Hello Mahesh, On Thu, Nov 2, 2017 at 11:36 PM, Mahesh Jethanandani < [email protected]> wrote:
> > On Nov 2, 2017, at 11:34 PM, M. Ranganathan <[email protected]> wrote: > > Hi Rob, Mahesh, > > Thanks for reading. > > On Thu, Nov 2, 2017 at 11:00 AM, Robert Wilton <[email protected]> wrote: > >> Hi Ranga, >> >> Presumably another choice would to keep ACLs defined in one place (i.e. >> no grouping required), augment with ACL model with your extra MUD + other >> mgmt data, and then have a reference to that ACL from your model. >> >> Thanks, >> Rob >> > > In the case of MUD ( which is just a use case driving this need ), there > are local references from MUD to the ACL. MUD itself augments the ACL > model. > > Augmentation would make (logical and design) sense if you were adding > nodes that are in some way related to the ACL itself. > > If I wanted to Augment ACL with something that is not directly ACL > relevant then Augmentation makes less sense to me from a design perspective > (lets say I wanted to define a new YANG model that includes the ACL with > some other system-relavant meta-data that has nothing to do with ACLs but > is needed by the system in order to install an ACL). > > > Can you give an example? Would you be for example using the match > container(s) in the ACL draft, but not use the actions container? > > > I would need to be able to use all of the containers. For example, I want to define a YANG model and auto-generate code in opendaylight that will accept a JSON structure such as the following { "extension-info" : { "auxiliary-information" : "https://some.domain.com/foo";; "ietf-access-control-list:access-lists": { "acl-name": "some-acl-name", "acl-type": "ipv4-acl", ..... } } } Ideally, I don't want to modify the ACL model for this purpose. Thanks, Regards, Ranga. > >> _______________________________________________ >> netmod mailing >> [email protected]https://www.ietf.org/mailman/listinfo/netmod >> >> > Mahesh Jethanandani > [email protected] > > -- M. Ranganathan
_______________________________________________ netmod mailing list [email protected] https://www.ietf.org/mailman/listinfo/netmod
