datatracker.ietf.org
Sign in
Version 5.6.3, 2014-09-19
Report a bug

Traffic Flow Measurement: Architecture
RFC 2722

Document type: RFC - Informational (October 1999; No errata)
Obsoletes RFC 2063
Document stream: IETF
Last updated: 2013-03-02
Other versions: plain text, pdf, html

IETF State: (None)
Document shepherd: No shepherd assigned

IESG State: RFC 2722 (Informational)
Responsible AD: (None)
Send notices to: No addresses provided

Network Working Group                                        N. Brownlee
Request for Comments: 2722                    The University of Auckland
Obsoletes: 2063                                                 C. Mills
Category: Informational                            GTE Laboratories, Inc
                                                                 G. Ruth
                                                     GTE Internetworking
                                                            October 1999

                 Traffic Flow Measurement: Architecture

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (1999).  All Rights Reserved.

Abstract

   This document provides a general framework for describing network
   traffic flows, presents an architecture for traffic flow measurement
   and reporting, discusses how this relates to an overall network
   traffic flow architecture and indicates how it can be used within the
   Internet.

Table of Contents

   1  Statement of Purpose and Scope                                   3
      1.1  Introduction . . . . . . . . . . . . . . . . . . . . . . .  3

   2  Traffic Flow Measurement Architecture                            5
      2.1  Meters and Traffic Flows . . . . . . . . . . . . . . . . .  5
      2.2  Interaction Between METER and METER READER . . . . . . . .  7
      2.3  Interaction Between MANAGER and METER  . . . . . . . . . .  7
      2.4  Interaction Between MANAGER and METER READER . . . . . . .  8
      2.5  Multiple METERs or METER READERs . . . . . . . . . . . . .  9
      2.6  Interaction Between MANAGERs (MANAGER - MANAGER) . . . . . 10
      2.7  METER READERs and APPLICATIONs . . . . . . . . . . . . . . 10

   3  Traffic Flows and Reporting Granularity                         10
      3.1  Flows and their Attributes . . . . . . . . . . . . . . . . 10
      3.2  Granularity of Flow Measurements . . . . . . . . . . . . . 13
      3.3  Rolling Counters, Timestamps, Report-in-One-Bucket-Only  . 15

Brownlee, et al.             Informational                      [Page 1]
RFC 2722         Traffic Flow Measurement: Architecture     October 1999

   4  Meters                                                          17
      4.1  Meter Structure  . . . . . . . . . . . . . . . . . . . . . 17
      4.2  Flow Table . . . . . . . . . . . . . . . . . . . . . . . . 19
      4.3  Packet Handling, Packet Matching . . . . . . . . . . . . . 20
      4.4  Rules and Rule Sets  . . . . . . . . . . . . . . . . . . . 23
      4.5  Maintaining the Flow Table . . . . . . . . . . . . . . . . 28
      4.6  Handling Increasing Traffic Levels . . . . . . . . . . . . 29

   5  Meter Readers                                                   30
      5.1  Identifying Flows in Flow Records  . . . . . . . . . . . . 30
      5.2  Usage Records, Flow Data Files . . . . . . . . . . . . . . 30
      5.3  Meter to Meter Reader:  Usage Record Transmission  . . . . 31

   6  Managers                                                        32
      6.1  Between Manager and Meter:  Control Functions  . . . . . . 32
      6.2  Between Manager and Meter Reader:  Control Functions . . . 33
      6.3  Exception Conditions . . . . . . . . . . . . . . . . . . . 35
      6.4  Standard Rule Sets . . . . . . . . . . . . . . . . . . . . 36

   7  Security Considerations                                         36
      7.1  Threat Analysis  . . . . . . . . . . . . . . . . . . . . . 36
      7.2  Countermeasures  . . . . . . . . . . . . . . . . . . . . . 37

   8  IANA Considerations                                             39
      8.1  PME Opcodes  . . . . . . . . . . . . . . . . . . . . . . . 39
      8.2  RTFM Attributes  . . . . . . . . . . . . . . . . . . . . . 39

   9  APPENDICES                                                      41
      Appendix A: Network Characterisation  . . . . . . . . . . . . . 41
      Appendix B: Recommended Traffic Flow Measurement Capabilities . 42
      Appendix C: List of Defined Flow Attributes . . . . . . . . . . 43
      Appendix D: List of Meter Control Variables . . . . . . . . . . 44
      Appendix E: Changes Introduced Since RFC 2063 . . . . . . . . . 45

   10 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . 45
   11 References  . . . . . . . . . . . . . . . . . . . . . . . . . . 46
   12 Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . 47
   13 Full Copyright Statement  . . . . . . . . . . . . . . . . . . . 48

Brownlee, et al.             Informational                      [Page 2]
RFC 2722         Traffic Flow Measurement: Architecture     October 1999

[include full document text]