< draft-ietf-netconf-restconf-notif-07.txt   draft-ietf-netconf-restconf-notif-08.txt >
NETCONF E. Voit NETCONF E. Voit
Internet-Draft R. Rahman Internet-Draft R. Rahman
Intended status: Standards Track E. Nilsen-Nygaard Intended status: Standards Track E. Nilsen-Nygaard
Expires: March 16, 2019 Cisco Systems Expires: April 7, 2019 Cisco Systems
A. Clemm A. Clemm
Huawei Huawei
A. Bierman A. Bierman
YumaWorks YumaWorks
September 12, 2018 October 4, 2018
RESTCONF Transport for Event Notifications RESTCONF Transport for Event Notifications
draft-ietf-netconf-restconf-notif-07 draft-ietf-netconf-restconf-notif-08
Abstract Abstract
This document defines a RESTCONF binding to the dynamic subscription This document defines a RESTCONF binding to the dynamic subscription
capability of both subscribed notifications and YANG-Push. capability of both subscribed notifications and YANG-Push.
Subscriptions to publisher defined event streams or nodes/subtrees of Subscriptions to publisher defined event streams or nodes/subtrees of
YANG Datastores is supported. YANG Datastores is supported.
Status of This Memo Status of This Memo
skipping to change at page 1, line 38 skipping to change at page 1, line 38
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 16, 2019. This Internet-Draft will expire on April 7, 2019.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 17 skipping to change at page 2, line 17
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Dynamic Subscriptions . . . . . . . . . . . . . . . . . . . . 3 3. Dynamic Subscriptions . . . . . . . . . . . . . . . . . . . . 3
3.1. Transport Connectivity . . . . . . . . . . . . . . . . . 4 3.1. Transport Connectivity . . . . . . . . . . . . . . . . . 4
3.2. Discovery . . . . . . . . . . . . . . . . . . . . . . . . 4 3.2. Discovery . . . . . . . . . . . . . . . . . . . . . . . . 4
3.3. RESTCONF RPCs and HTTP Status Codes . . . . . . . . . . . 4 3.3. RESTCONF RPCs and HTTP Status Codes . . . . . . . . . . . 4
3.4. Call Flow for HTTP2 . . . . . . . . . . . . . . . . . . . 6 3.4. Call Flow for Server-Sent Events (SSE) . . . . . . . . . 6
3.5. Call flow for HTTP1.1 . . . . . . . . . . . . . . . . . . 8 4. QoS Treatment . . . . . . . . . . . . . . . . . . . . . . . . 8
4. QoS Treatment . . . . . . . . . . . . . . . . . . . . . . . . 10 5. Mandatory JSON and datastore support . . . . . . . . . . . . 8
5. Mandatory JSON and datastore support . . . . . . . . . . . . 10 6. Notification Messages . . . . . . . . . . . . . . . . . . . . 8
6. Notification Messages . . . . . . . . . . . . . . . . . . . . 10 7. YANG Tree . . . . . . . . . . . . . . . . . . . . . . . . . . 8
7. YANG Tree . . . . . . . . . . . . . . . . . . . . . . . . . . 10 8. YANG module . . . . . . . . . . . . . . . . . . . . . . . . . 9
8. YANG module . . . . . . . . . . . . . . . . . . . . . . . . . 10 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13 10. Security Considerations . . . . . . . . . . . . . . . . . . . 11
10. Security Considerations . . . . . . . . . . . . . . . . . . . 13 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 12
11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 13 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 12
12. References . . . . . . . . . . . . . . . . . . . . . . . . . 14 12.1. Normative References . . . . . . . . . . . . . . . . . . 12
12.1. Normative References . . . . . . . . . . . . . . . . . . 14 12.2. Informative References . . . . . . . . . . . . . . . . . 13
12.2. Informative References . . . . . . . . . . . . . . . . . 15 Appendix A. Examples . . . . . . . . . . . . . . . . . . . . . . 14
Appendix A. Examples . . . . . . . . . . . . . . . . . . . . . . 16 A.1. Dynamic Subscriptions . . . . . . . . . . . . . . . . . . 14
A.1. Dynamic Subscriptions . . . . . . . . . . . . . . . . . . 16 A.1.1. Establishing Dynamic Subscriptions . . . . . . . . . 14
A.1.1. Establishing Dynamic Subscriptions . . . . . . . . . 16 A.1.2. Modifying Dynamic Subscriptions . . . . . . . . . . . 17
A.1.2. Modifying Dynamic Subscriptions . . . . . . . . . . . 19 A.1.3. Deleting Dynamic Subscriptions . . . . . . . . . . . 18
A.1.3. Deleting Dynamic Subscriptions . . . . . . . . . . . 20 A.2. Subscription State Notifications . . . . . . . . . . . . 19
A.2. Subscription State Notifications . . . . . . . . . . . . 21 A.2.1. subscription-modified . . . . . . . . . . . . . . . . 19
A.2.1. subscription-started and subscription-modified . . . 21
A.2.2. subscription-completed, subscription-resumed, and A.2.2. subscription-completed, subscription-resumed, and
replay-complete . . . . . . . . . . . . . . . . . . . 22 replay-complete . . . . . . . . . . . . . . . . . . . 20
A.2.3. subscription-terminated and subscription-suspended . 22 A.2.3. subscription-terminated and subscription-suspended . 20
Appendix B. Changes between revisions . . . . . . . . . . . . . 23 A.3. Filter Example . . . . . . . . . . . . . . . . . . . . . 21
Appendix B. Changes between revisions . . . . . . . . . . . . . 22
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 24 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 24
1. Introduction 1. Introduction
Mechanisms to support event subscription and push are defined in Mechanisms to support event subscription and push are defined in
[I-D.draft-ietf-netconf-subscribed-notifications]. Enhancements to [I-D.draft-ietf-netconf-subscribed-notifications]. Enhancements to
[I-D.draft-ietf-netconf-subscribed-notifications] which enable YANG [I-D.draft-ietf-netconf-subscribed-notifications] which enable YANG
datastore subscription and push are defined in datastore subscription and push are defined in
[I-D.ietf-netconf-yang-push]. This document provides a transport [I-D.ietf-netconf-yang-push]. This document provides a transport
specification for dynamic subscriptions over RESTCONF [RFC8040]. specification for dynamic subscriptions over RESTCONF [RFC8040].
Driving these requirements is [RFC7923]. Driving these requirements is [RFC7923].
The streaming of notifications encapsulating the resulting The streaming of notifications encapsulating the resulting
information push can be done with either HTTP1.1 [RFC7231] or HTTP2 information push is done via the mechanism described in section 6.3
[RFC7540]. of [RFC8040].
2. Terminology 2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119]. document are to be interpreted as described in RFC 2119 [RFC2119].
The following terms use the definitions from The following terms use the definitions from
[I-D.draft-ietf-netconf-subscribed-notifications]: dynamic [I-D.draft-ietf-netconf-subscribed-notifications]: dynamic
subscription, event stream, notification message, publisher, subscription, event stream, notification message, publisher,
skipping to change at page 3, line 30 skipping to change at page 3, line 30
Other terms reused include datastore, which is defined in [RFC8342], Other terms reused include datastore, which is defined in [RFC8342],
and HTTP2 stream which maps to the definition of "stream" within and HTTP2 stream which maps to the definition of "stream" within
[RFC7540], Section 2. [RFC7540], Section 2.
[ note to the RFC Editor - please replace XXXX within this document [ note to the RFC Editor - please replace XXXX within this document
with the number of this document ] with the number of this document ]
3. Dynamic Subscriptions 3. Dynamic Subscriptions
This section provides specifics on how to establish and maintain This section provides specifics on how to establish and maintain
dynamic subscriptions over HTTP 1.1 and HTTP2 via signaling messages dynamic subscriptions over RESTCONF [RFC8040]. Subscribing to event
transported over RESTCONF [RFC8040]. Subscribing to event streams is streams is accomplished in this way via a RESTCONF POST into RPCs
accomplished in this way via a RESTCONF POST into RPCs defined within defined within [I-D.draft-ietf-netconf-subscribed-notifications]
[I-D.draft-ietf-netconf-subscribed-notifications] Section 2.4. YANG Section 2.4. YANG datastore subscription is accomplished via
datastore subscription is accomplished via augmentations to augmentations to [I-D.draft-ietf-netconf-subscribed-notifications] as
[I-D.draft-ietf-netconf-subscribed-notifications] as described within described within [I-D.ietf-netconf-yang-push] Section 4.4.
[I-D.ietf-netconf-yang-push] Section 4.4.
Common across all HTTP based dynamic subscriptions is that a POST As described in [RFC8040] Section 6.3, a GET needs to be made against
needs to be made against a specific URI on the Publisher. a specific URI on the publisher. Subscribers cannot pre-determine
Subscribers cannot pre-determine the URI against which a subscription the URI against which a subscription might exist on a publisher, as
might exist on a publisher, as the URI will only exist after the the URI will only exist after the "establish-subscription" RPC has
"establish-subscription" has been accepted. The subscription URI been accepted. The subscription URI will be determined and sent as
will be determined and sent as part of the response to the part of the response to the "establish-subscription" RPC, and a
"establish-subscription", and a subsequent POST to this URI will be subsequent GET to this URI will be done in order to start the flow of
done in order to start the flow of notification messages back to the notification messages back to the subscriber. A subscription does
subscriber. A subscription does not move to the active state as per not move to the active state as per Section 2.4.1. of
Section 2.4.1. of [I-D.draft-ietf-netconf-subscribed-notifications] [I-D.draft-ietf-netconf-subscribed-notifications] until the GET is
until the POST is received. received. The POST for the "establish-subscription" RPC replaces the
GET request for the "location" leaf which is used in [RFC8040] to
obtain the URI.
3.1. Transport Connectivity 3.1. Transport Connectivity
For a dynamic subscription, where an HTTP client session doesn't For a dynamic subscription, where an HTTP client session doesn't
already exist, a new client session is initiated from the subscriber. already exist, a new client session is initiated from the subscriber.
If the subscriber is unsure if HTTP2 is supported by the publisher,
HTTP1.1 will be used for initial messages, and these messages will
include an HTTP version upgrade request as per [RFC7230],
Section 6.7. If a publisher response indicates that HTTP2 is
supported, HTTP2 will be used between subscriber and publisher for
future HTTP interactions as per [RFC7540].
A subscriber SHOULD establish the HTTP session over TLS [RFC5246] in As stated in Section 2.1 of [RFC8040], a subscriber MUST establish
order to secure the content in transit. the HTTP session over TLS [RFC5246] in order to secure the content in
transit.
Without the involvement of additional protocols, neither HTTP1.1 nor Without the involvement of additional protocols, HTTP sessions by
HTTP2 sessions by themselves allow for a quick recognition of when themselves do not allow for a quick recognition of when the
the communication path has been lost with the publisher. Where quick communication path has been lost with the publisher. Where quick
recognition of the loss of a publisher is required, a subscriber recognition of the loss of a publisher is required, a subscriber
SHOULD connect over TLS [RFC5246], and use a TLS heartbeat [RFC6520] SHOULD use a TLS heartbeat [RFC6520], just from receiver to
to track HTTP session continuity. In the case where a TLS heartbeat publisher, to track HTTP session continuity. Loss of the heartbeat
is included, it should be sent just from receiver to publisher. Loss MUST result in any subscription related TCP sessions between those
of the heartbeat MUST result in any subscription related TCP sessions endpoints being torn down. A subscriber can then attempt to re-
between those endpoints being torn down. A subscriber can then establish.
attempt to re-establish.
3.2. Discovery 3.2. Discovery
Subscribers can learn what event streams a RESTCONF server supports Subscribers can learn what event streams a RESTCONF server supports
by querying the "streams" container of ietf-subscribed- by querying the "streams" container of ietf-subscribed-
notification.yang. Subscribers can learn what datastores a RESTCONF notification.yang in
server supports by following [I-D.draft-ietf-netconf-nmda-restconf]. [I-D.draft-ietf-netconf-subscribed-notifications]. Support for the
"streams" container of ietf-restconf-monitoring.yang in [RFC6520] is
not required.
Subscribers can learn what datastores a RESTCONF server supports by
following [I-D.draft-ietf-netconf-nmda-restconf].
3.3. RESTCONF RPCs and HTTP Status Codes 3.3. RESTCONF RPCs and HTTP Status Codes
Specific HTTP responses codes as defined in [RFC7231] section 6 will Specific HTTP responses codes as defined in [RFC7231] section 6 will
indicate the result of RESTCONF RPC requests with publisher. An HTTP indicate the result of RESTCONF RPC requests with publisher. An HTTP
status code of 200 is the proper response to any successful RPC status code of 200 is the proper response to any successful RPC
defined within [I-D.draft-ietf-netconf-subscribed-notifications] or defined within [I-D.draft-ietf-netconf-subscribed-notifications] or
[I-D.ietf-netconf-yang-push]. [I-D.ietf-netconf-yang-push].
If a publisher fails to serve the RPC request for one of the reasons If a publisher fails to serve the RPC request for one of the reasons
skipping to change at page 6, line 31 skipping to change at page 6, line 31
"kill-subscription", or a "resynch-subscription" request, no "kill-subscription", or a "resynch-subscription" request, no
"error-info" needs to be included, as the "subscription-id" is "error-info" needs to be included, as the "subscription-id" is
the only RPC input parameter and no hints regarding this RPC input the only RPC input parameter and no hints regarding this RPC input
parameters need to be provided. parameters need to be provided.
Note that "error-path" does not need to be included with the "rpc- Note that "error-path" does not need to be included with the "rpc-
error" element, as subscription errors are generally not associated error" element, as subscription errors are generally not associated
with nodes in the datastore but with the choice of RPC input with nodes in the datastore but with the choice of RPC input
parameters. parameters.
3.4. Call Flow for HTTP2 3.4. Call Flow for Server-Sent Events (SSE)
The call flow is defined in Figure 1. The logical connections
denoted by (a) and (b) can be a TCP connection or an HTTP2 stream.
Requests to [I-D.draft-ietf-netconf-subscribed-notifications] or Requests to [I-D.draft-ietf-netconf-subscribed-notifications] or
[I-D.ietf-netconf-yang-push] augmented RPCs are sent on one or more [I-D.ietf-netconf-yang-push] augmented RPCs are sent on a connection
HTTP2 streams indicated by (a) in Figure 1. A successful "establish- indicated by (a). A successful "establish-subscription" will result
subscription" will result in an RPC response returned with both a in an RPC response returned with both a subscription identifier which
subscription identifier which uniquely identifies a subscription, as uniquely identifies a subscription, as well as a URI which uniquely
well as a URI which uniquely identifies the location of subscription identifies the location of subscription on the publisher (b). This
on the publisher. This URI is defined via the "uri" leaf the Data URI is defined via the "uri" leaf the Data Model in Section 8.
Model in Section 8.
An HTTP POST is then sent on a logically separate HTTP2 stream (b) to
the URI on the publisher. This initiates to initiate the flow of
notification messages which are sent in HTTP Data frames as a
response to the POST. In the case below, a newly established
subscription has its associated notification messages pushed over
HTTP2 stream (7). These notification messages are placed into a
HTTP2 Data frame (see [RFC7540] Section 6.1).
+------------+ +------------+
| Subscriber | | Publisher |
|HTTP2 Stream| |HTTP2 Stream|
| (a) (b) | | (a) (b) |
+------------+ +------------+
| RESTCONF POST (RPC:establish-subscription) |
|--------------------------------------------->|
| HTTP 200 OK (ID,URI)|
|<---------------------------------------------|
| (7)HTTP POST (URI) (7)
| |--------------------------------------------->|
| | HTTP 200 OK|
| |<---------------------------------------------|
| | HTTP Data (notif-message)|
| |<---------------------------------------------|
| RESTCONF POST (RPC:modify-subscription) | |
|--------------------------------------------->| |
| | HTTP 200 OK| |
|<---------------------------------------------| |
| | HTTP Data (subscription-modified)|
| |<------------------------------------------(c)|
| | HTTP Data (notif-message)|
| |<---------------------------------------------|
| RESTCONF POST (RPC:delete-subscription) | |
|--------------------------------------------->| |
| | HTTP 200 OK| |
|<---------------------------------------------| |
| | HTTP Headers (end of stream)|
| (/7)<-----------------------------------------(/7)
|
Figure 1: Dynamic with HTTP2
Additional requirements for dynamic subscriptions over HTTP2 include:
o A unique HTTP2 stream MAY be used for each subscription.
o A single HTTP2 stream MUST NOT be used for subscriptions with
different DSCP values.
o All subscription state notifications from a publisher MUST be
returned in a separate HTTP Data frame within the HTTP2 stream
used by the subscription to which the state change refers.
o In addition to an RPC response for a "modify-subscription" RPC
traveling over (a), a "subscription-modified" state change
notification must be sent within HTTP2 stream (b). This allows
the receiver to know exactly when the new terms of the
subscription have been applied to the notification messages. See
arrow (c).
o Additional RPCs for a particular subscription MUST NOT use the
HTTP2 stream currently providing notification messages
subscriptions.
o An HTTP end of stream message MUST not be sent until all
subscriptions using that HTTP2 stream have completed.
3.5. Call flow for HTTP1.1
The call flow is defined in Figure 2. Requests to
[I-D.draft-ietf-netconf-subscribed-notifications] or
[I-D.ietf-netconf-yang-push] augmented RPCs are sent on a TCP
connection indicated by (a). A successful "establish-subscription"
will result in an RPC response returned with both a subscription
identifier which uniquely identifies a subscription, as well as a URI
which uniquely identifies the location of subscription on the
publisher (b). This URI is defined via the "uri" leaf the Data Model
in Section 8.
An HTTP POST is then sent on a logically separate TCP connection (b) An HTTP GET is then sent on a separate logical connection (b) to the
to the URI on the publisher. This initiates to initiate the flow of URI on the publisher. This initiates the publisher to initiate the
notification messages which are sent in SSE [W3C-20150203] as a flow of notification messages which are sent in SSE [W3C-20150203] as
response to the POST. a response to the GET.
+--------------+ +--------------+ +--------------+ +--------------+
| Subscriber | | Publisher | | Subscriber | | Publisher |
|TCP connection| |TCP connection| | | | |
| Logical | | Logical |
| Connection | | Connection |
| (a) (b) | | (a) (b) | | (a) (b) | | (a) (b) |
+--------------+ +--------------+ +--------------+ +--------------+
| RESTCONF POST (RPC:establish-subscription) | | RESTCONF POST (RPC:establish-subscription) |
|--------------------------------------------->| |--------------------------------------------->|
| HTTP 200 OK (ID,URI)| | HTTP 200 OK (ID,URI)|
|<---------------------------------------------| |<---------------------------------------------|
| |HTTP GET (URI) | | |HTTP GET (URI) |
| |--------------------------------------------->| | |--------------------------------------------->|
| | HTTP 200 OK| | | HTTP 200 OK|
| |<---------------------------------------------| | |<---------------------------------------------|
skipping to change at page 9, line 35 skipping to change at page 7, line 37
| |<------------------------------------------(c)| | |<------------------------------------------(c)|
| | SSE (notif-message)| | | SSE (notif-message)|
| |<---------------------------------------------| | |<---------------------------------------------|
| RESTCONF POST (RPC:delete-subscription) | | | RESTCONF POST (RPC:delete-subscription) | |
|--------------------------------------------->| | |--------------------------------------------->| |
| | HTTP 200 OK| | | | HTTP 200 OK| |
|<---------------------------------------------| | |<---------------------------------------------| |
| | | | | |
| | | |
Figure 2: Dynamic with HTTP1.1 Figure 1: Dynamic with server-sent events
Additional requirements for dynamic subscriptions over HTTP1.1 Additional requirements for dynamic subscriptions over SSE include:
include:
o All subscription state notifications from a publisher MUST be o All subscription state notifications from a publisher MUST be
returned in a separate SSE message used by the subscription to returned in a separate SSE message used by the subscription to
which the state change refers. which the state change refers.
o Subscription RPCs MUST NOT use the TCP connection currently o Subscription RPCs MUST NOT use the connection currently providing
providing notification messages for that subscription. notification messages for that subscription.
o In addition to an RPC response for a "modify-subscription" RPC o In addition to an RPC response for a "modify-subscription" RPC
traveling over (a), a "subscription-modified" state change traveling over (a), a "subscription-modified" state change
notification must be sent within stream (b). This allows the notification must be sent within (b). This allows the receiver to
receiver to know exactly when the new terms of the subscription know exactly when the new terms of the subscription have been
have been applied to the notification messages. See arrow (c). applied to the notification messages. See arrow (c).
Open question, should we just eliminate this possibility of HTTP1.1 A publisher MUST terminate a subscription in the following cases:
for subscriptions? It would make the design simpler.
o Receipt of a "delete-subscription" or a "kill-subscription" RPC
for that subscription.
o Loss of TLS heartbeat
A publisher MAY terminate a subscription at any time as stated in
[I-D.draft-ietf-netconf-subscribed-notifications] Section 1.3
4. QoS Treatment 4. QoS Treatment
To meet subscription quality of service promises, the publisher MUST To meet subscription quality of service promises, the publisher MUST
take any existing subscription "dscp" and apply it to the DSCP take any existing subscription "dscp" and apply it to the DSCP
marking in the IP header. marking in the IP header.
In addition, where HTTP2 transport is available to a notification In addition, where HTTP2 transport is available to a notification
message queued for transport to a receiver, the publisher MUST: message queued for transport to a receiver, the publisher MUST:
skipping to change at page 10, line 51 skipping to change at page 9, line 10
The YANG model defined in Section 8 has one leaf augmented into four The YANG model defined in Section 8 has one leaf augmented into four
places of [I-D.draft-ietf-netconf-subscribed-notifications], plus two places of [I-D.draft-ietf-netconf-subscribed-notifications], plus two
identities. As the resulting full tree is large, it will only be identities. As the resulting full tree is large, it will only be
inserted at later stages of this document. inserted at later stages of this document.
8. YANG module 8. YANG module
This module references This module references
[I-D.draft-ietf-netconf-subscribed-notifications]. [I-D.draft-ietf-netconf-subscribed-notifications].
<CODE BEGINS> file "ietf-restconf-subscribed-notifications@2018-09-12.yang" <CODE BEGINS> file "ietf-restconf-subscribed-notifications@2018-10-03.yang"
module ietf-restconf-subscribed-notifications { module ietf-restconf-subscribed-notifications {
yang-version 1.1; yang-version 1.1;
namespace namespace
"urn:ietf:params:xml:ns:yang:ietf-restconf-subscribed-notifications"; "urn:ietf:params:xml:ns:yang:ietf-restconf-subscribed-notifications";
prefix rsn; prefix rsn;
import ietf-subscribed-notifications { import ietf-subscribed-notifications {
prefix sn; prefix sn;
} }
skipping to change at page 11, line 47 skipping to change at page 10, line 6
Redistribution and use in source and binary forms, with or without Redistribution and use in source and binary forms, with or without
modification, is permitted pursuant to, and subject to the license modification, is permitted pursuant to, and subject to the license
terms contained in, the Simplified BSD License set forth in Section terms contained in, the Simplified BSD License set forth in Section
4.c of the IETF Trust's Legal Provisions Relating to IETF Documents 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info). (https://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX; see the RFC This version of this YANG module is part of RFC XXXX; see the RFC
itself for full legal notices."; itself for full legal notices.";
revision 2018-09-12 { revision 2018-10-03 {
description description
"Initial version"; "Initial version";
reference reference
"RFC XXXX: RESTCONF Transport for Event Notifications"; "RFC XXXX: RESTCONF Transport for Event Notifications";
}
identity restconf {
base sn:transport;
description
"RESTCONF is used as transport for notification messages and state
change notifications.";
} }
grouping uri { grouping uri {
description description
"Provides a reusable description of a URI."; "Provides a reusable description of a URI.";
leaf uri { leaf uri {
type inet:uri; type inet:uri;
config false; config false;
description description
"Location of a subscription specific URI on the publisher."; "Location of a subscription specific URI on the publisher.";
} }
} }
augment "/sn:establish-subscription/sn:output" { augment "/sn:establish-subscription/sn:output" {
description description
"This augmentation allows HTTP specific parameters for a "This augmentation allows RESTCONF specific parameters for a
response to a publisher's subscription request."; response to a publisher's subscription request.";
uses uri; uses uri;
} }
augment "/sn:subscriptions/sn:subscription" { augment "/sn:subscriptions/sn:subscription" {
description description
"This augmentation allows HTTP specific parameters to be "This augmentation allows RESTCONF specific parameters to be
exposed for a subscription."; exposed for a subscription.";
uses uri; uses uri;
} }
augment "/sn:subscription-started" {
description
"This augmentation allows HTTP specific parameters to be included
part of the notification that a subscription has started.";
uses uri;
}
augment "/sn:subscription-modified" { augment "/sn:subscription-modified" {
description description
"This augmentation allows HTTP specific parameters to be included "This augmentation allows RESTCONF specific parameters to be included
part of the notification that a subscription has been modified."; part of the notification that a subscription has been modified.";
uses uri; uses uri;
} }
} }
<CODE ENDS> <CODE ENDS>
9. IANA Considerations 9. IANA Considerations
This document registers the following namespace URI in the "IETF XML This document registers the following namespace URI in the "IETF XML
Registry" [RFC3688]: Registry" [RFC3688]:
URI: urn:ietf:params:xml:ns:yang:ietf-restconf-subscribed- URI: urn:ietf:params:xml:ns:yang:ietf-restconf-subscribed-
notifications notifications
Registrant Contact: The IESG. Registrant Contact: The IESG.
XML: N/A; the requested URI is an XML namespace. XML: N/A; the requested URI is an XML namespace.
skipping to change at page 13, line 51 skipping to change at page 12, line 10
o "uri": leaf will show where subscribed resources might be located o "uri": leaf will show where subscribed resources might be located
on a publisher. Access control must be set so that only someone on a publisher. Access control must be set so that only someone
with proper access permissions, and perhaps even HTTP session has with proper access permissions, and perhaps even HTTP session has
the ability to access this resource. the ability to access this resource.
11. Acknowledgments 11. Acknowledgments
We wish to acknowledge the helpful contributions, comments, and We wish to acknowledge the helpful contributions, comments, and
suggestions that were received from: Ambika Prasad Tripathy, Alberto suggestions that were received from: Ambika Prasad Tripathy, Alberto
Gonzalez Prieto, Susan Hares, Tim Jenkins, Balazs Lengyel, Kent Gonzalez Prieto, Susan Hares, Tim Jenkins, Balazs Lengyel, Kent
Watsen, Michael Scharf, and Guangying Zheng. Watsen, Michael Scharf, Guangying Zheng and Martin Bjorklund.
12. References 12. References
12.1. Normative References 12.1. Normative References
[I-D.draft-ietf-netconf-subscribed-notifications] [I-D.draft-ietf-netconf-subscribed-notifications]
Voit, E., Clemm, A., Gonzalez Prieto, A., Tripathy, A., Voit, E., Clemm, A., Gonzalez Prieto, A., Tripathy, A.,
and E. Nilsen-Nygaard, "Custom Subscription to Event and E. Nilsen-Nygaard, "Custom Subscription to Event
Streams", draft-ietf-netconf-subscribed-notifications-13 Streams", draft-ietf-netconf-subscribed-notifications-13
(work in progress), April 2018. (work in progress), April 2018.
skipping to change at page 16, line 15 skipping to change at page 14, line 22
[RFC7231] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer [RFC7231] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer
Protocol (HTTP/1.1): Semantics and Content", RFC 7231, Protocol (HTTP/1.1): Semantics and Content", RFC 7231,
DOI 10.17487/RFC7231, June 2014, DOI 10.17487/RFC7231, June 2014,
<https://www.rfc-editor.org/info/rfc7231>. <https://www.rfc-editor.org/info/rfc7231>.
[RFC7923] Voit, E., Clemm, A., and A. Gonzalez Prieto, "Requirements [RFC7923] Voit, E., Clemm, A., and A. Gonzalez Prieto, "Requirements
for Subscription to YANG Datastores", RFC 7923, for Subscription to YANG Datastores", RFC 7923,
DOI 10.17487/RFC7923, June 2016, DOI 10.17487/RFC7923, June 2016,
<https://www.rfc-editor.org/info/rfc7923>. <https://www.rfc-editor.org/info/rfc7923>.
[RFC8347] Liu, X., Ed., Kyparlis, A., Parikh, R., Lindem, A., and M.
Zhang, "A YANG Data Model for the Virtual Router
Redundancy Protocol (VRRP)", RFC 8347,
DOI 10.17487/RFC8347, March 2018,
<https://www.rfc-editor.org/info/rfc8347>.
[XPATH] Clark, J. and S. DeRose, "XML Path Language (XPath)
Version 1.0", November 1999,
<http://www.w3.org/TR/1999/REC-xpath-19991116>.
Appendix A. Examples Appendix A. Examples
This section is non-normative. To allow easy comparison, this This section is non-normative. To allow easy comparison, this
section mirrors the functional examples shown with NETCONF over XML section mirrors the functional examples shown with NETCONF over XML
within [I-D.draft-ietf-netconf-netconf-event-notifications]. In within [I-D.draft-ietf-netconf-netconf-event-notifications]. In
addition, HTTP2 vs HTTP1.1 headers are not shown as the contents of addition, HTTP2 vs HTTP1.1 headers are not shown as the contents of
the JSON encoded objects are identical within. the JSON encoded objects are identical within.
A.1. Dynamic Subscriptions A.1. Dynamic Subscriptions
skipping to change at page 17, line 13 skipping to change at page 15, line 13
of 23. of 23.
+------------+ +-----------+ +------------+ +-----------+
| Subscriber | | Publisher | | Subscriber | | Publisher |
+------------+ +-----------+ +------------+ +-----------+
| | | |
|establish-subscription | |establish-subscription |
|------------------------------>| (a) |------------------------------>| (a)
| HTTP 200 OK, id#22, URI#1 | | HTTP 200 OK, id#22, URI#1 |
|<------------------------------| (b) |<------------------------------| (b)
|POST (URI#1) | |GET (URI#1) |
|------------------------------>| (c) |------------------------------>| (c)
| HTTP 200 OK,notif-mesg (id#22)| | HTTP 200 OK,notif-mesg (id#22)|
|<------------------------------| |<------------------------------|
| | | |
| | | |
|establish-subscription | |establish-subscription |
|------------------------------>| |------------------------------>|
| HTTP 200 OK, id#23, URI#2| | HTTP 200 OK, id#23, URI#2|
|<------------------------------| |<------------------------------|
|POST (URI#2) | |GET (URI#2) |
|------------------------------>| |------------------------------>|
| | | |
| | | |
| notif-mesg (id#22)| | notif-mesg (id#22)|
|<------------------------------| |<------------------------------|
| HTTP 200 OK,notif-mesg (id#23)| | HTTP 200 OK,notif-mesg (id#23)|
|<------------------------------| |<------------------------------|
| | | |
Figure 3: Multiple subscriptions over RESTCONF/HTTP Figure 2: Multiple subscriptions over RESTCONF/HTTP
To provide examples of the information being transported, example To provide examples of the information being transported, example
messages for interactions in Figure 3 are detailed below: messages for interactions in Figure 2 are detailed below:
POST /restconf/operations/subscriptions:establish-subscription POST /restconf/operations/subscriptions:establish-subscription
{ {
"ietf-subscribed-notifications:input": { "ietf-subscribed-notifications:input": {
"stream": "NETCONF", "stream": "NETCONF",
"stream-xpath-filter": "/ex:foo/", "stream-xpath-filter": "/ds:foo/",
"dscp": "10" "dscp": "10"
} }
} }
Figure 4: establish-subscription request (a) Figure 3: establish-subscription request (a)
As publisher was able to fully satisfy the request, the publisher As publisher was able to fully satisfy the request, the publisher
sends the subscription identifier of the accepted subscription, and sends the subscription identifier of the accepted subscription, and
the URI: the URI:
HTTP status code - 200 HTTP status code - 200
{ {
"id": "22", "id": "22",
"uri": "/subscriptions/22" "uri": "/subscriptions/22"
} }
Figure 5: establish-subscription success (b) Figure 4: establish-subscription success (b)
Upon receipt of the successful response, the subscriber POSTs to the Upon receipt of the successful response, the subscriber does a GET
provided URI to start the flow of notification messages. When the the provided URI to start the flow of notification messages. When
publisher receives this, the subscription is moved to the active the publisher receives this, the subscription is moved to the active
state (c). state (c).
POST /restconf/operations/subscriptions/22 GET /restconf/operations/subscriptions/22
Figure 6: establish-subscription subsequent POST Figure 5: establish-subscription subsequent POST
While not shown in Figure 3, if the publisher had not been able to While not shown in Figure 2, if the publisher had not been able to
fully satisfy the request, or subscriber has no authorization to fully satisfy the request, or subscriber has no authorization to
establish the subscription, the publisher would have sent an RPC establish the subscription, the publisher would have sent an RPC
error response. For instance, if the "dscp" value of 10 asserted by error response. For instance, if the "dscp" value of 10 asserted by
the subscriber in Figure 4 proved unacceptable, the publisher may the subscriber in Figure 3 proved unacceptable, the publisher may
have returned: have returned:
HTTP status code - 406 HTTP status code - 406
{ "ietf-restconf:errors" : { { "ietf-restconf:errors" : {
"error" : [ "error" : [
{ {
"error-type": "application", "error-type": "application",
"error-tag": "operation-failed", "error-tag": "operation-failed",
"error-severity": "error", "error-severity": "error",
"error-app-tag": "error-app-tag":
"ietf-subscribed-notifications:dscp-unavailable" "ietf-subscribed-notifications:dscp-unavailable"
} }
] ]
} }
} }
Figure 7: an unsuccessful establish subscription Figure 6: an unsuccessful establish subscription
The subscriber can use this information in future attempts to The subscriber can use this information in future attempts to
establish a subscription. establish a subscription.
A.1.2. Modifying Dynamic Subscriptions A.1.2. Modifying Dynamic Subscriptions
An existing subscription may be modified. The following exchange An existing subscription may be modified. The following exchange
shows a negotiation of such a modification via several exchanges shows a negotiation of such a modification via several exchanges
between a subscriber and a publisher. This negotiation consists of a between a subscriber and a publisher. This negotiation consists of a
failed RPC modification request/response, followed by a successful failed RPC modification request/response, followed by a successful
skipping to change at page 19, line 34 skipping to change at page 17, line 34
| | | |
|modify-subscription (id#23) | |modify-subscription (id#23) |
|----------------------------->| |----------------------------->|
| HTTP 200 OK | | HTTP 200 OK |
|<-----------------------------| |<-----------------------------|
| | | |
| notif-mesg (id#23)| | notif-mesg (id#23)|
|<-----------------------------| |<-----------------------------|
| | | |
Figure 8: Interaction model for successful subscription modification Figure 7: Interaction model for successful subscription modification
If the subscription being modified in Figure 8 is a datastore If the subscription being modified in Figure 7 is a datastore
subscription as per [I-D.ietf-netconf-yang-push], the modification subscription as per [I-D.ietf-netconf-yang-push], the modification
request made in (d) may look like that shown in Figure 9. As can be request made in (d) may look like that shown in Figure 8. As can be
seen, the modifications being attempted are the application of a new seen, the modifications being attempted are the application of a new
xpath filter as well as the setting of a new periodic time interval. xpath filter as well as the setting of a new periodic time interval.
POST /restconf/operations/subscriptions:modify-subscription POST /restconf/operations/subscriptions:modify-subscription
{ {
"ietf-subscribed-notifications:input": { "ietf-subscribed-notifications:input": {
"id": "23", "id": "23",
"ietf-yang-push:datastore-xpath-filter": "ietf-yang-push:datastore-xpath-filter": "/ds:foo/ds:bar",
"/interfaces-state/interface/oper-status" "ietf-yang-push:periodic": {
"ietf-yang-push:periodic": {
"ietf-yang-push:period": "500" "ietf-yang-push:period": "500"
} }
} }
} }
Figure 9: Subscription modification request (c) Figure 8: Subscription modification request (c)
If the publisher can satisfy both changes, the publisher sends a If the publisher can satisfy both changes, the publisher sends a
positive result for the RPC. If the publisher cannot satisfy either positive result for the RPC. If the publisher cannot satisfy either
of the proposed changes, the publisher sends an RPC error response of the proposed changes, the publisher sends an RPC error response
(e). The following is an example RPC error response for (e) which (e). The following is an example RPC error response for (e) which
includes a hint. This hint is an alternative time period value which includes a hint. This hint is an alternative time period value which
might have resulted in a successful modification: might have resulted in a successful modification:
HTTP status code - 406 HTTP status code - 406
skipping to change at page 20, line 45 skipping to change at page 18, line 44
"error-info": { "error-info": {
"ietf-yang-push": "ietf-yang-push":
"modify-subscription-datastore-error-info": { "modify-subscription-datastore-error-info": {
"period-hint": "3000" "period-hint": "3000"
} }
} }
] ]
} }
} }
Figure 10: Modify subscription failure with Hint (e) Figure 9: Modify subscription failure with Hint (e)
A.1.3. Deleting Dynamic Subscriptions A.1.3. Deleting Dynamic Subscriptions
The following demonstrates deleting a subscription. This The following demonstrates deleting a subscription. This
subscription may have been to either a stream or a datastore. subscription may have been to either a stream or a datastore.
POST /restconf/operations/subscriptions:delete-subscription POST /restconf/operations/subscriptions:delete-subscription
{ {
"delete-subscription": { "delete-subscription": {
"id": "22" "id": "22"
} }
} }
Figure 11: Delete subscription Figure 10: Delete subscription
If the publisher can satisfy the request, the publisher replies with If the publisher can satisfy the request, the publisher replies with
success to the RPC request. success to the RPC request.
If the publisher cannot satisfy the request, the publisher sends an If the publisher cannot satisfy the request, the publisher sends an
error-rpc element indicating the modification didn't work. Figure 12 error-rpc element indicating the modification didn't work. Figure 11
shows a valid response for existing valid subscription identifier, shows a valid response for existing valid subscription identifier,
but that subscription identifier was created on a different transport but that subscription identifier was created on a different transport
session: session:
HTTP status code - 406 HTTP status code - 406
{ {
"ietf-restconf:errors" : { "ietf-restconf:errors" : {
"error" : [ "error" : [
"error-type": "application", "error-type": "application",
"error-tag": "operation-failed", "error-tag": "operation-failed",
"error-severity": "error", "error-severity": "error",
"error-app-tag": "error-app-tag":
"ietf-subscribed-notifications:no-such-subscription" "ietf-subscribed-notifications:no-such-subscription"
] ]
} }
} }
Figure 12: Unsuccessful delete subscription Figure 11: Unsuccessful delete subscription
A.2. Subscription State Notifications A.2. Subscription State Notifications
A publisher will send subscription state notifications according to A publisher will send subscription state notifications according to
the definitions within the definitions within
[I-D.draft-ietf-netconf-subscribed-notifications]). [I-D.draft-ietf-netconf-subscribed-notifications]).
A.2.1. subscription-started and subscription-modified A.2.1. subscription-modified
A "subscription-started" encoded in JSON would look like: A "subscription-modified" encoded in JSON would look like:
{ {
"ietf-restconf:notification" : { "ietf-restconf:notification" : {
"eventTime": "2007-09-01T10:00:00Z", "eventTime": "2007-09-01T10:00:00Z",
"ietf-subscribed-notifications:subscription-started": { "ietf-subscribed-notifications:subscription-modified": {
"id": "39", "id": "39",
"transport": "HTTP2", "transport": "RESTCONF",
"stream-xpath-filter": "/ex:foo", "stream-xpath-filter": "/ex:foo",
"stream": { "stream": {
"ietf-netconf-subscribed-notifications" : "NETCONF" "ietf-netconf-subscribed-notifications" : "NETCONF"
} }
} }
} }
} }
Figure 13: subscription-started subscription state notification Figure 12: subscription-modified subscription state notification
The "subscription-modified" is identical to Figure 13, with just the
word "started" being replaced by "modified".
A.2.2. subscription-completed, subscription-resumed, and replay- A.2.2. subscription-completed, subscription-resumed, and replay-
complete complete
A "subscription-completed" would look like: A "subscription-completed" would look like:
{ {
"ietf-restconf:notification" : { "ietf-restconf:notification" : {
"eventTime": "2007-09-01T10:00:00Z", "eventTime": "2007-09-01T10:00:00Z",
"ietf-subscribed-notifications:subscription-completed": { "ietf-subscribed-notifications:subscription-completed": {
"id": "39", "id": "39",
} }
} }
} }
Figure 14: subscription-completed notification in JSON Figure 13: subscription-completed notification in JSON
The "subscription-resumed" and "replay-complete" are virtually The "subscription-resumed" and "replay-complete" are virtually
identical, with "subscription-completed" simply being replaced by identical, with "subscription-completed" simply being replaced by
"subscription-resumed" and "replay-complete". "subscription-resumed" and "replay-complete".
A.2.3. subscription-terminated and subscription-suspended A.2.3. subscription-terminated and subscription-suspended
A "subscription-terminated" would look like: A "subscription-terminated" would look like:
{ {
"ietf-restconf:notification" : { "ietf-restconf:notification" : {
"eventTime": "2007-09-01T10:00:00Z", "eventTime": "2007-09-01T10:00:00Z",
"ietf-subscribed-notifications:subscription-terminated": { "ietf-subscribed-notifications:subscription-terminated": {
"id": "39", "id": "39",
"error-id": "suspension-timeout" "error-id": "suspension-timeout"
} }
} }
} }
Figure 15: subscription-terminated subscription state notification Figure 14: subscription-terminated subscription state notification
The "subscription-suspended" is virtually identical, with The "subscription-suspended" is virtually identical, with
"subscription-terminated" simply being replaced by "subscription- "subscription-terminated" simply being replaced by "subscription-
suspended". suspended".
A.3. Filter Example
This section provides an example which illustrate the method of
filtering event record contents. The example is based on the YANG
notification "vrrp-protocol-error-event" as defined per the ietf-
vrrp.yang module within [RFC8347]. Event records based on this
specification which are generated by the publisher might appear as:
data: {
data: "ietf-restconf:notification" : {
data: "eventTime" : "2018-09-14T08:22:33.44Z",
data: "ietf-vrrp:vrrp-protocol-error-event" : {
data: "protocol-error-reason" : "checksum-error"
data: }
data: }
data: }
Figure 15: RFC 8347 (VRRP) - Example Notification
Suppose a subscriber wanted to establish a subscription which only
passes instances of event records where there is a "checksum-error"
as part of a VRRP protocol event. Also assume the publisher places
such event records into the NETCONF stream. To get a continuous
series of matching event records, the subscriber might request the
application of an XPath filter against the NETCONF stream. An
"establish-subscription" RPC to meet this objective might be:
POST /restconf/operations/subscriptions:establish-subscription
{
"ietf-subscribed-notifications:input": {
"stream": "NETCONF",
"stream-xpath-filter": "/ietf-vrrp:vrrp-protocol-error-event[protocol-error-reason='checksum-error']/",
}
}
Figure 16: Establishing a subscription error reason via XPATH
For more examples of xpath filters, see [XPATH].
Suppose the "establish-subscription" in Figure 16 was accepted. And
suppose later a subscriber decided they wanted to broaden this
subscription cover to all VRRP protocol events (i.e., not just those
with a "checksum error"). The subscriber might attempt to modify the
subscription in a way which replaces the XPath filter with a subtree
filter which sends all VRRP protocol events to a subscriber. Such a
"modify-subscription" RPC might look like:
POST /restconf/operations/subscriptions:modify-subscription
{
"ietf-subscribed-notifications:input": {
"stream": "NETCONF",
"stream-subtree-filter": "/ietf-vrrp:vrrp-protocol-error-event/",
}
}
Figure 17
For more examples of subtree filters, see [RFC6241], section 6.4.
Appendix B. Changes between revisions Appendix B. Changes between revisions
(To be removed by RFC editor prior to publication) (To be removed by RFC editor prior to publication)
v07 - v08
o Aligned with RESTCONF mechanism.
o YANG model: removed augment of subscription-started, added
restconf transport.
o Tweaked Appendix A.1 to match draft-ietf-netconf-netconf-event-
notifications-13.
o Added Appendix A.3 for filter example.
v06 - v07 v06 - v07
o Removed configured subscriptions. o Removed configured subscriptions.
o Subscription identifier renamed to id. o Subscription identifier renamed to id.
v05 - v06 v05 - v06
o JSON examples updated by Reshad. o JSON examples updated by Reshad.
 End of changes. 67 change blocks. 
218 lines changed or deleted 226 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/