Internet Assigned Numbers Authority Distributed Denial-of-Service Open Threat Signaling (DOTS) Signal Channel Created 2020-01-16 Last Updated 2023-03-03 Available Formats [IMG] XML [IMG] HTML [IMG] Plain text Registries included below * DOTS Signal Channel CBOR Key Values * DOTS Signal Channel Status Codes * DOTS Signal Channel Conflict Status Codes * DOTS Signal Channel Conflict Cause Codes * DOTS Signal Channel Attack Status Codes DOTS Signal Channel CBOR Key Values Expert(s) Nik Teague, Mohamed Boucadair, Andrew Mortensen, Tirumaleswar Reddy Reference [RFC9132] Note Requests for assignments from the registry's Specification Required range should be sent to the mailing list described in [RFC 9132, Section 10.6.1.1]. If approved, designated experts should notify IANA within three weeks. For assistance, please contact iana@iana.org. Available Formats [IMG] CSV Range Registration Procedures Note 1-127 IETF Review comprehension-required 128-255 IETF Review comprehension-optional 256-16383 IETF Review comprehension-required 16384-32767 Specification Required comprehension-optional 32768-49151 IETF Review comprehension-optional 49152-65535 Private Use comprehension-optional Parameter Name CBOR Key Value CBOR Major Type Change Controller Reference Reserved 0 [RFC9132] ietf-dots-signal-channel:mitigation-scope 1 5 IESG [RFC9132] scope 2 4 IESG [RFC9132] cdid 3 3 IESG [RFC9132] cuid 4 3 IESG [RFC9132] mid 5 0 IESG [RFC9132] target-prefix 6 4 IESG [RFC9132] target-port-range 7 4 IESG [RFC9132] lower-port 8 0 IESG [RFC9132] upper-port 9 0 IESG [RFC9132] target-protocol 10 4 IESG [RFC9132] target-fqdn 11 4 IESG [RFC9132] target-uri 12 4 IESG [RFC9132] alias-name 13 4 IESG [RFC9132] lifetime 14 0/1 IESG [RFC9132] mitigation-start 15 0 IESG [RFC9132] status 16 0 IESG [RFC9132] conflict-information 17 5 IESG [RFC9132] conflict-status 18 0 IESG [RFC9132] conflict-cause 19 0 IESG [RFC9132] retry-timer 20 0 IESG [RFC9132] conflict-scope 21 5 IESG [RFC9132] acl-list 22 4 IESG [RFC9132] acl-name 23 3 IESG [RFC9132] acl-type 24 3 IESG [RFC9132] bytes-dropped 25 0 IESG [RFC9132] bps-dropped 26 0 IESG [RFC9132] pkts-dropped 27 0 IESG [RFC9132] pps-dropped 28 0 IESG [RFC9132] attack-status 29 0 IESG [RFC9132] ietf-dots-signal-channel:signal-config 30 5 IESG [RFC9132] sid 31 0 IESG [RFC9132] mitigating-config 32 5 IESG [RFC9132] heartbeat-interval 33 5 IESG [RFC9132] min-value 34 0 IESG [RFC9132] max-value 35 0 IESG [RFC9132] current-value 36 0 IESG [RFC9132] missing-hb-allowed 37 5 IESG [RFC9132] max-retransmit 38 5 IESG [RFC9132] ack-timeout 39 5 IESG [RFC9132] ack-random-factor 40 5 IESG [RFC9132] min-value-decimal 41 6tag4 IESG [RFC9132] max-value-decimal 42 6tag4 IESG [RFC9132] current-value-decimal 43 6tag4 IESG [RFC9132] idle-config 44 5 IESG [RFC9132] trigger-mitigation 45 7 IESG [RFC9132] ietf-dots-signal-channel:redirected-signal 46 5 IESG [RFC9132] alt-server 47 3 IESG [RFC9132] alt-server-record 48 4 IESG [RFC9132] ietf-dots-signal-channel:heartbeat 49 5 IESG [RFC9132] probing-rate 50 5 IESG [RFC9132] peer-hb-status 51 7 IESG [RFC9132] activation-type 52 0 IESG [RFC9133] ietf-dots-signal-control:acl-list 53 4 IESG [RFC9133] Unassigned 54-127 tsid 128 0 IESG [RFC9244] telemetry 129 4 IESG [RFC9244] low-percentile 130 6tag4 IESG [RFC9244] mid-percentile 131 6tag4 IESG [RFC9244] high-percentile 132 6tag4 IESG [RFC9244] unit-config 133 4 IESG [RFC9244] unit 134 0 IESG [RFC9244] unit-status 135 7 IESG [RFC9244] total-pipe-capacity 136 4 IESG [RFC9244] link-id 137 3 IESG [RFC9244] pre-or-ongoing-mitigation 138 4 IESG [RFC9244] total-traffic-normal 139 4 IESG [RFC9244] low-percentile-g 140 0 IESG [RFC9244] mid-percentile-g 141 0 IESG [RFC9244] high-percentile-g 142 0 IESG [RFC9244] peak-g 143 0 IESG [RFC9244] total-attack-traffic 144 4 IESG [RFC9244] total-traffic 145 4 IESG [RFC9244] total-connection-capacity 146 4 IESG [RFC9244] connection 147 0 IESG [RFC9244] connection-client 148 0 IESG [RFC9244] embryonic 149 0 IESG [RFC9244] embryonic-client 150 0 IESG [RFC9244] connection-ps 151 0 IESG [RFC9244] connection-client-ps 152 0 IESG [RFC9244] request-ps 153 0 IESG [RFC9244] request-client-ps 154 0 IESG [RFC9244] partial-request-max 155 0 IESG [RFC9244] partial-request-client-max 156 0 IESG [RFC9244] total-attack-connection 157 5 IESG [RFC9244] connection-c 158 5 IESG [RFC9244] embryonic-c 159 5 IESG [RFC9244] connection-ps-c 160 5 IESG [RFC9244] request-ps-c 161 5 IESG [RFC9244] attack-detail 162 4 IESG [RFC9244] id 163 0 IESG [RFC9244] attack-id 164 0 IESG [RFC9244] attack-description 165 3 IESG [RFC9244] attack-severity 166 0 IESG [RFC9244] start-time 167 0 IESG [RFC9244] end-time 168 0 IESG [RFC9244] source-count 169 5 IESG [RFC9244] top-talker 170 5 IESG [RFC9244] spoofed-status 171 7 IESG [RFC9244] partial-request-c 172 5 IESG [RFC9244] total-attack-connection-protocol 173 4 IESG [RFC9244] baseline 174 4 IESG [RFC9244] current-config 175 5 IESG [RFC9244] max-config-values 176 5 IESG [RFC9244] min-config-values 177 5 IESG [RFC9244] supported-unit-classes 178 5 IESG [RFC9244] server-originated-telemetry 179 7 IESG [RFC9244] telemetry-notify-interval 180 0 IESG [RFC9244] tmid 181 0 IESG [RFC9244] measurement-interval 182 0 IESG [RFC9244] measurement-sample 183 0 IESG [RFC9244] talker 184 4 IESG [RFC9244] source-prefix 185 3 IESG [RFC9244] mid-list 186 4 IESG [RFC9244] source-port-range 187 4 IESG [RFC9244] source-icmp-type-range 188 4 IESG [RFC9244] target 189 5 IESG [RFC9244] capacity 190 0 IESG [RFC9244] protocol 191 0 IESG [RFC9244] total-traffic-normal-per-protocol 192 4 IESG [RFC9244] total-traffic-normal-per-port 193 4 IESG [RFC9244] total-connection-capacity-per-port 194 4 IESG [RFC9244] total-traffic-protocol 195 4 IESG [RFC9244] total-traffic-port 196 4 IESG [RFC9244] total-attack-traffic-protocol 197 4 IESG [RFC9244] total-attack-traffic-port 198 4 IESG [RFC9244] total-attack-connection-port 199 4 IESG [RFC9244] port 200 0 IESG [RFC9244] supported-query-type 201 4 IESG [RFC9244] vendor-id 202 0 IESG [RFC9244] ietf-dots-telemetry:telemetry-setup 203 5 IESG [RFC9244] ietf-dots-telemetry:total-traffic 204 4 IESG [RFC9244] ietf-dots-telemetry:total-attack-traffic 205 4 IESG [RFC9244] ietf-dots-telemetry:total-attack-connection 206 5 IESG [RFC9244] ietf-dots-telemetry:attack-detail 207 4 IESG [RFC9244] ietf-dots-telemetry:telemetry 208 5 IESG [RFC9244] current-g 209 0 IESG [RFC9244] description-lang 210 3 IESG [RFC9244] Unassigned 211-32767 ietf-dots-call-home:source-prefix 32768 4 IESG [RFC9066] ietf-dots-call-home:source-port-range 32769 4 IESG [RFC9066] ietf-dots-call-home:source-icmp-type-range 32770 4 IESG [RFC9066] lower-type 32771 0 IESG [RFC9066] upper-type 32772 0 IESG [RFC9066] ietf-dots-call-home:alt-ch-client 32773 3 IESG [RFC9066] ietf-dots-call-home:alt-ch-client-record 32774 4 IESG [RFC9066] ietf-dots-call-home:ttl 32775 0 IESG [RFC9066] ietf-dots-robust-trans:max-payloads 32776 5 IETF [RFC9362] ietf-dots-robust-trans:non-max-retransmit 32777 5 IETF [RFC9362] ietf-dots-robust-trans:non-timeout 32778 5 IETF [RFC9362] ietf-dots-robust-trans:non-receive-timeout 32779 5 IETF [RFC9362] ietf-dots-robust-trans:non-probing-wait 32780 5 IETF [RFC9362] ietf-dots-robust-trans:non-partial-timeout 32781 5 IETF [RFC9362] Unassigned 32782-49151 Reserved for Private Use 49152-65535 [RFC9132] DOTS Signal Channel Status Codes Registration Procedure(s) Standards Action Reference [RFC9132] Note When this registry is modified, the YANG module [iana-dots-signal- channel] must be updated as defined in [RFC9132]. Available Formats [IMG] CSV Code Label Description Reference 0 Reserved [RFC9132] 1 attack-mitigation-in-progress Attack mitigation setup is in progress (e.g., changing the network path to redirect the [RFC9132] inbound traffic to a DOTS mitigator). 2 attack-successfully-mitigated Attack is being successfully mitigated (e.g., traffic is redirected to a DDoS mitigator [RFC9132] and attack traffic is dropped). 3 attack-stopped Attack has stopped and the DOTS client can withdraw the mitigation request. [RFC9132] 4 attack-exceeded-capability Attack has exceeded the mitigation provider capability. [RFC9132] 5 dots-client-withdrawn-mitigation DOTS client has withdrawn the mitigation request and the mitigation is active but [RFC9132] terminating. 6 attack-mitigation-terminated Attack mitigation is now terminated. [RFC9132] 7 attack-mitigation-withdrawn Attack mitigation is withdrawn. [RFC9132] 8 attack-mitigation-signal-loss Attack mitigation will be triggered for the mitigation request only when the DOTS signal [RFC9132] channel session is lost. 9-2147483647 Unassigned DOTS Signal Channel Conflict Status Codes Registration Procedure(s) Standards Action Reference [RFC9132] Note When this registry is modified, the YANG module [iana-dots-signal- channel] must be updated as defined in [RFC9132]. Available Formats [IMG] CSV Code Label Description Reference 0 Reserved [RFC9132] DOTS server has detected conflicting mitigation requests from different DOTS clients. This 1 request-inactive-other-active mitigation request is currently inactive until the conflicts are resolved. Another [RFC9132] mitigation request is active. 2 request-active DOTS server has detected conflicting mitigation requests from different DOTS clients. This [RFC9132] mitigation request is currently active. 3 all-requests-inactive DOTS server has detected conflicting mitigation requests from different DOTS clients. All [RFC9132] conflicting mitigation requests are inactive. 4-2147483647 Unassigned DOTS Signal Channel Conflict Cause Codes Registration Procedure(s) Standards Action Reference [RFC9132] Note When this registry is modified, the YANG module [iana-dots-signal- channel] must be updated as defined in [RFC9132]. Available Formats [IMG] CSV Code Label Description Reference 0 Reserved [RFC9132] 1 overlapping-targets Overlapping targets. [RFC9132] Conflicts with an existing accept-list. This code is returned when the DDoS 2 conflict-with-acceptlist mitigation detects source addresses/prefixes in the accept-listed ACLs are attacking [RFC9132] the target. 3 cuid-collision CUID Collision. This code is returned when a DOTS client uses a 'cuid' that is [RFC9132] already used by another DOTS client. 4 request-rejected-legitimate-traffic Mitigation request rejected. This code is returned by the DOTS server to indicate the [RFC9066] attack traffic has been classified as legitimate traffic. 5 overlapping-pipes Overlapping pipe scope [RFC9244] 6-2147483647 Unassigned DOTS Signal Channel Attack Status Codes Registration Procedure(s) Standards Action Reference [RFC9132] Note When this registry is modified, the YANG module [iana-dots-signal- channel] must be updated as defined in [RFC9132]. Available Formats [IMG] CSV Code Label Description Reference 0 Reserved [RFC9132] 1 under-attack The DOTS client determines that it is still under attack. [RFC9132] 2 attack-successfully-mitigated The DOTS client determines that the attack is successfully mitigated. [RFC9132] 3-2147483647 Unassigned Licensing Terms