Re: [Dime] AD Evaluation of draft-ietf-dime-doic-rate-control-10

Ben Campbell <ben@nostrum.com> Tue, 29 January 2019 21:34 UTC

Return-Path: <ben@nostrum.com>
X-Original-To: dime@ietfa.amsl.com
Delivered-To: dime@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB0A8130FFE for <dime@ietfa.amsl.com>; Tue, 29 Jan 2019 13:34:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.979
X-Spam-Level:
X-Spam-Status: No, score=-1.979 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nostrum.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1ZVdyzNPde1f for <dime@ietfa.amsl.com>; Tue, 29 Jan 2019 13:34:20 -0800 (PST)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5E7C2130ED7 for <dime@ietf.org>; Tue, 29 Jan 2019 13:34:20 -0800 (PST)
Received: from [10.0.1.29] (cpe-70-122-203-106.tx.res.rr.com [70.122.203.106]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id x0TLYH3T086228 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Tue, 29 Jan 2019 15:34:19 -0600 (CST) (envelope-from ben@nostrum.com)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nostrum.com; s=default; t=1548797659; bh=RKbC8MLYbnQZ6tIa5r4AXM1Tdk/ckgXthugJ6E8QZGw=; h=From:Subject:Date:In-Reply-To:Cc:To:References; b=SNU8gkHtPWv4nd5AjPRhgPHy2Rd0NdBaY9oOFqsoRxmyDPALFxiMa/aKXbkj9ShjA yugLo6tSZ2U1vqN9yGdC9BN5HjL/xwvNs7JYRM4nlNnG1Glcxxh7oBPPllk9R+14Yw 8z6FM61HJQwgdkobVIxbZK7HfA3wLyS141Ms92gc=
X-Authentication-Warning: raven.nostrum.com: Host cpe-70-122-203-106.tx.res.rr.com [70.122.203.106] claimed to be [10.0.1.29]
From: Ben Campbell <ben@nostrum.com>
Message-Id: <D2068683-4627-4947-B74E-D08D46E268E9@nostrum.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_080FCC15-A8F5-4BEF-A6FC-904F2D4F7832"; protocol="application/pgp-signature"; micalg=pgp-sha512
Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\))
Date: Tue, 29 Jan 2019 15:34:15 -0600
In-Reply-To: <f2dba5b9-0576-6370-1c43-4c28e52e92a5@usdonovans.com>
Cc: dime@ietf.org
To: Steve Donovan <srdonovan@usdonovans.com>
References: <C154637A-9E52-456B-9D33-50762A4525DF@nostrum.com> <f2dba5b9-0576-6370-1c43-4c28e52e92a5@usdonovans.com>
X-Mailer: Apple Mail (2.3445.102.3)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dime/056GNjvnTzFixQJxDOQGPpTBonc>
Subject: Re: [Dime] AD Evaluation of draft-ietf-dime-doic-rate-control-10
X-BeenThere: dime@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Diameter Maintanence and Extentions Working Group <dime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dime>, <mailto:dime-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dime/>
List-Post: <mailto:dime@ietf.org>
List-Help: <mailto:dime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Jan 2019 21:34:23 -0000

That all looks good, thanks!

Ben.

> On Jan 24, 2019, at 5:07 PM, Steve Donovan <srdonovan@usdonovans.com> wrote:
> 
> Ben,
> 
> I've updated the document based on our comments.  See more below.
> 
> Steve
> 
> On 12/21/18 5:06 PM, Ben Campbell wrote:
>> Hi,
>> 
>> This is my AD evaluation for draft-ietf-dime-doic-rate-control-10. I previously reviewed version 8, however since some time has passed I reviewed this version “from scratch”.
>> 
>> In general the draft is in good shape. I think it’s ready for IETF Last Call, which I will request shortly. Please note the last call window will be extended due to the upcoming holidays.
>> 
>> I have a few minor comments that can be resolved along with any last call feedback.
>> 
>> Thanks!
>> 
>> Ben.
>> 
>> -------------------------------------
>> 
>> §4, paragraphs 2 and 3: Am I correct to assume that, as new DOIC algorithms get added, nodes could support both of these and something else? If so, then in paragraph 2 I suggest s/ “ support both the loss and rate based abatement algorithms”/ "support at least the loss and rate based abatement algorithms”
> SRD> No, only loss is required to be supported.  The statement is that, because loss is always required, supporting rate implies supporting loss and rate.  I don't think a change is required here.
>> 
>> ..... and in paragraph 3, I suggest adding something to the effect of “... and MAY indicate support for others.”
> SRD> I agree this is a good change.
>> 
>> (nit) §5.5, 2nd paragraph: "It is also possible for the reporting node to send overload
>> reports with the rate algorithm indicated when the reporting node
>> is not in an overloaded state.”
>> 
>> I suggest s/ “indicated when” / “indicated even when”
> SRD> Okay.
>> 
>> (nit) §5.6, first paragraph: The algorithm is detailed in 7.3.
> 
>> 
>> §7.3.1: "To apply abatement treatment to new Diameter requests at the rate
>> specified in the OC-Maximum-Rate AVP value sent by the reporting node
>> to its reacting nodes, the reacting node MAY use the proposed default
>> algorithm for rate-based control or any other equivalent algorithm
>> that forward messages in conformance with the upper bound of 1/T
>> messages per second.”
>> 
>> This is redundant to similar normative text in §5.6. I suggest keeping just one (probably this one since it’s more precise) and use descriptive language for the other.
> SRD> Okay, I changed 5.6 to the following:
> 
>    When determining if abatement treatment should be applied to a
>    request being sent to a reporting node that has selected the rate
>    overload abatement algorithm, the reacting node can choose to
>    use the algorithm detailed in Section 7.
>> 
>> 
>> §9: Do the authors think that the rate algorithm might be more effective at DoS mitigation than the loss algorithm? If so, that might be worth a mention in the security considerations.
> SRD> Good suggestion.  I've added the following paragraph to the security section:
> 
>    In addition, the rate algorithm could be used to handle DoS attacks more effectively than the loss algorithm.
>> 
>> 
>> 
>> 
>> _______________________________________________
>> DiME mailing list
>> DiME@ietf.org <mailto:DiME@ietf.org>
>> https://www.ietf.org/mailman/listinfo/dime <https://www.ietf.org/mailman/listinfo/dime>
> 
> _______________________________________________
> DiME mailing list
> DiME@ietf.org
> https://www.ietf.org/mailman/listinfo/dime