Hi, I am under the impression we have here a misunderstanding caused by the concepts in NFV and what we are defining in I2NSF. I agree with John in that the Registration Interface should not be used for exchanging operational status, just to register and deregister NSFs and their capabilities. But there is an NFV process (the so-called “onboarding”, essentially including it in a catalog of available software-based functions) that should imply an exchange through the Registration Interface, and could be seen as an operational exchange. Anyway, this misinterpretation can be solved if we realize such onboarding is not a lifecycle operation, but the pre-condition for starting the function lifecycle.
Be goode, On 16 Jul 2017, at 21:33 , John Strassner <[email protected]<mailto:[email protected]>> wrote: > In the I2NSF framework, the basic purpose of the registration > interface is to register an NSF into the system. The registration interface is also used to register NSF Capabilities. > In addition to this purpose, however, the registration interface > can be also utilized for dynamic life cycle management of NSFs. I disagree. The only operations that this interface should support are register and deregister, for both NSFs and Capabilities. Operational status SHOULD NOT be put in this interface. > For example, the security controller can request the developer's > management system (DMS) to create a new NSF instance. > The registration interface DM defines the data model that is > required to enable this additional functionality of the > registration interface. That is not, imo, "dynamic lifecycle management". That is simply performing a registration operation. OAM info SHOULD NOT be put into a registration interface. > On the other hand, the capability DM can be used to describe > the security capability of a new NSF instance to be created by > the DMS along with its location and IT resources. Again, this is **just** a registration operation. I fail to see how this has anything to do with lifecycle management. regards, John On Thu, Jul 13, 2017 at 7:38 AM, Mr. Jaehoon Paul Jeong <[email protected]<mailto:[email protected]>> wrote: Hi Frank, In the I2NSF framework, the basic purpose of the registration interface is to register an NSF into the system. In addition to this purpose, however, the registration interface can be also utilized for dynamic life cycle management of NSFs. For example, the security controller can request the developer's management system (DMS) to create a new NSF instance. The registration interface DM defines the data model that is required to enable this additional functionality of the registration interface. On the other hand, the capability DM can be used to describe the security capability of a new NSF instance to be created by the DMS along with its location and IT resources. Thanks. Best Regards, Paul On Wed, Jul 12, 2017 at 6:54 PM, Xialiang (Frank) <[email protected]<mailto:[email protected]>> wrote: Hi Paul, Thanks for your clear clarification. I share the same idea with you. Actually, in the latest draft-xibassnez-i2nsf-capability, we have separated capability and security policy information model distinctly. So, my further question is what is the relationship between the capability DM draft and registration interface DM? Thanks! B.R. Frank 发件人: I2nsf [mailto:[email protected]<mailto:[email protected]>] 代表 Mr. Jaehoon Paul Jeong 发送时间: 2017年7月10日 23:21 收件人: Linda Dunbar 抄送: [email protected]<mailto:[email protected]>; Adrian Farrel; [email protected]<mailto:[email protected]> 主题: Re: [I2nsf] relationship between draft-hares-i2nsf-capability-data-model-03 & draft-kim-i2nsf-nsf-facing-interface-data-model-02? (was RE: Request for Timeslots in I2NSF WG Meeting Hi Linda, Here is the clarification between NSF-facing interface YANG data model and Capability YANG data model. NSF-facing YANG data model is used to configure the rules of a policy into NSFs. This YANG data model is a standard interface for Security Controller to manipulate NSFs developed by various vendors. Capability YANG data model is used to retrieve capability information of an NSF. For example, after an NSF for network security control (i.e., firewall) inspects a packet and needs an additional security function such as deep packet inspection (DPI), it can ask Security Controller the location of such an additional security function and the corresponding IT resources with the Capability YANG data model. In summary, Capability YANG data model is used to query the capability information of a requested NSF and NSF-facing YANG data model is used to configure the rules of a policy (e.g., add/delete/update/read) based on an ECA paradigm. Thus, since these two models have different purposes, I think that we need to have two YANG drafts. Thanks. Best Regards, Paul On Sat, Jul 8, 2017 at 8:24 AM, Linda Dunbar <[email protected]<mailto:[email protected]>> wrote: Paul and Sue: You requested slots for both draft-hares-i2nsf-capability-data-model-03 & draft-kim-i2nsf-nsf-facing-interface-data-model-02. The abstract of draft-kim-i2nsf-nsf-facing-interface-data-model-02 stated that the draft defines the data model for network security functions), such as network security control, content security control, and attack mitigation control,.. The draft-hares-i2nsf-capability-data-model-03 has specified the High-Level YANG for Network Security Control, Content Security Control and Attack Mitigation Control. How are those two drafts related? I have a vague memory that those two drafts are to be merged, are they? Thank you very much, Linda From: Mr. Jaehoon Paul Jeong [mailto:[email protected]<mailto:[email protected]>] Sent: Thursday, July 06, 2017 7:54 AM To: Linda Dunbar <[email protected]<mailto:[email protected]>>; Adrian Farrel <[email protected]<mailto:[email protected]>> Cc: [email protected]<mailto:[email protected]>; [email protected]<mailto:[email protected]> Subject: Request for Timeslots in I2NSF WG Meeting Hi Linda and Adrian, I would like to ask the timeslots for our 7 drafts as follows: draft-hares-i2nsf-capability-data-model-03 - Presenter: Sue Hares - Time: 10 min draft-kim-i2nsf-nsf-facing-interface-data-model-02 - Presenter: Jaehoon Paul Jeong - Time: 10 min draft-jeong-i2nsf-consumer-facing-interface-dm-02 - Presenter: Jaehoon Paul Jeong - Time: 10 min draft-jeong-i2nsf-applicability-00 - Presenter: Jaehoon Paul Jeong - Time: 15 min draft-hyun-i2nsf-nsf-triggered-steering-03 - Presenter: Sangwon Hyun - Time: 10 min draft-hyun-i2nsf-registration-interface-im-02 draft-hyun-i2nsf-registration-interface-dm-01 - Presenter: Sangwon Hyun - Time: 10 min Thanks. Best Regards, Paul -- =========================== Mr. Jaehoon (Paul) Jeong, Ph.D. Assistant Professor Department of Software Sungkyunkwan University Office: +82-31-299-4957<tel:+82%2031-299-4957> Email: [email protected]<mailto:[email protected]>, [email protected]<mailto:[email protected]> Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php<http://cpslab.skku.edu/people-jaehoon-jeong.php> _______________________________________________ I2nsf mailing list [email protected]<mailto:[email protected]> https://www.ietf.org/mailman/listinfo/i2nsf -- =========================== Mr. Jaehoon (Paul) Jeong, Ph.D. Assistant Professor Department of Software Sungkyunkwan University Office: +82-31-299-4957<tel:+82%2031-299-4957> Email: [email protected]<mailto:[email protected]>, [email protected]<mailto:[email protected]> Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php<http://cpslab.skku.edu/people-jaehoon-jeong.php> -- =========================== Mr. Jaehoon (Paul) Jeong, Ph.D. Assistant Professor Department of Software Sungkyunkwan University Office: +82-31-299-4957<tel:+82%2031-299-4957> Email: [email protected]<mailto:[email protected]>, [email protected]<mailto:[email protected]> Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php<http://cpslab.skku.edu/people-jaehoon-jeong.php> _______________________________________________ I2nsf mailing list [email protected]<mailto:[email protected]> https://www.ietf.org/mailman/listinfo/i2nsf -- regards, John _______________________________________________ I2nsf mailing list [email protected]<mailto:[email protected]> https://www.ietf.org/mailman/listinfo/i2nsf -- "Esta vez no fallaremos, Doctor Infierno" Dr Diego R. Lopez Telefonica I+D http://people.tid.es/diego.lopez/ e-mail: [email protected] Tel: +34 913 129 041 Mobile: +34 682 051 091 ---------------------------------- ________________________________ Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede contener información privilegiada o confidencial y es para uso exclusivo de la persona o entidad de destino. Si no es usted. el destinatario indicado, queda notificado de que la lectura, utilización, divulgación y/o copia sin autorización puede estar prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción. The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it. Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e proceda a sua destruição
_______________________________________________ I2nsf mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2nsf
