Re: [Dots] Signal / Data / Alias / Filter Implementation
"Jon Shallow" <supjps-ietf@jpshallow.com> Wed, 02 August 2017 15:25 UTC
Return-Path: <supjps-ietf@jpshallow.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 571E313214B for <dots@ietfa.amsl.com>; Wed, 2 Aug 2017 08:25:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XwFs6_F5FS6s for <dots@ietfa.amsl.com>; Wed, 2 Aug 2017 08:25:13 -0700 (PDT)
Received: from mail.jpshallow.com (mail.jpshallow.com [217.40.240.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 54037132144 for <dots@ietf.org>; Wed, 2 Aug 2017 08:24:56 -0700 (PDT)
Received: from [127.0.0.1] (helo=N01332) by mail.jpshallow.com with smtps (TLSv1:ECDHE-RSA-AES256-SHA:256) (Exim 4.89) (envelope-from <jon.shallow@jpshallow.com>) id 1dcvW2-00083n-R3 for ietf-supjps-dots@ietf.org; Wed, 02 Aug 2017 16:24:54 +0100
From: Jon Shallow <supjps-ietf@jpshallow.com>
To: dots@ietf.org
References: <035401d30b77$fb3a1da0$f1ae58e0$@jpshallow.com> <628E4313-95D3-42F5-9DDB-00C7B4EBB4D6@arbor.net>
In-Reply-To: <628E4313-95D3-42F5-9DDB-00C7B4EBB4D6@arbor.net>
Date: Wed, 02 Aug 2017 16:24:56 +0100
Message-ID: <039001d30ba3$7f4290c0$7dc7b240$@jpshallow.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Content-Language: en-gb
Thread-Index: AQI4Xj59hXHis+FNi2tfJtTtHlSsOQE/0lLFoZyHB9A=
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/75WWvdGyhHnYUKpNXS3oqWLYymE>
Subject: Re: [Dots] Signal / Data / Alias / Filter Implementation
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Aug 2017 15:25:15 -0000
I guess I am confused by your response. Yes, the DOTS Server may be able to
work out the source-* information before passing it to the DOTS Mitigator,
but may need some hints from the DOTS client as to what to do. I was not
expecting the DOTS Server to be feeding back information to the DOTS client
for the DOTS client to mitigate.
I (probably badly) was trying to describe a DOTS Client that had some
intelligence and could feed hints up to the DOTS Server.
In draft-ietf-dots-use-cases-07
3.1.6. End-customer operating a CPE network infrastructure device with
an integrated DOTS client
The CPE device with integrated DOTS Client may be able to work out which
source-* and destination-* is needed to mitigate the attack (which could be
internet pipe flooding etc.) but has no mechanism to signal any source-*
information upstream to the DOTS server.
Hence 3 questions as to how can this source-* information be handled with
the current draft-ietf-dots-signal-channel ?
Regards
Jon
-----Original Message-----
From: Dots [mailto: dots-bounces@ietf.org] On Behalf Of Roland Dobbins
Sent: 02 August 2017 11:46
To: Jon Shallow
Cc: dots@ietf.org
Subject: Re: [Dots] Signal / Data / Alias / Filter Implementation
On 2 Aug 2017, at 17:13, Jon Shallow wrote:
> The DOTS client may have the smarts to work out what are the
> problematic
> source-* etc. values (e.g. can generate smart BGP FlowSpec rules) are
> that will sensibly control the DDoS Attack.
Whatever orchestration system is getting input from the receiving DOTS
server, actually.
-----------------------------------
Roland Dobbins <rdobbins@arbor.net>
_______________________________________________
Dots mailing list
Dots@ietf.org
https://www.ietf.org/mailman/listinfo/dots
- [Dots] Signal / Data / Alias / Filter Implementat… Jon Shallow
- Re: [Dots] Signal / Data / Alias / Filter Impleme… Roland Dobbins
- Re: [Dots] Signal / Data / Alias / Filter Impleme… Jon Shallow
- Re: [Dots] Signal / Data / Alias / Filter Impleme… Dobbins, Roland
- Re: [Dots] Signal / Data / Alias / Filter Impleme… kaname nishizuka
- Re: [Dots] Signal / Data / Alias / Filter Impleme… Jon Shallow
- Re: [Dots] Signal / Data / Alias / Filter Impleme… Konda, Tirumaleswar Reddy
- Re: [Dots] Signal / Data / Alias / Filter Impleme… Roland Dobbins
- Re: [Dots] Signal / Data / Alias / Filter Impleme… Roland Dobbins
- Re: [Dots] Signal / Data / Alias / Filter Impleme… Konda, Tirumaleswar Reddy
- Re: [Dots] Signal / Data / Alias / Filter Impleme… Jon Shallow
- Re: [Dots] Signal / Data / Alias / Filter Impleme… Konda, Tirumaleswar Reddy
- Re: [Dots] Signal / Data / Alias / Filter Impleme… Jon Shallow
- Re: [Dots] Signal / Data / Alias / Filter Impleme… Konda, Tirumaleswar Reddy
- Re: [Dots] Signal / Data / Alias / Filter Impleme… Jon Shallow
- Re: [Dots] Signal / Data / Alias / Filter Impleme… kaname nishizuka
- Re: [Dots] Signal / Data / Alias / Filter Impleme… kaname nishizuka
- Re: [Dots] Signal / Data / Alias / Filter Impleme… kaname nishizuka
- Re: [Dots] Signal / Data / Alias / Filter Impleme… Roland Dobbins
- Re: [Dots] Signal / Data / Alias / Filter Impleme… Jon Shallow
- Re: [Dots] Signal / Data / Alias / Filter Impleme… Konda, Tirumaleswar Reddy