IETF Logo Mail Archive

Re: [netmod] [Netconf] draft-kwatsen-netconf-server / VRF specification for listening ports & outgoing connections

Ladislav Lhotka <lhotka@nic.cz> Thu, 06 March 2014 09:12 UTC

Return-Path: <lhotka@nic.cz>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 930B31A0194; Thu, 6 Mar 2014 01:12:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.898
X-Spam-Level:
X-Spam-Status: No, score=-0.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_EQ_CZ=0.445, HOST_EQ_CZ=0.904, MIME_8BIT_HEADER=0.3, RP_MATCHES_RCVD=-0.547] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wWQGgQa_qvX1; Thu, 6 Mar 2014 01:12:48 -0800 (PST)
Received: from mail.nic.cz (mail.nic.cz [IPv6:2001:1488:800:400::400]) by ietfa.amsl.com (Postfix) with ESMTP id 6310F1A0170; Thu, 6 Mar 2014 01:12:48 -0800 (PST)
Received: from wireless-v6.meeting.ietf.org (unknown [IPv6:2001:67c:370:160:6da5:2533:a87:3733]) by mail.nic.cz (Postfix) with ESMTPSA id 7915013F94C; Thu, 6 Mar 2014 10:12:43 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nic.cz; s=default; t=1394097164; bh=Ewx+nNvdueux7BWm2ByqPT7pz9yI6xBdsUPtd4U0xdM=; h=Content-Type:Mime-Version:Subject:From:In-Reply-To:Date:Cc: Content-Transfer-Encoding:Message-Id:References:To; b=FmDbnb8yoF9gL4Bd6Qh+WHQkEfkzX8HhyreKqVR3EIHWmxr3VQnS7Z9FBEvkXpfJs I6b9W/Zd4SpPczoKy6TNCD2i1hmaKNwdHaVSkM7ujw99VgTp8zS9L0vnDSZprFJ1Ih UIcUHmdWJ98uTjR+/tis/LJE9PUd0We61x67U4is=
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 7.2 \(1874\))
From: Ladislav Lhotka <lhotka@nic.cz>
In-Reply-To: <20140305.163154.391777655.mbj@tail-f.com>
Date: Thu, 06 Mar 2014 09:12:41 +0000
Content-Transfer-Encoding: quoted-printable
Message-Id: <48B5B401-32B6-4928-B917-1D32421B4244@nic.cz>
References: <20140303140039.GZ856433@jupiter.n2.diac24.net> <20140305.163154.391777655.mbj@tail-f.com>
To: Martin Björklund <mbj@tail-f.com>
X-Mailer: Apple Mail (2.1874)
X-Virus-Scanned: clamav-milter 0.97.8 at mail
X-Virus-Status: Clean
Archived-At: http://mailarchive.ietf.org/arch/msg/netmod/hs8NPQO1y044eiRAafH6WwT8-14
Cc: Netconf <netconf@ietf.org>, netmod@ietf.org
Subject: Re: [netmod] [Netconf] draft-kwatsen-netconf-server / VRF specification for listening ports & outgoing connections
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Mar 2014 09:12:50 -0000

On 05 Mar 2014, at 16:31, Martin Bjorklund <mbj@tail-f.com> wrote:

> Hi,
> 
> David Lamparter <equinox@diac24.net> wrote:
>> Hi,
>> 
>> 
>> (this is the mail version of the somewhat garbled comment on the mic)
>> 
>> The original question was, how the configured device chooses a "VPN"
>> for
>> either incoming or outgoing connections.  This referred to VRF
>> instances.  In particular, for the very simplest case where this
>> matters, there are devices that have out of band management ports and
>> treat those as a VRF.  So, both for listening and for connecting, the
>> device needs to choose between "VR-Default" and "VR-Mgmt" (actual
>> names,
>> guess the vendor.)  It could even listen in both VRFs, to be
>> manageable
>> inband (normal ops maybe?) and out of band (network in flames?).
>> 
>> Even though this was raised on the server config model, this is a
>> rather
>> generic problem.  E.g. specifying a NTP or Syslog server has the same
>> issue.  (Cc' from netconf to netmod due to this.)
> 
> If I understand this correctly, the proposal is to include a reference
> to a routing-instance (rt:routing-instance-ref) in all cases where we

Hmm, it is actually not that simple. It is possible to have different types of routing instances distinguished by the “rt:type” child. So it is not true that routing-instance == VRF instance.

Therefore, the correct approach is IMO this:

1. A module will be written defining the VRF type of routing instances and specifying the semantics of this kind of virtualization.

2. Where necessary, vrf-id leafs will be added to the existing module via augments.

Before this is done, alternative #3 in Martin’s list (i.e. enabling step 2 above) seems to be the best option after all.

Lada

> currently have an ip-address (or host) and a port, since the
> combination of ip-adress and port is not guaranteed to be unique, on
> systems with multiple routing instances.
> 
>  leaf address          { type inet:ip-address; }
>  leaf port             { type inet:port-number; }
>  leaf routing-instance { type rt:routing-instance-ref; }
> 
> 
> The existsing data models (specifically ietf-system) are designed in a
> way that vendors can augment there own definition of routing-instance
> or vrf.  (However, I noticed that ietf-snmp is not).
> 
> The question is if the IETF models should include a standardized way
> to handle this.  I can see three alternatives:
> 
>  1)  Do nothing.  I.e., assume ip/port is unique.
> 
>  2)  In all our data models, always make sure we add an (optional)
>      reference to a routing-instance, whenever we have a ip/port for
>      inbound/outbound traffic.
> 
>  3)  Do not add the routing-instance references, but design our data
>      models so that vendors can augment with this if they have to.
> 
> 
> /martin
> 
> _______________________________________________
> Netconf mailing list
> Netconf@ietf.org
> https://www.ietf.org/mailman/listinfo/netconf

--
Ladislav Lhotka, CZ.NIC Labs
PGP Key ID: E74E8C0C

v2.23.0 | Report a Bug | By Email