Subscription to Distributed
NotificationsHuawei156 Beiqing Rd., Haidian DistrictBeijingChinazhoutianran@huawei.comHuawei101 Yu-Hua-Tai Software RoadNanjingJiangsuChinazhengguangying@huawei.comCisco SystemsUnited States of Americaevoit@cisco.comSwisscomBinzring 17Zuerich 8045Switzerlandthomas.graf@swisscom.comINSA-LyonLyonFrancepierre.francois@insa-lyon.frNETCONFThis documents describes extensions to the YANG notifications
subscription to allow metrics being published directly from processors
on line cards to target receivers, while subscription is still
maintained at the route processor in a distributed forwarding
system.The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119.The mechanism to support a subscription to a continuous and
customized stream of updates from a YANG datastore is defined in and . Requirements for
Subscription to YANG Datastores are defined in By streaming data from publishers to receivers, much better
performance and fine-grained sampling can be achieved than with polling.
In a distributed forwarding system, the packet forwarding is delegated
to multiple processors on line cards. To not to overhelm the route
processor resources, it is not uncomon that data records are published
directly from processors on line cards to target Receivers to further
increase efficency on the routing system.This documents complement the general subscription requirements
defined in section 4.2.1 of by the paragraph: A
Subscription Service MAY support the ability to export from multiple
software processes on a single routing system and expose the information
which software process produced which message to maintain data
integrity.The following terms are defined in and are
not redefined here:SubscriberPublisherReceiverSubscriptionIn addition, this document defines the following terms:Global Subscription: the Subscription requested by the subscriber. It
may be decomposed into multiple Component Subscriptions.Component Subscription: is the Subscription that defines a data
source which is managed and controlled by a single Publisher.Global Capability: is the overall subscription capability that the
group of Publishers can expose to the Subscriber.Component Capability: is the subscription capability that each
Publisher can expose to the Subscriber.Master: is the Publisher that interacts with the Subscriber to deal
with the Global Subscription. It decomposes the Global Subscription to
multiple Component Subscriptions and interacts with the Agents.Agent: is the Publisher that interacts with the Master to deal with
the Component Subscription and pushing the data to the collector.Figure 2 below shows the distributed data export framework.A collector usually includes two components,the Subscriber generates the subscription instructions to express
what and how the collector want to receive the data;the Receiver is the target for the data publication.For one subscription, there are one or more Receivers. And the
Subscriber does not necessarily share the same IP address as the
Receivers.In this framework, the Publisher pushes data to the Receiver
according to the subscription. The Publisher is either in the Master or
Agent role. The Master knows all the capabilities that his Agents are
able to provide and exposes the Global Capability to the collector. The
Subscriber maintains the Global Subscription at the Master and
disassembles the Global Subscription to multiple Component
Subscriptions, depending from which source data is needed. The Component
Subscriptions are then distributed to the corresponding Publisher Agents
on route and processors on line cards.Publisher Agents collects metrics according to the Component
Subscription, add its metadata, encapsulate and pushes data to the
Receiver where packets are reassembled and decapsulated.Master and Agents interact with each other in several ways: Agents need to register at the Master at the beginning of their
process life-cycleContracts are created between the Master and each Agent on the
Component Capability, and the format for streaming data
structure.The Master relays the component subscriptions to the Agents.The Agents announce the status of their Component Subscriptions
to the Master. The status of the overall subscription is maintained
by the Master. The Master is responsible for notifying the
subscriber in case of problems with the Component Subscriptions.The technical mechanisms or protocols used for the coordination
of operational information between Master and Agent is out-of-scope of
this document.The Collector can only subscribe to the Master. This requires the
Master to:expose the Global Capability that can be served by multiple
Publisher Agents;disassemble the Global Subscription to multiple Component
Subscriptions, and distribute them to the Publisher Agents of the
corresponding metric sources so that they not overlap;notify on changes when portions of a subscription moving between
different Publisher Agents over time.And the Agent to:Inherit the Global Subscription properties from Publisher Master
for its Component Subscription;share the same life-cycle as the Global Subscription;share the same Subscription ID as the Global Subscription.The Publisher Agent collects data and encapsulates the packets per
Component Subscription. The format and structure of the data records are
defined by the YANG schema, so that the decomposition at the Receiver
can benefit from the structured and hierarchical data records.The Receiver is able to associate the YANG data records with Subscription ID to the subscribed subscription
and with Message
Generator ID to one of the Publisher Agents software processes to
enable message integrity.For the dynamic subscription, the output of the
"establish-subscription" RPC defined in MUST
include a list of Message Generator IDs to indicate how the Global
Subscription is decomposed into several Component Subscriptions.The "subscription-started" and "subscription-modified" notification
defined in MUST also include a list of Message
Generator IDs to notify the current Publishers for the corresponding
Global Subscription.In addition to sending event records to Receivers, the Master MUST
also send subscription state change
notifications when events related to subscription management have
occurred. All the subscription state change notifications MUST be
delivered by the Master.When the subscription decomposition result changed, the
"subscription-modified" notification MUST be sent to indicate the new
list of Publishers.This document assumes that all Publisher Agents are preconfigured to
push data. The actual working Publisher Agents are selected based on the
subscription decomposition result.All Publisher Agents share the same source IP address for data
export. For connectionless data transport such as UDP based transport the same
Layer 4 source port for data export can be used. For connection based
data transport such as
HTTPS based transport, each Publisher Agent MUST be able to
acknowledge packet retrieval from Receivers, and therefore requires a
dedicated Layer 4 source port per software process.The specific configuration on transports is described in the
resposible documents.This document registers the following namespace URI in the IETF XML Registry:URI:
urn:ietf:params:xml:ns:yang:ietf-subscribed-notificationsRegistrant Contact: The IESG.XML: N/A; the requested URI is an XML namespace.This document registers the following YANG module in the YANG Module Names registry:Name: ietf-subscribed-notificationsNamespace:
urn:ietf:params:xml:ns:yang:ietf-subscribed-notificationsPrefix: msoReference: RFC XXXXThe YANG module specified in this document defines a schema for data
that is designed to be accessed via network management protocols such as
NETCONF or RESTCONF. The lowest NETCONF layer is the secure
transport layer, and the mandatory-to-implement secure transport is
Secure Shell (SSH). The lowest RESTCONF
layer is HTTPS, and the mandatory-to-implement secure transport is TLS.The NETCONF Access Control Model (NACM)
provides the means to restrict access for particular NETCONF or RESTCONF
users to a preconfigured subset of all available NETCONF or RESTCONF
protocol operations and content.The new data nodes introduced in this YANG module may be considered
sensitive or vulnerable in some network environments. It is thus
important to control read access (e.g., via get-config or notification)
to this data nodes. These are the subtrees and data nodes and their
sensitivity/vulnerability:/subscriptions/subscription/message-generator-idsThe entries in the two lists above will show where subscribed
resources might be located on the publishers. Access control MUST be set
so that only someone with proper access permissions has the ability to
access this resource.Other Security Considerations is the same as those discussed in YANG-Push.We thank Kent Watsen, Mahesh Jethanandani, Martin Bjorklund, Tim
Carey and Qin Wu for their constructive suggestions for improving this
document.UDP-based Transport for Configured SubscriptionsHuaweiHuaweiNTTSwisscomINSA-LyonThis appendix is non-normative.Figure 3 shows a typical dynamic subscription to the device with
distributed data export capability.A "establish-subscription" RPC request as per is sent to the Master with a successful response.
An example of using NETCONF:As the device is able to fully satisfy the request, the
request is given a subscription ID of 22. The response as in Figure 5
indicates that the subscription is decomposed into two component
subscriptions which will be published by two message generators: #1
and #2.Then, both Publishers send notifications with the
corresponding piece of data to the Receiver.The subscriber may invoke the "modify-subscription" RPC for a
subscription it previously established. The RPC has no difference to
the single publisher case as in [RFC8641]. Figure 6 provides an
example where a subscriber attempts to modify the period and datastore
XPath filter of a subscription using NETCONF.If the modification is successfully accepted, the
"subscription-modified" subscription state notification is sent to the
subscriber by the Master. The notification, Figure 7 for example,
indicates the modified subscription is decomposed into one component
subscription which will be published by message generator #1.