Notes of the METMOD WG Session at the IETF 77 (Anaheim) 2010-03-23 David Partain: agenda discussions - May talk about security considerations in YANG modules at the end. - YANG and YANG types in IETF Last Call * Very little public comment so far. * Expect IESG review to have some comments that the authors will need to address. * Dan Romascanu: assuming comments stay low, encourage to push for April 22nd telechat. * David Partain: Important for everyone to comment on docs, even if you're happy with the document. - NETMOD Arch and YANG Usage in WGLC. * Will be updated based on mailing list comments and have one more WGLC. - DSDL mapping document in WGLC. * 3 week WGLC going on during IETF * will the apps area or maybe IESG provide DSDL experts to review this document? * Phil Shafer - DSDL learning curve is hard, are there DSDL folks reviewing it? * David Partain: IESG (APPS area) * Dan Romascanu: Asked for review on Sunday in almost impolite terms. * David Partain: Perhaps Dan Romascanu and I can discuss who to ask. * Dan Romascanu: Start with area directors, unless you know who to ask. * Phil Shafer: ask we go back to folks who are proponents of DSDL. Ask person who said "why are we doing this again"? Nobody had. - no new items added to agenda Common YANG Data Types (Juergen Schoenwaelder) http://tools.ietf.org/html/draft-ietf-netmod-yang-types-07 Status: IETF Last Call - Kent Watsen: how come there is no percentage or rate type - Bert Wijnen: there was no request - David Partain: is there a mismatch? Should there be a type? - Kent Watsen: yes, there should be a type. - Phil Shafer: or two (int and decimal64) - David Partain: suggest bringing it up in mailing list - Andy Bierman: reticent to add anything now - Vote: room yes (timid) no (stronger) to adding. Little enthusiasm for reopening the document now. - Bert Wijnen: Juergen Schoenwaelder says "yes" but not sure to which question YANG - A data modeling language for NETCONF (Martin Bjorklund) http://tools.ietf.org/html/draft-ietf-netmod-yang-11 Status: IETF Last Call Martin presented 1 slide - system-creatable: no formal mechanism will be added - changing defaults: adding a default later on is OK (added in -10) - require a new revision statement when a new version is published - Andy Bierman: empty NP containers (warning that clients must be aware that the server may delete this, so they have to be created again by the client). Ran into issue regarding NP containers. Is it OK for the server to just recreate the container. Client needs to be aware of this behavior. - David Partain: we need to make them be aware. - Kent Watsen: should we consider config(bool) --> node-type(enumeration) * Martin Bjorklund: decided to match NetCONF * David Partain: seems simple but may have big impact * Bert Wijnen: may make sense, but probably shouldn't change now * Andy Bierman: we should go back to considering operational state issues. There's a whole class of data to be considered. Just an enum won't be enough. * David Partain: feels like we're opening pandora's box. * Dan Romascanu: only catastrophic bugs should be raised now, if important then make a formal LC request * ???: Longer we wait may make it harder to add later * Straw poll: 8 said don't change, 1 said do. Overwhelming consensus not to change config-stmt now, need to confirm on mailing list. Could consider 1.0 done; work on this later * Juergen Schoenwaelder: Yang 1.0 is done, consider for next version YANG Usage Guidelines (Andy Bierman) http://tools.ietf.org/html/draft-ietf-netmod-yang-usage-03 Status: WG Last Call completed when meeting takes place - Andy Bierman: start online YANG resources - Phil Shafer: do we need to famous picture in every draft * Andy Bierman: OK with removing it * David Partain: are we going to have a normative reference issue? (4741bis) OK as long as we're not waiting for another document to show up. * Andy Bierman: will remove it - Check if filename-comment should be kept or removed. Guidelines about filename in module: * Phil Shafer: sections * David Partain: OK with removing guideline * Phil Shafer: also change note to editor * David Partain: uniformity in filename * Phil Shafer: more about extracting material from RFC * Juergen Schoenwaelder: we're not talking RFC, talking about Drafts, wrt where data comes from - that is why this is not needed * Dan Romascanu: wouldn't this guidelines apply to anything - believes such a utility would be useful * Andy Bierman: smi-strip could auto generate meta-comment * David Partain: need to resolve before updating doc - new version will have 2 missing sections * what is in these new sections: * email posted to list last month * what modelers need to think about * default values * Dan Romascanu: sections get filled in during LC * David Partain: action for Andy to fill in relevant sections - Andy Bierman: what are operations called now? * Martin Bjorklund: just "operation" * Andy Bierman: will drop s/RPC operation/operation/g - ???: comment that how YANG fits into other components need block diagram? - ???: comment that newbies need to understand the big picture need basic overview of NETCONF (you edit a database, you invoke action operations, etc.) - David Partain: Is the content right? (10 to 0, yes) - David Partain: questions? --> no more - David Partain: will Andy ask ML about filename guideline - Andy Bierman: yes NETMOD Architecture (Phil Shafer) http://tools.ietf.org/html/draft-ietf-netmod-arch-04 Status: WG Last Call completed - Phil Shafer: reviewed changes - David Partain: how many people have read it? (eight people) - Dan Romascanu: can we review the two missing sections - Phil Shafer: note to modeler and ??? (David Partain showed mail) - Dan Romascanu: Likes current draft, agrees with goals for architecture document - Dan Romascanu: missing one section - where YANG fits with NETCONF overall architecture. Missing relationship between YANG and other parts of NETCONF arch. - Mapping between YANG and NETCONF xml - Phil Shafer: section called "elements of YANG" - Dan Romascanu: not clear - Phil Shafer: will try to fix - Andy Bierman: places where glosses over details (expected) - Andy Bierman: has questions from folks about things like "key management" - Andy Bierman: want to know how NETCONF/YANG will solve their problems - Phil Shafer: asking for a new section? - Dan Romascanu: Believes Andy is asking for a NETCONF arch document. - David Partain: yes, but that's not mandate of NETMOD WG - Phil Shafer: would more words in "elements in NETCONF" section help? I understand Andy's comment, and think Dan is asking for a block diagram. - Dan Romascanu: need to help people coming and seeing this for first time. Describes components but not how they interrelate. - David Partain: suggests we get together this we to hash out - Bert Wijnen: Can discuss in NETCONF editing session this afternoon - Phil Shafer: is the content right? - Vote: 10 hands "yes", 0 hands "no" - David Partain: would really like to resolve remaining issues this week Mapping of YANG to DSDL (Ladislav Lhotka) http://tools.ietf.org/html/draft-ietf-netmod-dsdl-map-05 Status: will be in WG Last Call - David Partain: how many people have read? A few tentative hands, one hand up. - changes between -04 to -05 * not many people have reviewed this revision * changed date-and-time to map to XSD dateTime * changed uri to map to XSD anyURI * typedef derived defaults must be tagged as @nma:implicit - status * goal achieved to map YANG to DSDL - issue with generating for RPCs (not sure what the details are) - David Partain: what problems are IPFIX folks having? * Ladislav Lhotka: not valid XML with two root elements - need to put dummy wrappers * Martin Bjorklund: it's a tooling issue, it's not a YANG problem * Martin Bjorklund: issue only when trying to validate a separate instance * David Partain: not a YANG issue * Ladislav Lhotka: agreed * Andy Bierman: understand how YANG client needs to process * Andy Bierman: get everything from server, must understand how to process everything * Andy Bierman: can replicate in an offline datastore * Andy Bierman: all info from needed * Ladislav Lhotka: missing data can be passed on command line - Ladislav Lhotka: unfortunate we don't have built-in types(ip-address) - DSDL mapping can deal with deviations, enabled features, augments, etc. combined from multiple modules - pyang implementation status (details missed) - David Partain: does Ladislav have contacts in the RelaxNG world to review? - Ladislav Lhotka: knows someone, will ask him, can't promise - future work: * figure out to derive schemas for edit-config * better datatype system * define XPath extensions to convert important data types current() <= nmf:ipv4-address('192.168.1.254') - David Partain: it is in LC, it is really, Really, REALLY, *REALLY* important for folks to review Complex types and typed instance IDs and YANG Extensions Presented by: Bernd Linowski - Bernd Linowski: * How many people have reviewed draft? (5-6 people raised hands) * Reviewed changes * Motivation is top-down; first abstracting entities and then concrete refinements * Enables alignment with other SDOs resources with 1:1 mapping * Example showing container that can have descendant instances of itself (recursive definition) * Complex types can be defined where groupings are used now * Derived types can refine the ancestor * Augment is allowed where a complex type is used; the complex type itself is not augmented * Demo complex types in pyang * Shows demo definition from the draft (slightly modified) * Available from the Google code web site - Bernd Linowski: how to continue? Should this be standardized? - Ladislav Lhotka: would it be possible compile/translate to plain YANG? * Bernd Linowski: no, some things can't - i.e. recursion. Could multiply, but instance document would not map 1-1. Also issue regarding complex base types. * Ladislav Lhotka: understands complexity, but feels would need to solve anyway for RelaxNG * Mehmet Ersue: something for future work - David Partain: question of existence of NETMOD WG after docs are complete - David Partain: two questions: - is work useful to proceed? - should proceed here? - Andy Bierman: don't mind proceeding with experiment, would force server to have to understand (had no problems flattening out a tree), but not standards track. Concern about pushing OO models into the server. - Phil Shafer: can this be done is a way that works better with YANG (concepts un-YANGy/less-YANGness). Type statements are different - CT's are more that "groupings" and "uses" (grouping could "uses" another grouping). Can the syntax be better aligned with YANG? Is this going to align with YANG concepts: example: YANG type applies only to a leaf; not limited to leafs in abstract types - Ladislav Lhotka: thought about this in the past, now just a single extension key word, don't see how can express using current YANG mechs w/ same semantics - Mehmet Ersue: can try to use groupings, but gets more complex. Complex types are easier to understand than uses/groupings - Mehmet Ersue: TM Forum would like mappings as they are without changing them. Companies who want to work with OO models will adopt YANG if these complex types were available - Mehmet Ersue: apps won't use YANG natively, tools would help - Dan Romascanu: if we need extensions on standards track - Dan Romascanu: is this the appropriate mechanism? - Bernd Linowski: working on models based on TMF CIM - David Partain: concrete ex would be useful, anxious that YANG is stable, that we don't immediately start working on a 2.0 - Andy Bierman: agrees with David P's last comment - Andy Bierman: don't understand problem with using uses/groupings. How is uses/groupings harder to use than complex types? Also wondering about local grouping - can this support local groupings? Also wonder about YANG usage guidelines for when to use groupings and when to use complex types? How do modules work together that use different approaches? - Bernd Linowski: yes, that should be possible - Mehmet Ersue: if follow top-down approach, this is the right approach - Mehmet Ersue: this is a YANG *extension* - won't impact 1.0 draft - David Partain: who would like to see work continue (2 people raised hands - authors) - David Partain: how many people think it should be standards track? - David Partain: maybe better to be an experimental RFC. No consensus in the room to add to standards track. Suggestion that this be an Experimental RFC. - Mehmet Ersue: OK with it being experimental David Partain - Post IETF 77 plans - finish, finish, finish - one more WG LC for usage/arch docs - Unknown if dsdl mapping will have another WGLC since no comments received in current WGLC, at which point all chartered items will be in IESG - David Partain thinks we shut down WG - done, shows stability. Not anxious to re-charter and get new work. - Bert Wijnen: had a session on Sunday, discussed what is missing, IPFIX example - interface MIB is missing - would be good to have a core set of YANG modules (system, interface, entity) - ???: comment that SNMP mistake was focusing on new protocol versions instead of building up the content module library - David Partain: thinks that NETCONF should merge into NETCONF. No need to separate them anymore - Bert Wijnen: NETCONF WG is pretty loaded - Dan Romascanu: loves to see WG chairs fighting over work ;) - Dan Romascanu: would like to see extensions get started, doesn't care where work is done - slight pref: easier to re-charter an existing WG than start a new one. Strongly encourages to not delay writing core modules immediately - David Partain: agreed, question is who does the work - Phil Shafer: which choice will draw more people in? - Bert Wijnen: WG typically only get one session at IETF meetings - Andy Bierman: might like to see two together (same people) - Mike H: it is the same people - BEHAVE sometimes takes 4 working slots. May be easier to have just one chairs - Dan Romascanu: don't worry about meeting slots - you get what you want - David Kessens: that argues for closing down WG - Mehmet Ersue: thinks its too early to close down WG - should give a few good examples before WG goes away. Supports Bert's opinion NETCONF WG can't do everything - Andy Bierman: agrees with David Partain that closing WG sends a strong message. - Mehmet Ersue: are we really done? - still some wrap-up items Discussion of Security Guidelines - David Partain: starts discussion on Security Guidelines - Bert Wijnen: reviews converted MIB security template - Martin Bjorklund: is intention to list all nodes, or are subtrees OK? - Bert Wijnen: subtrees OK - Phil Shafer: sensitive data is different than data that will cause - vulnerability or have an operational impact - Bert Wijnen: all three should be listed - Dan Romascanu: can't just say everything is sensitive will not fly - Phil Shafer: can it be covered in the description of the node itself and - then just refer to them - Bert Wijnen: no, that's life, it's harsh - Andy Bierman: it's subjective - Bert Wijnen: we need to guide users as to how to apply access controls - Phil Shafer: can we just identify what is sensitive - or also why? - Bert Wijnen: "why" is needed (i.e. what is vulnerable) - Phil Shafer: there is read-only data - Bert Wijnen: that's the next section (goes over it) - Dan Romascanu: (missed it) - Andy Bierman: Dan's right... (whatever that was) - Martin Bjorklund: need a section for RPCs - David Partain: can send text this afternoon? - Bert Wijnen: yes - Bert Wijnen: let's first agree on text and then ask security ADs - Dan Romascanu: yes, would like to stay close to MIB text Meeting closed