IETF Logo Mail Archive

Re: [netconf] RFC 6241 Ambiguity

Kent Watsen <kent@watsen.net> Tue, 11 June 2019 20:17 UTC

Return-Path: <0100016b482fc5f4-caf4b52b-416a-438f-9c47-68df526fb9b7-000000@amazonses.watsen.net>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A31E1120059 for <netconf@ietfa.amsl.com>; Tue, 11 Jun 2019 13:17:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazonses.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WQYha-KCZOk4 for <netconf@ietfa.amsl.com>; Tue, 11 Jun 2019 13:17:00 -0700 (PDT)
Received: from a8-83.smtp-out.amazonses.com (a8-83.smtp-out.amazonses.com [54.240.8.83]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4C51B12003F for <netconf@ietf.org>; Tue, 11 Jun 2019 13:17:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=6gbrjpgwjskckoa6a5zn6fwqkn67xbtw; d=amazonses.com; t=1560284219; h=From:Message-Id:Content-Type:Mime-Version:Subject:Date:In-Reply-To:Cc:To:References:Feedback-ID; bh=LxIRH970HJTSU5Rh7Yl9g4jnAAeYicSxeF013nhR6i0=; b=VrOnOP1ExAneNzgU/g7f9Y1G+BAuKmjUfUaVRSw9KCikWo4WOOmdN1I+rQQM3TOH 467SKWch1M8+VttGPxiRIgAYsLb2vL9oA1uH0AMSGGAXL4EvnVxG5ZwUPEVLZ7EplON ubZD0vwVGsOJnlbCqmHzGikty3Zxyte/ZUqwzwag=
From: Kent Watsen <kent@watsen.net>
Message-ID: <0100016b482fc5f4-caf4b52b-416a-438f-9c47-68df526fb9b7-000000@email.amazonses.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_8ABEDB01-3D9F-42AD-8014-1DA4F308A118"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Tue, 11 Jun 2019 20:16:58 +0000
In-Reply-To: <CABCOCHTH8Ge6Yk3KdaX-sTmcs_Cx-1U4CEvL8Mt-oLFXUQUCug@mail.gmail.com>
Cc: Mahesh Jethanandani <mjethanandani@gmail.com>, "netconf@ietf.org" <netconf@ietf.org>
To: Andy Bierman <andy@yumaworks.com>
References: <em35e87021-fa76-4888-a383-8b34e960175f@morpheus> <0100016aa75956af-70018fb1-15f8-4394-8ffd-4f4d5b2d7b3f-000000@email.amazonses.com> <CABCOCHScSp8AEjcgSd7tX-Va45y51CxK-b_hO4nd3SzW9rTUKA@mail.gmail.com> <eme2e51d99-6140-4142-b89f-db5e4c6e2a88@morpheus> <0100016ab7a9af7e-cd7f776e-79e1-42a4-9c5d-d04aed0d8fa1-000000@email.amazonses.com> <emdf557a96-2926-4d87-83f9-2f8216ed652e@morpheus> <76ED75C8-AA1A-4A03-A382-0DE834C914A1@gmail.com> <0100016abd77bfe3-88ae515a-d7f9-41c7-b627-9c51bdf16213-000000@email.amazonses.com> <CABCOCHQ-SWFCzs-FzhLe=-n+j+-AEknTuv-nKJ4etFm0srig5w@mail.gmail.com> <884391D0-3F53-4F3D-BFB0-DD333D09507C@gmail.com> <CABCOCHTLzW+2mkau0KHSbprw0e7PjNFO6SZoPyXUzkKm7gsyow@mail.gmail.com> <00d101d51216$f807d120$e8177360$@hansfords.net> <E954A8E5-B241-4655-BF04-F987EC2870C2@gmail.com> <CABCOCHRKSjEFfRvdQWZEnqMQVQd_hNdrK2r4KByiaTbb8FL3aA@mail.gmail.com> <3B2E5975-26B3-4310-B718-9D8D3F0B0DDA@gmail.com> <CABCOCHTH8Ge6Yk3KdaX-sTmcs_Cx-1U4CEvL8Mt-oLFXUQUCug@mail.gmail.com>
X-Mailer: Apple Mail (2.3445.104.11)
X-SES-Outgoing: 2019.06.11-54.240.8.83
Feedback-ID: 1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/FANJvAZOa43oZO1M7hLJjFzuIGk>
Subject: Re: [netconf] RFC 6241 Ambiguity
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Jun 2019 20:17:04 -0000

Hi Andy,

So, by exclusion, is it fair to say that you support the NEW 7.8 and 7.9 text?

As for the 8.4.1 text, do you agree that there is a disconnect between what's in 8.4.1 and the description for the 'persist' leaf (e.g., current text says "the only way to abort a persistent confirmed commit is to let the timer expire, or to use the <cancel-commit> operation.").  If so, then a clarifying statement is needed, the only question is what it is. The choices are:

  a)  'persist' MUST span reboots.
  b)  'persist' MUST NOT span reboots.
  c) ' it is an implementation decision as to if 'persist' spans reboots.

Personally, I'm okay with any of these as it seems the primary benefit for 'persist' is still reaped (i.e., to survive a client-disconnect that may occur due to the config being committed) and given that most devices do not need to reboot in order to commit a configuration.  

That said, some (IoT?) devices may need to reboot in order to apply any configuration.  If this ability does not support such devices, then they would never be able to support 'commit confirmed' (with or without 'persist') and hence may become bricks in some scenarios.  Do we care?

Kent  // contributor



> On Jun 4, 2019, at 4:16 PM, Andy Bierman <andy@yumaworks.com> wrote:
> 
> Hi,
> 
> I prefer to leave the old text in 8.4.1 alone and not change it
> I don't agree there is any text to support this significant change in server behavior.
> An Errata should not make existing implementations non-compliant.
> I don't see any text that indicates the original intent was to make a confirmed commit
> survive a reboot. 
> 
> If a <persist> parameter is provided by the client session, and then that client session
> terminates, there is no way for a superuser (or any user) to invoke the <cancel-commit>
> operation.  The only remedy is to wait for the timeout or reboot the device.
> If the timeout is long or unknown) then waiting it out may not be a good option.
> 
> With the new text, rebooting the device does not clear this situation
> 
> 
> Andy
> 
> 
> On Tue, Jun 4, 2019 at 12:48 PM Mahesh Jethanandani <mjethanandani@gmail.com <mailto:mjethanandani@gmail.com>> wrote:
> Hi Andy,
> 
> Please provide alternative text in the form of OLD/NEW, if you do not agree with what is being proposed.
> 
> Thanks
> 
>> On Jun 3, 2019, at 8:24 AM, Andy Bierman <andy@yumaworks.com <mailto:andy@yumaworks.com>> wrote:
>> 
>> 
>> 
>> On Fri, May 31, 2019 at 3:19 PM Mahesh Jethanandani <mjethanandani@gmail.com <mailto:mjethanandani@gmail.com>> wrote:
>> 
>> 
>> Several attempts have been made to clarify the role of confirmed commit in RFC 6241 vis-a-vis Section 7.8 <close-session> and Section 7.9 <kill-session>, and the text in Section 8.4 Confirmed Commit Capability.
>> 
>> We, (the chairs) believe that the best way to resolve issues with the current set of erratum that already exist or are being proposed is to minimize re-explaining the role of confirmed commit in both Section 7.8 and 7.9 and defer the explanation to Section 8.4 of the RFC. With that in mind, we are proposing that Section 7.8 and 7.9 should ultimately look as follows. Note, the highlights in all the sections are to enable identifying the changes.
>> 
>>  
>> OLD (as in original RFC 6241)
>> 
>> 7.8 <https://tools.ietf.org/html/rfc6241#section-7.8>.  <close-session>
>> 
>>    Description:  Request graceful termination of a NETCONF session.
>> 
>>       When a NETCONF server receives a <close-session> request, it will
>>       gracefully close the session.  The server will release any locks
>>       and resources associated with the session and gracefully close any
>>       associated connections.  Any NETCONF requests received after a
>>       <close-session> request will be ignored.
>> 
>>    Positive Response:  If the device was able to satisfy the request, an
>>       <rpc-reply> is sent that includes an <ok> element.
>> 
>>    Negative Response:  An <rpc-error> element is included in the
>>       <rpc-reply> if the request cannot be completed for any reason.
>> 
>>    Example:
>> 
>>      <rpc message-id="101"
>>           xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
>>        <close-session/>
>>      </rpc>
>> 
>>      <rpc-reply message-id="101"
>>           xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
>>        <ok/>
>>      </rpc-reply>
>> 
>> NEW
>> 
>> 7.8 <https://tools.ietf.org/html/rfc6241#section-7.8>.  <close-session>
>> 
>>    Description:  Request graceful termination of a NETCONF session.
>> 
>>       When a NETCONF server receives a <close-session> request, it will
>>       gracefully close the session.  The server will release any locks
>>       and resources associated with the session and gracefully close any
>>       associated connections.  Any NETCONF requests received after a
>>       <close-session> request will be ignored.
>> 
>>       For details on what happens if a NETCONF server receives a 
>>       <close-session> request while processing a confirmed commit,
>>       please refer to Section 8.4 <https://tools.ietf.org/html/rfc6241#section-8.4>.
>> 
>>    Positive Response:  If the device was able to satisfy the request, an
>>       <rpc-reply> is sent that includes an <ok> element.
>> 
>>    Negative Response:  An <rpc-error> element is included in the
>>       <rpc-reply> if the request cannot be completed for any reason.
>> 
>>    Example:
>> 
>>      <rpc message-id="101"
>>           xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
>>        <close-session/>
>>      </rpc>
>> 
>>      <rpc-reply message-id="101"
>>           xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
>>        <ok/>
>>      </rpc-reply>
>> 
>> OLD (as in original RFC 6241).
>> 
>> 7.9 <https://tools.ietf.org/html/rfc6241#section-7.9>.  <kill-session>
>> 
>>    Description:  Force the termination of a NETCONF session.
>> 
>>       When a NETCONF entity receives a <kill-session> request for an
>>       open session, it will abort any operations currently in process,
>>       release any locks and resources associated with the session, and
>>       close any associated connections.
>> 
>>       If a NETCONF server receives a <kill-session> request while
>>       processing a confirmed commit (Section 8.4 <https://tools.ietf.org/html/rfc6241#section-8.4>), it MUST restore the
>>       configuration to its state before the confirmed commit was issued.
>> 
>>       Otherwise, the <kill-session> operation does not roll back
>>       configuration or other device state modifications made by the
>>       entity holding the lock.
>> 
>>    Parameters:
>> 
>>       session-id:  Session identifier of the NETCONF session to be
>>          terminated.  If this value is equal to the current session ID,
>>          an "invalid-value" error is returned.
>> 
>>    Positive Response:  If the device was able to satisfy the request, an
>>       <rpc-reply> is sent that includes an <ok> element.
>> 
>>    Negative Response:  An <rpc-error> element is included in the
>>       <rpc-reply> if the request cannot be completed for any reason.
>> 
>> 
>>    Example:
>> 
>>      <rpc message-id="101"
>>           xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
>>        <kill-session>
>>          <session-id>4</session-id>
>>        </kill-session>
>>      </rpc>
>> 
>>      <rpc-reply message-id="101"
>>           xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
>>        <ok/>
>>      </rpc-reply>
>> 
>> NEW
>> 
>> 7.9 <https://tools.ietf.org/html/rfc6241#section-7.9>.  <kill-session>
>> 
>>    Description:  Force the termination of a NETCONF session.
>> 
>>       When a NETCONF entity receives a <kill-session> request for an
>>       open session, it will abort any operations currently in process,
>>       release any locks and resources associated with the session, and
>>       close any associated connections.
>> 
>>       For details on what happens if a NETCONF server receives a 
>>       <kill-session> request while processing a confirmed commit,
>>       please refer to Section 8.4 <https://tools.ietf.org/html/rfc6241#section-8.4>.
>> 
>>       Otherwise, the <kill-session> operation does not roll back
>>       configuration or other device state modifications made by the
>>       entity holding the lock.
>> 
>>    Parameters:
>> 
>>       session-id:  Session identifier of the NETCONF session to be
>>          terminated.  If this value is equal to the current session ID,
>>          an "invalid-value" error is returned.
>> 
>>    Positive Response:  If the device was able to satisfy the request, an
>>       <rpc-reply> is sent that includes an <ok> element.
>> 
>>    Negative Response:  An <rpc-error> element is included in the
>>       <rpc-reply> if the request cannot be completed for any reason.
>> 
>> 
>>    Example:
>> 
>>      <rpc message-id="101"
>>           xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
>>        <kill-session>
>>          <session-id>4</session-id>
>>        </kill-session>
>>      </rpc>
>> 
>>      <rpc-reply message-id="101"
>>           xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
>>        <ok/>
>>      </rpc-reply>
>> 
>> 
>> In addition, the following paragraph in Section 8.4.1 would be modified.
>> 
>> OLD:
>> 
>>    If the device reboots for any reason before the confirm timeout
>>    expires, the server MUST restore the configuration to its state
>>    before the confirmed commit was issued.
>> 
>> 
>> NEW:
>> 
>>    If the device reboots for any reason before the confirm timeout
>>    expires, the server MUST restore the configuration to its state
>>    before the confirmed commit was issued, unless the confirmed commit 
>>    also included a <persist> element.
>> 
>> 
>> 
>> I do not agree at all that the original text says or implies that a server MUST support 
>> continuation of a confirmed commit across a reboot. 
>> Is that what this new text is meant to convey?
>> 
>> The new text could mean that if <persist> was provided that the server MAY or SHOULD restore the configuration
>> and terminate the confirmed commit procedure.
>> 
>> (There is text in multiple places that assumes the reader knows that restoring the configuration
>> also terminates the CC)
>> 
>> 
>> Current Erratums for RFC 6241 will be adjusted to accommodate these changes.
>> 
>> Mahesh & Kent (co-chairs)
>> 
>> 
>> 
>> 
>> Andy
>>  
>> _______________________________________________
>> netconf mailing list
>> netconf@ietf.org <mailto:netconf@ietf.org>
>> https://www.ietf.org/mailman/listinfo/netconf <https://www.ietf.org/mailman/listinfo/netconf>
> Mahesh Jethanandani
> mjethanandani@gmail.com <mailto:mjethanandani@gmail.com>
> 
> 
> 
> _______________________________________________
> netconf mailing list
> netconf@ietf.org
> https://www.ietf.org/mailman/listinfo/netconf

v2.23.0 | Report a Bug | By Email