Re: [netmod] Key collision between configured and ephemeral list entries

tom petch <ietfc@btconnect.com> Wed, 29 May 2019 11:04 UTC

Return-Path: <ietfc@btconnect.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1489312008D; Wed, 29 May 2019 04:04:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.257
X-Spam-Level:
X-Spam-Status: No, score=0.257 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RATWARE_MS_HASH=2.148, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_FILL_THIS_FORM_SHORT=0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=btconnect.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Sj9vwqsGhfNE; Wed, 29 May 2019 04:04:01 -0700 (PDT)
Received: from EUR02-AM5-obe.outbound.protection.outlook.com (mail-eopbgr00093.outbound.protection.outlook.com [40.107.0.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DB0CD120106; Wed, 29 May 2019 04:04:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=btconnect.onmicrosoft.com; s=selector1-btconnect-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Z97l5tKHNXTjvTjWxKfAfxxbR++12uLLq+0cJMayAYc=; b=fSw0l5CF0komnE1psmVHVFwsfFC2tjcFukG2y0JbCwDihp1ywww10BiRg+XXgErd5nKQU3fHXCHdEj0Q06Xs6GgFX87z3nIYWZAWijDwlWy/0/1WRgJLxssoGaAX+tTvDyV6W+lRTNTyYJmVTo92iWpGBC6IRWk/z8c+qQadXlc=
Received: from VI1PR07MB3118.eurprd07.prod.outlook.com (10.175.242.156) by VI1PR07MB3917.eurprd07.prod.outlook.com (52.134.27.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1943.12; Wed, 29 May 2019 11:03:58 +0000
Received: from VI1PR07MB3118.eurprd07.prod.outlook.com ([fe80::7537:44ee:88c1:dd6d]) by VI1PR07MB3118.eurprd07.prod.outlook.com ([fe80::7537:44ee:88c1:dd6d%7]) with mapi id 15.20.1943.016; Wed, 29 May 2019 11:03:58 +0000
From: tom petch <ietfc@btconnect.com>
To: Italo Busi <Italo.Busi@huawei.com>, "netmod@ietf.org" <netmod@ietf.org>
CC: "teas@ietf.org" <teas@ietf.org>
Thread-Topic: [netmod] Key collision between configured and ephemeral list entries
Thread-Index: AQHVFfphMHsTseJ1T0S+porZBJo1ZA==
Date: Wed, 29 May 2019 11:03:58 +0000
Message-ID: <062401d5160d$a568ea80$4001a8c0@gateway.2wire.net>
References: <91E3A1BD737FDF4FA14118387FF6766B2774D314@lhreml504-mbs> <017f01d515f9$d0c662c0$4001a8c0@gateway.2wire.net> <91E3A1BD737FDF4FA14118387FF6766B2774DF6C@lhreml504-mbs>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-clientproxiedby: LO2P265CA0465.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:a2::21) To VI1PR07MB3118.eurprd07.prod.outlook.com (2603:10a6:802:20::28)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=ietfc@btconnect.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-mailer: Microsoft Outlook Express 6.00.2800.1106
x-originating-ip: [86.139.215.234]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: c005375c-2029-4188-a2fe-08d6e42558c5
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:VI1PR07MB3917;
x-ms-traffictypediagnostic: VI1PR07MB3917:
x-ms-exchange-purlcount: 3
x-microsoft-antispam-prvs: <VI1PR07MB3917722A1F6BB32DEAA78D59A01F0@VI1PR07MB3917.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0052308DC6
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(39860400002)(396003)(376002)(366004)(136003)(189003)(199004)(13464003)(1556002)(81166006)(6512007)(25786009)(2501003)(9686003)(316002)(6436002)(6306002)(6486002)(8936002)(68736007)(66946007)(110136005)(7736002)(305945005)(8676002)(81686011)(14496001)(14444005)(76176011)(81156014)(44736005)(186003)(5024004)(52116002)(81816011)(446003)(73956011)(84392002)(4720700003)(2906002)(229853002)(64756008)(66446008)(66556008)(66476007)(61296003)(256004)(26005)(6506007)(53936002)(966005)(14454004)(478600001)(66066001)(4326008)(62236002)(99286004)(476003)(44716002)(486006)(3846002)(6116002)(102836004)(86362001)(50226002)(71200400001)(71190400001)(6246003)(386003)(5660300002)(53546011)(74416001)(7726001); DIR:OUT; SFP:1102; SCL:1; SRVR:VI1PR07MB3917; H:VI1PR07MB3118.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:0;
received-spf: None (protection.outlook.com: btconnect.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: otyiYDy+aTZ8lmhXgJiflYIecMie+6cUknv2FKofadiMHrfsDeFnF+IbIhXc64P7UiJc6V4sV0blfH/pM7ifF6EOpmtaBpDVjn9f2bCnvLIXUuoAOKw48ovMm3xjfnnf6o7AyVHWY+wXHao7O4vRUBgjBMGvwnzGUBWPpnngstqqqgLRjVTXNX4yAqYq+4zYXYvP6tN8fGYu6Lt9qAZqDR8Ys+Dhqm7tS30O3fmj21CzWwBejzXzH7QIFua4TO4uO7+RLB+9LY7eSAdmtjcyfIopVDkf7jXqhB9MlptyEDgN+IGQC7zNS/vBsE2ZFjgqfW6PHbauxlkR6m99acKasoaE/Dv+ltXcLbq6MIrwwINJfA0c9nk6OOoIlQTv+1qpEhXmNQf8b4fL7JZ8jglK6fXSMJXp/Hzj1qDkEokAt+E=
Content-Type: text/plain; charset="iso-8859-1"
Content-ID: <13E561767C4BA6458AC81121AB1B6E76@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: btconnect.com
X-MS-Exchange-CrossTenant-Network-Message-Id: c005375c-2029-4188-a2fe-08d6e42558c5
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 May 2019 11:03:58.3818 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: cf8853ed-96e5-465b-9185-806bfe185e30
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ietfc@btconnect.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR07MB3917
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/XH-doLABxv6-Xu2FrMoh8WERhPM>
Subject: Re: [netmod] Key collision between configured and ephemeral list entries
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 May 2019 11:04:03 -0000

----- Original Message -----
From: "Italo Busi" <Italo.Busi@huawei.com>;
Sent: Wednesday, May 29, 2019 11:02 AM

Hi Tom,

Thanks for your reply

It seems to me that the text you have quoted is from:
https://tools.ietf.org/html/rfc7950#section-6.2

If I can understand correctly, especially for section 6.2.1, this
constraints does not apply to name attributes whose syntax is defined as
a string and used as key of a list, such as the tunnel list defined in
the TE YANG model:

     |  +--rw tunnel* [name]
     |  |  +--ro operational-state?                  identityref
     |  |  +--rw name                                string

My understanding is that a tunnel list entry with a name starting with
'#' can exist in a YANG DS

<tp>

Italo

Ah yes, my misunderstanding.  'string' type is a bit more flexible i.e.

   The string built-in type represents human-readable strings in YANG.
   Legal characters are the Unicode and ISO/IEC 10646 [ISO.10646]
   characters, including tab, carriage return, and line feed but
   excluding the other C0 control characters, the surrogate blocks, and
   the noncharacters.

Plenty of scope there!


If this approach is taken, then I agree that hash is a good choice as it
stands out, unlike, say, underscore which vanishes in the line of text.

Tom Petch

Thanks, Italo

-----Original Message-----
From: tom petch [mailto:ietfc@btconnect.com]
Sent: mercoledì 29 maggio 2019 10:42
To: Italo Busi <Italo.Busi@huawei.com>;; netmod@ietf.org
Cc: teas@ietf.org
Subject: Re: [netmod] Key collision between configured and ephemeral
list entries

<inline>

Tom Petch

----- Original Message -----
From: "Italo Busi" <Italo.Busi@huawei.com>;
To: <netmod@ietf.org>;
Cc: <teas@ietf.org>;
Sent: Monday, May 27, 2019 2:16 PM
Subject: [netmod] Key collision between configured and ephemeral list
entries


On Friday within the TEAS WG, we have discussed an issue which seems
generic and therefore agreed to ask for guidelines to the Netmod WG

In the TE YANG model we have defined a tunnel list with a name attribute
used as a key:

     |  +--rw tunnel* [name]
     |  |  +--ro operational-state?                  identityref
     |  |  +--rw name                                string

See: https://tools.ietf.org/html/draft-ietf-teas-yang-te-21

The issue we are facing is how to avoid name collision between
configured and ephemeral tunnels. In other words, the issue we are
trying to address is how to avoid the client to assign to a configured
tunnel a name which have been already assigned by the server to another
ephemeral tunnel and vice-versa, in particular considering NMDA rules

We believe that the issue is generic and apply to any configured and
ephemeral list entries

Has this issue been already discussed/resolved in Netmod WG?

If not, what is the Netmod WG opinion/suggestion? We are currently
considering the following option:

   Use a special character for ephemeral names - e.g. such names always
are prepended by special character "#"
   Make the special character changeable by configuration - the default
can be "#" and user can change if they desire..

<tp>

If this is to conform with YANG 1.1, RFC7950, then the constraint is

   Identifiers are used to identify different kinds of YANG items by
   name.  Each identifier starts with an uppercase or lowercase ASCII
   letter or an underscore character, followed by zero or more ASCII
   letters, digits, underscore characters, hyphens, and dots.


No # (hash) anywhere so I suspect that a lot of tooling will fail in an
unpredictable way if it encounters an illegal character in an
identifier.

Tom Petch


Thanks, Italo

Italo Busi
Principal Optical Transport Network Research Engineer Huawei
Technologies Co., Ltd.
Tel : +39 345 4721946
Email : italo.busi@huawei.com
[cid:image002.png@01D5149F.354EF420]

This e-mail and its attachments contain confidential information from
HUAWEI, which is intended only for the person or entity whose address is
listed above. Any use of the information contained herein in any way
(including, but not limited to, total or partial disclosure,
reproduction, or dissemination) by persons other than the intended
recipient(s) is prohibited. If you receive this e-mail in error, please
notify the sender by phone or email immediately and delete it!

From: Tarek Saad [mailto:tsaad.net@gmail.com]
Sent: venerdì 24 maggio 2019 23:13
To: Igor Bryskin <Igor.Bryskin@huawei.com>;; Rakesh Gandhi
<rgandhi@cisco.com>;; Xufeng <xufeng.liu.ietf@gmail.com>;; Vishnu Pavan
Beeram <vbeeram@juniper.net>;; Italo Busi <Italo.Busi@huawei.com>;
Cc: teas@ietf.org
Subject: Discussion on modelling container TE tunnels in YANG

The team on "to" list met to discuss this subject topic. Notes from
today's discussion (please add if I missed):

Name collision between configured and ephemeral tunnels:
  This is a generic problem in NMDA.
  How to handle collisions between configured and ephemeral (or
auto-created) objects of a list, if the list uses the object (string
based) name as the key?
  Both configured and ephemeral can have the same object name but they
are different objects - how to avoid such collision.
 Proposed solution:
   Option 1:
   Use a special character for ephemeral names - e.g. such names always
are prepended by special character "#"
   Make the special character changeable by configuration - the default
can be "#" and user can change if they desire..
  Others?
AI (Italo): to send email to netmod group.

Container TE tunnels discussion:
-          Container tunnels are grouping of tunnels between same 2
endpoints to share incoming traffic towards the egress
-          Member tunnels of a container tunnel can be
auto-created/deleted on-demand and controlled by thresholds specified
under the container
-          Some attributes may apply on the container tunnel and
inherited down to member tunnels of the container
-          Q: Should model allow member tunnel to override inherited
attributes from container tunnel?
-          Q: Should all auto-created member tunnels of a container have
the same prefix/suffix - i..e prefix/suffix can be configurable

Regards,
Tarek






------------------------------------------------------------------------
--------


> _______________________________________________
> netmod mailing list
> netmod@ietf.org
> https://www.ietf.org/mailman/listinfo/netmod
>