Re: [Dots] WGLC Signal: mid=123 then overlapping mid=122
"Jon Shallow" <supjps-ietf@jpshallow.com> Mon, 06 August 2018 08:40 UTC
Return-Path: <supjps-ietf@jpshallow.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 13709130E77 for <dots@ietfa.amsl.com>; Mon, 6 Aug 2018 01:40:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dFSJJqowWg-O for <dots@ietfa.amsl.com>; Mon, 6 Aug 2018 01:40:12 -0700 (PDT)
Received: from mail.jpshallow.com (mail.jpshallow.com [217.40.240.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9985F130DFF for <dots@ietf.org>; Mon, 6 Aug 2018 01:40:11 -0700 (PDT)
Received: from [127.0.0.1] (helo=N01332) by mail.jpshallow.com with esmtp (Exim 4.90_1) (envelope-from <jon.shallow@jpshallow.com>) id 1fmb3h-0008SK-Sm; Mon, 06 Aug 2018 09:40:10 +0100
From: Jon Shallow <supjps-ietf@jpshallow.com>
To: mohamed.boucadair@orange.com, "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@mcafee.com>, dots@ietf.org
References: <05de01d42bea$66b4bed0$341e3c70$@jpshallow.com> <BN6PR16MB1425F9B6326B79073BD73710EA200@BN6PR16MB1425.namprd16.prod.outlook.com> <070401d42d5a$f62651c0$e272f540$@jpshallow.com> <BN6PR16MB1425CAAC2CBB3632DE54BEFEEA200@BN6PR16MB1425.namprd16.prod.outlook.com> <787AE7BB302AE849A7480A190F8B93302DF7074F@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
In-Reply-To: <787AE7BB302AE849A7480A190F8B93302DF7074F@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
Date: Mon, 06 Aug 2018 09:40:10 +0100
Message-ID: <076a01d42d61$16397950$42ac6bf0$@jpshallow.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_076B_01D42D69.78007960"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQFiIA9vunyZvXsYpGOQ6QYAChE5AwGq042rATwuOwABpU/+TAJjgqdepV8CsnA=
Content-Language: en-gb
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/f6WOHSRHeLshf_zJVri0GOyRySk>
Subject: Re: [Dots] WGLC Signal: mid=123 then overlapping mid=122
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Aug 2018 08:40:14 -0000
Hi Med, This looks good to me. Regards Jon From: Dots [mailto: dots-bounces@ietf.org] On Behalf Of mohamed.boucadair@orange.com Sent: 06 August 2018 09:20 To: Konda, Tirumaleswar Reddy; Jon Shallow; dots@ietf.org Subject: Re: [Dots] WGLC Signal: mid=123 then overlapping mid=122 Re-, Trying to conclude on this one: NEW: For example, if the DOTS server receives a mitigation request which overlaps with an existing mitigation with a higher numeric 'mid', the DOTS server rejects the request by returning 4.09 (Conflict) to the DOTS client. The response includes enough information for a DOTS client to recognize the source of the conflict as described below: conflict-information: Indicates that a mitigation request is conflicting with another mitigation request. This optional attribute has the following structure: conflict-cause: Indicates the cause of the conflict. The following values are defined: 1: Overlapping targets. 'conflict-scope' provides more details about the conflicting target clauses. conflict-scope: Indicates the conflict scope. It may include a list of IP addresses, a list of prefixes, a list of port numbers, a list of target protocols, a list of FQDNs, a list of URIs, a list of alias-names, or a 'mid'. (the YANG module will be updated accordingly). Cheers, Med De : Dots [mailto:dots-bounces@ietf.org] De la part de Konda, Tirumaleswar Reddy Envoyé : lundi 6 août 2018 10:11 À : Jon Shallow; dots@ietf.org Objet : Re: [Dots] WGLC Signal: mid=123 then overlapping mid=122 Inline [TR1] From: Jon Shallow <supjps-ietf@jpshallow.com> Sent: Monday, August 6, 2018 1:26 PM To: Konda, Tirumaleswar Reddy <TirumaleswarReddy_Konda@McAfee.com>; dots@ietf.org Subject: RE: [Dots] WGLC Signal: mid=123 then overlapping mid=122 CAUTION: External email. Do not click links or open attachments unless you recognize the sender and know the content is safe. _____ Hi Tiru, Please see inline Jon> Regards Jon From: Dots [mailto: dots-bounces@ietf.org] On Behalf Of Konda, Tirumaleswar Reddy Sent: 06 August 2018 04:08 To: Jon Shallow; dots@ietf.org Subject: Re: [Dots] WGLC Signal: mid=123 then overlapping mid=122 Hi Jon, Please see inline [TR] From: Dots <dots-bounces@ietf.org> On Behalf Of Jon Shallow Sent: Saturday, August 4, 2018 5:28 PM To: dots@ietf.org Subject: [Dots] WGLC Signal: mid=123 then overlapping mid=122 CAUTION: External email. Do not click links or open attachments unless you recognize the sender and know the content is safe. _____ Hi there, What happens when we receive mid=123, followed by mid=122 that overlaps mid=123? Do we put mid=122 into an active-but-terminating state? - state 5 is not really correct here as per the description [TR] In the previous threads we have already discussed to add new conflict-status for conflicting mitigation requests from the same DOTS client (e.g. conflict-status MSB set to 1 means conflict from different DOTS clients, MSB set to 0 means conflict from the same DOTS client). Jon> I may have blinked, but do not recall this particular discussion about using MSB and therefor needs to get into the draft. An alternative is to have a different variable for same/different DOTS client. [TR1] Both options look okay, I like the MSB approach J -Tiru The mitigation request with mid=122 will be rejected with 4.09 conflict. I don’t get your comment, why put mid=122 into active-but-terminating state ? Jon> This potential option of what to return was written before we focused in on the single case for active-but-terminating. Do we return 4.09 conflict with an appropriate (perhaps new) conflict-status ? [TR] Yes - my preference, but this is not said anywhere I can find [TR] we will update the draft. Jon> Thanks - should conflict-scope also include the ‘mid’ in the list (YANG)? [TR] Yes, including mid can help troubleshooting. Jon> Please include it in the draft. ~Jon Do we return 4.00 (bad request)? [TR] No. -Tiru - I do not really like this one as there is no indication as to why – especially of there was an out of sequence packet arrival at the DOTS server. Regards Jon
- [Dots] WGLC Signal: mid=123 then overlapping mid=… Jon Shallow
- Re: [Dots] WGLC Signal: mid=123 then overlapping … Konda, Tirumaleswar Reddy
- Re: [Dots] WGLC Signal: mid=123 then overlapping … Jon Shallow
- Re: [Dots] WGLC Signal: mid=123 then overlapping … Konda, Tirumaleswar Reddy
- Re: [Dots] WGLC Signal: mid=123 then overlapping … mohamed.boucadair
- Re: [Dots] WGLC Signal: mid=123 then overlapping … Jon Shallow
- Re: [Dots] WGLC Signal: mid=123 then overlapping … Konda, Tirumaleswar Reddy
- Re: [Dots] WGLC Signal: mid=123 then overlapping … mohamed.boucadair
- Re: [Dots] WGLC Signal: mid=123 then overlapping … Konda, Tirumaleswar Reddy
- Re: [Dots] WGLC Signal: mid=123 then overlapping … mohamed.boucadair