Re: [netmod] WG Last Call for draft-ietf-netmod-acl-model-11
Kristian Larsson <kristian@spritelink.net> Thu, 17 August 2017 12:19 UTC
Return-Path: <kristian@spritelink.net>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC37A13213D for <netmod@ietfa.amsl.com>; Thu, 17 Aug 2017 05:19:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 34T3vhxlHmqn for <netmod@ietfa.amsl.com>; Thu, 17 Aug 2017 05:19:31 -0700 (PDT)
Received: from Mail2.SpriteLink.NET (Mail2.SpriteLink.NET [195.182.5.83]) by ietfa.amsl.com (Postfix) with ESMTP id 4B2341201F8 for <netmod@ietf.org>; Thu, 17 Aug 2017 05:19:31 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by Mail2.SpriteLink.NET (Postfix) with ESMTP id 40549261846 for <netmod@ietf.org>; Thu, 17 Aug 2017 14:19:31 +0200 (CEST)
X-Virus-Scanned: amavisd-new at SpriteLink.NET
Received: from Mail2.SpriteLink.NET ([195.182.5.83]) by localhost (Mail2.SpriteLink.NET [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xgMVAs8AoyHl for <netmod@ietf.org>; Thu, 17 Aug 2017 14:19:29 +0200 (CEST)
Received: from localhost (Mission-Control.spritelink.net [195.182.5.153]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: kristian@SpriteLink.NET) by Mail2.SpriteLink.NET (Postfix) with ESMTPSA id 3B4B3261838 for <netmod@ietf.org>; Thu, 17 Aug 2017 14:19:29 +0200 (CEST)
Date: Thu, 17 Aug 2017 14:19:28 +0200
From: Kristian Larsson <kristian@spritelink.net>
To: "netmod@ietf.org" <netmod@ietf.org>
Message-ID: <20170817121928.GB5993@spritelink.se>
References: <1D830FD0-547F-4F5D-A169-B05A8DC013B3@juniper.net> <972a1bde-6316-1b9b-e032-5be7ca53fa3f@labn.net> <20170717151148.GB17340@elstar.local>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20170717151148.GB17340@elstar.local>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/wVouefIQFYebrFwx3RALi3hWZv4>
Subject: Re: [netmod] WG Last Call for draft-ietf-netmod-acl-model-11
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Aug 2017 12:19:34 -0000
On Mon, Jul 17, 2017 at 05:11:48PM +0200, Juergen Schoenwaelder wrote: > On Mon, Jul 17, 2017 at 04:18:47PM +0200, Lou Berger wrote: > > All, > > > > Per our discussion in today's session, another version of this draft > > is needed to address open issues. As this revision will include > > technical changes, another LC will be needed after that version is > > published. > > > > Please do comment on this version, but be aware this version will *not* > > be submitted for publication. > > > > I planned to review this I-D but I will now wait for the next > version. ;-) However, a few things I already noted: > > - The identifiers are long, I think this was discussed before. I > suggest to replace 'source' with 'src' and 'destination' with > 'dst'; this will likely also make the tree diagram fit the > traditional RFC format again. > > I am not sure about the idea to spell out all the mixed-x-y-z > combinations. This may turn out costly to maintain long term. > > The naming is also inconsistent I think. My understanding is that > mixed-l2-l3-ipv4-acl really means mixed-eth-ipv4-acl. In fact, > ipv4-acl is actually l3 and possibly l4 since the grouping > acl-ip-header-fields uses acl-transport-header-fields. You can skip > the l4 portions since they are in a presence container. Note that this > is different from how you deal with l2 and l3 combinations. +1, this bothered me too when reading the model. IPv4 and IPv6 is explicitly named while L2 just implies Ethernet. Should have eth-ipv4-acl in the name, or eth-ipv6-acl.. or if we support matches for other L2 technology then include that in the name. While Ethernet is popular we do still have other L2 technologies. > I guess I > would generally prefer a solution that is more orthogonal > wrt. layering and likely not causing maintenance headaches in 5-10 > years from now. I don't immediately see a better way of doing it. It is rather tricky. > That said, I am not planning to implement this YANG module myself so > as long as multiple implementors think this is all good, it might be > sufficient to simply fix terminology and naming to be clear, concise > and consistent. I'm trying to implement it, as a user :) kll -- Kristian Larsson KLL-RIPE +46 704 264511 kll@spritelink.net
- [netmod] WG Last Call for draft-ietf-netmod-acl-m… Kent Watsen
- Re: [netmod] WG Last Call for draft-ietf-netmod-a… Juergen Schoenwaelder
- Re: [netmod] WG Last Call for draft-ietf-netmod-a… Kent Watsen
- Re: [netmod] WG Last Call for draft-ietf-netmod-a… David Bannister
- Re: [netmod] WG Last Call for draft-ietf-netmod-a… Lou Berger
- Re: [netmod] WG Last Call for draft-ietf-netmod-a… Juergen Schoenwaelder
- Re: [netmod] WG Last Call for draft-ietf-netmod-a… Kristian Larsson
- Re: [netmod] modelling of packet-action WG Last C… Kristian Larsson
- Re: [netmod] modelling of packet-action WG Last C… Sonal Agarwal