Re: [Dots] DOTS Telemetry: URI Path
<mohamed.boucadair@orange.com> Wed, 29 January 2020 14:48 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D2C612011A for <dots@ietfa.amsl.com>; Wed, 29 Jan 2020 06:48:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.597
X-Spam-Level:
X-Spam-Status: No, score=-2.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3yHD7mkUP7K7 for <dots@ietfa.amsl.com>; Wed, 29 Jan 2020 06:47:58 -0800 (PST)
Received: from relais-inet.orange.com (relais-inet.orange.com [80.12.66.41]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D11F0120088 for <dots@ietf.org>; Wed, 29 Jan 2020 06:47:57 -0800 (PST)
Received: from opfedar04.francetelecom.fr (unknown [xx.xx.xx.6]) by opfedar27.francetelecom.fr (ESMTP service) with ESMTP id 4875tz6kT5z2yDw; Wed, 29 Jan 2020 15:47:55 +0100 (CET)
Received: from Exchangemail-eme6.itn.ftgroup (unknown [xx.xx.13.48]) by opfedar04.francetelecom.fr (ESMTP service) with ESMTP id 4875tz5ZDVz1xq0; Wed, 29 Jan 2020 15:47:55 +0100 (CET)
Received: from OPEXCAUBMA2.corporate.adroot.infra.ftgroup ([fe80::e878:bd0:c89e:5b42]) by OPEXCAUBM32.corporate.adroot.infra.ftgroup ([::1]) with mapi id 14.03.0468.000; Wed, 29 Jan 2020 15:47:55 +0100
From: mohamed.boucadair@orange.com
To: "dots@ietf.org" <dots@ietf.org>, 'kaname nishizuka' <kaname@nttv6.jp>
Thread-Topic: DOTS Telemetry: URI Path
Thread-Index: AdXSA4rBzLMvgmnTQFWFKSY1yB+Z8QEqz0kQ
Date: Wed, 29 Jan 2020 14:47:54 +0000
Message-ID: <787AE7BB302AE849A7480A190F8B93303141357C@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
References: <787AE7BB302AE849A7480A190F8B93303140D0DC@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
In-Reply-To: <787AE7BB302AE849A7480A190F8B93303140D0DC@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.114.13.245]
Content-Type: multipart/alternative; boundary="_000_787AE7BB302AE849A7480A190F8B93303141357COPEXCAUBMA2corp_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/1FmPkC0H1kpkpa6CHVM8Rt6e3ck>
Subject: Re: [Dots] DOTS Telemetry: URI Path
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Jan 2020 14:48:01 -0000
Hi all, We are currently in the process of updating the draft. I'm afraid that we will finaly need to go with more operation path URIs. See inline for more details. Cheers, Med De : Dots [mailto:dots-bounces@ietf.org] De la part de mohamed.boucadair@orange.com Envoyé : jeudi 23 janvier 2020 16:41 À : dots@ietf.org; 'kaname nishizuka' Objet : [Dots] DOTS Telemetry: URI Path Hi all, In the current version of the telemetry draft, we are using '/telemetry' for telemetry-related operations. Kaname suggested to define three operation suffixes for that. I do think that two are sufficient as indicated below: +-------------------------+----------------+ | Operation | Operation Path | +-------------------------+----------------+ | Telemetry Setup | /tm-setup | +-------------------------+----------------+ | Telemetry | /tm | +-------------------------+----------------+ A dedicated uri (/tm-setup) will be used for telemetry setup operations (baseline, configuration): see the excerpt below: augment /ietf-signal:dots-signal/ietf-signal:message-type: +--:(telemetry-setup) {dots-telemetry}? | +--rw telemetry* [cuid tsid] | +--rw cuid string | +--rw cdid? string | +--rw tsid uint32 | +--rw telemetry-config | | +--rw low-percentile? percentile | | +--rw mid-percentile? percentile | | +--rw high-percentile? percentile | | +--rw unit-config* [unit] | | +--rw unit unit | | +--rw unit-status? Boolean ... | +--rw baseline | +--rw total-pipe-capability* [unit] | | +--rw unit unit | | +--rw pipe? uint64 | +--rw total-traffic-normal-baseline* [unit protocol] | | +--rw unit unit | | +--rw protocol uint8 | | +--rw low-percentile-g? yang:gauge64 | | +--rw mid-percentile-g? yang:gauge64 | | +--rw high-percentile-g? yang:gauge64 | | +--rw peak-g? yang:gauge64 | +--rw total-connection-capacity* [protocol] | +--rw protocol uint8 ... [Med] The current updated tree structure is as follows: augment /ietf-signal:dots-signal/ietf-signal:message-type: +--:(telemetry-setup) {dots-telemetry}? | +--rw telemetry* [cuid tsid] | +--rw cuid string | +--rw cdid? string | +--rw tsid uint32 | +--rw telemetry-config | | +--rw measurement-interval? interval | | +--rw measurement-sample? sample | | +--rw low-percentile? percentile | | +--rw mid-percentile? percentile | | +--rw high-percentile? percentile | | +--rw unit-config* [unit] | | +--rw unit unit | | +--rw unit-status? boolean | +--rw total-pipe-capacity* [link-id unit] | | +--rw link-id nt:link-id | | +--rw unit unit | | +--rw pipe? uint64 | +--rw baseline | +--rw target-prefix* inet:ip-prefix | +--rw target-port-range* [lower-port] | | +--rw lower-port inet:port-number | | +--rw upper-port? inet:port-number | +--rw target-protocol* uint8 | +--rw target-fqdn* inet:domain-name | +--rw target-uri* inet:uri | +--rw total-traffic-normal-baseline* [unit protocol] | | +--rw unit unit | | +--rw protocol uint8 | | +--rw low-percentile-g? yang:gauge64 | | +--rw mid-percentile-g? yang:gauge64 | | +--rw high-percentile-g? yang:gauge64 | | +--rw peak-g? yang:gauge64 | +--rw total-connection-capacity* [protocol] | +--rw protocol uint8 | +--rw connection? uint64 | +--rw connection-client? uint64 | +--rw embryonic? uint64 | +--rw embryonic-client? uint64 | +--rw connection-ps? uint64 | +--rw connection-client-ps? uint64 | +--rw request-ps? uint64 | +--rw request-client-ps? uint64 | +--rw partial-request-ps? uint64 | +--rw partial-request-client-ps? uint64 The new structure is designed with the following objectives: · Allow a multi-homed client domain to signal the capacity of each interconnection link. · The normal traffic base line can be provided for the overall domain (an aggregated prefix, or no target-clause included at all) or for specific targets (IP addresses, prefixes) · These parameters can be communicated using the same or distinct request. Checks on overlapping targets and links are covered. Nevertheless, this design brings some complexity if a request overlaps with an existing pipe request but a new baseline traffic. We may either go for an additional uri or maintain one single uri but go with the following design (which is my favorite): augment /ietf-signal:dots-signal/ietf-signal:message-type: +--:(telemetry-setup) {dots-telemetry}? | +--rw telemetry* [cuid tsid] | +--rw cuid string | +--rw cdid? string | +--rw tsid uint32 | +--rw (setup-type)? | +--:(telemetry-config) | | +--rw measurement-interval? interval | | +--rw measurement-sample? sample | | +--rw low-percentile? percentile | | +--rw mid-percentile? percentile | | +--rw high-percentile? percentile | | +--rw unit-config* [unit] | | +--rw unit unit | | +--rw unit-status? boolean | +--:(pipe) | | +--rw total-pipe-capacity* [link-id unit] | | +--rw link-id nt:link-id | | +--rw unit unit | | +--rw pipe? uint64 | +--:(baseline) | +--rw baseline | +--rw target-prefix* inet:ip-prefix | +--rw target-port-range* [lower-port] | | +--rw lower-port inet:port-number | | +--rw upper-port? inet:port-number | +--rw target-protocol* uint8 | +--rw target-fqdn* inet:domain-name | +--rw target-uri* inet:uri | +--rw total-traffic-normal-baseline* [unit protocol] | | +--rw unit unit | | +--rw protocol uint8 | | +--rw low-percentile-g? yang:gauge64 | | +--rw mid-percentile-g? yang:gauge64 | | +--rw high-percentile-g? yang:gauge64 | | +--rw peak-g? yang:gauge64 | +--rw total-connection-capacity* [protocol] | +--rw protocol uint8 | +--rw connection? uint64 | +--rw connection-client? uint64 | +--rw embryonic? uint64 | +--rw embryonic-client? uint64 | +--rw connection-ps? uint64 | +--rw connection-client-ps? uint64 | +--rw request-ps? uint64 | +--rw request-client-ps? uint64 | +--rw partial-request-ps? uint64 Thoughts? While '/tm' can be used for sharing pre-mitigation telemetry data (an excerpt of the tree is shown below). +--:(telemetry) {dots-telemetry}? +--rw pre-mitigation* [cuid telemetry-id] +--rw cuid string +--rw cdid? string +--rw telemetry-id uint32 +--rw target | +--rw target-prefix* inet:ip-prefix | +--rw target-port-range* [lower-port] | | +--rw lower-port inet:port-number | | +--rw upper-port? inet:port-number | +--rw target-protocol* uint8 | +--rw target-fqdn* inet:domain-name | +--rw target-uri* inet:uri +--ro total-attack-traffic* [unit protocol] | +--ro unit unit | +--ro protocol uint8 | +--ro low-percentile-g? yang:gauge64 | +--ro mid-percentile-g? yang:gauge64 | +--ro high-percentile-g? yang:gauge64 | +--ro peak-g? yang:gauge64 +--ro total-traffic* [unit protocol] ... +--ro attack-detail +--ro vendor-id? uint32 +--ro attack-id? string +--ro attack-name? string +--ro attack-severity? attack-severity +--ro start-time? uint64 +--ro end-time? uint64 +--ro source-count | +--ro low-percentile-g? yang:gauge64 | +--ro mid-percentile-g? yang:gauge64 | +--ro high-percentile-g? yang:gauge64 | +--ro peak-g? yang:gauge64 +--ro top-talker +--ro source-prefix* [source-prefix] +--ro spoofed-status? boolean +--ro source-prefix inet:ip-prefix ... Unless there are objections, we will implement this change in the next iteration of the draft. Cheers, Med
- [Dots] DOTS Telemetry: URI Path mohamed.boucadair
- Re: [Dots] DOTS Telemetry: URI Path mohamed.boucadair
- Re: [Dots] DOTS Telemetry: URI Path kaname nishizuka
- Re: [Dots] DOTS Telemetry: URI Path mohamed.boucadair