From: GROW <[email protected]> on behalf of tom petch <[email protected]> Sent: 21 March 2022 17:15 From: Benoit Claise <[email protected]> Sent: 19 March 2022 17:27
Hi Tom, Great feedback. I would like to come back your NACM comment below. We added "nacm:default-deny-all" to our action (in our temp version). I have not been following the detailed history of https://datatracker.ietf.org/doc/html/draft-ietf-idr-bgp-model-13. And I don't know whether this point was already discussed but I was surprised to observe that this draft does not have "nacm:default-deny-all" for its action. Bringing this issue here since I guess we deal with the same set of people in GROW/IDR. <tp> Benoit I think that this is one for IDR rather than GROW, that is it is just a question of getting the authors to include it, not a question of good operational practice to include or not include it. I don't think I have commented on bgp-model lately - there is much in it that I would rather were done differently such as how many separate modules and submodules there should be. For the latter, I start at zero and do not count upwards. <tp" Benoit I was looking at babel-yang, currently with the RFC-Editor in MISSREF. The Security Considerations flag the need to use NACM on such as RPC and 'action' but the YANG module does not do so. Rather it tacks a nacm:default deny-all onto some data leaves leaving the access to the actions unlimited. An interesting twist. Tom Petch Tom Petch Regards, Benoit On 3/11/2022 5:43 PM, tom petch wrote: > From: GROW <[email protected]> on behalf of Camilo Cardona > <[email protected]> > Sent: 07 March 2022 10:06 > Hi Grow, > > We just submitted a new draft proposing a yang module for configuring and > managing BMP on a device. > > It would be nice to get some comments, observations, etc. > > <tp> > > prefix bmp seems more than adequate to me - ietf in the name but not in the > prefix > > import must have a reference and the reference must be Normative References > for the I-D > > YANG must be plain text - I am always suspicious of [] as in > "[RFC-to-be]: BMP YANG Module"; > > an enum with only one value could do with an explanation > looking at how it is used, I do not understand it > > your ip type include the zone - is this intended? > > leaf destination-port { > type inet:ip-address; > looks like an oxymoron > > statistics interval has no units > > statistics commonly have a discontinuity leaf > > unit32 may be small for counters > > actions commonly have a NACM default deny-all > > ' BGP data is sensible for security considerations.' > looks a bit odd > > IANA considerations are incomplete - you must register the prefix > > YANG needs references, BGP. BMP!. etc > > This e-mail comes from two addresses neither of which are the address in the > I-D; I wonder if they will bounce:-( > > > Have a 'nice' day, > > Tom Petch > > Grow Chairs, will it be possible to get a 5 minute slot in the next session > to give an overview of this module? > > Thanks, > Camilo Cardona > > > >> On 7/3/22, 10:51, "[email protected]" <[email protected]> >> wrote: >> >> >> A new version of I-D, draft-cptb-grow-bmp-yang-01.txt >> has been successfully submitted by Camilo Cardona and posted to the >> IETF repository. >> >> Name: draft-cptb-grow-bmp-yang >> Revision: 01 >> Title: BMP YANG Module >> Document date: 2022-03-07 >> Group: Individual Submission >> Pages: 14 >> URL: >> https://www.ietf.org/archive/id/draft-cptb-grow-bmp-yang-01.txt >> Status: >> https://datatracker.ietf.org/doc/draft-cptb-grow-bmp-yang/ >> Htmlized: >> https://datatracker.ietf.org/doc/html/draft-cptb-grow-bmp-yang >> Diff: >> https://www.ietf.org/rfcdiff?url2=draft-cptb-grow-bmp-yang-01 >> >> Abstract: >> This document proposes a YANG module for BMP (BGP Monitoring >> Protocol) configuration and monitoring. A complementary RPC triggers >> a refresh of the session of a BMP station. >> >> >> >> >> The IETF Secretariat >> >> >> >> > _______________________________________________ > GROW mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/grow > _______________________________________________ > GROW mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/grow _______________________________________________ GROW mailing list [email protected] https://www.ietf.org/mailman/listinfo/grow _______________________________________________ GROW mailing list [email protected] https://www.ietf.org/mailman/listinfo/grow
