Re: [IPFIX] RFC 6728 IETF IPFIX Yang Discussion

"Aitken, Paul" <paul.aitken@intl.att.com> Tue, 09 January 2018 21:55 UTC

Return-Path: <paul.aitken@intl.att.com>
X-Original-To: ipfix@ietfa.amsl.com
Delivered-To: ipfix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 81951126BFD for <ipfix@ietfa.amsl.com>; Tue, 9 Jan 2018 13:55:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.6
X-Spam-Level:
X-Spam-Status: No, score=-0.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0W1fZlqJ7wT9 for <ipfix@ietfa.amsl.com>; Tue, 9 Jan 2018 13:55:15 -0800 (PST)
Received: from mx0a-00191d01.pphosted.com (mx0b-00191d01.pphosted.com [67.231.157.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C6AE11241FC for <ipfix@ietf.org>; Tue, 9 Jan 2018 13:55:15 -0800 (PST)
Received: from pps.filterd (m0049458.ppops.net [127.0.0.1]) by m0049458.ppops.net-00191d01. (8.16.0.21/8.16.0.21) with SMTP id w09LlcaF041496; Tue, 9 Jan 2018 16:55:11 -0500
Received: from alpi155.enaf.aldc.att.com (sbcsmtp7.sbc.com [144.160.229.24]) by m0049458.ppops.net-00191d01. with ESMTP id 2fd5r10f5f-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 09 Jan 2018 16:55:11 -0500
Received: from enaf.aldc.att.com (localhost [127.0.0.1]) by alpi155.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id w09LtAv2006122; Tue, 9 Jan 2018 16:55:10 -0500
Received: from mlpi409.sfdc.sbc.com (mlpi409.sfdc.sbc.com [130.9.128.241]) by alpi155.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id w09Lt2R5006009 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 9 Jan 2018 16:55:06 -0500
Received: from zlp27125.vci.att.com (zlp27125.vci.att.com [135.66.87.52]) by mlpi409.sfdc.sbc.com (RSA Interceptor); Tue, 9 Jan 2018 21:54:49 GMT
Received: from zlp27125.vci.att.com (zlp27125.vci.att.com [127.0.0.1]) by zlp27125.vci.att.com (Service) with ESMTP id 29C65167F63; Tue, 9 Jan 2018 21:54:49 +0000 (GMT)
Received: from gbcdccas01.intl.att.com (unknown [135.76.180.9]) by zlp27125.vci.att.com (Service) with ESMTPS id 91FBE16A59D; Tue, 9 Jan 2018 21:54:48 +0000 (GMT)
Received: from GBCDCMBX03.intl.att.com ([135.76.31.134]) by gbcdccas01.intl.att.com ([135.76.180.9]) with mapi id 14.03.0361.001; Tue, 9 Jan 2018 21:54:46 +0000
From: "Aitken, Paul" <paul.aitken@intl.att.com>
To: 'Marta Seda' <Marta.Seda@calix.com>, 'Benoit Claise' <bclaise@cisco.com>
CC: "'ipfix@ietf.org'" <ipfix@ietf.org>
Thread-Topic: [IPFIX] RFC 6728 IETF IPFIX Yang Discussion
Thread-Index: AQHTiW6HO5P8h+Eqi0udiioCX0RAqKNryleQ
Date: Tue, 09 Jan 2018 21:54:46 +0000
Message-ID: <A3625616CA873B4DAA779ABEFA624F1C8BE3CA@gbcdcmbx03.intl.att.com>
References: <085c30b9-5797-863e-a63d-a027396f224f@gmail.com> <a3fc69e8-5773-5785-09ca-409c6a07db57@gmail.com>
In-Reply-To: <a3fc69e8-5773-5785-09ca-409c6a07db57@gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [135.160.174.88]
Content-Type: multipart/alternative; boundary="_000_A3625616CA873B4DAA779ABEFA624F1C8BE3CAgbcdcmbx03intlatt_"
MIME-Version: 1.0
X-RSA-Inspected: yes
X-RSA-Classifications: public
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2018-01-09_12:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_policy_notspam policy=outbound_policy score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1801090297
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipfix/mpWnXALvKfAkB2DN-IqsVkxTdJc>
Subject: Re: [IPFIX] RFC 6728 IETF IPFIX Yang Discussion
X-BeenThere: ipfix@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IPFIX WG discussion list <ipfix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipfix>, <mailto:ipfix-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipfix/>
List-Post: <mailto:ipfix@ietf.org>
List-Help: <mailto:ipfix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipfix>, <mailto:ipfix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Jan 2018 21:55:18 -0000

Marta, Benoit,

1. Are there efforts to update other RFCs to meet the latest YANG best practices?

2. Since the IPFIX WG closed, there has been little ongoing IPFIX work in the IETF. Is there a specific need to update RFC 6728 rather than just recognising it as a product of it's time? Note that it's > 5 years old.

Also see @PJ inline:


On 09/01/2018 16:01, Benoit Claise wrote:
Hi Marta,
Hello,
I am reaching out to the IETF IPFIX mailing list  on some issues I have run into with respect to RFC 6728 "Configuration Data Model for the IP Flow Information Export (IPFIX)  and Packet Sampling (PSAMP) Protocols"


  1.  RFC 6728 doesn't meet the latest Yang Best Practices (https://tools.ietf.org/html/draft-ietf-netmod-rfc6087bis-15#section-4.3.1<https://urldefense.proofpoint.com/v2/url?u=https-3A__tools.ietf.org_html_draft-2Dietf-2Dnetmod-2Drfc6087bis-2D15-23section-2D4.3.1&d=DwMD-g&c=LFYZ-o9_HUMeMTSQicvjIg&r=f8F8yzrqBTw6EPtR1rbibO_VFIc-cdnjIJ9he_qu7xs&m=0c5ATjuT0-4IlDzLYM9h_RbPjCBQUv_6aExRL_fl-5M&s=Hhi7V6njCFNBbSsjC6sPgNfVu5DA8iQzdzsnA_iQBzQ&e=>).   Leaf identifiers are camel case (e.g., destinationAddress instead of destination-address).  Are there any ongoing efforts to update RFC 6728 to meet the latest best practices?
Not as far as I know.

Regards, Benoit


  1.

   Identifiers SHOULD follow a consistent naming pattern throughout the
   module.  Only lower-case letters, numbers, and dashes SHOULD be used
   in identifier names.  Upper-case characters and the underscore
   character MAY be used if the identifier represents a well-known value
   that uses these characters.

   Identifiers SHOULD include complete words and/or well-known acronyms
   or abbreviations.  Child nodes within a container or list SHOULD NOT
   replicate the parent identifier.  YANG identifiers are hierarchical
   and are only meant to be unique within the the set of sibling nodes
   defined in the same module namespace.

   It is permissible to use common identifiers such as "name" or "id" in
   data definition statements, especially if these data nodes share a
   common data type.

   Identifiers SHOULD NOT carry any special semantics that identify data
   modelling properties.  Only YANG statements and YANG extension
   statements are designed to convey machine readable data modelling
   properties.  For example, naming an object "config" or "state" does
   not change whether it is configuration data or state data.  Only
   defined YANG statements or YANG extension statements can be used to
   assign semantics in a machine readable format in YANG.


  1.  I generated the RFC 6728 yang tree (see attached).  The tcp and udp exporting processes support a destinationIPAddress (line 400, 455) which is mandatory.  The type is inet:ip-address.

     *   A collector may be doing load balancing.  Rather than managing ip-addresses, the collector may be using DNS (an exporter could resolve from the domain name where the collector is located).

@PJ: Load balancing and DNS are independent. Load balancing IPFIX is probably a bad idea since templates need to be available on all collectors, and out of step sequence numbers in the data records would cause spurious reports of lost data. If DNS is used to obtain the collector's address, arguably it should be a one-time lookup rather than incurring a DNS lookup per export packet.



  1.

     *
     *   The collector address may be learnt via other methods (e.g., through DHCP options)
     *   A choice statement to select what method to use seems more appropriate than what is presently in RFC 6728.  For example (use some shorthand)

choice destination-method{
                case destination-address{
                                leaf destination-address// rw with type inet:host
                }
                case dhcp-acquired-address{
                                container dcp-acquired-address{
                                                leaf destination-ip-address inet-address //ro
                }
}

                                However I can't augment to ietf-ipfix because destinationIPAddress is mandatory.  Can the group suggest methods to (a) change the destinationIPAddress type and (b) allow a choice?

@PJ: The selection could also be done out of band so the exporter need not know how the address is determined. eg a configuration system could determine the address by any of these methods or otherwise, and impose that address using the current model.



  1.  RFC 6728 mandates SCTP transport.  I understand the logic behind this (IETF prefers use of SCTP).  There are situations where sctp is unnecessary and not supported (e.g., point to point connection).  During netconf negotiations you can announce your feature set (currently sctptransport is not a feature).  Is there ongoing work in updating RFC 6728 to include sctptransport as a feature (so that the device can announce whether or not it supports sctptransport)?

@PJ Same answer as point (2) above, ie is this necessary and useful?

P.