Re: [Dots] prefix with namespace identifier in draft-ietf-dots-signal-filter-control

"Jon Shallow" <supjps-ietf@jpshallow.com> Wed, 26 February 2020 12:21 UTC

Return-Path: <supjps-ietf@jpshallow.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 205033A08C0 for <dots@ietfa.amsl.com>; Wed, 26 Feb 2020 04:21:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LvKPj14hDYTO for <dots@ietfa.amsl.com>; Wed, 26 Feb 2020 04:21:04 -0800 (PST)
Received: from mail.jpshallow.com (mail.jpshallow.com [217.40.240.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C09613A0784 for <dots@ietf.org>; Wed, 26 Feb 2020 04:21:03 -0800 (PST)
Received: from mail2.jpshallow.com ([192.168.0.3] helo=N01332) by mail.jpshallow.com with esmtp (Exim 4.92.3) (envelope-from <jon.shallow@jpshallow.com>) id 1j6vgO-0006YD-5j; Wed, 26 Feb 2020 12:20:56 +0000
From: Jon Shallow <supjps-ietf@jpshallow.com>
To: mohamed.boucadair@orange.com, "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@mcafee.com>, kaname nishizuka <kaname@nttv6.jp>, dots@ietf.org
References: <787AE7BB302AE849A7480A190F8B93303143E803@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
In-Reply-To: <787AE7BB302AE849A7480A190F8B93303143E803@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
Date: Wed, 26 Feb 2020 12:21:04 -0000
Message-ID: <00ab01d5ec9f$372c6830$a5853890$@jpshallow.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_00AC_01D5EC9F.372DEED0"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQKwyXYP4ly1xZD5xh2+JSnmkwkmIqZ3qYiA
Content-Language: en-gb
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/LCbd2wj9nJcHgvWkd2P8Ouz8TRs>
Subject: Re: [Dots] prefix with namespace identifier in draft-ietf-dots-signal-filter-control
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Feb 2020 12:21:08 -0000

Hi all,

 

Thinking out of the box, for Figure 8 we have

 

      "ietf-dots-signal-channel:mitigation-scope": {

        "scope": [

          {

            "target-prefix": [

               "2001:db8:6401::2/127"

             ],

             "target-protocol": [

               17

             ],

             "ietf-dots-signal-control:acl-list": [

               {

                 "ietf-dots-signal-control:acl-name": "my-accept-list",

                 "ietf-dots-signal-control:activation-type": "immediate"

               }

            "lifetime": 3600

          }

        ]

      }

    }

 

If this was to be replaced with

 

      "ietf-dots-signal-control:mitigation-scope": {

        "scope": [

          {

            "target-prefix": [

               "2001:db8:6401::2/127"

             ],

             "target-protocol": [

               17

             ],

             " acl-list": [

               {

                 " acl-name": "my-accept-list",

                 " activation-type": "immediate"

               }

            "lifetime": 3600

          }

        ]

      }

    }

 

As the module is ietf-dots-signal-control: which includes the augments -
Would that not be valid (and a lot simpler)?

 

So we only need a CBOR definition for
ietf-dots-signal-channel:mitigation-scope and separately for
ietf-dots-signal-control:mitigation-scope as well as the augmented new
entries.

 

Regards

 

Jon

 

From: Dots [mailto: dots-bounces@ietf.org] On Behalf Of
mohamed.boucadair@orange.com
Sent: 24 February 2020 08:17
To: Jon Shallow; Konda, Tirumaleswar Reddy; kaname nishizuka; dots@ietf.org
Subject: [Dots] prefix with namespace identifier in
draft-ietf-dots-signal-filter-control

 

Re-,

 

The prefix use in draft-ietf-dots-signal-filter-control-02#section-5.1 is
correct given that acl-* attributes are not defined in the base YANG module
as being part of a mitigation request. 

 

We assumed that the same key value is used for both (e.g., acl-name and
ietf-dots-signal-control:acl-name). Given that we revisited that design in
the telemetry I-D, I’m afraid that we will need to assign key values for
ietf-dots-signal-control:acl-list and ietf-dots-signal-control:acl-name.

 

Cheers,

Med

 

De : Jon Shallow [mailto:supjps-ietf@jpshallow.com] 
Envoyé : vendredi 21 février 2020 16:46
À : BOUCADAIR Mohamed TGI/OLN; Konda, Tirumaleswar Reddy; kaname nishizuka;
dots@ietf.org
Objet : RE: [Dots] DOTS telemetry questions

 

Hi,

 

See inline Jon1>

 

Regards

 

Jon

 

 

Jon> We  have the same naming issues in
draft-ietf-dots-signal-filter-control-00 where we do not have the
ietf-dots-signal-control: prefix in the JSON examples (Fig 10)
[Med] Fig 10 is a “normal” mitigation request. Why should it need to include
“ietf-dots-signal-control:” prefix?
 

Jon1> My bad – I was looking at draft-ietf-dots-signal-filter-control-00,
not draft-ietf-dots-signal-filter-control-02.  However,
https://tools.ietf.org/html/draft-ietf-dots-signal-filter-control-02#section
-5.1 only defines “activation-type” without the prefix, and acl-list and
acl-name have the incorrect prefix: added to, for example, Figure 1.