IETF Logo Mail Archive

Re: [netconf] Pullback tcp-client-server also?

"Scharf, Michael" <Michael.Scharf@hs-esslingen.de> Thu, 21 March 2024 17:09 UTC

Return-Path: <Michael.Scharf@hs-esslingen.de>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7EECFC180B5C for <netconf@ietfa.amsl.com>; Thu, 21 Mar 2024 10:09:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.103
X-Spam-Level:
X-Spam-Status: No, score=-2.103 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hs-esslingen.de
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lgJFtdYVNUNd for <netconf@ietfa.amsl.com>; Thu, 21 Mar 2024 10:09:55 -0700 (PDT)
Received: from mail.hs-esslingen.de (mail.hs-esslingen.de [134.108.32.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D12CFC15154E for <netconf@ietf.org>; Thu, 21 Mar 2024 10:09:53 -0700 (PDT)
Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.hs-esslingen.de (Postfix) with ESMTP id 1200625A18; Thu, 21 Mar 2024 18:09:51 +0100 (CET)
DKIM-Filter: OpenDKIM Filter v2.9.1 mail.hs-esslingen.de 1200625A18
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=hs-esslingen.de; s=20240206; t=1711040991; bh=nUL3CPUC0ACjf2N6JCdyFr0jHtZe9YoimvnPTTwHfD4=; h=From:To:CC:Subject:Date:References:In-Reply-To:From; b=QBEFQbzlyLktfrbe/fF+0w6GoXqhOzvcFbgz3jtNsj6xrbKQHtfTH7dPY84VK1Bnd Rmfy+AjJ0FBvUMZmDo9+p8Jl79MVfE00rVkLUO/DR7TnCMiq6iNkPBWJAVeqwoxSTI AEFrw+HWxNEGXDdyxCn6SZfehEK/wZ0K0NkMZr4U92K36lDu3i1JUxkQ2W0WqE1PwD GG3SmfzrlL/ZcEMCtft2lGj7o6vAFZaS2aPwkfvjmOxBIeUntZ0+F+c59FcvJQ0qdM 5MQSk5mcLyk5jKt/dt0knSFzRNXfhgGImsHQIr1wi8dk+47Hf7tuD5+JonCobd92Hv u/5Sd+oacRK/Q==
X-Virus-Scanned: by amavisd-new-2.7.1 (20120429) (Debian) at hs-esslingen.de
Received: from mail.hs-esslingen.de ([127.0.0.1]) by localhost (hs-esslingen.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Wk6rtxmtlo9U; Thu, 21 Mar 2024 18:09:48 +0100 (CET)
Received: from rznt8201.rznt.rzdir.fht-esslingen.de (rznt8201.hs-esslingen.de [134.108.48.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.hs-esslingen.de (Postfix) with ESMTPS; Thu, 21 Mar 2024 18:09:48 +0100 (CET)
Received: from rznt8202.rznt.rzdir.fht-esslingen.de (134.108.48.165) by rznt8201.rznt.rzdir.fht-esslingen.de (134.108.48.164) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.37; Thu, 21 Mar 2024 18:09:48 +0100
Received: from rznt8202.rznt.rzdir.fht-esslingen.de ([fe80::aca4:171a:3ee1:57e0]) by rznt8202.rznt.rzdir.fht-esslingen.de ([fe80::aca4:171a:3ee1:57e0%3]) with mapi id 15.01.2507.037; Thu, 21 Mar 2024 18:09:48 +0100
From: "Scharf, Michael" <Michael.Scharf@hs-esslingen.de>
To: "Joe Clarke (jclarke)" <jclarke=40cisco.com@dmarc.ietf.org>, "mohamed.boucadair@orange.com" <mohamed.boucadair@orange.com>, Mahesh Jethanandani <mjethanandani@gmail.com>
CC: Netconf <netconf@ietf.org>
Thread-Topic: [netconf] Pullback tcp-client-server also?
Thread-Index: AQHaej+QrR4uzp44Ekm8RH6d0US5tLE/kuCAgAAK2ACAABgaAIAAAg8AgAADcYCAAAScgIAABlqAgAAAy4CAABHeAIAClBBw
Date: Thu, 21 Mar 2024 17:09:48 +0000
Message-ID: <d159c0db876941bb9dbc996f5a3df0d2@hs-esslingen.de>
References: <DU2PR02MB10160D45D1B097E0402C81F5D88332@DU2PR02MB10160.eurprd02.prod.outlook.com> <0100018e59548770-0e565cea-5193-4074-80f9-4f2430d18a9c-000000@email.amazonses.com> <DU2PR02MB1016043201C524611C0E4385188332@DU2PR02MB10160.eurprd02.prod.outlook.com> <A675AC8B-443A-4077-8F75-BF9B786C4EE8@gmail.com> <DU2PR02MB101607BDA6356F05B5C9A8F5F88332@DU2PR02MB10160.eurprd02.prod.outlook.com> <BN9PR11MB537185CD3B8C1077D117F74AB8332@BN9PR11MB5371.namprd11.prod.outlook.com>
In-Reply-To: <BN9PR11MB537185CD3B8C1077D117F74AB8332@BN9PR11MB5371.namprd11.prod.outlook.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [134.108.48.169]
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_000F_01DA7BBA.F29EFC50"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/4qVkDlq6WX1tzGKt56W_9tK64oE>
Subject: Re: [netconf] Pullback tcp-client-server also?
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Mar 2024 17:09:59 -0000

Hi all,

 

Sorry for chiming in late. This week I am very busy in my day job.

 

I still try to fully understand the problem while catching up. I apologize if I miss something.

 

To start with, I’d like to highlight that at first sight draft-ietf-tcpm-yang-tcp has to solve a similar problem.

 

Well, draft-ietf-netconf-tcp-client-server is more about the application view, whereas draft-ietf-tcpm-yang-tcp is about the stack-internal view. But they are related, and draft-ietf-tcpm-yang-tcp waits in the RFC editor queue…

 

In draft-ietf-tcpm-yang-tcp, the solution for a TCP listener (i.e., server) is:

 

     leaf address {

        type union {

          type inet:ip-address;

          type string {

            length 0;

          }

        }

        description

          "The local IP address for this TCP connection.

 

           The value of this node can be represented in three

           possible ways, depending on the characteristics of the

           listening application:

 

           1. For an application willing to accept both IPv4 and

              IPv6 datagrams, the value of this node must be

              ''h (a zero-length octet-string), with the value

              of the corresponding 'type' object being

              unspecified (0).

 

           2. For an application willing to accept only IPv4 or

              IPv6 datagrams, the value of this node must be

              '0.0.0.0' or '::' respectively, with

              'type' representing the appropriate address type.

 

           3. For an application which is listening for data

              destined only to a specific IP address, the value

              of this node is the specific local address, with

              'type' representing the appropriate address type.";

      }

 

This solution also supports dual-stack. As far as I recall, there was some discussion on how to model dual-stack, and this is what we ended up with.

 

At first sight, this leaf can model the example below. Or do I miss something?

 

Thanks

 

Michael

 

 

 

From: netconf <netconf-bounces@ietf.org> On Behalf Of Joe Clarke (jclarke)
Sent: Wednesday, March 20, 2024 3:34 AM
To: mohamed.boucadair@orange.com; Mahesh Jethanandani <mjethanandani@gmail.com>
Cc: Netconf <netconf@ietf.org>
Subject: Re: [netconf] Pullback tcp-client-server also?

 

As I thought about this more and consider Med’s DHC example, I kept coming back to how services are defined in a UNIX /etc/services file.  In Med’s example, DHCPv4 and DHCPv6 each have different services for client and server.  If I were implementing the “tcp-server-grouping” for a given service on a host, a leaf-list would be sufficient (as I’d have two different daemons or at least two different config blocks for v4 and v6).

 

However, Med is making the point that if this was to be implemented at a controller or higher abstraction level he wants to offer a “DHC” service as a single entity.  In this case, he’d like to have all DHC-capabilities under one service config (albeit that is more of an example for UDP server).

 

Concretely, I think he is proposing something like the attached snippet (Med, correct me if I’m wrong).  In this case, if I had an SSH server as an example that used different ports for different address families I would have (in XML):

 

<tcp-server xmlns="urn:ietf:params:xml:ns:yang:ietf-tcp-server">

  <local-bind>

    <local-address>0.0.0.0</local-address>

    <local-port>22</local-port>

    <keepalives>

      <idle-time>7200</idle-time>

      <max-probes>9</max-probes>

      <probe-interval>75</probe-interval>

    </keepalives>

  </local-bind>

  <local-bind>

    <local-address>::</local-address>

    <local-port>22022</local-port>

    <keepalives>

      <idle-time>7200</idle-time>

      <max-probes>9</max-probes>

      <probe-interval>75</probe-interval>

    </keepalives>

  </local-bind>

</tcp-server>

 

Yes, this adds complexity in order to get more flexibility, but you can still do the same ports for a given server such as:

 

<tcp-server xmlns="urn:ietf:params:xml:ns:yang:ietf-tcp-server">

  <local-bind>

    <local-address>0.0.0.0</local-address>

    <local-port>22</local-port>

    <keepalives>

      <idle-time>7200</idle-time>

      <max-probes>9</max-probes>

      <probe-interval>75</probe-interval>

    </keepalives>

  </local-bind>

  <local-bind>

    <local-address>::</local-address>

    <local-port>22</local-port>

    <keepalives>

      <idle-time>7200</idle-time>

      <max-probes>9</max-probes>

      <probe-interval>75</probe-interval>

    </keepalives>

  </local-bind>

</tcp-server>

 

 

  Joe

 

From: netconf <netconf-bounces@ietf.org <mailto:netconf-bounces@ietf.org> > on behalf of mohamed.boucadair@orange.com <mailto:mohamed.boucadair@orange.com>  <mohamed.boucadair@orange.com <mailto:mohamed.boucadair@orange.com> >
Date: Tuesday, March 19, 2024 at 21:31
To: Mahesh Jethanandani <mjethanandani@gmail.com <mailto:mjethanandani@gmail.com> >
Cc: Netconf <netconf@ietf.org <mailto:netconf@ietf.org> >
Subject: Re: [netconf] Pullback tcp-client-server also?

Re, 

 

Yes.

 

Cheers,

Med

 

De : Mahesh Jethanandani <mjethanandani@gmail.com <mailto:mjethanandani@gmail.com> > 
Envoyé : mercredi 20 mars 2024 11:27
À : BOUCADAIR Mohamed INNOV/NET <mohamed.boucadair@orange.com <mailto:mohamed.boucadair@orange.com> >
Cc : Kent Watsen <kent+ietf@watsen.net <mailto:kent+ietf@watsen.net> >; Netconf <netconf@ietf.org <mailto:netconf@ietf.org> >
Objet : Re: [netconf] Pullback tcp-client-server also?

 

Hi Med,

 

 

On Mar 20, 2024, at 11:04 AM, mohamed.boucadair@orange.com <mailto:mohamed.boucadair@orange.com>  wrote:

 

Re-,

 

As Joe rightfully mentioned, running different instances is likely to happen at the device level. For that case, the leaf-list approach is just fine. 

 

Now, when the model is reused in upper layers (network or service models), that would not be sufficient. Think about a DHC service model which hides the internal of the service (whether this is dhcp or dhcpv6) but simply needs to expose where the dhc service is enabled: distinct ports are required for that case.

 

[mj] So a list of local-address and local-port?

 

Cheers.

 

 

Cheers,

Med

 

De : Kent Watsen < <mailto:kent+ietf@watsen.net> kent+ietf@watsen.net> 
Envoyé : mercredi 20 mars 2024 10:48
À : BOUCADAIR Mohamed INNOV/NET < <mailto:mohamed.boucadair@orange.com> mohamed.boucadair@orange.com>
Cc : Joe Clarke (jclarke) < <mailto:jclarke@cisco.com> jclarke@cisco.com>; Rob Wilton (rwilton) < <mailto:rwilton@cisco.com> rwilton@cisco.com>;  <mailto:netconf@ietf.org> netconf@ietf.org
Objet : Re: [netconf] Pullback tcp-client-server also?

 

Hi Med,

 

Do you mean a list of “local-address + local-port” tuples?

 

Can you post a concrete proposal?

 

K. 

 

 

On Mar 20, 2024, at 10:36 AM,  <mailto:mohamed.boucadair@orange.com> mohamed.boucadair@orange.com wrote:

 

Re-,

 

This would address the first cases I mentioned, but not the third one.

 

At least some narrative text is needed to explain the intended use of distinct port per AF. A cleaner approach would to model this is as a list keyed per AF.

 

Cheers,

Med

 

De : Kent Watsen < <mailto:kent+ietf@watsen.net> kent+ietf@watsen.net> 
Envoyé : mercredi 20 mars 2024 10:29
À : Joe Clarke (jclarke) < <mailto:jclarke@cisco.com> jclarke@cisco.com>
Cc : BOUCADAIR Mohamed INNOV/NET < <mailto:mohamed.boucadair@orange.com> mohamed.boucadair@orange.com>; Rob Wilton (rwilton) < <mailto:rwilton@cisco.com> rwilton@cisco.com>;  <mailto:netconf@ietf.org> netconf@ietf.org
Objet : Re: [netconf] Pullback tcp-client-server also?

 

Thanks Med and Joe.  I had a sidebar with Rob and Mahesh, and we’re going to do this update in Auth48.  

 

Let us (the WG) agree on the exact change.  

  1) change ‘leaf’ to ‘leaf-list’

  2) tweak the ‘description’ to say that it’s a list

  

Anything else?  Do we need to disallow shadows?  (e.g., two wildcards)

 

K. 

 

 

On Mar 20, 2024, at 9:02 AM, Joe Clarke (jclarke) < <mailto:jclarke@cisco.com> jclarke@cisco.com> wrote:

 

I agree with Med.  Your description is an either/or, but one server might do something like:

 

tcp46      0      0 *.9100                 *.*                    LISTEN <== Listen on all v4 and v6 addresses

 

Or:

 

tcp4       0      0 127.0.0.1.25           *.*                    LISTEN <==Listen on just v4 on an explicit address

 

Or:

 

tcp6       0      0 ::1.25   *.*                              LISTEN <== Listen on just v6 on an explicit address

 

In the first case, I’d think you’d at least need a leaf-list to hold both 0.0.0.0 and ::.  In the second two cases, you’d want this service to have a leaf list for 127.0.0.1 and ::1.

 

Joe

 

From: netconf < <mailto:netconf-bounces@ietf.org> netconf-bounces@ietf.org> on behalf of <mailto:mohamed.boucadair@orange.com> mohamed.boucadair@orange.com< <mailto:mohamed.boucadair@orange.com> mohamed.boucadair@orange.com>
Date: Tuesday, March 19, 2024 at 18:23
To: Kent Watsen < <mailto:kent+ietf@watsen.net> kent+ietf@watsen.net>, Rob Wilton (rwilton) < <mailto:rwilton@cisco.com> rwilton@cisco.com>
Cc:  <mailto:netconf@ietf.org> netconf@ietf.org < <mailto:netconf@ietf.org> netconf@ietf.org>
Subject: Re: [netconf] Pullback tcp-client-server also?

Hi Kent, all,

 

When I initially raised the issue for the UDP grouping, I had in mind any, IPv4/IPv6 explicit address bindings, and eventually listening on distinct port numbers per AF. Given this is a reusable model, these cases should be all covered.

 

Cheers,

Med

 

De : netconf < <mailto:netconf-bounces@ietf.org> netconf-bounces@ietf.org> De la part deKent Watsen
Envoyé : mercredi 20 mars 2024 06:54
À : Rob Wilton < <mailto:rwilton@cisco.com> rwilton@cisco.com>
Cc :  <mailto:netconf@ietf.org> netconf@ietf.org
Objet : [netconf] Pullback tcp-client-server also?

 

Rob, Netconf, 

 

Regarding support for “dual-stack”, do we need to convert from a “leaf” to a “leaf-list”?

 

Please note that the existing text says that a wildcard card may be used to bind to all addresses:

 

leaf local-address {
      type inet:ip-address;
      mandatory true;
      description
        "The local IP address to listen on for incoming
         TCP client connections.  INADDR_ANY (0.0.0.0) or
         INADDR6_ANY (0:0:0:0:0:0:0:0 a.k.a. ::) MUST be
         used when the server is to listen on all IPv4 or
         IPv6 address.";
    }

 

Good enough?

 

Kent 

 

____________________________________________________________________________________________________________
Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
 
This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

____________________________________________________________________________________________________________
Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
 
This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

____________________________________________________________________________________________________________
Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
 
This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

_______________________________________________
netconf mailing list
 <mailto:netconf@ietf.org> netconf@ietf.org
 <https://www.ietf.org/mailman/listinfo/netconf> https://www.ietf.org/mailman/listinfo/netconf

 


Mahesh Jethanandani

mjethanandani@gmail.com <mailto:mjethanandani@gmail.com> 

 

 

 

 

 

____________________________________________________________________________________________________________
Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
 
This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

v2.23.0 | Report a Bug | By Email