IETF Logo Mail Archive

Re: [Dots] [tsvwg] Best transport selection during an attack?

🔓Dan Wing <dwing@cisco.com> Sun, 15 November 2015 20:31 UTC

Return-Path: <dwing@cisco.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3F4EA1A92DC for <dots@ietfa.amsl.com>; Sun, 15 Nov 2015 12:31:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -13.386
X-Spam-Level:
X-Spam-Status: No, score=-13.386 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.585, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sFIDCnZ61dO3 for <dots@ietfa.amsl.com>; Sun, 15 Nov 2015 12:31:45 -0800 (PST)
Received: from alln-iport-1.cisco.com (alln-iport-1.cisco.com [173.37.142.88]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 21F6C1A92BD for <dots@ietf.org>; Sun, 15 Nov 2015 12:31:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1184; q=dns/txt; s=iport; t=1447619505; x=1448829105; h=mime-version:subject:from:in-reply-to:date:cc: content-transfer-encoding:message-id:references:to; bh=u+CIffGebox6n90vMZsJhZJDTWEQxabP7dK971/3CQQ=; b=Ifvs92m/7m2eE6emDj9n+JGIVyWPkqNWbB07VOWK14v2hNiVsNub+wE4 OungZ9OkvDdFSPGEZmjYwNLyywmcTXe4jPXtyw5tuFfBdMCjUZsRGBtiF BUc22lZjVNkeQEE8yNReWtGFO3fTlexDPPocDWhvRU8s/n6aG66k5+C1k E=;
X-IronPort-AV: E=Sophos;i="5.20,298,1444694400"; d="scan'208";a="208793351"
Received: from alln-core-12.cisco.com ([173.36.13.134]) by alln-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 15 Nov 2015 20:31:44 +0000
Received: from [10.24.99.237] ([10.24.99.237]) by alln-core-12.cisco.com (8.14.5/8.14.5) with ESMTP id tAFKVhJT027132 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 15 Nov 2015 20:31:44 GMT
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
From: 🔓Dan Wing <dwing@cisco.com>
In-Reply-To: <570C393A-3B90-40F0-A8BC-E5B96A11305F@arbor.net>
Date: Sun, 15 Nov 2015 12:31:43 -0800
Content-Transfer-Encoding: quoted-printable
Message-Id: <F34E3B74-B511-4C45-B985-986FD59684CF@cisco.com>
References: <CAD62q9VFhg4-iMT2X_bBUQ3tU3hbDcb6k-_YrfKcT4Jf6iH6Eg@mail.gmail.com> <5638D31B.4080801@mti-systems.com> <CAD6AjGRQNSjb0x34_Or-tm7rbg_UQWPJjYFfLsV6znNsgPRoMA@mail.gmail.com> <0A836E5A-C801-4CF4-916C-41EA065D3D30@arbor.net> <563939F2.8010601@mti-systems.com> <3AFD973D-22CB-49BD-A384-A1C10A0167E9@arbor.net> <49d27818011843fcb79d6a2faca09b5f@XCH-RCD-017.cisco.com> <6709EB29-B856-45EC-A005-4AB4274C6B1D@arbor.net> <0c1ea5caef5542178d1c954bf8afa96b@XCH-RCD-017.cisco.com> <4FE28A47-A65E-4FE8-AA0B-FEA3712D061C@arbor.net> <D267B1F4.3A0B2%stefan.fouant@corero.com> <5644BC0B.2010905@spritelink.net> <570C393A-3B90-40F0-A8BC-E5B96A11305F@arbor.net>
To: Roland Dobbins <rdobbins@arbor.net>
X-Mailer: Apple Mail (2.2104)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dots/utC6uHM7ezAbe0K2pQh6Y7oRom8>
Cc: dots@ietf.org, Tirumaleswar Reddy <tireddy@cisco.com>
Subject: Re: [Dots] [tsvwg] Best transport selection during an attack?
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 15 Nov 2015 20:31:47 -0000

On 12-Nov-2015 05:55 pm, Roland Dobbins <rdobbins@arbor.net> wrote:
> 
> On 12 Nov 2015, at 23:19, Kristian Larsson wrote:
> 
>> While rfc6555 targets stateful transports there is nothing preventing doing the same for UDP, as long as there is some form of request/response semantics of the service running on top, which I believe we will have.

Yes, Happy Eyeballs (RFC6555) concepts can be applied to other transports.  For example Preethi and I described how to apply Happy Eyeballs to SCTP, draft-wing-tsvwg-happy-eyeballs-sctp (expired).

-d


> 
> I *think* this is correct; Dan Wing and Tiru Reddy can certainly comment more.
> 
>> I think  "Happy DOTS" should do v4/v6 selection and UDP / TCP selection per default. If someone wants to statically configure UDPoIPv4 that is fine but I'd like to see a recommendation for the default being to automatically figure out the best combination.
> 
> This is potentially useful implementation guidance, IMHO.  Very interested in hearing more from Dan, Tiru, and others as to their thoughts.
> 
> -----------------------------------
> Roland Dobbins <rdobbins@arbor.net>

v2.23.0 | Report a Bug | By Email