[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Why are we doing netconf?

To: Andy Bierman <ietf@andybierman.com>
Subject: Re: Why are we doing netconf?
From: Chris Lonvick <clonvick@cisco.com>
Date: Wed, 29 Mar 2006 05:11:01 -0800 (PST)
Cc: David Harrington <dharrington@huawei.com>, "'Netconf (E-mail)'" <netconf@ops.ietf.org>
In-reply-to: <4429B482.3010908@andybierman.com>
References: <011301c65295$03e40e00$e4087c0a@china.huawei.com> <4429B482.3010908@andybierman.com>

Hi,

I, too, have a concern about sending notification messages throughnetconf.

syslog is frequently the oldest piece of running code on many boxes.Since it works and is well understood by automated parsers, there islittle impetus to change the log messages or the underlying protocol.That's a challenge that we knew about when we started the WG.

The BoFs and email threads from before the WG was formed showed that manypeople have strong opinions about how the format of a syslog message,including the payload, should be structured. We figured that a WG wouldnever come to consensus on that problem. From that, the syslog WG wascharterd in the security area to provide security mechanisms for thesyslog protocol. We tried working with the rather undefined headerinformation but came to the conclusion that we couldn't provide a good setof documents without some work on standardizing the header fields. Thatallowed us to add structured data (Rainer has described that).

When we started doing that, we also separatied the transports from theprotocol. The netconf WG could use that format within netconf if desired.This will allow the message format to be utilized within new securetransports as they are developed (e.g., dtls) without having to makechanges to the message body.

If the netconf WG decides to provide notifications, we hope that the WGwill consider the use of The syslog Protocol within whatever transportsyou decide upon. I believe that the framework provided within The syslogProtocol will allow you to define message bodies as you see fit.

We are making progress on the current set of IDs within our new charter.We have:


For the basic protocol and transports

The syslog Protocol
http://www.ietf.org/internet-drafts/draft-ietf-syslog-protocol-16.txt

Transmission of syslog messages over UDP
http://www.ietf.org/internet-drafts/draft-ietf-syslog-transport-udp-06.txt
(this provides compatability with existing syslog/udp)

TLS Transport Mapping for SYSLOG
http://www.ietf.org/internet-drafts/draft-ietf-syslog-transport-tls-00.txt


We are still going to provide Signed syslog Messages
http://www.ietf.org/internet-drafts/draft-ietf-syslog-sign-17.txt

as a way to ensure end-to-end security of the messages. We are also goingto provide a revision to RFC 3195 that supports The syslog Protocol(standardized headers, larger payload size, etc.). The driver forrevising RFC 3195 is that it is being implemented in the medical healthindustry and they do require larger payloads.

As far as the interest level goes, the IESG felt that there was enoughsupport and interest to develop code to allow us to recharter. I agreewith that.


Thanks,
Chris





On Tue, 28 Mar 2006, Andy Bierman wrote:

David Harrington wrote:

---remainder deleted for brevity---

--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>

References:
- Why are we doing netconf?
  - From: David Harrington <dharrington@huawei.com>
- Re: Why are we doing netconf?
  - From: Andy Bierman <ietf@andybierman.com>

Prev by Date: RE: Why are we doing netconf?
Next by Date: RE: Why are we doing netconf?
Previous by thread: Re: Why are we doing netconf?
Next by thread: Re: Why are we doing netconf?
Index(es):
- Date
- Thread