IETF Logo Mail Archive

Re: [Netconf] New draft: draft-mm-netconf-time-capability-00

Andy Bierman <andy@yumaworks.com> Thu, 18 July 2013 15:00 UTC

Return-Path: <andy@yumaworks.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 867CA11E80E1 for <netconf@ietfa.amsl.com>; Thu, 18 Jul 2013 08:00:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.767
X-Spam-Level:
X-Spam-Status: No, score=-2.767 tagged_above=-999 required=5 tests=[AWL=0.210, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tPtD8mz8RhJD for <netconf@ietfa.amsl.com>; Thu, 18 Jul 2013 08:00:06 -0700 (PDT)
Received: from mail-pb0-f44.google.com (mail-pb0-f44.google.com [209.85.160.44]) by ietfa.amsl.com (Postfix) with ESMTP id ED96411E814F for <netconf@ietf.org>; Thu, 18 Jul 2013 07:59:27 -0700 (PDT)
Received: by mail-pb0-f44.google.com with SMTP id uo1so3271638pbc.3 for <netconf@ietf.org>; Thu, 18 Jul 2013 07:59:22 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding:x-gm-message-state; bh=ZyXMOEfJsRi9edir9Lk4//5WrvCXc8ArGmtXnrVmAuk=; b=Sh4xqt82p9PR6Bvdad2Kq/6oOSsILyXPJZyXodT0VQmERPh5nQA0wn9mDsVb1x41KR BlSKbiWi5SFq+w/e7SrdDLcWLjOq6RsRs+b4D4m8t0aaYGK+62JiFuxjGHaJWerWihGY gHzvGNAmgQ782mwa7ghIKklxZBbmVFIeT61oy8RG5vuiRcLsQDE9lWmiT8qpK+n0PuQu AybCbtfSKmEgF0otWzi0c4TFfB/fxwkGd5lVPRq8MOsbQruFrTzLDGzCbj/X40U6IHEI vjvu/SKpyfHIOQM9NVPLh2J8nnFvHM3tQ7H/9LhSm4CUY0ixISv4sYcHCiQFHc81JlrW wZFw==
MIME-Version: 1.0
X-Received: by 10.66.234.71 with SMTP id uc7mr13449944pac.10.1374159562414; Thu, 18 Jul 2013 07:59:22 -0700 (PDT)
Received: by 10.70.12.161 with HTTP; Thu, 18 Jul 2013 07:59:22 -0700 (PDT)
In-Reply-To: <20130718174814.Horde.4U20NHGbDvb8NzPI8g2QFQ6@webmail.technion.ac.il>
References: <20130708104818.Horde.WJEDWO_XoOj_pIO2WxwcEg5@webmail.technion.ac.il> <CABCOCHTBt0wB-dLm+b_0GQD8nLG6558v4+D1FuR0kn=wOo3y7w@mail.gmail.com> <51E7E10F.7060209@ericsson.com> <CABCOCHTSi5u9T=szXv6aS7wUVBrVHM6UwgxuyuRWoi1B1khMqQ@mail.gmail.com> <20130718174814.Horde.4U20NHGbDvb8NzPI8g2QFQ6@webmail.technion.ac.il>
Date: Thu, 18 Jul 2013 07:59:22 -0700
Message-ID: <CABCOCHQVRTfVgXBdnUW-pKPQgtxVQxF4u6=dVocVOst=URaoWA@mail.gmail.com>
From: Andy Bierman <andy@yumaworks.com>
To: Tal Mizrahi <dew@tx.technion.ac.il>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: quoted-printable
X-Gm-Message-State: ALoCoQkaP/kF3mFZMADkVeKCBZ54Lrm84uqDqEI6B3hyZx3P2GhYsxDErLuB8uXbNfeLYqG2iihx
Cc: moses@ee.technion.ac.il, netconf@ietf.org
Subject: Re: [Netconf] New draft: draft-mm-netconf-time-capability-00
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Network Configuration WG mailing list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/netconf>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Jul 2013 15:00:13 -0000

On Thu, Jul 18, 2013 at 7:48 AM, Tal Mizrahi <dew@tx.technion.ac.il> wrote:
> Hi Andy,
>
>> I like the solution in draft-kwatsen-conditional-enablement-00
>> better than this one because it covers more use-cases and
>> seems more tractable.
>
>
> The concept in our draft is to suggest a general solution, allowing servers
> to coordinate any type of operation, including commit, edit-config, or any
> future operations that may come up. We are also targeting a higher
> resolution than hours.
>

I think your solution has use-cases outside of configuration.

  - synchronized actions across multiple servers (e.g., <reset-foo>)
  - synchronized <get> across multiple servers


> Your points below are well taken.
>
> Thanks,
> Tal.
>
>

Andy

>
> Quoting Andy Bierman <andy@yumaworks.com>:
>
>> Hi,
>>
>> There are lots of operational problems with delayed operations.
>> I like the solution in draft-kwatsen-conditional-enablement-00
>> better than this one because it covers more use-cases and
>> seems more tractable.
>>
>> For example:
>>   * in order to stage time-triggered-config,
>>     the user and access control can be checked once at the time
>>     the request is made.
>>   * the normal RPC mechanism is used
>>     (1 request and 1 immediate reply)
>>   * the staged config can be viewed or deleted with standard
>>     protocol operations, using standard access control
>>     [Not clear what filters would need to be added.]
>>   * conditional-enablement easily handles periodic config to
>>     support maintenance windows, URL blocking, etc.
>>   * time-shift applies to config activation, which is much less
>>      complicated than delaying arbitrary protocol operations.
>>
>>
>> Andy
>>
>>
>> On Thu, Jul 18, 2013 at 5:35 AM, Balazs Lengyel
>> <balazs.lengyel@ericsson.com> wrote:
>>>
>>> Hello,
>>> - The idea that scheduled time should be the required completion time for
>>> an
>>> operation is unfortunate. That assumes a device can estimate how long a
>>> complex configuration operation will take. That is already a a risky
>>> assumption. Even worse some operations might depend on external factors
>>> like
>>> traffic load, I/O related delays, interaction with external nodes. It is
>>> impossible to estimate these delays.
>>> - because of the above IMO nanosecond precision for timing is not
>>> realistic.
>>> The YANG time types are good enough. Anyway in many protocols we have
>>> timers
>>> on the scale of seconds, so coordinating configuration changes between
>>> nodes
>>> with milli/nanosecond precision does not look like a sensible goal.
>>>
>>> - there must be a way to check pending scheduled operations. This has
>>> some
>>> interesting access control issues as well. Can I see other peoples
>>> pending
>>> operations? Even if I can read them, what if I do not have rights to a
>>> managed object included in a pending operation? I should not be able to
>>> read
>>> it.
>>> - there must be a way to remove pending scheduled operations.
>>>
>>> - often a configuration session will consist of multiple operations:
>>> (lock,
>>> edit-config, unlock), (lock, discard-changes, edit-config, commit,
>>> unlock).
>>> If I can only schedule single operations does that mean I can not use
>>> lock?
>>> If I want to schedule commit, should I keep the running and the candidate
>>> configurations locked to ensure I commit, what I really want? What if my
>>> session is closed e.g. by a network timeout?
>>>
>>> - if a management user is removed/undefined will his pending operations
>>> also
>>> be removed, or will they stand there and fail at the scheduled execution
>>> time? The latter case will confuse people that do not know the user was
>>> removed.
>>>
>>> - generally timed operations work nicely if no one else configures the
>>> node
>>> while my changes are pending. What is the proposed method to ensure this?
>>>
>>> regards Balazs
>>>
>>> On 2013-07-08 16:27, Andy Bierman wrote:
>>>>
>>>>
>>>> Hi,
>>>>
>>>> I do not support a general time-scheduled protocol operation mechanism
>>>> for
>>>> all NETCONF operations.  There is one interesting use-case mentioned:
>>>> synchronized <commit> (or <edit-config> on :writable-running) operations
>>>> across multiple servers.
>>>>
>>>> The proposal doesn't actually work within NETCONF because <rpc> requests
>>>> within a single session are serialized.  This solution seems to send 1
>>>> <rpc-reply>
>>>> when the operation is finally executed.  How does the client know the
>>>> operation
>>>> was scheduled successfully?  IMO, a better solution would be an
>>>> immediate
>>>> <rpc-reply> (scheduled OK) and the execution results sent in a
>>>> <notification>.
>>>>
>>>> How do clients monitor what operations are pending?
>>>>
>>>> What if the NACM rules change while the operation is pending?
>>>> Does access control get checked twice?  Clients should not be able
>>>> to schedule operations they are not permitted to execute.
>>>>
>>>> What if a session is lost or closed before its scheduled operation is
>>>> started?
>>>>
>>>> What if the server reboots while operations are pending?
>>>>
>>>> IMO, YANG date-and-time is better time parameter than 'seconds since
>>>> 1970'.
>>>> It is already supported by NETCONF servers.
>>>>
>>>> How does a client cancel an operation?
>>>> Can client A cancel operations for client B,
>>>> assuming client A is allowed to invoke <kill-session>?
>>>>
>>>>
>>>>
>>>> Andy
>>>>
>>>> On Mon, Jul 8, 2013 at 12:48 AM, Tal Mizrahi <dew@tx.technion.ac.il>
>>>> wrote:
>>>>>
>>>>>
>>>>> Hi,
>>>>>
>>>>> We have submitted a new draft titled “Time Capability in NETCONF”.
>>>>> http://tools.ietf.org/html/draft-mm-netconf-time-capability-00
>>>>>
>>>>> Any comments will be welcome.
>>>>> Thanks,
>>>>> Tal Mizrahi.
>>>>>
>>>>> _______________________________________________
>>>>> Netconf mailing list
>>>>> Netconf@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/netconf
>>>>
>>>>
>>>> _______________________________________________
>>>> Netconf mailing list
>>>> Netconf@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/netconf
>>>>
>>>
>>> --
>>> Balazs Lengyel                       Ericsson Hungary Ltd.
>>> System Manager
>>> ECN: 831 7320                        Tel: +36-1-437-7320
>>> Mobile: +36-70-330-7909              email: Balazs.Lengyel@ericsson.com
>>>
>
>

v2.23.0 | Report a Bug | By Email