[netconf] Re: Private candidates -03 and points for discussion

Kent Watsen <kent+ietf@watsen.net> Fri, 14 June 2024 03:05 UTC

Return-Path: <0100019014b5327e-0f40b891-8923-4063-a02c-cce7f2ab7923-000000@amazonses.watsen.net>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E55EC1CAF3F for <netconf@ietfa.amsl.com>; Thu, 13 Jun 2024 20:05:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.904
X-Spam-Level:
X-Spam-Status: No, score=-1.904 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazonses.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kK-ducr3BAXR for <netconf@ietfa.amsl.com>; Thu, 13 Jun 2024 20:05:39 -0700 (PDT)
Received: from a8-96.smtp-out.amazonses.com (a8-96.smtp-out.amazonses.com [54.240.8.96]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F2454C14F6F0 for <netconf@ietf.org>; Thu, 13 Jun 2024 20:05:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=ug7nbtf4gccmlpwj322ax3p6ow6yfsug; d=amazonses.com; t=1718334337; h=From:Message-Id:Content-Type:Mime-Version:Subject:Date:In-Reply-To:Cc:To:References:Feedback-ID; bh=U/+9AaLMAEl/sz18lAnioqrxnwEoopaQh4GjBHTkGC4=; b=f+wbFEgWrcv9RFkOZ3jN5cr5ptGN20erhCfsTDyXGm9nE03+kpgX3Teb50z8mdbv tWWG1Fctv/Fgl/8c2zLb8LK09Dm2eeWDEfOmoR85MR+YP2ohVhigtoLY8aM7ii4q1GX k/8jwr2ZE96vZcyp1nd6C7+PMJEjXvFy66jIuglY=
From: Kent Watsen <kent+ietf@watsen.net>
Message-ID: <0100019014b5327e-0f40b891-8923-4063-a02c-cce7f2ab7923-000000@email.amazonses.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_5526F7E4-2B2C-4971-9351-FAB144C95C1F"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.400.31\))
Date: Fri, 14 Jun 2024 03:05:37 +0000
In-Reply-To: <SA1PR08MB721579B2324BCFBF0061BC21FFF32@SA1PR08MB7215.namprd08.prod.outlook.com>
To: "James Cumming (Nokia)" <james.cumming=40nokia.com@dmarc.ietf.org>
References: <SA1PR08MB721579B2324BCFBF0061BC21FFF32@SA1PR08MB7215.namprd08.prod.outlook.com>
X-Mailer: Apple Mail (2.3774.400.31)
Feedback-ID: ::1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES
X-SES-Outgoing: 2024.06.14-54.240.8.96
Message-ID-Hash: QJ3N2XOVJPWY66GUJBGCKL47K6S4QPTK
X-Message-ID-Hash: QJ3N2XOVJPWY66GUJBGCKL47K6S4QPTK
X-MailFrom: 0100019014b5327e-0f40b891-8923-4063-a02c-cce7f2ab7923-000000@amazonses.watsen.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-netconf.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "netconf@ietf.org" <netconf@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [netconf] Re: Private candidates -03 and points for discussion
List-Id: NETCONF WG list <netconf.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/7PjvNpQKZI6xD8LNk2rMohypzUo>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Owner: <mailto:netconf-owner@ietf.org>
List-Post: <mailto:netconf@ietf.org>
List-Subscribe: <mailto:netconf-join@ietf.org>
List-Unsubscribe: <mailto:netconf-leave@ietf.org>

Hi James,


> On May 30, 2024, at 3:36 PM, James Cumming (Nokia) <james.cumming=40nokia.com@dmarc.ietf.org> wrote:
> 
> Good morning/evening everyone,
>  
> The authors/editors of the private candidates draft have just published a new -03 version of the draft (https://datatracker.ietf.org/doc/draft-ietf-netconf-privcand/) which we believe address the comments from the last (couple of) IETF meetings.
>  
> We would like to invite everyone to review the draft and provide any feedback.
>  
> Whilst addressing the points raised, a few other issues were identified and we have proposed solutions to these in the draft as well.
>  
> Here is a summary of the changes in no particular order:
>  
> Added Andy Bierman as a contributor
> Section 4.7.2.11.1: Identified that commit-confirmed behaviour was unclear so provided some detail on how this should work with private candidates (and confirming that it is supported).  We considered how to deal with confirmed commits that expire their timer or are cancelled.  We also considered whether alternate sessions should be able to cancel them.
> Added the YANG models to the draft as requested.  This led us to a procedural question.  This draft is meant to operate for NMDA and non-NMDA capable servers.  It is also adding a new base operation (update) and has some additive changes to other older YANG models.  The discussion here is what the procedure should be for this.  All changes are additive and therefore this fact, coupled with the RFC sections that state that this draft updates the proceeding RFCs we hope is sufficient here.  We did discuss the option to do augmentation rather than updates but this feels fairly awkward for clients given the base operation and the additional datastore identity.  The approach we have in the draft (currently) also follows the suggestion given to another draft last meeting that was also looking to add new items to a base YANG model.  This approach is certainly common for drafts without embedded YANG models.

I don’t understand the “awkward for clients” comment.  I am surprised to see "ietf-netconf”, “ietf-datastore”, and "ietf-nmda-compare" being published by this I-D.   It seems that augments would work fine.

Regarding ietf-netconf, RFC 6241’s only noteworthy “update” is by RFC 8526 (NMDA for NETCONF) which defines two new operations and “augments” in the “datastore” parameter into a number of existing RPCs.  

Regarding ietf-datastore, note that “identity” statements were used in part to enable new declarations to occur outside RFC 8342 (NMDA).  For example, this is what the “system-config” draft has: https://datatracker.ietf.org/doc/html/draft-ietf-netmod-system-config-06#name-yang-module

Can you remind me, what was the other draft last meeting that was also looking to add new items to a base YANG model?


> Updated the RFC list that this draft updates

One of the RFCs listed is RFC 8526, but the string “8526" isn’t found anywhere else in the draft...

When “updating” an RFC, it is customary to have a paragraph or section (called “Updates to RFC XXXX”) in the Introduction that provides details.  For instance, https://datatracker.ietf.org/doc/html/rfc8526 uses paragraphs while https://datatracker.ietf.org/doc/html/draft-ietf-netmod-system-config-06#name-introduction uses sections.

BTW, should this draft also “update" RFC 8342, for the same reasons as the system-config draft?


> Section 4.6.1: Made the ‘what constitutes a conflict’ section explicit with a minimum set of requirements
> Section 4.6.1: Added scope for servers to add additional requirements to conflict detection mechanisms beyond the minimum set (which are mandatory).  Transaction ID is explicitly mentioned as one such example here.
> Section 4.7.2.9: Identified the delete-config operation needed updating as well so provided a solution for this
> Section 4.7.1.1: Added a statement calling out that the update operation is atomic and provided a definition
> Section 4.6.1: Explained in more detail how each node is marked as in conflict which covers the discussed use-case of servers deciding to call update themselves (without client prompting)
> Added an updated NMDA diagram to visually explain how the solution fits into NMDA
> Various grammatical enhancements
>  
> We look forward to further discussion.

While focusing on the above, I noticed a number of editorial issues.  It would be a significant effort for me to provide a review of at that level of detail.  Hopefully most of these will be addressed automatically in time.

High-level comments:

- I wonder if Section 3 is needed, or perhaps it could reduced to a paragraph in the Introduction?    Generally I don’t think specs should provide a lot of motivating justification...

- Regarding Section 4.4.1, the go-to solution these days is to use YANG Library.  Capabilities are only maintained for legacy clients.  FWIW, I suspect that a NETCONF 2.0 would eliminate the <hello> messages.  

- Regarding Section 4.4.2, given the previous comment, I’m opposed to a client-sent capability having a significant role.

Regarding Section 4.3, I don’t understand why there is a difference.  Please make the solutions the same so that, e.g., an RC server can be built on top on an NC server, and vice versa.  BTW, why destroy the private candidate at all, can't each user have their own perpetually?  Does it matter?


> James and Rob

Kent // contributor