I2rs Requirements for NETCONF

Similar documents
I2RS Protocol. I2RS built for High performance. Sue Hares. Not the Pizza box CLI

NETCONF Discussion. Draft-ietf-i2rs-ephemeral-state-14.txt Presenter: Susan Hares Co-authors: Jeff Haas + Susan Hares

I2RS RIB Route Example. Sue Hares

RESTCONF Protocol. draft-ietf-netconf-restconf-03 NETCONF WG IETF #91 Honolulu, HI, USA

NETCONF WG. IETF 96 Berlin, Germany WEDNESDAY, July 20, Hours. Mehmet Ersue Mahesh Jethanandani

A. Clemm A. Gonzalez Prieto E. Voit

Requirements for Subscription to YANG Datastores draft-ietf-i2rs-pub-sub-requirements-01

Programmatic Interface to Routing

Intended Status: Standards Track Vinod Kumar S Huawei Technologies Expires: January 1, 2017 June 30, 2016

Network Working Group. Intended status: Experimental Expires: October 1, 2017 Cisco Systems March 30, 2017

Mapping LWM2M model to CoMI YANG

Components to Use Data Models

Internet Engineering Task Force (IETF) Juniper Networks K. Watsen Watsen Networks R. Wilton Cisco Systems March 2019

Components to Use Data Models

Internet Engineering Task Force (IETF) Request for Comments: 6470 Category: Standards Track February 2012 ISSN:

Intended status: Standards Track Expires: April 26, 2015 October 23, 2014

NETCONF Server and RESTCONF Server Configuration Models. draft-ietf-netconf-server-model-07. NETCONF WG IETF 93 Prague

Internet Engineering Task Force (IETF) Category: Standards Track August 2016 ISSN:

Internet Engineering Task Force (IETF) Category: Standards Track. August 2017

Internet Engineering Task Force (IETF) Request for Comments: 8431 Category: Standards Track ISSN:

NETCONF Protocol. Restrictions for the NETCONF Protocol. Information About the NETCONF Protocol

Intended status: Standards Track Expires: July 1, 2018 P. Sarkar J. Tantsura Individual December 28, 2017

Internet Engineering Task Force (IETF) Request for Comments: 7951 Category: Standards Track August 2016 ISSN:

Routing Area Yang Architecture Design Team Update

RESTCONF Programmable Interface

Internet Engineering Task Force (IETF) Category: Standards Track October 2010 ISSN:

YANG language parser for Libsmi

Internet Engineering Task Force (IETF) Request for Comments: Cisco Systems D. Bogdanovic X. Liu Volta Networks March 2019

Intended status: Informational. Ericsson September 29, 2016

This chapter describes the StarOS NETCONF interface and the ConfD engine. It contains the following sections:

Yang Data Model for TE Topologies

Network Working Group. Intended status: Standards Track Expires: January 3, 2019 S. Wi Sungkyunkwan University J. Park ETRI July 2, 2018

Introduction to OpenConfig

Cisco IOS XR Programmability for Cloud-Scale Networking

Peer Mount. Eric Voit Alex Clemm. 13-Nov-2014

Network Working Group Internet-Draft Intended status: Standards Track Expires: August 27, Huawei R. Rahman S. Raghavan. Cisco.

grpc Network Management Interface

IEEE 802.1X YANG Module Specifications. Document status: Draft Issue number: 0.4 Issue date: May 11, 2015 Author: Marc Holness

This chapter describes NETCONF and the StarOS process called ConfD manager. It contains the following sections:

Internet Engineering Task Force (IETF) Request for Comments: 8022 Category: Standards Track. November 2016

Technologies for the future of Network Insight and Automation

Internet Engineering Task Force (IETF) Request for Comments: ISSN: Huawei March 2018

Request for Comments: Tail-f Systems December Partial Lock Remote Procedure Call (RPC) for NETCONF

YANG Data Model for DHCPv6 Configuration

NETCONF Access Control

MSDP YANG draft-ietf-pim-msdp-yang-00

IETF 93 Prague Yang Data Model for OSPF Protocol draft-ietf-ospf-yang-01

IETF 91 Honolulu Yang Data Model for OSPF Protocol dra;- yeung- netmod- ospf- 02

TOSCA and YANG What is it? Stefan Vallin, Cisco, Viktor Leijon, Data Ductus,

Optimizing the Usability of YANG Models for Network Automation

Network Automation using modern tech. Egor Krivosheev 2degrees

Intended status: Standards Track April 8, 2013 Expires: October 10, 2013

Yang Models for I2NSF Capabilities. draft-hares-i2nsf-capabilities-yang Susan Hares Co-author: Robert Moskowitz`

Network Topology Model draft-ietf-i2rs-yang-network-topo-12.txt

Open SDN Controller Applications

A YANG Data Model for Network Topologies. Abstract

MSDP YANG draft-zhang-pim-msdp-yang-01

A YANG Data Model for Fabric Topology in Data-Center Networks

Implementing the Network Configuration Protocol

Category: Standards Track December 2006

Implementing Network Configuration Protocol

DIAL-UP NETWORKING PROFILE

Data Model-Driven Management: Latest Industry and Tool Developments

DNSCCM. Progress Report - Oct Sara Dickinson Sinodun Internet Technologies Ltd. sinodun.com

Internet Engineering Task Force (IETF) Request for Comments: J. Dong Huawei Technologies D. Romascanu March 2018

Network Management. YANG as a motivation for open source? Glenn Parsons, IEEE WG chair December 2017

YANG Model for IPIPv4 Tunnel. draft-liu-rtgwg-ipipv4-tunnel-yang Y. Liu, Ericsson A. Foldes, Ericsson

YANG 1.1. draft-ietf-netmod-rfc6020bis-08. IETF 94 Martin Björklund

ETSI ES V2.2.0 ( ) ETSI Standard

OpenDaylight as a Platform for Network Programmability FOSDEM, 3 February Charles Eckel, Cisco DevNet

3GPP TS V9.2.0 ( )

SERIES M: TELECOMMUNICATION MANAGEMENT, INCLUDING TMN AND NETWORK MAINTENANCE Telecommunications management network

NETCONF WG IETF 96 (Berlin)

Data Models Configuration Guide for Cisco NCS 1001

NFS Version 4.1. Spencer Shepler, Storspeed Mike Eisler, NetApp Dave Noveck, NetApp

A YANG Data Model for Segment Routing

National Aeronautics and Space and Administration Space Administration. cfe Release 6.6

Intended status: Standards Track. S. Salam Cisco Q. Wu, Ed. M. Wang Huawei March 20, 2016

SO REST API (OSM RELEASE ONE)

Coding Intro to APIs and REST

Intended status: Standards Track. S. Pallagatti Juniper Networks M. Jethanandani. Cisco Systems. G. Mirsky Ericsson August 19, 2015

XML Document Management (XDM) Specification

Implementation Guide for Delivery Notification in Direct

Location in SIP/IP Core (LOCSIP)

PIM Working Group. Intended Status: Standard Track. M. Sivakumar Juniper Networks P. McAllister Metaswitch Networks A. Peter Individual June 22,2018

18 July 2017, 13:30, Prauge. Chairs: Bron Gondwana Barry Leiba

Software defined networking

YumaPro User Manual. YANG-Based Unified Modular Automation Tools. Common User Manual. Version

A Model-driven Approach to Software Defined Networks with Yang, NETCONF/RESTCONF Wojciech Dec BRKSDN-1903

Open Command and Control (OpenC2) Language Specification. Version 0.0.2

Programmability Configuration Guide for Cisco NCS 5000 Series Routers, IOS XR Release 6.2.x

IPv6 PIM. Based on the forwarding mechanism, IPv6 PIM falls into two modes:

OCF Specification Overview Core Technology Specification. OCF 2.0 Release June 2018

SDN Controllers in the WAN: protocols and applications

Draft Requirements Document for the Development of the ICE2 Specification

Network Working Group Internet-Draft Intended status: Standards Track Expires: January 9, 2017 Huawei July 8, 2016

The Marway Chassis MIB. Status of this Memo. This document specifies a proprietary MIB module of Marway Power Solutions.

Intended status: Standards Track October 9, 2012 Expires: April 12, 2013

CHAPTER 25 Management Resources

OMA PoC Document Management

Transcription:

I2rs Requirements for NETCONF Susan Hares (i2rs Co-chair) 1

I2RS Requirement on WG LC draft-ietf-i2rs-ephemeral-state-00 draft-ietf-i2rs-pub-sub-requirements/ draft-ietf-i2rs-traceability/ draft-ietf-i2rs-protocol-security-requirements-01 Adopted environmental security requirements draft-mglt-i2rs-security-environment-reqs-01 2

Summary Ephemeral state from the protocol strawman Yang changes Identity requirements Priority requirements Pub/sub requirements Security requirements 3

Ephemeral State 4

Panes of Glass Model Entirely new Nodes Groups of Ephemeral Changes X2 X1 X3 X4 2 clients want to upgrade same node Ephemeral 2 priority 3 Ephemeral Change Y5 Y1 Y2 Ephemeral 1 Priority 2 Z4 Z6 Config Constraints Z5 Z1 Z3 N panes of glass allows caching Handling of non-linked as orthongonal writes (aka - stop on error, continue on error) Z2 Config can be any modules

Simplified Panes of Glass Model Entirely new Nodes Groups of Ephemeral Changes Ephemeral Change X5 X2 X1 X3 X4 Ephemeral all Constraints Z4 Config Z5 Z1 Z3 Z2 Z6 2 Panes of Glass all or nothing

Ephemeral State 1. Ephemeral state is not unique to I2RS 2. The ephemeral data store is a data store holds configuration that is intended to not survive a reboot. 3. Ephemeral state can be in any data model so importance of ephemeral is for conformance checking 4. Ephemeral data store is never locked 5. Ephemeral data store can occur in two ways: 1. Yang module that contains both non-ephemeral and ephemeral 2. Yang module that only contains non-ephemeral The yang modules may be protocol modules (BGP) or protocol independent modules (RIB, FB-RIB, Topology) 7

Ephemeral State (2) 6. Ephemeral nodes may not have configuration nodes beneath a. Ephemeral modules may not have configuration within the module. b. Configuration modules may have ephemeral Nodes and configuration modules Config node Config module Config Node (sub-tree) Ephemeral node Config module Ephemeral Node (tree) Ephemeral node Config node

Ephemeral State (3) 7. Ephemeral state will be denoted by ephemeral in Yang protocol at node level, submodule, or module level module thermostat { leaf desired-temp { type int32; ephemeral true; units degrees Celsius ; description The desired temperature ; } } leaf actual-temp { type int32; config false; units degrees Celsius ; description The measured temperature ; } 9

Ephemeral State (4) 8. Ephemeral has two error handling extensions 1. Ephemeral data store allows for reduced error handling that MAY remove the requirements for leafref checking, MUST clauses, and instance identifier (to allow more speed) 2. Ephemeral data store allows for priority resolution of write operation Priority error resolution means each I2RS client of the ephemeral I2RS agent (netconf server) MUST BE associated with a priority. Priority write resolution occurs when a I2RS client with a higher priority writes a node which has been written by an I2RS client (with the lower priority). When the I2RS agent (netconf server) allows a higher priority client to overwrite a lower priority client, the I2RS Agent MAY provide a notification indication to entities monitoring the node. Should MAY be MUST? 10

Panes of Glass Model Entirely new Nodes Groups of Ephemeral Changes X2 X1 X3 X4 2 clients want to upgrade same node Ephemeral 2 priority 3 Ephemeral Change Y5 Y1 Y2 Ephemeral 1 Priority 2 Z4 Z6 Config Constraints Z5 Z1 Z3 N panes of glass allows caching Handling of non-linked as orthongonal writes (aka - stop on error, continue on error) Z2 Config can be any modules

Example of Client nodes container i2rs-clients { leaf max-clients { config false; mandatory true; type uint32 { range "1.. max"; } } } list i2rs-client { key name; unique priority; leaf name {... } leaf priority {... } } 12

Ephemeral State (5) 9. Caching is out of scope for the first I2RS protocol release. Long-term concern: latency of I2RS protocol 13

Error handling 14

Types of error checking Syntax - correct syntax for node Referential leafref, MUST, instance identifier Grouping group of nodes that should align 15

Error handling Two types of data Grouped data - data must be done together Examples: BGP static routes + cost communities Interface addition + routes Non-Grouped data Example: PCEP state + BGP state Stop-on-error and continue-on-error Assume non-grouped data X2 Y5 X1 X3 X4 16

Panes of Glass Model Entirely new Nodes Groups of Ephemeral Changes X2 X1 X3 X4 2 clients want to upgrade same node Ephemeral 2 priority 3 Ephemeral Change Y5 Y1 Y2 Ephemeral 1 Priority 2 Z4 Z6 Config Constraints Z5 Z1 Z3 N panes of glass allows caching Handling of non-linked as orthongonal writes (aka - stop on error, continue on error) Z2 Config can be any modules

Examples of Error handling Actions that might ignore referential checks RIB routes added for DOS I2RS Client may be able checks on routes I2RS Agent could remove referential checks 100K routes would go faster May not have valid BGP Cost communities added I2RS Client may be able to checks Actions that should not ignore referential checks BGP Peer added ephemeral state BGP peer needs checking to be valid Summary: Model dependent ability to ignore referential checks 18

Support for Partial Writes NETCONF No mandated sequencing of edit functions or write functions Without mandated sequences, NETCONF can not handled partial edits RESTCONF Complete set of operation per message RESTCONF can support multiple data messages 19

I2RS Architecture Error handling: stop-on-error - means that the configuration process stops when a write to the configuration detects an error due to write conflict. continue-on-error - means the configuration process continues when a write to the configuration detects an error due to write process, and error reports are transmitted back to the client writing the error. all-or-nothing - means that all of the configuration process is correctly applied or no configuration process is applied. Initial I2RS Protocol: all-or-nothing in I2RS Agent 20

Yang changes 21

Yang changes ephemeral in Yang protocol at node level, submodule, or module level module thermostat { leaf desired-temp { type int32; ephemeral true; units degrees Celsius ; description The desired temperature ; } Operational state not supported (???) } leaf actual-temp { type int32; config false; units degrees Celsius ; description The measured temperature ; } 22

Identity, Priority, Capabilities 23

Identity Requirement Clients and I2RS agents shall have identities Clients can have secondary identities Carried as part of?? (RPC, Meta-data) still open in protocol design, but it is just an opaque value Goes in as part of the notification/trace log 24

Priority Requirements Support multi-headed control Different than ephemeral Supported as part of write-collision I2rs attributes may be modeled as meta-data 25

Signaling capabilities Yang library supports Modules or submodule ephemeral Data schema indicates nodes +--ro modules +--ro module*[name revision] +--ro name yang: yang-identifier +--ro revision union; +--ro schema? inet:uri +--ro namespace inet:uri +--ro feature* yang:yang-identifier +--ro ephemeral +--ro deviation* [name revision] +-- ro name yang:yang-identifier +-- ro revision union +--ro conformance enumeration +--ro submodules +--ro submodule*[name revision] +--ro name yang:yang-identifier +--ro revision union +--ro schema? inet:uri +--ro ephemeral 26

Security Requirements 27

I2rs Security Requirements Requirements 1, 2, 5, 6, 7, 9, 11, 13, 14, 15, 16, 18, 19, 20 (OK) Edited requirements: 3,4, 10 OK Security examined reviewed 8,12 (DDoS) OK multiple messages remove insecure protocol Insecure protocol Only if Data model clearly states it. Call for RIB to determine if can state it. 28

Secure protocol fits NETCONF SSH - RFC6242 TLX with X.509 RFC7589 RESTCONF XML or JSON with RFC7168 http with : GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD Exception pub/sub features and traceability features already proposed in NETCONF 29

Insecure Protocol Depend on Data Model + Use cases Method to get to one: Propose to I2RS Data model + protocol Security review NETCONF/NETMOD review 30

Pub/Sub Requirements 31

Pub/Sub The I2RS interface should support user subscriptions to data with the following parameters: push of data synchronously or asynchronously via registered subscriptions Configuration of parameters via netconf Distribution of data The I2RS interface (protocol and IMs) should allow a subscribe to select portions of the data model. Real time notification of events e.g. route installation and removal 1-5 seconds 32

Pub/sub and other transports I2RS client Get data back Configure What & Where I2RS Agent I2RS client Analytics: Publication, Model specific data streams 33

Pub/Sub (cont.) Requirements related to protocols The I2RS agent should be able to notify the client via publish or subscribe mechanism a BGP route change on a specific IP Response: Notification/Subscription per Model and per item Can subscribe to the I2RS Agent s notification of critical node IGP events. Response: Data model defines critical nature I2rs must be able to collect large data set from the network with high frequency and resolution with minimal impact to the device's CPU and memory Response (from Alia): 2000/second 34

Pub/sub and tracing I2RS Agents should support publishing I2RS trace log information to that feed Draft- 35

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback