpReceiver | | TcpReceiver |
+-------------------+ +----------------+
| ipAddress* | | ipAddress |
| transportPort | | transportPort |
| maxAllowedStreams | +----------------+
+-------------------+
+-------------------------+ +------------+
| UdpReceiver | | FileReader |
+-------------------------+ +------------+
| ipAddress | | uri |
| transportPort | +------------+
| defaultTemplateLifetime |
+-------------------------+
Figure 16: Receiver parameters classes
The receiver parameter classes SctpReceiver, UdpReceiver, and
TcpReceiver specify configuration parameters that are specific to the
transport protocol SCTP, UDP, and TCP:
ipAddress, transportPort: IP address and port number of the
receiving port. If ipAddress is omitted, the Collecting Process
receives data sent to any local IP address. In the case of
SctpReceiver, multiple IP addresses MAY be specified as a list of
eligible local IP addresses to be used for the local SCTP endpoint
[RFC4960].
defaultTemplateLifetime (UdpReceiver only): default template
lifetime if UDP is used as transport protocol.
maxAllowedStreams (SctpReceiver only): maximum number of allowed
inbound streams per SCTP association.
Instead of receiving records from the network, it is possible to
import them from a file in which they have been saved as proposed in
[I-D.ietf-ipfix-file]. In this case, the FileReader class MUST be
used with the following parameter:
uri: file name and location encoded as URI.
6. YANG Module of the IPFIX/PSAMP Configuration Data Model
The YANG module specification of the configuration data model is
specified as follows:
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 21]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
module ipfix-psamp {
namespace "urn:ietf:params:xml:ns:ipfix-psamp-config";
prefix ipfix;
import yang-types { prefix yang; }
import inet-types { prefix inet; }
import IF-MIB { prefix if; }
import ENTITY-MIB { prefix ent; }
organization "IPFIX WG";
contact "muenz@informatik.uni-tuebingen.de";
description "IPFIX/PSAMP Configuration Data Model";
revision 2008-07-07 {
description "Version of draft-ietf-ipfix-configuration-model-00
Changes in draft-ietf-ipfix-configuration-model-00:
- Metering Process container replaced by direct reference to
Selection Process
- concatenation of Selection Processes realize Selection Sequence
- removal of premature support of IPFIX Mediators/Concentrators.
- more SCTP parameters in SctpReceiver and SctpExport classes
- sendBufferSize parameter for all *Export classes
- templateId no longer configuration parameter
Changes in draft-muenz-ipfix-configuration-04:
- first version in yang
- Collecting Process can be configured for file import
- Collecting Process can be configured to export received
records without modifications (e.g., to file or other
collectors)
- SCTP export parameter timedReliability
- parameter for eligible local IP addresses for SCTP endpoint
- all tags names uncapitalized, types names etc. capitalized
- CacheParameters renamed as Cache
- description attribute removed
Changes in -03:
- Linecard and Interface classes now have direction element
- sec => s (SI unit)
- optional description attribute for annotations
- simplifications in ExportingProcess class
- new parameters: observationPointId, meteringProcessId,
selectorId, exportingProcessId (note that devices do not
have to support the configuration of these parameters)
- new FileExport class for exporting into a file
- Reporting class renamed Option Class
Changes in -02:
- new structure without next pointers
- packet reporting and flow metering replaced by record cache
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 22]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
- added reporting with options";
}
grouping InformationElement {
description "Parameters of an Information Element.";
leaf ieEnterpriseNumber {
description "Omitted in the case of an IETF specified Information
Elements.";
type uint32;
}
choice NameOrId {
mandatory true;
leaf ieName {
type string;
}
leaf ieId {
type uint16;
}
}
leaf ieLength {
description "Length can be omitted if a default length exists for
the specified Information Element.";
type uint16;
}
}
typedef Direction {
description "Direction of packets going through an interface or
linecard.";
type enumeration {
enum ingress;
enum egress;
enum both;
}
}
grouping Interface {
description "Interface as input to Observation Point.";
choice IndexOrName {
description "Index or name of the interface as stored in the
ifTable of IF-MIB.";
reference "RFC 1229.";
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 23]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
mandatory true;
leaf ifIndex { type uint32; }
leaf ifName { type string; }
}
leaf direction {
description "Direction of packets. If not applicable (e.g., in
the case of a sniffing interface in promiscuous mode), this
parameter is omitted";
type Direction;
default both;
}
}
grouping Linecard {
description "Linecard as input to Observation Point.";
choice IndexOrName {
description "Index or name of the linecard as stored in the
entPhysicalTable of ENTITY-MIB.";
reference "RFC 4133.";
mandatory true;
leaf entPhysicalIndex { type uint32; }
leaf entPhysicalName { type string; }
}
leaf direction {
description "Direction of packets. If not applicable (e.g., in
the case of a sniffing interface in promiscuous mode), this
parameter is omitted";
type Direction;
default both;
}
}
container ipfix {
list collectingProcess {
description "Parameters of a Collecting Process.";
key name;
leaf name {
description "Arbitrary but unique name of the Collecting
Process.";
type string;
}
list receiver {
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 24]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
description "Receiver parameters.";
key name;
leaf name { type string; }
choice TransportProtocol {
mandatory true;
container sctpReceiver {
description "SCTP receiver parameters.";
reference "RFC 4960.";
leaf-list ipAddress {
description "List of eligible local IP addresses to be
used by the SCTP endpoint. If omitted, all locally
assigned IP addresses are used by the SCTP endpoint.";
type inet:ip-address;
}
leaf transportPort {
mandatory true;
type inet:port-number;
}
leaf maxAllowedStreams {
description "Maximum number of allowed inbound streams
per SCTP association.";
type uint16;
}
}
container udpReceiver {
description "UDP receiver parameters.";
leaf ipAddress {
description "If omitted, all locally assigned IP
addresses are used by the UDP endpoint.";
type inet:ip-address;
}
leaf transportPort {
mandatory true;
type inet:port-number;
}
leaf defaultTemplateLifetime { type uint32; }
}
container tcpReceiver {
description "TCP receiver parameters.";
leaf ipAddress {
description "If omitted, all locally assigned IP
addresses are used by the TCP endpoint.";
type inet:ip-address;
}
leaf transportPort {
mandatory true;
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 25]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
type inet:port-number;
}
}
container fileReader {
description "File Reader parameters.";
leaf uri {
mandatory true;
type yang:uri;
}
}
}
}
leaf-list exportingProcess {
description "Export of received records without any
modifications. Records are processed by all Exporting
Processes in the list.";
type keyref { path "/ipfix/exportingProcess/name"; }
}
}
list observationPoint {
description "Parameters of an Observation Point.";
key name;
leaf name {
description "Arbitrary but unique name of the Observation
Point.";
type string;
}
leaf observationPointId {
description "If omitted, the Observation Point ID is assigned
by the monitoring device.";
type uint32;
}
leaf observationDomainId {
description "If omitted, the Observation Domain ID is assigned
by the monitoring device.";
type uint32;
}
choice OPType {
mandatory true;
container interface { uses Interface; }
container linecard { uses Linecard; }
}
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 26]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
leaf-list selectionProcess {
description "Selection Processes in this list process packets
in parallel.";
type keyref { path "/ipfix/selectionProcess/name"; }
}
}
list selectionProcess {
description "Parameters of a Selection Process (i.e., Primitive
Selector).";
key name;
leaf name {
description "Arbitrary but unique name of the Selection
Process.";
type string;
}
leaf selectorId {
description "If omitted, the Selector ID is assigned by the
monitoring device.";
type uint32;
}
choice Method {
description "See PSAMP-MIB for details about the selection
methods and their parameters.";
reference "draft-ietf-psamp-mib-06.";
mandatory true;
leaf selectAll {
type empty;
}
container sampCountBased {
leaf interval { type uint32; }
leaf spacing { type uint32; }
}
container sampTimeBased {
leaf interval { type uint32; }
leaf spacing { type uint32; }
}
container sampRandOutOfN {
leaf population { type uint32; }
leaf sample { type uint32; }
}
container sampUniProb {
leaf probability {
description "The given value must be divided by
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 27]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
4294967295.";
type uint32;
}
}
container sampNonUniProb {
description "In PSAMP-MIB, these are OIDs.";
leaf function { type string; }
leaf funcParam { type string; }
}
container sampFlowState {
description "In PSAMP-MIB, these are OIDs.";
leaf function { type string; }
leaf funcParam { type string; }
}
container filterMatch {
leaf fieldId { type uint32; }
leaf startValue { type string; }
leaf stopValue { type string; }
leaf mask { type string; }
}
container filterHash {
description "In PSAMP-MIB, function and funcParam are OIDs.";
leaf addrType { type inet:ip-version; }
leaf headerBits { type string; }
leaf payloadBytes { type uint32; }
leaf payloadBits { type string; }
leaf function { type string; }
leaf funcParam { type string; }
leaf inputBits { type uint32; }
leaf outputBits { type uint32; }
leaf outputMask { type string; }
leaf selection { type string; }
}
container filterRState {
description "In PSAMP-MIB, vendorFunc is OID.";
leaf function { type int32; }
leaf negate { type boolean; }
leaf ifIndex {
description "Index of the interface as stored in the
ifTable of IF-MIB.";
reference "RFC 2863.";
type uint32;
}
leaf startAS { type inet:asn; }
leaf stopAS { type inet:asn; }
leaf vendorFunc { type string; }
}
}
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 28]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
leaf-list selectionProcess {
description "A Selection Process may pass selected packets or
records to further Selection Processes, building Selection
Sequences. All Selection Processes in this list process
packets or records in parallel.";
type keyref { path "/ipfix/selectionProcess/name"; }
}
leaf-list cache {
description "Caches in this list receive packets or records in
parallel.";
type keyref { path "/ipfix/cache/name"; }
}
}
list cache {
description "Parameters of a Cache.";
key name;
leaf name {
description "Arbitrary but unique name of the Cache.";
type string;
}
leaf cacheType {
mandatory true;
type enumeration {
enum immediate {
description "Flow expiration after the first packet,
generation of Packet Records.";
}
enum normal {
description "Flow expiration after active and idle timeout,
generation of Flow Records.";
}
enum permanent {
description "No flow expiration, periodical export after
active timeout, generation of Flow Records.";
}
}
}
leaf maxRecords { type uint32; }
leaf activeTimeout { type yang:timeticks; }
leaf idleTimeout { type yang:timeticks; }
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 29]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
container cacheLayout {
list field {
min-elements 1;
key name;
leaf name { type string; }
uses InformationElement;
leaf isFlowKey { type empty; }
}
}
leaf-list exportingProcess {
description "Records are exported by all Exporting Processes in
the list.";
type keyref { path "/ipfix/exportingProcess/name"; }
}
}
list exportingProcess {
description "Parameters of an Exporting Process.";
key name;
leaf name {
description "Arbitrary but unique name of the Exporting
Process.";
type string;
}
leaf exportingProcessId {
description "If omitted, the Exporting Process ID is assigned
by the monitoring device.";
type uint32;
}
list destination {
key name;
leaf name { type string; }
leaf type {
description "Transport Session type according to IPFIX-MIB";
reference "draft-ietf-ipfix-mib-02.";
type enumeration {
enum primary;
enum secondary;
enum duplicate;
enum loadBalancing;
enum unused;
}
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 30]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
}
choice TransportProtocol {
mandatory true;
container sctpExport {
description "SCTP export parameters.";
reference "RFC 3758, RFC 4960.";
leaf destinationIpAddress {
mandatory true;
type inet:ip-address;
}
leaf destinationTransportPort {
type inet:port-number;
default 4739;
}
leaf-list sourceIpAddress {
description "List of eligible local IP addresses to be
used by the SCTP endpoint. If omitted, all locally
assigned IP addresses are used by the local endpoint.";
type inet:ip-address;
}
leaf sendBufferSize { type uint32; }
leaf timedReliability {
description "PR-SCTP lifetime for IPFIX Messages
containing Data Sets only.";
type yang:timeticks;
default 0;
}
leaf numberOfStreams {
description "Number of outbound streams requested for the
SCTP association.";
type uint16;
}
leaf orderedDelivery {
description "Ordered delivery of IPFIX Messages
containing Data Sets.";
type boolean;
default "true";
}
}
container udpExport {
description "UDP export parameters.";
leaf destinationIpAddress {
mandatory true;
type inet:ip-address;
}
leaf destinationTransportPort {
type inet:port-number;
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 31]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
default 4739;
}
leaf sourceIpAddress {
description "Source IP address. If omitted, the address
assigned to the outgoing interface is used.";
type inet:ip-address;
}
leaf sendBufferSize { type uint32; }
leaf templateRefreshTimeout { type yang:timeticks; }
leaf templateRefreshPacket { type uint32; }
leaf optionTemplateRefreshTimeout { type yang:timeticks; }
leaf optionTemplateRefreshPacket { type uint32; }
}
container tcpExport {
description "TCP export parameters.";
leaf destinationIpAddress {
mandatory true;
type inet:ip-address;
}
leaf destinationTransportPort {
type inet:port-number;
default 4739;
}
leaf sendBufferSize { type uint32; }
}
container fileWriter {
description "File Writer parameters.";
leaf uri {
mandatory true;
type yang:uri;
}
}
}
list option {
key name;
leaf name { type string; }
leaf type {
mandatory true;
type enumeration {
enum "meteringStatistics" {
description "Metering Process Statistics.";
reference "RFC 5101, section 4.1.";
}
enum "meteringReliability" {
description "Metering Process Reliability Statistics.";
reference "RFC 5101, section 4.2.";
}
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 32]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
enum "exportingReliability" {
description "Exporting Process Reliability
Statistics.";
reference "RFC 5101, section 4.3.";
}
enum "flowKeys" {
description "Flow Keys.";
reference "RFC 5101, section 4.4.";
}
enum "selectionSequence" {
description "Selection Sequence and Selector Reports.";
reference "draft-ietf-psamp-protocol-09, section 6.5.1
and 6.5.2.";
}
enum "selectionStatistics" {
description "Selection Sequence Statistics Report.";
reference "draft-ietf-psamp-protocol-09, section
6.5.3.";
}
enum "accuracy" {
description "Accuracy Report.";
reference "draft-ietf-psamp-protocol-09, section
6.5.4.";
}
enum "reducingRedundancy" {
description "Application of
ipfix-reducing-redundancy.";
reference "draft-ietf-ipfix-reducing-redundancy-04";
}
}
}
leaf timeout {
description "Time interval for exporting option data.";
type yang:timeticks;
default 0;
}
container optionTemplate {
description "If no Option Template is specified, the
Exporter defines a template according to option type and
available option data.";
presence "If present, the Exporter is to use this Option
Template to export the option data.";
list optionField {
key name;
ordered-by user;
leaf name { type string; }
uses InformationElement;
leaf isScope { type empty; }
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 33]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
}
}
}
}
}
}
}
7. Examples
This section shows example configurations conforming to the YANG
module specified in Section 6.
7.1. PSAMP Device
This example shows two PSAMP Selection Sequences configured for the
same Observation Point. The first Selection Sequence consists of two
Selection Processes, a filter for UDP packets and a random sampler,
the second is just an ICMP filter. The outputs of both Selection
Sequences enter the same Cache. The cache type is "immediate"
resulting in the creation of PSAMP Packet Records for every single
packet. The associated Exporting Process exports to one collector
using PR-SCTP. As the destination transport is omitted, the standard
IPFIX port 4739 is used. Exporting Process reliability statistics
are reported using a configured Option Template.
<ipfix xmlns="urn:ietf:params:xml:ns:ipfix-psamp-config">
<observationPoint>
<name>OP at linecard 3</name>
<observationPointId>1</observationPointId>
<observationDomainId>12345</observationDomainId>
<linecard>
<entPhysicalIndex>3</entPhysicalIndex>
</linecard>
<selectionProcess>UDP filter</selectionProcess>
<selectionProcess>ICMP filter</selectionProcess>
</observationPoint>
<selectionProcess>
<name>UDP filter</name>
<selectorId>1</selectorId>
<filterMatch>
<fieldId>4</fieldId>
<startValue>17</startValue>
<stopValue>17</stopValue>
</filterMatch>
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 34]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
<selectionProcess>10-out-of-100 sampler</selectionProcess>
</selectionProcess>
<selectionProcess>
<name>10-out-of-100 sampler</name>
<selectorId>3</selectorId>
<sampRandOutOfN>
<population>100</population>
<sample>10</sample>
</sampRandOutOfN>
<cache>PSAMP cache</cache>
</selectionProcess>
<selectionProcess>
<name>ICMP filter</name>
<selectorId>2</selectorId>
<filterMatch>
<fieldId>4</fieldId>
<startValue>1</startValue>
<stopValue>1</stopValue>
</filterMatch>
<cache>PSAMP cache</cache>
</selectionProcess>
<cache>
<name>PSAMP cache</name>
<cacheType>immediate</cacheType>
<maxRecords>512</maxRecords>
<cacheLayout>
<field>
<name>Field 1</name>
<ieId>313</ieId>
<ieLength>64</ieLength>
</field>
<field>
<name>Field 2</name>
<ieName>154</ieName>
</field>
</cacheLayout>
<exportingProcess>The only exporter</exportingProcess>
</cache>
<exportingProcess>
<name>The only exporter</name>
<exportingProcessId>1</exportingProcessId>
<destination>
<name>PR-SCTP collector</name>
<type>primary</type>
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 35]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
<sctpExport>
<destinationIpAddress>192.0.2.1</destinationIpAddress>
<timedReliability>500</timedReliability>
<numberOfStreams>1</numberOfStreams>
</sctpExport>
<option>
<name>Option 1</name>
<type>exportingReliability</type>
<timeout>30000</timeout>
<optionTemplate>
<optionField>
<name>Field 1</name>
<ieName>exportingProcessId</ieName>
<isScope/>
</optionField>
<optionField>
<name>Field 2</name>
<ieName>notSentPacketTotalCount</ieName>
</optionField>
</optionTemplate>
</option>
</destination>
</exportingProcess>
</ipfix>
7.2. IPFIX Device
This example demonstrates the shared usage of a Cache for maintaining
Flow Records from two different Observation Points. Packets are
selected using different sampling techniques. The Exporting Process
sends the Flow Records to a primary destination using SCTP. A UDP
Collector is specified as secondary, i.e. backup destination.
Exporting Process reliability statistics are reported to the SCTP
collector, Selection Sequence and Selector Report Interpretation to
both, SCTP and UDP collector.
<ipfix xmlns="urn:ietf:params:xml:ns:ipfix-psamp-config">
<observationPoint>
<name>OP at eth0 (ingress)</name>
<observationDomainId>12345</observationDomainId>
<interface>
<ifName>eth0</ifName>
<direction>ingress</direction>
</interface>
<selectionProcess>Count-based sampler</selectionProcess>
</observationPoint>
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 36]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
<observationPoint>
<name>OP at eth1</name>
<observationDomainId>12346</observationDomainId>
<interface>
<ifName>eth1</ifName>
</interface>
<selectionProcess>Time-based sampler</selectionProcess>
</observationPoint>
<selectionProcess>
<name>Count-based sampler</name>
<sampCountBased>
<interval>1</interval>
<spacing>99</spacing>
</sampCountBased>
<cache>Flow cache</cache>
</selectionProcess>
<selectionProcess>
<name>Time-based sampler</name>
<sampCountBased>
<interval>20</interval>
<spacing>980</spacing>
</sampCountBased>
<cache>Flow cache</cache>
</selectionProcess>
<cache>
<name>Flow cache</name>
<cacheType>normal</cacheType>
<maxRecords>4096</maxRecords>
<activeTimeout>500</activeTimeout>
<idleTimeout>1000</idleTimeout>
<cacheLayout>
<field>
<name>Field 1</name>
<ieName>sourceIPv4Address</ieName>
<isFlowKey/>
</field>
<field>
<name>Field 2</name>
<ieName>destinationIPv4Address</ieName>
<isFlowKey/>
</field>
<field>
<name>Field 3</name>
<ieName>transportProtocol</ieName>
<isFlowKey/>
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 37]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
</field>
<field>
<name>Field 4</name>
<ieName>sourceTransportPort</ieName>
<isFlowKey/>
</field>
<field>
<name>Field 5</name>
<ieName>destinationTransportPort</ieName>
<isFlowKey/>
</field>
<field>
<name>Field 6</name>
<ieName>flowStartMilliSeconds</ieName>
</field>
<field>
<name>Field 7</name>
<ieName>flowEndSeconds</ieName>
</field>
<field>
<name>Field 8</name>
<ieName>octetDeltaCount</ieName>
</field>
<field>
<name>Field 9</name>
<ieName>packetDeltaCount</ieName>
</field>
</cacheLayout>
<exportingProcess>SCTP export with UDP backup</exportingProcess>
</cache>
<exportingProcess>
<name>SCTP export with UDP backup</name>
<destination>
<name>SCTP destination</name>
<type>primary</type>
<sctpExport>
<destinationIpAddress>192.0.2.1</destinationIpAddress>
<destinationTransportPort>4739</destinationTransportPort>
<orderedDelivery>true</orderedDelivery>
</sctpExport>
<option>
<name>Option 1</name>
<type>selectionSequence</type>
<timeout>0</timeout>
</option>
<option>
<name>Option 2</name>
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 38]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
<type>exportingReliability</type>
<timeout>6000</timeout>
</option>
</destination>
<destination>
<name>UDP destination</name>
<type>secondary</type>
<udpExport>
<destinationIpAddress>192.0.2.2</destinationIpAddress>
<destinationTransportPort>4739</destinationTransportPort>
<sourceIpAddress>127.0.0.1</sourceIpAddress>
<templateRefreshTimeout>6000</templateRefreshTimeout>
<optionTemplateRefreshTimeout>6000
</optionTemplateRefreshTimeout>
</udpExport>
<option>
<name>Option 1</name>
<type>selectionSequence</type>
<timeout>30000</timeout>
</option>
</destination>
</exportingProcess>
</ipfix>
7.3. Collector and File Writer
This example configures a Collector which writes the received Flow
Records to a file.
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 39]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
<ipfix xmlns="urn:ietf:params:xml:ns:ipfix-psamp-config">
<collectingProcess>
<name>SCTP collector</name>
<receiver>
<name>Listening port 4739</name>
<sctpReceiver>
<ipAddress>192.0.2.1</ipAddress>
<transportPort>4739</transportPort>
<maxAllowedStreams>64</maxAllowedStreams>
</sctpReceiver>
</receiver>
<exportingProcess>File writer</exportingProcess>
</collectingProcess>
<exportingProcess>
<name>File writer</name>
<destination>
<name>File destination</name>
<type>primary</type>
<fileWriter>
<uri>file://tmp/collected-records.ipfix</uri>
</fileWriter>
</destination>
</exportingProcess>
</ipfix>
8. Security Considerations
The IPFIX/PSAMP configuration data model does not introduce security
issues. Configuration data encoded according to the configuration
data model may contain sensitive information. Therefore, if
configuration data is transmitted, the underlying protocol must apply
appropriate procedures to guarantee the integrity and confidentiality
of the data. Particularly, if the NETCONF protocol is used to
configure IPFIX and PSAMP compliant monitoring devices, the security
considerations of the NETCONF protocol apply [RFC4741].
Appendix A. Acknowledgements
The authors thank Martin Bjorklund for helping specifying the
configuration data model in YANG.
9. References
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 40]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
9.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC5101] Claise, B., "Specification of the IP Flow Information
Export (IPFIX) Protocol for the Exchange of IP Traffic
Flow Information", RFC 5101, January 2008.
[RFC5102] Quittek, J., Bryant, S., Claise, B., Aitken, P., and J.
Meyer, "Information Model for IP Flow Information Export",
RFC 5102, January 2008.
[I-D.ietf-psamp-protocol]
Claise, B., "Packet Sampling (PSAMP) Protocol
Specifications", draft-ietf-psamp-protocol-09 (work in
progress), December 2007.
[I-D.ietf-psamp-info]
Dietz, T., Claise, B., Aitken, P., Dressler, F., and G.
Carle, "Information Model for Packet Sampling Exports",
draft-ietf-psamp-info-08 (work in progress),
February 2008.
[W3C.REC-xml-20040204]
Bray, T., Maler, E., Yergeau, F., Sperberg-McQueen, C.,
and J. Paoli, "Extensible Markup Language (XML) 1.0 (Third
Edition)", World Wide Web Consortium FirstEdition REC-xml-
20040204, February 2004,
<http://www.w3.org/TR/2004/REC-xml-20040204>.
[I-D.bjorklund-netconf-yang]
Bjorklund, M., "YANG - A data modeling language for
NETCONF", draft-bjorklund-netconf-yang-02 (work in
progress), February 2008.
[UML] "OMG Unified Modeling Language (OMG UML), Superstructure,
V2.1.2", OMG formal/2007-11-02, November 2007.
9.2. Informative References
[W3C.REC-xmlschema-0-20041028]
Fallside, D. and P. Walmsley, "XML Schema Part 0: Primer
Second Edition", World Wide Web Consortium
Recommendation REC-xmlschema-0-20041028, October 2004,
<http://www.w3.org/TR/2004/REC-xmlschema-0-20041028>.
[RFC4741] Enns, R., "NETCONF Configuration Protocol", RFC 4741,
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 41]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
December 2006.
[W3C.REC-soap12-part1-20070427]
Nielsen, H., Lafon, Y., Hadley, M., Gudgin, M.,
Mendelsohn, N., Moreau, J., and A. Karmarkar, "SOAP
Version 1.2 Part 1: Messaging Framework (Second Edition)",
World Wide Web Consortium Recommendation REC-soap12-part1-
20070427, April 2007,
<http://www.w3.org/TR/2007/REC-soap12-part1-20070427>.
[I-D.ietf-ipfix-as]
Zseby, T., "IPFIX Applicability", draft-ietf-ipfix-as-12
(work in progress), July 2007.
[I-D.ietf-ipfix-architecture]
Sadasivan, G., "Architecture for IP Flow Information
Export", draft-ietf-ipfix-architecture-12 (work in
progress), September 2006.
[I-D.ietf-ipfix-mib]
Dietz, T., Kobayashi, A., and B. Claise, "Definitions of
Managed Objects for IP Flow Information Export",
draft-ietf-ipfix-mib-03 (work in progress), February 2008.
[I-D.ietf-ipfix-file]
Trammell, B., Boschi, E., Mark, L., Zseby, T., and A.
Wagner, "An IPFIX-Based File Format",
draft-ietf-ipfix-file-01 (work in progress),
February 2008.
[I-D.ietf-ipfix-reducing-redundancy]
Boschi, E., "Reducing Redundancy in IP Flow Information
Export (IPFIX) and Packet Sampling (PSAMP) Reports",
draft-ietf-ipfix-reducing-redundancy-04 (work in
progress), May 2007.
[RFC3917] Quittek, J., Zseby, T., Claise, B., and S. Zander,
"Requirements for IP Flow Information Export (IPFIX)",
RFC 3917, October 2004.
[RFC3758] Stewart, R., Ramalho, M., Xie, Q., Tuexen, M., and P.
Conrad, "Stream Control Transmission Protocol (SCTP)
Partial Reliability Extension", RFC 3758, May 2004.
[RFC4960] Stewart, R., "Stream Control Transmission Protocol",
RFC 4960, September 2007.
[I-D.ietf-psamp-framework]
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 42]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
Chiou, D., Claise, B., Duffield, N., Greenberg, A.,
Grossglauser, M., Rexford, J., and S. Goldberg, "A
Framework for Packet Selection and Reporting",
draft-ietf-psamp-framework-13 (work in progress),
June 2008.
[I-D.ietf-psamp-mib]
Dietz, T. and B. Claise, "Definitions of Managed Objects
for Packet Sampling", draft-ietf-psamp-mib-06 (work in
progress), June 2006.
[I-D.ietf-psamp-sample-tech]
Zseby, T., "Sampling and Filtering Techniques for IP
Packet Selection", draft-ietf-psamp-sample-tech-10 (work
in progress), June 2007.
[RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group
MIB", RFC 2863, June 2000.
[RFC4133] Bierman, A. and K. McCloghrie, "Entity MIB (Version 3)",
RFC 4133, August 2005.
[YANG-WEB]
Bjoerklund, M., "YANG WebHome",
Homepage http://www.yang-central.org, February 2008.
Authors' Addresses
Gerhard Muenz
University of Tuebingen
Computer Networks and Internet
Sand 13
Tuebingen D-72076
DE
Phone: +49 7071 29-70534
Email: muenz@informatik.uni-tuebingen.de
URI: http://net.informatik.uni-tuebingen.de/~muenz
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 43]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
Benoit Claise
Cisco Systems, Inc.
De Kleetlaan 6a b1
Diegem 1831
BE
Phone: +32 2 704 5622
Email: bclaise@cisco.com
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 44]
Internet-Draft IPFIX/PSAMP Configuration Data Model July 2008
Full Copyright Statement
Copyright (C) The IETF Trust (2008).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
Muenz & Claise draft-ietf-ipfix-configuration-model-00.txt [Page 45]
| PAFTECH AB 2003-2026 | 2026-04-23 09:25:17 |