IETF Logo Mail Archive

[netmod] Re: 3rd WGLC on system-config-10 (was "2nd")

"Rob Wilton (rwilton)" <rwilton@cisco.com> Wed, 18 December 2024 17:29 UTC

Return-Path: <rwilton@cisco.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A6ADFC207964 for <netmod@ietfa.amsl.com>; Wed, 18 Dec 2024 09:29:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.738
X-Spam-Level:
X-Spam-Status: No, score=-9.738 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.148, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_HELO_PERMERROR=0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ckXmfgmTVoTI for <netmod@ietfa.amsl.com>; Wed, 18 Dec 2024 09:29:12 -0800 (PST)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com [173.37.86.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 865C2C180B4D for <netmod@ietf.org>; Wed, 18 Dec 2024 09:29:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.com; i=@cisco.com; l=42638; q=dns/txt; s=iport; t=1734542952; x=1735752552; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=pEr5QW7+YH7vdAYL9jkJcqlGqVZpOladHfWUFk0Txdk=; b=iEUmgPmEFs10DtsACIMx9oYyiKXDdiWBDMMBH5PIGK/n4o/+Czu1Uc9y SStpAgO2Tx9zQS4XNncN9Qc5hRR7ITN7eTQpZT7JrmoMXVSAqb3ZWszz+ ugaI7gXMv+RH6H7Apx21/Y0LbgsA177cSderHpGYY7qWrv+odXGx9G1bI 0=;
X-CSE-ConnectionGUID: gQZ8Ir5xQ1WVpDBTBwusDQ==
X-CSE-MsgGUID: PPkU7pwuTtKxjaxVk/zeXw==
X-IPAS-Result: A0B2AwAABWNn/5T/Ja1QAQkeAQELEgxAJYEjC4FBMSooB3aBHEiIIQOFLYhyA5FKhjOBO4RgFIERA1YPAQEBDQJEBAEBghOCdAKKbAImNAkOAQIEAQEBAQMCAwEBAQEBAQEBAQEBCwEBBQEBAQIBBwWBDhOGCIZaAQEBAQMSZxACAQgRAwECIQENMR0IAgQOBQgTB4JgghxIAwGlQAGBQAKKK3iBNIEB4CCBSIhOASqBMoQPhHcnG4FJRIEVQoFmgQI+hBYBEgsRHoN1gi8EgiMXTIIbLgOBXl4lZ4N+gzQShgd0O4MXjANSdSIDJjMhEQFVExcLBwWBKR8rA4EVggWBWwU3Cj05AYIQaUk3Ag0CNoIifIJNgluCPYRhYS8DAwMDgzuGGoIXgWgDAxYTgRgdQAMLbT03FBsFBIE1BZsgAYEERoMFHw8tBjIPIwQUBlBGfREXAQEPMAUGKQOTHAoCjnhHg1SJdkiVEQqEGqF8F4QEjQWKUI1iMGaYe4JXoQEPDYUMAgQCBAUCDwEBBoFnPIFZcBUaIYJnUhkPgXGMPBaBDAECwFp4PAIHCwEBAwmPOy2BTgEB
IronPort-PHdr: A9a23:VbgIfxwghfhSLHHXCzPsngc9DxPP8539OgoTr50/hK0LKeKo/o/pO wrU4vA+xFPKXICO8/tfkKKWqKHvX2Uc/IyM+G4Pap1CVhIJyI0WkgUsDdTDCBjTJ//xZCt8F 8NHPGI=
IronPort-Data: A9a23:TBWAkaqFdTB/v+r9YM6/eCbECeVeBmJZZBIvgKrLsJaIsI4StFCzt garIBmHbPvbamLyLt51aoyy8E4P6pOAztdiGQI6pS80FylAoOPIVI+TRqvS04x+DSFioGZPt Zh2hgzodZhsJpPkjk7zdOCn9T8kiPngqoPUUIbsIjp2SRJvVBAvgBdin/9RqoNziLBVOSvV0 T/Ji5OZYQXNNwJcaDpOt/vZ8UM355wehRtB1rAATaET1LPhvyF94KI3fcmZM3b+S49IKe+2L 86r5K255G7Q4yA2AdqjlLvhGmVSKlIFFVHT4pb+c/HKbilq/kTe4I5iXBYvQRs/ZwGyojxE4 I4lWapc5useFvakdOw1C3G0GszlVEFM0OevzXOX6aR/w6BaGpfh660GMa04AWEX0ulOMzFv7 6EIEWkyUAivrd6c36+gZtA506zPLOGzVG8ekmtrwTecCbMtRorOBvyTo9RZxzw3wMtJGJ4yZ eJANmEpN0uGOUASfA5LWPrSn8/w7pX7WydHqVaJoqwf6GnIxws327/oWDbQUobbGpsOwRvJ+ goq+UzBOhIna8SA1AaZ0WKuj//xnmTpVbINQejQGvlCxQf7KnYoIBsbSV68rdG4h1KwHdVFJ CQpFjEGt6M+8gmvC9L6RRD9+SfCtR8HUN0WGOo/gO2Q9pfpD8+iLjFsZhZKaccts4k9QjlC6 7NDt4qB6eBH2FFNdU+gyw==
IronPort-HdrOrdr: A9a23:4jZgCKirMTVzQ4TR+P3QvBWZ9nBQX6d23DAbv31ZSRFFG/FwyP re/8jzhCWVtN9OYhAdcIi7Sde9qBPnmaKc4eEqTNGftXrdyRqVxeBZnMTfKlLbalfDH4JmpM Ndmu1FeaLN5DtB/IjHCWuDYqsdKbC8mcjC65a9vhJQpENRGt1dBmxCe3+m+zhNNXJ77O0CZe KhD6R81l2dUEVSRP6WQlMCWO/OrcDKkpXJXT4qbiRM1CC+yRmTxPrfCRa34jcyOgkj/V4lyw f4uj28wp/mn+Cwyxfa2WOWxY9RgsHdxtxKA9HJotQJKx334zzYJLhJavmnhnQYseuv4FElnJ 3nuBE7Jfl+7HvXYyWcvQbt4Q/9yzwjgkWSimNwwEGT4/ARdghKT/aptrgpNScxLHBQ+u2U5Z g7ml5xcaAnVC8o0h6Nv+QgHCsa5nZc6UBS4tL7yUYvELf3rNRq3NYiFIQ/KuZaIAvqrI8gC+ VgF8fa+bJfdk6bdWnQui11zMWrRWlbJGbNfqEugL3c79FtpgEz82IIgMgE2nsQ/pM0TJdJo+ zCL6RzjblLCssbd7h0CusNSda+TjWle2OBDEuCZVD8UK0XMXPErJD6pL0z+eGxYZQNiJ8/go 7IXl9UvXM7P0juFcqN1ptW9Q2lehTxYR39jsVFo5RpsLz1Q7TmdSWFVVA1isOl5+4SB8XKMs zDca6+w8WTW1cGNbw5qDEWAaMiXEU2QYkQoJIhV1qFv8LMLZeCjJ2oTB/6HsuYLQoZ
X-Talos-CUID: 9a23:8DASEWkiyu5aTkwjtqRdmBq7f83XOXLk/ifxORKoMD9WdqW5Y2O6575/v/M7zg==
X-Talos-MUID: 9a23:m6IyNA1zCwmrz7W8wcQ53iK0jzUj25ytNR8Vjog6p+qUNyVgBTTanjmHXdpy
X-IronPort-Anti-Spam-Filtered: true
Received: from rcdn-l-core-11.cisco.com ([173.37.255.148]) by rcdn-iport-9.cisco.com with ESMTP/TLS/TLS_AES_256_GCM_SHA384; 18 Dec 2024 17:29:11 +0000
Received: from alln-opgw-3.cisco.com (alln-opgw-3.cisco.com [173.37.147.251]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by rcdn-l-core-11.cisco.com (Postfix) with ESMTPS id A1AB218000250 for <netmod@ietf.org>; Wed, 18 Dec 2024 17:29:11 +0000 (GMT)
X-CSE-ConnectionGUID: 8DUNHBXSSU2lbnJmloT2wA==
X-CSE-MsgGUID: Byd4o/xUQQO1cySBNZSazw==
Authentication-Results: alln-opgw-3.cisco.com; dkim=pass (signature verified) header.i=@cisco.com
X-IronPort-AV: E=Sophos;i="6.12,245,1728950400"; d="scan'208,217";a="19928894"
Received: from mail-bn8nam11lp2171.outbound.protection.outlook.com (HELO NAM11-BN8-obe.outbound.protection.outlook.com) ([104.47.58.171]) by alln-opgw-3.cisco.com with ESMTP/TLS/TLS_AES_256_GCM_SHA384; 18 Dec 2024 17:29:11 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=SEC2TRWMRCDrLuZ4itv2OEY3VXPe+re0HxQBt9hkdWsTkqUjRI8s0ruCSAsyZVIEeOmsM7HoqpwvvPDXbJ4SCJIlCh03t+rLebSoIzAi3F63cEPWjdTExFXeCGxSlacU0wnoQjSU+xHWKktvV5sufVfAEhKpIFbzRCFr1m1EIbTOGKKqrJzcrrFsyVniBFGv9MwreAT1cTXAl075Q229BZrZPH0XOscGU198boX3YvbPvWHfkOoBGBCh6B/CbvQc+ul1kmtGoUfOFDJU3nYIrEhX2xbOlvXaZOS1Dhb86TRczFeb9y7x0szpJwiMMB2izbOtZKsXcDuf0yNtQbN4mA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pEr5QW7+YH7vdAYL9jkJcqlGqVZpOladHfWUFk0Txdk=; b=q14OESz7MTffnybtRoXg05gqjo0FxGVLFON/JP8662OXxqm4pZq6N+Pi1F9Efu1hnJmqIVHxoZcZYpgHz2BgmMjcLNU+V/LTST5Xt8uI9R+OXpNrxIPEVESp2Cu46fZSResPUnE2PA7Le5Ctlf+Vafjw43UoOW6I4a54RAOnKjPE8wCRPxd0V7XMhA2/QpyVYk6GW5OPPKl5kOZhAggnr8qiVZOjiKF6V6947W5JSg6MPnckh5hJtARuTImHAHkE5X+LlCWsaQTv8qBohSx22OMaBGqKt/sN6RNItAL/fIMx16sQs/O8f/qeAlkUSdmrCFE8Lk98UIY1/7deAXcODA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
Received: from LV8SPRMB0005.namprd11.prod.outlook.com (2603:10b6:408:187::20) by IA1PR11MB7198.namprd11.prod.outlook.com (2603:10b6:208:419::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8251.21; Wed, 18 Dec 2024 17:29:09 +0000
Received: from LV8SPRMB0005.namprd11.prod.outlook.com ([fe80::b665:ae61:8138:534e]) by LV8SPRMB0005.namprd11.prod.outlook.com ([fe80::b665:ae61:8138:534e%4]) with mapi id 15.20.8272.005; Wed, 18 Dec 2024 17:29:08 +0000
From: "Rob Wilton (rwilton)" <rwilton@cisco.com>
To: Kent Watsen <kent+ietf@watsen.net>
Thread-Topic: [netmod] 3rd WGLC on system-config-10 (was "2nd")
Thread-Index: AQHbUWjBCYwcmJjfW0ir8montx3jj7LsOYnh
Date: Wed, 18 Dec 2024 17:29:08 +0000
Message-ID: <LV8SPRMB0005F48C3540EDDC2D5E83EDB5052@LV8SPRMB0005.namprd11.prod.outlook.com>
References: <01000193b1dcf255-e2fd043a-5c2e-4191-a21b-a89697b080a1-000000@email.amazonses.com> <CH3PR11MB85191CE487C65932C1400572B53B2@CH3PR11MB8519.namprd11.prod.outlook.com> <01000193da91ef2d-ea322b85-7012-446c-bba5-025b53874d72-000000@email.amazonses.com>
In-Reply-To: <01000193da91ef2d-ea322b85-7012-446c-bba5-025b53874d72-000000@email.amazonses.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-reactions: allow
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: LV8SPRMB0005:EE_|IA1PR11MB7198:EE_
x-ms-office365-filtering-correlation-id: b4607815-4b41-4886-58eb-08dd1f897a8c
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|366016|1800799024|376014|8096899003|7053199007|38070700018;
x-microsoft-antispam-message-info: JUNYjaiMSKlb9q9ypv2dtY7D2o7y2KIXBwPWZjLiZtW9lOijFc8CCjziNiBOiF5IzTGZhfgOrgUNKqSri3Rm8ysdyquN3adD1YJUTy6AFcBCcluDKFJYpYA90hqFotC8CuEmHcPA2ZpizGVRqaxlVfJxkkLkw7WATgvYYSa08Ezh0R9SM+HSHiOarfsBypdD17VWlNDE+j2RHXGm6Z7y5iKGPO8ixD70AlgHefIX5xrPmxRDySozEzIyGAv2oPemEAIxDogC1Z5lKNg47mUcUT3jOdgMmou52qx/W7LYotyyTdoZaJXOFVox1J8NY8QX+bZz8TNWgso58fWYakkYElONUCBX9kKySx3rvAxFuCSaRCI29Tof3xfKya7eU9L62qXW1cKFfZ0dfzqS1Ht2kuTtjjiY0mfCY700FiZtblmKd6K8pJkdrtD9cjifQp3SHC2311a9ey/sKPYGflTzVDXyoash51FImM7HCJugtI2H1cUECmxEIPcNaUkT8EsPKbZNTkvX7nzUKtN9F29cNvh4AVUOxcbKIOPPVyW56to9mabzv6jlB+V2czh9BEAAf+FYEZXDJ5OF9WipRvC0LKb+fSmx12TvBBD+Z1wOR08sGwScKBSV6Ea2ljMLL/olfeQMPoVTZIcssioeI4pfLqyMiE60MRWT+deDUX3Sgc+g3CBUj96fRBhE87fQKjWcbWjupcWMz303kkoqvaw9ezYqImvtI6oCsjyy5rQztGiuq871YMJOEiJu32yaHbYIR0dH65zuFj3b5hNOrEzTZnBiUuDDO2xSArg/kQf+rKWWOjaStKxEWJckNaC+CmbnhHSEUoOLDpbc1ms7Bo+EPlfEpEKFGtXjpH1PCwkXs/afdRo0AJ/bo/zb5A35O2V/KPW7lyUTZQVNFVIrLagv9JHrKo80QpmLuogq62qWVt7vD9WpV7arUxSDj+TMG2ZQVO0po577x+rqk8qzh0YV7qp0z6WueVnq8ZYicPvg+91S+x9EetTmz4MYad0OsOTWGWkij4jgDJo0JY6rRMzuwZK8NOYDMDxdulmGVs5kegi27hnloYqnzzMvEUtLH78jTsbJOYv0PhoB8HIEcmlSQbUMLk6ur04O/q9An/MpfIOwgwHscql4GxBnTcq7N8quW4mLPImB3U571Kc9l9UH+Uf9z9Xwf5fhIsb3KVu9ZbwH6xeof1ejNo+P4UjKBBrMlqrzROjye05IH98UbRimVyBnpE6v3Y+9iV4etRP/AD7DU8hWJ1kQH+3MAkbkb3OS5MMDdHGC3sKKRf9leDUFDZE+e3GuCBzhxWcjdRTBglyvqH+a357jBJAM7fYxm6/q64a64IRzHuyScRM6kKQLSsnnOp3U/yUg5MWKr14ibi1whetjr2hYOpPLezijJj8mJ7SoT9qbvdI96/TiMzHYIIblQYNQC/e/PWwzb7EOi27GCLcqJRpQyTNeAmTMvdVg
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:LV8SPRMB0005.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(1800799024)(376014)(8096899003)(7053199007)(38070700018);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: cUcpTcjAygM0nX2VJsmmVsaVPzfmd3j1X7AZDIEexFG4c2kkxpKzGRCScWASM/SDWcvc0fICBTxlcUivC/C4sZrHuqtzAFAKtHp9A8xVyJoC3X7BdNGBefU1AwaY3KBq5zCKzhZLvHHu84n5H8URVCwwsJgEBla3cQj0rz2igMYU1lpwz1eKh9BrbRbJtAuXTZt2Zo0H6mUrxd2FG5NLed+IpYxCehA73UgImMgmuPeKRVJCLZGo0oaA0ZlCIYXxgHv0o01GnrZdk/dZj0vWFuzDVl8tIcw4n7aDujtQ+4uGWPeAD1zS/5Ofs0E91LRvGzJ+nKm8zGGcgKPlqFVSreKNlJ+D2kzjKDRtspWVovJrTld/fUVlDkGPOGqfONbx7EthFk8Rn2jBzAWyG5k5L0do8pWZwGI0T+DSHWHpHavQu+6izt0iJn9eVLo/1UzDk3gGlzfpuojiW0GDtOhpaKm32EN/mrWdFJ9S9c13dAMhj7cD/TgIHR6sJi3aYSV/NsY6HzPqW1jGz/8buvdgw6Sn9U/U/2ZwPc0CLcUQG6roHcDYWuF5FZsmWoz1YFxH3Lt7wNXHqSvGHrAPI6c8txiXRMOjkwaUFhndUt0EAVxXtQdT+nTKWU5a+wVAoRe7Ix2O+ehppCg2iO/eIJ0iw8nMLDVUBfA4CrbrBl2BT3VeABQm1NZ7KO41496CE+ElRjizgfS27+1YrkRoYWVzgcfCMAJ3zCVANxGpG4uGrqfgelO9HSgoehWAAx9MbEv3WYX/NbnJgo8H8L0+ouS6X0raNM5307EB1G9wuVSS9WHuILlq8WAooJUDE98qlwDYdh2NJTbWkISPD3iIz0SkAGPRDEqum5ltFvww+WMQEND8AkZFMAaAOekMkRSZRPrJqtzQroCv5+V6gqUNbOjk0BvohRAipUqpFuawAeOgxMYOHfegRHw7nZ9ZN7fHgUCogOhZLPt8IpdLkrUyla0Ko4OJT9ey1TJCsyA/k9Z4D7COHSuBK/mwF7kNCG8awPt4Qg98sbNeYlayxnlzF/RxHm3MhPiothtNxJe+bOVWnZHIN+OWNCMQ3L82Yc1EozPFAc0MUhz1pCTnfBhpEGbWV1kxgR50Lzu8b3w0Y84btCYbCgfgY2e1MF6jGqDMnne8QO8HWLxVNXP9ZRlj17t8LhCUVmarGzqK/ZK9F2Rxwkz151pPfAzjhQYPQnOhwYNU7Ubd3jIIUxmJ/Aig1/a1IBESA/Jt2RSmlxWNcBR1/kXVaQTgXJ9lFNVVNjJRFSN2sxk64TIhiZKdAdgoGnI/PQS2cW5ZLgjS5bt7VI86nWcRMRHTDbaA5gWda0gKaOUbHHITyFfbbxThsaaUP2EadVrzhL501yH0YOEH1aZSt1M5Z4wyQQ+lVsS1jM/Lp8F2SwefD/lUsikt5SxrcsNshk7fCEB/ucZMv2sZk00I7HAhV5qccheGeIgpC8IjGV0+1apHMcnBRcDpvivA3lI/jNHNvFDhS+Y14LCkF5TPAJFN+AAnniyMH64z/ImBl8GT65ol7ErsZO7QqaBU1RBkjcQS3LkZPd/Nen4VV9wv8YwFsEHOkfhW5GZuB1p5FSv/
Content-Type: multipart/alternative; boundary="_000_LV8SPRMB0005F48C3540EDDC2D5E83EDB5052LV8SPRMB0005namprd_"
MIME-Version: 1.0
X-OriginatorOrg: cisco.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: LV8SPRMB0005.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: b4607815-4b41-4886-58eb-08dd1f897a8c
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Dec 2024 17:29:08.2914 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: fwL4tutiIo+eW8pYbWuJEBHSkyCyJCiCf2ual9ndVN7yeh49G+pawS8W/ecpGNgb1REMftBXe5l6Yohk6zdLiQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR11MB7198
X-Outbound-SMTP-Client: 173.37.147.251, alln-opgw-3.cisco.com
X-Outbound-Node: rcdn-l-core-11.cisco.com
Message-ID-Hash: HQNJUR7LKERTHJO4R265W5NYAVLVOCVF
X-Message-ID-Hash: HQNJUR7LKERTHJO4R265W5NYAVLVOCVF
X-MailFrom: rwilton@cisco.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-netmod.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "netmod@ietf.org" <netmod@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [netmod] Re: 3rd WGLC on system-config-10 (was "2nd")
List-Id: NETMOD WG list <netmod.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/cMH6RPlRUzqGAMvnmpI9BSDUh4Y>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Owner: <mailto:netmod-owner@ietf.org>
List-Post: <mailto:netmod@ietf.org>
List-Subscribe: <mailto:netmod-join@ietf.org>
List-Unsubscribe: <mailto:netmod-leave@ietf.org>

HI Kent,

Thanks for the reply.  Please see inline ….

From: Kent Watsen <kent+ietf@watsen.net>
Date: Wednesday, 18 December 2024 at 16:20
To: Rob Wilton (rwilton) <rwilton@cisco.com>
Cc: netmod@ietf.org <netmod@ietf.org>
Subject: Re: [netmod] 3rd WGLC on system-config-10 (was "2nd")
[fixing the typo in the Subject line]


Hi Rob,

Great review!  Some comments below.

Kent // contributor


<snipped>



(3) p 4, sec 1.3.  Updates to RFC 8342

   This document also updates the definition of "intended" origin
   metadata annotation identity defined in Section 5.3.4 of [RFC8342].
   The "intended" identity of origin value defined in [RFC8342]
   represents the origin of configuration provided by <intended>, this
   document updates its definition as the origin source of configuration
   explicitly provided by clients, and allows a subset of configuration
   in <intended> that flows from <system> yet is not configured or
   overridden explicitly in <running> to use "system" as its origin
   value.

I think that there should be a statement that all data nodes in operational that are annotated with an origin "system" MUST appear in the system datastore.  I.e., I explicitly do not want the "system" origin to identify two different types of data nodes, with only a subset of them appearing in the <system> datastore.

Seems reasonable, from a “goals” perspective.  I wonder how hard it might be to implement.  Was there a discussion before about it hard/impossible in some cases?

In trying to understand the case, it seems that there would have to be a “config true” leaf that is “mandatory false” and doesn’t have a “default”, such that it’s understood that the system will set the value.

Basically agree, but with the extension that I regard configuration annotated with origin system, or in the system datastore, as being like system-default configuration.  I.e., in some cases a user can explicitly override the system value, and the user configured value must always be taken in preference over a system-default.

I think on another thread, there was an example by Jason, where the device needs to quantize some configured value to write in the hardware.   So perhaps a user configured the value “0.12” and the system has to treat that as “0.1”.  One choice here is to reject the configuration and force the client to use the quantized value (e.g., “0.1”).  The other choice is that the system accepts the configuration, but what gets actually applied is the quantized value.  I think that this is valid behaviour, but obviously the operational in-use value differs from configuration, and it is the operationally in-use value that should be reported (as per RFFC 8342) and hence it should have a different origin.  I inferred from Jason, that they may be using origin system for this case, but I think that we should use a different origin.

Basically, I want to cleanly differentiate between a system-default value that can be overridden by configuration vs the system deciding to modify and override the user provided value.  I think that conflating these two into the same identity is likely to be confusing.  Note – one way to tweak this would be use derived identities, but I suspect that just introduces more, unnecessary, complexity.


 Nwo imagine this leaf being inside a client-configured list.  It seems that <system> would need to maintain a copy of the client-configured list, but only just enough to configure the aforementioned leaf for each list-item?

Yes, I think this is required.

Note – there is no requirement for the system datastore to actually exist on the device like other datastores.  It is only an abstraction that needs to exist at the management API layer.  Or to put it another way, if the device can figure out that it has origin system then presumably it can also figure out that it should be returned in a get request on the system datastore?



 (4) p 4, sec 2.1.  Immediately-Present

   Immediately-present refers to system configuration which is generated
   in <system> when the device is powered on, irrespective of physical
   resource present or not, a special functionality enabled or not.  An
   example of immediately-present system configuration is an always-
   existing loopback interface.

I think that "always-present" is a better and simpler name than "immediately-present".

“Always-present” seems better.

Technically, “unconditionally-present” might be best, since it is the exact opposite of “conditionally-present”, which is the title of the other related Section in the draft.



(5) p 8, sec 5.2.  No Impact to <operational>

   This work has no impact to <operational>.  Notably, it does not
   define any new origin identity as it is able to use the existing
   "system" identity defined in Section 5.3.4 of [RFC8342].  This
   document does not assert that all configuration nodes in
   <operational> with origin "system" originate from <system>,
   especially in cases where it is ambiguous which origin should be
   used.

As per my previous comment in (3), I strongly disagree with this part of the paragraph.  I think that the there should only be one meaning of system configuration and the system origin.  If we want a new origin to indicate whether the system has overridden user provided configuration that we will need a new origin identity to be defined, perhaps as part of an RFC 8342-bis (or a vendor could define their own identity).  Otherwise, I think that the whole part of configuration in running overriding the configuration in system falls apart.

I.e., RFC 8342 states:

   o  system: represents configuration provided by the system itself.
      Examples of system configuration include applied configuration for
      an always-existing loopback interface, or interface configuration
      that is auto-created due to the hardware currently present in the
      device.

Why would this configuration not appear in <system>?

Agreed.  In line with the “goal” of your comment (3), the last sentence could be removed.



(6) p 9, sec 6.1.  May Change via Software Upgrades or Resource Changes

   *  Servers reject the operation to change system configuration (e.g.,
      software upgrade fails) and needs the client to update the
      configuration in <running> as a prerequisite.  Servers are
      RECOMMENDED to include some hints in error responses to help
      clients understand how <running> should be updated.

I think that the "MUST" is probably too strong, and perhaps would be better as "SHOULD".  I think that there are certain actions, e.g., software upgrade where systems may struggle to guarantee that <intended> always stays valid, and one valid option for handling this is to allow it to become invalid, and then require the first edit-config/edit-data operation to get <running>/<intended> back to being a valid datastore again.

I'm not entirely sure whether we should be providing examples here.  If you do provide any examples then I think that you should definitely strip any RFC 2119 language, but I would probably strip the text about alerting clients or returning errors responses.  Since, handling this is out of scope, the less that is said the better, IMO.

Juergen that stated that it must not be possible for a change in <system> to invalidate <intended>.

For me, I have a slightly looser requirement.  I don’t think that the device should be modifying and making the configuration invalid on its own.

E.g., for interface entries that are tied to hardware existence, then that configuration can become unapplied if the hardware is missing.

If the configuration is changing (or being broken) due to some client instructed management operation (e.g., upgrade or downgrade the software), then I agree that it is better for the client to warn and encourage the configuration to be fixed before the operation is performed, but I’m sure that corner cases exist where this simply doesn’t happen, or the client may want to force the upgrade/downgrade to happen because that is more important than keeping the configuration consistent.  In that scenario, I think that the pragmatic solution is that the device forces the configuration to become valid again on the next write config operation.

Another example would be a license that expires, such that a subset of the configuration is no longer valid.  Choices could be:

  *   Configuration is left as it is, but the configuration is no longer valid, and the configuration becomes unapplied.  Attempts to configure the feature without a valid license would be rejected with an error during validation.
  *   Configuration is automatically removed from running by the device (but I don’t like this option).  I prefer if the client *always* controls the contents of running.
  *   Always allow the configuration, even if there is no valid license present) but just don’t apply it if there isn’t a valid license (this seems like generally less helpful behaviour to me).

So, in summary, perhaps not as clean as a MUST, but maybe more pragmatic/realistic?


And he’s right for automations to succeed.  That said, if there a human-in-the-loop, it seems possible that the system could offer your idea as an option.  Maybe a sentence could be added to say that?

I’m not sure – I’m sort of after less words/examples rather than more …
For me, I interpret this as:


  1.  SHOULD always stay consistent.
  2.  If, for any reason, it becomes inconsistent then SHOULD* be made consistent on the first operation taken.

(*) I was going to write this as MUST, but I know of cases where customers are unhappy of systems not letting them shutdown an interface because of an another, entirely separate, part of the configuration is not valid.  Hence, I think that some systems at least, have a “force” mode to force the configuration change to made (perhaps still with some level of constraints).

Regards,
Rob



Minor level comments:


<snip/>

Kent

v2.40.4 | Report a Bug | By Email | System Status