IETF Logo Mail Archive

Re: [Dots] Questions about draft-doron-dots-telemetry-00

Flemming Andreasen <fandreas@cisco.com> Mon, 14 November 2016 21:36 UTC

Return-Path: <fandreas@cisco.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 839CE1293FF for <dots@ietfa.amsl.com>; Mon, 14 Nov 2016 13:36:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.998
X-Spam-Level:
X-Spam-Status: No, score=-15.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-1.497, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Yq8QcXj8U2Cy for <dots@ietfa.amsl.com>; Mon, 14 Nov 2016 13:36:57 -0800 (PST)
Received: from bgl-iport-2.cisco.com (bgl-iport-2.cisco.com [72.163.197.26]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B6289129632 for <dots@ietf.org>; Mon, 14 Nov 2016 13:36:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=18360; q=dns/txt; s=iport; t=1479159410; x=1480369010; h=subject:to:references:cc:from:message-id:date: mime-version:in-reply-to; bh=QA9FKgouqE3RfLS58j+IKwWmoUN+1yF82fQJTsF6Bb0=; b=QuYqQ7jEC4wmLPvxwHDXzLQQQf+LlseyjvSkM0zpNQ0+EuFqogTCj9bG rgjBYVecIbsV8TeeAf/fLtiM7XfIeH86tsxcJqvJyVyDvgg01ZQmwx3sf Begqi/jvxl3tdAkD4klPh4qlk3NCpgxmG0K9rLnyPEIE/unpEuw7RrXeQ E=;
X-IronPort-AV: E=Sophos; i="5.31,640,1473120000"; d="scan'208,217"; a="65184310"
Received: from vla196-nat.cisco.com (HELO bgl-core-3.cisco.com) ([72.163.197.24]) by bgl-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 14 Nov 2016 21:36:46 +0000
Received: from [10.70.234.11] ([10.70.234.11]) by bgl-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id uAELaias018286; Mon, 14 Nov 2016 21:36:44 GMT
To: Ehud Doron <EhudD@Radware.com>, "Roman D. Danyliw" <rdd@cert.org>, "tireddy@cisco.com" <tireddy@cisco.com>, "Xialiang (Frank)" <frank.xialiang@huawei.com>, kaname nishizuka <kaname@nttv6.jp>
References: <359EC4B99E040048A7131E0F4E113AFC0104EAE8B8@marathon> <E58182C4A35A8E498E553AD3D33FA00101170E0067@ILMB1.corp.radware.com>
From: Flemming Andreasen <fandreas@cisco.com>
Message-ID: <9ca15a6d-b617-e058-0828-20785c5cf26e@cisco.com>
Date: Mon, 14 Nov 2016 16:36:44 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.4.0
MIME-Version: 1.0
In-Reply-To: <E58182C4A35A8E498E553AD3D33FA00101170E0067@ILMB1.corp.radware.com>
Content-Type: multipart/alternative; boundary="------------FE9189666C875281DF9CE2F1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/FH4VMbR-GAFL6o_mobwuawJ6OH0>
Cc: "dots@ietf.org" <dots@ietf.org>
Subject: Re: [Dots] Questions about draft-doron-dots-telemetry-00
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Nov 2016 21:36:59 -0000



On 11/14/16 3:14 AM, Ehud Doron wrote:
>
> Hi Roman
>
> Thanks a lot for your questions.
>
> Before getting in to each of your question, I would like to explain 
> the goal and objectives of our work.
>
> We want to *define and standardize* all the pieces of information 
> needed by DOTS Server mitigation environment for optimal mitigation. 
> This DOTS Telemetry need to be optionally signaled as part of “DOTS 
> Client asks Server for help” various signaling process.
>
> We want to bring the DOTS Telemetry various needs and meanings to be 
> discussed and agreed in the DOTS WG.
>
> After we will all get to the agreement on the various attributes 
> needed, we believe the other DOTS “core” docs need to somehow adopt 
> them and update accordingly.
>
> Essentially we would like to build a "Telemetry" extension standard to 
> the basic DOTS protocol, and this document would define that. Keeping 
> the telemetry specification in a separate draft is good approach for 
> future extensibility.
>
> We expect that the other DOTS draft will benefit this draft by 
> adopting the approaches it suggests to enrich the DOTS signaling. For 
> this goal, we as the DOTS WG first need to better understand (and 
> agree in the group) what we see as baseline mandatory capabilities and 
> what we see as extensions. We are just at the early stages of this 
> work, the current draft defines an initial set of attributes and 
> obviously more discussions in the WG are needed to define the set of 
> attribute that are the “DOTS Telemetry”, and to what extend the other 
> DOTS draft should benefit the DOTS Telemetry.
>
> To your questions:
>
> (1) Is there an undocumented telemetry use case that needs to be added 
> to the use case WG document?  Section 4.0 suggests that.
>
>      Yes. We want to DOTS use cases, the existing and maybe new 
> others, to be enriched with Telemetry related items. It is important 
> to emphasize *“when and where”* DOTS Telemetry can , or should, be 
> signaled such that the mitigation gained for the use case is far 
> better. We want also the other docs (requirements, architecture, 
> protocols, data model and so on) to take the similar approaches.
>
> (2) Is there another protocol draft coming that will incorporate the 
> attributes enumerated in Section 3?  Or are the existing protocol 
> drafts supposed to adopted these?
>
>       As said, the existing protocol drafts supposed to adopt DOT 
> Telemetry approaches by incorporating the attributes enumerated in 
> this draft.
>
> (3) What is the relationship you see between this draft and 
> draft-andreasen-dots-info-data-model-01 (especially given all the 
> authors on the latter are in the former as well)?
>
>       The DOTS Telemetry draft purpose is to *define* the Telemetry 
> attributes needed. The actual data model objects needed to signal 
> these attributes are expected to be define in the info-data model doc. 
> The info-data model draft will define an extension mechanism that 
> supports adding telemetry. To what extent it will also define 
> telemetry is a more open question for the group.
>
To clarify my view on 2) and 3), I think telemetry attributes (with the 
possible exception of a small baseline set) should be defined as 
extensions in separate documents, and that applies to the info-data 
model as well as the protocol. I do think the info-data model as well as 
the protocol should be explicitly defined to accommodate this by 
including an extension model that supports this in a well-defined and 
interoperable manner (modular approach).

Thanks

-- Flemming

> Best wishes,
>
> *Ehud Doron *| Senior Architect, *Radware* CTO office | 
> *M:*+972-54-7575503 | *T:* +972-72-3917120
>
> *From:* Roman D. Danyliw [mailto:rdd@cert.org]
> *Sent:* Friday, November 11, 2016 6:30 AM
> *To:* Ehud Doron <EhudD@Radware.com>; tireddy@cisco.com; 
> fandreas@cisco.com; Xialiang (Frank) <frank.xialiang@huawei.com>; 
> kaname nishizuka <kaname@nttv6.jp>
> *Cc:* dots@ietf.org
> *Subject:* Questions about draft-doron-dots-telemetry-00
>
> Hello Ehud, Tiru, Flemming, Frank and Kaname!
>
> Thanks for producing and submitting this draft!
>
> Without getting into the details, what did you have in mind with this 
> draft.  Specifically:
>
> (1) Is there an undocumented telemetry use case that needs to be added 
> to the use case WG document? Section 4.0 suggests that.
>
> (2) Is there another protocol draft coming that will incorporate the 
> attributes enumerated in Section 3? Or are the existing protocol 
> drafts supposed to adopted these?
>
> (3) What is the relationship you see between this draft and 
> draft-andreasen-dots-info-data-model-01 (especially given all the 
> authors on the latter are in the former as well)?
>
> Thanks,
>
> Roman
>

v2.23.0 | Report a Bug | By Email