[Idr] flowspec enhancements
Wesley Eddy <wes@mti-systems.com> Tue, 15 September 2015 17:39 UTC
Return-Path: <wes@mti-systems.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA56E1A87E6 for <idr@ietfa.amsl.com>; Tue, 15 Sep 2015 10:39:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.8
X-Spam-Level:
X-Spam-Status: No, score=0.8 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n6vwEyHNIPJq for <idr@ietfa.amsl.com>; Tue, 15 Sep 2015 10:39:41 -0700 (PDT)
Received: from atl4mhob07.myregisteredsite.com (atl4mhob07.myregisteredsite.com [209.17.115.45]) by ietfa.amsl.com (Postfix) with ESMTP id 9A0A91A87D9 for <idr@ietf.org>; Tue, 15 Sep 2015 10:39:39 -0700 (PDT)
Received: from mailpod.hostingplatform.com ([10.30.71.208]) by atl4mhob07.myregisteredsite.com (8.14.4/8.14.4) with ESMTP id t8FHdbqt024051 for <idr@ietf.org>; Tue, 15 Sep 2015 13:39:37 -0400
Received: (qmail 30040 invoked by uid 0); 15 Sep 2015 17:39:37 -0000
X-TCPREMOTEIP: 24.166.126.82
X-Authenticated-UID: wes@mti-systems.com
Received: from unknown (HELO ?192.168.0.148?) (wes@mti-systems.com@24.166.126.82) by 0 with ESMTPA; 15 Sep 2015 17:39:37 -0000
From: Wesley Eddy <wes@mti-systems.com>
X-Enigmail-Draft-Status: N1110
Organization: MTI Systems
To: idr@ietf.org
Message-ID: <55F857D1.1020806@mti-systems.com>
Date: Tue, 15 Sep 2015 13:39:29 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/idr/6dti0Cdp_yFWnfy9RtPFwoP2Vt8>
Cc: Justin Dailey <Justin@mti-systems.com>
Subject: [Idr] flowspec enhancements
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Sep 2015 17:39:43 -0000
Hello, we've been working on a few enhancements to the BGP flowspec capabilities that may be of interest: https://tools.ietf.org/html/draft-eddy-idr-flowspec-exp-00 There are several ideas described in the document that could be factored out from one another, but the basic idea is to increase the power of flowspec, mainly for its DDoS mitigation purposes. Specifically, the suggested enhancements include: - add packet rate limitations as an action (not just bitrate) - add support for filtering of tunneled traffic (unencrypted) - identifying flow specifications for tracking and communication between providers - cryptographically signing flowspecs - supporting a more surgical re-route to scrubbing centers - providing feedback about flowspecs to the source If any of these are interesting to folks, we'll appreciate your feedback, comments, questions, etc. Some are more difficult than others. I'm assuming IDR is a reasonable list for this, though it also touches SIDR and OPSEC topics, but will appreciate the chairs' thoughts on this. It has been mentioned in the DOTS list, but is obviously out of scope for DOTS. -- Wes Eddy MTI Systems
- [Idr] flowspec enhancements Wesley Eddy
- Re: [Idr] flowspec enhancements Haoweiguo
- Re: [Idr] flowspec enhancements Wesley Eddy
- Re: [Idr] flowspec enhancements Haoweiguo
- Re: [Idr] flowspec enhancements Jeffrey Haas
- Re: [Idr] flowspec enhancements Wesley Eddy