On Thu, Nov 2, 2017 at 9:26 AM, M. Ranganathan <mra...@gmail.com> wrote:
> Hi Andy > > On Thu, Nov 2, 2017 at 11:55 AM, Andy Bierman <a...@yumaworks.com> wrote: > >> >> >> On Thu, Nov 2, 2017 at 8:34 AM, M. Ranganathan <mra...@gmail.com> wrote: >> >>> Hi Rob, Mahesh, >>> >>> Thanks for reading. >>> >>> On Thu, Nov 2, 2017 at 11:00 AM, Robert Wilton <rwil...@cisco.com> >>> wrote: >>> >>>> Hi Ranga, >>>> >>>> Presumably another choice would to keep ACLs defined in one place (i.e. >>>> no grouping required), augment with ACL model with your extra MUD + other >>>> mgmt data, and then have a reference to that ACL from your model. >>>> >>>> Thanks, >>>> Rob >>>> >>> >>> In the case of MUD ( which is just a use case driving this need ), >>> there are local references from MUD to the ACL. MUD itself augments the ACL >>> model. >>> >>> Augmentation would make (logical and design) sense if you were adding >>> nodes that are in some way related to the ACL itself. >>> >>> If I wanted to Augment ACL with something that is not directly ACL >>> relevant then Augmentation makes less sense to me from a design perspective >>> (lets say I wanted to define a new YANG model that includes the ACL with >>> some other system-relavant meta-data that has nothing to do with ACLs but >>> is needed by the system in order to install an ACL). >>> >>> Making access-lists into a grouping and then using it in a container >>> does not alter the ACL model as it currently stands but allows designers to >>> use the ACL model with either augmentation or inclusion in other YANG >>> models. Hence it improves the usability of the ACL model without altering >>> the semantics of the current model. It is just a re-structuring but it >>> helps the implementer. >>> >>> >> Loosely coupled tables should use leafref. >> The main concern of the NETMOD WG should be the usability of the primary >> solution. >> >> >> > > Not sure I understand the suggestion of using a leafref (please excuse my > ignorance -- I am not a YANG expert by any stretch). If I used leafref, > what leaf would I be referring to if I wanted to point to the access > control list from another YANG model? > Augment is not the only way to couple data models. You can have another list just define a foreign key (called a leafref in YANG since it does not have to reference a key) > > Also I note from the description of Access Control Lists the following > that would indicate that it is a primary solution that one may like to > re-use in another model. > > description > "This is a top level container for Access Control Lists. > It can have one or more Access Control Lists."; > > > > If the requested change were made, would it result in excessive churn ? > > I never understood why the WG wanted to change the ACL model to its current form with containers. Seems complicated to me. > Thanks > > Regards, > > Ranga. > > Andy > > -- > M. Ranganathan > >> >> >> _______________________________________________ >> netmod mailing >> listnetmod@ietf.orghttps://www.ietf.org/mailman/listinfo/netmod >> >> >> >>> >>> >>> -- >>> M. Ranganathan >>> >>> _______________________________________________ >>> netmod mailing list >>> netmod@ietf.org >>> https://www.ietf.org/mailman/listinfo/netmod >>> >>> >> > > > -- > M. Ranganathan >
_______________________________________________ netmod mailing list netmod@ietf.org https://www.ietf.org/mailman/listinfo/netmod