Re: [netmod] AD review of draft-ietf-netmod-nmda-diff-07

Andy Bierman <> Fri, 30 October 2020 01:43 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id A66073A0317 for <>; Thu, 29 Oct 2020 18:43:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.887
X-Spam-Status: No, score=-1.887 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id GpdWeJitp5BK for <>; Thu, 29 Oct 2020 18:43:23 -0700 (PDT)
Received: from ( [IPv6:2a00:1450:4864:20::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 9EFAC3A0147 for <>; Thu, 29 Oct 2020 18:43:22 -0700 (PDT)
Received: by with SMTP id a9so5844045lfc.7 for <>; Thu, 29 Oct 2020 18:43:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=0c3gv3lv7Zyo0j8TVE4kjAOQMVpSb/Jf6sM+pALgdSw=; b=h26dN7syiuR5do7GS7ITc6/PCRJigNmQ6N6wikDIHdNCFU89y4LheXfcyTzH17ZUbH x4+UNbjRh2BhatZDgb6XzYNlmC2IBzS2TM6f/mJQaWgxWe68b8r24J3FjpprbLl4AQs8 UfQ/dWid23Mj7G7yd8ZxW3LcByoFW8ZTaQXVdbfn7mbIR9Lab3MGMLP5mCDgVs4Va3Ys CU1Ly4asGh/rMLbn+ahqsLgH7euug3bua/UlAq9tURcdj/kw6G8mTh6Jxuil8kQBV06M dZ9vEVtbkIhykUf8n6BHdW6ka1lItq0+eDVMnfdBoL7SSjwdYNsSLnb/mtvXCp/izDNk sYQg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=0c3gv3lv7Zyo0j8TVE4kjAOQMVpSb/Jf6sM+pALgdSw=; b=eqKR1VJBbSwXhCLii8oUw7p2zTNQ6KivoVihp84tPPs1R48rSqLszIaXAFgcOyRDYQ 61kYHmdnNMILJHWBKu7K/yigYleYo7DoA1Zd9KL6cxn1K3O7DX0deCVZwh3jzTIeCQ8h /7qy+WCtjOlzPv42BYrUMq5ciYkgAZa/0mVfQSFrtwvxJbYutYa4NtN+2/Ej2xxgjc1w hFZFTMlnDIbozBfhYTPJ02DcZP2F1oWQHivISfupsd45EhdgmWu5xVNt/eC2RLLj30Fd 4jPhr8f6RnpvwBBEI9w+RfvQNlmmzEuMEaYZMY41XtffSpBE5GNzhNxfP+zUElralG6e t0vw==
X-Gm-Message-State: AOAM530P2S7LwXcDzl6QIPyX4HkGvFi1RPEz9pJid03iUu7w2ALc7nxr E2kCIIyFmsWvaU+vCfer1fYPx/UmVznm+8lSlQd4UA==
X-Google-Smtp-Source: ABdhPJwGK6U/3VOPWRicFddDpBvhMh+T9j9J7BsTdiHUfKAi9oJPNcqBBG9Pz329/I8cXW68NEdL/yHLwYDJNYy/ftc=
X-Received: by 2002:a19:64e:: with SMTP id 75mr2864950lfg.143.1604022200599; Thu, 29 Oct 2020 18:43:20 -0700 (PDT)
MIME-Version: 1.0
References: <> <>
In-Reply-To: <>
From: Andy Bierman <>
Date: Thu, 29 Oct 2020 18:43:09 -0700
Message-ID: <>
To: joel jaeggli <>
Cc: "Rob Wilton (rwilton)" <>, "" <>, "" <>
Content-Type: multipart/alternative; boundary="0000000000007aa27405b2d98570"
Archived-At: <>
Subject: Re: [netmod] AD review of draft-ietf-netmod-nmda-diff-07
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETMOD WG list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 30 Oct 2020 01:43:25 -0000

On Thu, Oct 29, 2020 at 6:09 PM joel jaeggli <> wrote:

> Rob,
> These seem like reasonable suggestions.
> Lets see what the authors say.
> Thanks for this
> joel
> On Thu, Oct 29, 2020 at 6:47 AM Rob Wilton (rwilton) <>
> wrote:
>> Hi,
>> Here is my AD review for draft-ietf-netmod-nmda-diff-07.  Apologies for
>> the delay.
>> Thank you for writing this document, I think that it is useful, and looks
>> like it is in good shape.
>> Main comments:
>> 1. Should there be any text about how to find out what datastores are
>> supported by a device?  E.g., pointing them to either YANG library, or
>> protocol specific mechanisms in the case of RESTCONF.
Do you have a section in mind and suggested text?

> 2. It might be helpful to add a comment about potential issues that could
>> arise by comparing <running> to <operational>, i.e., additional differences
>> could be reported due to inactive configuration and template processing
>> between <running> and <operational>.
Do you have a section in mind and suggested text?
You mean if there are differences between <running> and <intended>
then a diff between <running> and <operational> will not be the same
as a diff between <intended> and <operational>.?

3. I would prefer if 'exclude=origin' was in the reverse sense and perhaps
>> called 'report-origin' instead.  With the reverse sense it seems to be
>> safer if new datastores are defined, where otherwise the behaviour could
>> end being under specified.

IMO the WG already designed the features so if the functional requirements
have changed
then the draft should go back to the WG for changes and new WG consensus

>> 4. Should there be an option to filter on origin metadata?  E.g., only
>> include values that come from intended.  Otherwise, things like IP
>> addresses learned from DHCP may always turn up as differences.
IMO the WG already designed the features so if the functional requirements
have changedthen the draft should go back to the WG for changes and new WG
consensus calls.

>> 5. I'm not that keen on the "Possible Future Extensions" section of an
>> RFC.  Personally, I would prefer that this section is deleted, but if you
>> wish to retain it, then please can you move it to an appendix.
OK with me to remove it


>> I've also included some minor comments inline below, and some nits at the
>> end:
>>     Abstract
>>        This document defines an RPC operation to compare management
>>        datastores that comply with the NMDA architecture.
>> The abstract is perhaps somewhat terse.  Perhaps:
>>     This document defines a YANG RPC operation to compare the
>>     contents of network management datastores that comply with
>>     the NMDA architecture and return the differences in the
>>     YANG-Patch format.
>>     1.  Introduction
>>        The revised Network Management Datastore Architecture (NMDA)
>>        [RFC8342] introduces a set of new datastores that each hold YANG-
>>        defined data [RFC7950] and represent a different "viewpoint" on the
>>        data that is maintained by a server.  New YANG datastores that are
>>        introduced include <intended>, which contains validated
>> configuration
>>        data that a client application intends to be in effect, and
>>        <operational>, which contains at least conceptually operational
>> state
>>        data (such as statistics) as well as configuration data that is
>>        actually in effect.
>> I would suggest deleting "at least conceptually", since the <operational>
>> datastore does contain all operational state, but it may be implemented
>> as a virtual construct that spans multiple nodes (e.g., linecards) and
>> processes.
>>        NMDA introduces in effect a concept of "lifecycle" for management
>>        data, allowing to clearly distinguish between data that is part of
>> a
>>        configuration that was supplied by a user, configuration data that
>>        has actually been successfully applied and that is part of the
>>        operational state, and overall operational state that includes both
>>        applied configuration data as well as status and statistics.
>> "allowing to clearly distinguish" => distinguishing"
>> "status and statistics" => "status information and statistics"
>>        As a result, data from the same management model can be reflected
>> in
>>        multiple datastores.  Clients need to specify the target datastore
>> to
>>        be specific about which viewpoint of the data they want to access.
>>        This way, an application can differentiate whether they are (for
>>        example) interested in the configuration that has been applied and
>> is
>>        actually in effect, or in the configuration that was supplied by a
>>        client and that is supposed to be in effect.
>> Perhaps reword the last sentence to match the logical data flow in the
>> server:
>>    For example, a client application can differentiate whether they are
>>    interested in the configuration supplied to a server and that is
>>    supposed to be in effect, or the configuration that has been applied
>> and is
>>    actually in effect on the server.
>>        When configuration that is in effect is different from
>> configuration
>>        that was applied, many issues can result.  It becomes more
>> difficult
>>        to operate the network properly due to limited visibility of actual
>>        status which makes it more difficult to analyze and understand what
>>        is going on in the network.  Services may be negatively affected
>> (for
>>        example, breaking a service instance resulting in service is not
>>        properly delivered to a customer) and network resources be
>>        misallocated.
>> Perhaps change "actual status" to "actual operational status".
>> I also suggest changing the last sentence to:
>>     Services may be negatively affected (e.g., degrading or breaking a
>> customer service) or network resources may be misallocated.
>>         3. Definitions:
>> It should probably define that <intended>, <operational>, (and perhaps
>> <running>) are used to indicate names of datastores.
>> It should also explain that <compare> is used as the name of a YANG RPC.
>>     4.  Data Model Overview
>>        At the core of the solution is a new management operation,
>> <compare>,
>>        that allows to compare two datastores for the same data.
>> Suggest rewording this first sentence to:
>>   The core of the solution is a new management operation, <compare>,
>>   that compares the data tree contents of two datastores.
>>        o  target: The target identifies the datastore to compare against
>> the
>>           source.
>> Suggest adding an example ", e.g., <operational>."
>>        o  filter-spec: This is a choice between different filter
>> constructs
>>           to identify the portions of the datastore to be retrieved.  It
>>           acts as a node selector that specifies which data nodes are
>> within
>>           the scope of the comparison and which nodes are outside the
>> scope