Re: [Netconf] Netconf Notification: One last bit of Discuss: Session Accumulation

[Juergen Schoenwaelder <j.schoenwaelder at jacobs-university.de>]

On Mon, Jun 16, 2008 at 07:52:51AM -0400, Sharon Chisholm wrote:
 
> If a malicious or buggy NETCONF client sends a number of
> <create-subscription> requests  without ever terminating any of them,
> they will accumulate subscriptions and begin to use up system resources.
> They do so while accumulating NETCONF sessions and when the underlying
> NETCONF session is terminated, so is the Notification subscription. The
> <kill-session> operation should be used to terminate any suspect NETCONF
> sessions.

I do not understand the second sentence. And who is "they" in the
first sentence? What about this wording:

  If a malicious or buggy NETCONF client sends a number of
  <create-subscription> requests, then these subscriptions accumulate
  and may use up system resouFrom netconf-bounces at ietf.org  Mon Jun 16 10:09:38 2008
Return-Path: <netconf-bounces at ietf.org>
X-Original-To: netconf-archive at ietf.org
Delivered-To: ietfarch-netconf-archive at core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1])
	by core3.amsl.com (Postfix) with ESMTP id 809FB3A6977;
	Mon, 16 Jun 2008 10:09:38 -0700 (PDT)
X-Original-To: netconf at core3.amsl.com
Delivered-To: netconf at core3.amsl.com
Received: from localhost (localhost [127.0.0.1])
	by core3.amsl.com (Postfix) with ESMTP id 3F9A83A69AF
	for <netconf at core3.amsl.com>; Mon, 16 Jun 2008 10:09:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.995
X-Spam-Level: 
X-Spam-Status: No, score=-1.995 tagged_above=-999 required=5 tests=[AWL=0.254, 
	BAYES_00=-2.599, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([64.170.98.32])
	by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id OVZNspp++pPY for <netconf at core3.amsl.com>;
	Mon, 16 Jun 2008 10:09:31 -0700 (PDT)
Received: from hermes.jacobs-university.de (hermes.jacobs-university.de
	[212.201.44.23])
	by core3.amsl.com (Postfix) with ESMTP id 914963A6859
	for <netconf at ietf.org>; Mon, 16 Jun 2008 10:09:31 -0700 (PDT)
Received: from localhost (demetrius4.jacobs-university.de [212.201.44.49])
	by hermes.jacobs-university.de (Postfix) with ESMTP id 19BDCC0040;
	Mon, 16 Jun 2008 19:10:13 +0200 (CEST)
X-Virus-Scanned: amavisd-new at jacobs-university.de
Received: from hermes.jacobs-university.de ([212.201.44.23])
	by localhost (demetrius4.jacobs-university.de [212.201.44.32])
	(amavisd-new, port 10024)
	with ESMTP id GqG-eX-z22rY; Mon, 16 Jun 2008 19:10:07 +0200 (CEST)
Received: from elstar.local (elstar.iuhb02.iu-bremen.de [10.50.231.133])
	by hermes.jacobs-university.de (Postfix) with ESMTP id 5660CC0036;
	Mon, 16 Jun 2008 19:10:07 +0200 (CEST)
Received: by elstar.local (Postfix, from userid 501)
	id 37FBE5D3565; Mon, 16 Jun 2008 19:10:06 +0200 (CEST)
Date: Mon, 16 Jun 2008 19:10:06 +0200
From: Juergen Schoenwaelder <j.schoenwaelder at jacobs-university.de>
To: Sharon Chisholm <schishol at nortel.com>
Message-ID: <20080616171006.GA5003 at elstar.local>
Mail-Followup-To: Sharon Chisholm <schishol at nortel.com>,
	netconf at ietf.org
References: <713043CE8B8E1348AF3C546DBE02C1B4150B48B3 at zcarhxm2.corp.nortel.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <713043CE8B8E1348AF3C546DBE02C1B4150B48B3 at zcarhxm2.corp.nortel.com>
User-Agent: Mutt/1.5.18 (2008-05-17)
Cc: netconf at ietf.org
Subject: Re: [Netconf] Netconf Notification: One last bit of
	Discuss:	Session Accumulation
X-BeenThere: netconf at ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: j.schoenwaelder at jacobs-university.de
List-Id: Network Configuration WG mailing list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/netconf>,
	<mailto:netconf-request at ietf.org?subject=unsubscribe>
List-Archive: <https://www.ietf.org/mailman/private/netconf>
List-Post: <mailto:netconf at ietf.org>
List-Help: <mailto:netconf-request at ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>,
	<mailto:netconf-request at ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: netconf-bounces at ietf.org
Errors-To: netconf-bounces at ietf.org

On Mon, Jun 16, 2008 at 07:52:51AM -0400, Sharon Chisholm wrote:
 
> If a malicious or buggy NETCONF client sends a number of
> <create-subscription> requests  without ever terminating any of them,
> they will accumulate subscriptions and begin to use up system resources.
> They do so while accumulating NETCONF sessions and when the underlying
> NETCONF session is terminated, so is the Notification subscription. The
> <kill-session> operation should be used to terminate any suspect NETCONF
> sessions.

I do not understand the second sentence. And who is "they" in the
first sentence? What about this wording:

  If a malicious or buggy NETCONF client sends a number of
  <create-subscription> requests, then these subscriptions accumulate
  and may use up system resources. Inrces. In such a situation, subscriptions
  can be terminated by terminating the suspect underlying NETCONF
  sessions using the <kill-session> operation.

/js

-- 
Juergen Schoenwaelder           Jacobs University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1, 28759 Bremen, Germany
Fax:   +49 421 200 3103         <http://www.jacobs-university.de/>
_______________________________________________
Netconf mailing list
Netconf at ietf.org
https://www.ietf.org/mailman/listinfo/netconf


 such a situation, subscriptions
  can be terminated by terminating the suspect underlying NETCONF
  sessions using the <kill-session> operation.

/js

-- 
Juergen Schoenwaelder           Jacobs University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1, 28759 Bremen, Germany
Fax:   +49 421 200 3103         <http://www.jacobs-university.de/>
_______________________________________________
Netconf mailing list
Netconf at ietf.org
https://www.ietf.org/mailman/listinfo/netconf