| < draft-ietf-dots-telemetry-12.txt | draft-ietf-dots-telemetry-13.txt > | |||
|---|---|---|---|---|
| DOTS M. Boucadair, Ed. | DOTS M. Boucadair, Ed. | |||
| Internet-Draft Orange | Internet-Draft Orange | |||
| Intended status: Standards Track T. Reddy, Ed. | Intended status: Standards Track T. Reddy, Ed. | |||
| Expires: April 1, 2021 McAfee | Expires: April 11, 2021 McAfee | |||
| E. Doron | E. Doron | |||
| Radware Ltd. | Radware Ltd. | |||
| M. Chen | M. Chen | |||
| CMCC | CMCC | |||
| J. Shallow | J. Shallow | |||
| September 28, 2020 | October 8, 2020 | |||
| Distributed Denial-of-Service Open Threat Signaling (DOTS) Telemetry | Distributed Denial-of-Service Open Threat Signaling (DOTS) Telemetry | |||
| draft-ietf-dots-telemetry-12 | draft-ietf-dots-telemetry-13 | |||
| Abstract | Abstract | |||
| This document aims to enrich DOTS signal channel protocol with | This document aims to enrich DOTS signal channel protocol with | |||
| various telemetry attributes allowing optimal Distributed Denial-of- | various telemetry attributes allowing optimal Distributed Denial-of- | |||
| Service attack mitigation. It specifies the normal traffic baseline | Service attack mitigation. It specifies the normal traffic baseline | |||
| and attack traffic telemetry attributes a DOTS client can convey to | and attack traffic telemetry attributes a DOTS client can convey to | |||
| its DOTS server in the mitigation request, the mitigation status | its DOTS server in the mitigation request, the mitigation status | |||
| telemetry attributes a DOTS server can communicate to a DOTS client, | telemetry attributes a DOTS server can communicate to a DOTS client, | |||
| and the mitigation efficacy telemetry attributes a DOTS client can | and the mitigation efficacy telemetry attributes a DOTS client can | |||
| skipping to change at page 1, line 45 ¶ | skipping to change at page 1, line 45 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on April 1, 2021. | This Internet-Draft will expire on April 11, 2021. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2020 IETF Trust and the persons identified as the | Copyright (c) 2020 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 11, line 22 ¶ | skipping to change at page 11, line 22 ¶ | |||
| [I-D.ietf-dots-rfc8782-bis] to control the size of a response when | [I-D.ietf-dots-rfc8782-bis] to control the size of a response when | |||
| the data to be returned does not fit within a single datagram. | the data to be returned does not fit within a single datagram. | |||
| DOTS clients can also use CoAP Block1 Option in a PUT request (see | DOTS clients can also use CoAP Block1 Option in a PUT request (see | |||
| Section 2.5 of [RFC7959]) to initiate large transfers, but these | Section 2.5 of [RFC7959]) to initiate large transfers, but these | |||
| Block1 transfers will fail if the inbound "pipe" is running full, so | Block1 transfers will fail if the inbound "pipe" is running full, so | |||
| consideration needs to be made to try to fit this PUT into a single | consideration needs to be made to try to fit this PUT into a single | |||
| transfer, or to separate out the PUT into several discrete PUTs where | transfer, or to separate out the PUT into several discrete PUTs where | |||
| each of them fits into a single packet. | each of them fits into a single packet. | |||
| Block3 and Block 4 Options that are similar to the CoAP Block1 and | Quick-Block1 and Quick-Block2 Options that are similar to the CoAP | |||
| Block2 Options, but enable faster transmissions of big blocks of data | Block1 and Block2 Options, but enable faster transmissions of big | |||
| with less packet interchanges, are defined in | blocks of data with less packet interchanges, are defined in | |||
| [I-D.ietf-core-new-block]. DOTS implementations can consider the use | [I-D.ietf-core-new-block]. DOTS implementations can consider the use | |||
| of Block3 and Block 4 Options. | of Quick-Block1 and Quick-Block2 Options. | |||
| 4.4. DOTS Multi-homing Considerations | 4.4. DOTS Multi-homing Considerations | |||
| Multi-homed DOTS clients are assumed to follow the recommendations in | Multi-homed DOTS clients are assumed to follow the recommendations in | |||
| [I-D.ietf-dots-multihoming] to select which DOTS server to contact | [I-D.ietf-dots-multihoming] to select which DOTS server to contact | |||
| and which IP prefixes to include in a telemetry message to a given | and which IP prefixes to include in a telemetry message to a given | |||
| peer DOTS server. For example, if each upstream network exposes a | peer DOTS server. For example, if each upstream network exposes a | |||
| DOTS server and the DOTS client maintains DOTS channels with all of | DOTS server and the DOTS client maintains DOTS channels with all of | |||
| them, only the information related to prefixes assigned by an | them, only the information related to prefixes assigned by an | |||
| upstream network to the DOTS client domain will be signaled via the | upstream network to the DOTS client domain will be signaled via the | |||
| skipping to change at page 64, line 52 ¶ | skipping to change at page 64, line 52 ¶ | |||
| o 4.04 (Not Found) is returned by the DOTS server when the DOTS | o 4.04 (Not Found) is returned by the DOTS server when the DOTS | |||
| client has sent a request with a target query that does not match | client has sent a request with a target query that does not match | |||
| the target of the enclosed 'mid' as maintained by the DOTS server. | the target of the enclosed 'mid' as maintained by the DOTS server. | |||
| 10. YANG Modules | 10. YANG Modules | |||
| 10.1. DOTS Signal Channel Telemetry YANG Module | 10.1. DOTS Signal Channel Telemetry YANG Module | |||
| This module uses types defined in [RFC6991] and [RFC8345]. | This module uses types defined in [RFC6991] and [RFC8345]. | |||
| <CODE BEGINS> file "ietf-dots-telemetry@2020-07-03.yang" | <CODE BEGINS> file "ietf-dots-telemetry@2020-10-08.yang" | |||
| module ietf-dots-telemetry { | module ietf-dots-telemetry { | |||
| yang-version 1.1; | yang-version 1.1; | |||
| namespace "urn:ietf:params:xml:ns:yang:ietf-dots-telemetry"; | namespace "urn:ietf:params:xml:ns:yang:ietf-dots-telemetry"; | |||
| prefix dots-telemetry; | prefix dots-telemetry; | |||
| import ietf-dots-signal-channel { | import ietf-dots-signal-channel { | |||
| prefix dots-signal; | prefix dots-signal; | |||
| reference | reference | |||
| "RFC UUUU: Distributed Denial-of-Service Open Threat Signaling | "RFC UUUU: Distributed Denial-of-Service Open Threat Signaling | |||
| (DOTS) Signal Channel Specification"; | (DOTS) Signal Channel Specification"; | |||
| skipping to change at page 66, line 25 ¶ | skipping to change at page 66, line 25 ¶ | |||
| Redistribution and use in source and binary forms, with or | Redistribution and use in source and binary forms, with or | |||
| without modification, is permitted pursuant to, and subject | without modification, is permitted pursuant to, and subject | |||
| to the license terms contained in, the Simplified BSD License | to the license terms contained in, the Simplified BSD License | |||
| set forth in Section 4.c of the IETF Trust's Legal Provisions | set forth in Section 4.c of the IETF Trust's Legal Provisions | |||
| Relating to IETF Documents | Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info). | (http://trustee.ietf.org/license-info). | |||
| This version of this YANG module is part of RFC XXXX; see | This version of this YANG module is part of RFC XXXX; see | |||
| the RFC itself for full legal notices."; | the RFC itself for full legal notices."; | |||
| revision 2020-07-03 { | revision 2020-10-08 { | |||
| description | description | |||
| "Initial revision."; | "Initial revision."; | |||
| reference | reference | |||
| "RFC XXXX: Distributed Denial-of-Service Open Threat | "RFC XXXX: Distributed Denial-of-Service Open Threat | |||
| Signaling (DOTS) Telemetry"; | Signaling (DOTS) Telemetry"; | |||
| } | } | |||
| typedef attack-severity { | typedef attack-severity { | |||
| type enumeration { | type enumeration { | |||
| enum none { | enum none { | |||
| skipping to change at page 86, line 33 ¶ | skipping to change at page 86, line 33 ¶ | |||
| "Provides a set of attack details."; | "Provides a set of attack details."; | |||
| uses attack-detail; | uses attack-detail; | |||
| container top-talker { | container top-talker { | |||
| description | description | |||
| "Lists the top attack sources."; | "Lists the top attack sources."; | |||
| uses top-talker; | uses top-talker; | |||
| } | } | |||
| } | } | |||
| } | } | |||
| sx:augment-structure "/dots-signal:dots-signal/" | sx:augment-structure "/dots-signal:dots-signal" | |||
| + "dots-signal:message-type/" | + "/dots-signal:message-type" | |||
| + "dots-signal:mitigation-scope/" | + "/dots-signal:mitigation-scope" | |||
| + "dots-signal:scope" { | + "/dots-signal:scope" { | |||
| description | description | |||
| "Extends mitigation scope with telemetry update data."; | "Extends mitigation scope with telemetry update data."; | |||
| choice direction { | choice direction { | |||
| description | description | |||
| "Indicates the communication direction in which the | "Indicates the communication direction in which the | |||
| data nodes can be included."; | data nodes can be included."; | |||
| case server-to-client-only { | case server-to-client-only { | |||
| description | description | |||
| "These data nodes appear only in a mitigation message | "These data nodes appear only in a mitigation message | |||
| sent from the server to the client."; | sent from the server to the client."; | |||
| skipping to change at page 88, line 16 ¶ | skipping to change at page 88, line 16 ¶ | |||
| "Indicates whether the DOTS server can be instructed | "Indicates whether the DOTS server can be instructed | |||
| to send pre-or-ongoing-mitigation telemetry. If set | to send pre-or-ongoing-mitigation telemetry. If set | |||
| to FALSE or the data node is not present, this is | to FALSE or the data node is not present, this is | |||
| an indication that the server does not support this | an indication that the server does not support this | |||
| capability."; | capability."; | |||
| } | } | |||
| leaf telemetry-notify-interval { | leaf telemetry-notify-interval { | |||
| type uint32 { | type uint32 { | |||
| range "1 .. 3600"; | range "1 .. 3600"; | |||
| } | } | |||
| units "seconds"; | ||||
| must ". >= ../../min-config-values" | must ". >= ../../min-config-values" | |||
| + "/telemetry-notify-interval" { | + "/telemetry-notify-interval" { | |||
| error-message | error-message | |||
| "The value must be greater than or equal | "The value must be greater than or equal | |||
| to the telemetry-notify-interval in the | to the telemetry-notify-interval in the | |||
| min-config-values"; | min-config-values"; | |||
| } | } | |||
| units "seconds"; | ||||
| description | description | |||
| "Minimum number of seconds between successive | "Minimum number of seconds between successive | |||
| telemetry notifications."; | telemetry notifications."; | |||
| } | } | |||
| } | } | |||
| container min-config-values { | container min-config-values { | |||
| description | description | |||
| "Minimum acceptable configuration values."; | "Minimum acceptable configuration values."; | |||
| uses percentile-config; | uses percentile-config; | |||
| leaf telemetry-notify-interval { | leaf telemetry-notify-interval { | |||
| End of changes. 11 change blocks. | ||||
| 15 lines changed or deleted | 15 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||