Re: [i2rs] Call for Adoption by WG: draft-atlas-i2rs-architecture-01 (ends Aug 12)
Alia Atlas <akatlas@gmail.com> Wed, 14 August 2013 18:27 UTC
Return-Path: <akatlas@gmail.com>
X-Original-To: i2rs@ietfa.amsl.com
Delivered-To: i2rs@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6105721F9D2E for <i2rs@ietfa.amsl.com>; Wed, 14 Aug 2013 11:27:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.528
X-Spam-Level:
X-Spam-Status: No, score=-2.528 tagged_above=-999 required=5 tests=[AWL=0.071, BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id StLgnbTu5W1J for <i2rs@ietfa.amsl.com>; Wed, 14 Aug 2013 11:27:16 -0700 (PDT)
Received: from mail-ob0-x231.google.com (mail-ob0-x231.google.com [IPv6:2607:f8b0:4003:c01::231]) by ietfa.amsl.com (Postfix) with ESMTP id 6A96321F9A4C for <i2rs@ietf.org>; Wed, 14 Aug 2013 11:27:04 -0700 (PDT)
Received: by mail-ob0-f177.google.com with SMTP id f8so11715297obp.8 for <i2rs@ietf.org>; Wed, 14 Aug 2013 11:27:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=pKcn0zUnXjPryrVnwtoHOLkQLOtCwqdWLWYZmgvV20c=; b=ZkoO7dV8we0bwHogVAERtFJXg8ULQyraW/ZAkZQAlOh0KRbgA6q3AhOVZ1JYK2rRDo 3x6msuuRQzii7+Ao++PUPkMri+HhBicq4csan5c9O0KKqV3hhuwjdPNHybTnd63PNdXJ HagfJmgdb33teIq04Zo0+8geCRPO1iYQ0gYQUt3LBuigyUQVjsROWKPq3tu0km4HHNTm YE5ADdYgo0d8k+JJbMOhL5WcSHeg/M/RY1XB40Q5bO73NJkIr+b31TQWJD+6kF3pBWnp gOsTI7rBFzOo4Q4RuLpykccVxPyfK4H8HZelkEhOcPq+AKDc/7QQzrbWSRqMSOMvav9d +ihw==
MIME-Version: 1.0
X-Received: by 10.182.33.4 with SMTP id n4mr21734888obi.19.1376504820940; Wed, 14 Aug 2013 11:27:00 -0700 (PDT)
Received: by 10.182.221.98 with HTTP; Wed, 14 Aug 2013 11:27:00 -0700 (PDT)
In-Reply-To: <2F3EBB88EC3A454AAB08915FBF0B8C7E02E24B44@eusaamb109.ericsson.se>
References: <CAG4d1rdDqdajvUeF4WwJ1Jwn_=xqOMkXrkWwCHtsdsZn6WKzRA@mail.gmail.com> <51F8ED88.5050208@cisco.com> <CAG4d1rdBjyx2+jR5+Pc0RNsr_NSRLtrK6RaFgEqwvguHweZ0Cw@mail.gmail.com> <520BC148.3030306@cisco.com> <520BC2F9.9080500@joelhalpern.com> <2F3EBB88EC3A454AAB08915FBF0B8C7E02E24B44@eusaamb109.ericsson.se>
Date: Wed, 14 Aug 2013 14:27:00 -0400
Message-ID: <CAG4d1rda_pFj08GLVNri3=4H5xsHPQ1vB9Q6Kyk3RvF=gyy8MA@mail.gmail.com>
From: Alia Atlas <akatlas@gmail.com>
To: Jakob Heitz <jakob.heitz@ericsson.com>, Ron Bonica <rbonica@juniper.net>
Content-Type: multipart/alternative; boundary="089e0158ae38e246ff04e3ec807d"
Cc: Joe Marcus Clarke <jclarke@cisco.com>, "Joel M. Halpern" <jmh@joelhalpern.com>, "i2rs@ietf.org" <i2rs@ietf.org>
Subject: Re: [i2rs] Call for Adoption by WG: draft-atlas-i2rs-architecture-01 (ends Aug 12)
X-BeenThere: i2rs@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Interface to The Internet Routing System \(IRS\)" <i2rs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2rs>, <mailto:i2rs-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/i2rs>
List-Post: <mailto:i2rs@ietf.org>
List-Help: <mailto:i2rs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2rs>, <mailto:i2rs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Aug 2013 18:27:20 -0000
I'd discussed the problem of depending on read values to write - whether the same value or a different one - with Ron Bonica a while ago. I rather like your WRITE operation idea - where one could generalize to be able to specify other parameters as well. Thus, it could be WRITE X <-p if Y=n and Z=m - or the simple X <- p if X==q. Alia On Wed, Aug 14, 2013 at 2:14 PM, Jakob Heitz <jakob.heitz@ericsson.com>wrote: > Or say: "must write atomically". > > Here is one way: > In the WRITE message, put the value you want to write, as well as the > value that you think that the parameter currently has. > You can get the value "you think it has" from a previous READ, then you > repeat that in your WRITE message. > The target of the WRITE will refuse to write your value and return an > error if the value was not what you thought it was. > > Another way: > READ with reservation. When you READ, then set a reservation. > When anyone WRITEs the same parameter, it kills all reservations. > When you WRITE, the target system checks if you have a reservation and > refuses to write if you don't and returns an error. > > Or you can write lock the parameter. > > -- > Jakob Heitz. > > > -----Original Message----- > > From: i2rs-bounces@ietf.org [mailto:i2rs-bounces@ietf.org] On Behalf Of > > Joel M. Halpern > > Sent: Wednesday, August 14, 2013 10:49 AM > > To: Joe Marcus Clarke > > Cc: i2rs@ietf.org; Alia Atlas > > Subject: Re: [i2rs] Call for Adoption by WG: > draft-atlas-i2rs-architecture-01 > > (ends Aug 12) > > > > Depending upon how one reads RFCs, declaring that having two writers is > an > > error is a MUST NOT write. > > But we are also trying to recognize that no matter how many MUST NOT > > statements we produce, things happen. So we are trying to define the > > handling. I can live with precedence. I can live with "the item does > not > > change". But I do think it is helpful for us to be explicit about the > behavior in > > this far-to-likely error case. > > > > Yours, > > Joel > > > > > > On 8/14/13 1:41 PM, Joe Marcus Clarke wrote: > > > On 8/13/13 4:01 PM, Alia Atlas wrote: > > >> Section 1.2: > > >> > > >> As can also be seen in Figure 1, an I2RS Agent may communicate > with > > >> multiple clients. Each client may send the agent a variety > of write > > >> operations. The handling of this situation has been a source > of > > >> discussion in the working group. In order to keep the > protocol > > >> simple, the current view is that two clients should not be > attempting > > >> to write (modify) the same piece of information. Such > collisions may > > >> happen, but are considered error cases that should be > resolved by > > the > > >> network applications and management systems. > > >> > > >> JMC: I think more verbiage is needed around how to detect > collisions. > > >> This is key to security considerations. Saying "clients should > not" is > > >> not strong enough to keep our potential attackers. If each > operation is > > >> tagged with an identifier that is unique to a client, then it > will be > > >> possible to determine if the current client is trying to > overwrite data > > >> from a previous client. This could fold into authz as well > where there > > >> is a permission to allow global override of other application's > state. > > >> > > >> > > >> [Alia] For the I2RS Agent to properly handle a collision, it does > > >> need to store the client identifier. I think that is clear in Sec > > >> 5.2 "Simply, the I2RS agent stores who did what operation to which > > entity." > > >> and the details in Sec 6.8 are "The current recommendation is to have > > >> a simple priority associated with each I2RS clients, and the highest > > >> priority change remains in effect. In the case of priority ties, the > > >> first client whose attribution is associated with the data will keep > > >> control." We already have a reference to Sec 6.8 right there - and > > >> that section is where the details are discussed. What specific > additional > > >> verbiage do you think would be useful? The priority is a knob to > allow > > >> overwriting of other applications' state - though needing to is > > >> considered an error. :-) > > > > > > When I first read this, I wanted something stronger to prevent clients > > > from writing to the same piece of data. I think the forward > > > references are fine if perhaps a bit late in the text. But my ask was > > > to strengthen the language to say "must not write." > > > > > >> > > >> > > >> Section 2: > > >> > > >> read scope: ... > > >> > > >> write scope: ... > > >> > > >> JMC: Should there be an event or notification scope in addition > to read > > >> and write? > > >> > > >> > > >> [Alia] I think it is folded into the read scope. If we find the need > > >> for such a term later on, then we can add it. > > > > > > This section talks about "terminology" used in the draft. However, > > > "read scope" as terminology is not used anywhere. The concept of > > > _reading_ data is, however, quite prevalent. In the same way, the > > > draft talks about "notification" in a number of contexts. As such, I > > > feel there is enough distinction there to warrant calling out what is > > > meant by a notification scope. > > > > > > "notification scope: The set of events and associated information that > > > will be sent northbound by the I2RS Agent to I2RS Clients. Clients > > > have the ability to register for specific events, but must do so given > > > the access restrictions of their associated read scope." > > > > > >> > > >> Section 3.4: > > >> > > >> I2RS clients may be operating on behalf of other applications. > While > > >> those applications' identities are not need for > authorization, each > > >> application should have a unique opaque identifier that can be > > >> provided by the I2RS client to the I2RS agent for purposes of > > >> tracking attribution of operations. > > >> > > >> JMC: The opaque ID might make it hard to accurately attribute > changes. > > >> I2RS should mandate a way to ensure traceability back to a > client that > > >> made the change or was granted access. > > >> > > >> > > >> [Alia] What do you have in mind? The I2RS client will have a > > >> security role and its scope. The I2RS client needs to vet the > > >> applications that it is a broker for. The opaque ID can be something > that is > > meaningful > > >> to that I2RS client. Basically, I2RS is providing the identity and > > >> security for between the I2RS client and the I2RS agent. I don't see > > >> it as practical or appropriate to try and define how the I2RS client > > >> and its applications interact; I know the broker/controller model is > > >> popular and so we do need enough to help support traceability to a > > >> secondary ID, but I'm not sure what is needed or appropriate beyond > > that. > > > > > > After listening to the working group session and based on other > > > threads, this text is now clearer to me. To summarize my feeling, I > > > don't think I2RS should mandate a northbound Client protocol, but we > > > need a unique way to identify the specific Client that obtained > > > access. This means that even in a load-balancing or HA case, there > > > must be a way to uniquely identify the Client that communicate with > > > the Agent. The northbound actor driving the Client should also be > > > identifiable, but that is outside the scope of this document. > > > > > >> Section 5.2.2: > > >> > > >> An I2RS Agent may decide that some state should no longer be > applied. > > >> An I2RS Client may instruct an Agent to remove state it has > applied. > > >> In all such cases, the state will revert to what it would > have been > > >> without the I2RS; that state is generally whatever was > specified via > > >> the CLI, NetConf, SNMP, etc. I2RS Agents will not store > multiple > > >> alternative states, nor try to determine which one among such > a > > >> plurality it should fall back to. Thus, the model followed > is not > > >> like the RIB, where multiple routes are stored at different > > >> preferences. > > >> > > >> JMC: Previously I had commented that one event that should be > > supported > > >> and perhaps documented here is that if the agent decides to > revert the > > >> application can be notified that its state has been reverted. > This > > >> might also be useful if another client overrides some portion of > another > > >> client's state (this is covered in Section 6.8, but might be > useful to > > >> mention here as well). Perhaps add at the end of Section 5.2.2: > > >> > > >> "A client may choose to be notified whenever its state is > reverted > > >> either by another client or by the I2RS agent." > > >> > > >> > > >> [Alia] I'll put in: "An I2RS Client may register for notifications > > >> when state that was applied by a particular I2RS Client is modified > > >> or removed." That is slightly different since it allows an I2RS > > >> Client to learn about the changes to state from itself or from a > > >> different I2RS Client. > > > > > > WFM, thanks. > > > > > >> > > >> Section 5.4.2: > > >> > > >> (Bulleted list of examples) > > >> > > >> JMC: Consider adding an example for an event such as a new route > > being > > >> learned or an OSPF neighbor removal. > > >> > > >> > > >> [Alia] I think that "writing routes or prefixes to be advertised via > the > > >> protocol" describes a new route being learned. I'd prefer not to put > > >> OSPF neighbor removal in as an example. It raises the questions > > >> about what is configuration vs. ephemeral data and the I2RS scope. > > >> If you have a good use-case that requires it, then I'd be quite > > >> interested in seeing it. > > > > > > I was specifically asking about an _event_ use case. Very simply if > > > we learn/lose a route, I'd want my Client to be notified so I can > > > perhaps react to it to install another route or remove a route I have > > > previously installed (e.g., a failover/failback use case). > > > > > > Additionally, if a peer is otherwise reachable, but stops > > > participating in OSPF, BGP, etc., I would like I2RS to notify my > > > Client as I may not know about this any other way (though I could be > > > flooded with route delete events, it's good to correlate that to a > peer going > > away). > > > > > >> > > >> > > >> > > >> Section 5.4.4: > > >> > > >> Many network elements have separate policy and QoS mechanisms, > > >> including knobs which affect local path computation and queue > > control > > >> capabilities. These capabilities vary widely across > implementations, > > >> and I2RS cannot model the full range of information > collection or > > >> manipulation of these attributes. A core set does need to be > > >> included in the I2RS data models and in the expected > interfaces > > >> between the I2RS Agent and the network element, in order to > > provide > > >> basic capabilities and the hooks for future extensibility. > > >> > > >> JMC: I think this either needs an editor's note for more > discussion or > > >> perhaps QoS in general should be out of scope. > > >> > > >> > > >> [Alia] I am happy to add in an editor's note for more discussion - > > >> but we should start that conversation now on the list - because the > > >> WG does have quite tight deadlines for milestones. > > > > > > Fair enough. > > > > > >> Section 6.1: > > >> > > >> That protocol may use several underlying transports (TCP, > > >> SCTP, DCCP), with suitable authentication and integrity > protection > > >> mechanisms. Whatever transport is used for the data > exchange, it > > >> must also support suitable congestion control mechanisms. > > >> > > >> JMC: I think Carlos (or someone) mentioned this, but I'm not > sure DCCP > > >> is ideal for I2RS since we likely do want reliable order of > delivery. > > >> > > >> > > >> [Alia] Yes - DCCP is clearly the wrong choice for a control channel - > > >> but it may be > > >> good for delivering statistics. I think we'll have different > transport > > >> options depending on the requirements of a particular data model or > > >> section. Since you are the second person to be confused by that > > >> section, I've added the following sentence: > > >> > > >> "These different transports can support different types of > > >> communication (e.g. control, reading, notifications, and information > > >> collection) and different sets of data." > > >> > > >> Let me know if that helps or if you have better ideas for wording. > > > > > > That works. > > > > > >> Section 6.7: > > >> > > >> One of the other important aspects of the I2RS is that it is > intended > > >> to simplify collecting information about the state of network > > >> elements. > > >> > > >> JMC: I think this needs to be more specific to routing > information > > >> versus any information from the network element (e.g., it does > not > > cover > > >> CPU statistics). > > >> > > >> > > >> [Alia] The scoping is a question - and that will depend on what the > > >> use-cases we consider need and what the related information and data > > >> models need to be. If you look at the > > >> draft-bitar-i2rs-service-chaining-00, it does ask for things like CPU > > >> load. I do think there is a real need to be able to get back > > >> thresholded and filtered information. You probably heard Ed's > personal > > >> thoughts about a single protocol as well... So - I don't think the > > >> architecture needs to restrict the data in scope - particular in a > > >> section that is talking about communication patterns - but as a WG, > > >> we need to keep a tight focus that still provides sufficient > > >> information to fully solve the desired use-cases. > > > > > > My concerns comes from a desire not to have I2RS become a common > > > API/protocol for things that SNMP or NETCONF or some other potential > > > data collection scheme is used for. So I agree we need a tight focus > > > and potentially a litmus test for what should be adopted as > > > collectable data via I2RS. As it stands now, I think someone could > > > argue for any kind of data and present a use case for it (e.g., > > > latency, interface errors, location). So the statement I made was > > > more around the lines of should I2RS stay pure to routing and routed > > > topology or should we really open the door to other data that is not > > specifically related to routing? > > > > > > Joe > > > > > >> > > _______________________________________________ > > i2rs mailing list > > i2rs@ietf.org > > https://www.ietf.org/mailman/listinfo/i2rs >
- [i2rs] Call for Adoption by WG: draft-atlas-i2rs-… Alia Atlas
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Joel M. Halpern
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Susan Hares
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Thomas Nadeau
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… N.Leymann
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… George, Wes
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Alia Atlas
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Jon Mitchell
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Carlos Pignataro (cpignata)
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Joe Marcus Clarke
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Carlos Pignataro (cpignata)
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… KwangKoog Lee
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Jamal Hadi Salim
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Sriganesh Kini
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Edward Crabbe
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Alia Atlas
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Alia Atlas
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Alia Atlas
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Alia Atlas
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Alia Atlas
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Alia Atlas
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… t.petch
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Joel M. Halpern
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Joe Marcus Clarke
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Joel M. Halpern
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Carlos Pignataro (cpignata)
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Jakob Heitz
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Carlos Pignataro (cpignata)
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Joel M. Halpern
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Alia Atlas
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Alia Atlas
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Alia Atlas
- Re: [i2rs] Call for Adoption by WG: draft-atlas-i… Alia Atlas