IETF Logo Mail Archive

Re: [Dots] [core] Large asynchronous notifications under DDoS: New BLOCK Option?

mohamed.boucadair@orange.com Tue, 07 April 2020 15:51 UTC

Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 45B443A099F; Tue, 7 Apr 2020 08:51:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=orange.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lV0pOzc_tuI6; Tue, 7 Apr 2020 08:51:18 -0700 (PDT)
Received: from relais-inet.orange.com (relais-inet.orange.com [80.12.70.36]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B38D53A09AA; Tue, 7 Apr 2020 08:51:17 -0700 (PDT)
Received: from opfednr06.francetelecom.fr (unknown [xx.xx.xx.70]) by opfednr24.francetelecom.fr (ESMTP service) with ESMTP id 48xX2C6T6tz1yKM; Tue, 7 Apr 2020 17:51:15 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=orange.com; s=ORANGE001; t=1586274675; bh=xY1JDBBkaKRZLlR50yODwE0Sh6ccvXciEcPDFPZ9Pho=; h=From:To:Subject:Date:Message-ID:Content-Type: Content-Transfer-Encoding:MIME-Version; b=q8BPTgytLdXbkHhlY5D2Vd85eO0DGhGbYYMdmFyPLXQRfzVepkfrj9zSTPF/LUIn4 I42koglugrUcpBiMkyCwZtP4luV8dhrL2yTMTuDqCQRTxH4oOEyC5OlLC6ke87ZHEC zREuHEiXk7l9WQVFWK0UJ1MvtsOtQY5NeuSNVdq3vHH/eBl1WjaAGY33dP0cyvUEqf 75kZNZq/vwwHmxVeLzS4eUTLJjcDEr1K8v3eu2pi8WPb8+W3Cjx9IhUyVCO+XwX0I0 ELeXBxsuSzR+EZXx8DnMPXVbWMNVn0K751b79IrTM+R/Ezmu86KVGe7dudxBtjY66s 6WKFJDtWGg0UQ==
Received: from Exchangemail-eme6.itn.ftgroup (unknown [xx.xx.13.89]) by opfednr06.francetelecom.fr (ESMTP service) with ESMTP id 48xX2C6DbFzDq7f; Tue, 7 Apr 2020 17:51:15 +0200 (CEST)
From: mohamed.boucadair@orange.com
To: Christian Amsüss <christian@amsuess.com>
CC: "core@ietf.org" <core@ietf.org>, "Jon Shallow (supjps-ietf@jpshallow.com)" <supjps-ietf@jpshallow.com>, "dots@ietf.org" <dots@ietf.org>
Thread-Topic: [core] Large asynchronous notifications under DDoS: New BLOCK Option?
Thread-Index: AQHWDPRedOrOjDwtJU6xyqFOQUbPsA==
Date: Tue, 07 Apr 2020 15:51:14 +0000
Message-ID: <787AE7BB302AE849A7480A190F8B93303149075C@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
References: <787AE7BB302AE849A7480A190F8B933031490173@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <20200407130944.GA2738832@hephaistos.amsuess.com>
In-Reply-To: <20200407130944.GA2738832@hephaistos.amsuess.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.114.13.245]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/SeGY2qrx2CvSEY8yXK2xp-Zkk2Y>
Subject: Re: [Dots] [core] Large asynchronous notifications under DDoS: New BLOCK Option?
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Apr 2020 15:51:20 -0000

Hi Christian,

Thank you for sharing your thoughts. 

I don't see where in the two drafts an observer can request a particular missing fragment. 

Cheers,
Med

> -----Message d'origine-----
> De : Christian Amsüss [mailto:christian@amsuess.com]
> Envoyé : mardi 7 avril 2020 15:10
> À : BOUCADAIR Mohamed TGI/OLN
> Cc : core@ietf.org; Jon Shallow (supjps-ietf@jpshallow.com);
> dots@ietf.org
> Objet : Re: [core] Large asynchronous notifications under DDoS: New
> BLOCK Option?
> 
> Hello Jon, hello Med,
> 
> I don't have full answers, but some data points (also pulling in the
> cited mail):
> 
> > and a response (may need new code) that says status is too large to
> > fit into a packet or has been truncated).
> 
> That an observation with blockwise would already do: If the observed
> resource changes to have its representation larger than the block size
> or MTU, it'd send the first block.
> 
> > The observer will follow a SACK-like approach to request
> > retransmission of missing fragments.
> 
> There was a draft around on non-traditional responses[1] some time ago
> that would provide building blocks from which a server could send
> follow-up blocks in an unsolicited fashion: The second block would be
> a message in the style of "This is a 2.05 Content response, which you
> would have received as a response had you requested block2 of /path".
> 
> Those messages would not be ack'ed if they are NON, and the client can
> selectively request blocks it thinks it missed (but, in such a setup,
> would do that after a suitable timeout to not request something that
> is already in flight).
> 
> That draft was not followed up on directly, but some of its ideas
> wound up in [2] where observe notifications are sent to a multicast
> group. In particular, the topic of which tokens would be usable for
> unsolicited responses to unicast addresses has not received the
> discussion it'd probably need.
> 
> Kind regards
> Christian
> 
> [1]: https://tools.ietf.org/html/draft-bormann-core-responses-00
> [2]: https://tools.ietf.org/html/draft-tiloca-core-observe-multicast-
> notifications-02
> 
> 
> --
> The detailed semantics of CoAP methods are "almost, but not entirely
> unlike" [HHGTTG] those of HTTP methods.
> [HHGTTG]: Adams, D., "The Hitchhiker's Guide to the Galaxy", October
> 1979.
>   -- Shelby, et al., Internet-Draft Constrained Application Protocol
> (CoAP)

v2.23.0 | Report a Bug | By Email