Re: [pim] [Last-Call] Last Call: <draft-ietf-pim-igmp-mld-snooping-yang-12.txt> (A Yang Data Model for IGMP and MLD Snooping) to Proposed Standard (tom petch)
Hongji Zhao <hongji.zhao@ericsson.com> Tue, 16 June 2020 03:50 UTC
Return-Path: <hongji.zhao@ericsson.com>
X-Original-To: pim@ietfa.amsl.com
Delivered-To: pim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A616C3A100C for <pim@ietfa.amsl.com>; Mon, 15 Jun 2020 20:50:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.102
X-Spam-Level:
X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7wGBLzFQ73Hv for <pim@ietfa.amsl.com>; Mon, 15 Jun 2020 20:50:37 -0700 (PDT)
Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-eopbgr80079.outbound.protection.outlook.com [40.107.8.79]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F3FCB3A100A for <pim@ietf.org>; Mon, 15 Jun 2020 20:50:36 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=T1fT5gL1y3z3bqrH3+Wz1/33vdcomlNe3bA4yhqvXQ+jT9J/vJzDtPNJmzYqlwtcJCnwM/cF08/Tncvff5tEF1dKuC8YghSGJmq784sJHHxvqHS9EP1ow9TdmIem6scNhWBbR2AgbIR9A1IteNMO+KFqfJs0RtOEwv3uCtonvv1yE3AoXrkiCyRnJ2YPh8uCYlHBW43+QcNGfaGn3qJhe0RKaJgTGLbhnsyBpPQwcYzYfZBCAUObCQ+Va1YbAgfg+nE3S2nzmpq/ZXrZJPUED2mtn8+FpsyWGe9q3XM3ddS/HjMFkMXcpfSIOQuOPH3k93KQyUloz9dXAtSpaX/6xw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Mx+df/6S8tKedmTPO/LhejKG/f/eTTGGpbmGSyds9yM=; b=eYeVq7rtyMzDBw9RqvkDeCRdRqWqPFVj+8w28KXHsTT+LwN6JlALSTPuFobqmnlnfI9bQ5bw5HTYlSwaFnvxUtqbyR73bucJ2Bo9MedroU7E62VnMbEr4z2EiHyNs0phorPlL3kN7TfvR8S1wl7Nl+uEI5juFzu3nkNQEvWiM+27CiSWnmYGbS02uPMnQbTpusiUi7dxkaOuu2DE4E+SAqbhbC0lNU0B7fFjHRi7g67wMh/2WwpemUcG9L/QZICu33PK2YG4Q1TqKzE9pcUwX+ETZ14+GqvWQ73yVZfTs11MIGYBtn3s+a8bYM2VdJHtEFMkSEL3Xzj440af9nsxTA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Mx+df/6S8tKedmTPO/LhejKG/f/eTTGGpbmGSyds9yM=; b=n/Z+Ap5SNxwE/7slDziZrr62jQuozArs/qVBPeAYjL5dne+RvEWnIEVRfmBg/UPMQUnGZPr6k+3+bMTtsInz5zECLj/pWmGOySCQSU29iJFhLpLy8TM+qe+fg4bQ0nmOu5AE8koi0teSi/VOjYKxvnmPUv15qRSR2kxIf7bzWVA=
Received: from HE1PR0701MB2492.eurprd07.prod.outlook.com (2603:10a6:3:71::22) by HE1PR0701MB2379.eurprd07.prod.outlook.com (2603:10a6:3:70::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3109.7; Tue, 16 Jun 2020 03:50:32 +0000
Received: from HE1PR0701MB2492.eurprd07.prod.outlook.com ([fe80::ec82:bf39:2810:fbb0]) by HE1PR0701MB2492.eurprd07.prod.outlook.com ([fe80::ec82:bf39:2810:fbb0%7]) with mapi id 15.20.3109.018; Tue, 16 Jun 2020 03:50:32 +0000
From: Hongji Zhao <hongji.zhao@ericsson.com>
To: "pim@ietf.org" <pim@ietf.org>
Thread-Topic: [Last-Call] Last Call: <draft-ietf-pim-igmp-mld-snooping-yang-12.txt> (A Yang Data Model for IGMP and MLD Snooping) to Proposed Standard (tom petch)
Thread-Index: AdZDjZJ4nNqrFOFfRFevD8j3qsOIvQ==
Date: Tue, 16 Jun 2020 03:50:31 +0000
Message-ID: <HE1PR0701MB24927D3B604A6CFC3977EF65969D0@HE1PR0701MB2492.eurprd07.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [119.28.22.196]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: a31b2302-56c3-4019-0573-08d811a86b0a
x-ms-traffictypediagnostic: HE1PR0701MB2379:
x-microsoft-antispam-prvs: <HE1PR0701MB237955C81ACEBAD0647C7501969D0@HE1PR0701MB2379.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 04362AC73B
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: aiFC+0mvm2YK50Q6wpOnCI/C50YqjSAzuOFHhe43N6SqwTvnIHUiiCjQPCMnofjAiWWqPy80hDt5LiPoNW/V9mnlRVsbCZYZpv0XD/BLSfUDFzM4DVV4vBEjrF1VogiNZuC1VpfzWE77/LjtmCxLj+Xus0pmcewBD8wQh2lROhCJjL9+rTdqr6iya43vxGvoFkzLlvYRazGKR0KnaYWvFBTcLzBjy0BRSZrvt9shTl390Gcwc3Ab/YckL+G9/nZWdxbUUoNJMdzFBLlgziTh5DVwEu2PEeNGVY3ne1AcI7QHXs30osTAZnuffnBdFLxv+ZiaQmMacpIcSVtLRXIOKQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0701MB2492.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(39860400002)(136003)(396003)(366004)(346002)(376002)(83380400001)(71200400001)(8936002)(5660300002)(52536014)(8676002)(44832011)(316002)(186003)(26005)(53546011)(478600001)(2906002)(64756008)(66446008)(33656002)(6506007)(6916009)(66556008)(66476007)(76116006)(66946007)(86362001)(7696005)(9686003)(66574015)(55016002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: oJ8BQNLLbxFzjFF42FZu/6vOqyHvppJKzE1b8vzy9lsjVRehCi1NTulX4CWn/lof2kyNc7t/P7qvBNfk4Lsf+/jf6HDD2H6YYYZ3Bcjfz4u11A9rnSUbxnLvxqCIj3m2SuBEiAlz1s5PGErB0H0fSd+QXze3zqxCo9M3KzHKqf1gdGLpeOnNH3xHcrL8ra3qfnQnmuImbWKjdUw4fIvDgOm2K4BkgMcZusvxgJA4w3gzrgCAX/rDvvHRfILNcOVOR4+GsmPRVB5xvU9Y9rObIqNSIWx18TUxKL+wJO/69ne1JBi1lJhV54VLVBVoSvGuZXHoru9lQbwLt7+MjnR8xmvmDAmUJZQ1NwdLB/Rn614GkmN2OBlDoyKTUA1RorsZv1hCGxlqx6ILs4ykrhwXP9OHSLoc2VwJsr+df8ZVWoTsW9hzC8w5Z1VBGHIuP0lP9I6J9c5OnpMItqK9sQEXkaI4Y1peXnMbEWsrWs524Dw=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: a31b2302-56c3-4019-0573-08d811a86b0a
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Jun 2020 03:50:31.9652 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: WMNl3tknV919nIoJ7sRa4ClxUcfzB8L3U6JkQNhm4IyyNivZ2pgtS9Jlo4cu7bqvBUHfyJVwhb1zFya7oS4iH7TRjVxiwdMzBg4FaDxdcU4=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2379
Archived-At: <https://mailarchive.ietf.org/arch/msg/pim/5RcHSoMOHeKh3nEWqrlNzLOpZc8>
Subject: Re: [pim] [Last-Call] Last Call: <draft-ietf-pim-igmp-mld-snooping-yang-12.txt> (A Yang Data Model for IGMP and MLD Snooping) to Proposed Standard (tom petch)
X-BeenThere: pim@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Protocol Independent Multicast <pim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pim>, <mailto:pim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pim/>
List-Post: <mailto:pim@ietf.org>
List-Help: <mailto:pim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pim>, <mailto:pim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Jun 2020 03:50:39 -0000
Hi Tom, Please check inline. Thanks a lot! BR/Hongji Date: Thu, 11 Jun 2020 12:19:48 +0100 From: tom petch <daedulus@btconnect.com> To: last-call@ietf.org, pim@ietf.org Subject: Re: [pim] [Last-Call] Last Call: <draft-ietf-pim-igmp-mld-snooping-yang-12.txt> (A Yang Data Model for IGMP and MLD Snooping) to Proposed Standard Message-ID: <5EE21354.7020400@btconnect.com> Content-Type: text/plain; charset=windows-1252; format=flowed Separately, two more YANG quirks The augment have no conditional - rather the YANG 'when' is one level down on the container, not something I am used to nor the practice in other pim yang. [Authors] accepted YANG must be plain text - [RFC 4541] looks like a markup [Authors] accepted Tom Petch On 10/06/2020 12:44, tom petch wrote: The RPC to clear the tables are somewhat insecure. The default is to clear all so a mistake in entering a valid address will clear everything. It would be more secure to have an explicit option for clear all. [Authors] accepted The RPC to clear the tables has no restrictions; a NACM deny all might be appropriate [Authors] I have checked some vendor's document. NACM controls access right through users. Create an operator-defined NACM group and assign the user to the group. In order for an operator-defined NACM group to have access rights associated with an operator-defined NACM rule list, create an operator-defined NACM rule list and assign the group to the rule list. I think maybe this way could implement the restrictions. 1. To create a user account, include the following statement: Router(config)# system authentication user <user-name> password <pwdstring> 2. To create an operator-defined NACM group and assign the operator-defined user to the group, include the following statement: Router(config)# nacm groups group <operator-defined-group> Router(config-group-<operator-defined-group>)# user-name <user-name> 3. To create an operator-defined rule list with one rule, include the following statement: Note: A rule list can contain multiple rules. Router(config)# nacm rule-list <operator-defined-rule-list> Router(config-rule-list-<operator-defined-rule-list>)# rule <operator-defined-rule1> Router(config-rule-<operator-defined-rule1>)# module-name <model-name> Router(config-rule-<operator-defined-rule1>)# path <xpath> Router(config-rule-<operator-defined-rule1>)# access-operations (* | read,exec | create,update,delete,exec) Router(config-rule-<operator-defined-rule1>)# action (permit | deny) 4. To assign the operator-defined group to the operator-defined rule list, include the following statement: Router(config)# nacm rule-list <operator-defined-rule-list> Router(config-rule-list-<operator-defined-rule-list>)# group <operator-defined-group> RPC or ACTION? the latter may be suitable. [Authors] accepted RFC5790 is referenced by the YANG module but is not in the I-D References [Authors] accepted feature feature* is unusual; that an identifier is a feature is usually apparent from the context in which the identifier is used and so including 'feature' in the name is redundant [Authors] accepted And to state the obvious the formatting lacks leading spaces which will doubtless get fixed some time. [Authors] The RFC editor will fix it in the future.