Re: [IPsec] Yangdoctors early review of draft-ietf-ipsecme-yang-iptfs-01
Don Fedyk <dfedyk@labn.net> Tue, 12 October 2021 18:08 UTC
Return-Path: <dfedyk@labn.net>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9CC933A0477; Tue, 12 Oct 2021 11:08:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=labn.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TZLQp0e2aEUf; Tue, 12 Oct 2021 11:08:32 -0700 (PDT)
Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam08on2138.outbound.protection.outlook.com [40.107.100.138]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 730333A003C; Tue, 12 Oct 2021 11:08:29 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CoNELLwbV1Ruq09rmDLnTJ6BHLPurb9XXc2yAXAS13ZQcgttJv222x0UjAFl3ksqccSSCIJHudjj+/AyKMnDGPokdVY3FUIrjCEPU7EoZv9hPsos4TDlw6x7HYKFMcckhEHD6B7mP1h1OoqpzQ79N40Wp+iHbPh5ZYuTuTn7JNIzNnKVRTnGHoiEcKG8seBf5/u9W/jT5DdS/Qgju/McPppR8mBFQN5xSDfVHLpYgAGn1GLNI9q9R0QE1k8DJeUq6PXPexxo28eInM7A20AtwY7y6GbdKPshIEd6D1Ck8ysTD3ljt+IWGpkXDn/ty6Es2rF+MVRbXXO6GAV9sADRmg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=zj28TdLwmtSofS6JQj9OgI/OyWpEV3gPmDFZINS5eIc=; b=dc/FFcs447YSnNIOKyDpk7YxPeHIyYThHklrvm8R/3lCVSOh8C0yky3S6M/dHq2UuJDrQstIbMYMKAonVEor0njpojOHvprmPYJeRUWGCHh4QjF0GFxoGYiyJcMKoPyei+PLNZE6YGDPFmsuSwIJA4XBgOsME405MGQ5IoZAm1pFpVw2XtbKEl50i4sznlKk24o3QMpsEyLAn5+0hbUAevrbL3JKwO3mMTRQ1FP9hQfIAhxf8GbX10KYnuknmwYeJ0twBmgnRSUweqVe2paS8QyWSvadFfBVB0tvg4k6GF98t0TQnlaAf2LGC9KZA2Xm+f5QEa/nPM73OXJcTKrfvA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=labn.net; dmarc=pass action=none header.from=labn.net; dkim=pass header.d=labn.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=labn.onmicrosoft.com; s=selector2-labn-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zj28TdLwmtSofS6JQj9OgI/OyWpEV3gPmDFZINS5eIc=; b=fk8kKPPPutUcvoiuiNBMj5yv8ncwfJKWgTC+0CQflNjWRzMVoSSJQBnTPPG62GXbivD1Up1f0V3tgHzkfzQFaHxN6KjeBfsAZS+kjjL1/xFwOSWmckDORrwACX0XKeVOoedfWKCwOhHkt/DvsRqd4nHV0gkOl3KKMdraZPdFeSM=
Received: from MN2PR14MB4030.namprd14.prod.outlook.com (2603:10b6:208:1dc::14) by MN2PR14MB3438.namprd14.prod.outlook.com (2603:10b6:208:1a1::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4587.18; Tue, 12 Oct 2021 18:08:21 +0000
Received: from MN2PR14MB4030.namprd14.prod.outlook.com ([fe80::a056:e6a5:6d4f:26e4]) by MN2PR14MB4030.namprd14.prod.outlook.com ([fe80::a056:e6a5:6d4f:26e4%4]) with mapi id 15.20.4587.026; Tue, 12 Oct 2021 18:08:20 +0000
From: Don Fedyk <dfedyk@labn.net>
To: Jürgen Schönwälder <j.schoenwaelder@jacobs-university.de>, "yang-doctors@ietf.org" <yang-doctors@ietf.org>
CC: "draft-ietf-ipsecme-yang-iptfs.all@ietf.org" <draft-ietf-ipsecme-yang-iptfs.all@ietf.org>, "ipsec@ietf.org" <ipsec@ietf.org>
Thread-Topic: Yangdoctors early review of draft-ietf-ipsecme-yang-iptfs-01
Thread-Index: AQHXuu/CvHm7JIAFvUO+xaQzasOYV6vHxqvQ
Date: Tue, 12 Oct 2021 18:08:20 +0000
Message-ID: <MN2PR14MB40301372F987E722C7991ACABBB69@MN2PR14MB4030.namprd14.prod.outlook.com>
References: <163355168321.5236.15157145817122238419@ietfa.amsl.com>
In-Reply-To: <163355168321.5236.15157145817122238419@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: jacobs-university.de; dkim=none (message not signed) header.d=none;jacobs-university.de; dmarc=none action=none header.from=labn.net;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 64b72c2f-f1fe-4a97-6186-08d98dab4661
x-ms-traffictypediagnostic: MN2PR14MB3438:
x-microsoft-antispam-prvs: <MN2PR14MB34380E3F2978D7A0AB61A696BBB69@MN2PR14MB3438.namprd14.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: /4N8jKaUjfdRigM48tAC5D7B/EbRLQAyhSbl7C4LYzqyx3gCIYUeDpYwmUKUwxKgKP1ePzwbODx4dY5P7fH+xc3ZFFwMvVLLfpvd5olag2HuNoC600XLov0r1OlpzawDIf5Ku0XtFUvOIMy+dj6ijrcs7Pt7bAsLI3iU5s193czoizCeIlupokZk6gIDrMSWDnzB3kjoVE/KSHbZgNHoxSq+TQI8yO1i0VgfnO35CkOL90F4NjmjsaAxc8vf8vJZvoruH6pDM8gwXpB+YQOZBm8oRpWWN/csPwebPn82Vrue/kmMQf6dA1iZQ7bFeML1pAyFxiJSSN3ls0EPCoFEmNHIkuNaQr0BElpISrzLe+VA7YDy/cyKQ9i1pgC1jvzsbv1MlSFEss8QukBJzAqf9ClVxPuGr2OPIz7r/vyiViWTyzIybj/ENWsLOAfENh0wA2qNCyqfN9YenrhKF1LGavbuYbBUOZNnQ4CJhjAaawFkIg2chss2qoXQwgdp1ch9ov66Ux04yANOQjBwxTh5ScxxpkswxapAYQkRcjirql5IdCPc1q6W42kvr0Ll6aWbIh++6f9ilemSel6G/qmPjjDCVB9Sgm6vHzl8PasDYhz1hHbml68r5IJYoeaKeF/BR1lu4dvoyy5R/NPaKzrFIOcdYXIw0giuznenyGodtZbu6mCkS/zvhH2GTxx5fXRePB8ivz7UlAGCgXMh0W2Z+1od7Au+8BlMYyyGU1hf52dkILF9yKl1wMEU7m2GzJgTs2cY2rkzQje2cUa0A376HIKtcvDyTgm44RBCJ+o6PwJzcIDMlN6E27NrKVrnM8WM
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR14MB4030.namprd14.prod.outlook.com; PTR:; CAT:NONE; SFS:(136003)(376002)(39830400003)(366004)(396003)(346002)(122000001)(316002)(66574015)(110136005)(9686003)(5660300002)(33656002)(54906003)(83380400001)(38100700002)(55016002)(26005)(6506007)(86362001)(52536014)(2906002)(8676002)(4326008)(64756008)(66476007)(66946007)(508600001)(53546011)(76116006)(7696005)(71200400001)(966005)(186003)(8936002)(66446008)(66556008)(38070700005)(21314003); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 1X1RF6aBP0WprrLXygMgVV0kXZw5MUlWk8uzi2onqykv0SHoA6fCptc3HSSwmFdFw0CPIaDuetPpOmptV9HZrvAJODa1sZO9KnkoVDiVurfGl8X3+Hu8kw7RSar1TJP0PPTxMPRItmdIM6UG/xhNqK94jFNZpQHjhxRSY6w67j+2KP35wWKcRh2kGqu/nnV3bs8QTaJUIf8r7qCHroASzIBlLe2hzFNUOtPKvrDdtmdIQg7q3/tOxBxTfEY0eDxzDJLft4AuFZR8EVmfyJAiqZAd9an5zzWybpJ5EPC/cwe1gEhtAOPYi7kwcO7DH2jTQwSTUtVJ9l/FR/Wky7hlgg2+21xkzQMZ6HeFt6kMuJeCWBNmP24SpCaIgulsbp41nxHjzJfs4EFxd/1RQf0F3+Xq/LHC2pjWHaa3CZE/OmcRdJ8laemRpTAA60pcugoIi3+zKdAw65zNMntIwrbU9QrctyTZLpsxtS2UPkjnlERVxU+Ovg2s4ub7TXKWSeyPqxQXWQBfoZVNEQjGkvLnAKTA1Ck8LN/g3xu9ToRo34rHtpJ6iREJuD8iAhL0vq472P/1O0x3Ad3e+OatoDRR+781mu65FjryRvG+bpwn2EnOoh3qPFpcs7ECUdZwHW6Lr823RenE3/E4ijI01wokWjdvLYSsJ7WbJXbz5d9d8OwAdVi6mq7EWQqKKhPAHAJOwfvn69AJy4xu7Z50Z63wZe6l2o/h/yiYy9PNHFC83OyPv99LwrZb8STewteYAwxRnb0ksxbX2Hx3pvf5BfGUiGLXnk/TrnKVFnBjXeWBJpHPRhIIygljOroszf5wmYkilNhjVHaxE8CtH193iEy1/+zldqwRJ4/JvypeUiIzXNdYZEHCl+0P2bY9waFSykKI5Hlo96UdZEH65Vcx845NjaT4Zc/0pl3UX6qaouxwr8MzwrdiTREEV9OgbvYit6Un7OQtGzBGUA/uyo//JLcKiM90kx66NYA9SHqYDKsCvEEWitJMJqqwIYK0+Trw/hZDFb6BtB6R4ua1Nkdbp0pCCVHhzNyGgW+PwB2azrrfouR73yaOlKHaNKVtkhqzaS3hdvrX4VJVYgYtLHi/DRIRFQZspmdgAVNFGkY+sfAGgDZL+A34qUekZ8M9pAzFDorQ2EjIYKF0CxRvU2YEfRFAxw32yquAQqgm50FCqF9Ud9Qb9KF34pWg291tauaxWnFTAippcXOvxGGe9Bp8B5Geh11GUi3/ZPUMtodtktwipu0bNa9z6FF/zA/YtMxW64YO1e54FF4K4trS05ewpHg1+t6ncQYSAQJUYiNhPMxVMZ95pW4ZUWzzLpnVNchIGbbq
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: labn.net
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR14MB4030.namprd14.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 64b72c2f-f1fe-4a97-6186-08d98dab4661
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Oct 2021 18:08:20.7086 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: eb60ac54-2184-4344-9b60-40c8b2b72561
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: UhpCFpdHpgZTnwjpPwl1byuaJ8QKVrRANeaCMrXR1o6TLABBkxK7uU8jxlvbAsT3tZBrPaCGqFyyXT/eCzwIdA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR14MB3438
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/d68ydEDMk8XFuR28GsiEAEd5PIk>
Subject: Re: [IPsec] Yangdoctors early review of draft-ietf-ipsecme-yang-iptfs-01
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Oct 2021 18:08:38 -0000
Hi Jürgen Thanks for the Review. Most comments are an easy Accept. Response on intent are inline Don: Cheers Don -----Original Message----- From: Jürgen Schönwälder via Datatracker <noreply@ietf.org> Sent: Wednesday, October 6, 2021 4:21 PM To: yang-doctors@ietf.org Cc: draft-ietf-ipsecme-yang-iptfs.all@ietf.org; ipsec@ietf.org Subject: Yangdoctors early review of draft-ietf-ipsecme-yang-iptfs-01 Reviewer: Jürgen Schönwälder Review result: On the Right Track I have reviewed draft-ietf-ipsecme-yang-iptfs-01.txt. - Looking at [1], following the most popular naming scheme would suggest the title "A YANG Data Model for IP Traffic Flow Security" instead of the current title. Don: Accept - Newer data models usually state in the abstract whether the model conforms to the Network Management Datastore Architecture (NMDA). Don: Accept We support NMDA. - The document is generally well written and easy to read. Thanks for that. - Not sure what "actively published YANG modules" are. In the YANG world, we usually consider YANG modules under development not really as published. (See how 'published' is used in RFC 7950.) What you are referring to here are modules actively being worked on I think. Don: Accept - You import RFC 2119 terms but then I am not sure they are actually used anywhere. If you do not need RFC 2119 terms, there is also no need to import them. Don: Will check. - It seems that [I-D.ietf-i2nsf-sdn-ipsec-flow-protection] has been published as RFC 9061, so please update your document. Don: I think I missed updating a text reference the RFC reference was updated automatically. - "IP-TFS YANG augments IPsec YANG model from" - why not use the actual YANG module names to avoid any confusion? Don: Accept. - I did not understand what the purpose of this is: The data model uses following constructs for configuration and management: o Configuration o Operational State The text following this is useful, but the value of the quoted text was unclear to me. Don: We can remove. - I did not understand what this text means: IP-TFS YANG augments: * Yang catalog entry for ietf-i2nsf-ike@2021-07-14.yang * Yang catalog entry for ietf-i2nsf-ikeless@20202-07-14.yang What is a Yang catalog entry for xxx and how can you augment it? Don: I think we should just say Model not catalog here. - The YANG module names you are augmenting include the WG name, which is a rather weird construction and generally not recommended. I wonder how this went through. You seem to follow this and you put ipsecme into the name. Ideally, module names would be tied to a technology but not to RFCs or WGs (all of which come and go). Don: Will revisit naming. - Copyright needs some updating... and in less than 3 months again. Don: Accept - You use type uint64 for counters instead of the yang:counter64 type. Is there a special reason? How would an overflow be handled? Can there be any counter discontinuities during their lifetime? - I found this: // config true; want this so we can refine? Can you elaborate what the question is here? Don: I will check and update I think this a simply saying that we found config true had to be set So that a refine could be done. - The congestion control leaf is an enable/disable knob. Is there exactly one and only one way to do congestion control or is there / will there be a need to be more detailed, i.e., does this have to be extensible instead of just a simple boolean? Don: We don't have a congestion mechanism for IP-TFS but instead a knob that it support underlying mechanisms. - What happens if I set use-path-mtu-discovery to true and outer-packet-size to 1234? Which takes precedence? Is it desirable to allow both to be configured? Don: The description says that use-path-mtu-discovery takes precedence Over values if the outer packet size is greater that the MTU discovery value. I think this works for all cases. - Consider adding a units clause to l2-fixed-rate and l3-fixed-rate. Don: Accept. - I did not extract the YANG to do syntax checking etc, I assume that the authors have a proper build automation in place (or any errors will have to be dealt with when the ID has passed WG last call). - I did not verify the xml and json examples in the appendix. However, I suggest to use documentation addresses for prefixes in the examples instead of 1.1.1.1/32 and 2.2.2.2/32 (and some may even want to see some IPv6 prefixes there as well). Don. Accept. - Editorial fll out -> fill out Congestion Control With the -> With the Don - Will update. [1] https://en.wikipedia.org/wiki/YANG#Standards-track_data_models
- [IPsec] Yangdoctors early review of draft-ietf-ip… Jürgen Schönwälder via Datatracker
- Re: [IPsec] Yangdoctors early review of draft-iet… Don Fedyk