Re: [nmrg] Residual configurations
Alexander Clemm <alex@futurewei.com> Wed, 07 October 2020 16:44 UTC
Return-Path: <alex@futurewei.com>
X-Original-To: nmrg@ietfa.amsl.com
Delivered-To: nmrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B09833A0C9F for <nmrg@ietfa.amsl.com>; Wed, 7 Oct 2020 09:44:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.088
X-Spam-Level:
X-Spam-Status: No, score=-2.088 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_RATIO_02=0.001, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=futurewei.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X05xC68s_wyg for <nmrg@ietfa.amsl.com>; Wed, 7 Oct 2020 09:44:36 -0700 (PDT)
Received: from NAM04-BN3-obe.outbound.protection.outlook.com (mail-eopbgr680111.outbound.protection.outlook.com [40.107.68.111]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A70EA3A0DE4 for <nmrg@irtf.org>; Wed, 7 Oct 2020 09:44:32 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=eSXroDK17sDQhnzL0inIrmSCI6K3pHlO5rlGu0GwqrZXhvmEY8WGlZ1trIjcZOzB7XyfYuB0i8FJgxmT5CCt2aWouMFkL6EkE296yMxsW0klfrllpVi6Sx67451dVVhhLbt5Y1BUjESWspESsBCb8IzQ0mtUJwFMW24Z+JZRJUjI/LljBU9k5WkqRt5xIve30fR8GBNQdfRxXJS+On0dPYaT9uwdz3garxu1seOYU1UIjg2IZQU1VHpZi4saRKW6kq8ZusFMXLZdYqfFPATncGdHMymchm45BRZsPthzKkvOfWVTQFfEkvTluukuZMlHfC6YXFgXFTm1GGJCDc1qqA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GFR6WnY6dhjN0ih7VF/ApcpthHs2wfLGDhM9ZPbzUjQ=; b=N0Grjukw+U4SGo5DzoYPCEIgumtamtPmRFZa/0TsfocZupndcAvzJ/5ACd+bVTVOT/TT2xBlz0vjhvlJy7zw9CtOQCFUhLB3pNDVpZcJcqJqduH2avosIiTZVLDAoLZlxzKEPQuq56T9juBk7yNKCrdehbmk2jEDuxNCbWLAb3kflq9pcqsWioDEazH6W5V5GHiq2y7rsunrYjKdc3hodq9tNkaUjAu48jN32E8JZdHCkDlwaLjElQ5fFpaYp660CEYiWsmXGqH6f7CkVHd01JSgA2iSgdzPVy2pBKrfCXjyz59AENltKchkRTKHTKJO+7qCNy+va/vhgGQAW9NDvw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=futurewei.com; dmarc=pass action=none header.from=futurewei.com; dkim=pass header.d=futurewei.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Futurewei.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GFR6WnY6dhjN0ih7VF/ApcpthHs2wfLGDhM9ZPbzUjQ=; b=HxbZKmc3d4ds3qIxp6JeYeCVsVcJmTr/ZxN2N6FAsnuB5YpBzNdqXMamScczTo/1PsDLVMVJnlBM8YYkn4WLXOBFm7JsAwjK9Zv7ZgJTg7szf0buwGDf/Ke6t5cpV/AELmdcxVWEbGFKiHn7CGADMtpnk3RiX/UT82hZb40+UtY=
Received: from BY5PR13MB3793.namprd13.prod.outlook.com (2603:10b6:a03:226::15) by BYAPR13MB2504.namprd13.prod.outlook.com (2603:10b6:a02:cc::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3455.13; Wed, 7 Oct 2020 16:44:24 +0000
Received: from BY5PR13MB3793.namprd13.prod.outlook.com ([fe80::f0f3:2a3f:eaf2:6f26]) by BY5PR13MB3793.namprd13.prod.outlook.com ([fe80::f0f3:2a3f:eaf2:6f26%5]) with mapi id 15.20.3455.022; Wed, 7 Oct 2020 16:44:24 +0000
From: Alexander Clemm <alex@futurewei.com>
To: Dean Bogdanovic <dean@voltanet.io>, "nmrg@irtf.org" <nmrg@irtf.org>
Thread-Topic: [nmrg] Residual configurations
Thread-Index: AQHWnMa1l4qNQLIQ9ESiuknMXg9HAamMVRYA
Date: Wed, 07 Oct 2020 16:44:24 +0000
Message-ID: <BY5PR13MB379352ECC359976EF75AB5B7DB0A0@BY5PR13MB3793.namprd13.prod.outlook.com>
References: <EDD6C248-C2CD-4CC6-AA99-558C27ADD48C@voltanet.io>
In-Reply-To: <EDD6C248-C2CD-4CC6-AA99-558C27ADD48C@voltanet.io>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: voltanet.io; dkim=none (message not signed) header.d=none;voltanet.io; dmarc=none action=none header.from=futurewei.com;
x-originating-ip: [73.189.160.186]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 7aae76f5-071a-451f-f145-08d86ae03fcc
x-ms-traffictypediagnostic: BYAPR13MB2504:
x-microsoft-antispam-prvs: <BYAPR13MB2504DE47CA651E2685CD14A7DB0A0@BYAPR13MB2504.namprd13.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: K0IfBMNZ1Dm9z0YuoajZ2sKnirP3mb0SZ4SfgW9PlBNrn2FNO/j0MWb6c8xJYkR1XdSv+mxfj9BKSPr5rIHT1yBlzh/nUKGB2VUJIYI55k72LggGr6YBfEMmpZg3EowH6cNheg4GhauiXg3w4zA1xXLHLdkh9/biUVWjxCcEFzwAKhIXeyIbnadEFb5g+OzPxT1SaEoc0XWFALotesiHawm1VXRU84YxzdDQiEQjGw5o7FB8Br6rmWIEAdAsjanrnTLPz+XAMEKd3eOfnAB9aNBH8wE+ulyyOtYPFcRhCkByxuHmArx+X5R5eJ6x4XBmydAQrE8NEAYGfE1vtjAN6w==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BY5PR13MB3793.namprd13.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(376002)(39840400004)(396003)(136003)(366004)(8936002)(33656002)(53546011)(2906002)(9686003)(8676002)(52536014)(83380400001)(71200400001)(5660300002)(55016002)(76116006)(66616009)(66446008)(66946007)(66476007)(64756008)(6506007)(86362001)(26005)(316002)(110136005)(478600001)(99936003)(186003)(9326002)(7696005)(66556008); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: Un/1mYPOETB/65JNno/4WtKjqMf2aErevtxqSWHiq8AthFQMirjd6IYwGp1r7dxu9bhwr+hQpixDZcfY+LI+f1nQ64+FQ2LqmDVLp+9QOavEGjbnEUd7reRZtXhhwD5GkNu6cn0OyCqLAWNoacgsFuwPdRLsXtywFrTc/FFaS3nKptykmE0G2afNfyrNEbOh42JNXzZHHxhlPDOx97gO43cr+extbfy1Eu9Av1TgrzpyauDAcUzxB1hjTeE2ZojRsHGq7Hayw6Sb2TMC7BTwNYwiXjXTcPzX1fCTAZdCsOVVW/Fq0lL6KEfqg0eN10icRZoU+6YOk2suesehcnYAFwwnBrj0mJFxC2aCEe8zPPuSraivZWBlBDs5i3qQ+9C21YybriQYUZth8OSCCQW/L9zxwlH//qo1H3AvKGS2z8dgERH1FZRZPYhO8dgtkAn+8NKkdoBd2ZQ1QrnIN1ODLW3nzC/WWGmtNa85ipKAP7L554OuF75u4gJm847wRZ7C4/aFEI4FZw1eBq/BkdG2tyw5TlDJWZhNsX7OgRC7bb4mFcpLC49fXgBEz2WBBleDLZ8xaAh+T6OI9/Jh//4W03PF8KPV/eV2y29UkGVUdd1bUEyDZa2soxjOcMBLBPf6uRDFY/MWAbHxnAORkC4uDw==
x-ms-exchange-transport-forked: True
Content-Type: multipart/related; boundary="_004_BY5PR13MB379352ECC359976EF75AB5B7DB0A0BY5PR13MB3793namp_"; type="multipart/alternative"
MIME-Version: 1.0
X-OriginatorOrg: Futurewei.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BY5PR13MB3793.namprd13.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 7aae76f5-071a-451f-f145-08d86ae03fcc
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Oct 2020 16:44:24.7334 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 0fee8ff2-a3b2-4018-9c75-3a1d5591fedc
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ov8ihaHVAm/HAkUcLDgcZr5+bVIF45yC5vyAlqTtlXcfVa0Jy2DmeUTsu5uoHNqTCa1TSzxpRf5Gn/qWCnoQUQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR13MB2504
Archived-At: <https://mailarchive.ietf.org/arch/msg/nmrg/MyvdreY0UQxZnjOVGpptDyrlKW0>
Subject: Re: [nmrg] Residual configurations
X-BeenThere: nmrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Management Research Group discussion list <nmrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/nmrg>, <mailto:nmrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nmrg/>
List-Post: <mailto:nmrg@irtf.org>
List-Help: <mailto:nmrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/nmrg>, <mailto:nmrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Oct 2020 16:44:46 -0000
Hi Dean, I agree that having a database acting as a system of record, from which device configurations can be regenerated as needed, makes a lot of sense. Whenever the two were to get out of sync, you could also reprovision the network as needed. I am not quite clear what you are suggesting regarding the distinction between overlay networks and substrate network and was wondering if you could clarify this. Clearly, the same principle would apply there as well (database acts as system of record). But why would you mandate it being it being ephemeral (versus non-ephemeral for the substrate)? Just as a method to garbage-collect configurations made by administrators on devices directly? (I do understand that there will be a problem if device configuration entered by an administrator and configuration kept at an external system were to diverge, in particular, when it is not clear which one is the actual system of record. But this seems to be not an issue here – just the size of the configuration file?) Thanks --- Alex From: nmrg <nmrg-bounces@irtf.org> On Behalf Of Dean Bogdanovic Sent: Wednesday, October 7, 2020 9:27 AM To: nmrg@irtf.org Subject: [nmrg] Residual configurations Hi, During last NMRG virtual meeting on Sep 25, we touched base about residual configuration issues in networks. Network device configurations are getting bigger and often operators don’t know why certain parts of the config are there. One such use case that contributes to config growth are debugging sessions. Network operator enters the device and starts editing configuration. After the debug session is over, it is not unusual for that debug config information to stay in the config indefinitely. Some operators have created central databases that contain all the network configuration and act as systems of record. If anything is to persist in the network, it has to be entered in the central database, but there is still an issue between on device persisting configurations and central configuration database. One of the ideas was to keep the persistent configuration at minimum on the device and in the central database. All network services are generated on demand and are ephemeral. The network topology would look something like this [cid:image001.png@01D69C8D.BDE74360] From physical perspective, there are two networks, an optical transport and a packet switched network. All devices receive basic connectivity configuration that (could) persists on the device, you can call them Level 1 virtual networks (maybe glorified management networks). Those networks provide most basic connectivity between devices within a single management domain. That information could be also provided via ZTP. On top of each network higher level networks are overlaid. All the network configuration for higher level networks is ephemeral. The higher level networks can (IMO, should be) different management domains, which creates clear demarcation lines in the network provisioning data Such approach would create a (small) well defined starting configuration with all other services built as part of higher level networks. The residual config problem would be limited to each domain and with higher level networks being ephemeral, it should be easily reprovisioned by replaying the provisioning information from a central location. As said, this an interesting problem to me, as the residual configs also eat data plane resources, which are quite expensive. Dean
- [nmrg] Residual configurations Dean Bogdanovic
- Re: [nmrg] Residual configurations Alexander Clemm
- Re: [nmrg] Residual configurations Dean Bogdanovic
- Re: [nmrg] Residual configurations Jeff Tantsura
- Re: [nmrg] Residual configurations LUIS MIGUEL CONTRERAS MURILLO
- Re: [nmrg] Residual configurations Dean Bogdanovic
- Re: [nmrg] Residual configurations Dean Bogdanovic