Re: [Dots] Questions about draft-doron-dots-telemetry-00
Flemming Andreasen <fandreas@cisco.com> Mon, 14 November 2016 21:36 UTC
Return-Path: <fandreas@cisco.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 839CE1293FF for <dots@ietfa.amsl.com>; Mon, 14 Nov 2016 13:36:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.998
X-Spam-Level:
X-Spam-Status: No, score=-15.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-1.497, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Yq8QcXj8U2Cy for <dots@ietfa.amsl.com>; Mon, 14 Nov 2016 13:36:57 -0800 (PST)
Received: from bgl-iport-2.cisco.com (bgl-iport-2.cisco.com [72.163.197.26]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B6289129632 for <dots@ietf.org>; Mon, 14 Nov 2016 13:36:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=18360; q=dns/txt; s=iport; t=1479159410; x=1480369010; h=subject:to:references:cc:from:message-id:date: mime-version:in-reply-to; bh=QA9FKgouqE3RfLS58j+IKwWmoUN+1yF82fQJTsF6Bb0=; b=QuYqQ7jEC4wmLPvxwHDXzLQQQf+LlseyjvSkM0zpNQ0+EuFqogTCj9bG rgjBYVecIbsV8TeeAf/fLtiM7XfIeH86tsxcJqvJyVyDvgg01ZQmwx3sf Begqi/jvxl3tdAkD4klPh4qlk3NCpgxmG0K9rLnyPEIE/unpEuw7RrXeQ E=;
X-IronPort-AV: E=Sophos; i="5.31,640,1473120000"; d="scan'208,217"; a="65184310"
Received: from vla196-nat.cisco.com (HELO bgl-core-3.cisco.com) ([72.163.197.24]) by bgl-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 14 Nov 2016 21:36:46 +0000
Received: from [10.70.234.11] ([10.70.234.11]) by bgl-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id uAELaias018286; Mon, 14 Nov 2016 21:36:44 GMT
To: Ehud Doron <EhudD@Radware.com>, "Roman D. Danyliw" <rdd@cert.org>, "tireddy@cisco.com" <tireddy@cisco.com>, "Xialiang (Frank)" <frank.xialiang@huawei.com>, kaname nishizuka <kaname@nttv6.jp>
References: <359EC4B99E040048A7131E0F4E113AFC0104EAE8B8@marathon> <E58182C4A35A8E498E553AD3D33FA00101170E0067@ILMB1.corp.radware.com>
From: Flemming Andreasen <fandreas@cisco.com>
Message-ID: <9ca15a6d-b617-e058-0828-20785c5cf26e@cisco.com>
Date: Mon, 14 Nov 2016 16:36:44 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.4.0
MIME-Version: 1.0
In-Reply-To: <E58182C4A35A8E498E553AD3D33FA00101170E0067@ILMB1.corp.radware.com>
Content-Type: multipart/alternative; boundary="------------FE9189666C875281DF9CE2F1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/FH4VMbR-GAFL6o_mobwuawJ6OH0>
Cc: "dots@ietf.org" <dots@ietf.org>
Subject: Re: [Dots] Questions about draft-doron-dots-telemetry-00
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Nov 2016 21:36:59 -0000
On 11/14/16 3:14 AM, Ehud Doron wrote: > > Hi Roman > > Thanks a lot for your questions. > > Before getting in to each of your question, I would like to explain > the goal and objectives of our work. > > We want to *define and standardize* all the pieces of information > needed by DOTS Server mitigation environment for optimal mitigation. > This DOTS Telemetry need to be optionally signaled as part of “DOTS > Client asks Server for help” various signaling process. > > We want to bring the DOTS Telemetry various needs and meanings to be > discussed and agreed in the DOTS WG. > > After we will all get to the agreement on the various attributes > needed, we believe the other DOTS “core” docs need to somehow adopt > them and update accordingly. > > Essentially we would like to build a "Telemetry" extension standard to > the basic DOTS protocol, and this document would define that. Keeping > the telemetry specification in a separate draft is good approach for > future extensibility. > > We expect that the other DOTS draft will benefit this draft by > adopting the approaches it suggests to enrich the DOTS signaling. For > this goal, we as the DOTS WG first need to better understand (and > agree in the group) what we see as baseline mandatory capabilities and > what we see as extensions. We are just at the early stages of this > work, the current draft defines an initial set of attributes and > obviously more discussions in the WG are needed to define the set of > attribute that are the “DOTS Telemetry”, and to what extend the other > DOTS draft should benefit the DOTS Telemetry. > > To your questions: > > (1) Is there an undocumented telemetry use case that needs to be added > to the use case WG document? Section 4.0 suggests that. > > Yes. We want to DOTS use cases, the existing and maybe new > others, to be enriched with Telemetry related items. It is important > to emphasize *“when and where”* DOTS Telemetry can , or should, be > signaled such that the mitigation gained for the use case is far > better. We want also the other docs (requirements, architecture, > protocols, data model and so on) to take the similar approaches. > > (2) Is there another protocol draft coming that will incorporate the > attributes enumerated in Section 3? Or are the existing protocol > drafts supposed to adopted these? > > As said, the existing protocol drafts supposed to adopt DOT > Telemetry approaches by incorporating the attributes enumerated in > this draft. > > (3) What is the relationship you see between this draft and > draft-andreasen-dots-info-data-model-01 (especially given all the > authors on the latter are in the former as well)? > > The DOTS Telemetry draft purpose is to *define* the Telemetry > attributes needed. The actual data model objects needed to signal > these attributes are expected to be define in the info-data model doc. > The info-data model draft will define an extension mechanism that > supports adding telemetry. To what extent it will also define > telemetry is a more open question for the group. > To clarify my view on 2) and 3), I think telemetry attributes (with the possible exception of a small baseline set) should be defined as extensions in separate documents, and that applies to the info-data model as well as the protocol. I do think the info-data model as well as the protocol should be explicitly defined to accommodate this by including an extension model that supports this in a well-defined and interoperable manner (modular approach). Thanks -- Flemming > Best wishes, > > *Ehud Doron *| Senior Architect, *Radware* CTO office | > *M:*+972-54-7575503 | *T:* +972-72-3917120 > > *From:* Roman D. Danyliw [mailto:rdd@cert.org] > *Sent:* Friday, November 11, 2016 6:30 AM > *To:* Ehud Doron <EhudD@Radware.com>; tireddy@cisco.com; > fandreas@cisco.com; Xialiang (Frank) <frank.xialiang@huawei.com>; > kaname nishizuka <kaname@nttv6.jp> > *Cc:* dots@ietf.org > *Subject:* Questions about draft-doron-dots-telemetry-00 > > Hello Ehud, Tiru, Flemming, Frank and Kaname! > > Thanks for producing and submitting this draft! > > Without getting into the details, what did you have in mind with this > draft. Specifically: > > (1) Is there an undocumented telemetry use case that needs to be added > to the use case WG document? Section 4.0 suggests that. > > (2) Is there another protocol draft coming that will incorporate the > attributes enumerated in Section 3? Or are the existing protocol > drafts supposed to adopted these? > > (3) What is the relationship you see between this draft and > draft-andreasen-dots-info-data-model-01 (especially given all the > authors on the latter are in the former as well)? > > Thanks, > > Roman >
- [Dots] Questions about draft-doron-dots-telemetry… Roman D. Danyliw
- Re: [Dots] Questions about draft-doron-dots-telem… Ehud Doron
- Re: [Dots] Questions about draft-doron-dots-telem… Roland Dobbins
- Re: [Dots] Questions about draft-doron-dots-telem… Flemming Andreasen
- Re: [Dots] Questions about draft-doron-dots-telem… Flemming Andreasen
- Re: [Dots] Questions about draft-doron-dots-telem… Roland Dobbins
- Re: [Dots] Questions about draft-doron-dots-telem… Ehud Doron
- Re: [Dots] Questions about draft-doron-dots-telem… Susan Hares
- Re: [Dots] Questions about draft-doron-dots-telem… Roland Dobbins
- Re: [Dots] Questions about draft-doron-dots-telem… Ehud Doron
- Re: [Dots] Questions about draft-doron-dots-telem… Ehud Doron
- Re: [Dots] Questions about draft-doron-dots-telem… Dobbins, Roland