Re: [Dots] draft-h-dots-mitigation-offload-expansion-00: Reasons why we want to standardize between DMS and orchestrator using DOTS
Yuhei Hayashi <hayashi.yuhei@lab.ntt.co.jp> Mon, 10 December 2018 11:57 UTC
Return-Path: <hayashi.yuhei@lab.ntt.co.jp>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4E6D130F21 for <dots@ietfa.amsl.com>; Mon, 10 Dec 2018 03:57:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WgMPfL-1h_54 for <dots@ietfa.amsl.com>; Mon, 10 Dec 2018 03:57:50 -0800 (PST)
Received: from tama50.ecl.ntt.co.jp (tama50.ecl.ntt.co.jp [129.60.39.147]) by ietfa.amsl.com (Postfix) with ESMTP id 4E703130F20 for <dots@ietf.org>; Mon, 10 Dec 2018 03:57:50 -0800 (PST)
Received: from vc1.ecl.ntt.co.jp (vc1.ecl.ntt.co.jp [129.60.86.153]) by tama50.ecl.ntt.co.jp (8.13.8/8.13.8) with ESMTP id wBABvnXE015197 for <dots@ietf.org>; Mon, 10 Dec 2018 20:57:49 +0900
Received: from vc1.ecl.ntt.co.jp (localhost [127.0.0.1]) by vc1.ecl.ntt.co.jp (Postfix) with ESMTP id 9A73BEA7427 for <dots@ietf.org>; Mon, 10 Dec 2018 20:57:49 +0900 (JST)
Received: from jcms-pop21.ecl.ntt.co.jp (jcms-pop21.ecl.ntt.co.jp [129.60.87.134]) by vc1.ecl.ntt.co.jp (Postfix) with ESMTP id 85CFCEA7420 for <dots@ietf.org>; Mon, 10 Dec 2018 20:57:49 +0900 (JST)
Received: from [IPv6:::1] (unknown [129.60.13.46]) by jcms-pop21.ecl.ntt.co.jp (Postfix) with ESMTPSA id 824354009EE for <dots@ietf.org>; Mon, 10 Dec 2018 20:57:49 +0900 (JST)
References: <60792ae9-9e70-bfda-cd2c-a1112c7dbb29@lab.ntt.co.jp> <BN6PR16MB14259B2A1F59C56414853489EAA90@BN6PR16MB1425.namprd16.prod.outlook.com>
From: Yuhei Hayashi <hayashi.yuhei@lab.ntt.co.jp>
Message-ID: <71e1c3d0-16a2-c7d2-3ed8-aa4ab303e9f3@lab.ntt.co.jp>
Date: Mon, 10 Dec 2018 20:56:35 +0900
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.3.1
MIME-Version: 1.0
In-Reply-To: <BN6PR16MB14259B2A1F59C56414853489EAA90@BN6PR16MB1425.namprd16.prod.outlook.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-CC-Mail-RelayStamp: 1
To: "dots@ietf.org" <dots@ietf.org>
X-TM-AS-MML: disable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/J2zELx0KkdRnmNGbUgOYmDYANTE>
Subject: Re: [Dots] draft-h-dots-mitigation-offload-expansion-00: Reasons why we want to standardize between DMS and orchestrator using DOTS
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Dec 2018 11:57:54 -0000
Hi Tiru, Thank you for advising! I will consider to use not only expanded signal channel but also data channel to the intra-domain DDoS offload usecase. I'm considering to add "inter-domain" DDoS offload usecase to my draft. I will also consider which channel,expanded signal channel or data channel, is suitable to send attacker information under attack situation. Thanks, Yuhei On 2018/12/06 23:20, Konda, Tirumaleswar Reddy wrote: >> -----Original Message----- >> From: Dots <dots-bounces@ietf.org> On Behalf Of Yuhei Hayashi >> Sent: Thursday, November 29, 2018 2:15 PM >> To: dots@ietf.org >> Subject: [Dots] draft-h-dots-mitigation-offload-expansion-00: Reasons why we >> want to standardize between DMS and orchestrator using DOTS >> >> This email originated from outside of the organization. Do not click links or >> open attachments unless you recognize the sender and know the content is safe. >> >> Hi Tiru, Flemming, >> >> Thank you for asking question for my draft "draft-h-dots-mitigation-offload- >> expansion-00" in IETF103. >> >> I'm sorry I'm late for answering the question. >> These questions are similar so I will answer the question in this one thread. >>> Q: (Tiru Reddy) Why the DMS must use DOTS to talk to the orchestrator? >>> Q: (Flemming Andreasen) Is it worthwhile to standardize the communication >> between the DMS with the orchestrator? >> https://datatracker.ietf.org/meeting/103/materials/minutes-103-dots-00 >> >> We want to use various and latest DMS in DDoS Orchestration usecase because >> DDoS attacks evolve day by day. >> >> However, syslog format varies from DMS to DMS. >> There is no standardized IF or API between DMS and Orchestrator, so we have >> to develop IF module on orchestrator for adapting the DMS to the orchestrator. >> I think it is obstacle to use various DMS in DDoS Orchestration usecase. >> >> We are paying attention to DOTS, which is being debated the most as a >> standard for signaling related to DDoS. > > The list of top attackers could be huge, DOTS signal channel is supposed to have small message sizes. > DOTS data channel can be used to managing filters. Why not use DOTS data channel to block the traffic from the top N attackers to the target ? > > Cheers, > -Tiru > >> >> Thanks, >> Yuhei >> >> ----------------------------------------- >> Nippon Telegraph and Telephone Corporation >> Network Service Systems Laboratories >> Transport Service Platform Innovation Project >> Transport Service Systems Development Project >> Yuhei Hayashi >> 0422-59-3485 >> hayashi.yuhei@lab.ntt.co.jp >> >> _______________________________________________ >> Dots mailing list >> Dots@ietf.org >> https://www.ietf.org/mailman/listinfo/dots > ----------------------------------------- Nippon Telegraph and Telephone Corporation Network Service Systems Laboratories Transport Service Platform Innovation Project Transport Service Systems Development Project Yuhei Hayashi 0422-59-3485 hayashi.yuhei@lab.ntt.co.jp
- [Dots] draft-h-dots-mitigation-offload-expansion-… Yuhei Hayashi
- Re: [Dots] draft-h-dots-mitigation-offload-expans… Konda, Tirumaleswar Reddy
- Re: [Dots] draft-h-dots-mitigation-offload-expans… Yuhei Hayashi
- Re: [Dots] draft-h-dots-mitigation-offload-expans… Konda, Tirumaleswar Reddy
- Re: [Dots] draft-h-dots-mitigation-offload-expans… Yuhei Hayashi
- Re: [Dots] draft-h-dots-mitigation-offload-expans… Konda, Tirumaleswar Reddy