[netconf] Re: Private candidates -03 and points for discussion
Andy Bierman <andy@yumaworks.com> Thu, 27 June 2024 13:24 UTC
Return-Path: <andy@yumaworks.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0CF80C14F6B7 for <netconf@ietfa.amsl.com>; Thu, 27 Jun 2024 06:24:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.864
X-Spam-Level:
X-Spam-Status: No, score=-0.864 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, NORMAL_HTTP_TO_IP=0.001, NUMERIC_HTTP_ADDR=1.242, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yumaworks.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JgWSj8528oFD for <netconf@ietfa.amsl.com>; Thu, 27 Jun 2024 06:24:01 -0700 (PDT)
Received: from mail-pj1-x1036.google.com (mail-pj1-x1036.google.com [IPv6:2607:f8b0:4864:20::1036]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6C991C14F699 for <netconf@ietf.org>; Thu, 27 Jun 2024 06:24:01 -0700 (PDT)
Received: by mail-pj1-x1036.google.com with SMTP id 98e67ed59e1d1-2c825f0b381so4700353a91.1 for <netconf@ietf.org>; Thu, 27 Jun 2024 06:24:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yumaworks.com; s=google; t=1719494640; x=1720099440; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=G5KbURM/1ioMGFtIJ/pxzhy1KSMCSft6capghcmg6XE=; b=GJNvcE5/c/iNxRGhUstQx4IefrkzteYG9eykU096j3si0j53bh8yeLfhJ6mDlwVZD3 PzMrCicU89vGIK8T6EqUwQoMpmfyxBggaz/VK+xqZzxIJYfh97AwygncZawyd2zYaAc/ 3pgcu9KPOGv6HjhgDsb9hU3SkZ+5ZsptXEVfB0nOVyjILEwpwJGE4wtIpapXot5bYJGg AZ7ux1bzeIORI7CPiJB75oTjNTI5MwXj1oFkoPplpGhndrXpiDe1qj2l9tLZH98u8VE2 U5xHq1lo1sGW5OoQqeO6g5CCErLpHuv1XkllWulC4mnuQ/JIhukNwpg2n0EzpKXWJwwT a4qw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1719494640; x=1720099440; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=G5KbURM/1ioMGFtIJ/pxzhy1KSMCSft6capghcmg6XE=; b=RvCKlwGRic4GWcc6DXxs2ZUS36RYpRr4SaBosVPo4x1XBan7K5rQPzG+n/jxElqKiM 40Af9nFITcQaWz7dbJHLA0VWdsrxDuZJRZKKRDZWIitWppyzT65maDvupMoqmwfSa316 8E1atk1EfiSertUZESgtBqQa9G9s2M8Anz2RoM3iRLtZrVMf5kTic8IK26QNy2ir792v ZBJLbZFb6xb5htnRK++hK3ZZzhYmvluBgOEyfTp1NeWuM3QtxF5X9ysFcbUdgLcZwkgl 7wlWsAHHIIsb/cqFngRLeErrO8+kcZ+5UepgYSZqSj6HT4l+i7VjRFo1RecyQtbghvCF 9V1Q==
X-Forwarded-Encrypted: i=1; AJvYcCWSq/Qp8iDFutGL95wZq5DZbPxZfISsB1DgBm1aTj0D/MJ9LUeETQ4uB3Ys2/X+KyoNAVpDLruztDKPJ8XeCFHr
X-Gm-Message-State: AOJu0Ywzoz0YJaaLWEQr5LKtnOWjsgs2h7KpKzF8C88EEiy3REvDDoYL fCJxW8ckDWQ3OohB+Spq0v6ufT/SVOZeAtSwapb2c2N/WTpNrR1dTV3c0r22H4B1QQbfoAGVk2p FtJNKiNv1eZGMK2RaKHWj5XVpont8DQNDU8+gGA==
X-Google-Smtp-Source: AGHT+IFA8v54oQ1YbnYDWf+5PTQx3rU39fTrEw8Hzb8H7Ah0AMQ4uMAX00mLwMYDaqNpWh7QVZwiROZ27iJd+ZxhydY=
X-Received: by 2002:a17:90b:2345:b0:2c2:d6cf:f4d2 with SMTP id 98e67ed59e1d1-2c85051a295mr12500321a91.26.1719494640225; Thu, 27 Jun 2024 06:24:00 -0700 (PDT)
MIME-Version: 1.0
References: <SA1PR08MB721579B2324BCFBF0061BC21FFF32@SA1PR08MB7215.namprd08.prod.outlook.com> <0100019014b5327e-0f40b891-8923-4063-a02c-cce7f2ab7923-000000@email.amazonses.com> <SA1PR08MB72150B89F47272FE8797976CFFD62@SA1PR08MB7215.namprd08.prod.outlook.com> <ec4a89c5d2c5477883172e055959a91a@huawei.com>
In-Reply-To: <ec4a89c5d2c5477883172e055959a91a@huawei.com>
From: Andy Bierman <andy@yumaworks.com>
Date: Thu, 27 Jun 2024 06:23:48 -0700
Message-ID: <CABCOCHQQAfNz_O_v4CUuVaT4a4fayuutQ7kzRQb388jyC-H+6w@mail.gmail.com>
To: "maqiufang (A)" <maqiufang1=40huawei.com@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="000000000000396bec061bdf0b11"
Message-ID-Hash: 6CS47KLZDYAPKECLGWKL2HSMSEEQO5ON
X-Message-ID-Hash: 6CS47KLZDYAPKECLGWKL2HSMSEEQO5ON
X-MailFrom: andy@yumaworks.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-netconf.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "netconf@ietf.org" <netconf@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [netconf] Re: Private candidates -03 and points for discussion
List-Id: NETCONF WG list <netconf.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/6RX-kNsDq7_0_tKTT8ZclMRZbcE>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Owner: <mailto:netconf-owner@ietf.org>
List-Post: <mailto:netconf@ietf.org>
List-Subscribe: <mailto:netconf-join@ietf.org>
List-Unsubscribe: <mailto:netconf-leave@ietf.org>
On Thu, Jun 27, 2024 at 4:58 AM maqiufang (A) <maqiufang1= 40huawei.com@dmarc.ietf.org> wrote: > Hi, James, > > > > 1. Added the YANG models to the draft as requested. This led us to > a procedural question. This draft is meant to operate for NMDA and > non-NMDA capable servers. It is also adding a new base operation (update) > and has some additive changes to other older YANG models. The discussion > here is what the procedure should be for this. All changes are additive > and therefore this fact, coupled with the RFC sections that state that this > draft updates the proceeding RFCs we hope is sufficient here. We did > discuss the option to do augmentation rather than updates but this feels > fairly awkward for clients given the base operation and the additional > datastore identity. The approach we have in the draft (currently) also > follows the suggestion given to another draft last meeting that was also > looking to add new items to a base YANG model. This approach is certainly > common for drafts without embedded YANG models. > > > > I don’t understand the “awkward for clients” comment. I am surprised to > see "ietf-netconf”, “ietf-datastore”, and "ietf-nmda-compare" being > published by this I-D. It seems that augments would work fine. > > > > [Augments do work for most of the changes. The decision to update was > based around providing a consistent approach to all of the operations > making private-candidates feel like part of the base specification. For > example <edit-config><target><candidate/></target></edit-config> becomes > <edit-config><target><private-candidate/></target></edit-config> rather > than <edit-config><target><private-candidate > xmlns=”new_ns”/></target></edit-config>. The same difference would be > created for identity datastores. This is probably something we would like > to have a chair / AD ruling on and we will cover it in our slot in IETF120 > in person as well.] > > My intuition is that it makes more sense to see “ietf-netconf” module > being published by 6241bis, instead of this work; and same for > “ietf-datastore” and “ietf-nmda-compare”. It's already the case that > private-candidate is not covered in the base spec, I am not sure how we > could make it feel like part of the base protocol. The augment way also > seems good enough to me. > > > IMO the ietf-netconf module MUST NOT be republished unless the NETCONF protocol is updated (e.g. base:1.2). The new work augments the existing modules. It will be optional to implement so it does not replace the existing module in any way. Andy > Regarding ietf-netconf, RFC 6241’s only noteworthy “update” is by RFC > 8526 (NMDA for NETCONF) which defines two new operations and “augments” in > the “datastore” parameter into a number of existing RPCs. > > > > Regarding ietf-datastore, note that “identity” statements were used in > part to enable new declarations to occur outside RFC 8342 (NMDA). For > example, this is what the “system-config” draft has: > https://datatracker.ietf.org/doc/html/draft-ietf-netmod-system-config-06#name-yang-module > > > > Can you remind me, what was the other draft last meeting that was also > looking to add new items to a base YANG model? > > > > [I was trying to find the details in the minutes but was unable to. I > recall that it may have been the system datastore update I do recall that > it was Benoit who was discussing it] > > As a co-author of system-config document, I don't recall any discussion > around this point;-) The use of datastore identities in NMDA allows for > future expansion, I am unsure there is a need to revise “ietf-datastores” > module. System datastore definition follows the guidelines for defining > datastores in appendix A of RFC8342, as well as definition of > <factory-default> in RFC 8808 (see > https://datatracker.ietf.org/doc/html/rfc8808#section-4) For NMDA > servers to support private-candidate, I believe this draft should also > follow the similar way. > > Best Regards, > > Qiufang > > 3. Updated the RFC list that this draft updates > > > > One of the RFCs listed is RFC 8526, but the string “8526" isn’t found > anywhere else in the draft... > > > > When “updating” an RFC, it is customary to have a paragraph or section > (called “Updates to RFC XXXX”) in the Introduction that provides details. > For instance, https://datatracker.ietf.org/doc/html/rfc8526 uses > paragraphs while > https://datatracker.ietf.org/doc/html/draft-ietf-netmod-system-config-06#name-introduction uses > sections. > > > > BTW, should this draft also “update" RFC 8342, for the same reasons as the > system-config draft? > > > > [Thanks Kent. Rob is working on some text to cover this.] > > 4. > > 5. Section 4.6.1: Made the ‘what constitutes a conflict’ section > explicit with a minimum set of requirements > > 6. Section 4.6.1: Added scope for servers to add additional > requirements to conflict detection mechanisms beyond the minimum set (which > are mandatory). Transaction ID is explicitly mentioned as one such example > here. > > 7. Section 4.7.2.9: Identified the delete-config operation needed > updating as well so provided a solution for this > > 8. Section 4.7.1.1: Added a statement calling out that the update > operation is atomic and provided a definition > > 9. Section 4.6.1: Explained in more detail how each node is marked > as in conflict which covers the discussed use-case of servers deciding to > call update themselves (without client prompting) > > 10. Added an updated NMDA diagram to visually explain how the solution > fits into NMDA > > 11. Various grammatical enhancements > > > > We look forward to further discussion. > > > > While focusing on the above, I noticed a number of editorial issues. It > would be a significant effort for me to provide a review of at that level > of detail. Hopefully most of these will be addressed automatically in time. > > > > High-level comments: > > > > - I wonder if Section 3 is needed, or perhaps it could reduced to a > paragraph in the Introduction? Generally I don’t think specs should > provide a lot of motivating justification... > > > > [I reviewed it again and this section is IMHO a reasonable size to explain > the problem statement. I would welcome any additional views from the WG] > > > > - Regarding Section 4.4.1, the go-to solution these days is to use YANG > Library. Capabilities are only maintained for legacy clients. FWIW, I > suspect that a NETCONF 2.0 would eliminate the <hello> messages. > > > > [Thanks, we missed detailing this and will add it] > > > > - Regarding Section 4.4.2, given the previous comment, I’m opposed to a > client-sent capability having a significant role. > > > > [The draft aims to keep an approach that works for NMDA and non-NMDA > clients and servers, so that all clients can benefit from the new > functionality if the server supports it. What the above comment boils > down to is whether the WG feels a client should be able to select between > private-candidates and shared-candidates on a session-by-session basis. If > we feel they should (as they can in NMDA by targeting a specific datastore) > then the current approach is probably the right one. If we feel that a > client should not be able to select between private and shared candidates > on a per-session basis, then the alternative is to allow a server to > specifically select a mode (perhaps in config but ‘how’ would be out of > scope for the document) that is present for the lifetime of that choice… > i.e. if a server implements private candidates a non-NMDA client will > always get private-candidates and never be able to target the shared > candidate.] > > > > Regarding Section 4.3, I don’t understand why there is a difference. > Please make the solutions the same so that, e.g., an RC server can be built > on top on an NC server, and vice versa. BTW, why destroy the private > candidate at all, can't each user have their own perpetually? Does it > matter? > > > > [Let me try to address each part of this in turn: > > > > Why is there a difference? It is a natural approach in NETCONF to tie the > candidate to the NETCONF session ID for a few reasons. Firstly, this is > communicated clearly at the start of each session and a session on a router > is tied to it (at least in the implementations I have seen). The NETCONF > spec delineates nicely between the transport layer (e.g. SSH) where the > authentication (and the ties to the user are handled) and the NETCONF > protocol layer. Blending these seemed unnatural. Our understanding (which > comes with a request for RESTCONF expert assistance) is that in RESTCONF > there is no such session ID with which to tie the candidate to, therefore > at the suggestion of the WG we selected the client identity (ie the > RESTCONF username). I note that you say RC can rely on NC. I’m not sure > if this is implementation specific or spec described so any guidance is > welcome. > > > > Why destroy the private-candidate at all? If the private-candidate is > tied to the NETCONF session ID then closing of this session would destroy > this candidate. Leaving it in place would just bloat the memory usage in a > node. This is based of my answer for why we are attaching it to the > session-id rather than the username. In RESTCONF we could choose not to > destroy the private-candidate at all, but this would lead to significant > memory overhead, for example 5000 users would have 5000 copies of running > (as according to the spec a candidate is a full copy, although > implementations may not implement it this way). Another issue is that over > time the probability of a private candidate being out of date is very high, > therefore, any workflow would require a client to do an update immediately > on starting the session in order to get the config back in sync. > > > > Does it matter? To answer this question in both contexts…. Does it matter > that there is a slightly different implementation for NETCONF and > RESTCONF? I don’t think so, they are functionally very similar in the key > parts of the draft. Does it matter whether a candidate is destroyed at > all? Yes, in order to ensure optimal memory management of a node over a > significant period of time (that may have a significant number of users).] > > > > James and Rob > > > Kent // contributor > > > > [Thanks Kent! We hope to have a -04 for the WG to review prior to IETF120] > > > > > > > > *From: *Kent Watsen <kent+ietf@watsen.net> > *Date: *Thursday, 13 June 2024 at 23:05 > *To: *James Cumming (Nokia) <james.cumming@nokia.com> > *Cc: *netconf@ietf.org <netconf@ietf.org> > *Subject: *Re: [netconf] Private candidates -03 and points for discussion > > > > *CAUTION:* This is an external email. Please be very careful when > clicking links or opening attachments. See the URL nok.it/ext for > additional information. > > > > Hi James, > > > > > > On May 30, 2024, at 3:36 PM, James Cumming (Nokia) < > james.cumming=40nokia.com@dmarc.ietf.org> wrote: > > > > Good morning/evening everyone, > > > > The authors/editors of the private candidates draft have just published a > new -03 version of the draft ( > https://datatracker.ietf.org/doc/draft-ietf-netconf-privcand/) which we > believe address the comments from the last (couple of) IETF meetings. > > > > We would like to invite everyone to review the draft and provide any > feedback. > > > > Whilst addressing the points raised, a few other issues were identified > and we have proposed solutions to these in the draft as well. > > > > Here is a summary of the changes in no particular order: > > > > 1. Added Andy Bierman as a contributor > > 2. Section 4.7.2.11.1: Identified that commit-confirmed behaviour > was unclear so provided some detail on how this should work with private > candidates (and confirming that it is supported). We considered how to > deal with confirmed commits that expire their timer or are cancelled. We > also considered whether alternate sessions should be able to cancel them. > > 3. Added the YANG models to the draft as requested. This led us to > a procedural question. This draft is meant to operate for NMDA and > non-NMDA capable servers. It is also adding a new base operation (update) > and has some additive changes to other older YANG models. The discussion > here is what the procedure should be for this. All changes are additive > and therefore this fact, coupled with the RFC sections that state that this > draft updates the proceeding RFCs we hope is sufficient here. We did > discuss the option to do augmentation rather than updates but this feels > fairly awkward for clients given the base operation and the additional > datastore identity. The approach we have in the draft (currently) also > follows the suggestion given to another draft last meeting that was also > looking to add new items to a base YANG model. This approach is certainly > common for drafts without embedded YANG models. > > > > I don’t understand the “awkward for clients” comment. I am surprised to > see "ietf-netconf”, “ietf-datastore”, and "ietf-nmda-compare" being > published by this I-D. It seems that augments would work fine. > > > > Regarding ietf-netconf, RFC 6241’s only noteworthy “update” is by RFC > 8526 (NMDA for NETCONF) which defines two new operations and “augments” in > the “datastore” parameter into a number of existing RPCs. > > > > Regarding ietf-datastore, note that “identity” statements were used in > part to enable new declarations to occur outside RFC 8342 (NMDA). For > example, this is what the “system-config” draft has: > https://datatracker.ietf.org/doc/html/draft-ietf-netmod-system-config-06#name-yang-module > > > > Can you remind me, what was the other draft last meeting that was also > looking to add new items to a base YANG model? > > > > > > 3. > > 4. Updated the RFC list that this draft updates > > > > One of the RFCs listed is RFC 8526, but the string “8526" isn’t found > anywhere else in the draft... > > > > When “updating” an RFC, it is customary to have a paragraph or section > (called “Updates to RFC XXXX”) in the Introduction that provides details. > For instance, https://datatracker.ietf.org/doc/html/rfc8526 uses > paragraphs while > https://datatracker.ietf.org/doc/html/draft-ietf-netmod-system-config-06#name-introduction uses > sections. > > > > BTW, should this draft also “update" RFC 8342, for the same reasons as the > system-config draft? > > > > > > 4. > > 5. Section 4.6.1: Made the ‘what constitutes a conflict’ section > explicit with a minimum set of requirements > > 6. Section 4.6.1: Added scope for servers to add additional > requirements to conflict detection mechanisms beyond the minimum set (which > are mandatory). Transaction ID is explicitly mentioned as one such example > here. > > 7. Section 4.7.2.9: Identified the delete-config operation needed > updating as well so provided a solution for this > > 8. Section 4.7.1.1: Added a statement calling out that the update > operation is atomic and provided a definition > > 9. Section 4.6.1: Explained in more detail how each node is marked > as in conflict which covers the discussed use-case of servers deciding to > call update themselves (without client prompting) > > 10. Added an updated NMDA diagram to visually explain how the solution > fits into NMDA > > 11. Various grammatical enhancements > > > > We look forward to further discussion. > > > > While focusing on the above, I noticed a number of editorial issues. It > would be a significant effort for me to provide a review of at that level > of detail. Hopefully most of these will be addressed automatically in time. > > > > High-level comments: > > > > - I wonder if Section 3 is needed, or perhaps it could reduced to a > paragraph in the Introduction? Generally I don’t think specs should > provide a lot of motivating justification... > > > > - Regarding Section 4.4.1, the go-to solution these days is to use YANG > Library. Capabilities are only maintained for legacy clients. FWIW, I > suspect that a NETCONF 2.0 would eliminate the <hello> messages. > > > > - Regarding Section 4.4.2, given the previous comment, I’m opposed to a > client-sent capability having a significant role. > > > > Regarding Section 4.3, I don’t understand why there is a difference. > Please make the solutions the same so that, e.g., an RC server can be built > on top on an NC server, and vice versa. BTW, why destroy the private > candidate at all, can't each user have their own perpetually? Does it > matter? > > > > > > James and Rob > > > Kent // contributor > > > > > > > _______________________________________________ > netconf mailing list -- netconf@ietf.org > To unsubscribe send an email to netconf-leave@ietf.org >
- [netconf] Private candidates -03 and points for d… James Cumming (Nokia)
- [netconf] Re: Private candidates -03 and points f… Jan Lindblad (jlindbla)
- [netconf] Re: Private candidates -03 and points f… Kent Watsen
- [netconf] Re: Private candidates -03 and points f… James Cumming (Nokia)
- [netconf] Re: Private candidates -03 and points f… Andy Bierman
- [netconf] Re: Private candidates -03 and points f… maqiufang (A)
- [netconf] Re: Private candidates -03 and points f… Andy Bierman
- [netconf] Re: Private candidates -03 and points f… Andy Bierman
- [netconf] Re: Private candidates -03 and points f… James Cumming (Nokia)
- [netconf] Re: Private candidates -03 and points f… James Cumming (Nokia)