[netconf] Re: YANG Push (RFC 8641) on-change example
Andy Bierman <andy@yumaworks.com> Thu, 23 May 2024 16:47 UTC
Return-Path: <andy@yumaworks.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED9BCC169423 for <netconf@ietfa.amsl.com>; Thu, 23 May 2024 09:47:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.095
X-Spam-Level:
X-Spam-Status: No, score=-7.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yumaworks.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZmQ-YtC9012k for <netconf@ietfa.amsl.com>; Thu, 23 May 2024 09:47:36 -0700 (PDT)
Received: from mail-pg1-x529.google.com (mail-pg1-x529.google.com [IPv6:2607:f8b0:4864:20::529]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B73DFC14F617 for <netconf@ietf.org>; Thu, 23 May 2024 09:47:36 -0700 (PDT)
Received: by mail-pg1-x529.google.com with SMTP id 41be03b00d2f7-5d3907ff128so2267997a12.3 for <netconf@ietf.org>; Thu, 23 May 2024 09:47:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yumaworks.com; s=google; t=1716482856; x=1717087656; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=4/m44LNo8zAJJbxRrztcHV5Wk/IcZid5hFXpm7PEMFY=; b=nmys8HEIIKv9NS5OS05tFmW9iEfU1Oi4rnJpH6trpYET/dsw7FnJ8SuOQe3BPfGJyj Z/DilTm/iMTfjUfIM0s+AWxPiYBVid60OqQJmJ/9n+n9LWW+pEQfFX+t27OeO0MNQRuW G2Hp64f76oVGUPmhNPiHnVkBUnrcnt7FE5aFp/tCBqBqOpSwnnGsqO0CnkSGmFK58rtI w2F1cIljeNfn2eL/Y+5r86Uf5BPVKSp32ABAijDtoxEhUPhCKgnpA/DX3C41ZO6JPfMP X5onh0h41QysC73yg/C53w2Q0jxgjJi8hyeq0wRQA8WgcIszFYFro7RCICOXys4dZqQz Z+9g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1716482856; x=1717087656; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=4/m44LNo8zAJJbxRrztcHV5Wk/IcZid5hFXpm7PEMFY=; b=tTlCB/9cJzGtJpQ7diFYjtog69muMGUcgPlzmYkeGUaByidh/tVssWy32eD/H+p/+T IYI3efsbvpfguANkjIUgjn81usfWmlcBcFkb2NtOMUI4krLQbX2HwUVx3bPCRSrugiEC 7jJmUQoyafgcdyF8YT2/4kRiB9y9i0O9C5gBrfwYhjxqEYHJrkOm0zQE+eejKgPILXgr dq9ZXtC/f6QQjGhWhW55jXUahJXHuC5O317xpEXTHqBj6eNmZclfA4Xkht88KvIHP1MR wfdKc5GyWof6PgoS15USq4JhKWHYralSHD3Wg0n5P/fJ0QtmKjWWGOG/UUzRW268WUPU UykA==
X-Gm-Message-State: AOJu0YzmXObKq9O4dT0q8QJ6wIM2z8ZcUR4aTKdica/631Nc9EEq3R9w 59O1P684vlHNYnZ2G4b5Ws9p27Lswh1bKqzHsZiejSpauPxgf3LT+7uVFkLE7NmYRxzo+d7+yLf xtM/4CgdETNl3wF3quao1WS/U5aRCigLRasoTJ4jqnfa2isceLWI=
X-Google-Smtp-Source: AGHT+IHkRU9xPl+g+1RDm+MIWvMdoKRVVThXB5wMgdrL4pCGnDxDphXQUK8fnb4xaKH4euvrclt10noE4SUG5YPGW3Y=
X-Received: by 2002:a17:90b:1e53:b0:2bd:9255:4ad4 with SMTP id 98e67ed59e1d1-2bd9f5c0542mr6434950a91.46.1716482855479; Thu, 23 May 2024 09:47:35 -0700 (PDT)
MIME-Version: 1.0
References: <LV8PR11MB8536A7CE5D17C1282D256DBAB5EB2@LV8PR11MB8536.namprd11.prod.outlook.com> <CABCOCHQAQkZrGfKOFoSV7TzKSUbpj_eykvCybi-fdv7DXjwxKQ@mail.gmail.com> <E93E623B-0F78-4856-9CB4-4417EEE7BFC5@cisco.com>
In-Reply-To: <E93E623B-0F78-4856-9CB4-4417EEE7BFC5@cisco.com>
From: Andy Bierman <andy@yumaworks.com>
Date: Thu, 23 May 2024 09:47:24 -0700
Message-ID: <CABCOCHS_gbvz6qeFbi_awN4kYD53uoEAy59cdfzVB1efxfLzUg@mail.gmail.com>
To: "Rob Wilton (rwilton)" <rwilton@cisco.com>
Content-Type: multipart/alternative; boundary="000000000000dd4b02061921cee4"
Message-ID-Hash: UXKQBAWWPXU3IKHGKZYICRMCRPWSNZO6
X-Message-ID-Hash: UXKQBAWWPXU3IKHGKZYICRMCRPWSNZO6
X-MailFrom: andy@yumaworks.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-netconf.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "netconf@ietf.org" <netconf@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [netconf] Re: YANG Push (RFC 8641) on-change example
List-Id: NETCONF WG list <netconf.ietf.org>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Owner: <mailto:netconf-owner@ietf.org>
List-Post: <mailto:netconf@ietf.org>
List-Subscribe: <mailto:netconf-join@ietf.org>
List-Unsubscribe: <mailto:netconf-leave@ietf.org>
On Thu, May 23, 2024 at 7:51 AM Rob Wilton (rwilton) <rwilton@cisco.com> wrote: > Hi Andy, > > Please see inline. > > > On 22 May 2024, at 17:21, Andy Bierman <andy@yumaworks.com> wrote: > > > > On Wed, May 22, 2024 at 3:36 AM Rob Wilton (rwilton) <rwilton= > 40cisco.com@dmarc.ietf.org> wrote: > >> Hi, >> >> >> >> The YANG Push RFC provides the following example for an on-change update. >> >> According to the text accompanying the figure 2 in section 3.7, the >> example is for: >> >> >> “ Figure 1 provides an example of a notification message for a >> >> subscription tracking the operational status of a single Ethernet >> >> interface (per [RFC8343 <https://www.rfc-editor.org/rfc/rfc8343>]). This notification message is encoded XML >> >> [W3C.REC-xml-20081126 <https://www.rfc-editor.org/rfc/rfc8641#ref-W3C.REC-xml-20081126>] over …” >> >> > I agree that a replace on the ancestor node is not correct. > > > Okay. > The example is correct if the operation is changed to "merge" > > > I cannot find any details on the example filter that was provided to set > up this subscription. > > Thanks for bringing up two of the critical problems with YANG Push that > need to get fixed. > > 1) The arbitrarily complex XPath and subtree filtering mechanisms are NOT > interoperable since NO SERVER > actually supports that. A much more restricted filter is actually > supported by the industry, > except restricted differently for every server. > > > Agreed. > > > > A much more useful filter would be based on a subset of instances of a > single object. > > Since multiple subscriptions are allowed, there is no need to pile all > objects into a single filter anyway. > > > I'm not sure on this. I think that it would be helpful to get input from > the operators that are planning on consuming this data to understand what > they want/need here. I.e., putting them into a single subscription may be > beneficial from a resync and sequencing perspective (presuming that there > is no guarantee on sequencing between subscriptions). > > Agreed. The operStatus example is a bit odd since fault monitoring is supposed to be done with an event stream (e.g linkUp/linkDown) It would be good to know if the application wants the the result of the patch or the edit list. If they are just creating a new record to store a data point then examining individual edits is just extra work for them. I cannot find any text that says a patch MUST or SHOULD contain only the minimum set of changed nodes. The server is free to choose whatever edit list they want. This makes it even harder to use for the application. > > > 2) The YANG Patch reporting mechanism is difficult to use and there are no > clear guidelines on how > an on-change update is constructed. Arbitrarily complex edit lists are > not useful to telemetry applications > that just want a new representation of the object subset when it changes > at all. > > > Yes, I basically agree. YANG patch may work okay for the config > datastore, but I think that it is overkill for operational data, where > really the notification is of existence of a value, or non-existence. > > It requires the application to keep the replicated datastore up to date. > > > E.g., a server may accept only container and list objects for the target. > The server may not be able to push a single leaf as the target. (This > example is the RFC is not very good). > > > Yes, also agree. > > > > New example: > > The client monitors /interfaces-state. > The server reports the /interfaces-state/interface child node changes. > > Let's say 10 counters change per interface. > An edit list with 10 replace operations is complex to generate and complex > to use. > Instead, the server reports 1 replace operation on > /interfaces-state/interface[name='foo']. > > > Yes, agreed. But given that it is a patch replace operation, it needs to > include all the data in the subscription under that subtree. > > IMO it is OK for the server to report descendant nodes in the patch. It does not have to replace the target object every time. But change my example to: client monitors /interfaces-state/interface. server returns patches that replace or merge any interface entry. > Maybe there is 1 replace interface per update or maybe multiple interfaces. > The client should expect either case. > The server should never report a replace on /interfaces-state unless every > interface is included. > > IMO the periodic updates (which do not use YANG Patch) are much more > usable by the client. > YANG Push should be changed so the client can request this format for > on-change updates. > > > Maybe. The issue here may be representing deleted data. > deletes have to be reported explicitly or implicitly within a replace. The server can report descendant nodes and not a complete interface every time. Use case: Client wants the same APIs that are provided for a periodic subscription, except just suppress duplicates. Report once every dampening period if anything changed, instead of once every period even if the last update was identical to the new update. > > Certainly, I would like to see if there is a more efficient way of > encoding this data. I also think that providing a complete single message > to resync is probably problematic. It assumes that there is a single > consistent operational datastore, where for some systems this operational > data is highly distributed to the individual daemons and hence you can > never get a consistent very of the operational data, only eventual > consistency. > > But the general sentiment that we should try and improve YANG Push > on-change encoding I definitely agree with. > > Regards, > Rob > > > Andy > > > Andy > > > The example notification is given as: >> >> <notification xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> >> >> <eventTime>2017-10-25T08:22:33.44Z</eventTime> >> >> <push-change-update >> >> xmlns="urn:ietf:params:xml:ns:yang:ietf-yang-push"> >> >> <id>89</id> >> >> <datastore-changes> >> >> <yang-patch> >> >> <patch-id>0</patch-id> >> >> <edit> >> >> <edit-id>edit1</edit-id> >> >> <operation>replace</operation> >> >> <target>/ietf-interfaces:interfaces</target> >> >> <value> >> >> <interfaces >> >> xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"> >> >> <interface> >> >> <name>eth0</name> >> >> <oper-status>down</oper-status> >> >> </interface> >> >> </interfaces> >> >> </value> >> >> </edit> >> >> </yang-patch> >> >> </datastore-changes> >> >> </push-change-update> >> >> </notification> >> >> >> >> But I would expect a receiver to interpret this replace operation as replacing the entire operational state for all interfaces with a single eth0 interface entry reporting just the oper-status as down. Is my interpretation correct? >> >> Instead, I think that the notification target should have identified only the oper-status leaf on the specific interface. I.e., the generated notification should instead be: >> >> <notification xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> >> >> <eventTime>2017-10-25T08:22:33.44Z</eventTime> >> >> <push-change-update >> >> xmlns="urn:ietf:params:xml:ns:yang:ietf-yang-push"> >> >> <id>89</id> >> >> <datastore-changes> >> >> <yang-patch> >> >> <patch-id>0</patch-id> >> >> <edit> >> >> <edit-id>edit1</edit-id> >> >> <operation>replace</operation> >> >> <target>/ietf-interfaces:interfaces/interface=eth0/oper-status</target> >> >> <value> >> >> <oper-status xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces">down</oper-status> >> >> </value> >> >> </edit> >> >> </yang-patch> >> >> </datastore-changes> >> >> </push-change-update> >> >> </notification> >> >> >> If folks agree, then I can file an errata. >> >> Regards, >> Rob >> >> >> _______________________________________________ >> netconf mailing list -- netconf@ietf.org >> To unsubscribe send an email to netconf-leave@ietf.org >> > >
- [netconf] YANG Push (RFC 8641) on-change example Rob Wilton (rwilton)
- [netconf] Re: YANG Push (RFC 8641) on-change exam… Andy Bierman
- [netconf] Re: YANG Push (RFC 8641) on-change exam… Rob Wilton (rwilton)
- [netconf] Re: YANG Push (RFC 8641) on-change exam… Andy Bierman
- [netconf] Re: YANG Push (RFC 8641) on-change exam… Thomas.Graf