Distributed Denial-of-Service Open Threat Signaling (DOTS) Signal Channel

Created
2020-01-16
Last Updated
2021-09-08
Available Formats

XML

HTML

Plain text

Registries included below

DOTS Signal Channel CBOR Key Values

Expert(s)
Nik Teague, Mohamed Boucadair, Andrew Mortensen, Tirumaleswar Reddy
Reference
[RFC9132]
Note
Requests for assignments from the registry's Specification 
Required range should be sent to the mailing list described in 
[RFC 9132, Section 10.6.1.1].

Available Formats

CSV
Range Registration Procedures Note
1-127 IETF Review comprehension-required
128-255 IETF Review comprehension-optional
256-16383 IETF Review comprehension-required
16384-32767 Specification Required comprehension-optional
32768-49151 IETF Review comprehension-optional
49152-65535 Private Use comprehension-optional
Parameter Name CBOR Key Value CBOR Major Type Change Controller Reference
Reserved 0 [RFC9132]
ietf-dots-signal-channel:mitigation-scope 1 5 IESG [RFC9132]
scope 2 4 IESG [RFC9132]
cdid 3 3 IESG [RFC9132]
cuid 4 3 IESG [RFC9132]
mid 5 0 IESG [RFC9132]
target-prefix 6 4 IESG [RFC9132]
target-port-range 7 4 IESG [RFC9132]
lower-port 8 0 IESG [RFC9132]
upper-port 9 0 IESG [RFC9132]
target-protocol 10 4 IESG [RFC9132]
target-fqdn 11 4 IESG [RFC9132]
target-uri 12 4 IESG [RFC9132]
alias-name 13 4 IESG [RFC9132]
lifetime 14 0/1 IESG [RFC9132]
mitigation-start 15 0 IESG [RFC9132]
status 16 0 IESG [RFC9132]
conflict-information 17 5 IESG [RFC9132]
conflict-status 18 0 IESG [RFC9132]
conflict-cause 19 0 IESG [RFC9132]
retry-timer 20 0 IESG [RFC9132]
conflict-scope 21 5 IESG [RFC9132]
acl-list 22 4 IESG [RFC9132]
acl-name 23 3 IESG [RFC9132]
acl-type 24 3 IESG [RFC9132]
bytes-dropped 25 0 IESG [RFC9132]
bps-dropped 26 0 IESG [RFC9132]
pkts-dropped 27 0 IESG [RFC9132]
pps-dropped 28 0 IESG [RFC9132]
attack-status 29 0 IESG [RFC9132]
ietf-dots-signal-channel:signal-config 30 5 IESG [RFC9132]
sid 31 0 IESG [RFC9132]
mitigating-config 32 5 IESG [RFC9132]
heartbeat-interval 33 5 IESG [RFC9132]
min-value 34 0 IESG [RFC9132]
max-value 35 0 IESG [RFC9132]
current-value 36 0 IESG [RFC9132]
missing-hb-allowed 37 5 IESG [RFC9132]
max-retransmit 38 5 IESG [RFC9132]
ack-timeout 39 5 IESG [RFC9132]
ack-random-factor 40 5 IESG [RFC9132]
min-value-decimal 41 6tag4 IESG [RFC9132]
max-value-decimal 42 6tag4 IESG [RFC9132]
current-value-decimal 43 6tag4 IESG [RFC9132]
idle-config 44 5 IESG [RFC9132]
trigger-mitigation 45 7 IESG [RFC9132]
ietf-dots-signal-channel:redirected-signal 46 5 IESG [RFC9132]
alt-server 47 3 IESG [RFC9132]
alt-server-record 48 4 IESG [RFC9132]
ietf-dots-signal-channel:heartbeat 49 5 IESG [RFC9132]
probing-rate 50 5 IESG [RFC9132]
peer-hb-status 51 7 IESG [RFC9132]
activation-type 52 0 IESG [RFC9133]
ietf-dots-signal-control:acl-list 53 4 IESG [RFC9133]
Unassigned 54-32767
ietf-dots-call-home:source-prefix 32768 4 IESG [RFC-ietf-dots-signal-call-home-14]
ietf-dots-call-home:source-port-range 32769 4 IESG [RFC-ietf-dots-signal-call-home-14]
ietf-dots-call-home:source-icmp-type-range 32770 4 IESG [RFC-ietf-dots-signal-call-home-14]
lower-type 32771 0 IESG [RFC-ietf-dots-signal-call-home-14]
upper-type 32772 0 IESG [RFC-ietf-dots-signal-call-home-14]
ietf-dots-call-home:alt-ch-client 32773 3 IESG [RFC-ietf-dots-signal-call-home-14]
ietf-dots-call-home:alt-ch-client-record 32774 4 IESG [RFC-ietf-dots-signal-call-home-14]
ietf-dots-call-home:ttl 32775 0 IESG [RFC-ietf-dots-signal-call-home-14]
Unassigned 32776-49151
Reserved for Private Use 49152-65535 [RFC9132]

DOTS Signal Channel Status Codes

Registration Procedure(s)
Standards Action
Reference
[RFC9132]
Note
When this registry is modified, the YANG module [iana-dots-signal-
channel] must be updated as defined in [RFC9132].
    
Available Formats

CSV
Code Label Description Reference
0 Reserved [RFC9132]
1 attack-mitigation-in-progress Attack mitigation setup is in progress (e.g., changing the network path to redirect the inbound traffic to a DOTS mitigator). [RFC9132]
2 attack-successfully-mitigated Attack is being successfully mitigated (e.g., traffic is redirected to a DDoS mitigator and attack traffic is dropped). [RFC9132]
3 attack-stopped Attack has stopped and the DOTS client can withdraw the mitigation request. [RFC9132]
4 attack-exceeded-capability Attack has exceeded the mitigation provider capability. [RFC9132]
5 dots-client-withdrawn-mitigation DOTS client has withdrawn the mitigation request and the mitigation is active but terminating. [RFC9132]
6 attack-mitigation-terminated Attack mitigation is now terminated. [RFC9132]
7 attack-mitigation-withdrawn Attack mitigation is withdrawn. [RFC9132]
8 attack-mitigation-signal-loss Attack mitigation will be triggered for the mitigation request only when the DOTS signal channel session is lost. [RFC9132]
9-2147483647 Unassigned

DOTS Signal Channel Conflict Status Codes

Registration Procedure(s)
Standards Action
Reference
[RFC9132]
Note
When this registry is modified, the YANG module [iana-dots-signal-
channel] must be updated as defined in [RFC9132].
    
Available Formats

CSV
Code Label Description Reference
0 Reserved [RFC9132]
1 request-inactive-other-active DOTS server has detected conflicting mitigation requests from different DOTS clients. This mitigation request is currently inactive until the conflicts are resolved. Another mitigation request is active. [RFC9132]
2 request-active DOTS server has detected conflicting mitigation requests from different DOTS clients. This mitigation request is currently active. [RFC9132]
3 all-requests-inactive DOTS server has detected conflicting mitigation requests from different DOTS clients. All conflicting mitigation requests are inactive. [RFC9132]
4-2147483647 Unassigned

DOTS Signal Channel Conflict Cause Codes

Registration Procedure(s)
Standards Action
Reference
[RFC9132]
Note
When this registry is modified, the YANG module [iana-dots-signal-
channel] must be updated as defined in [RFC9132].
    
Available Formats

CSV
Code Label Description Reference
0 Reserved [RFC9132]
1 overlapping-targets Overlapping targets. [RFC9132]
2 conflict-with-acceptlist Conflicts with an existing accept-list. This code is returned when the DDoS mitigation detects source addresses/prefixes in the accept-listed ACLs are attacking the target. [RFC9132]
3 cuid-collision CUID Collision. This code is returned when a DOTS client uses a 'cuid' that is already used by another DOTS client. [RFC9132]
4 request-rejected-legitimate-traffic Mitigation request rejected. This code is returned by the DOTS server to indicate the attack traffic has been classified as legitimate traffic. [RFC-ietf-dots-signal-call-home-14]
5-2147483647 Unassigned

DOTS Signal Channel Attack Status Codes

Registration Procedure(s)
Standards Action
Reference
[RFC9132]
Note
When this registry is modified, the YANG module [iana-dots-signal-
channel] must be updated as defined in [RFC9132].
    
Available Formats

CSV
Code Label Description Reference
0 Reserved [RFC9132]
1 under-attack The DOTS client determines that it is still under attack. [RFC9132]
2 attack-successfully-mitigated The DOTS client determines that the attack is successfully mitigated. [RFC9132]
3-2147483647 Unassigned