[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PSAMP framework open issues

To: psamp@ops.ietf.org
Subject: Re: PSAMP framework open issues
From: Maurizio Molina <molina@ccrle.nec.de>
Date: Wed, 26 Nov 2003 12:11:16 +0100
References: <387B5A9BF31B5D43A2B18DD9F326B8E18BE161@NJFPSRVEXG2KCL.research.att.com>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0.2) Gecko/20030208 Netscape/7.02

duffield@research.att.com wrote:

Hi,
Here are the remaining open issues for the framework draft. Please send
comments to the list by December 5.
Thanks,

Nick

----
FW-1 Encryption for export
  . Problem: what is the conformance level?
  . Proposed Solution: mandatory to implement and optional to use. This
was required by the IESG for IPFIX. PSAMP requirements at least as

strong, due to possibility of payload fragments in reports.

FW-2 Timestamps . Problem: should PSAMP require certain resolution or accuracy? . Proposed Solution: require microsecond resolution (as for IPFIX); no requirement for accuracy, but it should be reported. . Question: How should it be reported (e.g., numerical accuracy, synchronization method, ...)?

FW-3 Selecting Encrypted Packets . Problem: Encryption key is not generally available. Content dependent selection problematic since encrypted fields lose meaning. How should selection of encrypted packets be modified, if at all? . Question: what forms of encryption can be detected from packet? . Proposed Solution: - for filtering and content dependent sampling: option to ignore encrypted packets (if detectable ...) . Comments: - not needed for content-independent sampling - not needed for hash-based selection ( it emulates / approximates content-independent sampling) unless trajectory sampling with encryption taking place at point between observation points)

FW-4 Reporting Input Sequence Numbers . Problem: should the sequence numbers be in every report, or just sent periodically in report interpretation? . Proposed Solution: send in every report (probably yields more information for diagnosis under high load conditions with packets)

Hi, shortly before the Minneapolis meeting I had posted this message https://psg.com/lists/psamp/psamp.2003/msg00059.html about inconsistencies about the meaning/interpretation of sequence numbers across the Architecture Framework, Protocol and Inf model drafts. The issue wasn't completely clarified during the meeting, thus I believe it should be clarified on the ML. Maurizio

FW-5 Timeliness . Problem: some applications (e.g. some security applications) will need to receive packet reports within a few seconds of observation rather than (say) a minute afterwards. How to specify this in the protocol? Can't easily control delay due to resource contention e.g. if users chose to run at routers at high load (although possible). More control over buffering delay. . Proposed Solution: - mandatory ability to set maximum buffering delay in forming export packets (including 0, meaning one packet report per export packet) - mandatory ability to set maximum export buffer delay in transport

protocol (else discard; it appears that SCTP-PR can provide this)

-- to unsubscribe send a message to psamp-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: <http://ops.ietf.org/lists/psamp/>


--
to unsubscribe send a message to psamp-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/psamp/>

References:
- PSAMP framework open issues
  - From: <duffield@research.att.com>

Prev by Date: [psamp] signalling a patent
Next by Date: Re: PSAMP framework open issues
Previous by thread: PSAMP framework open issues
Next by thread: Re: PSAMP framework open issues
Index(es):
- Date
- Thread