IETF Logo Mail Archive

Re: [yang-doctors] [I2nsf] Yangdoctors early review of draft-ietf-i2nsf-nsf-monitoring-data-model-04

"Mr. Jaehoon Paul Jeong" <jaehoon.paul@gmail.com> Sun, 21 February 2021 08:20 UTC

Return-Path: <jaehoon.paul@gmail.com>
X-Original-To: yang-doctors@ietfa.amsl.com
Delivered-To: yang-doctors@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 78F883A1807; Sun, 21 Feb 2021 00:20:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.401
X-Spam-Level: *
X-Spam-Status: No, score=1.401 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HK_NAME_FM_MR_MRS=1.499, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URI_DOTEDU=1.999] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Wz2WMscUP0vw; Sun, 21 Feb 2021 00:20:08 -0800 (PST)
Received: from mail-lj1-x229.google.com (mail-lj1-x229.google.com [IPv6:2a00:1450:4864:20::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F3B7F3A1806; Sun, 21 Feb 2021 00:20:07 -0800 (PST)
Received: by mail-lj1-x229.google.com with SMTP id c17so46025815ljn.0; Sun, 21 Feb 2021 00:20:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=zUci+T0IOWvXRZefPnW2yC6JkMtFr2IIK1grGwzJPY0=; b=Mrm80qWXcqUL+VkVbg/82j6E4zKGHJZYb2p7HenZ8FD0AwgWjL0fbwORJp1PcEbhRL Joo7lb2Sm+3WH6UB6AmC9FkO4ft16x2LDfY9Xog1/7739PdxPobkv7b2LP0gjcv15njP gWok5DAFXPk/+VhmQ9cPjzc2NAp+sCiTUvQtoVWLhjO0lRpjQhRz9ICrKVMtOOgBktLU U6Z5rLrZH46QZiRvmUia0dy98l0tQ29vxFG57pzGhdU9Sm5qezodwTdIddD3da1oPHC/ 6Dn6Q6Vf18R2T1IExich7hQmaLEmPWV/aI63+Y2YWTeFvZ0MkMoHiCIErXjR2kq9umAG tSAQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=zUci+T0IOWvXRZefPnW2yC6JkMtFr2IIK1grGwzJPY0=; b=c1TgSjTiZ1sy4W4hAS8khFGaX2huUKekwipvVwDLFTsVeGmXZfe52ejLLDskg94CTn DAlzZvOC96xDi3eJKu/ukFzV84hzNC9Gy3hHJZ/+0L8fUoRoN5ZrA+xgVdjGYf544A5r lb+RWLgBBKtzbVu8H3zPhVkAgn0w7UU3yTklyP4/TNBL6b4+0V+dQrlZmVsqLuJXCFrP sZ04bhTJ8PDPBhYpr+iGVXUFedEhf5WrHtLcMU5dkLIWfc1NqMYqXNASg6g1Ya7l1h1o lRlgO3QElxxM38zVT+bEisxYcVkqT/PO9Facngv6PsQID5cDPLYjNhY9kMVK7ipBqKjS TCow==
X-Gm-Message-State: AOAM533mHKCuXev/Di+bdKCH2KYiR6jG/N2s4QAqDN34ps4PjP5R4sso XGwYetP9U0Qvme+Jm0kEXGYWLS9GtuhUsU8iPvs=
X-Google-Smtp-Source: ABdhPJzdM1zCZcndk3xpTb25YeYueqTnIIumaqy72UJ/gBW1nLaP90tGnEJy78ID31vArUhzr3lBjItO5yJQFIvyPKI=
X-Received: by 2002:a2e:9252:: with SMTP id v18mr4707434ljg.26.1613895605769; Sun, 21 Feb 2021 00:20:05 -0800 (PST)
MIME-Version: 1.0
References: <160192102291.6633.15935674903085952087@ietfa.amsl.com> <CAPK2DewwLOJnnj1ZEYMSvZB1Hpc-8rY1+-dFvzOkJvrT4X2jqA@mail.gmail.com> <CABCOCHRaSTLDngZnMaQFiq05AZbymJfFFVY+P_fmzuU4e3S7FQ@mail.gmail.com>
In-Reply-To: <CABCOCHRaSTLDngZnMaQFiq05AZbymJfFFVY+P_fmzuU4e3S7FQ@mail.gmail.com>
From: "Mr. Jaehoon Paul Jeong" <jaehoon.paul@gmail.com>
Date: Sun, 21 Feb 2021 17:19:31 +0900
Message-ID: <CAPK2Dexwi3KrrgpSZeDTy_oLMZJd=V=WAnZG4Doc9PV28Rs9xA@mail.gmail.com>
To: Andy Bierman <andy@yumaworks.com>
Cc: YANG Doctors <yang-doctors@ietf.org>, "i2nsf@ietf.org" <i2nsf@ietf.org>, Roman Danyliw <rdd@cert.org>, skku-iotlab-members <skku-iotlab-members@googlegroups.com>, JungSoo Park <pjs@etri.re.kr>, Yunchul Choi <cyc79@etri.re.kr>, Patrick Lingga <patricklink888@gmail.com>, "Mr. Jaehoon Paul Jeong" <jaehoon.paul@gmail.com>
Content-Type: multipart/alternative; boundary="0000000000004959e205bbd45afc"
Archived-At: <https://mailarchive.ietf.org/arch/msg/yang-doctors/OpwOm5D6Ok8u9HP2EpYkO9Ee33M>
Subject: Re: [yang-doctors] [I2nsf] Yangdoctors early review of draft-ietf-i2nsf-nsf-monitoring-data-model-04
X-BeenThere: yang-doctors@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Email list of the yang-doctors directorate <yang-doctors.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/yang-doctors>, <mailto:yang-doctors-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/yang-doctors/>
List-Post: <mailto:yang-doctors@ietf.org>
List-Help: <mailto:yang-doctors-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/yang-doctors>, <mailto:yang-doctors-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 21 Feb 2021 08:20:13 -0000

Hi Andy,
Thanks for your review on the revision and new minor comments about pyang
reporting.
I will address them and submit a new revised draft.

Thanks.

Best Regards,
Paul
-------------------------------------------------------------------------------
P.S. The following are the pyang reporting errors.

Status: Ready with nits

Nits:
pyang 2.4.0 --ietf reporting errors:

ietf-i2nsf-nsf-monitoring@2021-02-17.yang:47: warning: RFC 8407: 3.1: The
IETF Trust Copyright statement seems to be missing (see pyang --ietf-help
for details).
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1011: error: RFC 8407: 4.14:
statement "grouping" must have a "description" substatement
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1016: error: keyword
"description" not in canonical order, expected "type" (see RFC 6020,
Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1017: error: keyword "type" not
in canonical order (see RFC 6020, Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1018: error: keyword "default"
not in canonical order (see RFC 6020, Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1102: error: keyword "if-feature"
not in canonical order (see RFC 6020, Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1119: error: keyword "if-feature"
not in canonical order (see RFC 6020, Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1135: error: keyword "if-feature"
not in canonical order (see RFC 6020, Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1184: error: keyword "if-feature"
not in canonical order (see RFC 6020, Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1206: error: keyword "if-feature"
not in canonical order (see RFC 6020, Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1245: error: keyword "if-feature"
not in canonical order (see RFC 6020, Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1276: error: keyword "if-feature"
not in canonical order (see RFC 6020, Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1322: error: keyword "if-feature"
not in canonical order (see RFC 6020, Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1386: error: keyword "if-feature"
not in canonical order (see RFC 6020, Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1425: error: keyword "if-feature"
not in canonical order (see RFC 6020, Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1492: error: keyword "if-feature"
not in canonical order (see RFC 6020, Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1526: error: keyword "if-feature"
not in canonical order (see RFC 6020, Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1540: error: keyword "if-feature"
not in canonical order (see RFC 6020, Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1605: error: keyword "config" not
in canonical order (see RFC 6020, Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1610: error: keyword "key" not in
canonical order (see RFC 6020, Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1620: error: keyword "key" not in
canonical order (see RFC 6020, Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1631: error: keyword "key" not in
canonical order (see RFC 6020, Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1643: error: RFC 8407: 4.14:
statement "container" must have a "description" substatement
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1654: error: keyword "key" not in
canonical order (see RFC 6020, Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1780: error: keyword
"description" not in canonical order, expected "type" (see RFC 6020,
Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1781: error: keyword "type" not
in canonical order (see RFC 6020, Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1782: error: keyword "units" not
in canonical order (see RFC 6020, Section 12)
ietf-i2nsf-nsf-monitoring@2021-02-17.yang:1783: error: keyword "default"
not in canonical order (see RFC 6020, Section 12)



On Sun, Feb 21, 2021 at 2:10 AM Andy Bierman <andy@yumaworks.com> wrote:

> Hi,
>
> I have reviewed the module in draft-05.
> Thanks for the revision letter. That really helped make the review go fast.
> All my draft-04 comments have been addressed.
>
> I cannot figure out how to enter a new review in the IETF pages (even
> logged in),
> so it is attached here. pyang is reporting some minor style issues.
>
>
> Status: Ready with nits (see attached file)
>
>
> Andy
>
>
> On Wed, Feb 17, 2021 at 7:15 AM Mr. Jaehoon Paul Jeong <
> jaehoon.paul@gmail.com> wrote:
>
>> Hi Andy,
>> Patrick and I have addressed your comments on the following revision:
>>
>>
>> https://datatracker.ietf.org/doc/draft-ietf-i2nsf-nsf-monitoring-data-model/
>> https://tools.ietf.org/html/draft-ietf-i2nsf-nsf-monitoring-data-model-05
>>
>> I attach the revision letter to explain how to address your comments on
>> the revision.
>>
>> If you have further comments, please let me know.
>>
>> If you are satisfied with our revision, please update the YANG doctor
>> review status in the following link:
>>
>> https://datatracker.ietf.org/doc/draft-ietf-i2nsf-nsf-monitoring-data-model/
>>
>> Thanks.
>>
>> Best Regards,
>> Paul
>>
>> On Tue, Oct 6, 2020 at 3:03 AM Andy Bierman via Datatracker <
>> noreply@ietf.org> wrote:
>>
>>> Reviewer: Andy Bierman
>>> Review result: Almost Ready
>>>
>>>
>>>
>>> Major Issues:
>>>
>>>  - None
>>>
>>> Moderate Issues:
>>>
>>>  - top-level 'counters' container does not follow naming conventions.
>>>    Should start with 'i2nsf', probably 'i2nsf-state'
>>>
>>>  - There do not seem to be any writable objects in the /counters
>>>    subtree so this container should have a 'config false' statement
>>>
>>>  - top-level typedef and grouping description-stmts are self-referential
>>>    and not useful. Need to rewrite description-stmts and/or add
>>>    reference-stmts as needed.
>>>
>>>  - grouping common-monitoring-data/time-stamp
>>>    Is this a different time stamp than the one in the NETCONF
>>> notification?
>>>    The 'message generation time' sounds like the standard timestamp.
>>>    Does this object represent the event detection time?
>>>
>>>  - grouping i2nsf-system-alarm-type-content/usage
>>>  - grouping i2nsf-system-alarm-type-content/threshold
>>>    These are uint8 leafs with unclear descriptions.
>>>    Not sure why uint8 is the appropriate type.
>>>    Needs 1 or more of (reference, units, better description)
>>>
>>>  - grouping traffic-rates
>>>    Add a units statement to each leaf. Not sure what units to use
>>>    but it should be consistent. (e.g, pps, bps used in descriptions
>>>    should also be in a units-stmt)
>>>
>>>  - grouping i2nsf-system-counter-type-content
>>>    These counters should use the yang:counter32 type instead of uint32
>>>
>>>  - container counters/system-interface
>>>  - container counters/nsf-firewall
>>>  - container counters/nsf-policy-hits
>>>   The descriptions are too terse and confusing, and need a rewrite.
>>>
>>>  -  container counters/nsf-firewall
>>>  -  container counters/nsf-policy-hits
>>>     - uses i2nsf-nsf-counters-type-content;
>>>     Many of the fields expanded from this grouping all say
>>>     they refer to 'the packet'. Why are they in this global
>>>     container of counters? E.g. (src-ip, dst-ip, src-port, dst-port)
>>>     Not clear at all how the server is supposed to apply this
>>>     grouping to these containers.
>>>
>>>  - many leafs use "uint32" type for a rate.
>>>    Should add a units-stmt
>>>
>>>  - leaf counters/nsf-policy-hits/hit-times
>>>    The purpose and type are confusing and generic.
>>>    If this is a counter then use counter32
>>>
>>>  - cut-and-paste for notification-stmt content should be replaced
>>>    with grouping/uses instead. Applies to the nsf-detection-*
>>>    and the various logging notifications. Even a grouping that
>>>    has 1 object in it is better than cut-and-paste 5+ times
>>>
>>> Minor Issues:
>>>
>>>  - top-level identifiers are too generic
>>>    should have 'i2nsf-' prefix to be more reusable outside this module
>>>
>>>  - quite a lot of identities that an implementation is required to
>>> support.
>>>    If this set of identities might change a lot faster than the
>>>    notifications and counter objects, then consider putting them
>>>    in a separate module
>>>
>>>  - leaf with same type named differently; both intrusion-attack-type
>>>    - nsf-detection-intrusion/sub-attack-type
>>>    - nsf-log-intrusion/attack-type
>>>
>>>  - quite a lot of notification event types for a server to implement
>>>    and a user to manage. All are mandatory (no if-feature statements).
>>>    Some such as nsf-detection-* subset are very similar.
>>>    A section or table would be useful that showed the YANG notification
>>>    names and their purpose -- maybe a reference to another RFC
>>>    with more details
>>>
>>>  - there seems to be notifications for intrusion events and then
>>>    again for the logging of those events.  This seems excessive
>>>    but
>>>
>>>
>>>  - grouping common-monitoring-data/time-stamp
>>>    Is this a different time stamp than the one in the NETCONF
>>> notification?
>>>    The 'message generation time' sounds like the standard timestamp.
>>>    Is this event detection time?
>>>
>>>  - grouping common-monitoring-data/module-name
>>>    Is this a YANG module or some other type of module?
>>>
>>>  - there is no way to configure which notifications should be generated
>>>    or maybe how often.  YANG Push has its own dampening-period.
>>>    Since these are event stream subscriptions, not datastore
>>> subscriptions,
>>>    YANG-Push does not apply to this document at all.
>>>
>>>    If there are a lot of notifications then a server implementation
>>>    might drop some
>>>
>>>  - grouping i2nsf-nsf-event-type-content-extend/src-zone
>>>  - grouping i2nsf-nsf-event-type-content-extend/src-zone
>>>    These use type 'string'. Consider using a typedef that constrains
>>>    the string.  General comment where unconstrained string is used:
>>>    The corner-case values such as empty string are often not allowed
>>>    in implementations.
>>>
>>>
>>>  - grouping i2nsf-nsf-event-type-content-extend/rule-id
>>>  - grouping i2nsf-nsf-event-type-content-extend/rule-name
>>>  - grouping i2nsf-nsf-event-type-content-extend/profile
>>>    These objects seem to reference objects in another YANG module.
>>>    If so, then leafref types might be more appropriate.
>>>
>>>  - grouping i2nsf-nsf-event-type-content/rule-id
>>>  - grouping i2nsf-nsf-event-type-content/rule-name
>>>  - grouping i2nsf-nsf-event-type-content/profile
>>>  - grouping i2nsf-nsf-event-type-content/raw-info
>>>    These objects are cut-and-paste duplicates from
>>>    grouping i2nsf-nsf-event-type-content. They should
>>>    be in a separate grouping used by both. Also applies
>>>    to some other sets of objects
>>>
>>>  - limits issues (e.g. current-session, maximum-session
>>>    The type is uint8. This is only OK it is impossible for any
>>>    implementation to ever have or want more than 255 of them.
>>>    If some other RFC really does limit the values where uint8
>>>    is used, then that is OK. If so, a reference-stmt would help.
>>>
>>>
>>>
>>> _______________________________________________
>>> I2nsf mailing list
>>> I2nsf@ietf.org
>>> https://www.ietf.org/mailman/listinfo/i2nsf
>>>
>>
>>

-- 
===========================
Mr. Jaehoon (Paul) Jeong, Ph.D.
Associate Professor
Department Head
Department of Computer Science and Engineering
Sungkyunkwan University
Office: +82-31-299-4957
Email: pauljeong@skku.edu, jaehoon.paul@gmail.com
Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php
<http://cpslab.skku.edu/people-jaehoon-jeong.php>

v2.23.0 | Report a Bug | By Email