rfc9144.original   rfc9144.txt 
Network Working Group A. Clemm Internet Engineering Task Force (IETF) A. Clemm
Internet-Draft Y. Qu Request for Comments: 9144 Y. Qu
Intended status: Standards Track Futurewei Category: Standards Track Futurewei
Expires: February 7, 2022 J. Tantsura ISSN: 2070-1721 J. Tantsura
Microsoft Microsoft
A. Bierman A. Bierman
YumaWorks YumaWorks
August 6, 2021 December 2021
Comparison of NMDA datastores Comparison of Network Management Datastore Architecture (NMDA)
draft-ietf-netmod-nmda-diff-12 Datastores
Abstract Abstract
This document defines an RPC operation to compare management This document defines a Remote Procedure Call (RPC) operation to
datastores that comply with the NMDA architecture. compare management datastores that comply with the Network Management
Datastore Architecture (NMDA).
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This is an Internet Standards Track document.
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document is a product of the Internet Engineering Task Force
and may be updated, replaced, or obsoleted by other documents at any (IETF). It represents the consensus of the IETF community. It has
time. It is inappropriate to use Internet-Drafts as reference received public review and has been approved for publication by the
material or to cite them other than as "work in progress." Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 7841.
This Internet-Draft will expire on February 7, 2022. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
https://www.rfc-editor.org/info/rfc9144.
Copyright Notice Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Revised BSD License text as described in Section 4.e of the
the Trust Legal Provisions and are provided without warranty as Trust Legal Provisions and are provided without warranty as described
described in the Simplified BSD License. in the Revised BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction
2. Key Words . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Key Words
3. Definitions and Acronyms . . . . . . . . . . . . . . . . . . 3 3. Data Model Overview
4. Data Model Overview . . . . . . . . . . . . . . . . . . . . . 4 4. YANG Data Model
5. YANG Data Model . . . . . . . . . . . . . . . . . . . . . . . 6 5. Example
6. Example . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 6. Performance Considerations
7. Performance Considerations . . . . . . . . . . . . . . . . . 14 7. IANA Considerations
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15 7.1. Update to the IETF XML Registry
8.1. Updates to the IETF XML Registry . . . . . . . . . . . . 15 7.2. Update to the YANG Module Names Registry
8.2. Updates to the YANG Module Names Registry . . . . . . . . 15 8. Security Considerations
9. Security Considerations . . . . . . . . . . . . . . . . . . . 15 9. References
10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 16 9.1. Normative References
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 16 9.2. Informative References
11.1. Normative References . . . . . . . . . . . . . . . . . . 16 Appendix A. Possible Future Extensions
11.2. Informative References . . . . . . . . . . . . . . . . . 18 Acknowledgments
Appendix A. Possible Future Extensions . . . . . . . . . . . . . 18 Authors' Addresses
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 18
1. Introduction 1. Introduction
The revised Network Management Datastore Architecture (NMDA) The revised NMDA [RFC8342] introduces a set of new datastores that
[RFC8342] introduces a set of new datastores that each hold YANG- each hold YANG-defined data [RFC7950] and represent a different
defined data [RFC7950] and represent a different "viewpoint" on the "viewpoint" on the data that is maintained by a server. New YANG
data that is maintained by a server. New YANG datastores that are datastores that are introduced include <intended>, which contains
introduced include <intended>, which contains validated configuration validated configuration data that a client application intends to be
data that a client application intends to be in effect, and in effect, and <operational>, which contains operational state data
<operational>, which contains operational state data (such as (such as statistics) as well as configuration data that is actually
statistics) as well as configuration data that is actually in effect. in effect.
NMDA introduces in effect a concept of "lifecycle" for management NMDA introduces, in effect, a concept of "lifecycle" for management
data, distinguishing between data that is part of a configuration data, distinguishing between data that is part of a configuration
that was supplied by a user, configuration data that has actually that was supplied by a user, configuration data that has actually
been successfully applied and that is part of the operational state, been successfully applied and that is part of the operational state,
and overall operational state that includes applied configuration and the overall operational state that includes applied configuration
data as well as status and statistics. data as well as status and statistics.
As a result, data from the same management model can be reflected in As a result, data from the same management model can be reflected in
multiple datastores. Clients need to specify the target datastore to multiple datastores. Clients need to specify the target datastore to
be specific about which viewpoint of the data they want to access. be specific about which viewpoint of the data they want to access.
For example, a client application can differentiate whether they are For example, a client application can differentiate whether they are
interested in the configuration supplied to a server and that is interested in the configuration that is supplied to a server and is
supposed to be in effect, or the configuration that has been applied supposed to be in effect or the configuration that has been applied
and is actually in effect on the server. and is actually in effect on the server.
Due to the fact that data can propagate from one datastore to Due to the fact that data can propagate from one datastore to
another, it is possible for differences between datastores to occur. another, it is possible for differences between datastores to occur.
Some of this is entirely expected, as there may be a time lag between Some of this is entirely expected, as there may be a time lag between
when a configuration is given to the device and reflected in when a configuration is given to the device and reflected in
<intended>, until when it actually takes effect and is reflected in <intended> until when it actually takes effect and is reflected in
<operational>. However, there may be cases when a configuration item <operational>. However, there may be cases when a configuration item
that was to be applied may not actually take effect at all or needs that was to be applied may not actually take effect at all or needs
an unusually long time to do so. This can be the case due to certain an unusually long time to do so. This can be the case due to certain
conditions not being met, certain parts of the configuration not conditions not being met, certain parts of the configuration not
propagating because they are considered inactive, resource propagating because they are considered inactive, resource
dependencies not being resolved, or even implementation errors in dependencies not being resolved, or even implementation errors in
corner conditions. corner conditions.
When configuration that is in effect is different from configuration When the configuration that is in effect is different from the
that was applied, many issues can result. It becomes more difficult configuration that was applied, many issues can result. It becomes
to operate the network properly due to limited visibility of actual more difficult to operate the network properly due to limited
operational status which makes it more difficult to analyze and visibility of the actual operational status, which makes it more
understand what is going on in the network. Services may be difficult to analyze and understand what is going on in the network.
negatively affected (for example, degrading or breaking a customer Services may be negatively affected (for example, degrading or
service) and network resources may be misallocated. breaking a customer service), and network resources may be
misallocated.
Applications can potentially analyze any differences between two Applications can potentially analyze any differences between two
datastores by retrieving the contents from both datastores and datastores by retrieving the contents from both datastores and
comparing them. However, in many cases this will be at the same time comparing them. However, in many cases, this will be both costly and
costly and extremely wasteful. extremely wasteful.
This document introduces a YANG data model which defines RPCs, This document introduces a YANG data model that defines RPCs intended
intended to be used in conjunction with NETCONF [RFC6241] or RESTCONF to be used in conjunction with NETCONF [RFC6241] or RESTCONF
[RFC8040], that allow a client to request a server to compare two [RFC8040]. These RPCs allow a client to request a server to compare
NMDA datastores and report any differences. two NMDA datastores and report any differences.
2. Key Words 2. Key Words
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP "OPTIONAL" in this document are to be interpreted as described in
14 [RFC2119] [RFC8174] when, and only when, they appear in all BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
3. Definitions and Acronyms 3. Data Model Overview
NMDA: Network Management Datastore Architecture
RPC: Remote Procedure Call
4. Data Model Overview
The core of the solution is a new management operation, <compare>, The core of the solution is a new management operation, <compare>,
that compares the data tree contents of two datastores. The that compares the data tree contents of two datastores. The
operation checks whether there are any differences in values or in operation checks whether there are any differences in values or in
data nodes that are contained in either datastore, and returns any data nodes that are contained in either datastore and returns any
differences as output. The output is returned in the format differences as output. The output is returned in the format
specified in YANG-Patch [RFC8072]. specified in YANG Patch [RFC8072].
The YANG data model defines the <compare> operation as a new RPC. The YANG data model defines the <compare> operation as a new RPC.
The operation takes the following input parameters: The operation takes the following input parameters:
o source: The source identifies the datastore that will serve as the source: The source identifies the datastore to serve as the
reference for the comparison, for example <intended>. reference for the comparison -- for example, <intended>.
o target: The target identifies the datastore to compare against the target: The target identifies the datastore to compare against the
source, for example <operational>. source -- for example, <operational>.
o filter-spec: This is a choice between different filter constructs filter-spec: This is a choice between different filter constructs to
to identify the parts of the datastore to be retrieved. It acts identify the parts of the datastore to be retrieved. It acts as a
as a node selector that specifies which data nodes are within the node selector that specifies which data nodes are within the scope
scope of the comparison and which nodes are outside the scope. of the comparison and which nodes are outside the scope. This
This allows a comparison operation to be applied only to a allows a comparison operation to be applied only to a specific
specific part of the datastore that is of interest, such as a part of the datastore that is of interest, such as a particular
particular subtree. Note, the filter does not allow expressions subtree. Note that the filter does not allow expressions that
that match against data node values, since this may incur match against data node values, since this may incur
implementation difficulties and is not required for normal use implementation difficulties and is not required for normal use
cases. cases.
o all: When set, this parameter indicates that all differences all: When set, this parameter indicates that all differences should
should be included, including differences pertaining to schema be included, including differences pertaining to schema nodes that
nodes that exist in only one of the datastores. When this exist in only one of the datastores. When this parameter is not
parameter is not included, a prefiltering step is automatically included, a prefiltering step is automatically applied to exclude
applied to exclude data from the comparison that does not pertain data from the comparison that does not pertain to both datastores:
to both datastores: if the same schema node is not present in both if the same schema node is not present in both datastores, then
datastores, then all instances of that schema node and all its all instances of that schema node and all its descendants are
descendants are excluded from the comparison. This allows client excluded from the comparison. This allows client applications to
applications to focus on the differences that constitute true focus on the differences that constitute true mismatches of
mismatches of instance data without needing to specify more instance data without needing to specify more complex filter
complex filter constructs. constructs.
o report-origin: When set, this parameter indicates that origin report-origin: When set, this parameter indicates that origin
metadata should be included as part of RPC output. When this metadata should be included as part of RPC output. When this
parameter is omitted, origin metadata in comparisons that involve parameter is omitted, origin metadata in comparisons that involve
<operational> is by default omitted. Note that origin metadata <operational> is by default omitted. Note that origin metadata
only applies to <operational> it is therefore also omitted in only applies to <operational>; it is therefore also omitted in
comparisons that do not involve <operational> regardless of comparisons that do not involve <operational> regardless of
whether or not the parameter is set. whether or not the parameter is set.
The operation provides the following output parameter: The operation provides the following output parameter:
o differences: This parameter contains the list of differences. differences: This parameter contains the list of differences. Those
Those differences are encoded per the YANG-Patch data model differences are encoded per the YANG Patch data model defined in
defined in RFC8072. When a datastore node in the source of the [RFC8072]. When a datastore node in the source of the comparison
comparison is not present in the target of the comparison, this is not present in the target of the comparison, this can be
can be indicated either as a "delete" or as a "remove" in the indicated either as a "delete" or as a "remove" in the patch as
patch as there is no differentiation between those operations for there is no differentiation between those operations for the
the purposes of the comparison. The YANG-Patch data model is purposes of the comparison. The YANG Patch data model is
augmented to indicate the value of source datastore nodes in augmented to indicate the value of source datastore nodes in
addition to the patch itself that would need to be applied to the addition to the patch itself that would need to be applied to the
source to produce the target. When the target datastore is source to produce the target. When the target datastore is
<operational> and the input parameter "report-origin" is set, <operational> and the input parameter "report-origin" is set,
"origin" metadata is included as part of the patch. Including origin metadata is included as part of the patch. Including
origin metadata can help in some cases explain the cause of a origin metadata can help explain the cause of a difference in some
difference, for example when a data node is part of <intended> but cases -- for example, when a data node is part of <intended> but
the origin of the same data node in <operational> is reported as the origin of the same data node in <operational> is reported as
"system". "system".
The data model is defined in the ietf-nmda-compare YANG module. Its The data model is defined in the ietf-nmda-compare YANG module. Its
structure is shown in the following figure. The notation syntax structure is shown in the following figure. The notation syntax
follows [RFC8340]. follows [RFC8340].
module: ietf-nmda-compare module: ietf-nmda-compare
rpcs: rpcs:
+---x compare +---x compare
+---w input +---w input
| +---w source identityref | +---w source identityref
| +---w target identityref | +---w target identityref
| +---w all? empty | +---w all? empty
| +---w report-origin? empty | +---w report-origin? empty
| +---w (filter-spec)? | +---w (filter-spec)?
| +--:(subtree-filter) | +--:(subtree-filter)
| | +---w subtree-filter? | | +---w subtree-filter?
| +--:(xpath-filter) | +--:(xpath-filter)
| +---w xpath-filter? yang:xpath1.0 {nc:xpath}? | +---w xpath-filter? yang:xpath1.0 {nc:xpath}?
+--ro output +--ro output
+--ro (compare-response)? +--ro (compare-response)?
+--:(no-matches) +--:(no-matches)
| +--ro no-matches? empty | +--ro no-matches? empty
+--:(differences) +--:(differences)
+--ro differences +--ro differences
+--ro yang-patch +--ro yang-patch
+--ro patch-id string +--ro patch-id string
+--ro comment? string +--ro comment? string
+--ro edit* [edit-id] +--ro edit* [edit-id]
+--ro edit-id string +--ro edit-id string
+--ro operation enumeration +--ro operation enumeration
+--ro target target-resource-offset +--ro target target-resource-offset
+--ro point? target-resource-offset +--ro point? target-resource-offset
+--ro where? enumeration +--ro where? enumeration
+--ro value? +--ro value?
+--ro source-value? +--ro source-value?
Structure of ietf-nmda-compare Figure 1: Structure of ietf-nmda-compare
5. YANG Data Model 4. YANG Data Model
<CODE BEGINS> file "ietf-nmda-compare@2021-08-06.yang" This YANG module includes references to [RFC6991], [RFC8342],
module ietf-nmda-compare { [RFC8072], and [RFC6241].
<CODE BEGINS> file "ietf-nmda-compare@2021-11-17.yang"
module ietf-nmda-compare {
yang-version 1.1; yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-nmda-compare"; namespace "urn:ietf:params:xml:ns:yang:ietf-nmda-compare";
prefix cmp; prefix cmp;
import ietf-yang-types { import ietf-yang-types {
prefix yang; prefix yang;
reference "RFC 6991: Common YANG Data Types"; reference
"RFC 6991: Common YANG Data Types";
} }
import ietf-datastores { import ietf-datastores {
prefix ds; prefix ds;
reference "RFC 8342: Network Management Datastore reference
Architecture (NMDA)"; "RFC 8342: Network Management Datastore
Architecture (NMDA)";
} }
import ietf-yang-patch { import ietf-yang-patch {
prefix ypatch; prefix ypatch;
reference "RFC 8072: YANG Patch Media Type"; reference
"RFC 8072: YANG Patch Media Type";
} }
import ietf-netconf { import ietf-netconf {
prefix nc; prefix nc;
reference "RFC6241: Network Configuration Protocol (NETCONF)"; reference
"RFC 6241: Network Configuration Protocol (NETCONF)";
} }
organization "IETF"; organization
"IETF NETMOD (Network Modeling) Working Group";
contact contact
"WG Web: <https://datatracker.ietf.org/wg/netconf/> "WG Web: <https://datatracker.ietf.org/wg/netmod/>
WG List: <mailto:netconf@ietf.org> WG List: <mailto:netmod@ietf.org>
Author: Alexander Clemm Author: Alexander Clemm
<mailto:ludwig@clemm.org> <mailto:ludwig@clemm.org>
Author: Yingzhen Qu Author: Yingzhen Qu
<mailto:yqu@futurewei.com> <mailto:yqu@futurewei.com>
Author: Jeff Tantsura Author: Jeff Tantsura
<mailto:jefftant.ietf@gmail.com> <mailto:jefftant.ietf@gmail.com>
skipping to change at page 7, line 33 skipping to change at line 289
<mailto:ludwig@clemm.org> <mailto:ludwig@clemm.org>
Author: Yingzhen Qu Author: Yingzhen Qu
<mailto:yqu@futurewei.com> <mailto:yqu@futurewei.com>
Author: Jeff Tantsura Author: Jeff Tantsura
<mailto:jefftant.ietf@gmail.com> <mailto:jefftant.ietf@gmail.com>
Author: Andy Bierman Author: Andy Bierman
<mailto:andy@yumaworks.com>"; <mailto:andy@yumaworks.com>";
description description
"The YANG data model defines a new operation, <compare>, that "The YANG data model defines a new operation, <compare>, that
can be used to compare NMDA datastores. can be used to compare NMDA datastores.
Copyright (c) 2021 IETF Trust and the persons identified as Copyright (c) 2021 IETF Trust and the persons identified as
authors of the code. All rights reserved. authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject to without modification, is permitted pursuant to, and subject to
the license terms contained in, the Simplified BSD License set the license terms contained in, the Revised BSD License set
forth in Section 4.c of the IETF Trust's Legal Provisions forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents Relating to IETF Documents
(https://trustee.ietf.org/license-info). (https://trustee.ietf.org/license-info).
This version of this YANG module is part of This version of this YANG module is part of RFC 9144; see the
draft-ietf-netmod-nmda-diff-12; see the RFC itself for full RFC itself for full legal notices.";
legal notices.
NOTE TO RFC EDITOR: Please replace above reference to
draft-ietf-netmod-nmda-diff-12 with RFC number when published
(i.e. RFC xxxx).";
revision 2021-08-06 { revision 2021-11-17 {
description description
"Initial revision. "Initial revision.";
NOTE TO RFC EDITOR:
(1)Please replace the above revision date to
the date of RFC publication when published.
(2) Please replace the date in the file name
(ietf-nmda-compare@2021-08-06.yang) to the date of RFC
publication.
(3) Please replace the following reference to
draft-ietf-netmod-nmda-diff-12 with RFC number when published
(i.e. RFC xxxx).";
reference reference
"draft-ietf-netmod-nmda-diff-12: Comparison of NMDA "RFC 9144: Comparison of Network Management Datastore
datastores"; Architecture (NMDA) Datastores";
} }
/* RPC */ /* RPC */
rpc compare { rpc compare {
description description
"NMDA datastore compare operation."; "NMDA datastore compare operation.";
input { input {
leaf source { leaf source {
type identityref { type identityref {
base ds:datastore; base ds:datastore;
} }
mandatory true; mandatory true;
description description
skipping to change at page 8, line 52 skipping to change at line 341
} }
mandatory true; mandatory true;
description description
"The target datastore to be compared."; "The target datastore to be compared.";
} }
leaf all { leaf all {
type empty; type empty;
description description
"When this leaf is provided, all data nodes are compared, "When this leaf is provided, all data nodes are compared,
whether their schema node pertains to both datastores or whether their schema node pertains to both datastores or
not. When this leaf is omitted, a prefiltering step is not. When this leaf is omitted, a prefiltering step is
automatically applied that excludes data nodes from the automatically applied that excludes data nodes from the
comparison that can occur in only one datastore but not comparison that can occur in only one datastore but not
the other. Specifically, if one of the datastores the other. Specifically, if one of the datastores
(source or target) contains only configuration data and (source or target) contains only configuration data and
the other datastore is <operational>, data nodes for the other datastore is <operational>, data nodes for
which config is false are excluded from the comparison."; the config that is false are excluded from the
comparison.";
} }
leaf report-origin { leaf report-origin {
type empty; type empty;
description description
"When this leaf is provided, origin metadata is "When this leaf is provided, origin metadata is
included as part of RPC output. When this leaf is included as part of RPC output. When this leaf is
omitted, origin metadata in comparisons that involve omitted, origin metadata in comparisons that involve
<operational> is by default omitted."; <operational> is by default omitted.";
} }
choice filter-spec { choice filter-spec {
description description
"Identifies the portions of the datastores to be "Identifies the portions of the datastores to be
compared."; compared.";
anydata subtree-filter { anydata subtree-filter {
description description
"This parameter identifies the portions of the "This parameter identifies the portions of the
target datastore to retrieve."; target datastore to retrieve.";
reference "RFC 6241, Section 6."; reference
"RFC 6241, Section 6.";
} }
leaf xpath-filter { leaf xpath-filter {
if-feature nc:xpath; if-feature "nc:xpath";
type yang:xpath1.0; type yang:xpath1.0;
description description
"This parameter contains an XPath expression "This parameter contains an XPath expression
identifying the portions of the target identifying the portions of the target
datastore to retrieve."; datastore to retrieve.";
reference "RFC 6991: Common YANG Data Types"; reference
"RFC 6991: Common YANG Data Types";
} }
} }
} }
output { output {
choice compare-response { choice compare-response {
description description
"Comparison results."; "Comparison results.";
leaf no-matches { leaf no-matches {
type empty; type empty;
description description
"This leaf indicates that the filter did not match "This leaf indicates that the filter did not match
anything and nothing was compared."; anything and nothing was compared.";
} }
container differences { container differences {
description description
"The list of differences, encoded per RFC8072 with an "The list of differences, encoded per RFC 8072 with an
augmentation to include source values where applicable. augmentation to include source values where applicable.
When a datastore node in the source is not present in When a datastore node in the source is not present in
the target, this can be indicated either as a 'delete' the target, this can be indicated either as a 'delete'
or as a 'remove' as there is no difference between or as a 'remove' as there is no difference between
them for the purposes of the comparison."; them for the purposes of the comparison.";
uses ypatch:yang-patch { uses ypatch:yang-patch {
augment "yang-patch/edit" { augment "yang-patch/edit" {
description description
"Provide the value of the source of the patch, "Provides the value of the source of the patch,
respectively of the comparison, in addition to respectively of the source of the comparison, in
the target value, where applicable."; addition to the target value, where applicable.";
anydata source-value { anydata source-value {
when "../operation = 'delete'" when "../operation = 'delete'"
+ "or ../operation = 'merge'" + "or ../operation = 'merge'"
+ "or ../operation = 'move'" + "or ../operation = 'move'"
+ "or ../operation = 'replace'" + "or ../operation = 'replace'"
+ "or ../operation = 'remove'"; + "or ../operation = 'remove'";
description description
"The anydata 'value' is only used for 'delete', "The anydata 'value' is only used for 'delete',
'move', 'merge', 'replace', and 'remove' 'move', 'merge', 'replace', and 'remove'
operations."; operations.";
} }
reference "RFC 8072: YANG Patch Media Type"; reference
"RFC 8072: YANG Patch Media Type";
} }
} }
} }
} }
} }
} }
} }
<CODE ENDS> <CODE ENDS>
6. Example 5. Example
The following example compares the difference between <operational> The following example compares the difference between <operational>
and <intended> for a subtree under "interfaces". The subtree and <intended> for a subtree under "interfaces". The subtree
contains a subset of objects that are defined in a YANG data model contains a subset of objects that are defined in a YANG data model
for the management of interfaces defined in [RFC8343]. For the for the management of interfaces defined in [RFC8343]. For the
purposes of understanding the subsequent example, the following purposes of understanding the subsequent example, the following
excerpt of the data model whose instantiation is the basis of the excerpt of the data model whose instantiation is the basis of the
comparison is provided: comparison is provided:
container interfaces { container interfaces {
description description
"Interface parameters."; "Interface parameters.";
list interface { list interface {
key "name"; key "name";
leaf name { leaf name {
type string; type string;
description description
"The name of the interface". "The name of the interface.";
} }
leaf description { leaf description {
type string; type string;
description description
"A textual description of the interface."; "A textual description of the interface.";
} }
leaf enabled { leaf enabled {
type boolean; type boolean;
default "true"; default "true";
description description
"This leaf contains the configured, desired state of the "This leaf contains the configured, desired state of the
interface.";" interface.";
} }
} }
} }
The contents of <intended> and <operational> datastores: The contents of <intended> and <operational> datastores in XML
[W3C.REC-xml-20081126]:
//INTENDED <!--INTENDED-->
<interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"> <interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces">
<interface> <interface>
<name>eth0</name> <name>eth0</name>
<enabled>false</enabled> <enabled>false</enabled>
<description>ip interface</description> <description>ip interface</description>
</interface> </interface>
</interfaces> </interfaces>
//OPERATIONAL <!--OPERATIONAL-->
<interfaces <interfaces
xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces" xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"
xmlns:or="urn:ietf:params:xml:ns:yang:ietf-origin"> xmlns:or="urn:ietf:params:xml:ns:yang:ietf-origin">
<interface or:origin="or:learned"> <interface or:origin="or:learned">
<name>eth0</name> <name>eth0</name>
<enabled>true</enabled> <enabled>true</enabled>
</interface> </interface>
</interfaces> </interfaces>
<operational> does not contain an instance for leaf "description" <operational> does not contain an instance for leaf "description"
that is contained in <intended>. Another leaf, "enabled", has that is contained in <intended>. Another leaf, "enabled", has
different values in the two datastores, being "true" in <operational> different values in the two datastores, being "true" in <operational>
and "false" in <intended>. A third leaf, "name", is the same in both and "false" in <intended>. A third leaf, "name", is the same in both
cases. The origin of the leaf instances in <operational> is cases. The origin of the leaf instances in <operational> is
"learned", which may help explain the discrepancies. "learned", which may help explain the discrepancies.
RPC request to compare <operational> (source of the comparison) with RPC request to compare <operational> (source of the comparison) with
<intended>(target of the comparison): <intended> (target of the comparison):
<rpc message-id="101" <rpc message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<compare xmlns="urn:ietf:params:xml:ns:yang:ietf-nmda-compare" <compare xmlns="urn:ietf:params:xml:ns:yang:ietf-nmda-compare"
xmlns:ds="urn:ietf:params:xml:ns:yang:ietf-datastores"> xmlns:ds="urn:ietf:params:xml:ns:yang:ietf-datastores">
<source>ds:operational</source> <source>ds:operational</source>
<target>ds:intended</target> <target>ds:intended</target>
<report-origin/> <report-origin/>
<xpath-filter <xpath-filter
xmlns:if="urn:ietf:params:xml:ns:yang:ietf-interfaces"> xmlns:if="urn:ietf:params:xml:ns:yang:ietf-interfaces">
/if:interfaces /if:interfaces
</xpath-filter> </xpath-filter>
</compare> </compare>
</rpc> </rpc>
RPC reply, when a difference is detected: RPC reply when a difference is detected:
<rpc-reply <rpc-reply
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"
message-id="101"> message-id="101">
<differences <differences
xmlns="urn:ietf:params:xml:ns:yang:ietf-nmda-compare" xmlns="urn:ietf:params:xml:ns:yang:ietf-nmda-compare"
xmlns:or="urn:ietf:params:xml:ns:yang:ietf-origin"> xmlns:or="urn:ietf:params:xml:ns:yang:ietf-origin">
<yang-patch> <yang-patch>
<patch-id>interface status</patch-id> <patch-id>interface status</patch-id>
<comment> <comment>
diff between operational (source) and intended (target) diff between operational (source) and intended (target)
</comment> </comment>
<edit> <edit>
<edit-id>1</edit-id> <edit-id>1</edit-id>
<operation>replace</operation> <operation>replace</operation>
<target>/ietf-interfaces:interface=eth0/enabled</target> <target>/ietf-interfaces:interface=eth0/enabled</target>
<value> <value>
<if:enabled>false<if:enabled> <if:enabled>false</if:enabled>
</value> </value>
<source-value> <source-value>
<if:enabled or:origin="or:learned">true</if:enabled> <if:enabled or:origin="or:learned">true</if:enabled>
</source-value> </source-value>
</edit> </edit>
<edit> <edit>
<edit-id>2</edit-id> <edit-id>2</edit-id>
<operation>create</operation> <operation>create</operation>
<target>/ietf-interfaces:interface=eth0/description</target> <target>/ietf-interfaces:interface=eth0/description</target>
<value> <value>
<if:description>ip interface<description> <if:description>ip interface</if:description>
</value> </value>
</edit> </edit>
</yang-patch> </yang-patch>
</differences> </differences>
</rpc-reply> </rpc-reply>
The same request in RESTCONF (using JSON format): The same request in RESTCONF (using JSON format [RFC7951]):
POST /restconf/operations/ietf-nmda-compare:compare HTTP/1.1 POST /restconf/operations/ietf-nmda-compare:compare HTTP/1.1
Host: example.com Host: example.com
Content-Type: application/yang-data+json Content-Type: application/yang-data+json
Accept: application/yang-data+json Accept: application/yang-data+json
{ "ietf-nmda-compare:input" : { { "ietf-nmda-compare:input" : {
"source" : "ietf-datastores:operational", "source" : "ietf-datastores:operational",
"target" : "ietf-datastores:intended", "target" : "ietf-datastores:intended",
"report-origin" : null, "report-origin" : null,
skipping to change at page 14, line 4 skipping to change at line 558
Content-Type: application/yang-data+json Content-Type: application/yang-data+json
Accept: application/yang-data+json Accept: application/yang-data+json
{ "ietf-nmda-compare:input" : { { "ietf-nmda-compare:input" : {
"source" : "ietf-datastores:operational", "source" : "ietf-datastores:operational",
"target" : "ietf-datastores:intended", "target" : "ietf-datastores:intended",
"report-origin" : null, "report-origin" : null,
"xpath-filter" : "/ietf-interfaces:interfaces" "xpath-filter" : "/ietf-interfaces:interfaces"
} }
} }
The same response in RESTCONF (using JSON format): The same response in RESTCONF (using JSON format):
HTTP/1.1 200 OK HTTP/1.1 200 OK
Date: Thu, 24 Jan 2019 20:56:30 GMT Date: Thu, 24 Jan 2019 20:56:30 GMT
Server: example-server Server: example-server
Content-Type: application/yang-data+json Content-Type: application/yang-data+json
{ "ietf-nmda-compare:output" : { { "ietf-nmda-compare:output" : {
"differences" : { "differences" : {
"ietf-yang-patch:yang-patch" : { "ietf-yang-patch:yang-patch" : {
"patch-id" : "interface status", "patch-id" : "interface status",
"comment" : "diff between intended (source) and operational", "comment" : "diff between intended (source) and operational",
"edit" : [ "edit" : [
{ {
"edit-id" : "1", "edit-id" : "1",
"operation" : "replace", "operation" : "replace",
"target" : "/ietf-interfaces:interface=eth0/enabled", "target" : "/ietf-interfaces:interface=eth0/enabled",
"value" : { "value" : {
"ietf-interfaces:interface/enabled" : "false" "ietf-interfaces:interface/enabled" : "false"
}, },
"source-value" : { "source-value" : {
"ietf-interfaces:interface/enabled" : "true", "ietf-interfaces:interface/enabled" : "true",
"@ietf-interfaces:interface/enabled" : { "@ietf-interfaces:interface/enabled" : {
"ietf-origin:origin" : "ietf-origin:learned" "ietf-origin:origin" : "ietf-origin:learned"
} }
} }
}, },
{ {
"edit-id" : "2", "edit-id" : "2",
"operation" : "create", "operation" : "create",
"target" : "/ietf-interfaces:interface=eth0/description", "target" : "/ietf-interfaces:interface=eth0/description",
"value" : { "value" : {
"ietf-interface:interface/description" : "ip interface" "ietf-interface:interface/description" : "ip interface"
} }
} }
] ]
} }
} }
} }
} }
7. Performance Considerations 6. Performance Considerations
The compare operation can be computationally expensive. While The <compare> operation can be computationally expensive. While
responsible client applications are expected to use the operation responsible client applications are expected to use the operation
responsibly and sparingly only when warranted, implementations need responsibly and sparingly only when warranted, implementations need
to be aware of the fact that excessive invocation of this operation to be aware of the fact that excessive invocation of this operation
will burden system resources and need to ensure that system will burden system resources and need to ensure that system
performance will not be adversely impacted. One possibility for an performance will not be adversely impacted. One possibility for an
implementation to mitigate against this is to limit the number of implementation to mitigate against this is to limit the number of
requests that are served to a client, or to any number of clients, in requests that are served to a client, or to any number of clients, in
any one time interval, by rejecting requests made at a higher any one time interval, by rejecting requests made at a higher
frequency than the implementation can reasonably sustain. frequency than the implementation can reasonably sustain.
While useful, tools such as YANG Data Models that allow for the While useful, tools such as YANG data models that allow for the
monitoring of server resources, system performance, and statistics monitoring of server resources, system performance, and statistics
about RPCs and RPC rates are outside the scope of this document. about RPCs and RPC rates are outside the scope of this document.
When defined, any such model should be general in nature and not When defined, any such model should be general in nature and not
limited to the RPC operation defined in this document. limited to the RPC operation defined in this document.
8. IANA Considerations 7. IANA Considerations
8.1. Updates to the IETF XML Registry
This document registers one URI in the IETF XML registry [RFC3688].
Following the format in [RFC3688], the following registration is
requested:
URI: urn:ietf:params:xml:ns:yang:ietf-nmda-compare
Registrant Contact: The IESG.
XML: N/A, the requested URI is an XML namespace.
8.2. Updates to the YANG Module Names Registry 7.1. Update to the IETF XML Registry
This document registers a YANG module in the YANG Module Names IANA has registered the following URI in the "IETF XML Registry"
registry [RFC6020]. Following the format in [RFC6020], the following [RFC3688]:
registration is requested:
name: ietf-nmda-compare URI: urn:ietf:params:xml:ns:yang:ietf-nmda-compare
Registrant Contact: The IESG.
XML: N/A; the requested URI is an XML namespace.
namespace: urn:ietf:params:xml:ns:yang:ietf-nmda-compare 7.2. Update to the YANG Module Names Registry
prefix: cmp IANA has registered the following YANG module in the "YANG Module
Names" registry [RFC6020]:
reference: draft-ietf-netmod-nmda-diff-12 (RFC form) name: ietf-nmda-compare
namespace: urn:ietf:params:xml:ns:yang:ietf-nmda-compare
prefix: cmp
reference: RFC 9144
9. Security Considerations 8. Security Considerations
The YANG module specified in this document defines a schema for data The YANG module specified in this document defines a schema for data
that is designed to be accessed via network management protocols such that is designed to be accessed via network management protocols such
as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer
is the secure transport layer, and the mandatory-to-implement secure is the secure transport layer, and the mandatory-to-implement secure
transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer
is HTTPS, and the mandatory-to-implement secure transport is TLS is HTTPS, and the mandatory-to-implement secure transport is TLS
[RFC8446]. [RFC8446].
The NETCONF access control model [RFC8341] provides the means to The Network Configuration Access Control Model (NACM) [RFC8341]
restrict access for particular NETCONF or RESTCONF users to a provides the means to restrict access for particular NETCONF or
preconfigured subset of all available NETCONF or RESTCONF protocol RESTCONF users to a preconfigured subset of all available NETCONF or
operations and content. RESTCONF protocol operations and content.
NACM specifies access for the server in its entirety and the same NACM specifies access for the server in its entirety, and the same
access rules apply to all datastores. Any subtrees to which a access rules apply to all datastores. Any subtrees to which a
requestor does not have read access are silently skipped and not requestor does not have read access are silently skipped and not
included in the comparison. included in the comparison.
The RPC operation defined in this YANG module, "compare", may be The RPC operation defined in this YANG module, <compare>, may be
considered sensitive or vulnerable in some network environments. It considered sensitive or vulnerable in some network environments. It
is thus important to control access to this operation. This is the is thus important to control access to this operation. This is the
sensitivity/vulnerability of RPC operation "compare": sensitivity/vulnerability of RPC operation <compare>:
Comparing datastores for differences requires a certain amount of Comparing datastores for differences requires a certain amount of
processing resources at the server. An attacker could attempt to processing resources at the server. An attacker could attempt to
attack a server by making a high volume of comparison requests. attack a server by making a high volume of comparison requests.
Server implementations can guard against such scenarios in several Server implementations can guard against such scenarios in several
ways. For one, they can implement the NETCONF access control model ways. For one, they can implement the NACM in order to require
in order to require proper authorization for requests to be made. proper authorization for requests to be made. Second, server
Second, server implementations can limit the number of requests that implementations can limit the number of requests that they serve to a
they serve to a client in any one time interval, rejecting requests client in any one time interval, rejecting requests made at a higher
made at a higher frequency than the implementation can reasonably frequency than the implementation can reasonably sustain.
sustain.
10. Acknowledgments
We thank Rob Wilton, Martin Bjorklund, Mahesh Jethanandani, Lou
Berger, Kent Watsen, Phil Shafer, Ladislav Lhotka, Tim Carey, and
Reshad Rahman for valuable feedback and suggestions.
11. References 9. References
11.1. Normative References 9.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
DOI 10.17487/RFC3688, January 2004, DOI 10.17487/RFC3688, January 2004,
<https://www.rfc-editor.org/info/rfc3688>. <https://www.rfc-editor.org/info/rfc3688>.
skipping to change at page 17, line 27 skipping to change at line 710
<https://www.rfc-editor.org/info/rfc6242>. <https://www.rfc-editor.org/info/rfc6242>.
[RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types",
RFC 6991, DOI 10.17487/RFC6991, July 2013, RFC 6991, DOI 10.17487/RFC6991, July 2013,
<https://www.rfc-editor.org/info/rfc6991>. <https://www.rfc-editor.org/info/rfc6991>.
[RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language",
RFC 7950, DOI 10.17487/RFC7950, August 2016, RFC 7950, DOI 10.17487/RFC7950, August 2016,
<https://www.rfc-editor.org/info/rfc7950>. <https://www.rfc-editor.org/info/rfc7950>.
[RFC7951] Lhotka, L., "JSON Encoding of Data Modeled with YANG",
RFC 7951, DOI 10.17487/RFC7951, August 2016,
<https://www.rfc-editor.org/info/rfc7951>.
[RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF
Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017,
<https://www.rfc-editor.org/info/rfc8040>. <https://www.rfc-editor.org/info/rfc8040>.
[RFC8072] Bierman, A., Bjorklund, M., and K. Watsen, "YANG Patch [RFC8072] Bierman, A., Bjorklund, M., and K. Watsen, "YANG Patch
Media Type", RFC 8072, DOI 10.17487/RFC8072, February Media Type", RFC 8072, DOI 10.17487/RFC8072, February
2017, <https://www.rfc-editor.org/info/rfc8072>. 2017, <https://www.rfc-editor.org/info/rfc8072>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
skipping to change at page 18, line 9 skipping to change at line 744
[RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K.,
and R. Wilton, "Network Management Datastore Architecture and R. Wilton, "Network Management Datastore Architecture
(NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018,
<https://www.rfc-editor.org/info/rfc8342>. <https://www.rfc-editor.org/info/rfc8342>.
[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
<https://www.rfc-editor.org/info/rfc8446>. <https://www.rfc-editor.org/info/rfc8446>.
11.2. Informative References [W3C.REC-xml-20081126]
Bray, T., Paoli, J., Sperberg-McQueen, M., Maler, E., and
F. Yergeau, "Extensible Markup Language (XML) 1.0 (Fifth
Edition)", World Wide Web Consortium Recommendation REC-
xml-20081126, November 2008,
<https://www.w3.org/TR/2008/REC-xml-20081126>.
9.2. Informative References
[RFC8343] Bjorklund, M., "A YANG Data Model for Interface [RFC8343] Bjorklund, M., "A YANG Data Model for Interface
Management", RFC 8343, DOI 10.17487/RFC8343, March 2018, Management", RFC 8343, DOI 10.17487/RFC8343, March 2018,
<https://www.rfc-editor.org/info/rfc8343>. <https://www.rfc-editor.org/info/rfc8343>.
Appendix A. Possible Future Extensions Appendix A. Possible Future Extensions
It is conceivable to extend the compare operation with a number of It is conceivable to extend the <compare> operation with a number of
possible additional features in the future. possible additional features in the future.
Specifically, it is possible to define an extension with an optional Specifically, it is possible to define an extension with an optional
feature for dampening. This will allow clients to specify a minimum feature for dampening. This will allow clients to specify a minimum
time period for which a difference must persist for it to be time period for which a difference must persist for it to be
reported. This will enable clients to distinguish between reported. This will enable clients to distinguish between
differences that are only fleeting from ones that are not and that differences that are only fleeting from ones that are not and that
may represent a real operational issue and inconsistency within the may represent a real operational issue and inconsistency within the
device. device.
skipping to change at page 18, line 41 skipping to change at line 783
the parameter indicates no dampening. Reporting of differences MAY the parameter indicates no dampening. Reporting of differences MAY
correspondingly be delayed by the dampening period from the time the correspondingly be delayed by the dampening period from the time the
request is received. request is received.
To implement this feature, a server implementation might run a To implement this feature, a server implementation might run a
comparison when the RPC is first invoked and temporarily store the comparison when the RPC is first invoked and temporarily store the
result. Subsequently, it could wait until after the end of the result. Subsequently, it could wait until after the end of the
dampening period to check whether the same differences are still dampening period to check whether the same differences are still
observed. The differences that still persist are then returned. observed. The differences that still persist are then returned.
Acknowledgments
We thank Rob Wilton, Martin Bjorklund, Mahesh Jethanandani, Lou
Berger, Kent Watsen, Phil Shafer, Ladislav Lhotka, Tim Carey, and
Reshad Rahman for their valuable feedback and suggestions.
Authors' Addresses Authors' Addresses
Alexander Clemm Alexander Clemm
Futurewei Futurewei
2330 Central Expressway 2330 Central Expressway
Santa Clara, CA 95050 Santa Clara, CA 95050
USA United States of America
Email: ludwig@clemm.org Email: ludwig@clemm.org
Yingzhen Qu Yingzhen Qu
Futurewei Futurewei
2330 Central Expressway 2330 Central Expressway
Santa Clara, CA 95050 Santa Clara, CA 95050
USA United States of America
Email: yqu@futurewei.com Email: yqu@futurewei.com
Jeff Tantsura Jeff Tantsura
Microsoft Microsoft
Email: jefftant.ietf@gmail.com Email: jefftant.ietf@gmail.com
Andy Bierman Andy Bierman
YumaWorks YumaWorks
 End of changes. 99 change blocks. 
291 lines changed or deleted 286 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/