Re: [CCAMP] Genart last call review of draft-ietf-ccamp-alarm-module-07
stefan vallin <stefan@wallan.se> Wed, 20 March 2019 07:51 UTC
Return-Path: <stefan@wallan.se>
X-Original-To: ccamp@ietfa.amsl.com
Delivered-To: ccamp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DAD651310A8 for <ccamp@ietfa.amsl.com>; Wed, 20 Mar 2019 00:51:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=wallan-se.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jpHwSh3R3Q-x for <ccamp@ietfa.amsl.com>; Wed, 20 Mar 2019 00:51:10 -0700 (PDT)
Received: from mail-lj1-x234.google.com (mail-lj1-x234.google.com [IPv6:2a00:1450:4864:20::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4E1E21310D3 for <ccamp@ietf.org>; Wed, 20 Mar 2019 00:51:10 -0700 (PDT)
Received: by mail-lj1-x234.google.com with SMTP id f23so1393670ljc.0 for <ccamp@ietf.org>; Wed, 20 Mar 2019 00:51:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wallan-se.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=DH2KtQvKYlpefUqOj3c4JCi2qKPlMr1zaKDW2qcuMto=; b=Sa5Fm5AURaDgc62n66869UYz70dM2zT+l9GxC8n/BXF4jvIQFkoXvVjpf4JsQ576ra WIgUxXUVptIifASocNF3U43Kk27ROAh6hUZnLnm249V7QJlbEEEhdqQGND/r/7flzRmc WBH+Mf+3PDv7JaEyIWuxvdYq95kSs22bfVuNbv4154AvOQcFKEbYCgJD0I2pOouy9E1h 3XLFrxpdC3ftTTG+Q2SJBFUyr9kTWZ26AaOuCE9cMEHH+0pQWSgCWG5Ygf5ewj8fa0mb RgZfxAvfKEmwsjKeuIktrFNOsuJHXZbsE48re3zoUFYsYr1v8dOmaVQ9rCvzlS4gHbJ3 fGoA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=DH2KtQvKYlpefUqOj3c4JCi2qKPlMr1zaKDW2qcuMto=; b=f94AcNh9AofMA1P6gD75mDlvOS711n8fluakHfvNrJHOUaoCOw5EIdnBJwIdZuEkRs 0CuPM3RUtqWatbyokyzKMJnnRMAcnZ35nAjfW/sSs78YZwRQuKx19THxbBFFe+3V+3fl wG1unOO2dEQQLQ8v27xYqIPLMxxDoUrqeCx5r7EFlMbYk8AyOIkYMcMexrgmXokxbW24 D9CPEEbWEABGIenbY4nNN+lVEs/hrXdUytiSDnsb9Uj+2K59AJCioqcWW1ADYKE1rF/v uQvA+qE//Jx7EBNvQ2N2MR16IZSkOsM3qJxAkceT3rvyAJShU2iNV8hUIBY5BVNeypXU B5aA==
X-Gm-Message-State: APjAAAVo3GYxV2IDbZLVjm8INnBP2XTzKbkiKMTHowxyd4H0dFom/nc9 sHA004WMURKlq5XFgm9FcG8lYg==
X-Google-Smtp-Source: APXvYqyW4bXKwHphtiX4boDUNfE/t/hlGgM1L8lm42QwW3u5D/S2dGzv5hFc6VLAljRMXYqZmF90cA==
X-Received: by 2002:a2e:5cc3:: with SMTP id q186mr15580929ljb.23.1553068268489; Wed, 20 Mar 2019 00:51:08 -0700 (PDT)
Received: from [192.168.72.11] (h95-155-237-105.cust.a3fiber.se. [95.155.237.105]) by smtp.gmail.com with ESMTPSA id r1sm224293lfm.7.2019.03.20.00.51.07 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 20 Mar 2019 00:51:07 -0700 (PDT)
From: stefan vallin <stefan@wallan.se>
Message-Id: <549638C6-2599-4524-8AE9-436FC949DC88@wallan.se>
Content-Type: multipart/alternative; boundary="Apple-Mail=_F31598A6-910C-43C5-991D-1BBE56FAE498"
Mime-Version: 1.0 (Mac OS X Mail 12.0 \(3445.100.39\))
Date: Wed, 20 Mar 2019 08:51:03 +0100
In-Reply-To: <CAFgnS4WOQL3Q=ec_8efvKtMXb8RSXyaRGx+iyMs28RnWk=HGtQ@mail.gmail.com>
Cc: gen-art <gen-art@ietf.org>, draft-ietf-ccamp-alarm-module.all@ietf.org, ccamp@ietf.org, ietf <ietf@ietf.org>
To: Dan Romascanu <dromasca@gmail.com>
References: <155294084679.26073.4005125072161491147@ietfa.amsl.com> <956268DE-965F-40C3-A845-D236424CE07D@wallan.se> <CAFgnS4WOQL3Q=ec_8efvKtMXb8RSXyaRGx+iyMs28RnWk=HGtQ@mail.gmail.com>
X-Mailer: Apple Mail (2.3445.100.39)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ccamp/d4i2px56dX7nQnL5Zd_SoOB2vcM>
Subject: Re: [CCAMP] Genart last call review of draft-ietf-ccamp-alarm-module-07
X-BeenThere: ccamp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion list for the CCAMP working group <ccamp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ccamp>, <mailto:ccamp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ccamp/>
List-Post: <mailto:ccamp@ietf.org>
List-Help: <mailto:ccamp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ccamp>, <mailto:ccamp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Mar 2019 07:51:23 -0000
Thanks Dan! > On 19 Mar 2019, at 19:54, Dan Romascanu <dromasca@gmail.com> wrote: > > Hi Stefan, > > Thank you for your answer and for addressing my concerns. I am comfortable with your proposals. If your AD agrees, I would include these in a revised version before submission to the approval of the IESG. > > Regards, > > Dan > > > On Tue, Mar 19, 2019 at 5:11 PM stefan vallin <stefan@wallan.se <mailto:stefan@wallan.se>> wrote: > Hi Dan! > Thanks for your review, an honour to have RFC 3877 in the loop :) > See inline > br Stefan > > > > > > > > Major issues: > > > > 1. The definition of Alarm is key for the whole model. It reads like this: > > Alarm (the general concept): An alarm signifies an undesirable state in a > > resource that requires corrective action. > > > > However, RFC 3877 already defined a number of concepts including: > > Error > > A deviation of a system from normal operation. > > > > Fault > > Lasting error or warning condition. > > > > .... > > > > Alarm > > Persistent indication of a fault. > > > > I believe that there is a need to show why the model defined by RFC 3877 needs > > to be changed, and why the difference that RFC 3877 was making between a Fault > > and an Alarm is no longer needed. > > Good comment, you are right, and we need to keep the distinction between fault and alarm. > That distinction is used in X.733, 3GPP IRP and others. The general pattern is that “fault” > refers to what is really broken, and the alarm the manifestation of that underlying cause. > There is not a simple 1-1 relationship between a fault and an alarm > * 1 fault may have many alarms due to limited root cause capabilities of the system > * There might be no underlying fault to an alarm, consider a non-optimal QoS configuration > which gives bad quality in VOIP calls. Certainly a MOS alarm from the VOIP probe, but there > is no “fault” as such (if you do not consider a non-optimal config as a fault) > > So X.733 > X.733 fault: The physical or algorithmic cause of a malfunction > 3GPP fault: a deviation of a system from normal operation, which may result in the loss of operational capabilities of the element or the loss of redundancy in case of a redundant configuration > > I suggest we add the following to terminology: > Fault: the underlying cause of an undesired behaviour > > If we then turn to the term “alarm". I have added two aspects to the definition of an alarm: > > An alarm signifies an *undesirable state* in a resource that *requires corrective action*. > > Mostly based on the alarm standardization work in the process industry (see draft references). > > 1) Rather than “deviation from normal”, we say “undesirable”, subtle difference. > In IT environments it is easier to define what is normal, a normal load to a web server. > And anything deviation from that normal load could be an alarm. > In networking, things are more dynamic, and deviation from normal might be the desired state. > So the definition stresses the fact that it is an undesired state, not just deviation from normal. > > 2) Adding the requirement that an alarm per definition should require an action. This is a sound > requirement that puts requirements on what qualifies as an alarm and limits the amounts of alarms. > (See for example the EEMUA, and ISA182 references in the draft). The 3GPP Alarm standard > also added this to their definition at the later revisions to address the alarm overload problem. > > > > > > > Also, RFC 3877 defined in Section 3 a > > Framework and an Architecture that was consistent with X.733. This document has > > no such section, and while acknowledging the need for a mapping to X.733 it > > states as a goal: > > Mapping to X.733, which is a requirement for some alarm systems. Still, keep > > some of the X.733 concepts out of the core model in order to make the model > > small and easy to understand > > > > More details about what is left out and why these are not needed would help. > The alarm YANG model does not *require* the X.733 parameter > definitions of for example probable-cause enum values. Today, most networking devices > and management systems do not rely on those enumerations. > > Those are defined in the X733 augmentation module in order to keep the core model as > small and useful as possible. X733 requirements come more often from telecom environments. > > > > > > Minor issues: > > > > 1. Section 2 makes a statement that includes > > ... While IETF has not really addressed alarm management > > > > This is is actually not accurate. RFC 3877 addressed Alarm Management. Maybe > > there is a need to revise that approach, but this should be done explicitly, > > not by stating that it did not exist. > Correct, bad wording. > OLD TEXT: > Address alarm usability requirements, see Appendix G. While IETF > has not really addressed alarm management, telecom standards has > addressed it purely from a protocol perspective. The process > industry has published several relevant standards addressing > requirements for a useful alarm interface; [EEMUA], [ISA182]. > This alarm module defines usability requirements as well as a YANG > data model. > SUGGESTION: > Address alarm usability requirements, see Appendix G. While IETF > and telecom standards have addressed alarms mostly from a > protocol perspective, the process industry has published > several relevant standards addressing requirements for a useful > alarm interface; [EEMUA], [ISA182]. > This alarm module defines usability requirements as well as a YANG > data model. > > > > > 2. Section 3.5: > > Closing an alarm implies that the operator considers the corrective action > > performed. > > > > Is this always true? The undesirable state may have been cancelled by some > > other event than corrective action, for example the resource is no longer used, > > or the time elapsed mat have made the undesirable state irrelevant. > > I think it is important to keep the two perspectives in mind. An operator closing an > alarm is only a flag from the operations team that the alarm does not need an action. > It might be cleared or not cleared by the system. > > So in your first example, the alarm is probably cleared by the instrumentation, > correlating “the other event”. > > If the resource is no longer used a shelf should be created. > > If time has passed, depends, …. > > > > > 3. In section 3.5.1: > > Alarms are not cleared by operators, only the underlying instrumentation can > > clear an alarm. Operators can close alarms. > > > > So, the document makes a distinction between clearing an alarm and closing an > > alarm. It may be good to define two two concepts to make the distinction clear. > > Good point! > > Suggested terminology additions: > * Cleared alarm: a cleared alarm is an alarm where the system/server considers the > undesired state to be cleared. Operators can not clear alarms, clearance is managed > by the system. A linkUp notification can be considered a clear condition for a linkDown state. > > * Closed alarm: operators can close alarms irrespective of the alarm being cleared or not. > A closed alarm indicates that the alarm does not need attention, either since the corrective > action has been taken or that it can be ignored for other reasons. > > > > > > 4. Appendix F.1: > > The alarm MIB is state oriented rather than notification oriented, an alarm > > is a "lasting condition", not a discrete notification reporting about a > > condition state change. > Good catch, will rephrase, the alarm MIB and the alarm YANG has a stateful view > of alarms, not notification-focused. > > Suggested change: > OLD > RFC 3877 defines alarm referring back to "a deviation from normal operation". This is > problematic, since this might not require an operator action. The alarm MIB is state > oriented rather than notification oriented, an alarm is a "lasting condition", not a > discrete notification reporting about a condition state change. > NEW: > RFC 3877 defines alarm referring back to "a deviation from normal operation". The Alarm YANG > model adds the requirement that it should require an corrective action and should be undesired, > not only a deviation from normal. The alarm MIB is state oriented in the same way as the Alarm YANG, > it focuses on the "lasting condition", not the individual notifications. > > > > > > I am not sure that I understand this comment. Alarm states are defined also in > > this document, and Alarms as defined here are also different than ' a discrete > > notification reporting about a condition state change'. So, what does this > > comment really try to say? > > > > Nits/editorial comments: > > > > >
- [CCAMP] Genart last call review of draft-ietf-cca… Dan Romascanu via Datatracker
- Re: [CCAMP] Genart last call review of draft-ietf… stefan vallin
- Re: [CCAMP] Genart last call review of draft-ietf… Dan Romascanu
- Re: [CCAMP] Genart last call review of draft-ietf… stefan vallin
- Re: [CCAMP] [Gen-art] Genart last call review of … Alissa Cooper