Re: [netmod] [netconf] WG Last Call: draft-ietf-netmod-factory-default-05

Qin Wu <bill.wu@huawei.com> Sat, 30 November 2019 13:03 UTC

Return-Path: <bill.wu@huawei.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA39C1200CE; Sat, 30 Nov 2019 05:03:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GSFCWEA7zwHz; Sat, 30 Nov 2019 05:03:33 -0800 (PST)
Received: from huawei.com (lhrrgout.huawei.com [185.176.76.210]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 465541200C7; Sat, 30 Nov 2019 05:03:33 -0800 (PST)
Received: from LHREML713-CAH.china.huawei.com (unknown [172.18.7.108]) by Forcepoint Email with ESMTP id 8013D487F36A0A4AEC60; Sat, 30 Nov 2019 13:03:25 +0000 (GMT)
Received: from DGGEML406-HUB.china.huawei.com (10.3.17.50) by LHREML713-CAH.china.huawei.com (10.201.108.36) with Microsoft SMTP Server (TLS) id 14.3.408.0; Sat, 30 Nov 2019 13:03:24 +0000
Received: from DGGEML511-MBX.china.huawei.com ([169.254.1.151]) by dggeml406-hub.china.huawei.com ([10.3.17.50]) with mapi id 14.03.0439.000; Sat, 30 Nov 2019 21:03:19 +0800
From: Qin Wu <bill.wu@huawei.com>
To: "Joe Clarke (jclarke)" <jclarke@cisco.com>
CC: Kent Watsen <kent+ietf@watsen.net>, "netmod@ietf.org" <netmod@ietf.org>, "draft-ietf-netmod-factory-default@ietf.org" <draft-ietf-netmod-factory-default@ietf.org>
Thread-Topic: [netmod] [netconf] WG Last Call: draft-ietf-netmod-factory-default-05
Thread-Index: AdWnfkDNbvxc5uWLS7y8l1EtjKk2oA==
Date: Sat, 30 Nov 2019 13:03:18 +0000
Message-ID: <B8F9A780D330094D99AF023C5877DABAA94A8EC1@dggeml511-mbx.china.huawei.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.134.31.203]
Content-Type: multipart/alternative; boundary="_000_B8F9A780D330094D99AF023C5877DABAA94A8EC1dggeml511mbxchi_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/yY6HWy9xE08mPKp3HRMuGbigMHo>
Subject: Re: [netmod] [netconf] WG Last Call: draft-ietf-netmod-factory-default-05
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 30 Nov 2019 13:03:36 -0000

发件人: Joe Clarke (jclarke) [mailto:jclarke@cisco.com]
发送时间: 2019年11月19日 17:20
收件人: Qin Wu <bill.wu@huawei.com>
抄送: Kent Watsen <kent+ietf@watsen.net>et>; netmod@ietf.org; draft-ietf-netmod-factory-default@ietf.org
主题: Re: [netmod] [netconf] WG Last Call: draft-ietf-netmod-factory-default-05



[Qin]: Yes, resetting processes or restarting node did cover ZTP part, from Martin’s comment, I feel we don’t need to tie resetting process with RFC8572, since RFC8572 actually focuses on SZTP.
Actually we may have a lot of legacy ZTP mechanism we can leverage, I am not sure which reference I should stick to. Make sense?

It does.  You should remove the informative reference.

[Qin]: Okay

More importantly, though, how do you see this practically being implemented?  With an ops dir hat, I’m walking through Section 2, and sending a factory-reset RPC to a device.  The device immediately resets <running> to default and <operational> to some similar default state.  The device has become unreachable within the network.  A reboot or other reset is optional to implement, so as an operator I’m not really sure what to expect at this point.

[Qin]:I am not sure we should make restart or reboot as mandatory after factory-reset rpc, I think factory-reset rpc affects kernel level, it will be good not to restart the node, if it touches hardware level, it is be important to reboot or restart the node. Another angle we can have is if factory-reset rpc is executed in the trust environment, it may be not necessary to restart the node or root.

Here’s my use case.  I have a switch that has a config (including a management IP [OOB or IB]).  When I send it the factory-default RPC, I now have a switch in the network I cannot reach.  It continues to run, but with a factory default config (which doesn’t include the management IP).  I now have a problem.  Sure, the switch may not need to reboot.  It might immediately do DHCP and begin a bootstrap workflow.  It may need a reboot to do that.

What I was asking is does it make sense to add some Operational Considerations text to let implementors and operators know about these types of things and encourage them (vendors in particular) to do think about how they will implement factory-default to ensure that these types of processes can be restarted without additional user intervention?

[Qin]: How about the add a few text at the end of section 2 to say:
OLD TEXT:
“
The "factory-reset" RPC MAY also be used to trigger some other resetting tasks such as restarting the node or some of the software processes.

”
NEW TEXT:
“
The "factory-reset" RPC MAY also be used to trigger some other resetting tasks such as restarting the node or some of the software processes,
especially after having onboard information being processed or when a specified boot image needs to be downloaded, verified and installed.
”
Joe