Re: [Last-Call] Artart last call review of draft-ietf-dots-telemetry-use-cases-11
H Y <yuuhei.hayashi@gmail.com> Sat, 24 September 2022 07:56 UTC
Return-Path: <yuuhei.hayashi@gmail.com>
X-Original-To: last-call@ietfa.amsl.com
Delivered-To: last-call@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46736C14F732; Sat, 24 Sep 2022 00:56:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.105
X-Spam-Level:
X-Spam-Status: No, score=-7.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nqU9XURLMAzH; Sat, 24 Sep 2022 00:56:41 -0700 (PDT)
Received: from mail-ej1-x631.google.com (mail-ej1-x631.google.com [IPv6:2a00:1450:4864:20::631]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9B197C14F5E1; Sat, 24 Sep 2022 00:56:38 -0700 (PDT)
Received: by mail-ej1-x631.google.com with SMTP id bj12so4746357ejb.13; Sat, 24 Sep 2022 00:56:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date; bh=Rz77lA4Oj6nYyyyKHdMHj5sW57ZGz42felQ+ldXcppg=; b=N14RGjUg0IviYzuXkXzF1zEtjK3jBZuX2NKcJKoYt9HS5meqj7iT7Gc5if+WR3+8C+ bFmm+3mN8a7F+YNPSgHdK89Ah/cX/lwfhUjc1mtmYufe4Z0ZxsjLmx+r9Xr0v5Hemh+u 37QG3XWv4uPVTHs109Po2PwpJ7W7kmmhK6aNYYx4znozL6bHP7y6c0bMecx/LZuzoUkZ QWBiVyBws3vwIT260yvwICX+KB5RYMonRcJmhacJiIdi3F1LUsVoZdBltibRZf5eHPXK zVPVOh8Y/dwC3dfe/ZtrYEn8DW4H+YIqFkmku/t+YPhQszVU/A7pZ/Q1w+NznsHsiGQW MvBg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date; bh=Rz77lA4Oj6nYyyyKHdMHj5sW57ZGz42felQ+ldXcppg=; b=t8PZsmTmkoO7ymZb3UI+kt921fDnC0B1JTEaIQ8KaBK+522ultZRW/rrKo5/tYh11J qGYg6nBjremicRjQino7MbYF7DkSrWQxWWQ1D3MPfUOsed+7Py4h6nWMH3Y60Dj1Uory GYgpz3D5wKD4pnGy5+UhuOe7gbeHKBheWPNvNCpk+qU4vze1vju3iFOLC/CPVeqSJUzc 9/t+24IFxgPcEYa34WruQmCLZc34sGOEJOr9O1/aB+Wu3ZYugZVWxygc9zQR3la0j9ri pTuRdj5vzn2K8dAPI7uAzsY7GhEGCwhlBenABVdXOiNxLzJdaTptVumWhVPXtp826hiF fy+Q==
X-Gm-Message-State: ACrzQf3UhZzYo2YutsKAfTEkmCAnIBPVxg7KiD6e6y5SxqWabKdmZ4jj elX33fBNMfqFLQiUzXolGXPpYPudY15ObOotcFD7upq3YuYOKg==
X-Google-Smtp-Source: AMsMyM5BMILr0AhcSD4oJMsCSxL5/63tR1zmPt+r4Zv/PKhOZQ6EZeWFv14O8TUU3p07K3+VuSw7JXdZe/ndauIKKx0=
X-Received: by 2002:a17:906:8463:b0:771:a3d2:7c3 with SMTP id hx3-20020a170906846300b00771a3d207c3mr9675307ejc.592.1664006196618; Sat, 24 Sep 2022 00:56:36 -0700 (PDT)
MIME-Version: 1.0
References: <166372382149.12048.15710097866385991335@ietfa.amsl.com>
In-Reply-To: <166372382149.12048.15710097866385991335@ietfa.amsl.com>
From: H Y <yuuhei.hayashi@gmail.com>
Date: Sat, 24 Sep 2022 16:56:26 +0900
Message-ID: <CAA8pjUO9qF7aQpxMLwMVHy9yFw3vaneMYoAybyEpEjL=wtPJ-Q@mail.gmail.com>
To: Sean Turner <sean+ietf@sn3rd.com>
Cc: art@ietf.org, dots@ietf.org, draft-ietf-dots-telemetry-use-cases.all@ietf.org, last-call@ietf.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/EqnPQcj6UcInQpdY04MIFpT39es>
Subject: Re: [Last-Call] Artart last call review of draft-ietf-dots-telemetry-use-cases-11
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 24 Sep 2022 07:56:46 -0000
Hi Sean, Thank you for your very careful review. We modified the draft to address the comments, and you can see the diff here. https://www.ietf.org/rfcdiff?url2=draft-ietf-dots-telemetry-use-cases-12 Please see inline. 2022年9月21日(水) 10:30 Sean Turner via Datatracker <noreply@ietf.org>: > > Reviewer: Sean Turner > Review result: Ready with Nits > > Hi! All but the (0) issue are editorial issues, and the JSON parsing issues > ought to be easy to fix: > > 0) JSON parsing issues: > > 0.1) s3.1.5: I think maybe instead of this: > > "attack-description": > "attack-description": "DNS amplification Attack: \ > ... > > use this: > > "attack-description": "DNS amplification Attack: \ > ... [Yuhei] Thanks. I addressed this comment. > > 0.2) s3.2.2: Error: Duplicate key 'mid-percentile-g' [Yuhei] Thanks. I addressed this comment.It was just a mistake. > > 1) Can you provide some additional background on the term "label" as it is used > in this document; appears to be related to ML. See Un/Supervised Machine > Learning definitions. [Yuhei] Thanks. According to the wiki, Supervised Machine Learnig is defined as below. >>Supervised learning (SL) is the machine learning task of learning a function that maps an input to an output based on example input-output pairs.It infers a function from labeled training data consisting of a set of training examples. https://en.wikipedia.org/wiki/Supervised_learning It seems that "label" is general term in the ML industry. > > 2) s3.1: I think maybe some .md/.xml for the bullets got messed up: > > In particular, > the following telemetry parameters are used: * 'measurement-interval' > to define the period during which percentiles are computed. * > 'measurement-sample' to define the time distribution for measuring > values that are used to compute percentiles. [Yuhei] Thanks. I addressed this comment. Now we use <ul></ul> for enumeration to avoid messed up in the xml. > > 3) s3.1.1, 1st para: Not sure you need the 1 Tps example, in 5 years that might > seem low. Also maybe tweak the sentence a bit: > > Some transit providers have to mitigate very large-scale DDoS attacks > with their own previously deployed DDoS Mitigation Systems (DMSes) that > lack sufficient resources. [Yuhei] Thanks. I addressed this comment. As you say, 1 Tps example seems low in 5 years. According to recent report, 2.5 Tbps attack were observed. https://www.netscout.com/threatreport/global-ddos-attack-trends/ So we rewrite it as below: OLD: For example, recent reported large DDoS attacks exceeded 1 Tps. NEW: For example, recently reported large DDoS attacks exceeded several Tbps. > > 4) s3.1.1, 2nd para (friendly editorial suggestion): > > s/The aim of this use case is to enable transit/This use case enables transit [Yuhei] Thanks. I addressed this comment. > > 5) Figure 1: Would it be clearer for the target(s) in the figure to be: > > [ Target(s)] [Yuhei] Thanks. I addressed this comment. > > 6) s3.1.1, 4th para: The word "using" is kind of dangling: > > s/The forwarding nodes send traffic statistics to the flow collectors > using, e.g., IP Flow Information Export (IPFIX) [RFC7011]. > /The forwarding nodes send traffic statistics to the flow collectors, > e.g., using IP Flow Information Export (IPFIX) [RFC7011]. [Yuhei] Thanks. I addressed this comment. > > 7) s3.1.1, 4th para: Maybe: > > After that, the orchestrator > orders the forwarding nodes to redirect as much of the top-talker's > traffic to the DMS as possible by dissemination of Flow > Specifications relying upon tools, such as Border Gateway Protocol > Dissemination of Flow Specification Rules (BGP Flowspec) [RFC8955]. > > NEW: > > After that, the orchestrator > orders the forwarding nodes to redirect as much of the top-talker's > traffic to the DMS as possible by dissemination of Flow > Specifications using tools such as Border Gateway Protocol > Dissemination of Flow Specification Rules (BGP Flowspec) [RFC8955]. [Yuhei] Thanks. I addressed this comment. > > 8) s3.1.2, 1st para: Is this: > > Transit providers can deploy their DMSes in clusters. Then, they can > select the DMS to be used to mitigate a DDoS attack under attack > time. > > trying to say this: > > Transit providers can deploy their DMSes in clusters. Then, they can > select the DMS to be used to mitigate a DDoS attack while under attack. [Yuhei] Thanks. I addressed this comment. Genart review gave us the same comment, so we modified it as below. OLD: Then, they can select the DMS to be used to mitigate a DDoS attack under attack time. NEW: Then, they can select the DMS to be used to mitigate a DDoS attack at the time of an attack. > > 9) s3.1.2, 2nd para: > > s/The aim of this use case is to enable transit/This use case enables transit [Yuhei] Thanks. I addressed this comment. > > 10) Figure 3: Why are there two [Target] elements in the figure? [Yuhei] It's because there are two targets in the example and this usecase enables the transit provider to select DMS for traffic destined for each target. We modified the figure to clarify it. > > 11) s3.1.2, 3rd para: The word "using" is kind of dangling: > > s/The forwarding nodes send traffic statistics to the flow collectors > using, e.g., IP Flow Information Export (IPFIX) [RFC7011]. > /The forwarding nodes send traffic statistics to the flow collectors, > c IP Flow Information Export (IPFIX) [RFC7011]. [Yuhei] Thanks. I addressed this comment. > > 12) s3.1.3, 2nd para: > > s/The aim of this use case is to enable transit/This use case enables transit [Yuhei] Thanks. I addressed this comment. > > 13) Figure 5: I think you need one more space before the line with the nodes to > make the DOTS box a box :): > > --->C| Forwarding | --->C| Forwarding |---> > e.g., BGP Flowspec | node | | node | > ^ add a space > (Redirect) --->| | | | DDoS Attack [Yuhei] Thanks. I addressed this comment. > > 14) s3.1.3, 3rd para: > > OLD: > > After that, the orchestrator orders the > appropriate forwarding nodes to redirect the attack traffic to the > optimal DMS by dissemination of Flow Specifications relying upon > tools, such as BGP Flowspec. > > NEW: > > After that, the orchestrator orders the > appropriate forwarding nodes to redirect the attack traffic to the > optimal DMS by dissemination of Flow Specifications using tools > such as Border Gateway Protocol Dissemination of Flow Specification > Rules (BGP Flowspec) [RFC8955]. [Yuhei] Thanks. I addressed this comment. > > 15) s3.1.4, 1st para: > > s/internet/Internet > > s/The feature of the attack is that start from zero and go to maximum > /These attacks start from zero and go to maximum > > s/It is > difficult for them to mitigate an attack by DMS by redirecting attack > flows because it may cause route flapping in the network. > /It is > difficult for the transit providers to mitigate an attack with their > DMSes by redirecting attack flows because it may cause route flapping > in the network. [Yuhei] Thanks. I addressed this comment. > > 16) s3.1.4, 2nd para: > > s/The aim of this use case is to enable transit/This use case enables transit [Yuhei] Thanks. I addressed this comment. > > 17) s3.1.4, 3rd para: Maybe: > > After that, the administrative system orders relevant forwarding > nodes to carry out rate-limit all traffic destined to the target > based on the pipe capability by the dissemination of the Flow > Specifications relying upon tools, such as BGP Flowspec. > > NEW: > > After that, the administrative system orders relevant forwarding > nodes to carry out rate-limit all traffic destined to the target > based on the pipe capability by the dissemination of the Flow > Specifications using tools such as Border Gateway Protocol > Dissemination of Flow Specification Rules (BGP Flowspec) [RFC8955]. [Yuhei] Thanks. I addressed this comment. > > 18) s3.1.5, 1st para: Provide reference for DNS Water Torture Attacks. [Yuhei] Thanks. I addressed this comment. NEW: To carry out the DNS water torture attack, an attacker commands a botnet to make thousands of DNS requests for fake subdomains against an Authoritative Name Server. > > 19) s3.1.5, 2nd para: > > s/The aim of this use case is to enable transit/This use case enables transit [Yuhei] Thanks. I addressed this comment. > > 20) s3.1.5, 5th para: > > s/Specifications, e.g. [RFC8955] > /Specifications using tools such as Border Gateway Protocol > Dissemination of Flow Specification Rules (BGP Flowspec) [RFC8955]. > > s/such as BGP > /such as BGP [RFC4271]. [Yuhei] Thanks. I addressed this comment. > > 21) s3.2: > > s/The aim of this use case is to share the/This use case enables sharing of [Yuhei] Thanks. I addressed this comment. > > 22) s3.3.1, 1st para: s/internet/Internet [Yuhei] Thanks. I addressed this comment. > > 23) s3.3.1, 2nd para: > > s/The aim of this use case is to enable transit/This use case enables transit [Yuhei] Thanks. I addressed this comment. > > 24) s3.3.2, 1st para: > > s/The aim of this use case is to carry out/This use case supports [Yuhei] Thanks. I addressed this comment. -- ---------------------------------- Yuuhei HAYASHI 08065300884 yuuhei.hayashi@gmail.com iehuuy_0220@docomo.ne.jp ----------------------------------
- [Last-Call] Artart last call review of draft-ietf… Sean Turner via Datatracker
- Re: [Last-Call] Artart last call review of draft-… H Y