IETF Logo Mail Archive

Re: [netmod] [core] WG Last Call on draft-ietf-core-comi-16

Andy Bierman <andy@yumaworks.com> Sun, 17 March 2024 16:01 UTC

Return-Path: <andy@yumaworks.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3117C14F5F6 for <netmod@ietfa.amsl.com>; Sun, 17 Mar 2024 09:01:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yumaworks.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 06d3dEJydVjM for <netmod@ietfa.amsl.com>; Sun, 17 Mar 2024 09:01:33 -0700 (PDT)
Received: from mail-pj1-x1033.google.com (mail-pj1-x1033.google.com [IPv6:2607:f8b0:4864:20::1033]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ADF02C14F5EB for <netmod@ietf.org>; Sun, 17 Mar 2024 09:01:33 -0700 (PDT)
Received: by mail-pj1-x1033.google.com with SMTP id 98e67ed59e1d1-29ddfada0d0so1572665a91.3 for <netmod@ietf.org>; Sun, 17 Mar 2024 09:01:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yumaworks.com; s=google; t=1710691293; x=1711296093; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=LasRzEJmQqlE6vZE5tSJ+5HOPWy6zdLdm9L4n2Hd2kY=; b=fqMEtzOlHx63jasn1HTVkmnCNU2pfkktMmItiCoPOrf/K0rMIRuDtpCk5Aaz4uAyvO M4dfkKEXlpfS9XupU4ehIxYX/Ez7sGaiO0tLv02HJBw8kEhNpXE6ahm5tncEJe+U+091 XWv0NYStJKHo+84TEsBThQSgMudast/40oyFaEPwApQsv5cXmeH1r4T0r+RhXkyeJDQX CUR6LKBUvDqUsyluavAIMGsTtoj2xpqfpshsP2ACWv0cicepaeBFjy89p18vhf2QiHrO qn1h/OBfQa1nzPkhtcBra3yiLR4Scmng6DdivURna+8FJ25xaS546wWKfV8JmNI0uQRK JDiQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710691293; x=1711296093; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=LasRzEJmQqlE6vZE5tSJ+5HOPWy6zdLdm9L4n2Hd2kY=; b=EuweBwtViHx0xgw8LOLmWffMCd/VabxiImlnFQtOZnnA6k7lXwlJju9Kn10vV3ebPU tEEflXAbuoErY6dbXdVSKDrT8l9GFJj5VhKmB1GOJV1xz9uuA95BE7kdgyO57900xk5D 8mszATXSIKrrrc8jHeea+fNsh4NFEv1LvxAwI0hHJwjinwKPpGQ2SPXN53FC2noOGFew oSGK1pCa2zLAIaZW1aMLDlNEnASet2Mz/yVCyI0oUFzU1sUbGUv1dovDXsrTgv4TaMei vtgZ9N0nXDqlgogC/1dQRo1hfJTHv5cWhpIn8F2VPIGvwZ3wf+5xxUrwdrEPn9cZ6kxo xuVw==
X-Forwarded-Encrypted: i=1; AJvYcCXoGJagb6DsZ+lzSyq56L3crJvmGrlR+MgY1CPemOe60/f47YiKnjdS9Wmc+/0dU3XTmWL9PNKWlmpDtlw7ArM=
X-Gm-Message-State: AOJu0YwvUgCefAbYbyAMN3eBI86f87aJYdn+rf5AfT47+BAmoy4Hr46Y g6HaO/HIuzlvaPgL43v2WQVKywvH9f/OiFEqUa1QbjE3o5Bzse+tTNU3r1r5KB1xYkLDLK0vHaR vyW6gkODvuFtpyqB4BNtDGgm3/I5RE6Y2zLK7yw==
X-Google-Smtp-Source: AGHT+IFsD9Xe6IG3F435JigL5C8KnU6ICM6X7BtnPgAH4WvR7V6hd61J22jmWBxADY366zxulbbeof6hbjiQVw51kMA=
X-Received: by 2002:a17:90a:d48c:b0:29d:e349:13c4 with SMTP id s12-20020a17090ad48c00b0029de34913c4mr6866241pju.18.1710691292779; Sun, 17 Mar 2024 09:01:32 -0700 (PDT)
MIME-Version: 1.0
References: <6013e746-3951-3d3b-3924-72423cfbc393@ri.se> <CABCOCHQAEizEYBkkoRQCyYVwdU2weKkMyam8W1aFh1DXKHhKmw@mail.gmail.com> <B7F55242-71FA-4E7D-921D-EA3053231EE1@tzi.org>
In-Reply-To: <B7F55242-71FA-4E7D-921D-EA3053231EE1@tzi.org>
From: Andy Bierman <andy@yumaworks.com>
Date: Sun, 17 Mar 2024 09:01:21 -0700
Message-ID: <CABCOCHR6b5pquYgYzH-ewzRqVrZ+5oqeb5jcZxx16Kv+hSBUbQ@mail.gmail.com>
To: Carsten Bormann <cabo@tzi.org>
Cc: Marco Tiloca <marco.tiloca=40ri.se@dmarc.ietf.org>, "core@ietf.org" <core@ietf.org>, netmod@ietf.org
Content-Type: multipart/alternative; boundary="000000000000d3b9b60613dd5a46"
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/MHu7tb3FL3BP2WhO0FpyPJKUck4>
Subject: Re: [netmod] [core] WG Last Call on draft-ietf-core-comi-16
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 17 Mar 2024 16:01:37 -0000

Hi,

I looked at the diffs and all are OK.


On Mon, Mar 4, 2024 at 12:18 PM Carsten Bormann <cabo@tzi.org> wrote:

> Hi Andy,
>
> I never got around to answering your feedback in the context of an updated
> document.
> The changes marked here with a “commit” number are both in the repository
> ([1], see [2], where also the issues were created) and in
> draft-ietf-core-comi-17.
>
> [1]: https://github.com/core-wg/comi
> [2]: https://github.com/core-wg/comi/commits/main/
>
> On 2023-09-07, at 22:28, Andy Bierman <andy@yumaworks.com> wrote:
> >
> > Hi,
> >
> > I have some minor comments about this draft.
> > I did not find any major issues.  It is almost ready for publication.
> >
> >
> > Andy
> >
> >
> > # comments on draft-ietf-core-comi-16
> >
> > ## sec 2.3
> >
> > Examples of each media type would be helpful here
>
> Indeed.  The current document doesn’t have those; captured as
> https://github.com/core-wg/comi/issues/14
>
>

thanks -- implementors rely on correct examples



> > ## sec 2.4
> >
> > It is not clear how any interoperability would be possible
> > if the server used some other datastore design.
> > Para 2 should be removed or there should be a complete
> > specification how NMDA datastores work in CORECONF.
>
> Indeed.
> This is clarified now both in the definitions at the start of Section 2
> and in Section 2.4 (commit b06f134).
>
> > ## sec 3.1.3
> >
> >     For compactness, indexes of the list instance identifiers
> >     returned by the FETCH response SHOULD be elided, only the
> >     SID is provided.
> >
> > If this encoding is used then the FETCH response will
> > not conform to the application/yang-instances+cbor-seq
> > media-type.
>
> A SID is a valid instance-identifier, so the representation still conforms
> to the media type (which is a sequence of maps from instance-identifiers to
> instance values).
>
> > It could be more clear that the client is responsible
> > for remembering the instance information for each
> > varbind in the request since no key values will be in
> > the response.
>
> Added a sentence to this effect (commit 1f48edf).
>


So there MUST be a response for every varbind (even ones that failed or no
data)
or the response message is malformed?  The position is critical since the
same SID
could be requested for different instances.



>
> > ## FETCH design issues
> >
> > The client must know all of the key values in advance
> > before being able to use the SID of a data node
> > in a FETCH request.  It is difficult and expensive
> > to retrieve the entire datastore contents at once,
> > just to discover the key values in use for the YANG list
> > entries within the datastore.
> >
> > RESTCONF has the 'depth' and 'fields' filter parameters
> > to address this issue. NETCONF has subtree and XPath filtering.
> > NETCONF servers can generally support selection of 1 value or all
> > values, for each key.
> >
> > Perhaps CORECONF will need the 'depth' filter parameter.
>
> I captured this as https://github.com/core-wg/comi/issues/15
>
>

SNMP has 'get-next' for instance discovery, which I would be horrified to
see in a new protocol.
NETCONF and RESTCONF have complex filtering but not really any specific
support at all.
The 'depth' parameter is actually complicated to implement correctly and
almost always includes
more data than is needed for this purpose.

I suggest a more direct approach like "keys-only": a boolean filter
parameter indicating that the
only key leafs (and required ancestor containers/lists) are returned.

This is an optimization. A client can get everything which will include the
keys.
It could be added later if an efficient solution is really needed.


> ## sec 3.2.3
> >
> > It is not clear if there are any server requirements
> > for error handling.  What happens if some (but not all)
> > of the edit varbinds succeed?  Is the datastore left
> > in a state such that YANG validation does not pass?
> > How Are partial edits reported to the client?
> >
> > Most NETCONF and RESTCONF servers implement an all-or-none
> > design so that error-option='rollback-on-error' is always done.
> > Perhaps CORECONF needs a SHOULD apply all-or-none for iPATCH?
>
> All-or-none is indeed the intention.
> Error handling is described in Section 6, but that also seems to miss an
> indication that this is the correct outcome.
>
>

Good. Do not repeat the mistakes of NETCONF "error-option".



> While all-or-none processing could be considered to be implicit in the
> design of CoAP, I added a sentence at the start making this explicit
> (commit 79f35e1).
>
>

This should be a requirement for NETCONF.



> > ## sec 3.5.1
> >
> > IMO there should be a SID file 'item' list shown for
> > the examples.
>
> I found the examples quite readable without such a list.
>
> > IMO it is confusing that the SID assignments
> > do not follow the standard algorithm.
>
> There isn’t really a “standard” algorithm; I’m assuming you mean this
> consideration:
>
> > Since the 'input' or 'output' SID is actually used in
> > protocol messages,
>
>

I noticed this significant change that removed the extra containers.



I need to look at the examples more closely to comment on the rest of the
issues.


Andy



> Actually, the examples should show how we are eliding the input/output
> sids, which is the reason non-contiguous assignment is actually optimal.
>
> > the delta values for the child nodes
> > are not optimal unless the correct path strings are sorted.
> >
> > There is a cur-and-paste error:
> >
> > OLD:
> >
> >      This example invokes the 'reboot' RPC (SID 61000), of the
> >      server instance with name equal to "myserver".
> >
> > NEW:
> >
> >      This example invokes the 'reboot' RPC (SID 61000).
>
> Indeed (commit a0a00cd)
>
> >
> > ## sec 3.5.1
> >
> >     REQ:  POST </c>
> >           (Content-Format: application/yang-instances+cbor-seq)
> >
> >     { 61000:
> >       {
> >         1 : 77
> >       }
> >     }
> >     RES:  2.04 Changed
> >           (Content-Format: application/yang-instances+cbor-seq)
> >
> >     { 61000:
> >       null
> >     }
> >
> > I am not sure 2.04 Changed the the correct status to match '200 OK'
>
> RFC 7252 Section 5.8.2 is quite explicit about this.
>
> > The example RPC does not define any 'output' section
> > so the response should not have any payload at all.
>
> It is not quite clear to me how this would work with a POST that addresses
> multiple nodes.  This is not visible from the example, which attempts to
> stay simple, but the elements of the CBOR map sequences used in requests
> and responses need to match up.
>
> > RESTCONF uses the 'input' and 'output' nodes in the
> > payloads. CORECONF is using the RPC method node instead.
>
> Yes.
>
> > ## sec 3.5.2
> >
> >
> > IMO the extra layer in the encoding for '0' is wrong.
> > It should match the format used for RPC.
>
> I agree.
> I also fixed the yang:date-and-time string in the request and made the
> example more realistic with the response indicating three seconds later.
> commit ec12146
>
> > It should be clear that if an RPC or action does not
> > have any input parameters (either direct or augments),
> > then the payload will not have any input parameters.
> >
> > Is this the correct encoding (should have examples in the draft)
>
> (Examples now https://github.com/core-wg/comi/issues/16)
>
> > RPC:
> >
> >     { 61000:
> >       null
> >     }
> >
> > ACTION:
> >
> >     { [60002, "myserver"]:
> >       null
> >     }
>
> Yes, I think so.
>
> > It should be clear that order of YANG list and leaf-list data nodes
> > are significant if they have the ordered-by 'user' property.
>
> Aren't they always?
> Is this specific to RPC/action?
>
> > Note that this applies only to the entries within a parameter.
> > The RPC or action input/output child nodes do not need to
> > be supplied in order. The text in RFC 7950 (e.g. 7.14.4)
> > applies only to NETCONF.
> >
> > ## Appendix A and B
> >
> > There should be a sentence declaring each appendix to
> > be normative, or move to a numbered section instead.
>
> This is the default in RFCs, but it doesn’t hurt to make this explicit.
> commit c72d08c
> (I also updated the YANG because an email address of an author changed;
> used opportunity to use RFCXML support for markers/name — commit fe6f84b)
>
>
> Thanks again for the input and apologies for the long silence…
>
> Grüße, Carsten
>
>
>

v2.23.0 | Report a Bug | By Email