[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PSAMP minutes of IETF #62

Dear all,

Below please find the minutes of our last session.


Juergen Quittek        quittek@netlab.nec.de       Tel: +49 6221 90511-15
NEC Europe Ltd.,       Network Laboratories        Fax: +49 6221 90511-55
Kurfuersten-Anlage 36, 69115 Heidelberg, Germany   http://www.netlab.nec.de

Minutes of the PSAMP BOF session at IETF 62
Thursday March 10, 16:45 h - 17:45 h

Packet Sampling Working Group
Chairs: Andy Bierman <abierman@cisco.com>
        Juergen Quittek <quittek@netlab.nec.de>

Minutes taken by Ralf Wolter

0. Session Summary
1. PSAMP WG Status
2. Update of Packet Selection
4. Continuation of work on PSAMP protocol

Discussed Internet drafts

A Framework for Passive Packet Measurement

Sampling and Filtering Techniques for IP Packet Selection

Definitions of Managed Objects for Packet Sampling

0. Session Summary

The PSAMP framework document is ready to be submitted to the IESG.
The packet selection document completed WG last call and the next
version will include all agreed changes.  Both documents will be
submitted together as soon as the next version of the packet selection
document is available.

The MIB module still has open issues.  Solutions for several issues
were found during the session.  A new version fixing all current
is planned for June.  WG last call on this document is planned to
close at IETF63.

The protocol document and info model document are expired.  The IPFIX
WG plans to submit the corresponding IPFIX document by March to the
IESG.  At this time work on the two PSAMP documents will start again.
A stable version was planned for IETF63 and WG last call in September

1. PSAMP WG Status (Juergen)

The PSAMP framework document passed WG last call.  It will be forwarded
to the IESG together with the Packet Selection draft, for which WG last
call will close at the end of the IETF meeting.  Protocol and info model
are on hold until IPFIX completes the corresponding documents.  These 
drafts are expired. The PSAMP MIB is progressing.

2. Sampling and Filtering Techniques (Tanja Zseby)


Tanja reported changes since the last version including several
clarifications and harmonization of terminology. The only technical 
change was limiting combinations of filters to AND combinations only.
OR combinations are not supported anymore.

Some minor edits are still required. Beyond this, the only open issue
is the discussion of hash functions.  Implementing hash functions is not
mandatory, but if they are supported, then the recommended one SHOULD be
supported.  The current version recommends IPSX for packet selection and
CRC for packet digest.  IPSX does not work for IPv6, but for IPv4 it is 
7 times faster than BOB.  But BOB works well for IPv6.  BOB performs similarly
to CRC for packet digest.  After some discussions, it was agreed to recommend
BOB for both, packet selection and packet digest. IPSX and CRC will be

Tanja suggested proposing the investigation of an optimal hash function for
IPv6 as work item for the IRTF IMRG.

3. PSAMP MIB (Benoit Claise)


Benoit explained that the main changed since the previous version was
the completion of modelling all filter and sampling functions.  Additionally,
several clarifications were applied and terminology was harmonized.

Still there is a significant list of open issues.  The document needs more diagrams and examples to explain the interconnection of different parts of 
the MIB.  An entity relationship diagram should be added.  

References with object IDs must be explained, especially pointers and their
relationship to the functions and input parameters a new section is required.

Hash filtering is the most difficult part in the draft, it is still not 
finally decided how to integrate hash filtering into the MIB.  Should more 
hash functions be supported? Benoit?s proposal was limiting the complexity.

Should all hash parameter functions be implemented in the MIB? This has 
security issues, as a simple snmpwalk would provide all details and could 
lead to a potential attack. The problem is that knowledge about the hash 
functions parameter could result in an attack against the collector (either 
to avoid collection or to make sure certain packet patterns are collected).

[Juergen] SNMPv3 would solve the issue.  But how many customers use SNMPv3?

The description of RowStatus objects must clearly state the minimum sets of 
objects per table.  Row state filtering: today there is one big table, 
sub-tables would make the implementation easier.

Still multiple editorial changes are required. 

[Juergen] It would be very helpful to add usage examples required that 
          clarify the sequence of actions how to setup a filter by using 
          tables etc.

4. Continuation of work on PSAMP protocol

The following milestones were discussed and agreed.  The WG charter page
needs to be updated accordingly.

May 05:  framework and sample tech to IESG
Jun 05:  new version of the MIB that fixes the current issue
IETF63:  stable version of protocol and info model for next meeting; 
IETF63:  last call on MIB
Sep 05:  last call on protocol and info model

to unsubscribe send a message to psamp-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/psamp/>