Re: [netmod] AD review: draft-ietf-netmod-revised-datastores-08

Juergen Schoenwaelder <> Thu, 21 December 2017 13:20 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 8B33312D868 for <>; Thu, 21 Dec 2017 05:20:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Op0Ox9PKH5-O for <>; Thu, 21 Dec 2017 05:20:33 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 6A72E12D867 for <>; Thu, 21 Dec 2017 05:20:33 -0800 (PST)
Received: from localhost ( []) by (Postfix) with ESMTP id 3B22A731; Thu, 21 Dec 2017 14:20:32 +0100 (CET)
X-Virus-Scanned: amavisd-new at
Received: from ([]) by localhost ( []) (amavisd-new, port 10032) with ESMTP id aq59LaczcuWY; Thu, 21 Dec 2017 14:20:31 +0100 (CET)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "", Issuer "Jacobs University CA - G01" (verified OK)) by (Postfix) with ESMTPS; Thu, 21 Dec 2017 14:20:32 +0100 (CET)
Received: from localhost ( []) by (Postfix) with ESMTP id 2768620130; Thu, 21 Dec 2017 14:20:32 +0100 (CET)
X-Virus-Scanned: amavisd-new at
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id UQf4N_k0qIUS; Thu, 21 Dec 2017 14:20:31 +0100 (CET)
Received: from elstar.local ( []) by (Postfix) with ESMTP id 4CC9E20073; Thu, 21 Dec 2017 14:20:31 +0100 (CET)
Received: by elstar.local (Postfix, from userid 501) id 1BBB841F6C1F; Thu, 21 Dec 2017 14:20:30 +0100 (CET)
Date: Thu, 21 Dec 2017 14:20:30 +0100
From: Juergen Schoenwaelder <>
To: Vladimir Vassilev <>
Cc: Robert Wilton <>, NETMOD Working Group <>
Message-ID: <20171221132030.7zebh2xkhddmql3c@elstar.local>
Reply-To: Juergen Schoenwaelder <>
Mail-Followup-To: Vladimir Vassilev <>, Robert Wilton <>, NETMOD Working Group <>
References: <> <> <> <> <>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Disposition: inline
X-Clacks-Overhead: GNU Terry Pratchett
Content-Transfer-Encoding: 8bit
In-Reply-To: <>
User-Agent: NeoMutt/20171215
Archived-At: <>
Subject: Re: [netmod] AD review: draft-ietf-netmod-revised-datastores-08
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: NETMOD WG list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 21 Dec 2017 13:20:35 -0000

On Thu, Dec 21, 2017 at 02:03:45PM +0100, Vladimir Vassilev wrote:
> On 12/21/2017 11:34 AM, Robert Wilton wrote:
> > Hi Vladimir,
> > 
> > First point of clarification is that this is not about running/intended
> > at all.  The contents of running/intended do not change in anyway
> > depending on whether hardware is present or absent.
> > 
> > The section is only concerned with how the configuration is applied in
> > operational, and basically says that you cannot apply configuration for
> > resources that are missing (which seems reasonable).  E.g. I cannot
> > configure an IP address on a physical interface that isn't there.  Or if
> > the physical interface gets removed then the configuration associated
> > with that interface is also removed from operational.
> > 
> > Operational isn't validated and data model constraints are allowed to be
> > broken (ideally transiently).
> I want to focus on this. IMO giving up schema validitiy for any datastore is
> unacceptable price. Pre-NMDA devices had full model support in operational
> data (all YANG constrains part of the model without discrimination were
> enforced).

There was a long debate about the value of returning the true
operational state. What do you do if the operational state is invalid?
A server can reject configuration changes if they lead to invalid
state, a server can not reject reality.

> If this is about to change it will compromise interoperability
> and a significant portion of the client implementation workload that can be
> automated will need to be coded in hand and tested. Unresolved leafrefs,
> undefined behaviour of different implementations removing different
> configuration nodes in violation of YANG semantic constraints (which I do
> not think can be so clearly separated from the syntactic constraints when
> one considers types like leafref, instance-identifier etc.) and the
> corresponding side effects based on the server implementators own creativity
> is eventually going to create more problems.
> 1. IMO the only acceptable solution is to have YANG valid operational
> datastore at all times. operational like any other datastore MUST be valid
> YANG data tree and it has to be a system implementation task to consider all
> complications resulting from the removal of the resources leading to any
> data transformations. If this is difficult or impossible other mechanisms to
> flag missing resources should be used (e.g.
> /interfaces/interface/oper-status=not-present) This sounds like a useful
> contract providing the value of a standard the alternative does not.

As said above, it is impossible to report valid operational state if
the operational state is not valid according to the models.

> 2. Even with the change in 1. I do not see the removal of intended
> configuration nodes from operational as a solution worth implementing on our
> servers. I do not see a real world plug-and-play scenario that can be
> automatically solved without specific additions to the models e.g.
> /interfaces/interface/oper-status=not-present is oversimplified solution but
> it needs to be extended exactly as much as the solution provided by the
> removal of config true; nodes without the sacrifice of YANG validity of
> operational.

Your thinking is likely wrong. <operational> reports the operational
state. It may have little in common with <intended>. Trying to derive
operational from intended is likely a not well working approach.

> 3. Solutions like /interfaces/interface/admin-state stop working. With the
> interface removed you can no longer figure if the if-mib has or does not
> have the interface enabled so an operator has to use SNMP or wait for a
> replacement line card to be connected to figure this bit of information.

At least on my boxes, if I remove a line card, the interface also
disappears in SNMP tables. Stuff that is operationally not present is
simply operationally not present.

> My
> interpretation of the MAY as requirement level in sec. 5.3. The Operational
> State Datastore (<operational>) is that plug-and-play solutions can be
> implemented without this limited approach that has the same problem as the
> pre-NMDA only now we have to have /interfaces-state to keep config false;
> data relevant to hardware that is configured but not present:
>    configuration data nodes supported in a configuration datastore
>    MAY be omitted from <operational> if a server is not able to
>    accurately report them.
> I realize this discussion comes late. I have stated my objections to this
> particular part of the NMDA draft earlier.

I believe there is a conceptual misunderstanding. I think there never
was a requirement that a server reports the state of hardware that is
not present.


Juergen Schoenwaelder           Jacobs University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
Fax:   +49 421 200 3103         <>