Mike K. wrote:
> Hi all,
> I work for a network management and reporting company that
> specializes in NetFlow collection and analysis. We have found that a
> majority of commercial vendors of firewalls and upper OSI network gear
> are now in the process of developing IPFIX logging mechanisms. I am a
> big fan of SQUID and I would love to see it implemented here as well.
> It seems to me that it would be good for the project if anyone was
> interested in implementing IPFIX logging in squid. This is a
> completely open standard that was derived from Cisco's Netflow v9. It
> might even be fairly straightforward to add this on using LIBIPFIX.
> http://sourceforge.net/projects/libipfix .
>
> My company is not in a position to develop IPFIX support in squid, but
> we can be a resource to make sure that it is being implemented
> properly. I guess I wanted to throw this out there to see if anyone is
> interested in this feature.
>
> Thanks,
> Mikek
Hi Mikek,
After a very brief look at what IPFIX is I fail to see how it would be
of much use having in Squid. It appears to me to be a Layer-4
measurement protocol, with Squid being layer-7.
At this point the only information I can imagine Squid adding to the
IPFIX data is what inbound client TCP/UDP flow triggered a particular
outgoing TCP/UDP flow. That is only possible after the Squid comm layer
is restructured.
The future SMP support may bring other details about internal machine
process flows, but that seems not to be entirely IPFIX relevant.
Did you have any existing ideas on what information Squid could provide
over IPFIX?
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.4Received on Fri Jun 11 2010 - 03:40:58 MDT
This archive was generated by hypermail 2.2.0 : Fri Jun 11 2010 - 12:00:06 MDT