Re: [netconf] Pullback tcp-client-server also?
Kent Watsen <kent@watsen.net> Wed, 20 March 2024 21:32 UTC
Return-Path: <0100018e5dc76461-a85ae896-74b8-4ca5-a8ea-90507b8b18d0-000000@amazonses.watsen.net>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C17FC15152B for <netconf@ietfa.amsl.com>; Wed, 20 Mar 2024 14:32:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.903
X-Spam-Level:
X-Spam-Status: No, score=-6.903 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazonses.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8NMrsHe6a1T9 for <netconf@ietfa.amsl.com>; Wed, 20 Mar 2024 14:32:14 -0700 (PDT)
Received: from a48-90.smtp-out.amazonses.com (a48-90.smtp-out.amazonses.com [54.240.48.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B99D8C14F60D for <netconf@ietf.org>; Wed, 20 Mar 2024 14:32:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=ug7nbtf4gccmlpwj322ax3p6ow6yfsug; d=amazonses.com; t=1710970332; h=From:Message-Id:Content-Type:Mime-Version:Subject:Date:In-Reply-To:Cc:To:References:Feedback-ID; bh=/lbVQyChWqJJg1H3i4Fm10vg+HfBDLSkVDEmwl1BLJk=; b=E7vC/xblzpH8dzhEdIqgnE1K3mqsBymLYfT78Cl+T76bQa5ZXrc2SxdnETqX6oMg 1HsAcU5OjQE2Vux3QZRBZUrU91P7DxsbK9i1TkB9HFr84pW5q212OXp/NqN8IgAxzEz er0CLB0Vm0gjDScFNxavJHEc1zsw9R/qzpDOrUkY=
From: Kent Watsen <kent@watsen.net>
Message-ID: <0100018e5dc76461-a85ae896-74b8-4ca5-a8ea-90507b8b18d0-000000@email.amazonses.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_76887144-7096-4785-8D2F-F1AFD4A4EBE7"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.400.31\))
Date: Wed, 20 Mar 2024 21:32:12 +0000
In-Reply-To: <DU2PR02MB101607713AF351617CBBB562688332@DU2PR02MB10160.eurprd02.prod.outlook.com>
Cc: "Joe Clarke (jclarke)" <jclarke@cisco.com>, Mahesh Jethanandani <mjethanandani@gmail.com>, "netconf@ietf.org" <netconf@ietf.org>
To: mohamed.boucadair@orange.com
References: <DU2PR02MB10160D45D1B097E0402C81F5D88332@DU2PR02MB10160.eurprd02.prod.outlook.com> <0100018e59548770-0e565cea-5193-4074-80f9-4f2430d18a9c-000000@email.amazonses.com> <DU2PR02MB1016043201C524611C0E4385188332@DU2PR02MB10160.eurprd02.prod.outlook.com> <A675AC8B-443A-4077-8F75-BF9B786C4EE8@gmail.com> <DU2PR02MB101607BDA6356F05B5C9A8F5F88332@DU2PR02MB10160.eurprd02.prod.outlook.com> <BN9PR11MB537185CD3B8C1077D117F74AB8332@BN9PR11MB5371.namprd11.prod.outlook.com> <DU2PR02MB101606621E3E29EE0B95BF12888332@DU2PR02MB10160.eurprd02.prod.outlook.com> <BN9PR11MB5371D498D559F96EB3844191B8332@BN9PR11MB5371.namprd11.prod.outlook.com> <DU2PR02MB101607713AF351617CBBB562688332@DU2PR02MB10160.eurprd02.prod.outlook.com>
X-Mailer: Apple Mail (2.3774.400.31)
Feedback-ID: 1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES
X-SES-Outgoing: 2024.03.20-54.240.48.90
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/sqerWeJVqOT0j-aEdjcEXpVzXME>
Subject: Re: [netconf] Pullback tcp-client-server also?
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Mar 2024 21:32:18 -0000
Thank you Joe for the concrete proposal, and Med for guidance! Question: Why is "uses tcpcmn:tcp-common-grouping” under “local-bind” list? - wouldn’t the keepalive config be independent of the AF? - plus, many other “common” TCP nodes may be added in the future - i.e., though only “keep alive” now, that may not be forever… K. > On Mar 20, 2024, at 2:03 PM, mohamed.boucadair@orange.com wrote: > > Re-, > > Deal! > > Thanks, Joe. > > Cheers, > Med > > > Orange Restricted > > De : Joe Clarke (jclarke) <jclarke@cisco.com <mailto:jclarke@cisco.com>> > Envoyé : mercredi 20 mars 2024 12:59 > À : BOUCADAIR Mohamed INNOV/NET <mohamed.boucadair@orange.com <mailto:mohamed.boucadair@orange.com>>; Mahesh Jethanandani <mjethanandani@gmail.com <mailto:mjethanandani@gmail.com>> > Cc : Netconf <netconf@ietf.org <mailto:netconf@ietf.org>> > Objet : Re: [netconf] Pullback tcp-client-server also? > > > > One minor comment: ‘mandatory true;’ should be removed as this is a key. > > Of course. > > Otherwise, we might get this part defined outside the list, but the structure shared by Joe provides more flexibility to control the connection parameters per AF: > > I considered this and thought if we’re doing the list, might as well add max flexibility. > > Joe > > == > uses tcpcmn:tcp-common-grouping { > refine "keepalives" { > if-feature "tcp-server-keepalives"; > description > "An if-feature statement so that implementations > can choose to support TCP server keepalives."; > } > == > > > Cheer, > Med > > > Orange Restricted > De : Joe Clarke (jclarke) <jclarke@cisco.com <mailto:jclarke@cisco.com>> > Envoyé : mercredi 20 mars 2024 12:34 > À : BOUCADAIR Mohamed INNOV/NET <mohamed.boucadair@orange.com <mailto:mohamed.boucadair@orange.com>>; Mahesh Jethanandani <mjethanandani@gmail.com <mailto:mjethanandani@gmail.com>> > Cc : Netconf <netconf@ietf.org <mailto:netconf@ietf.org>> > Objet : Re: [netconf] Pullback tcp-client-server also? > > As I thought about this more and consider Med’s DHC example, I kept coming back to how services are defined in a UNIX /etc/services file. In Med’s example, DHCPv4 and DHCPv6 each have different services for client and server. If I were implementing the “tcp-server-grouping” for a given service on a host, a leaf-list would be sufficient (as I’d have two different daemons or at least two different config blocks for v4 and v6). > > However, Med is making the point that if this was to be implemented at a controller or higher abstraction level he wants to offer a “DHC” service as a single entity. In this case, he’d like to have all DHC-capabilities under one service config (albeit that is more of an example for UDP server). > > Concretely, I think he is proposing something like the attached snippet (Med, correct me if I’m wrong). In this case, if I had an SSH server as an example that used different ports for different address families I would have (in XML): > > <tcp-server xmlns="urn:ietf:params:xml:ns:yang:ietf-tcp-server"> > <local-bind> > <local-address>0.0.0.0</local-address> > <local-port>22</local-port> > <keepalives> > <idle-time>7200</idle-time> > <max-probes>9</max-probes> > <probe-interval>75</probe-interval> > </keepalives> > </local-bind> > <local-bind> > <local-address>::</local-address> > <local-port>22022</local-port> > <keepalives> > <idle-time>7200</idle-time> > <max-probes>9</max-probes> > <probe-interval>75</probe-interval> > </keepalives> > </local-bind> > </tcp-server> > > Yes, this adds complexity in order to get more flexibility, but you can still do the same ports for a given server such as: > > <tcp-server xmlns="urn:ietf:params:xml:ns:yang:ietf-tcp-server"> > <local-bind> > <local-address>0.0.0.0</local-address> > <local-port>22</local-port> > <keepalives> > <idle-time>7200</idle-time> > <max-probes>9</max-probes> > <probe-interval>75</probe-interval> > </keepalives> > </local-bind> > <local-bind> > <local-address>::</local-address> > <local-port>22</local-port> > <keepalives> > <idle-time>7200</idle-time> > <max-probes>9</max-probes> > <probe-interval>75</probe-interval> > </keepalives> > </local-bind> > </tcp-server> > > > Joe > > From: netconf <netconf-bounces@ietf.org <mailto:netconf-bounces@ietf.org>> on behalf ofmohamed.boucadair@orange.com <mailto:mohamed.boucadair@orange.com> <mohamed.boucadair@orange.com <mailto:mohamed.boucadair@orange.com>> > Date: Tuesday, March 19, 2024 at 21:31 > To: Mahesh Jethanandani <mjethanandani@gmail.com <mailto:mjethanandani@gmail.com>> > Cc: Netconf <netconf@ietf.org <mailto:netconf@ietf.org>> > Subject: Re: [netconf] Pullback tcp-client-server also? > > Re, > > Yes. > > Cheers, > Med > > De : Mahesh Jethanandani <mjethanandani@gmail.com <mailto:mjethanandani@gmail.com>> > Envoyé : mercredi 20 mars 2024 11:27 > À : BOUCADAIR Mohamed INNOV/NET <mohamed.boucadair@orange.com <mailto:mohamed.boucadair@orange.com>> > Cc : Kent Watsen <kent+ietf@watsen.net <mailto:kent+ietf@watsen.net>>; Netconf <netconf@ietf.org <mailto:netconf@ietf.org>> > Objet : Re: [netconf] Pullback tcp-client-server also? > > Hi Med, > > > > On Mar 20, 2024, at 11:04 AM, mohamed.boucadair@orange.com <mailto:mohamed.boucadair@orange.com> wrote: > > Re-, > > As Joe rightfully mentioned, running different instances is likely to happen at the device level. For that case, the leaf-list approach is just fine. > > Now, when the model is reused in upper layers (network or service models), that would not be sufficient. Think about a DHC service model which hides the internal of the service (whether this is dhcp or dhcpv6) but simply needs to expose where the dhc service is enabled: distinct ports are required for that case. > > [mj] So a list of local-address and local-port? > > Cheers. > > > > Cheers, > Med > > De : Kent Watsen <kent+ietf@watsen.net <mailto:kent+ietf@watsen.net>> > Envoyé : mercredi 20 mars 2024 10:48 > À : BOUCADAIR Mohamed INNOV/NET <mohamed.boucadair@orange.com <mailto:mohamed.boucadair@orange.com>> > Cc : Joe Clarke (jclarke) <jclarke@cisco.com <mailto:jclarke@cisco.com>>; Rob Wilton (rwilton) <rwilton@cisco.com <mailto:rwilton@cisco.com>>; netconf@ietf.org <mailto:netconf@ietf.org> > Objet : Re: [netconf] Pullback tcp-client-server also? > > Hi Med, > > Do you mean a list of “local-address + local-port” tuples? > > Can you post a concrete proposal? > > K. > > > On Mar 20, 2024, at 10:36 AM, mohamed.boucadair@orange.com <mailto:mohamed.boucadair@orange.com> wrote: > > > Re-, > > This would address the first cases I mentioned, but not the third one. > > At least some narrative text is needed to explain the intended use of distinct port per AF. A cleaner approach would to model this is as a list keyed per AF. > > Cheers, > Med > > De : Kent Watsen <kent+ietf@watsen.net <mailto:kent+ietf@watsen.net>> > Envoyé : mercredi 20 mars 2024 10:29 > À : Joe Clarke (jclarke) <jclarke@cisco.com <mailto:jclarke@cisco.com>> > Cc : BOUCADAIR Mohamed INNOV/NET <mohamed.boucadair@orange.com <mailto:mohamed.boucadair@orange.com>>; Rob Wilton (rwilton) <rwilton@cisco.com <mailto:rwilton@cisco.com>>; netconf@ietf.org <mailto:netconf@ietf.org> > Objet : Re: [netconf] Pullback tcp-client-server also? > > Thanks Med and Joe. I had a sidebar with Rob and Mahesh, and we’re going to do this update in Auth48. > > Let us (the WG) agree on the exact change. > 1) change ‘leaf’ to ‘leaf-list’ > 2) tweak the ‘description’ to say that it’s a list > > Anything else? Do we need to disallow shadows? (e.g., two wildcards) > > K. > > > On Mar 20, 2024, at 9:02 AM, Joe Clarke (jclarke) <jclarke@cisco.com <mailto:jclarke@cisco.com>> wrote: > > > I agree with Med. Your description is an either/or, but one server might do something like: > > tcp46 0 0 *.9100 *.* LISTEN ç Listen on all v4 and v6 addresses > > Or: > > tcp4 0 0 127.0.0.1.25 *.* LISTEN çListen on just v4 on an explicit address > > Or: > > tcp6 0 0 ::1.25 *.* LISTEN ç Listen on just v6 on an explicit address > > In the first case, I’d think you’d at least need a leaf-list to hold both 0.0.0.0 and ::. In the second two cases, you’d want this service to have a leaf list for 127.0.0.1 and ::1. > > Joe > > From: netconf <netconf-bounces@ietf.org <mailto:netconf-bounces@ietf.org>> on behalf ofmohamed.boucadair@orange.com <mailto:mohamed.boucadair@orange.com><mohamed.boucadair@orange.com <mailto:mohamed.boucadair@orange.com>> > Date: Tuesday, March 19, 2024 at 18:23 > To: Kent Watsen <kent+ietf@watsen.net <mailto:kent+ietf@watsen.net>>, Rob Wilton (rwilton) <rwilton@cisco.com <mailto:rwilton@cisco.com>> > Cc: netconf@ietf.org <mailto:netconf@ietf.org> <netconf@ietf.org <mailto:netconf@ietf.org>> > Subject: Re: [netconf] Pullback tcp-client-server also? > > Hi Kent, all, > > When I initially raised the issue for the UDP grouping, I had in mind any, IPv4/IPv6 explicit address bindings, and eventually listening on distinct port numbers per AF. Given this is a reusable model, these cases should be all covered. > > Cheers, > Med > > De : netconf <netconf-bounces@ietf.org <mailto:netconf-bounces@ietf.org>> De la part deKent Watsen > Envoyé : mercredi 20 mars 2024 06:54 > À : Rob Wilton <rwilton@cisco.com <mailto:rwilton@cisco.com>> > Cc : netconf@ietf.org <mailto:netconf@ietf.org> > Objet : [netconf] Pullback tcp-client-server also? > > Rob, Netconf, > > Regarding support for “dual-stack”, do we need to convert from a “leaf” to a “leaf-list”? > > Please note that the existing text says that a wildcard card may be used to bind to all addresses: > > leaf local-address { > type inet:ip-address; > mandatory true; > description > "The local IP address to listen on for incoming > TCP client connections. INADDR_ANY (0.0.0.0) or > INADDR6_ANY (0:0:0:0:0:0:0:0 a.k.a. ::) MUST be > used when the server is to listen on all IPv4 or > IPv6 address."; > } > > Good enough? > > Kent > > ____________________________________________________________________________________________________________ > Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc > pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler > a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, > Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. > > This message and its attachments may contain confidential or privileged information that may be protected by law; > they should not be distributed, used or copied without authorisation. > If you have received this email in error, please notify the sender and delete this message and its attachments. > As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. > Thank you. > ____________________________________________________________________________________________________________ > Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc > pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler > a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, > Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. > > This message and its attachments may contain confidential or privileged information that may be protected by law; > they should not be distributed, used or copied without authorisation. > If you have received this email in error, please notify the sender and delete this message and its attachments. > As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. > Thank you. > ____________________________________________________________________________________________________________ > Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc > pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler > a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, > Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. > > This message and its attachments may contain confidential or privileged information that may be protected by law; > they should not be distributed, used or copied without authorisation. > If you have received this email in error, please notify the sender and delete this message and its attachments. > As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. > Thank you. > _______________________________________________ > netconf mailing list > netconf@ietf.org <mailto:netconf@ietf.org> > https://www.ietf.org/mailman/listinfo/netconf > > > Mahesh Jethanandani > mjethanandani@gmail.com <mailto:mjethanandani@gmail.com> > > > > > > > ____________________________________________________________________________________________________________ > Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc > pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler > a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, > Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. > > This message and its attachments may contain confidential or privileged information that may be protected by law; > they should not be distributed, used or copied without authorisation. > If you have received this email in error, please notify the sender and delete this message and its attachments. > As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. > Thank you. > Orange Restricted > > ____________________________________________________________________________________________________________ > Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc > pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler > a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, > Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. > > This message and its attachments may contain confidential or privileged information that may be protected by law; > they should not be distributed, used or copied without authorisation. > If you have received this email in error, please notify the sender and delete this message and its attachments. > As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. > Thank you. > Orange Restricted > > ____________________________________________________________________________________________________________ > Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc > pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler > a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, > Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. > > This message and its attachments may contain confidential or privileged information that may be protected by law; > they should not be distributed, used or copied without authorisation. > If you have received this email in error, please notify the sender and delete this message and its attachments. > As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. > Thank you. > _______________________________________________ > netconf mailing list > netconf@ietf.org <mailto:netconf@ietf.org> > https://www.ietf.org/mailman/listinfo/netconf
- Re: [netconf] Pullback tcp-client-server also? mohamed.boucadair
- [netconf] Pullback tcp-client-server also? Kent Watsen
- Re: [netconf] Pullback tcp-client-server also? Joe Clarke (jclarke)
- Re: [netconf] Pullback tcp-client-server also? Kent Watsen
- Re: [netconf] Pullback tcp-client-server also? Joe Clarke (jclarke)
- Re: [netconf] Pullback tcp-client-server also? mohamed.boucadair
- Re: [netconf] Pullback tcp-client-server also? Joe Clarke (jclarke)
- Re: [netconf] Pullback tcp-client-server also? mohamed.boucadair
- Re: [netconf] Pullback tcp-client-server also? Kent Watsen
- Re: [netconf] Pullback tcp-client-server also? mohamed.boucadair
- Re: [netconf] Pullback tcp-client-server also? Mahesh Jethanandani
- Re: [netconf] Pullback tcp-client-server also? mohamed.boucadair
- Re: [netconf] Pullback tcp-client-server also? Joe Clarke (jclarke)
- Re: [netconf] Pullback tcp-client-server also? mohamed.boucadair
- Re: [netconf] Pullback tcp-client-server also? Joe Clarke (jclarke)
- Re: [netconf] Pullback tcp-client-server also? mohamed.boucadair
- Re: [netconf] Pullback tcp-client-server also? Kent Watsen
- Re: [netconf] Pullback tcp-client-server also? Joe Clarke (jclarke)
- Re: [netconf] Pullback tcp-client-server also? mohamed.boucadair
- Re: [netconf] Pullback tcp-client-server also? Scharf, Michael
- Re: [netconf] Pullback tcp-client-server also? Wim Henderickx
- Re: [netconf] Pullback tcp-client-server also? mohamed.boucadair
- Re: [netconf] Pullback tcp-client-server also? Scharf, Michael
- Re: [netconf] Pullback tcp-client-server also? Kent Watsen
- Re: [netconf] Pullback tcp-client-server also? Kent Watsen
- Re: [netconf] Pullback tcp-client-server also? Kent Watsen
- Re: [netconf] Pullback tcp-client-server also? Joe Clarke (jclarke)
- Re: [netconf] Pullback tcp-client-server also? mohamed.boucadair