[Dots] draft-ietf-dots-call-home: Franck's comment about the heartbeat procedure

<mohamed.boucadair@orange.com> Thu, 25 July 2019 14:05 UTC

Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9B15712001A for <dots@ietfa.amsl.com>; Thu, 25 Jul 2019 07:05:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.597
X-Spam-Level:
X-Spam-Status: No, score=-2.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id noIhF5Y0Cxas for <dots@ietfa.amsl.com>; Thu, 25 Jul 2019 07:04:58 -0700 (PDT)
Received: from relais-inet.orange.com (relais-inet.orange.com [80.12.66.40]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 97680120024 for <dots@ietf.org>; Thu, 25 Jul 2019 07:04:58 -0700 (PDT)
Received: from opfedar07.francetelecom.fr (unknown [xx.xx.xx.9]) by opfedar27.francetelecom.fr (ESMTP service) with ESMTP id 45vYr92P8Hz2yCG; Thu, 25 Jul 2019 16:04:57 +0200 (CEST)
Received: from Exchangemail-eme6.itn.ftgroup (unknown [xx.xx.13.54]) by opfedar07.francetelecom.fr (ESMTP service) with ESMTP id 45vYr91VWdz5vP0; Thu, 25 Jul 2019 16:04:57 +0200 (CEST)
Received: from OPEXCAUBMA2.corporate.adroot.infra.ftgroup ([fe80::e878:bd0:c89e:5b42]) by OPEXCAUBM7D.corporate.adroot.infra.ftgroup ([::1]) with mapi id 14.03.0439.000; Thu, 25 Jul 2019 16:04:57 +0200
From: <mohamed.boucadair@orange.com>
To: "Xialiang (Frank, Network Standard & Patent Dept)" <frank.xialiang@huawei.com>
CC: "dots@ietf.org" <dots@ietf.org>
Thread-Topic: draft-ietf-dots-call-home: Franck's comment about the heartbeat procedure
Thread-Index: AdVC8fAjbko4TKmjSpO6b5gxlATQ7w==
Date: Thu, 25 Jul 2019 14:04:56 +0000
Message-ID: <787AE7BB302AE849A7480A190F8B9330312E8842@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.114.13.247]
Content-Type: multipart/alternative; boundary="_000_787AE7BB302AE849A7480A190F8B9330312E8842OPEXCAUBMA2corp_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/_UgXxFslxQhX3foOgaJsaRYkUtE>
Subject: [Dots] draft-ietf-dots-call-home: Franck's comment about the heartbeat procedure
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Jul 2019 14:05:00 -0000

Hi Franck,

You asked yesterday whether the call home uses the same heartbeat mechanism as in the base signal channel. Below some clarifications:

*         The same heartbeat messages are used

*         Unlike the base spec, it is the DOTS server which must start sending the heartbeats (NAT/FW traversal issues)

*         Unlike the base spec, the server may access to the times used by a NAT/FW. It can therefore adjust the heartbeat-interval accordingly.

*         Unlike the base spec, only the server can resume the connection (the client can't)

*         Unlike the base spec, heartbeats from the server to the client may be dropped because of an outgoing attack

We considered in previous version of the spec to rely as much on the heartbeat mechanism in the base signal channel by calling out the main difference: role reversal. But we found later that this wouldn't work because of the considerations listed above.

Thus, a simplified mechanism is defined for the call-home. Please check: https://tools.ietf.org/html/draft-ietf-dots-signal-call-home-03#section-3.2

Cheers,
Med