Re: [Dots] New Version Notification for draft-chen-dots-server-hierarchical-deployment-00.txt

<mohamed.boucadair@orange.com> Wed, 17 July 2019 10:50 UTC

Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A51C1201DB for <dots@ietfa.amsl.com>; Wed, 17 Jul 2019 03:50:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.597
X-Spam-Level:
X-Spam-Status: No, score=-2.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Kp1j3TUTO3IX for <dots@ietfa.amsl.com>; Wed, 17 Jul 2019 03:50:14 -0700 (PDT)
Received: from relais-inet.orange.com (relais-inet.orange.com [80.12.70.36]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D60301201D6 for <dots@ietf.org>; Wed, 17 Jul 2019 03:50:13 -0700 (PDT)
Received: from opfednr00.francetelecom.fr (unknown [xx.xx.xx.64]) by opfednr21.francetelecom.fr (ESMTP service) with ESMTP id 45pYv8327yz5vvm; Wed, 17 Jul 2019 12:50:12 +0200 (CEST)
Received: from Exchangemail-eme3.itn.ftgroup (unknown [xx.xx.50.49]) by opfednr00.francetelecom.fr (ESMTP service) with ESMTP id 45pYv827tqzDq7x; Wed, 17 Jul 2019 12:50:12 +0200 (CEST)
Received: from OPEXCNORMAE.corporate.adroot.infra.ftgroup ([fe80::897f:9a74:3898:db87]) by OPEXCNORM51.corporate.adroot.infra.ftgroup ([fe80::151:d815:ec44:f813%20]) with mapi id 14.03.0439.000; Wed, 17 Jul 2019 12:50:12 +0200
From: <mohamed.boucadair@orange.com>
To: Meiling Chen <chenmeiling@chinamobile.com>, dots <dots@ietf.org>
Thread-Topic: RE: [Dots] New Version Notification for draft-chen-dots-server-hierarchical-deployment-00.txt
Thread-Index: AQHVPHnoJRU9qaYu7UK+BPXP+kzHwqbOjz1A
Date: Wed, 17 Jul 2019 10:50:11 +0000
Message-ID: <787AE7BB302AE849A7480A190F8B93302F641185@OPEXCNORMAE.corporate.adroot.infra.ftgroup>
References: <156246539991.3273.3216673143517865297.idtracker@ietfa.amsl.com>, <2019070916342639919923@chinamobile.com>, <787AE7BB302AE849A7480A190F8B93302EAE5D7E@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <201907171630300752479@chinamobile.com>
In-Reply-To: <201907171630300752479@chinamobile.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.114.13.246]
Content-Type: multipart/alternative; boundary="_000_787AE7BB302AE849A7480A190F8B93302F641185OPEXCNORMAEcorp_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/shcul76GomN38vL6o52UfutJVxI>
Subject: Re: [Dots] New Version Notification for draft-chen-dots-server-hierarchical-deployment-00.txt
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Jul 2019 10:50:16 -0000

Hi Meiling,

What I meant is a function such as netflow/ipfix collector.

Cheers,
Med

De : Meiling Chen [mailto:chenmeiling@chinamobile.com]
Envoyé : mercredi 17 juillet 2019 10:31
À : BOUCADAIR Mohamed TGI/OLN; dots
Objet : Re: RE: [Dots] New Version Notification for draft-chen-dots-server-hierarchical-deployment-00.txt

Hi med,
Thank you for your suggestion.
next version will more details about the interfaces and deployment considerations
but I don't get your point about interaction with flow collectors? what's your mean of flow collectors? is it clean equipment(mitigator)?

Best Regards,
Meiling Chen
From: mohamed.boucadair@orange.com<mailto:mohamed.boucadair@orange.com>
Date: 2019-07-16 16:26
To: Meiling Chen<mailto:chenmeiling@chinamobile.com>; dots<mailto:dots@ietf.org>
Subject: RE: [Dots] New Version Notification for draft-chen-dots-server-hierarchical-deployment-00.txt
Hi Meiling,

Thank for initiating this work.

It would be interesting to add more details about the various interfaces involved in the deployment schemes (e.g. recursive signaling). This would help assessing whether current DOTS signals are sufficient or not.

Also, it would helpful if you can elaborate further on deployment considerations (and how) to meet some of the requirements you identified, for example:


"   o  DOTS server has the ability to know the address of attack target
      belong to which mitigator"

The document may include a discussion about:
* redundancy/backup considerations (with or without DOTS gateways).
* interaction with flow collectors

Thank you.

Cheers,
Med

De : Dots [mailto:dots-bounces@ietf.org] De la part de Meiling Chen
Envoyé : mardi 9 juillet 2019 10:34
à : dots
Objet : Re: [Dots] New Version Notification for draft-chen-dots-server-hierarchical-deployment-00.txt

Hi all,
I have submited a draft which some thoughts and suggestions on dots server deployment are given,

*         Consider how to deploy between operators and within operators.

*         URL:https://datatracker.ietf..org/doc/draft-chen-dots-server-hierarchical-deployment/
Reading and Comments are more than welcome.

Best Regards,
Meiling Chen
From: internet-drafts<mailto:internet-drafts@ietf.org>
Date: 2019-07-07 10:09
To: Li Su<mailto:suli@chinamobile.com>; chenmeiling<mailto:chenmeiling@chinamobile.com>; Jin Peng<mailto:pengjin@chinamobile.com>; Meiling Chen<mailto:chenmeiling@chinamobile.com>
Subject: New Version Notification for draft-chen-dots-server-hierarchical-deployment-00.txt

A new version of I-D, draft-chen-dots-server-hierarchical-deployment-00.txt
has been successfully submitted by Meiling Chen and posted to the
IETF repository.

Name: draft-chen-dots-server-hierarchical-deployment
Revision: 00
Title: A method for dots server deployment
Document date: 2019-07-06
Group: Individual Submission
Pages: 8
URL:            https://www.ietf.org/internet-drafts/draft-chen-dots-server-hierarchical-deployment-00.txt
Status:         https://datatracker.ietf.org/doc/draft-chen-dots-server-hierarchical-deployment/
Htmlized:       https://tools.ietf.org/html/draft-chen-dots-server-hierarchical-deployment-00
Htmlized:       https://datatracker.ietf.org/doc/html/draft-chen-dots-server-hierarchical-deployment


Abstract:
   As DOTS is used for DDoS Mitigation signaling, In practice, there are
   different deployment scenarios for DOTS agents deployment depending
   on the network deployment mode.  This document made an accommandation
   for DOTS Server deployment which may be Suitable for ISP.  The goal
   is to provide some guidance for DOTS agents deployment.




Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat