IETF Logo Mail Archive

[netmod] 答复: 答复: Comments on draft-ma-netmod-immutable-flag-06

"Fengchong (frank)" <frank.fengchong@huawei.com> Wed, 26 April 2023 09:13 UTC

Return-Path: <frank.fengchong@huawei.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D493CC15152C for <netmod@ietfa.amsl.com>; Wed, 26 Apr 2023 02:13:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UDuBRYnZwkF9 for <netmod@ietfa.amsl.com>; Wed, 26 Apr 2023 02:13:31 -0700 (PDT)
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com [185.176.79.56]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F41FEC151547 for <netmod@ietf.org>; Wed, 26 Apr 2023 02:13:30 -0700 (PDT)
Received: from lhrpeml100001.china.huawei.com (unknown [172.18.147.200]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4Q5tT21nM0z6DBBr for <netmod@ietf.org>; Wed, 26 Apr 2023 17:13:26 +0800 (CST)
Received: from dggpemm500003.china.huawei.com (7.185.36.56) by lhrpeml100001.china.huawei.com (7.191.160.183) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23; Wed, 26 Apr 2023 10:13:27 +0100
Received: from dggpemm500003.china.huawei.com (7.185.36.56) by dggpemm500003.china.huawei.com (7.185.36.56) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23; Wed, 26 Apr 2023 17:13:25 +0800
Received: from dggpemm500003.china.huawei.com ([7.185.36.56]) by dggpemm500003.china.huawei.com ([7.185.36.56]) with mapi id 15.01.2507.023; Wed, 26 Apr 2023 17:13:25 +0800
From: "Fengchong (frank)" <frank.fengchong@huawei.com>
To: Jürgen Schönwälder <jschoenwaelder@constructor.university>
CC: Kent Watsen <kent+ietf@watsen.net>, "maqiufang (A)" <maqiufang1=40huawei.com@dmarc.ietf.org>, "netmod@ietf.org" <netmod@ietf.org>, "Jan Lindblad (jlindbla)" <jlindbla@cisco.com>
Thread-Topic: 答复: [netmod] Comments on draft-ma-netmod-immutable-flag-06
Thread-Index: AQHZY5/rnoEbFB29eUSkCppbFcSdG68ZbNSAgACw7gCAAl3DQIAAcC/1gAKCiACABkG+AIAE6NqAgA3xXoCAAVtO8IABg9UAgAAiJACAAWh6EP//09UAgACH1OA=
Date: Wed, 26 Apr 2023 09:13:25 +0000
Message-ID: <90d3bf80919a4d86ac3e2dd43bfae56f@huawei.com>
References: <BY5PR11MB419677D444D44125DD69C91CB5909@BY5PR11MB4196.namprd11.prod.outlook.com> <0100018752302133-19bdf548-f01c-4b78-931e-6be80ec494fa-000000@email.amazonses.com> <b8e370d2ad5042c99c6f0d98345d3c5b@huawei.com> <C2D8A539-4AF9-44FA-92E8-9A9DC6CE7971@cisco.com> <d37925b807604b76b92cbf2f32341dab@huawei.com> <01000187ae695684-69ae4a4b-eeb9-4827-8b65-ff590ed52db7-000000@email.amazonses.com> <793be10da43c4958aa7565dd8c29f16c@huawei.com> <20230425095020.areq7etekgquaqyi@anna> <01000187b8421975-108a6801-0ab0-4c40-8df9-46702a08d602-000000@email.amazonses.com> <ba0c6cd1ac7646feaf0704a6cdff2a7b@huawei.com> <20230426064438.6rv7bshdvwc44to6@anna>
In-Reply-To: <20230426064438.6rv7bshdvwc44to6@anna>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.136.113.127]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/6oCEAxa19wJCvXtoyulojgyZjb8>
Subject: [netmod] 答复: 答复: Comments on draft-ma-netmod-immutable-flag-06
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Apr 2023 09:13:34 -0000

Hi Jurgen,

 If you replace a linecard, you have to create some new interfaces in system, if you want to configure them. You don't need to replace the value of leaf.

Modifying the value of if-type has no value for users(uses have to double check the result, comparing between running/intended with operational datastore, even if the configuration is valid), this behavior should not be encouraged.



-----邮件原件-----
发件人: Jürgen Schönwälder [mailto:jschoenwaelder@constructor.university] 
发送时间: 2023年4月26日 14:45
收件人: Fengchong (frank) <frank.fengchong@huawei.com>
抄送: Kent Watsen <kent+ietf@watsen.net>; maqiufang (A) <maqiufang1=40huawei.com@dmarc.ietf.org>; netmod@ietf.org; Jan Lindblad (jlindbla) <jlindbla@cisco.com>
主题: Re: 答复: [netmod] Comments on draft-ma-netmod-immutable-flag-06

I am not sure I follow. If I replace the line card, I may have to update the type of the interface config. Why would this be disallowed?

In the NC world, config is applied to resources. Validation is against the data model, not against the resources currently present on a system. See for example RFC 6241 section 8.6.1. with starts with:

   Validation consists of checking a complete configuration for
   syntactical and semantic errors before applying the configuration to
   the device.

This is why we have the notion of <running> -> <intended> -> <applied>.  Initially, we did not expose <applied> but operationally the possible difference between <running> and <applied> is important enough that we started to expose it. But the point here is that the resources available do not influence whether <running> is valid. A valid configuration satisfies the data model constraints, it does not necessarily satisfy the resource constraints.

/js

On Wed, Apr 26, 2023 at 01:36:37AM +0000, Fengchong (frank) wrote:
> Hi Kent,
>   Some nodes that are originally read-only have to appear in running because they are referenced by other configurations.
>   For example, the type of interface, many other configurations may reference it.
>   Just as:
>   container Ethernet-related {
>     when ../type = 'ethernet'
>     ....
>   }
>   So the leaf 'type' have to act as a configuration node to make the running datastore valid. But in fact, the value of leaf 'type' should not be changed. 
>   So it's marked with 'immutable' is reasonable. If someone try to modify it, reporting error from server should be acceptable.
> 
> 
> 
> -----邮件原件-----
> 发件人: netmod [mailto:netmod-bounces@ietf.org] 代表 Kent Watsen
> 发送时间: 2023年4月25日 19:53
> 收件人: Jürgen Schönwälder <jschoenwaelder@constructor.university>
> 抄送: maqiufang (A) <maqiufang1=40huawei.com@dmarc.ietf.org>; 
> netmod@ietf.org; Jan Lindblad (jlindbla) <jlindbla@cisco.com>
> 主题: Re: [netmod] Comments on draft-ma-netmod-immutable-flag-06
> 
> 
> Hi Jürgen,
> 
> > My assumption so far is that an interface configuration is matched 
> > against hardware and it is applied if there is matching hardware. In 
> > other words, if an edit makes the interface configuration not match 
> > the hardware anymore, then the config is simply not applied anymore 
> > and the interface is left unconfigured. (The same would happen if 
> > you replace an interface with another that does not match the 
> > current
> > config.) The idea that an interface configuration becomes partly 
> > immutable once it is applied to a matching physical interface is not 
> > really reflecting how I understand the design of N/Y.
> 
> My understanding is the same, so I assume there's a nuance in the detail.
> Let's use this example:
> 
>   list interface {
>     key name;
>     immutable true;  // the whole 'interface' object is immutable
>     leaf name {
>       ...
>     }
>     leaf description {
>       Immutable false;  // client may provide a description
>       ...
>     }
>     leaf mac-addr {      // H/W provided.  Normally CF, but for some reason is
>       mandatory true;   // promoted to CT (for a 'must' or 'when' expression?)
>       ...                         // Please don't nitpick the validity of the example, I could 
>     }                             // construct a similar example using built-in certs or keys.
>   }
> 
> Now say the client preconfigures:
> 
>   {
>     "name": "sd3"
>     "description": "uplink to closet-3",
>     "mac-addr": "000000" // real address unknown, so a fake one used
>   }
> 
> Now the card is inserted and "sd3" appears as:
> 
>   {
>     "name": "sd3"
>     "mac-addr": "1234567"
>   }
> 
> The merge fails because the client's mac-addr doesn't match the real one?
> 
> Ideally the immutable nodes (other than the keys) would NOT have to appear in <running>, but they do because "mandatory true"?
> 
> 
> > Also the notion
> > of immutable data in candidate, which is rather a scratchpad to 
> > assemble bigger changes, seems odd to me.
> 
> I had a similar reaction but, if <candidate> can be validated, doesn't it follow that the immutable nodes need to be copied into it as well?
> 
> 
> > /js
> 
> K.
> 
> 
> _______________________________________________
> netmod mailing list
> netmod@ietf.org
> https://www.ietf.org/mailman/listinfo/netmod

-- 
Jürgen Schönwälder              Constructor University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
Fax:   +49 421 200 3103         <https://constructor.university/>

v2.23.0 | Report a Bug | By Email