IETF Logo Mail Archive

Re: [netmod] WG Last Call for draft-ietf-netmod-acl-model-08 (until Oct 5, 2016)

Mahesh Jethanandani <mjethanandani@gmail.com> Fri, 18 November 2016 13:56 UTC

Return-Path: <mjethanandani@gmail.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8CF1B129494 for <netmod@ietfa.amsl.com>; Fri, 18 Nov 2016 05:56:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QEHas5bYEwoN for <netmod@ietfa.amsl.com>; Fri, 18 Nov 2016 05:56:35 -0800 (PST)
Received: from mail-pg0-x22e.google.com (mail-pg0-x22e.google.com [IPv6:2607:f8b0:400e:c05::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7472B129421 for <netmod@ietf.org>; Fri, 18 Nov 2016 05:56:35 -0800 (PST)
Received: by mail-pg0-x22e.google.com with SMTP id f188so103095056pgc.3 for <netmod@ietf.org>; Fri, 18 Nov 2016 05:56:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:subject:from:in-reply-to:date:cc:message-id:references :to; bh=END4d5V4t2VlghT5wZL6KXsZB8jFShkG5iUofNxkkM4=; b=kc740rQ+bMIni8gVUgu5DOb2Mh2pXqAaIcMnhARTpHFkY+oPDGkMhSQDUE60IG0tyw nd/dKjea5pHsUGNMrcGpr01eQ33zcXvTHXIbi+VhzjbH23Fg976y/vLCut6o26FFiR9w /+4XfqN5v/5O0OJm2ls3SF0UN8ejeL8kBhYv7IbU/f5dIdEk7cAJGKEueSGUeeT800f/ WEbNIPN5aMQQ/EH/Y/fEha+xH2lN6kBh9ys03SXk+DZy15Aeo/Al/ChKD8M76l0cAIHB MDBX9H9l0VggrlLymXXLP9cMY7aUMrbikuSvRiG8Q1lwofgCJ594RtiMWL6Lw8dh+VK3 NWTg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :message-id:references:to; bh=END4d5V4t2VlghT5wZL6KXsZB8jFShkG5iUofNxkkM4=; b=ez8sY7JR6wBWUFxL1ShA2wwTyRZWemporEDbEDf2al8cOcKtoIclZaeCaJg+hL9QyD haY8qNUMMWN3Zm8yXnlyB7w09lhsz6fU2ZW1W6qlDsptYfRJ9XsZl76Ly+yo4MthVAOL fR600MzVuu8KgwqaiNszpYU2S9R5Jrn5bBfwk/XiP3ELr3ZfkDe4k0Vt2SVljZH8dmPl LvzqC0/RZ5qvQcKVl9ivFHx5JwEA6c8wjw7pynAHKJRynuAFnBf3UekLee0kxXh2JJ3v 2FIFRqiVvbeQXoLDAnTQCge3MAKmmBjuaSvnakDPK5cqPNy0zG1qaB7UcfVqeV81EUbn AOng==
X-Gm-Message-State: ABUngvene0Y4tibzWcaYT/lvufav+UDnT7HdUmcnHxSoXL/TSUTPINLmjd8WNuOmlf3Y4Q==
X-Received: by 10.98.141.74 with SMTP id z71mr11925068pfd.53.1479477395021; Fri, 18 Nov 2016 05:56:35 -0800 (PST)
Received: from [10.35.133.250] ([58.123.138.206]) by smtp.gmail.com with ESMTPSA id s197sm334343pgc.38.2016.11.18.05.56.32 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 18 Nov 2016 05:56:34 -0800 (PST)
Content-Type: multipart/alternative; boundary="Apple-Mail=_F8B3158B-CBD5-41BA-8B32-EFD07A9438C8"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Mahesh Jethanandani <mjethanandani@gmail.com>
In-Reply-To: <11EEB7BE-425F-4B6F-8D33-FC59B6DB6680@gmail.com>
Date: Fri, 18 Nov 2016 22:56:34 +0900
Message-Id: <B682AB94-3B9C-4036-98D4-FC58D022BFEE@gmail.com>
References: <FF9788DC-4444-4B3F-8F88-5D8978DFBA4A@juniper.net> <7F859F89F9B4DD4DB902232F9E2DAC08387893C8@ESGSCMB103.ericsson.se> <11EEB7BE-425F-4B6F-8D33-FC59B6DB6680@gmail.com>
To: Dean Bogdanavich <ivandean@gmail.com>
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/W0qTPUnbrmJeFoTQHJdtss4bz8I>
Cc: "netmod@ietf.org" <netmod@ietf.org>
Subject: Re: [netmod] WG Last Call for draft-ietf-netmod-acl-model-08 (until Oct 5, 2016)
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Nov 2016 13:56:38 -0000

> On Nov 13, 2016, at 11:02 AM, Dean Bogdanovic <ivandean@gmail.com> wrote:
> 
> Adrian,
> 
> Sorry for not replying earlier. Your email fell through the cracks. 
> 
>> On Sep 21, 2016, at 5:55 PM, Adrian Pan <adrian.pan@ericsson.com <mailto:adrian.pan@ericsson.com>> wrote:
>> 
>> I have reviewed draft-ietf-netmod-acl-model-08 and I am considering to implement the data model in the draft, while I found below issue:
>> - Operator is able to configure the matches of ace different from the acl-type, i.e ace configured with ipv6 matches while the “acl-type” is configured as ipv4 in the acl, this is not aligned with the model design intention.
> 
> The acl-type provides implicit specification of the match criteria. Authors wanted to enable support for mixed type acl (example mac and ip) in the same list. And let the vendors determine based on their platform and what is supported how to implement the model.

I do not understand “implicit specification of the match criteria". Say the acl-type is specified as ipv6, and the user configures a ipv4 address in the ACL, how does it help the platform?

I agree with Adrian that a more intuitive use of the acl-type would be to check whether the address being configured matches the type and reject the configuration if it does not.

> 
> Dean
> 
>>  
>> Thanks
>> Adrian
>> From: netmod [mailto:netmod-bounces@ietf.org <mailto:netmod-bounces@ietf.org>] On Behalf Of Kent Watsen
>> Sent: Wednesday, September 21, 2016 4:46 AM
>> To: netmod@ietf.org <mailto:netmod@ietf.org>
>> Subject: [netmod] WG Last Call for draft-ietf-netmod-acl-model-08 (until Oct 5, 2016)
>>  
>>  
>> This is a notice to start a two-week NETMOD WG last call for the document:
>>  
>>                Network Access Control List (ACL) YANG Data Model
>>                https://tools.ietf.org/html/draft-ietf-netmod-acl-model-08 <https://tools.ietf.org/html/draft-ietf-netmod-acl-model-08>
>>  
>> Please indicate your support or concerns by Wednesday, October 5, 2016.
>>  
>> We are particularly interested in statements of the form:
>>   * I have reviewed draft-ietf-netmod-acl-model-08 and found no issues.
>>   * I have reviewed draft-ietf-netmod-acl-model-08 and found the following issues: ...
>>  
>> As well as:
>>  * I have implemented the data model in draft-ietf-netmod-acl-model-08.
>>   * I am implementing the data model in draft-ietf-netmod-acl-model-08.
>>   * I am considering to implement the data model in draft-ietf-netmod-acl-model-08.
>>   * I am not considering to implement the data model in draft-ietf-netmod-acl-model-08.
>>  
>> Thank you,
>> NETMOD WG Chairs
>>  
>>  
>> _______________________________________________
>> netmod mailing list
>> netmod@ietf.org <mailto:netmod@ietf.org>
>> https://www.ietf.org/mailman/listinfo/netmod <https://www.ietf.org/mailman/listinfo/netmod>
> 
> _______________________________________________
> netmod mailing list
> netmod@ietf.org
> https://www.ietf.org/mailman/listinfo/netmod

Mahesh Jethanandani
mjethanandani@gmail.com

v2.23.0 | Report a Bug | By Email