IP Flow Information Export (ipfix)
----------------------------------

 Charter
 Last Modified: 2010-08-11

 Current Status: Active Working Group

 Chair(s):
     Nevil Brownlee  <n.brownlee@auckland.ac.nz>
     Juergen Quittek  <quittek@neclab.eu>

 Operations and Management Area Director(s):
     Dan Romascanu  <dromasca@avaya.com>
     Ronald Bonica  <rbonica@juniper.net>

 Operations and Management Area Advisor:
     Dan Romascanu  <dromasca@avaya.com>

 Mailing Lists: 
     General Discussion:ipfix@ietf.org
     To Subscribe:      http://www.ietf.org/mailman/listinfo/ipfix
     Archive:           http://www.ietf.org/mail-archive/web/ipfix

Description of Working Group:

The IPFIX working group has specified the Information Model (to describe
IP flows) and the IPFIX protocol (to transfer IP flow data from IPFIX
exporters to collectors). Several implementers have already built
applications using the IPFIX protocol. As a result of a series of IPFIX
interoperability testing events the WG has produced guidelines for IPFIX
implementation and testing as well as recommendations for handling
special cases such as bidirectional flow reporting and reducing
redundancy in flow records.

Practical experiences with IPFIX implementations exposed new
requirements for the IPFIX protocol that so far have not been addressed
by the WG. The major current goal of the WG is developing solutions that
meet the new requirements without modifying the core IPFIX protocol
specifications.

1. The IPFIX WG has developed a MIB module for monitoring IPFIX
implementations. Means for configuring these devices have not been
standardized yet. The WG will develop an XML-based configuration data
model that can be used for configuring IPFIX devices and for storing,
modifying and managing IPFIX configurations parameter sets. This work
will be performed in close collaboration with the NETCONF WG.

2. First applications of IPFIX at large operator networks showed the
need for mediation of flow information, for example, for aggregating
huge amounts of flow data and for anomymization of flow information.
The IPFIX WG will investigate this issue and produce a problem statement
and a framework for IPFIX flow mediation.

3. The PSAMP WG has developed a protocol for reporting observed packets.
The PSAMP protocol is an extension of the IPFIX protocol. The IPFIX WG
will develop a MIB module for monitoring PSAMP implementations. The new
MIB module will be an extension of the IPFIX MIB module.

4. Anonymization of flow information has been identified as a
requirement for flow information export already in RFC 3917. However,
technologies for flow anonymization are still a research issue and have
so far not been considered to be mature enough for standardization.
As one step in this direction, the IPFIX WG will develop guidelines for
the implementation of anonymized data export and storage over IPFIX and
define an information model for configuring and reporting anonymization
applied at IPFIX devices.

5. The IPFIX and PSAMP WGs have defined standards for selecting observed
IP packets and collecting information in flow records.
In order to reduce the amount of data to be processed, packet selection
methods have been defined. Another method for reducing flow data is flow
selection. The IPFIX WG will define methods for flow selection and
provide an information model for configuring and reporting flow
selection applied at IPFIX devices.

6. Being designed for the export of flow records the IPFIX protocol
provides very limited means for structuring information elements within
IPFIX records. With the increasing number of IPFIX applications there is
a need for exporting more complex information. The IPFIX WG will develop
an extension of the IPFIX protocol that supports hierarchically
structured data and lists (sequences) of Information Elements in data
records.

 Goals and Milestones:

   Done         Submit Revised Internet-Draft on IP Flow Export Requirements 

   Done         Submit Internet-Draft on IP Flow Export Architecture 

   Done         Submit Internet-Draft on IP Flow Export Data Model 

   Done         Submit Internet-Draft on IPFIX Protocol Evaluation Report 

   Done         Submit Internet-Draft on IP Flow Export Applicability Statement 

   Done         Select IPFIX protocol, revise Architecture and Data Model 
                drafts 

   Done         Submit IPFX-REQUIREMENTS to IESG for publication as 
                Informational RFC 

   Done         Submit IPFIX Protocol Evaluation Report to IESG for publication 
                as Informational RFC 

   Done         Submit IPFX-ARCHITECTURE to IESG for publication as Proposed 
                Standard RFC 

   Done         Submit IPFX-INFO_MODEL to IESG for publication as Informational 
                RFC 

   Done         Submit IPFX-APPLICABILITY to IESG for publication as 
                Informational RFC 

   Done         Submit IPFX-PROTOCOL to IESG for publication as Proposed 
                Standard RFC 

   Done         Publish Internet Draft on IPFIX Implementation Guidelines 

   Done         Publish Internet Draft on Reducing Redundancy in IPFIX data 
                transfer 

   Done         Publish Internet Draft on Handling IPFIX Bidirectional Flows 

   Done         Publish Internet Draft on IPFIX Testing 

   Done         Publish Internet Draft on IPFIX MIB 

   Done         Submit IPFIX Implementation Guidelines draft to IESG for 
                publication as Informational RFC 

   Done         Submit IPFIX Reducing Redundancy draft to IESG for publication 
                as Informational RFC 

   Done         Submit IPFIX Testing draft to IESG for publication as 
                Informational RFC 

   Done         Submit IPFIX Biflows draft to IESG for publication as Standards 
                Track RFC 

   Done         Publish Internet draft on IPFIX Type Information Export 

   Done         Publish Internet draft on IPFIX File Format 

   Done         Publish Internet draft on IPFIX Configuration Data Model 

   Done         Publish Internet draft on Single SCTP Stream Reporting 

   Done         Submit File Format draft to IESG for publication as Standards 
                track RFC 

   Done         Publish Internet draft on IPFIX Mediation Problem Statement 

   Done         Submit IPFIX MIB draft to IESG for publication as Standards 
                track RFC 

   Done         Submit Type Export draft to IESG for publication as Standards 
                track RFC 

   Done         Submit Single SCTP Stream draft to IESG for publication as 
                Informational RFC 

   Done         Submit Mediation Problem Statement I-D to IESG for publication 
                as Informational RFC 

   Done         Submit initial draft on anonymization support 

   Done         Submit initial draft on flow selection 

   Done         Submit initial draft on structuring information elements 

   Aug 2010       Submit final version of PSAMP MIB module 

   Aug 2010       Submit Configuration Data Model draft to IESG for publication 
                as Standards track RFC 

   Aug 2010       Submit Mediation Framework I-D to IESG for publication as 
                Informational RFC 

   Oct 2010       Submit anonymization support I-D to IESG for publication as 
                Experimental RFC 

   Dec 2010       Submit flow selection I-D to IESG for publication as Standards 
                Track RFC 

   Dec 2010       Submit structuring information elements I-D to IESG for 
                publication as Standards Track RFC 


 Internet-Drafts:

Posted Revised         I-D Title   <Filename>
------ ------- --------------------------------------------
Jul 2008 May 2010   <draft-ietf-ipfix-export-per-sctp-stream-08.txt>
                IPFIX Export per SCTP Stream 

Jul 2008 Mar 2011   <draft-ietf-ipfix-configuration-model-09.txt>
                Configuration Data Model for IPFIX and PSAMP 

Oct 2009 Jan 2011   <draft-ietf-ipfix-anon-06.txt>
                IP Flow Anonymization Support 

Oct 2009 May 2011   <draft-ietf-ipfix-structured-data-06.txt>
                Export of Structured Data in IPFIX 

Oct 2009 Mar 2011   <draft-ietf-ipfix-flow-selection-tech-05.txt>
                Flow Selection Techniques 

Mar 2010 Mar 2011   <draft-ietf-ipfix-psamp-mib-03.txt>
                Definitions of Managed Objects for Packet Sampling 

 Request For Comments:

  RFC   Stat Published     Title
------- -- ----------- ------------------------------------
RFC3917 I    Oct 2004    Requirements for IP Flow Information Export 

RFC3955 I    Nov 2004    Evaluation of Candidate Protocols for IP Flow 
                       Information Export (IPFIX) 

RFC5103 PS   Jan 2008    Bidirectional Flow Export using IP Flow Information 
                       Export (IPFIX) 

RFC5102 PS   Jan 2008    Information Model for IP Flow Information Export 

RFC5101 PS   Jan 2008    Specification of the IP Flow Information Export (IPFIX) 
                       Protocol for the Exchange of IP Traffic Flow Information 

RFC5153 I    Apr 2008    IPFIX Implementation Guidelines 

RFC5473 I    Mar 2009    Reducing Redundancy in IP Flow Information Export 
                       (IPFIX) and Packet Sampling (PSAMP) Reports 

RFC5472 I    Mar 2009    IP Flow Information Export (IPFIX) Applicability 

RFC5471 I    Mar 2009    Guidelines for IP Flow Information Export (IPFIX) 
                       Testing 

RFC5470 I    Mar 2009    Architecture for IP Flow Information Export 

RFC5610 PS   Jul 2009    Exporting Type Information for IPFIX Information 
                       Elements 

RFC5655 PS   Oct 2009    Specification of the IP Flow Information Export (IPFIX) 
                       File Format 

RFC5815 PS   Apr 2010    Definitions of Managed Objects for IP Flow Information 
                       Export 

RFC5982 I    Aug 2010    IP Flow Information Export (IPFIX) Mediation: Problem 
                       Statement 

RFC6183 I    Apr 2011    IP Flow Information Export (IPFIX) Mediation: Framework