>>>> I cannot find any RFC text that says <running> has only nodes created >>>> by a client. >>> >>> Really? Interesting. Still, I know it’s a mantra we’ve held closely >>> for many year, right? >>> >>> No. Quite the opposite. <snip> >> >> There was a brouhaha back when I proposed the "keystore” draft have an >> “action” called “generate-private-key” that would insert the generated >> key into <running>. Claims were made by prominent members of this >> list that it’s bad form for anything but a client to edit <running>. > > The problem with an action that is supposed to modify the running > config is that it also has to be prepared to handle systems with > <candidate>, handle locks etc. And if you don't have <candidate> you > may want to add the private-key together with other data in one go; > this is not possible if it was added by an action.
If the RPC/action backend were a client, then that client would be subject to locks/etc. too and, if unable to acquire after some timeout amount of time, could return an RPC-error, right? But, again, I thought the hesitation surrounded client read backs, perhaps I misunderstood at the time... > For the purpose of adding "built-in list instances" (which seems to be > the use case for the proposed solution), I think the factory-default > datastore can be used. (this is actually better than the server > "acting as a client"). Two issues: 1) those nodes need to be immutable. (See separate thread with “immutable” in Subject line) 2) there are many hundreds of such objects in JUNOS. It would be a lot of clutter in <running>. K. _______________________________________________ netmod mailing list [email protected] https://www.ietf.org/mailman/listinfo/netmod
