view Side-By-Side changes
Network Working Group S. Chisholm Internet-Draft K. Curran Expires:July 12,October 30, 2006 Nortel H. Trevino CiscoJanuary 8,April 28, 2006 NETCONF Event Notificationsdraft-ietf-netconf-notification-00.txtdraft-ietf-netconf-notification-01.txt Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire onJuly 12,October 30, 2006. Copyright Notice Copyright (C) The Internet Society (2006). Abstract This memo defines a framework for sending asynchronous messages, or event notifications in NETCONF. It defines both the operations necessary to support this concept, and also discusses implications for the mapping to application protocols. Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page 1] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 1.1 Definition of Terms . . . . . . . . . . . . . . . . . . . 4 1.2 Event Notifications in NETCONF . . . . . . . . . . . . . . 5 2. Event-Related Operations . . . . . . . . . . . . . . . . . . . 6 2.1 Subscribing to receive Events . . . . . . . . . . . . . . 6 2.1.1 create-subscription . . . . . . . . . . . . . . . . . 6 2.2 Sending Event Notifications . . . . . . . . . . . . . . . 7 2.2.1Events . . . . . .Event Notification . . . . . . . . . . . . . . . . . . 7 2.3 Changing the Subscription . . . . . . . . . . . . . . . . 8 2.3.1 modify-subscription . . . . . . . . . . . . . . . . . 9 2.4 Terminating the Subscription . . . . . . . . . . . . . . . 10 2.4.1 cancel-subscription . . . . . . . . . . . . . . . . . 10 3. Supporting Concepts . . . . . . . . . . . . . . . . . . . . . 11 3.1 Capabilities Exchange . . . . . . . . . . . . . . . . . . 11 3.2 Querying Subscription Properties . . . . . . . . . . . . . 11 3.3RPCOne-way Notification Messages . . . . . . . . . . . . . .. . . . . 1416 3.4User-Specified FiltersFilter Dependencies . . . . . . . . . . . . . . . . . .14. 16 3.4.1 Named Profiles . . . . . . . . . . . . . . . . . . . .1517 3.4.2 Filtering . . . . . . . . . . . . . . . . . . . . . .1517 3.5 Event Classes . . . . . . . . . . . . . . . . . . . . . .1517 3.6 Defining Event Notifications . . . . . . . . . . . . . . .1618 3.7 Interleaving Messages . . . . . . . . . . . . . . . . . .1618 4. XML Schema for Event Notifications . . . . . . . . . . . . . .1820 5. Mapping to Application Protocols . . . . . . . . . . . . . . .2324 5.1 SSH . . . . . . . . . . . . . . . . . . . . . . . . . . .2324 5.2 BEEP . . . . . . . . . . . . . . . . . . . . . . . . . . .2425 5.2.1 One-way Notification Messages in Beep . . . . . . . .. . . . . . . 2425 5.3 SOAP . . . . . . . . . . . . . . . . . . . . . . . . . . .2526 5.3.1 A NETCONF over Soap over HTTP Example . . . . . . . .2526 6. Filtering examples . . . . . . . . . . . . . . . . . . . . . .2829 6.1 Event Classes . . . . . . . . . . . . . . . . . . . . . .2829 6.2 Subtree Filtering . . . . . . . . . . . . . . . . . . . .2829 6.3 XPATH filters . . . . . . . . . . . . . . . . . . . . . .3031 7.Security Considerations . . . .Additional Capabilities . . . . . . . . . . . . . . .32 8. IANA Considerations. . . . 33 7.1 Call-Home Notifications . . . . . . . . . . . . . . . . . 339. Acknowledgements . .7.1.1 Overview . . . . . . . . . . . . . . . . . . . . .34 10. References . .. . 33 7.1.2 Dependencies . . . . . . . . . . . . . . . . . . . . . 34Authors' Addresses7.1.3 Capability Identifier . . . . . . . . . . . . . . . . 34 8. Security Considerations . . . . . .35 A. Potential Event Content. . . . . . . . . . . . . 37 9. IANA Considerations . . . . . .36 A.1 Event Identifier. . . . . . . . . . . . . . . 38 10. Acknowledgements . . . . . .36 A.2 Resource Instance. . . . . . . . . . . . . . . . 39 11. References . . . .36 A.3 Event Time. . . . . . . . . . . . . . . . . . . . . 39 Authors' Addresses . . .36 A.4 Perceived Severity. . . . . . . . . . . . . . . . . . . 40 A. Design Alternatives .36 A.5 Probable Cause. . . . . . . . . . . . . . . . . . . . 41 A.1 Suspend And Resume . .37 A.6 Specific Problem. . . . . . . . . . . . . . . . . . 41 A.2 Lifecycle . . .37 A.7 Trend Indication. . . . . . . . . . . . . . . . . . . . .3741 Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page 2] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006A.8 Additional Alarm TextB. Event Notifications and Syslog . . . . . . . . . . . . . . . . 42 B.1 Leveraging Syslog Field Definitions . . . . . . . .37 A.9 Threshold Identifier. . . 42 B.1.1 Field Mapping . . . . . . . . . . . . . . . . . . .37 A.10 Threshold Type. 43 B.1.2 Severity Mapping . . . . . . . . . . . . . . . . . . . 44 B.2 Syslog within NETCONF Events . .38 A.11 Observed Value. . . . . . . . . . . . . 44 B.2.1 Motivation . . . . . . . . .38 A.12 State Change Information. . . . . . . . . . . . . 44 B.2.2 Embedding syslog messages in a NETCONF Event . . . .38 B.. 44 B.2.3 Supported Forwarding Options . . . . . . . . . . . . . 45 C. Example ConfigurationEvent ClassNotifications . . . . . . . . . . .39 B.1. . 47 C.1 Types of Configuration Events . . . . . . . . . . . . . .39 B.247 C.2 Config Event Notification Structure . . . . . . . . . . .40 B.348 C.3 Configuration Event Content . . . . . . . . . . . . . . .42 B.3.150 C.3.1 Target Datastore . . . . . . . . . . . . . . . . . . .42 B.3.250 C.3.2 User Info . . . . . . . . . . . . . . . . . . . . . .42 B.3.350 C.3.3 Data Source . . . . . . . . . . . . . . . . . . . . .42 B.3.450 C.3.4 Operation . . . . . . . . . . . . . . . . . . . . . .42 B.3.550 C.3.5 Context . . . . . . . . . . . . . . . . . . . . . . .42 B.3.650 C.3.6 Entered Command . . . . . . . . . . . . . . . . . . .43 B.3.751 C.3.7 New Config . . . . . . . . . . . . . . . . . . . . . .43 B.3.851 C.3.8 Old Config . . . . . . . . . . . . . . . . . . . . . .43 B.3.951 C.3.9 Non-netconf commands in configuration notifications .43 B.4 Design Alternative . . . . . . . . . . . . . . . . . . . . 43 B.4.1 Server Session Initiation . . . . . . . .51 Intellectual Property and Copyright Statements . . . . . .43 B.4.2 Establishment. .. . . . . . . . . . . . . . . . . . 44 B.4.3 Teardown . . . . . . . . . . . . . . . . . . . . . . . 44 B.4.4 Suspend And Resume . . . . . . . . . . . . . . . . . . 45 B.4.5 Lifecycle . . . . . . . . . . . . . . . . . . . . . . 45 C. NETCONF Event Notifications and Syslog . . . . . . . . . . . . 46 C.1 Leveraging Syslog Field Definitions . . . . . . . . . . . 46 C.1.1 Field Mapping . . . . . . . . . . . . . . . . . . . . 47 C.1.2 Severity Mapping . . . . . . . . . . . . . . . . . . . 48 C.2 Syslog within NETCONF Events . . . . . . . . . . . . . . . 48 C.2.1 Motivation . . . . . . . . . . . . . . . . . . . . . . 48 C.2.2 Embedding syslog messages in a NETCONF Event . . . . . 48 C.2.3 Supported Forwarding Options . . . . . . . . . . . . . 49 Intellectual Property and Copyright Statements . . . . . . . . 51 Chisholm, et al. Expires July 12, 2006 [Page 3] Internet-Draft NETCONF Event Notifications January 2006 1. Introduction NETCONF [NETCONF-PROTO] can be conceptually partitioned into four layers: Layer Example +-------------+ +-----------------------------+ | Content | | Configuration data | +-------------+ +-----------------------------+ | | +-------------+ +-----------------------------+ | Operations | | <get-config>, <edit-config> | +-------------+ +-----------------------------+ | | +-------------+ +-----------------------------+ | RPC | | <rpc>, <rpc-reply> | +-------------+ +-----------------------------+ | | +-------------+ +-----------------------------+ | Application | | BEEP, SSH, SSL, console | | Protocol | | | +-------------+ +-----------------------------+ This document defines a framework for sending asynchronous messages, or event notifications in NETCONF. It defines both the operations necessary to support this concept, and also discusses implications for the mapping to application protocols. Figure 1 1.1 Definition of Terms The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [3]. Element: An XML Element[XML]. Managed Entity: A node, which supports NETCONF[NETCONF] and has access to management instrumentation. This is also known as the NETCONF server. Managed Object: A collection of one of more Elements that define an abstract thing of interest. Chisholm, et al. Expires July 12, 2006 [Page 4] Internet-Draft NETCONF Event Notifications January 2006 1.2 Event Notifications in NETCONF An event is something that happens which may be of interest - a configuration change, a fault, a change in status, crossing a threshold, or an external input to the system, for example. Often this results in an asynchronous message, sometimes referred to as a notification or event notification, being sent out to interested parties to notify them that this event has occurred. This memo defines a mechanism whereby the NETCONF client indicates interest in receiving event notifications from a NETCONF server by creating a subscription to receive event notifications. The NETCONF server replies to indicate whether the subscription request was successful and, if it was successful, begins sending the event notifications to the NETCONF client as the events occur within the system. These event notifications will continue to be sent until either the NETCONF session is terminated or an explicit command to cancel the subscription is sent. The event notification subscription allows a number of options to enable the NETCONF client to specify which events are of interest. These are specified when the subscription is created, but can be modified later using a modify subscription command. Chisholm, et al. Expires July 12, 2006 [Page 5] Internet-Draft NETCONF Event Notifications January 2006 2. Event-Related Operations 2.1 Subscribing to receive Events The event notification subscription is initiated by the NETCONF client and responded to by the NETCONF server. When the event notification subscription is created, the events of interest are specified. It is possible to create more than one event notification subscription on a single underlying connection. Each event notification subscription therefore has its own unique identifier. Content for an event notification subscription can be selected by specifying which event classes are of interest and /or by applying user-specified filters. 2.1.1 create-subscription <create-subscription> Description: This command initiates an event notification subscription which will send asynchronous event notifications to the initiator of the command until the <cancel-subscription > command is sent. Parameters: Event Classes: An optional parameter that indicates which event classes are of interest. If not present, events of all classes will be sent. Filter: An optional parameter that indicates which subset of all possible events are of interest. The format of this parameter is the same as that of the filter parameter in the NETCONF protocol operations. If not present, all events not precluded by other parameters will be sent. These filter parameters can only be modified using the modify-subscription command. Named Profile Chisholm, et al. Expires July 12, 2006 [Page 6] Internet-Draft NETCONF Event Notifications January 2006 An optional parameter that points to a separately defined filter profile. If not present, no additional filtering will be applied. If the separate definition of these filters is updated, then these changes will be reflected in the filtered events on this subscription. Positive Response: If the NETCONF server can satisfy the request, the server sends an <rpc-reply> element containing a <data> element containing the subscription ID. Negative Response: An <rpc-error> element is included within the <rpc-reply> if the request cannot be completed for any reason. 2.2 Sending Event Notifications Once the subscription has been set up, the NETCONF server sends the event notifications asynchronously along the connection. Notifications are tagged with event classes, subscription ID, sequence number, and date and time. 2.2.1 Events Events <notification> Description: An event notification is sent to the initiator of an <create- subscription> command asynchronously when an event of interest to them has occurred. An event notification is a complete XML document. Parameters: Event Classes: The event class or classes associated with this event notification Chisholm, et al. Expires July 12, 2006 [Page 7] Internet-Draft NETCONF Event Notifications January 2006 Subscription Id: A unique identifier for this event subscription Sequence Number: A sequentially increasing number to uniquely identify event notifications for this subscription. It starts at 0, always increases by just one and rolls back to 0 after its maximum value is reached. Date and Time: The date and time that the event notification was sent by the NETCONF server. Positive Response: No response. Negative Response: No response. 2.2.1.1 Event Notification The NETCONF Event notification structure is shown in the following figure. _____________ |RPC-Header|| |__________|| |message-id|| |__________|| ____________________________________________________________________ || Event Header || Data | ||__________________________________________________________||______| || subscriptionId| eventClasses| sequenceNumber| dataAndTime|| | ||_______________|_____________|_______________|____________||______| 2.3 Changing the Subscription After an event notification subscription has been established, the NETCONF client can initiate a request to change properties of the event notification subscription. This prevents loss of event notifications that might otherwise occur during a tear down and Chisholm, et al. Expires July 12, 2006 [Page 8] Internet-Draft NETCONF Event Notifications January 2006 recreation of the event notification subscription. This command is responded to by the NETCONF server 2.3.1 modify-subscription <modify-subscription> Description: Change properties of the event notification subscription. Parameters: Subscription Id: A unique identifier for this event subscription. Event Classes: An optional parameter that indicates which Event Classes are of interest. If not present, events of all classes will be sent. Filter: An optional parameter that indicates which subset of all possible events that are of interest. The format is the same filter used for other NETCONF commands. If not present, all events not precluded by other parameters will be sent. These filter parameters can only be modified using the modify- subscription command. Named Profile: An optional parameter that points to separately defined filter profile. If not present, no additional filtering will be applied. If the separate definition of these filters is updated, then these changes will be reflected in the events seen on this subscription. Positive Response: If the NETCONF server was able to satisfy the request, an <rpc- reply> is sent that includes an <ok> element. Negative Response: Chisholm, et al. Expires July 12, 2006 [Page 9] Internet-Draft NETCONF Event Notifications January 2006 An <rpc-error> element is included within the <rpc-reply> if the request cannot be completed for any reason. 2.4 Terminating the Subscription Closing of the event notification subscription is initiated by the NETCONF client. The specific subscription to be closed is specified using a subscription ID. The NETCONF server responds. Note that the NETCONF session may also be torn down for other reasons and this will also result in the subscription being cancelled, but is not subjected to the behaviour of this command. 2.4.1 cancel-subscription <cancel-subscription> Description: Tear down the event notification subscription. Parameters: Subscription Id: A unique identifier for this event notification subscription. Positive Response: If the NETCONF server was able to satisfy the request, an <rpc- reply> is sent that includes an <ok> element. Negative Response: An <rpc-error> element is included within the <rpc-reply> if the request cannot be completed for any reason. Chisholm, et al. Expires July 12, 2006 [Page 10] Internet-Draft NETCONF Event Notifications January 2006 3. Supporting Concepts 3.1 Capabilities Exchange The ability to process and send event notifications is advertised during the capability exchange between the NETCONF client and server. "urn:ietf:params:xml:ns:netconf:notification:1.0" For Example <hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <capabilities> <capability> urn:ietf:params:xml:ns:netconf:base:1.0 </capability> <capability> urn:ietf:params:xml:ns:netconf:capability:startup:1.0 </capability> <capability> urn:ietf:params:xml:ns:netconf:notification:1.0 </capability> </capabilities> <session-id>4</session-id> </hello> 3.2 Querying Subscription Properties The following Schema can be used to retrieve information about active event notification subscriptions <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns= "urn:ietf:params:xml:ns:netconf:subscription:1.0" targetNamespace= "urn:ietf:params:xml:ns:netconf:subscription:1.0" xmlns:netconf= "urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:ncEvent= "urn:ietf:params:xml:ns:netconf:notification:1.0" elementFormDefault="qualified" attributeFormDefault="unqualified" xml:lang="en"> <annotation>52 Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page11]3] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006<documentation xml:lang="en"> Schema for reporting on Event Subscriptions </documentation> <appinfo> <nm:identity xmlns:nm="urn:ietf:params:xml:ns:netmod:base:1.0"> <nm:Name>NetConf State Schema</nm:Name> <nm:LastUpdated>2005-11-30T09:30:47-05:00 </nm:LastUpdated> <nm:Organization>IETF</nm:Organization> <nm:Description> A schema that1. Introduction NETCONF [NETCONF-PROTO] can beusedconceptually partitioned into four layers: Layer Example +-------------+ +----------------------------------------+ | Content | | Configuration data | +-------------+ +----------------------------------------+ | | +-------------+ +-------------------------------------------+ | Operations | | <get-config>, <edit-config> <notification>| +-------------+ +-------------------------------------------+ | | | +-------------+ +-----------------------------+ | | RPC | | <rpc>, <rpc-reply> | | +-------------+ +-----------------------------+ | | | | +-------------+ +------------------------------------------+ | Application | | BEEP, SSH, SSL, console | | Protocol | | | +-------------+ +------------------------------------------+ This document defines a framework for sending asynchronous messages, or event notifications in NETCONF. It defines both the operations necessary tolearn about current NetConf Event Subscriptions </nm:Description> </nm:identity> </appinfo> </annotation> <xs:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/> <xs:import namespace="urn:ietf:params:xml:ns:netconf:notification:1.0" schemaLocation="ietf-netconf-notification.xsd"/> <xs:import namespace="urn:ietf:params:xml:ns:netconf:base:1.0" schemaLocation="draft-ietf-netconf-prot-09.xsd"/> <xs:element name="netconfSubscription"> <xs:complexType> <xs:sequence maxOccurs="unbounded"> <xs:element name="session-id" type="netconf:SessionId" > <xs:annotation> <xs:documentation xml:lang="en"> The session id associated withsupport thissubscription. </xs:documentation> </xs:annotation> </xs:element> <xs:element name="subscriptionID" type="ncEvent:SubscriptionID" > <xs:annotation> <xs:documentation xml:lang="en">concept, and also discusses implications for the mapping to application protocols. Figure 1 1.1 Definition of Terms Thesubscription id associated withkey words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in thissubscription. </xs:documentation> </xs:annotation> </xs:element>document are to be interpreted as described in RFC 2119 [3]. Element: An XML Element[XML]. Managed Entity: A node, which supports NETCONF[NETCONF] and has access to management instrumentation. This is also known as the NETCONF server. Managed Object: A collection of one of more Elements that define an abstract thing of interest. Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page12]4] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006<xs:element name="eventClasses"> <xs:annotation> <xs:documentation xml:lang="en"> The1.2 Event Notifications in NETCONF An eventclasses associated with this subscription. </xs:documentation> </xs:annotation> <xs:complexType> <xs:sequence minOccurs="0" maxOccurs="unbounded"> <xs:element ref="ncEvent:EventClass"/> </xs:sequence> </xs:complexType> </xs:element> <xs:element name="filter" type="netconf:filterInlineType" minOccurs="0"> <xs:annotation> <xs:documentation xml:lang="en"> The filters associated with this subscription. </xs:documentation> </xs:annotation> </xs:element> <xs:element name="namedProfile" type="xs:string" minOccurs="0"> <xs:annotation> <xs:documentation xml:lang="en"> The named profile associated with this subscription. Noteis something thatthe contentshappens which may be of interest - a configuration change, a fault, a change in status, crossing a threshold, or an external input to thenamed profile may have changed since it was last applied </xs:documentation> </xs:annotation> </xs:element> <xs:element name="lastModified" type="xs:dateTime" > <xs:annotation> <xs:documentation xml:lang="en"> The last timesystem, for example. Often this results in an asynchronous message, sometimes referred to as a notification or event notification, being sent out to interested parties to notify them that this event has occurred. This memo defines a mechanism whereby the NETCONF client indicates interest in receiving event notifications from a NETCONF server by creating a subscription to receive event notifications. The NETCONF server replies to indicate whether the subscription request wasmodified. Ifsuccessful and, if ithas not been modified since creation, thiswas successful, begins sending the event notifications to the NETCONF client as the events occur within the system. These event notifications will continue to be sent until either the NETCONF session is terminated or an explicit command to cancel the subscription is sent. The event notification subscription allows a number of options to enable thetimeNETCONF client to specify which events are of interest. These are specified when the subscriptioncreation. </xs:documentation> </xs:annotation> </xs:element> <xs:element name="messagesSent" type="xs:integer" minOccurs="0"> <xs:annotation> <xs:documentation xml:lang="en">is created, but can be modified later using a modify subscription command. Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page13]5] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006A count of event notifications sent along this connection since the subscription was created. </xs:documentation> </xs:annotation> </xs:element> <xs:element name="lastSequenceNumber" type="xs:integer" minOccurs="0"> <xs:annotation> <xs:documentation xml:lang="en">2. Event-Related Operations 2.1 Subscribing to receive Events Thesequence number of the lastevent notificationsent to thissubscription</xs:documentation> </xs:annotation> </xs:element> <xs:key name="uniqueSubscription"> <xs:selector xpath=".//subscription"/> <xs:field xpath="session-id"/> <xs:field xpath="subscriptionID"/> </xs:key> </xs:sequence> </xs:complexType> </xs:element> </xs:schema> 3.3 RPC One-way Messages In orderis initiated by the NETCONF client and responded tosupportby the NETCONF server. When theconcept that each individualevent notification subscription is created, the events of interest are specified. It is possible to create more than one event notification subscription on awell-defined XML-document thatsingle underlying connection. Each event notification subscription therefore has its own unique identifier. Content for an event notification subscription can beprocessed without waiting for all events to come in, it makes sense to define events, not asselected by specifying which event classes are of interest and /or by applying user-specified filters. 2.1.1 create-subscription <create-subscription> Description: This command initiates anendless reply to aevent notification subscriptioncommand, but as independent messageswhich will send asynchronous event notifications to the initiator of the command until the <cancel-subscription > command is sent. Parameters: Event Classes: An optional parameter that indicates which event classes are of interest. If not present, events of all classes will be sent. Filter: An optional parameter thatoriginate from the NETCONF server. In order to support this model, this memo introduces the conceptindicates which subset ofa one-way RPC message.all possible events are of interest. Theone-way RPC messageformat of this parameter issimilar tothetwo-way RPC message, exceptsame as thatno response is expected to the command. In the caseofevent notification, this RPC will originate fromthe filter parameter in the NETCONFserver, andprotocol operations. If not present, all events not precluded by other parameters will be sent. These filter parameters can only be modified using theNETCONF client. 3.4 User-Specified Filters Note that when multiple filters are specified, they are appliedmodify-subscription command. Named Profile Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page14]6] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006collectively, so event notifications needs to pass all specified filters in order to be sent to the subscriber. If a filter is specified to look for data of a particular value, and the data item is not present within a particular event for its value to be checked, it will be filtered out. For example, if one were to check for 'severity=critical' in a configuration event notification where this field was not supported, then the notification would be filtered out. 3.4.1 Named Profiles A named profile is a filter that is created ahead of time and applied at the time an event notification subscription is created or modified. Note that changes to the profile after the subscription has been created will have no effect unless a modify subscription command is issued. Since named profiles exist outsideAn optional parameter that points to a separately defined filter profile. The contents of thesubscription, they persist afterprofile are specified in thesubscription has been cancelled. 3.4.2 Filtering Just-in-timeprovided XML Schema. If not present, no additional filteringis explicitly stated whenwill be applied. If theevent notification subscriptionseparate definition of these filters iscreated. It can onlyupdated, then these changes will bechanged usingreflected in the filtered events on this subscription. Positive Response: If the NETCONF server can satisfy the request, the server sends an <rpc-reply> element containing a <data> element containing themodifysubscriptioncommand. ThisID. Negative Response: An <rpc-error> element isspecified viaincluded within theFilter parameter. Filters only exist as parameters to<rpc-reply> if thesubscription. 3.5 Event Classes Events canrequest cannot bebroadly classified into one more event classes. Each event class identifies acompleted for any reason. 2.2 Sending Event Notifications Once the subscription has been setofup, the NETCONF server sends the event notificationswhich share important characteristics, such being generated from similar events or sharing much ofasynchronously along thesame content. The initial set of event classes is fault, configuration, state, audit, data, maintenance, metrics, security, information and heartbeat. A fault event notification is generated when a fault condition (error or warning) occurs. A faultconnection. Notifications are tagged with eventmay result in an alarm. Examples of fault events could be a communications alarm, environmental alarm, equipment alarm, processing error alarm, quality of service alarm, or a threshold crossing event. See RFC3877 and RFC2819 for more information. A configuration event, alternatively known as an inventory event,classes, subscription ID, sequence number, and date and time. 2.2.1 Event Notification <notification> Description: An event notification isusedsent tonotify that hardware, software, or a servicethe initiator of an <create- subscription> command asynchronously when an event of interest (i.e. meeting the specified filtering criteria) to them hasbeen added/ changed/removed. In keeping aligned with NETCONF protocol operations, configuration events may included copy configuration event, delete configuration event,occurred. An event notification is a complete XML document. Parameters: Event Classes: The event class orthe edit configurationclasses associated with this event(create, delete, merge, replace).notification Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page15]7] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006 Subscription Id: Astateunique identifier for this eventindicates a change fromsubscription Sequence Number: A sequentially increasing number to uniquely identify event notifications for this subscription. It starts at 0, always increases by just onestateand rolls back toanother, where a state0 after its maximum value isa condition or stage inreached. Date and Time: The date and time that theexistence of a managed entity. State change events are seen in many specifications. For Entity state changes, see [Entity-State-MIB] for more information. Audit events provide event of very specific actions within a managed device. In isolation an audit events provides very limited data. A collection of audit information forms an audit trail. A data dumpevent notification was sent by the NETCONF server. Positive Response: No response. Negative Response: No response. 2.2.1.1 Event Notification The NETCONF Event notification structure is shown in the following figure. ___________________________________________________________________ || Notification Header || Data | ||__________________________________________________________||______| || subscriptionId| eventClasses| sequenceNumber| dateAndTime|| | ||_______________|_____________|_______________|____________||______| 2.3 Changing the Subscription After anasynchronouseventcontaining information aboutnotification subscription has been established, the NETCONF client can initiate asystem, its configuration, state, etc. A maintenance event signalsrequest to change properties of thebeginning, process or endevent notification subscription. This prevents loss ofan action either generated by a manual or automated maintenance action. A metricseventcontains a metric ornotifications that might otherwise occur during acollectioncancelling and recreation ofmetrics.the event notification subscription. Thisincludes performance metrics.command is responded to by the NETCONF server Chisholm, et al. Expires October 30, 2006 [Page 8] Internet-Draft NETCONF Event Notifications April 2006 2.3.1 modify-subscription <modify-subscription> Description: Change properties of the event notification subscription. Parameters: Subscription Id: Aheart beatunique identifier for this event subscription. Event Classes: An optional parameter that indicates which Event Classes are of interest. If not present, events of all classes will be sent. Filter: An optional parameter that indicates which subset of all possible events that are of interest. The format issent periodically to enable testingthe same filter used for other NETCONF commands. If not present, all events not precluded by other parameters will be sent. These filter parameters can only be modified using the modify- subscription command. Named Profile: An optional parameter that points to separately defined filter profile. The contents of thecommunications channelprofile are specified in provided XML Schema. If not present, no additional filtering will be applied. If the separate definition of these filters isstill functional. It behaves much likeupdated, then these changes will be reflected in the events seen on this subscription. Positive Response: If theother event classes, withNETCONF server was able to satisfy theexceptionrequest, an <rpc- reply> is sent thatimplementations may not want to includeincludes anevent log,<ok> element. Negative Response: Chisholm, et al. Expires October 30, 2006 [Page 9] Internet-Draft NETCONF Event Notifications April 2006 An <rpc-error> element is included within the <rpc-reply> ifsupported. Although widely used throughouttheindustry, no current corresponding work withinrequest cannot be completed for any reason. 2.4 Terminating theIETF. However, other standards bodies such asSubscription Closing of theTeleManagement Forum have similar definitions. An Informationevent notification subscription issomething that happens of interest which is within the expected operational behaviour and not otherwise covered by another class. 3.6 Defining Event Notifications Event Notifications are defined ahead of timeinitiated bydefining an XML element and assigning itthe NETCONF client. The specific subscription toparticular event classes. This willbedoneclosed is specified usingan "eventClasses" attribute. 3.7 Interleaving Messages While eacha subscription ID. The NETCONFmessage mustserver responds. Note that the NETCONF session may also bea complete XML document,torn down for other reasons and this will also result in thedesignsubscription being cancelled, but is not subjected to the behaviour of this command. 2.4.1 cancel-subscription <cancel-subscription> Description: Stop and delete the eventsystem allowsnotification subscription. Parameters: Subscription Id: A unique identifier forthe interleaving of complete asynchronousthis eventnotifications with complete synchronous messages. It is possiblenotification subscription. Positive Response: If the NETCONF server was able tostill send command-response type messages such as <modify-subscription> while events are being generated. The only restrictionsatisfy the request, an <rpc- reply> is sent thateach message mustincludes an <ok> element. Negative Response: An <rpc-error> element is included within the <rpc-reply> if the request cannot becompletecompleted for any reason. Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page16]10] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006 3. Supporting Concepts 3.1 Capabilities Exchange Thefollowing sequence diagram demonstrates an example NETCONF session where after basic session establishmentability to process and send event notifications is advertised during the capabilityexchange,exchange between the NETCONF client(C), subscribesand server. "urn:ietf:params:xml:ns:netconf:notification:1.0" For Example <hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <capabilities> <capability> urn:ietf:params:xml:ns:netconf:base:1.0 </capability> <capability> urn:ietf:params:xml:ns:netconf:capability:startup:1.0 </capability> <capability> urn:ietf:params:xml:ns:netconf:notification:1.0 </capability> </capabilities> <session-id>4</session-id> </hello> 3.2 Querying Subscription Properties The following Schema can be used toreceiveretrieve information about active eventnotifications.notification subscriptions <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:nsub="urn:ietf:params:xml:ns:netconf:subscription:1.0" targetNamespace= "urn:ietf:params:xml:ns:netconf:subscription:1.0" xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:ncEvent= "urn:ietf:params:xml:ns:netconf:notification:1.0" xmlns:nm="urn:ietf:params:xml:ns:netconf:appInfo:1.0" elementFormDefault="qualified" attributeFormDefault="unqualified" xml:lang="en"> <xs:annotation> <xs:documentation xml:lang="en"> Schema for reporting on Event Subscriptions </xs:documentation> Chisholm, et al. Expires October 30, 2006 [Page 11] Internet-Draft NETCONF Event Notifications April 2006 <xs:appinfo> <nm:identity xmlns:nm="urn:ietf:params:xml:ns:netmod:base:1.0"> <nm:Name>NetConfStateSchema</nm:Name> <nm:LastUpdated>2006-04-30T09:30:47-05:00 </nm:LastUpdated> <nm:Organization>IETF</nm:Organization> <nm:Description> A schema that can be used to learn about current NetConf Event subscriptions and creating named profiles </nm:Description> </nm:identity> </xs:appinfo> </xs:annotation> <xs:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/> <xs:import namespace="urn:ietf:params:xml:ns:netconf:notifications:1.0" schemaLocation="draft-ietf-netconf-notification-01.xsd"/> <xs:import namespace="urn:ietf:params:xml:ns:netconf:base:1.0" schemaLocation="draft-ietf-netconf-prot-12.xsd"/> <xs:element name="netconfSubscription"> <xs:annotation> <xs:appinfo> <nm:minAccess><read/></nm:minAccess> <nm:maxAccess><read/></nm:maxAccess> </xs:appinfo> </xs:annotation> <xs:complexType> <xs:sequence maxOccurs="unbounded"> <xs:element name="session-id" type="netconf:SessionId" > <xs:annotation> <xs:documentation xml:lang="en"> The session id associated with this subscription. </xs:documentation> </xs:annotation> </xs:element> <xs:element name="subscriptionID" type="ncEvent:SubscriptionID" > <xs:annotation> <xs:documentation xml:lang="en"> Chisholm, et al. Expires October 30, 2006 [Page 12] Internet-Draft NETCONFserver (S), starts sendingEvent Notifications April 2006 The subscription id associated with this subscription. </xs:documentation> </xs:annotation> </xs:element> <xs:element name="eventClasses"> <xs:annotation> <xs:documentation xml:lang="en"> The eventnotifications as events of interest happen within the system.classes associated with this subscription. </xs:documentation> </xs:annotation> <xs:complexType> <xs:sequence minOccurs="0" maxOccurs="unbounded"> <xs:element ref="ncEvent:EventClass"/> </xs:sequence> </xs:complexType> </xs:element> <xs:element name="filter" type="netconf:filterInlineType" minOccurs="0"> <xs:annotation> <xs:documentation xml:lang="en"> TheNETCONF client decides to change the characteristics of their event subscription so sends a <modify-subscription> command. Before the NETCONF server, receivesfilters associated with thiscommand, another event is generated and the NETCONF server starts to send the event notification.subscription. </xs:documentation> </xs:annotation> </xs:element> <xs:element name="namedProfile" type="xs:string" minOccurs="0"> <xs:annotation> <xs:documentation xml:lang="en"> TheNETCONF server finishes sendingnamed profile associated with thisevent notification before processingsubscription. Note that the<modify-subscription> command and sendingcontents of thereply. C S | | | capability exchange | |-------------------------->| |<------------------------->| | | | <create-subscription> | |-------------------------->| |<--------------------------| | | | <notification> | |<--------------------------| | | | <notification> | |<--------------------------| | | | <modify-subscription> | |-------------------------->| (buffered) | <notification> | |<--------------------------| | <rpc-reply> | |<--------------------------|named profile may have changed since it was last applied. </xs:documentation> </xs:annotation> <xs:keyref name="namedProfileKeyRef" refer="nsub:namedProfileKey"> <xs:selector xpath=".//namedProfile"/> <xs:field xpath="namedProfile"/> </xs:keyref> </xs:element> <xs:element name="lastModified" type="xs:dateTime" > <xs:annotation> <xs:documentation xml:lang="en"> The last time this subscription was modified. If it has Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page17]13] Internet-Draft NETCONF Event NotificationsJanuaryApril 20064. XML Schema for Event Notifications <?xml version="1.0" encoding="UTF-8"?> <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0" xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0" targetNamespace="urn:ietf:params:xml:ns:netconf:notification:1.0" elementFormDefault="qualified" attributeFormDefault="unqualified" xml:lang="en"> <!-- import standard XML definitions --> <xs:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"> <xs:annotation> <xs:documentation> This import accesses the xml: attribute groups fornot been modified since creation, this is thexml:lang as declared ontime of subscription creation. </xs:documentation> </xs:annotation> </xs:element> <xs:element name="messagesSent" type="xs:integer" minOccurs="0"> <xs:annotation> <xs:documentation xml:lang="en"> A count of event notifications sent along this connection since theerror-message element.subscription was created. </xs:documentation> </xs:annotation></xs:import> <!-- import base netconf definitions --> <xs:import namespace="urn:ietf:params:xml:ns:netconf:base:1.0" schemaLocation="urn:ietf:params:xml:ns:netconf:base:1.0" /> <!-- ************** Type definitions ***********************--> <xs:simpleType name="SubscriptionID"></xs:element> <xs:element name="lastSequenceNumber" type="xs:integer" minOccurs="0"> <xs:annotation><xs:documentation><xs:documentation xml:lang="en"> Theunique identifier forsequence number of the last event notification sent to thisparticularsubscriptionwithin the session.</xs:documentation> </xs:annotation><xs:restriction base="xs:string"/> </xs:simpleType> <xs:simpleType name="SequenceNumber"></xs:element> <xs:element name="key"> <xs:key name="uniqueSubscription"> <xs:selector xpath=".//subscription"/> <xs:field xpath="session-id"/> <xs:field xpath="subscriptionID"/> </xs:key> </xs:element> </xs:sequence> </xs:complexType> </xs:element> <xs:element name="netconfSubscriptions"> <xs:complexType> <xs:sequence> <xs:element ref="nsub:netconfSubscription" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> </xs:complexType> </xs:element> <xs:element name="namedProfile"> <xs:annotation><xs:documentation> A monotonically increasing integer. Starts at 0. Always increases by just one. Roll back to 0 after maximum value is reached. </xs:documentation>Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page18]14] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006 <xs:appinfo> <nm:minAccess><read/></nm:minAccess> <nm:maxAccess><read/> <write/> <create/> <delete/> </nm:maxAccess> </xs:appinfo> </xs:annotation><xs:restriction base="xs:integer"/> </xs:simpleType> <xs:complexType name="EventClassType"/> <xs:element name="EventClass" type="EventClassType" abstract="true"/> <xs:element name="fault" type="EventClassType" substitutionGroup="EventClass"/> <xs:element name="information" type="EventClassType" substitutionGroup="EventClass"/> <xs:element name="state" type="EventClassType" substitutionGroup="EventClass"/> <xs:element name="configuration" type="EventClassType" substitutionGroup="EventClass"/> <xs:element name="data" type="EventClassType" substitutionGroup="EventClass"/> <xs:element name="maintenance" type="EventClassType" substitutionGroup="EventClass"/> <xs:element name="metrics" type="EventClassType" substitutionGroup="EventClass"/><xs:complexType> <xs:sequence> <xs:elementname="security" type="EventClassType" substitutionGroup="EventClass"/>name="name"/> <xs:elementname="heartbeat" type="EventClassType" substitutionGroup="EventClass"/> <xs:complexType name="EventClasses">name="eventClasses"> <xs:annotation> <xs:documentation xml:lang="en"> The event classes associated with this named Profile. </xs:documentation> </xs:annotation> <xs:complexType> <xs:sequence minOccurs="0" maxOccurs="unbounded"> <xs:elementref="EventClasses" />ref="ncEvent:EventClass"/> </xs:sequence> </xs:complexType><!-- ************** Symmetrical Operations ********************--> <!-- <create-subscription> operation --> <xs:complexType name="createSubscriptionType"> <xs:complexContent> <xs:extension base="netconf:rpcOperationType"> <xs:sequence></xs:element> <xs:elementname="event-classes"name="filter" type="netconf:filterInlineType" minOccurs="0"><xs:complexType> <xs:complexContent><xs:annotation> <xs:documentation xml:lang="en"> The filters associated with this named Profile. </xs:documentation> </xs:annotation> </xs:element> <xs:element name="lastModified" type="xs:dateTime"> <xs:annotation> <xs:documentation> The timestamp of the last modification to this named Profile. Note that modification of the profile does not cause an immediate update to all applicable subscription. Therefore, this time should be compared with the last modified time associated with the subscription. If this time is earlier, then the subscription is using the exact set of parameters associated with this named profile. If this time is later, then the subscription is using an earlier version of this named profile and the exact parameters may not match. </xs:documentation> Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page19]15] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006<xs:extension base="EventClasses"/> </xs:complexContent> </xs:complexType><xs:appinfo> <nm:minAccess><read/></nm:minAccess> <nm:maxAccess><read/> </nm:maxAccess> </xs:appinfo> </xs:annotation> </xs:element> <xs:elementname="filter" type="netconf:filterInlineType" minOccurs="0"/> <xs:element name="named-profile" type="xs:string" minOccurs="0"/> </xs:sequence> </xs:extension> </xs:complexContent> </xs:complexType> <xs:element name="create-subscription" type="createSubscriptionType" substitutionGroup="netconf:rpcOperation"/> <!-- <modify-subscription> operation --> <xs:complexType name="modifySubscriptionType"> <xs:complexContent> <xs:extension base="netconf:rpcOperationType"> <xs:sequence> <xs:element name="subscription-id" type="SubscriptionID"name="key"> <xs:key name="namedProfileKey"> <xs:selector xpath="*/name" /><xs:element name="event-classes" minOccurs="0"> <xs:complexType> <xs:complexContent> <xs:extension base="EventClasses"/> </xs:complexContent> </xs:complexType><xs:field xpath="name" /> </xs:key> </xs:element><xs:element name="filter" type="netconf:filterInlineType" minOccurs="0"/> <xs:element name="named-profile" type="xs:string" minOccurs="0"/></xs:sequence></xs:extension> </xs:complexContent></xs:complexType> </xs:element> <xs:elementname="modify-subscription" type="modifySubscriptionType" substitutionGroup="netconf:rpcOperation"/> <!-- <cancel-subscription> operation Chisholm, et al. Expires July 12, 2006 [Page 20] Internet-Draft NETCONF Event Notifications January 2006 --> <xs:complexType name="cancelSubscriptionType"> <xs:complexContent> <xs:extension base="netconf:rpcOperationType">name="namedProfiles"> <xs:complexType> <xs:sequence> <xs:elementname="subscription-id" type="SubscriptionID"ref="nsub:namedProfile" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence></xs:extension> </xs:complexContent></xs:complexType><xs:element name="cancel-subscription" type="cancelSubscriptionType" substitutionGroup="netconf:rpcOperation"/> <!-- **************</xs:element> </xs:schema> 3.3 One-wayOperations ******************--> <xs:complexType name="rpcOneWayType"> <xs:group ref="rpc-one-way"/> <xs:attribute name="message-id" type="xs:string" use="optional"/> </xs:complexType> <xs:group name="rpc-one-way"> <xs:sequence> <xs:element name="data" type="netconf:dataInlineType" minOccurs="0"/> </xs:sequence> </xs:group> <!-- <Event> operation --> <xs:complexType name="NotificationType"> <xs:complexContent> <xs:extension base="rpcOneWayType"> <xs:sequence> <xs:element name="subscription-id" type="SubscriptionID"/> <xs:element name="event-classes" type="EventClasses"/> <xs:element name="sequence-number" type="SequenceNumber"/> <xs:element name="date-time" type="xs:dateTime"> <xs:annotation> <xs:documentation> The dateNotification Messages In order to support the concept that each individual event notification is a well-defined XML-document that can be processed without waiting for all events to come in, it makes sense to define events, not as an endless reply to a subscription command, but as independent messages that originate from the NETCONF server. In order to support this model, this memo introduces the concept of notifications, which are one-way messages. A one-way message is similar to the two-way RPC message, except that no response is expected to the command. In the case of event notification, this message will originate from the NETCONF server, and not the NETCONF client. 3.4 Filter Dependencies Note that when multiple filters are specified (Event Class, in-line Chisholm, et al. Expires October 30, 2006 [Page 16] Internet-Draft NETCONF Event Notifications April 2006 Filter, Named Profiles), they are applied collectively, so event notifications needs to pass all specified filters in order to be sent to the subscriber. If a filter is specified to look for data of a particular value, and the data item is not present within a particular event notification for its value to be checked against, it will be filtered out. For example, if one were to check for 'severity=critical' in a configuration event notification where this field was not supported, then the notification would be filtered out. 3.4.1 Named Profiles A named profile is a filter that is created ahead of time and applied at the time an event notification subscription is created or modified. Note that changes to the profile after the subscription has been created will have no effect unless a modify subscription command is issued. Since named profiles exist outside of the subscription, they persist after the subscription has been cancelled. 3.4.2 Filtering Just-in-time filtering is explicitly stated when the event notification subscription is created. These filters can only be changed using the modify subscription command. This is specified via the Filter parameter. Filters only exist as parameters to the subscription. 3.5 Event Classes Events can be broadly classified into one more event classes. Each event class identifies a set of event notifications which share important characteristics, such being generated from similar events or sharing much of the same content. The initial set of event classes is fault, configuration, state, audit, data, maintenance, metrics, security, information, heartbeat and syslog. A fault event notificationwas sent by the netconf server. </xs:documentation> Chisholm, et al. Expires July 12, 2006 [Page 21] Internet-Draftis generated when a fault condition (error or warning) occurs. A fault event may result in an alarm. Examples of fault events could be a communications alarm, environmental alarm, equipment alarm, processing error alarm, quality of service alarm, or a threshold crossing event. See RFC3877 and RFC2819 for more information. A configuration event, alternatively known as an inventory event, is used to notify that hardware, software, or a service has been added/ changed/removed. In keeping aligned with NETCONFEvent Notifications January 2006 </xs:annotation> </xs:element> </xs:sequence> </xs:extension> </xs:complexContent> </xs:complexType> <xs:element name="notification" type="NotificationType"/> </xs:schema>protocol operations, configuration events may included copy configuration Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page22]17] Internet-Draft NETCONF Event NotificationsJanuaryApril 20065. Mappingevent, delete configuration event, or the edit configuration event (create, delete, merge, replace). A state event indicates a change from one state toApplication Protocols Currently,another, where a state is a condition or stage in theNETCONF familyexistence ofspecification allowsa managed entity. State change events are seen in many specifications. For Entity state changes, see [Entity-State-MIB] forrunning NETCONF overmore information. Audit events provide event of very specific actions within anumbermanaged device. In isolation an audit events provides very limited data. A collection ofapplication protocols, someaudit information forms an audit trail. A data dump event is an asynchronous event containing information about a system, its configuration, state, etc. A maintenance event signals the beginning, process or end ofwhich support multiple configurations. Somean action either generated by a manual or automated maintenance action. A metrics event contains a metric or a collection ofthese options will be better suited for supportingmetrics. This includes performance metrics. A heart beat eventnotifications then others. 5.1 SSH Session establishment and two-way messages are based onis sent periodically to enable testing that theNETCONF over SSH transport mapping [NETCONF-SSH] One-way messages are supported as follows: Oncecommunications channel is still functional. It behaves much like thesession has been established and capabilities have been exchanged,other event classes, with theserverexception that implementations maysend complete XML documentsnot want to include an event log, if supported. Although widely used throughout theNETCONF client containing rpc-one-way elements. No response is expected from the NETCONF client. Asindustry, no current corresponding work within the IETF. However, otherexamples in [NETCONF-SSH] illustrate, a special character sequence, MUST be sent by bothstandards bodies such as theclient andTeleManagement Forum have similar definitions. An Information event is something that happens of interest which is within theserver after each XML document inexpected operational behaviour and not otherwise covered by another class. The syslog event class is used to indicate tunneled syslog content. The content and format of theNETCONF exchange. This character sequence cannot legally appear inmessage will be compliant to syslog standards. 3.6 Defining Event Notifications Event Notifications are defined ahead of time by defining an XMLdocument, soelement and assigning itcan be unambiguously usedtoidentify the end of the current document in theparticular eventnotification ofclasses. This will be done using an "eventClasses" attribute. 3.7 Interleaving Messages While each NETCONF message must be a complete XMLsyntax or parsing error, allowing resynchronizationdocument, the design of theNETCONF exchange. The NETCONF over SSH session to receive aneventnotification might look like this:system allows for the interleaving of complete asynchronous event notifications with complete synchronous messages. Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page23]18] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006<?xml version="1.0" encoding="UTF-8"?> <rpc-one-way message-id="105" xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> <notification> <subscription-id>123456</subscription-id> <event-class><configuration/><audit/></event-classes> <sequence-number>2</sequence-number> <date-time>2000-01-12T12:13:14Z</date-time> <data> <user>Fred Flinstone</user> <operation> <edit-config> <target> <running/> </target> <config> <top xmlns="http://example.com/schema/1.2/config"> <interface> <name>Ethernet0/0</name> <mtu>1500</mtu> </interface> </top> </config> </edit-config> </operation> </data> </notification> </rpc-one-way> ]]> ]]> 5.2 BEEP Session establishment and two-wayIt is possible to still send command-response type messages such as <modify-subscription> while events arebased onbeing generated. The only restriction is that each message must be complete The following sequence diagram demonstrates an example NETCONF session where after basic session establishment and capability exchange, NETCONF client (C), subscribes to receive event notifications. The NETCONF server (S), starts sending event notifications as events of interest happen within the system. The NETCONFover BEEP transport mapping NETCONF-BEEP 5.2.1 One-way Messages in Beep One-way messages can be supported either by mappingclient decides to change theexisting one-to-many BEEP construct orcharacteristics of their event subscription bycreatingsending anew one-to-none construct. This area<modify-subscription> command. Before the NETCONF server, receives this command, another event isfor future study. 5.2.1.1 One-way messages viagenerated and theOne-to-many Construct Messages in one-to-many exchanges: "rcp", "rpc-one-way", "rpc-reply"NETCONF server starts to send the event notification. The NETCONF server finishes sending this event notification before processing the <modify-subscription> command and sending the reply. C S | | | capability exchange | |-------------------------->| |<------------------------->| | | | <create-subscription> | |-------------------------->| |<--------------------------| | | | <notification> | |<--------------------------| | | | <notification> | |<--------------------------| | | | <modify-subscription> | |-------------------------->| (buffered) | <notification> | |<--------------------------| | <rpc-reply> | |<--------------------------| Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page24]19] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006Messages in positive replies: "rpc-reply", "rpc-one-way" 5.2.1.2 One-way messages via the One-to-none Construct Note that this construct would need to be added to an extension or update to 'The Blocks Extensible Exchange Protocol Core' RFC 3080. MSG/NoANS: the client sends a "MSG" message,4. XML Schema for Event Notifications <?xml version="1.0" encoding="UTF-8"?> <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0" xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0" targetNamespace="urn:ietf:params:xml:ns:netconf:notification:1.0" elementFormDefault="qualified" attributeFormDefault="unqualified" xml:lang="en"> <!-- import standard XML definitions --> <xs:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"> <xs:annotation> <xs:documentation> This import accesses theserver, sends no reply. In one-to-none exchanges, no reply toxml: attribute groups for the"MSG" message is expected. 5.3 SOAP Session management and message exchange are basedxml:lang as declared on theNETCONF over SOAP transport mapping NETCONF-SOAP Note that the use of "persistent connections" "chunked transfer- coding" when using HTTP becomes even more important in the supporting of event notifications 5.3.1 A NETCONF over Soap over HTTP Example C: POST /netconf HTTP/1.1 C: Host: netconfdevice C: Content-Type: text/xml; charset=utf-8 C: Accept: application/soap+xml, text/* C: Cache-Control: no-cache C: Pragma: no-cache C: Content-Length: 465 C: C: <?xml version="1.0" encoding="UTF-8"?> C: <soapenv:Envelope C: xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope"> C: <soapenv:Body> C: <rpc message-id="101" C: xmlns= "xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> C: <create-subscription> C: </create-subscription> C: </rpc> C: </soapenv:Body> C: </soapenv:Envelope> The response: S: HTTP/1.1 200 OK S: Content-Type: application/soap+xml; charset=utf-8error-message element. </xs:documentation> </xs:annotation> </xs:import> <!-- import base netconf definitions --> <xs:import namespace="urn:ietf:params:xml:ns:netconf:base:1.0" schemaLocation="urn:ietf:params:xml:ns:netconf:base:1.0" /> <!-- ************** Type definitions ***********************--> <xs:simpleType name="SubscriptionID"> <xs:annotation> <xs:documentation> The unique identifier for this particular subscription within the session. </xs:documentation> </xs:annotation> <xs:restriction base="xs:string"/> </xs:simpleType> <xs:simpleType name="SequenceNumber"> <xs:annotation> <xs:documentation> A monotonically increasing integer. Starts at 0. Always increases by just one. Roll back to 0 after maximum value is reached. </xs:documentation> Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page25]20] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006S: Content-Length: 917 S: S: <?xml version="1.0" encoding="UTF-8"?> S: <soapenv:Envelope S: xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope"> S: <soapenv:Body> S: <rpc-reply message-id="101" S: xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> S: <data> S: <top xmlns= "http://example.com/schema/1.2/notification"> S: <subscriptionId>123456</subscriptionId> S: </top> S: </data> S: </rpc-reply> S: </soapenv:Body> S: </soapenv:Envelope> And then some time later S: HTTP/1.1 200 OK S: Content-Type: application/soap+xml; charset=utf-8 S: Content-Length: 917 S: S: <?xml version="1.0" encoding="UTF-8"?> S: <soapenv:Envelope S: xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope"> S: <soapenv:Body> S: <rpc-one-way message-id="101" S: xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> S: <data> S: <notification> S: <subscriptionID>123456</subscriptionID> S: <eventClass><configuration/><audit/></eventClass> S: <sequenceNumber>2</sequenceNumber> S: <dateAndTime>2000-01-12T12:13:14Z</dateAndTime> S: <data> S: <user>Fred Flinstone</user> S: <operation> S: <edit-config> S: <target> S: <running/> S: </target> S: <config> S: <top xmlns="http://example.com/schema/1.2/config"> S: <interface> S: <name>Ethernet0/0</name> S: <mtu>1500</mtu></xs:annotation> <xs:restriction base="xs:integer"/> </xs:simpleType> <xs:complexType name="EventClassType"/> <xs:element name="EventClass" type="EventClassType" abstract="true"/> <xs:element name="fault" type="EventClassType" substitutionGroup="EventClass"/> <xs:element name="information" type="EventClassType" substitutionGroup="EventClass"/> <xs:element name="state" type="EventClassType" substitutionGroup="EventClass"/> <xs:element name="configuration" type="EventClassType" substitutionGroup="EventClass"/> <xs:element name="data" type="EventClassType" substitutionGroup="EventClass"/> <xs:element name="maintenance" type="EventClassType" substitutionGroup="EventClass"/> <xs:element name="metrics" type="EventClassType" substitutionGroup="EventClass"/> <xs:element name="security" type="EventClassType" substitutionGroup="EventClass"/> <xs:element name="heartbeat" type="EventClassType" substitutionGroup="EventClass"/> <xs:complexType name="EventClasses"> <xs:sequence maxOccurs="unbounded"> <xs:element ref="EventClasses" /> </xs:sequence> </xs:complexType> <!-- ************** Symmetrical Operations ********************--> <!-- <create-subscription> operation --> <xs:complexType name="createSubscriptionType"> <xs:complexContent> <xs:extension base="netconf:rpcOperationType"> <xs:sequence> <xs:element name="event-classes" minOccurs="0"> <xs:complexType> <xs:complexContent> Chisholm, et al. ExpiresJuly 12, 2006 [Page 26] Internet-Draft NETCONF Event Notifications January 2006 S: </interface> S: </top> S: </config> S: </edit-config> S: </operation> S: </data> S: </notification> S: </data> S: </rpc-one-way> S: </soapenv:Body> S: </soapenv:Envelope>October 30, 2006 [Page 21] Internet-Draft NETCONF Event Notifications April 2006 <xs:extension base="EventClasses"/> </xs:complexContent> </xs:complexType> </xs:element> <xs:element name="filter" type="netconf:filterInlineType" minOccurs="0"/> <xs:element name="named-profile" type="xs:string" minOccurs="0"/> </xs:sequence> </xs:extension> </xs:complexContent> </xs:complexType> <xs:element name="create-subscription" type="createSubscriptionType" substitutionGroup="netconf:rpcOperation"/> <!-- <modify-subscription> operation --> <xs:complexType name="modifySubscriptionType"> <xs:complexContent> <xs:extension base="netconf:rpcOperationType"> <xs:sequence> <xs:element name="subscription-id" type="SubscriptionID" /> <xs:element name="event-classes" minOccurs="0"> <xs:complexType> <xs:complexContent> <xs:extension base="EventClasses"/> </xs:complexContent> </xs:complexType> </xs:element> <xs:element name="filter" type="netconf:filterInlineType" minOccurs="0"/> <xs:element name="named-profile" type="xs:string" minOccurs="0"/> </xs:sequence> </xs:extension> </xs:complexContent> </xs:complexType> <xs:element name="modify-subscription" type="modifySubscriptionType" substitutionGroup="netconf:rpcOperation"/> <!-- <cancel-subscription> operation Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page27]22] Internet-Draft NETCONF Event NotificationsJanuaryApril 20066. Filtering examples The following section provides examples to illustrate the various methods of filtering content on an event notification subscription. 6.1 Event Classes The following example illustrates selecting all event notifications for EventClasses fault, state or config <rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:event:1.0"> <create-subscription> <eventClasses> <fault/> <state/> <config/> </eventClasses> </create-subscription> </rpc> 6.2 Subtree Filtering XML subtree filtering is not well suited for creating elaborate filter definitions given that it only supports equality comparisons (e.g. in the event subtree give me all event notifications which have severity=critical or severity=major or severity=minor). Nevertheless, it may be used for defining simple notification forwarding filters as shown below. The following example illustrates selecting fault EventClass which have severities of critical, major, or minor. The filtering criteria evaluation is as follows: ((fault) & ((severity=critical) | (severity=major) | (severity = minor)))--> <xs:complexType name="cancelSubscriptionType"> <xs:complexContent> <xs:extension base="netconf:rpcOperationType"> <xs:sequence> <xs:element name="subscription-id" type="SubscriptionID" /> </xs:sequence> </xs:extension> </xs:complexContent> </xs:complexType> <xs:element name="cancel-subscription" type="cancelSubscriptionType" substitutionGroup="netconf:rpcOperation"/> <!-- ************** One-way Operations ******************--> <!-- <Event> operation --> <xs:complexType name="NotificationType"> <xs:complexContent> <xs:sequence> <xs:element name="subscription-id" type="SubscriptionID"/> <xs:element name="event-classes" type="EventClasses"/> <xs:element name="sequence-number" type="SequenceNumber"/> <xs:element name="date-time" type="xs:dateTime"> <xs:annotation> <xs:documentation> The date and time that the event notification was sent by the netconf server. </xs:documentation> </xs:annotation> </xs:element> </xs:sequence> </xs:extension> </xs:complexContent> </xs:complexType> <xs:element name="notification" type="NotificationType"/> </xs:schema> Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page28]23] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:event:1.0"> <create-subscription> <eventClasses> <fault/> </eventClasses> <netconf:filter type="subtree"> <neb xmlns="urn:ietf:params:xml:ns:netconf:event:1.0"> <event> <severity>critical</severity> </event> <event> <severity>major</severity> </event> <event> <severity>minor</severity> </event> </neb> </netconf:filter> </create-subscription> </rpc> The following example illustrates selecting fault, state, config EventClasses5. Mapping to Application Protocols Currently, the NETCONF family of specification allows for running NETCONF over a number of application protocols, some of whichhave severitiessupport multiple configurations. Some ofcritical, major, or minorthese options will be better suited for supporting event notifications then others. 5.1 SSH Session establishment andcome from card Ethernet0. The filtering criteria evaluation istwo-way messages are based on the NETCONF over SSH transport mapping [NETCONF-SSH] One-way event messages are supported as follows:((fault | state | config) & ((fault & severity=critical) | (fault & severity=major) | (fault & severity = minor) | (card=Ethernet0))) Chisholm, et al. Expires July 12, 2006 [Page 29] Internet-Draft NETCONF Event Notifications January 2006 <rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:event:1.0"> <create-subscription> <eventClasses> <fault/> <state/> <config/> </eventClasses> <netconf:filter type="subtree"> <neb xmlns="urn:ietf:params:xml:ns:netconf:event:1.0"> <event> <eventClasses>fault</eventClasses> <severity>critical</severity> </event> <event> <eventClasses>fault</eventClasses> <severity>major</severity> </event> <event> <eventClasses>fault</eventClasses> <severity>minor</severity> </event> <event> <card>Ethernet0</card> </event> </neb> </netconf:filter> </create-subscription> </rpc> 6.3 XPATH filters The following example illustrates selecting fault EventClass whichOnce the session has been established and capabilities haveseveritiesbeen exchanged, the server may send complete XML documents to the NETCONF client containing notification elements. No response is expected from the NETCONF client. As the other examples in [NETCONF-SSH] illustrate, a special character sequence, MUST be sent by both the client and the server after each XML document in the NETCONF exchange. This character sequence cannot legally appear in an XML document, so it can be unambiguously used to identify the end ofcritical, major,the current document in the event notification of an XML syntax orminor.parsing error, allowing resynchronization of the NETCONF exchange. Thefiltering criteria evaluation is as follows: ((fault) & ((severity=critical) | (severity=major) | (severity = minor)))NETCONF over SSH session to receive an event notification might look like the following. Note the event notification contents (delimited by <data> </data> tags) are not defined in this document and are provided herein simply for illustration purposes: Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page30]24] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:event:1.0"> <create-subscription> <eventClasses> <fault/> </eventClasses> <netconf:filter type="xpath"> (/event[eventClasses/fault] and (/event[severity="critical"] or /event[severity="major"] or /event[severity="minor"])) </netconf:filter> </create-subscription> </rpc> The following example illustrates selecting fault, state, config EventClasses which have severities of critical, major, or minor and come from card Ethernet0. The filtering criteria evaluation is as follows: ((fault | state | config) & ((fault & severity=critical) | (fault & severity=major) | (fault & severity = minor) | (card=Ethernet0))) <rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:event:1.0"> <create-subscription> <eventClasses> <fault/> <state/> <config/> </eventClasses> <netconf:filter type="xpath"> ((/event[eventClasses/fault] or /event[eventClasses/state] or /event[eventClasses/config]) and ( (/event[eventClasses/fault] and /event[severity="critical"]) or (/event[eventClasses/fault] and /event[severity="major"]) or (/event[eventClasses/fault]<?xml version="1.0" encoding="UTF-8"?> <notification xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> <subscription-id>123456</subscription-id> <event-class><configuration/><audit/></event-classes> <sequence-number>2</sequence-number> <date-time>2000-01-12T12:13:14Z</date-time> <data> <user>Fred Flinstone</user> <operation> <edit-config> <target> <running/> </target> <config> <top xmlns="http://example.com/schema/1.2/config"> <interface> <name>Ethernet0/0</name> <mtu>1500</mtu> </interface> </top> </config> </edit-config> </operation> </data> </notification> ]]> ]]> 5.2 BEEP Session establishment and/event[severity="minor"])two-way messages are based on the NETCONF over BEEP transport mapping NETCONF-BEEP 5.2.1 One-way Notification Messages in Beep One-way notification messages can be supported either by mapping to the existing one-to-many BEEP construct or/event[card="Ethernet0"])) </netconf:filter> </create-subscription> </rpc>by creating a new one-to- none construct. This area is for future study. 5.2.1.1 One-way messages via the One-to-many Construct Messages in one-to-many exchanges: "rpc", "notification", "rpc-reply" Messages in positive replies: "rpc-reply", "rpc-one-way" Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page31]25] Internet-Draft NETCONF Event NotificationsJanuaryApril 20067. Security Considerations To be determined once specific aspects of5.2.1.2 One-way notification messages via the One-to-none Construct Note that thissolution are better understood.construct would need to be added to an extension or update to 'The Blocks Extensible Exchange Protocol Core' RFC 3080. MSG/NoANS: the client sends a "MSG" message, the server, sends no reply. Inparticular,one-to-none exchanges, no reply to theaccess control framework"MSG" message is expected. 5.3 SOAP Session management and message exchange are based on thechoice ofNETCONF over SOAP transportwill have a major impact onmapping NETCONF-SOAP Note that thesecurityuse of "persistent connections" "chunked transfer- coding" when using HTTP becomes even more important in thesolution Chisholm, et al. Expires July 12, 2006 [Page 32] Internet-Draft NETCONF Event Notifications January 2006 8. IANA Considerations Event Classes will likely be an IANA-managed resource. The initial setsupporting ofvalues is defined in this specification.event notifications 5.3.1 A NETCONF over Soap over HTTP Example C: POST /netconf HTTP/1.1 C: Host: netconfdevice C: Content-Type: text/xml; charset=utf-8 C: Accept: application/soap+xml, text/* C: Cache-Control: no-cache C: Pragma: no-cache C: Content-Length: 465 C: C: <?xml version="1.0" encoding="UTF-8"?> C: <soapenv:Envelope C: xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope"> C: <soapenv:Body> C: <rpc message-id="101" C: xmlns= "xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> C: <create-subscription> C: </create-subscription> C: </rpc> C: </soapenv:Body> C: </soapenv:Envelope> The response: S: HTTP/1.1 200 OK S: Content-Type: application/soap+xml; charset=utf-8 S: Content-Length: 917 S: Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page33]26] Internet-Draft NETCONF Event NotificationsJanuary 2006 9. Acknowledgements Thanks to Gilbert Gagnon and Greg Wilbur for providing their input into the early work on this document. In addition, the editors would like to acknowledge input at the Vancouver editing session from the following people: Orly Nicklass, James Bakstrieve, Yoshifumi Atarashi, Glenn Waters, Alexander Clemm, Dave Harrington, Dave Partain, Ray Atarashi and Dave Perkins. 10. References [NETCONF] Enns, R., "NETCONF Configuration Protocol", ID draft-ietf-netconf-prot-06,April2005. [NETCONF BEEP] Lear, E. and K. Crozier, "Using the NETCONF Protocol over Blocks Extensible Exchange Protocol (BEEP)", ID draft-ietf-netconf-beep-05, March 2005. [NETCONF Datamodel]2006 S: <?xml version="1.0" encoding="UTF-8"?> S: <soapenv:Envelope S: xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope"> S: <soapenv:Body> S: <rpc-reply message-id="101" S: xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> S: <data> S: <top xmlns= "http://example.com/schema/1.2/notification"> S: <subscriptionId>123456</subscriptionId> S: </top> S: </data> S: </rpc-reply> S: </soapenv:Body> S: </soapenv:Envelope> And then some time later S: HTTP/1.1 200 OK S: Content-Type: application/soap+xml; charset=utf-8 S: Content-Length: 917 S: S: <?xml version="1.0" encoding="UTF-8"?> S: <soapenv:Envelope S: xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope"> S: <soapenv:Body> S: <notification xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> S: <subscriptionID>123456</subscriptionID> S: <eventClass><configuration/><audit/></eventClass> S: <sequenceNumber>2</sequenceNumber> S: <dateAndTime>2000-01-12T12:13:14Z</dateAndTime> S: <data> S: <user>Fred Flinstone</user> S: <operation> S: <edit-config> S: <target> S: <running/> S: </target> S: <config> S: <top xmlns="http://example.com/schema/1.2/config"> S: <interface> S: <name>Ethernet0/0</name> S: <mtu>1500</mtu> S: </interface> S: </top> S: </config> S: </edit-config> Chisholm,S. and S. Adwankar, "Framework for NETCONF Content", ID draft-chisholm-netconf-model-04.txt, October 2005. [NETCONF SOAP] Goddard, T., "Using the Network Configuration Protocol (NETCONF) Over the Simple Object Access Protocol (SOAP)", ID draft-ietf-netconf-soap-05, April 2005. [NETCONF SSH] Wasserman, M. and T. Goddard, "Using theet al. Expires October 30, 2006 [Page 27] Internet-Draft NETCONFConfiguration Protocol over Secure Shell (SSH)", ID draft-ietf-netconf-ssh-04.txt,Event Notifications April2005. [URI] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform Resource Identifiers (URI): Generic Syntax", RFC 2396, August 1998. [XML] World Wide Web Consortium, "Extensible Markup Language (XML) 1.0", W3C XML, February 1998, <http://www.w3.org/TR/1998/REC-xml-19980210>. [refs.RFC2026] Bradner, S., "The Internet Standards Process -- Revision 3", RFC 2026, BCP 9, October 1996. [refs.RFC2119] Bradner, s., "Key words for RFCs to Indicate Requirements2006 S: </operation> S: </data> S: </notification> S: </soapenv:Body> S: </soapenv:Envelope> Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page34]28] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006Levels", RFC 2119, March 1997. [refs.RFC2223] Postel, J. and J. Reynolds, "Instructions6. Filtering examples The following section provides examples toRFC Authors", RFC 2223, October 1997. [refs.RFC3080] Rose, M., "The Blocks Extensible Exchange Protocol Core", RFC 3080, March 2001. Authors' Addresses Sharon Chisholm Nortel 3500 Carling Ave Nepean, Ontario K2H 8E9 Canada Email: schishol@nortel.com Kim Curran Nortel 3500 Carling Ave Nepean, Ontario K2H 8E9 Canada Email: kicurran@nortel.com Hector Trevino Cisco Suite 400 9155 E. Nichols Ave Englewood, CO 80112 USA Email: htrevino@cisco.comillustrate the various methods of filtering content on an event notification subscription. 6.1 Event Classes The following example illustrates selecting all event notifications for EventClasses fault, state or config <rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:event:1.0"> <create-subscription> <eventClasses> <fault/> <state/> <config/> </eventClasses> </create-subscription> </rpc> 6.2 Subtree Filtering XML subtree filtering is not well suited for creating elaborate filter definitions given that it only supports equality comparisons (e.g. in the event subtree give me all event notifications which have severity=critical or severity=major or severity=minor). Nevertheless, it may be used for defining simple notification forwarding filters as shown below. The following example illustrates selecting fault EventClass which have severities of critical, major, or minor. The filtering criteria evaluation is as follows: ((fault) & ((severity=critical) | (severity=major) | (severity = minor))) Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page35]29] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006Appendix A. Potential Event Content This non-normative appendix explores possible content of event notifications. It provides field descriptions and indicates their applicability for the various event classes. Fields specific to configuration events (configuration event class) are provided in Appendix B. A.1 Event Identifier A unique event identifier provided for event correlation purposes. This field is used by management applications to identify events<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:event:1.0"> <create-subscription> <eventClasses> <fault/> </eventClasses> <netconf:filter type="subtree"> <neb xmlns="urn:ietf:params:xml:ns:netconf:event:1.0"> <event> <severity>critical</severity> </event> <event> <severity>major</severity> </event> <event> <severity>minor</severity> </event> </neb> </netconf:filter> </create-subscription> </rpc> The following example illustrates selecting fault, state, config EventClasses whichare generated for a single event occurrence via different mechanisms (e.g. syslog, NETCONF). Ie, this event identifier could be included as content in a sysloghave severities of critical, major, orSNMP message to indicate that all the messages were generatedminor and come fromthe same source event. Event Id values may be re-used across re-boots. Applicable event classes: All A.2 Resource Instance This field identifies the element/entity/object for which the eventcard Ethernet0. The filtering criteria evaluation isapplicable. Applicable event classes: All A.3as follows: ((fault | state | config) & ((fault & severity=critical) | (fault & severity=major) | (fault & severity = minor) | (card=Ethernet0))) Chisholm, et al. Expires October 30, 2006 [Page 30] Internet-Draft NETCONF EventTime This field represents the time atNotifications April 2006 <rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:event:1.0"> <create-subscription> <eventClasses> <fault/> <state/> <config/> </eventClasses> <netconf:filter type="subtree"> <neb xmlns="urn:ietf:params:xml:ns:netconf:event:1.0"> <event> <eventClasses>fault</eventClasses> <severity>critical</severity> </event> <event> <eventClasses>fault</eventClasses> <severity>major</severity> </event> <event> <eventClasses>fault</eventClasses> <severity>minor</severity> </event> <event> <card>Ethernet0</card> </event> </neb> </netconf:filter> </create-subscription> </rpc> 6.3 XPATH filters The following example illustrates selecting fault EventClass whichthe action causing the generationhave severities ofthe event has taken place. Event time fieldcritical, major, or minor. The filtering criteria evaluation iscomposed of two parts: event generation time and event sysUpTime. Event generation time follows the syslog TIMESTAMP format defined in draft-ietf-syslog-protocol-14.txt (derived from RFC3339 but with additional restrictions).as follows: ((fault) & ((severity=critical) | (severity=major) | (severity = minor))) Chisholm, et al. Expires October 30, 2006 [Page 31] Internet-Draft NETCONF EventsysUpTime is of XML type integer (0..4294967295)Notifications April 2006 <rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:event:1.0"> <create-subscription> <eventClasses> <fault/> </eventClasses> <netconf:filter type="xpath"> (/event[eventClasses/fault] andit follows the same definition as sysUpTime (TimeTicks) defined in RFC3418 - "The time (in hundredths of a second) since the network management portion of the system was last re-initialized). Applicable event classes: All A.4 Perceived Severity(/event[severity="critical"] or /event[severity="major"] or /event[severity="minor"])) </netconf:filter> </create-subscription> </rpc> Theseverityfollowing example illustrates selecting fault, state, config EventClasses which have severities ofthe alarm as determined by the alarm detection point using the information it has available [RFC3877]. The values are cleared, indeterminate,critical, major, or minor andwarning.come from card Ethernet0. The filtering criteria evaluation is as follows: ((fault | state | config) & ((fault & severity=critical) | (fault & severity=major) | (fault & severity = minor) | (card=Ethernet0))) <rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:event:1.0"> <create-subscription> <eventClasses> <fault/> <state/> <config/> </eventClasses> <netconf:filter type="xpath"> ((/event[eventClasses/fault] or /event[eventClasses/state] or /event[eventClasses/config]) and ( (/event[eventClasses/fault] and /event[severity="critical"]) or (/event[eventClasses/fault] and /event[severity="major"]) or (/event[eventClasses/fault] and /event[severity="minor"]) or /event[card="Ethernet0"])) </netconf:filter> </create-subscription> </rpc> Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page36]32] Internet-Draft NETCONF Event NotificationsJanuary 2006 Applicable event classes: fault A.5 Probable Cause This field provides further information describing the cause of the alarm . Allowed values for this fieldApril 2006 7. Additional Capabilities 7.1 Call-Home Notifications 7.1.1 Overview Call-Home Notifications arethe samean alternative model for providing notifications that may be preferred for two particular use cases. The first use case is NAT traversal asthose listedinRFC3877 and are derived from ITU X.733 and ITU M.3100. Note thatthisconcept is being evolved to be less linear, withinmodel, theITU-T, in X.733.1,Netconf server initiates the Notification session. The second use case is when aprotocol-neutral versionmanager has a large number ofX.733. It may make senselow-priority devices that it only wants toconsider alignmentdeal with when there a known issue. While thisupdate onrisks loss of information, for this particular use case, this is not considered an issue. The Call-home-Notification feature supports the concept ofprobable cause, insteada short-lived notification session that only exists when there is something to report. In this feature, a subscription consists ofthe one in RFC3877a named profile, andX.733. Applicable event classes: fault A.6 Specific Problem This parameter is optional.an association with a Netconf client. Unlike normal subscriptions, which only exist when they are active, these subscriptions live while both dormant and active. Whenpresent, it identifies further refinements to the Probable causean event of interest happens on thealarm. This definition follows ITU X.733 Applicable event classes: fault A.7 Trend Indication This parameter indicatesmanaged resource, the Netconf server checks thetrendlist of dormant subscriptions and if thealarm againstfiltering parameters in themanaged resource Allowed values for this field are as specifiedsubscription indicate interest inRFC3877the Notification resulting from the event, then the Netconf server initiates the connection to the specific Netconf client andfollowsends theITU X.733 value definitions Applicable event classes: fault A.8 Additional Alarm Text This parameterNotification. When the Notification has been sent, the connection isprovided to allow implementationterminated. 7.1.1.1 Session Lifecycle In order toincludeavoid situations in which atextual description ofsessions is continuously setup and torn down, an inactivity timer is configured on thealarm Applicable event classes: fault A.9 Threshold Identifier This field holdsserver. The timeout interval value is theidentifiersame for all sessions (i.e. system wide) and each session has its own timer. Upon expiration of themonitored variable for whichinactivity timer, thethreshold was set. Thisconnection isanalogousterminated, otherwise if activity is detected, the timer is reset. [Editor's note: alternatives here were to either create and tear down thealarmVariable OBJECT-TYPE in RFC2819. Applicable event classes: fault (usefulsession forthreshold crossing alarms)each notification received or to have the server somehow figure out that there are more notifications coming soon after it has sent a notification and therefore keeps the connection up.] The session establishment procedure is as follows: 1) The NETCONF server initiates a session using a recognized application protocol (SSH, Beep, SOAP, etc). In order to "activate" this reverse behaviour a new SSH subsystem may need to be defined. Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page37]33] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006A.10 Threshold TypeThisparameterisused to indicate the direction of the threshold crossing: rising, falling, or clear. Rising threshold type: This indicates thatfor further study. In addition, thevalue of a monitored variable has crossedNE hosting theset thresholdNETCONF server must support both client and server modes in theupwards direction. Only sent to indicate a problem Falling threshold type: This indicates that the valuecase ofa monitored variable has crossed the set threshold in the downwards direction. Only sentSSH. 2) Client and server are authenticated according toindicate a problem. Clear threshold type: This indicates that the value ofthemonitored variable for which a threshold alarm had been previously issuedunderlying application protocol (e.g. SSH, BEEP) 3) If using BEEP, asa result of crossing the set value eitherdescribed in [NETCONF-BEEP] either party may initiate theupwards or downwards direction has been restored to a value within an acceptable range (i.e. does not exceed the set threshold). Note thatBEEP session. Once thisdiffers from RFC2819. Applicable event classes: fault (useful in the case threshold crossing alarms) A.11 Observed Value The value of the monitored parameter (Threshold Identifier) for the last sampling period. This parameter followsoccurs, thealarmValue definition in RFC2819. This fieldassumption isin two parts - the value and the units of measure. Applicable event classes: fault (useful in the case threshold crossing alarms) A.12 State Change Information This parameter holds the name and values ofthat both parties know their roles. At this point, thestate attributes whose values have changed and are being reported.NETCONF client, initiates NETCONF session establishment whether running SSH or BEEP. 7.1.2 Dependencies This feature isa parameter composeddependant on the named profiles concept from the normal subscription method as well as the definition ofthree fields: Attribute Name, Old Value, and<notification>. It also uses the same <notification> 7.1.3 Capability Identifier urn:ietf:params:xml:ns:netconf:callHomeNotification:1.0 7.1.3.1 NewValue. The definitions given in RFC4268Operations 7.1.3.1.1 New Data Model <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:nsub="urn:ietf:params:xml:ns:netconf:subscription:1.0" targetNamespace= "urn:ietf:params:xml:ns:netconf:callHomeSubscription:1.0" xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:ncEvent= "urn:ietf:params:xml:ns:netconf:event:1.0" xmlns:nm="urn:ietf:params:xml:ns:netconf:appInfo:1.0" elementFormDefault="qualified" attributeFormDefault="unqualified" xml:lang="en"> <xs:annotation> <xs:documentation xml:lang="en"> Schema forstate attributes and values are being followed. Applicable event classes: statereporting on dormant Call-Home Notification Subscriptions </xs:documentation> <xs:appinfo> <nm:identity xmlns:nm="urn:ietf:params:xml:ns:netmod:base:1.0"> <nm:Name>NetConfCallHomeSchema</nm:Name> <nm:LastUpdated>2006-04-30T09:30:47-05:00 Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page38]34] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006Appendix B. Configuration Event Class Notifications</nm:LastUpdated> <nm:Organization>IETF</nm:Organization> <nm:Description> A schema that can be used to learn about callHome Notification subscriptions </nm:Description> </nm:identity> </xs:appinfo> </xs:annotation> <xs:import namespace="urn:ietf:params:xml:ns:netconf:subscription:1.0" schemaLocation="urn:ietf:params:xml:ns:netconf:subscription:1.0"/> <xs:element name="callHomeSubscription"> <xs:annotation> <xs:appinfo> <nm:minAccess><read/></nm:minAccess> <nm:maxAccess><read/></nm:maxAccess> </xs:appinfo> </xs:annotation> <xs:complexType> <xs:sequence> <xs:element name="subscriber" type="xs:string"> <xs:annotation> <xs:documentation> Thisnon-normative appendix provides a detailed description ofneeds to be replaced with aconfiguration change event notification definition in support of the configuration operations, particularly those defined by the NETCONF protocol. B.1 Types of Configuration Events Configuration event notifications include: o All-triggered Configuration Events o NETCONF-triggered Configuration Events All-triggered Configuration events report on changes frommore prescriptive data type </xs:documentation> </xs:annotation> </xs:element> <xs:element name="namedProfile" type="xs:string" minOccurs="0"> <xs:annotation> <xs:documentation xml:lang="en"> The named profile associated with this subscription. Note that theperspectivecontents of themanaged resource, rather than the commands which created the configuration change. They are reported regardless of what specific methodnamed profile may have changed since it wasused to initiate the change. They indicate that a change has occurred around hardware, software, services or other managed resources withinlast applied </xs:documentation> </xs:annotation> <xs:keyref refer="nsub:namedProfileKey" name="namedProfileKeyRef"> <xs:selector xpath=".//namedProfile"> </xs:selector> <xs:field xpath="namedProfile"></xs:field> Chisholm, et al. Expires October 30, 2006 [Page 35] Internet-Draft NETCONF Event Notifications April 2006 </xs:keyref> </xs:element> <xs:element name="status"> <xs:simpleType> <xs:restriction base="xs:string"> <xs:enumeration value="Dormant"/> <xs:enumeration value="Active"/> </xs:restriction> </xs:simpleType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> </xs:schema> 7.1.3.1.2 Modifications to Existing Operations 7.1.3.1.2.1 <create-subscription> This capability adds asystem. Specific events includes o Resource Added o Resource Removed o Resource Modified NETCONF-triggered events are those which correspondnew attribute to theexecution of explicit NETCONF operations. These include: o copy-config event *<create-subscription> command. This attribute is callHome: An optional parameter that, when present, indicates whether this will be adata store level event generated following the successful completion ofcall-home Notification subscription. If not present, this will be acopy-config operation. This representsnormal subscription. 7.1.3.1.3 Interactions with Other Capabilities It is only when these subscriptions move from thecreation of a new configuration file or replacement of an existing one. o delete-config event * Thisdormant state to the active state that they have sessions associated with them. It isa data store level event generated followingonly at this point that they show up in thesuccessful completionactive subscription list. Chisholm, et al. Expires October 30, 2006 [Page 36] Internet-Draft NETCONF Event Notifications April 2006 8. Security Considerations To be determined once specific aspects ofa delete-config operation. This representsthis solution are better understood. In particular, thedeletionaccess control framework and the choice of transport will have aconfiguration file. o edit-config event * This is an event generated following a change in configuration due to an edit-config operation, e.g., due tomajor impact on thecompletionsecurity of the solution Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page39]37] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006 9. IANA Considerations Event Classes will likely be anedit-config operation which successfully changed some partIANA-managed resource. The initial set of values is defined in this specification. Chisholm, et al. Expires October 30, 2006 [Page 38] Internet-Draft NETCONF Event Notifications April 2006 10. Acknowledgements Thanks to Gilbert Gagnon and Greg Wilbur for providing their input into theconfiguration. See edit-config error-options (stop-on- error, ignore-error, rollback-on-error) The contents of this event are dependentearly work on this document. In addition, thetype of operation performed: edit- config (merge, replace, delete, create). This event is not intendededitors would like toreport completely unsuccessful configuration operations. o lock-config event * This is a data store level event generated followingacknowledge input at the Vancouver editing session from thesuccessful locking of a configuration data store. o unlock-config event * This is a data store level event generatedfollowing people: Orly Nicklass, James Bakstrieve, Yoshifumi Atarashi, Glenn Waters, Alexander Clemm, Dave Harrington, Dave Partain, Ray Atarashi and Dave Perkins. 11. References [NETCONF] Enns, R., "NETCONF Configuration Protocol", ID draft-ietf-netconf-prot-12, February 2006. [NETCONF BEEP] Lear, E. and K. Crozier, "Using thesuccessful release of a lock previously held on a configuration data store. B.2 Config Event Notification Structure The table below listsNETCONF Protocol over Blocks Extensible Exchange Protocol (BEEP)", ID draft-ietf-netconf-beep-10, March 2006. [NETCONF Datamodel] Chisholm, S. and S. Adwankar, "Framework for NETCONF Content", ID draft-chisholm-netconf-model-05.txt, April 2006. [NETCONF SOAP] Goddard, T., "Using theEventInfo parametersNetwork Configuration Protocol (NETCONF) Over the Simple Object Access Protocol (SOAP)", ID draft-ietf-netconf-soap-08, March 2006. [NETCONF SSH] Wasserman, M. and T. Goddard, "Using the NETCONF Configuration Protocol over Secure Shell (SSH)", ID draft-ietf-netconf-ssh-06.txt, March 2006. [URI] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform Resource Identifiers (URI): Generic Syntax", RFC 2396, August 1998. [XML] World Wide Web Consortium, "Extensible Markup Language (XML) 1.0", W3C XML, February 1998, <http://www.w3.org/TR/1998/REC-xml-19980210>. [refs.RFC2026] Bradner, S., "The Internet Standards Process -- Revision 3", RFC 2026, BCP 9, October 1996. [refs.RFC2119] Bradner, s., "Key words fora config event notification. Nomenclature: O - This is marked optional field because it is implementation/ notification category dependent. In some cases this may be user configurable. M - This is a mandatory field that must be included. Dependency on event class may exist as noted belowRFCs to Indicate Requirements Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page40]39] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006----------------------------------------------------- Parameter Name Restrictions ----------------------------------------------------- EventInfo ----------------------------------------------------- EventID O ----------------------------------------------------- ResourceInstance M ----------------------------------------------------- ConfigChangeType M ----------------------------------------------------- TargetDataStore M ----------------------------------------------------- UserInfo O ----------------------------------------------------- UserName ----------------------------------------------------- SourceIndicator ----------------------------------------------------- TransactionId ----------------------------------------------------- CopyConfigInfo -- copy-config only ----------------------------------------------------- DataSource M ----------------------------------------------------- EditConfigInfo -- edit-config only ----------------------------------------------------- EventTime M ----------------------------------------------------- Context O ----------------------------------------------------- EnteredCommand M ----------------------------------------------------- NewConfig M ----------------------------------------------------- MergeReplaceInfo ----------------------------------------------------- OldConfig O ----------------------------------------------------- EventTime M ----------------------------------------------------- EventGenerationTime ----------------------------------------------------- EventSysUpTime -----------------------------------------------------Levels", RFC 2119, March 1997. [refs.RFC2223] Postel, J. and J. Reynolds, "Instructions to RFC Authors", RFC 2223, October 1997. [refs.RFC3080] Rose, M., "The Blocks Extensible Exchange Protocol Core", RFC 3080, March 2001. Authors' Addresses Sharon Chisholm Nortel 3500 Carling Ave Nepean, Ontario K2H 8E9 Canada Email: schishol@nortel.com Kim Curran Nortel 3500 Carling Ave Nepean, Ontario K2H 8E9 Canada Email: kicurran@nortel.com Hector Trevino Cisco Suite 400 9155 E. Nichols Ave Englewood, CO 80112 USA Email: htrevino@cisco.com Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page41]40] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006B.3 Configuration Event ContentAppendix A. Design Alternatives A.1 Suspend And Resume Theapplicability of these fields to other event classes is for further study. B.3.1 Target Datastore Target datastore refers to the data store (startup, candidate, running) which was modified bypurpose of themanagement operation. B.3.2 User Info This<cancel-subscription> operation isusedtoconvey information describing who originated the configurationstop event notification forwarding and since themeansnotification subscription is transient the operation naturally removes all subscription configuration; For this reasons, a different mechanism might be needed forsubmittingshutting down therequest. The user info field containsnotification session but preserving thefollowing information: user Name: User id which was authorized to executesubscription information thus allowing theassociated management operation causingNETCONF server to re- establish thegeneration of this event. source Indicator: Indicatesparameters and reproduce themethod employednotification subscription. The suspend and resume commands would allows a NETCONF client toinitiatesuspend event notification forwarding without removing themanagement operation telnet, NETCONF, console, etc. transaction Id: If available, this field contains a unique identifierexisting subscription information. It could be used forthe associated management operation. This is implementation dependentboth subscriptions based on persistent andmay require additionalnon-persistent subscription information. Operations <suspend-subscription> and ><resume-subscription> are proposed for this purpose. If event subscription information is now persistent, unsolicited session termination (i.e. other than <cancel-subscription)) is treated as if a <suspend-subscription> command was issued. Event forwarding is resumed by sending a <resume-subscription> tobe communicated betweenthe NETCONF server on a new connection. A.2 Lifecycle Configuration information associated with the event subscription (event classes andclient. A possible optionfilters) could persist beyond the life of the event subscription session. (i.e. it is maintained by the network element as part of its configuration). This configuration information is subject tomake usethe behaviour of the datastore it resides in and may or may not persist across re-boots (e.g. it could be part of themessage-id inrunning configuration but not the startup configuration). Chisholm, et al. Expires October 30, 2006 [Page 41] Internet-Draft NETCONFrpc header B.3.3 Data SourceEvent Notifications April 2006 Appendix B. Event Notifications and Syslog This appendix describes the mapping between syslog message fields and NETCONF event notification fields. Thedata sourcepurpose of this mapping isused, for example, in the copy configuration commandtoindicated the sourceprovide an unambiguous mapping to enable consistent multi-protocol implementations as well as to enable future migration. The second part ofinformation used in the copy operation Applicable Event Classes: configuration (useful for copy-config) B.3.4 Operation Operation is used, for example, intheedit configuration commandappendix describes an optional capability toindicatedembed an entire syslog message (hereafter referred to as syslog message(s) to avoid confusion with thespecific operation that has taken placemessage field in syslog) within a NETCONF event notification. B.1 Leveraging Syslog Field Definitions This section provides a semantic mapping between NETCONF event fields and syslog message fields. ------------------------------------------------------------------- | PRI | HEADER | MESSAGE | ------------------------------------------------------------------- | FACILITY | SEVERITY | TIMESTAMP | HOSTNAME | TAG CONTENT | ------------------------------------------------------------------- Figure 2 -create, delete, merge, replace. Applicable Event Classes: configuration (useful for edit-config) B.3.5 Context The configuration sub-mode under which the command was executed.syslog message (RFC3164) ------------------------------------------------------------------- | HEADER | STRUCTURED DATA | MESSAGE | ------------------------------------------------------------------- Figure 3 - syslog message (draft-ietf-syslog-protocol-14.txt) HEADER (Version, Facility, Severity, Truncate, Flag, TimeStamp, HostName, AppName, ProcId, MsgId) STRUCTURED DATA (Zero or more Structured Data Elements - SDEs) MESSAGE ( Text message ) Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page 42] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006Applicable Event Classes: configuration B.3.6 Entered Command The command entered and executed on the device. B.3.7 New Config The device's configuration following the successful execution of the entered command. ApplicableB.1.1 Field Mapping ------------------------------------------------------ RFC3164 Syslog ID NETCONF EventClasses: configuration B.3.8 Old Config The configuration prior------------------------------------------------------ VERSION ------------------------------------------------------ FACILITY FACILITY ------------------------------------------------------ SEVERITY SEVERITY PerceivedSeverity ------------------------------------------------------ TRUNCATE FLAG ------------------------------------------------------ TIMESTAMP TIMESTAMP EventTime ------------------------------------------------------ HOSTNAME HOSTNAME EventOrigin ------------------------------------------------------ TAG APP-NAME EventOrigin ------------------------------------------------------ PROC-ID ------------------------------------------------------ MSG-ID ------------------------------------------------------ CONTENT CONTENT AdditionalText ------------------------------------------------------ Figure 4 - syslog tothe execution of the entered command. ApplicableNETCONF EventClasses: configuration B.3.9 Non-netconf commands in configuration notifications To support legacy implementations and for better integration with other deployed solutions on the box, sending information via netconf about configuration changes that were originated via other solutions, such as command line interfacesfield mapping Notes: VERSION: Schema version isnecessary. In order to do this, the informationfound inthe message needs to be clearly tagged so that the consumer of the information knows whatXML Schema namespace. However, no correspondence toexpect. In addition, the creation of the subscription needs allowsyslog. FACILITY: No well defined semantics forthe client to indicate whetherthisnon-XML formatted information is of interest The latter is done by identifying the XML namespace under which the data syntax/schema is defined. A NETCONF client requests the format in which it wants the NETCONF server to issue the event notificationsfield. Therefore not used atsubscription time by specifying the appropriate namespace under the Filter parameterthis time. TRUNCATE: Not applicable. NETCONF events must be complete XML documents therefore cannot be truncated. TIME: TIMESTAMP inthe <create-subscription> operation. An examplesyslog ID isprovided below: <netconf:filter> <data-format:config-format-xml xmlns="http://www.example.com/xmlnetevents"/> </netconf:filter> B.4 Design Alternative B.4.1 Server Session Initiation Currently the NETCONF protocol requires session establishment toderived from RFC3339 but with additional restrictions PROC-ID: No equivalent field CONTENT: This is a free form text field with not defined semantics. The contents of this field may be included in the AdditionalText field. Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page 43] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006initiated by the NETCONF client. With the introduction of event notificationsB.1.2 Severity Mapping The severity value mappings stated in (draft-ietf-syslog-protocol-14) are used: ITU Perceived Severity syslog SEVERITY Critical Alert Major Critical Minor Error Warning Warning Indeterminate Notice Cleared Notice Figure 5. ITU Perceived Severity to syslog SEVERITY mapping. B.2 Syslog within NETCONF Events B.2.1 Motivation The syslog protocol (RFC3164) is widely used by equipment vendors aswell deployments which might require the "call-home" featurea means to deliver event messages. Due toget around firewall and/or NAT issues,theability forwidespread use of syslog as well as aNETCONF server to initiate sessions becomes important. Otherpotentialusesphased availability and coverage ofthis feature includes the following deployment scenario: NE registration/auto-configuration. The deviceNETCONF events by equipment vendors, it ispre-configured withenvisioned that users will also follow atarget destination address (the management station's address) where it needsphased migration. As a way toregisterfacilitate migration anddownload its configuration. When managing large numbers of devices (e.g. CPEs) this also allows for increased scalability sinceat themanagement station does not need to maintain established sessions to all managed devices. This appendix proposes extensionssame time allow equipment vendors totheprovide comprehensive event coverage over a NETCONF event subscriptionsession establishment procedures and related operations to allow for server session initiation. Note that the security implications of this approach, compared with more traditional, well understood models, is for further study. The subscription information as describedsession, syslog messages could be embedded in their entirety within the body ofthis document indicates that it is transienta NETCONF event notification. The information provided innature (i.e. it is not persisted and it is only applicable through the life of the session). This sectionthis appendix describesadditional functionalitya mechanism to leverage syslog messages forpersisting event subscription information and allowingtheNETCONF server (e.g. network element) to initiatepurpose of complementing the available NETCONF eventsubscription session. QUICK SUMMARY:notification set. The<create-subscription>, <cancel-subscription>, <modify-subscription> operations would be used in same manner as described in doc. It mayintent is to promote the useusefulof the NETCONF interface and not toallowsimply provide aclientwrapper andserver to re-establish anadditional delivery mechanism for syslog messages. NETCONF eventssubscription. This would result in another capability to allow session initiation by the server. B.4.2 Establishment In orderare intended toestablishbe well defined and structured, therefore providing anevent subscription, a client must issue a <create-subscription> message request. Upon a successful response fromadvantage over theserver (e.g. network element)unstructured and often times arbitrarily defined syslog messages (i.e. theevent subscriptionmessage field). Covered herein isestablished. With this modified persistent version ofthesubscription,syslog protocol as defined in RFC3164 and draft-ietf-syslog-protocol-14.txt. B.2.2 Embedding syslog messages in a NETCONF Event When event notifications are supported, the default behaviour for a NETCONF serverwould maintain the subscription information as part of its configuration. B.4.3 Teardown A event subscriptionistorn down when a)to send NETCONF event notifications over an established event subscription. As an option, theclient issuesNETCONF server may embed a<cancel-subscription>syslog message in its entirety (e.g. RFC3164 - PRI, Header, and Message fields), placing itis successfully processed by the server (i.e. the server issues a positive response) or b)within the Event Info field Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page 44] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006 (SyslogInfo sub-field) - see Figure 1. ______________________________________________________ | NETCONFsession carrying theEvent Header | Data | |________________________ |___________________________| | | Event Info | |_________________________|___________________________| | v ____________________________ | Event Fields | SyslogInfo | |___________________________| Figure 1 - Embedding syslog in a NETCONF Event Notifications B.2.3 Supported Forwarding Options Three eventsubscription goes down for any reason. Ifforwarding options may be supported by thesubscriptionNETCONF server: a) XML only (mandatory if NETCONF events capability isnot persistent, the user must create a new subscription with the exact same parameters as the original session. If instead, subscriptions were persistent, as part of the network element's configuration, the client simply needssupported) b) XML and syslog (Optional) c) syslog only (optional) Note tore-establish the session by specifying the subscription Id. B.4.4 Suspend And Resume Sincethepurpose of the <cancel-subscription> operation isreader: Option "a" above refers tostopevent notificationforwarding and due to its transient nature removes all subscription configuration; a different mechanism might be neededmessages defined forshutting down the session but preserving the subscription information thus allowinguse over the NETCONFserverprotocol. While their use is not necessarily limited tore-establish the parameters and reproduce the subscription. The suspend and resume commands would allows aNETCONFclientprotocol, they are referred tosuspend event notification forwarding without removingas "NETCONF XML-event" in theexisting subscription information. Operations <suspend-subscription> and ><resume-subscription> are proposed forremainder of thispurpose. Since event subscription information is now persistent, unsolicited session termination (i.e. other than <cancel-subscription)) is treated as if a <suspend-subscription> command was issued. Event forwardingsection simply to avoid ambiguity. B.2.3.1 XML and Syslog option - Forwarding Behaviour It isresumed by sending a <resume-subscription>possible, due tothecoverage, for a given NETCONFserver onimplementation to not support anew connection. B.4.5 Lifecycle Configuration information associated with the event subscription (event classes and filters) could persist beyond the lifecomprehensive set oftheNETCONF eventsubscription session. (i.e.notifications. Therefore, it ismaintained by the network element as part of its configuration). This configuration information is subjectpossible for a given event to trigger thebehaviour of the datastore it resides in and may or may not persist across re-boots (e.g. it could be partgeneration of a syslog message without a NETCONF-aware counterpart. In such situations, therunning configuration but not the startup configuration). Chisholm, et al. Expires July 12, 2006 [Page 45] Internet-DraftNETCONFEvent Notifications January 2006 Appendix C.server could form a NETCONFEvent Notifications and Syslog This appendix describesevent notification, embed themapping betweensyslog messagefieldsin the SyslogInfo field and forward the NETCONF eventnotification fields. The purpose of this mapping is to provide an unambiguous mapping to enable consistent multi-protocol implementations as well as to enable future migration. The second part of the appendix describes an optional capability to embed an entire syslog message (hereafter referrednotifications toasall subscribed destinations. Otherwise, both NETCONF event and syslogmessage(s) to avoid confusion withmessages must be included in themessageEvent Info field. B.2.3.2 Event Class Identification The event class field is found insyslog) within athe NETCONF eventnotification. C.1 Leveraging Syslog Field Definitions This section provides a semantic mapping between NETCONFheader information as described in the main body of this document. It conveys information describing what type of event for which the eventfieldsnotification is generated andsyslog message fields. ------------------------------------------------------------------- | PRI | HEADER | MESSAGE | ------------------------------------------------------------------- | FACILITY | SEVERITY | TIMESTAMP | HOSTNAME | TAG CONTENT | ------------------------------------------------------------------- Figure 2 - syslog message (RFC3164) ------------------------------------------------------------------- | HEADER | STRUCTURED DATA | MESSAGE | ------------------------------------------------------------------- Figure 3 - syslog message (draft-ietf-syslog-protocol-14.txt) HEADER (Version, Facility, Severity, Truncate, Flag, TimeStamp, HostName, AppName, ProcId, MsgId) STRUCTURED DATA (Zero or more Structured Data Elements - SDEs) MESSAGE ( Textlets the consumer of the message)know what sort of content to expect. NETCONF event notifications which Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page46]45] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006C.1.1 Field Mapping ------------------------------------------------------ RFC3164 Syslog IDonly contain a syslog message (Options c) must have the EventClass field set to "syslog". The NETCONF client parses the message in the same manner as any other message, finds the normal fields (ie, XML- marked content) not present and either proceeds to parse the SyslogInfo field or hands the syslog message to the entity responsible for processing syslog messages. B.2.3.3 Event------------------------------------------------------ VERSION ------------------------------------------------------ FACILITY FACILITY ------------------------------------------------------ SEVERITY SEVERITY PerceivedSeverity ------------------------------------------------------ TRUNCATE FLAG ------------------------------------------------------ TIMESTAMP TIMESTAMP EventTime ------------------------------------------------------ HOSTNAME HOSTNAME EventOrigin ------------------------------------------------------ TAG APP-NAME EventOrigin ------------------------------------------------------ PROC-ID ------------------------------------------------------ MSG-ID ------------------------------------------------------ CONTENT CONTENT AdditionalText ------------------------------------------------------ Figure 4 -Subscription Options A NETCONF client may request subscription to options b) XML and syslog or c) syslog only listed in "Supported Forwarding Options" at subscription time via the user-specified filter. The FILTER or NAMED FILTER parameter in <create-subscription>. As previously indicated, the default behaviour is to forward NETCONF XML only event notifications. [Editor's Note: How is this done exactly?] B.2.3.4 Supported Forwarding Option Discovery A potential means for a NETCONFEvent field mapping Notes: VERSION: Schema versionserver to convey its feature set support isfound in XML Schema namespace.via capabilities. However,no correspondence to syslog. FACILITY: No well defined semantics for this field. Therefore not used at this time. TRUNCATE: Not applicable. NETCONF events must be complete XML documents therefore cannot be truncated. TIME: TIMESTAMPinsyslog ID is derived from RFC3339 but with additional restrictions PROC-ID: No equivalent field CONTENT: Thisthis particular case, the event content isa free form text field withnotdefined semantics. The contentsa protocol feature therefore other means are needed. A future version of thisfield may be included in the AdditionalText field.document will address this issue. Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page47]46] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006C.1.2 Severity Mapping The severity value mappings statedAppendix C. Example Configuration Notifications This non-normative appendix provides a detailed description of a configuration change event notification definition in(draft-ietf-syslog-protocol-14)support of the configuration operations, particularly those defined by the NETCONF protocol. C.1 Types of Configuration Events Configuration event notifications include: o All-triggered Configuration Events o NETCONF-triggered Configuration Events All-triggered Configuration events report on changes from the perspective of the managed resource, rather than the commands which created the configuration change. They areused: ITU Perceived Severity syslog SEVERITY Critical Alert Major Critical Minor Error Warning Warning Indeterminate Notice Cleared Notice Figure 5. ITU PerceivedSeverityreported regardless of what specific method was used to initiate the change. They indicate that a change has occurred around hardware, software, services or other managed resources within a system. Specific events includes o Resource Added o Resource Removed o Resource Modified NETCONF-triggered events are those which correspond tosyslog SEVERITY mapping. C.2 Syslog withinthe execution of explicit NETCONFEvents C.2.1 Motivation The syslog protocol (RFC3164)operations. These include: o copy-config event * This iswidely used by equipment vendors asameans to deliverdata store level eventmessages. Due togenerated following thewidespread usesuccessful completion ofsyslog as well asapotential phased availability and coveragecopy-config operation. This represents the creation ofNETCONF events by equipment vendors, it is envisioned that users will also follow a phased migration. Asaway to facilitate migration and at the same time allow equipment vendors to provide comprehensivenew configuration file or replacement of an existing one. o delete-config eventcoverage over* This is aNETCONFdata store level eventsubscription session, syslog messages could be embedded in their entirety withingenerated following thebodysuccessful completion of aNETCONF event notification. The information provided in this appendix describes a mechanism to leverage syslog messages fordelete-config operation. This represents thepurposedeletion ofcomplementing the available NETCONFa configuration file. o edit-config eventnotification set. The intent* This is an event generated following a change in configuration due to an edit-config operation, e.g., due topromotetheusecompletion ofthe NETCONF interface and not to simply provide a wrapper and additional delivery mechanism for syslog messages.Chisholm, et al. Expires October 30, 2006 [Page 47] Internet-Draft NETCONFeventsEvent Notifications April 2006 an edit-config operation which successfully changed some part of the configuration. See edit-config error-options (stop-on- error, ignore-error, rollback-on-error) The contents of this event are dependent on the type of operation performed: edit- config (merge, replace, delete, create). This event is not intended tobe well defined and structured, therefore providing an advantage over the unstructured and often times arbitrarily defined syslog messages (i.e.report completely unsuccessful configuration operations. o lock-config event * This is a data store level event generated following themessage field). Covered hereinsuccessful locking of a configuration data store. o unlock-config event * This is a data store level event generated following thesyslog protocol as defined in RFC3164 and draft-ietf-syslog-protocol-14.txt. C.2.2 Embedding syslog messages insuccessful release of aNETCONFlock previously held on a configuration data store. C.2 Config EventWhen event notifications are supported,Notification Structure The table below lists thedefault behaviourEventInfo parameters for aNETCONF server is to send NETCONF event notifications over an establishedconfig eventsubscription. As an option, the NETCONF servernotification. Nomenclature: O - This is marked optional field because it is implementation/ notification category dependent. In some cases this mayembed a syslog message in its entirety (e.g. RFC3164be user configurable. M -PRI, Header,This is a mandatory field that must be included. Dependency on event class may exist as noted below Chisholm, et al. Expires October 30, 2006 [Page 48] Internet-Draft NETCONF Event Notifications April 2006 ----------------------------------------------------- Parameter Name Restrictions ----------------------------------------------------- EventInfo ----------------------------------------------------- EventID O ----------------------------------------------------- ResourceInstance M ----------------------------------------------------- ConfigChangeType M ----------------------------------------------------- TargetDataStore M ----------------------------------------------------- UserInfo O ----------------------------------------------------- UserName ----------------------------------------------------- SourceIndicator ----------------------------------------------------- TransactionId ----------------------------------------------------- CopyConfigInfo -- copy-config only ----------------------------------------------------- DataSource M ----------------------------------------------------- EditConfigInfo -- edit-config only ----------------------------------------------------- EventTime M ----------------------------------------------------- Context O ----------------------------------------------------- EnteredCommand M ----------------------------------------------------- NewConfig M ----------------------------------------------------- MergeReplaceInfo ----------------------------------------------------- OldConfig O ----------------------------------------------------- EventTime M ----------------------------------------------------- EventGenerationTime ----------------------------------------------------- EventSysUpTime ----------------------------------------------------- Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page48]49] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006and Message fields), placing it within the Event Info field (SyslogInfo sub-field) - see Figure 1. _____________________________________________________ | NETCONF Event Header | Data | |________________________|___________________________| | | Event Info | |________________________|___________________________| | | v v ____________________________ | Event Fields | SyslogInfo | |___________________________| Figure 1 - Embedding syslog in a NETCONFC.3 Configuration EventNotifications C.2.3 Supported Forwarding Options ThreeContent The applicability of these fields to other eventforwarding options may be supportedclasses is for further study. C.3.1 Target Datastore Target datastore refers to the data store (startup, candidate, running) which was modified by theNETCONF server: a) XML only (mandatory if NETCONF events capabilitymanagement operation. C.3.2 User Info This issupported) b) XML and syslog (Optional) c) syslog only (optional) Noteused to convey information describing who originated thereader: Option "a" above refers toconfiguration eventnotification messages definedand the means foruse oversubmitting theNETCONF protocol. While their use is not necessarily limited to NETCONF protocol, they are referredrequest. The user info field contains the following information: user Name: User id which was authorized toas "NETCONF XML-event" inexecute theremainderassociated management operation causing the generation of thissection simply to avoid ambiguity. C.2.3.1 XML and Syslog option - Forwarding Behaviour It is possible, dueevent. source Indicator: Indicates the method employed tocoverage, forinitiate the management operation telnet, NETCONF, console, etc. transaction Id: If available, this field contains agiven NETCONFunique identifier for the associated management operation. This is implementation dependent and may require additional information tonot support a comprehensive setbe communicated between server and client. A possible option is to make use of the message-id in the NETCONFevent notifications. Therefore, itrpc header C.3.3 Data Source The data source ispossibleused, fora given eventexample, in the copy configuration command totriggerindicated thegenerationsource ofa syslog message without a NETCONF-aware counterpart. In such situations, the NETCONF server could form a NETCONF event notification, embed the syslog messageinformation used in theSyslogInfo field and forwardcopy operation Applicable Event Classes: configuration (useful for copy-config) C.3.4 Operation Operation is used, for example, in theNETCONF event notificationsedit configuration command toall subscribed destinations. Otherwise, bothindicated the specific operation that has taken place - create, delete, merge, replace. Applicable Event Classes: configuration (useful for edit-config) C.3.5 Context The configuration sub-mode under which the command was executed. Chisholm, et al. Expires October 30, 2006 [Page 50] Internet-Draft NETCONFeventEvent Notifications April 2006 Applicable Event Classes: configuration C.3.6 Entered Command The command entered andsyslog messages must be included inexecuted on the device. C.3.7 New Config The device's configuration following the successful execution of the entered command. Applicable EventInfo field. C.2.3.2 Event Class IdentificationClasses: configuration C.3.8 Old Config Theevent class field is foundconfiguration prior to the execution of the entered command. Applicable Event Classes: configuration C.3.9 Non-netconf commands in configuration notifications To support legacy implementations and for better integration with other deployed solutions on theNETCONF event headerbox, sending information via netconf about configuration changes that were originated via other solutions, such asdescribed incommand line interfaces is necessary. In order to do this, themain body of this document. It conveysinformationdescribingin the message needs to be clearly tagged so thattype of event for which the event notification is generated and letsthe consumer of themessage know Chisholm, et al. Expires July 12, 2006 [Page 49] Internet-Draft NETCONF Event Notifications January 2006information knows what to expect.NETCONF event notifications which only contain a syslog message (Options b or c) must haveIn addition, theEventClass field set to "information". [Editor's Note: Thiscreation of the subscription needsto be thought through. It may not beallow for thebest option.] The NETCONFclientparses the message in the same manner as any other message, finds the normal fields empty [Editor's Note: or not present?] and either proceedstoparse the SyslogInfo field or handsindicate whether this non-XML formatted information is of interest The latter is done by identifying thesyslog message toXML namespace under which theentity responsible for processing syslog messages. C.2.3.3 Event Subscription Optionsdata syntax/schema is defined. A NETCONF clientmay request subscription to options b) XML and syslog or c) syslog only listed in "Supported Forwarding Options" at subscription time viarequests theuser-specified filter. The FILTER or NAMED FILTER parameterformat in<create-subscription>. As previously indicated,which it wants thedefault behaviour is to forward NETCONF XML only event notifications. C.2.3.4 Supported Forwarding Option Discovery A potential means for aNETCONF server toconvey its feature set support is via capabilities. However, in this particular case,issue the eventcontentnotifications at subscription time by specifying the appropriate namespace under the Filter parameter in the <create-subscription> operation. An example isnot a protocol feature therefore other means are needed. A future version of this document will address this issue.provided below: <netconf:filter> <data-format:config-format-xml xmlns="http://www.example.com/xmlnetevents"/> </netconf:filter> Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page50]51] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006 Intellectual Property Statement The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. The IETF has been notified of intellectual property rights claimed in regard to some or all of the specification contained in this document. For more information consult the online list of claimed rights. Disclaimer of Validity This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Copyright Statement Copyright (C) The Internet Society (2006). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page51]52] Internet-Draft NETCONF Event NotificationsJanuaryApril 2006 Acknowledgment Funding for the RFC Editor function is currently provided by the Internet Society. Chisholm, et al. ExpiresJuly 12,October 30, 2006 [Page52]53] ----