< draft-ietf-netmod-nmda-diff-07.txt   draft-ietf-netmod-nmda-diff-08.txt >
Network Working Group A. Clemm Network Working Group A. Clemm
Internet-Draft Y. Qu Internet-Draft Y. Qu
Intended status: Standards Track Futurewei Intended status: Standards Track Futurewei
Expires: March 29, 2021 J. Tantsura Expires: November 25, 2021 J. Tantsura
Apstra Apstra
A. Bierman A. Bierman
YumaWorks YumaWorks
September 25, 2020 May 24, 2021
Comparison of NMDA datastores Comparison of NMDA datastores
draft-ietf-netmod-nmda-diff-07 draft-ietf-netmod-nmda-diff-08
Abstract Abstract
This document defines an RPC operation to compare management This document defines an RPC operation to compare management
datastores that comply with the NMDA architecture. datastores that comply with the NMDA architecture.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
skipping to change at page 1, line 35 skipping to change at page 1, line 35
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 29, 2021. This Internet-Draft will expire on November 25, 2021.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
skipping to change at page 2, line 16 skipping to change at page 2, line 16
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Key Words . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Key Words . . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Definitions and Acronyms . . . . . . . . . . . . . . . . . . 3 3. Definitions and Acronyms . . . . . . . . . . . . . . . . . . 3
4. Data Model Overview . . . . . . . . . . . . . . . . . . . . . 4 4. Data Model Overview . . . . . . . . . . . . . . . . . . . . . 4
5. YANG Data Model . . . . . . . . . . . . . . . . . . . . . . . 6 5. YANG Data Model . . . . . . . . . . . . . . . . . . . . . . . 6
6. Example . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 6. Example . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
7. Performance Considerations . . . . . . . . . . . . . . . . . 14 7. Performance Considerations . . . . . . . . . . . . . . . . . 14
8. Possible Future Extensions . . . . . . . . . . . . . . . . . 15 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15 8.1. Updates to the IETF XML Registry . . . . . . . . . . . . 15
9.1. Updates to the IETF XML Registry . . . . . . . . . . . . 15 8.2. Updates to the YANG Module Names Registry . . . . . . . . 15
9.2. Updates to the YANG Module Names Registry . . . . . . . . 16 9. Security Considerations . . . . . . . . . . . . . . . . . . . 15
10. Security Considerations . . . . . . . . . . . . . . . . . . . 16 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 16
11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 17 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 16
12. References . . . . . . . . . . . . . . . . . . . . . . . . . 17 11.1. Normative References . . . . . . . . . . . . . . . . . . 16
12.1. Normative References . . . . . . . . . . . . . . . . . . 17 11.2. Informative References . . . . . . . . . . . . . . . . . 17
12.2. Informative References . . . . . . . . . . . . . . . . . 18 Appendix A. Possible Future Extensions . . . . . . . . . . . . . 17
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 18 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 18
1. Introduction 1. Introduction
The revised Network Management Datastore Architecture (NMDA) The revised Network Management Datastore Architecture (NMDA)
[RFC8342] introduces a set of new datastores that each hold YANG- [RFC8342] introduces a set of new datastores that each hold YANG-
defined data [RFC7950] and represent a different "viewpoint" on the defined data [RFC7950] and represent a different "viewpoint" on the
data that is maintained by a server. New YANG datastores that are data that is maintained by a server. New YANG datastores that are
introduced include <intended>, which contains validated configuration introduced include <intended>, which contains validated configuration
data that a client application intends to be in effect, and data that a client application intends to be in effect, and
<operational>, which contains at least conceptually operational state <operational>, which contains operational state data (such as
data (such as statistics) as well as configuration data that is statistics) as well as configuration data that is actually in effect.
actually in effect.
NMDA introduces in effect a concept of "lifecycle" for management NMDA introduces in effect a concept of "lifecycle" for management
data, allowing to clearly distinguish between data that is part of a data, distinguishing between data that is part of a configuration
configuration that was supplied by a user, configuration data that that was supplied by a user, configuration data that has actually
has actually been successfully applied and that is part of the been successfully applied and that is part of the operational state,
operational state, and overall operational state that includes both and overall operational state that includes both applied
applied configuration data as well as status and statistics. configuration data as well as status and statistics
As a result, data from the same management model can be reflected in As a result, data from the same management model can be reflected in
multiple datastores. Clients need to specify the target datastore to multiple datastores. Clients need to specify the target datastore to
be specific about which viewpoint of the data they want to access. be specific about which viewpoint of the data they want to access.
This way, an application can differentiate whether they are (for For example, a client application can differentiate whether they are
example) interested in the configuration that has been applied and is interested in the configuration supplied to a server and that is
actually in effect, or in the configuration that was supplied by a supposed to be in effect, or the configuration that has been applied
client and that is supposed to be in effect. and is actually in effect on the server.
Due to the fact that data can propagate from one datastore to Due to the fact that data can propagate from one datastore to
another, it is possibly for differences between datastores to occur. another, it is possible for differences between datastores to occur.
Some of this is entirely expected, as there may be a time lag between Some of this is entirely expected, as there may be a time lag between
when a configuration is given to the device and reflected in when a configuration is given to the device and reflected in
<intended>, until when it actually takes effect and is reflected in <intended>, until when it actually takes effect and is reflected in
<operational>. However, there may be cases when a configuration item <operational>. However, there may be cases when a configuration item
that was to be applied may not actually take effect at all or needs that was to be applied may not actually take effect at all or needs
an unusually long time to do so. This can be the case due to certain an unusually long time to do so. This can be the case due to certain
conditions not being met, resource dependencies not being resolved, conditions not being met, certain parts of the configuration not
or even implementation errors in corner conditions. propagating because considered inactive, resource dependencies not
being resolved, or even implementation errors in corner conditions.
When configuration that is in effect is different from configuration When configuration that is in effect is different from configuration
that was applied, many issues can result. It becomes more difficult that was applied, many issues can result. It becomes more difficult
to operate the network properly due to limited visibility of actual to operate the network properly due to limited visibility of actual
status which makes it more difficult to analyze and understand what operational status which makes it more difficult to analyze and
is going on in the network. Services may be negatively affected (for understand what is going on in the network. Services may be
example, breaking a service instance resulting in service is not negatively affected (for example, degrading or breaking a customer
properly delivered to a customer) and network resources be service) and network resources may be misallocated.
misallocated.
Applications can potentially analyze any differences between two Applications can potentially analyze any differences between two
datastores by retrieving the contents from both datastores and datastores by retrieving the contents from both datastores and
comparing them. However, in many cases this will be at the same time comparing them. However, in many cases this will be at the same time
costly and extremely wasteful. costly and extremely wasteful.
This document introduces a YANG data model which defines RPCs, This document introduces a YANG data model which defines RPCs,
intended to be used in conjunction with NETCONF [RFC6241] or RESTCONF intended to be used in conjunction with NETCONF [RFC6241] or RESTCONF
[RFC8040], that allow a client to request a server to compare two [RFC8040], that allow a client to request a server to compare two
NMDA datastores and report any differences. NMDA datastores and report any differences.
skipping to change at page 4, line 7 skipping to change at page 4, line 7
capitals, as shown here. capitals, as shown here.
3. Definitions and Acronyms 3. Definitions and Acronyms
NMDA: Network Management Datastore Architecture NMDA: Network Management Datastore Architecture
RPC: Remote Procedure Call RPC: Remote Procedure Call
4. Data Model Overview 4. Data Model Overview
At the core of the solution is a new management operation, <compare>, The core of the solution is a new management operation, <compare>,
that allows to compare two datastores for the same data. The that compares the data tree contents of two datastores. The
operation checks whether there are any differences in values or in operation checks whether there are any differences in values or in
data nodes that are contained in either datastore, and returns any data nodes that are contained in either datastore, and returns any
differences as output. The output is returned in the format differences as output. The output is returned in the format
specified in YANG-Patch [RFC8072]. specified in YANG-Patch [RFC8072].
The YANG data model defines the <compare> operation as a new RPC. The YANG data model defines the <compare> operation as a new RPC.
The operation takes the following input parameters: The operation takes the following input parameters:
o source: The source identifies the datastore that will serve as o source: The source identifies the datastore that will serve as the
reference for the comparison, for example <intended>. reference for the comparison, for example <intended>.
o target: The target identifies the datastore to compare against the o target: The target identifies the datastore to compare against the
source. source, for example <operational>.
o filter-spec: This is a choice between different filter constructs o filter-spec: This is a choice between different filter constructs
to identify the portions of the datastore to be retrieved. It to identify the parts of the datastore to be retrieved. It acts
acts as a node selector that specifies which data nodes are within as a node selector that specifies which data nodes are within the
the scope of the comparison and which nodes are outside the scope. scope of the comparison and which nodes are outside the scope.
This allows a comparison operation to be applied only to a This allows a comparison operation to be applied only to a
specific portion of the datastore that is of interest, such as a specific part of the datastore that is of interest, such as a
particular subtree. (The filter dow not contain expressions that particular subtree. Note, the filter does not allow expressions
would match values data nodes, as this is not required by most use that match against data node values, since this may incure
cases and would complicate the scheme, from implementation to implementation difficulties and is not required for normal use
dealing with race conditions.) cases.
o all: When set, this parameter indicates that all differences o all: When set, this parameter indicates that all differences
should be included, including differences pertaining to schema should be included, including differences pertaining to schema
nodes that exist in only one of the datastores. When this nodes that exist in only one of the datastores. When this
parameter is not included, a prefiltering step is automatically parameter is not included, a prefiltering step is automatically
applied to exclude data from the comparison that does not pertain applied to exclude data from the comparison that does not pertain
to both datastores: if the same schema node is not present in both to both datastores: if the same schema node is not present in both
datastores, then all instances of that schema node and all its datastores, then all instances of that schema node and all its
descendants are excluded from the comparison. This allows client descendants are excluded from the comparison. This allows client
applications to focus on the differences that constitute true applications to focus on the differences that constitute true
mismatches of instance data without needing to specify more mismatches of instance data without needing to specify more
complex filter constructs. complex filter constructs.
o exclude-origin: When set, this parameter indicates that origin o report-origin: When set, this parameter indicates that origin
metadata should not not be included as part of RPC output. When metadata should be included as part of RPC output. When this
this parameter is omitted, origin metadata in comparisons that parameter is omitted, origin metadata in comparisons that involve
involve <operational> is by default included. <operational> is by default omitted.
The operation provides the following output parameter: The operation provides the following output parameter:
o differences: This parameter contains the list of differences. o differences: This parameter contains the list of differences.
Those differences are encoded per YANG-Patch data model defined in Those differences are encoded per YANG-Patch data model defined in
RFC8072. When a datastore node in the source of the comparison is RFC8072. When a datastore node in the source of the comparison is
not present in the target of the comparison, this can be indicated not present in the target of the comparison, this can be indicated
either as a "delete" or as a "remove" in the patch as there is no either as a "delete" or as a "remove" in the patch as there is no
differentiation between those operations for the purposes of the differentiation between those operations for the purposes of the
comparison. The YANG-Patch data model is augmented to indicate comparison. The YANG-Patch data model is augmented to indicate
the value of source datastore nodes in addition to the patch the value of source datastore nodes in addition to the patch
itself that would need to be applied to the source to produce the itself that would need to be applied to the source to produce the
target. When the target datastore is <operational>, "origin" target. When the target datastore is <operational> and the input
metadata is included as part of the patch. Including origin parameter "report-origin" is set, "origin" metadata is included as
metadata can help in some cases explain the cause of a difference, part of the patch. Including origin metadata can help in some
for example when a data node is part of <intended> but the origin cases explain the cause of a difference, for example when a data
of the same data node in <operational> is reported as "system". node is part of <intended> but the origin of the same data node in
<operational> is reported as "system".
The data model is defined in the ietf-nmda-compare YANG module. Its The data model is defined in the ietf-nmda-compare YANG module. Its
structure is shown in the following figure. The notation syntax structure is shown in the following figure. The notation syntax
follows [RFC8340]. follows [RFC8340].
module: ietf-nmda-compare module: ietf-nmda-compare
rpcs: rpcs:
+---x compare +---x compare
+---w input +---w input
| +---w source identityref | +---w source identityref
| +---w target identityref | +---w target identityref
| +---w all? empty | +---w all? empty
| +---w exclude-origin? empty | +---w report-origin? empty
| +---w (filter-spec)? | +---w (filter-spec)?
| +--:(subtree-filter) | +--:(subtree-filter)
| | +---w subtree-filter? | | +---w subtree-filter?
| +--:(xpath-filter) | +--:(xpath-filter)
| +---w xpath-filter? yang:xpath1.0 {nc:xpath}? | +---w xpath-filter? yang:xpath1.0 {nc:xpath}?
+--ro output +--ro output
+--ro (compare-response)? +--ro (compare-response)?
+--:(no-matches) +--:(no-matches)
| +--ro no-matches? empty | +--ro no-matches? empty
+--:(differences) +--:(differences)
skipping to change at page 6, line 40 skipping to change at page 6, line 40
+--ro target target-resource-offset +--ro target target-resource-offset
+--ro point? target-resource-offset +--ro point? target-resource-offset
+--ro where? enumeration +--ro where? enumeration
+--ro value? +--ro value?
+--ro source-value? +--ro source-value?
Structure of ietf-nmda-compare Structure of ietf-nmda-compare
5. YANG Data Model 5. YANG Data Model
<CODE BEGINS> file "ietf-nmda-compare@2020-09-18.yang" <CODE BEGINS> file "ietf-nmda-compare@2021-05-24.yang"
module ietf-nmda-compare { module ietf-nmda-compare {
yang-version 1.1; yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-nmda-compare"; namespace "urn:ietf:params:xml:ns:yang:ietf-nmda-compare";
prefix cmp; prefix cmp;
import ietf-yang-types { import ietf-yang-types {
prefix yang; prefix yang;
reference "RFC 6991: Common YANG Data Types"; reference "RFC 6991: Common YANG Data Types";
skipping to change at page 7, line 38 skipping to change at page 7, line 38
Author: Jeff Tantsura Author: Jeff Tantsura
<mailto:jefftant.ietf@gmail.com> <mailto:jefftant.ietf@gmail.com>
Author: Andy Bierman Author: Andy Bierman
<mailto:andy@yumaworks.com>"; <mailto:andy@yumaworks.com>";
description description
"The YANG data model defines a new operation, <compare>, that "The YANG data model defines a new operation, <compare>, that
can be used to compare NMDA datastores. can be used to compare NMDA datastores.
The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL Copyright (c) 2021 IETF Trust and the persons identified as
NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
'MAY', and 'OPTIONAL' in this document are to be interpreted as
described in BCP 14 (RFC 2119) (RFC 8174) when, and only when,
they appear in all capitals, as shown here.
Copyright (c) 2020 IETF Trust and the persons identified as
authors of the code. All rights reserved. authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject to without modification, is permitted pursuant to, and subject to
the license terms contained in, the Simplified BSD License set the license terms contained in, the Simplified BSD License set
forth in Section 4.c of the IETF Trust's Legal Provisions forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents Relating to IETF Documents
(https://trustee.ietf.org/license-info). (https://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX; see the This version of this YANG module is part of RFC XXXX; see the
RFC itself for full legal notices."; RFC itself for full legal notices.";
revision 2020-09-18 { revision 2021-05-24 {
description description
"Initial revision"; "Initial revision";
reference reference
"RFC XXXX: Comparison of NMDA datastores"; "RFC XXXX: Comparison of NMDA datastores";
} }
/* RPC */ /* RPC */
rpc compare { rpc compare {
description description
"NMDA compare operation."; "NMDA datastore compare operation.";
input { input {
leaf source { leaf source {
type identityref { type identityref {
base ds:datastore; base ds:datastore;
} }
mandatory true; mandatory true;
description description
"The source datastore to be compared."; "The source datastore to be compared.";
} }
leaf target { leaf target {
skipping to change at page 8, line 50 skipping to change at page 8, line 44
"When this leaf is provided, all data nodes are compared, "When this leaf is provided, all data nodes are compared,
whether their schema node pertains to both datastores or whether their schema node pertains to both datastores or
not. When this leaf is omitted, a prefiltering step is not. When this leaf is omitted, a prefiltering step is
automatically applied that excludes data nodes from the automatically applied that excludes data nodes from the
comparison that can occur in only one datastore but not comparison that can occur in only one datastore but not
the other. Specifically, if one of the datastores the other. Specifically, if one of the datastores
(source or target) contains only configuration data and (source or target) contains only configuration data and
the other datastore is <operational>, data nodes for the other datastore is <operational>, data nodes for
which config is false are excluded from the comparison."; which config is false are excluded from the comparison.";
} }
leaf exclude-origin { leaf report-origin {
type empty; type empty;
description description
"When this leaf is provided, origin metadata is not "When this leaf is provided, origin metadata is
included as part of RPC output. When this leaf is included as part of RPC output. When this leaf is
omitted, origin metadata in comparisons that involve omitted, origin metadata in comparisons that involve
<operational> is by default included."; <operational> is by default omitted.";
} }
choice filter-spec { choice filter-spec {
description description
"Identifies the portions of the datastores to be "Identifies the portions of the datastores to be
compared."; compared.";
anydata subtree-filter { anydata subtree-filter {
description description
"This parameter identifies the portions of the "This parameter identifies the portions of the
target datastore to retrieve."; target datastore to retrieve.";
reference "RFC 6241, Section 6."; reference "RFC 6241, Section 6.";
skipping to change at page 10, line 34 skipping to change at page 10, line 28
} }
} }
<CODE ENDS> <CODE ENDS>
6. Example 6. Example
The following example compares the difference between <operational> The following example compares the difference between <operational>
and <intended> for a subtree under "interfaces". The subtree and <intended> for a subtree under "interfaces". The subtree
contains a subset of objects that are defined in a YANG data model contains a subset of objects that are defined in a YANG data model
for the management of interfaces defined in [RFC8343]. The excerpt for the management of interfaces defined in [RFC8343]. The excerpt
of the data model whose instantiation is basis of the comparison is of the data model whose instantiation is the basis of the comparison
as follows: is as follows:
container interfaces { container interfaces {
description description
"Interface parameters."; "Interface parameters.";
list interface { list interface {
key "name"; key "name";
leaf name { leaf name {
type string; type string;
description description
"The name of the interface". "The name of the interface".
skipping to change at page 11, line 48 skipping to change at page 11, line 48
</interface> </interface>
</interfaces> </interfaces>
//OPERATIONAL //OPERATIONAL
<interfaces <interfaces
xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces" xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"
xmlns:or="urn:ietf:params:xml:ns:yang:ietf-origin"> xmlns:or="urn:ietf:params:xml:ns:yang:ietf-origin">
<interface or:origin="or:learned"> <interface or:origin="or:learned">
<name>eth0</name> <name>eth0</name>
<enabled>true</enabled> <enabled>true</enabled>
</interface>
</interface>
</interfaces> </interfaces>
<operational> does not contain object "description" that is contained <operational> does not contain an instance for leaf "description"
in <intended>. Another object, "enabled", has differences in values, that is contained in <intended>. Another leaf, "enabled", has
being "true" in <operational> and "false" in <intended>. A third different values in the two datastores, being "true" in <operational>
object, "name", is the same in both cases. The origin of the objects and "false" in <intended>. A third leaf, "name", is the same in both
in <operational> is "learned", which may help explain the cases. The origin of the leaf instances in <operational> is
discrepancies. "learned", which may help explain the discrepancies.
RPC request to compare <operational> (source of the comparison) with RPC request to compare <operational> (source of the comparison) with
<intended>(target of the comparison): <intended>(target of the comparison):
<rpc message-id="101" <rpc message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<compare xmlns="urn:ietf:params:xml:ns:yang:ietf-nmda-compare" <compare xmlns="urn:ietf:params:xml:ns:yang:ietf-nmda-compare"
xmlns:ds="urn:ietf:params:xml:ns:yang:ietf-datastores"> xmlns:ds="urn:ietf:params:xml:ns:yang:ietf-datastores">
<source>ds:operational</source> <source>ds:operational</source>
<target>ds:intended</target> <target>ds:intended</target>
<report-origin/>
<xpath-filter <xpath-filter
xmlns:if="urn:ietf:params:xml:ns:yang:ietf-interfaces"> xmlns:if="urn:ietf:params:xml:ns:yang:ietf-interfaces">
/if:interfaces /if:interfaces
</xpath-filter> </xpath-filter>
</compare> </compare>
</rpc> </rpc>
RPC reply, when a difference is detected: RPC reply, when a difference is detected:
<rpc-reply <rpc-reply
skipping to change at page 13, line 46 skipping to change at page 13, line 46
</differences> </differences>
</rpc-reply> </rpc-reply>
The same request in RESTCONF (using JSON format): The same request in RESTCONF (using JSON format):
POST /restconf/operations/ietf-nmda-compare:compare HTTP/1.1 POST /restconf/operations/ietf-nmda-compare:compare HTTP/1.1
Host: example.com Host: example.com
Content-Type: application/yang-data+json Content-Type: application/yang-data+json
Accept: application/yang-d Accept: application/yang-d
{ "ietf-nmda-compare:input" { { "ietf-nmda-compare:input" {
"source" : "ietf-datastores:operational" "source" : "ietf-datastores:operational",
"target" : "ietf-datastores:intended" "target" : "ietf-datastores:intended",
"xpath-filter" : \ "report-origin" : null,
"/ietf-interfaces:interfaces" "xpath-filter" : "/ietf-interfaces:interfaces"
} }
} }
The same response in RESTCONF (using JSON format): The same response in RESTCONF (using JSON format):
HTTP/1.1 200 OK HTTP/1.1 200 OK
Date: Thu, 26 Jan 2019 20:56:30 GMT Date: Thu, 26 Jan 2019 20:56:30 GMT
Server: example-server Server: example-server
Content-Type: application/yang-d Content-Type: application/yang-d
{ "ietf-nmda-compare:output" : { { "ietf-nmda-compare:output" : {
"differences" : { "differences" : {
skipping to change at page 15, line 9 skipping to change at page 15, line 9
responsible client applications are expected to use the operation responsible client applications are expected to use the operation
responsibly and sparingly only when warranted, implementations need responsibly and sparingly only when warranted, implementations need
to be aware of the fact that excessive invocation of this operation to be aware of the fact that excessive invocation of this operation
will burden system resources and need to ensure that system will burden system resources and need to ensure that system
performance will not be adversely impacted. One possibility for an performance will not be adversely impacted. One possibility for an
implementation to mitigate against such a possibility is to limit the implementation to mitigate against such a possibility is to limit the
number of requests that is served to a client, or to any number of number of requests that is served to a client, or to any number of
clients, in any one time interval, rejecting requests made at a clients, in any one time interval, rejecting requests made at a
higher frequency than the implementation can reasonably sustain. higher frequency than the implementation can reasonably sustain.
8. Possible Future Extensions 8. IANA Considerations
It is conceivable to extend the compare operation with a number of
possible additional features in the future.
Specifically, it is possible to define an extension with an optional
feature for dampening. This will allow clients to specify a minimum
time period for which a difference must persist for it to be
reported. This will enable clients to distinguish between
differences that are only fleeting from ones that are not and that
may represent a real operational issue and inconsistency within the
device.
For this purpose, an additional input parameter can be added to
specify the dampening period. Only differences that pertain for at
least the dampening time are reported. A value of 0 or omission of
the parameter indicates no dampening. Reporting of differences MAY
correspondingly be delayed by the dampening period from the time the
request is received.
To implement this feature, a server implementation might run a
comparison when the RPC is first invoked and temporarily store the
result. Subsequently, it could wait until after the end of the
dampening period to check whether the same differences are still
observed. The differences that still persist are then returned.
9. IANA Considerations
9.1. Updates to the IETF XML Registry 8.1. Updates to the IETF XML Registry
This document registers one URI in the IETF XML registry [RFC3688]. This document registers one URI in the IETF XML registry [RFC3688].
Following the format in [RFC3688], the following registration is Following the format in [RFC3688], the following registration is
requested: requested:
URI: urn:ietf:params:xml:ns:yang:ietf-nmda-compare URI: urn:ietf:params:xml:ns:yang:ietf-nmda-compare
Registrant Contact: The IESG. Registrant Contact: The IESG.
XML: N/A, the requested URI is an XML namespace. XML: N/A, the requested URI is an XML namespace.
9.2. Updates to the YANG Module Names Registry 8.2. Updates to the YANG Module Names Registry
This document registers a YANG module in the YANG Module Names This document registers a YANG module in the YANG Module Names
registry [RFC7950]. Following the format in [RFC7950], the following registry [RFC7950]. Following the format in [RFC7950], the following
registration is requested: registration is requested:
name: ietf-nmda-compare name: ietf-nmda-compare
namespace: urn:ietf:params:xml:ns:yang:ietf-nmda-compare namespace: urn:ietf:params:xml:ns:yang:ietf-nmda-compare
prefix: cmp prefix: cmp
reference: RFC XXXX reference: RFC XXXX
10. Security Considerations 9. Security Considerations
The YANG module specified in this document defines a schema for data The YANG module specified in this document defines a schema for data
that is designed to be accessed via network management protocols such that is designed to be accessed via network management protocols such
as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer
is the secure transport layer, and the mandatory-to-implement secure is the secure transport layer, and the mandatory-to-implement secure
transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer
is HTTPS, and the mandatory-to-implement secure transport is TLS is HTTPS, and the mandatory-to-implement secure transport is TLS
[RFC8446]. [RFC8446].
The NETCONF access control model [RFC8341] provides the means to The NETCONF access control model [RFC8341] provides the means to
skipping to change at page 17, line 5 skipping to change at page 16, line 21
processing resources at the server. An attacker could attempt to processing resources at the server. An attacker could attempt to
attack a server by making a high volume of comparison requests. attack a server by making a high volume of comparison requests.
Server implementations can guard against such scenarios in several Server implementations can guard against such scenarios in several
ways. For one, they can implement the NETCONF access control model ways. For one, they can implement the NETCONF access control model
in order to require proper authorization for requests to be made. in order to require proper authorization for requests to be made.
Second, server implementations can limit the number of requests that Second, server implementations can limit the number of requests that
they serve to a client in any one time interval, rejecting requests they serve to a client in any one time interval, rejecting requests
made at a higher frequency than the implementation can reasonably made at a higher frequency than the implementation can reasonably
sustain. sustain.
11. Acknowledgments 10. Acknowledgments
We thank Rob Wilton, Martin Bjorklund, Mahesh Jethanandani, Lou We thank Rob Wilton, Martin Bjorklund, Mahesh Jethanandani, Lou
Berger, Kent Watsen, Phil Shafer, Ladislav Lhotka, Tim Carey, and Berger, Kent Watsen, Phil Shafer, Ladislav Lhotka, Tim Carey, and
Reshad Rahman for valuable feedback and suggestions. Reshad Rahman for valuable feedback and suggestions.
12. References 11. References
12.1. Normative References 11.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
DOI 10.17487/RFC3688, January 2004, DOI 10.17487/RFC3688, January 2004,
<https://www.rfc-editor.org/info/rfc3688>. <https://www.rfc-editor.org/info/rfc3688>.
skipping to change at page 18, line 23 skipping to change at page 17, line 39
[RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K.,
and R. Wilton, "Network Management Datastore Architecture and R. Wilton, "Network Management Datastore Architecture
(NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018,
<https://www.rfc-editor.org/info/rfc8342>. <https://www.rfc-editor.org/info/rfc8342>.
[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
<https://www.rfc-editor.org/info/rfc8446>. <https://www.rfc-editor.org/info/rfc8446>.
12.2. Informative References 11.2. Informative References
[RFC8343] Bjorklund, M., "A YANG Data Model for Interface [RFC8343] Bjorklund, M., "A YANG Data Model for Interface
Management", RFC 8343, DOI 10.17487/RFC8343, March 2018, Management", RFC 8343, DOI 10.17487/RFC8343, March 2018,
<https://www.rfc-editor.org/info/rfc8343>. <https://www.rfc-editor.org/info/rfc8343>.
Appendix A. Possible Future Extensions
It is conceivable to extend the compare operation with a number of
possible additional features in the future.
Specifically, it is possible to define an extension with an optional
feature for dampening. This will allow clients to specify a minimum
time period for which a difference must persist for it to be
reported. This will enable clients to distinguish between
differences that are only fleeting from ones that are not and that
may represent a real operational issue and inconsistency within the
device.
For this purpose, an additional input parameter can be added to
specify the dampening period. Only differences that pertain for at
least the dampening time are reported. A value of 0 or omission of
the parameter indicates no dampening. Reporting of differences MAY
correspondingly be delayed by the dampening period from the time the
request is received.
To implement this feature, a server implementation might run a
comparison when the RPC is first invoked and temporarily store the
result. Subsequently, it could wait until after the end of the
dampening period to check whether the same differences are still
observed. The differences that still persist are then returned.
Authors' Addresses Authors' Addresses
Alexander Clemm Alexander Clemm
Futurewei Futurewei
2330 Central Expressway 2330 Central Expressway
Santa Clara, CA 95050 Santa Clara, CA 95050
USA USA
Email: ludwig@clemm.org Email: ludwig@clemm.org
 End of changes. 41 change blocks. 
117 lines changed or deleted 111 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/