RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 8519, "YANG Data Model for Network Access Control Lists (ACLs)", March 2019

Source of RFC: netmod (ops)

Errata ID: 5762
Status: Rejected
Type: Technical
Publication Format(s) : TEXT

Reported By: Qin WU
Date Reported: 2019-06-24
Rejected by: Joel Jaeggli
Date Rejected: 2019-09-24

Section 4.1 says:

leaf type {
type acl-type;
description
  "Type of ACL.  Indicates the primary intended
   type of match criteria (e.g., Ethernet, 
   IPv4, IPv6, mixed, etc.) used in the list
   instance.";
}

It should say:

leaf type {
type acl-type;
default "ipv4-acl-type";
description
  "Type of ACL.  Indicates the primary intended
   type of match criteria (e.g., Ethernet, 
   IPv4, IPv6, mixed, etc.) used in the list
   instance.";
}

Notes:

I am wondering why not set default value for acl-type,e.g., set default value as "ipv4-acl-type" otherwise, how to determine which field under which choice will be matched upon and which action should be taken on them if the opetional parameter type under acl list is not set.

Also I want to better understand why acl type is removed from key indexes of access list and keep it as optional parameter under acl list. One case I am thinking in my mind is we add a mixed Ethernet, IPv4, and IPv6 ACL entry when we already have Ethernet ACL entry,IPv4 ACL entry , we don't need to remove existing ethernet entry and existing IPv4 entry in the list ("aces") and create a new entry with mixed ethernet, IPv4, IPv6 ACL, instead, we just add a new identity called mixed-eth-ipv4-ipv6-acl-type and add a new IPv6 entry.
--VERIFIER NOTES--

Mahesh Jethanandani replied:

This errata should be rejected for the following reason.

The whole idea of defining the identities for acl-type was to allow vendors to specify what capabilities their box is capable of supporting and then to specify what capabilities the vendors want to support. As such there is no “default capability" for every vendor. Besides, if a device advertises a mixed-eth-ipv4 feature, it is because it can only support Ethernet and IPv4 ACL combinations, and it cannot support IPv6 ACL matches. You do not add a capability of IPv6 match on the fly. It either has it, or it does not. If it does, advertise mixed-eth-ipv4-ipv6 capability to begin with.

The errata proposes a change to the standard and is not correcting an error in the document. additionaly it not clear why it would be appraise to set a default acl type.

The errata is declined.

Report New Errata