2.4.5 IP Flow Information Export (ipfix)

NOTE: This charter is a snapshot of the 76th IETF Meeting in Hiroshima, Japan. It may now be out-of-date.

Last Modified: 2009-09-29

Chair(s):

Nevil Brownlee <n.brownlee@auckland.ac.nz>
Juergen Quittek <quittek@netlab.nec.de>

Operations and Management Area Director(s):

Dan Romascanu <dromasca@avaya.com>
Ronald Bonica <rbonica@juniper.net>

Operations and Management Area Advisor:

Dan Romascanu <dromasca@avaya.com>

Mailing Lists:

General Discussion: ipfix@ietf.org
To Subscribe: http://www.ietf.org/mailman/listinfo/ipfix
Archive: http://www.ietf.org/mail-archive/web/ipfix

Description of Working Group:

The IPFIX working group has specified the Information Model (to describe
IP flows) and the IPFIX protocol (to transfer IP flow data from IPFIX
exporters to collectors). Several implementers have already built
applications using the IPFIX protocol. As a result of a series of IPFIX
interoperability testing events the WG has produced guidelines for IPFIX
implementation and testing as well as recommendations for handling
special cases such as bidirectional flow reporting and reducing
redundancy in flow records.

Practical experiences with IPFIX implementations exposed new
requirements for the IPFIX protocol that so far have not been addressed
by the WG. The major current goal of the WG is developing solutions that
meet the new requirements without modifying the core IPFIX protocol
specifications.

1. The IPFIX WG has developed a MIB module for monitoring IPFIX
implementations. Means for configuring these devices have not been
standardized yet. The WG will develop an XML-based configuration data
model that can be used for configuring IPFIX devices and for storing,
modifying and managing IPFIX configurations parameter sets. This work
will be performed in close collaboration with the NETCONF WG.

2. First applications of IPFIX at large operator networks showed the
need for mediation of flow information, for example, for aggregating
huge amounts of flow data and for anomymization of flow information.
The IPFIX WG will investigate this issue and produce a problem statement
and a framework for IPFIX flow mediation.

3. The PSAMP WG has developed a protocol for reporting observed packets.
The PSAMP protocol is an extension of the IPFIX protocol. The IPFIX WG
will develop a MIB module for monitoring PSAMP implementations. The new
MIB module will be an extension of the IPFIX MIB module.

4. Anonymization of flow information has been identified as a
requirement for flow information export already in RFC 3917. However,
technologies for flow anonymization are still a research issue and have
so far not been considered to be mature enough for standardization.
As one step in this direction, the IPFIX WG will develop guidelines for
the implementation of anonymized data export and storage over IPFIX and
define an information model for configuring and reporting anonymization
applied at IPFIX devices.

5. The IPFIX and PSAMP WGs have defined standards for selecting observed
IP packets and collecting information in flow records.
In order to reduce the amount of data to be processed, packet selection
methods have been defined. Another method for reducing flow data is flow
selection. The IPFIX WG will define methods for flow selection and
provide an information model for configuring and reporting flow
selection applied at IPFIX devices.

6. Being designed for the export of flow records the IPFIX protocol
provides very limited means for structuring information elements within
IPFIX records. With the increasing number of IPFIX applications there is
a need for exporting more complex information. The IPFIX WG will develop
an extension of the IPFIX protocol that supports hierarchically
structured data and lists (sequences) of Information Elements in data
records.

Goals and Milestones:

Done  Submit Revised Internet-Draft on IP Flow Export Requirements
Done  Submit Internet-Draft on IP Flow Export Architecture
Done  Submit Internet-Draft on IP Flow Export Data Model
Done  Submit Internet-Draft on IPFIX Protocol Evaluation Report
Done  Submit Internet-Draft on IP Flow Export Applicability Statement
Done  Select IPFIX protocol, revise Architecture and Data Model drafts
Done  Submit IPFX-REQUIREMENTS to IESG for publication as Informational RFC
Done  Submit IPFIX Protocol Evaluation Report to IESG for publication as Informational RFC
Done  Submit IPFX-ARCHITECTURE to IESG for publication as Proposed Standard RFC
Done  Submit IPFX-INFO_MODEL to IESG for publication as Informational RFC
Done  Submit IPFX-APPLICABILITY to IESG for publication as Informational RFC
Done  Submit IPFX-PROTOCOL to IESG for publication as Proposed Standard RFC
Done  Publish Internet Draft on IPFIX Implementation Guidelines
Done  Publish Internet Draft on Reducing Redundancy in IPFIX data transfer
Done  Publish Internet Draft on Handling IPFIX Bidirectional Flows
Done  Publish Internet Draft on IPFIX Testing
Done  Publish Internet Draft on IPFIX MIB
Done  Submit IPFIX Implementation Guidelines draft to IESG for publication as Informational RFC
Done  Submit IPFIX Reducing Redundancy draft to IESG for publication as Informational RFC
Done  Submit IPFIX Testing draft to IESG for publication as Informational RFC
Done  Submit IPFIX Biflows draft to IESG for publication as Standards Track RFC
Done  Publish Internet draft on IPFIX Type Information Export
Done  Publish Internet draft on IPFIX File Format
Done  Publish Internet draft on IPFIX Configuration Data Model
Done  Publish Internet draft on Single SCTP Stream Reporting
Done  Submit File Format draft to IESG for publication as Standards track RFC
Done  Publish Internet draft on IPFIX Mediation Problem Statement
Done  Submit IPFIX MIB draft to IESG for publication as Standards track RFC
Done  Submit Type Export draft to IESG for publication as Standards track RFC
Done  Submit Single SCTP Stream draft to IESG for publication as Informational RFC
Oct 2009  Submit Mediation Problem Statement I-D to IESG for publication as Informational RFC
Oct 2009  Submit initial draft on anonymization support
Oct 2009  Submit initial draft on flow selection
Oct 2009  Submit initial draft on structuring information elements
Jan 2010  Submit final version of PSAMP MIB module
Jan 2010  Submit Configuration Data Model draft to IESG for publication as Standards track RFC
Jan 2010  Submit Mediation Framework I-D to IESG for publication as Informational RFC
Jun 2010  Submit anonymization support I-D to IESG for publication as Experimental RFC
Jun 2010  Submit flow selection I-D to IESG for publication as Standards Track RFC
Jun 2010  Submit structuring information elements I-D to IESG for publication as Standards Track RFC

Internet-Drafts:

  • draft-ietf-ipfix-mib-10.txt
  • draft-ietf-ipfix-mediators-problem-statement-07.txt
  • draft-ietf-ipfix-mediators-framework-04.txt
  • draft-ietf-ipfix-export-per-sctp-stream-06.txt
  • draft-ietf-ipfix-configuration-model-04.txt
  • draft-ietf-ipfix-anon-01.txt
  • draft-ietf-ipfix-structured-data-00.txt
  • draft-ietf-ipfix-flow-selection-tech-00.txt
  • draft-ietf-ipfix-reliability-template-ext-00.txt

    Request For Comments:

    RFCStatusTitle
    RFC3917 I Requirements for IP Flow Information Export
    RFC3955 I Evaluation of Candidate Protocols for IP Flow Information Export (IPFIX)
    RFC5101 PS Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information
    RFC5102 PS Information Model for IP Flow Information Export
    RFC5103 PS Bidirectional Flow Export using IP Flow Information Export (IPFIX)
    RFC5153 I IPFIX Implementation Guidelines
    RFC5470 I Architecture for IP Flow Information Export
    RFC5471 I Guidelines for IP Flow Information Export (IPFIX) Testing
    RFC5472 I IP Flow Information Export (IPFIX) Applicability
    RFC5473 I Reducing Redundancy in IP Flow Information Export (IPFIX) and Packet Sampling (PSAMP) Reports
    RFC5610 PS Exporting Type Information for IPFIX Information Elements
    RFC5655 PS Specification of the IP Flow Information Export (IPFIX) File Format

    Meeting Minutes


    Slides

    IPFIX WG Status
    IPFIX MIB
    IPFIX Configuration
    IPFIX SCTP per-stream
    IPFIX Mediation Problem Statement
    IPFIX Mediation Framework
    Export of Structured Data in IPFIX
    IPFIX Anonymisation Support
    IPFIX Data Link Monitoring
    IPFIX Mediation Protocol