draft-ietf-netconf-netconf-event-notifications-02.txt   draft-ietf-netconf-netconf-event-notifications-03.txt 
NETCONF A. Gonzalez Prieto NETCONF A. Gonzalez Prieto
Internet-Draft Cisco Systems Internet-Draft VMWare
Intended status: Standards Track A. Clemm Intended status: Standards Track A. Clemm
Expires: November 2, 2017 Huawei Expires: December 9, 2017 Huawei
E. Voit E. Voit
E. Nilsen-Nygaard E. Nilsen-Nygaard
A. Tripathy A. Tripathy
Cisco Systems Cisco Systems
S. Chisholm June 7, 2017
Ciena
H. Trevino
Cisco Systems
May 1, 2017
NETCONF Support for Event Notifications NETCONF Support for Event Notifications
draft-ietf-netconf-netconf-event-notifications-02 draft-ietf-netconf-netconf-event-notifications-03
Abstract Abstract
This document defines the support of [event-notifications] by the This document defines how to transport network subscriptions and
Network Configuration protocol (NETCONF). [event-notifications] event messages on top of the Network Configuration protocol
describes capabilities and operations for providing asynchronous (NETCONF). This includes the full set of RPCs, subscription state
message notification delivery. This document discusses how to changes, and message payloads needing asynchronous delivery. The
provide them on top of NETCONF. The capabilities and operations capabilities and operations defined in this document used in
defined between this document and [event-notifications] are intended conjunction with [subscribe] are intended to obsolete [RFC5277]. In
to obsolete RFC 5277. addition, the capabilities within those two documents along with
[yang-push] are intended to enable an extract of a YANG datastore on
a remote device.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on November 2, 2017. This Internet-Draft will expire on December 9, 2017.
Copyright Notice Copyright Notice
Copyright (c) 2017 IETF Trust and the persons identified as the Copyright (c) 2017 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.2. Solution Overview . . . . . . . . . . . . . . . . . . . . 5 3. Solution . . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Solution . . . . . . . . . . . . . . . . . . . . . . . . . . 5 3.1. Event Stream Discovery . . . . . . . . . . . . . . . . . 3
2.1. Event Streams . . . . . . . . . . . . . . . . . . . . . . 6 3.2. Mandatory NETCONF support for Streams and Datastores . . 4
2.2. Event Stream Discovery . . . . . . . . . . . . . . . . . 6 3.3. Dynamic Subscriptions . . . . . . . . . . . . . . . . . . 4
2.3. Default Event Stream . . . . . . . . . . . . . . . . . . 9 3.4. Configured Subscriptions . . . . . . . . . . . . . . . . 11
2.4. Creating a Subscription . . . . . . . . . . . . . . . . . 9 4. Security Considerations . . . . . . . . . . . . . . . . . . . 24
2.5. Establishing a Subscription . . . . . . . . . . . . . . . 11 5. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 25
2.6. Modifying a Subscription . . . . . . . . . . . . . . . . 16 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 25
2.7. Deleting a Subscription . . . . . . . . . . . . . . . . . 21 6.1. Normative References . . . . . . . . . . . . . . . . . . 25
2.8. Configured Subscriptions . . . . . . . . . . . . . . . . 24 6.2. Informative References . . . . . . . . . . . . . . . . . 26
2.9. Event (Data Plane) Notifications . . . . . . . . . . . . 33 Appendix A. Changes between revisions . . . . . . . . . . . . . 26
2.10. Control Plane Notifications . . . . . . . . . . . . . . . 35 A.1. v01 to v03 . . . . . . . . . . . . . . . . . . . . . . . 26
3. Backwards Compatibility . . . . . . . . . . . . . . . . . . . 44 A.2. v00 to v01 . . . . . . . . . . . . . . . . . . . . . . . 26
3.1. Capabilities . . . . . . . . . . . . . . . . . . . . . . 44 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 27
3.2. Stream Discovery . . . . . . . . . . . . . . . . . . . . 45
4. Security Considerations . . . . . . . . . . . . . . . . . . . 45
5. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 46
6. References . . . . . . . . . . . . . . . . . . . . . . . . . 46
6.1. Normative References . . . . . . . . . . . . . . . . . . 46
6.2. Informative References . . . . . . . . . . . . . . . . . 47
Appendix A. Issues that are currently being worked . . . . . . . 47
Appendix B. Changes between revisions . . . . . . . . . . . . . 47
B.1. v00 to v01 . . . . . . . . . . . . . . . . . . . . . . . 47
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 47
1. Introduction 1. Introduction
[RFC6241] can be conceptually partitioned into four layers:
Layer Example
+-------------+ +-----------------+ +----------------+
(4) | Content | | Configuration | | Notification |
| | | data | | data |
+-------------+ +-----------------+ +----------------+
| | |
+-------------+ +-----------------+ |
(3) | Operations | | <edit-config> | |
| | | | |
+-------------+ +-----------------+ |
| | |
+-------------+ +-----------------+ +----------------+
(2) | Messages | | <rpc>, | | <notification> |
| | | <rpc-reply> | | |
+-------------+ +-----------------+ +----------------+
| | |
+-------------+ +-----------------------------------------+
(1) | Secure | | SSH, TLS, SOAP/HTTP/TLS, ... |
| Transport | | |
+-------------+ +-----------------------------------------+
Figure 1: NETCONF layer architecture
This document defines mechanisms that provide an asynchronous message This document defines mechanisms that provide an asynchronous message
notification delivery service for the NETCONF protocol [RFC6241] notification delivery service for the NETCONF protocol [RFC6241]
based on [event-notifications]. This is an optional capability built based on [subscribe]. This is an optional capability built on top of
on top of the base NETCONF definition. the base NETCONF definition.
[event-notifications] and this document enhance the capabilities of
RFC 5277 while maintaining backwards capability with existing
implementations. It is intended that a final version of this
document might obsolete [RFC5277]. The enhancements include the
ability to terminate subscriptions without terminating the client
session, to modify existing subscriptions, and to have multiple
subscriptions on a NETCONF session. [RFC5277] clients that do not
require these enhancements are not affected by them.
[event-notifications] covers the following functionality:
o Ability to subscribe to event notifications using two mechanisms:
dynamic and configuration subscriptions.
o Ability to subscribe to event notifications using two mechanisms:
dynamic and configuration subscriptions.
o Ability to negotiate acceptable subscription parameters.
o Ability to filter the subset of notifications to be pushed with
stream-specific semantics.
o Ability to support multiple encodings for the notification.
o Mechanism to communicate the notifications.
o Ability to replay locally logged notifications.
To support this functionality, NETCONF agents must implement the
operations, configuration and operational state defined in
[event-notifications]. In addition, they need to:
o support multiple subscriptions over a single NETCONF session.
o support a revised definition of the default NETCONF stream [subscribe] plus this transport specification document provides a
superset of the capabilities previously defined in [RFC5277]. Newly
introduced capabilities include the ability to have multiple
subscriptions on a single NETCONF session, the ability to terminate
subscriptions without terminating the client session, and the ability
to modify existing subscriptions.
o be backwards compatible with RFC 5277 implementations. In addition, [yang-push] plus the capabilities of this document
provide a mechanism for a NETCONF client to maintain a subset/extract
of an actively changing YANG datastore.
1.1. Terminology 2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119]. document are to be interpreted as described in RFC 2119 [RFC2119].
1.1.1. NETCONF The following terms are defined in [RFC6241]: client, server,
operation, RPC.
The following terms are defined in [RFC6241] :
o Client
o Server
o Operation
o RPC: remote procedure call
1.1.2. Event Notifications
The following terms are defined in [event-notifications]:
o Event
o Event notification
o Stream (also referred to as "event stream")
o Subscriber
o Publisher
o Receiver
o Subscription
o Filter
o Dynamic subscription
o Configured subscription
Note that a publisher in [event-notifications] corresponds to a
server in [RFC6241]. Similarly, a subscribers corresponds to a
client. A receiver is also a client. In the remainder of this
document, we will use the terminology in [RFC6241].
1.1.3. NETCONF Access Control
The following terms are defined in [RFC6536] :
o NACM: NETCONF Access Control Model
1.2. Solution Overview
[event-notifications] defines mechanisms that provide an asynchronous
message notification delivery service. This document discusses its
realization on top of the NETCONF protocol [RFC6241].
The functionality to support is defined in [event-notifications]. It
is formalized in a set of yang models. The mapping of yang
constructs into NETCONF is described in [RFC6020].
Supporting [event-notifications] requires enhancements and
modifications in NETCONF. The key enhacement is suporting multiple
subscriptions on a NETCONF session. A key modification is the
definition of the NETCONF stream.
These enhancements do not affect [RFC5277] clients that do not
support [event-notifications].
2. Solution
In this section, we describe and exemplify how [event-notifications] The following terms are defined in [subscribe]: event, event
must be supported over NETCONF. notification, stream, publisher, receiver, subscriber, subscription,
configured subscription.
2.1. Event Streams Note that a publisher in [subscribe] corresponds to a server in
[RFC6241]. Similarly, a subscriber corresponds to a client. A
receiver is also a client. In the remainder of this document, we
will use the terminology in [RFC6241] to simplify [subscribe]'s
mental mappings to embedded NETCONF terminology.
In the context of NETCONF, an event stream is a set of events 3. Solution
available for subscription from a NETCONF server. It is out of the
scope of this document to identify a) how streams are defined, b) how
events are defined/generated, and c) how events are assigned to
streams.
The following is a high-level description of the flow of a In this section, we describe and exemplify how [subscribe] is to be
notification. Note that it does not mandate and/or preclude an supported over NETCONF.
implementation. As events are raised, they are assigned to streams.
An event may be assigned to multiple streams. The event is
distributed to subscribers and receivers based on the current
subscriptions and access control. Access control is needed because
if any receiver of that subscription does not have permission to
receive an event, then it never makes it into a notification, and
processing of the event is completed for that subscription.
2.2. Event Stream Discovery 3.1. Event Stream Discovery
A NETCONF client can retrieve the list of available event streams In the context of [subscribe] an event stream exposes a continuous
from a NETCONF server using the <get> operation. The reply contains set of events available for subscription. A NETCONF client can
the elements defined in the YANG model under the container retrieve the list of available event streams from a NETCONF server
"/streams", which includes the stream identifier. using the "get" operation. The reply contains the elements defined
in the YANG model under the container "/streams", which includes the
stream identities supported on the NETCONF server.
The following example ilustrates the retrieval of the list of The following example illustrates the retrieval of the list of
available event streams using the <get> operation. available event streams using the <get> operation.
<rpc message-id="101" <rpc message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<get> <get>
<filter type="subtree"> <filter type="subtree">
<streams <streams
xmlns="urn:ietf:params:xml:ns:yang:ietf-event-notifications"/> xmlns="urn:ietf:params:xml:ns:yang:ietf-event-notifications"/>
</filter> </filter>
</get> </get>
</rpc> </rpc>
Figure 2: Get streams Figure 1: Get streams
The NETCONF server returns a list of event streams available for The NETCONF server returns a list of event streams available. In
subscription. In this example, the list contains the NETCONF, SNMP, this example, the list contains the NETCONF, SNMP, and SYSLOG
and syslog-critical streams. streams.
<rpc-reply message-id="101" <rpc-reply message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<data> <data>
<streams <streams
xmlns="urn:ietf:params:xml:ns:yang:ietf-event-notifications"> xmlns="urn:ietf:params:xml:ns:yang:ietf-event-notifications">
<stream>NETCONF</stream> <stream>NETCONF</stream>
<stream>SNMP</stream> <stream>SNMP</stream>
<stream>syslog-critical</stream> <stream>SYSLOG</stream>
<stream>NETCONF</stream> </streams>
</streams> </data>
</data> </rpc-reply>
</rpc-reply>
Figure 3: Get streams response
2.2.1. Backwards Compatibility
In order to maintain backwards compatibility, clients that only
support [RFC5277] can retrieve the list of available event streams
executing a <get> operation against the container "/netconf/streams".
The following example ilustrates this mechanism.
<rpc message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<get>
<filter type="subtree">
<netconf
xmlns="urn:ietf:params:xml:ns:netmod:notification">
<streams/>
</netconf>
</filter>
</get>
</rpc>
Figure 4: Get streams (backwards compatibility)
The NETCONF server returns a list of event streams available for
subscription. In this example, the list contains the NETCONF, SNMP,
and syslog-critical streams.
<rpc-reply message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<data>
<netconf
xmlns="urn:ietf:params:xml:ns:netmod:notification">
<streams>
<stream>
<name>
NETCONF
</name>
<description>
default NETCONF event stream
</description>
<replaySupport>
true
</replaySupport>
<replayLogCreationTime>
2016-02-05T00:00:00Z
</replayLogCreationTime>
</stream>
<stream>
<name>
SNMP
</name>
<description>
SNMP notifications
</description>
<replaySupport>
false
</replaySupport>
</stream>
<stream>
<name>
syslog-critical
</name>
<description>
Critical and higher severity
</description>
<replaySupport>
true
</replaySupport>
<replayLogCreationTime>
2007-07-01T00:00:00Z
</replayLogCreationTime>
</stream>
</streams>
</netconf>
</data>
</rpc-reply>
Figure 5: Get streams response (backwards compatibility)
2.3. Default Event Stream
A NETCONF server implementation supporting the notification
capability MUST support the "NETCONF" notification event stream.
This stream contains all NETCONF XML event notifications supported by
the NETCONF server, except for those belonging only to streams that
explicitly indicate that they must be excluded from the NETCONF
stream. The exact string "NETCONF" is used during the advertisement
of stream support during the <get> operation on <streams> and during
the <create-subscription> and <establish-subscription> operations.
2.4. Creating a Subscription
This operation was fully defined in [RFC5277].
2.4.1. Usage Example
The following demonstrates dynamically creating a subscription.
<netconf:rpc message-id="101"
xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0">
<create-subscription
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0">
</create-subscription>
</netconf:rpc>
Figure 6: Create subscription
2.4.2. Positive Response
If the NETCONF server can satisfy the request, the server sends an
<ok> element.
<netconf:rpc netconf:message-id="102"
xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0">
<create-subscription
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0">
<filter netconf:type="xpath"
xmlns:ex="http://example.com/event/1.0"
select="/ex:event[ex:eventClass='fault' and
(ex:severity='minor' or ex:severity='major'
or ex:severity='critical')]"/>
</create-subscription>
</netconf:rpc>
<rpc-reply message-id="102"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ok/>
</rpc-reply>
Figure 7: Successful create subscription
2.4.3. Negative Response
If the request cannot be completed for any reason, an <rpc-error>
element is included within the <rpc-reply>. Subscription requests
can fail for several reasons including if a filter with invalid
syntax is provided or if the name of a non-existent stream is
provided.
If a stopTime is specified in a request without having specified a
startTime, the following error is returned:
Tag: missing-element
Error-type: protocol
Severity: error
Error-info: <bad-element>: startTime
Description: An expected element is missing.
Figure 8: Create subscription missing an element
If the optional replay feature is requested but the NETCONF server
does not support it, the following error is returned:
Tag: operation-failed
Error-type: protocol
Severity: error
Error-info: none
Description: Request could not be completed because the
requested operation failed for some reason
not covered by any other error condition.
Figure 9: Create subscription operation failed
If a stopTime is requested that is earlier than the specified Figure 2: Get streams response
startTime, the following error is returned:
Tag: bad-element For [yang-push], a similar get is needed to retrieve available
Error-type: protocol datastore names.
Severity: error
Error-info: <bad-element>: stopTime
Description: An element value is not correct;
e.g., wrong type, out of range, pattern mismatch.
Figure 10: Create subscription incorrect stopTime 3.2. Mandatory NETCONF support for Streams and Datastores
If a startTime is requested that is later than the current time, the A NETCONF server implementation supporting [subscribe] must support
following error is returned: the "NETCONF" notification event stream.
Tag: bad-element A NETCONF server implementation supporting [yang-push] must support
Error-type: protocol the "running" datastore.
Severity: error
Error-info: <bad-element>: startTime
Description: An element value is not correct;
e.g., wrong type, out of range, pattern mismatch.
Figure 11: Create subscription incorrect startTime 3.3. Dynamic Subscriptions
2.5. Establishing a Subscription 3.3.1. Establishing Dynamic Subscriptions
This operation is defined in [event-notifications]. The dynamic subscription RFC and interactions operation is defined in
[subscribe].
2.5.1. Usage Example 3.3.1.1. Usage Example
The following illustrates the establishment of a simple subscription. An example of interactions over NETCONF transport for one sample
subscription is below:
<netconf:rpc message-id="101" <netconf:rpc netconf:message-id="102"
xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0"> xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0">
<establish-subscription <establish-subscription
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.1"> xmlns="urn:ietf:params:xml:ns:netconf:notification:2.0">
</establish-subscription> <stream>NETCONF</stream>
</netconf:rpc> <filter-type>xpath</filter-type>
<filter> xmlns:ex="http://example.com/event/1.0"
select="/ex:event[ex:eventClass='fault' and
(ex:severity='minor' or ex:severity='major'
or ex:severity='critical')]"
</filter>
</establish-subscription>
</netconf:rpc>
Figure 12: Establish subscription Figure 3: establish-subscription over NETCONF
2.5.2. Positive Response 3.3.1.2. Positive Response
If the NETCONF server can satisfy the request, the server sends a If the NETCONF server can satisfy the request, the server sends a
positive <subscription-result> element, and the subscription-id of positive <subscription-result> element, and the subscription-id of
the accepted subscription. the accepted subscription.
<netconf:rpc netconf:message-id="102" <rpc-reply message-id="102"
xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0"> xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<establish-subscription <subscription-result
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.1"> xmlns="urn:ietf:params:xml:ns:netconf:notification:2.0">
<filter netconf:type="xpath" ok
xmlns:ex="http://example.com/event/1.0" </subscription-result>
select="/ex:event[ex:eventClass='fault' and <identifier
(ex:severity='minor' or ex:severity='major' xmlns="urn:ietf:params:xml:ns:netconf:notification:2.0">
or ex:severity='critical')]"/> 52
</establish-subscription> </identifier>
</netconf:rpc> </rpc-reply>
<rpc-reply message-id="102"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<subscription-result
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.1">
ok
</subscription-result>
<subscription-id
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.1">
52
</subscription-id>
</rpc-reply>
Figure 13: Successful establish-subscription
2.5.3. Negative Response
If the NETCONF server cannot satisfy the request, the server sends a
negative <subscription-result> element.
If the client has no authorization to establish the subscription, the
<subscription-result> indicates an authorization error. For
instance:
<netconf:rpc netconf:message-id="103"
xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0">
<establish-subscription
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.1">
<stream>foo</stream>
</establish-subscription>
</netconf:rpc>
<rpc-reply message-id="103"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<subscription-result
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.1">
error-data-not-authorized
</subscription-result>
</rpc-reply>
Figure 14: Unsuccessful establish subscription Figure 4: Successful establish-subscription
If the request is rejected because the server is not able to serve 3.3.1.3. Negative Response
it, the server SHOULD include in the returned error what subscription
parameters would have been accepted for the request when it was
processed. However, they are no guarantee that subsequent requests
with those parameters for this client or others will be accepted.
For instance, consider a subscription from [yang-push], which
augments the establish-subscription with some additional parameters,
including "period". If the client requests a period the NETCONF
server cannot serve, the exchange may be:
<netconf:rpc message-id="101" If the NETCONF server cannot satisfy the request, or client has no
xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0"> authorization to establish the subscription, the server will send a
<establish-subscription negative <subscription-result> element. For instance:
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.1">
<stream>push-update</stream>
<filter netconf:type="xpath"
xmlns:ex="http://example.com/sample-data/1.0"
select="/ex:foo"/>
<period xmlns="urn:ietf:params:xml:ns:yang:ietf-yang-push:1.0">
500
</period>
<encoding>encode-xml</encoding>
</establish-subscription>
</netconf:rpc>
<rpc-reply message-id="101" <rpc-reply message-id="103"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<subscription-result <subscription-result
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.1"> xmlns="urn:ietf:params:xml:ns:netconf:notification:2.0">
error-insufficient-resources stream-unavailable
</subscription-result> </subscription-result>
<period </rpc-reply>
xmlns="urn:ietf:params:xml:ns:yang:ietf-yang-push:1.0">
2000
</period>
</rpc-reply>
Figure 15: Subscription establishment negotiation Figure 5: Unsuccessful establish subscription
Subscription requests will fail if a filter with invalid syntax is If the client requests parameters the NETCONF server cannot serve,
provided or if the name of a non-existent stream is provided. the negative <subscription-result> may include additional
information. For instance, consider the following subscription from
[yang-push], which augments the establish-subscription with some
additional parameters, including "period". If the client requests a
which period the NETCONF server cannot serve, the back-and-forth
exchange may be:
2.5.4. Multiple Subscriptions over a Single NETCONF Session <netconf:rpc message-id="101"
xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0">
<establish-subscription
xmlns="urn:ietf:params:xml:ns:netconf:notification:2.0">
<stream>push-update</stream>
<filter-type>subtree</filter-type>
<filter>xmlns:ex="http://example.com/sample-data/1.0"
select="/ex:foo"</filter>
<period xmlns="urn:ietf:params:xml:ns:yang:ietf-yang-push:1.0">
500
</period>
<encoding>encode-xml</encoding>
</establish-subscription>
</netconf:rpc>
Note that [event-notifications] requires supporting multiple <rpc-reply message-id="101"
subscription establishments over a single NETCONF session. In xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
contrast, [RFC5277] mandated servers to return an error when a <subscription-result
create-subscription was sent while a subscription was active on that xmlns="urn:ietf:params:xml:ns:netconf:notification:2.0">
session. Note that servers are not required to support multiple error-insufficient-resources
create-subscription over a single session, but they MUST support </subscription-result>
multiple establish-subscription over one session. <period
xmlns="urn:ietf:params:xml:ns:yang:ietf-yang-push:1.0">
2000
</period>
</rpc-reply>
2.5.5. Message Flow Examples Figure 6: Subscription establishment negotiation
+------------+ +-----------+
| Client | | Server |
+------------+ +-----------+
| |
| Capability Exchange |
|<---------------------------->|
| |
| |
| Establish Subscription |
|----------------------------->|
| RPC Reply: OK, subs-id = 22 |
|<-----------------------------|
| |
| Notification (subs-id 22) |
|<-----------------------------|
| |
| |
| Notification (subs-id 22) |
|<-----------------------------|
| Notification (subs-id 22) |
|<-----------------------------|
| |
| |
Figure 16: Message flow for subscription establishment 3.3.1.4. Message Flow Examples
+------------+ +-----------+ +------------+ +-----------+
| Client | | Server | | Client | | Server |
+------------+ +-----------+ +------------+ +-----------+
| | | |
| Capability Exchange | | Capability Exchange |
|<---------------------------->| |<---------------------------->|
| | | |
| | | |
| Establish Subscription | | Establish Subscription |
|----------------------------->| |----------------------------->|
| RPC Reply: OK, subs-id = 22 | | RPC Reply: OK, id = 22 |
|<-----------------------------| |<-----------------------------|
| | | |
| Notification (subs-id 22) | | Notification (id 22) |
|<-----------------------------| |<-----------------------------|
| | | |
| | | |
| Establish Subscription | | Establish Subscription |
|----------------------------->| |----------------------------->|
| RPC Reply: OK, subs-id = 23 | | RPC Reply: OK, id = 23 |
|<-----------------------------|
| |
| Notification (subs-id 22) |
|<-----------------------------| |<-----------------------------|
| | | |
| | | |
| Notification (subs-id 22) | | Notification (id 22) |
|<-----------------------------| |<-----------------------------|
| Notification (subs-id 23) | | Notification (id 23) |
|<-----------------------------| |<-----------------------------|
| | | |
| | | |
Figure 17: Message Flow for multiple subscription establishments over Figure 7: Multiple subscription establishments over a NETCONF session
a single session
2.6. Modifying a Subscription 3.3.2. Modifying a Subscription
This operation is defined in [event-notifications]. This operation is defined in [subscribe] and enhanced in [yang-push].
2.6.1. Usage Example 3.3.2.1. Usage Example
The following demonstrates modifying a subscription. Consider a The following demonstrates modifying a subscription. Consider a
subscription from [yang-push], which augments the establish- subscription from [yang-push], which augments the establish-
subscription with some additional parameters, including "period". A subscription with some additional parameters, including "period". A
subscription may be established as follows. subscription may be established as follows.
<netconf:rpc message-id="101" <netconf:rpc message-id="101"
xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0"> xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0">
<establish-subscription <establish-subscription
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.1"> xmlns="urn:ietf:params:xml:ns:netconf:notification:2.0">
<stream>push-update</stream> /* Question, shouldn't this be yang-push 1.0 as that
<filter netconf:type="xpath" is where the referenced augmentations are? */
xmlns:ex="http://example.com/sample-data/1.0" <datastore>running</datastore>
select="/ex:foo"/> <filter-type>subtree</filter-type>
<period xmlns="urn:ietf:params:xml:ns:yang:ietf-yang-push:1.0"> <filter>xmlns:ex="http://example.com/sample-data/1.0"
500 select="/ex:foo"</filter>
</period> <period xmlns="urn:ietf:params:xml:ns:yang:ietf-yang-push:1.0">
<encoding>encode-xml</encoding> 1000
</establish-subscription> </period>
</netconf:rpc> </establish-subscription>
</netconf:rpc>
<rpc-reply message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<subscription-result
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.1">
ok
</subscription-result>
<subscription-id
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.1">
1922
</subscription-id>
</rpc-reply>
Figure 18: Establish subscription to be modified <rpc-reply message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<subscription-result
xmlns="urn:ietf:params:xml:ns:netconf:notification:2.0">
ok
</subscription-result>
<identifier
xmlns="urn:ietf:params:xml:ns:netconf:notification:2.0">
1922
</identifier>
</rpc-reply>
The subscription may be modified with: Figure 8: Establish subscription to be modified
<netconf:rpc message-id="102" The subscription may be modified with and RPC request such as:
xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0">
<modify-subscription
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.1">
<subscription-id>1922</subscription-id>
<period>1000</period>
</modify-subscription >
</netconf:rpc>
<rpc-reply message-id="102" <netconf:rpc message-id="102"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0">
<subscription-result <modify-subscription
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.1"> xmlns="urn:ietf:params:xml:ns:netconf:notification:2.0">
ok <identifier>1922</identifier>
</subscription-result> <period>100</period>
<subscription-id </modify-subscription>
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.1"> </netconf:rpc>
1922
</subscription-id>
</rpc-reply>
Figure 19: Modify subscription Figure 9: Modify subscription
2.6.2. Positive Response 3.3.2.2. Positive Response
If the NETCONF server can satisfy the request, the server sends a If the NETCONF server can satisfy the request, the server sends a
positive <subscription-result> element. This response is like that positive <subscription-result> element. This response is like that
to an establish-subscription request, but without the subscription-id to an establish-subscription request, but without the subscription
(which would be redundant). identifier.
<netconf:rpc message-id="102"
xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0">
<modify-subscription
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.1">
<subscription-id>1922</subscription-id>
<period
xmlns="urn:ietf:params:xml:ns:yang:ietf-yang-push:1.0">
1000
</period>
</modify-subscription >
</netconf:rpc>
<rpc-reply message-id="102" <rpc-reply message-id="102"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<subscription-result <subscription-result
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.1"> xmlns="urn:ietf:params:xml:ns:netconf:notification:2.0">
ok ok
</subscription-result> </subscription-result>
</rpc-reply> </rpc-reply>
Figure 20: Successful modify subscription Figure 10: Successful modify subscription
2.6.3. Negative Response 3.3.2.3. Negative Response
If the NETCONF server cannot satisfy the request, the server sends a If the NETCONF server cannot satisfy the request, the server sends a
negative <subscription-result> element. Its contents and semantics negative <subscription-result> element. Its contents and semantics
are identical to those in an establish-subscription request. For are identical to those in an establish-subscription request. For
instance: instance:
<netconf:rpc message-id="102" <rpc-reply message-id="102"
xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0"> xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<modify-subscription <subscription-result
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.1"> xmlns="urn:ietf:params:xml:ns:netconf:notification:2.0">
<subscription-id>1922</subscription-id> *** why is the namespace not yang-push?
<period xmlns="urn:ietf:params:xml:ns:yang:ietf-yang-push:1.0"> period-unsupported
100 </subscription-result>
</period> <period-hint>500</period-hint>
</modify-subscription> </rpc-reply>
</netconf:rpc>
<rpc-reply message-id="102"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<subscription-result
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.1">
error-insufficient-resources
</subscription-result>
<period>500</period>
</rpc-reply>
Figure 21: Unsuccessful modify subscription Figure 11: Unsuccessful modify subscription
2.6.4. Message Flow Example 3.3.2.4. Message Flow Example
+------------+ +-----------+ +------------+ +-----------+
| Client | | Server | | Client | | Server |
+------------+ +-----------+ +------------+ +-----------+
| | | |
| Capability Exchange | | Capability Exchange |
|<---------------------------->| |<---------------------------->|
| | | |
| |
| Establish Subscription | | Establish Subscription |
|----------------------------->| |<---------------------------->|
| RPC Reply: OK, subs-id = 22 |
|<-----------------------------|
| | | |
| Notification (subs-id 22) | | Notification (id 22) |
|<-----------------------------| |<-----------------------------|
| | | |
| |
| |
| |
| Modify Subscription | | Modify Subscription |
|----------------------------->| |----------------------------->|
| | | RPC Reply: OK |
| |
| Notification (subs-id 22) |
|<-----------------------------|
| Notification (subs-id 22) |
|<-----------------------------| |<-----------------------------|
| | | |
| Notification (id 22) |
|<-----------------------------|
| | | |
Figure 22: Message flow for subscription modification Figure 12: Message flow for successful subscription modification
2.7. Deleting a Subscription 3.3.3. Deleting a Subscription
This operation is defined in [event-notifications]. This operation is defined in [subscribe] for events, and enhanced in
[yang-push] for datastores.
2.7.1. Usage Example 3.3.3.1. Usage Example
The following demonstrates deleting a subscription. The following demonstrates deleting a subscription.
<netconf:rpc message-id="101" <netconf:rpc message-id="101"
xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0"> xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0">
<delete-subscription <delete-subscription
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.1"> xmlns="urn:ietf:params:xml:ns:netconf:notification:2.0">
<subscription-id>1922</subscription-id> <identifier>1922</identifier>
</delete-subscription> </delete-subscription>
</netconf:rpc> </netconf:rpc>
Figure 23: Delete subscription Figure 13: Delete subscription
2.7.2. Positive Response 3.3.3.2. Positive Response
If the NETCONF server can satisfy the request, the server sends an OK If the NETCONF server can satisfy the request, the server sends an OK
element. For example: element. For example:
<netconf:rpc message-id="103" <rpc-reply message-id="103"
xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0"> xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<delete-subscription <ok/>
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.1"> </rpc-reply>
<subscription-id>1922</subscription-id>
</delete-subscription>
</netconf:rpc>
<rpc-reply message-id="103"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ok/>
</rpc-reply>
Figure 24: Successful delete subscription Figure 14: Successful delete subscription
2.7.3. Negative Response 3.3.3.3. Negative Response
If the NETCONF server cannot satisfy the request, the server sends an If the NETCONF server cannot satisfy the request, the server sends an
error-rpc element. For example: error-rpc element indicating the modification didn't work. For
example:
<netconf:rpc message-id="103"
xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0">
<delete-subscription
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.1">
<subscription-id>2017</subscription-id>
</delete-subscription>
</netconf:rpc>
<rpc-reply message-id="101" <rpc-reply message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<rpc-error> <rpc-error>
<error-type>application</error-type> <error-type>application</error-type>
<error-tag>invalid-value</error-tag> <error-tag>invalid-value</error-tag>
<error-severity>error</error-severity> <error-severity>error</error-severity>
<error-path <error-path
xmlns:t="urn:ietf:params:xml:ns:netconf:notification:1.1"> xmlns:t="urn:ietf:params:xml:ns:netconf:notification:2.0">
/t:subscription-id /t:identifier
</error-path> </error-path>
<error-message xml:lang="en"> <error-message xml:lang="en">
Subscription-id 2017 does not exist no-such-subscription
</error-message> </error-message>
</rpc-error> </rpc-error>
</rpc-reply> </rpc-reply>
Figure 25: Unsuccessful delete subscription Figure 15: Unsuccessful delete subscription
2.7.4. Message Flow Example
+------------+ +-----------+
| Client | | Server |
+------------+ +-----------+
| |
| Capability Exchange |
|<---------------------------->|
| |
| |
| Establish Subscription |
|----------------------------->|
| RPC Reply: OK, subs-id = 22 |
|<-----------------------------|
| |
| Notification (subs-id 22) |
|<-----------------------------|
| |
| |
| Notification (subs-id 22) |
|<-----------------------------|
| Notification (subs-id 22) |
|<-----------------------------|
| |
| |
| Delete Subscription |
|----------------------------->|
| |
| |
| |
| |
Figure 26: Message flow for subscription deletion
2.8. Configured Subscriptions
A configured subscription is a subscription installed via a
configuration interface. Configured subscriptions do not support
negotiation.
Supporting configured subscriptions is optional and advertised during
the capabilities exchange using the "configured-subscriptions"
feature.
Configured susbscriptions are supported by NETCONF servers using
NETCONF Call Home [call-home]
In this section, we present examples of how to manage configuration
subscriptions using a NETCONF client.
2.8.1. Call Home for Configured Subscriptions 3.4. Configured Subscriptions
Configured subscriptions are established, modified, and deleted using Configured subscriptions are established, modified, and deleted using
configuration operations against the top-level subtree subscription- configuration operations against the top-level subtree of [subscribe]
config. Once the configuration is set, the server initiates a Call or [yang-push] via normal NETCONF operations. In this section, we
Home to each of the receivers in the subscription on the address and present examples of how to manage the configuration subscriptions
port specified. Once the NETCONF session between the server and the using a NETCONF client. Key differences from dunamic subscriptions
receiver is established, the server will issue a "subscription- over NETCONF is that subscription lifetimes are decoupled from
started" notification. After that, the server will send NETCONF sessions.
notifications to the receiver as per the subscription.
Note that the server assumes the receiver is aware that calls on the
configured port are intended only for pushing notifications. It also
assumes that the receiver is ready to accept notifications on the
session created as part of the Call Home as soon as the NETCONF
session is established. This may require coordination between the
client that configures the subscription and the clients for which the
notifications are intended. This coordination is out of the scope of
this document.
2.8.2. Establishing a Configured Subscription
Subscriptions are established using configuration operations against 3.4.1. Establishing a Configured Subscription
the top-level subtree subscription-config.
For example at subscription establishment, a NETCONF client may send: For subscription establishment, a NETCONF client may send:
<rpc message-id="101" <rpc message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"
xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0"> xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0">
<edit-config> <edit-config>
<target> <target>
<running/> <running/>
</target> </target>
<subscription-config <subscription-config
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.1"> xmlns="urn:ietf:params:xml:ns:netconf:notification:2.0">
<subscription> <subscription>
<subscription-id> <identifier>
1922 1922
</subscription-id> </identifier>
<stream> <stream>
foo foo
</stream> </stream>
<receiver> <receiver>
<address> <address>
1.2.3.4 1.2.3.4
</address> </address>
<port> <port>
1234 1234
</port> </port>
</receiver> </receiver>
</subscription> </subscription>
</subscription-config> </subscription-config>
</edit-config> </edit-config>
</rpc> </rpc>
Figure 27: Establish static subscription Figure 16: Establish static subscription
if the request is accepted, the server would reply: if the request is accepted, the server would reply:
<rpc-reply message-id="101" <rpc-reply message-id="101"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ok/> <ok/>
</rpc-reply> </rpc-reply>
Figure 28: Response to a successful static subscription establishment Figure 17: Response to a successful static subscription establishment
if the request is not accepted because the server cannot serve it, if the request is not accepted because the server cannot serve it, no
the server may reply: configuration is changed. Int this case the server may reply:
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<rpc-error> <rpc-error>
<error-type>application</error-type> <error-type>application</error-type>
<error-tag>resource-denied</error-tag> <error-tag>resource-denied</error-tag>
<error-severity>error</error-severity> <error-severity>error&lt;/error-severity>
<error-message xml:lang="en"> <error-message xml:lang="en">
Temporarily the server cannot serve this Temporarily the server cannot serve this
subscription due to the current workload. subscription due to the current workload.
</error-message> </error-message>
</rpc-error> </rpc-error>
</rpc-reply> </rpc-reply>
Figure 29: Response to a failed static subscription establishment Figure 18: Response to a failed static subscription establishment
2.8.2.1. Message Flow Example For every configured receiver, once NETCONF transport session between
the server and the receiver is recognized as active, the server will
issue a "subscription-started" notification. After that, the server
will send notifications to the receiver as per the subscription
notification.
Note that the server assumes that the receiver is ready to accept
notifications on the NETCONF session. This may require coordination
between the client that configures the subscription and the clients
for which the notifications are intended. This coordination is out
of the scope of this document.
3.4.2. Call Home for Configured Subscriptions
Once this configuration is active, if NETCONF transport is needed but
does not exist to one or more target IP address plus port, the server
initiates a transport session via [RFC8071] to those receiver(s) in
the subscription using the address and port specified.
3.4.3. Full Establish Message Flow
+----------+ +-----------+ +---------+ +---------+ +----------+ +-----------+ +---------+ +---------+
| Client | | Server | | Rcver A | | Rcver B | | Client | | Server | | Rcver A | | Rcver B |
+----------+ +-----------+ +---------+ +---------+ +----------+ +-----------+ +---------+ +---------+
| | | | | | | |
| Capability Exchange | | | | Capability Exchange | | |
|<-------------------------->| | | |<-------------------------->| | |
| | | | | | | |
| | | | | | | |
| Edit-config | | | | Edit-config | | |
|--------------------------->| | | |--------------------------->| | |
| RPC Reply: OK | | | | RPC Reply: OK | | |
|<---------------------------| | | |<---------------------------| | |
| | Call Home | | | | Call Home | |
| |<-------------->| | | |<-------------->| |
| |<--------------------------->| | |<--------------------------->|
| | | | | | | |
| | Subscription | | | | Subscription | |
| | Started | | | | Started | |
| | (subs-id 22) | | | | (id 22) | |
| |--------------->| |
| |---------------------------->|
| | | |
| | Notification | |
| | (subs-id 22) | |
| |--------------->| |
| |---------------------------->|
| | | |
| | | |
| | | |
| | | |
| | | |
| | Notification | |
| | (subs-id 22) | |
| |--------------->| | | |--------------->| |
| |---------------------------->| | |---------------------------->|
| | | | | | | |
| | Notification | | | | Notification | |
| | (subs-id 22) | | | | (id 22) | |
| |--------------->| | | |--------------->| |
| |---------------------------->| | |---------------------------->|
| | | | | | | |
Figure 30: Message flow for subscription establishment (configured Figure 19: Message flow for configured subscription establishment
subscription)
2.8.3. Modifying a Configured Subscription 3.4.4. Modifying a Configured Subscription
Configured subscriptions can be modified using configuration Configured subscriptions can be modified using configuration
operations against the top-level subtree subscription-config. operations against the top-level subtree subscription-config.
For example, the subscription established in the previous section For example, the subscription established in the previous section
could be modified as follows, choosing a different receiver: could be modified as follows, choosing a different receiver:
<rpc message-id="102" <rpc message-id="102"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"
xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0"> xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0">
<edit-config> <edit-config>
<target> <target>
<running/> <running/>
</target> </target>
<subscription-config <subscription-config
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.1"> xmlns="urn:ietf:params:xml:ns:netconf:notification:2.0">
<subscription> <subscription>
<subscription-id> <identifier>
1922 1922
</subscription-id> </identifier>
<stream> <stream>
foo foo
</stream> </stream>
<receiver> <receiver>
<address> <address>
1.2.3.5 1.2.3.5
</address> </address>
<port> <port>
1234 1234
</port> </port>
</receiver> </receiver>
</subscription> </subscription>
</subscription-config> </subscription-config>
</edit-config> </edit-config>
</rpc> </rpc>
Figure 31: Modify configured subscription Figure 20: Modify configured subscription
if the request is accepted, the server would reply: if the request is accepted, the server would reply:
<rpc-reply message-id="102" <rpc-reply message-id="102"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ok/> <ok/>
</rpc-reply> </rpc-reply>
Figure 32: Response to a successful configured subscription
modification
2.8.3.1. Message Flow Example Figure 21: A successful configured subscription modification
3.4.4.1. Message Flow Example
+----------+ +-----------+ +---------+ +---------+ +----------+ +-----------+ +---------+ +---------+
| Client | | Server | | Rcver A | | Rcver B | | Client | | Server | | Rcver A | | Rcver B |
+----------+ +-----------+ +---------+ +---------+ +----------+ +-----------+ +---------+ +---------+
| | | | | | | |
| Capability Exchange | | | | Capability Exchange | | |
|<-------------------------->| | | |<-------------------------->| | |
| | | | | | | |
| | | | | | | |
| Edit-config | | | | Edit-config | | |
|--------------------------->| | | |--------------------------->| | |
| RPC Reply: OK | | | | RPC Reply: OK | | |
|<---------------------------| | | |<---------------------------| | |
| | Call Home | | | | Call Home | |
| |<-------------->| | | |<-------------->| |
| |<--------------------------->| | |<--------------------------->|
| | | | | | | |
| | Subscription | | | | Subscription | |
| | Started | | | | Started | |
| | (subs-id 22) | | | | (id 22) | |
| |--------------->| | | |--------------->| |
| |---------------------------->| | |---------------------------->|
| | | | | | | |
| | Notification | | | | Notification | |
| | (subs-id 22) | | | | (id 22) | |
| |--------------->| | | |--------------->| |
| |---------------------------->| | |---------------------------->|
| | | | | | | |
| | | |
| | | |
| Edit-config | | | | Edit-config | | |
|--------------------------->| | | |--------------------------->| | |
| RPC Reply: OK | | | | RPC Reply: OK | | |
|<---------------------------| | | |<---------------------------| | |
| | | |
| | | |
| | Subscription | | | | Subscription | |
| | Modified | | | | Modified | |
| | (subs-id 22) | | | | (id 22) | |
| |--------------->| | | |--------------->| |
| |---------------------------->| | |---------------------------->|
| | | | | | | |
| | Notification | | | | Notification | |
| | (subs-id 22) | | | | (id 22) | |
| |--------------->| | | |--------------->| |
| |---------------------------->| | |---------------------------->|
| | | | | | | |
Figure 33: Message flow for subscription modification (configured Figure 22: Message flow for subscription modification (configured
subscription) subscription)
2.8.4. Deleting a Configured Subscription 3.4.5. Deleting a Configured Subscription
Subscriptions can be deleted using configuration operations against Subscriptions can be deleted using configuration operations against
the top-level subtree subscription-config. For example: the top-level subtree subscription-config. For example:
<rpc message-id="103" <rpc message-id="103"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<edit-config> <edit-config>
<target> <target>
<running/> <running/>
</target> </target>
<subscription-config <subscription-config
xmlns:xc="urn:ietf:params:xml:ns:netconf:notification:1.1"> xmlns:xc="urn:ietf:params:xml:ns:netconf:notification:2.0">
<subscription xc:operation="delete"> <subscription xc:operation="delete">
<subscription-id> <identifier>
1922 1922
</subscription-id> </identifier>
</subscription> </subscription>
</subscription-config> </subscription-config>
</edit-config> </edit-config>
</rpc> </rpc>
<rpc-reply message-id="103"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ok/>
</rpc-reply>
Figure 34: Deleting a configured subscription <rpc-reply message-id="103"
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ok/>
</rpc-reply>
2.8.4.1. Message Flow Example Figure 23: Deleting a configured subscription
3.4.5.1. Message Flow Example
+----------+ +-----------+ +---------+ +---------+ +----------+ +-----------+ +---------+ +---------+
| Client | | Server | | Rcver A | | Rcver B | | Client | | Server | | Rcver A | | Rcver B |
+----------+ +-----------+ +---------+ +---------+ +----------+ +-----------+ +---------+ +---------+
| | | | | | | |
| Capability Exchange | | | | Capability Exchange | | |
|<-------------------------->| | | |<-------------------------->| | |
| | | | | | | |
| | | | | | | |
| Edit-config | | | | Edit-config | | |
|--------------------------->| | | |--------------------------->| | |
| RPC Reply: OK | | | | RPC Reply: OK | | |
|<---------------------------| | | |<---------------------------| | |
| | Call Home | | | | Call Home | |
| |<-------------->| | | |<-------------->| |
| |<--------------------------->| | |<--------------------------->|
| | | | | | | |
| | Subscription | | | | Subscription | |
| | Started | | | | Started | |
| | (subs-id 22) | | | | (id 22) | |
| |--------------->| |
| |---------------------------->|
| | | |
| | Notification | |
| | (subs-id 22) | |
| |--------------->| | | |--------------->| |
| |---------------------------->| | |---------------------------->|
| | | | | | | |
| | | | | | | |
| | | |
| | | |
| | | |
| | Notification | | | | Notification | |
| | (subs-id 22) | | | | (id 22) | |
| |--------------->| | | |--------------->| |
| |---------------------------->| | |---------------------------->|
| | | | | | | |
| Edit-config | | | | Edit-config | | |
|--------------------------->| | | |--------------------------->| | |
| RPC Reply: OK | | | | RPC Reply: OK | | |
|<---------------------------| | | |<---------------------------| | |
| | | |
| | | |
| | Subscription | | | | Subscription | |
| | Terminated | | | | Terminated | |
| | (subs-id 22) | | | | (id 22) | |
| |--------------->| | | |--------------->| |
| |---------------------------->| | |---------------------------->|
| | | | | | | |
| | | |
| | | |
| | | |
Figure 35: Message flow for subscription deletion (configured Figure 24: Message flow for subscription deletion (configured
subscription) subscription)
2.9. Event (Data Plane) Notifications 3.4.6. Event (Data Plane) Notifications
Once a subscription has been set up, the NETCONF server sends
(asynchronously) the event notifications from the subscribed stream.
We refer to these as data plane notifications. For dynamic
subscriptions set up via RPC operations, event notifications are sent
over the NETCONF session used to create or establish the
subscription. For static subscriptions, event notifications are sent
over the specified connections.
An event notification is sent to the receiver(s) when an event of
interest (i.e., meeting the specified filtering criteria) has
occurred. An event notification is a complete and well-formed XML
document. Note that <notification> is not a Remote Procedure Call
(RPC) method but rather the top-level element identifying the one-way
message as a notification. Note that event notifications never
trigger responses.
The event notification always includes an <eventTime> element. It is
the time the event was generated by the event source. This parameter
is of type dateTime and compliant to [RFC3339]. Implementations must
support time zones.
The event notification also contains notification-specific tagged
content, if any. With the exception of <eventTime>, the content of
the notification is beyond the scope of this document.
For encodings other than XML, notifications include an additional XML Once a dynamic or configured subscription has been created, the
element so that the notification is a well-formed XML. The element NETCONF server sends (asynchronously) event notifications from the
is <notification-contents-{encoding}>, E.g., <notification-contents- subscribed stream to receiver(s) over NETCONF. We refer to these as
json>. That element contains the notification contents in the data plane notifications.
desired encoding
The following is an example of an event notification from [RFC6020]: The following is an example of an event notification from [RFC6020]:
notification link-failure { notification link-failure {
description "A link failure has been detected"; description "A link failure has been detected";
leaf if-name { leaf if-name {
type leafref { type leafref {
path "/interface/name"; path "/interface/name";
} }
} }
leaf if-admin-status { leaf if-admin-status {
type admin-status; type admin-status;
} }
leaf if-oper-status { leaf if-oper-status {
type oper-status; type oper-status;
} }
} }
Figure 36: Definition of a data plane notification Figure 25: Definition of a data plane notification
<notification This notification might result in the following, prior to it being
xmlns=" urn:ietf:params:xml:ns:netconf:notification:1.0"> placed into NETCONF. Note that the mandatory eventTime and
<eventTime>2007-09-01T10:00:00Z</eventTime> Subscription id have been added.
<link-failure xmlns="http://acme.example.com/system">
<if-name>so-1/2/3.0</if-name>
<if-admin-status>up</if-admin-status>
<if-oper-status>down</if-oper-status>
</link-failure>
</notification>
Figure 37: Data plane notification <notification
xmlns=" urn:ietf:params:xml:ns:netconf:notification:2.0">
<eventTime>2007-09-01T10:00:00Z</eventTime>
<subscription-id>39</subscription-id>
<link-failure xmlns="http://acme.example.com/system">
<if-name>so-1/2/3.0</if-name>
<if-admin-status>up</if-admin-status>
<if-oper-status>down</if-oper-status>
</link-failure>
</notification>
The equivalent using JSON encoding would be Figure 26: Data plane notification
<notification The equivalent using JSON encoding would be
xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> <notification
<eventTime>2007-09-01T10:00:00Z</eventTime> xmlns="urn:ietf:params:xml:ns:netconf:notification:2.0">
<notification-contents-json> <eventTime>2007-09-01T10:00:00Z</eventTime>
{ <subscription-id>39</subscription-id>
"acme-system:link-failure": { <notification-contents-json>
"if-name": "so-1/2/3.0", {
"if-admin-status": "up", "acme-system:link-failure": {
"if-oper-status": "down" "if-name": "so-1/2/3.0",
} "if-admin-status": "up",
} "if-oper-status": "down"
</notification-contents-json> }
</notification> }
</notification-contents-json>
</notification>
Figure 38: Data plane notification using JSON encoding Figure 27: Data plane notification using JSON encoding
2.10. Control Plane Notifications 3.4.7. Control Plane Notifications
In addition to data plane notifications, a server may send control In addition to data plane notifications, a server may send control
plane notifications (defined in [event-notifications]) to indicate to plane notifications (defined in [subscribe]) to indicate to receivers
receivers that an event related to the subscription management has that an event related to the subscription management has occurred.
occurred. Control plane notifications cannot be filtered out. Next Control plane notifications cannot be filtered out. Next we
we exemplify them using both XML, and JSON encondings for the exemplify them using both XML, and JSON encodings for the
notification-specific content: notification-specific content:
2.10.1. replayComplete 3.4.7.1. subscription-started and subscription-modified
A subscription-started would look like:
<notification <notification
xmlns=" urn:ietf:params:xml:ns:netconf:notification:1.0"> xmlns=" urn:ietf:params:xml:ns:netconf:notification:2.0">
<eventTime>2007-09-01T10:00:00Z</eventTime> <eventTime>2007-09-01T10:00:00Z</eventTime>
<replayComplete xmlns="urn:ietf:params:xml:ns:netmod:notification"/> <subscription-started
xmlns="urn:ietf:params:xml:ns:yang:ietf-event-notifications"/>
<identifier>39</identifier>
<filter-type>xpath</filter-type>
<filter xmlns:ex="http://example.com/event/1.0"
select="/ex:event[ex:eventClass='fault' and
(ex:severity='minor' or ex:severity='major'
or ex:severity='critical')]"/>
</subscription-started/>
</notification> </notification>
Figure 39: replayComplete control plane notification Figure 28: subscription-started control plane notification
The equivalent using JSON encoding would be: The equivalent using JSON encoding would be:
<notification <notification
xmlns=" urn:ietf:params:xml:ns:netconf:notification:1.0"> xmlns=" urn:ietf:params:xml:ns:netconf:notification:2.0">
<eventTime>2007-09-01T10:00:00Z</eventTime> <eventTime>2007-09-01T10:00:00Z</eventTime>
<notification-contents-json> <notification-contents-json>
{ {
"netmod-notif:replayComplete": { } "notif-bis:subscription-started": {
} "identifier" : 39
</notification-contents-json> ((Open Item: express everything including the filter in json))
</notification> }
}
</notification-contents-json>
</notification>
Figure 40: replayComplete control plane notification (JSON encoding) Figure 29: subscription-started control plane notification (JSON)
2.10.1.1. Message Flow Example The subscription-modified is identical, with just the word "started"
+------------+ +-----------+ being replaced by "modified".
| Client | | Server |
+------------+ +-----------+
| |
| Capability Exchange |
|<---------------------------->|
| |
| |
| Establish Subscription |
|----------------------------->|
| RPC Reply: OK, subs-id = 22 |
|<-----------------------------|
| |
| Notification (subs-id 22) |
|<-----------------------------|
| |
| |
| Notification (subs-id 22) |
|<-----------------------------|
| Replay Complete (subs-id 22) |
|<-----------------------------|
| |
| |
| |
| Notification (subs-id 22) |
|<-----------------------------|
| |
| Notification (subs-id 22) |
|<-----------------------------|
| |
| |
| |
Figure 41: replayComplete notification 3.4.7.2. notification-complete, subscription-resumed, and replay-
complete
2.10.2. notificationComplete A notification-complete would look like:
<notification <notification
xmlns=" urn:ietf:params:xml:ns:netconf:notification:1.0"> xmlns=" urn:ietf:params:xml:ns:netconf:notification:2.0">
<eventTime>2007-09-01T10:00:00Z</eventTime> <eventTime>2007-09-01T10:00:00Z</eventTime>
<notificationComplete <notification-complete
xmlns="urn:ietf:params:xml:ns:netmod:notification"/> xmlns="urn:ietf:params:xml:ns:yang:ietf-event-notifications">
<identifier>39</identifier>
</notification-complete>
</notification> </notification>
Figure 42: notificationComplete control plane notification Figure 30: notification control plane notification XML
2.10.2.1. Message Flow Example The equivalent using JSON encoding would be:
+------------+ +-----------+
| Client | | Server |
+------------+ +-----------+
| |
| Capability Exchange |
|<---------------------------->|
| |
| |
| Establish Subscription |
|----------------------------->|
| RPC Reply: OK, subs-id = 22 |
|<-----------------------------|
| |
| Notification (subs-id 22) |
|<-----------------------------|
| |
| |
| Notification (subs-id 22) |
|<-----------------------------|
| Replay Complete (subs-id 22) |
|<-----------------------------|
| |
| |
| |
| Notification (subs-id 22) |
|<-----------------------------|
| |
| Notification (subs-id 22) |
|<-----------------------------|
| |
| |
| |
| Notification Complete |
| (subs-id 22) |
|<-----------------------------|
| |
| |
| |
| RPC |
|----------------------------->|
| RPC Reply |
|<-----------------------------|
| |
| |
Figure 43: notificationComplete notification <notification
xmlns=" urn:ietf:params:xml:ns:netconf:notification:2.0">
<eventTime>2007-09-01T10:00:00Z</eventTime>
<notification-contents-json>
{
"netmod-notif:notification-complete": {
"identifier" : 39
}
</notification-contents-json>
</notification>
2.10.3. subscription-started Figure 31: notification control plane notification JSON
<notification The subscription-resumed and replay-complete are virutally identical,
xmlns=" urn:ietf:params:xml:ns:netconf:notification:1.0"> with "notification-complete" simply being replaced by "subscription-
<eventTime>2007-09-01T10:00:00Z</eventTime> resumed" and "replay-complete" in both encodings.
<subscription-started
xmlns="urn:ietf:params:xml:ns:yang:ietf-event-notifications"/>
<subscription-id>52</subscription-id>
<filter netconf:type="xpath"
xmlns:ex="http://example.com/event/1.0"
select="/ex:event[ex:eventClass='fault' and
(ex:severity='minor' or ex:severity='major'
or ex:severity='critical')]"/>
</subscription-started/>
</notification>
Figure 44: subscription-started control plane notification 3.4.7.3. subscription-terminated and subscription-suspended
The equivalent using JSON encoding would be: A subscription-terminated would look like:
<notification <notification
xmlns=" urn:ietf:params:xml:ns:netconf:notification:1.0"> xmlns=" urn:ietf:params:xml:ns:netconf:notification:2.0">
<eventTime>2007-09-01T10:00:00Z</eventTime> <eventTime>2007-09-01T10:00:00Z</eventTime>
<notification-contents-json> <subscription-terminated
{ xmlns="urn:ietf:params:xml:ns:yang:ietf-event-notifications">
"notif-bis:subscription-started": { <identifier>39</identifier>
"subscription-id" : 52 <error-id>no-such-subscription</error-id>
((Open Item: express filter in json)) </subscription-terminated>
}
}
</notification-contents-json>
</notification> </notification>
Figure 45: subscription-started control plane notification (JSON Figure 32: subscription-modified control plane notification
encoding)
2.10.4. subscription-modified
<notification
xmlns=" urn:ietf:params:xml:ns:netconf:notification:1.0">
<eventTime>2007-09-01T10:00:00Z</eventTime>
<subscription-modified
xmlns="urn:ietf:params:xml:ns:yang:ietf-event-notifications"/>
<subscription-id>52</subscription-id>
<filter netconf:type="xpath"
xmlns:ex="http://example.com/event/1.0"
select="/ex:event[ex:eventClass='fault']"/>
</subscription-modified/>
</notification>
Figure 46: subscription-modified control plane notification
2.10.5. subscription-terminated
<notification
xmlns=" urn:ietf:params:xml:ns:netconf:notification:1.0">
<eventTime>2007-09-01T10:00:00Z</eventTime>
<subscription-terminated
xmlns="urn:ietf:params:xml:ns:yang:ietf-event-notifications"/>
<subscription-id>52</subscription-id>
<reason>subscription-deleted</reason>
</subscription-terminated/>
</notification>
Figure 47: subscription-terminated control plane notification
2.10.6. subscription-suspended
<notification
xmlns=" urn:ietf:params:xml:ns:netconf:notification:1.0">
<eventTime>2007-09-01T10:00:00Z</eventTime>
<subscription-suspended
xmlns="urn:ietf:params:xml:ns:yang:ietf-event-notifications"/>
<subscription-id>52</subscription-id>
<reason>internal-error</reason>
</subscription-suspended/>
</notification>
Figure 48: subscription-suspended control plane notification
2.10.7. subscription-resumed
<notification
xmlns=" urn:ietf:params:xml:ns:netconf:notification:1.0">
<eventTime>2007-09-01T10:00:00Z</eventTime>
<subscription-resumed
xmlns="urn:ietf:params:xml:ns:yang:ietf-event-notifications"/>
<subscription-id>52</subscription-id>
<reason>internal-error</reason>
</subscription-resumed/>
</notification>
Figure 49: subscription-resumed control plane notification The above, and the subscription-suspended are virutally identical,
with "subscription-terminated" simply being replaced by
"subscription-suspended".
2.10.7.1. Message Flow Examples 3.4.7.4. Notification Message Flow Examples
+------------+ +-----------+ +------------+ +-----------+
| Client | | Server | | Client | | Server |
+------------+ +-----------+ +------------+ +-----------+
| | | |
| Capability Exchange | | Capability Exchange |
|<---------------------------->| |<---------------------------->|
| | | |
| |
| Establish Subscription | | Establish Subscription |
|----------------------------->| |<---------------------------->|
| RPC Reply: OK, subs-id = 22 |
|<-----------------------------|
| |
| Notification |
|<-----------------------------|
| |
| | | |
| Notification | | Notification |
|<-----------------------------| |<-----------------------------|
| Notification |
|<-----------------------------|
| | | |
| | | |
| Subscription Suspended | | Subscription Suspended |
|<-----------------------------| |<-----------------------------|
| | | |
| | | |
| | | |
| Subscription Resumed | | Subscription Resumed |
|<-----------------------------| |<-----------------------------|
| | | |
| |
| |
| |
| Notification | | Notification |
|<-----------------------------| |<-----------------------------|
| | | |
| |
Figure 50: subscription-suspended and Resumed Notifications Figure 33: subscription-suspended and Resumed Notifications
+----------+ +-----------+ +---------+ +---------+ +----------+ +-----------+ +---------+ +---------+
| Client | | Server | | Rcver A | | Rcver B | | Client | | Server | | Rcver A | | Rcver B |
+----------+ +-----------+ +---------+ +---------+ +----------+ +-----------+ +---------+ +---------+
| | | | | | | |
| Capability Exchange | | | | Capability Exchange | | |
|<-------------------------->| | | |<-------------------------->| | |
| | | | | | | |
| | | |
| Edit-config | | | | Edit-config | | |
|--------------------------->| | | |--------------------------->| | |
| RPC Reply: OK | | | | RPC Reply: OK | | |
|<---------------------------| | | |<---------------------------| | |
| | Subscription | | | | Subscription | |
| | Started | | | | Started | |
| |--------------->| | | |--------------->| |
| |---------------------------->| | |---------------------------->|
| | | | | | | |
| | Notification | | | | Notification | |
| |--------------->| | | |--------------->| |
| |---------------------------->| | |---------------------------->|
| | | | | | | |
| | | |
| | | |
| | | |
| | Subscription | | | | Subscription | |
| | Suspended | | | | Suspended | |
| |--------------->| | | |--------------->| |
| |---------------------------->|
| | | |
| | | |
| | | |
| | | | | | | |
| | Notification | |
| |---------------------------->|
| | | | | | | |
| | Subscription | | | | Subscription | |
| | Resumed | | | | Resumed | |
| |--------------->| | | |--------------->| |
| |---------------------------->|
| | | |
| | | |
| | | |
| | Notification | |
| |--------------->| |
| |---------------------------->|
| | | | | | | |
| | Notification | | | | Notification | |
| |--------------->| | | |--------------->| |
| |---------------------------->| | |---------------------------->|
| | | | | | | |
| | | |
| | | |
| | | |
Figure 51: subscription-suspended and subscription-resumed
notifications (configured subscriptions)
3. Backwards Compatibility
3.1. Capabilities
Capabilities are advertised in messages sent by each peer during
session establishment [RFC6241]. Servers supporting the features in
this document must advertise both capabilities
"urn:ietf:params:netconf:capability:notification:1.0" and
"urn:ietf:params:netconf:capability:notification:1.1".
An example of a hello message by a server during session Figure 34: Suspended and resumed for a single configured receiver
establishment would be:
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<capabilities>
<capability>
urn:ietf:params:xml:ns:netconf:base:1.0
</capability>
<capability>
urn:ietf:params:netconf:capability:startup:1.0
</capability>
<capability>
urn:ietf:params:netconf:capability:notification:1.0
</capability>
<capability>
urn:ietf:params:netconf:capability:notification:1.1
</capability>
</capabilities>
<session-id>4</session-id>
</hello>
Figure 52: Hello message
Clients that only support [RFC5277] recognize capability
"urn:ietf:params:netconf:capability:notification:1.0" and ignore
capability "urn:ietf:params:netconf:capability:notification:1.1".
This allows them interacting with the server as per [RFC5277].
Clients that support the features in this document recognize both
capabilities. This allows them interacting with the server as per
this document.
3.2. Stream Discovery
In order to maintain backwards compatibility, clients that only
support [RFC5277] can retrieve the list of available event streams
executing a <get> operation against the container "/netconf/streams".
4. Security Considerations 4. Security Considerations
The security considerations from the base NETCONF document [RFC6241]
also apply to the notification capability.
The <notification> elements are never sent before the transport layer The <notification> elements are never sent before the transport layer
and the NETCONF layer, including capabilities exchange, have been and the NETCONF layer, including capabilities exchange, have been
established and the manager has been identified and authenticated. established and the manager has been identified and authenticated.
A secure transport must be used and the server must ensure that the A secure transport must be used and the server must ensure that the
user has sufficient authorization to perform the function they are user has sufficient authorization to perform the function they are
requesting against the specific subset of NETCONF content involved. requesting against the specific subset of content involved.
When a <get> is received that refers to the content defined in this
memo, clients should only be able to view the content for which they
have sufficient privileges. <create-subscriptiont> and <establish-
subscriptiont> operations can be considered like deferred <get>, and
the content that different users can access may vary. This different
access is reflected in the <notificationt> that different users are
able to subscribe to.
The contents of notifications, as well as the names of event streams, The contents of notifications, as well as the names of event streams,
may contain sensitive information and care should be taken to ensure may contain sensitive information and care should be taken to ensure
that they are viewed only by authorized users. The NETCONF server that they are viewed only by authorized users. The NETCONF server
MUST NOT include any content in a notification that the user is not MUST NOT include any content in a notification that the user is not
authorized to view. authorized to view.
If a malicious or buggy NETCONF client sends a number of <create- If a malicious or buggy NETCONF client sends a number of <establish-
subscription> requests, then these subscriptions accumulate and may subscription>requests, then these subscriptions accumulate and may
use up system resources. In such a situation, subscriptions can be use up system resources. In such a situation, subscriptions MAY be
terminated by terminating the suspect underlying NETCONF sessions terminated by terminating the suspect underlying NETCONF sessions.
using the <kill-session> operation. If the client uses <establish- The server MAY also suspend or terminate a subset of the active
subscription>, the server can also suspend or terminate subscriptions subscriptions on the NETCONF session .
with per-subscription granularity.
A subscription could be configured on another receiver's behalf, with Configured subscriptions from one or more publishers could be used to
the goal of flooding that receiver with updates. One or more overwhelm a receiver, which perhaps doesn't even support
publishers could be used to overwhelm a receiver, which doesn't even subscriptions. Clients that do not want pushed data need only
support subscriptions. Clients that do not want pushed data need terminate or refuse any transport sessions from the publisher.
only terminate or refuse any transport sessions from the publisher.
In addition, the NETCONF Authorization Control Model [RFC6536] SHOULD
be used to control and restrict authorization of subscription
configuration. This control models permits specifying per-user
permissions to receive specific event notification types. The
permissions are specified as a set of access control rules.
Note that streams can define additional authorization requirements. The NETCONF Authorization Control Model [RFC6536] SHOULD be used to
For instance, in [yang-push] each of the elements in its data plane control and restrict authorization of subscription configuration.
notifications must also go through access control. This control models permits specifying per-user permissions to
receive specific event notification types. The permissions are
specified as a set of access control rules.
5. Acknowledgments 5. Acknowledgments
We wish to acknowledge the helpful contributions, comments, and We wish to acknowledge the helpful contributions, comments, and
suggestions that were received from: Andy Bierman, Yan Gang, Peipei suggestions that were received from: Andy Bierman, Yan Gang, Sharon
Guo, Susan Hares, Tim Jenkins, Balazs Lengyel, Kent Watsen, and Chisholm, Hector Trevino, Peipei Guo, Susan Hares, Tim Jenkins,
Guangying Zheng. Balazs Lengyel, Kent Watsen, and Guangying Zheng.
6. References 6. References
6.1. Normative References 6.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>. <http://www.rfc-editor.org/info/rfc2119>.
[RFC3339] Klyne, G. and C. Newman, "Date and Time on the Internet:
Timestamps", RFC 3339, DOI 10.17487/RFC3339, July 2002,
<http://www.rfc-editor.org/info/rfc3339>.
[RFC5277] Chisholm, S. and H. Trevino, "NETCONF Event [RFC5277] Chisholm, S. and H. Trevino, "NETCONF Event
Notifications", RFC 5277, DOI 10.17487/RFC5277, July 2008, Notifications", RFC 5277, DOI 10.17487/RFC5277, July 2008,
<http://www.rfc-editor.org/info/rfc5277>. <http://www.rfc-editor.org/info/rfc5277>.
[RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for
the Network Configuration Protocol (NETCONF)", RFC 6020, the Network Configuration Protocol (NETCONF)", RFC 6020,
DOI 10.17487/RFC6020, October 2010, DOI 10.17487/RFC6020, October 2010,
<http://www.rfc-editor.org/info/rfc6020>. <http://www.rfc-editor.org/info/rfc6020>.
[RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed.,
and A. Bierman, Ed., "Network Configuration Protocol and A. Bierman, Ed., "Network Configuration Protocol
(NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011,
<http://www.rfc-editor.org/info/rfc6241>. <http://www.rfc-editor.org/info/rfc6241>.
[RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration
Protocol (NETCONF) Access Control Model", RFC 6536, Protocol (NETCONF) Access Control Model", RFC 6536,
DOI 10.17487/RFC6536, March 2012, DOI 10.17487/RFC6536, March 2012,
<http://www.rfc-editor.org/info/rfc6536>. <http://www.rfc-editor.org/info/rfc6536>.
6.2. Informative References [RFC8071] Watsen, K., "NETCONF Call Home and RESTCONF Call Home",
RFC 8071, DOI 10.17487/RFC8071, February 2017,
<http://www.rfc-editor.org/info/rfc8071>.
[call-home] 6.2. Informative References
Watsen, K., "NETCONF Call Home and RESTCONF Call Home",
December 2015, <https://datatracker.ietf.org/doc/draft-
ietf-netconf-call-home/>.
[event-notifications] [subscribe]
Clemm, A., Gonzalez Prieto, A., Voit, Eric., Nilsen- Voit, Eric., Clemm, A., Gonzalez Prieto, A., Nilsen-
Nygaard, E., Tripathy, A., Chisholm, S., and H. Trevino, Nygaard, E., and A. Tripathy, "Subscribing to Event
"Subscribing to Event Notifications", June 2016, Notifications", April 2016,
<https://datatracker.ietf.org/doc/draft-ietf-netconf- <https://datatracker.ietf.org/doc/draft-ietf-netconf-
rfc5277bis/>. subscribed-notifications/>.
[yang-push] [yang-push]
Clemm, A., Gonzalez Prieto, A., Voit, Eric., Tripathy, A., Clemm, A., Gonzalez Prieto, A., Voit, Eric., Tripathy, A.,
and E. Nilsen-Nygaard, "Subscribing to YANG datastore push and E. Nilsen-Nygaard, "Subscribing to YANG datastore push
updates", February 2016, updates", April 2017, <https://datatracker.ietf.org/doc/
<https://datatracker.ietf.org/doc/draft-ietf-netconf-yang- draft-ietf-netconf-yang-push/>.
push/>.
Appendix A. Issues that are currently being worked Appendix A. Changes between revisions
(To be removed by RFC editor prior to publication) (To be removed by RFC editor prior to publication)
o NT1 - Express filter in JSON should be documented. A.1. v01 to v03
Appendix B. Changes between revisions o Text simplifications throughout
(To be removed by RFC editor prior to publication) o v02 had no meaningful changes
B.1. v00 to v01 A.2. v00 to v01
o D1 - Added Call Home in solution for configured subscriptions. o Added Call Home in solution for configured subscriptions.
o D2 - Clarified support for multiple subscription on a single o Clarified support for multiple subscription on a single session.
session. No need to support multiple create-subscription. No need to support multiple create-subscription.
o D3 - Added mapping between terminology in [yang-push] and o Added mapping between terminology in [yang-push] and [RFC6241]
[RFC6241] (the one followed in this document). (the one followed in this document).
o D4 - Editorial improvements. o Editorial improvements.
Authors' Addresses Authors' Addresses
Alberto Gonzalez Prieto Alberto Gonzalez Prieto
Cisco Systems VMWare
Email: albertgo@cisco.com Email: alberto.gonzalezprieto@yahoo.com
Alexander Clemm Alexander Clemm
Huawei Huawei
Email: ludwig@clemm.org Email: ludwig@clemm.org
Eric Voit Eric Voit
Cisco Systems Cisco Systems
Email: evoit@cisco.com Email: evoit@cisco.com
Einar Nilsen-Nygaard Einar Nilsen-Nygaard
Cisco Systems Cisco Systems
Email: einarnn@cisco.com Email: einarnn@cisco.com
Ambika Prasad Tripathy Ambika Prasad Tripathy
Cisco Systems Cisco Systems
Email: ambtripa@cisco.com Email: ambtripa@cisco.com
Sharon Chisholm
Ciena
Email: schishol@ciena.com
Hector Trevino
Cisco Systems
Email: htrevino@cisco.com
 End of changes. 206 change blocks. 
1311 lines changed or deleted 582 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/