IETF Logo Mail Archive

Re: [Dots] draft-fu-dots-ipfix-extension revised into draft-fu-dots-ipfix-tcp-tracking

Dave Dolson <ddolson@sandvine.com> Thu, 16 March 2017 11:01 UTC

Return-Path: <ddolson@sandvine.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7715D127876 for <dots@ietfa.amsl.com>; Thu, 16 Mar 2017 04:01:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.922
X-Spam-Level:
X-Spam-Status: No, score=-1.922 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C_UbRuTUYWEe for <dots@ietfa.amsl.com>; Thu, 16 Mar 2017 04:01:19 -0700 (PDT)
Received: from mail1.sandvine.com (Mail1.sandvine.com [64.7.137.134]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0C1FE1277BB for <dots@ietf.org>; Thu, 16 Mar 2017 04:01:19 -0700 (PDT)
Received: from WTL-EXCHP-1.sandvine.com ([fe80::ac6b:cc1e:f2ff:93aa]) by wtl-exchp-2.sandvine.com ([::1]) with mapi id 14.03.0319.002; Thu, 16 Mar 2017 07:01:16 -0400
From: Dave Dolson <ddolson@sandvine.com>
To: "Zhenghui (Marvin)" <marvin.zhenghui@huawei.com>, Roman Danyliw <rdd@cert.org>, "dots@ietf.org" <dots@ietf.org>
Thread-Topic: [Dots] draft-fu-dots-ipfix-extension revised into draft-fu-dots-ipfix-tcp-tracking
Thread-Index: AQHSnkSi2dh8WpEKOUevteZzY4K79Q==
Date: Thu, 16 Mar 2017 11:01:15 +0000
Message-ID: <20170316110115.8499287.34698.143525@sandvine.com>
References: <F8F4995E43962F4996B280E9678CED0001538042@SZXEMI507-MBX.china.huawei.com> <359EC4B99E040048A7131E0F4E113AFC0104F19267@marathon> <F8F4995E43962F4996B280E9678CED00015389FC@SZXEMI507-MBX.china.huawei.com> <359EC4B99E040048A7131E0F4E113AFC0104F1C5A1@marathon>, <F8F4995E43962F4996B280E9678CED0001538F0E@SZXEMI507-MBX.china.huawei.com>
In-Reply-To: <F8F4995E43962F4996B280E9678CED0001538F0E@SZXEMI507-MBX.china.huawei.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-c2processedorg: b2f06e69-072f-40ee-90c5-80a34e700794
Content-Type: text/plain; charset="windows-1256"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/i69CKo223REoGFraSsgegpaDvkM>
Subject: Re: [Dots] draft-fu-dots-ipfix-extension revised into draft-fu-dots-ipfix-tcp-tracking
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Mar 2017 11:01:21 -0000

‎Zhenghui,
I just took a look at the draft, and the document makes a lot of sense to me. The TCP features being measured are important.

Clearly these are intended to be collected by stateful devices that do see both directions of traffic, not generic routers.  (Such stateful devices do exist and are widely deployed.) Perhaps your introduction should use the term "stateful layer4 device" instead of "router" to make your assumptions clearer.

One thing you might look at is whether "TCP" is too specific. Some of these may apply to QUIC in the near future. For example, have you seen ‎https://tools.ietf.org/id/draft-trammell-plus-statefulness-02.html ?

-Dave


  Original Message
From: Zhenghui (Marvin)
Sent: Wednesday, March 15, 2017 11:57 PM
To: Roman Danyliw; dots@ietf.org
Subject: Re: [Dots] draft-fu-dots-ipfix-extension revised into draft-fu-dots-ipfix-tcp-tracking


Hi Roman!

Thanks for the information. We had been made aware of that.

The reason for submitting the draft is that, a) this is a successive work of draft-fu-dots-ipfix-extension, so we would like to declare it here, before moving to a more suitable place; b) we think DOTS WG's opinions matter to us, prior to expert review.

Best Regards,
Zhenghui (Marvin)

-----Original Message-----
From: Roman Danyliw [mailto:rdd@cert.org]
Sent: Thursday, March 16, 2017 8:50 AM
To: Zhenghui (Marvin) <marvin.zhenghui@huawei.com>; dots@ietf.org
Subject: RE: draft-fu-dots-ipfix-extension revised into draft-fu-dots-ipfix-tcp-tracking

Hi Marvin!

Thanks for this clarification.

Since the draft appears to want to add seven entries to the "IPFIX information elements" registry [1], have you considered directly asking for the additions?  The registration process for new IEs is expert review.

Roman

[1] http://www.iana.org/assignments/ipfix/ipfix.xhtml

-----Original Message-----
From: Dots [mailto:dots-bounces@ietf.org] On Behalf Of Zhenghui (Marvin)
Sent: Tuesday, March 14, 2017 12:35 AM
To: Roman Danyliw <rdd@cert.org>; dots@ietf.org
Subject: Re: [Dots] draft-fu-dots-ipfix-extension revised into draft-fu-dots-ipfix-tcp-tracking

Hi Roman,

We used to believe that IPFIX can serve as a way for DOTS telemetry.
However, an impression I've got in the past few weeks following the WG discussion, it is agreed that telemetry is an issue to be postponed.

Basically, we'd like to hear from the WG, about their opinions on this draft, so we can figure out what to do next.

For now, we do not see this draft as strongly mapping to the existing WG architecture or the protocol requirements.

Best Regards,
Zhenghui (Marvin)


-----Original Message-----
From: Roman Danyliw [mailto:rdd@cert.org]
Sent: Tuesday, March 14, 2017 12:08 AM
To: Zhenghui (Marvin) <marvin.zhenghui@huawei.com>; dots@ietf.org
Subject: RE: draft-fu-dots-ipfix-extension revised into draft-fu-dots-ipfix-tcp-tracking

Hello Marvin!

Thanks for sharing this update.

> Sent: Monday, March 13, 2017 3:37 AM
> Subject: [Dots] draft-fu-dots-ipfix-extension revised into
> draft-fu-dots-ipfix-tcp-tracking
>
[snip]

> However, we’ve realized what our draft intends to do is not what
> currently DOTS WG is focusing on.
[snip]
> We submitted this draft to DOTS because IPFIX WG had been closed, and
> DOTS was the best match we found.

To confirm, you do not see this draft as mapping to the existing WG architecture [1] or the protocol requirements [2] (as in part of a signal or data channel)?

Regards,
Roman

[1] draft-ietf-dots-architecture-01
[2] draft-ietf-dots-requirements-03
_______________________________________________
Dots mailing list
Dots@ietf.org
https://www.ietf.org/mailman/listinfo/dots
_______________________________________________
Dots mailing list
Dots@ietf.org
https://www.ietf.org/mailman/listinfo/dots

v2.23.0 | Report a Bug | By Email