IETF Logo Mail Archive

Re: [netmod] some comments on netmod-base-notification-nmda (validation after commit response, etc)

Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> Wed, 07 November 2018 16:32 UTC

Return-Path: <j.schoenwaelder@jacobs-university.de>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7327130E58 for <netmod@ietfa.amsl.com>; Wed, 7 Nov 2018 08:32:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dmg0S-C3-CNG for <netmod@ietfa.amsl.com>; Wed, 7 Nov 2018 08:32:07 -0800 (PST)
Received: from atlas5.jacobs-university.de (atlas5.jacobs-university.de [212.201.44.20]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 51827130E5C for <netmod@ietf.org>; Wed, 7 Nov 2018 08:32:06 -0800 (PST)
Received: from localhost (demetrius5.irc-it.jacobs-university.de [10.70.0.222]) by atlas5.jacobs-university.de (Postfix) with ESMTP id 65072EC0; Wed, 7 Nov 2018 17:32:05 +0100 (CET)
X-Virus-Scanned: amavisd-new at jacobs-university.de
Received: from atlas5.jacobs-university.de ([10.70.0.217]) by localhost (demetrius5.jacobs-university.de [10.70.0.222]) (amavisd-new, port 10032) with ESMTP id eWxpZlklHuqB; Wed, 7 Nov 2018 17:32:04 +0100 (CET)
Received: from hermes.jacobs-university.de (hermes.jacobs-university.de [212.201.44.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hermes.jacobs-university.de", Issuer "Jacobs University CA - G01" (verified OK)) by atlas5.jacobs-university.de (Postfix) with ESMTPS; Wed, 7 Nov 2018 17:32:05 +0100 (CET)
Received: from localhost (demetrius4.jacobs-university.de [212.201.44.49]) by hermes.jacobs-university.de (Postfix) with ESMTP id 4D7332003C; Wed, 7 Nov 2018 17:32:05 +0100 (CET)
X-Virus-Scanned: amavisd-new at jacobs-university.de
Received: from hermes.jacobs-university.de ([212.201.44.23]) by localhost (demetrius4.jacobs-university.de [212.201.44.32]) (amavisd-new, port 10024) with ESMTP id J21QGUVI6kYB; Wed, 7 Nov 2018 17:32:04 +0100 (CET)
Received: from exchange.jacobs-university.de (SXCHMB02.jacobs.jacobs-university.de [10.70.0.121]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "exchange.jacobs-university.de", Issuer "DFN-Verein Global Issuing CA" (verified OK)) by hermes.jacobs-university.de (Postfix) with ESMTPS id E16A82003F; Wed, 7 Nov 2018 17:32:03 +0100 (CET)
Received: from anna.localdomain (10.50.218.117) by sxchmb03.jacobs.jacobs-university.de (10.70.0.155) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.1591.10; Wed, 7 Nov 2018 17:32:03 +0100
Received: by anna.localdomain (Postfix, from userid 501) id CE7AD3003B2A3E; Wed, 7 Nov 2018 17:32:02 +0100 (CET)
Date: Wed, 07 Nov 2018 17:32:02 +0100
From: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
To: Qin Wu <bill.wu@huawei.com>
CC: "Sterne, Jason (Nokia - CA/Ottawa)" <jason.sterne@nokia.com>, "netmod@ietf.org" <netmod@ietf.org>
Message-ID: <20181107163202.3espsfrdfaq7rowp@anna.jacobs.jacobs-university.de>
Reply-To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
Mail-Followup-To: Qin Wu <bill.wu@huawei.com>, "Sterne, Jason (Nokia - CA/Ottawa)" <jason.sterne@nokia.com>, "netmod@ietf.org" <netmod@ietf.org>
References: <B8F9A780D330094D99AF023C5877DABA9B10099A@nkgeml513-mbs.china.huawei.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
X-Clacks-Overhead: GNU Terry Pratchett
Content-Transfer-Encoding: 8bit
In-Reply-To: <B8F9A780D330094D99AF023C5877DABA9B10099A@nkgeml513-mbs.china.huawei.com>
User-Agent: NeoMutt/20180716
X-ClientProxiedBy: SXCHMB04.jacobs.jacobs-university.de (10.70.0.156) To sxchmb03.jacobs.jacobs-university.de (10.70.0.155)
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/RGj5dKm27hzYHkt1wa5WKwni5CU>
Subject: Re: [netmod] some comments on netmod-base-notification-nmda (validation after commit response, etc)
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Nov 2018 16:32:17 -0000

RFC 8342 says:

   However,
   <running> MUST always be a valid configuration data tree, as defined
   in Section 8.1 of [RFC7950].

   <intended> is tightly coupled to <running>.  Whenever data is written
   to <running>, the server MUST also immediately update and validate
   <intended>.

   <intended> MAY also be updated independently of <running> if the
   effect of a configuration transformation changes, but <intended> MUST
   always be a valid configuration data tree, as defined in Section 8.1
   of [RFC7950].

   For simple implementations, <running> and <intended> are identical.

/js

On Wed, Nov 07, 2018 at 03:37:57PM +0000, Qin Wu wrote:
> 发件人: netmod [mailto:netmod-bounces@ietf.org] 代表 Sterne, Jason (Nokia - CA/Ottawa)
> 发送时间: 2018年11月6日 10:56
> 收件人: netmod@ietf.org
> 主题: [netmod] some comments on netmod-base-notification-nmda (validation after commit response, etc)
> 
> Hello,
> 
> The draft mentions that "It is possible that some configuration could not be applied to <operational> due to either validation issues, or missing resource etc."
> 
> But wouldn't validation errors cause an error response to the commit RPC? I'm not clear why there would be validation later in the commit/apply process that wasn't part of the decision to reply OK/NOK to the commit.
> 
> 
> [Qin]:The configuration is written into running via commit operation, but commit operation doesn’t equal to validate operation. Validate operation is defined in RFC6241 to validate, e.g., candidate datastore or the <config> element containing the complete configuration in the edit config. But RFC6241 doesn’t discuss how validate operation can be applied to intended or other NMDA datastore since NMDA is introduced after RFC6241 gets published.
> 
> 
> 
> As described in RFC8342 and figure 2 of RFC8342
> 
> “Whenever data is written
> 
>    to <running>, the server MUST also immediately update and validate
> 
>    <intended>.
> 
> “
> 
> So validate <intended> takes place after commit operation. It involves in configuration transformations to <running> before intended validation operation.
> 
> The draft also implies that the process of moving config from running -> intended -> operational is decoupled from the application of a candidate -> running.
> - Do systems reply OK/NOK to a commit before config is moved from running->intended->operational ?
> [Qin]: reply OK/NOK indicates whether configuration is written into running but doesn’t tell us whether validation performed on intended is success or failure, validate operation defined in RFC6241 on candidate datastore may be different from Validation operation on intended since it clearly happens at different stage, sure validate operation can be applied to intended, but no standards explicitly specify whether validate operation can be applied to intended.
> This is something we can update in this document.
> 
> - If so, then maybe it isn't correct to have a username in the notifications. A specific user/session did the commit, but then if the commit process ends after candidate->running (i.e. the reply happens at that point), then isn't it really the system moving the config from running->intended->operational?
> [Qin]: See above.
> Jason

> _______________________________________________
> netmod mailing list
> netmod@ietf.org
> https://www.ietf.org/mailman/listinfo/netmod


-- 
Juergen Schoenwaelder           Jacobs University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
Fax:   +49 421 200 3103         <https://www.jacobs-university.de/>

v2.23.0 | Report a Bug | By Email