RFC 9133

Controlling Filtering Rules Using Distributed Denial-of-Service Open Threat Signaling (DOTS) Signal Channel, September 2021

File formats:

icon for HTML icon for text file icon for v3pdf icon for XML
Status:
PROPOSED STANDARD
Authors:
K. Nishizuka
M. Boucadair
T. Reddy.K
T. Nagata
Stream:
IETF
Source:
dots (sec)

Cite this RFC: TXT  |  XML

DOI:  10.17487/RFC9133

Discuss this RFC: Send questions or comments to dots@ietf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

This document specifies an extension to the Distributed Denial-of-Service Open Threat Signaling (DOTS) signal channel protocol so that DOTS clients can control their filtering rules when an attack mitigation is active.

Particularly, this extension allows a DOTS client to activate or deactivate existing filtering rules during a Distributed Denial-of-Service (DDoS) attack. The characterization of these filtering rules is conveyed by a DOTS client during an 'idle' time (i.e., no mitigation is active) by means of the DOTS data channel protocol.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.