Re: [L3sm] New Version Notification for draft-wu-l3sm-rfc8049bis-03.txt
David Ball <daviball@cisco.com> Tue, 10 October 2017 14:53 UTC
Return-Path: <daviball@cisco.com>
X-Original-To: l3sm@ietfa.amsl.com
Delivered-To: l3sm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 65001134E07 for <l3sm@ietfa.amsl.com>; Tue, 10 Oct 2017 07:53:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: YES
X-Spam-Score: 5.611
X-Spam-Level: *****
X-Spam-Status: Yes, score=5.611 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001, URIBL_SBL=20, URIBL_SBL_A=0.1, USER_IN_DEF_DKIM_WL=-7.5] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f0sDX5AEesq2 for <l3sm@ietfa.amsl.com>; Tue, 10 Oct 2017 07:53:08 -0700 (PDT)
Received: from aer-iport-3.cisco.com (aer-iport-3.cisco.com [173.38.203.53]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 29CB4134DFF for <l3sm@ietf.org>; Tue, 10 Oct 2017 07:52:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=59907; q=dns/txt; s=iport; t=1507647170; x=1508856770; h=subject:to:cc:references:from:message-id:date: mime-version:in-reply-to; bh=5ZBB+pTuRZToz3GlD63YMVStFahGJWoDi230ARbCYB0=; b=mxNLUH7x2869hYrnlmF2rvd/3i6FuLi1Gfe45L4GGohTytU+YOetJhHj EXy/DvPhYD2+iy66ufUuaKeTkC4yNUp765zWB7IxM92q/nxHe3zVpC+uB eDtznKxo5mzKDmZPcOfttZHuAybFZkc3Po6OQ592LPa3h3bKKnzn527Ji g=;
X-IronPort-AV: E=Sophos;i="5.42,505,1500940800"; d="scan'208,217";a="656273744"
Received: from aer-iport-nat.cisco.com (HELO aer-core-1.cisco.com) ([173.38.203.22]) by aer-iport-3.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 10 Oct 2017 14:52:48 +0000
Received: from [10.63.23.143] (dhcp-ensft1-uk-vla370-10-63-23-143.cisco.com [10.63.23.143]) by aer-core-1.cisco.com (8.14.5/8.14.5) with ESMTP id v9AEqmiJ005974; Tue, 10 Oct 2017 14:52:48 GMT
To: Qin Wu <bill.wu@huawei.com>
Cc: l3sm <l3sm@ietf.org>, "Jan Lindblad (jlindbla)" <jlindbla@cisco.com>
References: <B8F9A780D330094D99AF023C5877DABA9AB378D8@nkgeml513-mbs.china.huawei.com> <c5269278-b3a4-a12e-a911-0af20d7baa21@cisco.com> <B8F9A780D330094D99AF023C5877DABA9ABA732C@nkgeml513-mbx.china.huawei.com>
From: David Ball <daviball@cisco.com>
Message-ID: <e5103039-d554-2259-d15d-f9f1da248c73@cisco.com>
Date: Tue, 10 Oct 2017 15:52:47 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0
MIME-Version: 1.0
In-Reply-To: <B8F9A780D330094D99AF023C5877DABA9ABA732C@nkgeml513-mbx.china.huawei.com>
Content-Type: multipart/alternative; boundary="------------47E3A47DD49B1850A24DE3DF"
Content-Language: en-GB
Archived-At: <https://mailarchive.ietf.org/arch/msg/l3sm/CVc9E98E-vvB64ZUe_gGoWnzhHI>
Subject: Re: [L3sm] New Version Notification for draft-wu-l3sm-rfc8049bis-03.txt
X-BeenThere: l3sm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: L3VPN Service YANG Model discussion group <l3sm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/l3sm>, <mailto:l3sm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/l3sm/>
List-Post: <mailto:l3sm@ietf.org>
List-Help: <mailto:l3sm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/l3sm>, <mailto:l3sm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Oct 2017 14:53:16 -0000
On 10/10/2017 11:00, Qin Wu wrote: > > Hi, David: > > Good catch, please see my reply inline. > > *发件人:*L3sm [mailto:l3sm-bounces@ietf.org] *代表 *David Ball > *发送时间:*2017年10月9日21:51 > *收件人:*Qin Wu > *抄送:*l3sm; Jan Lindblad (jlindbla) > *主题:*Re: [L3sm] New Version Notification for > draft-wu-l3sm-rfc8049bis-03.txt > > Hi Qin, > > A few minor comments on the changes in the latest version: > > 1. In the flow definition grouping, the 'must' statements that have > been added for l4-src-port, l4-src-port-range/lower-port and > l4-src-port-range/upper-port mean, I think, that if all three of > these exist, they must all have the same value (since l4-src-port > <= lower-port, lower-port <= upper-port and upper-port <= > l4-src-port). Was that the intent? Or was the 'must' statement > on l4-src-port supposed to have an 'or' instead of an 'and' in > it? Given that (according the the description for > l4-src-port-range) when only the lower-port is present, it > represents a single port, perhaps the separate l4-src-port leaf is > not needed and could be removed? > > [Qin]:The intent is to use ‘or’ instead of ‘and’. l4-src-port-range > focuses on continuous range. So we can keep l4-src-port, > l4-src-port-range coexist, but we should not allow l4-src-port overlap > with l4-src-port-range. > > For example, If We set l4-src-port as 20, set l4-src-port-range as > (15,30). This setting is not allowed. So if l4-src-port coexist with > l4-src-port-range, the value of l4-src-port should be less than > lower-port of l4-src-range(i.e., 15) or Greater than upper-port of > l4-src-port-range(i.e.,30), Does this make sense? > [DB] Yes, that makes sense. Should they also be strict inequalities, or is it ok if l4-src-port is equal to lower-port? > 2. Same applies to dst-port > > [Qin]:Fixed. > > 3. The range for guaranteed-bw-percent is given as 0..255 - if this > is a percentage, shouldn't the range be 0..100? > > [Qin]:Okay, we can limit the range to 0..100. > > 4. In grouping site-attachment-ip-connection, I think the 'must' > statement for leaf ipv4/address-allocation-type has been > inverted. It used to say (in draft-04): "current() != 'slaac' and > current() != 'provider-dhcp-slaac'", which was the correct logic > since SLAAC doesn't apply to IPv4. Now (in draft-05) it says: > "derived-from-or-self(current(), 'l3vpn-svc:slaac') or > derived-from-or-self(current(), 'l3vpn-svc:provider-dhcp-slaac')" > - which I think means the value for IPv4 must be slaac or > provider-dhcp-slaac. I don't think that's the intent! > > [Qin]: You are right, my proposed change is: > > NEW TEXT: > > “ > > must "derived-from-or-self(current(), 'l3vpn-svc:slaac')!='true' or "+ > > "derived-from-or-self(current(), > 'l3vpn-svc:provider-dhcp-slaac')!='true'" { > [DB] I think you mean "and" here not "or". :) I'm not an XPath expert but I expect you can write: must "!derived-from-or-self(current(), 'l3vpn-svc:slaac') and !derived-from-or-self(current(), 'l3vpn-svc:provider-dhcp-slaac')" { David > error-message "SLAAC is only applicable to IPv6"; > > } > > ” > Thanks, > > > David > > On 16/09/2017 04:14, Qin Wu wrote: > > Update is done based on your comments: > > https://www.ietf.org/rfcdiff?url2=draft-wu-l3sm-rfc8049bis-05 > > -Qin > > *发件人:*L3sm [mailto:l3sm-bounces@ietf.org] *代表 *Qin Wu > *发送时间:*2017年9月14日9:12 > *收件人:*Jan Lindblad (jlindbla) <jlindbla@cisco.com> > <mailto:jlindbla@cisco.com>; Benoit Claise (bclaise) > <bclaise@cisco.com> <mailto:bclaise@cisco.com> > *抄送:*l3sm <l3sm@ietf.org> <mailto:l3sm@ietf.org>; adrian > <adrian@olddog.co.uk> <mailto:adrian@olddog.co.uk>; David Ball -X > (daviball - ENSOFT LIMITED at Cisco) <daviball@cisco.com> > <mailto:daviball@cisco.com> > *主题:*Re: [L3sm] New Version Notification for > draft-wu-l3sm-rfc8049bis-03.txt > > Thank Jan for all YANG related comments, since we are back and > forth on choosing between mandatory and optional, definitely some > piece in the model need to be cleaned up. > > I will address your comments as part of IETF LC review. Thanks again. > > -Qin > > *发件人:*Jan Lindblad (jlindbla) [mailto:jlindbla@cisco.com] > *发送时间:*2017年9月13日21:32 > *收件人:*Benoit Claise (bclaise); Qin Wu > *抄送:*David Ball -X (daviball - ENSOFT LIMITED at Cisco); l3sm; > adrian > *主题:*Re: [L3sm] New Version Notification for > draft-wu-l3sm-rfc8049bis-03.txt > > I saw the -04 was released now, but I had a quick review of the > YANG model in -03. I think it has improved a great deal from a > YANG perspective since my last look. I'd say it's in good shape, > but of course I have some nits and comments still. > > - The indentation is off, which needs to be fixed before publication. > > - There are still many optional elements with no default or > obvious behavior specified in the description for when they are > absent. It's a lot better now than it has been, but work remains. > > - A few literal comparisons with identity values are still there. > The move to YANG 1.1 helps a lot, but we could improve the > correctness and flexibility of the model by changing them to use > appropriate XPATH functions. > > #1) > > 579 choice list-flavor > > No default, and not mandatory. What does it mean if the operator > does not choose any of permit-any, deny-any-except, permit-any-except? > > #2) > > 1064 leaf l4-src-port vs. l4-src-port-range/lower-port > > What would it mean if l4-src-port and l4-src-port-range/lower-port > and higher-port are set at the same time? What if only lower-port > or only higher-port are set? > > 1094 Same question again for dst-port. > > #3) > > 1300 leaf rate-limit { type uint8; units percent; > > What happens if rate-limit is configured with a value >100%. Is > that the same as 100%, or would 200% actually mean double the > configured rate? Maybe introduce a range 0..100 ? > > 1362 Same question again for guaranteed-bw-percent > > #4) > > 1415 encryption/layer mandatory even if encryption/enabled = 'false' > > Maybe add a must statement to require a value when enabled is true? > > #5) > > 1734 identityref with string compare > > must "current() != 'slaac' and current() != > 'provider-dhcp-slaac'" { > > is missing the prefixes, so will always allow slaac. Instead of > simply adding the prefix, I suggest the more flexible > > must "derived-from-or-self(current(), 'l3vpn-svc:slaac') or > derived-from-or-self(current(), 'l3vpn-svc:provider-dhcp-slaac')" { > > #6) > > 1747 container provider-dhcp: provider-address and mask > > Both of these are optional. What does it mean to leave > provider-address blank? What if no mask? What if mask but no > provider-address? > > Maybe add a description to the provider-address and a must > statement to the mask (if mask specified, address has to as well) > > 1810 Same question fot dhcp-relay > > 1886 Same question for ipv6/provider-dhcp > > 1949 Same question for ipv6/dhcp-relay > > #7) > > 1763 number-of-dynamic-address > > Modeled as an uint8. For ipv4 I understand it's hard to imagine > anyone asking for more than 255 addresses. But should the number > be limited by the choice of integer size? > > 1898 Same question for ipv6. Perhaps more relevant there. Is 255 > an astronomically large number here? ;-) > > #8) > > 1774 group-id description > > The description says "Group-id the list of start-to-end address > belongs to." I beg your pardon. > > #9) > > 1842 container addresses: provider-address, customer-address, mask > > The provider-address and mask are marked mandatory. > customer-address optional. Is the mask for provider-, > customer-address or perhaps both? > > 1981 Same question for ipv6 > > #10) > > 1880 identityref with string compare > > when "../address-allocation-type = > 'l3vpn-svc:provider-dhcp' "+ > > "or ../address-allocation-type "+"= > 'l3vpn-svc:provider-dhcp-slaac'" { > > has the right prefixes, so this one works. Still, for the same > reason as 1734, I suggest the more flexible > > when "derived-from-or-self(../address-allocation-type, > 'l3vpn-svc:provider-dhcp') "+ > > "or derived-from-or-self(../address-allocation-type, > 'l3vpn-svc:provider-dhcp-slaac')" { > > #11) > > 1918 list address-group: start-address and end-address > > Both are optional. What if you don't give either one, or if you > give start but not end, or vice versa? > > #12) > > 2024 container bfd: fixed-value > > Optional and has no default value, but is selected by default, so > what is the BFD holdtime if not set? > > #13) > > 2184 address-family and address both optional > > What if you set address but not address-family, or vice versa? > > I did not check any of the examples this time. > > Thanks, > > /jan > > Dear all, > > I was about the click the "IETF LC" call button, but I > understand from Qin that a new document version will be produced. > I'll then click this button when the next version is posted. > > Regards, B. > > Completely agree. In the case in question > (address-allocation-type leaves), no value means > "IPv4/IPv6 is not enabled for this site-network-access". > > David > > On 12/09/2017 07:54, Jan Lindblad (jlindbla) wrote: > > Qin, team, > > * > > > For the address-allocation-type leaves, I saw > you removed the default (as agreed) but also > added 'mandatory true' (which was not > discussed). Making these leaves mandatory does > not address the problem - if anything, it > makes it worse. (Issue 15 from draft-02) > > [Qin]: Fine to me, it looks we need to seek > balance between making all parameters mandatory > and making all parameters optional. I hope Jan > will be happy with these changes. > > Sometimes mandatory true is needed to make a sane > model, but mandatory elements also tend to make a > model clunky, examples large etc. So I generally like > optional elements. The problem with optional elements > is people tend to forget that it may not be obvious > what a system is supposed to do when there is no value > specified. Adding a default or text in the description > is therefore important. At the end of the day, we're > writing a contract. For interoperability to happen, > there must be no holes in the contract that are open > to (differing) interpretation. > > So sure, you can have optional elements (this should > even be the normal case), and they don't need to have > a default statement. But if so, *describe* what it > means; what the system is supposed to do. No value is > also a value. > > Best, > > /jan > > -- > > David Ball > > <daviball@cisco.com> <mailto:daviball@cisco.com> > > > > > _______________________________________________ > > L3sm mailing list > > L3sm@ietf.org <mailto:L3sm@ietf.org> > > https://www.ietf.org/mailman/listinfo/l3sm > > > > -- > David Ball > <daviball@cisco.com> <mailto:daviball@cisco.com> -- David Ball <daviball@cisco.com>
- Re: [L3sm] New Version Notification for draft-wu-… Qin Wu
- Re: [L3sm] New Version Notification for draft-wu-… David Ball
- Re: [L3sm] New Version Notification for draft-wu-… Qin Wu
- Re: [L3sm] New Version Notification for draft-wu-… Jan Lindblad (jlindbla)
- Re: [L3sm] New Version Notification for draft-wu-… David Ball
- Re: [L3sm] New Version Notification for draft-wu-… Benoit Claise
- Re: [L3sm] New Version Notification for draft-wu-… Qin Wu
- Re: [L3sm] New Version Notification for draft-wu-… Qin Wu
- Re: [L3sm] New Version Notification for draft-wu-… Benoit Claise
- Re: [L3sm] New Version Notification for draft-wu-… Jan Lindblad (jlindbla)
- Re: [L3sm] New Version Notification for draft-wu-… Qin Wu
- Re: [L3sm] New Version Notification for draft-wu-… David Ball
- Re: [L3sm] New Version Notification for draft-wu-… Qin Wu
- Re: [L3sm] New Version Notification for draft-wu-… Qin Wu
- Re: [L3sm] New Version Notification for draft-wu-… David Ball
- Re: [L3sm] New Version Notification for draft-wu-… Jan Lindblad (jlindbla)
- Re: [L3sm] New Version Notification for draft-wu-… Qin Wu
- Re: [L3sm] New Version Notification for draft-wu-… David Ball
- Re: [L3sm] New Version Notification for draft-wu-… Qin Wu
- Re: [L3sm] New Version Notification for draft-wu-… David Ball
- Re: [L3sm] New Version Notification for draft-wu-… Jan Lindblad (jlindbla)
- Re: [L3sm] New Version Notification for draft-wu-… Qin Wu
- Re: [L3sm] New Version Notification for draft-wu-… Qin Wu
- Re: [L3sm] New Version Notification for draft-wu-… Jan Lindblad (jlindbla)
- Re: [L3sm] New Version Notification for draft-wu-… Qin Wu
- Re: [L3sm] New Version Notification for draft-wu-… Qin Wu