Subscriptions for Event Notification + Yang-push IETF NETCONF WG Contributors Call 26 - May

Slides:



Advertisements
Similar presentations
Access Control List (ACL)
Advertisements

Logically Centralized Control Class 2. Types of Networks ISP Networks – Entity only owns the switches – Throughput: 100GB-10TB – Heterogeneous devices:
RIP V1 W.lilakiatsakun.
Chapter 9: Access Control Lists
WXES2106 Network Technology Semester /2005 Chapter 10 Access Control Lists CCNA2: Module 11.
© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—4-1 Implement an IPv4-Based Redistribution Solution Assessing Network Routing Performance and.
Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.
1 Semester 2 Module 11 Access Control Lists (ACLs) Yuda college of business James Chen
Penetration Testing Security Analysis and Advanced Tools: Snort.
Manipulating Routing Updates Controlling Routing Update Traffic.
TCOM 515 Lecture 6.
1. 2 Device management refers to the IDS Sensor's ability to dynamically reconfigure the filters and access control lists (ACL) on a router, switch, and.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Access Control Lists Routing & Switching.
Access Control List (ACL) W.lilakiatsakun. ACL Fundamental ► Introduction to ACLs ► How ACLs work ► Creating ACLs ► The function of a wildcard mask.
1 © 2004 Cisco Systems, Inc. All rights reserved. CCNA 2 v3.1 Module 11 Access Control Lists (ACLs)
© 2014 Cisco - Cisco INTERNAL only – All Rights Reserved1 Requirements for Subscription to YANG Datastores draft-ietf-i2rs-pub-sub-requirements-01 NECONF.
Access-Lists Securing Your Router and Protecting Your Network.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
Saeed Darvish Pazoki – MCSE, CCNA Abstracted From: Cisco Press – ICND 2 – 6 IP Access Lists 1.
Access Control Lists Accessing the WAN – Chapter 5.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
TeraPaths TeraPaths: Establishing End-to-End QoS Paths through L2 and L3 WAN Connections Presented by Presented by Dimitrios Katramatos, BNL Dimitrios.
Agilent Technologies Copyright 1999 H7211A+221 v Capture Filters, Logging, and Subnets: Module Objectives Create capture filters that control whether.
Firewall Policies. Module Objectives By the end of this module participants will be able to: Identify the components used in a firewall policy Create.
1 YANG PUB-SUB Proposed project to Beryllium release of ODL Aug 6 th 2015 Alexander Clemm Ambika Prasad Tripathy Einar Nilsen-Nygaard Eric Voit Suryamani.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNP 1 v3.0 Module 1 Overview of Scalable Internetworks.
Protocol for I2RS I2RS WG IETF #89 London, UK Dean Bogdanovic v0.1.
ACCESS CONTROL LIST.
IT-Pro59 Optimize your Network for Skype for Business.
Switching Topic 2 VLANs.
Access Control Lists (ACL). Access-List Overview 4 A Filter through which all traffic must pass 4 Used to Permit or Deny Access to Network 4 Provides.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—3-1 Route Selection Using Policy Controls Filtering with Prefix-Lists.
1 The Network Menu. 2 Static Routing The Static Routing functionality within GD eSeries allows users to easily configure static routes to networks not.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—3-1 Route Selection Using Policy Controls Applying Route-Maps as BGP Filters.
Subscribing to datastore push updates draft-netmod-clemm-datastore-push-00.txt Alexander Clemm, Alberto Gonzalez Prieto, Eric Voit.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—3-1 Route Selection Using Policy Controls Using Multihomed BGP Networks.
I2rs Requirements for NETCONF IETF 93. Requirement Documents
Virtual Local Area Networks In Security By Mark Reed.
Draft-ietf-l3sm-l3vpn-service-model S. Litkowski R. Shakir L. Tomotaki K. D’Souza.
Subscribing to Events and YANG datastores IETF #96 Berlin 21-July-2016 Balazs Lengyel Alberto Gonzalez Prieto Hector Trevino Ambika Prasad Tripathy Eric.
Instructor Materials Chapter 7: EIGRP Tuning and Troubleshooting
Optimizing Routing 1. Using Multiple Routing Protocols
Cisco implementation of ACL yang model
Use Case for Distributed Data Center in SUPA
Instructor Materials Chapter 7: Access Control Lists
Examples based on draft-cheng-supa-applicability-00.txt
PCNSE7 Palo Alto Networks Certified Network Security Engineer
Evolution of the Subscription & Event Notification Drafts IETF #97 Seoul 17-Nov-2016 NETCONF Charter Item 6: “Enhance RFC 5277 with the ability to delete.
The SUPA Information Model
Subscribing to YANG datastore push updates draft-netconf-yang-push-00 IETF #94 Yokohama A. Clemm A. Gonzalez Prieto
Subscribing to YANG datastore push updates draft-ietf-netconf-yang-push-02 NETMOD WG IETF #95 Buenos Aires 4-April-2015 Alexander Clemm Alberto Gonzalez.
ACTN Information Model
Chapter 4: Access Control Lists (ACLs)
Evolution of the Subscription & Event Notification Drafts IETF #98 Chicago Eric Voit 28-Mar-2017 DRAFT Authors on at least 1 drafts Andy Bierman Alexander.
draft-ietf-pim-igmp-mld-yang-04
ACTN Information Model
Subscriptions for Event Notification + Yang-push
Access Control Lists CCNA 2 v3 – Module 11
Stream Issues Alex, Ambika, Eric, Tim
YANG-Push and related drafts 1
NMDA Q & A draft-dsdt-nmda-guidelines &
Chapter 7: EIGRP Tuning and Troubleshooting
DetNet DetNet Flow Information Model draft-farkas-detnet-flow-information-model-02 Balázs Varga, János Farkas, Rodney Cummings, Jiang Yuanlong and.
Evolution of the Subscription & Event Notification Drafts IETF #98 Chicago Eric Voit 28-Mar-2017 DRAFT Authors on at least 1 drafts Andy Bierman Alexander.
1 Multi-Protocol Label Switching (MPLS). 2 MPLS Overview A forwarding scheme designed to speed up IP packet forwarding (RFC 3031) Idea: use a fixed length.
Air Efficiency and Reliability Enhancements for Multicast
János Farkas, Balázs Varga, Rodney Cummings, Jiang Yuanlong
Device Management Profile and Requirements
Presentation transcript:

Subscriptions for Event Notification + Yang-push IETF NETCONF WG Contributors Call 26 - May

Agenda Intro of new members resulting out of NETCONF Interim (Balazs, Susan, Tim, Ebben) Results from NETMOD interim – Discussion: minimal text worthy of submitting for WG adoption. YANG Datastore Push Rqts doc through IESG Summary of open issues found during our meetings to date. – Timing and/or interest groups desiring to addressing the issues

Current Issues being Worked IssueTo work proposal Supporting multiple Receivers for a Configured Subscriptiontoday Proper behavior for on-change, detecting and indicating changes within a Dampening period today Negotiate vs. auto-adjustdiscuss What are the domains of different Stream types. QoS parameters for subscriptions. Relevance for buffering and loss of connectivity (i.e., this isn’t just about HTTP2) Layering security requirements/considerations into the YANG model for Configured Subscription. Mechanisms/RPCs for defined for Diagnostics OpState requirements and implications Deltas for OpenConfig-Telemetry.yang Replay support for different stream types (modify vs. delete) Event Dampening (overwhelming receivers) & rejecting certain subscription types How to structure for non-standardizable encodings

High level agreements/proposals waiting to be added to models Moving from separate start/stop to Anchor time for Periodic Test-only option for a subscription Periodic interval goes to seconds from timeticks Subtree-filter definition so that 6241 doesn't apply field filtering. Need the filters for Notification not for GET Balancing Augment vs. Parallel Model structures

Supporting multiple Receivers for a Configured Subscription Stream Type (Examples) Events NETCONF Config Operational Operational & Counters Custom Configured Subscription (two IP addresses) Filter Implementation Domain Dynamic Subscription (#3) Dynamic Subscription (#4) Filtered Stream D4 D3 D2 D1 Configured Receiver (#1) Configured Receiver (#2) Filtered Stream goes away when there is no attached subscription All four have one destination IP and one Subscription ID (Unique or not for Publisher or Publisher+Destination?) D D = Destination Streams have characteristics like replay support, ability to support on-change, others

Subscription to interface state Subscription Interfaces-state interface [name] oper-status E0E1 E0 E1 E0 E1 E E0 E1 E0 E1 E YANG Push Dampening period =10 On-change OC-Telemetry.yang Period =10 Suppress Redundant = Yes Interface UP Interface DOWN Time Update Stream Faster reaction Shows flaps underway Update Stream State at a certain time

Subscription to Access Control List Subscription ACL* ACL entries ACE YANG Push Dampening period = 60 On-change OC-Telemetry.yang Period = 60 Suppress Redundant = Yes Time matches action 50 access-list permit ip any any 100 access-list permit host access-list deny any any create 200 Update Stream Exposes existence of transient config Current 6020 conflict create 100 delete 50 create commit commit commit commit 200

© 2014 Cisco - All Rights Reserved8 Synchronization between SDN controller and routers/switches enables data plane counters to be used in domain wide services Data Center 1 Data Center n DDoS Thresholding & Remediation Traffic Engineering Applications Segment Routing Service Chaining Similar dynamics with other SDN services See draft-voit-netmod-peer-mount-requirements

© 2014 Cisco - All Rights Reserved9 Data Center / Cloud DC2 DC2 DC1DC1 WAN WAN Traffic Spike VM Move P P P P P P Continuous rebalancing of policers Policer values modified across Domain Bandwidth threshold recognition DC DC Synchronized Counter Delivery (YANG) Out of Profile Traffic Policed Traffic P P Policer In Profile Traffic

© 2014 Cisco - All Rights Reserved10 Network PE /8 = 2 MB/s PE1 PE2 Offered Downstream Traffic: 4 MB/s /8 = 1 MB/s Ingress interface stats Interface E /8 = 1 MB/s Ingress interface stats Interface E0 Network Element Police /8 to 7 MB/s* Police /8 to 7 MB/s* Police /8 to 8 MB/s* Ingress interface stats Interface E0 DC2 DC2 DC1DC1 WAN WAN Global Rule: Police ∑ traffic to 10 MBs Subnet: / Domain Wide Calculation Policy continually updated Traffic Spike VM Move MB/s Max Cloud Usage Statistics from the PE Minimal config

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.