IETF Logo Mail Archive

Re: [netmod] WG Last Call for draft-ietf-netmod-syslog-model-11

Andy Bierman <andy@yumaworks.com> Tue, 27 December 2016 23:05 UTC

Return-Path: <andy@yumaworks.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E83F127735 for <netmod@ietfa.amsl.com>; Tue, 27 Dec 2016 15:05:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yumaworks-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MISoNRdGQ7A1 for <netmod@ietfa.amsl.com>; Tue, 27 Dec 2016 15:05:01 -0800 (PST)
Received: from mail-qk0-x232.google.com (mail-qk0-x232.google.com [IPv6:2607:f8b0:400d:c09::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 46C12129735 for <netmod@ietf.org>; Tue, 27 Dec 2016 15:05:01 -0800 (PST)
Received: by mail-qk0-x232.google.com with SMTP id n21so226510550qka.3 for <netmod@ietf.org>; Tue, 27 Dec 2016 15:05:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yumaworks-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=GpVsPX5mBfEGzJoAUFyQLeuKuU/DB9c/ikOYie/m7WI=; b=y7P39f5U11GkbyhCp+4dcjVLx0WBUwcv/yT+GvqXBuIya3UnZniOir2rQc7oU/X2j+ m7Z3OOtM+K9lGrxDAADYL7JOX9dUSB+sq5QV5mB5uffTp3kVrAsnwX5ZtRIR5ais6y7N DehV/X2VUQ9+Svyqusd2BHD9YozvIMbmhGqwRDFaU8RoXX5RikR1wDeE/YUvtjPgRAbL PLu9HoUth9BCLOImeryty9Fe7ak2YOLyK3ymyHZZDumjDmCAhQavID5FJdHniYaJKIxy 81Ho9yKyv+yHDPMHB0g6Oi+5PkzSw1RcBQ7U9t1zGyNfiP9ubBMyB6G9w7uM/uemiTm5 1dJw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=GpVsPX5mBfEGzJoAUFyQLeuKuU/DB9c/ikOYie/m7WI=; b=DnIylVmdZSlvsBLJsp55MEiVC9hVwZ5DsGzvFWZ1j0siO97xOsAAKp4BcEKfyVIoyG JXoXgYX7DU4F8rTGdZ/q9HAPFk+NmDEzxKuUxSgd29KCyKEjnv/uMoWqOvMYKs58Ha11 gi4bNHzomaXDUwptsjhYPvFHMovMna3BZjvc3V7DoUDMjuE8hIl/Chpb+BPD2J6xeVXG YJBP7K/vA8lPJA8qx5y77Fs0W2gMsTGjr/DQ6XUTqj/+pXn5cXOI5BXY3rM7KhS3FM18 d07aVFxm7egtjxjtMAJf6DwvOaEs/iDY7AsLQwoZ9dgMPC2OwOf7ElcFcvO3/xwF8EN6 Jv2A==
X-Gm-Message-State: AIkVDXIzX65lZL2PqVsOVvbEoS6icYgkvAYyM07iyCo7+S4550tvFHTsmmuc6xXWPxVoT7l1akEsNr2/CegzUA==
X-Received: by 10.55.7.2 with SMTP id 2mr35623416qkh.228.1482879900240; Tue, 27 Dec 2016 15:05:00 -0800 (PST)
MIME-Version: 1.0
Received: by 10.12.175.113 with HTTP; Tue, 27 Dec 2016 15:04:59 -0800 (PST)
In-Reply-To: <1481689016940.22442@Aviatnet.com>
References: <19039254-973A-461A-8749-95F74C33DAD1@juniper.net> <1481689016940.22442@Aviatnet.com>
From: Andy Bierman <andy@yumaworks.com>
Date: Tue, 27 Dec 2016 15:04:59 -0800
Message-ID: <CABCOCHSXVrZG-kz2TMmptcQ3pZ76u+MWse=0NVNY0h4q5GzrKw@mail.gmail.com>
To: Alex Campbell <Alex.Campbell@aviatnet.com>
Content-Type: multipart/alternative; boundary="001a114c877cb2e75c0544abe1c3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/N1WWSl4tx5qvYBI5l9OObUW1Kvg>
Cc: "netmod@ietf.org" <netmod@ietf.org>
Subject: Re: [netmod] WG Last Call for draft-ietf-netmod-syslog-model-11
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Dec 2016 23:05:03 -0000

Hi,

I am also considering an implementation.
I share the same concerns that Alex has brought up.

Some detailed comments:

1) /syslog/actions: seems like everything is in this container.
 Why is it needed?  Seems like it could be removed as it serves no purpose

2) 8 features: the granularity seems wrong.  The main container for each
section
 should have its own if-feature
      /console
      /buffer
      /file
      /remote

3) What is the 'buffer' container for?
  How is the internal memory accessed by the client?

4) selector-facility: Seems like no-facilities servers the same purpose
    as an empty facility-list. The choice is not needed; just use the
facility-list

5) pattern-match:

      leaf pattern-match {
        if-feature select-match;
        type string;
        description
          "This leaf desribes a Posix 1003.2 regular expression
           string that can be used to select a syslog message for
           logging. The match is performed on the RFC 5424
           SYSLOG-MSG field.";
      }


The field SYSLOG-MSG is referenced but never defined or listed in
the terminology section.

6) how are the syslog-facility identities mapped to SYSLOG messages?
6a) how to distinguish acme:foo-facility from example:foo-facility in a
SYSLOG message?

7) source-interface: what if the server does not let a source interface be
used and instead
    normal routing determines the source interface (this leaf is very
router-centric)

8) signing-options: are these widely deployed on all routers and Linux
hosts?

9) logrotate: there are several features related to log file cleanup
allowing lots of
    server variability and forces the client to support all the options.
Can't this be simplified
   and all the micro-behavior YANG features removed?

10) numeric limits: there is some odd usage of YANG types; some limits are
uint64, some uint32,
some uint16.  Seems like uint32 is sufficient


Andy


On Tue, Dec 13, 2016 at 8:16 PM, Alex Campbell <Alex.Campbell@aviatnet.com>
wrote:

> I am considering to implement the data model in this draft.
>
> I have reviewed this draft and found the following issues. In
> approximately decreasing order of severity:
>
> * In the "selector-facility" choice statement the cases have misleading
> names - the case where no facility is matched is named "facility", and the
> case where specific facilities are matched is named "name". I suggest
> "no-facilities" and "specified-facilities", or similar.
>
> * I disagree with the premise of the "no-facilities" case, which is that
> it can be used to disable a log action, according to the description:
>
>      description
>             "This case specifies no facilities will match when
>              comparing the syslog message facility. This is a
>              method that can be used to effectively disable a
>              particular log-action (buffer, file, etc).";
>
>   If an administrator wants to disable a log action they should do it by
> either removing it from the configuration, or by setting an "enabled" leaf
> to false.
>   With that in mind, there is no reason for the "no-facilities" case to
> exist.
>
> * What is the behaviour of a selector if neither "no-facilities" nor
> "facility-list" is present?
> * In the "selector" grouping it is not clear how the facility and pattern
> conditions are combined to decide whether a message is selected.
>   Must they both match the message, or is it sufficient for either one to
> match the message?
> * Not all servers have a console; there should be a feature to indicate
> whether logging to the console is supported.
> * Likewise, not all servers may support logging to user sessions.
> * Likewise, not all servers may support a user-accessible filesystem.
> * RFC 5424 states that the severity and protocol values are not normative.
> * It's not clear to me why this needs to be split into two modules. Is it
> so that other modules can define logging parameters but still be usable on
> a device without syslog?
> * "log-severity" defines a severity filter, not a severity, so its name is
> misleading.
> * Perhaps the "severity" type and the facility identities should have
> "reference" statements referring to RFC 5424, rather than referring to it
> in the description.
> * In section "8.2", "admisintrator" is a typo.
>
> I assume that the means of accessing the memory buffer and log files are
> out of scope of this data model.
>
> Alex
>
> ________________________________________
> From: netmod <netmod-bounces@ietf.org> on behalf of Kent Watsen <
> kwatsen@juniper.net>
> Sent: Wednesday, 14 December 2016 2:01 p.m.
> To: netmod@ietf.org
> Subject: [netmod] WG Last Call for draft-ietf-netmod-syslog-model-11
>
> This is a notice to start a two-week NETMOD WG last call for the document:
>
>     A YANG Data Model for Syslog Configuration
>     https://tools.ietf.org/html/draft-ietf-netmod-syslog-model-11
>
> Please indicate your support or concerns by Tuesday, December 27, 2016.
>
> We are particularly interested in statements of the form:
>   * I have reviewed this draft and found no issues.
>   * I have reviewed this draft and found the following issues: ...
>
> As well as:
>   * I have implemented the data model in this draft.
>   * I am implementing the data model in this draft.
>   * I am considering to implement the data model in this draft.
>   * I am not considering to implement the data model in this draft.
>
> Thank you,
> NETMOD WG Chairs
>
>
>
> _______________________________________________
> netmod mailing list
> netmod@ietf.org
> https://www.ietf.org/mailman/listinfo/netmod
>
> _______________________________________________
> netmod mailing list
> netmod@ietf.org
> https://www.ietf.org/mailman/listinfo/netmod
>

v2.23.0 | Report a Bug | By Email