Technical Summary
This memo defines the IP Flow Information eXport (IPFIX) architecture
for the selective monitoring of IP flows, and for the export of
measured IP flow information from an IPFIX device to a collector.
Working Group Summary
This document is a regular WG document. There is strong consensus
in the working group that this draft describes the IPFIX architecture
clearly, while leaving the Protocol and Information Model drafts
to specify implementation requirements (using RFC 2119 terms).
Protocol Quality
The document was thoroughly reviewed by the IPFIX WG.
Bert Wijnen performed the AD review.
Note to RFC Editor
in Section 13.2 please replace
OLD:
RFC 3550, Julyy 2003
NEW:
RFC 3550, July 2003
in section 10.1.2
OLD:
The IPFIX user should not use authentication-only when sensitive or
confidential information is being exchanged. An IPFIX solution
should support this option. The authentication-only option should
provide replay attack protection. One way to achieve this level of
security would be:
o IP Authentication Header
NEW:
The IPFIX user should not use authentication-only when sensitive or
confidential information is being exchanged. An IPFIX solution
should support this option. The authentication-only option should
provide replay attack protection. Some means to achieve this level
of security are:
o Encapsulating Security Payload (with a null encryption algorithm)
o Transport Layer Security (with a null encryption algorithm)
o IP Authentication Header
in Section 5.3
OLD:
packet header capturing
|
timestamping
|
v
+----->+
| |
| sampling Si (1:1 in case of no sampling)
| |
| filtering Fi (select all when no criteria)
| |
+------+
|
v
Flows
Figure 5
NEW:
+---------------------------+
| packet header capturing |
+---------------------------+
|
v
+---------------------------+
| timestamping |
+---------------------------+
|
v
+---------------> +
| |
| v
| +----------------------------------------------+
| | sampling Si (1:1 in case of no sampling) |
| +----------------------------------------------+
| |
| v
| +----------------------------------------------+
| | filtering Fi (select all when no criteria) |
| +----------------------------------------------+
| |
| v
+-----------------+
|
v
+---------------------------+
| Flows |
+---------------------------+
Figure 5