<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<br>
<br>
<div class="moz-cite-prefix">On 11/06/15 00:28, Mark Newton wrote:<br>
</div>
<blockquote
cite="mid:D7511558-DCBD-4C43-8357-CA8AC18D094C@atdot.dotat.org"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
On Jun 10, 2015, at 9:28 AM, Joseph Goldman <<a
moz-do-not-send="true" href="mailto:joe@apcs.com.au" class="">joe@apcs.com.au</a>>
wrote:<br class="">
<div>
<blockquote type="cite" class=""><br
class="Apple-interchange-newline">
<div class="">
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type" class="">
<div bgcolor="#FFFFFF" text="#000000" class=""> I wonder how
much realistically that $131.3 mill will be split and
provided - but ultimately it looks like for the most part,
Netflow data married with IP history to a subscriber will
cover the broad strokes. </div>
</div>
</blockquote>
<div><br class="">
</div>
<div>Why would you gather netflow data?</div>
</div>
</blockquote>
That post was early on when there was still some back and forward
about interpretation on if we had to also retain DST-IP for
communications - mixed with the session terminology I interpreted
(likely incorrectly - but still some argument about it it seems due
to vague terms) that we would need to log each session for data from
src-ip to dst-ip through our network - RADIUS wouldn't offer this
level of information where netflow would, but if it is determined by
the special interest group or whoever gets some clear clarifications
from AGD/CAC that its not needed then I'm more than happy to just
keep RADIUS (as we do anyway)<br>
<blockquote
cite="mid:D7511558-DCBD-4C43-8357-CA8AC18D094C@atdot.dotat.org"
type="cite">
<div><br>
<div>If you’re retaining my netflow data, you’re retaining
information about things I’m communicating with which are
outside AGD’s specified data set. I’m going to get pretty
upset and annoyed about that unlawful snooping, and I’ll
wonder how insane an ISP would have to be to want to get
involved in that level of detail.</div>
</div>
</blockquote>
Well - in a way I already am keeping a lot of netflow data for our
customers. Not 2 years worth, no, but I still retain a fair bit to
look at trends of data movement by interface,AS,protocol etc that
simple SNMP can't give. I'd hazard a guess that most ISP's are the
same. A lot of ISP's actually do accounting from Netflow data rather
than RADIUS accounting from my understanding, so you can offer
things such as traffic to particular AS or via particular interface
(Peering for example) to not count towards quota or to count
differently towards customers quota. (Think the old FREE PIPE DATA
days, and some ISP's not counting netflix traffic).<br>
<blockquote
cite="mid:D7511558-DCBD-4C43-8357-CA8AC18D094C@atdot.dotat.org"
type="cite">
<div>
<div><br class="">
</div>
<div><i class="">You people need to get legal advice. </i>If
geeks are making decision about which data gets retained,
you’re comprehensively stuffing this up.</div>
<div><br class="">
</div>
<div>Get it together, you people. You’ve already squibbed on the
campaign against it, and now you’re paying the price. For
god’s sake, don’t squib the implementation too.</div>
</div>
</blockquote>
Its kind of lucky in a way, that they didn't say implement and be
done, they actually have to review and approve your implementation
plan, so those who do misinterpret and build out an incompatible
implementation should be picked up in that review process.
</body>
</html>