Skip to main content

Cisco Systems NetFlow Services Export Version 9
draft-claise-netflow-9-08

Revision differences

Document history

Date Rev. By Action
2012-08-22
08 (System) post-migration administrative database adjustment to the No Objection position for Steven Bellovin
2012-08-22
08 (System) post-migration administrative database adjustment to the No Objection position for Russ Housley
2004-06-01
08 Amy Vezza State Changes to RFC Ed Queue from Approved-announcement sent by Amy Vezza
2004-05-28
08 Amy Vezza IESG state changed to Approved-announcement sent
2004-05-28
08 Amy Vezza IESG has approved the document
2004-05-26
08 Amy Vezza IESG state changed to Approved-announcement sent
2004-05-26
08 Amy Vezza IESG has approved the document
2004-05-26
08 (System) IESG has approved the document
2004-05-25
08 (System) Closed "Approve" ballot
2004-05-25
08 Bert Wijnen State Changes to Approved-announcement to be sent from IESG Evaluation::AD Followup by Bert Wijnen
2004-05-25
08 Bert Wijnen
RFC-Editor note: Pls insert this IESG note on the front page:

  This RFC documents the Netflow protocol as it was when submitted
  to …
RFC-Editor note: Pls insert this IESG note on the front page:

  This RFC documents the Netflow protocol as it was when submitted
  to the IETF as a basis for further work in the IPFIX WG.

  This RFC itself is not a candidate for any level of Internet
  Standard. The IETF disclaims any knowledge of the fitness of
  this RFC for any purpose, and in particular notes that it has
  not had complete IETF review for such things as security,
  congestion control or inappropriate interaction with deployed
  protocols. The RFC Editor has chosen to publish this document
  at its discretion.

  Readers of this document should exercise caution in evaluating
  its value for implementation and deployment.

  The IETF is working on a standardized protocol in the IPFIX
  (IP Flow Information eXport) Working Group.
2004-05-20
08 Steven Bellovin [Ballot Position Update] Position for Steve Bellovin has been changed to No Objection from Discuss by Steve Bellovin
2004-05-14
08 Bert Wijnen Re-checking with Steve
2004-05-05
08 Russ Housley [Ballot Position Update] Position for Russ Housley has been changed to No Objection from Discuss by Russ Housley
2004-05-05
08 Bert Wijnen State Changes to IESG Evaluation::AD Followup from AD Evaluation::Revised ID Needed by Bert Wijnen
2004-05-05
08 Bert Wijnen Checking with IESG members if new revision clears the DISCUSS comments
2004-04-26
08 (System) New version available: draft-claise-netflow-9-08.txt
2004-03-25
08 Bert Wijnen Checking with Steve Bellovin
2004-03-02
08 Bert Wijnen State Changes to AD Evaluation::Revised ID Needed from IESG Evaluation::AD Followup by Bert Wijnen
2004-03-02
08 Bert Wijnen Author has submitted text to Steve Bellovin for new security considerations section and is checking if that will address Steves concerns.
2004-03-02
08 Bert Wijnen Status date has been changed to 2004-03-02 from 2004-01-02
2004-03-02
08 Bert Wijnen
[Note]: 'Revision 7 has been submitted to ID-repository, you can see it at http://www.psg.com/~bwijnen/draft-claise-netflow-07.txt untill it shows up in internet-drafts' has been cleared by Bert …
[Note]: 'Revision 7 has been submitted to ID-repository, you can see it at http://www.psg.com/~bwijnen/draft-claise-netflow-07.txt untill it shows up in internet-drafts' has been cleared by Bert Wijnen
2004-01-08
08 Amy Vezza Removed from agenda for telechat - 2004-01-08 by Amy Vezza
2004-01-08
08 Amy Vezza State Changes to IESG Evaluation::AD Followup from IESG Evaluation by Amy Vezza
2004-01-08
08 Margaret Cullen [Ballot Position Update] New position, No Objection, has been recorded for Margaret Wasserman by Margaret Wasserman
2004-01-08
08 Russ Housley
[Ballot discuss]
I understand the desire to publish this Informational document without asking the authors to address shortcomings of the already deployed protocol.  However, the …
[Ballot discuss]
I understand the desire to publish this Informational document without asking the authors to address shortcomings of the already deployed protocol.  However, the document does not have a Security Considerations section.  One is clearly needed.
2004-01-08
08 Russ Housley [Ballot Position Update] New position, Discuss, has been recorded for Russ Housley by Russ Housley
2004-01-08
08 Allison Mankin
[Ballot comment]
I think we should not lose sight of the goal here.  Netflow has a ton of flaws, that's
why the IPFIX WG exists.  …
[Ballot comment]
I think we should not lose sight of the goal here.  Netflow has a ton of flaws, that's
why the IPFIX WG exists.  But it is probably useful for there to be a spec of netflow
for the community.  I  suggest that this spec get published promptly with a note on it:

This documents the original protocol.  The IETF IPFIX WG is developing a
new protocol meeting the same requirements, but also built with security and
inherent congestion aware transport.

We should give clarity suggestions, but not ask the authors to make technical changes...
2004-01-08
08 Allison Mankin [Ballot Position Update] New position, No Objection, has been recorded for Allison Mankin by Allison Mankin
2004-01-08
07 (System) New version available: draft-claise-netflow-9-07.txt
2004-01-07
08 Steven Bellovin
[Ballot discuss]
3.3 "UDP [RFC768] is not a non congestion-aware protocol," seems wrong --double negative.

Congestion can occur on the sending host, if …
[Ballot discuss]
3.3 "UDP [RFC768] is not a non congestion-aware protocol," seems wrong --double negative.

Congestion can occur on the sending host, if the link speed is too low

5.1 What is UNIX Secs?  Boot time?  Current time?  Can Sequence Number wrap?

7: MUST Collectors discard Template Sets if the boot time changes?

8: what units is SAMPLING_INTERVAL in if time-based sampling is used?

9: The requirements for unique (across reboots) template IDs, storing flow sets for unknown templates, and expiring templates are contradictory.  If a template can't change, why do they expire?  Yes, they should be refreshed, because given UDP the Collector may not have seen them, but that's different than requiring expiration.

10: The security considerations section is grossly inadequate.  Apart from the fact that "efficiency is too important to be secure" -- the burden is on the protocol designers to build something that can be done efficiently enough, and leave it to users to disable if they can't afford it -- and apart from an inadequate statement of how to use IPsec, there needs to be a discussion of what the threats are, i.e., what fields really need to be kept confidential and why, which fields areespecially sensitive if forged, etc.  See any recent MIB document for an example of what I mean.  To given one example of what I'd like to see, a NetFlow record that gives source and dest IP addresses as /32s is more privacy-sensitive than one that only gives addresses as /22s -- the former might show which particular user is accessing an adult Web site, while the latter merely shows that someone unknown could be but probably isn't.
2004-01-07
08 Steven Bellovin [Ballot Position Update] New position, Discuss, has been recorded for Steve Bellovin by Steve Bellovin
2004-01-03
08 Ned Freed
[Ballot comment]
I would have expected the risks of exposure of flow information to at least
be mentioned in the security considerations section. We're talking …
[Ballot comment]
I would have expected the risks of exposure of flow information to at least
be mentioned in the security considerations section. We're talking about
traffic analysis here, after all. Perhaps a reference to the discussion
of these isssues in draft-ietf-ipfix-reqs-12.txt is in order?
2004-01-03
08 Ned Freed
[Ballot comment]
I would have expected the risks of exposure of flow information to at least
be mentioned in the security considerations section. We're talking …
[Ballot comment]
I would have expected the risks of exposure of flow information to at least
be mentioned in the security considerations section. We're talking about
traffic analysis here, after all.
2004-01-03
08 Ned Freed [Ballot Position Update] New position, No Objection, has been recorded for  by Ned Freed
2004-01-02
08 Bert Wijnen State Changes to IESG Evaluation from IESG Evaluation by Bert Wijnen
2004-01-02
08 Bert Wijnen Status date has been changed to 2004-01-02 from 2003-12-23
2004-01-02
08 Bert Wijnen Telechat date was changed to 2004-01-08 from 2003-10-30 by Bert Wijnen
2004-01-02
08 Bert Wijnen [Ballot Position Update] New position, Yes, has been recorded for Bert Wijnen
2004-01-02
08 Bert Wijnen Ballot has been issued by Bert Wijnen
2004-01-02
08 Bert Wijnen Created "Approve" ballot
2004-01-02
08 (System) Ballot writeup text was added
2004-01-02
08 (System) Last call text was added
2004-01-02
08 (System) Ballot approval text was added
2004-01-02
08 Bert Wijnen State Changes to IESG Evaluation from AD Evaluation by Bert Wijnen
2004-01-02
08 Bert Wijnen Status date has been changed to 2004-01-02 from 2003-12-23
2004-01-02
08 Bert Wijnen Placed on agenda for telechat - 2004-01-08 by Bert Wijnen
2004-01-02
08 Bert Wijnen [Note]: 'Revision 7 has been submitted to ID-repository, you can see it at http://www.psg.com/~bwijnen/draft-claise-netflow-07.txt untill it shows up in internet-drafts' added by Bert Wijnen
2003-12-23
08 Bert Wijnen Shepherding AD has been changed to Bert Wijnen from Randy Bush
2003-12-23
08 Bert Wijnen State Changes to AD Evaluation from Publication Requested::External Party by Bert Wijnen
2003-12-23
08 Bert Wijnen Bert Taking over from Randy
2003-12-23
08 Bert Wijnen State Change Notice email list have been change to from
2003-12-23
08 Bert Wijnen Status date has been changed to 2003-12-23 from
2003-10-21
08 Harald Alvestrand Removed from agenda for telechat - 2003-10-30 by Harald Alvestrand
2003-10-21
08 Harald Alvestrand Shepherding AD has been changed to Randy Bush from Harald Alvestrand
2003-10-21
08 Randy Bush State Changes to Publication Requested::External Party from Publication Requested by Randy Bush
2003-10-21
08 Randy Bush passwd to ipfix wg for a check
2003-10-21
08 Randy Bush Area acronymn has been changed to ops from gen
2003-10-21
08 Dinara Suleymanova Draft Added by Dinara Suleymanova
2003-10-20
06 (System) New version available: draft-claise-netflow-9-06.txt
2003-10-07
05 (System) New version available: draft-claise-netflow-9-05.txt
2003-10-03
04 (System) New version available: draft-claise-netflow-9-04.txt
2003-08-21
03 (System) New version available: draft-claise-netflow-9-03.txt
2003-06-11
02 (System) New version available: draft-claise-netflow-9-02.txt
2003-03-27
(System) Posted related IPR disclosure: Cisco's Patent Statement pertaining to draft-claise-netflow-9-01.txt entitled 'Cisco Systems NetFlow Services Export Version 9'
2002-10-08
01 (System) New version available: draft-claise-netflow-9-01.txt