IETF Logo Mail Archive

Re: [Netconf] Yangdoctors last call review of draft-ietf-netconf-restconf-client-server-04

Kent Watsen <kwatsen@juniper.net> Wed, 09 August 2017 20:48 UTC

Return-Path: <kwatsen@juniper.net>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 619EF132492; Wed, 9 Aug 2017 13:48:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.021
X-Spam-Level:
X-Spam-Status: No, score=-2.021 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GCPz5NRj1otL; Wed, 9 Aug 2017 13:48:14 -0700 (PDT)
Received: from NAM03-BY2-obe.outbound.protection.outlook.com (mail-by2nam03on0090.outbound.protection.outlook.com [104.47.42.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D726213248D; Wed, 9 Aug 2017 13:48:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=yZEfmEtTBUAfyJw8Iy7cii2lqUDsP0UQST9+JDRESow=; b=VZFQRkfYdOzrzYax5e5v9ekHu/zFuB/Buwuz/YBupSvX+VsFM43jkmwUpSoLA98D73tbTpdzJcjLekFO+tABsYgfq1loKPuE6sVoTuIbTsmqXuKllolsFIcr3BXOdgbK8z8dSOqiQ2ZEy7ViYFcw4XUYD37lSOXupMm0HEA2X1I=
Received: from BN3PR0501MB1442.namprd05.prod.outlook.com (10.160.117.151) by BN3PR0501MB1457.namprd05.prod.outlook.com (10.160.117.154) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.1.1341.9; Wed, 9 Aug 2017 20:48:11 +0000
Received: from BN3PR0501MB1442.namprd05.prod.outlook.com ([10.160.117.151]) by BN3PR0501MB1442.namprd05.prod.outlook.com ([10.160.117.151]) with mapi id 15.01.1341.010; Wed, 9 Aug 2017 20:48:11 +0000
From: Kent Watsen <kwatsen@juniper.net>
To: Andy Bierman <andy@yumaworks.com>
CC: "yang-doctors@ietf.org" <yang-doctors@ietf.org>, "draft-ietf-netconf-restconf-client-server.all@ietf.org" <draft-ietf-netconf-restconf-client-server.all@ietf.org>, "netconf@ietf.org" <netconf@ietf.org>
Thread-Topic: Yangdoctors last call review of draft-ietf-netconf-restconf-client-server-04
Thread-Index: AQHTB+8y29TveGyQA0qavQMqV/nni6JuTX8AgAGcVwCADGTdgA==
Date: Wed, 09 Aug 2017 20:48:11 +0000
Message-ID: <30CD19F8-6441-4EA3-A340-8CEDD6D4FD6A@juniper.net>
References: <150128020275.20726.13027423171798327745@ietfa.amsl.com> <A9F2ED3F-6AC5-4AEF-8EBF-1C4F89A6F0F7@juniper.net> <CABCOCHTmNdi7ZGPL_R8vyZTOKeVwJgtrqsT0ZNBCbMUT4Qo9tA@mail.gmail.com>
In-Reply-To: <CABCOCHTmNdi7ZGPL_R8vyZTOKeVwJgtrqsT0ZNBCbMUT4Qo9tA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.20.0.170309
x-originating-ip: [66.129.241.14]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BN3PR0501MB1457; 6:B5X3XfpILl3bOVgniiwMkLWs1O58xa8CBYycX8tughV7yqY46KyfMgXt4lRXm1y288Z2BiX/FeeREb4EKGMFyUGD92zpuzXpnH0jQhmHJzVly99j3doAPs9UNFKra1guo/vH1otfpDAh+k25UZb6RsaZzveRmNHLTKqdmrKCBw9P4pxTbYp65v1IPlOQZgrhEVndURmm1Fm/rXFfcJgnjIqbVzJDqlclao2AmBGElXoUK2sdIAhhmfVy8bWwwK0rZS7AQDXYUnnpp9e0OedyeraKjmoPyWjJhICjpKYy/anWfAxpSDoDuORpzUR/ejPCdRY6NBENMKZ0/LTqCqq+vg==; 5:PWFyYzxpBAsLQ9Uc/VfQtxDxKFFokn8xd1GItVBgKkNx0Mr/uuFezr1IiX+T+6BoB0dd48aJA1TGCPE1xTLLNZbvuHKTLd1ES9vZGOQchhC2NCU5tTFs70ziGDy5Xc3C/gMhXycX930X8O0JnIXAfA==; 24:6iRWkJEvIfcx4+3pBAz3X39lnmuElPC4gGczJ5H97/0KRBHwRRWqdE5zu7+SgaqqTxDJ/lpajT0ADlueEcTiMmeASJ8MOycLebEOWrdaTnM=; 7:zjVvVlxhFQ1a79DiYuaSqkksDLzKXNVrQbrVcykGo+EHQFPmmmmeAkXvBT00lTENDxKw/yBXQ7TAyAFwwxLRP0eyixC6dosoUqBXGWMULMks0MJDtYBBDaonokYl6SUPYtUoo0E4cOEbrcc8BDVyn+Vv0gFNbFyuMiG/AVEkXJJj/No5ir0krf8snXO0BfhIlRJLIxIGx+l1w/mBWv51qflmCw2ogJQ+vRSf9GUwqoE=
x-ms-office365-filtering-correlation-id: 0fdfafe4-e342-4fb6-3c85-08d4df67f30f
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254152)(48565401081)(300000503095)(300135400095)(2017052603124)(201703131423075)(201703031133081)(201702281549075)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:BN3PR0501MB1457;
x-ms-traffictypediagnostic: BN3PR0501MB1457:
x-exchange-antispam-report-test: UriScan:(158342451672863)(21532816269658);
x-microsoft-antispam-prvs: <BN3PR0501MB1457FF2AE24DF9674E8DBB8AA58B0@BN3PR0501MB1457.namprd05.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(601004)(2401047)(5005006)(8121501046)(93006095)(93001095)(100000703101)(100105400095)(10201501046)(3002001)(6055026)(6041248)(20161123555025)(20161123562025)(20161123564025)(20161123560025)(20161123558100)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:BN3PR0501MB1457; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:BN3PR0501MB1457;
x-forefront-prvs: 0394259C80
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(39850400002)(39860400002)(39450400003)(39840400002)(39410400002)(39400400002)(199003)(189002)(76104003)(3846002)(4001350100001)(81156014)(2900100001)(8936002)(14454004)(189998001)(8676002)(4326008)(7736002)(478600001)(36756003)(6436002)(305945005)(25786009)(81166006)(6246003)(6486002)(229853002)(83506001)(6506006)(102836003)(110136004)(38730400002)(6116002)(77096006)(54906002)(106356001)(86362001)(3660700001)(105586002)(83716003)(53936002)(54356999)(6916009)(66066001)(99286003)(561944003)(3280700002)(97736004)(76176999)(2950100002)(2906002)(5660300001)(33656002)(82746002)(6512007)(68736007)(50986999)(101416001)(230783001); DIR:OUT; SFP:1102; SCL:1; SRVR:BN3PR0501MB1457; H:BN3PR0501MB1442.namprd05.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=kwatsen@juniper.net;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <EE88931035B4424888F489D7D81ECAB4@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Aug 2017 20:48:11.7788 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN3PR0501MB1457
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/5tyFoMN70gK7I-p7XN0I1NZxceE>
Subject: Re: [Netconf] Yangdoctors last call review of draft-ietf-netconf-restconf-client-server-04
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Network Configuration WG mailing list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Aug 2017 20:48:16 -0000

Hi Andy,

>>> Modules:
>>>  (M1) ietf-restconf-client@2017-07-03.yang
>>>  (M2) ietf-restconf-server@2017-07-03.yang
>>>
>>> Comments:
>>> 
>>> C1:
>>>
>>> (M1) RESTCONF does not have sessions so the term "RESTCONF session"
>>> needs to be defined
>>
>> <KENT> good point, in this case, it's actually the underlying 
>> transport (TLS) that has a session.  Fixed.  But what about the
>> 'max-sessions' leaf, under 'listen', in both modules?  - should
>> this also be changed to talk about the TLS session, or removed
>> altogether?
>
> I think you can change it to "transport session" or "TLS session"
> if the concept of session reconnect is is kept for RESTCONF

Fixed in my local copy.
 

>>> C2:
>>>
>>> (M1) feature tls-initiate
>>> (M1) feature tls-listen
>>> (M2) feature tls-listen
>>> (M2) feature tls-call-home
>>>
>>> Are these features really needed since a RESTCONF server MUST support
>>> the TLS transport?
>>
>> <KENT> the features themselves are needed, as we don't know what 
>> clients/servers may support.
>>
> OK -- These features are nested within other features (initiate, listen).
> You should add a comment somewhere that TLS is optional-to-support,
> but mandatory to support if the TLS transport is implemented.
> Currently RESTCONF requires TLS be supported, but future
> versions could be different.

I added this to the description statement of the 'tls-listen' and
'tls-initiate' features:

      Currently TLS is the only transport supported by RESTCONF,
      this feature helps support possible future transports.";

and I also added a design note into the draft itself.


> Also, recent YANG 1.1 discussions concluded (wrongly IMO) that nested
> nodes do not inherit the if-feature-stmts of ancestors.  It is not clear
> how one would access /foo/bar if /foo was not supported.

Wait, seriously? I didn't see that.  I don't understand how else nested
if-feature statements can be interpreted.  Can you point to the thread
where this was discussed?



> So perhaps you should add if-feature-stmts:
>
>  feature tls-listen {
>     if-feature listen;
>     ...
>  }
>
>  feature tls-listen {
>    if-feature listen;
>    ...
>  }

I went ahead and made this change, it seems better.



>>> C3:
>
> Change it to be TLS session

Done.

 

>>> C4:
> 
> OK -- this is how our server works. It does not make a special case for Connection: close.

Correct.



>>> C5:
>
> It should be clear that the client would have to issue a GET or maybe POST
> to initiate the sending of stored data like logs

Okay, how about this?

   "Periodically connect to the RESTCONF server, so that,
    e.g., the RESTCONF client can collect data (logs) 
    from the RESTCONF server.  The RESTCONF client must
    close the connection when it is ready to release it.
    Once the connection is closed, the RESTCONF client
    restarts its timer until the next connection.";



>>>C6:
>>>
>>> (M1)  /restconf-client/initiate/restconf-server/periodic/
>>> (M2)  /restconf-server/call-home/restconf-client/connection-type/periodic/
>>>
>>> The RESTCONF notifications via SSE should be exempt from timeouts.
>>> The RESTCONF client should terminate an SSE request. The server should
>>> not timeout an SSE response connection
>>
>> <KENT> Agreed, and the description statement for the 'idle-timeout' leaf
>> says "Sessions that have a notification subscription active are never
>> dropped.  But here, under 'periodic', the whole point is to shed idle
>> connections.  For instance, imagine a client that wants to collect logs
>> from a low-powered server once a day.  What do you think?
>
> Notification replay has a mode where it is terminated (i.e,., end-time provided)
> I think this would have to be used by the client.  This tells the server to drop
> the connection when the replay is complete.

Sure, but keep in mind that logs are just an example, there could be other
data-collection mechanisms.  Still, note that when end-time provided is
reached, the line would become idle, if it didn't drop.  This seems like a
more generic mechanism.


> This is 1 exception -- another is close-session. 
>
>   POST /restconf/operations/ietf-netconf:close-session
>
> Is this supposed to do anything in RESTCONF?

First, I don't view the above as an exception.  With regards to 'close-
session', does it even have a meaning in RESTCONF?  - and is this actually
an issue for RFC 8040?



>>> C7:
>>>
>>> Sec 1.2 Tree Diagrams
>>> 
>>> Old text should be replaced with reference to
>>> draft-ietf-netmod-yang-tree-diagrams-01
>>
>> <KENT> same comment as before.
>
> OK -- wait for tree draft to be stable

Yep.


>>> Nits:
>>>
>>> The tree diagram shows the fully expanded groupings,
>>> even many objects are in other drafts. I needed all 5 drafts
>>> open in windows for searching, plus pyang tree output,
>>> to really follow the data model structure.
>>
>> <KENT> I know.  Do you have a proposal?
>
> The external nodes cannot really use a prefix because they
> are pulled in from groupings, and technically in the same module
> namespace. I don't know if any changes to the tree diagram 
> should be made for uses external-grouping.

Agreed.
 


> Andy

Kent

v2.23.0 | Report a Bug | By Email