Re: [netmod] I-D Action: draft-ietf-netmod-syslog-model-28.txt
Kent Watsen <kent+ietf@watsen.net> Fri, 13 January 2023 12:58 UTC
Return-Path: <01000185ab35cc32-3bfbb987-39f7-48ef-a285-8d5159c1cc9e-000000@amazonses.watsen.net>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA5AEC157B45 for <netmod@ietfa.amsl.com>; Fri, 13 Jan 2023 04:58:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.895
X-Spam-Level:
X-Spam-Status: No, score=-1.895 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazonses.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MSzMGGIjMmjT for <netmod@ietfa.amsl.com>; Fri, 13 Jan 2023 04:58:29 -0800 (PST)
Received: from a8-96.smtp-out.amazonses.com (a8-96.smtp-out.amazonses.com [54.240.8.96]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EFDC8C15155B for <netmod@ietf.org>; Fri, 13 Jan 2023 04:58:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=6gbrjpgwjskckoa6a5zn6fwqkn67xbtw; d=amazonses.com; t=1673614707; h=From:Message-Id:Content-Type:Mime-Version:Subject:Date:In-Reply-To:Cc:To:References:Feedback-ID; bh=Hf2qD+fYcWh3U2d0QEHXxMsO+CM27gIESd7n2Us9Xrc=; b=aDn7bFA8TpPXal4ueCY0Smh724yqxFLQ9AZy4D1F5Df+kbR5v3iuhwx3D+3S3Qqc P3tg+cJafd7b41/JidH4b04lJdd0nfRGefsT3XPpecfAXvotngc0k5djnCzs/QXCbm5 3KrPQ7XVe6VA40ixP2Ml0iq4XsCaK7v+grRBg+yI=
From: Kent Watsen <kent+ietf@watsen.net>
Message-ID: <01000185ab35cc32-3bfbb987-39f7-48ef-a285-8d5159c1cc9e-000000@email.amazonses.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_8133EC88-8F9E-4E70-8EFC-78326CFA6012"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
Date: Fri, 13 Jan 2023 12:58:27 +0000
In-Reply-To: <1373706766.1738380.1667417740616@mail.yahoo.com>
Cc: "netmod@ietf.org" <netmod@ietf.org>, "Joe Clarke (jclarke)" <jclarke=40cisco.com@dmarc.ietf.org>
To: Reshad Rahman <reshad@yahoo.com>
References: <166550781186.32963.9887765015952461336@ietfa.amsl.com> <BN9PR11MB5371ECA66CDF56D413BA3069B8239@BN9PR11MB5371.namprd11.prod.outlook.com> <1069671707.1837247.1666017224763@mail.yahoo.com> <0100018430805c7b-626cee46-68f9-4396-9d5f-8d7b795e791e-000000@email.amazonses.com> <1373706766.1738380.1667417740616@mail.yahoo.com>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
Feedback-ID: 1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES
X-SES-Outgoing: 2023.01.13-54.240.8.96
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/6blAurlN4EsPe_dvDwc3x3Qdvx0>
Subject: Re: [netmod] I-D Action: draft-ietf-netmod-syslog-model-28.txt
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Jan 2023 12:58:32 -0000
Hi Reshad, Thank you for explaining. I share your assessment that it the model may not be implementable in rsyslog. I also cannot fault the model nor advocate a change. It is unknown to me how pervasive the issue may be, but the model did go thru a WGLC before, which would've been the time for the various "network OS" vendors to flag issues. Furthermore, there has been no uproar following your message below, in fact, I'm the first to respond. Based on this, my assessment (as both Shepherd and Chair) is to proceed the document now. Kent > On Nov 2, 2022, at 3:35 PM, Reshad Rahman <reshad@yahoo.com> wrote: > > Hi Kent, > > It's not the text, but the way the YANG model is organized v/s rsyslog config+behaviour. > > The YANG model is organized with collectors at the top. e.g. for remote collectors we have a list of destinations, for each destination a facility-list (keyed on facility + severity and ordered-by-user) and for each facility+severity tuple we have an action: "block" or "log". > > rsyslog <https://www.rsyslog.com/doc/master/configuration/actions.html> config is not organized the same way as the YANG model: it first matches on facility+severity and then the action is a "collector" (e.g. destination or logfile) or "stop". "stop" is not the equivalent of "block": once a "stop" is hit, the message is discarded. This means if other destinations were meant to receive this message, they won't. > > So translating/mapping the YANG model to rsyslog config is problematic when "block" is used. As per previous disclaimer, I am no rsyslog expert. If there's anyone who's managed to make it work.... > > And JTBC, I'm not saying the model is wrong since it probably matches how many/most network OSes behave. > > Regards, > Reshad. > > > On Monday, October 31, 2022, 08:03:50 PM EDT, Kent Watsen <kent+ietf@watsen.net> wrote: > > > Reshad, > > Which text in the draft are you pointing to? > > Thanks, > Kent // as Shepherd > > >> On Oct 17, 2022, at 10:33 AM, Reshad Rahman <reshad@yahoo.com <mailto:reshad@yahoo.com>> wrote: >> >> Hi, >> >> I believe this model is hard (impossible?) to implement with rsyslog since with rsyslog as soon as a message is blocked/discarded, no further processing of that message takes place (so other destinations won't get the message either). I don't have a solution proposal, just an observation... >> >> Disclaimer: I'm not a syslog expert and I have no idea what implementations out there typically do. >> >> Regards, >> Reshad. >> >> On Tuesday, October 11, 2022, 01:11:26 PM EDT, Joe Clarke (jclarke) <jclarke=40cisco.com@dmarc.ietf.org <mailto:jclarke=40cisco.com@dmarc.ietf.org>> wrote: >> >> >> This revision does a few things: >> >> >> Addresses comment from 114 to use ct:asymmetric-key-pair-with-cert-grouping instead of ct:asymmetric-key-pair-with-certs-grouping >> Fix Mahesh’s email >> Replace obsolete RFC references >> Adjust some line lengths >> >> This passes YANG validation and IDNITS and addresses all known open comments. >> >> >> We’d like to ask the chairs to conduct another WG LC for this work. >> >> >> Joe >> >> >> From: netmod <netmod-bounces@ietf.org <mailto:netmod-bounces@ietf.org>> on behalf of internet-drafts@ietf.org <mailto:internet-drafts@ietf.org> <internet-drafts@ietf.org <mailto:internet-drafts@ietf.org>> >> Date: Tuesday, October 11, 2022 at 13:04 >> To: i-d-announce@ietf.org <mailto:i-d-announce@ietf.org> <i-d-announce@ietf.org <mailto:i-d-announce@ietf.org>> >> Cc: netmod@ietf.org <mailto:netmod@ietf.org> <netmod@ietf.org <mailto:netmod@ietf.org>> >> Subject: [netmod] I-D Action: draft-ietf-netmod-syslog-model-28.txt >> >> >> A New Internet-Draft is available from the on-line Internet-Drafts directories. >> This draft is a work item of the Network Modeling WG of the IETF. >> >> Title : A YANG Data Model for Syslog Configuration >> Authors : Joe Clarke >> Mahesh Jethanandani >> Clyde Wildes >> Kiran Koushik >> Filename : draft-ietf-netmod-syslog-model-28.txt >> Pages : 41 >> Date : 2022-10-11 >> >> Abstract: >> This document defines a YANG data model for the configuration of a >> syslog process. It is intended this model be used by vendors who >> implement syslog in their systems. >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-ietf-netmod-syslog-model/ <https://datatracker.ietf.org/doc/draft-ietf-netmod-syslog-model/> >> >> There is also an htmlized version available at: >> https://datatracker.ietf.org/doc/html/draft-ietf-netmod-syslog-model-28 <https://datatracker.ietf.org/doc/html/draft-ietf-netmod-syslog-model-28> >> >> A diff from the previous version is available at: >> https://www.ietf.org/rfcdiff?url2=draft-ietf-netmod-syslog-model-28 <https://www.ietf.org/rfcdiff?url2=draft-ietf-netmod-syslog-model-28> >> >> >> Internet-Drafts are also available by rsync at rsync.ietf.org <http://rsync.ietf.org/>::internet-drafts >> >> >> _______________________________________________ >> netmod mailing list >> netmod@ietf.org <mailto:netmod@ietf.org> >> https://www.ietf.org/mailman/listinfo/netmod <https://www.ietf.org/mailman/listinfo/netmod> >> _______________________________________________ >> netmod mailing list >> netmod@ietf.org <mailto:netmod@ietf.org> >> https://www.ietf.org/mailman/listinfo/netmod <https://www.ietf.org/mailman/listinfo/netmod> >
- [netmod] I-D Action: draft-ietf-netmod-syslog-mod… internet-drafts
- Re: [netmod] I-D Action: draft-ietf-netmod-syslog… Joe Clarke (jclarke)
- Re: [netmod] I-D Action: draft-ietf-netmod-syslog… Reshad Rahman
- Re: [netmod] I-D Action: draft-ietf-netmod-syslog… Kent Watsen
- Re: [netmod] I-D Action: draft-ietf-netmod-syslog… Reshad Rahman
- Re: [netmod] I-D Action: draft-ietf-netmod-syslog… Kent Watsen
- Re: [netmod] I-D Action: draft-ietf-netmod-syslog… Joe Clarke (jclarke)
- Re: [netmod] I-D Action: draft-ietf-netmod-syslog… Reshad Rahman