Hi all,

As we mentioned in draft-xia-i2nsf-sec-object-dm-00, attribute based policy 
rule configuration is repetitive when creating new policy rules and is hard to 
maintain consistency when making modification.
We propose to introduce the “object” concept in I2NSF policy rule to provide 
re-usability and simplicity, and define commonly used policy objects.
Taking address attribute as an example, address object and address group object 
are defined. The YANG tree structure of address object is as follows.
grouping addr-objects:
+--rw addr-object* [name]
    +--rw name      address-set-name
    +  ...
    +--rw elements*  [elem-id]
        +--rw elem-id uint16
        +--rw (object-items)
            +--: (ipv4)
            |  ...
            +--: (ipv6)
            |  ...
            +--: (mac)
            |  ...
            +--: (ipv4-range)
            |  ...
            +--: (ipv6-range)
            ...


For other policy objects, please review the draft: 
https://tools.ietf.org/html/draft-xia-i2nsf-sec-object-dm-00.



We want to solicit comments from I2NSF WG. Would the WG like to adopt “policy 
object” in I2NSF policy rule? Is an individual draft needed? Or just 
incorporating it into the existing drafts?

Thanks.


Best Regards,
Qiushi (Jessica) Lin

发件人: Linqiushi (Jessica, CSPL)
发送时间: 2018年7月2日 14:49
收件人: i2nsf@ietf.org
抄送: Xialiang (Frank, Network Integration Technology Research Dept) 
<frank.xiali...@huawei.com>
主题: FW: New Version Notification for draft-xia-i2nsf-sec-object-dm-00.txt


Dear all,



We just submitted a new draft on I2NSF policy object data model. Object based 
rule configuration provides reusability and is widely adopted in NSFs. This 
document defines several commonly used policy objects, e.g. address object, 
service object, etc.

Besides,  this data model draft is aligned with the previous information model 
draft. The policy objects are defined as groupings to be reused in different 
rules.



Your comments and suggestions are warmly welcome.



Best Regards,

Qiushi (Jessica) Lin



-----邮件原件-----
发件人: internet-dra...@ietf.org<mailto:internet-dra...@ietf.org> 
[mailto:internet-dra...@ietf.org]
发送时间: 2018年7月2日 14:46
收件人: Linqiushi (Jessica, CSPL) 
<linqiu...@huawei.com<mailto:linqiu...@huawei.com>>; Xialiang (Frank, Network 
Integration Technology Research Dept) 
<frank.xiali...@huawei.com<mailto:frank.xiali...@huawei.com>>; Linqiushi 
(Jessica, CSPL) <linqiu...@huawei.com<mailto:linqiu...@huawei.com>>; Xialiang 
(Frank, Network Integration Technology Research Dept) 
<frank.xiali...@huawei.com<mailto:frank.xiali...@huawei.com>>
主题: New Version Notification for draft-xia-i2nsf-sec-object-dm-00.txt





A new version of I-D, draft-xia-i2nsf-sec-object-dm-00.txt

has been successfully submitted by Qiushi Lin and posted to the IETF repository.



Name:             draft-xia-i2nsf-sec-object-dm

Revision:          00

Title:                I2NSF Security Policy Object YANG Data Model

Document date:          2018-07-01

Group:             Individual Submission

Pages:              41

URL:            
https://www.ietf.org/internet-drafts/draft-xia-i2nsf-sec-object-dm-00.txt

Status:         https://datatracker.ietf.org/doc/draft-xia-i2nsf-sec-object-dm/

Htmlized:       https://tools.ietf.org/html/draft-xia-i2nsf-sec-object-dm-00

Htmlized:       
https://datatracker.ietf.org/doc/html/draft-xia-i2nsf-sec-object-dm





Abstract:

   This document describes a set of policy objects which are reusable

   and can be referenced by variable I2NSF policy rules.  And the YANG

   data models of these policy objects are provided.









Please note that it may take a couple of minutes from the time of submission 
until the htmlized version and diff are available at tools.ietf.org.



The IETF Secretariat


_______________________________________________
I2nsf mailing list
I2nsf@ietf.org
https://www.ietf.org/mailman/listinfo/i2nsf

Reply via email to