< draft-ietf-netconf-restconf-notif-13.txt   draft-ietf-netconf-restconf-notif-14.txt >
NETCONF E. Voit NETCONF E. Voit
Internet-Draft R. Rahman Internet-Draft R. Rahman
Intended status: Standards Track E. Nilsen-Nygaard Intended status: Standards Track E. Nilsen-Nygaard
Expires: August 18, 2019 Cisco Systems Expires: December 12, 2019 Cisco Systems
A. Clemm A. Clemm
Huawei Huawei
A. Bierman A. Bierman
YumaWorks YumaWorks
February 14, 2019 June 10, 2019
Dynamic subscription to YANG Events and Datastores over RESTCONF Dynamic subscription to YANG Events and Datastores over RESTCONF
draft-ietf-netconf-restconf-notif-13 draft-ietf-netconf-restconf-notif-14
Abstract Abstract
This document provides a RESTCONF binding to the dynamic subscription This document provides a RESTCONF binding to the dynamic subscription
capability of both subscribed notifications and YANG-Push. capability of both subscribed notifications and YANG-Push.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
skipping to change at page 1, line 36 skipping to change at page 1, line 36
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 18, 2019. This Internet-Draft will expire on December 12, 2019.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 15 skipping to change at page 2, line 15
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Dynamic Subscriptions . . . . . . . . . . . . . . . . . . . . 3 3. Dynamic Subscriptions . . . . . . . . . . . . . . . . . . . . 3
3.1. Transport Connectivity . . . . . . . . . . . . . . . . . 4 3.1. Transport Connectivity . . . . . . . . . . . . . . . . . 4
3.2. Discovery . . . . . . . . . . . . . . . . . . . . . . . . 4 3.2. Discovery . . . . . . . . . . . . . . . . . . . . . . . . 4
3.3. RESTCONF RPCs and HTTP Status Codes . . . . . . . . . . . 4 3.3. RESTCONF RPCs and HTTP Status Codes . . . . . . . . . . . 4
3.4. Call Flow for Server-Sent Events (SSE) . . . . . . . . . 7 3.4. Call Flow for Server-Sent Events . . . . . . . . . . . . 7
4. QoS Treatment . . . . . . . . . . . . . . . . . . . . . . . . 9 4. QoS Treatment . . . . . . . . . . . . . . . . . . . . . . . . 9
5. Notification Messages . . . . . . . . . . . . . . . . . . . . 10 5. Notification Messages . . . . . . . . . . . . . . . . . . . . 10
6. YANG Tree . . . . . . . . . . . . . . . . . . . . . . . . . . 10 6. YANG Tree . . . . . . . . . . . . . . . . . . . . . . . . . . 10
7. YANG module . . . . . . . . . . . . . . . . . . . . . . . . . 10 7. YANG module . . . . . . . . . . . . . . . . . . . . . . . . . 10
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12
9. Security Considerations . . . . . . . . . . . . . . . . . . . 12 9. Security Considerations . . . . . . . . . . . . . . . . . . . 12
10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 13 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 13
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 13 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 13
11.1. Normative References . . . . . . . . . . . . . . . . . . 13 11.1. Normative References . . . . . . . . . . . . . . . . . . 13
11.2. Informative References . . . . . . . . . . . . . . . . . 15 11.2. Informative References . . . . . . . . . . . . . . . . . 15
Appendix A. Examples . . . . . . . . . . . . . . . . . . . . . . 15 Appendix A. Examples . . . . . . . . . . . . . . . . . . . . . . 16
A.1. Dynamic Subscriptions . . . . . . . . . . . . . . . . . . 16 A.1. Dynamic Subscriptions . . . . . . . . . . . . . . . . . . 16
A.1.1. Establishing Dynamic Subscriptions . . . . . . . . . 16 A.1.1. Establishing Dynamic Subscriptions . . . . . . . . . 16
A.1.2. Modifying Dynamic Subscriptions . . . . . . . . . . . 18 A.1.2. Modifying Dynamic Subscriptions . . . . . . . . . . . 19
A.1.3. Deleting Dynamic Subscriptions . . . . . . . . . . . 20 A.1.3. Deleting Dynamic Subscriptions . . . . . . . . . . . 21
A.2. Subscription State Notifications . . . . . . . . . . . . 21 A.2. Subscription State Notifications . . . . . . . . . . . . 21
A.2.1. subscription-modified . . . . . . . . . . . . . . . . 21 A.2.1. subscription-modified . . . . . . . . . . . . . . . . 22
A.2.2. subscription-completed, subscription-resumed, and A.2.2. subscription-completed, subscription-resumed, and
replay-complete . . . . . . . . . . . . . . . . . . . 22 replay-complete . . . . . . . . . . . . . . . . . . . 22
A.2.3. subscription-terminated and subscription-suspended . 22 A.2.3. subscription-terminated and subscription-suspended . 22
A.3. Filter Example . . . . . . . . . . . . . . . . . . . . . 22 A.3. Filter Example . . . . . . . . . . . . . . . . . . . . . 23
Appendix B. Changes between revisions . . . . . . . . . . . . . 24 Appendix B. Changes between revisions . . . . . . . . . . . . . 24
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 27 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 27
1. Introduction 1. Introduction
Mechanisms to support event subscription and push are defined in Mechanisms to support event subscription and push are defined in
[I-D.draft-ietf-netconf-subscribed-notifications]. Enhancements to [I-D.draft-ietf-netconf-subscribed-notifications]. Enhancements to
[I-D.draft-ietf-netconf-subscribed-notifications] which enable YANG [I-D.draft-ietf-netconf-subscribed-notifications] which enable YANG
datastore subscription and push are defined in datastore subscription and push are defined in
[I-D.ietf-netconf-yang-push]. This document provides a transport [I-D.ietf-netconf-yang-push]. This document provides a transport
specification for dynamic subscriptions over RESTCONF [RFC8040]. specification for dynamic subscriptions over RESTCONF [RFC8040].
Driving these requirements is [RFC7923]. Requirements for these mechanisms are captured in [RFC7923].
The streaming of notifications encapsulating the resulting The streaming of notifications encapsulating the resulting
information push is done via the mechanism described in section 6.3 information push is done via the mechanism described in section 6.3
of [RFC8040]. of [RFC8040].
2. Terminology 2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
document are to be interpreted as described in RFC 2119 [RFC2119]. "OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
The following terms use the definitions from The following terms use the definitions from
[I-D.draft-ietf-netconf-subscribed-notifications]: dynamic [I-D.draft-ietf-netconf-subscribed-notifications]: dynamic
subscription, event stream, notification message, publisher, subscription, event stream, notification message, publisher,
receiver, subscriber, and subscription. receiver, subscriber, and subscription.
Other terms reused include datastore, which is defined in [RFC8342], Other terms reused include datastore, which is defined in [RFC8342],
and HTTP2 stream which maps to the definition of "stream" within and HTTP2 stream which maps to the definition of "stream" within
[RFC7540], Section 2. [RFC7540], Section 2.
[ note to the RFC Editor - please replace XXXX within this document [ note to the RFC Editor - please replace XXXX within this document
with the number of this document ] with the number of this document ]
3. Dynamic Subscriptions 3. Dynamic Subscriptions
This section provides specifics on how to establish and maintain This section provides specifics on how to establish and maintain
dynamic subscriptions over RESTCONF [RFC8040]. Subscribing to event dynamic subscriptions over RESTCONF [RFC8040]. Subscribing to event
streams is accomplished in this way via RPCs defined within streams is accomplished in this way via RPCs defined within
[I-D.draft-ietf-netconf-subscribed-notifications] Section 2.4, the [I-D.draft-ietf-netconf-subscribed-notifications] Section 2.4. The
RPCs are done via RESTCONF POSTs. YANG datastore subscription is RPCs are done via RESTCONF POSTs. YANG datastore subscription is
accomplished via augmentations to accomplished via augmentations to
[I-D.draft-ietf-netconf-subscribed-notifications] as described within [I-D.draft-ietf-netconf-subscribed-notifications] as described within
[I-D.ietf-netconf-yang-push] Section 4.4. [I-D.ietf-netconf-yang-push] Section 4.4.
As described in [RFC8040] Section 6.3, a GET needs to be made against As described in [RFC8040] Section 6.3, a GET needs to be made against
a specific URI on the publisher. Subscribers cannot pre-determine a specific URI on the publisher. Subscribers cannot pre-determine
the URI against which a subscription might exist on a publisher, as the URI against which a subscription might exist on a publisher, as
the URI will only exist after the "establish-subscription" RPC has the URI will only exist after the "establish-subscription" RPC has
been accepted. Therefore, the POST for the "establish-subscription" been accepted. Therefore, the POST for the "establish-subscription"
skipping to change at page 4, line 11 skipping to change at page 4, line 11
does not move to the active state as per Section 2.4.1. of does not move to the active state as per Section 2.4.1. of
[I-D.draft-ietf-netconf-subscribed-notifications] until the GET is [I-D.draft-ietf-netconf-subscribed-notifications] until the GET is
received. received.
3.1. Transport Connectivity 3.1. Transport Connectivity
For a dynamic subscription, where a RESTCONF session doesn't already For a dynamic subscription, where a RESTCONF session doesn't already
exist, a new RESTCONF session is initiated from the subscriber. exist, a new RESTCONF session is initiated from the subscriber.
As stated in Section 2.1 of [RFC8040], a subscriber MUST establish As stated in Section 2.1 of [RFC8040], a subscriber MUST establish
the HTTP session over TLS [RFC5246] in order to secure the content in the HTTP session over TLS [RFC8446] in order to secure the content in
transit. transit.
Without the involvement of additional protocols, HTTP sessions by Without the involvement of additional protocols, HTTP sessions by
themselves do not allow for a quick recognition of when the themselves do not allow for a quick recognition of when the
communication path has been lost with the publisher. Where quick communication path has been lost with the publisher. Where quick
recognition of the loss of a publisher is required, a subscriber recognition of the loss of a publisher is required, a subscriber
SHOULD use a TLS heartbeat [RFC6520], just from receiver to SHOULD use a TLS heartbeat [RFC6520], just from subscriber to
publisher, to track HTTP session continuity. publisher, to track HTTP session continuity.
Loss of the heartbeat MUST result in any subscription related TCP Loss of the heartbeat MUST result in any subscription related TCP
sessions between those endpoints being torn down. A subscriber can sessions between those endpoints being torn down. A subscriber can
then attempt to re-establish the dynamic subscription by using the then attempt to re-establish the dynamic subscription by using the
procedure described in Section 3. procedure described in Section 3.4.
3.2. Discovery 3.2. Discovery
Subscribers can learn what event streams a RESTCONF server supports Subscribers can learn what event streams a RESTCONF server supports
by querying the "streams" container of ietf-subscribed- by querying the "streams" container of ietf-subscribed-
notification.yang in notification.yang in
[I-D.draft-ietf-netconf-subscribed-notifications]. Support for the [I-D.draft-ietf-netconf-subscribed-notifications]. Support for the
"streams" container of ietf-restconf-monitoring.yang in [RFC8040] is "streams" container of ietf-restconf-monitoring.yang in [RFC8040] is
not required. If it is supported, the event streams which are in the not required. In the case when the RESTCONF binding specified by
"streams" container of ietf-subscribed-notifications.yang SHOULD also this document is used to convey the "streams" container from ietf-
be in the "streams" container of ietf-restconf-monitoring.yang. restconf-monitoring.yang (i.e., that feature is supported), any event
streams contained therein are also expected to be present in the
"streams" container of ietf-restconf-monitoring.yang.
Subscribers can learn what datastores a RESTCONF server supports by Subscribers can learn what datastores a RESTCONF server supports by
following Section 2 of [I-D.draft-ietf-netconf-nmda-restconf]. following Section 2 of [I-D.draft-ietf-netconf-nmda-restconf].
3.3. RESTCONF RPCs and HTTP Status Codes 3.3. RESTCONF RPCs and HTTP Status Codes
Specific HTTP responses codes as defined in [RFC7231] section 6 will Specific HTTP responses codes as defined in [RFC7231] section 6 will
indicate the result of RESTCONF RPC requests with publisher. An HTTP indicate the result of RESTCONF RPC requests with the publisher. An
status code of 200 is the proper response to any successful RPC HTTP status code of 200 is the proper response to any successful RPC
defined within [I-D.draft-ietf-netconf-subscribed-notifications] or defined within [I-D.draft-ietf-netconf-subscribed-notifications] or
[I-D.ietf-netconf-yang-push]. [I-D.ietf-netconf-yang-push].
If a publisher fails to serve the RPC request for one of the reasons If a publisher fails to serve the RPC request for one of the reasons
indicated in [I-D.draft-ietf-netconf-subscribed-notifications] indicated in [I-D.draft-ietf-netconf-subscribed-notifications]
Section 2.4.6 or [I-D.ietf-netconf-yang-push] Appendix A, this will Section 2.4.6 or [I-D.ietf-netconf-yang-push] Appendix A, this will
be indicated by "406" status code transported in the HTTP response. be indicated by an appropriate error code, as shown below,
transported in the HTTP response.
When a "406" status code is returned, the RPC reply MUST include an When an HTTP error code is returned, the RPC reply MUST include an
"rpc-error" element per [RFC8040] Section 7.1 with the following "rpc-error" element per [RFC8040] Section 7.1 with the following
parameter values: parameter values:
o an "error-type" node of "application". o an "error-type" node of "application".
o an "error-tag" node with the value being a string that corresponds o an "error-tag" node with the value being a string that corresponds
to an identity associated with the error. This "error-tag" will to an identity associated with the error. This "error-tag" will
come from one of two places. Either it will correspond to the come from one of two places. Either it will correspond to the
error identities within error identities within
[I-D.draft-ietf-netconf-subscribed-notifications] section 2.4.6 [I-D.draft-ietf-netconf-subscribed-notifications] section 2.4.6
for general subscription errors: for general subscription errors:
error identity uses error-tag error identity uses error-tag HTTP Code
---------------------- -------------- ---------------------- -------------- ---------
dscp-unavailable invalid-value dscp-unavailable invalid-value 400
encoding-unsupported invalid-value encoding-unsupported invalid-value 400
filter-unsupported invalid-value filter-unsupported invalid-value 400
insufficient-resources resource-denied insufficient-resources resource-denied 409
no-such-subscription invalid-value no-such-subscription invalid-value 404
replay-unsupported operation-not-supported replay-unsupported operation-not-supported 501
Or this "error-tag" will correspond to the error identities within Or this "error-tag" will correspond to the error identities within
[I-D.ietf-netconf-yang-push] Appendix A.1 for subscription errors [I-D.ietf-netconf-yang-push] Appendix A.1 for subscription errors
specific to YANG datastores: specific to YANG datastores:
error identity uses error-tag error identity uses error-tag HTTP Code
---------------------- -------------- ---------------------- -------------- ---------
cant-exclude operation-not-supported cant-exclude operation-not-supported 501
datastore-not-subscribable invalid-value datastore-not-subscribable invalid-value 400
no-such-subscription-resync invalid-value no-such-subscription-resync invalid-value 404
on-change-unsupported operation-not-supported on-change-unsupported operation-not-supported 501
on-change-sync-unsupported operation-not-supported on-change-sync-unsupported operation-not-supported 501
period-unsupported invalid-value period-unsupported invalid-value 400
update-too-big too-big update-too-big too-big 400
sync-too-big too-big sync-too-big too-big 400
unchanging-selection operation-failed unchanging-selection operation-failed 500
o an "error-app-tag" node with the value being a string that o an "error-app-tag" node with the value being a string that
corresponds to an identity associated with the error, as defined corresponds to an identity associated with the error, as defined
in [I-D.draft-ietf-netconf-subscribed-notifications] section 2.4.6 in [I-D.draft-ietf-netconf-subscribed-notifications] section 2.4.6
for general subscriptions, and [I-D.ietf-netconf-yang-push] for general subscriptions, and [I-D.ietf-netconf-yang-push]
Appendix A.1, for datastore subscriptions. The tag to use depends Appendix A.1, for datastore subscriptions. The tag to use depends
on the RPC for which the error occurred. Viable errors for on the RPC for which the error occurred. Viable errors for
different RPCs are as follows: different RPCs are as follows:
RPC select an identity with a base RPC select an identity with a base
skipping to change at page 6, line 35 skipping to change at page 6, line 35
---------------------- ------------------------------------ ---------------------- ------------------------------------
target: event stream establish-subscription-stream-error-info target: event stream establish-subscription-stream-error-info
target: datastore establish-subscription-datastore-error-info target: datastore establish-subscription-datastore-error-info
modify-subscription returns hints in yang-data structure modify-subscription returns hints in yang-data structure
---------------------- ------------------------------------ ---------------------- ------------------------------------
target: event stream modify-subscription-stream-error-info target: event stream modify-subscription-stream-error-info
target: datastore modify-subscription-datastore-error-info target: datastore modify-subscription-datastore-error-info
The yang-data included within "error-info" SHOULD NOT include the The yang-data included within "error-info" SHOULD NOT include the
optional leaf "error-reason", as such a leaf would be redundant optional leaf "reason", as such a leaf would be redundant
with information that is already placed within the with information that is already placed within the
"error-app-tag". "error-app-tag".
In case of an rpc error as a result of a "delete-subscription", a In case of an rpc error as a result of a "delete-subscription", a
"kill-subscription", or a "resync-subscription" request, no "kill-subscription", or a "resync-subscription" request, no
"error-info" needs to be included, as the "subscription-id" is "error-info" needs to be included, as the "subscription-id" is
the only RPC input parameter and no hints regarding this RPC input the only RPC input parameter and no hints regarding this RPC input
parameters need to be provided. parameters need to be provided.
Note that "error-path" [RFC8040] does not need to be included with Note that "error-path" [RFC8040] does not need to be included with
the "rpc-error" element, as subscription errors are generally the "rpc-error" element, as subscription errors are generally
associated with the choice of RPC input parameters. associated with the choice of RPC input parameters.
3.4. Call Flow for Server-Sent Events (SSE) 3.4. Call Flow for Server-Sent Events
The call flow is defined in Figure 1. The logical connections The call flow for Server-Sent Events (SSE) is defined in Figure 1.
denoted by (a) and (b) can be a TCP connection or an HTTP2 stream The logical connections denoted by (a) and (b) can be a TCP
(multiple HTTP2 streams can be carried in one TCP connection). connection or an HTTP2 stream (multiple HTTP2 streams can be carried
Requests to [I-D.draft-ietf-netconf-subscribed-notifications] or in one TCP connection). Requests to
[I-D.draft-ietf-netconf-subscribed-notifications] or
[I-D.ietf-netconf-yang-push] augmented RPCs are sent on a connection [I-D.ietf-netconf-yang-push] augmented RPCs are sent on a connection
indicated by (a). A successful "establish-subscription" will result indicated by (a). A successful "establish-subscription" will result
in an RPC response returned with both a subscription identifier which in an RPC response returned with both a subscription identifier which
uniquely identifies a subscription, as well as a URI which uniquely uniquely identifies a subscription, as well as a URI which uniquely
identifies the location of subscription on the publisher (b). This identifies the location of subscription on the publisher (b). This
URI is defined via the "uri" leaf the Data Model in Section 7. URI is defined via the "uri" leaf the Data Model in Section 7.
An HTTP GET is then sent on a separate logical connection (b) to the An HTTP GET is then sent on a separate logical connection (b) to the
URI on the publisher. This initiates the publisher to initiate the URI on the publisher. This signals the publisher to initiate the
flow of notification messages which are sent in SSE [W3C-20150203] as flow of notification messages which are sent in SSE [W3C-20150203] as
a response to the GET. a response to the GET. There can not be 2 or more simultaneous GET
requests on a subscription URI: any GET request received while there
is a current GET request on the same URI MUST be rejected with HTTP
error code 409.
As described in [RFC8040] Section 6.4, RESTCONF servers SHOULD NOT
send the "event" or "id" fields in the SSE event notifications.
+--------------+ +--------------+ +--------------+ +--------------+
| Subscriber | | Publisher | | Subscriber | | Publisher |
| | | | | | | |
| Logical | | Logical | | Logical | | Logical |
| Connection | | Connection | | Connection | | Connection |
| (a) (b) | | (a) (b) | | (a) (b) | | (a) (b) |
+--------------+ +--------------+ +--------------+ +--------------+
| RESTCONF POST (RPC:establish-subscription) | | RESTCONF POST (RPC:establish-subscription) |
|--------------------------------------------->| |--------------------------------------------->|
skipping to change at page 9, line 4 skipping to change at page 8, line 52
o All subscription state notifications from a publisher MUST be o All subscription state notifications from a publisher MUST be
returned in a separate SSE message used by the subscription to returned in a separate SSE message used by the subscription to
which the state change refers. which the state change refers.
o Subscription RPCs MUST NOT use the connection currently providing o Subscription RPCs MUST NOT use the connection currently providing
notification messages for that subscription. notification messages for that subscription.
o In addition to an RPC response for a "modify-subscription" RPC o In addition to an RPC response for a "modify-subscription" RPC
traveling over (a), a "subscription-modified" state change traveling over (a), a "subscription-modified" state change
notification MUST be sent within (b). This allows the receiver to notification MUST be sent within (b). This allows the receiver to
know exactly when the new terms of the subscription have been know exactly when, within the stream of events, the new terms of
applied to the notification messages. See arrow (c). the subscription have been applied to the notification messages.
See arrow (c).
o In addition to any required access permissions (e.g., NACM), RPCs o In addition to any required access permissions (e.g., NACM), RPCs
modify-subscription, resync-subscription and delete-subscription modify-subscription, resync-subscription and delete-subscription
SHOULD only be allowed by the same RESTCONF username [RFC8040] SHOULD only be allowed by the same RESTCONF username [RFC8040]
which invoked establish-subscription. which invoked establish-subscription. Such a restriction
generally serves to preserve users' privacy, but exceptions might
be made for administrators that may need to modify or delete other
users' subscriptions.
o The kill-subscription RPC can be invoked by any RESTCONF username o The kill-subscription RPC can be invoked by any RESTCONF username
with the required administrative permissions. with the required administrative permissions.
A publisher MUST terminate a subscription in the following cases: A publisher MUST terminate a subscription in the following cases:
o Receipt of a "delete-subscription" or a "kill-subscription" RPC o Receipt of a "delete-subscription" or a "kill-subscription" RPC
for that subscription. for that subscription.
o Loss of TLS heartbeat o Loss of TLS heartbeat
A publisher MAY terminate a subscription at any time as stated in A publisher MAY terminate a subscription at any time as stated in
[I-D.draft-ietf-netconf-subscribed-notifications] Section 1.3 [I-D.draft-ietf-netconf-subscribed-notifications] Section 1.3
4. QoS Treatment 4. QoS Treatment
To meet subscription quality of service promises, the publisher MUST Qos treatment for event streams is described in
take any existing subscription "dscp" and apply it to the DSCP [I-D.draft-ietf-netconf-subscribed-notifications] Section 2.3. In
marking in the IP header. addition, where HTTP2 transport is available to a notification
In addition, where HTTP2 transport is available to a notification
message queued for transport to a receiver, the publisher MUST: message queued for transport to a receiver, the publisher MUST:
o take any existing subscription "priority", as specified by the o take the "weighting" leaf node in
"weighting" leaf node in
[I-D.draft-ietf-netconf-subscribed-notifications], and copy it [I-D.draft-ietf-netconf-subscribed-notifications], and copy it
into the HTTP2 stream weight, [RFC7540] section 5.3, and into the HTTP2 stream weight, [RFC7540] section 5.3, and
o take any existing subscription "dependency", as specified by the o take any existing subscription "dependency", as specified by the
"dependency" leaf node in "dependency" leaf node in
[I-D.draft-ietf-netconf-subscribed-notifications], and use the [I-D.draft-ietf-netconf-subscribed-notifications], and use the
HTTP2 stream for the parent subscription as the HTTP2 stream HTTP2 stream for the parent subscription as the HTTP2 stream
dependency, [RFC7540] section 5.3.1, of the dependent dependency, [RFC7540] section 5.3.1, of the dependent
subscription. subscription.
o set the exclusive flag, [RFC7540] section 5.3.1, to 0. o set the exclusive flag, [RFC7540] section 5.3.1, to 0.
For dynamic subscriptions with the same DSCP value to a specific
publisher, it is recommended that the subscriber sends all URI GET
requests on a common HTTP2 session. Conversely, a subscriber can not
use a common HTTP2 session for subscriptions with different DSCP
values.
5. Notification Messages 5. Notification Messages
Notification messages transported over RESTCONF will be encoded Notification messages transported over RESTCONF will be encoded
according to [RFC8040], section 6.4. according to [RFC8040], section 6.4.
6. YANG Tree 6. YANG Tree
The YANG model defined in Section 7 has one leaf augmented into three The YANG model defined in Section 7 has one leaf augmented into three
places of [I-D.draft-ietf-netconf-subscribed-notifications]. places of [I-D.draft-ietf-netconf-subscribed-notifications].
skipping to change at page 12, line 47 skipping to change at page 12, line 51
Reference: RFC XXXX: RESTCONF Transport for Event Notifications Reference: RFC XXXX: RESTCONF Transport for Event Notifications
9. Security Considerations 9. Security Considerations
The YANG module specified in this document defines a schema for data The YANG module specified in this document defines a schema for data
that is designed to be accessed via network management transports that is designed to be accessed via network management transports
such as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF such as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF
layer is the secure transport layer, and the mandatory-to-implement layer is the secure transport layer, and the mandatory-to-implement
secure transport is Secure Shell (SSH) [RFC6242]. The lowest secure transport is Secure Shell (SSH) [RFC6242]. The lowest
RESTCONF layer is HTTPS, and the mandatory-to-implement secure RESTCONF layer is HTTPS, and the mandatory-to-implement secure
transport is TLS [RFC5246]. transport is TLS [RFC8446].
The one new data node introduced in this YANG module may be The one new data node introduced in this YANG module may be
considered sensitive or vulnerable in some network environments. It considered sensitive or vulnerable in some network environments. It
is thus important to control read access (e.g., via get, get-config, is thus important to control read access (e.g., via get, get-config,
or notification) to this data nodes. These are the subtrees and data or notification) to this data nodes. These are the subtrees and data
nodes and their sensitivity/vulnerability: nodes and their sensitivity/vulnerability:
Container: "/subscriptions" Container: "/subscriptions"
o "uri": leaf will show where subscribed resources might be located o "uri": leaf will show where subscribed resources might be located
on a publisher. Access control must be set so that only someone on a publisher. Access control must be set so that only someone
with proper access permissions, and perhaps even HTTP session has with proper access permissions, i.e., the same RESTCONF [RFC8040]
the ability to access this resource. user credentials which invoked the corresponding "establish-
subscription", has the ability to access this resource.
The subscription URI is implementation specific and is encrypted via The subscription URI is implementation specific and is encrypted via
the use of TLS. Therefore, even if an attacker succeeds in guessing the use of TLS. Therefore, even if an attacker succeeds in guessing
the subscription URI, a RESTCONF username [RFC8040] with the required the subscription URI, a RESTCONF username [RFC8040] with the required
administrative permissions must be used to be able to access or administrative permissions must be used to be able to access or
modify that subscription. modify that subscription. It is recommended that the subscription
URI values not be easily predictable.
The access permission considerations for the RPCs modify-
subscription, resync-subscription, delete-subscription and kill-
subscription are described in Section 3.4.
If a buggy or compromised RESTCONF subscriber sends a number of
"establish-subscription" requests, then these subscriptions
accumulate and may use up system resources. In such a situation, the
publisher MAY also suspend or terminate a subset of the active
subscriptions from that RESTCONF subscriber in order to reclaim
resources and preserve normal operation for the other subscriptions.
10. Acknowledgments 10. Acknowledgments
We wish to acknowledge the helpful contributions, comments, and We wish to acknowledge the helpful contributions, comments, and
suggestions that were received from: Ambika Prasad Tripathy, Alberto suggestions that were received from: Ambika Prasad Tripathy, Alberto
Gonzalez Prieto, Susan Hares, Tim Jenkins, Balazs Lengyel, Kent Gonzalez Prieto, Susan Hares, Tim Jenkins, Balazs Lengyel, Kent
Watsen, Michael Scharf, Guangying Zheng, Martin Bjorklund, Qin Wu and Watsen, Michael Scharf, Guangying Zheng, Martin Bjorklund, Qin Wu and
Robert Wilton. Robert Wilton.
11. References 11. References
skipping to change at page 14, line 9 skipping to change at page 14, line 28
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
DOI 10.17487/RFC3688, January 2004, DOI 10.17487/RFC3688, January 2004,
<https://www.rfc-editor.org/info/rfc3688>. <https://www.rfc-editor.org/info/rfc3688>.
[RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security
(TLS) Protocol Version 1.2", RFC 5246,
DOI 10.17487/RFC5246, August 2008,
<https://www.rfc-editor.org/info/rfc5246>.
[RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for
the Network Configuration Protocol (NETCONF)", RFC 6020, the Network Configuration Protocol (NETCONF)", RFC 6020,
DOI 10.17487/RFC6020, October 2010, DOI 10.17487/RFC6020, October 2010,
<https://www.rfc-editor.org/info/rfc6020>. <https://www.rfc-editor.org/info/rfc6020>.
[RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed.,
and A. Bierman, Ed., "Network Configuration Protocol and A. Bierman, Ed., "Network Configuration Protocol
(NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011,
<https://www.rfc-editor.org/info/rfc6241>. <https://www.rfc-editor.org/info/rfc6241>.
skipping to change at page 14, line 43 skipping to change at page 15, line 9
[RFC7540] Belshe, M., Peon, R., and M. Thomson, Ed., "Hypertext [RFC7540] Belshe, M., Peon, R., and M. Thomson, Ed., "Hypertext
Transfer Protocol Version 2 (HTTP/2)", RFC 7540, Transfer Protocol Version 2 (HTTP/2)", RFC 7540,
DOI 10.17487/RFC7540, May 2015, DOI 10.17487/RFC7540, May 2015,
<https://www.rfc-editor.org/info/rfc7540>. <https://www.rfc-editor.org/info/rfc7540>.
[RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF
Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017,
<https://www.rfc-editor.org/info/rfc8040>. <https://www.rfc-editor.org/info/rfc8040>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K.,
and R. Wilton, "Network Management Datastore Architecture and R. Wilton, "Network Management Datastore Architecture
(NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018,
<https://www.rfc-editor.org/info/rfc8342>. <https://www.rfc-editor.org/info/rfc8342>.
[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
<https://www.rfc-editor.org/info/rfc8446>.
[W3C-20150203] [W3C-20150203]
"Server-Sent Events, World Wide Web Consortium CR CR- Hickson, I., "Server-Sent Events, World Wide Web
eventsource-20121211", February 2015, Consortium CR CR-eventsource-20121211", February 2015,
<https://www.w3.org/TR/2015/REC-eventsource-20150203/>. <https://www.w3.org/TR/2015/REC-eventsource-20150203/>.
11.2. Informative References 11.2. Informative References
[I-D.draft-ietf-netconf-netconf-event-notifications] [I-D.draft-ietf-netconf-netconf-event-notifications]
Clemm, Alexander., Voit, Eric., Gonzalez Prieto, Alberto., Clemm, Alexander., Voit, Eric., Gonzalez Prieto, Alberto.,
Nilsen-Nygaard, E., and A. Tripathy, "NETCONF support for Nilsen-Nygaard, E., and A. Tripathy, "NETCONF support for
event notifications", May 2018, event notifications", May 2018,
<https://datatracker.ietf.org/doc/ <https://datatracker.ietf.org/doc/
draft-ietf-netconf-netconf-event-notifications/>. draft-ietf-netconf-netconf-event-notifications/>.
skipping to change at page 15, line 31 skipping to change at page 16, line 5
[RFC7231] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer [RFC7231] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer
Protocol (HTTP/1.1): Semantics and Content", RFC 7231, Protocol (HTTP/1.1): Semantics and Content", RFC 7231,
DOI 10.17487/RFC7231, June 2014, DOI 10.17487/RFC7231, June 2014,
<https://www.rfc-editor.org/info/rfc7231>. <https://www.rfc-editor.org/info/rfc7231>.
[RFC7923] Voit, E., Clemm, A., and A. Gonzalez Prieto, "Requirements [RFC7923] Voit, E., Clemm, A., and A. Gonzalez Prieto, "Requirements
for Subscription to YANG Datastores", RFC 7923, for Subscription to YANG Datastores", RFC 7923,
DOI 10.17487/RFC7923, June 2016, DOI 10.17487/RFC7923, June 2016,
<https://www.rfc-editor.org/info/rfc7923>. <https://www.rfc-editor.org/info/rfc7923>.
[RFC7951] Lhotka, L., "JSON Encoding of Data Modeled with YANG",
RFC 7951, DOI 10.17487/RFC7951, August 2016,
<https://www.rfc-editor.org/info/rfc7951>.
[RFC8347] Liu, X., Ed., Kyparlis, A., Parikh, R., Lindem, A., and M. [RFC8347] Liu, X., Ed., Kyparlis, A., Parikh, R., Lindem, A., and M.
Zhang, "A YANG Data Model for the Virtual Router Zhang, "A YANG Data Model for the Virtual Router
Redundancy Protocol (VRRP)", RFC 8347, Redundancy Protocol (VRRP)", RFC 8347,
DOI 10.17487/RFC8347, March 2018, DOI 10.17487/RFC8347, March 2018,
<https://www.rfc-editor.org/info/rfc8347>. <https://www.rfc-editor.org/info/rfc8347>.
[XPATH] Clark, J. and S. DeRose, "XML Path Language (XPath) [XPATH] Clark, J. and S. DeRose, "XML Path Language (XPath)
Version 1.0", November 1999, Version 1.0", November 1999,
<http://www.w3.org/TR/1999/REC-xpath-19991116>. <http://www.w3.org/TR/1999/REC-xpath-19991116>.
Appendix A. Examples Appendix A. Examples
This section is non-normative. To allow easy comparison, this This section is non-normative. To allow easy comparison, this
section mirrors the functional examples shown with NETCONF over XML section mirrors the functional examples shown with NETCONF over XML
within [I-D.draft-ietf-netconf-netconf-event-notifications]. In within [I-D.draft-ietf-netconf-netconf-event-notifications]. In
addition, HTTP2 vs HTTP1.1 headers are not shown as the contents of addition, HTTP2 vs HTTP1.1 headers are not shown as the contents of
the JSON encoded objects are identical within. the JSON encoded objects are identical within.
The subscription URI values used in the examples in this section are
purely illustrative, and are not indicative of the expected usage
which is described in Section 9.
The DSCP values are only for example purposes and are all indicated
in decimal since the encoding is JSON [RFC7951].
A.1. Dynamic Subscriptions A.1. Dynamic Subscriptions
A.1.1. Establishing Dynamic Subscriptions A.1.1. Establishing Dynamic Subscriptions
The following figure shows two successful "establish-subscription" The following figure shows two successful "establish-subscription"
RPC requests as per RPC requests as per
[I-D.draft-ietf-netconf-subscribed-notifications]. The first request [I-D.draft-ietf-netconf-subscribed-notifications]. The first request
is given a subscription identifier of 22, the second, an identifier is given a subscription identifier of 22, the second, an identifier
of 23. of 23.
skipping to change at page 17, line 12 skipping to change at page 17, line 45
To provide examples of the information being transported, example To provide examples of the information being transported, example
messages for interactions in Figure 2 are detailed below: messages for interactions in Figure 2 are detailed below:
POST /restconf/operations POST /restconf/operations
/ietf-subscribed-notifications:establish-subscription /ietf-subscribed-notifications:establish-subscription
{ {
"ietf-subscribed-notifications:input": { "ietf-subscribed-notifications:input": {
"stream-xpath-filter": "/example-module:foo/", "stream-xpath-filter": "/example-module:foo/",
"stream": "NETCONF", "stream": "NETCONF",
"dscp": "10" "dscp": 10
} }
} }
Figure 3: establish-subscription request (a) Figure 3: establish-subscription request (a)
As publisher was able to fully satisfy the request, the publisher As publisher was able to fully satisfy the request, the publisher
sends the subscription identifier of the accepted subscription, and sends the subscription identifier of the accepted subscription, and
the URI: the URI:
HTTP status code - 200 HTTP status code - 200
{ {
"id": "22", "id": 22,
"uri": "https://example.com/restconf/subscriptions/22" "uri": "https://example.com/restconf/subscriptions/22"
} }
Figure 4: establish-subscription success (b) Figure 4: establish-subscription success (b)
Upon receipt of the successful response, the subscriber does a GET Upon receipt of the successful response, the subscriber does a GET
the provided URI to start the flow of notification messages. When the provided URI to start the flow of notification messages. When
the publisher receives this, the subscription is moved to the active the publisher receives this, the subscription is moved to the active
state (c). state (c).
skipping to change at page 18, line 5 skipping to change at page 18, line 34
Figure 5: establish-subscription subsequent POST Figure 5: establish-subscription subsequent POST
While not shown in Figure 2, if the publisher had not been able to While not shown in Figure 2, if the publisher had not been able to
fully satisfy the request, or subscriber has no authorization to fully satisfy the request, or subscriber has no authorization to
establish the subscription, the publisher would have sent an RPC establish the subscription, the publisher would have sent an RPC
error response. For instance, if the "dscp" value of 10 asserted by error response. For instance, if the "dscp" value of 10 asserted by
the subscriber in Figure 3 proved unacceptable, the publisher may the subscriber in Figure 3 proved unacceptable, the publisher may
have returned: have returned:
HTTP status code - 406 HTTP status code - 400
{ "ietf-restconf:errors" : { { "ietf-restconf:errors" : {
"error" : [ "error" : [
{ {
"error-type": "application", "error-type": "application",
"error-tag": "invalid-value", "error-tag": "invalid-value",
"error-severity": "error", "error-severity": "error",
"error-app-tag": "error-app-tag":
"ietf-subscribed-notifications:dscp-unavailable" "ietf-subscribed-notifications:dscp-unavailable"
} }
skipping to change at page 19, line 14 skipping to change at page 19, line 25
+------------+ +-----------+ +------------+ +-----------+
| Subscriber | | Publisher | | Subscriber | | Publisher |
+------------+ +-----------+ +------------+ +-----------+
| | | |
| notification message (id#23)| | notification message (id#23)|
|<-----------------------------| |<-----------------------------|
| | | |
|modify-subscription (id#23) | |modify-subscription (id#23) |
|----------------------------->| (d) |----------------------------->| (d)
| HTTP 406 error (with hint)| | HTTP 400 error (with hint)|
|<-----------------------------| (e) |<-----------------------------| (e)
| | | |
|modify-subscription (id#23) | |modify-subscription (id#23) |
|----------------------------->| |----------------------------->|
| HTTP 200 OK | | HTTP 200 OK |
|<-----------------------------| |<-----------------------------|
| | | |
| notif-mesg (id#23)| | notif-mesg (id#23)|
|<-----------------------------| |<-----------------------------|
| | | |
skipping to change at page 19, line 39 skipping to change at page 20, line 10
subscription as per [I-D.ietf-netconf-yang-push], the modification subscription as per [I-D.ietf-netconf-yang-push], the modification
request made in (d) may look like that shown in Figure 8. As can be request made in (d) may look like that shown in Figure 8. As can be
seen, the modifications being attempted are the application of a new seen, the modifications being attempted are the application of a new
xpath filter as well as the setting of a new periodic time interval. xpath filter as well as the setting of a new periodic time interval.
POST /restconf/operations POST /restconf/operations
/ietf-subscribed-notifications:modify-subscription /ietf-subscribed-notifications:modify-subscription
{ {
"ietf-subscribed-notifications:input": { "ietf-subscribed-notifications:input": {
"id": "23", "id": 23,
"ietf-yang-push:datastore-xpath-filter": "ietf-yang-push:datastore-xpath-filter":
"/example-module:foo/example-module:bar", "/example-module:foo/example-module:bar",
"ietf-yang-push:periodic": { "ietf-yang-push:periodic": {
"ietf-yang-push:period": "500" "ietf-yang-push:period": 500
} }
} }
} }
Figure 8: Subscription modification request (c) Figure 8: Subscription modification request (c)
If the publisher can satisfy both changes, the publisher sends a If the publisher can satisfy both changes, the publisher sends a
positive result for the RPC. If the publisher cannot satisfy either positive result for the RPC. If the publisher cannot satisfy either
of the proposed changes, the publisher sends an RPC error response of the proposed changes, the publisher sends an RPC error response
(e). The following is an example RPC error response for (e) which (e). The following is an example RPC error response for (e) which
includes a hint. This hint is an alternative time period value which includes a hint. This hint is an alternative time period value which
might have resulted in a successful modification: might have resulted in a successful modification:
HTTP status code - 406 HTTP status code - 400
{ "ietf-restconf:errors" : { { "ietf-restconf:errors" : {
"error" : [ "error" : [
"error-type": "application", "error-type": "application",
"error-tag": "invalid-value", "error-tag": "invalid-value",
"error-severity": "error", "error-severity": "error",
"error-app-tag": "ietf-yang-push:period-unsupported", "error-app-tag": "ietf-yang-push:period-unsupported",
"error-info": { "error-info": {
"ietf-yang-push": "ietf-yang-push":
"modify-subscription-datastore-error-info": { "modify-subscription-datastore-error-info": {
"period-hint": "3000" "period-hint": 3000
} }
} }
] ]
} }
} }
Figure 9: Modify subscription failure with Hint (e) Figure 9: Modify subscription failure with Hint (e)
A.1.3. Deleting Dynamic Subscriptions A.1.3. Deleting Dynamic Subscriptions
skipping to change at page 21, line 7 skipping to change at page 21, line 30
If the publisher can satisfy the request, the publisher replies with If the publisher can satisfy the request, the publisher replies with
success to the RPC request. success to the RPC request.
If the publisher cannot satisfy the request, the publisher sends an If the publisher cannot satisfy the request, the publisher sends an
error-rpc element indicating the modification didn't work. Figure 11 error-rpc element indicating the modification didn't work. Figure 11
shows a valid response for existing valid subscription identifier, shows a valid response for existing valid subscription identifier,
but that subscription identifier was created on a different transport but that subscription identifier was created on a different transport
session: session:
HTTP status code - 406 HTTP status code - 404
{ {
"ietf-restconf:errors" : { "ietf-restconf:errors" : {
"error" : [ "error" : [
"error-type": "application", "error-type": "application",
"error-tag": "invalid-value", "error-tag": "invalid-value",
"error-severity": "error", "error-severity": "error",
"error-app-tag": "error-app-tag":
"ietf-subscribed-notifications:no-such-subscription" "ietf-subscribed-notifications:no-such-subscription"
] ]
skipping to change at page 21, line 37 skipping to change at page 22, line 13
[I-D.draft-ietf-netconf-subscribed-notifications]). [I-D.draft-ietf-netconf-subscribed-notifications]).
A.2.1. subscription-modified A.2.1. subscription-modified
A "subscription-modified" encoded in JSON would look like: A "subscription-modified" encoded in JSON would look like:
{ {
"ietf-restconf:notification" : { "ietf-restconf:notification" : {
"eventTime": "2007-09-01T10:00:00Z", "eventTime": "2007-09-01T10:00:00Z",
"ietf-subscribed-notifications:subscription-modified": { "ietf-subscribed-notifications:subscription-modified": {
"id": "39", "id": 39,
"uri": "https://example.com/restconf/subscriptions/22" "uri": "https://example.com/restconf/subscriptions/22"
"stream-xpath-filter": "/example-module:foo", "stream-xpath-filter": "/example-module:foo",
"stream": { "stream": {
"ietf-netconf-subscribed-notifications" : "NETCONF" "ietf-netconf-subscribed-notifications" : "NETCONF"
} }
} }
} }
} }
Figure 12: subscription-modified subscription state notification Figure 12: subscription-modified subscription state notification
A.2.2. subscription-completed, subscription-resumed, and replay- A.2.2. subscription-completed, subscription-resumed, and replay-
complete complete
A "subscription-completed" would look like: A "subscription-completed" would look like:
{ {
"ietf-restconf:notification" : { "ietf-restconf:notification" : {
"eventTime": "2007-09-01T10:00:00Z", "eventTime": "2007-09-01T10:00:00Z",
"ietf-subscribed-notifications:subscription-completed": { "ietf-subscribed-notifications:subscription-completed": {
"id": "39", "id": 39,
} }
} }
} }
Figure 13: subscription-completed notification in JSON Figure 13: subscription-completed notification in JSON
The "subscription-resumed" and "replay-complete" are virtually The "subscription-resumed" and "replay-complete" are virtually
identical, with "subscription-completed" simply being replaced by identical, with "subscription-completed" simply being replaced by
"subscription-resumed" and "replay-complete". "subscription-resumed" and "replay-complete".
A.2.3. subscription-terminated and subscription-suspended A.2.3. subscription-terminated and subscription-suspended
A "subscription-terminated" would look like: A "subscription-terminated" would look like:
{ {
"ietf-restconf:notification" : { "ietf-restconf:notification" : {
"eventTime": "2007-09-01T10:00:00Z", "eventTime": "2007-09-01T10:00:00Z",
"ietf-subscribed-notifications:subscription-terminated": { "ietf-subscribed-notifications:subscription-terminated": {
"id": "39", "id": 39,
"error-id": "suspension-timeout" "error-id": "suspension-timeout"
} }
} }
} }
Figure 14: subscription-terminated subscription state notification Figure 14: subscription-terminated subscription state notification
The "subscription-suspended" is virtually identical, with The "subscription-suspended" is virtually identical, with
"subscription-terminated" simply being replaced by "subscription- "subscription-terminated" simply being replaced by "subscription-
suspended". suspended".
skipping to change at page 24, line 24 skipping to change at page 24, line 47
} }
Figure 17 Figure 17
For more examples of subtree filters, see [RFC6241], section 6.4. For more examples of subtree filters, see [RFC6241], section 6.4.
Appendix B. Changes between revisions Appendix B. Changes between revisions
(To be removed by RFC editor prior to publication) (To be removed by RFC editor prior to publication)
v12 - v13 v13 - v14
o Addressed review comments from IESG.
v12 - v13
o Enhanced "error-tag" values based on SN review. o Enhanced "error-tag" values based on SN review.
v11 - v12 v11 - v12
o Added text in 3.2 for expected behavior when ietf-restconf- o Added text in 3.2 for expected behavior when ietf-restconf-
monitoring.yang is also supported. monitoring.yang is also supported.
o Added section 2 to the reference to draft-ietf-netconf-nmda- o Added section 2 to the reference to draft-ietf-netconf-nmda-
restconf. restconf.
 End of changes. 54 change blocks. 
85 lines changed or deleted 134 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/