[netmod] Balazs Review of draft-ma-netmod-with-system-02
Balázs Lengyel <balazs.lengyel@ericsson.com> Wed, 23 March 2022 18:47 UTC
Return-Path: <balazs.lengyel@ericsson.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 776283A1924 for <netmod@ietfa.amsl.com>; Wed, 23 Mar 2022 11:47:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.11
X-Spam-Level:
X-Spam-Status: No, score=-7.11 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xsTTCOgKFeq2 for <netmod@ietfa.amsl.com>; Wed, 23 Mar 2022 11:46:58 -0700 (PDT)
Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-vi1eur04on0601.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe0e::601]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7C4E93A192D for <netmod@ietf.org>; Wed, 23 Mar 2022 11:46:57 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=T3rgNOhuDc8dqygvXvvYS1IcBupIVG7jRrlc2z9ld4YDbwGnEgbLlUyvRs4pTlG1pQSNHLpOEQ2s+cyznKkqZDW9lrjsosWIvz5MJnhKtQ9gnIop2JhUv4ggSIKnv1OABagXxx5yV5kGPGjTMLVjiP1RNEAqJTLzngo2Vzmp46Nzb2JXBbgTAdoiJ6kSZ4Sh34fOuzO5CG0zPHGBTUU8KkaeL5U7nap0UGm0KO7ouW85w0aEyueo1uP+6XaQItJaoj2VCnV4EUojTuoth4Mk78O7s/rQa5wlafFPx+ceCGjBiZf9oQ/GzdM+kIDY6r4wT6TtjdsjsKd3bNro67hfAw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=4PoeeQ1zBtMDJ0ajG4sVwN4O/HYA2l4CopJIArjmRBw=; b=nyCadr8+ffIPeQS5RWCZ/8gB/A4ZlrflBzNpfLakLEPIhO+WttqAdPEOaafZ0sfT2z+7c0ukWV18jFAbEphHlbMIWMqxiJ/UMTWUiydqx3yqv8v5ZdoN1rSm2KlwPJm6rAszrZyPpvyrD9Xss2UcATMC+Y4TR/BjRnAIS9UuwqnwWQLRLnvPR3VrDd061kl5O4h/oOB6qE5glLIC0lnNwg3nTUHTfyLOJO05AEnnR/RDKT7afZeIDYcn5PSVNUIadqsvObAWznDBIfpree/iSjBthyjVsNTtMTzFWHuKPYMz0RC3v7zLDDX+R1GnnMYPfsE+K12rd83D++Wyjsk6Gg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4PoeeQ1zBtMDJ0ajG4sVwN4O/HYA2l4CopJIArjmRBw=; b=bbJk8ajv7a2P41nI4kzko8hhaBIJOHtgkwqTYuLKmjcFMUyc+U10AcgiLyTTui7b8IcMNFI2MPgowM3NrbvnUtUHJ6LVAPcTmVjiVCBYaim7ysTPqvRKCZlRFD9ccJGfFBCm1H6b9pS6WJHSNkC/YxH1D2StOLysg+Odv+LZLDA=
Received: from VI1PR0701MB2351.eurprd07.prod.outlook.com (2603:10a6:800:6b::18) by HE1PR0702MB3628.eurprd07.prod.outlook.com (2603:10a6:7:83::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5102.15; Wed, 23 Mar 2022 18:46:51 +0000
Received: from VI1PR0701MB2351.eurprd07.prod.outlook.com ([fe80::c540:395c:7164:f9d2]) by VI1PR0701MB2351.eurprd07.prod.outlook.com ([fe80::c540:395c:7164:f9d2%6]) with mapi id 15.20.5102.016; Wed, 23 Mar 2022 18:46:51 +0000
From: Balázs Lengyel <balazs.lengyel@ericsson.com>
To: "'netmod@ietf.org'" <netmod@ietf.org>
Thread-Topic: Balazs Review of draft-ma-netmod-with-system-02
Thread-Index: Adg+5lrOxLNU2AQyT6eeQUPGrCYxQQ==
Date: Wed, 23 Mar 2022 18:46:51 +0000
Message-ID: <VI1PR0701MB235184BA97687CA841C772AAF0189@VI1PR0701MB2351.eurprd07.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 24ae36ba-fc87-4973-a26a-08da0cfd7e69
x-ms-traffictypediagnostic: HE1PR0702MB3628:EE_
x-microsoft-antispam-prvs: <HE1PR0702MB3628B3F534E6E94BFAE91F92F0189@HE1PR0702MB3628.eurprd07.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 0ltTCIuS2jxBePifl49Z402UqWV+DjbuQzymmrdAy5qOwdB7M4JQpum0fHO0+/uL20WagfqlSX6B68DCN2vZDV0KcMSfXiUV6o9+QqGVgpgROIhLgC+h/M51EeaPI4UkryslzSbcDWRjAGv86PWvMquI2DbEcFZRb4TTMJFH2E5EJIP2A+xpC8GTiN7+69eio2urFBkog8u1QXNwxkGDFwtgcQ/ICXf2YMoOZxiSEzBGwEePzq2jOc+lOTRYSJWMSBqQOh4kBx+MeCOgA90TU4IzCCq+Q6N6GcY68CD2TaKiSusPsZlrnxRPMR4nMySUgp209jND+eAIMhIYF20TpbzpKb/0LFpFOTSZRCAa5AIQJmrK/uBqLFU0zvE1t/qb2pBnZUsD/PgVshkw6WMAnbcX0lEUJcSHGzg+YenY1XmkB+mt5waqOiLDXCGt2ad7xyDSAeIZ8n2XKKUdnVQn+q8O7/UfRQkP1z2+aaoloYi4QwO4iAYEZbXM0xiCXJ83HMKlNcs0I/VJtJex2NMVce2k489+B0fb1LXjZ9T5vlb/bTVylW+ZoYBLngYdXCHDfXptuo0jH4nthYrreWW7GCGSq+e9WR9ovNCDu4KNgp7cOaabk7W2gAnyyZUDVbU99tTqkvNVBu4oMI/413oxIJ1wM9PUnkPk80SVA22uebTgSOc9t8Et7za+hHPSzrv/U2upG9OGgPrI09Yi3ZAOY8V3CRuc9B3oF6uIUQgZShhTttcTjZv/MJ/GoQqshZIBsDuMY7J8G4lkDDSed6Z2oQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1PR0701MB2351.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(26005)(186003)(86362001)(38070700005)(83380400001)(508600001)(9686003)(6506007)(7696005)(82960400001)(55016003)(52536014)(8936002)(9326002)(122000001)(38100700002)(6916009)(2906002)(5660300002)(64756008)(71200400001)(8676002)(66446008)(33656002)(76116006)(66476007)(66946007)(66556008)(316002)(491001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: y8sN4fJ1TNIJKRZ7mAcvQvH6Ol+10gtImFVQIEjvgP1ZyB6g0J7BCBZNjRh2w5KXxeKHbAIg9XywiuuFGFgMNbDieHkxc0JTa0YPY+kh/ihBAxNwLoeQbPF4jNXMCOMY3SZux3nTeiE/HFeuckUp7VMwPft9frMjOodu4jeSOiZ8UsqNqkEajFDgLohvj1wJMdw1sj9QTSTqfdNljOIzlsvnTGzddYZ/UvioLzsV7mYPAxdizOEEpSmUc/NyTVfZjOaP3J+T4wLEuotFyfgvocaDTGnnkxXXJylHO2XoSBKsQFHN9i7ujHvcgeAaAhjIhYUWIgn2NwpYHsYTxWqWz6kTyGTDJ+COcsexQlgsFLW2QCmwopVeD2CN3ZBcCrYJKO27Tjn5gdJ25pGkfkCQ6POh2W4ksgPzp0Zc3BhcllWR85NhHgkbvKg7hmazimJ2H0ibr5JOEyH60J3rsQDaTRb8Jlm6K8DLykuJRGqXIt8LKaOAhyA7f7EeBht144D6KRFoe6r6f8acvMzUPpnGUaoDrHIkzGTap+2HLot2ys0VjXJIOCYXCUIbT9oZdCPM82yuryRrshpUl9FvO9sX1P9C6/8Qigy4LuSUs7yjjveUEZmlbOKzVUZuiV3DcmSPL9k3be29BTYpNXSRUGkYS0htOuOOCYVQL0XPAU/F8p+iAkgUo6RFlMmwThf8ZTm1zbOUKlwc40UVUrlBi1i0xVRwgLYM8ZfW6JLMpf17zpOKR86yOY8da0IjxjrQ1fQtptPgLZM+qLtGDE4j8BdilLj8EcQZf4pxRaVE5QADSGe+QapAfmv7NZkgKOTVy49bq989kvWA5+0aTy8XAi/UW5LEZ60vHO7Z3NDsCNuzLqP3QgeLuG0Qynr9gNYQkPg07Nq1fjQ7m2T/4zOTA+gWEJbnZZvzHQnCbZVNjfAt+6ouPxmWcia2uZQda2ZiOjKAliwGs1WNyx5RyW53aeMSj/qFK35FE960cKmyavQyD+GLCcc0aKFNRKWlQKOCYLuRy/90Lp0PMGLOCc24nI/vP09ZcnjO6+OQNv9lxIpe+nn8ScmTbw6rM1SGp0x4TjBMKpe5emrYRv4l/UKtF0bOXQiCXPotfzr9jEfiM4SPFSBwgbopJO27ECgfC9D0YfzOjnqcFOPVoi+KMAEYVc8XhfPBadRzQWBHCcb+vFZvISCQ2a/oAG9kM+lbxK8Qqx2uYNnXMQqwxsNPY7yxng/3CxcSbFsYOVPYf3zcbvtWx8/OvB/+9Hy1gfz4bSxAPx481SpAoY/BLG64U8CUIbikmjyEYxlgN8sTmdpxJj9E/hNQn96j+zNNaqu8mOHv/RsC1s6/YdUgR6uW15GwvzHZBudx7Eusj/+XilWrvsdAWLQ4XoBhP6MbwP6Tj7d2l3Tv0k/G/0UNI42NPZ41LMty6ndTosOqO9DJCJXU15uCrZhiEeKr4rm4MT1cAWOejNTmUHMUf+pAYG/0gQqtwZGQGg==
Content-Type: multipart/alternative; boundary="_000_VI1PR0701MB235184BA97687CA841C772AAF0189VI1PR0701MB2351_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: VI1PR0701MB2351.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 24ae36ba-fc87-4973-a26a-08da0cfd7e69
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Mar 2022 18:46:51.2207 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 1frWxMY7cU4S7eyXNZU1yxdXpo6hWC8cWxTiqZAyHHkY1x9vdnRz5dShRf0p/tkXiynVi/nMV24L0J4Bts5ecgRIjtO0pWehf65d2tmtCUs=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0702MB3628
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/6nwhGwhlv0o7cMR-GzCzzNAdeGo>
Subject: [netmod] Balazs Review of draft-ma-netmod-with-system-02
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Mar 2022 18:47:04 -0000
Hello, I did a detailed review of the system draft. My comments questions are below. Regards Balazs =========================================================== General) I think this work is important and valuable, but it needs quite a lot improvements. The term system-configuration is used confusingly. Does system-configuration reside in the <system> datastore only or can it reside in the <running> datastore too? If system-configuration is copied by the client (<get-data>+<edit-config>) into the <running> datastore is it still system-configuration? It is set by the client this time not the system. Some terminology is needed to indicate that you mean a specific data node IN A SPECIFIC DATASTORE. The same data node (according to the path in the data tree) in different datastores need to be referenced separately. Does the solution allow conditional system configuration? (E.g., if the client creates an OSPF interface the system inserts a child leaf into it) 1.1) If system shares the same schema as running that would force it to populate mandatory nodes. That might be a problem. State that mandatory or min-elements might not be enforced in <system>. 1.3) "client may overwrite values of configurations defined in <system>" However it also states: The contents of <system> datastore are read-only These seem to contradict. Please clarify. 1.4) Shoudn't copy-config also be effected? Copy-config might also need system configured items. It should be mentioned that the same "resolution" is also needed after a node-restart. What does populate mean? Is it the same as "copy from system to running" ? If yes please use that terminology. Populate is not as specific. 2) In the subchapters (and later) you use the terms provided, activated, applied. I am not sure what this means. Is a not yet applied item present in the <system> datastore or only when it is applied? If I do a get-data on <system> will I receive not-applied data nodes? What is the difference between an applied and an activated data node and an applied but not activated data node? I would rather see terminology like: - is present in the <system> datastore - is not yet present in the <system> datastore, but the system will create it in the <system> datastore when a condition is fulfilled. How is it defined for specific schema nodes which kind of system-data it is ? Free English text? Is it needed to define this formally or is it enough if the server knows this? 2.2) Isn't the best example for this, when the functionality is licensed and the license key is inserted? 3.1) <factory-default> is also read-only so why is that better to store deletable data ? Did you mean that system-config originated data cannot be delete even if it is copied over to running? Is that true both for explicit NBI originated copy and copy due to resolve-system? 3.2) If something was populated/copied over to running/candidate will/should any changed system values be copied over again thereby updating the running/candidate datastores? Can this result in the running becoming invalid? 4.1) You write "The client may reference nodes defined in <system>, overwrite values of configurations defined in <system>" IMHO the data nodes in <running> and <system> are 2 different things even if they reside on the same path in the data tree. You need to find terminology to differentiate between the same(-path) data nodes in different datastores. The current terminology is confusing, I need to guess which datastore you mean. I think this guessing process might hide problems. Do you mean here: "The client may reference nodes defined in <system> if they are copied into <running>/<candidate> as a result of an explicit copy or resolve-system parameter." For me referencing a data node in running and referencing a data node in <system> (even if they share the same address in the data tree) are 2 separate things. I don't think you want to create a reference that point between datastores. Do you mean here: "overwrite values of the data nodes that were created by copying from the <system> datastore." "<running> MAY overwrite and/or extend <system>" this means that the data nodes in system are modified although they are readOnly. Is this what you mean? Clarify! "Note that only <system> aware clients copy referenced system nodes from <system>" How does the server know if the client is system-aware? It would be better to state something like: 'In order for the system configuration to affect validation the client needs to either use the resolve-system parameter or explicitly copy system configuration into running' Last para: The server has no way to know if the client is system aware. Once the data nodes are copied into <running> there is no need to say more. 4.2 "If the "resolve-system" parameter is not given by the client, the server MUST NOT modify <running> in any way not specified by the client." I very strongly OBJECT. - It is a bad idea. - This is a big NBC change to Netconf/YANG. - Other SDOs (3GPP, O-RAN) depend on the capability to modify <running>. They have data nodes where it is stated that list entries are not created by the client. - This would need a revision 2 of YANG. - It is also unenforceable. It would be possible to work around it. The system instantiates an onboard client to do the changes AND the system prohibits the change for other clients. However this is just a more complicated way of stating that the system itself modifies running; we gain nothing but make the world more complicated. 4.3 Paragraph-1 sentence 2 & 3 are trivial thus not needed. If you configure something in running it becomes part of running independent of this draft. Mention that the system itself can also copy over parts or the complete system configuration into running. 4.4 In some cases, a server may allow some parts of system configuration to be modified. List keys in system configuration can't be changed by a client, but other descendant nodes in a list entry may be modifiable or non-modifiable. This contradicts the statement that the <system> datastore is readOnly. "Client configuration statements in <running> take precedence over system configuration nodes in <system>" Instead of hiding this sentence in the middle of a subchapter, there should be a separate chapter about merging running and system into intended, stating that running has precedence. This a tier 1 important statement ! There could be some interesting corner cases. Once the data is in running, AFAIK the knowledge about why is it there is lost, so terms like "client configuration" are hard to understand. That sounds more like a use-case than a rule. "While modifying (overriding) system configuration nodes may be supported by a server, there is no mechanism for deleting a system configuration node." Once the node is in the <running> datastore if it is not mandatory it is possible to remove it. What prevents it? What if it was the client that copied the configuration into <running>? Is the client forbidden to remve something that it created itself? I don't think so. 5. "datastore does not have to persist across reboots." 'I would say: The content of the datastore is removed at reboot and re-created by the system with the same or changed content.' IMHO it is important to state that there will be some reasonable content in the <system> datastore even if it might have changed. 7.1 "Comment: How does a RESTCONF client know if the RESTCONF server implements the "resolve-system" parameter?" Make it a capability in the hello message like with-defaults. 7.2 The placement of resolve-system is sometimes incorrect. It shall be inside the <edit-config> element.
- [netmod] Balazs Review of draft-ma-netmod-with-sy… Balázs Lengyel
- Re: [netmod] Balazs Review of draft-ma-netmod-wit… maqiufang (A)
- Re: [netmod] Balazs Review of draft-ma-netmod-wit… Balázs Lengyel
- Re: [netmod] Balazs Review of draft-ma-netmod-wit… Jan Lindblad
- Re: [netmod] Balazs Review of draft-ma-netmod-wit… Balázs Lengyel
- [netmod] Email Request Kent Watsen
- Re: [netmod] Balazs Review of draft-ma-netmod-wit… maqiufang (A)
- Re: [netmod] Balazs Review of draft-ma-netmod-wit… Balázs Lengyel
- Re: [netmod] Balazs Review of draft-ma-netmod-wit… maqiufang (A)
- Re: [netmod] Balazs Review of draft-ma-netmod-wit… Jan Lindblad
- Re: [netmod] Balazs Review of draft-ma-netmod-wit… Balázs Lengyel
- Re: [netmod] Balazs Review of draft-ma-netmod-wit… Kent Watsen
- Re: [netmod] Balazs Review of draft-ma-netmod-wit… maqiufang (A)