Re: [netmod] Adding system configuration to running [was: Re: Comments on NMDA-04]

Robert Wilton <> Thu, 14 September 2017 17:08 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 641BF133063 for <>; Thu, 14 Sep 2017 10:08:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id X--_e75zmHNc for <>; Thu, 14 Sep 2017 10:08:46 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 0CD4D132924 for <>; Thu, 14 Sep 2017 10:08:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;;; l=7079; q=dns/txt; s=iport; t=1505408926; x=1506618526; h=subject:to:cc:references:from:message-id:date: mime-version:in-reply-to; bh=9gcc3Z9yZFaOgEsbNuDHcFJbWroMqNqIcgG0BiSjLoA=; b=Oa2EBN2GQB3cn3CR+zuUFhrpeO6Ifjf5fjkVfcBi8uYU3YlapPqNQ2G8 rFuJSfCYu3z8bT2bNE8yKFeYiU3iWIVJEAu5Ne/IZDkNPdH9HFbl3rMD0 TWo03H4wyjG1q780HxqXSvrv+KOWxr8idEcuA4QmxGCA+jd1oz3GBUn8S o=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.42,394,1500940800"; d="scan'208,217";a="654622292"
Received: from (HELO ([]) by with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 14 Sep 2017 17:08:41 +0000
Received: from [] ( []) by (8.14.5/8.14.5) with ESMTP id v8EH8avI025099; Thu, 14 Sep 2017 17:08:41 GMT
To: Balazs Lengyel <>, Martin Bjorklund <>
References: <> <> <>
From: Robert Wilton <>
Message-ID: <>
Date: Thu, 14 Sep 2017 18:08:36 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: multipart/alternative; boundary="------------A4607966B5D2EB4AA3DADE38"
Content-Language: en-US
Archived-At: <>
Subject: Re: [netmod] Adding system configuration to running [was: Re: Comments on NMDA-04]
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: NETMOD WG list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 14 Sep 2017 17:08:48 -0000

On 14/09/2017 16:35, Balazs Lengyel wrote:
> See below!
> On 2017-09-14 16:32, Martin Bjorklund wrote:
>> Hi Balazs,
>> Thanks for your review.  Comments inline.
>> Balazs Lengyel<>  wrote:
>>> Hello,
>>> Reading the draft-ietf-netmod-revised-datastores-04 some comments:
>>> General) The system often adds data to the <running> or <intended>
>>> datastore already not just to <operational>: e.g.
>>> UC1: I have a server configured in running. I need to bind it to an
>>> ip-address. The ip-address might be the local loopback address,
>>> however if that is only added to <operational>, validation will
>>> fail indicating that the server is bound to a non-existent
>>> address. How to handle this?
>>> UC2: I have a set of capabilities set by the system
>>> e.g. supported-reporting-intervals. I need to configure a job that
>>> MUST use one of these intervals. If the supported-reporting-intervals
>>> are only added to <operational> I can not validate the
>>> selected-interval in my configured job.
>>> My proposal is to allow the system to add data to running as
>>> well. Actually I think that is a more relevant case then adding
>>> configuration just to <operation>.
>> I think the consensus is that in general it is a bad idea if servers
>> (spontaneously) add data to <running>.  However, there is nothing in
>> the new or old architectures that prohibits this.
> BALAZS: I strongly disagree.  I know others are also adding stuff to 
> running as well.
> IMHO the above use cases are real and used and actually important for us.
> I would like to see them included in some way.
I basically agree with Martin here.

The architecture is cleaner if <running> is only written by the client.  
This avoid requiring clients tracking unexpected changes to running, and 
opens up the possibility of validating configuration off the box.  
Ideally extra stuff should be added into <intended> and then become 
visible in <operational>.

I understand that some systems add data to <running>, and this is fine.  
But I think that it is better for an architecture document to be silent 
on this point.


> regards Balazs
> -- 
> Balazs Lengyel                       Ericsson Hungary Ltd.
> Senior Specialist
> Mobile: +36-70-330-7909      
> _______________________________________________
> netmod mailing list