IETF Logo Mail Archive

Re: [Rtg-yang-coord] comment concerning draft-shaikh-rtgwg-policy-model-00

Anees Shaikh <aashaikh@google.com> Thu, 28 May 2015 05:53 UTC

Return-Path: <aashaikh@google.com>
X-Original-To: rtg-yang-coord@ietfa.amsl.com
Delivered-To: rtg-yang-coord@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B6DC1A00E0 for <rtg-yang-coord@ietfa.amsl.com>; Wed, 27 May 2015 22:53:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.388
X-Spam-Level:
X-Spam-Status: No, score=-1.388 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CGeUqCQVT7fa for <rtg-yang-coord@ietfa.amsl.com>; Wed, 27 May 2015 22:53:32 -0700 (PDT)
Received: from mail-oi0-x22d.google.com (mail-oi0-x22d.google.com [IPv6:2607:f8b0:4003:c06::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3A7731A00DC for <Rtg-yang-coord@ietf.org>; Wed, 27 May 2015 22:53:32 -0700 (PDT)
Received: by oifu123 with SMTP id u123so24599655oif.1 for <Rtg-yang-coord@ietf.org>; Wed, 27 May 2015 22:53:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=fDKpwFWawAEJTx36yqEn6K9uoCkeY1dsRZt3MrNYPgc=; b=QDPLh9AHay+maL9p4j5TfSXobe2YzhvInWWSJoLar8JHGIQzmlkjI8bOksZ00s5Mmk mJd3+SvrmN2MwUjLitPXPwPbphEwEuioS9K6Cvl6Y/s5KhuDYwVmMnOb+124cC7lJwi2 HoU7NI9B1O6QJcNbYMeKZSNyO5GAznqx7OZQqoW+ARByh9uoQCOJRV8XARuJCZGXADaQ 4hiu0Ns30mEa17HDrLly/OSCy5S7oj0QSn/gpLbMNgNC0WJEGqdj0SoMuy/fB9XgU+kB 3Q4kVemRsoywdjTp1ASqGKaM+977KBzqEMoTAA471K6QD+0KIxnjl/VTZXadWhinLSw7 OE4w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=fDKpwFWawAEJTx36yqEn6K9uoCkeY1dsRZt3MrNYPgc=; b=TaZnjKsNtVDHpt9LWmT9ascOvNdjyMpbfowO3Kjzyg1t598lNLZZP3EE24G3MYQy1K pQPkA5EfM2yKm2L28hWIQ9T6+bfVCXZazggImdgTG5KgZau1IZvw0rC8iQUjpp3ajILQ MQuof6Bahietl61d6vb3llS7L1U0J0MXisxwcHe0/PBZeNpRWldFv88j7jfv3bpXhmNa QuKAZxNtDlKt1S3TthEZRTvd1ns7U7+DUwPzBMIjYlzcVnyrPOkj/7+CIGG+Nr4lHuWN PwgL85ffnYk8I0IjP5JpJCGBNbV8Ms1/RotbkhBfXEqijV39AbUFrVkxwYHV6+H2O6hH CgPQ==
X-Gm-Message-State: ALoCoQnF8/T5sIPyjBwi5BNUJ2DnDm4oWf0xQZJJEN3qwlBrAGRmR5yGurlA3eUzWqUzQ+URvAzX
MIME-Version: 1.0
X-Received: by 10.182.111.231 with SMTP id il7mr961183obb.15.1432792411522; Wed, 27 May 2015 22:53:31 -0700 (PDT)
Received: by 10.182.144.228 with HTTP; Wed, 27 May 2015 22:53:31 -0700 (PDT)
In-Reply-To: <15B43214-AE84-49C0-A83B-9E4DB6184CC6@cisco.com>
References: <20150527122452.GC41087@elstar.local> <CAJK7ZqKHEYpD3nb8J5hjbex=NVhAAtURHWw5jGKxdrRWZe+sCw@mail.gmail.com> <D18B6A36.1F437%acee@cisco.com> <15B43214-AE84-49C0-A83B-9E4DB6184CC6@cisco.com>
Date: Wed, 27 May 2015 22:53:31 -0700
Message-ID: <CAJK7Zq+9bFvuW79Cv5eg9E+189PW8zZ0aSHFCvPWSy-Pf=ksDQ@mail.gmail.com>
From: Anees Shaikh <aashaikh@google.com>
To: "Acee Lindem (acee)" <acee@cisco.com>
Content-Type: multipart/alternative; boundary=089e01536862ba1cbd05171dfa21
Archived-At: <http://mailarchive.ietf.org/arch/msg/rtg-yang-coord/GvKa5AoLs3LIKotIBfzgiVQgG9Q>
Cc: "rtg-yang-coord@ietf.org" <Rtg-yang-coord@ietf.org>, Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
Subject: Re: [Rtg-yang-coord] comment concerning draft-shaikh-rtgwg-policy-model-00
X-BeenThere: rtg-yang-coord@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "\"List to discuss coordination between the Routing related YANG models\"" <rtg-yang-coord.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-yang-coord>, <mailto:rtg-yang-coord-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtg-yang-coord/>
List-Post: <mailto:rtg-yang-coord@ietf.org>
List-Help: <mailto:rtg-yang-coord-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-yang-coord>, <mailto:rtg-yang-coord-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 May 2015 05:53:35 -0000

hi Acee, thanks for the comments -- we debated these same questions :-)

This approach was based on the wish to avoid operators having to worry
about specifying an ipv4 prefix list separately from an ipv6 -- no major
implementation has this separation today (though it could be considered).

If using inet:ip-prefix type instead of inet:ip-address + masklength buys
us some range checking in the pattern , maybe that's another reason to
switch to using that union type instead.  We will discuss making that
update.

You're right that with a string we don't do checking on the
masklength-range field.  As I mentioned earlier in the thread, this was to
accommodate a simple way to express an exact prefix (several
implementations do something similar).

Among OpenConfig operators, after some debate, we generally try to balance
the amount of validation in the model itself, with maintaining flexibility
and simplicity.  In other words, we don't believe the model needs to
prevent every conceivable error -- the implementation also has to
participate by rejecting invalid / unsupported configuration.  That said,
where it's easy to add validation, we have tried to include it, though
ranges, defaults, min/max values, etc. get harder when trying to build
something vendor-neutral.

Same applies to your correct comment that the current construct
theoretically allows one to mix address types in the prefix list.
Interestingly, some implementations allow you to create such a list, but
fail later when you try to use it in a policy.   We've chosen for now to
allow it (again for simplicity), but explicitly say in the description that
most implementations will reject a prefix-list with mixed address types.

thanks.
-- Anees



On Wed, May 27, 2015 at 9:57 AM, Acee Lindem (acee) <acee@cisco.com> wrote:

>
>  On May 27, 2015, at 12:47 PM, Acee Lindem (acee) <acee@cisco.com> wrote:
>
>  Hi Anees,
> I had noted problems with the prefix-lists in the draft as well but hadn’t
> got around to raising them. One thing about the masklength and
> masklength-range is that there is no validation in the model snippet below.
> In other words, there is nothing to express that the masklength must
> between 0..32 for IPv4 addresses and 0..128 for IPv6 addresses  (this is
> enforced by the ip-prefix type from RFC 6991). Similarly, as a string there
> in no inherent validation of the masklength-range (e.g., both values must
> be >= masklength, second value must be >= first-value, and both values must
> be >= AF specific limit).
>
>
>  Of course I meant "<= AF specific limit”.
>
>  Thanks,
> Acee
>
>
>   Also, there is nothing to prevent one from mixing IPv4 and IPv6
> prefixes in the same length which is definitely not allowed for the
> prefix-lists we all know and love.
> Thanks,
> Acee
>
>   From: Anees Shaikh <aashaikh@google.com>
> Date: Wednesday, May 27, 2015 at 12:09 PM
> To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>de>, Routing
> YANG <rtg-yang-coord@ietf.org>
> Subject: Re: [Rtg-yang-coord] comment concerning
> draft-shaikh-rtgwg-policy-model-00
>
>   Juergen, you're right that prefix-lists in the model turned out to be a
> bit problematic as currently defined.  We've updated the model in the most
> recent revision after going through some translations of our configs to the
> OpenConfig model and running into some issues.  The updated version looks
> more like the following:
>
>  list prefix {
>           key "address masklength masklength-range";
>
>            leaf address {
>             type inet:ip-address;
>           }
>
>            leaf masklength {
>             type uint8;
>           }
>
>            leaf masklength-range {
>             type string {
>               pattern '^([0-9]+\.\.[0-9]+)|exact$';
>             }
>          }
> }
>
>  The model used address and a separate masklength so that range checking
> could be performed on the mask.   We've since removed the range-checking in
> favor of simplifying to keep a single prefix list for both address types,
> ipv4 and ipv6.
>
>  The original model had the problem you mention, which is that all keys
> must be mandatory, including masklength-range, which meant there was no
> simple way to express an exact prefix other than, e.g., 21..21 which we
> didn't think was desirable.  Changing the masklength-range to a string
> allows a more flexible pattern (including an 'exact' setting).  The
> masklength-range is included in the keys to make the list have unique
> members.
>
>  I think we could also consider your suggestion to use a inet:ip-prefix
> instead of address since we're not doing range-checking on the masklength
> in the current approach -- will discuss with the co-authors.
>
>  Agree with your suggestion to make the XML examples more conformant
> (they should certainly validate), though we've only been using ad-hoc
> namespaces for models that are not IETF WG models so far.  My understanding
> is that this is the recommended practice.
>
>  thanks.
> -- Anees
>
>
> On Wed, May 27, 2015 at 5:24 AM, Juergen Schoenwaelder <
> j.schoenwaelder@jacobs-university.de> wrote:
>
>> Hi,
>>
>> I have read the document and I have a small comment.
>>
>> - You define a list 'prefix' in the list 'prefix-set' which is keyed
>>   by three leafs. As a result, all three leafs are mandatory. Your XML
>>   instance snipped in section 10 does not validate because it is
>>   missing mandatory key elements. I wonder (a) why did you not use
>>   inet:ip-prefix instead of the pair inet:ip-address and a unit8
>>   masklength. And given the desire to represent a prefix range, would
>>   a special syntax not make sense, e.g. an extension of ip-prefix,
>>   lets call it ip-prefix-range, that allows to express a range of
>>   prefixes:
>>
>>   10.3.192.0/21-24 -> 10.3.192.0/21
>>                       10.3.192.0/22
>>                       10.3.192.0/23
>>                       10.3.192.0/24
>>
>>   If the '-24' part is made optional, your prefix list will be
>>   collapsed to a simple
>>
>>   list prefix {
>>       key prefix-range;
>>
>>       leaf prefix-range {
>>           type ip-prefix-range;
>>       }
>>   }
>>
>>   Such an ip-prefix-range type may even be a useful addition to
>>   ietf-inet-types.
>>
>> - The XML snippets are nice but it would be cool if they were using
>>   proper namespaces and validate against the data model. Perhaps
>>   something to consider for -01. The pyang tutorial provides examples
>>   how to validate XML snippets against YANG definitions.
>>
>> /js
>>
>> --
>> Juergen Schoenwaelder           Jacobs University Bremen gGmbH
>> Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
>> Fax:   +49 421 200 3103         <http://www.jacobs-university.de/>
>>
>> _______________________________________________
>> Rtg-yang-coord mailing list
>> Rtg-yang-coord@ietf.org
>> https://www.ietf.org/mailman/listinfo/rtg-yang-coord
>>
>
>    _______________________________________________
> Rtg-yang-coord mailing list
> Rtg-yang-coord@ietf.org
> https://www.ietf.org/mailman/listinfo/rtg-yang-coord
>
>
>

v2.8.7 | Report a Bug | By Email