Re: [netmod] Must offline-validation of <running> alone be valid?

Kent Watsen <kent@watsen.net> Tue, 14 December 2021 01:32 UTC

From: Kent Watsen <kent@watsen.net>
Message-ID: <0100017db69159e5-16596fab-ac8f-48b9-8e81-ad5db2e749bf-000000@email.amazonses.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_B0EC4928-0398-4031-9350-BA438A4A87EA"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\))
Date: Tue, 14 Dec 2021 01:31:58 +0000
In-Reply-To: <CABCOCHQenqXZKMyXc65BHV62z5tJMKF-DzFSiLK=5Dk1ardxtw@mail.gmail.com>
Cc: "Sterne, Jason (Nokia - CA/Ottawa)" <jason.sterne@nokia.com>, "maqiufang (A)" <maqiufang1=40huawei.com@dmarc.ietf.org>, "netmod@ietf.org" <netmod@ietf.org>
To: Andy Bierman <andy@yumaworks.com>
References: <0df9454875b54804b42ec2f5cc6b151f@huawei.com> <D198DDBF-BC97-4E4C-8B62-470880287A06@tail-f.com> <VI1PR07MB550191DA7C787DD4E344989791609@VI1PR07MB5501.eurprd07.prod.outlook.com> <7511E143-A08F-4089-89CB-17F74C2E9CCE@tail-f.com> <0100017d6dbe6f00-1f424f2e-1faa-433b-bd36-a2b299a3764d-000000@email.amazonses.com> <DD4B9BD4-464D-4D92-AF45-4474185C3D28@tail-f.com> <20211203102610.6zntrwbemnyxxjnr@anna> <CABCOCHTXpcQEH+vSvJfaAJ4o3bzSz5N==8rWrciUh60qbFF_1w@mail.gmail.com> <DM6PR08MB50844DB8F2F7D2D11A6CB0879B6F9@DM6PR08MB5084.namprd08.prod.outlook.com> <CABCOCHQenqXZKMyXc65BHV62z5tJMKF-DzFSiLK=5Dk1ardxtw@mail.gmail.com>
Feedback-ID: 1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/v7PiI7VcmLPcCpvS0OS-dUl-gEc>
Subject: Re: [netmod] Must offline-validation of <running> alone be valid?
Precedence: list

> On Dec 8, 2021, at 5:50 PM, Andy Bierman <andy@yumaworks.com> wrote:
> 
> Andy - about use cases.  Here is a problem we're trying to address:
> 
>  
> 
> There are at least several major router implementations that have this concept of "hidden config" (i.e. list entries that can be referenced in a leafref by explicit user config, but those list entries are not returned in a <get-config>).  
> 
> 
> Clearly not in compliance with RFC 7950.

Andy, can you please point to the part in RFC 7950 that says offline validation must be supported?   I believe that this "common understanding” actually lacks a basis, and an equally-valid interoperation is that the <running> must be valid *on the server* vis-a-vis it actually validating <intended>.

> IMO the "enable flag" approach to the general problem, presented by Kent a couple years ago,
> is a much simpler and better solution than a new <system> datastore.
> The full set of nodes is in <running>.
> A generalized "enable" mechanism causes the resource to be used or not,
> where it shows up in <intended> and <operational> if enabled=true.
> 
> IMO this fits the original intent of NMDA and does so in a way that requires
> the least disruption to current compliant implementations.

You have the memory of an elephant  ;)

That I-D (conditional-enablement [1]) was mostly about how to support JUNOS’s “inactive” annotation.  I replaced the negative “inactive” with positive “enabled” for readability.  That draft also shined a light on how the “enabled” annotation could be used in firewall pollination for, e.g., 9am-5pm ACL rules.

I guess I’m unclear about the relation to the system-defined config - can you say some more?

[1] https://datatracker.ietf.org/doc/html/draft-kwatsen-conditional-enablement-00 <https://datatracker.ietf.org/doc/html/draft-kwatsen-conditional-enablement-00>

K.

[netmod] Must offline-validation of <running> alo… maqiufang (A)
Re: [netmod] Must offline-validation of <running>… Jan Lindblad
Re: [netmod] Must offline-validation of <running>… Belotti, Sergio (Nokia - IT/Vimercate)
Re: [netmod] Must offline-validation of <running>… Jan Lindblad
Re: [netmod] Must offline-validation of <running>… maqiufang (A)
Re: [netmod] Must offline-validation of <running>… Kent Watsen
Re: [netmod] Must offline-validation of <running>… Jan Lindblad
Re: [netmod] Must offline-validation of <running>… Jürgen Schönwälder
Re: [netmod] Must offline-validation of <running>… Andy Bierman
Re: [netmod] Must offline-validation of <running>… Sterne, Jason (Nokia - CA/Ottawa)
Re: [netmod] Must offline-validation of <running>… Sterne, Jason (Nokia - CA/Ottawa)
Re: [netmod] Must offline-validation of <running>… Andy Bierman
Re: [netmod] Must offline-validation of <running>… maqiufang (A)
Re: [netmod] Must offline-validation of <running>… Jürgen Schönwälder
Re: [netmod] Must offline-validation of <running>… Sterne, Jason (Nokia - CA/Ottawa)
Re: [netmod] Must offline-validation of <running>… Jürgen Schönwälder
Re: [netmod] Must offline-validation of <running>… Sterne, Jason (Nokia - CA/Ottawa)
Re: [netmod] Must offline-validation of <running>… Sterne, Jason (Nokia - CA/Ottawa)
Re: [netmod] Must offline-validation of <running>… Andy Bierman
Re: [netmod] Must offline-validation of <running>… Kent Watsen
Re: [netmod] Must offline-validation of <running>… Kent Watsen
Re: [netmod] Must offline-validation of <running>… Kent Watsen
Re: [netmod] Must offline-validation of <running>… Kent Watsen
Re: [netmod] Must offline-validation of <running>… Andy Bierman
Re: [netmod] Must offline-validation of <running>… Andy Bierman
Re: [netmod] Must offline-validation of <running>… Kent Watsen
Re: [netmod] Must offline-validation of <running>… Andy Bierman
Re: [netmod] Must offline-validation of <running>… Kent Watsen
Re: [netmod] Must offline-validation of <running>… Kent Watsen
Re: [netmod] Must offline-validation of <running>… Kent Watsen
Re: [netmod] Must offline-validation of <running>… Andy Bierman
Re: [netmod] Must offline-validation of <running>… Jürgen Schönwälder
Re: [netmod] Must offline-validation of <running>… Martin Björklund
Re: [netmod] Must offline-validation of <running>… Jan Lindblad
Re: [netmod] Must offline-validation of <running>… Jan Lindblad
Re: [netmod] Must offline-validation of <running>… Kent Watsen
Re: [netmod] Must offline-validation of <running>… Jan Lindblad
Re: [netmod] Must offline-validation of <running>… Kent Watsen
Re: [netmod] Must offline-validation of <running>… Jürgen Schönwälder
Re: [netmod] Must offline-validation of <running>… Jan Lindblad
Re: [netmod] Must offline-validation of <running>… Kent Watsen
Re: [netmod] Must offline-validation of <running>… Jürgen Schönwälder
Re: [netmod] Must offline-validation of <running>… Andy Bierman
Re: [netmod] Must offline-validation of <running>… Kent Watsen
Re: [netmod] Must offline-validation of <running>… Martin Björklund
Re: [netmod] Must offline-validation of <running>… Kent Watsen
Re: [netmod] Must offline-validation of <running>… Andy Bierman
Re: [netmod] Must offline-validation of <running>… maqiufang (A)