IETF Logo Mail Archive

[netmod] Re: 2nd WGLC on system-config-08

"maqiufang (A)" <maqiufang1@huawei.com> Wed, 21 August 2024 08:19 UTC

Return-Path: <maqiufang1@huawei.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0EEEFC151063 for <netmod@ietfa.amsl.com>; Wed, 21 Aug 2024 01:19:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.207
X-Spam-Level:
X-Spam-Status: No, score=-4.207 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pZxS6svGQsmG for <netmod@ietfa.amsl.com>; Wed, 21 Aug 2024 01:19:02 -0700 (PDT)
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com [185.176.79.56]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E39F7C14F747 for <netmod@ietf.org>; Wed, 21 Aug 2024 01:19:01 -0700 (PDT)
Received: from mail.maildlp.com (unknown [172.18.186.31]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4WpfKh2J94z6D90G for <netmod@ietf.org>; Wed, 21 Aug 2024 16:15:52 +0800 (CST)
Received: from lhrpeml100002.china.huawei.com (unknown [7.191.160.241]) by mail.maildlp.com (Postfix) with ESMTPS id EC94D140A36 for <netmod@ietf.org>; Wed, 21 Aug 2024 16:18:57 +0800 (CST)
Received: from kwepemm600017.china.huawei.com (7.193.23.234) by lhrpeml100002.china.huawei.com (7.191.160.241) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.39; Wed, 21 Aug 2024 09:18:57 +0100
Received: from kwepemm600017.china.huawei.com (7.193.23.234) by kwepemm600017.china.huawei.com (7.193.23.234) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.39; Wed, 21 Aug 2024 16:18:55 +0800
Received: from kwepemm600017.china.huawei.com ([7.193.23.234]) by kwepemm600017.china.huawei.com ([7.193.23.234]) with mapi id 15.01.2507.039; Wed, 21 Aug 2024 16:18:55 +0800
From: "maqiufang (A)" <maqiufang1@huawei.com>
To: Kent Watsen <kent+ietf@watsen.net>, "Jan Lindblad (jlindbla)" <jlindbla@cisco.com>
Thread-Topic: [netmod] Re: 2nd WGLC on system-config-08
Thread-Index: AQHa8yNHgNUKV2kDoUCqXqu3Oxq437IxOFhg
Date: Wed, 21 Aug 2024 08:18:55 +0000
Message-ID: <fc21f2b92098433fbcd73b5f9c5ae6f0@huawei.com>
References: <0100019141c6c601-53d41832-302a-4589-9f75-f181bc2a4306-000000@email.amazonses.com> <PH0PR11MB4949274507119FD496D44E46CA852@PH0PR11MB4949.namprd11.prod.outlook.com> <010001916b21fa43-c8da5499-acaa-4063-8721-1ff1d4ff8678-000000@email.amazonses.com> <PH0PR11MB4949F5755EC77462089AF724CA8D2@PH0PR11MB4949.namprd11.prod.outlook.com> <0100019170c0b19c-3a358146-3455-4de8-ae2a-1e9b66518dbd-000000@email.amazonses.com>
In-Reply-To: <0100019170c0b19c-3a358146-3455-4de8-ae2a-1e9b66518dbd-000000@email.amazonses.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.136.118.147]
Content-Type: multipart/alternative; boundary="_000_fc21f2b92098433fbcd73b5f9c5ae6f0huaweicom_"
MIME-Version: 1.0
Message-ID-Hash: 3L7MHZ25DHXHU7VEW5FBYWOQG7N5DNUO
X-Message-ID-Hash: 3L7MHZ25DHXHU7VEW5FBYWOQG7N5DNUO
X-MailFrom: maqiufang1@huawei.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-netmod.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: NetMod WG <netmod@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [netmod] Re: 2nd WGLC on system-config-08
List-Id: NETMOD WG list <netmod.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/cohzQYupRW7RQgwE_gyIPriDPEM>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Owner: <mailto:netmod-owner@ietf.org>
List-Post: <mailto:netmod@ietf.org>
List-Subscribe: <mailto:netmod-join@ietf.org>
List-Unsubscribe: <mailto:netmod-leave@ietf.org>

Hi, Kent, Jan, all,

Sorry for being late in replying, thanks Jan and Jürgen for the review, I will see how to address the comments once we reach agreement on this “copy or merge” issue… please find more reply inline…

From: Kent Watsen [mailto:kent+ietf@watsen.net]
Sent: Wednesday, August 21, 2024 1:06 AM
To: Jan Lindblad (jlindbla) <jlindbla=40cisco.com@dmarc.ietf.org>
Cc: netmod@ietf.org
Subject: [netmod] Re: 2nd WGLC on system-config-08

Hi Jan,


After us all now having investigated this line of reasoning, my conclusion is that we have to choose one of two approaches:

The primary open-question is if it is *needed* for a client to copy <system> nodes into <running>.  IMO, to understand the requirements, this question must be answered first.

The draft highlights three reasons:
  1. so running-alone can be valid (e.g., 5.5.1 and 5.5.2)
  2. so system-defined values can be changed (e.g., section 5.5.3)
  3. so descendents can be added to system-defined nodes (e.g., 5.5.4)

Each are discussed below.

Regarding #1, I’m sympathetic to not flipping an established client-contract without warning.  My proposal is to version the protocols (i.e. NETCONF 1.2 and RESTCONF 1.1) to indicate this change in behavior.  That is, a server implementing the <system> datastore would have to implement the updated protocol versions.  So, for this item, it seems that it is not *needed* for a client to copy nodes into <running>, if the protocols are versioned.
If we move towards this way, does this mean the draft needs to be pending until new versions of protocols are published?
But even if <running> alone doesn’t have to be valid, no one would stop a client keep copying referenced system nodes into <running>, e.g., if no template used in <running> and the client wants to do offline validation of <running>. The current draft simply allows the client to do that, it no longer states the client MUST copy any referenced system nodes into <running>.

I kind of feel like we are back where we started, after around 4 years’ discussion. I think the agreement at the interim in January was to effectively say nothing in the draft and fully rely on existing statements in RFCs. I think this approach gives flexibility and allows the server to behave the way they do today. And then when we comes to the discussion of NC/RC-next, we may decide whether there are benefits to relax the rule and make further clarifications. Any issue we see now with this handling?
Regarding #2, I am firstly unclear how this is needed, when we’re only just now, for the first time, exposing system-defined configuration.  Up to now, system-defined configuration only appeared in <operational>, with no ability to tweak it, right?  Secondly, the example is not compelling, e.g., why would a client care what the MTU is on the loopback interface?  But, if this is important, how do vendors enable it to be changed today?
In our implementation, there are non-modifiable/immutable and modifiable system configuration. the server allows the client to directly write the desired value into <running> which overrides the value provided by the system, such examples could be, e.g., to modify some log levels generated by the running systems, or system-provided threshold values.
Regarding #3, same as #2: how is this needed?  The example is not compelling.  If this is important, how do vendors enable such extensions today?
But isn’t the following example common?
System configures a physical interface instance with only name and type leaf specified, and the client can further configures other descendant nodes, e.g., ip-address.

I feel that #2 and #3 are not really the “copy” things, they are about editing some parts of system configuration.
But speaking about copy, the authors are considering removing the “resolve-system” parameter, for the following reasons:

·         It is complex and expensive to implement properly (see the last paragraph in https://datatracker.ietf.org/doc/html/draft-ietf-netmod-system-config-05#section-5.3)

·         It is optional to implement, and there is workaround (i.e., explicit copy)
Given reasons above, I doubt if it will be implemented in real world;-) Any objections to removing this “resolve-system” parameter?


Kent // as a contributor
Best Regards,
Qiufang

v2.35.0 | Report a Bug | By Email | System Status