IPFIX Working Group O. Festor Internet-Draft Inria Intended Status: Informational A. Lahmadi Expires: July 18, 2014 Universite de Lorraine - LORIA R. Hofstede A. Pras University of Twente January 14, 2014 Information Elements for IPFIX Metering Process Location draft-festor-ipfix-metering-process-location-02 Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on July 18, 2014. Copyright Notice Copyright (c) 2014 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. FESTOR, et al. Expires July 18, 2014 [Page 1] INTERNET DRAFT IPFIX Metering Process Location January 14, 2014 Abstract This document defines a set of Information Elements for the IP Flow Information Export (IPFIX) protocol for exporting location information of any device (both fixed and mobile) that acts as an IPFIX Flow Exporter. The specified Information Elements support both geospatial and civic location data. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Motivation . . . . . . . . . . . . . . . . . . . . . . . . 3 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . 4 2. Relationships with GEOPRIV . . . . . . . . . . . . . . . . . . 4 3. Location Information . . . . . . . . . . . . . . . . . . . . . 4 3.1. Geospatial Location Information . . . . . . . . . . . . . . 4 3.2. Civic Location Information . . . . . . . . . . . . . . . . 5 4. Location Information Elements . . . . . . . . . . . . . . . . . 5 4.1. geospatialLocationCRSCode . . . . . . . . . . . . . . . . . 5 4.2. geospatialLocationLat . . . . . . . . . . . . . . . . . . . 6 4.3. geospatialLocationLng . . . . . . . . . . . . . . . . . . . 6 4.4. geospatialLocationAlt . . . . . . . . . . . . . . . . . . . 6 4.5. geospatialLocationRadius . . . . . . . . . . . . . . . . . 6 4.6. civicLocationType . . . . . . . . . . . . . . . . . . . . . 7 4.7. civicLocationValue . . . . . . . . . . . . . . . . . . . . 7 4.8. locationMethod . . . . . . . . . . . . . . . . . . . . . . 7 4.9. locationTime . . . . . . . . . . . . . . . . . . . . . . . 7 5. Guidelines for Using Location Information Elements . . . . . . 7 6. Recommended Templates for Geospatial and Civic Location Export . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 6.1. Geospatial Point Location Template . . . . . . . . . . . . 8 6.2. Geospatial Circle Location Template . . . . . . . . . . . . 9 6.3. Geospatial List Template . . . . . . . . . . . . . . . . . 10 6.4. Civic Location Template . . . . . . . . . . . . . . . . . . 13 6.5. Compound Location Template . . . . . . . . . . . . . . . . 14 7. Security Considerations . . . . . . . . . . . . . . . . . . . . 15 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 16 8.1. locationMethod Sub-Registry . . . . . . . . . . . . . . . . 16 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 16 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 16 10.1. Normative References . . . . . . . . . . . . . . . . . . . 16 10.2. Informative References . . . . . . . . . . . . . . . . . . 17 Appendix A. Example Implementation . . . . . . . . . . . . . . . . 18 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 19 FESTOR, et al. Expires July 18, 2014 [Page 2] INTERNET DRAFT IPFIX Metering Process Location January 14, 2014 1. Introduction The importance of geographic location information in the Internet is growing rapidly. It can be used for business advertisements, admission control and security analysis, for example. Most mobile devices, such as smart phones, tablets and sensors, have capabilities for determining and exposing their geographic location. Besides that, they are accountable for an increasing share of the overall network traffic. In contrast to fixed devices, which usually have their physical location configured in a static manner, mobile devices can exploit several location systems for obtaining their location. This type of information is already used by a wide range of applications and services, such as navigation systems and friend finder services. Relating the location information of a device to this network traffic can be beneficial to many network management and measurement applications, including traffic profiling, anomaly detection and provider-independent network measurements. Hence, exporting location information associated to traffic Flows is desirable in various situations. The IPFIX protocol [RFC7011] has been designed for the purpose of exporting IP traffic Flows based on Information Elements. This document defines a set of IPFIX Information Elements that provide a means for Metering Processes to encapsulate location information within exported Flows. This will be done by relying on existing location information formats, as they have been developed in other standardization areas for encoding civic locations, geographic coordinates, etc. In summary, this document defines the IPFIX Information Elements that are suitable for encapsulating pre-existing location information data. 1.1. Motivation A typical IPFIX Metering Process is used for aggregating IP traffic and related measurement data into Flow Records at a fixed Observation Point. After expiration, Flow Records are sent to a Flow Collector for storage and analysis. The collected information is typically represented in a purely time-based manner, which means that Flow Records provide an aggregated view on network traffic over time. However, when Metering Processes are running on devices with a (frequently) changing physical location, data analysis applications may need to be aware of these movements since they are likely to affect the behavior of the network in terms of routing, throughput, etc. An example scenario is a virtualized environment, where virtual machines change location during migration from one server to another, or even between data centers. Thus, a location-aware metering process will be able to associate their Flows to their current locations. FESTOR, et al. Expires July 18, 2014 [Page 3] INTERNET DRAFT IPFIX Metering Process Location January 14, 2014 In fact, we are not dealing anymore with Flows associated to a fixed Observation Point, but with a multitude of sub-Flows for which the Observation Point locations have to be reported. To facilitate this, location information needs to be obtained and processed by the Metering Process in an IPFIX Flow Exporter. In the end, it will be beneficial when network management applications are able to relate service quality parameters to location changes, instead of assuming a single location for all observed parameters. 1.2. Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. 2. Relationships with GEOPRIV Associating geographic location information with network traffic on the Internet has been addressed by the GEOPRIV working group. There, a Dynamic Host Configuration Protocol (DHCPv4 and DHCPv6) option containing civic address information has been specified in [RFC4776]. A similar option for geospatial information has been defined in [RFC6225]. The group has also defined a set of requirements to be respected when collecting and using Location Objects related to a specific user [RFC3693]. These requirements include usage policies and privacy preferences associated to the Location Object as expressed by a user. All the security and privacy requirements defined in [RFC3693] concern location data collection, and usage MAY be applied to the IPFIX protocol when conveying location information. The GEOPRIV working group has extended the XML-based Presence Information Data Format in [RFC5491], to allow the encapsulation of location information within a presence document. 3. Location Information The location of a device can generally be defined in two ways, namely by geospatial location coordinates and civic location information. Geospatial location coordinates are made up of latitude, longitude and altitude coordinates, while civic location information encompasses abstract notions of a location, such as "in the kitchen", "in Bakerstreet" or "in a train approaching Nancy, France". The usage of these two types of location representations are addressed by the GEOPRIV group in [RFC5491] and [RFC5139], respectively. This document assumes that devices use one or more existing mechanisms for the purpose of retrieving location information and therefore does not define any new mechanisms for location retrieval. 3.1. Geospatial Location Information FESTOR, et al. Expires July 18, 2014 [Page 4] INTERNET DRAFT IPFIX Metering Process Location January 14, 2014 To obtain geospatial location information, one needs to rely on a numeric coordinate system. Such systems provide location information either in two dimensions (latitude and longitude) or three dimensions (latitude, longitude and altitude). Relying on a single point of location is normally not considered sufficient, since an area or volume of uncertainty SHALL be specified. In theory, this area or volume represents a coverage in which the device has a high probability of being found, and the point is the centroid for the area or volume. In [GeoShape] a set of geometric areas and volumes has been specified to define a location with uncertainty. A standard set of Coordinate Reference Systems (CRS) and units of measure are also specified in [GeoShape]. Implementations MUST specify distances and heights in meters as defined in EPSG 9001. Angular measures MUST be specified using degrees as identified by the EPSG 9102 code. The values of EPSG codes can be resolved by using the CRS Registry Service operated by the Oil and Gas Producers Association [OGP]. 3.2. Civic Location Information In contrast to geospatial location information, which relies on numeric data formats, the civic location format conveys pure textual information. It is applicable to device locations in buildings, for example. It MAY be a civic address closely related to a postal address, commonly used by local postal services for delivering mail. It MAY also be some approximated information, such as "living room", "Office 123 in Building 2". The civic location information format has been addressed in [RFC4776], where a set of parameters are provided to describe civic locations. In contrast to geospatial location information, which is the geospatial location of the device as a set of latitude, longitude and altitude coordinates represented by a CRS, civic location information can often be interpreted even if incomplete. For example, while geospatial information is not available inside buildings, civic location information can still provide an estimation of a device's location. 4. Location Information Elements The following Information Elements can be used for exporting location-related information of a Metering Process. They SHALL be used for exporting geospatial and civic location, together with IPFIX Information Elements already defined for exporting IP traffic Flows. 4.1. geospatialLocationCRSCode Description: Denotes the Coordinate Reference System (CRS) codes according to which the location coordinates are organized and related to the real world, as specified in [GEOSHAPE]. In this document we mandate the use of the World Geodetic System 1984 FESTOR, et al. Expires July 18, 2014 [Page 5] INTERNET DRAFT IPFIX Metering Process Location January 14, 2014 (WGS84) [WGS84] coordinate reference system and the usage of the European petroleum survey group (EPSG) code 4326 for two- dimensional (2D) shape representations and EPSG 4979 for three- dimensional (3D) volume representations. Data Type: unsigned16 Data Type Semantics: identifier PEN (provisional): 12559 (Inria) ElementId: 401 4.2. geospatialLocationLat Description: Denotes the coordinate information value of the latitude. Data Type: float64 PEN (provisional): 12559 (Inria) ElementId (provisional): 402 4.3. geospatialLocationLng Description: Denotes the coordinate information value of the longitude. Data Type: float64 PEN (provisional): 12559 (Inria) ElementId (provisional): 403 4.4. geospatialLocationAlt Description: Denotes the coordinate information value of the altitude. Data Type: float64 PEN (provisional): 12559 (Inria) ElementId (provisional): 404 4.5. geospatialLocationRadius Description: Denotes a radius value (in meters) of a location described using a circular area in a two-dimensional CRS or a sphere shape in a three-dimensional CRS. Data Type: float32 Data Type Semantics: quantity PEN (provisional): 12559 (Inria) ElementId (provisional): 405 FESTOR, et al. Expires July 18, 2014 [Page 6] INTERNET DRAFT IPFIX Metering Process Location January 14, 2014 4.6. civicLocationType Description: Denotes the civic location information type as specified in [RFC4776]. Data Type: unsigned8 PEN (provisional): 12559 (Inria) ElementId (provisional): 406 4.7. civicLocationValue Description: Denotes a civic location information element that MUST be encoded as a UTF-8 string. The location information MAY be a civic address as specified in [RFC4776] or information on proximity to known objects. Data Type: string PEN (provisional): 12559 (Inria) ElementId (provisional): 407 4.8. locationMethod Description: Denotes the way in which the location information has been obtained. The locationMethod sub-registry is defined in Section 8.1. Data Type: unsigned8 Data Type Semantics: identifier PEN (provisional): 12559 (Inria) ElementId (provisional): 408 4.9. locationTime Description: Denotes the time when the location information is obtained on a device acting as an IPFIX Flow Exporter. The time is expressed in seconds since January 1, 1970, 00:00:00 UTC. Data Type: dateTimeSeconds Data Type Semantics: quantity PEN (provisional): 12559 (Inria) ElementId (provisional): 409 5. Guidelines for Using Location Information Elements The specified location Information Elements in this document SHALL be used by a Metering Process for constructing an IPFIX location Template with respect to the following conventions. FESTOR, et al. Expires July 18, 2014 [Page 7] INTERNET DRAFT IPFIX Metering Process Location January 14, 2014 Guideline #1: Location Information Elements MUST describe a discrete location defined as a place, point or area in which a Metering Process (i.e., IPFIX Flow Exporter) can be found. Guideline #2: In situations where a discrete location can be described in multiple ways, each location SHOULD be described by means of a separate Template. A compound Template containing a subTemplateMultiList field [RFC6313] SHOULD be used in which each top-level element corresponds to a different location Template. For example, the location of a device being at the fifth floor of a particular building can be described using both a geospatial point (the location of the building) and civic information (fifth floor of a building). Guideline #3: Exporting more than one location in a Flow Record MUST only be done if the different location descriptions refer to different places. Guideline #4: A Metering Process MAY apply time-based Flow expiration policies as described in Section 5.1.1 of [RFC5470], or location-/distance-based expiration policies. For example, a Metering Process MAY expire current Flows when the device moves from one room to another. Guideline #5: When another type of location data is available and needed to be sent, the Flow Exporter MUST send the template of the new location format. 6. Recommended Templates for Geospatial and Civic Location Export The following Templates are defined as recommended Templates for exporting geospatial and civic location information. The geospatial templates are related to a point, circle or area shapes. The definition and usage of the shapes is covered in [GeoSHAPE]. Civic locations can be exported using a Template containing a subTemplateList [RFC6313], where each element of the list corresponds to a Template. 6.1. Geospatial Point Location Template The point shape is the simplest form of a geospatial location, which SHOULD be used when there is no known uncertainty. The following Template is defined for exporting a 2D geospatial point location: FESTOR, et al. Expires July 18, 2014 [Page 8] INTERNET DRAFT IPFIX Metering Process Location January 14, 2014 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Set ID = 2 | Length = 28 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Template ID = 300 | Field Count = 2 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | locationMethod = 408 | Field Length = 1 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | locationTime = 409 | Field Length = 4 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | geospatialLocationCRSCode=401 | Field Length = 2 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | geospatialLocationLat = 402 | Field Length = 8 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | geospatialLocationLng = 403 | Field Length = 8 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 1: Template for exporting a 2D point-based geospatial location For illustration, the following presents an example Data Record to export a 2D geospatial point location: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Set ID = 300 | Length = 28 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | locMethod = 3 | locationTime = 1234555555 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... octet 4 |geospatialLocationCRSCode=4326 |geospatial ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... LocationLat = 48.690855 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... octet 6 - 8 |geospatial ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | LocationLng = 6.172851 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... octet 6 - 8 | Padding (opt) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 2: Data Record of a geospatial 2D point location 6.2. Geospatial Circle Location Template The circle Template is suitable for exporting the location of a flow observed within a circle shape where its center is represented using a geospatial point position and its radius represents the FESTOR, et al. Expires July 18, 2014 [Page 9] INTERNET DRAFT IPFIX Metering Process Location January 14, 2014 uncertainty. Template Record for Geospatial Circle (ID = 301) | locationMethod(408)[1] | locationTime(409)[4] | geospatialLocationCRSCode(401)[2] | geospatialLocationRadius(405)[4] | geospatialLocationLat(402)[8] | geospatialLocationLng(403)[8] Figure 3: Template for exporting a circle-based geospatial location The following presents an example of a Data Record carrying a circle- based geospatial location: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Set ID = 301 | Length = 32 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | locMethod = 3 | locationTime = 1234555555 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... octet 4 |geospatialLocationCRSCode=4326 | geospatial ...| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... LocationRadius = 850.24 | geospatial ...| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... LocationPosLat = | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 42.5463 | geospatial ...| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... LocationLng = | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | -73.2512 | Padding (opt) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 4: Data Record of a circle-based geospatial location 6.3. Geospatial List Template The list locations Template is suitable for exporting a variable- length list of different geospatial point positions of a single flow. For example, it could be used to export the start and the end locations of a flow. The template relies on a subTemplateList data type to export the list of geospatial point-based positions. This template requires [RFC6313] compliant Exporting and Collecting Processes. Figure 5 depicts an example of such a subTemplate for exporting each element of the list. FESTOR, et al. Expires July 18, 2014 [Page 10] INTERNET DRAFT IPFIX Metering Process Location January 14, 2014 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Set ID = 2 | Length = 20 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Template ID = 302 | Field Count = 2 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | locationTime = 409 | Field Length = 4 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | geospatialLocationLat = 402 | Field Length = 8 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | geospatialLocationLng = 403 | Field Length = 8 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 5: Template for exporting a geospatial 2D point-based position Template Record for Geospatial List (ID = 303) | locationMethod(408)[1] | geospatialLocationCRSCode(401)[2] +-subTemplateList(292)[0XFFFF] +-Geospatial 2D Point position Template Record(302)[16] Figure 6: Template for exporting a geospatial list of locations The following presents an example Data Record carrying a list of two geospatial point positions. Each point-based position is defined as an element of a subTemplateList Information Element with semantic "allOf". FESTOR, et al. Expires July 18, 2014 [Page 11] INTERNET DRAFT IPFIX Metering Process Location January 14, 2014 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Set ID = 303 | Length = 53 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | locMethod = 3 |geospatialLocationCRSCode=4326 | 255 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Geospatial Point List length=43 |semantic=allOf| Template ID = | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... 302 | locationTime = ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |... 1234555555 | geospatialLocationLat1 = ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 43.311 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... octet 8 | geospatialLocationPostLng1 = ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | -73.422 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... octet 8 | locationTime = ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |... 1234555555 | geospatialLocationLat2 = | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 43.111 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... octet 8 | geospatialLocationtLng2 = | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | -73.322 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... octet 8 | +-+-+-+-+-+-+-+-+ Figure 7: Data Record of a geospatial list of point-based locations FESTOR, et al. Expires July 18, 2014 [Page 12] INTERNET DRAFT IPFIX Metering Process Location January 14, 2014 6.4. Civic Location Template A civic-based location Data Record consists of a tuple of (civicLocationType, civicLocationValue) Information Elements. Each tuple is defined as an element of a subTemplateList Information Element with semantic "allOf". This template requires [RFC6313] compliant Exporting and Collecting Processes. Template Record for Civic location (ID = 304) | locationMethod(408)[1] | locationTime(409)[4] +-subTemplateList (292)[0xFFFF] +-Civic element Template Record (ID = 305) | civiLocationType(406)[1] | civicLocationValue(407)[v] Figure 8: Template for exporting a civic location The "Civic element" Template Record, as shown in Figure 8, MUST be defined for each tuple. For the purpose of illustration, we consider exporting the civic location "Inria Nancy-Grand Est, Building B, Office 123" obtained through DHCP. Using the Template described in Figure 8, the resulting Data Record is as follows: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Set ID = 304 | Length = 62 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | locMethod = 3 | locationTime = 1234555555 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... octet 4 | 255 |Civic elements list length = 50| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | semantic=allOf| Civic element TemplateID = 305| CivicType=21 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 21 | CivicValue = Inria Nancy-Grand | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Est ... | CivicType=25 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 10 | CivicValue = Building | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | B ... | CivicType=28 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 10 | CivicValue = Office | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 123 ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ FESTOR, et al. Expires July 18, 2014 [Page 13] INTERNET DRAFT IPFIX Metering Process Location January 14, 2014 Figure 9: Data Record of a civic location Note that the values of the civiLocationType are defined in [RFC4776]. 6.5. Compound Location Template A compound location is used to describe a location, represented by a composite of both civic and geospatial information. An example situation is a two-dimensional geospatial 2D point position (latitude, longitude) describing a location of a building, and a civic element representing the floor in that building. A subTemplateMultiList [RFC6313] SHOULD be used to export a Template for both geospatial and civic information. To represent the above example, the following Template is defined: Template Record for Compound Location (ID = 306) | locationTime(409)[4] +-subTemplateMultiList(293)[0XFFFF] +-Geospatial Template Record (ID = 307) | locationMethod(408)[1] | geospatialLocationCRSCode(401)[2] | geospatialLocationLat(402)[8] | geospatialLocationLng(403)[8] +-Civic location Template Record (ID = 308) | locationMethod(408)[1] | civicLocationType(406)[1] | civicLocationValue(407)[v] Figure 10: Template for exporting a compound location A data Record encoded using the Template shown in Figure 11 is represented as follows: FESTOR, et al. Expires July 18, 2014 [Page 14] INTERNET DRAFT IPFIX Metering Process Location January 14, 2014 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Set ID = 311 | Length = 64 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | locationTime = 12345555555555 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 255 | Attributes List Length = 53 | semantic=allOf| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Template ID = 312 | Geospatial Attr Length = 19 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | locMethod = 3 |geospatialLocationCRSCode=4326 |geospatial ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... LocationLat1 = | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | -34.407 |geospatial ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... LocationLng1 = | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 150.8883 | Template ID = | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... 313 | Civic location Attr length=25 | locMethod=3 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | CivicType = 21| 21 | CivicValue = Inria ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Nancy-Grand Grand Est ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 11: Data Record of a compound location 7. Security Considerations The use of location information on the Internet has been discussed in "GeoPriv Requirements" [RFC3693], while the threats facing Internet protocols that carry location information are detailed in [RFC3694]. Support for Flow Record anonymization, as expressed in [RFC6235], is strongly recommended, since the dissemination of Flow Records including location information raises greater privacy issues than the dissemination of regular Flow Records. The applicability and analysis of these security requirements for the IPFIX protocol - especially in the case where location information is conveyed - is however outside of the scope of this document. This document only specifies the new IPFIX Information Elements for exporting location information. Otherwise, the same security considerations as those defined for the IPFIX protocol and the IPFIX information model apply. FESTOR, et al. Expires July 18, 2014 [Page 15] INTERNET DRAFT IPFIX Metering Process Location January 14, 2014 8. IANA Considerations This document specifies several new IPFIX Information Elements and types that need to be registered with IANA. 8.1. locationMethod Sub-Registry The values of the location methods are enumerated within an IANA registry [RFC4119]. However, integer identifiers for these methods need to be registered with IANA as described below. +--------+--------------+----------------------------------------+ | Number | Method | Description | +--------+--------------+----------------------------------------+ |0 | GPS | Global Positioning System | |1 | A-GPS | GPS with assistance | |2 | Manual | Entered manually by a user | |3 | DHCP | Provided by DHCP [RFC5985] | |4 | Triangulation| Triangulated from time-of-arrival, | | | | signal strength or similar measurement | |5 | Cell | Location of the cellular radio antenna | |6 | 802.11 | IEEE 802.11 access point location | +--------+--------------+----------------------------------------+ 9. Acknowledgements The authors were partly funded by FLAMINGO, a Network of Excellence project (ICT-318488) supported by the European Commission under its Seventh Framework Programme, and the EIT ICT Labs activity "Smart Networks at the Edge". 10. References 10.1. Normative References [GeoShape] Thomson, M. and C. Reed, "GML 3.1.1 PIDF-LO Shape Application Schema for use by the Internet Engineering Task Force (IETF)", Candidate OpenGIS Implementation Specification 06-142r1, Version: 1.0, April 2007. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC6313] Claise, B., Dhandapani, G., Aitken, P., and S. Yates, "Export of Structured Data in IP Flow Information Export (IPFIX)", RFC 6313, July 2011. FESTOR, et al. Expires July 18, 2014 [Page 16] INTERNET DRAFT IPFIX Metering Process Location January 14, 2014 [RFC7011] Claise, B., Ed., Trammell, B., Ed., and P. Aitken, "Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of Flow Information", STD 77, RFC 7011, September 2013. [RFC5470] Sadasivan, G., Brownlee, N., Claise, B., and J. Quittek, "Architecture for IP Flow Information Export", RFC 5470, March 2009. [RFC4776] Schulzrinne, H., "Dynamic Host Configuration Protocol (DHCPv4 and DHCPv6) Option for Civic Addresses Configuration Information", RFC 4776, November 2006. [RFC6225] Polk, J., Linsner, M., Thomson, M., and B. Aboba, Ed., "Dynamic Host Configuration Protocol Options for Coordinate-Based Location Configuration Information", RFC 6225, July 2011. [RFC5139] Thomson, M. and J. Winterbottom, "Revised Civic Location Format for Presence Information Data Format Location Object (PIDF-LO)", RFC 5139, February 2008. [RFC5491] Winterbottom, J., Thomson, M., and H. Tschofenig, "GEOPRIV Presence Information Data Format Location Object (PIDF-LO) Usage Clarification, Considerations, and Recommendations", RFC 5491, March 2009. [RFC3693] Cuellar, J., Morris, J., Mulligan, D., Peterson, J., and J. Polk, "Geopriv Requirements", RFC 3693, February 2004. [RFC6235] Boschi, E. and B. Trammell, "IP Flow Anonymization Support", RFC 6235, May 2011. 10.2. Informative References [NFDUMP] Haag, P., "NFDUMP", http://nfdump.sourceforge.net, May 2013. [NFSEN] Haag, P., "NfSen", http://nfsen.sourceforge.net, January 2012. [SURFMAP] Hofstede, R., Fioreze, T., "SURFmap: A Network Monitoring Tool Based on the Google Maps API", Proceedings of the IFIP/IEEE International Symposium on Integrated Network Management, 2009, June 2009. [OGP] Oil and Gas Producers Association, "EPSG Geodetic FESTOR, et al. Expires July 18, 2014 [Page 17] INTERNET DRAFT IPFIX Metering Process Location January 14, 2014 Parameter Registry", http://www.epsg-registry.org, August 2011. [RFC5513] Farrel, A., "IANA Considerations for Three Letter Acronyms", RFC 5513, April 1 2009. Appendix A. Example Implementation This appendix is intended to show an example application that relies on the set of IPFIX Information Elements described in this document. This application, named SURFmap, is a network monitoring tool based on the Google Maps API and uses Flow data to visualize network Flows on a map [SURFMAP]. By default, geolocation databases are used for retrieving the (estimated) physical location associated to an IP address. The Information Elements described in this document, however, will allow SURFmap to use the absolute location information exported for Flows. SURFmap has been developed in the past as a plugin to NfSen [NFSEN]. NfSen provides a Web-frontend to nfdump [NFDUMP], which is a set of tools for flow data collection and processing, among others. To support collection and processing of Flow Records containing any of the new Information Elements (e.g. by SURFmap), an extension to nfdump has been developed. The following presents a set of Flow Records that have been exported by a mobile Flow Exporter. Several fields, such as destination IP address and port number, location timestamp and location method have been left out for the sake of space. It is clear that the mobile device has moved while exporting Flow Records, as the latitude and longitude coordinates have changed over time. Start time Src IP Addr:Port Pkts Bytes Latitude Longtitude 20:19:21.852 173.194.40.113:443 9 2730 48.690855 6.172851 20:21:42.307 91.202.200.229:80 13 9137 48.690855 6.172851 20:21:42.307 10.21.20.232:59521 15 1547 48.690855 6.172851 20:22:38.084 73.194.40.113:80 8 1799 48.690855 6.172851 20:22:38.084 10.21.20.232:34056 9 877 48.690855 6.172851 21:17:13.498 173.194.45.80:443 12 2830 48.713145 6.17526 21:17:13.498 10.21.20.232:49233 15 2301 48.713145 6.17526 21:17:16.919 10.21.20.232:15572 1 72 48.744506 6.154815 21:17:16.919 172.20.2.39:53 1 257 48.744506 6.15481 FESTOR, et al. Expires July 18, 2014 [Page 18] INTERNET DRAFT IPFIX Metering Process Location January 14, 2014 Authors' Addresses Olivier Festor Inria 615 rue du Jardin Botanique 54600 Villers-les-Nancy France Phone: +33 3 83 59 30 66 Email: Olivier.Festor@inria.fr Abdelkader Lahmadi Universite de Lorraine - LORIA 615 rue du Jardin Botanique 54600 Villers-les-Nancy France Phone: +33 3 83 59 30 00 Email: Abdelkader.Lahmadi@loria.fr Rick Hofstede University of Twente P.O. Box 217 7500 AE Enschede The Netherlands Phone: +31 53 489 2013 Email: r.j.hofstede@utwente.nl Aiko Pras University of Twente P.O. Box 217 7500 AE Enschede The Netherlands Phone: +31 53 489 3778 Email: a.pras@utwente.nl FESTOR, et al. Expires July 18, 2014 [Page 19]