[netconf] Re: WGLC for udp-notif

Alex Huang Feng <alex.huang-feng@insa-lyon.fr> Fri, 21 February 2025 09:32 UTC

Return-Path: <alex.huang-feng@insa-lyon.fr>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C45CC19ECBB; Fri, 21 Feb 2025 01:32:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.263
X-Spam-Level:
X-Spam-Status: No, score=0.263 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_HELO_IP_MISMATCH=2.368, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=insa-lyon.fr
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qaHD1IZw6Q8B; Fri, 21 Feb 2025 01:32:04 -0800 (PST)
Received: from smtpout02-ext4.partage.renater.fr (smtpout02-ext4.partage.renater.fr [194.254.241.31]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 33C53C180B46; Fri, 21 Feb 2025 01:32:02 -0800 (PST)
Received: from zmtaauth04.partage.renater.fr (zmtaauth04.partage.renater.fr [194.254.241.26]) by smtpout20.partage.renater.fr (Postfix) with ESMTP id 2D0F6BFDB9; Fri, 21 Feb 2025 10:31:56 +0100 (CET)
Received: from zmtaauth04.partage.renater.fr (localhost [127.0.0.1]) by zmtaauth04.partage.renater.fr (Postfix) with ESMTPS id 2546B1C0662; Fri, 21 Feb 2025 10:31:56 +0100 (CET)
Received: from localhost (localhost [127.0.0.1]) by zmtaauth04.partage.renater.fr (Postfix) with ESMTP id 047C61C06AD; Fri, 21 Feb 2025 10:31:56 +0100 (CET)
DKIM-Filter: OpenDKIM Filter v2.10.3 zmtaauth04.partage.renater.fr 047C61C06AD
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=insa-lyon.fr; s=CB289C06-95B8-49FE-9C4B-D197C6D2E7CB; t=1740130316; bh=DH4YT6S5FSrBrU0eSYfaZzieyIyx/yEonHcdDjx1MKg=; h=From:Message-Id:Mime-Version:Date:To; b=Beb61142nawTyMbnEvtOIXmZ1gbgQEXO6ngVAs5W9tBoxYNurfCOhe8fl81AuZtSB wenrG1VZ0GFv9NUGScw5CKBfZfdwL1JurtOMut5zGipBWOhjwZclRmoiICncsS7fWg EWYPeW+zF8lgoYGHjUt64JHoe5pA65i8Xs1gvi5ponRLoPQkZplYonxDz1bNL+lPpU RMp0HN/7BlgFxXMniBy5iJhxd1pt7E1fq/EciZqwD13V2ceqvx5HiBSBb4kuxrCul2 DnQLpKQ+ehlHJ1MO1aiF48MFH1WGReFz2roiweISrX6Z3HbouEZ0fAVa2trn5YnyWG 5EorS2zJY0S6A==
Received: from zmtaauth04.partage.renater.fr ([127.0.0.1]) by localhost (zmtaauth04.partage.renater.fr [127.0.0.1]) (amavis, port 10026) with ESMTP id 70iLwCeRs-cg; Fri, 21 Feb 2025 10:31:55 +0100 (CET)
Received: from 176.146.148.215 (unknown [194.254.241.249]) by zmtaauth04.partage.renater.fr (Postfix) with ESMTPA id 7F8541C0662; Fri, 21 Feb 2025 10:31:55 +0100 (CET)
From: Alex Huang Feng <alex.huang-feng@insa-lyon.fr>
Message-Id: <441BE267-D043-4B44-BD84-D3A0C1B8D37A@insa-lyon.fr>
Content-Type: multipart/alternative; boundary="Apple-Mail=_EA52F637-857F-40AD-9191-647F79D047E2"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3776.700.51.11.1\))
Date: Fri, 21 Feb 2025 10:31:45 +0100
In-Reply-To: <C8B5AAE2-4532-41DE-8A3B-91C386D78289@insa-lyon.fr>
To: Mohamed Boucadair <mohamed.boucadair@orange.com>, Benoit Claise <benoit.claise@huawei.com>
References: <CACvbXWH3Ppufo55DP1-8wQX_qNbHFjwJ+vPJM2aj0cKBaEoQSw@mail.gmail.com> <MR1PPF6395AA9E6F4527060E8E0711ABBAB88E82@MR1PPF6395AA9E6.FRAP264.PROD.OUTLOOK.COM> <8D3FE20E-CC86-402B-98F2-992B6513AE8E@insa-lyon.fr> <MR1PPF6395AA9E696C508674C6E77DF48B688FE2@MR1PPF6395AA9E6.FRAP264.PROD.OUTLOOK.COM> <C8B5AAE2-4532-41DE-8A3B-91C386D78289@insa-lyon.fr>
X-Mailer: Apple Mail (2.3776.700.51.11.1)
X-Virus-Scanned: clamav-milter 0.103.8 at clamav04
X-Virus-Status: Clean
X-Renater-Ptge-SpamState: clean
X-Renater-Ptge-SpamScore: -100
X-Renater-Ptge-SpamCause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgdeileeikecutefuodetggdotefrodftvfcurfhrohhfihhlvgemucftgffptefvgfftnecuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjughrpefhkfgtggfuffgjvefvfhfosegrtdhmrehhtdejnecuhfhrohhmpeetlhgvgicujfhurghnghcuhfgvnhhguceorghlvgigrdhhuhgrnhhgqdhfvghnghesihhnshgrqdhlhihonhdrfhhrqeenucggtffrrghtthgvrhhnpeelkeeludehkefftdeltdekgfetgfegueeggfekfefgieefkeekieeiffdvudfgieenucffohhmrghinhepihgvthhfrdhorhhgpdhgihhthhhusghushgvrhgtohhnthgvnhhtrdgtohhmpdhgihhthhhusgdrtghomhdprhhftgdqvgguihhtohhrrdhorhhgnecukfhppeduleegrddvheegrddvgedurddvgeelnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehinhgvthepudelgedrvdehgedrvdeguddrvdegledphhgvlhhopedujeeirddugeeirddugeekrddvudehpdhmrghilhhfrhhomheprghlvgigrdhhuhgrnhhgqdhfvghnghesihhnshgrqdhlhihonhdrfhhrpdhnsggprhgtphhtthhopeehpdhrtghpthhtohepmhhohhgrmhgvugdrsghouhgtrggurghirhesohhrrghnghgvrdgtohhmpdhrtghpthhtohepsggvnhhoihhtrdgtlhgrihhsvgeshhhurgifvghirdgtohhmpdhrtghpthhtohep phgvrhdrihgvthhfsehiohhnihhordhsvgdprhgtphhtthhopegurhgrfhhtqdhivghtfhdqnhgvthgtohhnfhdquhguphdqnhhothhifhesihgvthhfrdhorhhgpdhrtghpthhtohepnhgvthgtohhnfhesihgvthhfrdhorhhg
Message-ID-Hash: PROEOVHM5QLLFNFYRZCMHMHVUE77AAQ7
X-Message-ID-Hash: PROEOVHM5QLLFNFYRZCMHMHVUE77AAQ7
X-MailFrom: alex.huang-feng@insa-lyon.fr
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-netconf.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "draft-ietf-netconf-udp-notif@ietf.org" <draft-ietf-netconf-udp-notif@ietf.org>, "netconf@ietf.org" <netconf@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [netconf] Re: WGLC for udp-notif
List-Id: NETCONF WG list <netconf.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/33LypSRaAlq7HKRbhQvGxV8Xr4w>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Owner: <mailto:netconf-owner@ietf.org>
List-Post: <mailto:netconf@ietf.org>
List-Subscribe: <mailto:netconf-join@ietf.org>
List-Unsubscribe: <mailto:netconf-leave@ietf.org>

Dear Med and Benoit,

After discussing the private encoding option issue offline with the authors, we agreed to remove this option.

Diff of last commit: https://author-tools.ietf.org/diff?url_1=https://raw.githubusercontent.com/netconf-wg/udp-notif/12f8e7085b7f54bc2ffd84c94274e52ec4b53b4f/draft-ietf-netconf-udp-notif-19.txt&url_2=https://raw.githubusercontent.com/netconf-wg/udp-notif/refs/heads/main/draft-ietf-netconf-udp-notif-19.txt

Cheers,
Alex

> On 17 Feb 2025, at 10:29, Alex Huang Feng <alex.huang-feng@insa-lyon.fr> wrote:
> 
> Hi Med, and Benoit,
> 
> @Benoit and @Med:
> I have been discussing with the authors regarding the private encoding option.
> The motivation of adding this option was to enable users to encode information in the UDP-Notif header for private use.
> A use case is the encoding flavors as explained in -19 iteration, but an user may put internal references (URIs of a server, or any other info) that are needed for their collectors to correctly decode the message.
> See this as simply "having an option for use by private encodings/uses of the protocol". 
> It's not more than that, an option that is reserved for private uses. 
> 
> @Med:
> Thanks for the comments.
> See inline for the rest of the points.
> 
>> On 14 Feb 2025, at 14:17, mohamed.boucadair@orange.com <mailto:mohamed.boucadair@orange.com> wrote:
>> 
>> Hi Alex,
>>  
>> Thanks for the follow-up.
>>  
>> Please see inline.
>>  
>> Cheers,
>> Med
>>  
>> De : Alex Huang Feng <alex.huang-feng@insa-lyon.fr <mailto:alex.huang-feng@insa-lyon.fr>> 
>> Envoyé : mardi 11 février 2025 11:57
>> À : BOUCADAIR Mohamed INNOV/NET <mohamed.boucadair@orange.com <mailto:mohamed.boucadair@orange.com>>
>> Cc : Per Andersson <per.ietf@ionio.se <mailto:per.ietf@ionio.se>>; draft-ietf-netconf-udp-notif@ietf.org <mailto:draft-ietf-netconf-udp-notif@ietf.org>; netconf@ietf.org <mailto:netconf@ietf.org>
>> Objet : Re: [netconf] WGLC for udp-notif
>>  
>> Dear Med, NETCONF WG,
>>  
>> Thanks a lot for the (very) detailed review and proposals. They have been very useful.
>> I have been working on integrating these (and other suggestions from the WGLC) into the -19 iteration: https://github.com/netconf-wg/udp-notif/blob/main/draft-ietf-netconf-udp-notif-19.txt
>>  
>> The rfcdiff: https://author-tools.ietf.org/diff?doc_1=draft-ietf-netconf-udp-notif-18&url_2=https://raw.githubusercontent.com/netconf-wg/udp-notif/refs/heads/main/draft-ietf-netconf-udp-notif-19.txt
>>  
>> [Med] The changes are in the good direction. I appreciate that you added a new appendix to illustrate the use of the private encoding option, but I’m still not comfortable with having this in a PS.
> 
>>  
>> Hoping this iteration addresses your concerns.
>>  
>> See also inline.
>> 
>> 
>> On 31 Jan 2025, at 09:44, mohamed.boucadair@orange.com <mailto:mohamed.boucadair@orange.com> wrote:
>>  
>> Hi all,
>> 
>> I support this effort. Many thanks to the authors for taking care of this.
>> 
>> # Detailed Review
>> 
>> I think that there are still some places where the spec needs to be updated. There is also room to simplify a bit and focus on the core functions (e.g., remove the private encoding; that part is underspecified anyway and don't see how this can be included in a standard).
>> 
>> My detailed review, comments, and suggestions can be found at: 
>> * pdf: https://github.com/boucadair/IETF-Drafts-Reviews/blob/master/2025/draft-ietf-netconf-udp-notif-18-rev%20Med.pdf 
>> * doc: https://github.com/boucadair/IETF-Drafts-Reviews/raw/refs/heads/master/2025/draft-ietf-netconf-udp-notif-18-rev%20Med.doc
>> 
>> # Options, Segmentation, and CC
>> 
>> The segmentation and congestion control are key features that need some more work, IMO. The authors may look into the similar work in that area (e.g., RFC9177 for both segments/CC, and the FRAG option in the UDP option spec (draft-ietf-tsvwg-udp-options-38#11.4)). I'm not saying that those can be reused as such, but simply suggesting that you look into those and grab whatever useful here. For example, 
>>  * 9177 has guards to protect the network form overloads due to flying a large number of blocks/segments.
>>  * UDP-option require the FRAG to be the first option (to accommodate hw acceleration, etc.), while udp-notif requires the options to be ordered (without any rationale/apparent benefit)
>>  
>> This has been changed to only requiring the segmentation placed in the first position.
>> [Med] This looks better. Thanks.
>>  
>> I have been discussing with the authors about the ordered options. The main reason behind this was to prepare future allocations of UDP-Notif options, so that implementations could already expect the positioning of these options.
>> 
>> Also, the segmentation is discussed independent of the DTLS, which I think requires some checks from the authors, especially that DTLS requires records to fit within a single datagram (that is, it does not handle fragmentation for application data).
>>  
>> I added a sub-section in DTLS section:
>> [RFC9147] states that DTLS message may be fragmented into multiple
>>                DTLS records.  A DTLS message carrying a UDP-Notif message SHOULD fit        
>>                within a single datagram to avoid DTLS fragmentation.             
>>                Implementations SHOULD account for DTLS overhead when determining the
>>                maximum UDP-Notif notification message size.
>>  
>> [Med] ACK
>> 
>> 
>> 
>> The document says that the seg num does not wrap around (while mandating the initial value to be 0). It is unlikely to exceed 32 765 segments. Rather, I suggest to add a guard in the security section to discard segments when they exceed a certain number because this can be used as an abuse to require computation resources to reassemble a large number of segments. Knobs to control those should be supported.
>>  
>> We added:
>> A receiver collecting segmented UDP-Notif messages SHOULD have a
>>    configurable parameter to discard segments when they exceed a certain
>>    amount of segments.  The generation of too many segments by a
>>    publisher can be used as an abuse to require computation resources
>>    for reassembling large messages at the receiver.
>>  
>> [Med] Thanks. I guess a parameter is missing to control that in the YANG module.
> The YANG module is for configuring the publisher, not the receiver.
>> 
>> # Consistency with 8639
>> 
>> There is a need to be consistent with the transport reco in RFC8639. For example, this part is not followed:
>> 
>> "A specification for a transport MUST identify any encodings that are supported. If a configured subscription's transport allows different encodings, the specification MUST identify the default encoding."
>> 
>> I trust you will check that section again.
>> This statement has been raised multiple times on the ML: https://mailarchive.ietf.org/arch/msg/netconf/7tqFOjLnaKNKT2BHwFHco2gwbCY/
>> So far, the consensus from the WG is to ignore this statement and enable the discovery through other mechanisms: https://www.rfc-editor.org/errata/eid6211
>>  
>> [Med] We need to explicitly mention that we deviate from that MUST and explain the rationale.
> How about the following? (added in Sec 3.3):
>    Subscribed Notifications [RFC8639] states that a transport MUST
>    identify a default encoding.  However, as per [Errata-6211],
>    Subscribed Notifications does not require to define a default
>    encoding.
>> 
>> # YANG
>> 
>> It is unfortunate that the version that is being last called wasn't checked to be clean vs. yang validation. It not late to fix those, though :-)
>> Fixed :)
>> 
>> The YANG module includes a provision for managing keepalives, but the use of these is not covered in the main spec.
>> Keepalives are part of the tlsc:tls-client-grouping. 
>>  
>> [Med] That’s not a reason to import it here! You can disable that part if there is no actual use in this context.
> Good point. We have removed the keep-alives-related leaves.
>> 
>> Suggest to add parameter to control the timer/resources to store fragments, rate-limit sending of segments, etc.
>> 
>> Aaah, please update the security section to cover YANG cons (see the template in https://datatracker.ietf.org/doc/html/draft-ietf-netmod-rfc8407bis-22#name-security-considerations-sect)
>> Added.
>> [Med] Thanks. 8407bis does not need to be listed as normative. The same applies for RFC6242, RFC8446. Please double check.
> Thanks for the pointers !
> Fixed.
> 
> Cheers, 
> Alex
> 
>>  
>> Cheers,
>> Alex
>> 
>> 
>> 
>> Also, included some proposals to better structure the various registries.
>> 
>> Hope this is useful.
>> 
>> Cheers,
>> Med
>> 
>> 
>> -----Message d'origine-----
>> De : Per Andersson <per.ietf@ionio.se <mailto:per.ietf@ionio.se>>
>> Envoyé : jeudi 30 janvier 2025 16:07
>> À : netconf@ietf.org <mailto:netconf@ietf.org>
>> Objet : [netconf] WGLC for udp-notif
>> 
>> 
>> Hi!
>> 
>> This email begins a two-week WGLC on:
>> 
>> UDP-based Transport for Configured Subscriptions
>> 
>> Please take time to review this draft and post comments by
>> February 13.  Favorable comments are especially welcomed.
>> 
>> ____________________________________________________________________________________________________________
>> Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
>> pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
>> a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
>> Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
>> 
>> This message and its attachments may contain confidential or privileged information that may be protected by law;
>> they should not be distributed, used or copied without authorisation.
>> If you have received this email in error, please notify the sender and delete this message and its attachments.
>> As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
>> Thank you.
>> 
>> _______________________________________________
>> netconf mailing list -- netconf@ietf.org <mailto:netconf@ietf.org>
>> To unsubscribe send an email to netconf-leave@ietf.org <mailto:netconf-leave@ietf.org>
>>  
>> ____________________________________________________________________________________________________________
>> Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
>> pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
>> a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
>> Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
>> 
>> This message and its attachments may contain confidential or privileged information that may be protected by law;
>> they should not be distributed, used or copied without authorisation.
>> If you have received this email in error, please notify the sender and delete this message and its attachments.
>> As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
>> Thank you.