Internet Engineering Task Force (IETF) B. Claise Request for Comments: 6526 P. Aitken Category: Standards Track A. Johnson ISSN: 2070-1721 Cisco Systems, Inc. G. Muenz TU Muenchen March 2012
Internet Engineering Task Force (IETF) B. Claise Request for Comments: 6526 P. Aitken Category: Standards Track A. Johnson ISSN: 2070-1721 Cisco Systems, Inc. G. Muenz TU Muenchen March 2012
IP Flow Information Export (IPFIX) Per Stream Control Transmission Protocol (SCTP) Stream
每个流控制传输协议(SCTP)流的IP流信息导出(IPFIX)
Abstract
摘要
This document specifies an extension to the specifications in RFC 5101, IP Flow Information Export (IPFIX), when using the Partial Reliability extension of SCTP (PR-SCTP, Partial Reliability Stream Control Transmission Protocol).
本文件规定了在使用SCTP(PR-SCTP,部分可靠性流控制传输协议)的部分可靠性扩展时,对RFC 5101,IP流信息导出(IPFIX)中规范的扩展。
When implemented at both the Exporting Process and Collecting Process, this method offers several advantages, such as the ability to calculate Data Record losses for PR-SCTP per Template, immediate export of Template Withdrawal Messages, immediate reuse of Template IDs within an SCTP stream, reduced likelihood of Data Record loss, and reduced demands on the Collecting Process. When implemented in only the Collecting Process or Exporting Process, then normal IPFIX behavior will be seen without all of the additional benefits.
当在导出过程和收集过程中实施时,该方法提供了几个优点,例如能够计算每个模板的PR-SCTP数据记录损失,立即导出模板撤回消息,在SCTP流中立即重用模板ID,降低数据记录丢失的可能性,减少了对收集过程的需求。当仅在收集过程或导出过程中实现时,将看到正常的IPFIX行为,而没有所有其他好处。
Status of This Memo
关于下段备忘
This is an Internet Standards Track document.
这是一份互联网标准跟踪文件。
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741.
本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。有关互联网标准的更多信息,请参见RFC 5741第2节。
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc6526.
有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc6526.
Copyright Notice
版权公告
Copyright (c) 2012 IETF Trust and the persons identified as the document authors. All rights reserved.
版权所有(c)2012 IETF信托基金和确定为文件作者的人员。版权所有。
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从本文件中提取的代码组件必须包括信托法律条款第4.e节中所述的简化BSD许可证文本,并提供简化BSD许可证中所述的无担保。
Table of Contents
目录
1. Introduction ....................................................3 1.1. Relationship with IPFIX and PSAMP ..........................4 1.2. Applicability ..............................................5 1.3. Limitations ................................................5 2. Terminology .....................................................6 2.1. Conventions Used in This Document ..........................6 2.2. IPFIX Documents Overview ...................................6 2.3. PSAMP Documents Overview ...................................7 3. IPFIX Protocol Specifications: Limitations and Improvements .....7 3.1. Data Record Loss Calculated Per Template ...................7 3.1.1. IPFIX Protocol Specifications: Limitation ...........7 3.1.2. IPFIX Export Per SCTP Stream: Advantage .............8 3.2. Immediate Template Withdrawal and Reuse ....................8 3.2.1. IPFIX Protocol Specifications: Limitation ...........8 3.2.2. IPFIX Export Per SCTP Stream: Advantages ............9 3.3. Requirement for Data Set Buffering .........................9 3.3.1. IPFIX Protocol Specifications: Limitation ...........9 3.3.2. IPFIX Export Per SCTP Stream: Advantages ...........10 4. Specifications .................................................10 4.1. New Information Element ...................................10 4.2. Template Management .......................................11 4.3. SCTP ......................................................12 4.4. Template Withdrawal Message ...............................13 4.5. The Collecting Process's Side .............................14 4.5.1. SCTP ...............................................14 4.5.2. Enabling the Per-SCTP-Stream Extension .............14 4.5.3. Disabling the Per-SCTP-Stream Extension ............15 4.5.4. Calculating Data Record Loss Per Template ..........16 5. Resource Impact ................................................16 6. Examples .......................................................17 7. IANA Considerations ............................................20 8. Security Considerations ........................................21 9. References .....................................................21 9.1. Normative References ......................................21 9.2. Informative References ....................................21 10. Acknowledgments ...............................................22
1. Introduction ....................................................3 1.1. Relationship with IPFIX and PSAMP ..........................4 1.2. Applicability ..............................................5 1.3. Limitations ................................................5 2. Terminology .....................................................6 2.1. Conventions Used in This Document ..........................6 2.2. IPFIX Documents Overview ...................................6 2.3. PSAMP Documents Overview ...................................7 3. IPFIX Protocol Specifications: Limitations and Improvements .....7 3.1. Data Record Loss Calculated Per Template ...................7 3.1.1. IPFIX Protocol Specifications: Limitation ...........7 3.1.2. IPFIX Export Per SCTP Stream: Advantage .............8 3.2. Immediate Template Withdrawal and Reuse ....................8 3.2.1. IPFIX Protocol Specifications: Limitation ...........8 3.2.2. IPFIX Export Per SCTP Stream: Advantages ............9 3.3. Requirement for Data Set Buffering .........................9 3.3.1. IPFIX Protocol Specifications: Limitation ...........9 3.3.2. IPFIX Export Per SCTP Stream: Advantages ...........10 4. Specifications .................................................10 4.1. New Information Element ...................................10 4.2. Template Management .......................................11 4.3. SCTP ......................................................12 4.4. Template Withdrawal Message ...............................13 4.5. The Collecting Process's Side .............................14 4.5.1. SCTP ...............................................14 4.5.2. Enabling the Per-SCTP-Stream Extension .............14 4.5.3. Disabling the Per-SCTP-Stream Extension ............15 4.5.4. Calculating Data Record Loss Per Template ..........16 5. Resource Impact ................................................16 6. Examples .......................................................17 7. IANA Considerations ............................................20 8. Security Considerations ........................................21 9. References .....................................................21 9.1. Normative References ......................................21 9.2. Informative References ....................................21 10. Acknowledgments ...............................................22
The IPFIX protocol [RFC5101] has the goal of exporting Flow information. This protocol is designed to export information about IP traffic Flows and related measurement data, where a Flow is defined by a set of key attributes (e.g., source and destination IP address, source and destination port, etc.). However, thanks to its Template mechanism, the IPFIX protocol can export any type of
IPFIX协议[RFC5101]的目标是导出流信息。该协议旨在导出有关IP流量和相关测量数据的信息,其中流量由一组关键属性(例如,源和目标IP地址、源和目标端口等)定义。但是,由于其模板机制,IPFIX协议可以导出任何类型的
information, as long as the relevant Information Element is specified in the IPFIX information model [RFC5102], registered with IANA [IANA], or specified as an enterprise-specific Information Element.
信息,只要相关信息元素在IPFIX信息模型[RFC5102]中指定、在IANA[IANA]注册或指定为企业特定信息元素。
The IPFIX protocol [RFC5101] specifies that traffic measurements for Flows are exported using a TLV (Type, Length, Value) format. The information is exported using a Template Record, which is sent once to export the {Type, Length} pairs that define the data format for the Information Elements in a Flow. The Data Records specify values for each Flow.
IPFIX协议[RFC5101]指定使用TLV(类型、长度、值)格式导出流的流量测量值。使用模板记录导出信息,该模板记录发送一次以导出定义流中信息元素数据格式的{Type,Length}对。数据记录为每个流指定值。
The IPFIX protocol [RFC5101] is flexible: It foresees the usage of multiple SCTP streams per association; it allows the transmission of Data Sets, Template Sets, and/or Options Template Sets on any SCTP stream; it offers full and partially reliable export of Data Sets; it specifies both ordered and out-of-order delivery of Data Sets. However, due to bandwidth restrictions and packet losses in the network as well as resource constraints on the Exporter and Collector (e.g., limited buffer sizes), it is not always possible to export all Data Sets in a reliable way.
IPFIX协议[RFC5101]是灵活的:它预见了每个关联使用多个SCTP流;它允许在任何SCTP流上传输数据集、模板集和/或选项模板集;它提供完整和部分可靠的数据集导出;它指定数据集的有序交付和无序交付。然而,由于网络中的带宽限制和数据包丢失以及导出器和收集器上的资源限制(例如,有限的缓冲区大小),并非总是能够以可靠的方式导出所有数据集。
This document specifies a method for exporting a Template Record and its associated Data Sets in a single SCTP stream, limiting each Template ID to a single SCTP stream if possible, and imposing in-order transmission.
本文档指定了在单个SCTP流中导出模板记录及其关联数据集的方法,如果可能,将每个模板ID限制为单个SCTP流,并按顺序传输。
This method offers several advantages over IPFIX export as specified in [RFC5101], such as the ability to calculate Data Record losses for PR-SCTP per Template, immediate export of Template Withdrawal Messages, immediate reuse of Template IDs within an SCTP stream, reduced likelihood of Data Record loss, and reduced demands on the Collecting Process.
与[RFC5101]中规定的IPFIX导出相比,该方法具有以下几个优点:能够计算每个模板的PR-SCTP数据记录损失,立即导出模板撤销消息,在SCTP流中立即重用模板ID,降低数据记录丢失的可能性,减少了对收集过程的需求。
The specifications in this document apply to the IPFIX protocol specifications [RFC5101]. However, they only apply to the SCTP transport protocol [RFC4960] option of the IPFIX protocol specifications (see Section 10 of [RFC5101]), specifically if the Partial Reliability extension [RFC3758] is used. All specifications from [RFC5101] apply, unless specified otherwise in this document.
本文件中的规范适用于IPFIX协议规范[RFC5101]。但是,它们仅适用于IPFIX协议规范的SCTP传输协议[RFC4960]选项(参见[RFC5101]第10节),特别是在使用部分可靠性扩展[RFC3758]的情况下。除非本文件另有规定,否则[RFC5101]中的所有规范均适用。
As the Packet Sampling (PSAMP) protocol specifications [RFC5476] are based on the IPFIX protocol specifications, the specifications in this document are also valid for the PSAMP protocol.
由于数据包采样(PSAMP)协议规范[RFC5476]基于IPFIX协议规范,因此本文档中的规范也适用于PSAMP协议。
The specifications contained in this document are applicable to cases where application requirements include knowing how many Data Records of a certain type (i.e., from a certain Template) were lost. A typical example is a router exporting billing records, where the Exporting Process cannot afford to export all the Flow Records reliably, due to limited resources to buffer a large number of Flow Records. Such a situation may occur if Data Sets are generated at a higher rate at the Exporter than can be transferred to the Collector because of bandwidth limitations in the network or slow reception at the Collector.
本文件中包含的规范适用于应用要求包括了解某一类型(即,来自某一模板)的数据记录丢失数量的情况。一个典型的例子是路由器导出计费记录,由于缓冲大量流记录的资源有限,导出过程无法可靠地导出所有流记录。如果由于网络中的带宽限制或采集器处的接收速度慢,数据集在导出器处以高于传输到采集器的速率生成,则可能发生这种情况。
To be more precise, the specification applicability is the case where multiple Templates are simultaneously active within a single SCTP Transport Session and the calculation of the Data Record loss for a particular Template is required. Indeed, with the current IPFIX specifications [RFC5101], if an IPFIX Message is lost (UDP or SCTP partially reliable), it is not possible to determine to which Template(s) the lost Data Records belong.
更准确地说,规范适用性是指多个模板在单个SCTP传输会话中同时处于活动状态,并且需要计算特定模板的数据记录丢失。实际上,根据当前的IPFIX规范[RFC5101],如果IPFIX消息丢失(UDP或SCTP部分可靠),则无法确定丢失的数据记录属于哪个模板。
Exporting Processes following the specifications in this document will interoperate with existing Collecting Processes that comply with [RFC5101]; no changes are required at the Collecting Process to receive data from an Exporting Process compliant with this method. However, Collecting Processes may implement additional support for per-stream export specified in this document in order to realize all the benefits of the approach specified herein. Since the specifications in this document mandate in-order transmission of (Options) Templates and associated Data Records, late arrival of (Options) Templates at the Collecting Process is avoided, which means that there are no Data Records that need to be dropped or buffered.
按照本文件中的规范导出流程将与符合[RFC5101]的现有收集流程进行互操作;从符合此方法的导出过程接收数据时,不需要在收集过程中进行任何更改。然而,收集过程可对本文件中规定的每流导出实施额外支持,以实现本文中规定方法的所有好处。由于本文件中的规范要求按顺序传输(选项)模板和相关数据记录,因此避免了(选项)模板在收集过程中延迟到达,这意味着不需要删除或缓冲任何数据记录。
When multiple Templates are required, this method requires multiple SCTP streams in the association between the Exporting Process and Collecting Process, ideally one stream per Template. To properly handle the transmission of additional Templates during the Transport Session, additional SCTP streams are sometimes required. These SCTP streams can only be added within the existing SCTP association if the specifications in [RFC6525] are supported.
当需要多个模板时,此方法需要导出过程和收集过程之间的关联中有多个SCTP流,理想情况下每个模板一个流。为了在传输会话期间正确处理额外模板的传输,有时需要额外的SCTP流。如果支持[RFC6525]中的规范,则只能在现有SCTP关联中添加这些SCTP流。
IPFIX-specific terminology used in this document is defined in Section 2 of [RFC5101]. As in [RFC5101], these IPFIX-specific terms have the first letter of a word capitalized when used in this document.
[RFC5101]第2节定义了本文件中使用的IPFIX专用术语。与[RFC5101]一样,这些IPFIX专用术语在本文档中使用时,单词的首字母大写。
Note that, in this document, "(Options) Template" is used to refer to Templates and Options Templates. Unless otherwise specified, "Template" alone refers to Templates exclusive of Options Templates.
请注意,在本文档中,“(选项)模板”用于指代模板和选项模板。除非另有规定,“模板”仅指不包括选项模板的模板。
Template Reuse Delay
模板重用延迟
The time the Exporting Process needs to wait after sending the last Data Set described by a given Template before sending a Template Withdrawal Message for the Template. A suitable default value is 5 seconds, as specified in [RFC5101].
导出过程在发送给定模板描述的最后一个数据集之后,在发送模板的模板撤回消息之前需要等待的时间。根据[RFC5101]中的规定,合适的默认值为5秒。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119].
本文件中的关键词“必须”、“不得”、“要求”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照RFC 2119[RFC2119]中所述进行解释。
The IPFIX protocol [RFC5101] provides network administrators with access to Flow information.
IPFIX协议[RFC5101]为网络管理员提供了访问流信息的权限。
The architecture for the export of measured Flow information out of an IPFIX Exporting Process to a Collecting Process is defined in the IPFIX architecture [RFC5470], per the requirements defined in [RFC3917].
根据[RFC3917]中定义的要求,IPFIX体系结构[RFC5470]中定义了将测量流量信息从IPFIX导出过程导出到收集过程的体系结构。
The IPFIX architecture [RFC5470] specifies how IPFIX Data Records and Templates are carried via a congestion-aware transport protocol from IPFIX Exporting Processes to IPFIX Collecting Processes.
IPFIX体系结构[RFC5470]指定如何通过拥塞感知传输协议将IPFIX数据记录和模板从IPFIX导出进程传送到IPFIX收集进程。
IPFIX has a formal description of IPFIX Information Elements, their names, their types, and additional semantic information, as specified in the IPFIX information model [RFC5102].
IPFIX对IPFIX信息元素、它们的名称、类型和附加语义信息进行了形式化描述,如IPFIX信息模型[RFC5102]中所述。
Finally, the IPFIX applicability statement [RFC5472] describes what types of applications can use the IPFIX protocol and how they can use the information provided. Furthermore, it shows how the IPFIX framework relates to other architectures and frameworks.
最后,IPFIX适用性声明[RFC5472]描述了哪些类型的应用程序可以使用IPFIX协议,以及它们如何使用提供的信息。此外,它还展示了IPFIX框架与其他体系结构和框架的关系。
The document "A Framework for Packet Selection and Reporting" [RFC5474] describes the Packet Sampling (PSAMP) framework for network elements to select subsets of packets by statistical and other methods, and to export a stream of reports on the selected packets to a Collector.
文档“分组选择和报告框架”[RFC5474]描述了用于网络元件的分组抽样(PSAMP)框架,以通过统计和其他方法选择分组子集,并将关于所选分组的报告流导出到收集器。
The set of packet selection techniques (sampling, filtering, and hashing) supported by PSAMP are described in "Sampling and Filtering Techniques for IP Packet Selection" [RFC5475].
PSAMP支持的一组数据包选择技术(采样、过滤和散列)在“IP数据包选择的采样和过滤技术”[RFC5475]中描述。
The PSAMP protocol [RFC5476] specifies the export of packet information from a PSAMP Exporting Process to a PSAMP Collecting Process. Like IPFIX, PSAMP has a formal description of its Information Elements, their names, their types, and additional semantic information. The PSAMP information model is defined in [RFC5477].
PSAMP协议[RFC5476]指定将数据包信息从PSAMP导出进程导出到PSAMP收集进程。与IPFIX一样,PSAMP也对其信息元素、名称、类型和其他语义信息进行了形式化描述。PSAMP信息模型在[RFC5477]中定义。
For three specific topics ("Data Record Loss Calculated Per Template", "Immediate Template Withdrawal and Reuse", and "Requirement for Data Set Buffering"), this section explains the limitations of the IPFIX protocol specifications on the one hand, and the advantages of the method specified in this document on the other.
对于三个特定主题(“按模板计算的数据记录丢失”、“立即模板提取和重用”以及“数据集缓冲要求”),本节一方面解释了IPFIX协议规范的局限性,另一方面解释了本文档中规定的方法的优点。
Section 6.3.2 of [RFC3917], "Requirements for IP Flow Information Export" discusses the data transfer reliability issues:
[RFC3917]第6.3.2节“IP流信息导出要求”讨论了数据传输可靠性问题:
Loss of flow records during the data transfer from the Exporting Process to the Collecting Process must be indicated at the Collecting Process.
在从导出过程到收集过程的数据传输过程中,必须在收集过程中指出流记录的丢失。
However, in some cases, it may be important to know how many Data Records of a certain type were lost (e.g., in the case of billing), and IPFIX does not conventionally provide this information.
但是,在某些情况下,了解某一类型的数据记录丢失了多少可能很重要(例如,在计费的情况下),IPFIX通常不提供此信息。
A Collecting Process can detect out-of-sequence, dropped, or duplicate IPFIX Messages by tracking the Sequence Number [RFC5101]. Note that the Sequence Number field in the IPFIX Message header increases with the number of IPFIX Data Records within the SCTP stream, so loss will be detected per stream.
收集过程可以通过跟踪序列号[RFC5101]来检测无序、丢弃或重复的IPFIX消息。请注意,IPFIX消息头中的序列号字段随着SCTP流中IPFIX数据记录的数量增加而增加,因此每个流都会检测到丢失。
The IPFIX protocol specifications [RFC5101] specify that Data Records defined by any Template may be sent on any SCTP stream. As such, if there is more than one Template defined within the whole SCTP association, then there is no way of knowing with which Template any lost Data Record is associated. This is true, no matter what convention the Exporting Process uses to send Data Records on different SCTP streams, as the protocol makes no guarantees.
IPFIX协议规范[RFC5101]规定,任何模板定义的数据记录都可以在任何SCTP流上发送。因此,如果在整个SCTP关联中定义了多个模板,则无法知道丢失的数据记录与哪个模板关联。这是正确的,无论导出过程使用何种约定在不同的SCTP流上发送数据记录,因为该协议不提供任何保证。
Note that a workaround allowed by the IPFIX specifications in [RFC5101] is to use only one Template Record per SCTP Transport Session, at the cost of multiplying the number of SCTP Transport Sessions when multiple Template Records are required.
请注意,[RFC5101]中的IPFIX规范允许的解决方法是,每个SCTP传输会话仅使用一个模板记录,当需要多个模板记录时,其代价是乘以SCTP传输会话的数量。
Using the specifications in this document, it is guaranteed that any lost Data Records will be associated only with the Templates that are defined on that SCTP stream. By defining only one Template per SCTP stream, it is ensured that any loss is associated with that single Template. So, by exporting each Template and its corresponding Data Records in a separate SCTP stream from other Templates and Data Records, the loss pertaining to each specific Template can be deduced from the Sequence Number field in the IPFIX Message headers.
使用本文档中的规范,可以保证任何丢失的数据记录将仅与该SCTP流上定义的模板相关联。通过每个SCTP流只定义一个模板,可以确保任何丢失都与该单个模板相关。因此,通过将每个模板及其对应的数据记录从其他模板和数据记录导出到单独的SCTP流中,可以从IPFIX消息头中的序列号字段推断出与每个特定模板相关的丢失。
A Collecting Process must have received the Template Record associated with the Data Records to be able to decode the information in the Data Records. [RFC5101] specifies the following:
收集过程必须已收到与数据记录关联的模板记录,才能解码数据记录中的信息。[RFC5101]指定以下内容:
The Exporting Process SHOULD transmit the Template Set and Options Template Set in advance of any Data Sets that use that (Options) Template ID, to help ensure that the Collecting Process has the Template Record before receiving the first Data Record.
导出过程应在使用该(选项)模板ID的任何数据集之前传输模板集和选项模板集,以帮助确保收集过程在接收第一条数据记录之前具有模板记录。
The fact that the Collecting Process cannot decode the Data Records without the corresponding Template Record may result in Data Records being discarded by the Collecting Process, as specified in [RFC5101]:
如[RFC5101]所述,如果没有相应的模板记录,则采集过程无法解码数据记录,这可能导致采集过程丢弃数据记录:
The Collecting Process normally receives Template Records from the Exporting Process before receiving Data Records. The Data Records are then decoded and stored by the Collector. If the Template Records have not been received at the time Data Records are received, the Collecting Process MAY store the Data Records for a short period of time and decode them after the Template Records are received.
收集流程通常在接收数据记录之前从导出流程接收模板记录。数据记录随后由采集器解码和存储。如果在接收数据记录时未接收到模板记录,则收集过程可在短时间内存储数据记录,并在接收到模板记录后对其进行解码。
By exporting each Template Record and the corresponding Data Records within a single SCTP stream and imposing in-order transmission, the Template Record will always arrive before the associated Data Records. Therefore, there is no risk that the Collecting Process discards Data Records while waiting for the Template Record to arrive.
通过在单个SCTP流中导出每个模板记录和相应的数据记录并按顺序传输,模板记录将始终在相关数据记录之前到达。因此,在等待模板记录到达时,收集过程不会丢弃数据记录。
Furthermore, when reusing a Template ID within an SCTP stream, the Template Withdrawal Message will be guaranteed to arrive before the new definition of the Template, and therefore the Template Record may be sent directly after the Template Withdrawal Message. In other words, the Template Reuse Delay restriction (5 seconds by default, as specified in [RFC5101]) does not need to be applied to Template ID reuse within the same SCTP stream.
此外,当在SCTP流中重用模板ID时,模板撤回消息将保证在模板的新定义之前到达,因此模板记录可以直接在模板撤回消息之后发送。换句话说,模板重用延迟限制(默认情况下为5秒,如[RFC5101]中所述)不需要应用于同一SCTP流中的模板ID重用。
Another advantage of the new specifications in this document is a reduced load on the Collecting Process. Indeed, the Collecting Process doesn't have to store the Data Records while waiting for the Template Record, as the transmission order is always guaranteed. This way, extra reliability of the Data Records is achieved without extra burden on the Collecting Process.
本文档中新规范的另一个优点是减少了收集过程的负载。实际上,收集过程不必在等待模板记录时存储数据记录,因为传输顺序总是有保证的。这样,数据记录的额外可靠性就可以在不增加收集过程负担的情况下实现。
The fact that the protocol specifications in [RFC5101] are flexible in terms of SCTP stream(s) on which the Template Set, Options Template Set, and corresponding Data Sets are exported implies that the (Options) Template Record might be exported on a different SCTP stream than the corresponding Data Records. This might cause Data Record loss in the Collecting Process, as ordered transmission across SCTP streams is not guaranteed.
[RFC5101]中的协议规范在导出模板集、选项模板集和相应数据集的SCTP流方面是灵活的,这意味着(选项)模板记录可能导出到与相应数据记录不同的SCTP流上。这可能会导致收集过程中的数据记录丢失,因为无法保证跨SCTP流的有序传输。
For example, a Template Record may be blocked pending reliable transmission on one SCTP stream while the corresponding Data Records may be transmitted immediately in another SCTP stream. Also, due to different levels of SCTP stream congestion, it is possible that even if the Template Record and corresponding Data Records are sent reliably, Data Records sent on a different SCTP stream than the Template Record might still arrive before the Template Record.
例如,模板记录可以在一个SCTP流上等待可靠传输时被阻塞,而相应的数据记录可以在另一个SCTP流中立即传输。此外,由于SCTP流拥塞的不同级别,即使模板记录和相应的数据记录被可靠地发送,在不同于模板记录的SCTP流上发送的数据记录仍可能在模板记录之前到达。
By exporting each Template Record and all corresponding Data Records within a single SCTP stream, and imposing in-order transmission, the issue of ordered transmission across multiple SCTP streams is avoided.
通过导出单个SCTP流中的每个模板记录和所有相应的数据记录,并实施有序传输,避免了跨多个SCTP流的有序传输问题。
By exporting all corresponding Data Records within the same ordered SCTP stream as the Template Record, each SCTP stream is independent and self-contained, and the interaction between SCTP streams is limited to that of the Options Template and associated Data Records sent in different streams. This has several advantageous consequences, including order preservation that does not result in the blocking of unrelated data, and load reduction on the Collecting Process (as the Template Records are guaranteed to be delivered before the associated Data Records, there is no need for the buffering of Data Sets that correspond with Templates that are missing).
通过导出与模板记录相同的有序SCTP流中的所有对应数据记录,每个SCTP流都是独立且自包含的,并且SCTP流之间的交互仅限于选项模板和在不同流中发送的关联数据记录之间的交互。这有几个有利的结果,包括不会导致不相关数据阻塞的顺序保留,以及收集过程上的负载减少(由于保证在相关数据记录之前交付模板记录,因此不需要缓冲与缺失模板对应的数据集)。
This section specifies Exporting Process and Collecting Process behavior different from that in [RFC5101] in order to realize the benefits of per-stream export. Note that Exporting Processes following these specifications will interoperate with [RFC5101]- compliant Collecting Processes, but that Collecting Processes will have to follow additional non-interoperable specifications to realize the full benefits of the technique. These new specifications, which add to those in [RFC5101], are described with the key words defined in [RFC2119].
本节规定了不同于[RFC5101]中的导出过程和收集过程行为,以实现每流导出的好处。请注意,遵循这些规范的导出过程将与[RFC5101]兼容的收集过程进行互操作,但收集过程必须遵循其他不可互操作的规范,以实现该技术的全部好处。[RFC5101]中新增的这些新规范用[RFC2119]中定义的关键词进行了描述。
dataRecordsReliability
数据记录责任
Description: The export reliability of Data Records, within this SCTP stream, for the element(s) in the Options Template scope. A typical example of an element for which the export reliability will be reported is the Template ID, as specified in the Data Records Reliability Options Template. A value of 'True' means that the Exporting Process MUST send any Data Records associated with the element(s) reliably within this SCTP stream. A value of 'False' means that the Exporting Process MAY send any Data Records associated with the element(s) unreliably within this SCTP stream.
描述:选项模板范围内的元素在此SCTP流中数据记录的导出可靠性。将报告导出可靠性的元素的典型示例是模板ID,如数据记录可靠性选项模板中所指定。值“True”表示导出进程必须在该SCTP流中可靠地发送与元素相关联的任何数据记录。值“False”表示导出过程可能会在该SCTP流中不可靠地发送与元素关联的任何数据记录。
Abstract Data Type: boolean Data Type Semantics: identifier ElementId: 276 Status: current
抽象数据类型:布尔数据类型语义:标识符ElementId:276状态:当前
Per Section 6.1.5 of [RFC5101], the boolean data type is encoded as a single octet, with the value of 1 for True and the value of 2 for False.
根据[RFC5101]第6.1.5节,布尔数据类型编码为单个八位字节,值1表示真,值2表示假。
To take advantage of per-stream export, Exporting Processes MUST follow the specification in this section in addition to Section 8, "Template Management", of [RFC5101].
为了利用每流导出,除了[RFC5101]第8节“模板管理”外,导出过程还必须遵循本节中的规范。
As specified in [RFC5101], Template Sets and Options Template Sets MUST be sent reliably.
按照[RFC5101]中的规定,必须可靠地发送模板集和选项模板集。
Any Data Sets associated with a Template Record MUST be sent on the same SCTP stream on which the Template Record was sent.
与模板记录关联的任何数据集必须在发送模板记录的同一SCTP流上发送。
The Data Records Reliability Options Template is used to explicitly inform the Collecting Process which Templates will be used in each SCTP stream and whether each set of associated Data Records will be sent reliably or unreliably. After defining a Template ID and before sending any associated Data Records on an SCTP stream, the Exporting Process MUST notify the Collecting Process of its intention to send those Data Records reliably or unreliably within that SCTP stream. It does this by sending a Data Record defined by the Data Records Reliability Options Template for the Template associated with the Data Records to be sent. If it does not, then the Collecting Process MUST disable this extension for the SCTP association. The one exception to this rule is that the Data Records associated with the Data Records Reliability Options Template don't require an explicit notification, as these MUST always be sent reliably.
数据记录可靠性选项模板用于明确通知收集流程每个SCTP流中将使用哪些模板,以及每组相关数据记录是可靠发送还是不可靠发送。定义模板ID后,在发送SCTP流上的任何关联数据记录之前,导出进程必须通知收集进程其打算在该SCTP流中可靠或不可靠地发送这些数据记录。它通过发送数据记录可靠性选项模板为要发送的数据记录关联的模板定义的数据记录来实现。如果没有,则收集进程必须为SCTP关联禁用此扩展。此规则的一个例外是,与数据记录可靠性选项模板关联的数据记录不需要显式通知,因为这些记录必须始终可靠地发送。
The Data Records Reliability Options Template MUST contain the following Information Elements:
数据记录可靠性选项模板必须包含以下信息元素:
Scope: Template ID Non-scope: dataRecordsReliability
作用域:模板ID非作用域:DataRecordsResponsibility
After sending a value of 'True' for the dataRecordsReliability Element, the Exporting Process MUST send any Data Records associated with the currently defined Template ID reliably within this SCTP stream. After sending a value of 'False' for the
为dataRecordsReliability元素发送值“True”后,导出过程必须在此SCTP流中可靠地发送与当前定义的模板ID关联的任何数据记录。发送的值为“False”后
dataRecordsReliability Element, the Exporting Process MAY send any Data Records associated with the Template ID unreliably within this SCTP stream.
dataRecordsReliability元素,导出过程可能会在此SCTP流中不可靠地发送与模板ID关联的任何数据记录。
If the Exporting Process wants to change the Data Records Reliability value (from reliable to unreliable, or vice versa) for Data Records on an SCTP stream, the Template MUST be withdrawn, and a new Template MUST be used.
如果导出过程希望更改SCTP流上数据记录的数据记录可靠性值(从可靠更改为不可靠,反之亦然),则必须撤消模板,并使用新模板。
The Data Records Reliability Options Template MAY contain other non-scope Information Elements associated with the (Options) Template.
数据记录可靠性选项模板可能包含与(选项)模板关联的其他非范围信息元素。
When an Options Template (including the Data Records Reliability Options Template) and associated Data Records are sent in the same SCTP stream, the first associated Data Record can follow the Options Template immediately. When the Options Template and associated Data Records are sent in different SCTP streams, the Exporting Process SHOULD transmit the Options Template in advance of any Data Sets that use it, to help ensure that the Collector has received the Options Template Record before receiving the first associated Data Record.
当选项模板(包括数据记录可靠性选项模板)和相关数据记录在同一SCTP流中发送时,第一条相关数据记录可以立即跟随选项模板。当选项模板和相关数据记录在不同的SCTP流中发送时,导出过程应在使用它的任何数据集之前发送选项模板,以帮助确保收集器在接收第一个相关数据记录之前已接收到选项模板记录。
It is RECOMMENDED that the Exporting Process only sends a single Template and corresponding Data Sets within a single SCTP stream in order to enable calculation of the potential Data Record loss for this Template. The Exporting Process MAY group related (Options) Templates and their associated Data Records within a single SCTP stream so that loss statistics are calculated for the group of Templates that are being sent unreliably within the SCTP stream. This is suitable in cases where there are only slight variations among the Templates in a group (e.g., the omission of unavailable fields for export efficiency) and may be necessary if the SCTP association does not support enough SCTP streams to export each Template in its own SCTP stream.
建议导出过程仅在单个SCTP流中发送单个模板和相应的数据集,以便能够计算此模板的潜在数据记录丢失。导出过程可以在单个SCTP流中对相关(选项)模板及其关联数据记录进行分组,以便为在SCTP流中不可靠发送的模板组计算丢失统计信息。这适用于一个组中的模板之间只有轻微变化的情况(例如,为了提高导出效率,省略了不可用的字段),并且如果SCTP关联不支持足够的SCTP流来导出其自己的SCTP流中的每个模板,则这可能是必要的。
If an SCTP stream contains a mixture of Data Records defined by Template Records and by Options Template Records, the Data Records defined by the Options Template Records SHOULD be sent reliably so that the Collecting Process does not consider any loss to be associated with the Options Data Records.
如果SCTP流包含由模板记录和选项模板记录定义的数据记录的混合,则应可靠地发送由选项模板记录定义的数据记录,以便收集过程不考虑与选项数据记录相关联的任何损失。
To take advantage of per-stream export, Exporting Processes MUST manage SCTP streams according to the specification in this section, in addition to Section 10.2.4.3, "Stream", of [RFC5101].
为了利用每流导出,除了[RFC5101]第10.2.4.3节“流”外,导出过程还必须根据本节中的规范管理SCTP流。
PR-SCTP [RFC3758] MUST be implemented by all compliant implementations.
PR-SCTP[RFC3758]必须由所有合规实施实施。
All IPFIX Messages in an SCTP stream MUST be sent in order.
SCTP流中的所有IPFIX消息必须按顺序发送。
As specified in [RFC5101], depending on the requirements of the application, the Exporting Process may send Data Sets with full or partial reliability.
如[RFC5101]所述,根据应用程序的要求,导出过程可以发送完全或部分可靠的数据集。
If the Exporting Process is required to export a new Template Record but there are no more free SCTP streams available, it SHOULD attempt to increase the number of outbound SCTP streams to which it is able to send, per [RFC6525]. Alternatively, the Exporting Process MAY add the Template Set and Data Records to an existing SCTP stream at the cost of diluting the granularity of any Data Record loss attribution. An alternative that may result in the loss of Flow Records (for example, due to lack of buffering on the Exporter) is to restart the SCTP association with an increased number of SCTP streams.
如果导出过程需要导出新的模板记录,但没有更多可用的SCTP流,则应根据[RFC6525]尝试增加其能够发送到的出站SCTP流的数量。或者,导出过程可以将模板集和数据记录添加到现有SCTP流,代价是稀释任何数据记录丢失属性的粒度。另一种可能导致流记录丢失的方法(例如,由于导出器上缺少缓冲)是使用更多的SCTP流重新启动SCTP关联。
To take advantage of per-stream export, Exporting Processes MUST send Template Withdrawal Messages according to the specification in this section, in addition to Section 8, "Template Management", of [RFC5101].
为了利用每流导出,除了[RFC5101]第8节“模板管理”外,导出过程还必须根据本节中的规范发送模板撤回消息。
As specified in [RFC5101], Templates that are no longer in use SHOULD be deleted. Before reusing a Template ID, the Template MUST be deleted. In order to delete an allocated Template, the Template is withdrawn through the use of a Template Withdrawal Message.
按照[RFC5101]中的规定,应删除不再使用的模板。在重用模板ID之前,必须删除该模板。为了删除分配的模板,通过使用模板撤回消息撤回模板。
The Template Withdrawal Message MUST be sent on the same SCTP stream as the associated Template Record.
模板撤回消息必须在与关联模板记录相同的SCTP流上发送。
The Template Withdrawal Message MUST be sent reliably, using SCTP-ordered delivery per [RFC5101]. As all IPFIX Messages are sent in order within an SCTP stream (per the specifications in this document), the IPFIX Message containing the Template Withdrawal Message will not arrive at the Collecting Process before any associated and previously sent Data Record. As a consequence, no Data Records will be lost due to delayed arrival at the Collecting Process.
模板撤回消息必须根据[RFC5101]使用SCTP有序交付可靠发送。由于所有IPFIX消息都是在SCTP流中按顺序发送的(根据本文档中的规范),因此包含模板撤回消息的IPFIX消息不会在任何关联和先前发送的数据记录之前到达收集过程。因此,数据记录不会因延迟到达收集过程而丢失。
The Template ID from a withdrawn Template MAY be reused on the same SCTP stream immediately after the Template Withdrawal Message is sent. This case is equivalent to the use of a Template Reuse Delay value of 0.
在发送模板撤回消息后,可立即在同一SCTP流上重新使用撤回模板的模板ID。这种情况相当于使用模板重用延迟值0。
After reusing the Template ID, the Exporting Process MUST send a Data Record associated with the Data Records Reliability Options Template to specify the reliability level of the Data Records associated with the new Template.
重用模板ID后,导出过程必须发送与数据记录可靠性选项模板关联的数据记录,以指定与新模板关联的数据记录的可靠性级别。
If the Template ID is to be reused on a different SCTP stream, the new Template Record MUST NOT be sent before the Template Reuse Delay interval.
如果要在不同的SCTP流上重用模板ID,则不得在模板重用延迟间隔之前发送新模板记录。
A Template Withdrawal Message to withdraw all Templates for the Observation Domain ID specified in the IPFIX Message header MUST NOT be used.
不得使用模板撤回消息来撤回IPFIX消息头中指定的观察域ID的所有模板。
Multiple Template IDs MAY be withdrawn with a single Template Withdrawal Message under the condition that all the Template IDs in the Template Withdrawal Message are used on the same SCTP stream as the Template Withdrawal Message.
在模板撤回消息中的所有模板ID与模板撤回消息在同一SCTP流中使用的条件下,可以使用单个模板撤回消息撤回多个模板ID。
Collecting Processes must operate in a fashion slightly contrary to [RFC5101] in order to realize the full benefits of per-stream export. However, the specification in this section contains a mechanism that allows per-stream-capable Collecting Processes to selectively enable per-stream export, in order to ensure interoperability of per-stream-capable Collecting Processes with Exporting Processes that do not implement per-stream export.
收集过程必须以稍微与[RFC5101]相反的方式运行,以实现每流输出的全部好处。但是,本节中的规范包含一种机制,允许支持每流的收集进程选择性地启用每流导出,以确保支持每流的收集进程与不实现每流导出的导出进程的互操作性。
As specified in [RFC5101], the Collecting Process SHOULD listen for a new association request from the Exporting Process. The Exporting Process will request a number of SCTP streams to use for export.
如[RFC5101]中所述,收集进程应侦听来自导出进程的新关联请求。导出过程将请求多个SCTP流用于导出。
A Collecting Process SHOULD support the procedure for the addition of an SCTP stream specified in [RFC6525].
收集过程应支持[RFC6525]中规定的添加SCTP流的程序。
In IPFIX, there is no explicit notification of the Exporting Process's capabilities. There is also no return channel for the Collecting Process to communicate its capabilities.
在IPFIX中,没有导出进程功能的明确通知。收集过程也没有返回通道来传递其功能。
When the Exporting Process is sending according to the per-SCTP-stream extension, the first Data Record received by the Collecting Process will be associated with the Data Records Reliability Options
当导出进程根据每个SCTP流扩展发送时,收集进程接收到的第一条数据记录将与数据记录可靠性选项相关联
Template. In this case, the Collecting Process enables the extension for this Transport Session. Otherwise, the Collecting Process MUST NOT enable the extension for this Transport Session.
样板在这种情况下,收集过程启用此传输会话的扩展。否则,收集进程不能为此传输会话启用扩展。
The Collecting Process MUST accept other non-scope Information Elements in the Data Records Reliability Options Template.
收集过程必须接受数据记录可靠性选项模板中的其他非范围信息元素。
Nothing prevents an implementation that does not meet the specification of the per-SCTP-stream extension from sending a Template that looks like a dataRecordsReliability Options Template. Therefore, a Collecting Process MUST detect if the Exporting Process fails to meet the specification fully. If any of the conditions below is met, the Exporting Process does not properly use the per-SCTP-stream extension, and the Collecting Process MUST log an error message and disable this extension for the SCTP association.
没有任何东西可以阻止不符合per SCTP流扩展规范的实现发送类似于dataRecordsReliability Options模板的模板。因此,收集过程必须检测导出过程是否完全符合规范。如果满足以下任何条件,则导出进程不会正确使用每SCTP流扩展,收集进程必须记录错误消息,并为SCTP关联禁用此扩展。
1. A Data Record is received before the appropriate Data Record associated with the Data Records Reliability Options Template has been received on the same SCTP stream (see Section 4.2). Note: Data Records associated with the Data Records Reliability Options Template are an exception to this rule.
1. 在同一SCTP流上收到与数据记录可靠性选项模板相关的适当数据记录之前,收到数据记录(见第4.2节)。注意:与数据记录可靠性选项模板关联的数据记录是此规则的例外。
2. A Data Record associated with a Data Records Reliability Options Template is received on an SCTP stream for a (non-Options) Template that was defined on a different SCTP stream.
2. 对于在不同SCTP流上定义的(非选项)模板,在SCTP流上接收与数据记录可靠性选项模板相关联的数据记录。
3. A second Data Record associated with the Data Records Reliability Options Template is received for the same (Options) Template.
3. 为同一(选项)模板接收与数据记录可靠性选项模板关联的第二个数据记录。
4. A Data Record or a Template Withdrawal Message is associated with a Template that was defined on a different SCTP stream.
4. 数据记录或模板撤回消息与在不同SCTP流上定义的模板相关联。
5. Loss of Data Records is detected within a stream where a Data Record associated with the Data Records Reliability Options Template indicating unreliable transmission for any Template has not been received.
5. 在与数据记录可靠性选项模板相关联的数据记录未被接收的流中检测到数据记录丢失,该模板指示任何模板的不可靠传输。
6. A message is received with the SCTP U(nordered) flag set to 1 (i.e., the message was sent unordered), even if it is processed in order.
6. 接收到SCTP U(nordered)标志设置为1的消息(即消息是无序发送的),即使它是按顺序处理的。
As specified in [RFC5101], the IPFIX protocol has a Sequence Number field in the IPFIX Message header that increases with the number of IPFIX Data Records in the IPFIX Message. A Collecting Process may detect out-of-sequence, dropped, or duplicate IPFIX Messages by tracking the Sequence Number.
如[RFC5101]所述,IPFIX协议在IPFIX消息头中有一个序列号字段,该字段随IPFIX消息中IPFIX数据记录的数量而增加。收集过程可以通过跟踪序列号来检测无序、丢弃或重复的IPFIX消息。
When one or more sequential IPFIX Messages are considered lost, the number of lost Data Records is equal to the Sequence Number of the first IPFIX Message Header following the lost packets (S2) minus the Sequence Number of the first lost IPFIX Message (S1). The Sequence Number of the first lost IPFIX Message can be calculated as the Sequence Number of the last IPFIX Message before the sequence of lost IPFIX Messages (S0) plus the number of Data Records in that IPFIX Message (N0).
当一个或多个连续IPFIX消息被视为丢失时,丢失数据记录的数量等于丢失数据包(S2)后的第一个IPFIX消息头的序列号减去第一个丢失IPFIX消息(S1)的序列号。第一条丢失的IPFIX消息的序列号可以计算为丢失的IPFIX消息序列(S0)之前的最后一条IPFIX消息的序列号加上该IPFIX消息中的数据记录数(N0)。
S1 = S0 + N0 loss = (S2 - S1) (mod(2^32)) = (S2 - (S0 + N0)) (mod(2^32))
S1 = S0 + N0 loss = (S2 - S1) (mod(2^32)) = (S2 - (S0 + N0)) (mod(2^32))
Note that modulo 2^32 arithmetic is required, since the Sequence Number may wrap within the series of lost IPFIX Messages. If less than 2^32 Data Records are lost in a sequence (which can be assumed in practice), the above equation returns the exact number of lost Data Records.
请注意,由于序列号可能包装在丢失的IPFIX消息系列中,因此需要模2^32算法。如果在一个序列中丢失的数据记录少于2^32条(在实践中可以假设),则上述等式返回丢失数据记录的确切数量。
Note that using an unsigned32 type for the loss would automatically take care of the mod(2^32) operation.
请注意,对丢失使用unsigned32类型将自动处理mod(2^32)操作。
As this Sequence Number is incremented per SCTP stream, the loss of Data Records sent in that SCTP stream can be calculated in the case of partially reliable export. This loss can be attributed to the Data Records sent for the (Options) Template(s) whose records are being sent unreliably within that SCTP stream.
由于该序列号在每个SCTP流中递增,因此可以在部分可靠导出的情况下计算在该SCTP流中发送的数据记录的丢失。此丢失可归因于为(选项)模板发送的数据记录,其记录在该SCTP流中不可靠地发送。
Although adding the new SCTP streams requires a message exchange, it is more lightweight to set up additional SCTP streams than to set up a new SCTP association, since the only overhead of adding SCTP stream(s) to an existing SCTP association is the addition of 16-24 more bytes (allocated in the SCTP association, a single time), whereas setting up a new SCTP association requires more overhead.
尽管添加新的SCTP流需要进行消息交换,但设置额外的SCTP流比设置新的SCTP关联更为轻量级,因为将SCTP流添加到现有SCTP关联的唯一开销是增加16-24个字节(在SCTP关联中分配,一次),然而,建立一个新的SCTP关联需要更多的开销。
In terms of throughput impact, the fact that these specifications discourage multiplexing Templates and Data Records of different Template IDs may lead to a slightly larger IPFIX Message overhead.
就吞吐量影响而言,这些规范不鼓励多路复用不同模板ID的模板和数据记录这一事实可能会导致稍大的IPFIX消息开销。
If the Data Record rate is low for a specific Template (and hence a specific SCTP stream), the Exporting Process might not be able to fill the IPFIX Messages with Data Records associated with other Templates. In such a situation, there is a potential overhead due to additional IPFIX Message headers and SCTP chunk headers.
如果特定模板(以及特定SCTP流)的数据记录率较低,则导出过程可能无法使用与其他模板关联的数据记录填充IPFIX消息。在这种情况下,由于额外的IPFIX消息头和SCTP块头,可能会产生开销。
Finally, with respect to the processing overhead on the Exporter, a lot of state information must be stored when a large number of SCTP streams are used within an SCTP association. However, no comparison of the performance impact of multiple streams within an SCTP association versus opening the same number of independent SCTP associations is available.
最后,关于导出器上的处理开销,当在SCTP关联中使用大量SCTP流时,必须存储大量状态信息。但是,无法比较SCTP关联内多个流与打开相同数量的独立SCTP关联对性能的影响。
Figure 1 shows an example where SCTP stream 10 carries a Template Record with Template ID 257 transmitted with full reliability (FR), together with associated Data Records transmitted with partial reliability (PR). The Data Records Reliability Options Template with Template ID 256 is transmitted with full reliability. Its corresponding Data Set contains one Data Record.
图1显示了一个示例,其中SCTP流10携带以完全可靠性(FR)传输的模板ID为257的模板记录,以及以部分可靠性(PR)传输的相关数据记录。模板ID为256的数据记录可靠性选项模板以完全可靠的方式传输。其对应的数据集包含一条数据记录。
Record 1:
记录1:
o Scope: Template ID = 257 o Non-scope: dataRecordsReliability = False
o 作用域:模板ID=257 o非作用域:DataRecordsResponsibility=False
+--------+ +---------+ +--------+ | | | | | | stream 10 ----| Data | . . . | Data |---| Data |---... | 257 | | 257 | | 256 | | PR| | PR| | FR| +--------+ +---------+ +--------+
+--------+ +---------+ +--------+ | | | | | | stream 10 ----| Data | . . . | Data |---| Data |---... | 257 | | 257 | | 256 | | PR| | PR| | FR| +--------+ +---------+ +--------+
+----------+ +-------------+ | | | Reliability | | | | Options | ...---| Template |-------| Template |------> | 257 | | 256 | | FR| | FR| +----------+ +-------------+
+----------+ +-------------+ | | | Reliability | | | | Options | ...---| Template |-------| Template |------> | 257 | | 256 | | FR| | FR| +----------+ +-------------+
Figure 1
图1
Note that Template 257 will always be processed before the Data Records by the Collecting Process, because all IPFIX Messages are sent in order within an SCTP stream. Therefore, the job of the Collecting Process is simplified. Furthermore, the Data Record loss for Template 257 can easily be calculated by the Collecting Process.
请注意,模板257将始终在收集过程处理数据记录之前进行处理,因为所有IPFIX消息都是在SCTP流中按顺序发送的。因此,简化了收集过程的工作。此外,通过收集处理可以容易地计算模板257的数据记录丢失。
If an Options Template is necessary to understand the content of a Data Record (i.e., the scope in the Options Template Record is an Information Element contained in the Data Record or associated with the Data Record), the Options Template Record should be sent in the same SCTP stream, as displayed in Figure 2.
如果需要使用选项模板来理解数据记录的内容(即,选项模板记录中的范围是数据记录中包含的信息元素或与数据记录关联的信息元素),则应在相同的SCTP流中发送选项模板记录,如图2所示。
+--------+ +--------+ +--------+ | | | | | | stream 20 ----| Data |...| Data |-----| Data |--- ... | 260 | | 260 | | 259 | | PR| | PR| | FR| +--------+ +--------+ +--------+
+--------+ +--------+ +--------+ | | | | | | stream 20 ----| Data |...| Data |-----| Data |--- ... | 260 | | 260 | | 259 | | PR| | PR| | FR| +--------+ +--------+ +--------+
+--------+ +----------+ | | | | ...---| Data |-------| Template |---... | 258 | | 260 | | FR| | FR| +--------+ +----------+
+--------+ +----------+ | | | | ...---| Data |-------| Template |---... | 258 | | 260 | | FR| | FR| +--------+ +----------+
+----------+ +-------------+ | Options | | Reliability | | Template | | Options | ...---| |-------| Template |------> | 259 | | 258 | | FR| | FR| +----------+ +-------------+
+----------+ +-------------+ | Options | | Reliability | | Template | | Options | ...---| |-------| Template |------> | 259 | | 258 | | FR| | FR| +----------+ +-------------+
Figure 2
图2
Figure 2 shows an example where SCTP stream 20 carries the following:
图2显示了SCTP流20承载以下内容的示例:
- a Data Records Reliability Options Template with Template ID 258, transmitted with full reliability.
- 数据记录可靠性选项模板ID为258,以完全可靠性传输。
- an Options Template Record with Template ID 259, transmitted with full reliability. This Options Template Record contains additional information related to the subsequent Data Records based on Template ID 260. Typical examples are the Common Properties information [RFC5473] or the Selector Report Interpretation [RFC5476].
- 模板ID为259的选项模板记录,以完全可靠的方式传输。此选项模板记录包含与基于模板ID 260的后续数据记录相关的附加信息。典型示例为公共属性信息[RFC5473]或选择器报告解释[RFC5476]。
- a Template Record with Template ID 260, transmitted with full reliability.
- 模板ID为260的模板记录,以完全可靠的方式传输。
- a Data Set specified by the Reliability Options Template with Template ID 258, transmitted with full reliability.
- 由模板ID为258的可靠性选项模板指定的数据集,以完全可靠性传输。
The Data Set contains three Data Records:
数据集包含三个数据记录:
Record 1: o Scope: Template ID = 258 o Non-scope: dataRecordsReliability = True
Record 1: o Scope: Template ID = 258 o Non-scope: dataRecordsReliability = True
Record 2: o Scope: Template ID = 259 o Non-scope: dataRecordsReliability = True
Record 2: o Scope: Template ID = 259 o Non-scope: dataRecordsReliability = True
Record 3: o Scope: Template ID = 260 o Non-scope: dataRecordsReliability = False
Record 3: o Scope: Template ID = 260 o Non-scope: dataRecordsReliability = False
These Data Records inform the Collecting Process that the Data Records for Template IDs 258 and 259 are sent reliably, while the Data Records for Template ID 260 are not. Note that the first Data Record associated with the Data Record Reliability Options Template (Template ID 258) is not required and can be omitted.
这些数据记录通知收集过程,模板ID 258和259的数据记录被可靠地发送,而模板ID 260的数据记录没有被可靠地发送。注意,与数据记录可靠性选项模板(模板ID 258)相关联的第一个数据记录不是必需的,可以省略。
- a Data Record specified by Template ID 259, transmitted with full reliability.
- 由模板ID 259指定的数据记录,以完全可靠的方式传输。
- a Data Record specified by Template ID 260, transmitted with partial reliability.
- 由模板ID 260指定的数据记录,以部分可靠性传输。
If the Collecting Process observes some Data Record loss using the Sequence Number, the loss can only stem from the Data Records associated with Template ID 260, as these are the only Data Records not exported reliably. Therefore, the calculation of loss per Template ID 260 is possible.
如果收集过程使用序列号观察到一些数据记录丢失,则丢失只能来自与模板ID 260相关联的数据记录,因为这些是唯一不能可靠导出的数据记录。因此,可以计算每个模板ID 260的损失。
Note that Options Templates 258, 259, and 260 will always arrive before their associated Data Records, respectively, because all IPFIX Messages must be sent in order within an SCTP stream.
请注意,选项模板258、259和260将始终分别在其相关数据记录之前到达,因为所有IPFIX消息必须在SCTP流中按顺序发送。
Figure 3 shows an example where SCTP stream 30 carries a Template Record with Template ID 262 transmitted with full reliability, an associated Data Record transmitted with full reliability, and a Template Withdrawal Message, followed by a redefinition of Template ID 262, and finally the Data Record associated with the new Template transmitted with partial reliability. The Template Withdrawal Message and the new definition of Template ID 262 are sent immediately, without waiting for the Template Reuse Delay interval.
图3显示了一个示例,其中SCTP流30携带以完全可靠性传输的具有模板ID 262的模板记录、以完全可靠性传输的关联数据记录和模板撤回消息,随后是模板ID 262的重新定义,最后,与新模板关联的数据记录以部分可靠性传输。立即发送模板撤回消息和模板ID 262的新定义,而不等待模板重用延迟间隔。
+--------+ +----------+ +----------+ | | |Data | | | stream 30 ... ---| Data |...| 261 |-----| Template |--- | 262 | |tmpID: 262| | 262 | | PR| |dRR: False| | FR| +--------+ +----------+ +----------+
+--------+ +----------+ +----------+ | | |Data | | | stream 30 ... ---| Data |...| 261 |-----| Template |--- | 262 | |tmpID: 262| | 262 | | PR| |dRR: False| | FR| +--------+ +----------+ +----------+
+----------+ +--------+ +----------+ | Template | | | | Data | ...| Withdraw |-----| Data |-------| 261 |---... | 262 | | 262 | |tmpID: 262| | FR| | FR| |dRR: True| +----------+ +--------+ +----------+
+----------+ +--------+ +----------+ | Template | | | | Data | ...| Withdraw |-----| Data |-------| 261 |---... | 262 | | 262 | |tmpID: 262| | FR| | FR| |dRR: True| +----------+ +--------+ +----------+
+----------+ +-------------+ | | | Reliability | | Template | | Options | ...---| |-------| Template |------> | 262 | | 261 | | FR| | FR| +----------+ +-------------+
+----------+ +-------------+ | | | Reliability | | Template | | Options | ...---| |-------| Template |------> | 262 | | 261 | | FR| | FR| +----------+ +-------------+
dRR: Data Records Reliability
数据记录可靠性
Figure 3
图3
The second Data Record associated with the Data Records Reliability Options Template shows that the Data Records associated with the newly specified Template ID 262 will be sent unreliably.
与数据记录可靠性选项模板关联的第二个数据记录表明,与新指定的模板ID 262关联的数据记录将不可靠地发送。
According to the process defined in [RFC5102], IANA has allocated the dataRecordsReliability Information Element (defined in Section 4.1) in the "IPFIX Information Elements" registry [IANA].
根据[RFC5102]中定义的流程,IANA已在“IPFIX信息元素”注册表[IANA]中分配了dataRecordsReliability信息元素(定义见第4.1节)。
The same security considerations as for the IPFIX protocol [RFC5101] apply.
适用与IPFIX协议[RFC5101]相同的安全注意事项。
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[RFC3758] Stewart, R., Ramalho, M., Xie, Q., Tuexen, M., and P. Conrad, "Stream Control Transmission Protocol (SCTP) Partial Reliability Extension", RFC 3758, May 2004.
[RFC3758]Stewart,R.,Ramalho,M.,Xie,Q.,Tuexen,M.,和P.Conrad,“流控制传输协议(SCTP)部分可靠性扩展”,RFC 3758,2004年5月。
[RFC4960] Stewart, R., Ed., "Stream Control Transmission Protocol", RFC 4960, September 2007.
[RFC4960]Stewart,R.,Ed.“流控制传输协议”,RFC 49602007年9月。
[RFC5101] Claise, B., Ed., "Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information", RFC 5101, January 2008.
[RFC5101]Claise,B.,Ed.,“交换IP流量信息的IP流量信息导出(IPFIX)协议规范”,RFC 5101,2008年1月。
[RFC5102] Quittek, J., Bryant, S., Claise, B., Aitken, P., and J. Meyer, "Information Model for IP Flow Information Export", RFC 5102, January 2008.
[RFC5102]Quitek,J.,Bryant,S.,Claise,B.,Aitken,P.,和J.Meyer,“IP流信息导出的信息模型”,RFC 5102,2008年1月。
[RFC5475] Zseby, T., Molina, M., Duffield, N., Niccolini, S., and F. Raspall, "Sampling and Filtering Techniques for IP Packet Selection", RFC 5475, March 2009.
[RFC5475]Zseby,T.,Molina,M.,Duffield,N.,Niccolini,S.,和F.Raspall,“IP数据包选择的采样和过滤技术”,RFC 5475,2009年3月。
[RFC6525] Stewart, R., Tuexen, M., and P. Lei, "Stream Control Transmission Protocol (SCTP) Stream Reconfiguration", RFC 6525, February 2012.
[RFC6525]Stewart,R.,Tuexen,M.,和P.Lei,“流控制传输协议(SCTP)流重新配置”,RFC 65252012年2月。
[IANA] IPFIX Information Elements Registry, <http://www.iana.org/assignments/ipfix>.
[IANA]IPFIX信息元素注册表<http://www.iana.org/assignments/ipfix>.
[RFC3917] Quittek, J., Zseby, T., Claise, B., and S. Zander, "Requirements for IP Flow Information Export (IPFIX)", RFC 3917, October 2004.
[RFC3917]Quitek,J.,Zseby,T.,Claise,B.,和S.Zander,“IP流信息导出(IPFIX)的要求”,RFC 39172004年10月。
[RFC5470] Sadasivan, G., Brownlee, N., Claise, B., and J. Quittek, "Architecture for IP Flow Information Export", RFC 5470, March 2009.
[RFC5470]Sadasivan,G.,Brownlee,N.,Claise,B.,和J.Quitek,“IP流信息导出架构”,RFC 54702009年3月。
[RFC5472] Zseby, T., Boschi, E., Brownlee, N., and B. Claise, "IP Flow Information Export (IPFIX) Applicability", RFC 5472, March 2009.
[RFC5472]Zseby,T.,Boschi,E.,Brownlee,N.,和B.Claise,“IP流信息导出(IPFIX)适用性”,RFC 54722009年3月。
[RFC5473] Boschi, E., Mark, L., and B. Claise, "Reducing Redundancy in IP Flow Information Export (IPFIX) and Packet Sampling (PSAMP) Reports", RFC 5473, March 2009.
[RFC5473]Boschi,E.,Mark,L.,和B.Claise,“减少IP流信息导出(IPFIX)和数据包采样(PSAMP)报告中的冗余”,RFC 5473,2009年3月。
[RFC5474] Duffield, N., Ed., Chiou, D., Claise, B., Greenberg, A., Grossglauser, M., and J. Rexford, "A Framework for Packet Selection and Reporting", RFC 5474, March 2009.
[RFC5474]Duffield,N.,Ed.,Chiou,D.,Claise,B.,Greenberg,A.,Grossglauser,M.,和J.Rexford,“数据包选择和报告框架”,RFC 54742009年3月。
[RFC5476] Claise, B., Ed., Johnson, A., and J. Quittek, "Packet Sampling (PSAMP) Protocol Specifications", RFC 5476, March 2009.
[RFC5476]Claise,B.,Ed.,Johnson,A.,和J.Quittek,“数据包采样(PSAMP)协议规范”,RFC 54762009年3月。
[RFC5477] Dietz, T., Claise, B., Aitken, P., Dressler, F., and G. Carle, "Information Model for Packet Sampling Exports", RFC 5477, March 2009.
[RFC5477]Dietz,T.,Claise,B.,Aitken,P.,Dressler,F.,和G.Carle,“数据包抽样出口的信息模型”,RFC 5477,2009年3月。
The authors would like to thank Brian Trammell for his expert feedback and continuous effort to improve the specifications; Elisa Boschi for her thorough reading; Randall Stewart, Peter Lei, and Michael Tuexen for their SCTP-related feedback and expertise; and Tobias Limmer.
作者要感谢Brian Trammell的专家反馈和不断改进规范的努力;伊莉莎·博希对她透彻的阅读;Randall Stewart、Peter Lei和Michael Tuexen的SCTP相关反馈和专业知识;还有托比亚斯·利默。
Authors' Addresses
作者地址
Benoit Claise Cisco Systems, Inc. De Kleetlaan 6a b1 Diegem 1813 Belgium
比利时Benoit Claise思科系统有限公司De Kleetlaan 6a b1 Diegem 1813
Phone: +32 2 704 5622 EMail: bclaise@cisco.com
Phone: +32 2 704 5622 EMail: bclaise@cisco.com
Paul Aitken Cisco Systems, Inc. 96 Commercial Quay Commercial Street Edinburgh, EH6 6LX, United Kingdom
Paul Aitken Cisco Systems,Inc.英国爱丁堡商业码头商业街96号,EH6 6LX
Phone: +44 131 561 3616 EMail: paitken@cisco.com
Phone: +44 131 561 3616 EMail: paitken@cisco.com
Andrew Johnson Cisco Systems, Inc. 96 Commercial Quay Commercial Street Edinburgh, EH6 6LX, United Kingdom
安德鲁·约翰逊思科系统公司,英国爱丁堡商业码头商业街96号,EH6 6LX
Phone: +44 131 561 3641 EMail: andrjohn@cisco.com
Phone: +44 131 561 3641 EMail: andrjohn@cisco.com
Gerhard Muenz Technische Universitaet Muenchen Department of Informatics - I8 Boltzmannstr. 3 Garching D-85748 DE
德国慕尼黑大学信息学系Gerhard Muenz Technische-I8 Boltzmannstr。3加兴D-85748 DE
EMail: muenz@net.in.tum.de URI: http://www.net.in.tum.de/~muenz
EMail: muenz@net.in.tum.de URI: http://www.net.in.tum.de/~muenz