NETCONF C. Feng
Internet-Draft Q. Ma
Intended status: Standards Track Huawei
Expires: December 24, 2021 C. Xie
China Telecom
June 22, 2021
System Configuration Data Handling Behavior
draft-ma-netconf-with-system-02
Abstract
This document defines an optional "system" datastore to allow clients
populate the system configuration into running datastore in the
device. It also defines a capability-based extension to the NETCONF
protocol that helps the NETCONF client identify how system
configuration are processed by the server.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on December 24, 2021.
Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
Feng, et al. Expires December 24, 2021 [Page 1]
Internet-Draft System Configuration Data Handling June 2021
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3
1.2. Requirements Language . . . . . . . . . . . . . . . . . . 4
2. System Configuration Datastore . . . . . . . . . . . . . . . 4
2.1. Life Cycle of the system configuration management . . . . 4
2.2. "Factory-Reset" RPC Impact on System Configuration
Datastore . . . . . . . . . . . . . . . . . . . . . . . . 5
3. System Configuration data handling Basic Modes . . . . . . . 5
3.1. 'auto-populate' Initialization During Reboot . . . . . . 6
3.2. 'auto-populate' <edit-config> Behavior towards <running> 6
3.3. 'no-populate' <edit-config> Behavior towards <running> . 7
4. Retrieval of System Configuration Data . . . . . . . . . . . 7
5. With System Capability . . . . . . . . . . . . . . . . . . . 7
5.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . 7
5.2. Capability Identifier . . . . . . . . . . . . . . . . . . 8
5.3. Modifications to Existing Operations . . . . . . . . . . 8
5.3.1. <get-data> Operations . . . . . . . . . . . . . . . . 8
5.3.2. <edit-config> Operation . . . . . . . . . . . . . . . 8
6. YANG Module . . . . . . . . . . . . . . . . . . . . . . . . . 8
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10
8. Security Considerations . . . . . . . . . . . . . . . . . . . 10
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 11
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 11
10.1. Normative References . . . . . . . . . . . . . . . . . . 11
10.2. Informative References . . . . . . . . . . . . . . . . . 11
Appendix A. Changes between Revisions . . . . . . . . . . . . . 12
Appendix B. Open Issues tracking . . . . . . . . . . . . . . . . 12
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 12
1. Introduction
The NETCONF protocol [RFC6241] defines ways to read configuration and
state data from a NETCONF server.
In some cases, a client-configured data item refers to a system
generated data item (e.g., the auto-created interfaces "eth1"), which
is only present in the <operational> datastore [RFC8342]. In order
for it being referenced, the duplicated system configured data item
needs to be retrieved from <operational> and overridden by the
client.
Feng, et al. Expires December 24, 2021 [Page 2]
Internet-Draft System Configuration Data Handling June 2021
In some other cases, a system generated configured data item is in
the when/must statement, the similar operation should also be
performed to make sure a successful validation, which is cumbersome.
Furthmore, when the system generated data item gets updated, there is
no way to synchronize the update into <running> and the client can't
detect the update automatically.
This document defines a "system" datastore to hold all the
configurations provided by the system itself. It also defines a
capability-based extension to the NETCONF protocol that allows the
configuration synchronization between <system> and <running> both
automatically and explicitly.
1.1. Terminology
This document assumes that the reader is familiar with the contents
of [RFC6241], [RFC7950], [RFC8342], [RFC8407], and [RFC8525] and uses
terminologies from those documents.
The following terms are defined in this document as follows:
System configuration: Configuration that is provided by the system
itself [RFC8342].
System configuration datastore: A configuration datastore holding
the complete configuration provided by the system iteself. This
datastore is referred to as "<system>".
physical resource independent system configuration: When the device
is powered on, the pre-provisioned configuration will be activated
and provided, irrespective of physical resource present or not,
sometimes the pre-provisioned configuration will be provided
without must/when statement constraint (e.g., loop back interface
activation), sometimes not, e.g., only provided when a special
functionality is enabled.
Physical resource dependent system configuration: When the device is
powered on and the physical resource is present (e.g., insert
interface card), the system will automatically detect it and load
pre-provisioned configuration; when the physical resource is not
present( remove interface card), the system configuration will be
automatically cleared.
Feng, et al. Expires December 24, 2021 [Page 3]
Internet-Draft System Configuration Data Handling June 2021
1.2. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
2. System Configuration Datastore
Following guidelines for defining Datastores in the appendix A of
[RFC8342], this document introduces a new datastore resource named
'system' that represents the system configuration.
o Name: "system"
o YANG modules: all
o YANG nodes: all "config true" data nodes
o Management operations: The content of the datastore is set by the
server in an implementation dependent manner. The content can not
be changed by management operations via NETCONF, RESTCONF,the CLI,
etc unless specialized, dedicated operations are provided. The
datastore can be read using the standard NETCONF/RESTCONF protocol
operations.
o Origin: This document does not define any new origin identity when
it interacts with <operational> datastore. The system origin
Metadata Annotation is used to indicate the origin of a data item.
o Protocols: RESTCONF, NETCONF and other management protocol.
o Defining YANG module: "ietf-netconf-with-system".
The datastore content is usually defined by the device vendor. It is
static at most of time and MAY change e.g., depending on external
factors like HW available or during device upgrade. <system> does not
persist across reboots. It will be automatically loaded when the
device is powered on or the physical resource is present.
2.1. Life Cycle of the system configuration management
When the device is powered on, physical resource independent system
configuration will be created in <system> automatically by the system
if there is no when/must statement constraint associated with system
configuration data or provided only when a special functionality is
enabled.
Feng, et al. Expires December 24, 2021 [Page 4]
Internet-Draft System Configuration Data Handling June 2021
When the device is powered on and the physical resource is inserted
into the device, physical resource dependent system configuration
will be automatically loaded into <system>;
When the physical resource is removed from the device, the physical
resource dependent system configuration will be automatically removed
from <system>;
2.2. "Factory-Reset" RPC Impact on System Configuration Datastore
[RFC8808]defines a "factory-reset" RPC to allow clients to reset a
server back to its factory-default condition. Upon receiving the
RPC, all supported conventional read-write configuration
datastore(i.e.,<running>, <startup> and <candidate>) are reset to the
contents of <factory-default>. <system> should also immediately reset
to its factory default state. That's to say, any system
configurations generated due to system upgrading or client-enabled
functionality should be discarded. System configuration which is
generated at the first time when it boots after being shipped from
factory should be retained.
3. System Configuration data handling Basic Modes
Not all server implementations treat system configuration data in the
same way. Instead of forcing a single implementation strategy, this
document allows a server advertise a particular style of system
configuration data handling, and the client can adjust behavior
accordingly.
This document specifies two standard system configuration handling
basic modes that a server implementor may choose from:
o auto-populate
o no-populate
A server that uses the 'auto-populate' basic mode MUST automatically
o Update <running> with the system configuration change, after the
"system" configuration has been altered as a consequence of a plug
and play operation or device powering on operation. However the
configurations in <running> can not be removed automatically when
configuration data nodes in <system> is deleted since those
configurations in <running> are likely to have already been
modified or referenced.
o The system configuration doesn't need to be explicitly set by the
client first before the system configuration needs to be updated
Feng, et al. Expires December 24, 2021 [Page 5]
Internet-Draft System Configuration Data Handling June 2021
with client set configuration or referenced by client set
configuration.
A server that uses the 'no-populate' basic mode
o MUST not update <running> with the system configuration.
o The system configuration MUST be explicitly set by the client
first before the system configuration needs to be updated with
client set configuration or referenced by client set
configuration.
3.1. 'auto-populate' Initialization During Reboot
The contents of <system> don't have to be persist across reboots,
even in the presence of non-volatile storage.
For the NETCONF server which implements the <factory-default>
datastore [RFC8808], it may load <factory-default> at the first time
when it boots after being shipped from factory or reset to its
factory default condition. Then it's just like each normal boot
time, the device generates system configurations and saves into
<system>. Then the device loads the saved startup configuration(if
<startup> exists) into <running>. Lastly, the device loads <system>
into <running>. If there exists any conflict, the configuration in
the <running> should succeed.
3.2. 'auto-populate' <edit-config> Behavior towards <running>
For a data node that is loaded from <system> automatically, the
server MUST consider it to exist.
o A valid 'create' operation attribute for a data node that is
loaded from <system> and set by the server MUST fail with a 'data-
exists' error-tag;
o A valid 'delete' operation attribute for a data node that is
loaded from <system> and set by the server MUST succeed. The
deleted system configuration MUST be reloaded into <running>
immediately if the system configuration is still present in the
<system>;
o A valid 'merge' operation attribute for a data node that is loaded
from <system> and set by the server MUST succeed.
Feng, et al. Expires December 24, 2021 [Page 6]
Internet-Draft System Configuration Data Handling June 2021
3.3. 'no-populate' <edit-config> Behavior towards <running>
The server MUST NOT consider any system configuration data node to
exist in <running> configuration datastore, except those explicitly
set by the client.
o A valid 'create' operation attribute for a data node that is set
by the server MUST succeed since the system configuration data is
not present in the <running> configuration datastore.
o A valid 'merge' operation attribute for a data node that is set by
the server MUST succeed even though the name of data node in
<system> is same as name of data node explicitly set by the
client.
o A valid 'delete' operation attribute for a data node that is set
by the client MUST succeed even though the name of data node in
<system> is same as name of data node explicitly set by the
client. A valid 'delete' operation attribute for a data node that
is not explicitly set by the client MUST fail since system
configuration is not loaded into <running>.
4. Retrieval of System Configuration Data
TBD
5. With System Capability
5.1. Overview
The :with-system capability indicates which system-data-handling
basic mode is supported by the server. These basic modes allow a
NETCONF client to control whether system configuration data is
returned by the server. Sending of system configuration data is
controlled for each individual operation separately.
A NETCONF server implementing the :with-system capability:
o MUST indicate its basic mode behavior by including the 'basic-
mode' parameter in the capability URI;
o MUST support the YANG module defined in Section 6 for the system
configuration data handling mode indicated by the 'basic-mode'
parameter.
Feng, et al. Expires December 24, 2021 [Page 7]
Internet-Draft System Configuration Data Handling June 2021
5.2. Capability Identifier
urn:ietf:params:netconf:capability:with-system:1.0
The identifier MUST have a parameter: "basic-mode". This indicates
how the server will treat system configuration data, as defined in
Section 3. The allowed values of this parameter are 'auto-populate',
and 'no-populate', as defined in Section 3.
urn:ietf:params:netconf:capability:with-system:1.0?basic-mode=no-
populate
5.3. Modifications to Existing Operations
5.3.1. <get-data> Operations
As defined in Section 6, retrieval of system configuration in
<system> can be used through <get-data> operation with the
"datastore" parameter set to "system".
5.3.2. <edit-config> Operation
The <edit-config> operation has several editing modes. The 'create',
and 'delete' editing operations are affected by the system
configuration data handling basic mode. The other enumeration values
for the NETCONF operation attribute are not affected.
If the operation attribute contains the value 'create', and the data
node already exists in the target configuration datastore, then the
server MUST return an <rpc-error> response with a 'invalid-value'
error-tag.
If the client sets a data node that is explicitly set by the server,
the server MUST accept the request if it is valid. The server MUST
keep or discard the new value based on its system configuration data
handling basic mode.
6. YANG Module
This YANG module uses the "datastore" identity [RFC8342]. Every
NETCONF server which supports :with-system capability MUST implement
this YANG module.
<CODE BEGINS> file="ietf-netconf-with-system@2021-05-14.yang"
module ietf-netconf-with-system {
yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-netconf-with-system";
prefix ncws;
Feng, et al. Expires December 24, 2021 [Page 8]
Internet-Draft System Configuration Data Handling June 2021
import ietf-datastores {
prefix ds;
reference
"RFC 8342: Network Management Datastore Architecture(NMDA)";
}
organization
"IETF NETCONF (Network Configuration Protocol) Working Group";
contact
"WG Web: <http://tools.ietf.org/wg/netconf/>
WG List: <mailto:netconf@ietf.org>
WG Chair:
Editor:
";
description
"This module defines an extension to the NETCONF protocol
that allows the NETCONF client to control how system configuration
data are handled by the server in particular NETCONF operations.
Copyright (c) 2010 IETF Trust and the persons identified as
the document authors. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject
to the license terms contained in, the Simplified BSD License
set forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(http://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX; see
the RFC itself for full legal notices.";
// RFC Ed.: replace XXXX with actual RFC number and remove this note
revision 2021-05-14 {
description
"Initial version.";
reference
"RFC XXXX: With-system capability for NETCONF";
}
feature system-datastore {
description
"Indicates that the system configuration is available as a datastore.";
}
identity system {
if-feature "system-datastore";
Feng, et al. Expires December 24, 2021 [Page 9]
Internet-Draft System Configuration Data Handling June 2021
base ds:datastore;
description
"This read-only datastore contains the system configuration for the
device that will be loaded into <running> automatically in the
"auto-populate" basic mode.";
}
}
<CODE ENDS>
7. IANA Considerations
This document registers the following capability identifier URN in
the 'Network Configuration Protocol Capability URNs registry':
urn:ietf:params:netconf:capability:with-system:1.0
This document registers two XML namespace URNs in the 'IETF XML
registry', following the format defined in [RFC3688].
URI: urn:ietf:params:xml:ns:netconf:system:1.0
URI: urn:ietf:params:xml:ns:yang:ietf-netconf-with-system
Registrant Contact: The NETCONF WG of the IETF.
XML: N/A, the requested URIs are XML namespaces.
This document registers one module name in the 'YANG Module Names'
registry, defined in [RFC6020] .
name: ietf-netconf-with-system
prefix: ncws
namespace: urn:ietf:params:xml:ns:yang:ietf-netconf-with-system
RFC: XXXX // RFC Ed.: replace XXXX and remove this comment
8. Security Considerations
The YANG module specified in this document defines a schema for data
that is designed to be accessed via network management protocols such
as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer
is the secure transport layer, and the mandatory-to-implement secure
transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer
is HTTPS, and the mandatory-to-implement secure transport is TLS
[RFC8446].
The Network Configuration Access Control Model (NACM) [RFC8341]
provides the means to restrict access for particular NETCONF or
RESTCONF users to a preconfigured subset of all available NETCONF or
RESTCONF protocol operations and content.
Feng, et al. Expires December 24, 2021 [Page 10]
Internet-Draft System Configuration Data Handling June 2021
9. Acknowledgements
Thanks to Robert Wilton, Kent Watsen, Balazs Lengyel, Timothy Carey
for reviewing, and providing important input to, this document.
10. References
10.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
10.2. Informative References
[RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed.,
and A. Bierman, Ed., "Network Configuration Protocol
(NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011,
<https://www.rfc-editor.org/info/rfc6241>.
[RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language",
RFC 7950, DOI 10.17487/RFC7950, August 2016,
<https://www.rfc-editor.org/info/rfc7950>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K.,
and R. Wilton, "Network Management Datastore Architecture
(NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018,
<https://www.rfc-editor.org/info/rfc8342>.
[RFC8407] Bierman, A., "Guidelines for Authors and Reviewers of
Documents Containing YANG Data Models", BCP 216, RFC 8407,
DOI 10.17487/RFC8407, October 2018,
<https://www.rfc-editor.org/info/rfc8407>.
[RFC8525] Bierman, A., Bjorklund, M., Schoenwaelder, J., Watsen, K.,
and R. Wilton, "YANG Library", RFC 8525,
DOI 10.17487/RFC8525, March 2019,
<https://www.rfc-editor.org/info/rfc8525>.
[RFC8808] Wu, Q., Lengyel, B., and Y. Niu, "A YANG Data Model for
Factory Default Settings", RFC 8808, DOI 10.17487/RFC8808,
August 2020, <https://www.rfc-editor.org/info/rfc8808>.
Feng, et al. Expires December 24, 2021 [Page 11]
Internet-Draft System Configuration Data Handling June 2021
Appendix A. Changes between Revisions
v01 - v02
o Remove System configuration data retrieval behavior in the
mainbody and examples in the appendix.
o Remove <get> operation and <get-config> operation extension from
the YANG data model.
o Change basic mode values into auto-populate, no-populate.
o Consider <factory-default> to work together with <system>.
Appendix B. Open Issues tracking
o Do we need to define RPC to allow the server loads <system>
configuration data into <running>?
o Can we introduce better terminology?
o Should we define a standard operation of system configuration
retrieval?
Authors' Addresses
Feng Chong
Huawei
101 Software Avenue, Yuhua District
Nanjing, Jiangsu 210012
China
Email: frank.fengchong@huawei.com
Qiufang Ma
Huawei
101 Software Avenue, Yuhua District
Nanjing, Jiangsu 210012
China
Email: maqiufang1@huawei.com
Feng, et al. Expires December 24, 2021 [Page 12]
Internet-Draft System Configuration Data Handling June 2021
Chongfeng Xie
China Telecom
Beijing
China
Email: xiechf@chinatelecom.cn
Feng, et al. Expires December 24, 2021 [Page 13]