IETF Logo Mail Archive

Re: [i2rs] YANG validation and opstate

"Susan Hares" <shares@ndzh.com> Mon, 06 June 2016 23:25 UTC

Return-Path: <shares@ndzh.com>
X-Original-To: i2rs@ietfa.amsl.com
Delivered-To: i2rs@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E699812D66A for <i2rs@ietfa.amsl.com>; Mon, 6 Jun 2016 16:25:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.739
X-Spam-Level: *
X-Spam-Status: No, score=1.739 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DOS_OUTLOOK_TO_MX=2.845, HTML_MESSAGE=0.001, RDNS_NONE=0.793] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I3iDuptys9_A for <i2rs@ietfa.amsl.com>; Mon, 6 Jun 2016 16:25:03 -0700 (PDT)
Received: from hickoryhill-consulting.com (unknown [50.245.122.97]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EC49D12D621 for <i2rs@ietf.org>; Mon, 6 Jun 2016 16:25:02 -0700 (PDT)
X-Default-Received-SPF: pass (skip=loggedin (res=PASS)) x-ip-name=174.124.192.86;
From: Susan Hares <shares@ndzh.com>
To: 'Andy Bierman' <andy@yumaworks.com>, i2rs@ietf.org
References: <CABCOCHQAuhsngAKXE=-o=wWsv1u6BXDWCJ--0JJ4p5D0f2WY3Q@mail.gmail.com>
In-Reply-To: <CABCOCHQAuhsngAKXE=-o=wWsv1u6BXDWCJ--0JJ4p5D0f2WY3Q@mail.gmail.com>
Date: Mon, 06 Jun 2016 19:25:04 -0400
Message-ID: <029d01d1c04a$a7d1c330$f7754990$@ndzh.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_029E_01D1C029.20C1A9D0"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQIp0ciFbSIrz3BYT8v9ACaIYSu+5J8s7b8Q
Content-Language: en-us
X-Authenticated-User: skh@ndzh.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2rs/AtHEKn8mjRZOk_4bARUm8dUyeus>
Subject: Re: [i2rs] YANG validation and opstate
X-BeenThere: i2rs@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Interface to The Internet Routing System \(IRS\)" <i2rs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2rs>, <mailto:i2rs-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2rs/>
List-Post: <mailto:i2rs@ietf.org>
List-Help: <mailto:i2rs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2rs>, <mailto:i2rs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Jun 2016 23:25:04 -0000

Andy: 

 

I’m not sure the context you are referring to as “I2RS agent pick which Yang statements they will implement”.  

 

>From the context, I guess you are investigating Ephemeral Configuration State.  If “the server MAY do YANG validation

on the ephemeral datastore”, and then check it in operational state – this clearly works.  However, I’m struggling to fit the normal Ephemeral Configuration State validation into section 8.3 of RFC6020bis.   There are three steps in constraint enforcement (section 8.3 of RFC6020bis).  

   o  during parsing of RPC payloads - 

   o  during processing of the <edit-config> operation

   o  during validation

 

Currently section 8.3.3 says: 

 

“8.3.3.  Validation

 

   When datastore processing is complete, the final contents MUST obey  all validation constraints.  This validation processing is performed  at differing times according to the datastore.   

 

If the datastore is "running" or "startup",   these constraints MUST be enforced at the end of the <edit-config> or <copy-config> operation.  If the datastore is "candidate", the constraint enforcement is delayed until a <commit>

or <validate> operation.”

 

My understanding is we are discussing how constraint enforcement works in Ephemeral Configuration State.  

You need to define where the ephemeral constraints MUST Be enforced.  It would seem reasonable to enforces at the end of <edit-config> or <copy-config>, or by the end of an rpc operation defined in a data model.  

 

Since RESTCONF uses PUTS/PATCH within a HTTP exchange, then the constraint enforcement must be at the end of that http operation.  

 

Sue 

 

 

 

From: i2rs [mailto:i2rs-bounces@ietf.org] On Behalf Of Andy Bierman
Sent: Sunday, June 05, 2016 5:43 PM
To: i2rs@ietf.org
Subject: [i2rs] YANG validation and opstate

 

Hi,

 

I don't really agree with idea that I2RS agents pick which

YANG statements they will implement, but I think there is

a way to handle this correctly in the datastore framework.

 

The proposed enumeration for server validation

capabilities (e.g., full, XPath, leafref) is not really needed.

This enum is too course-grained to be useful.

 

IMO it is better to say the server MAY do YANG validation

on the ephemeral datastore.  Whether or not the server uses

data from the ephemeral datastore is left as an implementation detail.

The server could use invalid input parameters or ignore them

or reject them in the first place.

 

The client needs to check operational state to know if/when the

ephemeral data was applied to the system.

 

 

 

Andy

v2.23.0 | Report a Bug | By Email