Hi all, As we mentioned in draft-xia-i2nsf-sec-object-dm-00, attribute based policy rule configuration is repetitive when creating new policy rules and is hard to maintain consistency when making modification. We propose to introduce the “object” concept in I2NSF policy rule to provide re-usability and simplicity, and define commonly used policy objects. Taking address attribute as an example, address object and address group object are defined. The YANG tree structure of address object is as follows. grouping addr-objects: +--rw addr-object* [name] +--rw name address-set-name + ... +--rw elements* [elem-id] +--rw elem-id uint16 +--rw (object-items) +--: (ipv4) | ... +--: (ipv6) | ... +--: (mac) | ... +--: (ipv4-range) | ... +--: (ipv6-range) ...
For other policy objects, please review the draft: https://tools.ietf.org/html/draft-xia-i2nsf-sec-object-dm-00. We want to solicit comments from I2NSF WG. Would the WG like to adopt “policy object” in I2NSF policy rule? Is an individual draft needed? Or just incorporating it into the existing drafts? Thanks. Best Regards, Qiushi (Jessica) Lin 发件人: Linqiushi (Jessica, CSPL) 发送时间: 2018年7月2日 14:49 收件人: i2nsf@ietf.org 抄送: Xialiang (Frank, Network Integration Technology Research Dept) <frank.xiali...@huawei.com> 主题: FW: New Version Notification for draft-xia-i2nsf-sec-object-dm-00.txt Dear all, We just submitted a new draft on I2NSF policy object data model. Object based rule configuration provides reusability and is widely adopted in NSFs. This document defines several commonly used policy objects, e.g. address object, service object, etc. Besides, this data model draft is aligned with the previous information model draft. The policy objects are defined as groupings to be reused in different rules. Your comments and suggestions are warmly welcome. Best Regards, Qiushi (Jessica) Lin -----邮件原件----- 发件人: internet-dra...@ietf.org<mailto:internet-dra...@ietf.org> [mailto:internet-dra...@ietf.org] 发送时间: 2018年7月2日 14:46 收件人: Linqiushi (Jessica, CSPL) <linqiu...@huawei.com<mailto:linqiu...@huawei.com>>; Xialiang (Frank, Network Integration Technology Research Dept) <frank.xiali...@huawei.com<mailto:frank.xiali...@huawei.com>>; Linqiushi (Jessica, CSPL) <linqiu...@huawei.com<mailto:linqiu...@huawei.com>>; Xialiang (Frank, Network Integration Technology Research Dept) <frank.xiali...@huawei.com<mailto:frank.xiali...@huawei.com>> 主题: New Version Notification for draft-xia-i2nsf-sec-object-dm-00.txt A new version of I-D, draft-xia-i2nsf-sec-object-dm-00.txt has been successfully submitted by Qiushi Lin and posted to the IETF repository. Name: draft-xia-i2nsf-sec-object-dm Revision: 00 Title: I2NSF Security Policy Object YANG Data Model Document date: 2018-07-01 Group: Individual Submission Pages: 41 URL: https://www.ietf.org/internet-drafts/draft-xia-i2nsf-sec-object-dm-00.txt Status: https://datatracker.ietf.org/doc/draft-xia-i2nsf-sec-object-dm/ Htmlized: https://tools.ietf.org/html/draft-xia-i2nsf-sec-object-dm-00 Htmlized: https://datatracker.ietf.org/doc/html/draft-xia-i2nsf-sec-object-dm Abstract: This document describes a set of policy objects which are reusable and can be referenced by variable I2NSF policy rules. And the YANG data models of these policy objects are provided. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
_______________________________________________ I2nsf mailing list I2nsf@ietf.org https://www.ietf.org/mailman/listinfo/i2nsf