IPFIX Default Transport IPFIX IETF-58 November 10, 2003

1
IPFIX Default TransportIPFIX IETF-58 November
10, 2003

• Stewart Bryant ltstbryant_at_cisco.comgt
• Benoit Claise ltbclaise_at_cisco.comgt

2
The Issue

• IPFIX needs to specify a default, TCP friendly
  transport protocol.
• TCP friendly IETF transports defined, or in late
  stages of specification are TCP, SCTP, PR-SCTP
  and DCCP.
• Some members of the WG propose that we
  standardise on TCP because it is ubiquitous.
• Other members of the WG propose that we
  standardise on PR-SCTP because its greater range
  of functionality better addresses the spectrum of
  IPFIX needs.

3
Why SCTP PR-SCTP

• Architecturally its the right protocol for the
  job.

4
Best Fit to Architecture.

• SCTP with the PR-SCTP extensions
• Delivers reliable information just as TCP does.
• During uncongested periods, all the records
  marked for deletion under congestion will be
  reliably delivered.
• During congested periods, the sender will begin
  to drop packets to protect the network.
• PR-SCTP therefore offers all the advantages of
  TCP together with much of the flexibility of UDP,
  and is at all times TCP-friendly.

5
PR-SCTP Flexibility
PR-SCTP allows the IPFIX application the
flexibility to use reliable, partially reliable
and unreliable, over one association with
multiple streams. For example some Options
Template reporting and some metering info might
use the reliable stream while the Data Records
would use the partially reliable stream.
6
Availability promotes use

• Choosing PR-SCTP as the default protocol means
  that PR-SCTP will be available to all exporters
  and collectors.
• quicker failover
• multihoming
• These would otherwise have to be constructed at
  applications level.

7
PR-SCTP availability
"PR-SCTP is not deployed widely enough to be
considered a default for any IETF technology."
There are about 20 implementations for
SCTP. PR-SCTP is an extension of SCTP which is
available. PR-SCTP may not yet be there in all
of the implementations, but that is not a problem
either since if you don't have PR-SCTP then you
end up with basic SCTP with full reliability,
which is no different than TCP.
8
We need a Transport with an RFC
"The default transport for a standards track
protocol should at least be an RFC. " RFC
PR-SCTP finished TSVWG last call quite some time
ago, and will go to IESG last call as soon as the
AD review phase is complete. This will happen
shortly. PR-SCTP will be an RFC long before
IPFIX. 
9
Weaning the Internet off UDP
Ultimately the IPFIX RFC is only a guide. The
customer will specify the system they need for
their business, and vendors will build them.
UDP is available today for export and demand
for this is likely to continue. UDP is a very
low overhead protocol and is available on ALL
platforms under consideration. The IETF needs to
migrate users away from UDP and SCTP better
provides better prospect for this than TCP.
10
Availability

• Assertion "SCTP is not widely implemented"
• SCTP is available on
• HP-UX
• Solaris
• Linux
• BSD
• Windows

11
Why not TCP?

• TCP has a single mode - reliable congestion
  aware.
• Partial reliability has to be synthesised in the
  application.
• By the time you have the code to do this
  synthesis, you have implemented an inferior
  version of SCTP in the application.