Re: [netconf] overview of updates and current issues
Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> Tue, 23 April 2019 07:52 UTC
Return-Path: <j.schoenwaelder@jacobs-university.de>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE218120091 for <netconf@ietfa.amsl.com>; Tue, 23 Apr 2019 00:52:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LcOVYQ8ZV2kQ for <netconf@ietfa.amsl.com>; Tue, 23 Apr 2019 00:52:25 -0700 (PDT)
Received: from atlas5.jacobs-university.de (atlas5.jacobs-university.de [212.201.44.20]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 73C82120072 for <netconf@ietf.org>; Tue, 23 Apr 2019 00:52:25 -0700 (PDT)
Received: from localhost (demetrius5.irc-it.jacobs-university.de [10.70.0.222]) by atlas5.jacobs-university.de (Postfix) with ESMTP id 59A306A0; Tue, 23 Apr 2019 09:52:23 +0200 (CEST)
X-Virus-Scanned: amavisd-new at jacobs-university.de
Received: from atlas5.jacobs-university.de ([10.70.0.217]) by localhost (demetrius5.jacobs-university.de [10.70.0.222]) (amavisd-new, port 10032) with ESMTP id VXklE02NytOj; Tue, 23 Apr 2019 09:52:23 +0200 (CEST)
Received: from hermes.jacobs-university.de (hermes.jacobs-university.de [212.201.44.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hermes.jacobs-university.de", Issuer "Jacobs University CA - G01" (verified OK)) by atlas5.jacobs-university.de (Postfix) with ESMTPS; Tue, 23 Apr 2019 09:52:23 +0200 (CEST)
Received: from localhost (demetrius5.irc-it.jacobs-university.de [10.70.0.222]) by hermes.jacobs-university.de (Postfix) with ESMTP id 430F9200CC; Tue, 23 Apr 2019 09:52:23 +0200 (CEST)
X-Virus-Scanned: amavisd-new at jacobs-university.de
Received: from hermes.jacobs-university.de ([212.201.44.23]) by localhost (demetrius5.jacobs-university.de [10.70.0.222]) (amavisd-new, port 10028) with ESMTP id cJWgdb5_XRuY; Tue, 23 Apr 2019 09:52:22 +0200 (CEST)
Received: from exchange.jacobs-university.de (sxchmb04.jacobs.jacobs-university.de [10.70.0.156]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "exchange.jacobs-university.de", Issuer "DFN-Verein Global Issuing CA" (verified OK)) by hermes.jacobs-university.de (Postfix) with ESMTPS id BF292200CD; Tue, 23 Apr 2019 09:52:22 +0200 (CEST)
Received: from anna.localdomain (10.50.218.117) by sxchmb03.jacobs.jacobs-university.de (10.70.0.155) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.1713.5; Tue, 23 Apr 2019 09:52:22 +0200
Received: by anna.localdomain (Postfix, from userid 501) id D399C30086F030; Tue, 23 Apr 2019 09:52:21 +0200 (CEST)
Date: Tue, 23 Apr 2019 09:52:21 +0200
From: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
To: Kent Watsen <kent+ietf@watsen.net>
CC: "netconf@ietf.org" <netconf@ietf.org>
Message-ID: <20190423075221.5qx7fowjebxfxoy4@anna.jacobs.jacobs-university.de>
Reply-To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
Mail-Followup-To: Kent Watsen <kent+ietf@watsen.net>, "netconf@ietf.org" <netconf@ietf.org>
References: <01000169fa45ea88-505cd325-94b7-4d48-a529-448a9905f534-000000@email.amazonses.com> <20190408154613.ytibxwvjurfcwinp@anna.jacobs.jacobs-university.de> <0100016a22d1b6e2-73101afa-6a8a-44b0-9295-1af1595008ce-000000@email.amazonses.com> <20190415213448.krsi3ma3fds2u4hh@anna.jacobs.jacobs-university.de> <0100016a2852d457-32f463a6-60b8-474c-b976-4476f174d94d-000000@email.amazonses.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <0100016a2852d457-32f463a6-60b8-474c-b976-4476f174d94d-000000@email.amazonses.com>
User-Agent: NeoMutt/20180716
X-ClientProxiedBy: SXCHMB04.jacobs.jacobs-university.de (10.70.0.156) To sxchmb03.jacobs.jacobs-university.de (10.70.0.155)
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/7MHRO7iwPGFXaUHPrQaYsr8G6oc>
Subject: Re: [netconf] overview of updates and current issues
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Apr 2019 07:52:29 -0000
On Tue, Apr 16, 2019 at 10:44:38PM +0000, Kent Watsen wrote: > > > > On Apr 15, 2019, at 5:34 PM, Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> wrote: > > > > Inline... > > > > On Mon, Apr 15, 2019 at 09:05:30PM +0000, Kent Watsen wrote: > >> > >>>> Current Issues: > >>>> > >>>> 1. Regarding the "demux containers": > >>>> > >>>> Pros: > >>>> - now the NC/RC models look better > >>>> - a convenient place to have a nacm:default-deny-write > >>>> > >>>> Cons: > >>>> - seems overbearing for general use > >>>> > >>>> Question: > >>>> > >>>> Would it be better to revert and instead wrap each "uses" > >>>> statement in the NC/RC models with a container? > >>>> > >>>> Pros: maximum flexibility > >>>> Cons: less consistency? > >>> > >>> What exactly are the demux containers? You mean the > >>> <tcp-client-parameters> and <tls-client-parameters> containers? > >> > >> Yes. This is what what meant by: > >> > >> "Added a top-level "demux container" inside the top-level grouping. > >> By "demux", I'm referring to the namespace problem discussed @104." > >> > >> about 10 lines above. > >> > >> > >> > >>> I have no strong opinion, they may be ok although things get a bit more verbose. > >> > >> On the "Cons" side, I'm calling the containers "<protocol>-<client/server>-parameters". I question is if this is a good name in all contexts. By removing the "demux container", it lets the consumer decide what to call it. This brings us to the "less consistency?" comment; of course there would be little consistency but, do we care? > >> > >> Regarding "a convenient place to have a nacm:default-deny-write", I don't see anywhere in RFC 8341 that nacm:default-deny-write can't be used in a grouping, but it will impact the parent... If the parent has other descendents besides from the grouping, those descendents would likely be impacted too, right? Do we care? If we put nacm:default-deny-write under the grouping statement, then I think that it subtly enforces consumers to create their own wrapper containers (as opposed to mixing the descendents in with other nodes). Alternately, we could float the "if-feature" statement down to each descendent of the grouping. Not ideal, but works...? > >> > > > > Perhaps instead of being tricky (subtly enforcing consumers to create > > their own wrapper), why not move the nacm:default-deny-write to the > > leafs? This seems less subtle and more robust. > > Right, this was my last sentence: "Alternately, we could float the "if-feature" statement down to each descendent of the grouping.". > > Okay, so it's technically possible (the nacm extension), but I feel that we're still open on if the "demux containers" should be kept or discarded. > > I'm personally leaning towards "discard", but I don't want to make the change until we have a solid decision. I think we should discard the "demux containers" to give data model writers the freedom to have them or not. > > One thing that comes to mind is whether a new callhome attempt should > > be made in situations where the previous callhome is still alive. Do > > we want to say something about this or not? > > If that happens, then something is wrong. Either the previous attempt is "hung" (but I think there is an "idle-timeout" to catch such cases, maybe only for NC though), or it is legitimately still busy (in which case it MAY be an indication that the frequency is set too high but, in either case, it seems that a second connection wouldn't be desired). There is currently no text stating what to do in this case. It seems like such text might go into the same description statements discussed above: > > "Periodically connect to the <protocol> <peer>. The > <protocol> client SHOULD close the underlying TCP > connection upon completing planned activities. > > In the case that the pervious connection is still active, > establishing a new connection is NOT RECOMMENDED. Sounds good, this provides a hint that implementers need to track and limit call home connections. /js -- Juergen Schoenwaelder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany Fax: +49 421 200 3103 <https://www.jacobs-university.de/>
- [netconf] overview of updates and current issues Kent Watsen
- Re: [netconf] overview of updates and current iss… Juergen Schoenwaelder
- Re: [netconf] overview of updates and current iss… Kent Watsen
- Re: [netconf] overview of updates and current iss… Juergen Schoenwaelder
- Re: [netconf] overview of updates and current iss… Kent Watsen
- Re: [netconf] overview of updates and current iss… Juergen Schoenwaelder
- Re: [netconf] overview of updates and current iss… Rob Wilton (rwilton)