Re: [VRRP] draft-ietf-vrrp-unified-mib-07.txt MIB Dr. Review

HI Joan,

My comments inline.

MIB Compiler: SMICng
--------------------

W: f(VRRP-MIB.my), (437,8) Row "vrrpAssociatedIpAddrEntry" has indexing
   that may create variables with more than 128 sub-ids
W: f(VRRP-MIB.my), (158,23) Row "vrrpOperationsEntry" does not have a
   consistent indexing scheme - index items from current
   table must come after index items from other tables
W: f(VRRP-MIB.my), (453,23) Row "vrrpAssociatedIpAddrEntry" does not have
   a consistent indexing scheme - cannot specify an index item from
   additional "base row" vrrpOperationsEntry, since can have
   only one "base row" which is ifEntry

WRT the INDEX To Large error.  I think this was addressed by Bert Wijnen in 
prior
versions but I don't see any wording in the DESCRIPTION clause or any SIZE 
limit
on the Index vrrpAssociatedIpAddr.  So something like this (and some text 
describing
why the size limits in the DESCRIPTION clause would be appropriate. 
Additionally,
the vrrpOperationsInetAddrType should be restricted.

       vrrpAssociatedIpAddr OBJECT-TYPE
           SYNTAX       InetAddress (SIZE(0|4|16))
           MAX-ACCESS   not-accessible
           STATUS       current
           DESCRIPTION

[Kalyan>] Will do. 

Please discuss the other 2 warnings wrt Indexing.  Specifically, why are
tables using AddrType, VrId and ifIndex, rather than ifIndex, VrId, 
AddrType?
(Please see comment below regarding section 8.)

[Kalyan>] The table indexing order was suggested by Bert during very initial review of the draft. The comment was that it would be easier for the administrator to sort based on the address type. Though I am not sure if I changed from ifIndex, VrId, AddrType. I probably had it wrong at that time too. I will change this ifIndex, VrId, AddrType 

MIB Compiler: SmiLint
------------------------
mibs/VRRP-MIB.my:437: [5] {index-exceeds-too-large}
   warning: index of row `vrrpAssociatedIpAddrEntry'
   can exceed OID size limit by 142 subidentifier(s)

Comments
--------

1)NIT:  Does not strip cleanly with SmicngPRO mstrip
(This doesn't need to be fixed for MIB Dr. review, just
as an fyi).

[Kalyan>] Will fix it.

2) Please Discuss:
My understanding (based on an old email exchange (fall 2008) with the MIB 
author
and the AD of the WG at that time) was that the VRRP unified MIB
was not going to be an update of the original VRRP-MIB (RFC2787), but
rather a new MIB based on the new unified spec that was being
created.  There are a couple issues that I'd like clarified wrt to an
updated MIB (this draft) vs. a new MIB:

A) draft-ietf-vrrp-unified-spec-05.txt, section 8.4 states "that VRRPv2 and 
VRRPv3
interoperation is optional" and the
recommendation is that it should only be done for transitioning from
VRRPv2 to VRRPv3.  A new MIB (rather than an updated
MIB) would likely re-enforce the guidelines from the specification.
Could you discuss why an updated MIB is better in this regard?

B)  Additionally, this new MIB is based on a MIB that is 10 years old 
(RFC2787),
while not specifically an issue, I do see that this updated MIB is
using older MIB conventions.  Not a show-stopper but certainly a
consideration.  Was this considered?

C) Comment: Most of the MIB objects contained in RFC2787 are deprecated
by this MIB. This indicates that creating a new MIB would be
fairly straightforward.

[Kalyan>] We had this discussion during the first draft. At that time updating made more sense but now with a separate unified spec, probably creating a new MIB would be better. Also my reasoning was that the previous draft has gone through multiple reviews and revisions, I wanted to just make the required changes to quickly get this done with less issues (and less work from me :) ).  But, I see your point, a new draft would certainly be much cleaner and probably the way to go.

3) The terminology of this document does not consistently utilize the 
Definitions
outlined in the draft-ietf-vrrp-unified-spec-05.txt.  So for example,
VRRP is used in places to mean VRRP Router.  The use of IPvX is not
done.  Would be better to be consistent between the spec and the MIB.

[Kalyan>] Will be more aware of this in the next revision.

4)  DEPRECATED OBJECT DESCRIPTIONS:

Way back when, Dave Perkins suggested starting the DESCRIPTION clause
for a deprecated object with:

"This object is DEPRECATED.  This is done because..."
followed by the original description.

While you have done a great job including the reasons why an object was
deprecated, could you move this to the beginning of the DESCRIPTION clause
(rather than end)?

[Kalyan>] Will do.

5) Title: Please mention that this is Version 3 somewhere in the title
(as does the specification)

[Kalyan>] I remember asking Mukesh if we should change the title and I think he mentioned that we keep the same one. We can change the title if we are going with a new MIB.

[Kalyan>] 
6) Section 4. Relationship to RFC2787

The following sentence is troublesome because the MIB Module "deprecates"
objects and does not obsolete them.  While you may be trying to indicate
that this document will obsolete RFC2787, that is not exactly clear.

(perhaps, this is another reason to create a new MIB module vs. an updated
one?)

   "RFC2787 [RFC2787] defines managed objects for VRRP over IPv4 and is
   now obsoleted by this memo."

[Kalyan>] I was meaning to say that this document will obsolete RFC2787. I get it :), going to a new MIB probably is the right thing.

7) Section 5. Relation to Interface Group (IF-MIB)

A) Please remove the word "physical" in front of physical interface.
[Kalyan>] Will do.

B) Should specify a reference such as:  The VRRP-MIB Module imports
ifIndex from the IF-MIB.  At this time, the latest version
of IF-MIB is from [RFC2863].

C) A reference to [RFC2863] needs to be provided in the
Normative References.

[Kalyan>] Will do

8) Section 7. VRRP MIB Structure

This section should discuss the relationship between the tables.

The groups listed are part of the conformance, and while okay
to mention these, that really isn't the MIB's structure.

NIT: Should have a (3) before "The vrrpAssociatedIpAddrTable"

[Kalyan>] Will do.

9) Section 8. VRRP MIB Table Design

The MIB design should focus on indexing the tables such that
the table lookups are more advantageous for the device (e.g. router),
 not the NM app.  The NM app should be able to
handle rearranging data for display purposes.

I would like to see a discussion of the indexing wrt the device.
The warnings from the MIB compiler indicate that there may be a
better indexing (table structure) available.  That doesn't mean
that you need to resolve the warnings, but I would like to see
some text included which shows why the chosen indexes are
advantageous for the VRRP router, and the Virtual Routers.

IMHO, if an interface goes down,
then would be probably more advantageous
to know the Virtual router(s) associated with that interface.
(and subsequently the IP addresses on those Virtual Routers).

Please combine Section 7 and Section 8.

[Kalyan>] I do not have any strong reasons for the indexing, As I mentioned, It was suggested in the earlier meeting and it remained that way during all these revisions. I will change this to ifIndex, VrId, AddrType

10) Section 9.

Thank you for these examples.

11) Section 10.  Please specify that this is
the VRRP MIB Module Definition

* DATE and REVISION dates need to be updated.

* VrId (Textual Convention)

There is already a VrId in RFC2787. While it looks as if the
only difference is the DESCRIPTION clause, need to caution against
doing redefining this.  I would suggest creating a VRID TC and
making the DESCRIPTION simple, for example:  This value uniquely identifies 
a
Virtual Router on a VRRP router.

While the remaining text is informative, it is not really necessary.
Please also give a REFERENCE clause for this.

[Kalyan>] Agreed.

* vrrpNodeVersion

This scalar has correctly been deprecated, but I don't see any
version object replacement in a table.  Why not?  (There is
field in the protocol for this.)

[Kalyan>] This MIB would support only version 3 of the protocol and hence I removed the version from the table.

* vrrpNotificationCntl, vrrpTrapNewMasterCntl, vrrpTrapProtoErrorCntl

Could notifications be generated or not, using
RFC3413?

[Kalyan>] Notifications could be filtered/generated using RFC3413. I added these to conveniently control notifications within this MIB (Based on request from some one on the mailing list) You suggest we getrid of these?

*StorageType objects:

If an operator configures the VRRP Router with Virtual Router(s)
and IPvX addresses then I suspect that this information would be
saved to nonVolatile storage.  Do you agree?

In other words, I'm trying to think of a scenario when an operator
wouldn't want to save this information (once he/she is satisfied with
the configuration) in the sake of simplification, would there be
benefit to just state that the configuration should be saved
to NV storage?  If so, then
the use of StorageType objects in this MIB could be removed and
replaced with text in the Table Entry DESCRIPTION.

(RFC4181, Section 4.6.4 specifies that StorageType objects can be
used OR, the Table Entry DESCRIPTION clause specify what happens
to dynamically-created rows after an agent restart.)

[Kalyan>] I am OK with either way of doing this - Will add the text to description and remove the StorageType.
[Kalyan>] 
* RowStatus Objects

There is some discussion about having to have the corresponding
Virtual Router in vrrpOperationsState have the value of
'initialize' before changing a value in the Row, and then the
RowStatus object is supposed to not be "active(1)", but I don't
understand what values are acceptable for modifying a read-creat
object in a row?  Also, how does this impact vrrpOperationsState?

* NIT: AdminState and OperationsState, could these be renamed to use
use AdminStatus and OperStatus?

[Kalyan>] Will do.

* vrrpRouterVrIdErrors

Please verify that the DESCRIPTION is still valid for this MIB?
Should a value be added to the Statistics Table instead (i.e. on
a per Virtual Router basis?

[Kalyan>] vrId itself is invalid, so we probably cant index into the table? (as one of the indexes for the table is vrId)? May be I am not understanding the problem correctly.

* Please refrain from using the term "trap" in the current 
objects/notifications.
Please use the term "notification" as appropriate for the
current objects/notifications.  (Deprecated items are fine to leave the term
trap.)

[Kalyan>] Will do.

* vrrpNewMasterReason, vrrpTrapProtoErrReason

Where are these Enum values from?  Could you add a reference?
Also, please explain the values.

[Kalyan>] These are not defined in the spec. We just came up with possible reasons for a VR to transmission to Master state. 

* Conformance looks fine, but will review again once above MIB
Module comments are addressed.  Same with security section.

[Kalyan>] Thanks again for the detailed review. I probably is a good idea to start with a new MIB and address all the issues you raised. 

Thanks,
  -Joan

_______________________________________________
vrrp mailing list
vrrp@ietf.org
https://www.ietf.org/mailman/listinfo/vrrp

Scanned by Check Point Total Security Gateway.