Presentation is loading. Please wait.

Presentation is loading. Please wait.

An IST Projecthttp://www.ist-scampi.org/ Implementing IPFIX Luca Deri NETikos S.p.A.

Published byShonda McDonald Modified over 9 years ago

Similar presentations

Presentation on theme: "An IST Projecthttp://www.ist-scampi.org/ Implementing IPFIX Luca Deri NETikos S.p.A."— Presentation transcript:

1 An IST Projecthttp://www.ist-scampi.org/ Implementing IPFIX Luca Deri NETikos S.p.A.

2 An IST Projecthttp://www.ist-scampi.org/ Implementation Overview This work evaluated the effort required to implement IPFIX starting from NetFlow v9 because: –NetFlow is the leading protocol for flow-based measurements. –This is a reasonable scenario at least for the early days of IPFIX. Implementing IPFIX basically means: –Provide support for vendor-specific (I.e. non IETF) field types. –Add SCTP support.

3 An IST Projecthttp://www.ist-scampi.org/ Vendor-Specific Extensions Vendor-specific fields are defined using a PEN (IANA enterprise number) and a numeric field. As templates and flows are slightly different from IETF- defined fields this requires the implementation of additional logic inside the IPFIX applications. Suggestion: IETF should unify the template format using an unique format for both IETF and vendor-specific fields.

4 An IST Projecthttp://www.ist-scampi.org/ SCTP Support It is a shift from connection-less to connection-oriented protocols. Little coding is necessary for supporting the protocol ‘per-se’. Reduce template traffic: they are sent at the beginning or in case of reconnection. Major code changes the probe supports multiple collectors: it is necessary to resend the templates per- connection (i.e. only when it’s necessary).

5 An IST Projecthttp://www.ist-scampi.org/ SCTP Issues Flows are (often) acknowledged (almost) immediately increasing significantly the network traffic. This amplifies problems in some situations (e.g. in case of DoS attacks). SCTP is supported only on a few platforms and there are no plans to support it in Windows or network equipment. This could limit the usage of IPFIX at least in its early days. Unclear how reliable/robust is SCTP and how it behaves in production environments (network attacks?).

6 An IST Projecthttp://www.ist-scampi.org/ IPFIX Evaluation IPFIX Evaluation: –It’s basically a “standard” NetFlow (that’s both good and bad). –Very little innovation after 10 years of flow-based measurement. Major IPFIX limitations are: –No dynamic templates: static templates push people to define a “super- template” that contains everything even if only a few fields are used. –Ability to define flows but not flow headers. –Still based on the concept of flow-packet even with SCTP. –One-way protocol (probe->collector): no support for configuration, monitoring, and error reporting (e.g. via SNMP like sFlow does). –Too tight to NetFlow: will IPFIX be able to grow and evolve without Cisco’s blessing?

7 An IST Projecthttp://www.ist-scampi.org/ IPFIX Feedback Written Internet Draft about IPFIX implementation experience. Implemented IPFIX support in both probe and collector (ntop). Availability: http://www.ntop.org/

Download ppt "An IST Projecthttp://www.ist-scampi.org/ Implementing IPFIX Luca Deri NETikos S.p.A."

Similar presentations

 IPv6 Has built in security via IPsec (Internet Protocol Security). ◦ IPsec Operates at OSI layer 3 or internet layer of the Internet Protocol Suite.

 IPv6 Has built in security via IPsec (Internet Protocol Security). ◦ IPsec Operates at OSI layer 3 or internet layer of the Internet Protocol Suite.
20.1 Chapter 20 Network Layer: Internet Protocol Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

20.1 Chapter 20 Network Layer: Internet Protocol Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Progress Report: Metering NSLP (M-NSLP) 66th IETF meeting, NSIS WG.

Progress Report: Metering NSLP (M-NSLP) 66th IETF meeting, NSIS WG.
Fraunhofer FOKUS Context Management in Dynamic Environments IWCMC 2009, June 2009 Jens Tiemann Humberto Astudillo Evgenij Belikov Fraunhofer Institute.

Fraunhofer FOKUS Context Management in Dynamic Environments IWCMC 2009, June 2009 Jens Tiemann Humberto Astudillo Evgenij Belikov Fraunhofer Institute.
CISCO NETWORKING ACADEMY Chabot College ELEC 99.05 Transport Layer (4)

CISCO NETWORKING ACADEMY Chabot College ELEC Transport Layer (4)
CCNA – Network Fundamentals

CCNA – Network Fundamentals
IS333, Ch. 26: TCP Victor Norman Calvin College 1.

IS333, Ch. 26: TCP Victor Norman Calvin College 1.
A Software Defined Approach to Unified IPv6 Transition.

A Software Defined Approach to Unified IPv6 Transition.
TCP/IP Protocol Suite 1 Chapter 13 Upon completion you will be able to: Stream Control Transmission Protocol Be able to name and understand the services.

TCP/IP Protocol Suite 1 Chapter 13 Upon completion you will be able to: Stream Control Transmission Protocol Be able to name and understand the services.
MONITORING TOOLS Open Source Security Tools to monitor your network.

MONITORING TOOLS Open Source Security Tools to monitor your network.
NetFlow Analyzer Drilldown to the root-QoS Product Overview.

NetFlow Analyzer Drilldown to the root-QoS Product Overview.
Process-to-Process Delivery:

Process-to-Process Delivery:
Gursharan Singh Tatla Transport Layer 16-May-2011 1

Gursharan Singh Tatla Transport Layer 16-May
Ensuring the Reliability of Data Delivery © 2004 Cisco Systems, Inc. All rights reserved. Understanding How UDP and TCP Work INTRO v2.0—6-1.

Ensuring the Reliability of Data Delivery © 2004 Cisco Systems, Inc. All rights reserved. Understanding How UDP and TCP Work INTRO v2.0—6-1.
1 PSAMP Protocol Specifications IPFIX IETF-64 November 10th, 2005 Benoit Claise Juergen Quittek Andrew Johnson.

1 PSAMP Protocol Specifications IPFIX IETF-64 November 10th, 2005 Benoit Claise Juergen Quittek Andrew Johnson.
Configuration Management With The Internet-Standard Management Framework Jon Saperia Adelaide IETF March 2000.

Configuration Management With The Internet-Standard Management Framework Jon Saperia Adelaide IETF March 2000.
NetfFow Overview SANOG 17 Colombo, Sri Lanka. Agenda Netflow –What it is and how it works –Uses and Applications Vendor Configurations/ Implementation.

NetfFow Overview SANOG 17 Colombo, Sri Lanka. Agenda Netflow –What it is and how it works –Uses and Applications Vendor Configurations/ Implementation.
Draft-molina-flow-selection-00 Maurizio Molina,. 2 © NEC Europe Ltd., 2002 Network Laboratories, Heidelberg Motivation, Background (1/2) Flow selection.

Draft-molina-flow-selection-00 Maurizio Molina,. 2 © NEC Europe Ltd., 2002 Network Laboratories, Heidelberg Motivation, Background (1/2) Flow selection.
Internet Traffic Management. Basic Concept of Traffic Need of Traffic Management Measuring Traffic Traffic Control and Management Quality and Pricing.

Internet Traffic Management. Basic Concept of Traffic Need of Traffic Management Measuring Traffic Traffic Control and Management Quality and Pricing.
Fraunhofer FOKUSCompetence Center NET T. Zseby, CC NET1 IPFIX – IP Flow Information Export Overview Tanja Zseby Fraunhofer FOKUS, Network Research.

Fraunhofer FOKUSCompetence Center NET T. Zseby, CC NET1 IPFIX – IP Flow Information Export Overview Tanja Zseby Fraunhofer FOKUS, Network Research.

Similar presentations

Ads by Google