IETF Logo Mail Archive

Re: [Sdn] new draft on SDN for DDoS mitigation

"King, Daniel" <d.king@lancaster.ac.uk> Fri, 28 August 2015 09:05 UTC

Return-Path: <d.king@lancaster.ac.uk>
X-Original-To: sdn@ietfa.amsl.com
Delivered-To: sdn@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 692231B301D for <sdn@ietfa.amsl.com>; Fri, 28 Aug 2015 02:05:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.42
X-Spam-Level:
X-Spam-Status: No, score=-3.42 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_NEUTRAL=0.779] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4fCiMja3JJkV for <sdn@ietfa.amsl.com>; Fri, 28 Aug 2015 02:05:08 -0700 (PDT)
Received: from ignavia.lancs.ac.uk (ignavia.lancs.ac.uk [148.88.25.16]) by ietfa.amsl.com (Postfix) with ESMTP id DBFBF1B2FED for <sdn@irtf.org>; Fri, 28 Aug 2015 02:05:07 -0700 (PDT)
Received: from ex-0-ht0.lancs.ac.uk ([10.42.18.47] helo=EX-0-HT0.lancs.local) by ignavia.lancs.ac.uk with esmtp (Exim 4.72) (envelope-from <d.king@lancaster.ac.uk>) id 1ZVFas-00053P-LG; Fri, 28 Aug 2015 10:05:06 +0100
Received: from EX-0-MB2.lancs.local ([fe80::9d98:936b:54d1:c531]) by EX-0-HT0.lancs.local ([fe80::7d10:114a:53b0:7f2f%12]) with mapi id 14.03.0248.002; Fri, 28 Aug 2015 10:05:06 +0100
From: "King, Daniel" <d.king@lancaster.ac.uk>
To: "patricklismore@gmail.com" <patricklismore@gmail.com>
Thread-Topic: [Sdn] new draft on SDN for DDoS mitigation
Thread-Index: AQHQ4NjaU6fvAcAI90e9HO/6Zj+3Vp4hGSZA
Date: Fri, 28 Aug 2015 09:05:05 +0000
Message-ID: <65174429B5AF4C45BD0798810EC48E0A3246D9A3@EX-0-MB2.lancs.local>
References: <55CB473A.3010505@mti-systems.com> <CANHB4_nJb9V_cVgY9jq6JyrE-JCtyjJ5dZ=mUmEnQF=z0a=qpA@mail.gmail.com>
In-Reply-To: <CANHB4_nJb9V_cVgY9jq6JyrE-JCtyjJ5dZ=mUmEnQF=z0a=qpA@mail.gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [213.205.251.136]
x-iss-local-domain: 1
Content-Type: multipart/alternative; boundary="_000_65174429B5AF4C45BD0798810EC48E0A3246D9A3EX0MB2lancsloca_"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/sdn/1mJ8__fM1WyY5MEc_lGML1JoB-Y>
Cc: "sdn@irtf.org" <sdn@irtf.org>
Subject: Re: [Sdn] new draft on SDN for DDoS mitigation
X-BeenThere: sdn@mail.ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: List to Discuss SDN Research Group in the IRTF <sdn.mail.ietf.org>
List-Unsubscribe: <https://mail.ietf.org/mailman/options/sdn>, <mailto:sdn-request@mail.ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sdn/>
List-Post: <mailto:sdn@mail.ietf.org>
List-Help: <mailto:sdn-request@mail.ietf.org?subject=help>
List-Subscribe: <https://mail.ietf.org/mailman/listinfo/sdn>, <mailto:sdn-request@mail.ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Aug 2015 09:05:10 -0000

Hi Patrick,

All IRTF/IETF participation is very welcome!

There are often differences between contributing to an IRTF Research Group (RG) and an IETF Working Group (WG). In the SDN RG we tend to encourage initial discussion via the SDN mailing list or an RG presentation to aid formulation of the research challenge and setting context and/or scope, rather than the typical IETF approach of submitting a 00 Internet-Draft (I-D). Then if the topic/work merits further investigation an Internet-Draft would be a fine way forward.

If you followed the recent SDN RG session at IETF 93 we had a dedicated session on SDN Security:

https://www.ietf.org/proceedings/93/agenda/agenda-93-sdnrg

Identifying a few SDN use cases and subsequent Security requirements would be a great way to help initiate and steer SDN RG list discussion. A reasonable output could then be an SDN Security I-D that summarises the challenges and available methods/technologies for mitigating Security risks and issues. The I-D could also identify gaps and possible candidate solutions via existing IETF WG protocols and mechanisms, recent WG proposals, or indeed the need for something entirely new (seeding a bar-BOF, further discussions, etc.).

BR, Dan.

From: sdn [mailto:sdn-bounces@mail.ietf.org] On Behalf Of Patrick Lismore
Sent: 27 August 2015 15:59
Cc: sdn@irtf.org
Subject: Re: [Sdn] new draft on SDN for DDoS mitigation

Hello everyone,

I have been reading the emails for this list for a while and wanted to contribute.

My research this year as part of my MSc was on Threat Mitigation & Digital Forensics in Software Defined Networks.

I have never contributed to IETF before but would like to get more involved with the SDNRG.

What is the best way to engage?

Should I help some contributors with their research?, submit a paper or throw out some ideas.

best regards

Patrick Lismore
@patricklismore



On Wed, Aug 12, 2015 at 2:16 PM, Wesley Eddy <wes@mti-systems.com<mailto:wes@mti-systems.com>> wrote:
Hello, we wanted to make people aware of a new I-D that uses SDN (or
more specifically OpenFlow) as a tool to improve DDoS mitigation:

https://datatracker.ietf.org/doc/draft-eddy-sdnrg-customer-filters/

The interesting part of this for SDNRG is probably the sub-controller
concept, which is how we allow OpenFlow to be used inter-domain (for
customers to control aspects of their ISP's network), and the three-
stage organization of flow tables.

The content is fairly specific to DDoS, but could be extended and
generalized for other uses.

Much of the other interdomain SDN work has the ISPs setting up virtual
networks for each customer, or slice-based constructions, which are not
required by this sub-controller approach.  It may be of interest as
an alternative construction with its own set of advantages and
disadvantages in comparison to other interdomain SDN approaches.

We're eager to hear your comments, criticisms, and questions.

--
Wes Eddy
MTI Systems

_______________________________________________
sdn mailing list
sdn@mail.ietf.org<mailto:sdn@mail.ietf.org>
https://mail.ietf.org/mailman/listinfo/sdn

v2.23.0 | Report a Bug | By Email