Internet Assigned Numbers Authority

Distributed Denial-of-Service Open Threat Signaling (DOTS) Signal Channel

Created
2020-01-16
Last Updated
2022-06-22
Available Formats

XML

HTML

Plain text

Registries included below

DOTS Signal Channel CBOR Key Values

Expert(s)
Nik Teague, Mohamed Boucadair, Andrew Mortensen, Tirumaleswar Reddy
Reference
[RFC9132]
Note
Requests for assignments from the registry's Specification 
Required range should be sent to the mailing list described in 
[RFC 9132, Section 10.6.1.1].

Available Formats

CSV
Range Registration Procedures Note
1-127 IETF Review comprehension-required
128-255 IETF Review comprehension-optional
256-16383 IETF Review comprehension-required
16384-32767 Specification Required comprehension-optional
32768-49151 IETF Review comprehension-optional
49152-65535 Private Use comprehension-optional
Parameter Name CBOR Key Value CBOR Major Type Change Controller Reference
Reserved 0 [RFC9132]
ietf-dots-signal-channel:mitigation-scope 1 5 IESG [RFC9132]
scope 2 4 IESG [RFC9132]
cdid 3 3 IESG [RFC9132]
cuid 4 3 IESG [RFC9132]
mid 5 0 IESG [RFC9132]
target-prefix 6 4 IESG [RFC9132]
target-port-range 7 4 IESG [RFC9132]
lower-port 8 0 IESG [RFC9132]
upper-port 9 0 IESG [RFC9132]
target-protocol 10 4 IESG [RFC9132]
target-fqdn 11 4 IESG [RFC9132]
target-uri 12 4 IESG [RFC9132]
alias-name 13 4 IESG [RFC9132]
lifetime 14 0/1 IESG [RFC9132]
mitigation-start 15 0 IESG [RFC9132]
status 16 0 IESG [RFC9132]
conflict-information 17 5 IESG [RFC9132]
conflict-status 18 0 IESG [RFC9132]
conflict-cause 19 0 IESG [RFC9132]
retry-timer 20 0 IESG [RFC9132]
conflict-scope 21 5 IESG [RFC9132]
acl-list 22 4 IESG [RFC9132]
acl-name 23 3 IESG [RFC9132]
acl-type 24 3 IESG [RFC9132]
bytes-dropped 25 0 IESG [RFC9132]
bps-dropped 26 0 IESG [RFC9132]
pkts-dropped 27 0 IESG [RFC9132]
pps-dropped 28 0 IESG [RFC9132]
attack-status 29 0 IESG [RFC9132]
ietf-dots-signal-channel:signal-config 30 5 IESG [RFC9132]
sid 31 0 IESG [RFC9132]
mitigating-config 32 5 IESG [RFC9132]
heartbeat-interval 33 5 IESG [RFC9132]
min-value 34 0 IESG [RFC9132]
max-value 35 0 IESG [RFC9132]
current-value 36 0 IESG [RFC9132]
missing-hb-allowed 37 5 IESG [RFC9132]
max-retransmit 38 5 IESG [RFC9132]
ack-timeout 39 5 IESG [RFC9132]
ack-random-factor 40 5 IESG [RFC9132]
min-value-decimal 41 6tag4 IESG [RFC9132]
max-value-decimal 42 6tag4 IESG [RFC9132]
current-value-decimal 43 6tag4 IESG [RFC9132]
idle-config 44 5 IESG [RFC9132]
trigger-mitigation 45 7 IESG [RFC9132]
ietf-dots-signal-channel:redirected-signal 46 5 IESG [RFC9132]
alt-server 47 3 IESG [RFC9132]
alt-server-record 48 4 IESG [RFC9132]
ietf-dots-signal-channel:heartbeat 49 5 IESG [RFC9132]
probing-rate 50 5 IESG [RFC9132]
peer-hb-status 51 7 IESG [RFC9132]
activation-type 52 0 IESG [RFC9133]
ietf-dots-signal-control:acl-list 53 4 IESG [RFC9133]
Unassigned 54-127
tsid 128 0 IESG [RFC9244]
telemetry 129 4 IESG [RFC9244]
low-percentile 130 6tag4 IESG [RFC9244]
mid-percentile 131 6tag4 IESG [RFC9244]
high-percentile 132 6tag4 IESG [RFC9244]
unit-config 133 4 IESG [RFC9244]
unit 134 0 IESG [RFC9244]
unit-status 135 7 IESG [RFC9244]
total-pipe-capacity 136 4 IESG [RFC9244]
link-id 137 3 IESG [RFC9244]
pre-or-ongoing-mitigation 138 4 IESG [RFC9244]
total-traffic-normal 139 4 IESG [RFC9244]
low-percentile-g 140 0 IESG [RFC9244]
mid-percentile-g 141 0 IESG [RFC9244]
high-percentile-g 142 0 IESG [RFC9244]
peak-g 143 0 IESG [RFC9244]
total-attack-traffic 144 4 IESG [RFC9244]
total-traffic 145 4 IESG [RFC9244]
total-connection-capacity 146 4 IESG [RFC9244]
connection 147 0 IESG [RFC9244]
connection-client 148 0 IESG [RFC9244]
embryonic 149 0 IESG [RFC9244]
embryonic-client 150 0 IESG [RFC9244]
connection-ps 151 0 IESG [RFC9244]
connection-client-ps 152 0 IESG [RFC9244]
request-ps 153 0 IESG [RFC9244]
request-client-ps 154 0 IESG [RFC9244]
partial-request-max 155 0 IESG [RFC9244]
partial-request-client-max 156 0 IESG [RFC9244]
total-attack-connection 157 5 IESG [RFC9244]
connection-c 158 5 IESG [RFC9244]
embryonic-c 159 5 IESG [RFC9244]
connection-ps-c 160 5 IESG [RFC9244]
request-ps-c 161 5 IESG [RFC9244]
attack-detail 162 4 IESG [RFC9244]
id 163 0 IESG [RFC9244]
attack-id 164 0 IESG [RFC9244]
attack-description 165 3 IESG [RFC9244]
attack-severity 166 0 IESG [RFC9244]
start-time 167 0 IESG [RFC9244]
end-time 168 0 IESG [RFC9244]
source-count 169 5 IESG [RFC9244]
top-talker 170 5 IESG [RFC9244]
spoofed-status 171 7 IESG [RFC9244]
partial-request-c 172 5 IESG [RFC9244]
total-attack-connection-protocol 173 4 IESG [RFC9244]
baseline 174 4 IESG [RFC9244]
current-config 175 5 IESG [RFC9244]
max-config-values 176 5 IESG [RFC9244]
min-config-values 177 5 IESG [RFC9244]
supported-unit-classes 178 5 IESG [RFC9244]
server-originated-telemetry 179 7 IESG [RFC9244]
telemetry-notify-interval 180 0 IESG [RFC9244]
tmid 181 0 IESG [RFC9244]
measurement-interval 182 0 IESG [RFC9244]
measurement-sample 183 0 IESG [RFC9244]
talker 184 4 IESG [RFC9244]
source-prefix 185 3 IESG [RFC9244]
mid-list 186 4 IESG [RFC9244]
source-port-range 187 4 IESG [RFC9244]
source-icmp-type-range 188 4 IESG [RFC9244]
target 189 5 IESG [RFC9244]
capacity 190 0 IESG [RFC9244]
protocol 191 0 IESG [RFC9244]
total-traffic-normal-per-protocol 192 4 IESG [RFC9244]
total-traffic-normal-per-port 193 4 IESG [RFC9244]
total-connection-capacity-per-port 194 4 IESG [RFC9244]
total-traffic-protocol 195 4 IESG [RFC9244]
total-traffic-port 196 4 IESG [RFC9244]
total-attack-traffic-protocol 197 4 IESG [RFC9244]
total-attack-traffic-port 198 4 IESG [RFC9244]
total-attack-connection-port 199 4 IESG [RFC9244]
port 200 0 IESG [RFC9244]
supported-query-type 201 4 IESG [RFC9244]
vendor-id 202 0 IESG [RFC9244]
ietf-dots-telemetry:telemetry-setup 203 5 IESG [RFC9244]
ietf-dots-telemetry:total-traffic 204 4 IESG [RFC9244]
ietf-dots-telemetry:total-attack-traffic 205 4 IESG [RFC9244]
ietf-dots-telemetry:total-attack-connection 206 5 IESG [RFC9244]
ietf-dots-telemetry:attack-detail 207 4 IESG [RFC9244]
ietf-dots-telemetry:telemetry 208 5 IESG [RFC9244]
current-g 209 0 IESG [RFC9244]
description-lang 210 3 IESG [RFC9244]
Unassigned 211-32767
ietf-dots-call-home:source-prefix 32768 4 IESG [RFC9066]
ietf-dots-call-home:source-port-range 32769 4 IESG [RFC9066]
ietf-dots-call-home:source-icmp-type-range 32770 4 IESG [RFC9066]
lower-type 32771 0 IESG [RFC9066]
upper-type 32772 0 IESG [RFC9066]
ietf-dots-call-home:alt-ch-client 32773 3 IESG [RFC9066]
ietf-dots-call-home:alt-ch-client-record 32774 4 IESG [RFC9066]
ietf-dots-call-home:ttl 32775 0 IESG [RFC9066]
Unassigned 32776-49151
Reserved for Private Use 49152-65535 [RFC9132]

DOTS Signal Channel Status Codes

Registration Procedure(s)
Standards Action
Reference
[RFC9132]
Note
When this registry is modified, the YANG module [iana-dots-signal-
channel] must be updated as defined in [RFC9132].
    
Available Formats

CSV
Code Label Description Reference
0 Reserved [RFC9132]
1 attack-mitigation-in-progress Attack mitigation setup is in progress (e.g., changing the network path to redirect the inbound traffic to a DOTS mitigator). [RFC9132]
2 attack-successfully-mitigated Attack is being successfully mitigated (e.g., traffic is redirected to a DDoS mitigator and attack traffic is dropped). [RFC9132]
3 attack-stopped Attack has stopped and the DOTS client can withdraw the mitigation request. [RFC9132]
4 attack-exceeded-capability Attack has exceeded the mitigation provider capability. [RFC9132]
5 dots-client-withdrawn-mitigation DOTS client has withdrawn the mitigation request and the mitigation is active but terminating. [RFC9132]
6 attack-mitigation-terminated Attack mitigation is now terminated. [RFC9132]
7 attack-mitigation-withdrawn Attack mitigation is withdrawn. [RFC9132]
8 attack-mitigation-signal-loss Attack mitigation will be triggered for the mitigation request only when the DOTS signal channel session is lost. [RFC9132]
9-2147483647 Unassigned

DOTS Signal Channel Conflict Status Codes

Registration Procedure(s)
Standards Action
Reference
[RFC9132]
Note
When this registry is modified, the YANG module [iana-dots-signal-
channel] must be updated as defined in [RFC9132].
    
Available Formats

CSV
Code Label Description Reference
0 Reserved [RFC9132]
1 request-inactive-other-active DOTS server has detected conflicting mitigation requests from different DOTS clients. This mitigation request is currently inactive until the conflicts are resolved. Another mitigation request is active. [RFC9132]
2 request-active DOTS server has detected conflicting mitigation requests from different DOTS clients. This mitigation request is currently active. [RFC9132]
3 all-requests-inactive DOTS server has detected conflicting mitigation requests from different DOTS clients. All conflicting mitigation requests are inactive. [RFC9132]
4-2147483647 Unassigned

DOTS Signal Channel Conflict Cause Codes

Registration Procedure(s)
Standards Action
Reference
[RFC9132]
Note
When this registry is modified, the YANG module [iana-dots-signal-
channel] must be updated as defined in [RFC9132].
    
Available Formats

CSV
Code Label Description Reference
0 Reserved [RFC9132]
1 overlapping-targets Overlapping targets. [RFC9132]
2 conflict-with-acceptlist Conflicts with an existing accept-list. This code is returned when the DDoS mitigation detects source addresses/prefixes in the accept-listed ACLs are attacking the target. [RFC9132]
3 cuid-collision CUID Collision. This code is returned when a DOTS client uses a 'cuid' that is already used by another DOTS client. [RFC9132]
4 request-rejected-legitimate-traffic Mitigation request rejected. This code is returned by the DOTS server to indicate the attack traffic has been classified as legitimate traffic. [RFC9066]
5 overlapping-pipes Overlapping pipe scope [RFC9244]
6-2147483647 Unassigned

DOTS Signal Channel Attack Status Codes

Registration Procedure(s)
Standards Action
Reference
[RFC9132]
Note
When this registry is modified, the YANG module [iana-dots-signal-
channel] must be updated as defined in [RFC9132].
    
Available Formats

CSV
Code Label Description Reference
0 Reserved [RFC9132]
1 under-attack The DOTS client determines that it is still under attack. [RFC9132]
2 attack-successfully-mitigated The DOTS client determines that the attack is successfully mitigated. [RFC9132]
3-2147483647 Unassigned