Re: [Netconf] [netconf] Comments on draft-ietf-netconf-nmda-netconf-05

Rohit R Ranade <> Wed, 02 May 2018 11:29 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id EFB64126CE8; Wed, 2 May 2018 04:29:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Yb2OEaAf8dHJ; Wed, 2 May 2018 04:29:00 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id B7F4A126B72; Wed, 2 May 2018 04:29:00 -0700 (PDT)
Received: from (unknown []) by Forcepoint Email with ESMTP id 13367140E68D1; Wed, 2 May 2018 12:28:56 +0100 (IST)
Received: from ( by ( with Microsoft SMTP Server (TLS) id 14.3.382.0; Wed, 2 May 2018 12:28:53 +0100
Received: from ([]) by ([]) with mapi id 14.03.0361.001; Wed, 2 May 2018 19:28:42 +0800
From: Rohit R Ranade <>
To: Juergen Schoenwaelder <>
CC: "" <>, "" <>
Thread-Topic: [Netconf] [netconf] Comments on draft-ietf-netconf-nmda-netconf-05
Thread-Index: AQHT3IIfwgC8BOYcKUCUv6tR3C0KuqQcVJCg
Date: Wed, 02 May 2018 11:28:42 +0000
Message-ID: <>
References: <> <20180425104222.2asz5wiuierdumr4@elstar.local>
In-Reply-To: <20180425104222.2asz5wiuierdumr4@elstar.local>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <>
Subject: Re: [Netconf] [netconf] Comments on draft-ietf-netconf-nmda-netconf-05
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Network Configuration WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 02 May 2018 11:29:03 -0000

Hi Juergen,

Some thoughts in-lined.

With Regards,
Rohit R Ranade

-----Original Message-----
From: Juergen Schoenwaelder [] 
Sent: 25 April 2018 16:12
To: Rohit R Ranade <>
Subject: Re: [Netconf] [netconf] Comments on draft-ietf-netconf-nmda-netconf-05

On Wed, Apr 25, 2018 at 04:22:24AM +0000, Rohit R Ranade wrote:
> Hi All,
> I plan to implement this draft and hence had some implementation related clarifications.
> 1.       I feel that there should be more text added about "origin" filtering mechanism. I am not clear about some aspects of origin filtering.
> RFC 8342 : NMDA RFC provides the below example
> <interfaces xmlns:or="urn:ietf:params:xml:ns:yang:ietf-origin"
>                  or:origin="or:intended">
>        <interface>
>          <name>lo0</name>
>          <description>loopback</description>
>          <ip-address or:origin="or:system"></ip-address>
>          <ip-address>::1</ip-address>
>        </interface>
>      </interfaces>
> If user provides <origin-filter> as "system" ONLY, then he will NOT get this record in output. Because the keys have originated from "intended" . Right ?
> So, If user wants to get the system originated data, he MUST give all the origins in the <origin-filter> where the keys of the system data have originated from. Can you please confirm whether this is OK.

I would expect that <origin-filter>or:system</origin-filter> would select the ip-address tagged with or:origin="or:system" and that the system would return any necessary container or list elements and the necessary key elements (since otherwise the value returned is just useless). So the result would be:

      <interfaces xmlns:or="urn:ietf:params:xml:ns:yang:ietf-origin"
          <ip-address or:origin="or:system"></ip-address>

[Rohit R Ranade] While this looks OK for the origin filter, for the negated-origin-filter, for the same example given above, if <negated-origin-filter> or:intended<negated-origin-filter> is given, then it will give the "system" related nodes even if it encountered the "intended" node first, which the user definitely dint want included in the output ? Can you please confirm whether this is OK.
   Can you please clarify whether the negated filter has higher priority than the selected filter ?

> Another example given in RFC 8342 is as below:
>      <interfaces xmlns:or="urn:ietf:params:xml:ns:yang:ietf-origin"
>                  or:origin="or:intended">
>        <interface or:origin="or:system">
>          <name>lo0</name>
>          <ip-address></ip-address>
>          <ip-address>::1</ip-address>
>        </interface>
>      </interfaces>
> ?  Here keys are originated from "system", but it is under container of "intended". So if user gives "system" for "origin-filter", the output will still NOT have this instance output ?

We allow origin values on containers or lists in order to inherit them, i.e., to achieve a more compact encoding. Anyway, if a leaf node matches, then I think any encompassing containers and list should be included in the result so that the matching leaf can be reported. So you would return

      <interfaces xmlns:or="urn:ietf:params:xml:ns:yang:ietf-origin"
        <interface or:origin="or:system">

instead of not returning anything at all.

> ?  Also the container is not defined as "presence" in C.3.  Interface Example, but still it has origin whether that is Ok ?

Why not?
[Rohit R Ranade] RFC 8342 Section 5.3.4
" The origin applies to all configuration nodes except non-presence containers.  "


Juergen Schoenwaelder           Jacobs University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
Fax:   +49 421 200 3103         <>