Path: utzoo!mnetor!uunet!lll-winken!lll-tis!ames!mailrus!tut.cis.ohio-state.edu!bloom-beacon!gatech!mcnc!decvax!ucbvax!OFFICE-1.ARPA!WWB.MDC From: WWB.MDC@OFFICE-1.ARPA (Bill Barns) Newsgroups: comp.protocols.tcp-ip Subject: Packet level accounting in IP routers? Message-ID: Date: 12 Apr 88 15:01:00 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 70 This is a multifaceted question, and I am asking "What do vendors have", "what do vendors think of doing this", "what is going on with protocol standards in this area, if anything", and "what philosophy of approach, design, policy, etc., should apply", with regard to the following issue: In the not too distant future, there will be a direct cost associated with usage of MILNET, charged on a per-packet basis. There is some perception that the same will be true of the operational Defense Research Internet, though I know of no official statements to this effect. Whatever the case, the relevant point is that there will apparently be a specific charge which will become part of the cost base for contract pricing on certain common types of contracts. Those of you who are familiar with the arcana of government contracting will appreciate that these figures are auditable by various authorities, a fact which has a large number of serious implications. Some people here see it as a problem that the use of a LAN and gateway to MILNET (or any net with similar charging algorithm) would result in a cost to the sponsor which, from the government side, cannot be allocated to specific projects, because the charging information will be generated on a per-port basis. This is bad because a significant number of projects nowadays, and especially in the pipeline, are generating connectivity and data communication requirements of this type. Thus there is a concern that if the traditional management approach (more or less dictated by audit considerations) is employed, it might be necessary to have one physical interconnection for each contract. I trust it is not necessary to explain in complete detail why this is bad. A large defense contractor (like this one) might end up having to have tens or hundreds or thousands of interconnections. Remember that there is also to be a per-port charge, not to mention all the RFS, TSR, NCR, NCD, etc., paperwork that would have to be done. On the other hand, shared gateways are much cheaper. But at present it is not evident that there is a way of allocating cost for shared gateways which would be satisfactory to the government auditors. The port used by the gateway would have to be paid for by one service component, including charges attributable to other programs which might be contracted with other components, or may be subject to different allowable pricing and cost recovery rules. The perceived bottom line here is that there is an implicit requirement for packet-level accounting of IP traffic, and ultimately ISO IP traffic likewise, through such a multiple-use interface. It isn't obvious to me how this can be solved completely right without protocol alterations, probably at the IP level - an accounting code IP option. But I think that is politically infeasible. The existing protocols can be left intact if the accounting is done on the basis of source and destination IP addresses, and I think this may be an adequate solution. However, this still requires some protocol development, as well as implementation work. I imagine such an accounting scheme working in the following manner. The IP router servicing the government network interconnection would extract source/destination (depending on direction) IP addresses and keep packet counts and perhaps other counts tabulated on this basis. At some interval it transmits these values to some configuration determined place or places where a long-term accounting database is maintained. This transmission would be formatted according to some protocol yet to be specified. The target host of the transmission runs some server software which receives these transmissions and stores them in an accounting database, from which reports are developed as needed. So, many questions suggest themselves: Is anyone already doing this? Is any vendor already selling IP gateways that provide such functionality, using this or any other design? Is any vendor willing to volunteer to implement some simple scheme of this sort? Is my design concept valid? Does anyone have a better one? Has anyone ever developed or published suitable protocols in the TCP/IP framework for communicating the accounting data? ISO CLNS/GOSIP? Has anyone gone through this issue with DCAA, local DCAS people, or other such authorities, and what did they say? (etc.) All sorts of relevant comments are solicited. Thanks, Bill Barns / McDonnell Douglas / Internet: WWB.MDC@OFFICE-1.ARPA