IETF Logo Mail Archive

[ipcdn] MIB Doctor review of: draft-ietf-ipcdn-subscriber-mib-06.txt

"Wijnen, Bert (Bert)" <bwijnen@lucent.com> Tue, 01 October 2002 15:30 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA22458 for <ipcdn-archive@odin.ietf.org>; Tue, 1 Oct 2002 11:30:07 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id g91FVc010089 for ipcdn-archive@odin.ietf.org; Tue, 1 Oct 2002 11:31:38 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id g91FT8v08071; Tue, 1 Oct 2002 11:29:08 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id g91FS5v08026 for <ipcdn@optimus.ietf.org>; Tue, 1 Oct 2002 11:28:05 -0400
Received: from ihemail1.firewall.lucent.com (ihemail1.lucent.com [192.11.222.161]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA22374 for <ipcdn@ietf.org>; Tue, 1 Oct 2002 11:26:05 -0400 (EDT)
Received: from nl0006exch001h.wins.lucent.com (h135-85-76-62.lucent.com [135.85.76.62]) by ihemail1.firewall.lucent.com (Switch-2.2.2/Switch-2.2.0) with ESMTP id g91FS1D13020 for <ipcdn@ietf.org>; Tue, 1 Oct 2002 11:28:01 -0400 (EDT)
Received: by nl0006exch001h.nl.lucent.com with Internet Mail Service (5.5.2653.19) id <SLBXB9LR>; Tue, 1 Oct 2002 17:28:00 +0200
Message-ID: <A451D5E6F15FD211BABC0008C7FAD7BC0F0DAC9D@nl0006exch003u.nl.lucent.com>
From: "Wijnen, Bert (Bert)" <bwijnen@lucent.com>
To: wsawyer@ieee.org, ipcdn@ietf.org
Cc: "Thomas Narten (E-mail)" <narten@us.ibm.com>, "Erik Nordmark (E-mail)" <Erik.Nordmark@sun.com>, "Bert Wijnen (E-mail)" <bwijnen@lucent.com>
Date: Tue, 01 Oct 2002 17:27:58 +0200
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: text/plain; charset="iso-8859-1"
Subject: [ipcdn] MIB Doctor review of: draft-ietf-ipcdn-subscriber-mib-06.txt
Sender: ipcdn-admin@ietf.org
Errors-To: ipcdn-admin@ietf.org
X-BeenThere: ipcdn@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipcdn>, <mailto:ipcdn-request@ietf.org?subject=unsubscribe>
List-Id: IP over Cable Data Network <ipcdn.ietf.org>
List-Post: <mailto:ipcdn@ietf.org>
List-Help: <mailto:ipcdn-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ipcdn>, <mailto:ipcdn-request@ietf.org?subject=subscribe>

Took a bit longer than I had hoped. Oh well, here we go

More or less serious issues/concerns:
- 2nd para in Section 2 starts off with:
    "Much of this MIB duplicates capabilities found in 
     the DOCSIS Cable Device MIB [17]."
  So I immediately wonder why we need to duplicate any of
  that other stuff, even without looking at the details.
  Pls explain/justify. 
  The other praragraphs in this section try to explain some 
  of it I think. But what is not clear is: will this MIB
  then obsolete the one in reference [17].
  If it only partially obsoletes/replaces it, then maybe
  that should be made clear and the [17] may need a 
  revision to deprecate the objects being replaced.
- In sect 2.1 you write:
     "The docsSubMgtCpeControlTable, docsSubMgtCpeIpTable,
      and docsSubMgtCmFilterTable augment the 
      docsIfCmtsCmStatusTable from [18]."
  I do see this is true for docsSubMgtCpeControlTable but
  for docsSubMgtCmFilterTable you are not using the AUGMENTS
  clause. So maybe it is only a sparse augmentation? If so,
  the better say so. If it is a real AUGMENT then use the
  AUGMENTS clause.
- Mmm... sect 2.2 starts to talk about the use of TFTTTP... 
  what does that have to do with the MIB? Maybe explain that
  a bit (better). FOr example, why such is needed. And maybe
  you can add a reference where people can find info about it.
  The good news is that you do mention possible security aspects 
  (with references) in the Security Considerations section. Hope
  it is acceptable to Security ADs.
- Sect 2.3
  I really wonder if this is smart. Why not give a much larger range
  to the index objects and then specify via the MODULE COMPLIANCE 
  that they only need to support up to 1024. That way you do not
  have to change the MIB in the future if you ever need more
  than 1024. You then add another compliance statement (which
  can actually be done in a different module/document)
- The MIB MODULE-IDENTITY also talks about experimental.
  You want to removethat if you go for STDs track
- In the MIB you must use 4-digit year notation, so
  change 
           LAST-UPDATED    "0202280000Z" -- February 28, 2002
  into
           LAST-UPDATED    "200202280000Z" -- February 28, 2002
  and also 
           REVISION "0202280000Z" -- February 28, 2002
  into
           REVISION "200202280000Z" -- February 28, 2002
- Normally, for a new RFC, we only have one REVISION clause. Whatever
  changes were made during the WG process are not recorded in revision
  clauses, so you can remove the 2nd revision clause.
  In fact the one and only revision clause should say something like:

           REVISION "200202280000Z" -- February 28, 2002
           DESCRIPTION "Initial version, published as RFC xxxx."
           -- RFC Editor to assign xxxx
- I am not comfortable with you putting this MIB under { docsDev 5 }
  How does DCOSIS keep track as to hwo makes assignments under
  the docsDev OID subtree?
  Why can this not be another assignment under mib-2 ??
  Certainly it should not have been docsDev 5 while you were making
  all sorts of changes during the WG process or while it was so
  called "experimental" ...
- I see:
    docsSubMgtCpeControlReset OBJECT-TYPE
       SYNTAX  TruthValue
       MAX-ACCESS read-write
       STATUS  current
       DESCRIPTION
           "This object always returns false on read.  If this object is
       set to true, the rows with  'learned' addresses in
       docsSubMgtCpeIpTable for this CM are deleted from that table."
  Mmm.. so if I SET the object to true and do a GET afterwards then it is
  back in false? I need to check if SNMP/MIB people are really happy with
  this.
- I am kind of wondering about the AUGEMENTS for
          AUGMENTS { docsIfCmtsCmStatusEntry }
  Are all the WG members and potential implementers aware that you are
  adding read-write objects to an otherwise read-only table?
  I guess it would be good to spell out in the DESCRIPTION clause
  of this table:
  - that it AUGEMENTS (instead of extends) the docsIfCmtsCmStatusTable
  - that it adds 4 WRITEable objects.
- the following 3 objects that define defaults. Can you explain how
  that works and when they come into play. I see that hey do when the
  registration fails. So is it that when a cable modem registers, then
  this MIB-table (at a device in the provider premises?) gets populated
  with whatever the user registers? And if he does not register you still 
  add entries to this MIB-table and the defaults get picked up in that case?
  I may be confused, because neither in this document
  nor in RFC2669/2670 did I find where this MIB and the others reside.
  Would be good to have a picture of the devices involved, where they
  are located adn what their function is.
- table docsSubMgtPktFilterTable is a read-create table.
  I see no StorageType object and no words at all about the persistency
  of that table. We need to understand the behaviour for persistency.
  This comment applies to all your read-create tables. In fact it also
  applies (I think) to read-write values of other objects and other
  tables as well.
- I see:
       docsSubMgtPktFilterGroup        Integer32,
       docsSubMgtPktFilterIndex        Integer32,
       docsSubMgtPktFilterSrcAddrType  InetAddressType,
       docsSubMgtPktFilterSrcAddr      InetAddress,
       docsSubMgtPktFilterSrcMaskType  InetAddressType,
       docsSubMgtPktFilterSrcMask      InetAddress,
       docsSubMgtPktFilterDstAddrType  InetAddressType,
       docsSubMgtPktFilterDstAddr      InetAddress,
       docsSubMgtPktFilterDstMaskType  InetAddressType,
       docsSubMgtPktFilterDstMask      InetAddress,
  A few remarks/questions
  - that would give me the impression that the addressType for
    address and mask could be different.
  - it also gives me the impression that addressType for source
    and destination can be different.
  - From your COMPLIANCE section that seems not to be the case
    for current implementers of this MIB.
    Not clear if it will never be the case in the future.
  - Anyway, if addressType is the same, then only one such object
    is needed. Maybe an old version of the INET-ADDRESS-MIB did
    suggest that you needed multiple. But the current version
    as per RFC 3291.
  - This new version also suggest to use InetAddressPrefixLength
    instead of a mask. Pls take a look at that.
- if the DEFVAL for    docsSubMgtPktFilterSrcAddrType is ipv4,
  then why is the DEFVAL for    docsSubMgtPktFilterSrcAddr not 0.0.0.0?
- same for Destination address
- object docsSubMgtPktFilterUlp says:
       DESCRIPTION
       "Upper level protocol to match.  If this value is 256,
       matches ALL ULP values.  Otherwise, this matches the specific
       protocol value.  Note that if the packet ULP is either 6 (tcp) or
       17 (udp), then docsSubMgtPktTcpUdpFilterTable must also be
       consulted (if its entry exists) to see if this entry matches.
       If this value is neither tcp(6) nor udp(17), then that
       table is not consulted." 
  while object    docsSubMgtTcpUdpFilterTable says:
       DESCRIPTION ".... This table
            is not consulted unless the upper-layer protocol is TCP,
            UDP, or 'any'."
  So that seems to conflict with each other. (I would also add (256)
  after 'any' so it is easier to make the connection.
  In the first object you say it is onlu consulted for tcp and udp
  and in the table itself you say that it is also consulted for 'any'
- I see: 
   docsSubMgtPktFilterAction OBJECT-TYPE
       SYNTAX      INTEGER
                      {
                      accept(1),
                      drop(2)
                      }
       MAX-ACCESS  read-create
       STATUS      current
       DESCRIPTION
           "The action to take upon this filter matching.  Accept means
       to accept the packet for further processing.  Drop means to drop
       the packet."
   And I wonder: what does "further processing" mean? Will it be checked
   against the next filter... or will it be forwarded, or what.
   "drop" seems clear in that the packet gets dropped.
- I see:
       docsSubMgtTcpUdpSrcPort     Integer32,
       docsSubMgtTcpUdpDstPort     Integer32,
  These probably should be of type InetPortNumber instead, see RFC3291
- object    docsSubMgtTcpFlagValues
  says: ..................... An attempt to violate this constraint
       returns an inconsistentValue error for an SNMPv2 or v3 agent
       and a badValue error for an SNMPv1 agent.
  We prefer that you just talk about the inconsistentValue error and
  not mention SNMPvx at all. RFC2576 has common procedures to translate
  such errors between different versions of SNMP.
- For rowStatus objects, you MUST also indicate which objects must have
  proper values before the row can be made active. See RowStatus TC
  in RFC2579. SO this comment applies to all your rowStatus objects.
- you have no Notifications, so there seems to be no need to define
    docsSubMgtNotification OBJECT IDENTIFIER  ::= { docsSubMgt 2 }
- Why have you commented out (in the MODULE COMPLIANCE)
          -- SYNTAX InetAddressType { ipv4(1) }
  because if you only requite support for IPv4, then that is
  exactly how you specify it in the MIB. I know that some older
  version of SMICng complians about it... but you can ignore that
  error/warning. See for example RFC3289 that uses it too.
  Now ... are cable modems not supporting IPv6 and will they not
  do so in the (near) future?
  Cuase. what might be a problem though is that in principle the
  IETF requires support for IPv4 and IPv6 these days.
  Thomas or Erik, any comment on that?
- In the security section, you MUST list the objects that are
  sensitive (read or read-write or read-create) and then for
  each of them explain why they are sensitive and need protection.

Administrative/editorial nits:
- In the abstract, it talks about "experimental portion".
  Should be just "portion" if you're heading for PS.
- the RFC-Editor does not want unfamiliar acronyms in the
  title. See http://www.rfc-editor.org/policy.html
  I think MIB is OK, but DOSCIS is probably not OK.
  Same comment for abstract.
- 2nd para in abstract is not needed. That is already part
  of the MIB boiler plate as you have it in sect 1.
- references need to be split in normative and informative.
  Again see: http://www.rfc-editor.org/policy.html
  For the references in the MIB boiler-plate, a good sample
  of the split is in draft-ietf-rmonmib-hc-alarm-mib-02.txt
- object  docsSubMgtCpeIpAddr has a decription clause that
  talks about "wiretapping". Not sure you want to use that term.

Thanks,
Bert 
_______________________________________________
IPCDN mailing list
IPCDN@ietf.org
https://www1.ietf.org/mailman/listinfo/ipcdn

v2.23.0 | Report a Bug | By Email