Fair enough. Thank you. Cheers, Med
De : Eliot Lear [mailto:[email protected]] Envoyé : mercredi 24 janvier 2018 13:16 À : BOUCADAIR Mohamed IMT/OLN Cc : Mahesh Jethanandani; [email protected]; Mark Nottingham; Saswat Praharaj (saspraha) Objet : Re: [OPSAWG] I-D Action: draft-ietf-opsawg-mud-14.txt Hi Med, Please see below: On 24.01.18 12:54, [email protected]<mailto:[email protected]> wrote: My understanding from draft-ietf-netmod-acl-model-14 is that acl-type remains acl-type. acl-name became name. But you're right- rule-name became name as well. I will adjust the text accordingly. [Med] I guess you meant -15. I confirm that acl-type is to be changed too. Below an excerpt of the acl tree structure: +--rw access-lists +--rw acl* [name] | +--rw name string | +--rw type? acl-type * This sentence should be carefully updated as well: “With the exceptions of "name", "acl-type", "rule-name", and TCP and”. * I guess the examples should be checked to align with the new ACL structure. For example, - “ipv6-acl” entries should be updated to “ipv6”. You're right. I stand corrected. And I spotted the error in the example. Will correct. Which is the text I adjusted ;-) [Med] Yes. I was referring to the examples. - add “l3” entry before “ipv4” and “ipv6”. I think this is done in the normative text but you're right- it needs to be corrected in the examples. * It would useful to add a justification why it is not recommended to support 'reject' action. Ok, I'll add some text. [Med] Thank you. BTW, wouldn’t you need a rate-limit action to “protect” against exhausting Thing resources? I don't think that's appropriate at this point. For one thing, it goes well beyond what many implementations can actually do. For another, it may be asking a bit much of the manufacturers to predict this sort of behavior, and it will be easy to get wrong. I would suggest this be handled later as we get some additional operational experience. Eliot
_______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
