IETF Logo Mail Archive

Re: [netmod] draft-kwatsen-netconf-server / VRF specification for listening ports & outgoing connections

David Lamparter <equinox@diac24.net> Wed, 05 March 2014 17:01 UTC

Return-Path: <equinox@diac24.net>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 714FE1A0140; Wed, 5 Mar 2014 09:01:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q_378kv9R7yM; Wed, 5 Mar 2014 09:01:22 -0800 (PST)
Received: from spaceboyz.net (spaceboyz.net [IPv6:2001:8d8:870:1000::1]) by ietfa.amsl.com (Postfix) with ESMTP id 9EDA11A012A; Wed, 5 Mar 2014 09:01:22 -0800 (PST)
Received: from [2001:8d8:81:5c2::] (helo=jupiter.n2.diac24.net) by spaceboyz.net with esmtps (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.80.1) (envelope-from <equinox@diac24.net>) id 1WLFC1-0002M0-Pz; Wed, 05 Mar 2014 18:01:17 +0100
Received: from equinox by jupiter.n2.diac24.net with local (Exim 4.80.1) (envelope-from <equinox@diac24.net>) id 1WLFBn-003IgT-Os; Wed, 05 Mar 2014 18:01:07 +0100
Date: Wed, 05 Mar 2014 18:01:03 +0100
From: David Lamparter <equinox@diac24.net>
To: Martin Bjorklund <mbj@tail-f.com>
Message-ID: <20140305170103.GQ104882@jupiter.n2.diac24.net>
References: <20140303140039.GZ856433@jupiter.n2.diac24.net> <20140305.163154.391777655.mbj@tail-f.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20140305.163154.391777655.mbj@tail-f.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: http://mailarchive.ietf.org/arch/msg/netmod/YWldsXJN4Zuqj43oaCLVcTz4oC0
Cc: netconf@ietf.org, netmod@ietf.org
Subject: Re: [netmod] draft-kwatsen-netconf-server / VRF specification for listening ports & outgoing connections
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Mar 2014 17:01:25 -0000

(comments below)

On Wed, Mar 05, 2014 at 04:31:54PM +0000, Martin Bjorklund wrote:
> David Lamparter <equinox@diac24.net> wrote:
> > The original question was, how the configured device chooses a "VPN"
> > for
> > either incoming or outgoing connections.  This referred to VRF
> > instances.  In particular, for the very simplest case where this
> > matters, there are devices that have out of band management ports and
> > treat those as a VRF.  So, both for listening and for connecting, the
> > device needs to choose between "VR-Default" and "VR-Mgmt" (actual
> > names,
> > guess the vendor.)  It could even listen in both VRFs, to be
> > manageable
> > inband (normal ops maybe?) and out of band (network in flames?).
> > 
> > Even though this was raised on the server config model, this is a
> > rather
> > generic problem.  E.g. specifying a NTP or Syslog server has the same
> > issue.  (Cc' from netconf to netmod due to this.)
> 
> If I understand this correctly, the proposal is to include a reference
> to a routing-instance (rt:routing-instance-ref) in all cases where we
> currently have an ip-address (or host) and a port, since the
> combination of ip-adress and port is not guaranteed to be unique, on
> systems with multiple routing instances.

Indeed, with the caveat that this also applies to listening ports (which
are specified just the same, just noting it so this doesn't get lost.)

>   leaf address          { type inet:ip-address; }
>   leaf port             { type inet:port-number; }
>   leaf routing-instance { type rt:routing-instance-ref; }
> 
> 
> The existsing data models (specifically ietf-system) are designed in a
> way that vendors can augment there own definition of routing-instance
> or vrf.  (However, I noticed that ietf-snmp is not).
> 
> The question is if the IETF models should include a standardized way
> to handle this.  I can see three alternatives:
> 
>   1)  Do nothing.  I.e., assume ip/port is unique.
> 
>   2)  In all our data models, always make sure we add an (optional)
>       reference to a routing-instance, whenever we have a ip/port for
>       inbound/outbound traffic.
> 
>   3)  Do not add the routing-instance references, but design our data
>       models so that vendors can augment with this if they have to.

It seems that 1) would imply a mixture of not having support for this
and case 3) in places where we already allow extensions, and I'd claim
that this inconsistency is undesirable.

I would however argue for option 2), based on the fact that routing-cfg
does have routing instances in a standardised way, and I don't see the
point in each vendor defining a distinct extension to add this
reference.  Essentially, I would say that if there's a problem with 2)
here, there's also a problem with routing instances in routing-cfg,
which in turn means we fix that or we're headed for neverland on the
express train.


Cheers,


-David

v2.23.0 | Report a Bug | By Email