NETMOD Working Group K. Watsen
Internet-Draft Juniper Networks
Intended status: Standards Track A. Bierman
Expires: March 5, 2016 Yumaworks
M. Bjorklund
Tail-f Systems
J. Schoenwaelder
Jacobs University Bremen
September 2, 2015
Operational State Enhancements for YANG, NETCONF, and RESTCONF
draft-kwatsen-netmod-opstate-00
Abstract
This document presents enhancements to YANG, NETCONF, and RESTCONF to
better support the definition of and access to operational state
data.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 5, 2016.
Copyright Notice
Copyright (c) 2015 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
Watsen, et al. Expires March 5, 2016 [Page 1]
Internet-Draft Op-State Enhancements September 2015
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Conceptual Model . . . . . . . . . . . . . . . . . . . . . . 4
4. Enhancements to YANG . . . . . . . . . . . . . . . . . . . . 5
4.1. The related-state Statement . . . . . . . . . . . . . . . 5
4.1.1. YANG Module . . . . . . . . . . . . . . . . . . . . . 6
4.1.2. Usage Example . . . . . . . . . . . . . . . . . . . . 6
5. Enhancements to NETCONF . . . . . . . . . . . . . . . . . . . 7
5.1. The <get-state> Operation . . . . . . . . . . . . . . . . 7
5.1.1. YANG Module . . . . . . . . . . . . . . . . . . . . . 8
5.2. The Applied Configuration Capability . . . . . . . . . . 8
5.2.1. Description . . . . . . . . . . . . . . . . . . . . . 8
5.2.2. Dependencies . . . . . . . . . . . . . . . . . . . . 9
5.2.3. Capability Identifier . . . . . . . . . . . . . . . . 9
5.2.4. New Operations . . . . . . . . . . . . . . . . . . . 9
5.2.5. Modifications to Existing Operations . . . . . . . . 9
5.2.6. YANG Module . . . . . . . . . . . . . . . . . . . . . 9
5.2.7. Example . . . . . . . . . . . . . . . . . . . . . . . 10
6. Enhancements to RESTCONF . . . . . . . . . . . . . . . . . . 10
6.1. The Applied Configuration Capability . . . . . . . . . . 10
6.1.1. Description . . . . . . . . . . . . . . . . . . . . . 10
6.1.2. The applied capability . . . . . . . . . . . . . . . 11
6.1.3. The "applied" Query Parameter . . . . . . . . . . . . 11
7. Security Considerations . . . . . . . . . . . . . . . . . . . 11
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 11
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 11
10.1. Normative References . . . . . . . . . . . . . . . . . . 11
10.2. Informative References . . . . . . . . . . . . . . . . . 12
1. Introduction
Support for operational state has been defined in YANG [RFC6020],
NETCONF [RFC6241], and RESTCONF [draft-ietf-netconf-restconf] since
their beginnings. However, after some operational experience, the
support defined by these standards has been found to be limiting
[draft-openconfig-netmod-opstate] as follows:
o YANG
* Inability to associate operational state with configured state
Watsen, et al. Expires March 5, 2016 [Page 2]
Internet-Draft Op-State Enhancements September 2015
o NETCONF
* Inability to retrieve operational state without also retrieving
running configuration
* Inability to inspect the configuration as it is operationally
running
o RESTCONF
* Inability to inspect the configuration as it is operationally
running
Addressing these limitations is the focus of this document.
2. Terminology
The following terms are defined in [draft-openconfig-netmod-opstate],
but are redefined here as follows:
o intended configuration - this data represents the configuration
state that the network operator intends the configuration
controlled by the NETCONF/RESTCONF server to be in. In the
NETCONF protocol, the intended configuration is specified in the
"running" datastore. In the RESTCONF protocol, the intended
configuration is specified in its conceptual datastore.
o applied configuration - this data represents the configuration
state that the NETCONF/RESTCONF server is actually in, i.e., that
which is currently being run by particular software modules (e.g.,
the BGP daemon), or other systems within the server (e.g., a
secondary control-plane, or line card). The data model for
applied configuration is the same as the intended configuration's
data model. That is, the applied configuration data model is also
defined by the config true nodes in YANG modules supported by the
NETCONF/RESTCONF server. The data within the applied
configuration is the same as the data within the intended
configuration except as follows:
* When the intended configuration has not been communicated to an
external software entity
* When post-processing or flattening of the intended
configuration occurs to present a simpler view to the external
software entities
The transition from intended config to applied config commences in
NETCONF when <edit-config> or <commit> is called, for :writable-
Watsen, et al. Expires March 5, 2016 [Page 3]
Internet-Draft Op-State Enhancements September 2015
running or :candidate respectively, and in RESTCONF immediately
whenever a POST, PUT, DELETE, or PATCH operation is called.
Neither NETCONF nor RESTCONF currently enable inspection of the
applied configuration.
o derived state - this data represents information which is
generated as part of the system's own interactions. For example,
derived state may consist of the results of protocol interactions
(the negotiated duplex state of an Ethernet link), statistics
(such as message queue depth), or counters (such as packet input
or output bytes). Derived stated is defined in YANG using config
false nodes, retrievable in NETCONF using the <get> RPC, and
retrievable in RESTCONF using the content=nonconfiguration query
parameter.
The following terms are defined in this document:
o intended state - a synonym for "intended configuration".
o operational state - the combination of applied state and derived
state.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
3. Conceptual Model
The following diagram illustrates the conceptual model presented in
this document:
Watsen, et al. Expires March 5, 2016 [Page 4]
Internet-Draft Op-State Enhancements September 2015
+
intended | operational
state | state
|
|
+----------+ | +---------+
config true | intended | | | applied |
YANG nodes | config | | | config |
+----------+ | +---------+
|
+-------------------------------------------------------+
|
| +---------+
config false | | derived |
YANG nodes | | state |
| +---------+
|
+
Not illustrated in the diagram above:
o The intended and applied configurations share the same YANG-
defined data model, specified by the config true nodes in the YANG
modules supported by the server.
o The transition of the intended config to the applied commences
immediately, whenever the intended config is updated.
4. Enhancements to YANG
4.1. The related-state Statement
The "related-state" statement identifies a path to where additional
operational state associated for a config true node can be found.
This operational state being in addition to any descendant config
false nodes, which are implicitly associated to the parent config
true node.
The "related-state" statement takes as an argument a string that is
used to specify the path to a config false node holding the
associated operational state. The format of the argument is the same
as for the leafref's "path" statement, Section 9.9.2 in [RFC6020].
Watsen, et al. Expires March 5, 2016 [Page 5]
Internet-Draft Op-State Enhancements September 2015
4.1.1. YANG Module
module ietf-yang-related-state {
namespace urn:example:ietf-yang-related-state;
prefix yrs;
extension related-state {
argument path;
description
"The related-state statement is used to identify a node that
contains additional operational state associated for a config
true node.
The format of the argument is the same as for a leafref's "path"
statement.
The related-state statement can be specified in the following
YANG statements:
o leaf
o leaf-list
o container
o list
The related-state statement allows the following YANG substatements:
o description
Multiple related-state statements can be given in a specific node.";
}
}
4.1.2. Usage Example
The following example illustrates the related-state statement in use:
Watsen, et al. Expires March 5, 2016 [Page 6]
Internet-Draft Op-State Enhancements September 2015
module ex-interfaces {
namespace "http://example.com/interfaces";
prefix xif;
import ietf-yang-related-state {
prefix yrs;
}
container interfaces {
list interface {
key name;
yrs:related-state
"/interfaces-state/interface[name=current()/name]";
leaf name { type string }
leaf mtu { type uint16; }
...
}
}
container interfaces-state {
config false;
list interface {
key name;
leaf name { type string; }
...
}
}
}
5. Enhancements to NETCONF
5.1. The <get-state> Operation
One of the limitations identified in the Section 1 section was the
inability for the NETCONF protocol to retrieve operational state
without also retrieving running configuration. That is, the only
defined NETCONF operation capable of returning operational state is
the <get> operation ([RFC6241], Section 7.7), but it also returns the
"running" configuration for the nodes selected by the passed filter.
While it is possible to construct data-models whereby configuration
and operational state are in completely isolated sub-trees, and
thereby eliminate the retrieval of configuration when selecting an
operational state node, requiring all models to be structured this
way is not ideal.
Watsen, et al. Expires March 5, 2016 [Page 7]
Internet-Draft Op-State Enhancements September 2015
5.1.1. YANG Module
module ietf-netconf-get-state {
namespace urn:example:ietf-netconf-get-state;
prefix ncgs;
import ietf-netconf {
prefix nc;
}
rpc get-state {
description
"Retrieve device state information.";
reference "RFC 6241, Section 7.7";
input {
anyxml filter {
description
"This parameter specifies the portion of the system
configuration and state data to retrieve.";
nc:get-filter-element-attributes;
}
}
output {
anyxml data {
description
"Copy of the running datastore subset and/or state
data that matched the filter criteria (if any).
An empty data container indicates that the request
did not produce any results.";
}
}
}
}
5.2. The Applied Configuration Capability
5.2.1. Description
The applied configuration capability indicates that the device
supports an applied configuration datastore, which is used to hold a
read-only copy of configuration data as it is known to the
operational components of the system (e.g., the data plane).
The applied configuration datastore contains applied configuration,
as defined in Section 2.
Watsen, et al. Expires March 5, 2016 [Page 8]
Internet-Draft Op-State Enhancements September 2015
5.2.2. Dependencies
None.
5.2.3. Capability Identifier
The :applied capability is identified by the following capability
string:
:ietf:params:netconf:capability:applied:1.0
5.2.4. New Operations
None.
5.2.5. Modifications to Existing Operations
The :applied capability enables <applied/> to be passed as the
<source> argument to the <get-config> and <copy-config> operations.
The :applied capability does not modify any other existing
operations. In particular, the <applied/> value may not be used as
the <target> argument to any operation.
Note, the :applied capability has no impact to the <get> operation
because the <get> operation is defined as returning the "running"
configuration, without any <source> parameter to specify otherwise.
The <applied/> parameter is formally defined in Section 5.2.6.
5.2.6. YANG Module
Watsen, et al. Expires March 5, 2016 [Page 9]
Internet-Draft Op-State Enhancements September 2015
module ietf-netconf-applied-config {
namespace urn:example:ietf-netconf-applied-config;
prefix ncac;
import ietf-netconf {
prefix nc;
}
augment /nc:get-config/nc:input/nc:source/nc:config-source {
leaf applied {
type empty;
}
}
augment /nc:copy-config/nc:input/nc:source/nc:config-source {
leaf applied {
type empty;
}
}
}
5.2.7. Example
To retrieve the "/interfaces" subtree from the applied configuration
datastore:
<rpc message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<get-config>
<source>
<applied xmlns="urn:example:ietf-netconf-applied-config"/>
</source>
<filter type="subtree">
<interfaces xmlns="http://example.com/interfaces"/>
</filter>
</get-config>
</rpc>
6. Enhancements to RESTCONF
6.1. The Applied Configuration Capability
6.1.1. Description
The applied configuration capability indicates that the device
supports an applied configuration datastore, which is used to hold a
read-only copy of configuration data as it is known to the
operational components of the system (e.g., the data plane).
Watsen, et al. Expires March 5, 2016 [Page 10]
Internet-Draft Op-State Enhancements September 2015
The applied configuration datastore contains applied configuration,
as defined in section Section 2.
6.1.2. The applied capability
A RESTCONF server supports the applied configuration datastore when
it presents the following URI in its "capability" leaf-list, as
defined in [RFC6241], Section 9.3.
urn:ietf:params:restconf:capability:applied:1.0
6.1.3. The "applied" Query Parameter
The "applied" parameter is only available when the RESTCONF server
supports the "urn:ietf:params:restconf:capability:applied:1.0"
capability.
The "applied" parameter is used to specify that the GET request
should be directed to the applied configuration datastore.
The "applied" parameter does not have a value assignment.
This parameter is only allowed for GET methods on API, datastore, and
data resources. A 400 Bad Request error is returned if it used for
other methods or resource types.
7. Security Considerations
TBD
8. IANA Considerations
TBD
9. Acknowledgements
TBD
10. References
10.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC6020] Bjorklund, M., "YANG - A Data Modeling Language for the
Network Configuration Protocol (NETCONF)", RFC 6020,
October 2010.
Watsen, et al. Expires March 5, 2016 [Page 11]
Internet-Draft Op-State Enhancements September 2015
[RFC6241] Enns, R., Bjorklund, M., Schoenwaelder, J., and A.
Bierman, "Network Configuration Protocol (NETCONF)", RFC
6241, June 2011.
[draft-ietf-netconf-restconf]
Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF
Protocol", draft-ieft-netconf-restconf-04 (work in
progress), 2014, <https://tools.ietf.org/html/draft-ietf-
netconf-restconf>.
10.2. Informative References
[draft-openconfig-netmod-opstate]
Shakir, R., Shaikh, A., and M. Hines, "Consistent Modeling
of Operational State Data in YANG", 2015,
<https://tools.ietf.org/html/draft-openconfig-netmod-
opstate>.
Authors' Addresses
Kent Watsen
Juniper Networks
EMail: kwatsen@juniper.net
Andy Bierman
Yumaworks
EMail: andy@yumaworks.com
Martin Bjorklund
Tail-f Systems
EMail: mbj@tail-f.com
Juergen Schoenwaelder
Jacobs University Bremen
EMail: j.schoenwaelder@jacobs-university.de
Watsen, et al. Expires March 5, 2016 [Page 12]