| < draft-ietf-dots-multihoming-01.txt | draft-ietf-dots-multihoming-02.txt > | |||
|---|---|---|---|---|
| Network Working Group M. Boucadair | Network Working Group M. Boucadair | |||
| Internet-Draft Orange | Internet-Draft Orange | |||
| Intended status: Standards Track T. Reddy | Intended status: Standards Track T. Reddy | |||
| Expires: July 25, 2019 McAfee | Expires: January 23, 2020 McAfee | |||
| January 21, 2019 | W. Pan | |||
| Huawei Technologies | ||||
| July 22, 2019 | ||||
| Multi-homing Deployment Considerations for Distributed-Denial-of-Service | Multi-homing Deployment Considerations for Distributed-Denial-of-Service | |||
| Open Threat Signaling (DOTS) | Open Threat Signaling (DOTS) | |||
| draft-ietf-dots-multihoming-01 | draft-ietf-dots-multihoming-02 | |||
| Abstract | Abstract | |||
| This document discusses multi-homing considerations for Distributed- | This document discusses multi-homing considerations for Distributed- | |||
| Denial-of-Service Open Threat Signaling (DOTS). The goal is to | Denial-of-Service Open Threat Signaling (DOTS). The goal is to | |||
| provide some guidance for DOTS clients/gateways when multihomed. | provide some guidance for DOTS clients/gateways when multihomed. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| skipping to change at page 1, line 34 ¶ | skipping to change at page 1, line 36 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on July 25, 2019. | This Internet-Draft will expire on January 23, 2020. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2019 IETF Trust and the persons identified as the | Copyright (c) 2019 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 18 ¶ | skipping to change at page 2, line 20 ¶ | |||
| 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 4 | 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 4 | |||
| 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 | 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 | |||
| 4. Multi-Homing Scenarios . . . . . . . . . . . . . . . . . . . 4 | 4. Multi-Homing Scenarios . . . . . . . . . . . . . . . . . . . 4 | |||
| 4.1. Residential Single CPE . . . . . . . . . . . . . . . . . 5 | 4.1. Residential Single CPE . . . . . . . . . . . . . . . . . 5 | |||
| 4.2. Multi-Homed Enterprise: Single CPE, Multiple Upstream | 4.2. Multi-Homed Enterprise: Single CPE, Multiple Upstream | |||
| ISPs . . . . . . . . . . . . . . . . . . . . . . . . . . 5 | ISPs . . . . . . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 4.3. Multi-homed Enterprise: Multiple CPEs, Multiple Upstream | 4.3. Multi-homed Enterprise: Multiple CPEs, Multiple Upstream | |||
| ISPs . . . . . . . . . . . . . . . . . . . . . . . . . . 6 | ISPs . . . . . . . . . . . . . . . . . . . . . . . . . . 6 | |||
| 4.4. Multi-homed Enterprise with the Same ISP . . . . . . . . 7 | 4.4. Multi-homed Enterprise with the Same ISP . . . . . . . . 7 | |||
| 5. DOTS Deployment Considerations . . . . . . . . . . . . . . . 7 | 5. DOTS Deployment Considerations . . . . . . . . . . . . . . . 7 | |||
| 5.1. Residential CPE . . . . . . . . . . . . . . . . . . . . . 7 | 5.1. Residential CPE . . . . . . . . . . . . . . . . . . . . . 8 | |||
| 5.2. Multi-Homed Enterprise: Single CPE, Multiple Upstream | 5.2. Multi-Homed Enterprise: Single CPE, Multiple Upstream | |||
| ISPs . . . . . . . . . . . . . . . . . . . . . . . . . . 9 | ISPs . . . . . . . . . . . . . . . . . . . . . . . . . . 9 | |||
| 5.3. Multi-Homed Enterprise: Multiple CPEs, Multiple Upstream | 5.3. Multi-Homed Enterprise: Multiple CPEs, Multiple Upstream | |||
| ISPs . . . . . . . . . . . . . . . . . . . . . . . . . . 11 | ISPs . . . . . . . . . . . . . . . . . . . . . . . . . . 11 | |||
| 5.4. Multi-Homed Enterprise: Single ISP . . . . . . . . . . . 12 | 5.4. Multi-Homed Enterprise: Single ISP . . . . . . . . . . . 12 | |||
| 6. Security Considerations . . . . . . . . . . . . . . . . . . . 12 | 6. Security Considerations . . . . . . . . . . . . . . . . . . . 13 | |||
| 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12 | 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13 | |||
| 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 12 | 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 13 | |||
| 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 13 | 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 13 | |||
| 9.1. Normative References . . . . . . . . . . . . . . . . . . 13 | 9.1. Normative References . . . . . . . . . . . . . . . . . . 13 | |||
| 9.2. Informative References . . . . . . . . . . . . . . . . . 13 | 9.2. Informative References . . . . . . . . . . . . . . . . . 14 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 14 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 15 | |||
| 1. Introduction | 1. Introduction | |||
| In many deployments, it may not be possible for a network to | In many deployments, it may not be possible for a network to | |||
| determine the cause of a distributed Denial-of-Service (DoS) attack | determine the cause of a distributed Denial-of-Service (DoS) attack | |||
| [RFC4732]. Rather, the network may just realize that some resources | [RFC4732]. Rather, the network may just realize that some resources | |||
| seem to be under attack. To improve such situation, the IETF is | seem to be under attack. To improve such situation, the IETF is | |||
| specifying the DDoS Open Threat Signaling (DOTS) | specifying the DDoS Open Threat Signaling (DOTS) | |||
| [I-D.ietf-dots-architecture]architecture, where a DOTS client can | [I-D.ietf-dots-architecture]architecture, where a DOTS client can | |||
| inform a DOTS server that the network is under a potential attack and | inform a DOTS server that the network is under a potential attack and | |||
| skipping to change at page 13, line 12 ¶ | skipping to change at page 13, line 39 ¶ | |||
| and Christian Jacquenet for sharing their comments on the mailing | and Christian Jacquenet for sharing their comments on the mailing | |||
| list. | list. | |||
| Thanks to Kirill Kasavchenko for the comments. | Thanks to Kirill Kasavchenko for the comments. | |||
| 9. References | 9. References | |||
| 9.1. Normative References | 9.1. Normative References | |||
| [I-D.ietf-dots-architecture] | [I-D.ietf-dots-architecture] | |||
| Mortensen, A., Andreasen, F., K, R., Teague, N., Compton, | Mortensen, A., K, R., Andreasen, F., Teague, N., and R. | |||
| R., and c. christopher_gray3@cable.comcast.com, | Compton, "Distributed-Denial-of-Service Open Threat | |||
| "Distributed-Denial-of-Service Open Threat Signaling | Signaling (DOTS) Architecture", draft-ietf-dots- | |||
| (DOTS) Architecture", draft-ietf-dots-architecture-10 | architecture-14 (work in progress), May 2019. | |||
| (work in progress), December 2018. | ||||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <https://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
| [RFC6724] Thaler, D., Ed., Draves, R., Matsumoto, A., and T. Chown, | [RFC6724] Thaler, D., Ed., Draves, R., Matsumoto, A., and T. Chown, | |||
| "Default Address Selection for Internet Protocol Version 6 | "Default Address Selection for Internet Protocol Version 6 | |||
| (IPv6)", RFC 6724, DOI 10.17487/RFC6724, September 2012, | (IPv6)", RFC 6724, DOI 10.17487/RFC6724, September 2012, | |||
| <https://www.rfc-editor.org/info/rfc6724>. | <https://www.rfc-editor.org/info/rfc6724>. | |||
| skipping to change at page 13, line 41 ¶ | skipping to change at page 14, line 18 ¶ | |||
| 9.2. Informative References | 9.2. Informative References | |||
| [I-D.boucadair-dots-server-discovery] | [I-D.boucadair-dots-server-discovery] | |||
| Boucadair, M., K, R., and P. Patil, "Distributed-Denial- | Boucadair, M., K, R., and P. Patil, "Distributed-Denial- | |||
| of-Service Open Threat Signaling (DOTS) Server Discovery", | of-Service Open Threat Signaling (DOTS) Server Discovery", | |||
| draft-boucadair-dots-server-discovery-05 (work in | draft-boucadair-dots-server-discovery-05 (work in | |||
| progress), October 2018. | progress), October 2018. | |||
| [I-D.ietf-dots-data-channel] | [I-D.ietf-dots-data-channel] | |||
| Boucadair, M., K, R., Nishizuka, K., Xia, L., Patil, P., | Boucadair, M. and R. K, "Distributed Denial-of-Service | |||
| Mortensen, A., and N. Teague, "Distributed Denial-of- | Open Threat Signaling (DOTS) Data Channel Specification", | |||
| Service Open Threat Signaling (DOTS) Data Channel | draft-ietf-dots-data-channel-30 (work in progress), July | |||
| Specification", draft-ietf-dots-data-channel-24 (work in | 2019. | |||
| progress), December 2018. | ||||
| [I-D.ietf-dots-signal-channel] | [I-D.ietf-dots-signal-channel] | |||
| K, R., Boucadair, M., Patil, P., Mortensen, A., and N. | K, R., Boucadair, M., Patil, P., Mortensen, A., and N. | |||
| Teague, "Distributed Denial-of-Service Open Threat | Teague, "Distributed Denial-of-Service Open Threat | |||
| Signaling (DOTS) Signal Channel Specification", draft- | Signaling (DOTS) Signal Channel Specification", draft- | |||
| ietf-dots-signal-channel-26 (work in progress), December | ietf-dots-signal-channel-35 (work in progress), July 2019. | |||
| 2018. | ||||
| [I-D.ietf-dots-use-cases] | [I-D.ietf-dots-use-cases] | |||
| Dobbins, R., Migault, D., Fouant, S., Moskowitz, R., | Dobbins, R., Migault, D., Fouant, S., Moskowitz, R., | |||
| Teague, N., Xia, L., and K. Nishizuka, "Use cases for DDoS | Teague, N., Xia, L., and K. Nishizuka, "Use cases for DDoS | |||
| Open Threat Signaling", draft-ietf-dots-use-cases-17 (work | Open Threat Signaling", draft-ietf-dots-use-cases-18 (work | |||
| in progress), January 2019. | in progress), July 2019. | |||
| [RFC3582] Abley, J., Black, B., and V. Gill, "Goals for IPv6 Site- | [RFC3582] Abley, J., Black, B., and V. Gill, "Goals for IPv6 Site- | |||
| Multihoming Architectures", RFC 3582, | Multihoming Architectures", RFC 3582, | |||
| DOI 10.17487/RFC3582, August 2003, | DOI 10.17487/RFC3582, August 2003, | |||
| <https://www.rfc-editor.org/info/rfc3582>. | <https://www.rfc-editor.org/info/rfc3582>. | |||
| [RFC4116] Abley, J., Lindqvist, K., Davies, E., Black, B., and V. | [RFC4116] Abley, J., Lindqvist, K., Davies, E., Black, B., and V. | |||
| Gill, "IPv4 Multihoming Practices and Limitations", | Gill, "IPv4 Multihoming Practices and Limitations", | |||
| RFC 4116, DOI 10.17487/RFC4116, July 2005, | RFC 4116, DOI 10.17487/RFC4116, July 2005, | |||
| <https://www.rfc-editor.org/info/rfc4116>. | <https://www.rfc-editor.org/info/rfc4116>. | |||
| skipping to change at line 661 ¶ | skipping to change at page 15, line 27 ¶ | |||
| Email: mohamed.boucadair@orange.com | Email: mohamed.boucadair@orange.com | |||
| Tirumaleswar Reddy | Tirumaleswar Reddy | |||
| McAfee, Inc. | McAfee, Inc. | |||
| Embassy Golf Link Business Park | Embassy Golf Link Business Park | |||
| Bangalore, Karnataka 560071 | Bangalore, Karnataka 560071 | |||
| India | India | |||
| Email: TirumaleswarReddy_Konda@McAfee.com | Email: TirumaleswarReddy_Konda@McAfee.com | |||
| Wei Pan | ||||
| Huawei Technologies | ||||
| Email: william.panwei@huawei.com | ||||
| End of changes. 11 change blocks. | ||||
| 24 lines changed or deleted | 23 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||