Re: [netconf] [yang-doctors] Yangdoctors last call review of draft-ietf-netconf-subscribed-notifications-21

Martin Bjorklund <mbj@tail-f.com> Fri, 25 January 2019 15:29 UTC

Return-Path: <mbj@tail-f.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5D3D130D7A; Fri, 25 Jan 2019 07:29:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lKE3cftGqP18; Fri, 25 Jan 2019 07:29:44 -0800 (PST)
Received: from mail.tail-f.com (mail.tail-f.com [46.21.102.45]) by ietfa.amsl.com (Postfix) with ESMTP id F322D130F12; Fri, 25 Jan 2019 07:29:43 -0800 (PST)
Received: from localhost (h-4-215.A165.priv.bahnhof.se [158.174.4.215]) by mail.tail-f.com (Postfix) with ESMTPSA id 541DE1AE02AC; Fri, 25 Jan 2019 16:29:42 +0100 (CET)
Date: Fri, 25 Jan 2019 16:29:41 +0100 (CET)
Message-Id: <20190125.162941.2222352349671950038.mbj@tail-f.com>
To: evoit@cisco.com
Cc: andy@yumaworks.com, rrahman@cisco.com, alexander.clemm@huawei.com, yang-doctors@ietf.org, netconf@ietf.org, draft-ietf-netconf-subscribed-notifications.all@ietf.org
From: Martin Bjorklund <mbj@tail-f.com>
In-Reply-To: <adb990ccef2e4fa78d2ad7c12323617e@XCH-RTP-013.cisco.com>
References: <83b12adbb7234a84a56ac3ec00bb0673@XCH-RTP-013.cisco.com> <20190125.093938.375156009332209799.mbj@tail-f.com> <adb990ccef2e4fa78d2ad7c12323617e@XCH-RTP-013.cisco.com>
X-Mailer: Mew version 6.7 on Emacs 25.2 / Mule 6.0 (HANACHIRUSATO)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/91mJkQPIEf_A4op93RTxG0zYCIM>
Subject: Re: [netconf] [yang-doctors] Yangdoctors last call review of draft-ietf-netconf-subscribed-notifications-21
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Jan 2019 15:29:53 -0000

"Eric Voit (evoit)" <evoit@cisco.com>; wrote:
> > From: Martin Bjorklund, January 25, 2019 3:40 AM
> > 
> > "Eric Voit (evoit)" <evoit@cisco.com>; wrote:
> > > > "Eric Voit (evoit)" <evoit@cisco.com>; wrote:
> > > > > > "Eric Voit (evoit)" <evoit@cisco.com>; wrote:
> > > > > > > > From: Martin Bjorklund, January 24, 2019 9:40 AM
> > > > > > > >
> > > > > > > > "Eric Voit (evoit)" <evoit@cisco.com>; wrote:
> > > > > > > > > > From: Martin Bjorklund, January 24, 2019 8:17 AM
> > 
> > [...]
> > 
> > > > > > > > > > Thinking some more, what is supposed to happen if the
> > > > > > > > > > client on the same session sends first an
> > > > > > > > > > establish-subscription with dscp 42, and then another
> > > > > > > > > > establish-
> > subscription with dscp 10?
> > > > > > > > >
> > > > > > > > > This would be allowed.
> > > > > > > >
> > > > > > > > On linux at least this is a sockopt, i.e., the option
> > > > > > > > applies to the socket, which means all packets on the
> > > > > > > > session.  So how is this supposed to be implemented if
> > > > > > > > different messages on the session should have different dscp
> > > > > > > > values?
> > > > > > > > Or is the
> > > > > > > > idea that you send the msg, flush all data from ssh/tls to
> > > > > > > > tcp, then flush the tcp buffers (not that easy...)?
> > > > > > > >
> > > > > > > > Even if there's just one establish-subscription with a dscp
> > > > > > > > value, since it applies to the session it means that all
> > > > > > > > normal rpcs on this session will get the same dscp value.
> > > > > > > > It is not clear that this is the intention?
> > > >
> > > > Did you miss these questions?
> > >
> > > With NETCONF, one DSCP will apply to single TCP session.  So there is
> > > no
> > issue.
> > 
> > The problem is if a client sends two establish-subscriptions with
> > different
> > values for dscp on the same session.  Or even if the client sends one
> > establish-
> > subscription with som dscp value, then the dscp will be applied to all
> > packets
> > from other rpcs as well.
> > 
> > ... and even worse, with SSH channels you can have multiple NETCONF
> > session
> > on the same TCP session, which means that the dscp value applies to
> > all
> > packets in all NETCONF sessions sharing the same TCP session.
> > 
> > I don't know what the right thing to do is.  Probably first agree that
> > this is in
> > fact a problem, then maybe simply document this somehow.
> 
> I hadn't thought about multiple NETCONF SSH channels.  I agree
> something to guide developers is needed here.  The easiest fix is to
> recommend not supporting feature "dscp" with NETCONF.  (It shouldn't
> be absolutely prohibited as DSCP related RFC's such as RFC7657 embed
> text like "a single DSCP should be used for all packets in a TCP
> connection".)
> 
> Here is the text I suggest is put into
> draft-ietf-netconf-netconf-event-notifications, Section 5:
> 
> "The feature "dscp" SHOULD NOT be supported over NETCONF.  This will
> avoid the potential for out-of-order packet delivery of the set of all
> traffic within the TCP session."

I think this is a bit too limiting.  For configured subscriptions it
can be perfectly fine, since the server can ensure that there's a
single TCP session to the receiver in this case.  (I know we don't
support configured subscriptions at the moment).

Perhaps we can say in the SN document:

  If a server that supports the "dscp" feature cannot guarantee that
  the only packets sent on an underlying transport session are from
  the subscription, then it should reject the subscription with a
  "dscp-unavailable" error.  This will avoid the potential for
  out-of-order packet delivery of the set of all traffic within the
  TCP session.

I think such text belongs to the SN document, since it may apply to
other transports than just NETCONF.


/martin



> With this text, a RESTCONF publisher can support the feature dscp.
> And if someone attempts to use dscp with a NETCONF subscription to the
> same publisher, the error "dscp-unavailable" can be sent.
> 
> Eric 
> 
> 
> ...
> > /martin
>