Re: [netmod] I-D Action: draft-ietf-netmod-syslog-model-28.txt
Reshad Rahman <reshad@yahoo.com> Fri, 13 January 2023 16:09 UTC
Return-Path: <reshad@yahoo.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A964C1524DC for <netmod@ietfa.amsl.com>; Fri, 13 Jan 2023 08:09:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.094
X-Spam-Level:
X-Spam-Status: No, score=-7.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yahoo.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VeuC7EGsWhiy for <netmod@ietfa.amsl.com>; Fri, 13 Jan 2023 08:09:05 -0800 (PST)
Received: from sonic307-2.consmr.mail.bf2.yahoo.com (sonic307-2.consmr.mail.bf2.yahoo.com [74.6.134.41]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 57607C14CE36 for <netmod@ietf.org>; Fri, 13 Jan 2023 08:09:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1673626144; bh=l0k5LfEqFePL6DQumgHdegLlEVaDSNe1X1Etdw/MY5M=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:From:Subject:Reply-To; b=fLHVWSjk4M7YTcRKg/veQUiEnUlXRAQr0HWpU+DjBge98xw2pKfzEydCBbAzNf8+69KhK/82Z0ZckyFWLN4aTj8xz8CLM2AKomEqMhKLST5ly6J/fMqRzWxl6owZPC7FxmzynY163xl98LnsfhemokfVHxDmcRIdJ9Wdn6qCT0+xxBrlRMbmEMHETyTT5aw+8xw9ormmKrhJrjLk6A3espli9vdhkTzuJjAc6krO9Kywh+r3V10UxTj5gCpR1IcH71jfPoZFpxExiXTLRQ02Vy53HzqBGtCiEiIW+XrH+HwUW+2X4YtMDAFPU3WXX8IBK+iDeoskMEkKyq+KaGCKOA==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1673626144; bh=7pQYjR1nVdycJiGqm8LTleKyW4AnWAvJ9Y8JBQaBP23=; h=X-Sonic-MF:Date:From:To:Subject:From:Subject; b=UMhx+rJNWy4XitRhhcLrsQVqiCaQB0uXXZ51E8M+QTle7xlYrSqrGJEMVbsPqgRnebPduhWBe06yluqRHVlNHt7hhfUsOG5BgqGVrXLlhD6S9r+P7giKRwVciz2yBRaIBawTUZF4QaF+dd5FXiEOvNMqWmrF9xPeylHemmteARw/scZlYMzc/41WrW6aVL+sdAL0Wowml4MRFSB6tJBxJNd4tRPwDNwSCShawJuN7wSIkKuW0xbhi6gSITgDS5HsNLcAeSBNZfOdrJgSA182jE/fsQllCe1c2kJlAPBKwSyX2yPvZEPaU+2sQoJKqDUwiK4SCCAlNkXYUlprw/AIWA==
X-YMail-OSG: Qhjni1IVM1mZT_Rb2_AdfRObitn2Ft_PyzYQ0hbkLHa0VoCAIaOmVvI5BUtyWXp 0.whlXcvwzl_ugHnS5JQnFj5XSazBh64oA0BHHzujYhFbcVE8.05Knn_bie_Y4eJThTv9UzWuCJ6 PxGg2WE1u4Jf70nmcBgv1Xi3_t6rV2jVMyIiMUX9lPoopUmgU5wljnaZnke.JsPNjTtr9tthpS6v y2t5WnlKv0OxVs91wOuiHV_.pOCZThRTKL2Jhhmk1dmT4ufqdB5VE3PgUIFjx.DEBkBa4C_B8CPi ybSM3KNVOPoKcmwHwGqi8hocbQildT3C2x8Jqm7B1M6tTOYYK5t.UumlD0zJPLctjM6Uymj2N1SU Ou8oyYIi5YeyOg0uqAe5QwSP2TjnsEGNjz9b8VAbe13lZYzEtipdN0i5c6Lhq7BCrOztoCqNLyCY HqJic4Q0v5uzuNmktD8BauiuPd26zGNKEw_VQPJtptn8rlfO4SlyPg2dQpEI6T_uSR7HIqu9BHJ5 JahUTvb3Xc5eaMtc2p4HXEd0aJkupcS9jBGVKIfSKKCcTYw5Z7YvZVJ8U484McpTqQ8zGB5dV12o 683_pPHfZ5rwhabom9tzQqX7Eb6zjEZbT6c0ZJwllnY5Z2slsITW8jaZPnoETERf4TJSocXb3bzw hD6GQRLn0xcrLl9dtqtj3pCazDwaS9k6KsjH0g5485Asr1lZ6ipbS09QmMjLPPjCVNGRj783DwXe nLxsYXR8OU6qwCOXtAvF5NZHLrumc4kMR4IAr25DsHrbJJpcKB9T5g_2s.I.qhdgAO_cQ9p0JV49 .FyOhOa0iFR.LZFHZhgFGsLIj77XPZg6wsCqIzz5qPFDWld7RNc9bp9LzzgyZ75.b3NDtgolRPv6 vQuODAk9sPUjsXyvci5OdoH9lQW9HeuIwapQM5FGEkrqx1ZjkJ_NeBlrcUaJFLu6t69zVxh24ZDt ZzMmhJscl4xIx7HgU7d6fyyU.pL6l5SyS1h7F.myVDjg9gx92AN0WmyRX9y0KX4l2iG8YEUBbAfu Omw_cTEC7ObxV5j472swfaNUvYXVws7DAWjg7IAF9fPloVbU4sRe0ppN79QCJMcjAOEP02ql1Jpd M6VaOeIO4ouOq_9P0nv_Ix2nsS4.6m7PYOygZjgCWT2fs1NLPOZjmGc58PVRTrMVVCjuUiJRTwxF QVcssmkjfvdzPSNjsOVnit0g7s6zQRDv_NXuTEJqvcy5YQdMHu.LmmJuS7DaVGW9rQWIhLFfcSfZ pqcS4FzEPBSBVvJt.r.ic.mcY0vV3Sr6F4JY_U7xjFjzSvhsRxfeC.XWyRjRhrUNe0F7VBO.idHE Us.yP2pbY0C7NE77SR.Wj52Pp4ib9n_X0s8kO1PMHCVCYH1.n3XpnHkGT1kbiFelKrJ_LF0qIRqp QHVt2NJKnDYP_JwG2WyiVIMugS5XVK1TRYtNFfdNUUeTimy96qfSEFpS012aRsbjtS75ktDHrCcG CqsdAgBF_mRZwj6KGKgnMvsgauwfXl4Rndk0QXZUmtCUdmdDCsmeQo832WNq8BqSZT35Ntpgou5O nVOfSmTDnhNgk0xjGfr3on.IFMOb7i22DpmECv_5u7Tl3FXBOB2sOYm09mNYVu8TwUH.fcfUXbRN 8PCyWhFqknui2ZN3TFtvcnGwI26RlrrM0SZT0iwLHxgYNt6x5V1AkLQxhT4TeND9DCX41slIJXgZ s1g.B8DPNXaStJ2YYGAPDsLVR9Lm1AqrULjyjzcdOt_6AL393oakZgPDJVx48Be528mqevjdF16F g7O1bbwiNjMKRbmubq7zBjdSrvHFK_kmFTvvGsGOaY6Ki9Yy0b6qjJThtFzlfrfguMO.rUhQ_c7Q dyOZAeappCw3wlCl7FQ4G7nCmu9hQ47HC9e08LVTtG1d_dMmVX.Z56Q4ihZWzpwWKOZDcgL29lfi TGWwSlF25wva4BWb3cQEn4bQWX1qFwBWCMSFqEBfhKjbNnS2IxD4HJHs61I7cEiq9YKNnngWU7ey xFBrVpmwCIVO_HW7Be9BW3_2Cq6Cr50v5NXIENfCX8hRgZaf.n61IYuBEFQAAHFVYIkoU.Vyu2lg ZuVPKGq24p9tW6fcMKpfDPnGenjnYWP0szAd4MG4uW62uft_1uGoKlWsWHO5D.6U57DmPIATHNPw tNi4N_cY0lCSxYLvCSjyCgh4m8RPp0mVKHbPVIDTXHinlmevcEuDcr80tp58SfHi3h_WcjbP2sBH UJtvQK0NnTzZHJxUNp9buCupV6AAAlTUNTTF7ZdVBxlVHNkBIdTL0uIgKqUhtxPBrvKKgazerTpc Ji6V2cI4kt3JsppxcnS7CyKHvoC.sV0qNnCsXfJ1jYgRXyPvZkq26TQ--
X-Sonic-MF: <reshad@yahoo.com>
Received: from sonic.gate.mail.ne1.yahoo.com by sonic307.consmr.mail.bf2.yahoo.com with HTTP; Fri, 13 Jan 2023 16:09:04 +0000
Date: Fri, 13 Jan 2023 16:09:01 +0000
From: Reshad Rahman <reshad@yahoo.com>
Reply-To: Reshad Rahman <reshad@yahoo.com>
To: Kent Watsen <kent+ietf@watsen.net>, "Joe Clarke (jclarke)" <jclarke@cisco.com>
Cc: "netmod@ietf.org" <netmod@ietf.org>
Message-ID: <657314978.569052.1673626141298@mail.yahoo.com>
In-Reply-To: <BN9PR11MB5371F2850125321CA3A4D0C2B8C29@BN9PR11MB5371.namprd11.prod.outlook.com>
References: <166550781186.32963.9887765015952461336@ietfa.amsl.com> <BN9PR11MB5371ECA66CDF56D413BA3069B8239@BN9PR11MB5371.namprd11.prod.outlook.com> <1069671707.1837247.1666017224763@mail.yahoo.com> <0100018430805c7b-626cee46-68f9-4396-9d5f-8d7b795e791e-000000@email.amazonses.com> <1373706766.1738380.1667417740616@mail.yahoo.com> <01000185ab35cc32-3bfbb987-39f7-48ef-a285-8d5159c1cc9e-000000@email.amazonses.com> <BN9PR11MB5371F2850125321CA3A4D0C2B8C29@BN9PR11MB5371.namprd11.prod.outlook.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_Part_569051_424192567.1673626141293"
X-Mailer: WebService/1.1.21062 YMailNorrin
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/PBwfuimluw6BHfHenVh2P7doUEk>
Subject: Re: [netmod] I-D Action: draft-ietf-netmod-syslog-model-28.txt
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Jan 2023 16:09:09 -0000
Hi Joe, Kent,
I think adding a "stop" action would indeed help and yes identities is a good idea.
Regards,Reshad.
On Friday, January 13, 2023, 09:22:41 AM EST, Joe Clarke (jclarke) <jclarke@cisco.com> wrote:
One thing I was kicking around with Mahesh is a compromise on Reshad’s problem by adding a “stop” action. It won’t address the organization of the destination, but it would allow for one to express this semantic. Moreover, the actions could be turned into identities (instead of an enum) to allow for future extensibility here.
What does the WG think of these options (now that we’re in another LC)?
Joe
From: Kent Watsen <kent+ietf@watsen.net>
Date: Friday, January 13, 2023 at 07:58
To: Reshad Rahman <reshad@yahoo.com>
Cc: netmod@ietf.org <netmod@ietf.org>, Joe Clarke (jclarke) <jclarke@cisco.com>
Subject: Re: [netmod] I-D Action: draft-ietf-netmod-syslog-model-28.txt
Hi Reshad,
Thank you for explaining. I share your assessment that it the model may not be implementable in rsyslog. I also cannot fault the model nor advocate a change. It is unknown to me how pervasive the issue may be, but the model did go thru a WGLC before, which would've been the time for the various "network OS" vendors to flag issues. Furthermore, there has been no uproar following your message below, in fact, I'm the first to respond. Based on this, my assessment (as both Shepherd and Chair) is to proceed the document now.
Kent
On Nov 2, 2022, at 3:35 PM, Reshad Rahman <reshad@yahoo.com> wrote:
Hi Kent,
It's not the text, but the way the YANG model is organized v/s rsyslog config+behaviour.
The YANG model is organized with collectors at the top. e.g. for remote collectors we have a list of destinations, for each destination a facility-list (keyed on facility + severity and ordered-by-user) and for each facility+severity tuple we have an action: "block" or "log".
rsyslog config is not organized the same way as the YANG model: it first matches on facility+severity and then the action is a "collector" (e.g. destination or logfile) or "stop". "stop" is not the equivalent of "block": once a "stop" is hit, the message is discarded. This means if other destinations were meant to receive this message, they won't.
So translating/mapping the YANG model to rsyslog config is problematic when "block" is used. As per previous disclaimer, I am no rsyslog expert. If there's anyone who's managed to make it work....
And JTBC, I'm not saying the model is wrong since it probably matches how many/most network OSes behave.
Regards,
Reshad.
On Monday, October 31, 2022, 08:03:50 PM EDT, Kent Watsen <kent+ietf@watsen.net> wrote:
Reshad,
Which text in the draft are you pointing to?
Thanks,
Kent // as Shepherd
On Oct 17, 2022, at 10:33 AM, Reshad Rahman <reshad@yahoo.com> wrote:
Hi,
I believe this model is hard (impossible?) to implement with rsyslog since with rsyslog as soon as a message is blocked/discarded, no further processing of that message takes place (so other destinations won't get the message either). I don't have a solution proposal, just an observation...
Disclaimer: I'm not a syslog expert and I have no idea what implementations out there typically do.
Regards,
Reshad.
On Tuesday, October 11, 2022, 01:11:26 PM EDT, Joe Clarke (jclarke) <jclarke=40cisco.com@dmarc.ietf.org> wrote:
This revision does a few things:
· Addresses comment from 114 to use ct:asymmetric-key-pair-with-cert-grouping instead of ct:asymmetric-key-pair-with-certs-grouping
· Fix Mahesh’s email
· Replace obsolete RFC references
· Adjust some line lengths
This passes YANG validation and IDNITS and addresses all known open comments.
We’d like to ask the chairs to conduct another WG LC for this work.
Joe
From:netmod <netmod-bounces@ietf.org> on behalf of internet-drafts@ietf.org <internet-drafts@ietf.org>
Date: Tuesday, October 11, 2022 at 13:04
To: i-d-announce@ietf.org <i-d-announce@ietf.org>
Cc: netmod@ietf.org <netmod@ietf.org>
Subject: [netmod] I-D Action: draft-ietf-netmod-syslog-model-28.txt
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Network Modeling WG of the IETF.
Title : A YANG Data Model for Syslog Configuration
Authors : Joe Clarke
Mahesh Jethanandani
Clyde Wildes
Kiran Koushik
Filename : draft-ietf-netmod-syslog-model-28.txt
Pages : 41
Date : 2022-10-11
Abstract:
This document defines a YANG data model for the configuration of a
syslog process. It is intended this model be used by vendors who
implement syslog in their systems.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-netmod-syslog-model/
There is also an htmlized version available at:
https://datatracker.ietf.org/doc/html/draft-ietf-netmod-syslog-model-28
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-netmod-syslog-model-28
Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts
_______________________________________________
netmod mailing list
netmod@ietf.org
https://www.ietf.org/mailman/listinfo/netmod
_______________________________________________
netmod mailing list
netmod@ietf.org
https://www.ietf.org/mailman/listinfo/netmod
- [netmod] I-D Action: draft-ietf-netmod-syslog-mod… internet-drafts
- Re: [netmod] I-D Action: draft-ietf-netmod-syslog… Joe Clarke (jclarke)
- Re: [netmod] I-D Action: draft-ietf-netmod-syslog… Reshad Rahman
- Re: [netmod] I-D Action: draft-ietf-netmod-syslog… Kent Watsen
- Re: [netmod] I-D Action: draft-ietf-netmod-syslog… Reshad Rahman
- Re: [netmod] I-D Action: draft-ietf-netmod-syslog… Kent Watsen
- Re: [netmod] I-D Action: draft-ietf-netmod-syslog… Joe Clarke (jclarke)
- Re: [netmod] I-D Action: draft-ietf-netmod-syslog… Reshad Rahman