Network Working Group F. Dressler Internet-Draft University of Erlangen Expires: January 21, 2006 A. Fessi G. Carle University of Tuebingen J. Quittek NEC C. Kappler H. Tschofenig Siemens AG July 20, 2005 NSLP for Metering Configuration Signaling Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on January 21, 2006. Copyright Notice Copyright (C) The Internet Society (2005). Abstract Monitoring, metering and accounting of packets are increasingly Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 1] Internet-Draft Metering NSLP July 2005 important functionality that needs to be provided in the Internet. This document proposes the definition of a new NSIS Signaling Layer Protocol (NSLP), named Metering NSLP, which allows the dynamic configuration of Metering Entities on the data path. An accompanying document [I-D.fessi-nsis-m-nslp-framework] makes a problem statement, describes scenarios where such a path-coupled configuration of Metering Entities would be useful, elaborates requirements and discusses the applicability of NSIS to the problem. This document suggests a Metering NSIS protocol design, defines Metering NSLP messages, outlines protocol operation and discusses commonalities and differences to other NSLPs. Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 2] Internet-Draft Metering NSLP July 2005 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 3. Basic Protocol Design . . . . . . . . . . . . . . . . . . . . 7 3.1 Model of operation . . . . . . . . . . . . . . . . . . . . 7 3.2 Protocol overview . . . . . . . . . . . . . . . . . . . . 9 3.2.1 Metering NSLP Message types . . . . . . . . . . . . . 9 3.3 Design Decisions . . . . . . . . . . . . . . . . . . . . . 11 3.3.1 Soft State . . . . . . . . . . . . . . . . . . . . . . 11 3.3.2 Message Sequencing . . . . . . . . . . . . . . . . . . 11 3.3.3 Message Scoping . . . . . . . . . . . . . . . . . . . 11 3.3.4 Rerouting . . . . . . . . . . . . . . . . . . . . . . 11 3.3.5 Selection of MNEs . . . . . . . . . . . . . . . . . . 12 3.3.6 Refreshing Sessions . . . . . . . . . . . . . . . . . 12 3.3.7 Aggregation . . . . . . . . . . . . . . . . . . . . . 13 4. Metering NSLP Functional Specification . . . . . . . . . . . . 13 4.1 Metering NSLP Message Structure . . . . . . . . . . . . . 13 4.1.1 CONFIGURE . . . . . . . . . . . . . . . . . . . . . . 13 4.1.2 REFRESH . . . . . . . . . . . . . . . . . . . . . . . 14 4.1.3 RESPONSE . . . . . . . . . . . . . . . . . . . . . . . 14 4.1.4 NOTIFY . . . . . . . . . . . . . . . . . . . . . . . . 14 4.2 Metering NSLP Objects . . . . . . . . . . . . . . . . . . 14 4.2.1 Message Sequence Number (MSN) . . . . . . . . . . . . 14 4.2.2 MNE_Selection Object . . . . . . . . . . . . . . . . . 14 4.2.3 MNE_Counter Object . . . . . . . . . . . . . . . . . . 15 4.2.4 Status_List Object . . . . . . . . . . . . . . . . . . 15 4.2.5 Session Lifetime Object . . . . . . . . . . . . . . . 15 4.2.6 MSPEC Objects . . . . . . . . . . . . . . . . . . . . 16 4.3 General Processing Rules . . . . . . . . . . . . . . . . . 19 4.3.1 State Manipulation . . . . . . . . . . . . . . . . . . 19 4.3.2 Message Forwarding . . . . . . . . . . . . . . . . . . 19 4.3.3 Standard Message Processing Rules . . . . . . . . . . 20 4.3.4 Message Processing Rules . . . . . . . . . . . . . . . 20 4.4 Session State Machine . . . . . . . . . . . . . . . . . . 22 5. Examples of Operation . . . . . . . . . . . . . . . . . . . . 24 6. Mapping onto M-NSLP Requirements . . . . . . . . . . . . . . . 25 7. Security considerations . . . . . . . . . . . . . . . . . . . 26 8. Open Issues . . . . . . . . . . . . . . . . . . . . . . . . . 28 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 29 Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 3] Internet-Draft Metering NSLP July 2005 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 29 10.1 Normative References . . . . . . . . . . . . . . . . . . . 29 10.2 Informative References . . . . . . . . . . . . . . . . . . 29 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 31 Intellectual Property and Copyright Statements . . . . . . . . 33 Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 4] Internet-Draft Metering NSLP July 2005 1. Introduction Monitoring, metering and accounting of packets is an important functionality in many networks today. Several working groups have described mechanisms to collect and report usage data for resource consumption in a network by a particular entity. For example, the IPFIX WG defines a protocol to collect such data. The PSAMP WG defines a standard to sample subsets of packets by statistical and other methods. RADIUS (see [RFC2865] and [RFC2866]) and DIAMETER (see [RFC3588] and [I-D.ietf-aaa-diameter-cc]) are also protocols which provide information about consumed resources. The Meter MIB [RFC2720] is a MIB for collecting flow information. However, it is also necessary to configure and coordinate the entities performing the metering. RADIUS, DIAMETER and SNMP are candidates for this configuration. Nevertheless, these protocols require some knowledge about the location of the appropriate Metering Entities to configure them. In more complex network topologies and architectures the appropriate entities to meter a given data flow can be discovered dynamically using path-coupled signaling. If more than one Metering Entity is required, all of them can potentially be configured and coordinated with a single message along the path. Scenarios and requirements for Metering NSLP are described in [I-D.fessi-nsis-m-nslp-framework]. This draft introduces the Metering NSLP for configuration and coordination of Metering Entities in a path-coupled fashion. 2. Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. Furthermore, this document uses the following terms: Metering Record A Metering Record describes flow characteristics for a particular flow. Examples for such data are packet counter, time information. Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 5] Internet-Draft Metering NSLP July 2005 Monitoring Probe A Monitoring Probe is an entity that examines the data flow in order to gather Metering Records. These Metering Records are exported to a Collector. Metering Entity A Metering Entity is a node that is equiped with one or more Monitoring Probes. A Metering Entity MAY host other functions as in Figure 1 below, such as Metering Manager, M-NSLP Processing, etc. Note however, that the Collector is typically not co-located with the Metering Entity and an other protocol (e.g. IPFIX) is needed to report the Metering Records to the Collector. Collector A Collector receives Metering Records from one or multiple Metering Entities. These Metering Records can be aggregated and/or correlated by the Collector. Metering Configuration State State used/kept by the Metering Manager to configure the Monitoring Probe. Metering Manager A unit co-located with the Monitoring Probe that communicates with M-NSLP processing. It holds Metering Configuration State which is used to configure the Monitoring Probe. MNE An NSIS Entity (NE) which supports the Metering NSLP. MNI The first node in the sequence of MNEs that issues a configuration message for a flow or aggregate. MNR The last node in the sequence of MNEs that receives a configuration message for a flow or aggregate. Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 6] Internet-Draft Metering NSLP July 2005 MNF A MNE that is neither MNI nor MNR. 3. Basic Protocol Design The design for the Metering NSLP and the processing of M-NSLP messages is similar to QoS NSLP. The main difference compared to the QoS NSLP is that only a subset (in some cases even only one) of the Metering Entities in the signaling path will take part of the actual Metering. This fact has several consequences on the signaling itself and therefore on the protocol design. 3.1 Model of operation Figure 1 shows an example logical model of the operation of Metering NSLP and the associated metering mechanism in a MNE. Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 7] Internet-Draft Metering NSLP July 2005 to the Collector ^ +---------------+ * | Local | * | Management | * +---------------+ * ^ * V * +----------+ +----------+ +---------+ * | M-NSLP | | Metering | | Policy | * |Processing|<<<<>>>>>|Management|<<>>| Control | * +----------+ +----------+ +---------+ * . ^ | V * | ^ . V * | V . V * | V . V * +----------+ V Metering Records * | GIMPS | V ***************** |Processing| V * +----------+ V * | | +-------------------+ . . | | +----------+ +-----------+ | Monitoring | <-.-| Input | | Outgoing |-.-| Probe |-.-.-.-> | Packet | | Interface | | | ===>|Processing|====| |===| |=======> +----------+ +-----------+ +-------------------+ <.-.-> = signaling flow =====> = data flow (sender --> receiver) <<<>>> = control and configuration operations *****> = Measurement resp. Metering Records Figure 1: Metering-NSLP in Metering Entity The Monitoring Probe collects measurement data and processes them into Metering Records. These Metering Records can be sent to the Collector. The Monitoring Probe is co-located with the Input Packet Processing and the Outgoing Interface. A M-NSLP message called CONFIGURE transports: a. appropriate information to determine which MNEs on the path need to take part of the metering b. metering configuration information The M-NSLP processing decides based on a. if the current MNE is addressed by this configuring message. If yes, the metering configuration information is extracted from the M-NSLP message and Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 8] Internet-Draft Metering NSLP July 2005 passed to the Metering Manager, where it is interpreted and used to install Metering Configuration State. The Metering Manager uses this state to configure the Monitoring Probe. The Policy Control determines whether the sender of the M-NSLP message is authorized to configure the Monitoring Probe. From the perspective of a single node, the request for configuration of Metering Entities may result from processing a local management request, or from processing an incoming M-NSLP message. The local management may in turn be triggered by a local application, e.g. a video being requested from a video server, or by a physically separate knowledgeable network node. 3.2 Protocol overview 3.2.1 Metering NSLP Message types The Metering NSLP messages are classified into 3 categories: o request messages o response messages o asynchronous notifications 3.2.1.1 Request Messages CONFIGURE CONFIGURE is a request message. It is used to create Metering Configuration State in a Metering Entity. The CONFIGURE message is idempotent; the resultant effect on the Metering Configuration State and on the M-NSLP state is the same whether a message is received once or many times. REFRESH The REFRESH message is a request message that is used for 2 reasons: * First, to extend the lifetime of an existing M-NSLP session if required. * Second, REFRESH messages are used to inspect if the MNEs that are involved in the metering process are still taking part of it. This might not be the case, for example, if a re-routing event has happened and one of the involved MNEs in not on the path anymore. * Third, for terminating a session. Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 9] Internet-Draft Metering NSLP July 2005 3.2.1.2 Response Messages RESPONSE The RESPONSE message is used to provide information about the result of a previous M-NSLP message. This includes explicit confirmation of the state manipulation signaled in the CONFIGURE message, the response to a REFRESH message or an error code if a MNE is unable to provide the requested information or if the response is negative. The RESPONSE message is idempotent; the resultant effect on the Metering Configuration State and on the M-NSLP state is the same whether a message is received once or many times. 3.2.1.3 Asynchronous Notifications NOTIFY The NOTIFY message is used to convey information to a MNE. It differs from RESPONSE messages in that it is sent asynchronously and need not refer to any particular state or previously received message. The information conveyed by a NOTIFY message is typically related to error conditions. An example would be notification to an upstream peer about state being torn down. Each Metering NSLP message has a common header which indicates the message type and contains flags. The parameters carried in each of the Metering NSLP messages are defined in Section 4.1. Message Processing Rules are defined in Section 4.3.4. Metering NSLP messages contain three types of objects: Control Information Control information objects carry general information for the M-NSLP Processing, such as sequence numbers and whether the MNE should actually take part of the Metering. Metering specification (MSPEC) MSPEC objects describe the actual Configuration information. They are interpreted in the Metering Manager and SHOULD be opaque to M-NSLP Processing. Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 10] Internet-Draft Metering NSLP July 2005 Policy objects Policy objects contain data used to authenticate M-NSLP messages and authorize the configuration of the MNEs. They are interpreted by Policy Control. Detailed information about the Metering NSLP objects can be found in Section 4.2. 3.3 Design Decisions 3.3.1 Soft State NSIS State is always soft state and needs to be refreshed. The Control Information carries an object that determines the life time of M-NSLP state. The MNI suggests a lifetime for the session that it is being signaled for. Each MNE participating in the metering process may or may not accept the suggested lifetime or may start the metering with a reduced lifetime, depending on the local policies of the MNEs. This behavior is very similar to to the calculation of Session Lifetime in NATFW-NSLP [I-D.ietf-nsis-nslp-natfw]. 3.3.2 Message Sequencing The order in which CONFIGURE messages arrive influences the eventual configuration state that will be stored at a MNE. Therefore M-NSLP supports the detection of CONFIGURE message duplication and re- ordering using a Message Sequence Number (MSN). 3.3.3 Message Scoping In order to realize the requirement of scoping of M-NSLP messages up to a certain types of Metering Entities, it is necessary to have an abstract language that can characterize Metering Entity types. When a M-NSLP processing recognizes that the Metering Entity is of the type specified, it terminates the signaling. The MNE acts as a Signaling Responder. 3.3.4 Rerouting M-NSLP automatically adapts to rerouting events because state along the old path times out, and a new CONFIGURE message with the same SESSION_ID will install state along the new path. For M-NSLP it is generally not important to quickly tear down configuration state along the old path, however for some Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 11] Internet-Draft Metering NSLP July 2005 applications, e.g. accounting, it is vital to quickly configure MNEs on the new path. 3.3.5 Selection of MNEs An interesting feature of the Metering NSLP is that only a subset of MNEs on the data path might take part in the actual metering. Metering Entities taking part in the metering process are determined based, for example, on their type, number or position on the path. This feature is the most striking difference to the QoS NSLP with a number of implications. When the first CONFIGURE message is sent, each MNE on the data path needs to determine whether it should take part in the metering process or not. For this reason, we need the object MNE_Selection in the CONFIGURE message. When the MNE finds out it is not involved in the metering, it does not need to install, neither Metering Configuration State, nor M-NSLP state. (For clarification, see here Section 4.3.1 where the different state information that an MNE needs to store is illustrated). 3.3.6 Refreshing Sessions Refreshing M-NSLP sessions is required for several reasons. o First, to extend the lifetime of an existing M-NSLP session if required. o Second, by refreshing M-NSLP sessions, it can be inspected if the MNEs that are involved in the metering process are still metering. This might not be the case, for example, if a re-routing event has happened and one of the involved MNEs in not on the path anymore. To realize the latter requirement, we introduce the Metering NSLP message REFRESH, which differs from the CONFIGURE message. After a REFRESH message travels all the way from the MNI to the MNR, the MNR responds with a RESPONSE message where MNEs can write their current status. Each MNE that is involved in the metering process marks an appropriate field reserved for it in the RESPONSE message to say "METERING". For this reason we use the Status_List object in the Metering NSLP that is used by the RESPONSE message. MNEs that are not taking part of the metering process have not installed any M-NSLP state for this session and are agnostic about it. These MNEs will just forward the REFRESH/RESPONSE message towards the MNR/MNI. Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 12] Internet-Draft Metering NSLP July 2005 When the RESPONSE message arrives at the MNI, the MNI verifies if the previously selected MNEs are still involved. If not, the MNI can re- initiates the signaling with a CONFIGURE message with the same SESSION_ID and the same Correlation-ID (if there is one Correlation-ID in the MSPEC objects). 3.3.7 Aggregation The metering configuration should allow aggregation of Metering Records belonging to the same user or application. The information required for the aggregation must be specified in the MSPEC. Such aggregation can be done in two ways. o A Monitoring Probe separately collects and reports data for each micro flow (e.g., given for all different combinations of port numbers) contained in the macro flow that is signaled by the NTLP. o A Monitoring Probe separately collects micro flows but reports all flows in a single record. 4. Metering NSLP Functional Specification 4.1 Metering NSLP Message Structure As in other NSLPs, Metering NSLP messages consists of a common header, followed by a body consisting of a variable number of variable-length, typed "objects". The common header and other objects are encapsulated together in a GIMPS NSLP-Data object. The following subsections define the objects carried in each of the Metering NSLP messages. 4.1.1 CONFIGURE The CONFIGURE message carries the following objects: o SESSION_ID: A large identifier provided by GIMPS or set locally. o Message Sequence Number (MSN) o MNE_Selection: this object is required to determine which MNEs will actually take part of the metering. o MNE_Counter: this parameter is used to count how many MNEs on the path are participating in the metering process. Each MNE that is participating in the metering process increments this parameter by one. o MSPEC: the MSPEC objects determine the actual configuration. The MSPEC SHOULD be opaque to the Metering NSLP. o Session Lifetime: this object gives the requested lifetime for a M-NSLP session. Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 13] Internet-Draft Metering NSLP July 2005 4.1.2 REFRESH The REFRESH message carries the following objects: o SESSION_ID: this parameter refers to the same SESSION_ID given in the initial CONFIGURE message in the Metering NSLP session. o Message Sequence Number (MSN) o MNE_Counter: this parameter is used to count how many MNEs on the path are participating in the metering process. Each MNE that is participating in the metering process increments this parameter by one. o Session Lifetime: this object gives the requested lifetime to extend the M-NSLP session. 4.1.3 RESPONSE The RESPONSE message carries the following objects: o Message Sequence Number (MSN): the MNR MUST send the same MSN as in the corresponding M-NSLP request message in order to match a RESPONSE to the appropriate request message. o MNE_Selection: in some scenarios the actual MNEs that will take part of the metering are not determined until the RESPONSE message arrives. For this reason, the parameter MNE_Selection might be required. o Status_List: This object contains one field of the size of one byte for each MNE participating in the metering process. Each participating MNE can store its status in the appropriate field reserved for it. The size of Status_List can be interpreted from the value of MNE_Counter. The status can be, for example, "METERING", "NO DATA" or "OVERLOADED". o ERROR_CODE: this object is required if the configuration can not be achieved successfully. 4.1.4 NOTIFY A NOTIFY message MUST contain an ERROR_SPEC object indicating the reason for the notification. 4.2 Metering NSLP Objects 4.2.1 Message Sequence Number (MSN) As mentioned above, the Message Sequence Number is used to detect duplicate Metering NSLP messages. 4.2.2 MNE_Selection Object As mentioned above, this parameter is required to determine which MNEs will actually take part of the metering. The value of the Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 14] Internet-Draft Metering NSLP July 2005 MNE_Selection parameter can be one of the following: o FIRST: the first MNE in the signaling path, i.e. the NI. o LAST: the last MNE signaling in the signaling path, i.e. the NR o 'FIRST and LAST': both the NI and the NR take part of the signaling. o ANY: one MNE should be arbitrarily chosen to perform the metering. o ALL: Each MNE capable of executing this metering request MUST perform it. "ALL" must be interpreted here as "as many as possible". here o Function_X: for this case, an abstract language to characterize the type of MNE is required. Using this abstract language, the M-NSLP can evaluate if the MNE is of type "Fucntion_X" without knowing what actually "Function_X" is. Note also, that the abstract language can be, for example, proprietary. For more background information on why such an abstract language is required, please refer to Section "Accounting Scenario, Required Parameters" in [I-D.fessi-nsis-m-nslp-framework]. 4.2.3 MNE_Counter Object This parameter is used to count how many MNEs on the path are participating in the metering process. Each MNE that is participating in the metering process increments this parameter by one. When a request message (CONFIGURE or REFRESH) arrives at the MNR, the object MNE_Counter will contain the number of the MNEs participating in the metering process along the signaling path. 4.2.4 Status_List Object This object is used for the RESPONSE message where each of the involved MNEs in the metering process has one field where it can store its current status. The Status_List consists of one field of the size of one byte for each MNE participating in the metering process. The status can be, for example, "METERING", "NO DATA" or "OVERLOADED". The size of the Status_List object is determined by the MNR based on the object MNE_Counter. 4.2.5 Session Lifetime Object This object gives the requested lifetime for a M-NSLP session in Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 15] Internet-Draft Metering NSLP July 2005 seconds. When a M-NSLP session expires, the Metering Manager MUST configure the Monitoring Probe to stop the Metering. The corresponding Metering Configuration State is delete. A value of zero for this object leads to immediate termination of the corresponding session. 4.2.6 MSPEC Objects The MSPEC objects describe the actual Configuration information. They are interpreted in the Metering Manager and SHOULD be opaque to M-NSLP Processing. The MSPEC objects MUST be extensible. The order of objects is not defined, meaning that objects may occur in any sequence. Currently, we define the MSPEC as follow: = 4.2.6.1 The Object restricts the set of considered flows for the metering. The MSPEC MUST support a value for that is different from the flow information kept at GIMPS. In particular, the value does not need to be an IP 5-tuple. However, it could be, for example, a 5-tuple where one or more fields are wild-carded. For example, it MUST be possible to count all TCP SYN packets or all ICMP packets going to a given destination IP address. 4.2.6.2 The Object This parameter is represented as a set of flags that determines which information needs to be metered. = o : This field is set to 1 when the number of packets in the metered flow must be accounted. o : This flag is set to 1 when the number of octets in the metered flow must be accounted. Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 16] Internet-Draft Metering NSLP July 2005 o : This field is set to 1 when a timestamp at the arrival of the first packet in this flow must be recorded. o : This field is set to 1 when a timestamp at the arrival of the last packet in this flow must be recorded. 4.2.6.3 The Object As described in [I-D.fessi-nsis-m-nslp-framework], the Correlation-ID is an ID that identifies the measurement. Reported Metering Records from different MNEs can be correlated by the Collector using this ID. The Correlation-ID MUST be unique for a specific measurement. It MIGHT be generated by the NI or the NI MIGHT receive the Correlation-ID from an external entity which communicates with the NI using different means outside the scope of this document. The parameter is not mandatory. If a Correlation-Id is provided in the MSPEC objects, it will be provided to the Collector in the Metering Records. Otherwise, the Metering Records will not contains a Correlation-ID. 4.2.6.4 The Object This parameter specifies where the Metering Records need to be sent to. The parameter is not mandatory since the Collector might be preconfigured in the MNE. If no Collector is preconfigured in the MNE, the MNE SHOULD respond with an error message 'No Collector specified' (Error messages have not been investigated for the Metering NSLP yet). 4.2.6.5 The Object If no packets are observed for the specified amount of time interval, the flow is considered as expired and it is reported. The parameter is not mandatory, since it MIGHT be preconfigured in the MNE. 4.2.6.6 The Object This parameter indicates the maximum time to wait for more data until an exported data set is sent. Long living flows are reported regularly in interval no longer than specified by this parameter. When the flow is reported, all counters and time stamp values are reset. Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 17] Internet-Draft Metering NSLP July 2005 The parameter is not mandatory since it might be preconfigured in the MNE. 4.2.6.7 The Object The object can take one of the following values: o Select all o Systematic count-based o Systematic time-based o Rand n out of N o Uniform Probabilistic Sampling o Non-Uniform Probabilistic Sampling o Flow State Sampling o Match Filtering o Hash Filtering o Router State Filtering The sampling algorithms themselves will not be illustrated in this document and can be inherited from the corresponding documents from the PSAMP Working Group. ([I-D.ietf-psamp-sample-tech] [I-D.ietf- psamp-info] and [I-D.ietf-psamp-mib]) 4.2.6.8 The Object Depending on the sampling algorithm, eventually some parameters are required for the algorithm. Those can be specified here. 4.2.6.9 The Hash Function This parameter gives a function H which is applied to the packets before they are exported in the Metering Records. H might be a hash function, a function that extracts some parts of the packets header and/or the payload or the Identity function (i.e. the complete packet is reported). Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 18] Internet-Draft Metering NSLP July 2005 4.3 General Processing Rules 4.3.1 State Manipulation The state that needs to be stored at a MNE for a M-NSLP session can be of different types: o NTLP state o M-NSLP state o Metering Configuration State As mentioned in Section 2, Metering Configuration State is the state used/kept by the Metering Manager to configure the Monitoring Probe. This consists of the parameters specified in the MSPEC section (Section 4.2.6). One of the attractive properties of the Metering NSLP is that MNEs that are not taking part of the metering do not need to install any M-NSLP state. Nor do they need to install Metering Configuration State. However, MNEs that are not taking part of the metering process still need to store NTLP state in order to avoid GIMPS re- discovering them each time when it refreshes its routing state. For more details on how GIMPS refreshes its routing state, please see [I-D.ietf-nsis-ntlp]. 4.3.2 Message Forwarding M-NSLP request messages (CONFIGURE or REFRESH) are initiated by the MNI and forwarded downstream (i.e. in the same direction as the data flow) using GIMPS. When a MNE receives a request message, the message is forwarded downstream to the next MNE, except in 2 cases: o the CONFIGURE message has reached the MNR. o the involved MNEs in the configuration have been reached. The latter case can be for example: o if the SCOPING flag is set and the CONFIGURE message has reached the end of the scope of the signaling. o if MNE_Selection is 'ANY' and an appropriate MNE has been already found. o if MNE_Selection is FIRST. (in this case, only the MNI is involved in the signaling) Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 19] Internet-Draft Metering NSLP July 2005 In these cases, there is no need to forward the M-NSLP message further. M-NSLP response messages are forwarded upstream along the data path towards the MNI. M-NSLP asynchronous notifications can be sent upstream or downstream depending on the reason for the notification. 4.3.3 Standard Message Processing Rules If a mandatory object is missing from a message then the receiving MNE MUST NOT propagate the message any further. It MUST construct an RESPONSE message indicating the error condition and send it back to towards the MNI. If a message contains an object of an unrecognized type, then the behavior depends on the object type value. 4.3.4 Message Processing Rules 4.3.4.1 The CONFIGURE Message When a MNE receives a CONFIGURE message, it performs the following steps: o The MNE checks the message format. In case of malformed messages, the MNE sends a RESPONSE message with the appropriate ERROR_SPEC. o Before performing any state changing actions, the MNE MUST determine whether the sender of the request is authorized to perform this configuration action. o After the CONFIGURE message is authorized, the MNE needs to figure out if it will take part of the metering or not based on the MNE_Selection object: * If (MNE_Selection = FIRST) or (MNE_Selection = LAST) or (MNE_Selection = 'FIRST and LAST'), the MNE figures out if one these contraints equates to true. If yes, the MSPEC is extracted from the CONFIGURE message and passed to the Metering Manager as shown in Figure 1. * If (MNE_Selection = ALL) the MSPEC is extracted from the CONFIGURE message and passed to the Metering Manager. * If MNE_Selection = 'ANY', the MNE verifies first if MNE_Counter is equal to one. This means, it verifies, if there has been already one MNE on the path that is willing to take this task. If MNE_Counter is zero, the MNE verifies based on its current status (number of existing measurements, current load, etc) if it is able to perform the metering request. If yes, the MSPEC is extracted from the CONFIGURE message and passed to the Metering Manager. Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 20] Internet-Draft Metering NSLP July 2005 o If the evaluation of MNE_Selection results in to not taking part of the metering, then the MNE does not store any Metering Configuration State. Now, the MNE decides whether to forward the CONFIGURE message. This decision is taken based on Section 4.3.2 o If the evaluation of MNE_Selection results in to taking part of the metering and the MSPEC is passed to the Metering Manager, the Metering Manager verifies if the Monitoring Probe is able to perform the metering based on the information in the MSPEC parameters, for example, if the requested export protocol is supported, and if the sampling algorithm is supported, etc. o If the Metering Manager categorizes the metering request as feasible, it stores the Metering Configuration State and informs the M-NSLP processing. Note however that the configuration is not activated, i.e. the Monitoring does not start the metering, until the MNE receives the matching RESPONSE. Now, the MNE increments the parameter MNE_Counter by one to signal that it is taking part of the metering. Afterwards, the MNE needs to decide whether to forward the CONFIGURE message or not. Again here, this decision can be taken based on Section 4.3.2. o If the evaluation of MNE_Selection results in to taking part of the metering, but the Metering Manager categorizes the metering request as NOT feasible, then: * If (MNE_Selection = FIRST) or (MNE_Selection = LAST) or (MNE_Selection = 'FIRST and LAST') and the MNE is indeed the first or the last MNE on the signaling path, then the MNE constructs a RESPONSE message with the appropriate ERROR_SPEC and sends it back towards the MNI. Otherwise, the MNE forwards the message to the next MNE. * If (MNE_Selection = ANY) and the message has reached the MNR, i.e. no appropriate MNE has been found on the path, then the MNE (which is in this case the MNR) constructs a RESPONSE message with the appropriate ERROR_SPEC and sends it back towards the MNI. Otherwise, the MNE forwards the message to the next MNE. * If (MNE_Selection = ALL), since "ALL" must be understood here as "as many as possible", the MNE does not need to generate a RESPONSE message with an ERROR_SPEC. It just needs to forward the message to the next MNE. 4.3.4.2 The REFRESH Message Processing REFRESH messages is simple: o If the SESSION_ID is known, the MNE verifies based on its local policies if the requested lifetime is allowed. If not, the MNE adapts the time interval to its local policies. Now, the MNE increments the parameter MNE_Counter by one to signal that it is still taking part of the metering. Afterwards, the MNE decides whether to forward the REFRESH message to the next MNE on the Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 21] Internet-Draft Metering NSLP July 2005 path. This decision can be taken based on Section 4.3.2. Note here, that the lifetime of the M-NSLP session is not extended until the corresponding RESPONSE message arrives. Also note that a lifetime of zero lead to immediate termination of the session when the corresponding RESPONSE message arrives. o If the SESSION_ID is unknown, i.e. the MNE has not stored any M-NSLP state for this session, the message is just forwarded to the next MNE on the path. 4.3.4.3 The RESPONSE Message If a RESPONSE message is a negative response with an ERRPR_SPEC object, the MNE just forwards the message towards the MNI. When the MNI receives this message it has to take the appropriate action based on the content of the ERROR_SPEC object. If the RESPONSE message is a positive RESONSE, the processing of the message depends on the type of the corresponding M-NSLP request message (CONFIGURE or REFRESH). However, in both cases, the RESPONSE message contains the object Status_List where the MNEs that are involved in the metering process can report their status. This status can be, for example, "METERING", "NO DATA" or "OVERLOADED". Processing RESPONSE messages is described in several parts of this documents. However, it still needs to be described more clearly in this section in future versions. 4.3.4.4 The NOTIFY Message tbd. 4.4 Session State Machine The state machine of a M-NSLP session has three main states: 'session closed': At this state, the MNE does not keep any state of the session. 'pending': At this state a CONFIGURE message has been received, the MNE has been successfully configured (i.e. authentication and authorization succeeded, the evaluation of MNE_Selection and the evaluation of the MSPEC objects by the Metering Manager were positive, etc.) however the configuration has not been activated yet, i.e. metering function has been started. Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 22] Internet-Draft Metering NSLP July 2005 'metering': At this state the MNE is metering according to a metering configuration received by a CONFIGURE message. All of these states have sub-states, but the basic M-NSLP operation per session is described on the level of these three states. A session is identified by SESSION_ID. All sessions start in state 'session closed'. Transitions between states are caused by events: CONF: This transition is triggered by a CONFIGURE message that identifies the session and that is received and processed successfully by the MNE. REFR: This transition is triggered by a REFRESH message that identifies an existing session in state 'pending' or 'metering'. RESP-M: This transition is triggered by a RESPONSE message that is sent by the MNE in order to indicate that a metering configuration sent by a CONFIGURE message of the same session has become active at the MNE. This transaction always leads to state 'metering'. RESP-N: This transition is triggered by a RESPONSE message that is sent by the MNE in order to indicate that a metering configuration sent by a CONFIGURE message of the same session has not become active at the MNE. This transaction always leads to state 'session closed'. T-OUT: This transition is triggered by a time out of a session in state 'pending' or 'metering'. This transaction always leads to state 'session closed'. Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 23] Internet-Draft Metering NSLP July 2005 REFR +----+ | v +----------+ | session | | closed |<-------------+ +----------+ | | ^ | CONF | | RESP-N | RESP-N v | T-OUT | T-OUT +----------+ +----------+ | pending | RESP-M | metering | | |-------->| | +----------+ +----------+ CONF | ^ CONF | ^ REFR | | REFR | | +----+ RESP-M +----+ 5. Examples of Operation The basic signaling sequences are similar to QoS NSLP: To start a configuration, the MNI constructs a CONFIGURE message with the required MSPEC objects, and sends it to the MNR. The message is interpreted by MNEs on the data path. The MNR replies with a RESPONSE message. +---+ CONFIGURE +---+ CONFIGURE +---+ CONFIGURE +---+ | |------------>| |------------>| |------------>| | |MNI| |MNF| |MNF| |MNR| | |<------------| |<------------| |<------------| | +---+ RESPONSE +---+ RESPONSE +---+ RESPONSE +---+ Similarly, a REFRESH message can be initiated by MNI, travels to the MNR where a RESPONSE is issued and sent back. +---+ REFRESH +---+ REFRESH +---+ REFRESH +---+ | |------------>| |------------>| |------------>| | |MNI| |MNF| |MNF| |MNR| | |<------------| |<------------| |<------------| | +---+ RESPONSE +---+ RESPONSE +---+ RESPONSE +---+ More detailed examples of operation will be depicted in future versions of this document. Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 24] Internet-Draft Metering NSLP July 2005 6. Mapping onto M-NSLP Requirements With the design described above, the requirements from [I-D.fessi- nsis-m-nslp-framework] are at this point satisfied as follows: Extensibility: The actual configuration information is encapsulated in the MSPEC. The MSPEC is designed such as it is interpreted by the Metering Manager and can be opaque to the M-NSLP processing. Furthermore, the MSPEC can be easily extended. Therefore, from the point of view of the configuration information, this requirement is fulfilled. Note however, that the Metering NSLP in its current design might show some lack of extensibility. For example, considering the selection of the MNEs, it might be useful for future application of the Metering NSLP to have the option "ANY N", where N is greater than one. Interoperability: Again, whether different metering solutions can interwork depends on how the MSPEC is designed. In QoS NSLP, the QSpec template design [I-D.ietf-nsis-qspec] aims at similar extensibility and interoperability. It needs to be studied whether or not the solutions chosen by the QSpec can also be applied to the MSPEC. Flexible metering models: As above, this is an issue of MSPEC design. Distinguishing flows The aggregation feature detailed in this requirement can be realized as described in Section 3.3.7. Flexible data collection: Another issue that can be fixed in the MSPEC. Location of Metering Entities: MNEs, including MNI and MNR can be located anywhere on the data path. Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 25] Internet-Draft Metering NSLP July 2005 Access parameters of the Collector Information: Access parameters of the Collector Information on how to deliver flow records to the Collector is coded in the MSPEC. Configuration of Metering Entities: The protocol can configure Metering Entities that are MNEs, or that are controlled by MNEs. Selection of Metering Entities: As described in Section 3.3.5, a MNE should be able to decide to pull out of the metering process. This is realized by the MNE_Selection object. Metering Configuration State installation and removal: By means of the CONFIGURE message, the protocol can install and remove Metering Configuration State. Initiation and maintenance of metering tasks: Triggers and correlation identifier are transported in the MSPEC. Reaction to Route Changes: The protocol detects route changes by a REFRESH or a refreshing CONFIGURE message and installs state along the new route, as described in Section 3.3.4. Scoping of configuration: The M-NSLP needs to provide sufficient means for flexible scoping signaling messages. Requirements not mentioned in this list are not yet addressed. 7. Security considerations The process of configuring entities to start and stop metering and to transmit collected resource records to a third party introduces security challenges. o First, the application domain (e.g., usage of the metering NSLP for configuration entities related to accounting and charging) needs to be considered. For example, if a user is capable of stop metering of a requested services then fraud is possible. Furthermore, it must not be possible to configure metering Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 26] Internet-Draft Metering NSLP July 2005 entities in such a way that other users are charged for the usage of a service, which they have not used. o Second, interworking between multiple domains causes authorization problems. For example, network domain A might want to collect resource records in network domain B to offer the user with a more consistent bill covering both the price of the network resource consumption and the application usage. A high degree of trust is required to allow other domains to configure metering entities and to collect the resource usage of particular users. In any case it needs to be prevented that arbitrary resource records associated with users are collected by other domains. It has to be noted that the process of charging involves other states than only the collection of usage records. o Third, it must be avoided that a denial of service attack is mounted on either Collectors or Monitoring Probes. Monitoring Probes can be subject to DoS attacks if a large number of resource have to be collected or 'unlimited' per-flow states are created. Collectors can be subject to DoS attacks if they are flooded with metering records. The above considerations raise the main question whether the meetering NSLP can be used outside a single administrative domain. Ideally, it should have a broader applicability but security, privacy and other operational concerns might limit its applicability for multiple domain traversal (and also end-to-end signaling). In the broader sense the following aspects might require an answer: o The introduced mechanisms allow a number of entities to configure metering entities. This might introduce some weaknesses compared to a centralized approach where a single entity (or a few selected entities) are authorized to perform this action. Authorizing the decentralized configuration of nodes is more difficult to secure. Any node can initiate signaling message. Hence, a single malicious entity within the network is able to start/stop/modify the process of collecting metering records within a single domain or even beyond this domain. o Why would one domain allow (or disallow) the configuration/ reconfiguration of nodes triggered by another domain? o Would a network operator allow an end user to collect information about flows within the network? o Would it be reasonable to allow a user to collect information about a flow that he created but not for other flows? o Is it reasonable to assume that nodes along the path are configured to send collected data to an arbitrary IP address? o Would it be reasonable to place some restrictions on the entity that are supposed to receive this information (i.e., the Collector)? Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 27] Internet-Draft Metering NSLP July 2005 o Is a check needed to ensure that the Collector actually wants to receive this information or even asked to collect it?. Some denial of service attacks (via amplification) are possible if data can be sent to an arbitrary IP address. The adversary needs to send a single metering NSLP message in order to flood a victim with potentially a huge amount of data over a certain period of time. o Would a network operator want to reveal sensitive information? Some of the information might have a relevance for the operator's business? o The collection of metering data about individual flows is a potentially privacy sensitive task. Who owns, in legal terms, the collected data (e.g., the user who initiated the flow, the owner of the Monitoring Probe? Does ownership imply other rights (e.g., the right to dissemination)? Is it necessary to consider privacy policies? Is it necessary to constrain the distribution of the collected data in some way (e.g. based on user privacy policies)? o Do certain terms and conditions, to which the metering site(s), and the user have to agree, apply? o Is it necessary to protect the confidentiality of the metered data? If so, against disclosure to whom? Answers to a few of these questions will help to develop an authorization/trust model. 8. Open Issues The protocol in its current design allows to select, except the case "FIRST and LAST", either only one MNE or all the MNEs on the path for the metering process. Based on the current scenarios elaborated in [I-D.fessi-nsis-m-nslp-framework], this is sufficient. However, the option to have, for example, "ANY N", where N is greater than one, might be useful in future applications of the Metering NSLP. In some cases, the Collector needs to distinguish between the Metering Records received from the different MNEs in order to correlate them. For example, if MNE_Selection is "FIRST and LAST", the Collector needs to know, which data come from the first and resp. the last MNE on the signaling path. Also, in the case where MNE_Selection is "ALL", the Collector needs to know the position of the MNEs that are sending the Metering Records on the path in order to correlate them correctly, (for example to calculate the hop-by-hop delay). This information needs to be transferred to the Collector in the Metering Records using an other protocol. However, the M-NSLP might also need to provide mechanisms to coordinate this. Each MNE need to know its position on the path, i.e. how many MNEs exists between it and the MNI. Moreover, if not all the IP hops on the path do support the Metering NSLP, it will be useful for the Collector to know how far Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 28] Internet-Draft Metering NSLP July 2005 each pair of adjacent MNEs are from each other. Based on the current analysis of the security issues of the Metering NSLP discussed in Section 7, an authentication and authorization scheme for the Metering NSLP needs to be elaborated. The policy objects carried in Metering NSLP messages need to be specified. Additional open issues appear in the main body of the text. 9. Acknowledgements The authors would like to thank Robert Hancock, Martin Stiemerling and Andreas Klenk for their valuable input. 10. References 10.1 Normative References [I-D.ietf-nsis-ntlp] Schulzrinne, H. and R. Hancock, "GIMPS: General Internet Messaging Protocol for Signaling", draft-ietf-nsis-ntlp-06 (work in progress), May 2005. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax Specifications: ABNF", RFC 2234, November 1997. 10.2 Informative References [RFC2720] Brownlee, N., "Traffic Flow Measurement: Meter MIB", RFC 2720, October 1999. [RFC2865] Rigney, C., Willens, S., Rubens, A., and W. Simpson, "Remote Authentication Dial In User Service (RADIUS)", RFC 2865, June 2000. [RFC2866] Rigney, C., "RADIUS Accounting", RFC 2866, June 2000. [RFC3588] Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and J. Arkko, "Diameter Base Protocol", RFC 3588, September 2003. [I-D.ietf-ipfix-protocol] Claise, B., "IPFIX Protocol Specification", draft-ietf-ipfix-protocol-17 (work in progress), July 2005. Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 29] Internet-Draft Metering NSLP July 2005 [I-D.ietf-ipfix-info] Quittek, J., "Information Model for IP Flow Information Export", draft-ietf-ipfix-info-09 (work in progress), July 2005. [I-D.ietf-psamp-sample-tech] Zseby, T., "Sampling and Filtering Techniques for IP Packet Selection", draft-ietf-psamp-sample-tech-07 (work in progress), July 2005. [I-D.ietf-psamp-mib] Dietz, T., "Definitions of Managed Objects for Packet Sampling", draft-ietf-psamp-mib-04 (work in progress), February 2005. [I-D.ietf-psamp-info] Dietz, T., "Information Model for Packet Sampling Exports", draft-ietf-psamp-info-02 (work in progress), July 2004. [RFC3917] Quittek, J., Zseby, T., Claise, B., and S. Zander, "Requirements for IP Flow Information Export (IPFIX)", RFC 3917, October 2004. [I-D.ietf-nsis-qos-nslp] Bosch, S., Karagiannis, G., and A. McDonald, "NSLP for Quality-of-Service signaling", draft-ietf-nsis-qos-nslp-06 (work in progress), February 2005. [I-D.ietf-nsis-fw] Hancock, R., "Next Steps in Signaling: Framework", draft-ietf-nsis-fw-07 (work in progress), December 2004. [I-D.ietf-nsis-nslp-natfw] Stiemerling, M., "NAT/Firewall NSIS Signaling Layer Protocol (NSLP)", draft-ietf-nsis-nslp-natfw-06 (work in progress), May 2005. [I-D.ietf-nsis-qspec] Ash, J., "QoS-NSLP QSPEC Template", draft-ietf-nsis-qspec-05 (work in progress), July 2005. [I-D.fessi-nsis-m-nslp-framework] Fessi, A., "Framework for Metering NSLP", draft-fessi-nsis-m-nslp-framework-00 (work in progress), February 2005. [I-D.ietf-aaa-diameter-cc] Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 30] Internet-Draft Metering NSLP July 2005 Mattila, L., Koskinen, J., Stura, M., Loughney, J., and H. Hakala, "Diameter Credit-control Application", draft-ietf-aaa-diameter-cc-06 (work in progress), August 2004. [3GPP.32.240] 3GPP, "Telecommunication management; Charging management; Charging architecture and principles", 3GPP TS 32.240 6.0.0, September 2004. Authors' Addresses Falko Dressler University of Erlangen Department of Computer Science 7 Martensstr. 3 Erlangen 91058 Germany Phone: +49 9131 85-27914 Email: dressler@informatik.uni-erlangen.de URI: http://www7.informatik.uni-erlangen.de/ Ali Fessi University of Tuebingen Wilhelm-Schickard-Institute for Computer Science Auf der Morgenstelle 10C Tuebingen 71076 Germany Phone: +49 7071 29-70534 Email: fessi@informatik.uni-tuebingen.de URI: http://net.informatik.uni-tuebingen.de/ Georg Carle University of Tuebingen Wilhelm-Schickard-Institute for Computer Science Auf der Morgenstelle 10C Tuebingen 71076 Germany Phone: +49 7071 29-70505 Email: carle@informatik.uni-tuebingen.de URI: http://net.informatik.uni-tuebingen.de/ Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 31] Internet-Draft Metering NSLP July 2005 Juergen Quittek NEC Kurfuersten-Anlage 36 Heidelberg 69115 Germany Phone: +49 6221 90511-15 Email: quittek@netlab.nec.de URI: http://www.netlab.nec.de/ Cornelia Kappler Siemens AG Siemensdamm 62 Berlin 13627 Germany Phone: +49 30 386-32894 Email: cornelia.kappler@siemens.com Hannes Tschofenig Siemens AG Otto-Hahn-Ring 6 Munich, Bayern 81739 Germany Email: Hannes.Tschofenig@siemens.com Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 32] Internet-Draft Metering NSLP July 2005 Intellectual Property Statement The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Disclaimer of Validity This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Copyright Statement Copyright (C) The Internet Society (2005). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. Acknowledgment Funding for the RFC Editor function is currently provided by the Internet Society. Dressler, et al. draft-dressler-nsis-metering-nslp-02.txt [Page 33]