subject:"\[DNSOP\] I\-D Action\: draft\-ietf\-dnsop\-dns\-capture\-format\-01.txt"

Re: [DNSOP] I-D Action: draft-ietf-dnsop-dns-capture-format-01.txt

2017-02-27 Thread Jim Hague

On Thursday, 23 February 2017 13:58:18 GMT Bob Harold wrote:
> Is it possible to have a case where the software does not know if
> promiscuous mode was enabled ?  If so, we should allow for an "unspecified"
> or "unknown" code for "promisc"
> 
> Perhaps a pcap to C-DNS converter would have this issue, if the pcap format
> does not include "promisc" info?

Thanks, that's a good point. Yes, it is certainly possible to not have a known 
promiscuous mode, and also of course in the case of a pcap conversion the 
interface is not known.

We're discussing the best approach to handling this; whether to have specified 
'unspecified' values, or specify that, since all config items in C-DNS are 
optional, values should only be present if definitely known.
-- 
Jim Hague
j...@sinodun.com  Never trust a computer you can't lift.
Sinodun Internet Technologies Ltd.   +44 7941 697732

___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] I-D Action: draft-ietf-dnsop-dns-capture-format-01.txt

2017-02-23 Thread Bob Harold

On Tue, Feb 21, 2017 at 6:39 AM, Sara Dickinson  wrote:

> Hi All,
>
> This update to the draft tries to address the recent comments:
>
> * Many editorial improvements by Paul Hoffman
>
> * Included discussion of malformed packet handling
>
> * Improved Appendix C on Comparison of Binary Formats
>
> * Now using C-DNS field names in the tables in section 8
>
> * A handful of new fields included (CDDL updated)
>
> * Timestamps now include optional picoseconds
>
> * Added details of block statistics
>
> Regards
>
> Sara.
>
> > On 21 Feb 2017, at 11:36, internet-dra...@ietf.org wrote:
> >
> >
> > A New Internet-Draft is available from the on-line Internet-Drafts
> directories.
> > This draft is a work item of the Domain Name System Operations of the
> IETF.
> >
> >Title   : C-DNS: A DNS Packet Capture Format
> >Authors : John Dickinson
> >  Jim Hague
> >  Sara Dickinson
> >  Terry Manderson
> >  John Bond
> >   Filename: draft-ietf-dnsop-dns-capture-format-01.txt
> >   Pages   : 48
> >   Date: 2017-02-21
> >
> > Abstract:
> >   This document describes a data representation for collections of DNS
> >   messages.  The format is designed for efficient storage and
> >   transmission of large packet captures of DNS traffic; it attempts to
> >   minimize the size of such packet capture files but retain the full
> >   DNS message contents along with the most useful transport metadata.
> >   It is intended to assist with the development of DNS traffic
> >   monitoring applications.
> >
> >
> > The IETF datatracker status page for this draft is:
> > https://datatracker.ietf.org/doc/draft-ietf-dnsop-dns-capture-format/
> >
> > There's also a htmlized version available at:
> > https://tools.ietf.org/html/draft-ietf-dnsop-dns-capture-format-01
> >
> > A diff from the previous version is available at:
> > https://www.ietf.org/rfcdiff?url2=draft-ietf-dnsop-dns-capture-format-01
> >
> >
> > Please note that it may take a couple of minutes from the time of
> submission
> > until the htmlized version and diff are available at tools.ietf.org.
> >
> > Internet-Drafts are also available by anonymous FTP at:
> > ftp://ftp.ietf.org/internet-drafts/
> >
>
>
Is it possible to have a case where the software does not know if
promiscuous mode was enabled ?  If so, we should allow for an "unspecified"
or "unknown" code for "promisc"

Perhaps a pcap to C-DNS converter would have this issue, if the pcap format
does not include "promisc" info?

-- 
Bob Harold
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] I-D Action: draft-ietf-dnsop-dns-capture-format-01.txt

2017-02-21 Thread Sara Dickinson

Hi All, 

This update to the draft tries to address the recent comments:

* Many editorial improvements by Paul Hoffman

* Included discussion of malformed packet handling

* Improved Appendix C on Comparison of Binary Formats

* Now using C-DNS field names in the tables in section 8

* A handful of new fields included (CDDL updated)

* Timestamps now include optional picoseconds

* Added details of block statistics

Regards

Sara. 

> On 21 Feb 2017, at 11:36, internet-dra...@ietf.org wrote:
> 
> 
> A New Internet-Draft is available from the on-line Internet-Drafts 
> directories.
> This draft is a work item of the Domain Name System Operations of the IETF.
> 
>Title   : C-DNS: A DNS Packet Capture Format
>Authors : John Dickinson
>  Jim Hague
>  Sara Dickinson
>  Terry Manderson
>  John Bond
>   Filename: draft-ietf-dnsop-dns-capture-format-01.txt
>   Pages   : 48
>   Date: 2017-02-21
> 
> Abstract:
>   This document describes a data representation for collections of DNS
>   messages.  The format is designed for efficient storage and
>   transmission of large packet captures of DNS traffic; it attempts to
>   minimize the size of such packet capture files but retain the full
>   DNS message contents along with the most useful transport metadata.
>   It is intended to assist with the development of DNS traffic
>   monitoring applications.
> 
> 
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-dnsop-dns-capture-format/
> 
> There's also a htmlized version available at:
> https://tools.ietf.org/html/draft-ietf-dnsop-dns-capture-format-01
> 
> A diff from the previous version is available at:
> https://www.ietf.org/rfcdiff?url2=draft-ietf-dnsop-dns-capture-format-01
> 
> 
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
> 
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
> 
> ___
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop

___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

[DNSOP] I-D Action: draft-ietf-dnsop-dns-capture-format-01.txt

2017-02-21 Thread internet-drafts


A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Domain Name System Operations of the IETF.

Title   : C-DNS: A DNS Packet Capture Format
Authors : John Dickinson
  Jim Hague
  Sara Dickinson
  Terry Manderson
  John Bond
Filename: draft-ietf-dnsop-dns-capture-format-01.txt
Pages   : 48
Date: 2017-02-21

Abstract:
   This document describes a data representation for collections of DNS
   messages.  The format is designed for efficient storage and
   transmission of large packet captures of DNS traffic; it attempts to
   minimize the size of such packet capture files but retain the full
   DNS message contents along with the most useful transport metadata.
   It is intended to assist with the development of DNS traffic
   monitoring applications.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-dnsop-dns-capture-format/

There's also a htmlized version available at:
https://tools.ietf.org/html/draft-ietf-dnsop-dns-capture-format-01

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-dnsop-dns-capture-format-01


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] I-D Action: draft-ietf-dnsop-dns-capture-format-01.txt

Re: [DNSOP] I-D Action: draft-ietf-dnsop-dns-capture-format-01.txt

Re: [DNSOP] I-D Action: draft-ietf-dnsop-dns-capture-format-01.txt

[DNSOP] I-D Action: draft-ietf-dnsop-dns-capture-format-01.txt

4 matches

Site Navigation

Mail list logo

Footer information