Re: [Dots] Opsdir early review of draft-ietf-dots-telemetry-10
mohamed.boucadair@orange.com Mon, 27 July 2020 08:42 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC9CD3A17C4; Mon, 27 Jul 2020 01:42:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.118
X-Spam-Level:
X-Spam-Status: No, score=-2.118 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=orange.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h5lL-cs8ITfJ; Mon, 27 Jul 2020 01:42:36 -0700 (PDT)
Received: from relais-inet.orange.com (relais-inet.orange.com [80.12.70.35]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4C52D3A17C9; Mon, 27 Jul 2020 01:42:36 -0700 (PDT)
Received: from opfednr03.francetelecom.fr (unknown [xx.xx.xx.67]) by opfednr25.francetelecom.fr (ESMTP service) with ESMTP id 4BFYGL6KVJzCsb5; Mon, 27 Jul 2020 10:42:34 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=orange.com; s=ORANGE001; t=1595839354; bh=qNHPSYO6i/wVO4mI061bIlyybSl+mCdAWChstUPbaco=; h=From:To:Subject:Date:Message-ID:Content-Type: Content-Transfer-Encoding:MIME-Version; b=t2Z7I5B6z5sbYcGe+AoTyNgWuoLyLFJnybiPpIvqZihLXgDbLyw7P/zFcpi5EZOZI KCgdqikcjZIDgGzaX0Zpdckb3+j9jBZKpbqjhGn0r1AkyknzjXr+8QcbTjT9aywpv3 JDr+5yXJ1eJEHcWYIjwEd1G30hkWa3b0fpeDsLWz5WENnxUIMNIh0A91PQUsCnxRRy TLf6RYRpHtRZ2uFFCI0FQ/9yatKIAlFO0dQNhKGHNiu5PELY3JmsK/YYL2Uva6M5CU wOR+3L5/PIk6HWlpTju0HDgFCGpUmDYm8xK0u1Gu6yl4a7TmYFvGQ4Gv2SELDPAA4I gve6fBZuUT6sg==
Received: from Exchangemail-eme6.itn.ftgroup (unknown [xx.xx.13.57]) by opfednr03.francetelecom.fr (ESMTP service) with ESMTP id 4BFYGL5X5WzDq80; Mon, 27 Jul 2020 10:42:34 +0200 (CEST)
From: mohamed.boucadair@orange.com
To: Nagendra Nainar <naikumar@cisco.com>, "ops-dir@ietf.org" <ops-dir@ietf.org>
CC: "dots@ietf.org" <dots@ietf.org>, "draft-ietf-dots-telemetry.all@ietf.org" <draft-ietf-dots-telemetry.all@ietf.org>
Thread-Topic: Opsdir early review of draft-ietf-dots-telemetry-10
Thread-Index: AQHWXFqoEdSOwfeNf0ib5M2fSgHpwKkQBR3QgAsliZA=
Date: Mon, 27 Jul 2020 08:42:33 +0000
Message-ID: <22834_1595839354_5F1E937A_22834_380_1_787AE7BB302AE849A7480A190F8B933031502D88@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
References: <159500474599.6780.15170068409923307578@ietfa.amsl.com> <17641_1595228380_5F1540DC_17641_218_1_787AE7BB302AE849A7480A190F8B9330314FE1A8@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
In-Reply-To: <17641_1595228380_5F1540DC_17641_218_1_787AE7BB302AE849A7480A190F8B9330314FE1A8@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.114.13.245]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/5g_dGvUrQB-8jV56WlCshN45FzY>
Subject: Re: [Dots] Opsdir early review of draft-ietf-dots-telemetry-10
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Jul 2020 08:42:39 -0000
Hi Nagendra, all, FWIW, the proposed changes are now implemented in -11: URL: https://www.ietf.org/internet-drafts/draft-ietf-dots-telemetry-11.txt Status: https://datatracker.ietf.org/doc/draft-ietf-dots-telemetry/ Htmlized: https://tools.ietf.org/html/draft-ietf-dots-telemetry-11 Htmlized: https://datatracker.ietf.org/doc/html/draft-ietf-dots-telemetry Diff: https://www.ietf.org/rfcdiff?url2=draft-ietf-dots-telemetry-11 Cheers, Med > -----Message d'origine----- > De : mohamed.boucadair@orange.com > [mailto:mohamed.boucadair@orange.com] > Envoyé : lundi 20 juillet 2020 09:00 > À : Nagendra Nainar <naikumar@cisco.com>; ops-dir@ietf.org > Cc : dots@ietf.org; draft-ietf-dots-telemetry.all@ietf.org > Objet : RE: Opsdir early review of draft-ietf-dots-telemetry-10 > > Hi Nagendra, > > Thank you for the review. > > Please see inline. > > Cheers, > Med > > > -----Message d'origine----- > > De : Nagendra Nainar via Datatracker [mailto:noreply@ietf.org] > Envoyé > > : vendredi 17 juillet 2020 18:52 À : ops-dir@ietf.org Cc : > > dots@ietf.org; draft-ietf-dots-telemetry.all@ietf.org > > Objet : Opsdir early review of draft-ietf-dots-telemetry-10 > > > > Reviewer: Nagendra Nainar > > Review result: Has Nits > > > > Hi, > > > > I have reviewed this document as part of the Operational > directorate's > > ongoing effort to review all IETF documents being processed by the > > IESG. These comments were written with the intent of improving the > > operational aspects of the IETF drafts per guidelines in RFC5706. > > > > Comments that are not addressed in last call may be included in AD > > reviews during the IESG review. Document editors and WG chairs > should > > treat these comments just like any other last call comments. > > > > Overall Summary: > > > > This draft is a standard track proposing telemetry attributes for > DOTS > > signal channel (RFC8782) that can be exchanged between DOTS client > and > > server. The draft clarifies that these attributes are not mandatory. > > As these telemetry attributes are extensions of the existing DOTS > > signal channel and it already clarifies that they are not mandatory, > > this draft does not introduce any backward compatibility issues. > > > > The draft also proposes high level error handling mechanism for the > > telemetry attributes defined in this document. > > > > Overall this is a well written document. Some ambiguity observed > that > > needs attention are listed below: > > > > --> The below reference seems to be wrong. RFC7252 is COAP and not > > CBOR. > > --> I > > think it should be RFC7049. > > > > [Med] I confirm. Fixed. > > > "Telemetry messages exchanged between DOTS agents are serialized > using > > Concise Binary Object Representation (CBOR) [RFC7252]" > > > > --> An early reference to RFC7950 may be useful in Section 4.5. > > [Med] OK. > > > > > --> tsid seems to be a terminology introduced in this draft. It > > will be > > --> good to > > add this in the terminology section. Same for tmid. > > [Med] No problem. This will be added. > > > > > --> Section 6.1.2 states that a PUT request with link capacity set > > to 0 > > --> to > > delete a link when the other link is active. What happens if a PUT > > request is sent with all the links set to a capacity of 0?. Will it > be > > treated as error or as "DELETE"?. > > [Med] This falls under this behavior in 6.1.2: > > o If the request is missing a mandatory attribute, does not > include > 'cuid' or 'tsid' Uri-Path parameters, or contains one or more > invalid or unknown parameters, 4.00 (Bad Request) MUST be > returned > in the response. > > I added this note to make it explicit: > > "Note that if the DOTS server receives a PUT request with a 'capacity' > attribute set to "0" for all included links, it MUST reject the > request with a 4.00 (Bad Request)." > > > > > --> The DMS mentioned below can be expanded or included in the > > --> terminology > > section. I cant find it in RFC8287 as well. > > [Med] I expanded the acronym to DDoS Mitigation System, but removed > "DMS" as it is not used in other parts of the text. > > > > > The 'total-attack-traffic' attribute (Figure 27) conveys the total > > attack traffic identified by the DOTS client domain's DMS (or > DDoS > > > > --> I understand that Pre-or-Ongoing-Mitigation attribute can be > > --> signaled by > > DOTS client or Server. Can this be used to report an ongoing attack > to > > the server? > > [Med] Yes, clients can send telemetry to the servers. > > . If so, what should be the value set in the > > end-time field?. > > [Med] This attribute will be used if the attack was mitigated. The > client will set it to the time when the attack traffic is not seen > anymore in the DOTS domain client. > > > > > --> I am skipping the YANG module as I noticed that YANGDOCTOR > > review is > > already done. > > > > Few nits: > > > > s/If no target clause in included in the request/If no target clause > > is included in the request > > > > > [Med] Thank you for catching this. Fixed. > > > ______________________________________________________________________ > ___________________________________________________ > > Ce message et ses pieces jointes peuvent contenir des informations > confidentielles ou privilegiees et ne doivent donc pas etre diffuses, > exploites ou copies sans autorisation. Si vous avez recu ce message > par erreur, veuillez le signaler a l'expediteur et le detruire ainsi > que les pieces jointes. Les messages electroniques etant susceptibles > d'alteration, Orange decline toute responsabilite si ce message a ete > altere, deforme ou falsifie. Merci. > > This message and its attachments may contain confidential or > privileged information that may be protected by law; they should not > be distributed, used or copied without authorisation. > If you have received this email in error, please notify the sender and > delete this message and its attachments. > As emails may be altered, Orange is not liable for messages that have > been modified, changed or falsified. > Thank you. _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
- [Dots] Opsdir early review of draft-ietf-dots-tel… Nagendra Nainar via Datatracker
- Re: [Dots] Opsdir early review of draft-ietf-dots… mohamed.boucadair
- Re: [Dots] Opsdir early review of draft-ietf-dots… mohamed.boucadair
- Re: [Dots] Opsdir early review of draft-ietf-dots… Nagendra Kumar Nainar (naikumar)