Packet level accounting in IP routers?

12 Apr 88 11:01 EDT

This is a multifaceted question, and I am asking "What do vendors have", "what
do vendors think of doing this", "what is going on with protocol standards in
this area, if anything", and "what philosophy of approach, design, policy,
etc., should apply", with regard to the following issue:

In the not too distant future, there will be a direct cost associated with
usage of MILNET, charged on a per-packet basis. There is some perception that
the same will be true of the operational Defense Research Internet, though I
know of no official statements to this effect. Whatever the case, the relevant
point is that there will apparently be a specific charge which will become part
of the cost base for contract pricing on certain common types of contracts.
Those of you who are familiar with the arcana of government contracting will
appreciate that these figures are auditable by various authorities, a fact
which has a large number of serious implications.

Some people here see it as a problem that the use of a LAN and gateway to
MILNET (or any net with similar charging algorithm) would result in a cost to
the sponsor which, from the government side, cannot be allocated to specific
projects, because the charging information will be generated on a per-port
basis. This is bad because a significant number of projects nowadays, and
especially in the pipeline, are generating connectivity and data communication
requirements of this type. Thus there is a concern that if the traditional
management approach (more or less dictated by audit considerations) is
employed, it might be necessary to have one physical interconnection for each
contract. I trust it is not necessary to explain in complete detail why this
is bad. A large defense contractor (like this one) might end up having to have
tens or hundreds or thousands of interconnections. Remember that there is also
to be a per-port charge, not to mention all the RFS, TSR, NCR, NCD, etc.,
paperwork that would have to be done.

On the other hand, shared gateways are much cheaper. But at present it is not
evident that there is a way of allocating cost for shared gateways which would
be satisfactory to the government auditors. The port used by the gateway would
have to be paid for by one service component, including charges attributable to
other programs which might be contracted with other components, or may be
subject to different allowable pricing and cost recovery rules.

The perceived bottom line here is that there is an implicit requirement for
packet-level accounting of IP traffic, and ultimately ISO IP traffic likewise,
through such a multiple-use interface. It isn't obvious to me how this can be
solved completely right without protocol alterations, probably at the IP level
- an accounting code IP option. But I think that is politically infeasible.
The existing protocols can be left intact if the accounting is done on the
basis of source and destination IP addresses, and I think this may be an
adequate solution. However, this still requires some protocol development, as
well as implementation work.

I imagine such an accounting scheme working in the following manner. The IP
router servicing the government network interconnection would extract
source/destination (depending on direction) IP addresses and keep packet counts
and perhaps other counts tabulated on this basis. At some interval it
transmits these values to some configuration determined place or places where a
long-term accounting database is maintained. This transmission would be
formatted according to some protocol yet to be specified. The target host of
the transmission runs some server software which receives these transmissions
and stores them in an accounting database, from which reports are developed as

So, many questions suggest themselves: Is anyone already doing this? Is any
vendor already selling IP gateways that provide such functionality, using this
or any other design? Is any vendor willing to volunteer to implement some
simple scheme of this sort? Is my design concept valid? Does anyone have a
better one? Has anyone ever developed or published suitable protocols in the
TCP/IP framework for communicating the accounting data? ISO CLNS/GOSIP? Has
anyone gone through this issue with DCAA, local DCAS people, or other such
authorities, and what did they say? (etc.)

All sorts of relevant comments are solicited.

Bill Barns / McDonnell Douglas / Internet: WWB.MDC@OFFICE-1.ARPA

This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:41:55 GMT