Re: [netmod] WG Last Call: draft-ietf-netmod-acl-model-14

Kristian Larsson <kristian@spritelink.net> Fri, 03 November 2017 08:51 UTC

Return-Path: <kristian@spritelink.net>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C85D713FD07 for <netmod@ietfa.amsl.com>; Fri, 3 Nov 2017 01:51:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fNOo4SHJT68b for <netmod@ietfa.amsl.com>; Fri, 3 Nov 2017 01:51:09 -0700 (PDT)
Received: from Mail2.SpriteLink.NET (Mail2.SpriteLink.NET [195.182.5.83]) by ietfa.amsl.com (Postfix) with ESMTP id 4FE4013FD04 for <netmod@ietf.org>; Fri, 3 Nov 2017 01:51:09 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by Mail2.SpriteLink.NET (Postfix) with ESMTP id 837A1261846; Fri, 3 Nov 2017 09:51:10 +0100 (CET)
X-Virus-Scanned: amavisd-new at SpriteLink.NET
Received: from Mail2.SpriteLink.NET ([195.182.5.83]) by localhost (Mail2.SpriteLink.NET [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yGm+d3vd6dqJ; Fri, 3 Nov 2017 09:51:08 +0100 (CET)
Received: from localhost (Mission-Control.SpriteLink.NET [195.182.5.153]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: kristian@SpriteLink.NET) by Mail2.SpriteLink.NET (Postfix) with ESMTPSA id 6D374261838; Fri, 3 Nov 2017 09:51:08 +0100 (CET)
Date: Fri, 03 Nov 2017 09:51:06 +0100
From: Kristian Larsson <kristian@spritelink.net>
To: Mahesh Jethanandani <mjethanandani@gmail.com>
Cc: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>, "netmod@ietf.org" <netmod@ietf.org>
Message-ID: <20171103085106.GF12688@spritelink.se>
References: <51DBEB86-2482-4D37-9F97-5EEE76B38285@juniper.net> <20171031102523.GB25608@spritelink.se> <CDEF081E-C5AA-459B-8DBB-770D5065FD26@gmail.com> <20171101112249.wmq4ggx2ixgn4kqo@elstar.local> <A55809F6-23FA-404D-BC0F-74AF11F508BF@gmail.com> <20171102074318.GC12688@spritelink.se> <6359CD50-0F0D-4315-A58B-1D4CF0583475@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <6359CD50-0F0D-4315-A58B-1D4CF0583475@gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/A0XbACZCnLLPl_odB0USO1VzQDE>
Subject: Re: [netmod] WG Last Call: draft-ietf-netmod-acl-model-14
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Nov 2017 08:51:13 -0000

On Thu, Nov 02, 2017 at 03:20:34PM +0630, Mahesh Jethanandani wrote:
> Kristian,
> 
> I hear you. What I am providing is the rational for the current design. 

Ok, thank you! That is valuable to me so please don't stop :)


> I would like to hear from others in the WG. We have been
> reviewing this draft for the last couple of years, and we are
> now at the tail end of the LC.

Believe me, I have no intention of stopping this draft. I just
want to improve it.

I actually wanted to start using it earlier this year but found
the structure so unwieldy to work with that I eventually gave up
and instead decided to try and improve the model. It took a wee
bit longer than I intended but here I am.

For the interested, I wanted to build a YANG translation service
in NCS (now Cisco NSO) that could translate ACLs from one format
into the native format of four different vendors. I currently
keep feature parity across four different platforms and doing
that for something like ACLs is highly error prone.


> I would really like to see this draft move forward,
> particularly since it is not broken.

I want to have a standard ACL model too.

I am not complaining just for the sake of complaining, it is
because I found the structure unnatural or otherwise difficult to
use. I will try my best to not just criticise but instead provide
actual suggestions on how to improve things.

Kind regards,
   Kristian.

-- 
Kristian Larsson                                        KLL-RIPE
+46 704 264511                                kll@spritelink.net