Re: [Dots] Yangdoctors early review of draft-ietf-dots-telemetry-09
supjps-ietf@jpshallow.com Wed, 08 July 2020 10:05 UTC
Return-Path: <jon.shallow@jpshallow.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E7F83A00C1 for <dots@ietfa.amsl.com>; Wed, 8 Jul 2020 03:05:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jtuk4WTjaABt for <dots@ietfa.amsl.com>; Wed, 8 Jul 2020 03:05:20 -0700 (PDT)
Received: from mail.jpshallow.com (mail.jpshallow.com [217.40.240.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 779723A00C9 for <dots@ietf.org>; Wed, 8 Jul 2020 03:05:18 -0700 (PDT)
Received: from mail2.jpshallow.com ([192.168.0.3] helo=N01332) by mail.jpshallow.com with esmtp (Exim 4.92.3) (envelope-from <jon.shallow@jpshallow.com>) id 1jt6x2-0005lk-8A; Wed, 08 Jul 2020 11:05:16 +0100
From: supjps-ietf@jpshallow.com
To: mohamed.boucadair@orange.com, 'Jan Lindblad' <janl@tail-f.com>
Cc: yang-doctors@ietf.org, draft-ietf-dots-telemetry.all@ietf.org, dots@ietf.org
References: <159353177839.29172.8254735147639701580@ietfa.amsl.com> <5252_1593761623_5EFEDF57_5252_57_9_787AE7BB302AE849A7480A190F8B9330314EE318@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <4B4D2FC8-68E0-4C59-96AF-17E0D77F325D@tail-f.com> <10654_1594040372_5F032034_10654_248_1_787AE7BB302AE849A7480A190F8B9330314F0712@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <D2BAD546-91B5-4009-B8F4-3879C8C8F755@tail-f.com> <16820_1594131987_5F048613_16820_137_2_787AE7BB302AE849A7480A190F8B9330314F168E@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <5619_1594199937_5F058F81_5619_133_1_787AE7BB302AE849A7480A190F8B9330314F234C@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
In-Reply-To: <5619_1594199937_5F058F81_5619_133_1_787AE7BB302AE849A7480A190F8B9330314F234C@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
Date: Wed, 08 Jul 2020 11:05:09 +0100
Message-ID: <198801d6550f$43213b10$c963b130$@jpshallow.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_1989_01D65517.A4E729B0"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQILATGPh7h6oG6Cw02OJMw73yMvhAJ0yhAKAc8TqpMCa4C/pgHcmH3fAOLAEdgBt6WcSag64TWA
Content-Language: en-gb
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/V6sl7irtGt61Y5HAIWN_dBol8DI>
Subject: Re: [Dots] Yangdoctors early review of draft-ietf-dots-telemetry-09
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Jul 2020 10:05:23 -0000
Hi Jan, Further to what Med has said as a clarification for errors server side when sending back a response assuming it is not a server crash. if the mitigation was accepted (all sanity checks must have passed at this point) by the DOTS server, but then the passing over to the DOTS mitigator choked for whatever reason and could not handle it, the following sequence happens. The server would initially have sent back an “attack-mitigation-in-progress” in response to the mitigation request, but never moves on to updating the status to “attack-successfully-mitigated” which happens when the mitigator puts the DDoS mitigation into action and indicates this back to the DOTS server. See RFC8782 : Figure 15: Notifications of Attack Mitigation Status. The DOTS server would then go on to setting the status to “attack-mitigation-withdrawn” (RFC8782 : Table 3: Values of 'status' Parameter). Regards Jon From: Dots [mailto: dots-bounces@ietf.org] On Behalf Of mohamed.boucadair@orange.com Sent: 08 July 2020 10:19 To: Jan Lindblad Cc: yang-doctors@ietf.org; draft-ietf-dots-telemetry.all@ietf.org; dots@ietf.org Subject: Re: [Dots] Yangdoctors early review of draft-ietf-dots-telemetry-09 Jan, Some clarifications about this one: + If a server has started sending back a response to a client request, but then hits an internal error, and is unable to filfil the request, what should it do? Is closing the connection a reasonable response? [Med] We don’t have text as this is implementation-specific. That’s said I expect implementations to maintain the session alive as we are dealing with DDoS attack mitigation. I thought that you were asking for a case where the server has accepted for example a (mitigation) request but then encounters an error. That case is implementation-specific. FWIW, we do have the following: · If the server crashes, the connection will be closed. This will be detected by the client thanks to the use of heartbeats. The client will then re-establish the signal session. · For errors on the server side we do have the following: “The error Response Code 5.03 (Service Unavailable) is returned if the DOTS server has erred or is incapable of performing the mitigation. As specified in [ <https://tools.ietf.org/html/rfc7252> RFC7252], 5.03 uses Max-Age Option to indicate the number of seconds after which to retry." Implementations can send 5.00, but how the client will react to the error code is implementation-specific. Cheers, Med _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
- [Dots] Yangdoctors early review of draft-ietf-dot… Jan Lindblad via Datatracker
- Re: [Dots] [yang-doctors] Yangdoctors early revie… mohamed.boucadair
- Re: [Dots] [yang-doctors] Yangdoctors early revie… Jan Lindblad
- Re: [Dots] [yang-doctors] Yangdoctors early revie… mohamed.boucadair
- Re: [Dots] Yangdoctors early review of draft-ietf… mohamed.boucadair
- Re: [Dots] Yangdoctors early review of draft-ietf… Jan Lindblad
- Re: [Dots] Yangdoctors early review of draft-ietf… mohamed.boucadair
- Re: [Dots] Yangdoctors early review of draft-ietf… Jan Lindblad
- Re: [Dots] Yangdoctors early review of draft-ietf… mohamed.boucadair
- Re: [Dots] Yangdoctors early review of draft-ietf… mohamed.boucadair
- Re: [Dots] Yangdoctors early review of draft-ietf… supjps-ietf