Re: [Netconf] Comments on Yang-push-18 //RE: I-D Action: draft-ietf-netconf-yang-push-18.txt

Alexander Clemm <alexander.clemm@huawei.com> Thu, 11 October 2018 19:04 UTC

Return-Path: <alexander.clemm@huawei.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 67508130EDA for <netconf@ietfa.amsl.com>; Thu, 11 Oct 2018 12:04:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e-IWLXm-Vnuy for <netconf@ietfa.amsl.com>; Thu, 11 Oct 2018 12:04:16 -0700 (PDT)
Received: from huawei.com (lhrrgout.huawei.com [185.176.76.210]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EA963130ED4 for <netconf@ietf.org>; Thu, 11 Oct 2018 12:04:15 -0700 (PDT)
Received: from lhreml704-cah.china.huawei.com (unknown [172.18.7.106]) by Forcepoint Email with ESMTP id 7955290BE39B3 for <netconf@ietf.org>; Thu, 11 Oct 2018 20:04:04 +0100 (IST)
Received: from SJCEML703-CHM.china.huawei.com (10.208.112.39) by lhreml704-cah.china.huawei.com (10.201.108.45) with Microsoft SMTP Server (TLS) id 14.3.399.0; Thu, 11 Oct 2018 20:04:05 +0100
Received: from SJCEML521-MBX.china.huawei.com ([169.254.1.47]) by SJCEML703-CHM.china.huawei.com ([169.254.5.166]) with mapi id 14.03.0415.000; Thu, 11 Oct 2018 12:03:55 -0700
From: Alexander Clemm <alexander.clemm@huawei.com>
To: Rohit R Ranade <rohitrranade@huawei.com>, "'netconf@ietf.org'" <netconf@ietf.org>
Thread-Topic: [Netconf] Comments on Yang-push-18 //RE: I-D Action: draft-ietf-netconf-yang-push-18.txt
Thread-Index: AdQ/VLvBsEuHunkySd2q4Mf8WxSa0AFLVWIQAVoS5YAF1fpFgAAUWudQ
Date: Thu, 11 Oct 2018 19:03:54 +0000
Message-ID: <644DA50AFA8C314EA9BDDAC83BD38A2E0EB6E98F@sjceml521-mbx.china.huawei.com>
References: <991B70D8B4112A4699D5C00DDBBF878A6BC192DD@dggeml530-mbs.china.huawei.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0EB5C6FA@sjceml521-mbs.china.huawei.com> <991B70D8B4112A4699D5C00DDBBF878A6BC31BD4@dggeml510-mbx.china.huawei.com> <991B70D8B4112A4699D5C00DDBBF878A6BC563D7@dggeml510-mbx.china.huawei.com>
In-Reply-To: <991B70D8B4112A4699D5C00DDBBF878A6BC563D7@dggeml510-mbx.china.huawei.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.193.35.93]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/h9kcmmYoZKJirmxrIhq8RRr951k>
Subject: Re: [Netconf] Comments on Yang-push-18 //RE: I-D Action: draft-ietf-netconf-yang-push-18.txt
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Configuration WG mailing list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Oct 2018 19:04:20 -0000

Hi Rohit,

really it is up to the client to determine what they want to subscribe to.  As indicated in the message thread below, sending the delete update (in case of oscillating creates/deletes within periods shorter than then dampening period) will indicate that churn has occurred.  The corresponding create will not have been indicated because it happened within the same dampening period.  If a client wants to receive both, it can do so by using a subscription without dampening and, if only interested in creates and deletes, specify that other changes (e.g. replace or move) should be excluded.  A client could also choose to have multiple subscriptions in parallel, one for the creates/deletes without dampening, another one for the replaces with dampening.  

Thanks
--- Alex

> -----Original Message-----
> From: Rohit R Ranade
> Sent: Wednesday, October 10, 2018 7:11 PM
> To: Alexander Clemm <alexander.clemm@huawei.com>; 'netconf@ietf.org'
> <netconf@ietf.org>
> Subject: RE: [Netconf] Comments on Yang-push-18 //RE: I-D Action: draft-ietf-
> netconf-yang-push-18.txt
> 
> Hi Alex,
> 
> I think the below mail got missed somehow.
> 
> For the scenario that yang-push send sending "delete", when "create" and
> "delete" has happened within a dampening time, one more reason for not
> preferring this way is that we are robbing one of the validation checks that a
> client can do.
> 
> For example, in above scenario when a "delete" is received by client,  client sees
> that there was no record in its local-db and client has no way to know whether
> actually a "create" notification was dropped / not-received from the server.
> 
> 
> -----Original Message-----
> From: Rohit R Ranade
> Sent: 11 September 2018 14:43
> To: Alexander Clemm <alexander.clemm@huawei.com>; netconf@ietf.org
> Subject: RE: [Netconf] Comments on Yang-push-18 //RE: I-D Action: draft-ietf-
> netconf-yang-push-18.txt
> 
> Hi Alex,
> 
> I agree with your replies for most of the comments and those comments have
> been removed in the text blow. Some comments which I feel need more
> discussion are kept below.
> 
> > 4. Section 3.5.2
> >    "To support this, it is valid to encode a YANG patch operation so
> > that its application would result
> >    in no change between the previous and current state.  This indicates
> >    that some churn has occurred on the object.  An example of this would
> >    be a patch that does a "create" operation for a datastore node where
> >    the receiver believes one already exists, or a "replace" operation
> >    which replaces a previous value with the same value."
> >
> >     Some points here need more clarification.
> >     a. If there is no change, but only a churn then why is it
> > important to send this object in a YANG push ? What is the benefit ?
> 
> <ALEX>It indicates the fact that churn has occurred.  Basically, it allows a client
> to recognize that the value has not been static/unchanged, but did undergo
> some kind of oscillation.  The benefits to only indicate the last change is per the
> dampening period (reduce bandwidth and CPU).
> </ALEX>
> 
> [Rohit]: I am still not clear which scenario this is trying to solve. Some devices
> maybe track only the differences and don't want to handle this special scenario.
> Such devices may not want to implement this feature.
> 
> >     b. If there was a "create" and "delete" on object X, within a
> > dampening period, then what will be the patch record operation ?
> 
> <ALEX>
> We would send a delete.  (even if the object did not exist originally).  We should
> indicate this actually.  Adding the following to the same item:
> " In case the changes involve creating a new datastore node, then deleting it,
> the YANG patch record will indicate deletion of the datastore node.  Similarly, in
> case the changes involve deleting a new datastore node, then recreating it, the
> YANG patch record will indicate creation of the datastore node."
> </ALEX>
> 
> [Rohit] : Why would the client be interested in a "delete" of a record X, when
> such a record X did not exist in its previous sync ?
> 
> > 12. Section 3.9
> >   "If read access into previously accessible nodes has been lost due to
> >    a receiver permissions change, this SHOULD be reported as a patch
> >    "delete" operation for on-change subscriptions."
> >   I think we should not have such mechanisms. If a user does not have
> > access, we should not try to evaluate what was the last update sent
> >   to such user, and how to send a subsequent patch which will
> > stabilize the user's DB due to the access-control changes.
> >
> 
> <ALEX> I can see your point; that said I think one can argue to keep things as-is.
> When a receiver can no longer access a datastore node, the node has effectively
> "disappeared" to the receiver.  By keeping it, the receiver will be under the
> illusion of no change even when the value does change.  This might cause a
> receiver to "not trust" a subscription any more and start polling, which is
> something we would absolutely want to avoid.  So, I prefer to keep things as
> they are.   Alternatively, an implementation may always delete the subscription /
> force subscription reestablishment.
> --- Alex
> </ALEX>
> 
> [Rohit] " receiver will be under the illusion of no change even when the value
> does change."  Since the receiver has no permission, the receiver will not know
> that indeed there was a change in value. So if the receiver already had got the
> record on a path in its previous sync, if now the NACM rules got applied, the
> receiver will never receive any other update on that path, which would have
> been the purpose of adding the NACM rules.
> 
> 
> With Regards,
> Rohit R Ranade
> 
> -----Original Message-----
> From: Alexander Clemm
> Sent: 05 September 2018 06:42
> To: Rohit R Ranade <rohitrranade@huawei.com>; netconf@ietf.org
> Subject: RE: [Netconf] Comments on Yang-push-18 //RE: I-D Action: draft-ietf-
> netconf-yang-push-18.txt
> 
> Hi Rohit,
> 
> thank you for the comments!  I am in the process of incorporating them into -
> 19, which I hope to post by Thursday.
> 
> Replies to your items inline.
> 
> --- Alex
> 
> > -----Original Message-----
> > From: Netconf [mailto:netconf-bounces@ietf.org] On Behalf Of Rohit R
> > Ranade
> > Sent: Tuesday, August 28, 2018 10:01 PM
> > To: netconf@ietf.org
> > Subject: [Netconf] Comments on Yang-push-18 //RE: I-D Action:
> > draft-ietf- netconf-yang-push-18.txt
> >
> > Hi All,
> >
> >
> > 1. In Section 3.3
> >   The whole para from "To avoid flooding receivers .. the last change
> > will still be sent." looks like a repetition
> >   of Section 3.1 , description of "Dampening period"
> >
> 
> <ALEX> 3.1 describes the model, while 3.3 discusses the considerations behind it
> and provides additional explanation.  While the explanation may be redundant,
> we felt it is still useful to explain the rational.  Hence we would like to keep it.
> </ALEX>
> 
> > 2. Section 3.3, Point 4
> >   "insert into the YANG patch record the last change made for any
> > object which otherwise wouldn't have appeared."
> >    I am not able to understand this statement clearly. Can this
> > statement be simplified ?
> 
> <ALEX>
> Rephrasing it as follows: " insert into the YANG patch record the last change
> made, even if the new value is no different from the original value (since
> changes that were made in the interim were canceled out)."
> </ALEX>
> 
> >
> > 3. Section 3.5.2
> >   The para "A publisher will indicate a change to the effect ... this by a
> >    "move" operation."
> >    This is already defined in the YANG Patch RFC right ? What is the
> > need to define this again in this RFC ?
> 
> <ALEX> The patch is generated by the publisher, not by the client.  In that sense,
> we use it a bit different from RFC 8072.  We thought it will be useful in the
> interest of greater clarity to explain it.  So, while it would be possible to
> editorially tighten, again we would like to keep it.
> </ALEX>
> >
> > 4. Section 3.5.2
> >    "To support this, it is valid to encode a YANG patch operation so
> > that its application would result
> >    in no change between the previous and current state.  This indicates
> >    that some churn has occurred on the object.  An example of this would
> >    be a patch that does a "create" operation for a datastore node where
> >    the receiver believes one already exists, or a "replace" operation
> >    which replaces a previous value with the same value."
> >
> >     Some points here need more clarification.
> >     a. If there is no change, but only a churn then why is it
> > important to send this object in a YANG push ? What is the benefit ?
> 
> <ALEX>It indicates the fact that churn has occurred.  Basically, it allows a client
> to recognize that the value has not been static/unchanged, but did undergo
> some kind of oscillation.  The benefits to only indicate the last change is per the
> dampening period (reduce bandwidth and CPU).
> </ALEX>
> 
> >     b. If there was a "create" and "delete" on object X, within a
> > dampening period, then what will be the patch record operation ?
> 
> <ALEX>
> We would send a delete.  (even if the object did not exist originally).  We should
> indicate this actually.  Adding the following to the same item:
> " In case the changes involve creating a new datastore node, then deleting it,
> the YANG patch record will indicate deletion of the datastore node.  Similarly, in
> case the changes involve deleting a new datastore node, then recreating it, the
> YANG patch record will indicate creation of the datastore node."
> </ALEX>
> 
> >     c. s/patch that does a "create" operation /patch that indicates a "create"
> > operation  ? Patch can indicate the operation not do it.
> 
> <ALEX> changed "does" do "indicates" /ALEX>
> 
> >
> > 5. Section 3.7
> >   "the counter MUST be reset to '1' the after passing a maximum value
> > of '4294967295'"
> >   s/reset to '1' the after passing/reset to '1' after passing
> >
> 
> <ALEX> changed </ALEX>
> 
> > 6. Section 3.7 Figure 2: Push example for on change
> >    The "yang-patch" should be under the namespace
> > "urn:ietf:params:xml:ns:yang:ietf-yang-patch"
> >
> 
> <ALEX> changed </ALEX>
> 
> > 7. In the ietf-yang-push, tree diagram
> >    "
> >              +--ro datastore-changes?
> >                  +--ro ypatch:yang-patch
> >                 +--ro patch-id        string
> >    "
> >     There looks to be an indentation problem for "ypatch:yang-patch"
> >
> 
> <ALEX> changed (apparently somewhere a tab character sneaked into the .xml,
> which was not rendered correctly) </ALEX>
> 
> > 8. resynch-subscription-error
> >    I feel "sync" is a better abbreviation than "synch" for
> > synchronization, because when reading this name, we may
> >    not pronounce this correctly or read correctly.  I also feel
> > "re-sync" is better when compared to "resync"
> >
> 
> <ALEX> Hmm.  This will also require to change the name of RPCs, and
> everywhere else the term "sync(h)" is used.  I agree that while not a major item,
> this would have been a better choice, so I am applying the change throughout.
> </ALEX>
> 
> > 9. Section 3.9.
> >    "since the last notification message was sent to a particular each receiver.".
> >    s/sent to a particular each receiver/sent to a particular receiver
> >
> 
> <ALEX> changed </ALEX>
> 
> >
> > 10. Section 3.9
> >   "To accomplish this, implementations SHOULD support the
> >    conceptual authorization model of [RFC8341], specifically section 3.2.4.".
> >    The link to section 3.2.4 seems to be broken as it is taking the
> > reader to the YANG Push draft and not to NACM
> >
> 
> <ALEX> Yes indeed, I see it.  Interestingly this is autogenerated in the .html
> version (and only there), the XML source does not include a link.  I am not sure
> how to change it.  Note for the RFC Editor?
> </ALEX>
> 
> > 11. Section 3.9
> >   I think here "access-protected data", is used to indicate that the
> > receiver has "no access". I think this is misleading.
> >   "access-protected data" means that there are NACM rules to protect
> > the data. Maybe we can replace it with "access-denied data" ?
> >
> 
> <ALEX> Rephrased the passages in question as follows: " A publisher MUST allow
> for the possibility that a subscription's selection filter references non-existent
> data or data that the receiver is not allowed to access." and " A publisher MAY
> choose to reject an establish-subscription request which selects non-existent
> data or data that a receiver is not allowed to access. "  </ALEX>
> 
> > 12. Section 3.9
> >   "If read access into previously accessible nodes has been lost due to
> >    a receiver permissions change, this SHOULD be reported as a patch
> >    "delete" operation for on-change subscriptions."
> >   I think we should not have such mechanisms. If a user does not have
> > access, we should not try to evaluate what was the last update sent
> >   to such user, and how to send a subsequent patch which will
> > stabilize the user's DB due to the access-control changes.
> >
> 
> <ALEX> I can see your point; that said I think one can argue to keep things as-is.
> When a receiver can no longer access a datastore node, the node has effectively
> "disappeared" to the receiver.  By keeping it, the receiver will be under the
> illusion of no change even when the value does change.  This might cause a
> receiver to "not trust" a subscription any more and start polling, which is
> something we would absolutely want to avoid.  So, I prefer to keep things as
> they are.   Alternatively, an implementation may always delete the subscription /
> force subscription reestablishment.
> --- Alex
> </ALEX>
> 
> >
> > With Regards,
> > Rohit R Ranade
> >
> > -----Original Message-----
> > From: Netconf [mailto:netconf-bounces@ietf.org] On Behalf Of internet-
> > drafts@ietf.org
> > Sent: 29 August 2018 06:24
> > To: i-d-announce@ietf.org
> > Cc: netconf@ietf.org
> > Subject: [Netconf] I-D Action: draft-ietf-netconf-yang-push-18.txt
> >
> >
> > A New Internet-Draft is available from the on-line Internet-Drafts directories.
> > This draft is a work item of the Network Configuration WG of the IETF.
> >
> >         Title           : YANG Datastore Subscription
> >         Authors         : Alexander Clemm
> >                           Eric Voit
> >                           Alberto Gonzalez Prieto
> >                           Ambika Prasad Tripathy
> >                           Einar Nilsen-Nygaard
> >                           Andy Bierman
> >                           Balazs Lengyel
> > 	Filename        : draft-ietf-netconf-yang-push-18.txt
> > 	Pages           : 57
> > 	Date            : 2018-08-28
> >
> > Abstract:
> >    Via the mechanism described in this document, subscriber applications
> >    may request a continuous, customized stream of updates from a YANG
> >    datastore.  Providing such visibility into updates enables new
> >    capabilities based on the remote mirroring and monitoring of
> >    configuration and operational state.
> >
> >
> > The IETF datatracker status page for this draft is:
> > https://datatracker.ietf.org/doc/draft-ietf-netconf-yang-push/
> >
> > There are also htmlized versions available at:
> > https://tools.ietf.org/html/draft-ietf-netconf-yang-push-18
> > https://datatracker.ietf.org/doc/html/draft-ietf-netconf-yang-push-18
> >
> > A diff from the previous version is available at:
> > https://www.ietf.org/rfcdiff?url2=draft-ietf-netconf-yang-push-18
> >
> >
> > Please note that it may take a couple of minutes from the time of
> > submission until the htmlized version and diff are available at tools.ietf.org.
> >
> > Internet-Drafts are also available by anonymous FTP at:
> > ftp://ftp.ietf.org/internet-drafts/
> >
> > _______________________________________________
> > Netconf mailing list
> > Netconf@ietf.org
> > https://www.ietf.org/mailman/listinfo/netconf
> >
> > _______________________________________________
> > Netconf mailing list
> > Netconf@ietf.org
> > https://www.ietf.org/mailman/listinfo/netconf