Re: [netconf] Regarding RFC 6243 "With-defaults Capability for NETCONF" … the devil is in the defaults
"Jason Sterne (Nokia)" <jason.sterne@nokia.com> Mon, 17 April 2023 22:57 UTC
Return-Path: <jason.sterne@nokia.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 370FBC151B3F for <netconf@ietfa.amsl.com>; Mon, 17 Apr 2023 15:57:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.094
X-Spam-Level:
X-Spam-Status: No, score=-2.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nokia.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yFs5wUO2n8sW for <netconf@ietfa.amsl.com>; Mon, 17 Apr 2023 15:56:56 -0700 (PDT)
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2072a.outbound.protection.outlook.com [IPv6:2a01:111:f400:7eaa::72a]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8F52DC13737E for <netconf@ietf.org>; Mon, 17 Apr 2023 15:56:56 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LHQvIps8z8kxm7FfHpgpgvKnMmFh7b8xkb36hW8X15v4xjdpLdkeUCEOD9wlnkecBVn5aRoePP/+KmP/Vy3fguIB8v7hS7PHvsgDjg14sRGfED2/Xluc/pyZv8R5+GmCdNKSA6qpXruxuTTF+z5e2+pJBTh43GjtGi7VDxZgQmMfPtTQcwJfgU9WzLPSo6Ud0LC5jHPwJJ4tD21UHBx88UdexCXAAA8wZ9S9f466oqG/6YHjiviEr2RIjZrR4e26emoZkt948PedzLk3vYblOpT+X+n41s74p8Z4USw/tht5IoqanFPWHcO63sp64NTrQqv+/GR5mu/NfpfGpuv7gg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=JQvmpfTIDX7TGVJzSkqMmfaKSttHNawZUZFOohUB+bs=; b=OMs2ZgfDR8AXevqi2NTaKIGsH3CMnFv8BJobA2VnXY8pLsW4gZWtqBbyII/D/Vf+uGnacQrzgKFJUGWLabov4seVUvCjE44EFxGlueO0gnRcFvu1pDTAhet5TlwzXpDQran/zNjOeNLTsXhFia+M8i2/4bHBtW3WmeqvpPVy3+t2+iJtf8wSQOdyAfP6YXljVY48KEzpVej2FNRM5fQgeVfTtWxheR1DxL+y3xcK5msHy2Hx3Hjpn10zMjH/2RuUtGe3oocJkaknGiH2FcNdgQITFHDrVMeYUpbOUWzFB2Bv3X/c4SqKQ4pfMwUNtoIIdOwGPREHuRqZVoov++jL/A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nokia.com; dmarc=pass action=none header.from=nokia.com; dkim=pass header.d=nokia.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JQvmpfTIDX7TGVJzSkqMmfaKSttHNawZUZFOohUB+bs=; b=UNRVX/+MZg2crx4mGAQMQkNbcMe0//7NWP96J9RJO4Xro78DRoQ2XNexYIP8FXaqz9CCp9laqMVHnHBKEqQwc1u/1fv3wvdB697LGGvoU0bEMTd+cPfo52HxyeJOsqMwZYUiqNwg4DEZp7ewfmyISAFME8nYaZWIglt/znWUv0bzmG9gkZlJatMfEq4QyGqQSfFNKaapUNoDiIPP6qrMs6QBrujzoI4yQM7kVcLS8w6bgQ0C9DoSRDhXcOI9PmBmSXeBHoFPwr8qxPA2vv1rYVwUpFeUWFTwbOzpJejTt3u3RJ/PH2aKrxZUMMOYAMf2L4VhSZWpkUq/B0ESK6LyCw==
Received: from DM6PR08MB5084.namprd08.prod.outlook.com (2603:10b6:5:41::29) by BY5PR08MB6263.namprd08.prod.outlook.com (2603:10b6:a03:1e7::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6298.45; Mon, 17 Apr 2023 22:56:51 +0000
Received: from DM6PR08MB5084.namprd08.prod.outlook.com ([fe80::fdc7:4c5d:ac63:2997]) by DM6PR08MB5084.namprd08.prod.outlook.com ([fe80::fdc7:4c5d:ac63:2997%4]) with mapi id 15.20.6298.045; Mon, 17 Apr 2023 22:56:51 +0000
From: "Jason Sterne (Nokia)" <jason.sterne@nokia.com>
To: Andy Bierman <andy@yumaworks.com>, "dylan.sadoun@orange.com" <dylan.sadoun@orange.com>
CC: "draft-ietf-netconf-with-defaults@ietf.org" <draft-ietf-netconf-with-defaults@ietf.org>, "netconf@ietf.org" <netconf@ietf.org>
Thread-Topic: [netconf] Regarding RFC 6243 "With-defaults Capability for NETCONF" … the devil is in the defaults
Thread-Index: AQHZbuLzFKJwymIgcUyLrqA9Qy7ndq8wIbAw
Date: Mon, 17 Apr 2023 22:56:51 +0000
Message-ID: <DM6PR08MB5084B3521373CA39ED8600979B9C9@DM6PR08MB5084.namprd08.prod.outlook.com>
References: <GV2PR02MB9637C58B7EE4FEDBFABC3F7CF7999@GV2PR02MB9637.eurprd02.prod.outlook.com> <CABCOCHTsAJTCoB8ejhw6fN6dD3eVgeySNoXJdA11eGaegL2sOQ@mail.gmail.com>
In-Reply-To: <CABCOCHTsAJTCoB8ejhw6fN6dD3eVgeySNoXJdA11eGaegL2sOQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nokia.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DM6PR08MB5084:EE_|BY5PR08MB6263:EE_
x-ms-office365-filtering-correlation-id: 7902e803-4f67-4ffb-65a0-08db3f97080e
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: ZUQ4BtfMk1RdCb3y0nVoQo7w3JG07/LxiyQCHgBaG+m9NFDF36ulqb/p0Zx+SeQ2dy+2sNBrzUBd+q14tGjT4PGG03egxelKBF4lEPVE8f/m73gqX8tQErv2SGRzZelumgk5K/IPZqqQLwFLnUn9ukqEfsSZk3N+ZsANuXlzd1m78R8/66V/ZL14bzo5MRjkXFEPPDgyqXutCfek1cVNj6EA6fOynDtdIXlm/QxbmzS74nAYRpSqYmuhYNTW9/Y5TFEEBnQwpFxv0Bi0FIbuBi5Hec5Q8FNSuMsTpawWo7xVjEVq51e1BxZjDrlfa/vKav1TTpGgrgOV33Rat9s79oj0CKnW5xiZUw1oxEzTp9hxkPt1qU98N6Iqtf1wJyNcVUWPfjeI4ocpbgR3MCBh8rJ4AyZn/bXcTJje0KpSbZnzuG2hs4V6cRkruNSSKFOyJonUDNL3TFeXNvILdW/LW/mGzlf6rIYxfyDnPKpXcgHGY+1kWIlYuFu3Nb5XOWyRlEshxe9fuOprQ875eGnGXK/DYZorn4/uVsDlmDZRH167HyKn1LkJMH9Ba+WGkuNZPsax4Surdey+HrqWLqZZ7A9GfHpduwh+we4CYgjKF7hrYtm5WtOZJI5cfUj2HlIoCyW2diIx8ZC1SNV+TqXX1w==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR08MB5084.namprd08.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230028)(4636009)(39850400004)(346002)(136003)(366004)(376002)(396003)(451199021)(38070700005)(52536014)(2906002)(5660300002)(66899021)(166002)(8936002)(41300700001)(122000001)(55016003)(86362001)(33656002)(38100700002)(478600001)(110136005)(26005)(6506007)(53546011)(9686003)(54906003)(186003)(71200400001)(966005)(84970400001)(7696005)(4326008)(66574015)(66476007)(66556008)(64756008)(66946007)(76116006)(66446008)(83380400001)(82960400001)(316002)(99936003); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: wCj1e5URmEJFM7/lQ2ozf59M7tp89w8T9aAtzGsvxVghlh6e4+1BJDNsPeX6uy1RvBIrPVWUc+Wjez/aDa9Saj0k/KkP/JvEICd6mDWtaDntj0t/vFs3QX7R+tCgd4XoMFu8WVRmBaHN0PaRMejv+7+AHFGPgjctYqlPCCLWXgzBRfGCZDJGVUFQgGRv4Nckt1tjLE11nn792wRGZYjtpX18nBh68BmOR+J1ohNcsRzBma4aajJw3aqcsw3Lot+ffvaJtq/m8GswcqDLhsbRTKzqznKvjZUSoLReCIu8XXcfcXqT6yGTcfP000opPa/J2dw4GNBotq+0cp7O8RPHggPzzvqPiL84zPzCEoXFeXpJI+z94IJgP7bAa7QwC8e1zHW7aVY9WcMywfOe/iP2ys1PTR6flmdPEfzD9/kaeEzlUKmDQyaI3jTObO+5h7poNB0r1kDB3N/n2seDbdfp6kAMw5bwjwXT1s22v0GN91ZzvsENfTYvCpu4yvTVAatLzIIX2VarqWBw5Kqe+EgcAVowSWbmem4cmVx+hZrorSbFNZjEWF4rymJivneK/AIKX4jQ0T1UP0hXwDcdS8f6U0WPYte2AdJ6xMgwoSRrVfjSsWX4vgilxB5xJuxHYUm2Q61bSYcseMCnQF0R57gQZWORfI3oZtGkFqt2i6NCrmnv1TDMRvBaH+/XXlLXQC+hEB7VHRfq1GS3BWY5Rv7VXcaV+ZtkFYWalbAQADoXeDpQLsC79u9NCr//GeOmal+pYArnnYMCJEVQZ0GR96CA+xhwaXSeIFwu0j/YvjGKZGmYTrbHzLCjuJNDOnbixxiZ3WpiAOrWbpHTAE+eiVjL7uEFsJXKdB39AbwUKesEgA10cPDJJKqgQQ4sTp6mj5663FRrBSRePit9RquQhKoKtmR3CZjmVDVpktTGNU/LyBqsG13vEAZOhIun0mACoAiSIRzxKwPTfwcUcRoLQmjZLoo8+dhOIIb/93lqEOsQI07SfQTl6WVWhi4Po/j/n5OuftoGqoWz5A2BwHtwwto+E6F9I9BMUAU27S6foF9IA8HD58dyV2ynQUaKPxl+laWewTze+TG/Li6Nrxg+yMyWXsjj7A6jDJ3NPlH/LBGApGX9fbl/flv0YFpEESNjDr+FklQA1ro79vvhuViMj+fLecn/wOx8KQde6NiAmR0IucrsO0ynIl/6ERZ3LC81GqbNzrWqYPardh4BQhZTy6joB0lugQoaMDmk4RRd7jxAPIziESoec+joXdNrWwonLTMT7qHK1T9N8nleMoTu+dxz4yEAZwQFNySs5202uJY0kZKYfnQcm/Mi8MVYxTZOz6Kh5qsfqjJ0Js5xcgYqBymObo49n3ft1qLUPC4g+FNbFzION4bvUxjUv1+7mF0qxYohAdX/u0hf7b3za3DLC23dnRBApG14EcHq04XoWFtQcjopCrF/aBsyyQ5KoQqrcQkvNM9O2tbV/Kjc5pdLEgJYqzSJoIg1Y/pNbCghyveRUbOZtCf0eOrsZ6D53MQfga+FgauCKu4e0tXJ3TbI4w3hRTP+KYkKLZQOqMJ+wD0sVbpoHrWolM14PbxzSKi22ywX
Content-Type: multipart/related; boundary="_004_DM6PR08MB5084B3521373CA39ED8600979B9C9DM6PR08MB5084namp_"; type="multipart/alternative"
MIME-Version: 1.0
X-OriginatorOrg: nokia.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR08MB5084.namprd08.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 7902e803-4f67-4ffb-65a0-08db3f97080e
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Apr 2023 22:56:51.0316 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: xlaEOOuv3vBe7177rNr0Hy/S797yrJdVADoLp4d5z54yQc1QQ4QYv5Wwohm6VerMsl8R/xRBBn5C+OXCoxu8Uw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR08MB6263
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/h3SSc7afR7y_wNlp6no7DakVPy8>
Subject: Re: [netconf] Regarding RFC 6243 "With-defaults Capability for NETCONF" … the devil is in the defaults
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Apr 2023 22:57:01 -0000
I agree that any data that is set should be returned. (note there is plenty of debate as to whether/how a *server* sets data in its own running, and several associated RFCs/drafts around this topic). From: netconf <netconf-bounces@ietf.org> On Behalf Of Andy Bierman Sent: Friday, April 14, 2023 11:08 AM To: dylan.sadoun@orange.com Cc: draft-ietf-netconf-with-defaults@ietf.org; netconf@ietf.org Subject: Re: [netconf] Regarding RFC 6243 "With-defaults Capability for NETCONF" … the devil is in the defaults CAUTION: This is an external email. Please be very careful when clicking links or opening attachments. See the URL nok.it/ext for additional information. Hi, I think the text in 2.3.1 is an omission. "set by client" should be "set by client or server" Andy On Fri, Apr 14, 2023 at 7:53 AM <dylan.sadoun@orange.com<mailto:dylan.sadoun@orange.com>> wrote: Hello I am reaching you about a potential technical erratum in RFC 6243, although I am not accustomed to the IETF process. I read https://www.ietf.org/about/groups/iesg/statements/processing-errata-ietf-stream/ but I am still not sure if that qualifies for an erratum request. Let me share my observations with you, please tell me if I should report an erratum and in that case I will do accordingly. The RFC defines 3 ways for NETCONF servers (most commonly routers for a service provider such as my employer) to deal with default data for "get and set" NETCONF operations. Each router implementation must choose one of the 3 ways as its implicit/default/basic mode, and can also support other modes if asked to by a NETCONF client. My concern is about the explicit mode (when the NETCONF server supports it, with no distinction if it is the router's basic mode or not) and configuration data reports by NETCONF servers. The RFC defines: Explicitly set data Data that is set to any value by a NETCONF client or other management application by the way of an explicit management operation, including any data model schema default value. Any value set by the NETCONF server that is not the schema defined default value is also considered explicitly set data. (emphasis mine. Please refer to the RFC for additional definitions). First, let me dive into the previous drafts to highlight the importance of the highlighted text. In the draft-ietf-netconf-with-defaults-04, the definition was different: Explicitly set default data Is default data that is set by a NETCONF client or other external management application/user by the way of an actual management operation to the value specified as its default in the data model schema. Some servers MAY treat explicitly set default data as simple default data, as they may not be able to differentiate between them. Data, that is set to a value other then its default value, is not default data, so its handling is outside the scope of this document. but as soon as the draft-ietf-netconf-with-defaults-05, the definition was changed to its final RFC form (except for one word: "actual" instead of "explicit"). Thus we can infer the early importance of the highlighted text: Indeed, if a NETCONF server sets some data that are NOT schema default data, these data are consired explicitly set data. The whole point of this definition and its only purpose is to later define the 'explicit' mode, the term being only used in the 2.3. 'explicit' Basic Mode and the 3.3. 'explicit' Retrieval Mode paragraphs (or in other paragraphs, when refering to the explicit mode). The 2.3.1. 'explicit' Basic Mode Retrieval paragraph states: When data is retrieved from a server using the 'explicit' basic mode, and the <with-defaults> parameter is not present, data nodes MUST be reported if explicitly set by the client, even if they contain the schema default value. Non-configuration data nodes containing the schema default value MUST be reported. (emphasis mine). This is where I think there is a mistake in the RFC. Why would only data nodes explicitly set by the client be reported? Why not explictly set data by the server as well? There are at least 3 arguments to qualify that as a mistake: 1. Firstly, what is the point of the definition highlighting that if a NETCONF server defines data (to values that are not the schema default ones) it is also explicitly set data, if that specific case is then excluded from the explicit mode paragraph? 2. Secondly, if the NETCONF server does not report this data which is not in the YANG schema, where should one be aware of the existence of this data? (other than by using another mode). Having read the RFC multiple times, it seems logical and intuitive to me that, in any mode, one should be able to find all data on the server by combining the NETCONF server report after a get AND the corresponding YANG schema. 3. Thirdly, in the trim mode, this data would indeed be reported. Isn't it weird and counter-intuitive that the trim mode be more verbose than the explicit mode? Please note that the RFC examples fails to address this particular situation. Maybe they should be expanded as well? To me, a correct and simpler formulation of the paragraph would be to remove "by the client": When data is retrieved from a server using the 'explicit' basic mode, and the <with-defaults> parameter is not present, data nodes MUST be reported if explicitly set. Non-configuration data nodes containing the schema default value MUST be reported. the reader can then read the definition for precisions. Or, if one wants to be more precise and paraphrase the "explicitly set data" definition: When data is retrieved from a server using the 'explicit' basic mode, and the <with-defaults> parameter is not present, data nodes MUST be reported if explicitly set. Data nodes containing the schema default value MUST be reported if set by the a NETCONF client or other management application by the way of an explicit management operation, and MUST NOT be reported if set by the NETCONF server. Non-configuration data nodes containing the schema default value MUST be reported. Additionaly, the 3.3. 'explicit' Retrieval Mode paragraph is also ambiguous: When data is retrieved with a <with-defaults> parameter equal to 'explicit', a data node that was set by a client to its schema default value MUST be reported. A conceptual data node that would be set by the server to the schema default value MUST NOT be reported. Non-configuration data nodes containing the schema default value MUST be reported. What about data that was set by the NETCONF server to a value other than the schema default value? I believe it should be reported, according to the "explicitly set data" definition, and for the same reasons as the cricicism of the 2.3.1 paragraph. Thus, this part too could be expanded, e.g. to: When data is retrieved with a <with-defaults> parameter equal to 'explicit', a data node that was set by a client to its schema default value MUST be reported. A conceptual data node that would be set by the server MUST be reported, expect if set to the schema default value, in which case it MUST NOT be reported. Non-configuration data nodes containing the schema default value MUST be reported. I hope I was clear enough in my explanations. Please note that this ambiguity is not only problematic in theory but also in practice, for various reasons that I can detail further if necessary. Best regards, [cid:image001.png@01D9715E.5D8CBFB0] Dylan SADOUN +336 47 53 54 50 dylan.sadoun@orange.com<mailto:dylan.sadoun@orange.com> OF/DTSI/DTR/RSB/DIP/TAC CO DTR : Direction Technique des Réseaux RSB : Réseaux et Services Broadband DIP : Département IP TAC CO : TAC Collecte
- Re: [netconf] Regarding RFC 6243 "With-defaults C… Andy Bierman
- Re: [netconf] Regarding RFC 6243 "With-defaults C… Jason Sterne (Nokia)
- Re: [netconf] Regarding RFC 6243 "With-defaults C… Andy Bierman