One document matched: draft-ietf-opsawg-operations-and-management-05.xml
<?xml version="1.0" encoding="US-ASCII"?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd" [
<!ENTITY rfc2821 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2821.xml">
<!ENTITY rfc1034 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.1034.xml">
<!ENTITY rfc1052 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.1052.xml">
<!ENTITY rfc1492 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.1492.xml">
<!ENTITY rfc2119 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2119.xml">
<!ENTITY rfc2205 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2205.xml">
<!ENTITY rfc2439 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2439.xml">
<!ENTITY rfc2578 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2578.xml">
<!ENTITY rfc2863 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2863.xml">
<!ENTITY rfc2865 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2865.xml">
<!ENTITY rfc2975 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2975.xml">
<!ENTITY rfc3060 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3060.xml">
<!ENTITY rfc3084 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3084.xml">
<!ENTITY rfc3139 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3139.xml">
<!ENTITY rfc3198 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3198.xml">
<!ENTITY rfc3290 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3290.xml">
<!ENTITY rfc3410 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3410.xml">
<!ENTITY rfc3444 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3444.xml">
<!ENTITY rfc3460 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3460.xml">
<!ENTITY rfc3535 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3535.xml">
<!ENTITY rfc3585 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3585.xml">
<!ENTITY rfc3644 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3644.xml">
<!ENTITY rfc3670 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3670.xml">
<!ENTITY rfc3805 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3805.xml">
<!ENTITY rfc4741 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4741.xml">
<!ENTITY rfc5101 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5101.xml">
<!ENTITY I-D.ietf-syslog-protocol SYSTEM "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-syslog-protocol.xml">
<!ENTITY I-D.ietf-psamp-protocol SYSTEM "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-psamp-protocol.xml">
<!ENTITY W3C.REC-xmlschema-0-20010502 SYSTEM "http://xml.resource.org/public/rfc/bibxml4/reference.W3C.REC-xmlschema-0-20010502.xml">
<!--
<!ENTITY RelaxNG SYSTEM "http://www.relaxng.org/">
<!ENTITY DSDL SYSTEM "http://www.dsdl.org/">
-->
]>
<?rfc toc="yes"?>
<?rfc tocompact="yes"?>
<?rfc tocdepth="3"?>
<?rfc tocindent="yes"?>
<?rfc symrefs="yes"?>
<?rfc sortrefs="yes"?>
<?rfc comments="yes"?>
<?rfc inline="yes"?>
<?rfc compact="yes"?>
<?rfc subcompact="no"?>
<?rfc strict="yes"?>
<?rfc rfcedstyle="yes"?>
<rfc category="bcp" docName="draft-ietf-opsawg-operations-and-management-05"
ipr="full3978">
<!--
$Id: draft-ietf-opsawg-operations-and-management.xml,v 1.5 2008/07/14 12:58:09 H73653 Exp $
-->
<front>
<title abbrev="Ops and Mgmt Guidelines">Guidelines for Considering
Operations and Management of New Protocols</title>
<author fullname="David Harrington" initials="D" surname="Harrington">
<organization>Huawei Technologies USA</organization>
<address>
<postal>
<street>1700 Alma Dr, Suite 100</street>
<city>Plano</city>
<region>TX</region>
<code>75075</code>
<country>USA</country>
</postal>
<phone>+1 603 436 8634</phone>
<facsimile></facsimile>
<email>dharrington@huawei.com</email>
<uri></uri>
</address>
</author>
<date year="2008" />
<area>IETF Operations and Management Area</area>
<keyword>management</keyword>
<keyword>operations</keyword>
<abstract>
<t>New protocols or protocol extensions are best designed with due
consideration of functionality needed to operate and manage the
protocol. Retrofitting operations and management is sub-optimal. The
purpose of this document is to provide guidance to authors and reviewers
of documents defining new protocols or protocol extensions, about covering
aspects of operations and management that should be considered.</t>
</abstract>
</front>
<middle>
<section title="Introduction">
<t>Often when new protocols or protocol extensions are developed, not
enough consideration is given to how the protocol will be deployed,
operated and managed. Retrofitting operations and management mechanisms
is often hard and architecturally unpleasant, and certain protocol
design choices may make deployment, operations, and management
particularly hard. Since the ease of operations and management may
impact the success of IETF protocols, this document provides guidelines
to help protocol designers and working groups consider the operations
and management functionality needed by their new IETF protocol or
protocol extension at an earlier phase.</t>
<t>This document suggests protocol designers consider operations and
management needs and then recommend appropriate standard management
protocols and data models to address the relevant operations and
management needs. This is similar to a WG considering which security
threats are relevant to their protocol, and then recommending
appropriate standard security protocols to mitigate the relevant
threats.</t>
<t>The purpose of this document is to provide guidance about what to
consider when thinking about the management and deployment of a new
protocol, and to provide guidance about documenting the considerations.
The following guidelines are designed to help writers provide a
reasonably consistent format for such documentation. Separate
manageability and operational considerations sections are desirable in
many cases, but their structure and location is a decision that can be
made from case to case.</t>
<t>We want to avoid seeming to impose a solution by putting in place a
strict terminology - for example implying that a formal data model, or
even using a management protocol is mandatory. If protocol designers
conclude that its technology can be managed solely by using proprietary
CLIs, and no structured or standardized data model needs to be in place,
this might be fine, but it is a decision that should be explicit in a
manageability discussion, that this is how the protocol will need to be
operated and managed. Protocol designers should avoid having
manageability pushed for a later/never phase of the development of the
standard.</t>
<t>Making a Management Considerations section a mandatory publication
requirement for IETF documents is the responsibility of the IESG, or
specific area directors, or working groups, and this document avoids
recommending any mandatory publication requirements. For a complex
protocol, a completely separate draft on operations and management might
be appropriate, or even a completely separate WG effort.</t>
<t>This document discusses the importance of considering operations and
management. Section 1 introduces the subject and section 2 describes the IETF Management Framework. Section 3 discusses operational functionality to consider.
Section 4 discusses management functionality to consider.</t>
<t>This document sets forth a list of subjective guidelines and a list
of objective criteria by which a protocol designer can evaluate whether
the protocol that he/she has developed addresses common operations and
management needs. Operations and management are highly dependent on their
environment, so most guidelines are subjective
rather than objective.</t>
<t>We provide some objective criteria to promote interoperability
through the use of standard management interfaces, such as "did you
design counters in a MIB module for monitoring packets in/out of an
interface?" <xref target="RFC2863">The Interfaces Group MIB
</xref>, "did you write an XML-based
data model for configuring your protocol with Netconf?" <xref
target="RFC4741">NETCONF Configuration Protocol</xref>, and "did you standardize syslog message
content and structured data elements for reporting events that might
occur when operating your protocol?" <xref
target="I-D.ietf-syslog-protocol"></xref> and "did you consider appropriate notifications in case of failure situations??</t>
<section title="Terminology">
<t>This document deliberately does not use the (capitalized) keywords
described in <xref target="RFC2119">RFC 2119</xref>. RFC 2119 states
the keywords must only be used where it is actually required for
interoperation or to limit behavior which has potential for causing
harm (e.g., limiting retransmissions). For example, they must not be
used to try to impose a particular method on implementers where the
method is not required for interoperability. This document is a set of
guidelines based on current practices of protocol designers and
operators. This document does not describe requirements, so the key
words from RFC2119 have no place here.</t>
<t><list style="symbols">
<t>"new protocol" includes new protocols, protocol extensions,
data models, or other functionality being designed.</t>
<t>"protocol designer" represents individuals and working groups
involved in the development of new protocols.</t>
</list></t>
</section>
</section>
<section title="Design for Operations and Management">
<t>"Design for operations and management" means that the operational
environment and manageability of the protocol should be considered from
the start when new protocols are designed.</t>
<t>When a WG considers operation and management functionality for a
protocol, the document should contain enough information to understand
how the protocol will be deployed and managed, but the WG should expect
that considerations for operations and management may need to be updated
in the future, after further operational experience has been gained.</t>
<section title="IETF Management Framework">
<t>For years the IETF has stressed the use of the IETF Standard
Management Framework and MIB modules <xref
target="RFC2578"></xref> for managing new protocols. The IETF designed
these to permit
multiple protocols to utilize the MIB data <xref
target="RFC1052"></xref>, but it became a common misunderstanding that
a MIB module could only be used with the SNMP protocol (described in
<xref target="RFC3410"></xref> and associated documents).</t>
<t>In 2001, OPS Area design teams were created to document
requirements related to configuration of IP-based networks. One output
was "Requirements for Configuration Management of IP-based Networks"
<xref target="RFC3139"></xref>.</t>
<t>In 2003, the Internet Architecture Board (IAB) held a workshop on
Network Management <xref target="RFC3535"></xref> that discussed the
strengths and weaknesses of some IETF network management protocols,
and compared them to operational needs, especially configuration.</t>
<t>One issue discussed was the user-unfriendliness of the binary
format of SNMP and <xref target="RFC3084">COPS Usage for Policy Provisioning (COPS-PR)</xref>, and it was
recommended that the IETF explore an XML-based Structure of Management
Information, and an XML-based protocol for configuration.</t>
<t>Another conclusion was that the tools for event/alarm
correlation and for root cause analysis and logging are not sufficient, and
that there is a need to support a human interface and a programmatic
interface. The IETF decided to standardize aspects of the de facto
standard for system logging security and programmatic support.</t>
<t>In 2006, the IETF discussed whether the Management Framework should
be updated to accommodate multiple IETF schema languages for describing the structure of management information, and
multiple IETF standard protocols for doing network management.</t>
<t>This document provides some initial guidelines for considering
operations and management in an IETF Management Framework that consists of multiple protocols
and multiple data models, with an eye toward being flexible while also
striving for interoperability.</t>
</section>
</section>
<section title="Operational Considerations">
<t>Designers of a new protocol should carefully consider the operational
aspects. To ensure that a protocol will be practical to deploy in the
real world, it is not enough to merely define it very precisely in a
well-written document. Operational aspects will have a serious impact on the actual
success of a protocol. Such aspects include bad interactions with
existing solutions, a difficult upgrade path, difficulty of debugging
problems, difficulty configuring from a central database, or a
complicated state diagram that operations staff will find difficult to
understand.</t>
<t>BGP flap damping <xref target="RFC2439"></xref> is an example. It was
designed to block high frequency route flaps, however the design did not
consider the existence of BGP path exploration/slow convergence. In real
operations, path exploration caused false flap damping, resulting in
loss of reachability. As a result, most places
turned flap damping off. Regional Internet Registries even issued an official recommendation for
turning it off.</t>
<section title="Operations Model">
<t>Protocol designers can analyze the operational environment and mode
of work in which the new protocol or extension will work. Such an
exercise need not be reflected directly by text in their document,
but could help in visualizing the operational model related to the
applicability of the protocol in the Internet environments where it
will be deployed. The operational model should take into account
factors such as: <list style="symbols">
<t>what type of management entities will be involved (agents,
network management systems)?</t>
<t>what is the possible architecture (client-server,
manager-agent, poll-driven or event-driven, autoconfiguration,
two levels or hierarchical)?</t>
<t>what are the management operations - initial
configuration, dynamic configuration, alarm and exception
reporting, logging, performance monitoring, performance reporting,
debugging?</t>
<t>how are these operations performed - locally, remotely, atomic
operation, scripts? Are they performed immediately or time scheduled or event triggered?</t>
<t>what are the typical user interfaces - Command line (CLI) or
graphical user interface (GUI)?</t>
</list></t>
<t>Protocol designers should consider how the new protocol will be
managed in different deployment scales. It might be sensible to use a
local management interface to manage the new protocol on a single
device, but in a large network, remote management using a centralized
server and/or using distributed management functionality might make
more sense. Auto-configuration and default parameters might be
possible for some new protocols.</t>
<t>There may be a need to support a human interface, e.g., for
troubleshooting, and a programmatic interface, e.g., for automated
monitoring and root cause analysis. It might be important that the
internal method routines used by the application programming
interfaces and the human interfaces should be the same to ensure that
data exchanged between these two interfaces is always consistent. Mixing methods leads to inconsistency, so identifying consistent methods of retrieving information is relevant.</t>
<!--A human interface, such as a command line interface, is
useful for troubleshooting, while a programmatic interface is
important for managing multiple devices in a consistent manner, and
automating repetitive functions. Graphical user interfaces can help an
operator comprehend an overview of the network quickly (one picture is
worth a thousand words), but an operator may also require seeing the
raw data to better understand just what is happening in the network.
Ease of use is a key requirement for any network management technology
from the operators point of view. Protocol designers should consider how
various protocol choices might impact ease of use in different
scenarios. -->
<t>Protocol designers should consider what management operations are
expected to be performed as a result of the deployment of the protocol
- such as whether write operations will be allowed on routers and on
hosts, or whether notifications for alarms or other events will be
expected.</t>
</section>
<section title="Installation and Initial Setup">
<t>To simplify configuration, protocol designers should consider specifying
reasonable defaults, including default modes and
parameters. For example, it could be helpful or necessary to specify
default values for modes, timers, default state of logical control
variables, default transports, and so on. Even if default values are
used, it must be possible to retrieve all the actual values or at
least an indication that known default values are being used.</t>
<t>Protocol designers should consider how to enable operators to
concentrate on the configuration of the network as a whole rather than
on individual devices.</t>
<t>It is desirable to discuss the background of chosen default
values, or perhaps why a range of values makes sense. In many cases,
as technology changes, the values in an RFC might make less and less
sense. It is very
useful to understand whether defaults are based on best current
practice and are expected to change as technologies advance or whether
they have a more universal value that should not be changed
lightly. For example, the default interface speed might be expected to change over time due to increased speeds in the network, and cryptographical algorithms might be expected to change over time as older algoithms are "broken".</t>
<t><list>
<t>it is extremely important to set a sensible default value for
all parameters</t>
<t>the default value should stay on the conservative side rather
than on the "optimizing performance" side. (example: the initial
RTT and RTTvar values of a TCP connection)</t>
<t>for those parameters that are speed-dependent, instead of using
a constant, try to set the default value as a function of the link
speed or some other relevant factors. This would help reduce the
chance of problems caused by technology advancement.</t>
</list></t>
</section>
<section title="Migration Path">
<t>If the new protocol is a new version of an existing one, or if it is
replacing another technology, the protocol designer should consider
how deployments should transition to the new protocol. This should
include co-existence with previously deployed protocols and/or
previous versions of the same protocol, incompatibilities between
versions, translation between versions, and side-effects that might
occur. Are older protocols or versions disabled or do they co-exist in
the network with the new protocol?</t>
</section>
<section title="Requirements on Other Protocols and Functional Components">
<t>Protocol designers should consider the requirements that the new
protocol might put on other protocols and functional components, and
should also document the requirements from other protocols and functional elements that have
been considered in designing the new protocol.</t>
<t>These considerations should generally remain illustrative to avoid
creating restrictions or dependencies, or potentially impacting the
behavior of existing protocols, or restricting the extensibility of
other protocols, or assuming other protocols will not be extended in
certain ways.</t>
<t>For example, the design of <xref target="RFC2205">Resource ReSerVation Protocol (RSVP)</xref>
required each router to look at the RSVP PATH message, and if the router
understood RSVP, to add its own address to the message to
enable automatically tunneling through non-RSVP routers. But in reality
routers cannot look at an otherwise normal IP packet, and potentially
take it off the fast path! The initial designers overlooked that a new
requirement was being put on the functional components of a router.
The "router alert" option was finally developed to solve this problem
for RSVP and other protocols that require the router to take some packets
off the fast forwarding path.</t>
</section>
<section title="Impact on Network Operation">
<t>The introduction of a new protocol or extensions to an existing
protocol may have an impact on the operation of existing networks.
Protocol designers should outline such impacts (which may be positive)
including scaling concerns and interactions with other protocols. For
example, a new protocol that doubles the number of active, reachable
addresses in use within a network might need to be considered in the
light of the impact on the scalability of the IGPs operating within
the network.</t>
<t>A protocol could send active monitoring packets on the wire. If we don't pay attention, we might get very good accuracy, but at the cost of using all the available bandwidth.</t>
<t>The protocol designer should consider the potential impact on the
behavior of other protocols in the network and on the traffic levels
and traffic patterns that might change, including specific types of
traffic such as multicast. Also consider the need to install new
components that are added to the network as result of the changes in
the operational model, such as servers performing auto-configuration
operations.</t>
<t>The protocol designer should consider also the impact on
infrastructure applications like <xref
target="RFC1034">DNS</xref>, the registries, or the size of routing
tables. For example, <xref target="RFC2821">Simple Mail Transfer Protocol (SMTP)</xref> servers use a
reverse DNS lookup to filter out incoming connection requests. When
Berkeley installed a new spam filter, their mail server stopped
functioning because of the DNS cache resolver overload.</t>
<t>The impact on performance may also be noted - increased delay or
jitter in real-time traffic applications, or response time in
client-server applications when encryption or filtering are
applied.</t>
<t>It is important to minimize the impact caused by configuration
changes. Given configuration A and configuration B, it should be
possible to generate the operations necessary to get from A to B with
minimal state changes and effects on network and systems.</t>
</section>
<section title="Verifying Correct Operation">
<t>The protocol designer should consider techniques for testing the
effect that the protocol has had on the network by sending data
through the network and observing its behavior (aka active monitoring). Protocol designers
should consider how the correct end-to-end operation of the new
protocol in the network can be tested actively and passively, and how the correct data or
forwarding plane function of each network element can be verified to
be working properly with the new protocol. Which metrics are of interest? </t>
<t>Having simple protocol status and health indicators on network devices is a
recommended means to check correct operation.</t>
</section>
</section>
<section title="Management Considerations">
<t>The considerations of manageability should start from describing the
operational model, which includes identifying the entities to be
managed, how the respective protocol is supposed to be installed,
configured and monitored, who are the managers and what type of
management interfaces and protocols they would use.</t>
<t>Considerations for management should include a discussion of what
needs to be managed, and how to achieve various management tasks. The
"write a MIB module" approach to considering management often focuses on
monitoring a protocol endpoint on a single device. A MIB module document
typically only considers monitoring properties observable at one end,
while the document does not really cover managing the *protocol* (the
coordination of multiple ends), and does not even come near managing the
*service* (which includes a lot of stuff that is very far away from the
box). This is exactly what operators hate - you need to be able to
manage both ends. As <xref target="RFC3535"></xref> says, MIB modules
can often be characterized as a list of ingredients without a
recipe.</t>
<t>Management needs to be considered not only from the perspective of a device, but also from the perspective of network and service management perspectives. A service might be network and operational functionality derived from the implementation and deployment of a new protocol. Often an individual network element is not aware of the service being delivered.</t>
<t>WGs should consider how to configure multiple related/co-operating
devices and how to back off if one of those configurations fails or
causes trouble. NETCONF addresses this in a generic manner by allowing
an operator to lock the configuration on multiple devices, perform the
configuration settings/changes, check that they are OK (undo if not) and
then unlock the devices.</t>
<t>Techniques for debugging protocol interactions in a network must be
part of the network management discussion. Implementation source code
should be debugged before ever being added to a network, so asserts and
memory dumps do not normally belong in management data models. However,
debugging on-the-wire interactions is a protocol issue: it is enormously
helpful if a protocol has hooks to make debugging of network
interactions easy, and/or is designed in such a way that debugging
protocol behaviors is easy. Hand-waving this away is not something that
operators like ...</t>
<t>In a client/server protocol, it may be more important to instrument
the server end of a protocol than the client end.</t>
<section title="Interoperability">
<t>Just as when deploying protocols that will inter-connect devices,
our primary goal in considering management should be interoperability,
whether across devices from different vendors, across models from the
same vendor, or across different releases of the same product. Management
interoperability refers to allowing information sharing and operations between
multiple devices and multiple management applications, often from different vendors.
Interoperability allows for the use of 3rd party applications and the outsourcing of
management services.
</t>
<t>Some product designers and protocol designers assume that if a
device can be managed individually using a command line interface or a
web page interface, that such a solution is enough. But when equipment
from multiple vendors is combined into a large network, scalability of
management becomes a problem. It is important to have consistency in
the management interfaces so network-wide operational processes can be
automated. For example, a single switch might be easily managed using
an interactive web interface when installed in a single office small
business, but when, say, a fast food company installs similar switches
from multiple vendors in hundreds or thousands of individual branches
and wants to automate monitoring them from a central location,
monitoring vendor-and-model-specific web pages would be difficult to
automate.</t>
<t>Getting everybody to agree on a single syntax and an associated protocol
to do all management has proven to be difficult. So management systems
tend to speak whatever the boxes support, whether the IETF likes this
or not. The IETF is moving from support for one schema language for modeling
the structure of management information (<xref target="RFC2578">Structure of Management Information Version 2 (SMIv2)
</xref>)
and one simple network
management protocol (<xref target="RFC3410">Simple Network Management Protocol (SNMP)</xref>) towards
support for additional schema languages and additional management protocols suited to
different purposes. Other Standard
Development Organizations (e.g. DMTF, TMF) also define schemas and protocols for management
and these may be more suitable than IETF
schemas and protocols in some cases. Some of the alternatives being considered include
<list>
<t><xref target="W3C.REC-xmlschema-0-20010502">XML Schema Definition</xref></t>
<!--
<t><xref target="RelaxNG">Relax NG</xref></t>
<t><xref target="DSDL">Document Schema Definition Languages</xref></t>
-->
<t>and others</t>
</list>
and
<list>
<t><xref
target="RFC4741">NETCONF Configuration Protocol</xref></t>
<t><xref
target="RFC5101">IP Flow Information Export (IPFIX) Protocol
</xref>) for usage accounting </t>
<t><xref
target="I-D.ietf-syslog-protocol">The syslog Protocol</xref> for logging</t>
<t>and others</t>
</list>
</t>
<t>Interoperability needs to be considered on the syntactic level and
the semantic level. While it can be irritating and time-consuming,
application designers including operators who write their own scripts
can make their processing conditional to accommodate differences
across vendors or models or releases of product.</t>
<t>Semantic differences are much harder to deal with on the manager
side - once you have the data, its meaning is a function of the
managed entity. For example, if a single counter provided by vendor A
counts three types of error conditions, while the corresponding
counter provided by vendor B counts seven types of error conditions,
these counters cannot be compared effectively - they are not
interoperable counters.</t>
<t>Information models are helpful to try to focus interoperability on
the semantic level - they establish standards for what information
should be gathered, and how gathered information might be used
regardless of which management interface carries the data or which
vendor produces the product. The use of an information model might
help improve the ability of operators to correlate messages in
different protocols where the data overlaps, such as a SYSLOG message
and an SNMP notification about the same event. An information model
might identify which error conditions should be counted separately,
and which error conditions can be counted together in a single
counter. Then, whether the counter is gathered via SNMP or a CLI
command or a SYSLOG message, the counter will have similar
meaning.</t>
<t>Protocol designers should consider which information might be
useful for managing the new protocol or protocol extensions.</t>
<figure title="Figure 1">
<preamble></preamble>
<artwork><![CDATA[ IM --> conceptual/abstract model
| for designers and operators
+----------+---------+
| | |
DM DM DM --> concrete/detailed model
for implementers
]]></artwork>
<postamble>Information Models and Data Models</postamble>
</figure>
<t>On the Difference between Information Models and Data Models <xref
target="RFC3444"> </xref> may be useful in determining what
information to consider regarding information models, as compared to
data models.</t>
<t>Information models should come from the protocol WGs and include
lists of events, counters and configuration parameters that are
relevant. There are a number of information models contained in
protocol WG RFCs. Some examples:</t>
<t><list style="symbols">
<t><xref target="RFC3060"></xref> - Policy Core Information Model
version 1</t>
<t><xref target="RFC3290"></xref> - An Informal Management Model
for DiffServ Routers</t>
<t><xref target="RFC3460"></xref> - Policy Core Information Model
Extensions</t>
<t><xref target="RFC3585"></xref> - IPsec Configuration Policy
Information Model</t>
<t><xref target="RFC3644"></xref> - Policy Quality of Service
Information Model</t>
<t><xref target="RFC3670"></xref> - Information Model for
Describing Network Device QoS Datapath Mechanisms</t>
<t><xref target="RFC3805"></xref> - Printer MIB v2 (contains both
an IM and a DM</t>
</list>Management protocol standards and management data model
standards often contain compliance clauses to ensure interoperability.
Manageability considerations should include discussion of which level
of compliance is expected to be supported for interoperability.</t>
<t></t>
</section>
<section title="Management Information">
<t>A management information model should include a discussion of what
is manageable, which aspects of the protocol need to be configured,
what types of operations are allowed, what protocol-specific events
might occur, which events can be counted, and for which events should
an operator be notified.</t>
<t>Operators find it important to be able to make a clear distinction
between configuration data, operational state, and statistics. They
need to determine which parameters were administrative configured and
which parameters have changed since configuration as the result of
mechanisms such as routing protocols.</t>
<t>It is important to be able to separately fetch configuration data,
operational state data, and statistics from devices, and to be able to
compare current state to initial state, and to compare data between
devices.</t>
<t>What is typically difficult to work through are relationships
between abstract objects. Ideally an information model would describe
the relationships between the objects and concepts in the information
model.</t>
<t>Is there always just one instance of this object or can there be
multiple instances? Does this object relate to exactly one other
object or may it relate to multiple? When is it possible to change a
relationship?</t>
<t>Do objects (such as rows in tables) share fate? For example, if a
row in table A must exist before a related row in table B can be
created, what happens to the row in table B if the related row in
table A is deleted? Does the existence of relationships between
objects have an impact on fate sharing?</t>
</section>
<section title="Fault Management">
<t>The protocol designer should document the basic faults and health
indicators that need to be instrumented for the new protocol, and the
alarms and events that must be propagated to management applications
or exposed through a data model.</t>
<t>The protocol designer should consider how faults information will
be propagated. Will it be done using asynchronous notifications or
polling of health indicators?</t>
<t>If notifications are used to alert operators to certain conditions,
then the protocol designer should discuss mechanisms to throttle
notifications to prevent congestion and duplications of event
notifications. Will there be a hierarchy of faults, and will the fault
reporting be done by each fault in the hierarchy, or will only the
lowest fault be reported and the higher levels be suppressed? should
there be aggregated status indicators based on concatenation of
propagated faults from a given domain or device?</t>
<t>SNMP notifications and SYSLOG messages can alert an operator when
an aspect of the new protocol fails or encounters an error or failure condition,
and SNMP is frequently used as a heartbeat monitor. Should the event reporting
provide gyaranteed accurate delivery of the event information within a given (high)
margin of confidence? Can we poll the latest events in the box?</t>
<section title="Liveness Detection and Monitoring">
<t>Liveness detection and monitoring applies both to the control
plane and the data plane. Mechanisms for detecting faults in the
control plane or for monitoring its liveness are usually built into
the control plane protocols or inherited from underlying data plane
or forwarding plane protocols. These mechanisms do not typically
require additional management capabilities. However, when a system
detects a control plane fault, there is often a requirement to
coordinate recovery action through management applications or at
least to record the fact in an event log. </t>
<t>Where the protocol is responsible for establishing data or user
plane connectivity, liveness detection and monitoring usually need
to be achieved through other mechanisms. In some cases, these
mechanisms already exist within other protocols responsible for
maintaining lower layer connectivity, but it will often be the case
that new procedures are required to detect failures in the data path
and to report rapidly, allowing remedial action to be taken.</t>
<t>Protocol designers should always build in basic testing features
(e.g. ICMP echo, UDP/TCP echo service, NULL RPC calls) that can be
used to test for liveness, with an option to enable and disable
them.</t>
</section>
<section title="Fault Determination">
<t>It can be helpful to describe how faults can be pinpointed using
management information. For example, counters might record instances
of error conditions. Some faults might be able to be pinpointed by
comparing the outputs of one device and the inputs of another device
looking for anomalies.</t>
<t>How do you distinguish between faulty messages and good messages?</t>
<t>Would some threshold-based mechanisms, such as RMON events/alarms or the EVENT-MIB, be useable to help determine error conditions? Are SNMP notifications for all events needed, or are there some "standard" notifications that could be used? or can the right counters that can be polled as needed?</t>
</section>
<section title="Fault Isolation">
<t>It might be useful to isolate faults, such as a system that emits
malformed messages necessary to coordinate connections properly.
Spanning tree comes to mind. This might be able to be done by
configuring next-hop devices to drop the faulty messages to prevent
them from entering the rest of the network.</t>
</section>
</section>
<section title="Configuration Management">
<t>A protocol desoigners should document what the
basic configuration parameters that need to be instrumented for a new
protocol, as well as default values and modes of operation.</t>
<t>What information should be maintained across reboots of the device,
or restarts of the management system?</t>
<t><xref target="RFC3139">"Requirements for Configuration Management of IP-based Networks"</xref> discusses requirements for
configuration management. This document includes discussion of
different levels of management, including high-level-policies,
network-wide configuration data, and device-local configuration.</t>
<t>A number of efforts have existed in the IETF to develop
policy-based management. <xref target="RFC3198">"Terminology for Policy-Based Management"</xref> was
written to standardize the terminology
across these efforts. Some of the efforts resulted in proposals that are
NOT RECOMMENDED, so a protocol designer should check the current
recommendation status before depending on a specific protocol suggestion.</t>
<t>It is highly desirable that text processing tools such as diff, and
version management tools such as RCS or CVS or SVN, can be used to
process configurations. This approach simplifies comparing the current
operational state to the initial configuration. It is commonplace to compare
configuration changes to e.g., last day, last week, last month, etc. -- having
configuration in a text, and human-understandable format is very valuable
for various reasons such as change control (or verification), configuration
consistency checks, etc.</t>
<t>With structured text such as XML, simple text diffs may be found to
be inadequate and more sophisticated tools may be needed to make any
useful comparison of versions.</t>
<t>To simplify such configuration comparisons, devices should not
arbitrarily reorder data such as access control lists. If a protocol
designer defines mechanisms for configuration, it would be desirable
to standardize the order of elements for consistency of configuration
and of reporting across vendors, and across releases from vendors.</t>
<t>There are two parts to this: 1. An NMS system
could optimize ACLs for performance reasons 2. Unless the device/NMS
systems has correct rules/a lot of experience, reordering ACLs can
lead to a huge security issue.</t>
<t>Network wide configurations are ideally stored in central master
databases and transformed into formats that can be pushed to devices,
either by generating sequences of CLI commands or complete
configuration files that are pushed to devices. There is no common
database schema for network configuration, although the models used by
various operators are probably very similar. It is desirable to
extract, document, and standardize the common parts of these network
wide configuration database schemas. A protocol designer should
consider how to standardize the common parts of configuring the new
protocol, while recognizing the vendors will likely have proprietary
aspects of their configurations.</t>
<t>It is important to distinguish between the distribution of
configurations and the activation of a certain configuration. Devices
should be able to hold multiple configurations. NETCONF <xref
target="RFC4741"></xref>, for example, differentiates between the
"running" configuration and "candidate" configurations.</t>
<t>It is important to enable operators to concentrate on the
configuration of the network as a whole rather than individual
devices. Support for configuration transactions across a number of
devices would significantly simplify network configuration management.
The ability to distribute configurations to multiple devices, or
modify "candidate configurations on multiple devices, and then
activate them in a near-simultaneous manner might help. Protocol designers can consider how it would make sense for their protocol to be configured across multiple devices. Configuration-templates might also be helpful.</t>
<t>Consensus of the 2002 IAB Workshop was that textual configuration
files should be able to contain international characters.
Human-readable strings should utilize UTF-8, and protocol elements
should be in case insensitive ASCII.</t>
<t>A mechanism to dump and restore configurations is a primitive
operation needed by operators. Standards for pulling and pushing
configurations from/to devices are desirable.</t>
<t>Given configuration A and configuration B, it should be possible to
generate the operations necessary to get from A to B with minimal
state changes and effects on network and systems. It is important to
minimize the impact caused by configuration changes.</t>
<t>Many protocol specifications include timers that are used as part
of operation of the protocol. These timers may need default values
suggested in the protocol specification and do not need to be
otherwise configurable.</t>
<section title="Verifying Correct Operation">
<t>An important function that should be provided is guidance on how
to verify the correct operation of a protocol. A protocol designer could suggest techniques for testing
the impact of the protocol on the network before it is deployed, and
techniques for testing the effect that the protocol has had on the network
after being deployed. </t>
<t>Protocol designers should consider how to test the correct
end-to-end operation of the network, and how to verify the correct
data or forwarding plane function of each network element. This may be
achieved through status and statistical information from network devices. </t>
</section>
<section title="Control of Function and Policy ">
<t>A protocol designer should consider the configurable items that
exist for the control of function via the protocol elements
described in the protocol specification. For example, Sometimes the
protocol requires that timers can be configured by the operator to
ensure specific policy-based behavior by the implementation.</t>
</section>
</section>
<section title="Accounting Management">
<t>A protocol designer should consider whether it would be appropriate
to collect usage information related to this protocol, and if so, what
usage information would be appropriate to collect?</t>
<t><xref target="RFC2975">"Introduction to Accounting
Management"</xref> discusses a number of factors relevant to monitoring usage
of protocols for purposes of capacity and trend analysis, cost
allocation, auditing, and billing. This document also discusses how
<xref target="RFC2865">Remote Authentication Dial In User Service (RADIUS)</xref>, <xref
target="RFC1492">Terminal Access Controller Access Control System (TACACS)</xref>, SNMP, IPFIX, and <xref target="I-D.ietf-psamp-protocol">Packet Sampling (PSAMP) Protocol</xref> protocols can be used for these
purposes. These factors should be considered when designing a protocol
whose usage might need to be monitored, or when recommending a
protocol to do usage accounting.</t>
</section>
<section title="Performance Management">
<t>Consider information that would be useful when trying to determine
the performance characteristics of a deployed system using the target
protocol.</t>
<t>There are several parts to performance management to be considered: protocol monitoring, services monitoring, and device monitoring (the impact of the new protocol/service activation on the device).</t>
<t>From a manageability point of view it is important to determine how well
a network deploying the protocol or technology defined in the document
is doing. In order to do this the network operators need to consider information
that would be useful to determine the performance characteristics of a deployed
system using the target protocol.
</t>
<t>Consider scalability, such as whether performance will be affected
by the number of protocol connections. If so, then it might be useful
to provide information about the maximum number of table entries that
should be expected to be modeled, how many entries an implementation
can support, the current number of instances, and the expected
behavior when the current instances exceed the capacity of the
implementation. This should be considered in a data-modeling
independent manner - what makes managed-protocol sense, not what makes
management-protocol-sense. If it is not managed-protocol-dependent,
then it should be left for the management-protocol data modelers to
decide. For example, VLAN identifiers have a range of 1..4095 because of
the VLAN standards. A MIB implementing a VLAN table should be able to support 4096 entries because the content being modeled requires it.</t>
<t>Any recommendation in the document should be data-modeling
language independent. The protocol document should make clear the limitations
implicit within the protocol and the behavior when limits are exceeded.
</t>
<t>Consider the capability of determining the operational activity, such as
the number of message in and
the messages out, the number of received messages rejected due to
format problems, the expected behaviors when a malformed message is
received.</t>
<t>Consider the expected behaviors for counters - what is a reasonable
maximum value for expected usage? should they stop counting at the
maximum value and retain the maximum value, or should they rollover?
How can users determine if a rollover has occurred, and how can users
determine if more than one rollover has occurred?
</t>
<t>Consider whether multiple management applications will share a
counter; if so, then no one management application should be allowed
to reset the value to zero since this will impact other
applications. </t>
<t>Could events, such as hot-swapping a blade in a chassis, cause
discontinuities in information? Does this make any difference in
evaluating the performance of a protocol?</t>
<t>For performance monitoring, it is often important to report the
time spent in a state rather than the current state. Snapshots are of
less value for performance monitoring. </t>
<t>The Benchmarking Methodology WG (bmwg) has defined recommendations
for the measurement of the performance characteristics of various
internetworking technologies in a laboratory environment, including
the systems or services that are built from these technologies. Each
recommendation describes the class of equipment, system, or service
being addressed; discuss the performance characteristics that are
pertinent to that class; clearly identify a set of metrics that aid in
the description of those characteristics; specify the methodologies
required to collect said metrics; and lastly, present the requirements
for the common, unambiguous reporting of benchmarking results.</t>
<t>What are the principal performance factors that need to be looked
at when measuring the operational performance of the protocol implementations? Is
it important to measure setup times? throughput? quality versus
throughput? interruptions? end-to-end throughput? end-to-end quality?
hop-to-hop throughput? In many cases the performance metrics are generic and
already defined by work done in the IPPM WG, or BMWG for example,
but in some cases new metrics need to be defined. It would be useful if the
document would identify the need for such new metrics.</t>
</section>
<section title="Security Management">
<t>Protocol designers should consider how to monitor and to manage
security aspects and vulnerabilities of the new protocol.</t>
<t>There will be security considerations related to the new protocol.
To make it possible for operators to be aware of security-related
events, it is recommended that system logs should record events, such
as failed logins, but the logs must be secured.</t>
<t>Should a system automatically notify operators of every event
occurrence, or should an operator-defined threshold control when a
notification is sent to an operator?</t>
<t>Should certain statistics be collected about the operation of the
new protocol that might be useful for detecting attacks, such as the
receipt of malformed messages, or messages out of order, or messages
with invalid timestamps? If such statistics are collected, is it
important to count them separately for each sender to help identify
the source of attacks?</t>
<t>Manageability considerations that are security-oriented might
include discussion of the security implications when no monitoring is
in place, the regulatory implications of absence of audit-trail or
logs in enterprises, exceeding the capacity of logs, and security
exposures present in chosen / recommended management mechanisms.</t>
<t>Consider security threats that may be introduced by management operations. For example
CAPWAP breaks the structure of monolithic Access Points (AP) into Access
Controllers and Wireless Termination Points (WTP). By using a management
interface, internal information that was previously not accessible is now
exposed over the network and to management applications and may become
a source of potential security threats.</t>
<t>The granularity of access control needed on management interfaces
needs to match operational needs. Typical requirements are a
role-based access control model and the principle of least privilege,
where a user can be given only the minimum access necessary to perform
a required task.</t>
<t>It must be possible to do consistency checks of access control
lists across devices. Protocol designers should consider information
models to promote comparisons across devices and across vendors to
permit checking the consistency of security configurations.</t>
<t>Protocol designers should consider how to provide a secure
transport, authentication, identity, and access control which
integrates well with existing key and credential management
infrastructure. It is a good idea to start with defining the threat model for the protocol, and from that deducing what is required.</t>
<t>Protocol designers should consider how access control lists
are maintained and updated.</t>
<t>Standard SNMP notifications or SYSLOG messages <xref
target="I-D.ietf-syslog-protocol"></xref> might already exist, or can
be defined, to alert operators to the conditions identified in the
security considerations for the new protocol. For
example, you can log all the commands entered by the operator using
syslog (giving you some degree of audit trail), or you can see who has
logged on/off using SSH from where, failed SSH logins can be
logged using syslog, etc.
</t>
<t>An analysis of existing counters might help operators recognize the
conditions identified in the security considerations for the new
protocol before they can impact the network.</t>
<t>RADIUS and DIAMETER can provide authentication and authorization. A
protocol designer should consider which attributes would be
appropriate for their protocol.</t>
<t>Different protocols use different assumptions about message
security and data access controls. A protocol designer that recommends
using different protocols should consider how security will be applied
in a balanced manner across multiple management interfaces. SNMP
access control is data-oriented, while CLI access control is usually
command (task) oriented. Depending on the management function,
sometimes data-oriented or task-oriented access control makes more
sense. Protocol designers should consider both data-oriented and
task-oriented access control.</t>
</section>
</section>
<section title="Documentation Guidelines">
<t>This document is focused on what to think about, and how to document
the considerations of the protocol designer.</t>
<section title="Recommended Discussions">
<t>A Manageability Considerations section should include discussion of
the management and operations topics raised in this document, and when
one or more of these topics is not relevant, it would be useful to
contain a simple statement explaining why the topic is not relevant
for the new protocol. Of course, additional relevant topics should be
included as well.</t>
<t>Existing protocols and data models can provide the management
functions identified in the previous section. Protocol designers
should consider how using existing protocols and data models might
impact network operations.</t>
</section>
<section title="Null Manageability Considerations Sections">
<t>A protocol designer may seriously consider the manageability
requirements of a new protocol, and determine that no management
functionality is needed by the new protocol. It would be helpful to
those who may update or write extensions to the protocol in the future
or to those deploying the new protocol to know the thinking of the
working regarding the manageability of the protocol at the time of its
design.</t>
<t>If there are no new manageability or deployment considerations, it
is recommended that a Manageability Considerations section contain a
simple statement such as "There are no new manageability requirements
introduced by this document," and a brief explanation of why that is
the case. The presence of such a Manageability Considerations section
would indicate to the reader that due consideration has been given to
manageability and operations.</t>
<t>In the case where the new protocol is an extension, and the base
protocol discusses all the relevant operational and manageability
considerations, it would be helpful to point out the considerations
section in the base document.</t>
</section>
<section title="Placement of Operations and Manageability Considerations Sections ">
<t>If a protocol designer develops a Manageability Considerations
section for a new protocol, it is recommended that the section be
placed immediately before the Security Considerations section.
Reviewers interested in such sections could find it easily, and this
placement could simplify the development of tools to detect the
presence of such a section.</t>
</section>
</section>
<section title="IANA Considerations">
<t>This document does not introduce any new codepoints or name spaces
for registration with IANA. Note to RFC Editor: this section may be
removed on publication as an RFC.</t>
</section>
<section title="Security Considerations">
<t>This document is informational and provides guidelines for
considering manageability and operations. It introduces no new security
concerns.</t>
</section>
<section title="Acknowledgements">
<t>This document started from an earlier document edited by Adrian
Farrel, which itself was based on work exploring the need for
Manageability Considerations sections in all Internet-Drafts produced
within the Routing Area of the IETF. That earlier work was produced by
Avri Doria, Loa Andersson, and Adrian Farrel, with valuable feedback
provided by Pekka Savola and Bert Wijnen.</t>
<t>Some of the discussion about designing for manageability came from
private discussions between Dan Romascanu, Bert Wijnen, Juergen
Schoenwaelder, Andy Bierman, and David Harrington.</t>
<t>Thanks to reviewers who helped fashion this document, including
David Kessens, Dan Romascanu, Ron Bonica, Bert Wijnen, Lixia Zhang,
Ralf Wolter, Benoit Claise, Brian Carpenter, Harald Alvestrand, Juergen
Schoenwaelder, Pekka Savola
</t>
</section>
</middle>
<back>
<references title="Informative References">
&rfc2821;
&rfc1034;
&rfc1052;
&rfc1492;
&rfc2119;
&rfc2205;
&rfc2439;
&rfc2578;
&rfc2863;
&rfc2865;
&rfc2975;
&rfc3060;
&rfc3084;
&rfc3139;
&rfc3198;
&rfc3290;
&rfc3410;
&rfc3444;
&rfc3460;
&rfc3535;
&rfc3585;
&rfc3644;
&rfc3670;
&rfc3805;
&rfc4741;
&rfc5101;
&I-D.ietf-syslog-protocol;
&I-D.ietf-psamp-protocol;
&W3C.REC-xmlschema-0-20010502;
<!--
&RelaxNG;
&DSDL;
-->
</references>
<section title="Operations and Management Review Checklist">
<t>This appendix provides a quick checklist of issues that protocol designers
should expect operations and management expert reviewers to look for when reviewing
a document being proposed for consideration as a protocol standard.</t>
<section title="Operational Considerations">
<t><list>
<t>Has the operations model been discussed? see section 3.1.
<list>
<t>Does the document include a description of the
operational model - how is this protocol or technology going to be
deployed and managed?</t>
<t>Is the proposed specification deployable? If not, how could it
be improved? </t>
<t>
Does the solution scale well? Does
the proposed approach have any scaling issues that could affect
usability for large scale operation?</t>
</list></t>
<t>Has installation and initial setup been discussed? see section 3.2
<list>
<t>Is the solution sufficiently configurable? </t>
<t>are configuration parameters clearly identified?</t>
<t>are configuration parameters normalized?</t>
<t>does each configuration parameter have a reasonable
default value? </t>
<t>Will configuration be pushed to a device by a
configuration manager, or pulled by a device from a configuration
server?</t>
<t>How will the devices and managers find and authenticate
each other?</t>
</list></t>
<t>Has the migration path been discussed? see section 3.3.
<list>
<t>Are there any backward compatibility issues?</t>
</list></t>
<t>Have the Requirements on Other Protocols and Functional Components been discussed? see section 3.4.
<list>
<t>What
protocol operations are expected to be performed relative to the new
protocol or technology, and what protocols and data models are expected
to be in place or recommended to ensure for interoperable management?</t>
</list></t>
<t>Has the Impact on Network Operation been discussed? see section 3.5.
<list>
<t></t>
</list></t>
<t>Have suggestions for verifying correct operation been discussed? see section 3.6.
<list>
<t></t>
</list></t>
<t>Have suggestions for verifying correct operation been discussed? see section 4.1.
<list>
<t></t>
</list></t>
</list> </t>
</section> <!-- /Operational Consierations -->
<section title="Management Considerations">
<t>Do you anticipate any manageability issues with the
specification?</t>
<t><list>
<t>Is Management interoperability discussed? see section 4.1.
<list>
<t>will it use centralized or distributed
management?</t>
<t>will it require remote and/or local management
applications? </t>
<t>Are textual or graphical user interfaces required?</t>
<t>Is textual or binary format for management information preferred?</t>
</list>
</t> <!-- /4.1 -->
<t>Is Management Information discussed? see section 4.2.
<list>
<t>What is the minimal set of management
(configuration, faults, performance monitoring) objects that need to be
instrumented in order to manage the new protocol?</t>
</list>
</t> <!-- /4.2 -->
<t>Is Fault Management discussed? see section 4.3.
<list>
<t>Is Liveness Detection and Monitoring discussed?</t>
<t>Does the solution have failure modes that are difficult to
diagnose or correct? Are faults and alarms reported and
logged?</t>
<t></t>
</list>
</t> <!-- /4.3 -->
<t>Is Configuration Management discussed? see section 4.4.
<list>
<t>is protocol state information exposed to the user? How? are
significant state transitions logged?</t>
<t></t>
</list>
</t> <!-- /4.4 -->
<t>Is Accounting Management discussed? see section 4.5.
<list>
<t></t>
</list>
</t> <!-- /4.5 -->
<t>Is Performance Management discussed? see section 4.6.
<list>
<t>Does the protocol have an impact on network traffic and network
devices? Can performance be measured? </t>
<t>Is protocol performance
information exposed to the user?</t>
</list>
</t> <!-- /4.6 -->
<t>Is Security Management discussed? see section 4.7.
<list>
<t>Does the specification discuss hwo to manage aspects of security, such as
access controls, managing key distribution, etc.</t>
<t></t>
</list>
</t> <!-- /4.7 -->
</list></t>
</section> <!-- /management considerations -->
<section title="Documentation">
<t>Is an operational considerations and/or manageability section part of the document?</t>
<t>Does the proposed protocol have a significant operational
impact on the Internet. If it does, and the document under review
targets standards track, is their enough proof of implementation
and/or operational experience to grant Proposed Standard
status?</t>
</section>
</section> <!-- /checklist -->
<section title="Change Log">
<t>Changes from opsawg-04 to opsawg-05</t>
<t><list>
<t>added bullets for appendix checklist</t>
<t>aligned checklist order and guidelines order</t>
<t>resolved all DISCUSS and TODO issues.</t>
</list></t>
<t>Changes from opsawg-03 to opsawg-04</t>
<t><list>
<t>improved wording in Introduction</t>
<t>added a number of DISCUSS points raised during WG reviews</t>
<t>added more wording on service management</t>
<t>updated references and copyrights</t>
</list></t>
<t>Changes from opsawg-02 to opsawg-03</t>
<t>From reviews by Lixia Zhang and feedback from WG Chairs' Lunch.</t>
<t><list>
<t>added discussion of impact on the Internet to checklist</t>
<t>spell check</t>
<t>added examples</t>
<t>added discussion of default values</t>
<t>added discussion of database-driven configuration</t>
<t>fixed some references</t>
<t>expanded the checklist</t>
</list></t>
<t>Changes from opsawg-01 to opsawg-02</t>
<t><list>
<t>moved survey of protocols and data models to separate
document</t>
<t>changed "working group" to "protocol designer" throughout, as
applicable.</t>
<t>modified wording from negative to positive spin in places.</t>
<t>updated based on comments from Ralf Wolter and David Kessens</t>
</list></t>
<t>Changes from opsawg-00 to opsawg-01</t>
<t><list>
<t>moved Proposed Standard data models to appendix</t>
<t>moved advice out of data model survey and into considerations
section</t>
<t>addressed comments from Adrian and Dan</t>
<t>modified the Introduction and Section 2 in response to many
comments.</t>
<t>expanded radius and syslog discussion, added psamp and VCCV,
modified ipfix,</t>
</list></t>
<t>Changes from harrington-01 to opsawg-00</t>
<t><list>
<t>added text regarding operational models to be managed.</t>
<t>Added checklist appendix (to be filled in after consensus is
reached on main text )</t>
</list></t>
<t>Changes from harrington-00 to harrington-01</t>
<t><list>
<t>modified unclear text in "Design for Operations and
Management"</t>
<t>Expanded discussion of counters</t>
<t>Removed some redundant text</t>
<t>Added ACLs to Security Management</t>
<t>Expanded discussion of the status of COPS-PR, SPPI, and PIBs.</t>
<t>Expanded comparison of RADIUS and Diameter.</t>
<t>Added placeholders for EPP and XCAP protocols.</t>
<t>Added Change Log and Open Issues</t>
</list></t>
</section>
</back>
</rfc>| PAFTECH AB 2003-2026 | 2026-04-23 03:49:49 |