Re: [Dots] I-D Action: draft-ietf-dots-telemetry-01.txt
"Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com> Wed, 05 February 2020 06:59 UTC
Return-Path: <tirumaleswarreddy_konda@mcafee.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 86F751201DB for <dots@ietfa.amsl.com>; Tue, 4 Feb 2020 22:59:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mcafee.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ShYa8vNaqy9G for <dots@ietfa.amsl.com>; Tue, 4 Feb 2020 22:59:03 -0800 (PST)
Received: from us-smtp-delivery-140.mimecast.com (us-smtp-delivery-140.mimecast.com [216.205.24.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 79E36120045 for <dots@ietf.org>; Tue, 4 Feb 2020 22:59:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mcafee.com; s=mimecast20190606; t=1580885942; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=+JK1HhlRSu9VLSwTDESORZpYybfId8BcT4A7AYdQsOY=; b=Ih1weFVEqaQzzYgz2KWA1c2TmSeblIbA+VoAe4HHhQ9wVXYNSXZomYcyn+J+KVO090ZXm0 oG17Of4zQwH83eQdT8HKdQpNT/G1X+/xjF24JpOC6VTbBkq6IMceyzNfyAOGLidJPTaiMo bXSbQ5AAVfZfMSxCVNo0NoNJsnK9IxU=
Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12lp2175.outbound.protection.outlook.com [104.47.55.175]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-61-MJPAPjs5NwO7BXuId4O5vw-1; Wed, 05 Feb 2020 01:58:45 -0500
Received: from CY4PR1601MB1254.namprd16.prod.outlook.com (10.172.118.12) by CY4PR1601MB1110.namprd16.prod.outlook.com (10.172.116.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32; Wed, 5 Feb 2020 06:58:43 +0000
Received: from CY4PR1601MB1254.namprd16.prod.outlook.com ([fe80::e851:20e8:57bd:fedd]) by CY4PR1601MB1254.namprd16.prod.outlook.com ([fe80::e851:20e8:57bd:fedd%12]) with mapi id 15.20.2686.034; Wed, 5 Feb 2020 06:58:43 +0000
From: "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com>
To: "mohamed.boucadair@orange.com" <mohamed.boucadair@orange.com>, "Jon Shallow (supjps-ietf@jpshallow.com)" <supjps-ietf@jpshallow.com>, "dots@ietf.org" <dots@ietf.org>
Thread-Topic: [Dots] I-D Action: draft-ietf-dots-telemetry-01.txt
Thread-Index: AQHV2EX1YQ9eUkWY2E+gQ7j9EgylIKgE4pYAgARXvICAAvfD0A==
Date: Wed, 05 Feb 2020 06:58:42 +0000
Message-ID: <CY4PR1601MB125427847C0E00EC33BD4520EA020@CY4PR1601MB1254.namprd16.prod.outlook.com>
References: <158048229416.21195.16114328651657501634@ietfa.amsl.com> <787AE7BB302AE849A7480A190F8B93303141473A@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <787AE7BB302AE849A7480A190F8B933031414F55@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
In-Reply-To: <787AE7BB302AE849A7480A190F8B933031414F55@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.4.0.45
dlp-reaction: no-action
x-originating-ip: [49.37.206.28]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 17c6e0fd-8581-4cff-3efc-08d7aa08d689
x-ms-traffictypediagnostic: CY4PR1601MB1110:
x-microsoft-antispam-prvs: <CY4PR1601MB11101C17C3EB7C3FC9C9B846EA020@CY4PR1601MB1110.namprd16.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0304E36CA3
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(366004)(376002)(136003)(346002)(396003)(39860400002)(189003)(199004)(32952001)(2906002)(52536014)(86362001)(64756008)(66446008)(9686003)(66556008)(478600001)(966005)(55016002)(66476007)(8676002)(66574012)(6506007)(8936002)(81156014)(81166006)(66946007)(76116006)(5660300002)(53546011)(71200400001)(186003)(316002)(110136005)(33656002)(26005)(7696005)(85282002); DIR:OUT; SFP:1101; SCL:1; SRVR:CY4PR1601MB1110; H:CY4PR1601MB1254.namprd16.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 6MNfZ/RAt7dBb3DUpePPMPR3zkqT0NYEc7f3ySWERaisFZSGjgyomqcrKZRhNUHdPMQ1W5hIP+JbLIDiEO86S/Kf6L85SSlRMzyXleH1t8pgiBa4SqTcldnrFaj9qXvdCK+lFmNYfP8s4RK4cI/qrACkMCI8iTe1jsE24e8dhtSL98Y7PMqe4d24ttP/QXl9ZAqh13pdCUeWgWYEVANFswMOtTWLpOb274ixxAgJ5JfS9h0PXs7d5Bvy6A3pxf9St53oFD1QdjSR39yYunn6GFVYaLuIrqzIjgHU3xAMFv0mi1wYQfE8s56frE0NG/KSIzALCb0FykQ42tS8drOK0nYqToqALJiBM7EIjWWLgV2dHvRGzsyEh2DIAOcTKJKK65gsPgAszbf0M20xmSKMFmvVObdlMILB/ib+zWa0rYBFhOKdNkqbjlUw264yKmmRmZNGi/TMwEv4slU8czNCpCZEuoKkA81Xck0ceZygDWnfSIvAjSAqTh1ibleFwkWTYP4AGSCoLnzoYJEgvID/NS9H8RdZWV9I0UY8qjwzUlYBbIeIJDDWTdPIplS1hBevc1m/+i8PohBQjTkt4bir959B+PteQuA1ym+qSQ4WaN8=
x-ms-exchange-antispam-messagedata: wYxYWAEo4MEETFek+rIs+uTSoRapeyTWNzjmlCS5T5O5IvCm0ixLA4C98oIyCBduC0GLDUURRiC0KxsPCbb+vKwgB/Qr/feof6hQ80TNoKsdpuUZcOUfVLCstoGqYTYNUvYu9EwdHkE3EyQjwAblEQ==
x-ms-exchange-transport-forked: True
MIME-Version: 1.0
X-OriginatorOrg: mcafee.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 17c6e0fd-8581-4cff-3efc-08d7aa08d689
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Feb 2020 06:58:43.1094 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4943e38c-6dd4-428c-886d-24932bc2d5de
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: nONIGqEaMCI18IijDDng0YecB+cD5s8fqmQjMasA8HALq1CabXV4+Xtx96GW4/val3F4o4vHb3lYDv+6kE71Di5uChkDArl+1p2nqRqEtT7K+cah7Cksf2kcrCBQ450D
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR1601MB1110
X-MC-Unique: MJPAPjs5NwO7BXuId4O5vw-1
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: mcafee.com
Content-Type: text/plain; charset="WINDOWS-1252"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/GkssYwlHL7M83OFOIznM_KAxsVM>
Subject: Re: [Dots] I-D Action: draft-ietf-dots-telemetry-01.txt
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Feb 2020 06:59:10 -0000
X-List-Received-Date: Wed, 05 Feb 2020 06:59:10 -0000
> -----Original Message----- > From: Dots <dots-bounces@ietf.org> On Behalf Of > mohamed.boucadair@orange.com > Sent: Monday, February 3, 2020 3:07 PM > To: Jon Shallow (supjps-ietf@jpshallow.com) <supjps-ietf@jpshallow.com>; > dots@ietf.org > Subject: Re: [Dots] I-D Action: draft-ietf-dots-telemetry-01.txt > > CAUTION: External email. Do not click links or open attachments unless you > recognize the sender and know the content is safe. > > Hi all, > > FYI, a review from Jon is available at: https://github.com/boucadair/draft- > dots-telemetry/raw/master/DOTS%20Telemetry%2001-rev%20Jon- > res%20Med.docx > > -02 will integrate almost all comments from Jon. Please find below some > points we would like to hear more from the working group: > > (1) key value range for telemetry: Jon raised this point "These keys requires 3 > bytes - and telemetry information is going to be difficult to fit into a packet. I > appreciate that comprehension-required Is for numbers less than 0x8000 - > perhaps the comprehension-required range is reduced and also has a section > higher up so the total of 0x8000 still stands so less bytes can be used here." > > +----------------------+-------+-------+------------+---------------+ > | Parameter Name | CBOR | CBOR | Change | Specification | > | | Key | Major | Controller | Document(s) | > | | Value | Type | | | > +----------------------+-------+-------+------------+---------------+ > | ietf-dots-signal-cha | 32776 | 5 | IESG | [RFCXXXX] | > | nnel:telemetry | | | | | > > Med: This is a major one. We need to assess the gain, but it is possible in > theory to update our assignment policies and reassign, e.g., 128-255 range to > be comprehension-optional (specific for telemetry). This would mean that > the telemetry spec will be tagged as updating the base signal channel spec. > We need more discussion. Why not change the DOTS telemetry attributes to comprehension-required ? If the server does not understand the DOTS telemetry attributes, it will respond with 4.00 error response, and the client can re-send the request without the DOTS telemetry attributes. Cheers, -Tiru > > (2) server-initiated-telemetry: "Having server-initiated-telemetry under > max-config-values, but not min-config-values makes no sense to me. I think > it should be under telemetry-config at the level of current-config and > possibly removed from current-config as well." > > Med: > > A. It is in the max container because setting that value to "false" under that > container has a special meaning: the server does not support sending pre- > mitigation telemetry. We can put it under min as well but do we have a case > where setting it to "true" has a meaning? > B. I do agree that 'server-initiated-telemetry' can be removed from the > current configuration because the same functionality is achieved using a > GET+Observe but we left it there for the moment as we need to work > further the details for subscribing to pre-mitigation from the servers. > > (3) "vendor-id is missing from the cbor table": > > Med: This was done on purpose to try to optimize the number of CBOR key > values + encourage attributes reuse. E.g., We replaced "telemetry-id", > "baseline-id", and "vendor-id" with a single "id" (as we only use those for the > moment in the message body) but the YANG module includes the meaning > of each "id" in the definition clause. We may need to revise this if we > conclude that, e.g., "telemetry-id" (tmid) has to be defined as Path-URI. > > Cheers, > Med > > > -----Message d'origine----- > > De : Dots [mailto:dots-bounces@ietf.org] De la part de > > mohamed.boucadair@orange.com Envoyé : vendredi 31 janvier 2020 16:18 > À > > : dots@ietf.org Objet : Re: [Dots] I-D Action: > > draft-ietf-dots-telemetry-01.txt > > > > Hi all, > > > > We prepared with Tiru a major revision of the telemetry draft. A diff > > is provided below to track the changes. We will now focus on sections > > 7 and 8. > > > > Please review and share comments. > > > > Cheers, > > Med > > > > > -----Message d'origine----- > > > De : Dots [mailto:dots-bounces@ietf.org] De la part de internet- > > > drafts@ietf.org Envoyé : vendredi 31 janvier 2020 15:52 À : > > > i-d-announce@ietf.org Cc : dots@ietf.org Objet : [Dots] I-D Action: > > > draft-ietf-dots-telemetry-01.txt > > > > > > > > > A New Internet-Draft is available from the on-line Internet-Drafts > > > directories. > > > This draft is a work item of the DDoS Open Threat Signaling WG of > > the > > > IETF. > > > > > > Title : Distributed Denial-of-Service Open Threat > > > Signaling (DOTS) Telemetry > > > Authors : Mohamed Boucadair > > > Tirumaleswar Reddy > > > Ehud Doron > > > Meiling Chen > > > Filename : draft-ietf-dots-telemetry-01.txt > > > Pages : 70 > > > Date : 2020-01-31 > > > > > > Abstract: > > > This document aims to enrich DOTS signal channel protocol with > > > various telemetry attributes allowing optimal DDoS attack > > > mitigation. > > > This document specifies the normal traffic baseline and attack > > > traffic telemetry attributes a DOTS client can convey to its DOTS > > > server in the mitigation request, the mitigation status telemetry > > > attributes a DOTS server can communicate to a DOTS client, and > > the > > > mitigation efficacy telemetry attributes a DOTS client can > > > communicate to a DOTS server. The telemetry attributes can > > assist > > > the mitigator to choose the DDoS mitigation techniques and > > perform > > > optimal DDoS attack mitigation. > > > > > > > > > The IETF datatracker status page for this draft is: > > > https://datatracker.ietf.org/doc/draft-ietf-dots-telemetry/ > > > > > > There are also htmlized versions available at: > > > https://tools.ietf.org/html/draft-ietf-dots-telemetry-01 > > > https://datatracker.ietf.org/doc/html/draft-ietf-dots-telemetry-01 > > > > > > A diff from the previous version is available at: > > > https://www.ietf.org/rfcdiff?url2=draft-ietf-dots-telemetry-01 > > > > > > > > > Please note that it may take a couple of minutes from the time of > > > submission until the htmlized version and diff are available at > > > tools.ietf.org. > > > > > > Internet-Drafts are also available by anonymous FTP at: > > > ftp://ftp.ietf.org/internet-drafts/ > > > > > > _______________________________________________ > > > Dots mailing list > > > Dots@ietf.org > > > https://www.ietf.org/mailman/listinfo/dots > > > > _______________________________________________ > > Dots mailing list > > Dots@ietf.org > > https://www.ietf.org/mailman/listinfo/dots > > _______________________________________________ > Dots mailing list > Dots@ietf.org > https://www.ietf.org/mailman/listinfo/dots
- [Dots] I-D Action: draft-ietf-dots-telemetry-01.t… internet-drafts
- Re: [Dots] I-D Action: draft-ietf-dots-telemetry-… mohamed.boucadair
- Re: [Dots] I-D Action: draft-ietf-dots-telemetry-… mohamed.boucadair
- Re: [Dots] I-D Action: draft-ietf-dots-telemetry-… Konda, Tirumaleswar Reddy
- Re: [Dots] I-D Action: draft-ietf-dots-telemetry-… Jon Shallow
- Re: [Dots] I-D Action: draft-ietf-dots-telemetry-… mohamed.boucadair
- Re: [Dots] I-D Action: draft-ietf-dots-telemetry-… Konda, Tirumaleswar Reddy