One document matched: draft-ietf-netmod-opstate-reqs-03.xml
<?xml version='1.0'?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd" [
<!ENTITY rfc2119 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2119.xml">
<!ENTITY rfc6241 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.6241.xml">
<!ENTITY rfc6244 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.6244.xml">
]>
<?rfc toc="yes"?>
<?rfc symrefs="yes"?>
<?rfc sortrefs="yes" ?>
<?rfc compact="yes"?>
<?rfc subcompact="no"?>
<?rfc linkmailto="no" ?>
<?rfc editing="no" ?>
<?rfc comments="yes" ?>
<?rfc inline="yes"?>
<?rfc rfcedstyle="yes"?>
<?rfc-ext allow-markup-in-artwork="yes" ?>
<?rfc-ext include-index="no" ?>
<!--<?rfc strict="no"?> -->
<rfc category="info"
ipr="trust200902"
docName="draft-ietf-netmod-opstate-reqs-03">
<front>
<title abbrev="Terms and Reqs for OpState Enhanced Handling">Terminology and Requirements for Enhanced Handling of Operational State</title>
<author initials="K.W." surname="Watsen" fullname="Kent Watsen">
<organization>Juniper Networks</organization>
<address>
<email>kwatsen@juniper.net</email>
</address>
</author>
<author initials="T.N." surname="Nadeau" fullname="Thomas Nadeau">
<organization>Brocade Networks</organization>
<address>
<email>tnadeau@lucidvision.com</email>
</address>
</author>
<date/>
<area>Operations</area>
<workgroup>NETMOD Working Group</workgroup>
<keyword>opstate</keyword>
<abstract>
<t>This document primarily regards the difference between the intended
configuration and the applied configuration of a device and how
intended and applied configuration relate to the operational
state of a device. This document defines requirements for the
applied configuration's data model and its values, as well as for enabling
a client to know when a configuration has been fully applied or not,
how to access operational state, and how to relate intended
configuration nodes to applied configuration and derived state nodes.</t>
</abstract>
</front>
<middle>
<section title="Introduction">
<t>This document primarily regards the difference between the intended
configuration and the applied configuration of a device and how
intended and applied configuration relate to the operational
state of a device. This document defines requirements for the
applied configuration's data model and its values, as well as for enabling
a client to know when a configuration has been fully applied or not,
how to access operational state, and how to relate intended
configuration nodes to applied configuration and derived state nodes.</t>
</section>
<section title="Terminology">
<t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL",
"SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY",
and "OPTIONAL" in this document are to be interpreted as
described in RFC 2119 <xref target="RFC2119"/>.</t>
<t>The term "client" is used throughout this document to refer to what is many
times known as the "application" or "network management system". This definition
is intended to be consistent with the term "client" defined in <xref target="RFC6241"/>,
Section 1.1, but independent of any association to a particular protocol.</t>
<t>The term "server" is used throughout this document to refer to what is many
times known as the "device", "system", or "network element". This definition is
intended to be consistent with the term "server" defined in <xref target="RFC6241"/>,
Section 1.1, but independent of any association to a particular protocol.</t>
<t>This document defines the following terms:
<list style="hanging" hangIndent="4">
<t hangText="Applied Configuration:">This data represents the configuration
state that the server is actually in. That is, the configuration state which
is currently being used by server components (e.g., control plane daemons,
operating system kernels, line cards). With respect to NETCONF architecture,
the applied configuration resides in the "system software component" box
listed on page 15 of <xref target="RFC6244"/>
<list style="empty">
<t>NOTE: The server's ability to report applied configuration accurately
may be limited in some cases, such as when the configuration
goes through an intermediate layer without an ability to inspect the
lower layer.</t>
</list>
</t>
<t hangText="Asynchronous Configuration Operation:">A configuration request
to update the running configuration of a server that is applied asynchronously
with respect to the client request. The server MUST update its intended
configuration (see term) before replying to the client indicating
whether the request will be processed. This reply to the client only
indicates whether there are any errors in the original request. The
server's applied configuration state (see term) is updated after the
configuration change has been fully effected to all impacted components
in the server. Once applied, there MUST be a mechanism for the client to
determine when the request has completed processing and whether the
intended config is now fully effective or there are any errors from
applying the configuration change, which could be from an asynchronous
notification or via a client operation.</t>
<t hangText="Derived State:">This data represents information which is
generated as part of the server's own interactions. For example,
derived state may consist of the results of protocol interactions
(the negotiated duplex state of an Ethernet link), statistics
(such as message queue depth), or counters (such as packet input
or output bytes).</t>
<t hangText="Intended Configuration:">This data represents the configuration
state that the network operator intends the server to be in, and that has
been accepted by the server as valid configuration. With respect to NETCONF
architecture, the intended configuration is captured by the "config database"
box listed on page 15 of <xref target="RFC6244"/></t>
<t hangText="Operational State:">Operational State is the current state
of the system as known to the various components of the system
(e.g., control plane daemons, operating system kernels, line cards).
The operational state includes both applied configuration and derived
state.</t>
<t hangText="Synchronous Configuration Operation:">A configuration request to update
the running configuration of a server that is applied synchronously with
respect to the client request (i.e. a blocking call). The server MUST fully
attempt to apply the configuration change to all impacted components in the server,
updating both the server's intended and applied configuration (see terms),
before replying to the client. The reply to the client indicates whether there
are any errors in the request or errors from applying the configuration
change.</t>
</list>
</t>
</section>
<section title="Backwards Compatibility">
<t>Any solution satisfying the requirements specified in this document MUST
ensure backwards compatibility with regards to existing deployments. Specifically,
it MUST be possible to upgrade a server to one that supports the solution without
breaking existing/legacy clients. Likewise, it MUST be possible for a client that
has been coded to support the solution to interoperate appropriately with
existing/legacy servers.</t>
</section>
<section title="Requirements" anchor="reqs">
<t>
<list style="numbers">
<t>Ability to interact with both intended and applied configuration
<list style="letters">
<t>The ability to ask the operational components of a server
(e.g., line cards) for the configuration that they are currently
using. This is the applied configuration (see term).</t>
<t>Applied configuration is read-only</t>
<t>The data model for the applied configuration is the same as
the data model for the intended configuration (same leaves)</t>
<t>When a configuration change for any intended configuration
node has been successfully applied to the server (e.g. not
failed, nor deferred due to absent hardware) then the
existence and value of the corresponding applied
configuration node must match the intended configuration
node.</t>
</list>
</t>
<t>Support for both synchronous and asynchronous configuration
operations (see terms)
<list style="letters">
<t>A server may support only synchronous configuration
operations, or only asynchronous configuration operations, or
both synchronous and asynchronous configuration operations on
a client-specified per-operation basis.</t>
<t>Servers that support asynchronous configuration operations MAY
also provide a verify operation that a client can request from
the server to return information regarding the difference
between the intended and applied configurations.</t>
<t>The configuration protocol MUST specify how configuration
errors are handled. Errors MAY be handled by semantics similar
to NETCONF's error-options for the <edit-config> operation (stop-on-error,
continue-on-error, rollback-on-error), as described in Section 7.2
in <xref target="RFC6241"/>, but extended to incorporate both the
intended and applied configurations. Support for "rollback on error"
semantics SHOULD be provided.</t>
</list>
</t>
<t>Separation of the applied configuration and derived state aspects of operational state; ability to retrieve them independently and together
<list style="letters">
<t>Be able to retrieve only the applied configuration aspects of operational state</t>
<t>Be able to retrieve only the derived state aspects of operational state</t>
<t>Be able to retrieve both the applied configuration and derived state aspects of operational state together</t>
</list>
</t>
<t>Ability to relate configuration with its corresponding operational state
<list style="letters">
<t>Ability to map intended config nodes to corresponding applied config nodes</t>
<t>Ability to map intended config nodes to associated derived state nodes</t>
<t>The mappings needs to be programmatically consumable</t>
</list>
</t>
</list>
</t>
</section>
<section anchor="sec-con" title="Security Considerations">
<t>It is understood that the intended and applied configurations
will differ while synchronization is in progress. During the
synchronization process, the server will be in an inconsistent
state from the client's perspective. Implementations need to
take care to ensure that this process minimizes gaps in
the application of security policy (e.g., replacing a firewall
policy in a single step). Implementations additionally need
to ensure that any gaps in security policies are not dependent
on external input that an attacker might be able to control
or prevent access to.</t>
</section>
<section title="IANA Considerations" anchor="iana-con">
<t>None</t>
</section>
<section title="Acknowledgements">
<t>The authors would like to thank the following for contributing to this document (in alphabetic order):
Acee Lindem,
Andy Bierman,
Anees Shaikh,
Benoit Claise,
Carl Moberg,
Dan Romascanu,
Dean Bogdanovic,
Gert Grammel,
Jason Sterne,
Jonathan Hansford,
Juergen Schoenwaelder,
Lou Berger,
Mahesh Jethanandani,
Martin Bjorklund,
Phil Shafer,
Randy Presuhn,
Rob Shakir,
Robert Wilton.</t>
</section>
</middle>
<back>
<references title="Normative References">
&rfc2119;
</references>
<references title="Informative References">
&rfc6241;
&rfc6244;
<!--
<reference anchor="draft-openconfig-netmod-opstate-01" target="https://tools.ietf.org/html/draft-openconfig-netmod-opstate-01">
<front>
<title>Consistent Modeling of Operational State Data in YANG</title>
<author initials="R.S." surname="Shakir" fullname="Rob Shakir">
<organization>BT</organization>
</author>
<author initials="A.S." surname="Shaikh" fullname="Anees Shaikh">
<organization>Google</organization>
</author>
<author initials="M.H." surname="Hines" fullname="Marcus Hines">
<organization>Google</organization>
</author>
<date year="2015"/>
</front>
<seriesInfo name='Internet-Draft' value='draft-openconfig-netmod-opstate-01' />
</reference>
-->
</references>
<!--
<section title="Relation to Requirements in Origin Draft">
<t>The requirements in this document roughly map onto the requirements listed
in <xref target="draft-openconfig-netmod-opstate-01"/> as follows:
<list style="numbers">
<t>draft-openconfig-netmod-opstate-01, Section 3</t>
<t>draft-openconfig-netmod-opstate-01, Section 4.2</t>
<t>draft-openconfig-netmod-opstate-01, Section 4.3</t>
<t>draft-openconfig-netmod-opstate-01, Section 4.5</t>
</list>
</t>
</section>
-->
</back>
</rfc>
| PAFTECH AB 2003-2026 | 2026-04-23 10:03:52 |