Re: [netconf] system configuration sync mechanism

Kent Watsen <> Tue, 29 June 2021 22:51 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 1EC3F3A1824; Tue, 29 Jun 2021 15:51:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.894
X-Spam-Status: No, score=-1.894 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id w2GdDQALhPFl; Tue, 29 Jun 2021 15:51:12 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 0BB2A3A1826; Tue, 29 Jun 2021 15:51:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=ug7nbtf4gccmlpwj322ax3p6ow6yfsug;; t=1625007070; h=From:Message-Id:Content-Type:Mime-Version:Subject:Date:In-Reply-To:Cc:To:References:Feedback-ID; bh=/mCPKk6fLtn/ITvjdgcHxEomBqnZHEpk23Yvh7ldt4s=; b=Turyn4oSpaoWAUfhc9sQAe6zqI9eJGP5ChvQ3li4AD+EaA8KMylxzdZQryVupsy3 TJKWUZXA26l64tRwP3ekn9EgyCC9+lrVPUUdLebF767ZjmVB6G2WNAcUBX5/iiukIFn h5DnYyGl3opwt5hx+qW5F1mKAxS7hK/sLCa2qL8c=
From: Kent Watsen <>
Message-ID: <>
Content-Type: multipart/alternative; boundary="Apple-Mail=_7C5CEEC4-DD69-4E5A-99BB-1CCFD3EF2F06"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.\))
Date: Tue, 29 Jun 2021 22:51:10 +0000
In-Reply-To: <>
Cc: "" <>, "" <>
To: "maqiufang (A)" <>
References: <> <> <>
X-Mailer: Apple Mail (2.3654.
X-SES-Outgoing: 2021.06.29-
Archived-At: <>
Subject: Re: [netconf] system configuration sync mechanism
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 29 Jun 2021 22:51:17 -0000

[CC-ing NETMOD, as I think this discussion belongs on that list...please consider removing NETCONF in your reply]

Hi Qiufang,

> Hi, Kent:
> Thanks for kicking off some discussion around this draft. Please see my reply inline.

I'm interested in this work, as it seems as if the <system> datastore was left out of the NMDA work.

> 1) I wish there were more examples, especially for "resource-independent” configuration.  I understand well enough "resource-dependent" (dynamic) configuration, but am unclear about what all "resource-independent” entails.  By example, JUNOS has a concept called “JUNOS defaults”, which is effectively read-only and hidden-by-default configuration that, most times, must be referenced in order to take effect.   For instance, check the examples halfway down this page: <>.  Is this similar to what you have in mind?
> [Qiufang Ma]  Yes. Physical-resource-independent system configuration is generated when the device is powered on and has nothing to do with the physical resource. Loopback interface may be the most common physical-resource-independent system configuration. To my knowledge, many vendors ((e.g., Huawei NE40E and Cisco IOS XR) will provide several predefined user groups and/or task groups which are used for authentication, authorization and accounting (AAA) services. Since these configurations are provided by the device/system, they could  be treated as system configuration. I think your  information about the predefined hidden configuration group which contains preconfigured values should also be treated the same. 
> More examples about system configurations would be worked on and added in  the next version of the draft.:)

Right, the loopback interface is a common example but, more generally, I think "resource-independent” configuration might fall into exactly two categories:

	1) config that is “applied” immediately
		- ex: interfaces/lo0/unit 0/family [ inet inet6 ]
		- ex: system/login/password/minimum-length=6
		- ex: system/ports/console-type=vt100
		- ex: system/syslog/archive-size=256k;
		- ex: chassis/cluster/fabric-monitoring/heartbeat-interval=1000;
		- ex: security/zones/security-zone/junos-host;
		- ex: security/alg/sip/inactive-media-timeout=120;

	2) config that is “applied” only after being referenced by other config (e.g., ACLs)
		- ex: applications/ftp/…
		- ex: applications/tftp/...
		- ex: applications/smtp/…
		- ex: utm/custom-objects/Adult_Material/...
		- ex: utm/custom-objects/Religion/...
		- ex: utm/custom-objects/Gambling/…

It would be good if we could determine if there are any other "resource-independent” configuration categories here.

As for "resource-dependent” configuration, I wonder how this is supposed to work…more specifically, I wonder to what extent the IETF needs to care how if works (perhaps the same could be said for "resource-independent” configuration too).  For instance, in JUNOS, there exists a config-template that is automatically applied to any user-defined interface, such as:

    junos-default-profile {
        interfaces {
            "$junos-interface-ifd-name" {
                unit "$junos-underlying-interface-unit" {
                    family inet;
                    family inet6;

Notably, RFC 8342 mentions templates as something that might be expanded when converting <running> to <intended>.  Actually, knowing that it is <intended> that is subject to validation, it seems that much (if not all) of <system> should be consumed when converting <running> to <intended> - agreed? 

> 2) Please treat NETCONF and RESTCONF equally.  Currently the draft speaks only to how it impacts NETCONF, but it should equally show how RESTCONF in impacted.
> [Qiufang Ma] Thanks for bringing it to my attention, I would take RESTCONF into consideration and see how the proposal works on RESTCONF.

It will work nearly transparently, if not completely so.   

What you need to do, mostly, is search/replace “NETCONF” —> “YANG-driven management protocols such as NETCONF and RESTCONF”

…and also “…The following example is provided using NETCONF, but could just as easily be provided using RESTCONF, in XML or JSON.”   Alternately, and perhaps better, have a mix of both kinds of examples throughout your document.

> 3) The “basic mode” term sounds too close to the “with-defaults” basic modes...can we please pick another name (e.g., system-datastore-operating-mode)?  
> [Qiufang Ma] Yes, agree. Actually we don’t really want to cause any confusion or misunderstandings. This term controls whether the device will update <running> with system configuration change or not. 
> Your proposal looks good to me, other suggestions are also welcome here.


>  Regarding your question below I don’t feel ready to comment on it yet.  I do understand the JUNOS model and, if it is compatible, would recommend considering, as it is implemented and seems to be working well enough.  That said, it might be the case that every vendor has defined their own way and each needs to be documented in turn...
> [Qiufang Ma] The issue we try to resolve here is that in order for system configurations being referenced or to make sure a successful validation when the system configuration is in the when/must statement, the system configuration must be retrieved from <operational> firstly and then copied into <running> manually, which is cumbersome. In this case, we would like to define some kind of mechanism to synchronize system configuration into <running>. Currently two system configuration data handling modes are specified. One will update <running> with any system configuration change automatically, and the other will not, so that the implementer may choose the mode more suitable for them. Hopefully this clarifies what we try to do. Please feel free to comment or suggest.

I’m beginning to think that:
auto-copying into <running> is likely never a good idea, because it violates the definition of <running>
having in <operational> doesn’t make sense, since the tweaks wouldn’t go thru <running> --> <intended> validation.

I’m wondering if a model like below would work for everyone - thoughts?

     +-------------+                 +-----------+
     | <candidate> |                 | <startup> |
     |  (ct, rw)   |<---+       +--->| (ct, rw)  |
     +-------------+    |       |    +-----------+
            |           |       |           |
            |         +-----------+         |
            +-------->| <running> |<--------+
                      | (ct, rw)  |
 +----------+               |        // configuration transformations,
 | <system> |-------------->|        // e.g., removal of nodes marked as
 | (ct, ro) | // underlay   |        // "inactive", expansion of
 +----------+               |        // templates
                      | <intended> | // subject to validation
                      | (ct, ro)   |
                            |        // changes applied, subject to
                            |        // local factors, e.g., missing
                            |        // resources, delays
       dynamic              |   +-------- learned configuration
       configuration        |   +-------- system configuration
       datastores -----+    |   +-------- default configuration
                       |    |   |
                       v    v   v
                    | <operational> | <-- system state
                    | (ct + cf, ro) |

> Best Regards,
> Qiufang Ma

K. // contributor