Hi,
> On Jan 8, 2018, at 7:45 AM, Martin Bjorklund <m...@tail-f.com> wrote:
>
> Hi,
>
> Robert Wilton <rwil...@cisco.com> wrote:
>> Hi Einar, Jon, Mahesh,
>>
>> My gut instinct is that making this a grouping might not be a good
>> idea:
>>
>> 1) If somebody updates the core ACL model, will then need to check
>> that anyone using it should be similarly updated (unless they use
>> import-by-revision).
>>
>> 2) Does it make sense to define ACLs in separate places. Would like
>> be more simple if ACLs were defined in a central place and then just
>> referenced by other protocols as required.
>>
>> 3) I think that groupings are probably overused and I think that they
>> can detract from the readability of the model. (I regard the
>> OpenConfig YANG models as an extreme example of this, where it is
>> necessary to compile the modules together to figure out where
>> everything fits together).
>
> I agree with all three statements. The current acl data model has a
> top-level grouping "interface-acl" which probably is not intended to
> be "exported". I think ot should be moved into the
> "attachment-points" container, in order to make it local.
Have moved “interface-acl” under the “attachment-point” container and made it
local.
Thanks.
>
> If the entire access-list container is defined as a goruping, and is
> used in multiple places, how are the multiple interface
> attachment-points handled?
>
>
> /martin
>
>
>
>>
>> Having said that, I don't think that this issue is important enough to
>> have a long discussion about ...
>>
>> Thanks,
>> Rob
>>
>>
>> On 08/01/2018 15:02, Einar Nilsen-Nygaard (einarnn) wrote:
>>> Since this is a 7-line change, I see no harm in it if no-one objects?
>>> Mahesh has the token for rolling in updates discussed just prior to
>>> the end of 2017.
>>>
>>> Here’s a possible diff:
>>>
>>> $ git diff -b
>>> diff --git a/src/yang/ietf-access-control-list.yang
>>> b/src/yang/ietf-access-control-list.yang
>>> index 4d698c9..b1a173f 100644
>>> --- a/src/yang/ietf-access-control-list.yang
>>> +++ b/src/yang/ietf-access-control-list.yang
>>> @@ -402,6 +402,10 @@ module ietf-access-control-list {
>>> /*
>>> * Configuration data nodes
>>> */
>>> + grouping access-lists-top {
>>> + description
>>> + "Grouping to allow reuse of access lists container elsewhere.";
>>> +
>>> container access-lists {
>>> description
>>> "This is a top level container for Access Control Lists.
>>> @@ -576,6 +580,9 @@ module ietf-access-control-list {
>>> }
>>> }
>>> }
>>> + }
>>> + uses access-lists-top;
>>> +
>>> augment "/if:interfaces/if:interface" {
>>> description
>>> "Augment interfaces to allow ACLs to be associated in either
>>> the
>>>
>>> Cheers,
>>>
>>> Einar
>>>
>>>
>>>> On 8 Jan 2018, at 10:53, Jon Shallow <supjps-i...@jpshallow.com
>>>> <mailto:supjps-i...@jpshallow.com>> wrote:
>>>>
>>>> Hi There,
>>>> I appreciate that this is late to the table, but is it possible to set
>>>> up “access-lists” as a “grouping” in the YANG data model so that
>>>> “access-lists” can be included by “uses” in a higher level YANG data
>>>> model?
>>>> I have raised this as issue #22
>>>> athttps://github.com/netmod-wg/acl-model/issues
>>>> Regards
>>>> Jon
>>>> _______________________________________________
>>>> netmod mailing list
>>>> netmod@ietf.org <mailto:netmod@ietf.org>
>>>> https://www.ietf.org/mailman/listinfo/netmod
>>>
>>>
>>>
>>> _______________________________________________
>>> netmod mailing list
>>> netmod@ietf.org
>>> https://www.ietf.org/mailman/listinfo/netmod
>>
Mahesh Jethanandani
mjethanand...@gmail.com
_______________________________________________
netmod mailing list
netmod@ietf.org
https://www.ietf.org/mailman/listinfo/netmod
