IP Flow Information Export (ipfix)
----------------------------------
Charter
Last Modified: 2007-11-26
Current Status: Active Working Group
Chair(s):
Nevil Brownlee <n.brownlee@auckland.ac.nz>
Juergen Quittek <quittek@netlab.nec.de>
Operations and Management Area Director(s):
Dan Romascanu <dromasca@avaya.com>
Ronald Bonica <rbonica@juniper.net>
Operations and Management Area Advisor:
Dan Romascanu <dromasca@avaya.com>
Mailing Lists:
General Discussion:ipfix@ietf.org
To Subscribe: http://www1.ietf.org/mailman/listinfo/ipfix
Archive: http://www1.ietf.org/mail-archive/web/ipfix/current/index.html
Description of Working Group:
There are a number of IP flow information export systems in common
use. These systems differ significantly, even though some have
adopted a common transport mechanism; such differences make it
difficult to develop generalized flow analysis tools. As such, there
is a need in industry and the Internet research community for IP
devices such as routers to export flow information in a standard way
to external systems such as mediation systems, accounting/billing
systems, and network management systems to facilitate services such as
Internet research, measurement, accounting, and billing.
An IP flow information export system includes a data model, which
represents the flow information, and a transport protocol. An
"exporter," which is typically an IP router or IP traffic measurement
device, will employ the IP flow information export system to report
information about "IP flows," these being series of related IP packets
that have been either forwarded or dropped. The reported flow
information will include both (1) those attributes derived from the IP
packet headers such as source and destination address, protocol, and
port number and (2) those attributes often known only to the exporter
such as ingress and egress ports, IP (sub)net mask, autonomous system
numbers and perhaps sub-IP-layer information.
This group will select a protocol by which IP flow information can be
transferred in a timely fashion from an "exporter" to a collection
station or stations and define an architecture which employs it. The
protocol must run over an IETF approved congestion-aware transport
protocol such as TCP or SCTP.
Specific Goals
o Define the notion of a "standard IP flow." The flow definition
will be a practical one, similar to those currently in use by
existing non-standard flow information export protocols which
have attempted to achieve similar goals but have not documented
their flow definition.
o Devise data encodings that support analysis of IPv4 and IPv6
unicast and multicast flows traversing a network element at
packet header level and other levels of aggregation as requested
by the network operator according to the capabilities of the
given router implementation.
o Consider the notion of IP flow information export based upon
packet sampling.
o Identify and address any security privacy concerns affecting
flow data. Determine technology for securing the flow information
export data, e.g. TLS.
o Specify the transport mapping for carrying IP flow information,
one which is amenable to router and instrumentation implementers,
and to deployment.
o Ensure that the flow export system is reliable in that it will
minimize the likelihood of flow data being lost due to resource
constraints in the exporter or receiver and to accurately report
such loss if it occurs.
Goals and Milestones:
Done Submit Revised Internet-Draft on IP Flow Export Requirements
Done Submit Internet-Draft on IP Flow Export Architecture
Done Submit Internet-Draft on IP Flow Export Data Model
Done Submit Internet-Draft on IPFIX Protocol Evaluation Report
Done Submit Internet-Draft on IP Flow Export Applicability Statement
Done Select IPFIX protocol, revise Architecture and Data Model
drafts
Done Submit IPFX-REQUIREMENTS to IESG for publication as
Informational RFC
Done Submit IPFIX Protocol Evaluation Report to IESG for publication
as Informational RFC
Done Submit IPFX-ARCHITECTURE to IESG for publication as Proposed
Standard RFC
Done Submit IPFX-INFO_MODEL to IESG for publication as Informational
RFC
Done Submit IPFX-APPLICABILITY to IESG for publication as
Informational RFC
Done Submit IPFX-PROTOCOL to IESG for publication as Proposed
Standard RFC
Done Publish Internet Draft on IPFIX Implementation Guidelines
Done Publish Internet Draft on Reducing Redundancy in IPFIX data
transfer
Done Publish Internet Draft on Handling IPFIX Bidirectional Flows
Done Publish Internet Draft on IPFIX Testing
Done Publish Internet Draft on IPFIX MIB
Done Submit IPFIX Implementation Guidelines draft to IESG for
publication as Informational RFC
Done Submit IPFIX Reducing Redundancy draft to IESG for publication
as Informational RFC
Done Submit IPFIX Testing draft to IESG for publication as
Informational RFC
Done Submit IPFIX Biflows draft to IESG for publication as Standards
Track RFC
Done Submit IPFIX MIB draft to IESG for publication as Standards
track RFC
Nov 2007 Submit IPFIX Testing draft to IESG for publication as
Informational RFC
Nov 2007 Submit IPFIX MIB draft to IESG for publication as Standards
track RFC
Dec 2007 Publish Internet draft on IPFIX Type Information Export
Dec 2007 Publish Internet draft on IPFIX Configuration Data Model
Dec 2007 Publish Internet draft on IPFIX File Format
Dec 2007 Publish Internet draft on Single SCTP Stream Reporting
Jan 2008 Publish Internet draft on IPFIX Mediation Problem Statement
Jan 2008 Submit File Format draft to IESG for publication as Standards
track RFC
Jun 2008 Submit Type Export draft to IESG for publication as Standards
track RFC
Jun 2008 Submit Single SCTP Stream draft to IESG for publication as
Informational RFC
Oct 2008 Submit Configuration Data Model draft to IESG for publication
as Standards track RFC
Oct 2008 Submit Mediation Problem draft to IESG for publication as
Informational RFC
Internet-Drafts:
Posted Revised I-D Title <Filename>
------ ------- --------------------------------------------
Feb 2002 Sep 2006 <draft-ietf-ipfix-architecture-12.txt>
Architecture for IP Flow Information Export
Jun 2003 Jul 2007 <draft-ietf-ipfix-as-12.txt>
IPFIX Applicability
Sep 2006 Dec 2007 <draft-ietf-ipfix-implementation-guidelines-08.txt>
IPFIX Implementation Guidelines
Sep 2006 May 2007 <draft-ietf-ipfix-reducing-redundancy-04.txt>
Reducing Redundancy in IP Flow Information Export (IPFIX) and
Packet Sampling (PSAMP) Reports
Oct 2006 Feb 2008 <draft-ietf-ipfix-testing-04.txt>
Guidelines for IP Flow Information eXport (IPFIX) Testing
Feb 2007 Dec 2007 <draft-ietf-ipfix-mib-02.txt>
Definitions of Managed Objects for IP Flow Information Export
Jan 2008 Jan 2008 <draft-ietf-ipfix-file-00.txt>
An IPFIX-Based File Format
Jan 2008 Jan 2008 <draft-ietf-ipfix-exporting-type-00.txt>
Exporting Type Information for IPFIX Information Elements
Request For Comments:
RFC Stat Published Title
------- -- ----------- ------------------------------------
RFC3917 I Oct 2004 Requirements for IP Flow Information Export
RFC3955 I Nov 2004 Evaluation of Candidate Protocols for IP Flow
Information Export (IPFIX)
RFC5103 PS Jan 2008 Bidirectional Flow Export using IP Flow Information
Export (IPFIX)
RFC5102 PS Jan 2008 Information Model for IP Flow Information Export
RFC5101 PS Jan 2008 Specification of the IP Flow Information Export (IPFIX)
Protocol for the Exchange of IP Traffic Flow Information