IETF Logo Mail Archive

Re: [Netconf] Subscribed-notifications, replay objects

"Eric Voit (evoit)" <evoit@cisco.com> Thu, 20 July 2017 16:10 UTC

Return-Path: <evoit@cisco.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B49A0127136 for <netconf@ietfa.amsl.com>; Thu, 20 Jul 2017 09:10:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.512
X-Spam-Level:
X-Spam-Status: No, score=-14.512 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZICwZTzGexb6 for <netconf@ietfa.amsl.com>; Thu, 20 Jul 2017 09:10:00 -0700 (PDT)
Received: from rcdn-iport-7.cisco.com (rcdn-iport-7.cisco.com [173.37.86.78]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 21633126C22 for <netconf@ietf.org>; Thu, 20 Jul 2017 09:10:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=35883; q=dns/txt; s=iport; t=1500567000; x=1501776600; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=vPXXebzvFnof+rW/4pAv1Y8jl7A76Pfd5fx9Ax/nGxE=; b=ZAYdUrWy0N5qioQYD5nmRM3UQT7bCLBw9Wmw0ykn5M2f+e6u+bJTTZao H4rpxd1kTUPPKImoiimUIKY3JMu177BCpMDUOVTn79moIZuYp0A0LvL+B jUmQhHHSwWvx7UXylKWlqfavROrrR+pM3WvG9jetX3Cfiz+VyuSaRSBA4 E=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0DJAADI1HBZ/49dJa1TCRoBAQEBAgEBAQEIAQEBAYJva2SBFAeOBJFndJURghEhAQqETE8Cg3U/GAECAQEBAQEBAWsohRgBAQEBAwEBK0EJEgIBCBEEAQEOEwEGBycLFAkIAQEEARIIE4kwZBC0NSeKeAEBAQEBAQEBAQEBAQEBAQEBAQEBARgFgyiDTYFhgnA0hDsICgFShT4FiXCIS40DAosTiHyCFZAohmyCXIwVAR84fwt1FUmHFnaHSYEjgQ4BAQE
X-IronPort-AV: E=Sophos;i="5.40,384,1496102400"; d="scan'208,217";a="270596034"
Received: from rcdn-core-7.cisco.com ([173.37.93.143]) by rcdn-iport-7.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 20 Jul 2017 16:09:58 +0000
Received: from XCH-RTP-013.cisco.com (xch-rtp-013.cisco.com [64.101.220.153]) by rcdn-core-7.cisco.com (8.14.5/8.14.5) with ESMTP id v6KG9vv5026125 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 20 Jul 2017 16:09:58 GMT
Received: from xch-rtp-013.cisco.com (64.101.220.153) by XCH-RTP-013.cisco.com (64.101.220.153) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Thu, 20 Jul 2017 12:09:57 -0400
Received: from xch-rtp-013.cisco.com ([64.101.220.153]) by XCH-RTP-013.cisco.com ([64.101.220.153]) with mapi id 15.00.1210.000; Thu, 20 Jul 2017 12:09:57 -0400
From: "Eric Voit (evoit)" <evoit@cisco.com>
To: Balazs Lengyel <balazs.lengyel@ericsson.com>, "netconf@ietf.org" <netconf@ietf.org>
Thread-Topic: [Netconf] Subscribed-notifications, replay objects
Thread-Index: AdL6jQKsgFcPqmTMSTmDua09pznt2wG8jdeAAAeOH0A=
Date: Thu, 20 Jul 2017 16:09:57 +0000
Message-ID: <7477f8561a5b4632a8f64f14af956889@XCH-RTP-013.cisco.com>
References: <d961ce619dcb4c4b97ad651ab6f0c894@XCH-RTP-013.cisco.com> <ff0c525d-a2ee-92cc-edb9-d38bd9946c1f@ericsson.com>
In-Reply-To: <ff0c525d-a2ee-92cc-edb9-d38bd9946c1f@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.118.56.228]
Content-Type: multipart/alternative; boundary="_000_7477f8561a5b4632a8f64f14af956889XCHRTP013ciscocom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/xiz11dPzsZw64f9hKzCkdbnXfU4>
Subject: Re: [Netconf] Subscribed-notifications, replay objects
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Network Configuration WG mailing list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Jul 2017 16:10:03 -0000

Hi Balazs,

There is value of being able to resend/replay lost on-change updates.  Let's figure out the best way to frame this.

First let's establish the scope.  As datastore changes need to be applied in sequence, patching a datastore with replayed data could require that you first back out any subsequent changes which were applied on the receiver's objects (if any).  Is Ericsson considering the backed-out scenario as part of replay scope?   At this point I am assuming no, but we don't want to define any technology mechanisms which might preclude this in the future.

Per the discussion during today's NETCONF session.  It seems risky to ask for on-change replay based on timestamps (at least for generalized implementations).  There are two issues for me here:

(1) Which timestamps should be used, & what about notification delay? A pure time based replay as part of a generic on-change capability could have loss/duplication, particularly as change-updates can be dampened and batched.

*       As you noted in your parallel thread: "Many systems don't differentiate between notification time and record-time."

*       With dampening, you need to know when the update actually got sent.  I.e., you need to look at the notification time rather than the time a change was made to a datastore.

*       When replay state time & notification time timestamps are really close, maintaining the integrity or the receiver's datastore extract would need to be done by looking at whether a notification was sent or not.

(2) Replay from what?

*       An attempt to replay on-change notifications means that there was a previous dynamic subscription with identical parameters previously in place.  In addition, it must be possible to reconstruct deltas from that previous dynamic subscription. (This is not an issue for configured subscriptions, and therefore it is not an issue for the multiple-receiver case.)

*       There is not a meaningful difference in providing one patch operation representing all changes, and incremental patch operations.

Based on this, it would seem to me that on-change replay should be done based on an augmentation to the establish-subscription RPC.  This augmentation would allow an the addition of the input object "previous-subscriptions-last-notification-id".  Having that parameter tightly focuses the viable use and security of this type of replay.  As notification-id is defined in draft-voit-netconf-notification-messages, it seems like we need this nail this down in conjunction with that draft.  Perhaps the RPC augmentation could be added here?

BTW: In the original version of draft-voit-netmod-yang-notifications2, we allowed random access in case receivers wanted to get past information.  This random access was seen as overkill by some.  If we want a more robust replay capability than above, we should revisit this.

Eric

From: Balazs Lengyel [mailto:balazs.lengyel@ericsson.com]
Sent: Thursday, July 20, 2017 9:40 AM
To: Eric Voit (evoit) <evoit@cisco.com>; netconf@ietf.org
Subject: Re: [Netconf] Subscribed-notifications, replay objects


Hello Eric,

We have been using replay for on-change notifications in our own ericsson solution. I would not like to loose that possibility. I agree that replay is not that useful on periodic subscriptions, but it is usable for on-change. We use on-change notifications for configuration mirroring. If we loose the notification session for some time, it is much cheaper to replay the lost notifications then to get a full config update.

regards Balazs

On 2017-07-11 23:55, Eric Voit (evoit) wrote:
In an email earlier today, Martin pointed out replay was under-defined.  To fix this, below is suggested text and yang objects.  The goal of this is keep this as close to RFC-5277 as possible.


So following would replace the text in Section 4.1.1



Replay provides the ability to establish an event subscription which is also capable of passing along recently generated events.  In other words, as the subscription initializes itself, it sends any previously generated notifications for the target event stream which meet the filter and timeframe criteria.  These historical events would then be followed by events generated after the subscription has been established.  All events will be delivered in the order generated.  Replay is only viable for dynamic subscriptions.  Replay is an optional feature.   Replay is dependent on a notification stream supporting some form of notification logging, although it puts no restrictions on the size or form of the log, or where it resides within the device.



The presence of a replay-start-time within an establish-subscription RPC is the way a replay may be been requested.  The provided start time must be earlier than the current time.  If the start time points earlier than the maintained history of Publisher's event buffer, then the subscription must be rejected.  In this case the error response to the <establish-subscription> request should include a start time supportable by the Publisher. An end time may be specified using the optional stop-time parameter, which may also be earlier than the current time.  If no stop-time is present, notifications will continue to be sent until the subscription is terminated.



Not all streams will support replay.  Those that do must include the <replay-supported> flag.  In addition, a notification stream that does support replay is not expected to have an unlimited supply of saved notifications available to accommodate any given replay request.  Subscribers may do a get on <replay-log-creation-time> and <replay-log-aged-time> to assess the availability of notifications for replay.  The actual number of stored notifications available for retrieval at any given time is a publisher specific matter.   Control parameters for this aspect of the feature are outside the scope of this document.





The updated data model tree in Section 3 will includes:.
    +--ro streams
       +--ro stream* [stream]
          +--ro stream
          +--ro description
          +--ro replay-support?
          +--ro replay-log-creation-time?
          +--ro replay-log-aged-time?


And for the YANG model in Section 9, we have:
(Note: all definitions taken from RFC-5277 section 3.4)

  container streams {
    config false;
    description
      "This container contains information on the built-in streams
      provided by the publisher.";
    list stream {
      key "stream";
      description
        "Identifies the built-in streams that are supported by the
         publisher.";
      leaf stream {
        type stream;
        description
          "A handle for a sequential set of events, each of which
           is characterized by its own domain and semantics.
           In case configurable custom streams are supported,
           as indicated by the custom-stream identity, the configuration
           of those custom streams is provided separately.";
      }
      leaf description {
        type string;
        mandatory true;
        description
          "A description of the event stream, including such information
           as the type of events that are sent over this stream.";
      }
      leaf replay-support {
        type empty;
        description
          "Indicates that event replay is available on this stream.";
      }
      leaf replay-log-creation-time {
        type yang:date-and-time;
        description
          "The timestamp of the creation of the log used to support the
          replay function on this stream. Note that this might be
          earlier then the earliest available notification in the log.
          This object is updated if the log resets for some reason.
          This object MUST be present if replay is supported.";
      }
      leaf replay-log-aged-time {
        type yang:date-and-time;
        description
          "The timestamp of the last notification aged out of the log.
          This object MUST be present if replay is supported and any
          notifications have been aged out of the log.";
      }
    }
  }

As always, thoughts and comments welcome.

Eric




_______________________________________________

Netconf mailing list

Netconf@ietf.org<mailto:Netconf@ietf.org>

https://www.ietf.org/mailman/listinfo/netconf



--

Balazs Lengyel                       Ericsson Hungary Ltd.

Senior Specialist

Mobile: +36-70-330-7909              email: Balazs.Lengyel@ericsson.com<mailto:Balazs.Lengyel@ericsson.com>

v2.23.0 | Report a Bug | By Email