IETF Logo Mail Archive

Re: [yang-doctors] [I2nsf] Yangdoctors early review of draft-ietf-i2nsf-nsf-monitoring-data-model-04

Reshad Rahman <reshad@yahoo.com> Tue, 23 February 2021 03:31 UTC

Return-Path: <reshad@yahoo.com>
X-Original-To: yang-doctors@ietfa.amsl.com
Delivered-To: yang-doctors@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B04B3A251B for <yang-doctors@ietfa.amsl.com>; Mon, 22 Feb 2021 19:31:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yahoo.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q6FhDHtKa6Yg for <yang-doctors@ietfa.amsl.com>; Mon, 22 Feb 2021 19:31:29 -0800 (PST)
Received: from sonic305-3.consmr.mail.bf2.yahoo.com (sonic305-3.consmr.mail.bf2.yahoo.com [74.6.133.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 617FF3A2523 for <yang-doctors@ietf.org>; Mon, 22 Feb 2021 19:31:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1614051088; bh=dr0r3MLntc9dtkfgD/tiSBRcL745A3Lk+gtUfOJgvtU=; h=Date:Subject:From:To:CC:References:In-Reply-To:From:Subject:Reply-To; b=jJH/Kye7Ikj9otapKe/58y8mwI69kMebsUXOqfXdioRMdCOkqv77/HCrjAPdyJICH0YoDjVYVHjIMjAqKIuTus4dSuli0viSzxYREKlVY6ifh/Ei26mVUpWWOTyU8Z35N6jJ41ibFUtB0UAhLKM49kILvmVVUzGRUHQ0I6fmy7JjHxhPR/FJ03FTQPdkInjJ+iSbO9hFcyBQI0lULy6hiScLypRv5J2pZ6GnaRhhQ1dXdyvb6CyqVgfu7fB5Bj87e2YWViPDxX4KyZpUbhkwqJAwiQuN9dJBMFP5T9BxsxrpXsYQ/k8Ibu+Pi2+FYupP+qwn7iEUAuVsT/GEAHI/vQ==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1614051088; bh=bu13CAeVs6y02bEl0uP4w31ew/5A7STH8yJG+2yUV/v=; h=X-Sonic-MF:Date:Subject:From:To:From:Subject; b=OAHCDdz6thDH3pGEFTsf5q9Bj0BfLl5UiCk6by+FMJUgIwICcOnuPaf0rUZrEc0rgkDft0Zdrdq6OYQ13GKUnTw9DUlPVwj83v8ad8YO9dHvMiR/NdahicLo5dbbrp4/lDs8X33NNZ1xGZRSkhxXM8ekI34QH4foKjuTH7VN+1IndaOQGOqRETqJIoT8S5KTVya65RWv84GKu9iKYrRWLsU5w2MsuMCMeKkJ9WQYUwEuXHZFBIOqbLtVJ+NzFs70vdKEAgHS3KQwW6qcDbRiT36JkTOW6ta5RwRXJt5V1bWlACTeG8ipXNn7PQapxcv3w62oOT7a0de1N+FD7XMp9w==
X-YMail-OSG: fapx6fkVM1mfV148hwJGqabTy3dI5EYG18dDAO5tf5ZQNiZpnjdub0KV6KxPqVD dpKF_iDKY1cJcKxAHZHDA90sOoXDwnPn7u4JnMDVHSiADwKWV9F5EBWC1hH4mQhdFKaGevsHQVyq rJ9MnBun_YAHgjJEqIVF0LK5pPQlgHmk5gwzrbUbRTxNh2kqK5DpryNV5bo1i9FHGsMT.LVz2i4K YmUgL7tZCG4ytGYqMW.JB9Y3QhOR8R0IuxVPxndHCfqQZEl9jah6w7PwNdJc2bxSKFDeFJUQOBPt j4IoGI4OlOaH1kE7SkSnbJQ808ogy0ybrFJiKO7RZsESz9WdeX4V1Fv8CUN_FhC9npnaeV5FeyEL T7DHbgMO6MtFfR.2VrtQkCjmTXM_6WJwkpfxabmQU9Y1jfS668GyCrtgt6NVpXJCEdu.hw6S8v1Y 2kj9OYYwUD6HV2qfHPIHqBq9gA_e0gye1FlfSpOx65Mw8IAop4LIDs6HG2jsYmjn9uDS259tNA.h DucsmVkXu1xK9DyRamoXTOI.h97kRT9S1.Hy2VZQ2Plt8LjfUqE5Y.0uYTp.5qvFsKujeJpSFI36 3CxJbJvVopSjyrVhqlyKmwJKKgKCDXCsFQpVunJ0gWIE4wjhVU2aG2fYt_5_Uu9A6Gt_0gYcu0qL PYi1aFgD3Q7cWHV.twXwDJIsisQgruFAE_mLqlbxVqaxo8nRJY_oA_KSDPDORN32DI2fEc2.OvpI 49iXvgaStShKKFsJ31lbDgnONnkpAQa1Qnn27ryvnYqr0FN3f_R9ldsqYSIgzXxCSs6x8zAH.P4F JlqTdb6ER2FtbtmvBJuxP8cukwLeOMHeUf2jN5W5VCf4MNsKt6X8dSifx10_2RhDIDzZOl9gPTqE pPPdY93yaykAPoNoApf.AMC3uwoCrizNtriSsgblgNreEqAl6DE9hsrVc.K2rAyVeDl58q1u80u. 53obWgtynIM_One5gAHg.3mP_LwOEJiDur0wpPGWiTjAaEK0uCqyLBE_Gk1SE66FDclvnFtZj3Zk rJK0NP127J3qSOoUkPvd74z8oF5HYWgYifgmTx.cZ2RbGK0RbfHGQT3Ws4m.Tqqy0BabY7ER5mJS vIjSGHI44Jr9YDZ6sTLgnFl8r3GOhZuE9V28V14Rj4EE1l4J.wnS4oC1Sxw41Q8A.6iTuMy_EMp6 aXajCtw1R9j1y.feW618uvrdP4CDRAUdELlT.AgLw8Ej4LmoIeMgAhLeq81p45lvFMX8UXwtMncx Y5YgKM8r0IOU_rvqvnOiE4J7SaPyveVBcw.vvmLkhGNURbxiuccWyuBYE..JtG3yXVGfHAx_J6fM UMFYDfQVtZtUUNaQ8crFOPLYnWdxedjqLWDDO6jK6nIzvVhyFzrniH0UBqeEX_vF6uvQLqyD78wQ skF2iaqAHaJ7fSQNBrFlRTYSzRa4gSpzpVcNSM5TCnjvVW9jQy8YM4qmI3RilzdDQtPmYW3sL.aX Ysno3hV5cnQrYF2YJjDg_jacSXdqdPaWt1qwZzC4S49yRIbruM_SkJHHzdSPXqPqzP47ZHPDdwhJ EcF8iWY4TqFGUAYNaIWhckFbPqTYJPWbxKjP2cRQ60Lk3Snn38CPA4GCG8P4RMIvHWzzP.GnPW7a ztbie5Gsh.hY.tXpSIodTR1LC.u.kYkinn5GqePdrWWdxATfQZaiExiPUE0WlYpiT68CAYrb3I_A ZuuSV.sohFj9QBg.0vsduPqeINPgpVtTWaT_rVsY0s486XbIDseKCPA0rdaGXOsMmZgi0m7FPCaz vLKMFjOEjJwekXQ6yrLSD6aZEu.1LQ2RFpWLQisJ2Bi9KCKQO3zHmLZ8S_U.a0ojiCrSO7o0vZYW 1E1gzqMSAVwYrpT28i77R51nu642vmfkdIpF6YlRAtKEIqISvr_2X5Zqf6XdznBG6FBgKzrey1AL PW2eiD.oX.SIJZ_z63PyycbPufKU7FudgqKxdPPXkI6JqKW0rey1B.nr96OhB9eDUbYSDxZCfnFV kmTJ4YizC7PdeN5tvKBjiIE4ybat1EwHi6VJk5_X1UrU1oPm.n3uWSXwabNEj1JwV3na6p0gxrbL NDUM7H5iHc9kTcPRH2B4cqw6DTomUqF9hl1MkEEA3BcfUA1DM.8897ciJt7qvIA9r6XarwuayVfX D3x3SroB9ushCGgvkYREPlFwbZyG9z5RbhRr9QljJoUzuElN6315c_K_ntI9AFZtfahADr6eS9YE iWE2hKGg9Zej_IVkgMDcPw_ZVywE0hDaqxU6RCYUYSY6lEjnS1vtCY3twmv5I9bU0Xmw7PYQs.Eg E4cE8dNa70_fv8ilA7YoXIGRjVB6_FJd02Jjys5v93AmjI9ZgW89MdphlZS0GzzBjMraQGWbK6Y7 Sbfa1G5BimGmr5m_pY0N_vrr5mJFtKrqiX3NPl62FZ5tT9klzDkUwdSIuzePVM6pAKWrUNxLdml5 rq6i.2052TV1ZoUoVpOw9uBN6QdmBLlkgKsWS4MhnmpnJUPf7tpWXMEa_tN3lu2HU.D5L962FQ8P gyA1IpU.kgxmvlTTyw.6pxnhCNzjHMjypiS6HUyp1Kq8dBpSawlBDPg1B_uTcthY5dBcZ32e3K4M ROIX_Crxo.PMltUsr0Z3d3xs9fA5e_VeN.UClR8ByBabEdQ5B9aeVI2PnSqSDZByu5QPEbzWMbUU GB1owfS5i.abEFC2n5hqhg0gNFMiYJ4PY.pESoOngjxgNQ9ptC6ta8AUMhVYroDLRRwGHj9JCbvN hRtlj9AH9UL.cRoggVYZBsvIrxuBa4Q8vc3CjCWQlm7Az.otpQ7MB5pIEu356nkY8_weUtp.7tEs pafEVnik4TCuHqNajZ350BwGtmGdw8su0rXDmjFwy6PVAYJV8lrfbqcfYgH565uK2ivV_6Hix2nR uVpQlA5UYaq8hawv4t7cZU8DPKV9mVywaLMJ20e0uLwDtCYr_I_vCwnJpIf3aC_l4lpmVFRUMl6W UACR3McR2t7aji9KBQmgc3fykbsNzhmzC0tpolwBDWsYjXG0vfIA7Iqaw5ZseqAI3cqtW_WnCcAK ahrDczdYX4_EjEAxCWXYG7NCoHFkFk.HY_Q--
X-Sonic-MF: <reshad@yahoo.com>
Received: from sonic.gate.mail.ne1.yahoo.com by sonic305.consmr.mail.bf2.yahoo.com with HTTP; Tue, 23 Feb 2021 03:31:28 +0000
Received: by smtp410.mail.gq1.yahoo.com (VZM Hermes SMTP Server) with ESMTPA ID bb5c09b088eea774d9349367fffe8e55; Tue, 23 Feb 2021 03:31:24 +0000 (UTC)
User-Agent: Microsoft-MacOutlook/16.44.20121301
Date: Mon, 22 Feb 2021 22:31:19 -0500
From: Reshad Rahman <reshad@yahoo.com>
To: Andy Bierman <andy@yumaworks.com>, "Mr. Jaehoon Paul Jeong" <jaehoon.paul@gmail.com>
CC: Roman Danyliw <rdd@cert.org>, "i2nsf@ietf.org" <i2nsf@ietf.org>, JungSoo Park <pjs@etri.re.kr>, Yunchul Choi <cyc79@etri.re.kr>, Patrick Lingga <patricklink888@gmail.com>, YANG Doctors <yang-doctors@ietf.org>, skku-iotlab-members <skku-iotlab-members@googlegroups.com>
Message-ID: <01E6A215-B86F-4F69-93B5-0CA124DF0A02@yahoo.com>
Thread-Topic: [yang-doctors] [I2nsf] Yangdoctors early review of draft-ietf-i2nsf-nsf-monitoring-data-model-04
References: <160192102291.6633.15935674903085952087@ietfa.amsl.com> <CAPK2DewwLOJnnj1ZEYMSvZB1Hpc-8rY1+-dFvzOkJvrT4X2jqA@mail.gmail.com> <CABCOCHRaSTLDngZnMaQFiq05AZbymJfFFVY+P_fmzuU4e3S7FQ@mail.gmail.com>
In-Reply-To: <CABCOCHRaSTLDngZnMaQFiq05AZbymJfFFVY+P_fmzuU4e3S7FQ@mail.gmail.com>
Mime-version: 1.0
Content-type: multipart/alternative; boundary="B_3696877884_1171042868"
X-Mailer: WebService/1.1.17712 mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.yahoo Apache-HttpAsyncClient/4.1.4 (Java/11.0.9.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/yang-doctors/fX-DQRma93515Yca_atY4YKRIDA>
Subject: Re: [yang-doctors] [I2nsf] Yangdoctors early review of draft-ietf-i2nsf-nsf-monitoring-data-model-04
X-BeenThere: yang-doctors@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Email list of the yang-doctors directorate <yang-doctors.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/yang-doctors>, <mailto:yang-doctors-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/yang-doctors/>
List-Post: <mailto:yang-doctors@ietf.org>
List-Help: <mailto:yang-doctors-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/yang-doctors>, <mailto:yang-doctors-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Feb 2021 03:31:33 -0000

I cannot figure out how to enter a new review in the IETF pages (even logged in),

I have run into the same issue in the past. You need to go to the actual review link, https://datatracker.ietf.org/doc/draft-ietf-i2nsf-nsf-monitoring-data-model/reviewrequest/13767/ in this case, and click on the “Correct review” button. My recollection is that this will create a newer version of the review.

 

Regards,

Reshad.

 

From: yang-doctors <yang-doctors-bounces@ietf.org> on behalf of Andy Bierman <andy@yumaworks.com>
Date: Saturday, February 20, 2021 at 12:11 PM
To: "Mr. Jaehoon Paul Jeong" <jaehoon.paul@gmail.com>
Cc: Roman Danyliw <rdd@cert.org>, "i2nsf@ietf.org" <i2nsf@ietf.org>, JungSoo Park <pjs@etri.re.kr>, Yunchul Choi <cyc79@etri.re.kr>, Patrick Lingga <patricklink888@gmail.com>, YANG Doctors <yang-doctors@ietf.org>, skku-iotlab-members <skku-iotlab-members@googlegroups.com>
Subject: Re: [yang-doctors] [I2nsf] Yangdoctors early review of draft-ietf-i2nsf-nsf-monitoring-data-model-04

 

Hi,

 

I have reviewed the module in draft-05.

Thanks for the revision letter. That really helped make the review go fast.

All my draft-04 comments have been addressed.

 

I cannot figure out how to enter a new review in the IETF pages (even logged in),

so it is attached here. pyang is reporting some minor style issues.

 

 

Status: Ready with nits (see attached file)

 

 

Andy

 

 

On Wed, Feb 17, 2021 at 7:15 AM Mr. Jaehoon Paul Jeong <jaehoon.paul@gmail.com> wrote:

Hi Andy,

Patrick and I have addressed your comments on the following revision:

 

https://datatracker.ietf.org/doc/draft-ietf-i2nsf-nsf-monitoring-data-model/

https://tools.ietf.org/html/draft-ietf-i2nsf-nsf-monitoring-data-model-05

 

I attach the revision letter to explain how to address your comments on the revision.

 

If you have further comments, please let me know.

  

If you are satisfied with our revision, please update the YANG doctor review status in the following link:

https://datatracker.ietf.org/doc/draft-ietf-i2nsf-nsf-monitoring-data-model/

 

Thanks.

 

Best Regards,

Paul

 

On Tue, Oct 6, 2020 at 3:03 AM Andy Bierman via Datatracker <noreply@ietf.org> wrote:

Reviewer: Andy Bierman
Review result: Almost Ready



Major Issues:

 - None

Moderate Issues:

 - top-level 'counters' container does not follow naming conventions.
   Should start with 'i2nsf', probably 'i2nsf-state'

 - There do not seem to be any writable objects in the /counters
   subtree so this container should have a 'config false' statement

 - top-level typedef and grouping description-stmts are self-referential
   and not useful. Need to rewrite description-stmts and/or add
   reference-stmts as needed.

 - grouping common-monitoring-data/time-stamp
   Is this a different time stamp than the one in the NETCONF notification?
   The 'message generation time' sounds like the standard timestamp.
   Does this object represent the event detection time?

 - grouping i2nsf-system-alarm-type-content/usage
 - grouping i2nsf-system-alarm-type-content/threshold
   These are uint8 leafs with unclear descriptions.
   Not sure why uint8 is the appropriate type.
   Needs 1 or more of (reference, units, better description)

 - grouping traffic-rates
   Add a units statement to each leaf. Not sure what units to use
   but it should be consistent. (e.g, pps, bps used in descriptions
   should also be in a units-stmt)

 - grouping i2nsf-system-counter-type-content
   These counters should use the yang:counter32 type instead of uint32

 - container counters/system-interface
 - container counters/nsf-firewall
 - container counters/nsf-policy-hits
  The descriptions are too terse and confusing, and need a rewrite.

 -  container counters/nsf-firewall
 -  container counters/nsf-policy-hits
    - uses i2nsf-nsf-counters-type-content;
    Many of the fields expanded from this grouping all say
    they refer to 'the packet'. Why are they in this global
    container of counters? E.g. (src-ip, dst-ip, src-port, dst-port)
    Not clear at all how the server is supposed to apply this
    grouping to these containers.

 - many leafs use "uint32" type for a rate.
   Should add a units-stmt

 - leaf counters/nsf-policy-hits/hit-times
   The purpose and type are confusing and generic.
   If this is a counter then use counter32

 - cut-and-paste for notification-stmt content should be replaced
   with grouping/uses instead. Applies to the nsf-detection-*
   and the various logging notifications. Even a grouping that
   has 1 object in it is better than cut-and-paste 5+ times

Minor Issues:

 - top-level identifiers are too generic
   should have 'i2nsf-' prefix to be more reusable outside this module

 - quite a lot of identities that an implementation is required to support.
   If this set of identities might change a lot faster than the
   notifications and counter objects, then consider putting them
   in a separate module

 - leaf with same type named differently; both intrusion-attack-type
   - nsf-detection-intrusion/sub-attack-type
   - nsf-log-intrusion/attack-type

 - quite a lot of notification event types for a server to implement
   and a user to manage. All are mandatory (no if-feature statements).
   Some such as nsf-detection-* subset are very similar.
   A section or table would be useful that showed the YANG notification
   names and their purpose -- maybe a reference to another RFC
   with more details

 - there seems to be notifications for intrusion events and then
   again for the logging of those events.  This seems excessive
   but


 - grouping common-monitoring-data/time-stamp
   Is this a different time stamp than the one in the NETCONF notification?
   The 'message generation time' sounds like the standard timestamp.
   Is this event detection time?

 - grouping common-monitoring-data/module-name
   Is this a YANG module or some other type of module?

 - there is no way to configure which notifications should be generated
   or maybe how often.  YANG Push has its own dampening-period.
   Since these are event stream subscriptions, not datastore subscriptions,
   YANG-Push does not apply to this document at all.

   If there are a lot of notifications then a server implementation
   might drop some

 - grouping i2nsf-nsf-event-type-content-extend/src-zone
 - grouping i2nsf-nsf-event-type-content-extend/src-zone
   These use type 'string'. Consider using a typedef that constrains
   the string.  General comment where unconstrained string is used:
   The corner-case values such as empty string are often not allowed
   in implementations.


 - grouping i2nsf-nsf-event-type-content-extend/rule-id
 - grouping i2nsf-nsf-event-type-content-extend/rule-name
 - grouping i2nsf-nsf-event-type-content-extend/profile
   These objects seem to reference objects in another YANG module.
   If so, then leafref types might be more appropriate.

 - grouping i2nsf-nsf-event-type-content/rule-id
 - grouping i2nsf-nsf-event-type-content/rule-name
 - grouping i2nsf-nsf-event-type-content/profile
 - grouping i2nsf-nsf-event-type-content/raw-info
   These objects are cut-and-paste duplicates from
   grouping i2nsf-nsf-event-type-content. They should
   be in a separate grouping used by both. Also applies
   to some other sets of objects

 - limits issues (e.g. current-session, maximum-session
   The type is uint8. This is only OK it is impossible for any
   implementation to ever have or want more than 255 of them.
   If some other RFC really does limit the values where uint8
   is used, then that is OK. If so, a reference-stmt would help.



_______________________________________________
I2nsf mailing list
I2nsf@ietf.org
https://www.ietf.org/mailman/listinfo/i2nsf

 

_______________________________________________ yang-doctors mailing list yang-doctors@ietf.org https://www.ietf.org/mailman/listinfo/yang-doctors

v2.23.0 | Report a Bug | By Email