Re: [netmod] Does defining a feature require the module be implemented?
Robert Varga <nite@hq.sk> Wed, 08 June 2022 21:19 UTC
Return-Path: <nite@hq.sk>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 87CFAC15AACA for <netmod@ietfa.amsl.com>; Wed, 8 Jun 2022 14:19:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.985
X-Spam-Level:
X-Spam-Status: No, score=-3.985 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-1.876, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=hq.sk
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Vfd7pNVqybDm for <netmod@ietfa.amsl.com>; Wed, 8 Jun 2022 14:19:42 -0700 (PDT)
Received: from mail.hq.sk (hq.sk [81.89.59.181]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9800BC15AADB for <netmod@ietf.org>; Wed, 8 Jun 2022 14:19:07 -0700 (PDT)
Received: from [192.168.1.146] (chello085216197060.chello.sk [85.216.197.60]) by mail.hq.sk (Postfix) with ESMTPSA id 272B9246D60; Wed, 8 Jun 2022 23:19:03 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=hq.sk; s=mail; t=1654723143; bh=ZkabtR0PxOrh4ppo1ta1QWkXM0yzFkdfRXpGgAvQkZI=; h=Date:Subject:To:Cc:References:From:In-Reply-To; b=QpJWEjLm/BDk1NeFb/hb89g3RfSIE3XSCVBBg6AaTcvm9AkeAEwlbZuso98XE1LsU UzVjuvODxgmAKYhud9szhoLsPxpA7LsX5bhuFlGJ2KU4GgrTGmpA399KWnM1nVDy5S ewlTtmU5EvCg/HelXoJZ/nhjdIgnfUpedLlBCmtI=
Message-ID: <e9cc6a84-b448-6f40-36c3-2271a5be83a1@hq.sk>
Date: Wed, 08 Jun 2022 23:19:02 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.10.0
Content-Language: en-US
To: Kent Watsen <kent+ietf@watsen.net>
Cc: Martin Björklund <mbj+ietf@4668.se>, "netmod@ietf.org" <netmod@ietf.org>
References: <01000180a9eb37cb-85b9c576-c1eb-425a-b42c-b3cabe548fbb-000000@email.amazonses.com> <20220518.080543.825575420363032441.id@4668.se> <01000180d793d6ee-f82a4a03-28d8-4f8b-909e-7306a7fc565b-000000@email.amazonses.com> <01a1b2f3-acc2-8378-ffea-9670e2d51b12@hq.sk> <010001813082732c-b45d92df-5815-481b-a86c-476a3f139d25-000000@email.amazonses.com>
From: Robert Varga <nite@hq.sk>
In-Reply-To: <010001813082732c-b45d92df-5815-481b-a86c-476a3f139d25-000000@email.amazonses.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------sC39KUryQvM4zGkwm6oPH1wh"
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/GVqj6W76RFSREcot5dDLVIdZWDA>
Subject: Re: [netmod] Does defining a feature require the module be implemented?
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Jun 2022 21:19:46 -0000
On 04/06/2022 22:57, Kent Watsen wrote: > Hi Robert, > > >>> 3) I wish more modules would following the pattern of having the >>> global protocol accessible tree be defined via a "uses" of a grouping >>> defined in the module. In another recent project, I had to hack the >>> topology modules defined in RFC 8345 (to convert the containers to >>> groupings) to enable a multiplicity of "abstract network topologies" >>> to be configured. The assumption that only a single global instance >>> is ever needed is proving to be invalid in my work time and again. >> >> /me puts the co-author hat on. >> >> The multiplicity is already built-in into the model by the fact that >> network topologies is a top-level list. >> >> Would you mind sharing the use case what requires multiplicity of the >> built-in multiplicity? >> >> I know this sort-of is a re-hash of the ietf-interfaces discussion, >> but while there the use-case is well understood, I wonder what >> equivalent is there for networks/topologies. > > > I appreciate that the model supports a multiplicity of topologies, and > can see that it could support my needs, but my issue seems to arise in > the intersection of the following desires: > > 1) a server that supports multi-tenancy > 2) each tenant being able to define a number of topologies > 3) each tenant only being able to see their own topologies > 4) the server not supporting object-level access control > 5) the data-model being schema-mount like, whereby each tenant-instance > contains *all* tenant nodes (e.g., all leafrefs are relative paths that > never go above the tenant's subtree. Right, so the problem really is a combination 4) and 5). 4 is dictating use of some ACL model where you (warning: conjecture) can filter on a global prefix. 5 dictates that prefix is not formed through the use of RFC8528 schema mount -- hence you form that via something like import ietf-network { prefix nw; } list tenants { key name; uses nw:networks; } Two issues with addressing this issue through remodeling as groupings are: 1. leafrefs cannot use absolute addressing, opening a can of interop worms 2. technology-specific augments no longer have a single target, leading to an NxM explosion (N = technologies, M = ietf-network grouping instantiations) The first is an annoyance, the second is a major problem solved (semi-reasonably?) through RFC8528... The thing is: RFC8345 is very much a 'turtles all the way down' modeling exercice. Turning 'container networks' into 'grouping networks' still leaves you with that gap we call "augments target instantiations, not definitions" -- e.g. after introducing those groupings you mentioned you then proceeded to duplicate all technology augments to make them work with all them instantiations, right? I really think you should fix your server (to supported at least 4) :) Regards, Robert
- [netmod] Does defining a feature require the modu… Kent Watsen
- Re: [netmod] Does defining a feature require the … Michal Vasko
- Re: [netmod] Does defining a feature require the … Kent Watsen
- Re: [netmod] Does defining a feature require the … Robert Varga
- Re: [netmod] Does defining a feature require the … Andy Bierman
- Re: [netmod] Does defining a feature require the … Kent Watsen
- Re: [netmod] Does defining a feature require the … Andy Bierman
- Re: [netmod] Does defining a feature require the … Martin Björklund
- Re: [netmod] Does defining a feature require the … Kent Watsen
- Re: [netmod] Does defining a feature require the … Andy Bierman
- Re: [netmod] Does defining a feature require the … Jan Lindblad
- Re: [netmod] Does defining a feature require the … Andy Bierman
- Re: [netmod] Does defining a feature require the … Martin Björklund
- Re: [netmod] Does defining a feature require the … Andy Bierman
- Re: [netmod] Does defining a feature require the … Andy Bierman
- Re: [netmod] Does defining a feature require the … Kent Watsen
- Re: [netmod] Does defining a feature require the … Andy Bierman
- Re: [netmod] Does defining a feature require the … Kent Watsen
- Re: [netmod] Does defining a feature require the … Andy Bierman
- Re: [netmod] Does defining a feature require the … Ladislav Lhotka
- Re: [netmod] Does defining a feature require the … Kent Watsen
- Re: [netmod] Does defining a feature require the … Ladislav Lhotka
- Re: [netmod] Does defining a feature require the … Kent Watsen
- Re: [netmod] Does defining a feature require the … Robert Varga
- Re: [netmod] Does defining a feature require the … Kent Watsen
- Re: [netmod] Does defining a feature require the … Robert Varga