Re: [Dots] Fwd: New Version Notification for draft-reddy-dots-telemetry-00.txt
H Y <yuuhei.hayashi@gmail.com> Wed, 24 July 2019 13:22 UTC
Return-Path: <yuuhei.hayashi@gmail.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F00AE1201E6 for <dots@ietfa.amsl.com>; Wed, 24 Jul 2019 06:22:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8I9fXAkebvGr for <dots@ietfa.amsl.com>; Wed, 24 Jul 2019 06:22:01 -0700 (PDT)
Received: from mail-lf1-x12a.google.com (mail-lf1-x12a.google.com [IPv6:2a00:1450:4864:20::12a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EA03A1201E0 for <dots@ietf.org>; Wed, 24 Jul 2019 06:22:00 -0700 (PDT)
Received: by mail-lf1-x12a.google.com with SMTP id b29so24707479lfq.1 for <dots@ietf.org>; Wed, 24 Jul 2019 06:22:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=hGxS06XgNGwSUFYDOoZZb2zYveJDRVWS9xBCkBMXx0Q=; b=ZcL0R14ctVV/FdvVzdtAYJCwKDHcRXAL7tkp9ba+m8dQPJ6b5LB5neOV1EBfwwelvS zT7/PSSCfY2g+djpew6MUxBwC4qF/qq6QByu+0OLMGm99K1ijFU5n9AX1EQiMWnEmIy9 TtinQ7NNBYRL1oVF9txcddntIk/dv7GPirKzMXMT9n93GlTG1HR2n6fHNl8a52ntntQ4 XfdDbVsJl7eJ61Q52SFMrojZ66t9Nbgz6GuoMhNTwejgKMzKHIfOxUxOtL8JanvwsTaN nB5DTW/IVu5+HJLpEBGO+wonr13DDTpNewsthWNJW+UGZNtB8YWwEDNi9qsJi7/M11ER Caug==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=hGxS06XgNGwSUFYDOoZZb2zYveJDRVWS9xBCkBMXx0Q=; b=HsaoIOLMacrD9hzdJBjMJq2Qi3CZ9g2EFs6Sg1okuCGajpGJASBjpyUUO4vQfwFYmp o1H5QlpcWIvRRMsqFF5HZGqGhFMAaA8EIoKqQYLn8bW8BDTy1oqMip0G1RWnFjJuB9ZP APONFnc081yBDqiMaP0S01NpMEYhhB12Bvbe2duNJqrx+fP7RLmBZjbqMG3v8IPbpn9R xzUCQnkxIh1Ekp1I4E1Rl5kyp/hAfks3wXQLX9cxUQZPLSeRqffAjiocHBJHMzfTya3x OWreObbTgqCHVHnp23MhkaJhqSeU8cnS2XcqA9upJeCPrhMIymUTGNQPBQe5jLTq+um5 LWIQ==
X-Gm-Message-State: APjAAAX9RJyzOuYRQFYGPUKNIeuLZCgKoIrLBfexJmTzZzHi09OXtEUz 08RME1Ub35eKemDJNP/d3cl7UZ7cYRor2wgv3ZY=
X-Google-Smtp-Source: APXvYqzlyK01PxfSKwOj1G8jWfRSDIus6pVBSM1FkzP1D8TVREAGgioNT7HlcIlNnf71XELI6F3uIftlC5kjKVliV4Y=
X-Received: by 2002:ac2:596c:: with SMTP id h12mr3973864lfp.101.1563974519062; Wed, 24 Jul 2019 06:21:59 -0700 (PDT)
MIME-Version: 1.0
References: <156233245922.21720.2303446065970922340.idtracker@ietfa.amsl.com> <CAFpG3gcgpJRyLSoLkOMuUWY8pZrBPDCCz6-sc8A=1KW3GMpm+g@mail.gmail.com> <CAA8pjUPY+GDGxNhqDCWsh-6aGnYoOL+A5pGaE=2BaE5j8rY41g@mail.gmail.com> <DM5PR16MB17051F8C7697FE7DAF88AEC4EAC60@DM5PR16MB1705.namprd16.prod.outlook.com> <787AE7BB302AE849A7480A190F8B9330312E739F@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <DM5PR16MB17050D182A4BE8C3B7EFDC3EEAC60@DM5PR16MB1705.namprd16.prod.outlook.com> <787AE7BB302AE849A7480A190F8B9330312E73FA@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
In-Reply-To: <787AE7BB302AE849A7480A190F8B9330312E73FA@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
From: H Y <yuuhei.hayashi@gmail.com>
Date: Wed, 24 Jul 2019 09:26:39 -0400
Message-ID: <CAA8pjUPe8rf6m2xy2S+JzhTN+xMm_9f3+OaBAsAnY7aV43g11A@mail.gmail.com>
To: Mohamed Boucadair <mohamed.boucadair@orange.com>
Cc: "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@mcafee.com>, tirumal reddy <kondtir@gmail.com>, "dots@ietf.org" <dots@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/coxJQ_IZQRmd3BQjO1hm_PyscyY>
Subject: Re: [Dots] Fwd: New Version Notification for draft-reddy-dots-telemetry-00.txt
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Jul 2019 13:22:04 -0000
Hi Med, > [Med] Yes. My point is if one has to return a list of top-talkers in terms of pps, another list of top-talkers in terms of second_criteria, or other information relying on source-prefix dedicated attributes will be needed because this cannot be inferred from the current source-prefix attribute. [hayashi] +1. This top-talker information is helpful for the orchestrator to decide which attack traffic should be blocked preferentially in network. The criteria information is also needed. Thanks, Yuhei 2019年7月24日(水) 8:56 <mohamed.boucadair@orange.com>: > > Re-, > > Please see inline. > > Cheers, > Med > > > -----Message d'origine----- > > De : Konda, Tirumaleswar Reddy [mailto:TirumaleswarReddy_Konda@McAfee.com] > > Envoyé : mercredi 24 juillet 2019 14:45 > > À : BOUCADAIR Mohamed TGI/OLN; H Y; tirumal reddy > > Cc : dots@ietf.org > > Objet : RE: [Dots] Fwd: New Version Notification for draft-reddy-dots- > > telemetry-00.txt > > > > > -----Original Message----- > > > From: mohamed.boucadair@orange.com > > > <mohamed.boucadair@orange.com> > > > Sent: Wednesday, July 24, 2019 6:02 PM > > > To: Konda, Tirumaleswar Reddy > > > <TirumaleswarReddy_Konda@McAfee.com>; H Y > > > <yuuhei.hayashi@gmail.com>; tirumal reddy <kondtir@gmail.com> > > > Cc: dots@ietf.org > > > Subject: RE: [Dots] Fwd: New Version Notification for draft-reddy-dots- > > > telemetry-00.txt > > > > > > This email originated from outside of the organization. Do not click > > links or > > > open attachments unless you recognize the sender and know the content is > > > safe. > > > > > > Hi Tiru, > > > > > > That’s true...but fragmentation is a general issue each time we need to > > > supply more telemetry information in the signal channel. As already > > noted in > > > the draft, we will need to figure out when it is better to provide some > > > telemetry information using data channel. > > > > Yes, normal traffic baseline attributes can be conveyed in the DOTS data > > channel and traffic from top talkers can also be blocked/rate-limited > > using the DOTS data channel during peace time. > > > > > > > > BTW, "top talker" can already be supplied using source-prefix attribute. > > > Whether top-talker needs to be defined as a separated attribute, but > > > structured as a list of source-prefixes is a design details (if the WG > > agrees to > > > include it in the telemetry information). > > > > Source-prefix is already a list/array. > > [Med] Yes. My point is if one has to return a list of top-talkers in terms of pps, another list of top-talkers in terms of second_criteria, or other information relying on source-prefix dedicated attributes will be needed because this cannot be inferred from the current source-prefix attribute. > > > > > > > > > Anyway, let's continue collecting candidate telemetry information and > > then > > > make a selection in a second phase. > > > > Sure. > > > > Cheers, > > -Tiru > > > > > > > > Cheers, > > > Med > > > > > > > -----Message d'origine----- > > > > De : Dots [mailto:dots-bounces@ietf.org] De la part de Konda, > > > > Tirumaleswar Reddy Envoyé : mercredi 24 juillet 2019 14:18 À : H Y; > > > > tirumal reddy Cc : dots@ietf.org Objet : Re: [Dots] Fwd: New Version > > > > Notification for draft-reddy-dots- telemetry-00.txt > > > > > > > > Hi Yuhei, > > > > > > > > Thanks for the support. The problem is fragmentation of the DOTS > > > > telemetry message, DOTS Telemetry is sent over the DOTS signal channel > > > > using UDP and the message size cannot exceed PMTU. > > > > > > > > Cheers, > > > > -Tiru > > > > > > > > > -----Original Message----- > > > > > From: Dots <dots-bounces@ietf.org> On Behalf Of H Y > > > > > Sent: Tuesday, July 23, 2019 5:28 PM > > > > > To: tirumal reddy <kondtir@gmail.com> > > > > > Cc: dots@ietf.org > > > > > Subject: Re: [Dots] Fwd: New Version Notification for > > > > > draft-reddy-dots- telemetry-00.txt > > > > > > > > > > This email originated from outside of the organization. Do not click > > > > links or > > > > > open attachments unless you recognize the sender and know the > > > > > content is safe. > > > > > > > > > > Hi Tiru, > > > > > > > > > > I read the draft and I also support this draft. > > > > > Sending detail information about attack traffic helps my dms offload > > > > scenario > > > > > because the orchestrator can decide what to do based on the detail > > > > > information. > > > > > > > > > > IMO, "top talker" attribute defined in my previous draft is also > > > > feasible to > > > > > send and effective to mitigate attack correctly. > > > > > https://datatracker.ietf.org/doc/draft-h-dots-mitigation-offload- > > > > expansion/ > > > > > What do you think about including the top talker attribute to the > > > > telemetry? > > > > > > > > > > Thanks, > > > > > Yuhei > > > > > > > > > > 2019年7月5日(金) 9:21 tirumal reddy <kondtir@gmail.com>: > > > > > > > > > > > > Hi all, > > > > > > > > > > > > https://tools.ietf.org/html/draft-reddy-dots-telemetry-00 aims to > > > > enrich > > > > > DOTS protocols with various telemetry attributes allowing optimal > > > > > DDoS attack mitigation. This document specifies the normal traffic > > > > > baseline > > > > and > > > > > attack traffic telemetry attributes a DOTS client can convey to its > > > > > DOTS > > > > server > > > > > in the mitigation request, the mitigation status telemetry > > > > > attributes a > > > > DOTS > > > > > server can communicate to a DOTS client, and the mitigation efficacy > > > > > telemetry attributes a DOTS client can communicate to a DOTS server. > > > > The > > > > > telemetry attributes can assist the mitigator to choose the DDoS > > > > mitigation > > > > > techniques and perform optimal DDoS attack mitigation. > > > > > > > > > > > > Comments, suggestions, and questions are more than welcome. > > > > > > > > > > > > Cheers, > > > > > > -Tiru > > > > > > > > > > > > ---------- Forwarded message --------- > > > > > > From: <internet-drafts@ietf.org> > > > > > > Date: Fri, 5 Jul 2019 at 18:44 > > > > > > Subject: New Version Notification for > > > > > > draft-reddy-dots-telemetry-00.txt > > > > > > To: Tirumaleswar Reddy <kondtir@gmail.com>, Ehud Doron > > > > > > <ehudd@radware.com>, Mohamed Boucadair > > > > > <mohamed.boucadair@orange.com> > > > > > > > > > > > > > > > > > > > > > > > > A new version of I-D, draft-reddy-dots-telemetry-00.txt has been > > > > > > successfully submitted by Tirumaleswar Reddy and posted to the > > > > > > IETF repository. > > > > > > > > > > > > Name: draft-reddy-dots-telemetry > > > > > > Revision: 00 > > > > > > Title: Distributed Denial-of-Service Open Threat > > Signaling > > > > (DOTS) > > > > > Telemetry > > > > > > Document date: 2019-07-05 > > > > > > Group: Individual Submission > > > > > > Pages: 13 > > > > > > URL: https://www.ietf.org/internet-drafts/draft-reddy- > > dots- > > > > > telemetry-00.txt > > > > > > Status: https://datatracker.ietf.org/doc/draft-reddy-dots- > > > > telemetry/ > > > > > > Htmlized: https://tools.ietf.org/html/draft-reddy-dots- > > > > telemetry-00 > > > > > > Htmlized: https://datatracker.ietf.org/doc/html/draft-reddy- > > > > dots- > > > > > telemetry > > > > > > > > > > > > > > > > > > Abstract: > > > > > > This document aims to enrich DOTS signal channel protocol with > > > > > > various telemetry attributes allowing optimal DDoS attack > > > > mitigation. > > > > > > This document specifies the normal traffic baseline and attack > > > > > > traffic telemetry attributes a DOTS client can convey to its > > DOTS > > > > > > server in the mitigation request, the mitigation status > > telemetry > > > > > > attributes a DOTS server can communicate to a DOTS client, and > > the > > > > > > mitigation efficacy telemetry attributes a DOTS client can > > > > > > communicate to a DOTS server. The telemetry attributes can > > assist > > > > > > the mitigator to choose the DDoS mitigation techniques and > > perform > > > > > > optimal DDoS attack mitigation. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Please note that it may take a couple of minutes from the time of > > > > > > submission until the htmlized version and diff are available at > > > > tools.ietf.org. > > > > > > > > > > > > The IETF Secretariat > > > > > > > > > > > > _______________________________________________ > > > > > > Dots mailing list > > > > > > Dots@ietf.org > > > > > > https://www.ietf.org/mailman/listinfo/dots > > > > > > > > > > > > > > > > > > > > -- > > > > > ---------------------------------- > > > > > Yuuhei HAYASHI > > > > > 08065300884 > > > > > yuuhei.hayashi@gmail.com > > > > > iehuuy_0220@docomo.ne.jp > > > > > ---------------------------------- > > > > > > > > > > _______________________________________________ > > > > > Dots mailing list > > > > > Dots@ietf.org > > > > > https://www.ietf.org/mailman/listinfo/dots > > > > _______________________________________________ > > > > Dots mailing list > > > > Dots@ietf.org > > > > https://www.ietf.org/mailman/listinfo/dots -- ---------------------------------- Yuuhei HAYASHI 08065300884 yuuhei.hayashi@gmail.com iehuuy_0220@docomo.ne.jp ----------------------------------
- [Dots] Fwd: New Version Notification for draft-re… tirumal reddy
- Re: [Dots] Fwd: New Version Notification for draf… kaname nishizuka
- Re: [Dots] Fwd: New Version Notification for draf… Konda, Tirumaleswar Reddy
- Re: [Dots] Fwd: New Version Notification for draf… kaname nishizuka
- Re: [Dots] Fwd: New Version Notification for draf… Konda, Tirumaleswar Reddy
- Re: [Dots] Fwd: New Version Notification for draf… Jon Shallow
- Re: [Dots] Fwd: New Version Notification for draf… Meiling Chen
- Re: [Dots] Fwd: New Version Notification for draf… H Y
- Re: [Dots] Fwd: New Version Notification for draf… kaname nishizuka
- Re: [Dots] Fwd: New Version Notification for draf… kaname nishizuka
- Re: [Dots] Fwd: New Version Notification for draf… Konda, Tirumaleswar Reddy
- Re: [Dots] Fwd: New Version Notification for draf… Konda, Tirumaleswar Reddy
- Re: [Dots] Fwd: New Version Notification for draf… mohamed.boucadair
- Re: [Dots] Fwd: New Version Notification for draf… mohamed.boucadair
- Re: [Dots] Fwd: New Version Notification for draf… Konda, Tirumaleswar Reddy
- Re: [Dots] Fwd: New Version Notification for draf… mohamed.boucadair
- Re: [Dots] Fwd: New Version Notification for draf… kaname nishizuka
- Re: [Dots] Fwd: New Version Notification for draf… H Y
- Re: [Dots] Fwd: New Version Notification for draf… Konda, Tirumaleswar Reddy
- Re: [Dots] Fwd: New Version Notification for draf… H Y
- Re: [Dots] Fwd: New Version Notification for draf… Konda, Tirumaleswar Reddy
- Re: [Dots] Fwd: New Version Notification for draf… mohamed.boucadair
- Re: [Dots] Fwd: New Version Notification for draf… Konda, Tirumaleswar Reddy
- Re: [Dots] Fwd: New Version Notification for draf… mohamed.boucadair