Re: [netmod] [Rtg-dt-yang-arch] [yang-doctors] Working group Last Call: draft-ietf-netmod-acl-model-06

All, On 1/27/16, 9:45 AM, "netmod on behalf of Juergen Schoenwaelder" wrote: >Eliot, > >I posted a technical review of the ACL draft on December 11th to the >list since the document was send to WG last call. I believe

Re: [netmod] [Rtg-dt-yang-arch] [yang-doctors] Working group Last Call: draft-ietf-netmod-acl-model-06

Eliot, I posted a technical review of the ACL draft on December 11th to the list since the document was send to WG last call. I believe the I-D has technical issues that need to be resolved. I am not going to repeat my technical comments. Note I have been one of the _few_ who actually read the

Re: [netmod] [Rtg-dt-yang-arch] [yang-doctors] Working group Last Call: draft-ietf-netmod-acl-model-06

On 01/19/2016 08:11 AM, Dean Bogdanovic wrote: >>> >> Authors are Cisco/Juniper people, so were using that terminology and I >>> >> believe that CSCO and JNPR are more used in networking then Linux :) >>> >> >> > >> > If I were to have the time, I would even challenge you on >> > that.

Re: [netmod] [Rtg-dt-yang-arch] [yang-doctors] Working group Last Call: draft-ietf-netmod-acl-model-06

Hi, On 1/22/16 6:37 AM, Ebben Aries wrote: > Consider all of the massive content/DC server farms which may run on > every host. Between this, home routers and other Linux/BSD based > network connected devices, I'd say nftables, iptables, pf, etc.. are > nothing to discount here as 1st class

Re: [netmod] [Rtg-dt-yang-arch] [yang-doctors] Working group Last Call: draft-ietf-netmod-acl-model-06

On 01/11/2016 11:30 AM, Juergen Schoenwaelder wrote: > In the XML shown, can you not > > >>> leave out all the fields that are not set? This would remove a lot > > >>> of noise. I do not understand what having both actions deny and > > >>> permit at the same time means. Did you

Re: [netmod] [Rtg-dt-yang-arch] [yang-doctors] Working group Last Call: draft-ietf-netmod-acl-model-06

In current devices, access lists could be configured before interface available as part of provisioning configuration. Using interface-ref would loose this flexibility. Also, in the 1st draft of ³Yang Data Model for Stateless Packet Filter Configuration², the community doesn¹t like interface-ref

Re: [netmod] [Rtg-dt-yang-arch] [yang-doctors] Working group Last Call: draft-ietf-netmod-acl-model-06

> On Jan 11, 2016, at 7:30 PM, Juergen Schoenwaelder > wrote: > > On Mon, Jan 11, 2016 at 05:58:52PM +0100, Dean Bogdanovic wrote: >> >>> >>> For the sake of clarity, I personally would prefer to have a single >>> term. I think Linux packet filters call

Re: [netmod] [Rtg-dt-yang-arch] [yang-doctors] Working group Last Call: draft-ietf-netmod-acl-model-06

On Tue, Jan 19, 2016 at 07:11:52AM -0800, Dean Bogdanovic wrote: > > > If I were to have the time, I would even challenge you on > > that. Clearly, when you consider # of devices connected to the > > Internet, I am sure CISCO and JNPR will loose. But even in enterprise > > networks, there are

Re: [netmod] [Rtg-dt-yang-arch] [yang-doctors] Working group Last Call: draft-ietf-netmod-acl-model-06

Hi Juergen, Skipping down... On 1/19/16 5:48 PM, Juergen Schoenwaelder wrote: > While we can have a lengthy debate about terminology, I think more > important is to get functionality right. Agree. We are arguing over labels that aren't generally meant for humans ANYWAY. >>> I am talking

Re: [netmod] [Rtg-dt-yang-arch] [yang-doctors] Working group Last Call: draft-ietf-netmod-acl-model-06

> On Dec 21, 2015, at 4:33 PM, Juergen Schoenwaelder > wrote: > > On Sat, Dec 19, 2015 at 07:50:58AM -0500, Dean Bogdanovic wrote: >> Juergen, >> >> Please see answers inline >> >> Dean >> >>> On Dec 11, 2015, at 12:31 PM, Juergen Schoenwaelder >>>

Re: [netmod] [Rtg-dt-yang-arch] [yang-doctors] Working group Last Call: draft-ietf-netmod-acl-model-06

On Wed, Jan 06, 2016 at 06:28:41PM +0100, Dean Bogdanovic wrote: > > > On Jan 6, 2016, at 10:30 AM, Juergen Schoenwaelder > > wrote: > > > > On Mon, Jan 04, 2016 at 07:23:38PM +0100, Eliot Lear wrote: > >> Hi Juergen, > >> > >> On this point: > >> > >>

Re: [netmod] [Rtg-dt-yang-arch] [yang-doctors] Working group Last Call: draft-ietf-netmod-acl-model-06

> On Jan 6, 2016, at 10:30 AM, Juergen Schoenwaelder > wrote: > > On Mon, Jan 04, 2016 at 07:23:38PM +0100, Eliot Lear wrote: >> Hi Juergen, >> >> On this point: >> >> On 12/21/15 4:33 PM, Juergen Schoenwaelder wrote: >> >>> And >>> should the interface

Re: [netmod] [Rtg-dt-yang-arch] [yang-doctors] Working group Last Call: draft-ietf-netmod-acl-model-06

Hi Juergen, On this point: On 12/21/15 4:33 PM, Juergen Schoenwaelder wrote: > And > should the interface reference not use a more specific type than > 'string’? >> Interface references can be many things, from standard naming we are >> familiar, e.g. ge-1/0/0.1 to a numerical value like

Re: [netmod] [Rtg-dt-yang-arch] [yang-doctors] Working group Last Call: draft-ietf-netmod-acl-model-06

On Sat, Dec 19, 2015 at 07:50:58AM -0500, Dean Bogdanovic wrote: > Juergen, > > Please see answers inline > > Dean > > > On Dec 11, 2015, at 12:31 PM, Juergen Schoenwaelder > > wrote: > > > > On Wed, Dec 09, 2015 at 08:27:04AM -0800, Nadeau Thomas wrote:

Re: [netmod] [Rtg-dt-yang-arch] [yang-doctors] Working group Last Call: draft-ietf-netmod-acl-model-06

Juergen, Please see answers inline Dean > On Dec 11, 2015, at 12:31 PM, Juergen Schoenwaelder > wrote: > > On Wed, Dec 09, 2015 at 08:27:04AM -0800, Nadeau Thomas wrote: >> >> This email initiates a NETMOD WG Last call for >>