[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: comments on draft-ietf-psamp-sample-tech-04.txt

some comments inline for the points in which I have a position.

Benoit Claise wrote:

Dear all,

Here are some comments.

4. Section 3 about "Scope and Deployment of Packet Selection Techinque"
"Sampling" is in section 3.1
but "Filtering! is in section 4 and not in 3.2

I agree, this is not coherent and it should be adjusted

5. Section 4.1 "mask/match filtering"
In practice, this means most of the time configuring an access-list if we speak about the packet header information.
I think it should be clearly mentioned here, even if this is briefly mentioned in the section 4.3 "Router State Filtering"
Same remark for the section 5.2 "information model for filtering techniques", we want to mention the "access-list ID" for "case: Matching"

I'm not sure whether with this "access-list ID" you're proposing a "high-level" syntax for defining mask/match filtering.
Just to clarify: "high-level" would mean something like "proto=TCP and dst port in [1024,1036]"....
Actually, I had already raised that point, whether we want to keep only the currently "low level" syntax for filtering as specified in 5.2 or introduce also another one (that ultimately can be translated in the low level one, see text in 4.1). But so fare there where no suggestions. If we specify a high level synstax we must either specify it or reference where it is specified, otherwhise I don't know what this access-list ID is...

8. Section 5.1 "information model for sampling techniques"
Case Systematic Time Based: - Interval length (in usec), Spacing _(in usec) _
I think the spacing unit should be in number of packets.

that is the Systematic Count-based case.

How to specify: I want to specify 1 packet every x msec.
Spacing in usec depends too much on the interface bandwidth

I think that the agreement was that equipment must support at least one of the techniques without specifying which.
So having the Systematic Time Based definition in the information model doesn't do any harm.

30. See if my discussion with Maurizio is in there.

The following text is at the beginning of page 8. Is it this you referred with the "discussion with Maurizio"?

    Note that a common technique to select packets is to compute a
    Hash Function on some bits of the packet header and/or content
    and to select it if the Hash Value falls in  the Hash Selection
    Range. Since hashing is a deterministic operation on the packet
    content, it is a filtering technique according to our
    categorization. Nevertheless, hash functions are sometimes used
    to approximate random sampling. Depending on the chosen input
    bits, the Hash Function and the Hash Selection Range, this
    technique can be used to approximate the random selection of
    packets with a given probability p. It is also a powerful
    technique to consistently select the same packet subset at
    multiple observation points [DuGr00]


-- to unsubscribe send a message to psamp-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: <http://ops.ietf.org/lists/psamp/>