IETF Logo Mail Archive

Re: [netmod] WG Last Call: draft-ietf-netmod-acl-model-15

"Acee Lindem (acee)" <acee@cisco.com> Thu, 18 January 2018 00:45 UTC

Return-Path: <acee@cisco.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 35EF712EAAB for <netmod@ietfa.amsl.com>; Wed, 17 Jan 2018 16:45:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.53
X-Spam-Level:
X-Spam-Status: No, score=-14.53 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xpb9JK5JL678 for <netmod@ietfa.amsl.com>; Wed, 17 Jan 2018 16:45:33 -0800 (PST)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7AE6712741D for <netmod@ietf.org>; Wed, 17 Jan 2018 16:45:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=9819; q=dns/txt; s=iport; t=1516236333; x=1517445933; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=RGHY2oapaeRSCyWq3DzX8DK81FcSNOY5y2Gi2CmQ1L4=; b=f1bJDC2FTIA0yQlIwRX9OWrcu0S9DDQ/0NSwOLuIGd0j7/sAcHcW/W+f k03q4zUch5IaQthCBBror2c2wliSFekdBsv7MO2w/WUqX5rTK/4YmXk4o CHJf5mmS0wWbx1Q9xnJ1LwaKgFQRFrjgo57GJwNAerWCdrHwGxZvwhN0u M=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BKAwCt7F9a/4sNJK1cGQEBAQEBAQEBAQEBAQcBAQEBAYJKd2Z0JweEDJkCggKJB4hWhVGCFgoYAQqESU8CGoRLQBcBAQEBAQEBAQFrKIUjAQEBBAEBIUsLEAIBCA4DAwECKAMCAgIfBgsUCQgCBAENBRuJNEwDFRCna4Inhz0NggQBAQEBAQEBAQEBAQEBAQEBAQEBAQEYBYZRhm6Ca0QBAQKCD4J3gmUFmXmJNj0CkE6FA5QTjgWIfQIRGQGBOwEgATeBUG8VPYIqghs5HIFmAXiLOYEXAQEB
X-IronPort-AV: E=Sophos;i="5.46,374,1511827200"; d="scan'208,217";a="347613570"
Received: from alln-core-6.cisco.com ([173.36.13.139]) by rcdn-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 18 Jan 2018 00:45:32 +0000
Received: from XCH-RTP-013.cisco.com (xch-rtp-013.cisco.com [64.101.220.153]) by alln-core-6.cisco.com (8.14.5/8.14.5) with ESMTP id w0I0jVJO010871 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 18 Jan 2018 00:45:32 GMT
Received: from xch-rtp-015.cisco.com (64.101.220.155) by XCH-RTP-013.cisco.com (64.101.220.153) with Microsoft SMTP Server (TLS) id 15.0.1320.4; Wed, 17 Jan 2018 19:45:31 -0500
Received: from xch-rtp-015.cisco.com ([64.101.220.155]) by XCH-RTP-015.cisco.com ([64.101.220.155]) with mapi id 15.00.1320.000; Wed, 17 Jan 2018 19:45:30 -0500
From: "Acee Lindem (acee)" <acee@cisco.com>
To: Sonal Agarwal <sagarwal12@gmail.com>, Kent Watsen <kwatsen@juniper.net>
CC: "netmod@ietf.org" <netmod@ietf.org>
Thread-Topic: [netmod] WG Last Call: draft-ietf-netmod-acl-model-15
Thread-Index: AQHTj93UjCIcW+s9eES+j5KHC1NlIKN4/uMAgAABSICAAAr5gIAADrCA//+xqIA=
Date: Thu, 18 Jan 2018 00:45:30 +0000
Message-ID: <D6855780.ECED6%acee@cisco.com>
References: <8C19AD4C-0DCA-4D96-A070-0D76BE92BFA4@juniper.net> <20180117224916.4xtwnxgsw3snzwvf@elstar.local> <B3AAE9DB-1F4B-40F5-91BC-7A283B6E5F8B@gmail.com> <BA276029-048F-4B80-A104-924DD1C488F1@juniper.net> <CAMMHi8jdoXcVcw6tWeK=eK4y8kFTZX7UaVo3=vUCOR2KM6bw=g@mail.gmail.com>
In-Reply-To: <CAMMHi8jdoXcVcw6tWeK=eK4y8kFTZX7UaVo3=vUCOR2KM6bw=g@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.116.152.198]
Content-Type: multipart/alternative; boundary="_000_D6855780ECED6aceeciscocom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/oe4LJC6NvcQ8niHr4qaELxFHthg>
Subject: Re: [netmod] WG Last Call: draft-ietf-netmod-acl-model-15
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Jan 2018 00:45:35 -0000

Hi Sonal,

From: netmod <netmod-bounces@ietf.org<mailto:netmod-bounces@ietf.org>> on behalf of Sonal Agarwal <sagarwal12@gmail.com<mailto:sagarwal12@gmail.com>>
Date: Wednesday, January 17, 2018 at 7:25 PM
To: Kent Watsen <kwatsen@juniper.net<mailto:kwatsen@juniper.net>>
Cc: "netmod@ietf.org<mailto:netmod@ietf.org>" <netmod@ietf.org<mailto:netmod@ietf.org>>
Subject: Re: [netmod] WG Last Call: draft-ietf-netmod-acl-model-15

Hi Kent,

The last remaining open issue is about adding containers for addresses (source, destination) and ports (source, destination). A user has the choice to use the container or leaf for address (source/dest) and port (source/dest).  With this, the user can use the Yang model to configure scale ACL's.

Is this is the motivation for doing it two ways? I’d think that aggregation of common match criteria for scale could be better done programmatically than through prudent configuration.

Thanks,
Acee

I did some preliminary work on this in August/September last year, but ran out of time to explore this fully as I had to upload my other changes by particular dates.

The non implementation of this does not detract from the usability of the ACL model.

Closing the issue to completion will require me to revisit and implement the yang solution for container support in the model.

Thanks,
Sonal.


On Wed, Jan 17, 2018 at 3:33 PM, Kent Watsen <kwatsen@juniper.net<mailto:kwatsen@juniper.net>> wrote:

H Mahesh,

>> - There is an open issue in the document (section 8) - are we going
>>  to resolve that during WG last call or is this a leftover?
>
> This will be resolved in the next version of the module. It is
> documented under Issues tab in GitHub. Should we remove it from
> the draft?

Most of Juergen's comments are editorial in nature and can truly be handled as part of the LC process, but this open issue has me worried, as it may result in a significant technical change.

What will it take to close this open issue?  Is it just a matter of the getting the WG to agree that it's not an issue, or do we already know that it is a real issue and only the solution is pending?

Thanks,
Kent




_______________________________________________
netmod mailing list
netmod@ietf.org<mailto:netmod@ietf.org>
https://www.ietf.org/mailman/listinfo/netmod

v2.23.0 | Report a Bug | By Email