IETF Logo Mail Archive

Re: [netmod] [Teas] Key collision between configured and ephemeral list entries

"Rob Wilton (rwilton)" <rwilton@cisco.com> Wed, 19 June 2019 14:17 UTC

Return-Path: <rwilton@cisco.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7D1251205E9; Wed, 19 Jun 2019 07:17:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=cL+X7Yez; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=NG6xDiJT
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o5Zb0P_nHVrw; Wed, 19 Jun 2019 07:17:52 -0700 (PDT)
Received: from alln-iport-6.cisco.com (alln-iport-6.cisco.com [173.37.142.93]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 11D9112060F; Wed, 19 Jun 2019 07:17:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=6890; q=dns/txt; s=iport; t=1560953872; x=1562163472; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=bSMgaeL/Kq6Mb4jFvkZnDFM8woNd9pzUedJ5/DIqT8E=; b=cL+X7YezV+Ihs5On2VW1o3+SP/WOOhWCfAOuo5a0ICsqWZ1EdPtcqOjl zWTrfhDIX9ty6JOb0n2jgg0qsbSG6Zmy4m48MGpK5PpZrB+tJo3GqKASy XpWQcHeSBhX5PecZ5c6+XRGovR7uUpUtC6DgMSnOXfq/AMb/KBmhZbsTA w=;
IronPort-PHdr: 9a23:LqvkjhUv2TNTa8vE8J2S7jOwmePV8LGuZFwc94YnhrRSc6+q45XlOgnF6O5wiEPSA92J8OpK3uzRta2oGXcN55qMqjgjSNRNTFdE7KdehAk8GIiAAEz/IuTtankgA8VGSFhj13q6KkNSXs35Yg6arw==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AGAAA1Qwpd/4cNJK1jAxkBAQEBAQEBAQEBAQEHAQEBAQEBgVMEAQEBAQELAYFDUANqVSAECygKh1MDhFKKDYJXfohHjXGBLoEkA1QJAQEBDAEBGAsKAgEBhEACglgjNAkOAQMBAQQBAQIBBW2KNwyFSgEBAQEDAQEQLgEBLAsBCwICAgEIEAEBAwEBAScHGwYGCxQDBggCBAENBQgTB4MBgWoDHQECDJ9/AoE4iF+CIoJ5AQEFhQINC4IQAwYFgS8Bi10XgUA/gRFGghcHLj6CGkcBAYFLGAUaJoJ1giaLUCCHaFiUez4JAoIRj2eEB5c0jR2JDo1ZAgQCBAUCDgEBBYFQOIFYcBU7gmyCQYNwM4QmO4U/coEpjSgBgSABAQ
X-IronPort-AV: E=Sophos;i="5.63,392,1557187200"; d="scan'208";a="293057111"
Received: from alln-core-2.cisco.com ([173.36.13.135]) by alln-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 19 Jun 2019 14:17:50 +0000
Received: from XCH-RCD-006.cisco.com (xch-rcd-006.cisco.com [173.37.102.16]) by alln-core-2.cisco.com (8.15.2/8.15.2) with ESMTPS id x5JEHo2T002120 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 19 Jun 2019 14:17:50 GMT
Received: from xhs-aln-001.cisco.com (173.37.135.118) by XCH-RCD-006.cisco.com (173.37.102.16) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 19 Jun 2019 09:17:50 -0500
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by xhs-aln-001.cisco.com (173.37.135.118) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 19 Jun 2019 09:17:49 -0500
Received: from NAM05-DM3-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Wed, 19 Jun 2019 09:17:49 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pxxoBEVtS4CJcRP0+LP71dELWu+iOP2MeqtLyDbwk0o=; b=NG6xDiJTn9f8EoYMUj27d2WJteNTgdY/5nAJ7cl55etA8oa7r6HKgA6xJ70ZNmhEeUjVN1Gaj2DT4uN2gXlZ/q/o/7jSreH1OEuDx5vY5dXeVz3DoMErf29FKLwJ85yEup2z+E1X42FpD19hdD+ts9tNeTr5U6k+qI+tF/vxZ0c=
Received: from BYAPR11MB2631.namprd11.prod.outlook.com (52.135.227.28) by BYAPR11MB3717.namprd11.prod.outlook.com (20.178.238.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1987.13; Wed, 19 Jun 2019 14:17:47 +0000
Received: from BYAPR11MB2631.namprd11.prod.outlook.com ([fe80::ed99:b6a8:d6fb:5045]) by BYAPR11MB2631.namprd11.prod.outlook.com ([fe80::ed99:b6a8:d6fb:5045%4]) with mapi id 15.20.1987.014; Wed, 19 Jun 2019 14:17:47 +0000
From: "Rob Wilton (rwilton)" <rwilton@cisco.com>
To: Italo Busi <Italo.Busi@huawei.com>, Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
CC: "netmod@ietf.org" <netmod@ietf.org>, Tarek Saad <tsaad.net@gmail.com>, Andy Bierman <andy@yumaworks.com>, "teas@ietf.org" <teas@ietf.org>
Thread-Topic: [Teas] [netmod] Key collision between configured and ephemeral list entries
Thread-Index: AQHVJfq3HbVqJ7wQTku6G+2+NOkmA6airETwgABDEwCAABcXQA==
Date: Wed, 19 Jun 2019 14:17:47 +0000
Message-ID: <BYAPR11MB263171F5385DD59EBC2887C3B5E50@BYAPR11MB2631.namprd11.prod.outlook.com>
References: <BYAPR11MB26314CD2365C6AEC39E696EDB51F0@BYAPR11MB2631.namprd11.prod.outlook.com> <BL0PR06MB4321DA01042ECAAD88E8420AFC1F0@BL0PR06MB4321.namprd06.prod.outlook.com> <91E3A1BD737FDF4FA14118387FF6766B2774E51F@lhreml504-mbs> <028b01d51933$1015fa80$4001a8c0@gateway.2wire.net> <91E3A1BD737FDF4FA14118387FF6766B2775CF49@lhreml504-mbs> <CABCOCHTFSfizdqszABgyv+SBHW2+5W5WF-HJvVo=EAJFcUnvJA@mail.gmail.com> <20190611160106.5o3pslwmnhaoyjzx@anna.jacobs.jacobs-university.de> <91E3A1BD737FDF4FA14118387FF6766B2775D052@lhreml504-mbs> <20190611171900.xzzwofx5nwtj77cv@anna.jacobs.jacobs-university.de> <91E3A1BD737FDF4FA14118387FF6766B2775D16D@lhreml504-mbs> <20190611183630.4ymx7libdotuqfbo@anna.jacobs.jacobs-university.de> <91E3A1BD737FDF4FA14118387FF6766B27769528@lhreml504-mbs> <BYAPR11MB2631B283C5EE2D4676A27F5BB5E50@BYAPR11MB2631.namprd11.prod.outlook.com> <91E3A1BD737FDF4FA14118387FF6766B2776A93F@lhreml504-mbs>
In-Reply-To: <91E3A1BD737FDF4FA14118387FF6766B2776A93F@lhreml504-mbs>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=rwilton@cisco.com;
x-originating-ip: [173.38.220.54]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: da38a052-953c-417d-13ad-08d6f4c0e7ae
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:BYAPR11MB3717;
x-ms-traffictypediagnostic: BYAPR11MB3717:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <BYAPR11MB37175A29525B0333FA1B6A1BB5E50@BYAPR11MB3717.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0073BFEF03
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(376002)(346002)(39860400002)(136003)(396003)(13464003)(189003)(199004)(51444003)(8936002)(25786009)(66066001)(33656002)(2906002)(478600001)(11346002)(966005)(186003)(316002)(68736007)(54906003)(6436002)(99286004)(110136005)(4326008)(7696005)(102836004)(26005)(6306002)(53936002)(9686003)(73956011)(76116006)(64756008)(66556008)(14454004)(66446008)(66946007)(66476007)(6246003)(76176011)(55016002)(3846002)(6506007)(256004)(6116002)(74316002)(8676002)(486006)(71190400001)(305945005)(71200400001)(53546011)(86362001)(52536014)(7736002)(81166006)(81156014)(446003)(229853002)(476003)(5660300002); DIR:OUT; SFP:1101; SCL:1; SRVR:BYAPR11MB3717; H:BYAPR11MB2631.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: nuUQPj6bYKkxTRsvlyL1JsRWIVBQjJYUnPFQBH7mV5Pi/Kn5Itah5Y3Y88biQ+4EOMD1ujU4i47KDEt2/kOxfmpS8gkv5HBvgiEo+8tlhow9QQV8C99okm8QjtUGpd0s96NEIUnM5BRcKyKMhtabMuDz+uP17z7EGPY3HvrPkaJbMMxkElfuC8tgm08rI1XiYvVAyUOh9xNiac+XBjGtx9EyPbGkxHrFLDsi2jvUGjupNSUkQgXK3YIFLo3zpSYR1fd75MWyVaO93NT6BTCrqpfI18YwM37/1KKGeeUux8t21lanDHuEMn2TA/IFOINdgJMEuNH1Ls85O5IVGTDtUlLyJfznpZTb0q7Q8hmi3Gz20JByuEOtPtk1WxPZ4xXsLiSUwqOX4lByrYbmfpt/WsQSWg+aIKWr/6HHvxffNKI=
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: da38a052-953c-417d-13ad-08d6f4c0e7ae
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Jun 2019 14:17:47.5498 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: rwilton@cisco.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR11MB3717
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.16, xch-rcd-006.cisco.com
X-Outbound-Node: alln-core-2.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/BWae33xkwF6He34P0TNdIlfuFMM>
Subject: Re: [netmod] [Teas] Key collision between configured and ephemeral list entries
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Jun 2019 14:18:00 -0000

Hi Italo,

Using a prefix (which can also be configured by the user) for the system created objects to avoid name collisions seems reasonable to me.  I wouldn't use a symbol (like #), but instead would suggest a prefix string like "sys-".

But I think that it is appropriate to solve this within the specific data model rather that requiring a system wide solution.

Thanks,
Rob


> -----Original Message-----
> From: Italo Busi <Italo.Busi@huawei.com>
> Sent: 19 June 2019 13:51
> To: Rob Wilton (rwilton) <rwilton@cisco.com>; Juergen Schoenwaelder
> <j.schoenwaelder@jacobs-university.de>
> Cc: netmod@ietf.org; Tarek Saad <tsaad.net@gmail.com>; Andy Bierman
> <andy@yumaworks.com>; teas@ietf.org
> Subject: RE: [Teas] [netmod] Key collision between configured and
> ephemeral list entries
> 
> Hi Rob,
> 
> Thanks a lot for your comments
> 
> Your interpretation makes a lot of sense in case of an "intentional" name
> clash (e.g., when an entry is configured by the client in the <running> DS
> to configure some intended behavior, like admin status, for an entry
> injected by the system in the <operational> DS): in this case the same
> name/key value is used to indicate that the two DS entries are referring
> to the same entity
> 
> My concern is how to avoid "unintentional" name clashes (e.g., between an
> entry configured by the client in the <running> DS and another entry
> injected by the system in the <operational> DS) because in this situation
> the behavior described below is not desirable: the two DS entries are
> actually referring to two different entities which by accident got
> assigned the same name/key value
> 
> Italo
> 
> -----Original Message-----
> From: Rob Wilton (rwilton) [mailto:rwilton@cisco.com]
> Sent: mercoledì 19 giugno 2019 11:07
> To: Italo Busi <Italo.Busi@huawei.com>; Juergen Schoenwaelder
> <j.schoenwaelder@jacobs-university.de>
> Cc: netmod@ietf.org; Tarek Saad <tsaad.net@gmail.com>; Andy Bierman
> <andy@yumaworks.com>; teas@ietf.org
> Subject: RE: [Teas] [netmod] Key collision between configured and
> ephemeral list entries
> 
> Hi Italo,
> 
> My interpretation of the NMDA guidelines are thus:
> 
> - If multiple clients are writing the same values to <running> then the
> clients must coordinate between themselves to ensure that the correct
> values are written to <running>, otherwise the last verified change
> written to <running> wins.  Locks can be used to coordinate client writes
> to <running> if required.
> 
> - If multiple clients are writing to different datastores, e.g. one client
> is writing to <running> and another is writing to some form of ephemeral
> datastore, then the ephemeral datastore definition must specify what
> mechanism is used to resolve configuration conflicts between configuration
> datastores.  Naively, my starting point would be to say that configuration
> in an ephemeral datastore should override configuration that is in
> <running>.
> 
> - If the decision is from a data node configured in <running> and a data
> node injected by the system into <operational> then it is up to the device
> to decide how to resolve these (i.e. the system chooses which version of
> the data node to use, and the result of that decision is tagged in
> <operational> using the origin metadata).  Generally, I would expect an
> explicitly configured data node in <running> should take precedence over
> system generated config, but there might be cases where this doesn't make
> sense, and perhaps there might be cases where the data model recommends
> different behaviour.
> 
> - I would assume that there is only a single <operational> datastore.  I'm
> not sure whether NMDA explicitly requires this, but we couldn't think of
> any scenario where multiple operational datastores would be helpful.
> 
> Thanks,
> Rob
> 
> 
> > -----Original Message-----
> > From: Teas <teas-bounces@ietf.org> On Behalf Of Italo Busi
> > Sent: 18 June 2019 18:24
> > To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
> > Cc: netmod@ietf.org; Tarek Saad <tsaad.net@gmail.com>; Andy Bierman
> > <andy@yumaworks.com>; teas@ietf.org
> > Subject: Re: [Teas] [netmod] Key collision between configured and
> > ephemeral list entries
> >
> > Hi Juergen,
> >
> > What is the DS architecture you have in mind with multiple client
> > creating entries?
> >
> > Are the two clients creating entries in the same <running> DS or in
> > two different <running> DS?
> >
> > In the latter case, the two clients could also rely on different
> > <operational> DS and therefore can assign the same name to different
> > entries (since they will be instantiated in different DS). There is no
> > need for them to avoid name clash
> >
> > In the former case, a name clash would cause one client to override
> > the configuration of another client
> >
> > Are the two clients aware of each other?
> >
> > I take the opportunity to clarify one point (not sure I have been
> > clear about it). I do not think we need to define any rule which is
> > enforced by the server to avoid name clashes since the server cannot
> > understand whether the name clash is intentional or not. I think we
> > just need to define some known/common/standard rules that allow the
> > client(s) to avoid creating unintended name clashes.
> >
> > Thanks, Italo
> >
> > -----Original Message-----
> > From: Juergen Schoenwaelder
> > [mailto:j.schoenwaelder@jacobs-university.de]
> > Sent: martedì 11 giugno 2019 20:37
> > To: Italo Busi <Italo.Busi@huawei.com>
> > Cc: Andy Bierman <andy@yumaworks.com>; teas@ietf.org; Tarek Saad
> > <tsaad.net@gmail.com>; netmod@ietf.org
> > Subject: Re: [netmod] [Teas] Key collision between configured and
> > ephemeral list entries
> >
> > On Tue, Jun 11, 2019 at 05:43:27PM +0000, Italo Busi wrote:
> >
> > > [Italo Busi] If the client knows the prefix used by the server, it
> > > can pick up a different prefix and use it to tag its own entries. I
> > > think this rule is not really complex and it seems much simpler than
> > > managing unintended name clashes
> >
> > A prefix only helps a little. Once you have multiple clients creating
> > entries, you will have to handle collisions again. Sometimes solving
> > the more general case leads to solutions that also work nicely in
> > simpler special cases.
> >
> > /js
> >
> > --
> > Juergen Schoenwaelder           Jacobs University Bremen gGmbH
> > Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
> > Fax:   +49 421 200 3103         <https://www.jacobs-university.de/>
> >
> > _______________________________________________
> > Teas mailing list
> > Teas@ietf.org
> > https://www.ietf.org/mailman/listinfo/teas

v2.14.0 | Report a Bug | By Email