[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: comments on draft-ietf-psamp-sample-tech-04.txt
some comments inline for the points in which I have a position.
Benoit Claise wrote:
Here are some comments.
4. Section 3 about "Scope and Deployment of Packet Selection Techinque"
"Sampling" is in section 3.1
but "Filtering! is in section 4 and not in 3.2
I agree, this is not coherent and it should be adjusted
5. Section 4.1 "mask/match filtering"
In practice, this means most of the time configuring an access-list if
we speak about the packet header information.
I think it should be clearly mentioned here, even if this is briefly
mentioned in the section 4.3 "Router State Filtering"
Same remark for the section 5.2 "information model for filtering
techniques", we want to mention the "access-list ID" for "case: Matching"
I'm not sure whether with this "access-list ID" you're proposing a
"high-level" syntax for defining mask/match filtering.
Just to clarify: "high-level" would mean something like "proto=TCP and
dst port in [1024,1036]"....
Actually, I had already raised that point, whether we want to keep only
the currently "low level" syntax for filtering as specified in 5.2 or
introduce also another one (that ultimately can be translated in the low
level one, see text in 4.1). But so fare there where no suggestions. If
we specify a high level synstax we must either specify it or reference
where it is specified, otherwhise I don't know what this access-list ID
8. Section 5.1 "information model for sampling techniques"
Case Systematic Time Based: - Interval length (in usec),
Spacing _(in usec) _
I think the spacing unit should be in number of packets.
that is the Systematic Count-based case.
How to specify: I want to specify 1 packet every x msec.
Spacing in usec depends too much on the interface bandwidth
I think that the agreement was that equipment must support at least one
of the techniques without specifying which.
So having the Systematic Time Based definition in the information model
doesn't do any harm.
30. See if my discussion with Maurizio is in there.
The following text is at the beginning of page 8. Is it this you
referred with the "discussion with Maurizio"?
Note that a common technique to select packets is to compute a
Hash Function on some bits of the packet header and/or content
and to select it if the Hash Value falls in the Hash Selection
Range. Since hashing is a deterministic operation on the packet
content, it is a filtering technique according to our
categorization. Nevertheless, hash functions are sometimes used
to approximate random sampling. Depending on the chosen input
bits, the Hash Function and the Hash Selection Range, this
technique can be used to approximate the random selection of
packets with a given probability p. It is also a powerful
technique to consistently select the same packet subset at
multiple observation points [DuGr00]
to unsubscribe send a message to firstname.lastname@example.org with
the word 'unsubscribe' in a single line as the message text body.