Re: [Dots] Fwd: New Version Notification for draft-reddy-dots-telemetry-00.txt

"Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com> Wed, 24 July 2019 12:18 UTC

Return-Path: <tirumaleswarreddy_konda@mcafee.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 553611201CB for <dots@ietfa.amsl.com>; Wed, 24 Jul 2019 05:18:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.399
X-Spam-Level:
X-Spam-Status: No, score=-2.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (public key: not available)" header.d=mcafee.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HWuJDVyiiyTD for <dots@ietfa.amsl.com>; Wed, 24 Jul 2019 05:18:39 -0700 (PDT)
Received: from us-smtp-delivery-210.mimecast.com (us-smtp-delivery-210.mimecast.com [216.205.24.210]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E00191201D0 for <dots@ietf.org>; Wed, 24 Jul 2019 05:18:38 -0700 (PDT)
X-NAI-Header: Modified by McAfee Email Gateway (5500)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mcafee.com; s=s_mcafee; t=1563970034; h=ARC-Seal: ARC-Message-Signature:ARC-Authentication-Results: From:To:CC:Subject:Thread-Topic:Thread-Index: Date:Message-ID:References:In-Reply-To:Accept-Language: Content-Language:X-MS-Has-Attach:X-MS-TNEF-Correlator: dlp-product:dlp-version:dlp-reaction:authentication-results: x-originating-ip:x-ms-publictraffictype:x-ms-office365-filtering-correlation-id: x-microsoft-antispam:x-ms-traffictypediagnostic: x-ms-exchange-purlcount:x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers:x-forefront-prvs: x-forefront-antispam-report:received-spf:x-ms-exchange-senderadcheck: x-microsoft-antispam-message-info:Content-Type: Content-Transfer-Encoding:MIME-Version:X-MS-Exchange-CrossTenant-Network-Message-Id: X-MS-Exchange-CrossTenant-originalarrivaltime: X-MS-Exchange-CrossTenant-fromentityheader: X-MS-Exchange-CrossTenant-id:X-MS-Exchange-CrossTenant-mailboxtype: X-MS-Exchange-CrossTenant-userprincipalname: X-MS-Exchange-Transport-CrossTenantHeadersStamped: X-OriginatorOrg:X-NAI-Spam-Flag:X-NAI-Spam-Level: X-NAI-Spam-Threshold:X-NAI-Spam-Score:X-NAI-Spam-Version; bh=aiAC6x1sLgXtfqxfdDqdExHfZHMqa6tT780P6U djtZE=; b=cOW2BeOkSbrmRvRHUS9GLrKr1/17Rrcvahgz+szl mt3PMRnosdPTXoszdmcEHNf1SKGu782++9LdK/jhT9atzJtMNF wKQbqGgTqLQzmPespFtJeyeuqnl2X19nKK4XSQ/hH/GM8G4/+1 ftMWVOA1y/l2KfH8xgHxLQxpG1icAaE=
Received: from DNVWSMAILOUT1.mcafee.com (dnvwsmailout1.mcafee.com [161.69.31.173]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-289-pxiOuVVqNkiy67EAfzBdtQ-1; Wed, 24 Jul 2019 08:18:34 -0400
Received: from DNVEXAPP1N04.corpzone.internalzone.com (unknown [10.44.48.88]) by DNVWSMAILOUT1.mcafee.com with smtp (TLS: TLSv1/SSLv3,256bits,ECDHE-RSA-AES256-SHA384) id 1523_285c_8d308bc9_0401_4a35_a357_8d5faa57d086; Wed, 24 Jul 2019 06:07:13 -0600
Received: from DNVEXAPP1N05.corpzone.internalzone.com (10.44.48.89) by DNVEXAPP1N04.corpzone.internalzone.com (10.44.48.88) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Wed, 24 Jul 2019 06:18:31 -0600
Received: from DNVO365EDGE2.corpzone.internalzone.com (10.44.176.74) by DNVEXAPP1N05.corpzone.internalzone.com (10.44.48.89) with Microsoft SMTP Server (TLS) id 15.0.1395.4 via Frontend Transport; Wed, 24 Jul 2019 06:18:30 -0600
Received: from NAM04-SN1-obe.outbound.protection.outlook.com (10.44.176.241) by edge.mcafee.com (10.44.176.74) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Wed, 24 Jul 2019 06:18:08 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Km/aO1ITXFZfHL55NbtQl/nAdlVhV51CF7JLuOZj8q7jen5tn9Z2nynk2ViWnV8BjR8VYQwe/r7RK8PEg9p3u+mZ+P7v9rvry0GFJ1zYjVaibGPYi1kDf4g0Jlhcth58pQRbMO8K+241Pl5t1LxDNL7Hiqq98RMvWUoTgyYUdPeUkCUra9A/vrgq+c7TvvuVoOpFY7ksWuxXK4YQKrt1LDgfWYfVIXVTIqW07hrHG5vzQ620hVkQ2VNR/hS7pPs3d5z3x82rF8Gbx+we85XlQF2UsngbwL5Qbr20/prvyBDNSNWF2H4f+1wCf5HyxAYj0P5W5XIJyTVuFgeAlp0qYQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=aiAC6x1sLgXtfqxfdDqdExHfZHMqa6tT780P6UdjtZE=; b=YZX+qyqquvFtVvR2WjRxXvsA6oo7OAuveSInhKQ9MzNFunTPmfcyNCnE+vL+XrUdvBSHv7Bkd82wQkjmoXeWeeKhp3DrDPkHV0UtzL4oODCorTd/GFCjfcT/hX00C5twNJPnZGK1U/rbaHVziLACazSAcroU0wSPaBE3MTM/Fe3aBqUxdQgTcq/oQX6Tvn2z0DerUPxmGnn+qfBAnPeZSbTptBUbDOg8mlgUhG3+9hWXaThpPV7xfPDJWHxoh+w+q8RL9qgkORIw0CqdoN+z134+vDbolO/4nl04GP0hmZbVpNyRqlmvQldv0RT8aCUnkwNCTzeC65QRIu+NZ+80Xw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=mcafee.com;dmarc=pass action=none header.from=mcafee.com;dkim=pass header.d=mcafee.com;arc=none
Received: from DM5PR16MB1705.namprd16.prod.outlook.com (10.172.44.147) by DM5PR16MB2165.namprd16.prod.outlook.com (52.132.142.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2073.13; Wed, 24 Jul 2019 12:18:07 +0000
Received: from DM5PR16MB1705.namprd16.prod.outlook.com ([fe80::6c22:21e:7528:3dc5]) by DM5PR16MB1705.namprd16.prod.outlook.com ([fe80::6c22:21e:7528:3dc5%6]) with mapi id 15.20.2115.005; Wed, 24 Jul 2019 12:18:07 +0000
From: "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com>
To: H Y <yuuhei.hayashi@gmail.com>, tirumal reddy <kondtir@gmail.com>
CC: "dots@ietf.org" <dots@ietf.org>
Thread-Topic: [Dots] Fwd: New Version Notification for draft-reddy-dots-telemetry-00.txt
Thread-Index: AQHVMzSMCPbrTboVdUKfxcuyXDvZxqbYNT+AgAGVHKA=
Date: Wed, 24 Jul 2019 12:18:07 +0000
Message-ID: <DM5PR16MB17051F8C7697FE7DAF88AEC4EAC60@DM5PR16MB1705.namprd16.prod.outlook.com>
References: <156233245922.21720.2303446065970922340.idtracker@ietfa.amsl.com> <CAFpG3gcgpJRyLSoLkOMuUWY8pZrBPDCCz6-sc8A=1KW3GMpm+g@mail.gmail.com> <CAA8pjUPY+GDGxNhqDCWsh-6aGnYoOL+A5pGaE=2BaE5j8rY41g@mail.gmail.com>
In-Reply-To: <CAA8pjUPY+GDGxNhqDCWsh-6aGnYoOL+A5pGaE=2BaE5j8rY41g@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.3.0.16
dlp-reaction: no-action
x-originating-ip: [185.221.69.46]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: e376779a-2607-4c5b-0588-08d71030fc8f
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:DM5PR16MB2165;
x-ms-traffictypediagnostic: DM5PR16MB2165:
x-ms-exchange-purlcount: 6
x-microsoft-antispam-prvs: <DM5PR16MB21650265267C10B581B8BA6BEAC60@DM5PR16MB2165.namprd16.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0108A997B2
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(366004)(376002)(346002)(136003)(396003)(189003)(53754006)(199004)(13464003)(32952001)(51914003)(2906002)(15650500001)(102836004)(76116006)(99286004)(55016002)(71200400001)(6246003)(86362001)(71190400001)(14454004)(8936002)(26005)(66574012)(7696005)(68736007)(76176011)(66556008)(64756008)(66446008)(66946007)(66476007)(6506007)(6436002)(7736002)(81156014)(81166006)(305945005)(80792005)(9686003)(8676002)(6306002)(53546011)(486006)(229853002)(316002)(110136005)(25786009)(186003)(476003)(74316002)(53936002)(4326008)(11346002)(5660300002)(446003)(478600001)(5024004)(14444005)(256004)(33656002)(966005)(66066001)(6116002)(3846002)(52536014)(85282002); DIR:OUT; SFP:1101; SCL:1; SRVR:DM5PR16MB2165; H:DM5PR16MB1705.namprd16.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: kkBbcMWFCJdveMjgIpEzsRW+sryPzbqWTfYvEOhxd1rcwA6wzRSyVYqqBBmQ3XVtmZ7uHjZuscwDxB9hZEeUfEMBW/TdwBf0kuHTmh3a+jeR02x2HaDa64FDnS8X86nMs4F0YMHx4Jea88CoK+JuBOsHPK6fyBUt98VYnqIEjRFGCyiXf7wyNeO4HSXNsnvFh64JNUA+niRinHKetDzjKoMVP1yIV8Fk99aFeofo9hOjZ1QumQy91L3FzPI+i41F4UdSDFnJ2BpS1+JhfK1Jhs9JwxQ5tipbkGo51U2OWaf/IaDFjL2tZaBdJlokq19aeXCGVy++ild9dCzPPq4K5ZWNbeHUcQVT5LiLwyYz6uysR2HnOBDMXjqoky7VFFmILN3mtmWd0JzwOkpTGzQAPQ0LgpiZ3acWs4QfiCUbZaQ=
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: e376779a-2607-4c5b-0588-08d71030fc8f
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jul 2019 12:18:07.6329 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4943e38c-6dd4-428c-886d-24932bc2d5de
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: TirumaleswarReddy_Konda@McAfee.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR16MB2165
X-OriginatorOrg: mcafee.com
X-NAI-Spam-Flag: NO
X-NAI-Spam-Level:
X-NAI-Spam-Threshold: 15
X-NAI-Spam-Score: 0.3
X-NAI-Spam-Version: 2.3.0.9418 : core <6597> : inlines <7125> : streams <1828282> : uri <2871847>
X-MC-Unique: pxiOuVVqNkiy67EAfzBdtQ-1
X-Mimecast-Spam-Score: 0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/ZhxRVNqPap0YkO-9aQL3MZmORIU>
Subject: Re: [Dots] Fwd: New Version Notification for draft-reddy-dots-telemetry-00.txt
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Jul 2019 12:18:42 -0000

Hi Yuhei,

Thanks for the support. The problem is fragmentation of the DOTS telemetry message, DOTS Telemetry is sent over the DOTS signal channel using UDP and the message size cannot exceed PMTU.

Cheers,
-Tiru

> -----Original Message-----
> From: Dots <dots-bounces@ietf.org>; On Behalf Of H Y
> Sent: Tuesday, July 23, 2019 5:28 PM
> To: tirumal reddy <kondtir@gmail.com>;
> Cc: dots@ietf.org
> Subject: Re: [Dots] Fwd: New Version Notification for draft-reddy-dots-
> telemetry-00.txt
> 
> This email originated from outside of the organization. Do not click links or
> open attachments unless you recognize the sender and know the content is
> safe.
> 
> Hi Tiru,
> 
> I read the draft and I also support this draft.
> Sending detail information about attack traffic helps my dms offload scenario
> because the orchestrator can decide what to do based on the detail
> information.
> 
> IMO, "top talker" attribute defined in my previous draft is also feasible to
> send and effective to mitigate attack correctly.
> https://datatracker.ietf.org/doc/draft-h-dots-mitigation-offload-expansion/
> What do you think about including the top talker attribute to the telemetry?
> 
> Thanks,
> Yuhei
> 
> 2019年7月5日(金) 9:21 tirumal reddy <kondtir@gmail.com>;:
> >
> > Hi all,
> >
> > https://tools.ietf.org/html/draft-reddy-dots-telemetry-00 aims to enrich
> DOTS protocols with various telemetry attributes allowing optimal DDoS
> attack mitigation. This document specifies the normal traffic baseline and
> attack traffic telemetry attributes a DOTS client can convey to its DOTS server
> in the mitigation request, the mitigation status telemetry attributes a DOTS
> server can communicate to a DOTS client, and the mitigation efficacy
> telemetry attributes a DOTS client can communicate to a DOTS server.  The
> telemetry attributes can assist the mitigator to choose the DDoS mitigation
> techniques and perform optimal DDoS attack mitigation.
> >
> > Comments, suggestions, and questions are more than welcome.
> >
> > Cheers,
> > -Tiru
> >
> > ---------- Forwarded message ---------
> > From: <internet-drafts@ietf.org>;
> > Date: Fri, 5 Jul 2019 at 18:44
> > Subject: New Version Notification for
> > draft-reddy-dots-telemetry-00.txt
> > To: Tirumaleswar Reddy <kondtir@gmail.com>;, Ehud Doron
> > <ehudd@radware.com>;, Mohamed Boucadair
> <mohamed.boucadair@orange.com>;
> >
> >
> >
> > A new version of I-D, draft-reddy-dots-telemetry-00.txt has been
> > successfully submitted by Tirumaleswar Reddy and posted to the IETF
> > repository.
> >
> > Name:           draft-reddy-dots-telemetry
> > Revision:       00
> > Title:          Distributed Denial-of-Service Open Threat Signaling (DOTS)
> Telemetry
> > Document date:  2019-07-05
> > Group:          Individual Submission
> > Pages:          13
> > URL:            https://www.ietf.org/internet-drafts/draft-reddy-dots-
> telemetry-00.txt
> > Status:         https://datatracker.ietf.org/doc/draft-reddy-dots-telemetry/
> > Htmlized:       https://tools.ietf.org/html/draft-reddy-dots-telemetry-00
> > Htmlized:       https://datatracker.ietf.org/doc/html/draft-reddy-dots-
> telemetry
> >
> >
> > Abstract:
> >    This document aims to enrich DOTS signal channel protocol with
> >    various telemetry attributes allowing optimal DDoS attack mitigation.
> >    This document specifies the normal traffic baseline and attack
> >    traffic telemetry attributes a DOTS client can convey to its DOTS
> >    server in the mitigation request, the mitigation status telemetry
> >    attributes a DOTS server can communicate to a DOTS client, and the
> >    mitigation efficacy telemetry attributes a DOTS client can
> >    communicate to a DOTS server.  The telemetry attributes can assist
> >    the mitigator to choose the DDoS mitigation techniques and perform
> >    optimal DDoS attack mitigation.
> >
> >
> >
> >
> > Please note that it may take a couple of minutes from the time of
> > submission until the htmlized version and diff are available at tools.ietf.org.
> >
> > The IETF Secretariat
> >
> > _______________________________________________
> > Dots mailing list
> > Dots@ietf.org
> > https://www.ietf.org/mailman/listinfo/dots
> 
> 
> 
> --
> ----------------------------------
> Yuuhei HAYASHI
> 08065300884
> yuuhei.hayashi@gmail.com
> iehuuy_0220@docomo.ne.jp
> ----------------------------------
> 
> _______________________________________________
> Dots mailing list
> Dots@ietf.org
> https://www.ietf.org/mailman/listinfo/dots