| < draft-ietf-netconf-restconf-notif-02.txt | draft-ietf-netconf-restconf-notif-03.txt > | |||
|---|---|---|---|---|
| NETCONF E. Voit | NETCONF E. Voit | |||
| Internet-Draft A. Gonzalez Prieto | Internet-Draft A. Tripathy | |||
| Intended status: Standards Track A. Tripathy | Intended status: Standards Track E. Nilsen-Nygaard | |||
| Expires: September 14, 2017 E. Nilsen-Nygaard | Expires: February 5, 2018 Cisco Systems | |||
| Cisco Systems | ||||
| A. Clemm | A. Clemm | |||
| Huawei | Huawei | |||
| A. Gonzalez Prieto | ||||
| VMWare | ||||
| A. Bierman | A. Bierman | |||
| YumaWorks | YumaWorks | |||
| March 13, 2017 | August 4, 2017 | |||
| Restconf and HTTP Transport for Event Notifications | Restconf and HTTP Transport for Event Notifications | |||
| draft-ietf-netconf-restconf-notif-02 | draft-ietf-netconf-restconf-notif-03 | |||
| Abstract | Abstract | |||
| This document defines Restconf, HTTP2, and HTTP1.1 bindings for the | This document defines Restconf, HTTP2, and HTTP1.1 bindings for the | |||
| transport of Subscription requests and corresponding push updates. | transport of Subscription requests and corresponding push updates. | |||
| Being subscribed may be either Event Notifications or objects or | Being subscribed may be either publisher defined event streams or | |||
| subtress of YANG Datastores. | nodes/subtrees of YANG Datastores. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on September 14, 2017. | This Internet-Draft will expire on February 5, 2018. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2017 IETF Trust and the persons identified as the | Copyright (c) 2017 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 17 ¶ | skipping to change at page 2, line 18 ¶ | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| described in the Simplified BSD License. | described in the Simplified BSD License. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | |||
| 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 | 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 3. Solution . . . . . . . . . . . . . . . . . . . . . . . . . . 3 | 3. Solution . . . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 3.1. Dynamic YANG Subscription with RESTCONF control . . . . . 3 | 3.1. Dynamic YANG Subscription with RESTCONF control . . . . . 3 | |||
| 3.2. Subscription Multiplexing . . . . . . . . . . . . . . . . 6 | 3.2. Subscription Multiplexing . . . . . . . . . . . . . . . . 6 | |||
| 4. Encoded Subscription and Event Notification Examples . . . . 7 | 4. Encoded Subscription and Notification Message Examples . . . 7 | |||
| 4.1. Restconf Subscription and Events over HTTP1.1 . . . . . . 7 | 4.1. Restconf Subscription and Events over HTTP1.1 . . . . . . 7 | |||
| 4.2. Event Notification over HTTP2 . . . . . . . . . . . . . . 12 | 4.2. Event Notification over HTTP2 . . . . . . . . . . . . . . 12 | |||
| 5. Security Considerations . . . . . . . . . . . . . . . . . . . 12 | 5. Security Considerations . . . . . . . . . . . . . . . . . . . 12 | |||
| 6. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 13 | 6. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 13 | |||
| 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 13 | 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 13 | |||
| 7.1. Normative References . . . . . . . . . . . . . . . . . . 13 | 7.1. Normative References . . . . . . . . . . . . . . . . . . 13 | |||
| 7.2. Informative References . . . . . . . . . . . . . . . . . 14 | 7.2. Informative References . . . . . . . . . . . . . . . . . 14 | |||
| Appendix A. End-to-End Deployment Guidance . . . . . . . . . . . 14 | Appendix A. End-to-End Deployment Guidance . . . . . . . . . . . 14 | |||
| A.1. Call Home . . . . . . . . . . . . . . . . . . . . . . . . 14 | A.1. Call Home . . . . . . . . . . . . . . . . . . . . . . . . 14 | |||
| A.2. TLS Heartbeat . . . . . . . . . . . . . . . . . . . . . . 15 | A.2. TLS Heartbeat . . . . . . . . . . . . . . . . . . . . . . 15 | |||
| Appendix B. Issues being worked and resolved . . . . . . . . . . 15 | Appendix B. RESTCONF over GRPC . . . . . . . . . . . . . . . . . 15 | |||
| B.1. Unresolved Issues . . . . . . . . . . . . . . . . . . . . 15 | ||||
| Appendix C. Changes between revisions . . . . . . . . . . . . . 15 | Appendix C. Changes between revisions . . . . . . . . . . . . . 15 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 16 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 16 | |||
| 1. Introduction | 1. Introduction | |||
| Mechanisms to support Event subscription and push are defined in | Mechanisms to support Event subscription and push are defined in | |||
| [sn]. Enhancements to [sn] which enable YANG Datastore subscription | [sn]. Enhancements to [sn] which enable YANG Datastore subscription | |||
| and push are defined in [yang-push]. This document provides a | and push are defined in [yang-push]. This document provides a | |||
| transport specification for these protocols over Restconf and HTTP. | transport specification for these protocols over Restconf and HTTP. | |||
| Driving these requirements is [RFC7923]. | Driving these requirements is [RFC7923]. | |||
| The streaming of Subscription Event Notifications has synergies with | The streaming of notifications encapsulating the resulting | |||
| HTTP2 streams. Benefits which can be realized when transporting | information push can be done with either HTTP1.1 and HTTP2. When | |||
| events directly HTTP2 [RFC7540] include: | using HTTP2 [RFC7540] benefits which can be realized include: | |||
| o Elimination of head-of-line blocking | o Elimination of head-of-line blocking | |||
| o Weighting and proportional dequeuing of Events from different | o Weighting and proportional dequeuing of Events from different | |||
| subscriptions | subscriptions | |||
| o Explicit precedence in subscriptions so that events from one | o Explicit precedence in subscriptions so that events from one | |||
| subscription must be sent before another dequeues | subscription must be sent before another dequeues | |||
| 2. Terminology | 2. Terminology | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | |||
| document are to be interpreted as described in RFC 2119 [RFC2119]. | document are to be interpreted as described in RFC 2119 [RFC2119]. | |||
| The following terms use the defintions from [sn]: Configured | The following terms use the defintions from [sn]: configured | |||
| Subscription, Dynamic Subscription, Event Notification, Publisher, | subscription, dynamic subscription, event notification, publisher, | |||
| Receiver, Subscriber, Subscription. | receiver, subscriber, and subscription. | |||
| 3. Solution | 3. Solution | |||
| Event subscription is defined in [sn], YANG Datastore subscription is | Subscribing to event streams is defined in [sn], YANG Datastore | |||
| defined in [yang-push]. This section specifies transport mechanisms | subscription is defined in [yang-push]. This section specifies | |||
| applicable to both. | transport mechanisms applicable to both. | |||
| 3.1. Dynamic YANG Subscription with RESTCONF control | 3.1. Dynamic YANG Subscription with RESTCONF control | |||
| Dynamic Subscriptions for both [sn] and its [yang-push] augmentations | Dynamic Subscriptions for both [sn] and its [yang-push] augmentations | |||
| are configured and managed via signaling messages transported over | are configured and managed via signaling messages transported over | |||
| [RFC8040]. These interactions will be accomplished via a Restconf | [RFC8040]. These interactions will be accomplished via a Restconf | |||
| POST into RPCs located on the Publisher. HTTP responses codes will | POST into RPCs located on the Publisher. HTTP responses codes will | |||
| indicate the results of the interaction with the Publisher. An HTTP | indicate the results of the interaction with the Publisher. An HTTP | |||
| status code of 200 is the proper response to a successful <establish- | status code of 200 is the proper response to a successful <establish- | |||
| subscription> RPC call. The successful <establish-subscription> will | subscription> RPC call. The successful <establish-subscription> will | |||
| result in a HTTP message with returned subscription URI on a | result in a HTTP message with returned subscription URI on a | |||
| logically separate mechanism than was used for the original Restconf | logically separate mechanism than was used for the original Restconf | |||
| POST. This mechanism is via a parallel TCP connection in the case of | POST. This mechanism is via a parallel TCP connection in the case of | |||
| HTTP 1.x, or in the case of HTTP2 via a separate HTTP stream within | HTTP 1.x, or in the case of HTTP2 via a separate HTTP stream within | |||
| the HTTP connection. When a being returned by the Publisher, failure | the HTTP connection. When a being returned by the Publisher, failure | |||
| will be indicated by error codes transported in payload. | will be indicated by error codes transported in payload. | |||
| Once established, the resulting stream of Event Notifications are | Once established, the resulting stream of notification messages are | |||
| then delivered via SSE for HTTP1.1 and via HTTP Data for HTTP2. | then delivered via SSE for HTTP1.1 and via HTTP Data for HTTP2. | |||
| 3.1.1. Call Flow for HTTP2 | 3.1.1. Call Flow for HTTP2 | |||
| Requests to [yang-push] augmented RPCs are sent on one or more HTTP2 | Requests to [sn] or [yang-push] augmented RPCs are sent on one or | |||
| streams indicated by (a) in Figure 2. Event Notifications related to | more HTTP2 streams indicated by (a) in Figure 2. Notification | |||
| a single subscription are pushed on a unique logical channel (b). In | messages related to a single subscription are pushed on a unique | |||
| the case below, a newly established subscription has its events | logical channel (b). In the case below, a newly established | |||
| pushed over HTTP2 stream (7). | subscription has its associated messages pushed over HTTP2 stream | |||
| (7). | ||||
| +------------+ +------------+ | +------------+ +------------+ | |||
| | Subscriber | | Publisher | | | Subscriber | | Publisher | | |||
| |HTTP2 Stream| |HTTP2 Stream| | |HTTP2 Stream| |HTTP2 Stream| | |||
| | (a) (b) | | (a) (b) | | | (a) (b) | | (a) (b) | | |||
| +------------+ +------------+ | +------------+ +------------+ | |||
| | Restconf POST (RPC:establish-subscription) | | | Restconf POST (RPC:establish-subscription) | | |||
| |--------------------------------------------->| | |--------------------------------------------->| | |||
| | HTTP 200 OK (URI)| | | HTTP 200 OK (URI)| | |||
| |<---------------------------------------------| | |<---------------------------------------------| | |||
| skipping to change at page 4, line 41 ¶ | skipping to change at page 4, line 41 ¶ | |||
| |<---------------------------------------------| | | |<---------------------------------------------| | | |||
| | | HTTP Headers (end of stream)| | | | HTTP Headers (end of stream)| | |||
| | (/7)<-----------------------------------------(/7) | | (/7)<-----------------------------------------(/7) | |||
| | | | | |||
| Figure 1: Dynamic with HTTP2 | Figure 1: Dynamic with HTTP2 | |||
| 3.1.2. Call flow for HTTP1.1 | 3.1.2. Call flow for HTTP1.1 | |||
| Requests to [yang-push] RPCs are sent on the TCP connection indicated | Requests to [yang-push] RPCs are sent on the TCP connection indicated | |||
| by (a). Event Notifications are pushed on a separate connection (b). | by (a). Notification messages are pushed on a separate connection | |||
| This connection (b) will be used for all Event Notifications across | (b). This connection (b) will be used for all notification messages | |||
| all subscriptions. | across all subscriptions. | |||
| +--------------+ +--------------+ | +--------------+ +--------------+ | |||
| | Subscriber | | Publisher | | | Subscriber | | Publisher | | |||
| |TCP connection| |TCP connection| | |TCP connection| |TCP connection| | |||
| | (a) (b) | | (a) (b) | | | (a) (b) | | (a) (b) | | |||
| +--------------+ +--------------+ | +--------------+ +--------------+ | |||
| | Restconf POST (RPC:establish-subscription) | | | Restconf POST (RPC:establish-subscription) | | |||
| |--------------------------------------------->| | |--------------------------------------------->| | |||
| | HTTP 200 OK (URI)| | | HTTP 200 OK (URI)| | |||
| |<---------------------------------------------| | |<---------------------------------------------| | |||
| skipping to change at page 5, line 42 ¶ | skipping to change at page 5, line 42 ¶ | |||
| | | | | | | | | |||
| | | | | | | |||
| Figure 2: Dynamic with HTTP1.1 | Figure 2: Dynamic with HTTP1.1 | |||
| 3.1.3. Configured Subscription over HTTP2 | 3.1.3. Configured Subscription over HTTP2 | |||
| With a Configured Subscription, all information needed to establish a | With a Configured Subscription, all information needed to establish a | |||
| secure relationship with that Receiver is available on the Publisher. | secure relationship with that Receiver is available on the Publisher. | |||
| With this information, the Publisher will establish a secure | With this information, the Publisher will establish a secure | |||
| transport connection with the Receiver and then begin pushing the | transport connection with the Receiver and then begin pushing | |||
| Event Notifications to the Receiver. Since Restconf might not exist | notification messages to the Receiver. Since Restconf might not | |||
| on the Receiver, it is not desirable to require that such Event | exist on the Receiver, it is not desirable to require that subscribed | |||
| Notifications be pushed with any dependency on Restconf. Nor is | content be pushed with any dependency on Restconf. Nor is there | |||
| there value which Restconf provides on top of HTTP. Therefore in | value which Restconf provides on top of HTTP. Therefore in place of | |||
| place of Restconf, a TLS secured HTTP2 Client connection must be | Restconf, a TLS secured HTTP2 Client connection must be established | |||
| established with an HTTP2 Server located on the Receiver. Event | with an HTTP2 Server located on the Receiver. Notification messages | |||
| Notifications will then be sent as part of an extended HTTP POST to | will then be sent as part of an extended HTTP POST to the Receiver. | |||
| the Receiver. | ||||
| POST messages will be addressed to HTTP augmentation code on the | POST messages will be addressed to HTTP augmentation code on the | |||
| Receiver capable of accepting and responding to Event Notifications. | Receiver capable of accepting and responding to state change | |||
| The first POST message must be a subscription-started notification. | notifications and subscribed content notification messages. The | |||
| Push update notifications must not be sent until the receipt of an | first POST message must be a subscription-started notification. | |||
| HTTP 200 OK for this initial notification. The 200 OK will indicate | Notifications which include any subscribed content must not be sent | |||
| that the Receiver is ready for Event Notifications. At this point a | until the receipt of an HTTP 200 OK for this initial notification. | |||
| Subscription must be allocated its own HTTP2 stream. Figure 4 | The 200 OK will indicate that the Receiver is ready for the delivery | |||
| depicts this message flow. | of subscribed content. At this point a Subscription must be | |||
| allocated its own HTTP2 stream. Figure 4 depicts this message flow. | ||||
| +------------+ +------------+ | +------------+ +------------+ | |||
| | Receiver | | Publisher | | | Receiver | | Publisher | | |||
| |HTTP2 Stream| |HTTP2 Stream| | |HTTP2 Stream| |HTTP2 Stream| | |||
| | (a) (b) | | (a) (b) | | | (a) (b) | | (a) (b) | | |||
| +------------+ +------------+ | +------------+ +------------+ | |||
| | HTTP Post Headers, Data (sub-start, SubID)| | | HTTP Post Headers, Data (sub-start, SubID)| | |||
| |<---------------------------------------------| | |<---------------------------------------------| | |||
| | HTTP 200 OK | | | HTTP 200 OK | | |||
| |--------------------------------------------->| | |--------------------------------------------->| | |||
| skipping to change at page 6, line 46 ¶ | skipping to change at page 6, line 44 ¶ | |||
| o take any subscription-priority and copy it into the HTTP2 stream | o take any subscription-priority and copy it into the HTTP2 stream | |||
| priority, and | priority, and | |||
| o take a subscription-dependency if it has been provided and map the | o take a subscription-dependency if it has been provided and map the | |||
| HTTP2 stream for the parent subscription into the HTTP2 stream | HTTP2 stream for the parent subscription into the HTTP2 stream | |||
| dependency. | dependency. | |||
| 3.2. Subscription Multiplexing | 3.2. Subscription Multiplexing | |||
| It is possible that updates might be delivered in a different | It is possible that updates across subscriptions might be delivered | |||
| sequence than generated. Reasons for this might include (but are not | in a different sequence than the encapsulated records were generated. | |||
| limited to): | Reasons for this might include (but are not limited to): | |||
| o replay of pushed updates | o generation of event records on different line cards | |||
| o replay of pushed information, and | ||||
| o temporary loss of transport connectivity, with update buffering | o temporary loss of transport connectivity, with update buffering | |||
| and different dequeuing priorities per Subscription | and different dequeuing priorities per Subscription | |||
| o population, marshalling and bundling of independent Subscription | o population, marshalling and bundling across independent | |||
| Updates, and | Subscription Updates, and | |||
| Therefore each Event Notification will include a timestamp to ensure | ||||
| that a Receiver understands the time when a that update was | ||||
| generated. Use of this timestamp can give an indication of the state | ||||
| of objects at a Publisher when state-entangled information is | ||||
| received across different subscriptions. The use of the latest Event | ||||
| Notification timestamp for a particular object update can introduce | ||||
| errors. So when state-entangled updates have inconsistent object | ||||
| values and temporally close timestamps, a Receiver might consider | ||||
| performing a GET to validate the current state of a Publisher. | ||||
| 4. Encoded Subscription and Event Notification Examples | Therefore each notification message will include a timestamp to | |||
| provide a Receiver with its best information indicating when a | ||||
| particular record was generated. Use of this timestamp can give an | ||||
| indication of the state of objects at a Publisher. This is | ||||
| especially important when state-entangled information is received | ||||
| across different subscriptions. Note that use of notification | ||||
| message timestamps may not indicate a the exact time of occurrence. | ||||
| So when state-entangled updates have inconsistent object values and | ||||
| temporally close timestamps, a Receiver might consider performing a | ||||
| GET to validate the current state of a Publisher. | ||||
| Transported updates will contain context data for one or more Event | 4. Encoded Subscription and Notification Message Examples | |||
| Notifications. Each transported Event Notification will contain | ||||
| several parameters: | ||||
| 4.1. Restconf Subscription and Events over HTTP1.1 | 4.1. Restconf Subscription and Events over HTTP1.1 | |||
| Subscribers can dynamically learn whether a RESTCONF server supports | Subscribers can dynamically learn whether a RESTCONF server supports | |||
| various types of Event or Yang datastore subscription capabilities. | various types of Event or Yang datastore subscription capabilities. | |||
| This is done by issuing an HTTP request OPTIONS, HEAD, or GET on the | This is done by issuing an HTTP request OPTIONS, HEAD, or GET on the | |||
| stream. Some examples building upon the Call flow for HTTP1.1 from | stream. Some examples building upon the Call flow for HTTP1.1 from | |||
| Section 3.2.2 are: | Section 3.2.2 are: | |||
| GET /restconf/data/ietf-restconf-monitoring:restconf-state/ | GET /restconf/data/ietf-restconf-monitoring:restconf-state/ | |||
| skipping to change at page 9, line 5 ¶ | skipping to change at page 9, line 5 ¶ | |||
| Content-Type: application/yang.api+xml | Content-Type: application/yang.api+xml | |||
| <location | <location | |||
| xmlns="urn:ietf:params:xml:ns:yang:ietf-restconf-monitoring"> | xmlns="urn:ietf:params:xml:ns:yang:ietf-restconf-monitoring"> | |||
| https://example.com/streams/yang-push-xml | https://example.com/streams/yang-push-xml | |||
| </location> | </location> | |||
| To subscribe and start receiving updates, the subscriber can then | To subscribe and start receiving updates, the subscriber can then | |||
| send an HTTP GET request for the URL returned by the Publisher in the | send an HTTP GET request for the URL returned by the Publisher in the | |||
| request above. The accept header must be "text/event-stream". The | request above. The accept header must be "text/event-stream". The | |||
| Publisher uses the Server Sent Events [W3C-20150203] transport | Publisher uses the Server Sent Events [W3C-20150203] transport | |||
| strategy to push filtered Event Notifications from the Event stream. | strategy to push filtered events from the event stream. | |||
| The Publisher MUST support individual parameters within the POST | The Publisher MUST support individual parameters within the POST | |||
| request body for all the parameters of a subscription. The only | request body for all the parameters of a subscription. The only | |||
| exception is the encoding, which is embedded in the URI. An example | exception is the encoding, which is embedded in the URI. An example | |||
| of this is: | of this is: | |||
| // subtree filter = /foo | // subtree filter = /foo | |||
| // periodic updates, every 5 seconds | // periodic updates, every 5 seconds | |||
| POST /restconf/operations/ietf-event-notifications: | POST /restconf/operations/ietf-event-notifications: | |||
| establish-subscription HTTP/1.1 | establish-subscription HTTP/1.1 | |||
| Host: example.com | Host: example.com | |||
| Content-Type: application/yang-data+json | Content-Type: application/yang-data+json | |||
| { | { | |||
| "ietf-event-notifications:input" : { | "ietf-event-notifications:input" : { | |||
| ?stream?: ?push-data" | "stream": "push-data" | |||
| ?period" : 5, | "period" : 5, | |||
| "xpath-filter" : ?/ex:foo[starts-with(?bar?.?some']" | "xpath-filter" : "/ex:foo[starts-with('bar'.'some']" | |||
| } | } | |||
| } | } | |||
| Should the publisher not support the requested subscription, it may | Should the publisher not support the requested subscription, it may | |||
| reply: | reply: | |||
| HTTP/1.1 501 Not Implemented | HTTP/1.1 501 Not Implemented | |||
| Date: Mon, 23 Apr 2012 17:11:00 GMT | Date: Mon, 23 Apr 2012 17:11:00 GMT | |||
| Server: example-server | Server: example-server | |||
| Content-Type: application/yang.errors+xml | Content-Type: application/yang.errors+xml | |||
| skipping to change at page 10, line 45 ¶ | skipping to change at page 10, line 45 ¶ | |||
| "error-message": "Xpath filters not supported." | "error-message": "Xpath filters not supported." | |||
| "error-info": { | "error-info": { | |||
| "datastore-push:supported-subscription": { | "datastore-push:supported-subscription": { | |||
| "subtree-filter": [null] | "subtree-filter": [null] | |||
| } | } | |||
| } | } | |||
| } | } | |||
| } | } | |||
| } | } | |||
| The following is an example of a pushed Event Notification data for | The following is an example of a pushed content for the Subscription | |||
| the Subscription above. It contains a subtree with root foo that | above. It contains a subtree with root foo that contains a leaf | |||
| contains a leaf called bar: | called bar: | |||
| XML encoding representation: | XML encoding representation: | |||
| <?xml version="1.0" encoding="UTF-8"?> | <?xml version="1.0" encoding="UTF-8"?> | |||
| <notification xmlns="urn:ietf:params:xml:ns:yang:ietf-restconf"> | <notification xmlns="urn:ietf:params:xml:ns:yang:ietf-restconf"> | |||
| <subscription-id xmlns="urn:ietf:params:xml:ns:restconf: | <subscription-id xmlns="urn:ietf:params:xml:ns:restconf: | |||
| datastore-push:1.0"> | datastore-push:1.0"> | |||
| my-sub | my-sub | |||
| </subscription-id> | </subscription-id> | |||
| <eventTime>2015-03-09T19:14:56.233Z</eventTime> | <eventTime>2015-03-09T19:14:56.233Z</eventTime> | |||
| <datastore-contents xmlns="urn:ietf:params:xml:ns:restconf: | <datastore-contents xmlns="urn:ietf:params:xml:ns:restconf: | |||
| skipping to change at page 11, line 46 ¶ | skipping to change at page 11, line 46 ¶ | |||
| request. For example, to modify the update period to 10 seconds, the | request. For example, to modify the update period to 10 seconds, the | |||
| subscriber may send: | subscriber may send: | |||
| POST /restconf/operations/ietf-event-notifications: | POST /restconf/operations/ietf-event-notifications: | |||
| modify-subscription HTTP/1.1 | modify-subscription HTTP/1.1 | |||
| Host: example.com | Host: example.com | |||
| Content-Type: application/yang-data+json | Content-Type: application/yang-data+json | |||
| { | { | |||
| "ietf-event-notifications:input" : { | "ietf-event-notifications:input" : { | |||
| ?subscription-id?: 100, | "subscription-id": 100, | |||
| ?period" : 10 | "period" : 10 | |||
| } | } | |||
| } | } | |||
| To delete a Subscription, the Subscriber issues a DELETE request on | To delete a Subscription, the Subscriber issues a DELETE request on | |||
| the provided URI using the same subscription-id as in the original | the provided URI using the same subscription-id as in the original | |||
| request | request | |||
| 4.2. Event Notification over HTTP2 | 4.2. Event Notification over HTTP2 | |||
| The basic encoding will look as below. It will consists of a JSON | The basic encoding will look as below. It will consists of a JSON | |||
| skipping to change at page 12, line 34 ¶ | skipping to change at page 12, line 34 ¶ | |||
| "foo": { "bar": "some_string" } | "foo": { "bar": "some_string" } | |||
| } | } | |||
| } | } | |||
| } | } | |||
| 5. Security Considerations | 5. Security Considerations | |||
| Subscriptions could be used to intentionally or accidentally overload | Subscriptions could be used to intentionally or accidentally overload | |||
| the resources of a Publisher. For this reason, it is important that | the resources of a Publisher. For this reason, it is important that | |||
| the Publisher has the ability to prioritize the establishment and | the Publisher has the ability to prioritize the establishment and | |||
| push of Event Notifications where there might be resource exhaust | push of notification messages where there is the potential for | |||
| potential. In addition, a server needs to be able to suspend | resource exhaust. In addition, a server needs to be able to suspend | |||
| existing Subscriptions when needed. When this occurs, the | existing Subscriptions when needed. When this occurs, the | |||
| subscription status must be updated accordingly and the Receivers | subscription status must be updated accordingly and the Receivers | |||
| notified. | notified. | |||
| A Subscription could be used to attempt retrieve information for | A Subscription could be used to attempt retrieve information for | |||
| which a Receiver has no authorized access. Therefore it is important | which a Receiver has no authorized access. Therefore it is important | |||
| that data pushed via a Subscription is authorized equivalently with | that data pushed via a Subscription is authorized equivalently with | |||
| regular data retrieval operations. Data being pushed to a Receiver | regular data retrieval operations. Data being pushed to a Receiver | |||
| needs therefore to be filtered accordingly, just like if the data | needs therefore to be filtered accordingly, just like if the data | |||
| were being retrieved on-demand. The Netconf Authorization Control | were being retrieved on-demand. The Netconf Authorization Control | |||
| Model [RFC6536] applies even though the transport is not NETCONF. | Model [RFC6536] applies even though the transport is not NETCONF. | |||
| One or more Publishers of Configured Subscriptions could be used to | One or more Publishers of Configured Subscriptions could be used to | |||
| overwhelm a Receiver which doesn't even support Subscriptions. There | overwhelm a Receiver which doesn't even support Subscriptions. There | |||
| are two protections here. First Event Notifications for Configured | are two protections here. First, notification messages for | |||
| Subscriptions MUST only be transmittable over Encrypted transports. | Configured Subscriptions MUST only be transmittable over encrypted | |||
| Clients which do not want pushed Event Notifications need only | transports. Clients which do not want pushed content need only | |||
| terminate or refuse any transport sessions from the Publisher. | terminate or refuse any transport sessions from the Publisher. | |||
| Second, the HTTP transport augmentation on the Receiver must send an | Second, the HTTP transport augmentation on the Receiver must send an | |||
| HTTP 200 OK to a subscription started notification before the | HTTP 200 OK to a subscription started notification before the | |||
| Publisher starts streaming any events. | Publisher starts streaming any subscribed content. | |||
| One or more Publishers could overwhelm a Receiver which is unable to | One or more Publishers could overwhelm a Receiver which is unable to | |||
| control or handle the volume of Event Notifications received. In | control or handle the volume of Event Notifications received. In | |||
| deployments where this might be a concern, HTTP2 transport such as | deployments where this might be a concern, HTTP2 transport such as | |||
| HTTP2) should be selected. | HTTP2) should be selected. | |||
| 6. Acknowledgments | 6. Acknowledgments | |||
| We wish to acknowledge the helpful contributions, comments, and | We wish to acknowledge the helpful contributions, comments, and | |||
| suggestions that were received from: Susan Hares, Tim Jenkins, Balazs | suggestions that were received from: Susan Hares, Tim Jenkins, Balazs | |||
| skipping to change at page 14, line 13 ¶ | skipping to change at page 14, line 13 ¶ | |||
| <http://www.rfc-editor.org/info/rfc8040>. | <http://www.rfc-editor.org/info/rfc8040>. | |||
| [sn] Voit, E., Clemm, A., Gonzalez Prieto, A., Prasad Tripathy, | [sn] Voit, E., Clemm, A., Gonzalez Prieto, A., Prasad Tripathy, | |||
| A., and E. Nilsen-Nygaard, "Subscribing to Event | A., and E. Nilsen-Nygaard, "Subscribing to Event | |||
| Notifications", February 2017, | Notifications", February 2017, | |||
| <https://datatracker.ietf.org/doc/draft-ietf-netconf- | <https://datatracker.ietf.org/doc/draft-ietf-netconf- | |||
| subscribed-notifications/>. | subscribed-notifications/>. | |||
| 7.2. Informative References | 7.2. Informative References | |||
| [GRPC] "RPC framework that runs over HTTP2", August 2017, | ||||
| <https://grpc.io/>. | ||||
| [RFC7923] Voit, E., Clemm, A., and A. Gonzalez Prieto, "Requirements | [RFC7923] Voit, E., Clemm, A., and A. Gonzalez Prieto, "Requirements | |||
| for Subscription to YANG Datastores", RFC 7923, | for Subscription to YANG Datastores", RFC 7923, | |||
| DOI 10.17487/RFC7923, June 2016, | DOI 10.17487/RFC7923, June 2016, | |||
| <http://www.rfc-editor.org/info/rfc7923>. | <http://www.rfc-editor.org/info/rfc7923>. | |||
| [RFC7951] Lhotka, L., "JSON Encoding of Data Modeled with YANG", | [RFC7951] Lhotka, L., "JSON Encoding of Data Modeled with YANG", | |||
| RFC 7951, DOI 10.17487/RFC7951, August 2016, | RFC 7951, DOI 10.17487/RFC7951, August 2016, | |||
| <http://www.rfc-editor.org/info/rfc7951>. | <http://www.rfc-editor.org/info/rfc7951>. | |||
| [RFC8071] Watsen, K., "NETCONF Call Home and RESTCONF Call Home", | [RFC8071] Watsen, K., "NETCONF Call Home and RESTCONF Call Home", | |||
| skipping to change at page 14, line 47 ¶ | skipping to change at page 14, line 50 ¶ | |||
| Appendix A. End-to-End Deployment Guidance | Appendix A. End-to-End Deployment Guidance | |||
| Several technologies are expected to be seen within a deployment to | Several technologies are expected to be seen within a deployment to | |||
| achieve security and ease-of-use requirements. These are not | achieve security and ease-of-use requirements. These are not | |||
| necessary for an implementation of this specification, but will be | necessary for an implementation of this specification, but will be | |||
| useful to consider when considering the operational context. | useful to consider when considering the operational context. | |||
| A.1. Call Home | A.1. Call Home | |||
| Pub/Sub implementations should have the ability to transparently | Implementations should include the ability to transparently | |||
| incorporate 'call home' [RFC8071] so that secure TLS connections can | incorporate 'call home' [RFC8071] so that secure TLS connections can | |||
| originate from the desired device. | originate from the desired device. | |||
| A.2. TLS Heartbeat | A.2. TLS Heartbeat | |||
| HTTP sessions might not quickly allow a Subscriber to recognize when | HTTP sessions might not quickly allow a Subscriber to recognize when | |||
| the communication path has been lost from the Publisher. To | the communication path has been lost from the Publisher. To | |||
| recognize this, it is possible for a Receiver to establish a TLS | recognize this, it is possible for a Receiver to establish a TLS | |||
| heartbeat [RFC6520]. In the case where a TLS heartbeat is included, | heartbeat [RFC6520]. In the case where a TLS heartbeat is included, | |||
| it should be sent just from Receiver to Publisher. Loss of the | it should be sent just from Receiver to Publisher. Loss of the | |||
| heartbeat should result in any Subscription related TCP sessions | heartbeat should result in any Subscription related TCP sessions | |||
| between those endpoints being torn down. The subscription can then | between those endpoints being torn down. The subscription can then | |||
| attempt to re-establish. | attempt to re-establish. | |||
| Appendix B. Issues being worked and resolved | Appendix B. RESTCONF over GRPC | |||
| (To be removed by RFC editor prior to publication) | ||||
| B.1. Unresolved Issues | ||||
| GRPC compatibility 1: Mechanisms for HTTP2 to GRPC mapping need to be | An initial goal for this document was to support [GRPC] transport | |||
| considered. There is a good start there as this draft only uses | seamlessly without any mapping or extra layering. However there is | |||
| POST, not GET. As GET is used in RESTCONF for capabilities | an incompatibility of RESTCONF and GRPC. RESTCONF uses HTTP GET, and | |||
| discovery, we have some backwards compatibility issues with existing | GRPC uses HTTP2's POST rather than GET. As GET is used across | |||
| IETF drafts. Possible options to address are (1) provide a POST | RESTCONF for things like capabilities exchange, a seamless mapping | |||
| method for anything done by GET in RESTCONF, (2) await support of GET | depends on specification changes outside the scope of this document. | |||
| by GRPC, or (3) tunnel RESTCONF's GET messages within a GRPC POST. | If/when GRPC supports GET, or RESTCONF is updated to support POST, | |||
| this should be revisited. It is hoped that the resulting fix will be | ||||
| transparent to this document. | ||||
| GRPC compatibility 2: We need to expose a method against which POST | Appendix C. Changes between revisions | |||
| is done as events begin on a stream. See Stream 7 in figure 2. Can | ||||
| only send traffic to a method, not a URI. URI points to a method, | ||||
| not a resource. | ||||
| Need to add into document examples of Event streams. Document only | (To be removed by RFC editor prior to publication) | |||
| includes yang-push examples at this point. | ||||
| We need to reference the viable encodings of notifications. | v01 - v03 | |||
| Appendix C. Changes between revisions | o Terminoology aligned with draft-voit-netconf-notification- | |||
| messages. | ||||
| (To be removed by RFC editor prior to publication) | o Tweaks to wording/capitalization/format. | |||
| v01 - v02 | v01 - v02 | |||
| o Removed sections now redundant with [sn] and [yang-push] such as: | o Removed sections now redundant with [sn] and [yang-push] such as: | |||
| mechanisms for subscription maintenance, terminology definitions, | mechanisms for subscription maintenance, terminology definitions, | |||
| stream discovery. | stream discovery. | |||
| o 3rd party subscriptions are out-of-scope. | o 3rd party subscriptions are out-of-scope. | |||
| o SSE only used with Restconf and HTTP1.1 Dynamic Subscriptions | o SSE only used with Restconf and HTTP1.1 Dynamic Subscriptions | |||
| skipping to change at page 16, line 29 ¶ | skipping to change at page 16, line 26 ¶ | |||
| o Many clean-ups of wording and terminology | o Many clean-ups of wording and terminology | |||
| Authors' Addresses | Authors' Addresses | |||
| Eric Voit | Eric Voit | |||
| Cisco Systems | Cisco Systems | |||
| Email: evoit@cisco.com | Email: evoit@cisco.com | |||
| Alberto Gonzalez Prieto | ||||
| Cisco Systems | ||||
| Email: albertgo@cisco.com | ||||
| Ambika Prasad Tripathy | Ambika Prasad Tripathy | |||
| Cisco Systems | Cisco Systems | |||
| Email: ambtripa@cisco.com | Email: ambtripa@cisco.com | |||
| Einar Nilsen-Nygaard | Einar Nilsen-Nygaard | |||
| Cisco Systems | Cisco Systems | |||
| Email: einarnn@cisco.com | Email: einarnn@cisco.com | |||
| Alexander Clemm | Alexander Clemm | |||
| Huawei | Huawei | |||
| Email: ludwig@clemm.org | Email: ludwig@clemm.org | |||
| Alberto Gonzalez Prieto | ||||
| VMWare | ||||
| Email: agonzalezpri@vmware.com | ||||
| Andy Bierman | Andy Bierman | |||
| YumaWorks | YumaWorks | |||
| Email: andy@yumaworks.com | Email: andy@yumaworks.com | |||
| End of changes. 39 change blocks. | ||||
| 108 lines changed or deleted | 106 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||