Re: [Dime] AD Evaluation of draft-ietf-dime-doic-rate-control-10

Steve Donovan <> Thu, 24 January 2019 23:07 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id E4A1E1311EA for <>; Thu, 24 Jan 2019 15:07:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.119
X-Spam-Status: No, score=-1.119 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_NEUTRAL=0.779, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id EPcsGDV7rOdP for <>; Thu, 24 Jan 2019 15:07:47 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id E64B91311DE for <>; Thu, 24 Jan 2019 15:07:46 -0800 (PST)
Received: from [] (port=54553 helo=SDmac.lan) by with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.91) (envelope-from <>) id 1gmo5p-00AMS5-Tq for; Thu, 24 Jan 2019 15:07:46 -0800
References: <>
From: Steve Donovan <>
Message-ID: <>
Date: Thu, 24 Jan 2019 17:07:28 -0600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: multipart/alternative; boundary="------------53CDD9873D6E2B6D6095021B"
X-OutGoing-Spam-Status: No, score=-0.5
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname -
X-AntiAbuse: Original Domain -
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain -
X-Get-Message-Sender-Via: authenticated_id:
Archived-At: <>
Subject: Re: [Dime] AD Evaluation of draft-ietf-dime-doic-rate-control-10
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Diameter Maintanence and Extentions Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 24 Jan 2019 23:07:49 -0000


I've updated the document based on our comments.  See more below.


On 12/21/18 5:06 PM, Ben Campbell wrote:
> Hi,
> This is my AD evaluation for draft-ietf-dime-doic-rate-control-10. I previously reviewed version 8, however since some time has passed I reviewed this version “from scratch”.
> In general the draft is in good shape. I think it’s ready for IETF Last Call, which I will request shortly. Please note the last call window will be extended due to the upcoming holidays.
> I have a few minor comments that can be resolved along with any last call feedback.
> Thanks!
> Ben.
> -------------------------------------
> §4, paragraphs 2 and 3: Am I correct to assume that, as new DOIC algorithms get added, nodes could support both of these and something else? If so, then in paragraph 2 I suggest s/ “ support both the loss and rate based abatement algorithms”/ "support at least the loss and rate based abatement algorithms”
SRD> No, only loss is required to be supported.  The statement is that,
because loss is always required, supporting rate implies supporting loss
and rate.  I don't think a change is required here.
> .... and in paragraph 3, I suggest adding something to the effect of “... and MAY indicate support for others.”
SRD> I agree this is a good change.
> (nit) §5.5, 2nd paragraph: "It is also possible for the reporting node to send overload
> reports with the rate algorithm indicated when the reporting node
> is not in an overloaded state.”
> I suggest s/ “indicated when” / “indicated even when”
SRD> Okay.
> (nit) §5.6, first paragraph: The algorithm is detailed in 7.3.

> §7.3.1: "To apply abatement treatment to new Diameter requests at the rate
> specified in the OC-Maximum-Rate AVP value sent by the reporting node
> to its reacting nodes, the reacting node MAY use the proposed default
> algorithm for rate-based control or any other equivalent algorithm
> that forward messages in conformance with the upper bound of 1/T
> messages per second.”
> This is redundant to similar normative text in §5.6. I suggest keeping just one (probably this one since it’s more precise) and use descriptive language for the other.
SRD> Okay, I changed 5.6 to the following:

   When determining if abatement treatment should be applied to a
   request being sent to a reporting node that has selected the rate
   overload abatement algorithm, the reacting node can choose to
   use the algorithm detailed in Section 7.
> §9: Do the authors think that the rate algorithm might be more effective at DoS mitigation than the loss algorithm? If so, that might be worth a mention in the security considerations.
SRD> Good suggestion.  I've added the following paragraph to the
security section:

   In addition, the rate algorithm could be used to handle DoS attacks
more effectively than the loss algorithm.
> _______________________________________________
> DiME mailing list