Re: [netmod] Can you remove the "Identity acl-base" defined in draft-ietf-netmod-acl-model-07

2016-05-10 Thread Nadeau Thomas
Yea, I agree that its probably worth giving a little more latitude when helping people with models. 8) —Tom > On May 10, 2016:12:55 PM, at 12:55 PM, Linda Dunbar > wrote: > > Juergen, > > Of course, it is not confusing to you because you are in

Re: [netmod] Can you remove the "Identity acl-base" defined in draft-ietf-netmod-acl-model-07

2016-05-10 Thread Linda Dunbar
Lisa, My difficulty was not being able to see the value of one comment based on another comment. Now I understand it is really just personal preference. Having an extra step doesn't hurt the bottom line end result. It is Ok. Linda -Original Message- From: Lisa (Yi) Huang

Re: [netmod] Can you remove the "Identity acl-base" defined in draft-ietf-netmod-acl-model-07

2016-05-10 Thread Robert Wilton
Hi Linda, I think that having the base identity makes the model safer and more extensible in future. I think that the general idea of a base identity is fairly standard and is perhaps a bit like defining an abstract base class in an OO language. So, in YANG, rather than a when statement

Re: [netmod] Can you remove the "Identity acl-base" defined in draft-ietf-netmod-acl-model-07

2016-05-10 Thread Andy Bierman
On Tue, May 10, 2016 at 9:55 AM, Linda Dunbar wrote: > Juergen, > > Of course, it is not confusing to you because you are in the box (vs. many > of us are outside the box looking in). > > RFC 6020 doesn't say all identities have to have a sub-identity. > > > This is how

Re: [netmod] Can you remove the "Identity acl-base" defined in draft-ietf-netmod-acl-model-07

2016-05-10 Thread Lisa (Yi) Huang
Linda, Could you elaborate what difficulty you are facing? The draft defines typedef acl-type { type identityref { base acl-base; } } This allows the acl-type to be ipv4-acl or ipv6-acl, or other new types that inherit from acl-type. Hope this helps. Thanks, Lisa On 5/10/16,

Re: [netmod] Is there any common module (like library module) for matching all IPv4 or IPv6 header fields?

2016-05-10 Thread Dean Bogdanovic
Linda, If you need additional fields in ACL, it is easy to extend the existing base model. The intention of the draft authors was to create base common model that can be then extended for different uses. Saying that, there is nothing out there that could be used for your purposes, but using