IETF Logo Mail Archive

Re: [Netconf] Anyone want just Configured Subscriptions?

"Eric Voit (evoit)" <evoit@cisco.com> Mon, 09 July 2018 04:17 UTC

Return-Path: <evoit@cisco.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C4EC0130F05 for <netconf@ietfa.amsl.com>; Sun, 8 Jul 2018 21:17:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Level:
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ROYSU7xjHVDt for <netconf@ietfa.amsl.com>; Sun, 8 Jul 2018 21:17:06 -0700 (PDT)
Received: from alln-iport-4.cisco.com (alln-iport-4.cisco.com [173.37.142.91]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8563B130F01 for <netconf@ietf.org>; Sun, 8 Jul 2018 21:17:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=7680; q=dns/txt; s=iport; t=1531109826; x=1532319426; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=NdO385r8qqaCknWE2/6bBnwXiwolJR+Do3n60Cjy3LA=; b=EC8Avf/aINgiLRDqLXOt5jkPDbFc4/zEMTSlRilAanA0blzddXgl9vLn w/k2IVs2hyTXRrj2vCubK+M8bMH5ONYjSmT7+PZwpwlBOm5FtW1N2XKI7 Fb1B20F40rn5eQoQvxZMOJExX+S6QbOmmmJJxT4KpE0KQn6D1XBHmYX8/ Y=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0C1AQBL4UJb/4ENJK1SAQkZAQEBAQEBAQEBAQEBBwEBAQEBg0lifygKmCiCB5UyFIFmCxgLhANGAoItITYWAQIBAQIBAQJtHAyFNgEBAQECAQEBOC0HCwULAgEIDgcDDREQJwslAgQOBQiDGYF3CA+rG4hGgTUFh1eBF4FWP4NwLoMYAQEBAYEzAQQGAQEGSoUkAplPCQKPGo1lkWkCERMBgSQkAi+BUnAVO4JpgiQXiFmFPm8BjQcBDhcDgQWBGgEB
X-IronPort-AV: E=Sophos;i="5.51,328,1526342400"; d="scan'208";a="140273106"
Received: from alln-core-9.cisco.com ([173.36.13.129]) by alln-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 09 Jul 2018 04:17:05 +0000
Received: from XCH-RTP-014.cisco.com (xch-rtp-014.cisco.com [64.101.220.154]) by alln-core-9.cisco.com (8.14.5/8.14.5) with ESMTP id w694H5ZJ028429 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 9 Jul 2018 04:17:05 GMT
Received: from xch-rtp-013.cisco.com (64.101.220.153) by XCH-RTP-014.cisco.com (64.101.220.154) with Microsoft SMTP Server (TLS) id 15.0.1320.4; Mon, 9 Jul 2018 00:17:04 -0400
Received: from xch-rtp-013.cisco.com ([64.101.220.153]) by XCH-RTP-013.cisco.com ([64.101.220.153]) with mapi id 15.00.1320.000; Mon, 9 Jul 2018 00:17:04 -0400
From: "Eric Voit (evoit)" <evoit@cisco.com>
To: Martin Bjorklund <mbj@tail-f.com>
CC: "netconf@ietf.org" <netconf@ietf.org>
Thread-Topic: [Netconf] Anyone want just Configured Subscriptions?
Thread-Index: AQHUFzuxhQunRwlbK0C4UmqBO4djAg==
Date: Mon, 09 Jul 2018 04:17:04 +0000
Message-ID: <ce3e588773c34f4db80220222c3a4274@XCH-RTP-013.cisco.com>
References: <04c12295eafa4ae38d240817aefb792f@XCH-RTP-013.cisco.com> <D90BF8D7-5F76-41B1-A686-65883760C0F3@juniper.net> <a32d1aa8eb384d5c856dd43dfbfec3fa@XCH-RTP-013.cisco.com> <20180708.103708.568656124603935473.mbj@tail-f.com>
In-Reply-To: <20180708.103708.568656124603935473.mbj@tail-f.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.118.56.230]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/p-yPa156dXUNinJbhd-rylgDtgg>
Subject: Re: [Netconf] Anyone want just Configured Subscriptions?
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: Network Configuration WG mailing list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Jul 2018 04:17:09 -0000

> From: Martin Bjorklund, July 8, 2018 4:37 AM
> 
> "Eric Voit \(evoit\)" <evoit=40cisco.com@dmarc.ietf.org> wrote:
> > > From: Kent Watsen, July 6, 2018 6:34 PM
> 
> [...]
> 
> > > >>  Regarding the 4th
> > > >>   bullet point following the first paragraph, I think that it is
> > > >>   sufficient to just identify that a suitable base identity must
> > > >>   be returned (i.e., lose the refs to Sections 2.4.6 and A.1).
> > > >
> > > > That is the way I initially had it.  Martin requested that these
> > > > be made explicit during his review.
> > >
> > > I don't agree.  YP is just one of potentially many (I exaggerate)
> > > layers on top of SN.
> 
> If you want to keep this error-app-tag string (I don't think it is necessary, since
> the identity is also sent in within the <error-info>), 

For NETCONF transport, the <error-info> is populated only when hints are sent.  For more on this, there is history in our December & January thread to morph the previous transport protocol agnostic error structures into something that more closely matched embedded NETCONF implementations.   E.g.,  
https://www.ietf.org/mail-archive/web/netconf/current/msg13954.html
https://www.ietf.org/mail-archive/web/netconf/current/msg13834.html 

It is true that we could changes things and always send the <error-info>.   But what we talked about then works fine.  I don't see what benefit a change buys us.

> then I think the document
> needs to clearly specify which identity to use for the different errors.
> 
> I agree with Kent that the reference to YANG push is not needed here, and
> should be removed.

Without explicitly what RPCs are permitted to have error info carried, any identity could be allowed to populate the error-app-tag or error-info.  I don't think this is what we want.

We all know that subscribed notifications has four RPCs which have error identities which need to be passed back.  But it is also true that yang-push has the resynch-subscription RPC.  This RPC two possible error identities which need to be passed back:
(1) <yang-push>:<no-such-subscription-resynch>
(2) <yang-push>:<synchronization-size>

Without the linkage to yang-push in this section, this connection is not made anywhere in the documents.

>  I do think the reference to SN is needed, and I think the
> explicit list of rpcs and base identities help.
> 
> Kent, do you think that this list is somehow incorrect or misleading?
> 
> > What other layer are you expecting?
> 
> Who knows?  I agree w/ Kent; it is a matter of getting the design right, even if
> we don't see more layers at the moment.

Other layers can easily be added.  New RPCs can easily bring along their error identities.   How this can be done is demonstrated in yang-push.

> > > We need to ensure the language allows for other layers to be defined
> > > in the future.  I imagine that there should be nothing special about
> > > YP as far as the notif drafts go.
> >
> > This does not precludes additional layers for being placed.  If an
> implementation doesn't need an RPC, it can safely ignore the identity.
> >
> > In the end, when the WG requested that we inherit embedded NETCONF and
> > RESTCONF error processing mechanisms, and this drove to the explicit
> > mappings.
> >
> > > >>   The 2nd paragraph seems to be defining a non-standard way to
> > > >>   encode identities (red flag).
> > > >
> > > > This also was at Martin's request.  It is not non-standard as it
> > > > simply describes the encoding of an error string.
> > >
> > > I see that error-app-tag is defined in RFC 6241 as a string, so
> > > maybe there is a basis for this, but note that identities are
> > > encoded differently for XML and JSON.  It seems like this draft
> > > could declare that the value must conform to type "identity"
> > > and then leverage existing encoding-specific rules.  What did Martin
> > > say?
> >
> > Per:
> > https://www.ietf.org/mail-archive/web/netconf/current/msg14345.html
> >
> >   "I think you should decide on one mechanism, and use it in both
> >   drafts (specifically, the error-app-tag handling.  BTW, *if* you
> >   decide to keep it, you need to clarify what "a string that
> >   corresponds to" means.  Maybe use the JSON encoding of identities in
> >   this case (<modname>:<identityname>))."
> >
> > This defined encoding works, and can be placed the same way into different
> types of error mechanisms.
> 
> Note my *if* above.  If we simply don't specify anything for the error-app-tag,
> both these issues are solved.

True.  But per earlier threads, what is proposed works.  And I think it a nice convention to only send error-info just when we are providing hints back.

Eric

> /martin
> 
> 
> 
> >
> > > >>   Section 10: the 1st paragraph is not a security consideration
> > > >>   (move to Section 5?).
> > > >
> > > > Moved into 5.2.
> > >
> > > Thanks.
> > >
> > >
> > > >>  The 2nd paragraph articulates a valid  concern, but it seems to
> > > >> apply to all transports (although  missing in the restconf-notif
> > > >> draft) and so should be moved  to the SN draft?
> > > >
> > > > As the mechanism for mitigating certain DDoS vectors is transport
> > > > specific, the transport drafts seemed a better place.
> > >
> > > The problem statement (1st sentence) is generic and should be moved
> > > to the SN draft.
> >
> > Section 10, paragraph 2, sentence #1 is context to set up the requirements in
> sentence 2 & 3.  So I replicated a NETCONF independent statement in SN:
> >
> > " For dynamic subscriptions, implementations need to protect against
> malicious or buggy subscribers which may send a large number "establish-
> subscription" requests, thereby using up system resources.  To cover this
> possibility operators SHOULD monitor for such cases and, if discovered, take
> remedial action to limit the resources used, such as suspending or terminating
> a subset of the subscriptions or, if the underlying transport is session based,
> terminate the  underlying transport session."
> >
> > > How to handle the issue in a generic way, if possible, should also
> > > be in the SN draft.  Here, the 2nd sentence seems transport-specific
> > > and the 3rd transport- independent.  However, I think that the 2nd
> > > or 3rd sentences could be stated better (and more generically) in
> > > the SN draft, something like this:
> > >
> > >   Operators SHOULD monitor for such cases and, if discovered,
> > >   take remedial action to limit the resources used, such as
> > >   suspending or terminating a subset of the subscriptions or,
> > >   if the underlying transport is session based, terminate the
> > >   underlying transport session.
> > >
> > >
> > > > If you are good with it staying as a transport mechanism, I will
> > > > add corresponding text to RESTCONF-Notif.
> > >
> > > I prefer a generic Security Consideration in the SN draft.
> >
> > Hopefully the text above gets us there.
> >
> > Eric
> >
> > > >>   The 3rd paragraph could be removed, since it
> > > >>   isn't for dynamic subscriptions.
> > > >
> > > > Yes.
> > > >
> > > > Eric
> > >
> > >
> > > Kent // contributor
> > >
> > >
> >
> > _______________________________________________
> > Netconf mailing list
> > Netconf@ietf.org
> > https://www.ietf.org/mailman/listinfo/netconf
> 
> _______________________________________________
> Netconf mailing list
> Netconf@ietf.org
> https://www.ietf.org/mailman/listinfo/netconf

v2.23.0 | Report a Bug | By Email