IETF Logo Mail Archive

Re: [Dots] TR: New Version Notification for draft-reddy-dots-telemetry-04.txt

"Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com> Wed, 13 November 2019 09:45 UTC

Return-Path: <tirumaleswarreddy_konda@mcafee.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F0E42120169 for <dots@ietfa.amsl.com>; Wed, 13 Nov 2019 01:45:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mcafee.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a4wCVb745dNG for <dots@ietfa.amsl.com>; Wed, 13 Nov 2019 01:45:56 -0800 (PST)
Received: from us-smtp-delivery-140.mimecast.com (us-smtp-delivery-140.mimecast.com [63.128.21.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B50681201B7 for <dots@ietf.org>; Wed, 13 Nov 2019 01:45:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mcafee.com; s=mimecast20190606; t=1573638355; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=biMQT5xS+BfvW43HL5SO750zRr8alIYj0Zry6I3XiUc=; b=dWQnPk2JRO7Bgevt+YaCnndqiRDWS9FnHp/Z5KYFR1xTWmcZ/cS1Rcp4Opu6BlPoqvQVS7 pW0J+bpy8yZ2BmTlKAsW+WEhtPICMWtaYcXD4S6h2c3Q+/3lN1uDd96STHYTru+iuhbMUl 2vWJ5SXX07b7vnqDDDNoZUjHMws/ikY=
Received: from NAM04-CO1-obe.outbound.protection.outlook.com (mail-co1nam04lp2051.outbound.protection.outlook.com [104.47.45.51]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-126-r960sriPPeSREgTOIgipXg-1; Wed, 13 Nov 2019 04:45:53 -0500
Received: from CY4PR1601MB1254.namprd16.prod.outlook.com (10.172.118.12) by CY4PR1601MB1270.namprd16.prod.outlook.com (10.172.116.142) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2430.20; Wed, 13 Nov 2019 09:45:51 +0000
Received: from CY4PR1601MB1254.namprd16.prod.outlook.com ([fe80::d1:dc14:c61a:e81c]) by CY4PR1601MB1254.namprd16.prod.outlook.com ([fe80::d1:dc14:c61a:e81c%8]) with mapi id 15.20.2451.023; Wed, 13 Nov 2019 09:45:51 +0000
From: "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com>
To: "mohamed.boucadair@orange.com" <mohamed.boucadair@orange.com>, H Y <yuuhei.hayashi@gmail.com>, "draft-reddy-dots-telemetry@ietf.org" <draft-reddy-dots-telemetry@ietf.org>
CC: "dots@ietf.org" <dots@ietf.org>
Thread-Topic: [Dots] TR: New Version Notification for draft-reddy-dots-telemetry-04.txt
Thread-Index: AQHVhZcTqLIZd9IRTUy9z3OirX19/adgIwpAgCjYggCAAAXxAIAAAQvg
Date: Wed, 13 Nov 2019 09:45:51 +0000
Message-ID: <CY4PR1601MB12543A0ABAAE8321FE4EEE22EA760@CY4PR1601MB1254.namprd16.prod.outlook.com>
References: <157139119677.3853.16590465405127507911.idtracker@ietfa.amsl.com> <787AE7BB302AE849A7480A190F8B9330313410DA@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <CAA8pjUM2gRESrirgTux=RzDN8nWn89C+ptd1gDZnDZahoh7Q8A@mail.gmail.com> <787AE7BB302AE849A7480A190F8B9330313CD681@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
In-Reply-To: <787AE7BB302AE849A7480A190F8B9330313CD681@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.4.0.45
dlp-reaction: no-action
x-originating-ip: [103.245.47.20]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: cd02468e-317e-493c-7d6b-08d7681e4535
x-ms-traffictypediagnostic: CY4PR1601MB1270:
x-ms-exchange-purlcount: 6
x-microsoft-antispam-prvs: <CY4PR1601MB12700405432CB42073960DFBEA760@CY4PR1601MB1270.namprd16.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0220D4B98D
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(396003)(366004)(136003)(376002)(39860400002)(346002)(51444003)(199004)(189003)(32952001)(53754006)(13464003)(11346002)(2906002)(74316002)(446003)(99286004)(4001150100001)(66066001)(229853002)(966005)(7736002)(6306002)(15650500001)(476003)(9686003)(6436002)(55016002)(305945005)(256004)(2501003)(33656002)(110136005)(5024004)(316002)(14444005)(14454004)(6116002)(86362001)(3846002)(486006)(71200400001)(71190400001)(81166006)(6506007)(8676002)(4326008)(76116006)(53546011)(66946007)(76176011)(26005)(186003)(7696005)(81156014)(6246003)(102836004)(64756008)(66556008)(52536014)(478600001)(66476007)(66446008)(8936002)(66574012)(25786009)(5660300002)(80792005)(85282002); DIR:OUT; SFP:1101; SCL:1; SRVR:CY4PR1601MB1270; H:CY4PR1601MB1254.namprd16.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: vLNfNHR7lHy+RYem9t2rOZRaVRrFlTRFynkauvm2VwhR50Nu5GbQofIY6gXSUoXPFK2PSAb+Mh++obAdnInnIExkEJ0sffk8XdZFSmyLBaqhB+Buc0xqaDgz8s6fbdWycwlUKNtEVWlanVqSbfD7U3i8XcOWbWF1AuzbZm3gVh2QL3l9Kp7zzcjPPMM8nd9dgWyKFxrXvBIy6Vl+Wh+1s9FvhDTwJVd5u3WSPWd6aSfm59SlfdEuR3grRPl57BGC+CMbPSujzaSPOIAm71xNlGnGkh/TsWD3YIojT1E76LGwGuGa4XhNsGOF531AD5JqJwX9jEDWoepcvyz3Lal8fy8U6fa014T/Q290B1W2wSv4E9rfl7PZAy/EH81XKReWfXsMkGPAb1qR+WZYgG/+90hhr0YTqXedLCuNUxgVIidxtdxd1LUTM7YtjRmN51MvhM0LQowN9ON7KeJuq7ck/4RUe2YRCyqXRNQoBnNJeBSiIjdhBwq8QLDEC+rQRqev
x-ms-exchange-transport-forked: True
MIME-Version: 1.0
X-OriginatorOrg: mcafee.com
X-MS-Exchange-CrossTenant-Network-Message-Id: cd02468e-317e-493c-7d6b-08d7681e4535
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Nov 2019 09:45:51.4086 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4943e38c-6dd4-428c-886d-24932bc2d5de
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: fr6Q5+T+WP91HaQFsK0/eRDLg84mKPAX9u0TyqJuPXKhYPxyONsxQS2suUL0KSgr+u0nnPE6XnD6MwbjlDvWNt7bkDXLRDLzihOrIFcblz71s6mvXH/sIoIXfAL2NJio
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR1601MB1270
X-MC-Unique: r960sriPPeSREgTOIgipXg-1
X-Mimecast-Spam-Score: 0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: base64
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/YTXUEk51JSyFFP8lWFXsNdK2q68>
Subject: Re: [Dots] TR: New Version Notification for draft-reddy-dots-telemetry-04.txt
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Nov 2019 09:45:58 -0000

In addition, the attack details can be sent by the DOTS client or the DOTS server. The client can also choose to send the attack details per target or aggregate top talkers for all talkers of a domain. 

-Tiru

> -----Original Message-----
> From: Dots <dots-bounces@ietf.org> On Behalf Of
> mohamed.boucadair@orange.com
> Sent: Wednesday, November 13, 2019 3:10 PM
> To: H Y <yuuhei.hayashi@gmail.com>; draft-reddy-dots-telemetry@ietf.org
> Cc: dots@ietf.org
> Subject: Re: [Dots] TR: New Version Notification for draft-reddy-dots-
> telemetry-04.txt
> 
> CAUTION: External email. Do not click links or open attachments unless you
> recognize the sender and know the content is safe.
> 
> Hi Yuhei,
> 
> A victim (target) can be identified by one or + target-prefixes.
> 
> The YANG module allows to return many pre-mitigations; each with a target
> clause:
> 
>              +--rw pre-mitigation* [telemetry-id]
>                 +--rw telemetry-id                     uint32
>                 +--rw target
>                 ...
>                 +--ro attack-detail
>                    ...
>                    |
>                    +--ro top-talker
> 
> A server can aggregate top-talkers for all targets of a domain, or when
> justified, send specific information (including top-talkers) per individual
> targets.
> 
> Cheers,
> Med
> 
> > -----Message d'origine-----
> > De : H Y [mailto:yuuhei.hayashi@gmail.com] Envoyé : mercredi 13
> > novembre 2019 10:19 À : draft-reddy-dots-telemetry@ietf.org
> > Cc : dots@ietf.org
> > Objet : Re: [Dots] TR: New Version Notification for draft-reddy-dots-
> > telemetry-04.txt
> >
> > Hi draft authors,
> >
> > Thank you for updating the draft. I have a question about YANG module
> > of current DOTS telemetry, especially about top-talker.
> >
> > I think that top-talker has several meaning in general. Which
> > top-talker can the YANG module explain?
> >  1) Top-talker of victims.
> >  2) Top-talker of each victim.
> > # IMO, current YANG module can explain 1) , but can not 2) when
> > target-prefix* has several elements.
> >
> > I attached a slide about the question. I'm glad if you answer the question.
> >
> > Thanks,
> > Yuhei
> >
> > 2019年10月18日(金) 18:38 <mohamed.boucadair@orange.com>:
> > >
> > > Hi all,
> > >
> > > Although we are waiting for a call for adoption for this draft, we
> > > made
> > some changes which you can track with the diff provided below.
> > >
> > > Cheers,
> > > Med
> > >
> > > > -----Message d'origine-----
> > > > De : internet-drafts@ietf.org [mailto:internet-drafts@ietf.org]
> > > > Envoyé : vendredi 18 octobre 2019 11:33 À : chenmeiling; BOUCADAIR
> > > > Mohamed TGI/OLN; Meiling Chen; Tirumaleswar Reddy; Ehud Doron;
> > > > Reddy K Objet : New Version Notification for
> > > > draft-reddy-dots-telemetry-04.txt
> > > >
> > > >
> > > > A new version of I-D, draft-reddy-dots-telemetry-04.txt has been
> > > > successfully submitted by Mohamed Boucadair and posted to the IETF
> > > > repository.
> > > >
> > > > Name:         draft-reddy-dots-telemetry
> > > > Revision:     04
> > > > Title:                Distributed Denial-of-Service Open Threat
> > Signaling (DOTS)
> > > > Telemetry
> > > > Document date:        2019-10-18
> > > > Group:                Individual Submission
> > > > Pages:                41
> > > > URL:            https://www.ietf.org/internet-drafts/draft-reddy-dots-
> > > > telemetry-04.txt
> > > > Status:         https://datatracker.ietf.org/doc/draft-reddy-dots-
> > > > telemetry/
> > > > Htmlized:       https://tools.ietf.org/html/draft-reddy-dots-telemetry-
> > 04
> > > > Htmlized:       https://datatracker.ietf.org/doc/html/draft-reddy-dots-
> > > > telemetry
> > > > Diff:           https://www.ietf.org/rfcdiff?url2=draft-reddy-dots-
> > > > telemetry-04
> > > >
> > > > Abstract:
> > > >    This document aims to enrich DOTS signal channel protocol with
> > > >    various telemetry attributes allowing optimal DDoS attack
> > > > mitigation
> _______________________________________________
> Dots mailing list
> Dots@ietf.org
> https://www.ietf.org/mailman/listinfo/dots

v2.23.0 | Report a Bug | By Email