draft-ietf-netmod-opstate-reqs-01.txt   draft-ietf-netmod-opstate-reqs-02.txt 
NETMOD Working Group K. Watsen NETMOD Working Group K. Watsen
Internet-Draft Juniper Networks Internet-Draft Juniper Networks
Intended status: Informational T. Nadeau Intended status: Informational T. Nadeau
Expires: June 17, 2016 Brocade Networks Expires: July 7, 2016 Brocade Networks
December 15, 2015 January 4, 2016
NETMOD Operational State Requirements Terminology and Requirements for Enhanced
draft-ietf-netmod-opstate-reqs-01 Operational State Visibility and Control
draft-ietf-netmod-opstate-reqs-02
Abstract Abstract
This document defines requirements for servers enabling better This document discusses the difference between intended configuration
visibility and control over the server's operational state. To and applied configuration of a device and how intended and applied
achieve this end, this document also defines terminology describing a configuration relate to the operational state of a device. The
conceptual model enabling the requirements to be expressed. document defines the necessary terminology and identifies
requirements enabling visibility into the difference of intended
configuration and applied configuration.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on June 17, 2016. This Internet-Draft will expire on July 7, 2016.
Copyright Notice Copyright Notice
Copyright (c) 2015 IETF Trust and the persons identified as the Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Requirements . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 2
3. Security Considerations . . . . . . . . . . . . . . . . . . . 5 3. Backwards Compatibility . . . . . . . . . . . . . . . . . . . 4
4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 4. Requirements . . . . . . . . . . . . . . . . . . . . . . . . 4
5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 5 5. Security Considerations . . . . . . . . . . . . . . . . . . . 5
6. References . . . . . . . . . . . . . . . . . . . . . . . . . 5 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6
6.1. Normative References . . . . . . . . . . . . . . . . . . 5 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6
6.2. Informative References . . . . . . . . . . . . . . . . . 6 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 6
Appendix A. Relation to Terms Defined in Other Drafts . . . . . 7 8.1. Normative References . . . . . . . . . . . . . . . . . . 6
Appendix B. Relation to Requirements in Other Drafts . . . . . . 7 8.2. Informative References . . . . . . . . . . . . . . . . . 6
Appendix C. Open Issues . . . . . . . . . . . . . . . . . . . . 7 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 6
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8
1. Terminology 1. Introduction
This document discusses the difference between intended configuration
and applied configuration of a device and how intended and applied
configuration relate to the operational state of a device. The
document defines the necessary terminology and identifies
requirements enabling visibility into the difference of intended
configuration and applied configuration.
2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119]. document are to be interpreted as described in RFC 2119 [RFC2119].
The term "client" is used throughout this document to refer to what
is many times known as the "application" or "network management
system". This definition is intended to be consistent with the term
"client" defined in [RFC6241], Section 1.1, but independent of any
association to a particular protocol.
The term "server" is used throughout this document to refer to what The term "server" is used throughout this document to refer to what
is many times known as the "device", "system", or "network element". is many times known as the "device", "system", or "network element".
This definition is intended to be consistent with the term "server" This definition is intended to be consistent with the term "server"
defined in [RFC6241], Section 1.1, but free of any association to a defined in [RFC6241], Section 1.1, but independent of any association
particular protocol. to a particular protocol.
This document defines the following terms: This document defines the following terms:
Applied Configuration: This data represents the configuration state Applied Configuration: This data represents the configuration state
that the server is actually in. That is, the configuration state that the server is actually in. That is, the configuration state
which is currently being used by server components (e.g., control which is currently being used by server components (e.g., control
plane daemons, operating system kernels, line cards). plane daemons, operating system kernels, line cards). With
respect to NETCONF architecture, the applied configuration
of [RFC6244]
NOTE: The server's ability to report applied configuration NOTE: The server's ability to report applied configuration
accurately may be limited in some cases, such as when the accurately may be limited in some cases, such as when the
configuration goes through an intermediate layer without an configuration goes through an intermediate layer without an
ability to inspect the lower layer. ability to inspect the lower layer.
Asynchronous Configuration Operation: A configuration request to Asynchronous Configuration Operation: A configuration request to
update the running configuration of a server that is applied update the running configuration of a server that is applied
asynchronously with respect to the client request. The server asynchronously with respect to the client request. The server
MUST update its intended configuration (see term) before replying MUST update its intended configuration (see term) before replying
skipping to change at page 3, line 10 skipping to change at page 3, line 32
This reply to the client only indicates whether there are any This reply to the client only indicates whether there are any
errors in the original request. The server's applied errors in the original request. The server's applied
configuration state (see term) is updated after the configuration configuration state (see term) is updated after the configuration
change has been fully effected to all impacted components in the change has been fully effected to all impacted components in the
server. Once applied, there MUST be a mechanism for the client server. Once applied, there MUST be a mechanism for the client
to determine when the request has completed processing and to determine when the request has completed processing and
whether the intended config is now fully effective or there are whether the intended config is now fully effective or there are
any errors from applying the configuration change, which could be any errors from applying the configuration change, which could be
from an asynchronous notification or via a client operation. from an asynchronous notification or via a client operation.
Continue On Error: Continue to process configuration data on error;
error is recorded, and negative response is generated if any
errors occur.
Derived State: This data represents information which is generated Derived State: This data represents information which is generated
as part of the server's own interactions. For example, derived as part of the server's own interactions. For example, derived
state may consist of the results of protocol interactions (the state may consist of the results of protocol interactions (the
negotiated duplex state of an Ethernet link), statistics (such as negotiated duplex state of an Ethernet link), statistics (such as
message queue depth), or counters (such as packet input or output message queue depth), or counters (such as packet input or output
bytes). bytes).
Intended Configuration: This data represents the configuration state Intended Configuration: This data represents the configuration state
that the network operator intends the server to be in, and that that the network operator intends the server to be in, and that
has been accepted by the server as valid configuration. has been accepted by the server as valid configuration. With
respect to NETCONF architecture, the intended configuration is
captured by the "config database" box listed on page 15 of
[RFC6244]
Operational State: Operational State is the current state of the Operational State: Operational State is the current state of the
system as known to the various components of the system (e.g., system as known to the various components of the system (e.g.,
control plane daemons, operating system kernels, line cards). control plane daemons, operating system kernels, line cards).
The operational state includes both applied configuration and The operational state includes both applied configuration and
derived state. derived state.
Rollback On Error: If an error condition occurs such that part of
applying the configuration fails, the server will stop processing
the configuration operation and restore the specified
configuration to its complete state at the start of this
configuration operation.
Synchronous Configuration Operation: A configuration request to Synchronous Configuration Operation: A configuration request to
update the running configuration of a server that is applied update the running configuration of a server that is applied
synchronously with respect to the client request (i.e. a blocking synchronously with respect to the client request (i.e. a blocking
call). The server MUST fully attempt to apply the configuration call). The server MUST fully attempt to apply the configuration
change to all impacted components in the server, updating both change to all impacted components in the server, updating both
the server's intended and applied configuration (see terms), the server's intended and applied configuration (see terms),
before replying to the client. The reply to the client indicates before replying to the client. The reply to the client indicates
whether there are any errors in the request or errors from whether there are any errors in the request or errors from
applying the configuration change. applying the configuration change.
2. Requirements 3. Backwards Compatibility
Any solution satisfying the requirements specified in this document
MUST ensure backwards compatibility with regards to existing
deployments. Specifically, it MUST be possible to upgrade a server
to one that supports the solution without breaking existing/legacy
clients. Likewise, it MUST be possible for a client that has been
coded to support the solution to interoperate appropriately with
existing/legacy servers.
4. Requirements
1. Ability to interact with both intended and applied configuration 1. Ability to interact with both intended and applied configuration
A. The ability to ask the operational components of a server A. The ability to ask the operational components of a server
(e.g., line cards) for the configuration that they are (e.g., line cards) for the configuration that they are
currently using. This is the applied configuration (see currently using. This is the applied configuration (see
term). term).
B. Applied configuration is read-only B. Applied configuration is read-only
C. The data model for the applied configuration is the same as C. The data model for the applied configuration is the same as
the data model for the intended configuration (same leaves) the data model for the intended configuration (same leaves)
skipping to change at page 4, line 35 skipping to change at page 5, line 11
operations, or only asynchronous configuration operations, or operations, or only asynchronous configuration operations, or
both synchronous and asynchronous configuration operations on both synchronous and asynchronous configuration operations on
a client-specified per-operation basis. a client-specified per-operation basis.
B. Servers that support asynchronous configuration operations B. Servers that support asynchronous configuration operations
MAY also provide a verify operation that a client can request MAY also provide a verify operation that a client can request
from the server to return information regarding the from the server to return information regarding the
difference between the intended and applied configurations. difference between the intended and applied configurations.
C. The configuration protocol MUST specify how configuration C. The configuration protocol MUST specify how configuration
errors are handled. Errors may be handled by "stop on errors are handled. Errors MAY be handled by semantics
error", "continue on error" or "rollback on error" semantics similar to NETCONF's error-options for the <edit-config>
(see terms). Support for "rollback on error" SHOULD be operation (stop-on-error, continue-on-error, rollback-on-
provided. error), as described in Section 7.2 in [RFC6241], but
extended to incorporate both the intended and applied
configurations. Support for "rollback on error" semantics
SHOULD be provided.
3. Separation of the applied configuration and derived state aspects 3. Separation of the applied configuration and derived state aspects
of operational state; ability to retrieve them independently and of operational state; ability to retrieve them independently and
together together
A. Be able to retrieve only the applied configuration aspects of A. Be able to retrieve only the applied configuration aspects of
operational state operational state
B. Be able to retrieve only the derived state aspects of B. Be able to retrieve only the derived state aspects of
operational state operational state
skipping to change at page 5, line 16 skipping to change at page 5, line 43
operational state operational state
A. Ability to map intended config nodes to corresponding applied A. Ability to map intended config nodes to corresponding applied
config nodes config nodes
B. Ability to map intended config nodes to associated derived B. Ability to map intended config nodes to associated derived
state nodes state nodes
C. The mappings needs to be programmatically consumable C. The mappings needs to be programmatically consumable
5. Ability for distinct modules to leverage a common model-structure 5. Security Considerations
A. Focus on the IETF-defined modules, and ideally provides
guidance to other SDOs
B. Multiple domain-specific model-structure trees are okay
C. Model-structures may be defined in multiple modules with
distinct namespaces
3. Security Considerations
None It is understood that the intended and applied configurations will
differ while synchronization is in progress. During the
synchronization process, the server will be in an inconsistent state
from the client's perspective. Implementations need to take care to
ensure that this inconsistency minimizes gaps in the application of
security policy (e.g., replacing a firewall policy in a single step).
Implementations additionally need to ensure that any gaps in security
policies or not dependent on external input that an attacker might be
able to control or prevent access to.
4. IANA Considerations 6. IANA Considerations
None None
5. Acknowledgements 7. Acknowledgements
The authors would like to thank the following for contributing to The authors would like to thank the following for contributing to
this document (in alphabetic order): Acee Lindem, Andy Bierman, Anees this document (in alphabetic order): Acee Lindem, Andy Bierman, Anees
Shaikh, Benoit Claise, Carl Moberg, Dan Romascanu, Dean Bogdanovic, Shaikh, Benoit Claise, Carl Moberg, Dan Romascanu, Dean Bogdanovic,
Gert Grammel, Jonathan Hansford, Juergen Schoenwaelder, Lou Berger, Gert Grammel, Jonathan Hansford, Juergen Schoenwaelder, Lou Berger,
Mahesh Jethanandani, Martin Bjorklund, Phil Shafer, Randy Presuhn, Mahesh Jethanandani, Martin Bjorklund, Phil Shafer, Randy Presuhn,
Rob Shakir, Robert Wilton, Sterne, Jason. Rob Shakir, Robert Wilton, Sterne, Jason.
6. References 8. References
6.1. Normative References 8.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>. <http://www.rfc-editor.org/info/rfc2119>.
6.2. Informative References 8.2. Informative References
[draft-openconfig-netmod-model-structure-00]
Shaikh, A., Shakir, R., D'Souza, K., and L. Fang,
"Operational Structure and Organization of YANG Models",
draft-openconfig-netmod-model-structure-00 (work in
progress), 2015, <https://tools.ietf.org/html/draft-
openconfig-netmod-model-structure-00>.
[draft-openconfig-netmod-opstate-01]
Shakir, R., Shaikh, A., and M. Hines, "Consistent Modeling
of Operational State Data in YANG", draft-openconfig-
netmod-opstate-01 (work in progress), 2015,
<https://tools.ietf.org/html/draft-openconfig-netmod-
opstate-01>.
[RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed.,
and A. Bierman, Ed., "Network Configuration Protocol and A. Bierman, Ed., "Network Configuration Protocol
(NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011,
<http://www.rfc-editor.org/info/rfc6241>. <http://www.rfc-editor.org/info/rfc6241>.
Appendix A. Relation to Terms Defined in Other Drafts [RFC6244] Shafer, P., "An Architecture for Network Management Using
NETCONF and YANG", RFC 6244, DOI 10.17487/RFC6244, June
The following terms were originally defined in [RFC6241], but since 2011, <http://www.rfc-editor.org/info/rfc6244>.
modified by the NETMOD WG:
o continue-on-error
o stop-on-error
o rollback-on-error
The following terms were originally defined in
[draft-openconfig-netmod-opstate-01], but since modified by the
NETMOD WG:
o Intended Configuration
o Applied Configuration
o Derived State
Appendix B. Relation to Requirements in Other Drafts
The requirements in this document roughly map onto the requirements
listed in [draft-openconfig-netmod-opstate-01] and
[draft-openconfig-netmod-model-structure-00] as list below. Some
liberty was taken to adjust the requirements based on what looked
liked consensus from on list discussions:
1. draft-openconfig-netmod-opstate-01, Section 3
2. draft-openconfig-netmod-opstate-01, Section 4.2
3. draft-openconfig-netmod-opstate-01, Section 4.3
4. draft-openconfig-netmod-opstate-01, Section 4.5
5. draft-openconfig-netmod-model-structure-00 (no section)
Appendix C. Open Issues
All issues with this draft are tracked using GitHub issues. Please
see: https://github.com/netmod-wg/opstate-reqs/issues to see
currently opened issues.
Authors' Addresses Authors' Addresses
Kent Watsen Kent Watsen
Juniper Networks Juniper Networks
EMail: kwatsen@juniper.net EMail: kwatsen@juniper.net
Thomas Nadeau Thomas Nadeau
Brocade Networks Brocade Networks
 End of changes. 24 change blocks. 
117 lines changed or deleted 86 lines changed or added

This html diff was produced by rfcdiff 1.42. The latest version is available from http://tools.ietf.org/tools/rfcdiff/