IETF Logo Mail Archive

Re: [i2rs] modeling options for draft-ietf-i2rs-yang-network-topo

Kent Watsen <kwatsen@juniper.net> Tue, 14 February 2017 13:55 UTC

Return-Path: <kwatsen@juniper.net>
X-Original-To: i2rs@ietfa.amsl.com
Delivered-To: i2rs@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB28E129645 for <i2rs@ietfa.amsl.com>; Tue, 14 Feb 2017 05:55:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.922
X-Spam-Level:
X-Spam-Status: No, score=-1.922 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=junipernetworks.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id htxTFECmBksC for <i2rs@ietfa.amsl.com>; Tue, 14 Feb 2017 05:55:53 -0800 (PST)
Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on0100.outbound.protection.outlook.com [104.47.41.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AA912129621 for <i2rs@ietf.org>; Tue, 14 Feb 2017 05:55:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=junipernetworks.onmicrosoft.com; s=selector1-juniper-net; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=ovby2pmT+m3NcyYzG45+grsygt+jlrGtLxfzcLhQfTo=; b=NSvRgPyrr1g0dnQDu8ova2FpMQkXX+ctTxEDH8ueDzqsC/OV3s58R/B2ZtCXg3qflli/TrHgEho6GC1wwmu1zea0xpsEJUHJAzaXBxtkayJkui9Vtv+XPEAU9aTpPIFzKwyHQkvvgbmHiepdHzYjm9Fzfj3qcDPwcXqdIAhNg20=
Received: from BN3PR0501MB1442.namprd05.prod.outlook.com (10.160.117.151) by BN3PR0501MB1442.namprd05.prod.outlook.com (10.160.117.151) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.919.10; Tue, 14 Feb 2017 13:55:51 +0000
Received: from BN3PR0501MB1442.namprd05.prod.outlook.com ([10.160.117.151]) by BN3PR0501MB1442.namprd05.prod.outlook.com ([10.160.117.151]) with mapi id 15.01.0919.011; Tue, 14 Feb 2017 13:55:51 +0000
From: Kent Watsen <kwatsen@juniper.net>
To: Martin Bjorklund <mbj@tail-f.com>
Thread-Topic: [i2rs] modeling options for draft-ietf-i2rs-yang-network-topo
Thread-Index: AQHShm7DGX1TjHFotkqv+yitC/fU9qFoWKoA///awYA=
Date: Tue, 14 Feb 2017 13:55:51 +0000
Message-ID: <447B5293-75CE-4CE2-ADA4-D9E55EC7EA35@juniper.net>
References: <AA7FA7D3-ED7B-4482-BBAC-7144E4944D92@juniper.net> <20170214.120910.763903356597953031.mbj@tail-f.com>
In-Reply-To: <20170214.120910.763903356597953031.mbj@tail-f.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.1e.0.170107
authentication-results: spf=none (sender IP is ) smtp.mailfrom=kwatsen@juniper.net;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [66.129.241.14]
x-ms-office365-filtering-correlation-id: 9a077415-d5f3-400a-da4d-08d454e13032
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081); SRVR:BN3PR0501MB1442;
x-microsoft-exchange-diagnostics: 1; BN3PR0501MB1442; 7:SesiuKO5S2QMkKIXR6zBY8+Y0Dl0jEFMHioFxp0ezKV3YS7YuFCjNJK2YySW0PqdFBYtQ0sPQndhUuGJP+wIbtebQiMZNpjTqgSAthlQBZq3VvfEndBKlbvAYYkks+K7pXX74+cTgXzO3phcxJXvTCAD8zCR8O/Y4yUWCM46pLqVSGlas7DPEmONYLXJSJzZJkHR6VATMz2GZqNeU8kcCQM9YwYGGavy9yGngyWaZEsldsoxd+3OFeTvXxXpXS3H3IPXI6LkqYjDt8wvMo55Q16dSBEkGTKZQppfEJY6+aQ7/U9QjYsip9OetjInUJPiLHanpscr1SWGqAQ/xaKiT25azhTyd+dpF1GcSbMxw5egNo6pryA5IdjnRGAygOQWJDmBz9oMIydySbpmaVk8zB/PZvGjbqCaiA66tqQlsqADElnza86Wn3zaaDxscrgEM6HpQ8fEJMYSgQ9ZMQcsU30VnT7SxRUyGTOajofd8Apkr81LobrLICDjiM1LwDuG5HHjp0YksIhwcl3Z3Zg+ow==
x-microsoft-antispam-prvs: <BN3PR0501MB144215F2B72B02A7AC85E7FCA5580@BN3PR0501MB1442.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040375)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6055026)(6041248)(20161123558025)(20161123564025)(20161123562025)(20161123555025)(20161123560025)(6072148); SRVR:BN3PR0501MB1442; BCL:0; PCL:0; RULEID:; SRVR:BN3PR0501MB1442;
x-forefront-prvs: 0218A015FA
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(7916002)(39840400002)(39450400003)(39410400002)(39860400002)(39850400002)(199003)(189002)(52314003)(82746002)(83506001)(189998001)(38730400002)(53936002)(83716003)(6246003)(110136004)(4326007)(25786008)(50986999)(76176999)(54356999)(86362001)(122556002)(6436002)(77096006)(6486002)(101416001)(33656002)(6506006)(3660700001)(2906002)(5660300001)(66066001)(230783001)(229853002)(106356001)(3846002)(305945005)(102836003)(7736002)(6116002)(6916009)(99286003)(8936002)(92566002)(2950100002)(81156014)(2900100001)(36756003)(4001350100001)(106116001)(8676002)(105586002)(81003)(68736007)(81166006)(6306002)(97736004)(3280700002)(6512007)(104396002); DIR:OUT; SFP:1102; SCL:1; SRVR:BN3PR0501MB1442; H:BN3PR0501MB1442.namprd05.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <E0319A9579992740B8534A4E646B50A0@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Feb 2017 13:55:51.7274 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN3PR0501MB1442
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2rs/QioUXf_meU-OCbipIJrdZvbTF4k>
Cc: "i2rs@ietf.org" <i2rs@ietf.org>
Subject: Re: [i2rs] modeling options for draft-ietf-i2rs-yang-network-topo
X-BeenThere: i2rs@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Interface to The Internet Routing System \(IRS\)" <i2rs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2rs>, <mailto:i2rs-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2rs/>
List-Post: <mailto:i2rs@ietf.org>
List-Help: <mailto:i2rs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2rs>, <mailto:i2rs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Feb 2017 13:55:56 -0000


[moving yang-doctors to BCC]


>> OPTION 1: separate /foo and /foo-state trees
>> --------------------------------------------
>> 
>> This option was/is described here:
>> https://www.ietf.org/mail-archive/web/i2rs/current/msg04316.html.
>> 
>> PROS:
>>   a) does NOT break legacy clients (how we got here)
>>   b) consistent with convention used in many IETF modules
>>   c) able to show if/how opstate may differ from configured values
>> 
>> CONS:
>>   a) questionably valid YANG leafref usage
>
> What does this mean?

I'm referring to how the description statement explains that
the server may look to operational state in order to resolve
the leafref, which is to result in behavior similar to 
pre-configuration in RFC 7223.



>>   b) complex server implementation (to handle require-instance false)
>
>Can you elaborate on this one?

This is primarily a reflection of the CON listed above, in that
it seems that a server would need to have special handling for 
when dependencies transition from being present to not-present
and vice versa, much like the code to handle when a physical
card is plugged in or removed.

Note: I should've listed this as a CON for OPTION 2 as well.



>>   c) eventually the module would need to migrate to the long-term 
>>      solution, which would result in needing to also rewrite all
>>      modules that have augmented it (e.g., ietf-te-topology).
>>   d) leafref path expressions really only work for configuration data,
>>      though a clever server could have a special ability to peak at
>>      the opstate values when doing validations.  Of course, with 
>>      require-instance is false, the value of leafref based validation
>>      checking is negated anyway, even for config true nodes, so this
>>      may not matter much.
>> 
>> 
>> 
>> OPTION 2: explicit client-option to also return tagged opstate data
>> -------------------------------------------------------------------
>> 
>> This option takes a couple forms.  The first is module-specific and
>> the second is generic.  In both cases, the idea is modeled after the
>> with-defaults solution (RFC6243), wherein the client passes a special
>> flag into <get-config> causing the server to also return opstate data,
>> having a special metadata flag set, intermingled with the
>> configuration
>> data.
>> 
>> 
>> 2A: Module-specific version
>> 
>>    module foo {
>>       import ietf-netconf { prefix nc; }
>>       import ietf-yang-metadata { prefix md; }
>>       md:annotation server-provided {
>>          type boolean;
>>       }
>>       container nodes {
>>          config true;
>>          list node {
>>             key "name";
>>             leaf name { type string; }
>>             leaf dependency {
>>                type leafref {
>>                  path "../node/name"
>>                  require-instance false;
>>                }
>>             }
>>          }
>>       }
>>       augment /nc:get-config/nc:input {
>>          leaf with-server-provided {
>>             type boolean;
>>          }
>>       }
>>    }
>
> I don't think this solution is substantially different from the
> solution in draft-ietf-i2rs-yang-network-topo-10.  You have just moved
> a config false leaf to a meta-data annotation.  This solution suffers
> from the same problems as the solution in
> draft-ietf-i2rs-yang-network-topo-10.

There are two primary differences:

1) It doesn't break legacy clients, because it requires the client to
   explicitly pass a 'with-server-provided' flag in the <get-config>
   request in order to get back the extended response.  Likewise, it
   doesn't break backup/restore workflows, as the server can discard
   any 'server-provided' nodes passed in an <edit-config> operation.
   Lastly, it doesn't break <lock>/<unlock>, as there is no comingling
   of opstate data in the 'running' datastore.

2) It doesn't say anything about how the opstate data is stored on the
   server.  The opstate data is not modeled at all.  This approach 
   only defines a presentation-layer format for how opstate data can
   be returned via an RPC.  The server is free to persist the opstate
   data anyway it wants, perhaps in an internal datastore called 
   'operational-state' or in an uber-datastore with the opstate data
   flagged with a datastore='oper-state' attribute.  Regardless, it's
   an implementation detail, and the conceptual datastore model is
   preserved.



> /martin

Kent




>> 
>> For instance:
>> 
>>   <get-config>
>>     <source>
>>       <running/>
>>     </source>
>>     <with-server-provided/>
>>    </get-config>
>> 
>>    <data>
>>      <nodes>
>>        <node>
>>          <name>overlay-node</name>
>>          <dependency>underlay-node</dependency>
>>        </node>
>>        <node foo:server-provided='true'>
>>          <name>underlay-node</name>
>>        </node>
>>      </nodes>
>>    </data>
>> 
>> PROS:
>>   a) does NOT break legacy clients (how we got here)
>>   b) having all data in one merged tree is simpler to process 
>>      than two separate queries.
>>   c) module doesn't have to be rewritten for revised-datastores;
>>      the 'with-server-provided' switch would just not be passed
>>      by new opstate-aware clients.
>> 
>> CONS:
>>   a) inconsistent with convention used in many IETF modules
>>   b) unclear how to model 'with-server-provided' for RESTCONF
>>      (just use a description statement to define a query param?)
>>   c) unable to return the opstate value for any configured node
>>      (is it needed here?)
>>   d) requires server to support metadata, which is a relatively
>>      new concept and maybe not well supported by servers.
>>   e) only changes presentation-layer (doesn't change the fact 
>>      that 'server-provided' data is not configuration), thus the
>>      leafref path expressions still don't work quite the way as
>>      desired, though a clever server could have a special ability
>>      to peak at the opstate values when doing validations. Of 
>>      course, with require-instance is false, the value of leafref
>>      based validation checking is negated anyway, even for config
>>      true nodes, so this may not matter much.
>> 
>> 
>> 
>> 
>> 2B: Generic version
>> 
>> The generic version is much the same, but rather than letting the
>> solution be limited to this one module, the idea is to generalize
>> it so it could be a server-level feature.  Having a generic RPC to
>> return data from more than one DS at a time was something that was
>> discussed ~1.5 years ago when we were kicking off the opstate effort.
>> 
>> The PROS and CONS are similar, but there are additional CONS in the
>> generic case.  The main ones being 1) how to simultaneously return 
>> both the config and opstate values for a node (split at the leaves)
>> and 2) how to handle some YANG statements such as presence containers
>> and choice nodes.  For this reason, (2B) is NOT considered a viable
>> solution and is only here so that it's clear that it was discussed.
>> 
>> 
>> 
>> If there are any other options people want to suggest, please do so
>> now!
>> 
>> Thanks,
>> Kent
>>

v2.23.0 | Report a Bug | By Email