< draft-ietf-netconf-udp-pub-channel-04.txt   draft-ietf-netconf-udp-pub-channel-05.txt >
NETCONF G. Zheng NETCONF G. Zheng
Internet-Draft T. Zhou Internet-Draft T. Zhou
Intended status: Standards Track A. Clemm Intended status: Standards Track A. Clemm
Expires: April 22, 2019 Huawei Expires: September 12, 2019 Huawei
October 19, 2018 March 11, 2019
UDP based Publication Channel for Streaming Telemetry UDP based Publication Channel for Streaming Telemetry
draft-ietf-netconf-udp-pub-channel-04 draft-ietf-netconf-udp-pub-channel-05
Abstract Abstract
This document describes a UDP-based publication channel for streaming This document describes a UDP-based publication channel for streaming
telemetry use to collect data from devices. A new shim header is telemetry use to collect data from devices. A new shim header is
proposed to facilitate the distributed data collection mechanism proposed to facilitate the distributed data collection mechanism
which directly pushes data from line cards to the collector. Because which directly pushes data from line cards to the collector. Because
of the lightweight UDP encapsulation, higher frequency and better of the lightweight UDP encapsulation, higher frequency and better
transit performance can be achieved. transit performance can be achieved.
skipping to change at page 1, line 42 skipping to change at page 1, line 42
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on April 22, 2019. This Internet-Draft will expire on September 12, 2019.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminologies . . . . . . . . . . . . . . . . . . . . . . . . 4 2. Terminologies . . . . . . . . . . . . . . . . . . . . . . . . 4
3. Solution Overview . . . . . . . . . . . . . . . . . . . . . . 4 3. Transport Mechanisms . . . . . . . . . . . . . . . . . . . . 4
4. Transport Mechanisms . . . . . . . . . . . . . . . . . . . . 5 3.1. Dynamic Subscription . . . . . . . . . . . . . . . . . . 4
4.1. Dynamic Subscription . . . . . . . . . . . . . . . . . . 6 3.2. Configured Subscription . . . . . . . . . . . . . . . . . 5
4.2. Configured Subscription . . . . . . . . . . . . . . . . . 7 4. UDP Transport for Publication Channel . . . . . . . . . . . . 6
5. UDP Transport for Publication Channel . . . . . . . . . . . . 8 4.1. Design Overview . . . . . . . . . . . . . . . . . . . . . 6
5.1. Design Overview . . . . . . . . . . . . . . . . . . . . . 8 4.2. Data Format of the UPC Message Header . . . . . . . . . . 7
5.2. Data Format of the UPC Message Header . . . . . . . . . . 9 4.3. Options . . . . . . . . . . . . . . . . . . . . . . . . . 9
5.3. Options . . . . . . . . . . . . . . . . . . . . . . . . . 10 4.3.1. Reliability Option . . . . . . . . . . . . . . . . . 9
5.3.1. Reliability Option . . . . . . . . . . . . . . . . . 10 4.3.2. Fragmentation Option . . . . . . . . . . . . . . . . 10
5.3.2. Fragmentation Option . . . . . . . . . . . . . . . . 11 4.4. Data Encoding . . . . . . . . . . . . . . . . . . . . . . 11
5.4. Data Encoding . . . . . . . . . . . . . . . . . . . . . . 12 5. Using DTLS to Secure UPC . . . . . . . . . . . . . . . . . . 11
6. Using DTLS to Secure UPC . . . . . . . . . . . . . . . . . . 12 5.1. Transport . . . . . . . . . . . . . . . . . . . . . . . . 11
6.1. Transport . . . . . . . . . . . . . . . . . . . . . . . . 13 5.2. Port Assignment . . . . . . . . . . . . . . . . . . . . . 12
6.2. Port Assignment . . . . . . . . . . . . . . . . . . . . . 14 5.3. DTLS Session Initiation . . . . . . . . . . . . . . . . . 12
6.3. DTLS Session Initiation . . . . . . . . . . . . . . . . . 14 5.4. Sending Data . . . . . . . . . . . . . . . . . . . . . . 13
6.4. Sending Data . . . . . . . . . . . . . . . . . . . . . . 14 5.5. Closure . . . . . . . . . . . . . . . . . . . . . . . . . 13
6.5. Closure . . . . . . . . . . . . . . . . . . . . . . . . . 15 6. Congestion Control . . . . . . . . . . . . . . . . . . . . . 14
7. Congestion Control . . . . . . . . . . . . . . . . . . . . . 15 7. A YANG Data Model for Management of UPC . . . . . . . . . . . 14
8. A YANG Data Model for Management of UPC . . . . . . . . . . . 16 8. YANG Module . . . . . . . . . . . . . . . . . . . . . . . . . 14
9. YANG Module . . . . . . . . . . . . . . . . . . . . . . . . . 16 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 18 10. Security Considerations . . . . . . . . . . . . . . . . . . . 17
11. Security Considerations . . . . . . . . . . . . . . . . . . . 19 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 17
12. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 19 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 17
13. References . . . . . . . . . . . . . . . . . . . . . . . . . 19 12.1. Normative References . . . . . . . . . . . . . . . . . . 17
13.1. Normative References . . . . . . . . . . . . . . . . . . 19 12.2. Informative References . . . . . . . . . . . . . . . . . 19
13.2. Informative References . . . . . . . . . . . . . . . . . 20 12.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 19
13.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 21 Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 20
Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 21 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 20
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 22
1. Introduction 1. Introduction
Streaming telemetry refers to sending a continuous stream of Streaming telemetry refers to sending a continuous stream of
operational data from a device to a remote receiver. This provides operational data from a device to a remote receiver. This provides
an ability to monitor a network from remote and to provide network an ability to monitor a network from remote and to provide network
analytics. Devices generate telemetry data and push that data to a analytics. Devices generate telemetry data and push that data to a
collector for further analysis. By streaming the data, much better collector for further analysis. By streaming the data, much better
performance, finer-grained sampling, monitoring accuracy, and performance, finer-grained sampling, monitoring accuracy, and
bandwidth utilization can be achieved than with polling-based bandwidth utilization can be achieved than with polling-based
skipping to change at page 4, line 37 skipping to change at page 4, line 32
an ability to monitor a network from remote and to provide network an ability to monitor a network from remote and to provide network
analytics. analytics.
Component Subscription: A subscription that defines the data from Component Subscription: A subscription that defines the data from
each individual telemetry source which is managed and controlled by a each individual telemetry source which is managed and controlled by a
single Subscription Server. single Subscription Server.
Component Subscription Server: An agent that streams telemetry data Component Subscription Server: An agent that streams telemetry data
per the terms of a component subscription. per the terms of a component subscription.
3. Solution Overview 3. Transport Mechanisms
The typical distributed data collection solution is shown in Fig. 1.
Both the Collector and the Publisher can be distributed. The
Collector includes the Subscriber and a set of Receivers. And the
Publisher includes a Subscription Server and a set of Component
Subscription Servers. The Subscriber cannot see the Component
Subscription Servers directly, so it will send the Global
Subscription information to the Subscription Server (e.g., main
board) via the Subscription Channel. When receiving a Global
Subscription, the Subscription Server decomposes the subscription
request into multiple Component Subscriptions, each involving data
from a separate internal telemetry source, for example a line card.
The Component Subscriptions are distributed to the Component
Subscription Server. Subsequently, each data originator generates
its own stream of telemetry data, collecting and encapsulating the
packets per the Component Subscription and streaming them to the
designated Receivers. This distributed data collection mechanism may
form multiple Publication Channels to the Receivers. The Receiver is
able to assemble many pieces of data associated with one Global
Subscription.
The Publication Channel supports the reliable data streaming, for
example for some alarm events. The Collector has the option of
deducing the packet loss and the disorder based on the information
carried by the notification data. And the Collector may decide the
behavior to request retransmission.
The rest of the draft describes the UDP based Publication Channel
(UPC).
+-------------------------------------+
| Collector |
| |
| +------------+ +-----------+ |
| | Subscriber | | Receivers | |
| +----+-------+ +--^----^---+ |
| | | | |
+-------------------------------------+
| | |
Subscription | | | Publication
Channel | | | Channel
| +---------+ |
| | |
+-------------------------------------+
| | | | |
| +----v---+-----+ +------+-------+ |
| | Subscription | | Component | |
| | Server | | Subscription | |
| | | | Servers | |
| +--------------+ +--------------+ |
| |
| Publisher |
+-------------------------------------+
Fig. 1 Distributed Data Collection
4. Transport Mechanisms
For a complete pub-sub mechanism, this section will describe how the For a complete pub-sub mechanism, this section will describe how the
UPC is used to interact with the Subscription Channel relying on UPC is used to interact with the Subscription Channel relying on
NETCONF or RESTCONF. NETCONF or RESTCONF.
4.1. Dynamic Subscription 3.1. Dynamic Subscription
Dynamic subscriptions for Sub-Notif are configured and managed via Dynamic subscriptions for Sub-Notif are configured and managed via
signaling messages transported over NETCONF [RFC6241] or RESTCONF signaling messages transported over NETCONF [RFC6241] or RESTCONF
[RFC8040]. The Sub-Notif defined RPCs which are sent and responded [RFC8040]. The Sub-Notif defined RPCs which are sent and responded
via the Subscription Channel (a), between the Subscriber and the via the Subscription Channel (a), between the Subscriber and the
Subscription Server of the Publisher. In this case, only one Subscription Server of the Publisher. In this case, only one
Receiver is associated with the Subscriber. In the Publisher, there Receiver is associated with the Subscriber. In the Publisher, there
may be multiple data originators. Notification messages are pushed may be multiple data originators. Notification messages are pushed
on separate channels (b), from different data originators to the on separate channels (b), from different data originators to the
Receiver. Receiver.
skipping to change at page 7, line 10 skipping to change at page 5, line 46
SHOULD be colocated. So UPC can use the source IP address of the SHOULD be colocated. So UPC can use the source IP address of the
Subscription Channel as it's destination IP address. The Receiver Subscription Channel as it's destination IP address. The Receiver
MUST support listening messages at the IANA-assigned PORT-X or PORT- MUST support listening messages at the IANA-assigned PORT-X or PORT-
Y, but MAY be configured to listen at a different port. Y, but MAY be configured to listen at a different port.
For dynamic subscription, the Publication Channels MUST share fate For dynamic subscription, the Publication Channels MUST share fate
with the subscription session. In other words, when the delete- with the subscription session. In other words, when the delete-
subscription is received or the subscription session is broken, all subscription is received or the subscription session is broken, all
the associated Publication Channels MUST be closed. the associated Publication Channels MUST be closed.
4.2. Configured Subscription 3.2. Configured Subscription
For a Configured Subscription, there is no guarantee that the For a Configured Subscription, there is no guarantee that the
Subscriber is currently in place with the associated Receiver(s). As Subscriber is currently in place with the associated Receiver(s). As
defined in Sub-Notif, the subscription configuration contains the defined in Sub-Notif, the subscription configuration contains the
location information of all the receivers, including the IP address location information of all the receivers, including the IP address
and the port number. So that the data originator can actively send and the port number. So that the data originator can actively send
generated messages to the corresponding Receivers via the UPC. generated messages to the corresponding Receivers via the UPC.
The first message MUST be a separate subscription-started The first message MUST be a separate subscription-started
notification to indicate the Receiver that the pushing is started. notification to indicate the Receiver that the pushing is started.
skipping to change at page 8, line 35 skipping to change at page 6, line 45
| | RPC Reply: OK | | | | RPC Reply: OK | |
<----------------------------------------+ | <----------------------------------------+ |
| | UPC:subscription terminated | | | | UPC:subscription terminated | |
| <-----------------------------------------+ | <-----------------------------------------+
| | | | | | | |
| | | | | | | |
+ + + + + + + +
Fig. 3 Call Flow For Configured Subscription Fig. 3 Call Flow For Configured Subscription
5. UDP Transport for Publication Channel 4. UDP Transport for Publication Channel
5.1. Design Overview 4.1. Design Overview
As specified in Sub-Notif, the telemetry data is encapsulated in the As specified in Sub-Notif, the telemetry data is encapsulated in the
NETCONF/RESTCONF notification message, which is then encapsulated and NETCONF/RESTCONF notification message, which is then encapsulated and
carried in the transport protocols, e.g. TLS, HTTP2. The following carried in the transport protocols, e.g. TLS, HTTP2. The following
figure shows the overview of the typical UPC message structure. figure shows the overview of the typical UPC message structure.
o The Message Header contains information that can facilitate the o The Message Header contains information that can facilitate the
message transmission before de-serializing the notification message transmission before de-serializing the notification
message. message.
skipping to change at page 9, line 14 skipping to change at page 7, line 25
of the Notification Message for both single notification and of the Notification Message for both single notification and
multiple bundled notifications. multiple bundled notifications.
+-------+ +--------------+ +--------------+ +-------+ +--------------+ +--------------+
| UDP | | Message | | Notification | | UDP | | Message | | Notification |
| | | Header | | Message | | | | Header | | Message |
+-------+ +--------------+ +--------------+ +-------+ +--------------+ +--------------+
Fig. 4 UDP Publication Message Overview Fig. 4 UDP Publication Message Overview
5.2. Data Format of the UPC Message Header 4.2. Data Format of the UPC Message Header
The UPC Message Header contains information that can facilitate the The UPC Message Header contains information that can facilitate the
message transmission before de-serializing the notification message. message transmission before de-serializing the notification message.
The data format is shown as follows. The data format is shown as follows.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-------+---------------+-------+-------------------------------+ +-------+---------------+-------+-------------------------------+
| Vers. | Flag | ET | Length | | Vers. | Flag | ET | Length |
+-------+---------------+-------+-------------------------------+ +-------+---------------+-------+-------------------------------+
skipping to change at page 10, line 36 skipping to change at page 9, line 5
address of the UDP datagrams SHOULD NOT be interpreted as the address of the UDP datagrams SHOULD NOT be interpreted as the
identifier for the host that originated the UPC message. The identifier for the host that originated the UPC message. The
entity sending the UPC message could be merely a relay. entity sending the UPC message could be merely a relay.
o The Message ID is generated continuously by the message generator. o The Message ID is generated continuously by the message generator.
Different subscribers share the same notification ID sequence. Different subscribers share the same notification ID sequence.
o Options: is a variable-length field. The details of the Options o Options: is a variable-length field. The details of the Options
will be described in the respective sections below. will be described in the respective sections below.
5.3. Options 4.3. Options
The order of packing the data fields in the Options field follows the The order of packing the data fields in the Options field follows the
bit order of the Flag field. bit order of the Flag field.
5.3.1. Reliability Option 4.3.1. Reliability Option
The UDP based publication transport described in this document The UDP based publication transport described in this document
provides two streaming modes, the reliable mode an the unreliable provides two streaming modes, the reliable mode an the unreliable
mode, for different SLA (Service Level Agreement) and telemetry mode, for different SLA (Service Level Agreement) and telemetry
requirements. requirements.
In the unreliable streaming mode, the line card pushes the In the unreliable streaming mode, the line card pushes the
encapsulated data to the data collector without any sequence encapsulated data to the data collector without any sequence
information. So the subscriber does not know whether the data is information. So the subscriber does not know whether the data is
correctly received or not. Hence no retransmission happens. correctly received or not. Hence no retransmission happens.
skipping to change at page 11, line 35 skipping to change at page 10, line 4
+---------------------------------------------------------------+ +---------------------------------------------------------------+
| Previous Message ID | | Previous Message ID |
+---------------------------------------------------------------+ +---------------------------------------------------------------+
Fig. 4 Reliability Option Format Fig. 4 Reliability Option Format
Current Message ID and Previous Message ID will be added in the Current Message ID and Previous Message ID will be added in the
packets. packets.
For example, there are two subscriber A and B, For example, there are two subscriber A and B,
o Message IDs for the generator are : [1, 2, 3, 4, 5, 6, 7, 8, 9], o Message IDs for the generator are : [1, 2, 3, 4, 5, 6, 7, 8, 9],
in which Subscriber A subscribes [1,2,3,6,7] and Subscriber B in which Subscriber A subscribes [1, 2, 3, 6, 7] and Subscriber B
subscribes [1,2,4,5,7,8,9]. subscribes [1, 2, 4, 5, 7, 8, 9].
o Subscriber A will receive [Previous Message ID, Current Message o Subscriber A will receive [Previous Message ID, Current Message
ID] like: [0,1][1,2][2,3][3,6][6,7]. ID] like: [0, 1] [1, 2] [2, 3] [3, 6] [6, 7].
o Subscriber B will receive [Previous Message ID, Current Message o Subscriber B will receive [Previous Message ID, Current Message
ID] like: [0,1][1,2][2,4][4,5][5,7][7,8][8,9]. ID] like: [0, 1] [1, 2] [2, 4] [4, 5] [5, 7] [7, 8] [8, 9].
5.3.2. Fragmentation Option 4.3.2. Fragmentation Option
UDP palyload has a theoretical length limitation to 65535. Other UDP palyload has a theoretical length limitation to 65535. Other
encapsulation headers will make the actual payload even shorter. encapsulation headers will make the actual payload even shorter.
Binary encodings like GPB and CBOR can make the message compact. So Binary encodings like GPB and CBOR can make the message compact. So
that the message can be encapsulated within one UDP packet, hence that the message can be encapsulated within one UDP packet, hence
fragmentation will not easily happen. However, text encodings like fragmentation will not easily happen. However, text encodings like
JSON and XML can easily make the message exceed the UDP length JSON and XML can easily make the message exceed the UDP length
limitation. limitation.
The Fragmentation Option can help not Application layer can split the The Fragmentation Option can help not Application layer can split the
skipping to change at page 12, line 33 skipping to change at page 11, line 5
fragmentation flag is set to 1. The option contains: fragmentation flag is set to 1. The option contains:
Fragment Number: indicates the sequence number of the current Fragment Number: indicates the sequence number of the current
fragment. fragment.
L: is a flag to indicate whether the current fragment is the last L: is a flag to indicate whether the current fragment is the last
one. When 0 is set, current fragment is not the last one, hence more one. When 0 is set, current fragment is not the last one, hence more
fragments are expected. When 1 is set, current fragment is the last fragments are expected. When 1 is set, current fragment is the last
one. one.
5.4. Data Encoding 4.4. Data Encoding
Subscribed data can be encoded in GPB, CBOR, XML or JSON format. It Subscribed data can be encoded in GPB, CBOR, XML or JSON format. It
is conceivable that additional encodings may be supported as options is conceivable that additional encodings may be supported as options
in the future. This can be accomplished by augmenting the in the future. This can be accomplished by augmenting the
subscription data model with additional identity statements used to subscription data model with additional identity statements used to
refer to requested encodings. refer to requested encodings.
Implementation may support different encoding method per Implementation may support different encoding method per
subscription. When bundled notifications is supported between the subscription. When bundled notifications is supported between the
publisher and the receiver, only subscribed notifications with the publisher and the receiver, only subscribed notifications with the
same encoding can be bundled as one message. same encoding can be bundled as one message.
6. Using DTLS to Secure UPC 5. Using DTLS to Secure UPC
The Datagram Transport Layer Security (DTLS) protocol [RFC6347] is The Datagram Transport Layer Security (DTLS) protocol [RFC6347] is
designed to meet the requirements of applications that need secure designed to meet the requirements of applications that need secure
datagram transport. datagram transport.
DTLS can be used as a secure transport to counter all the primary DTLS can be used as a secure transport to counter all the primary
threats to UDP based Publication Channel: threats to UDP based Publication Channel:
o Confidentiality to counter disclosure of the message contents. o Confidentiality to counter disclosure of the message contents.
skipping to change at page 13, line 22 skipping to change at page 11, line 41
o Server or mutual authentication to counter masquerade. o Server or mutual authentication to counter masquerade.
In addition, DTLS also provides: In addition, DTLS also provides:
o A cookie exchange mechanism during handshake to counter Denial of o A cookie exchange mechanism during handshake to counter Denial of
Service attacks. Service attacks.
o A sequence number in the header to counter replay attacks. o A sequence number in the header to counter replay attacks.
6.1. Transport 5.1. Transport
As shown in Figure 6, the DTLS is layered next to the UDP transport As shown in Figure 6, the DTLS is layered next to the UDP transport
is to provide reusable security and authentication functions over is to provide reusable security and authentication functions over
UDP. No DTLS extension is required to enable UPC messages over DTLS. UDP. No DTLS extension is required to enable UPC messages over DTLS.
+-----------------------------+ +-----------------------------+
| UPC Message | | UPC Message |
+-----------------------------+ +-----------------------------+
| DTLS | | DTLS |
+-----------------------------+ +-----------------------------+
skipping to change at page 14, line 9 skipping to change at page 12, line 35
on the UDP transport. on the UDP transport.
Since UDP is an unreliable transport, with DTLS, an originator or Since UDP is an unreliable transport, with DTLS, an originator or
relay may not realize that a collector has gone down or lost its DTLS relay may not realize that a collector has gone down or lost its DTLS
connection state, so messages may be lost. connection state, so messages may be lost.
The DTLS record has its own sequence number, the encryption and The DTLS record has its own sequence number, the encryption and
decryption will done by DTLS layer, UPC Message layer will not decryption will done by DTLS layer, UPC Message layer will not
concern this. concern this.
6.2. Port Assignment 5.2. Port Assignment
The Publisher is always a DTLS client, and the Receiver is always a The Publisher is always a DTLS client, and the Receiver is always a
DTLS server. The Receivers MUST support accepting UPC Messages on DTLS server. The Receivers MUST support accepting UPC Messages on
the UDP port PORT-Y, but MAY be configurable to listen on a different the UDP port PORT-Y, but MAY be configurable to listen on a different
port. The Publisher MUST support sending UPC messages to the UDP port. The Publisher MUST support sending UPC messages to the UDP
port PORT-Y, but MAY be configurable to send messages to a different port PORT-Y, but MAY be configurable to send messages to a different
port. The Publisher MAY use any source UDP port for transmitting port. The Publisher MAY use any source UDP port for transmitting
messages. messages.
6.3. DTLS Session Initiation 5.3. DTLS Session Initiation
The Publisher initiates a DTLS connection by sending a DTLS Client The Publisher initiates a DTLS connection by sending a DTLS Client
Hello to the Receiver. Implementations MUST support the denial of Hello to the Receiver. Implementations MUST support the denial of
service countermeasures defined by DTLS. When these countermeasures service countermeasures defined by DTLS. When these countermeasures
are used, the Receiver responds with a DTLS Hello Verify Request are used, the Receiver responds with a DTLS Hello Verify Request
containing a cookie. The Publisher responds with a DTLS Client Hello containing a cookie. The Publisher responds with a DTLS Client Hello
containing the received cookie, which initiates the DTLS handshake. containing the received cookie, which initiates the DTLS handshake.
The Publisher MUST NOT send any UPC messages before the DTLS The Publisher MUST NOT send any UPC messages before the DTLS
handshake has successfully completed. handshake has successfully completed.
Implementations MUST support DTLS 1.0 [RFC4347] and MUST support the Implementations MUST support DTLS 1.0 [RFC4347] and MUST support the
mandatory to implement cipher suite, which is mandatory to implement cipher suite, which is
TLS_RSA_WITH_AES_128_CBC_SHA [RFC5246] as specified in DTLS 1.0. If TLS_RSA_WITH_AES_128_CBC_SHA [RFC5246] as specified in DTLS 1.0. If
additional cipher suites are supported, then implementations MUST NOT additional cipher suites are supported, then implementations MUST NOT
negotiate a cipher suite that employs NULL integrity or negotiate a cipher suite that employs NULL integrity or
authentication algorithms. authentication algorithms.
skipping to change at page 14, line 41 skipping to change at page 13, line 19
mandatory to implement cipher suite, which is mandatory to implement cipher suite, which is
TLS_RSA_WITH_AES_128_CBC_SHA [RFC5246] as specified in DTLS 1.0. If TLS_RSA_WITH_AES_128_CBC_SHA [RFC5246] as specified in DTLS 1.0. If
additional cipher suites are supported, then implementations MUST NOT additional cipher suites are supported, then implementations MUST NOT
negotiate a cipher suite that employs NULL integrity or negotiate a cipher suite that employs NULL integrity or
authentication algorithms. authentication algorithms.
Where privacy is REQUIRED, then implementations must either negotiate Where privacy is REQUIRED, then implementations must either negotiate
a cipher suite that employs a non-NULL encryption algorithm or else a cipher suite that employs a non-NULL encryption algorithm or else
achieve privacy by other means, such as a physically secured network. achieve privacy by other means, such as a physically secured network.
6.4. Sending Data 5.4. Sending Data
All UPC messages MUST be sent as DTLS "application_data". It is All UPC messages MUST be sent as DTLS "application_data". It is
possible that multiple UPC messages be contained in one DTLS record, possible that multiple UPC messages be contained in one DTLS record,
or that a publication message be transferred in multiple DTLS or that a publication message be transferred in multiple DTLS
records. The application data is defined with the following ABNF records. The application data is defined with the following ABNF
[RFC5234] expression: [RFC5234] expression:
APPLICATION-DATA = 1*UPC-FRAME APPLICATION-DATA = 1*UPC-FRAME
UPC-FRAME = MSG-LEN SP UPC-MSG UPC-FRAME = MSG-LEN SP UPC-MSG
skipping to change at page 15, line 14 skipping to change at page 13, line 41
MSG-LEN = NONZERO-DIGIT *DIGIT MSG-LEN = NONZERO-DIGIT *DIGIT
SP = %d32 SP = %d32
NONZERO-DIGIT = %d49-57 NONZERO-DIGIT = %d49-57
DIGIT = %d48 / NONZERO-DIGIT DIGIT = %d48 / NONZERO-DIGIT
UPC-MSG is defined in section 5.2. UPC-MSG is defined in section 5.2.
6.5. Closure 5.5. Closure
A Publisher MUST close the associated DTLS connection if the A Publisher MUST close the associated DTLS connection if the
connection is not expected to deliver any UPC Messages later. It connection is not expected to deliver any UPC Messages later. It
MUST send a DTLS close_notify alert before closing the connection. A MUST send a DTLS close_notify alert before closing the connection. A
Publisher (DTLS client) MAY choose to not wait for the Receiver's Publisher (DTLS client) MAY choose to not wait for the Receiver's
close_notify alert and simply close the DTLS connection. Once the close_notify alert and simply close the DTLS connection. Once the
Receiver gets a close_notify from the Publisher, it MUST reply with a Receiver gets a close_notify from the Publisher, it MUST reply with a
close_notify. close_notify.
When no data is received from a DTLS connection for a long time When no data is received from a DTLS connection for a long time
(where the application decides what "long" means), Receiver MAY close (where the application decides what "long" means), Receiver MAY close
the connection. The Receiver (DTLS server) MUST attempt to initiate the connection. The Receiver (DTLS server) MUST attempt to initiate
an exchange of close_notify alerts with the Publisher before closing an exchange of close_notify alerts with the Publisher before closing
the connection. Receivers that are unprepared to receive any more the connection. Receivers that are unprepared to receive any more
data MAY close the connection after sending the close_notify alert. data MAY close the connection after sending the close_notify alert.
Although closure alerts are a component of TLS and so of DTLS, they, Although closure alerts are a component of TLS and so of DTLS, they,
like all alerts, are not retransmitted by DTLS and so may be lost like all alerts, are not retransmitted by DTLS and so may be lost
over an unreliable network. over an unreliable network.
7. Congestion Control 6. Congestion Control
Congestion control mechanisms that respond to congestion by reducing Congestion control mechanisms that respond to congestion by reducing
traffic rates and establish a degree of fairness between flows that traffic rates and establish a degree of fairness between flows that
share the same path are vital to the stable operation of the Internet share the same path are vital to the stable operation of the Internet
[RFC2914]. While efficient, UDP has no build-in congestion control [RFC2914]. While efficient, UDP has no build-in congestion control
mechanism. Because streaming telemetry can generate unlimited mechanism. Because streaming telemetry can generate unlimited
amounts of data, transferring this data over UDP is generally amounts of data, transferring this data over UDP is generally
problematic. It is not recommended to use the UDP based publication problematic. It is not recommended to use the UDP based publication
channel over congestion-sensitive network paths. The only channel over congestion-sensitive network paths. The only
environments where the UDP based publication channel MAY be used are environments where the UDP based publication channel MAY be used are
managed networks. The deployments require the network path has been managed networks. The deployments require the network path has been
explicitly provisioned for the UDP based publication channel through explicitly provisioned for the UDP based publication channel through
traffic engineering mechanisms, such as rate limiting or capacity traffic engineering mechanisms, such as rate limiting or capacity
reservations. reservations.
8. A YANG Data Model for Management of UPC 7. A YANG Data Model for Management of UPC
The YANG model defined in Section 9 has two leafs augmented into one The YANG model defined in Section 9 has two leafs augmented into one
place of Sub-Notif [I-D.ietf-netconf-subscribed-notifications], plus place of Sub-Notif [I-D.ietf-netconf-subscribed-notifications], plus
one identities. one identities.
module: ietf-upc-subscribed-notifications module: ietf-upc-subscribed-notifications
augment /sn:subscriptions/sn:subscription/sn:receivers/sn:receiver: augment /sn:subscriptions/sn:subscription/sn:receivers/sn:receiver:
+--rw address? inet:ip-address +--rw address? inet:ip-address
+--rw port? inet:port-number +--rw port? inet:port-number
9. YANG Module 8. YANG Module
<CODE BEGINS> file "ietf-upc-subscribed-notifications@2018-10-19.yang" <CODE BEGINS> file "ietf-upc-subscribed-notifications@2018-10-19.yang"
module ietf-upc-subscribed-notifications { module ietf-upc-subscribed-notifications {
yang-version 1.1; yang-version 1.1;
namespace namespace
"urn:ietf:params:xml:ns:yang:ietf-upc-subscribed-notifications"; "urn:ietf:params:xml:ns:yang:ietf-upc-subscribed-notifications";
prefix upcsn; prefix upcsn;
import ietf-subscribed-notifications { import ietf-subscribed-notifications {
prefix sn; prefix sn;
} }
skipping to change at page 18, line 6 skipping to change at page 16, line 30
augment "/sn:subscriptions/sn:subscription/sn:receivers/sn:receiver" { augment "/sn:subscriptions/sn:subscription/sn:receivers/sn:receiver" {
description description
"This augmentation allows UPC specific parameters to be "This augmentation allows UPC specific parameters to be
exposed for a subscription."; exposed for a subscription.";
uses target-receiver; uses target-receiver;
} }
} }
<CODE ENDS> <CODE ENDS>
10. IANA Considerations 9. IANA Considerations
This RFC requests that IANA assigns three UDP port numbers in the This RFC requests that IANA assigns three UDP port numbers in the
"Registered Port Numbers" range with the service names "upc" and "Registered Port Numbers" range with the service names "upc" and
"upc-dtls". These ports will be the default ports for the UDP based "upc-dtls". These ports will be the default ports for the UDP based
Publication Channel for NETCONF and RESTCONF. Below is the Publication Channel for NETCONF and RESTCONF. Below is the
registration template following the rules in [RFC6335]. registration template following the rules in [RFC6335].
Service Name: upc Service Name: upc
Transport Protocol(s): UDP Transport Protocol(s): UDP
skipping to change at page 19, line 10 skipping to change at page 17, line 33
XML: N/A; the requested URI is an XML namespace. XML: N/A; the requested URI is an XML namespace.
This document also requests a new YANG module name in the YANG Module This document also requests a new YANG module name in the YANG Module
Names registry [RFC7950] with the following suggestion: Names registry [RFC7950] with the following suggestion:
name: ietf-upc-subscribed-notifications name: ietf-upc-subscribed-notifications
namespace: urn:ietf:params:xml:ns:yang:ietf-upc-subscribed-notifications namespace: urn:ietf:params:xml:ns:yang:ietf-upc-subscribed-notifications
prefix: upcsn prefix: upcsn
reference: RFC XXXX reference: RFC XXXX
11. Security Considerations 10. Security Considerations
TBD TBD
12. Acknowledgements 11. Acknowledgements
The authors of this documents would like to thank Eric Voit, Tim The authors of this documents would like to thank Eric Voit, Tim
Jenkins, and Huiyang Yang for the initial comments. Jenkins, and Huiyang Yang for the initial comments.
13. References 12. References
13.1. Normative References 12.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC2914] Floyd, S., "Congestion Control Principles", BCP 41, [RFC2914] Floyd, S., "Congestion Control Principles", BCP 41,
RFC 2914, DOI 10.17487/RFC2914, September 2000, RFC 2914, DOI 10.17487/RFC2914, September 2000,
<https://www.rfc-editor.org/info/rfc2914>. <https://www.rfc-editor.org/info/rfc2914>.
skipping to change at page 20, line 38 skipping to change at page 19, line 14
[RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF
Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017,
<https://www.rfc-editor.org/info/rfc8040>. <https://www.rfc-editor.org/info/rfc8040>.
[RFC8200] Deering, S. and R. Hinden, "Internet Protocol, Version 6 [RFC8200] Deering, S. and R. Hinden, "Internet Protocol, Version 6
(IPv6) Specification", STD 86, RFC 8200, (IPv6) Specification", STD 86, RFC 8200,
DOI 10.17487/RFC8200, July 2017, DOI 10.17487/RFC8200, July 2017,
<https://www.rfc-editor.org/info/rfc8200>. <https://www.rfc-editor.org/info/rfc8200>.
13.2. Informative References 12.2. Informative References
[I-D.ietf-netconf-netconf-event-notifications] [I-D.ietf-netconf-netconf-event-notifications]
Voit, E., Clemm, A., Prieto, A., Nilsen-Nygaard, E., and Voit, E., Clemm, A., Prieto, A., Nilsen-Nygaard, E., and
A. Tripathy, "NETCONF Support for Event Notifications", A. Tripathy, "Dynamic subscription to YANG Events and
draft-ietf-netconf-netconf-event-notifications-13 (work in Datastores over NETCONF", draft-ietf-netconf-netconf-
progress), October 2018. event-notifications-17 (work in progress), February 2019.
[I-D.ietf-netconf-notification-messages] [I-D.ietf-netconf-notification-messages]
Voit, E., Birkholz, H., Bierman, A., Clemm, A., and T. Voit, E., Birkholz, H., Bierman, A., Clemm, A., and T.
Jenkins, "Notification Message Headers and Bundles", Jenkins, "Notification Message Headers and Bundles",
draft-ietf-netconf-notification-messages-04 (work in draft-ietf-netconf-notification-messages-05 (work in
progress), August 2018. progress), February 2019.
[I-D.ietf-netconf-restconf-notif] [I-D.ietf-netconf-restconf-notif]
Voit, E., Rahman, R., Nilsen-Nygaard, E., Clemm, A., and Voit, E., Rahman, R., Nilsen-Nygaard, E., Clemm, A., and
A. Bierman, "RESTCONF Transport for Event Notifications", A. Bierman, "Dynamic subscription to YANG Events and
draft-ietf-netconf-restconf-notif-08 (work in progress), Datastores over RESTCONF", draft-ietf-netconf-restconf-
October 2018. notif-13 (work in progress), February 2019.
[I-D.ietf-netconf-subscribed-notifications] [I-D.ietf-netconf-subscribed-notifications]
Voit, E., Clemm, A., Prieto, A., Nilsen-Nygaard, E., and Voit, E., Clemm, A., Prieto, A., Nilsen-Nygaard, E., and
A. Tripathy, "Customized Subscriptions to a Publisher's A. Tripathy, "Subscription to YANG Event Notifications",
Event Streams", draft-ietf-netconf-subscribed- draft-ietf-netconf-subscribed-notifications-23 (work in
notifications-17 (work in progress), September 2018. progress), February 2019.
[I-D.zhou-netconf-multi-stream-originators] [I-D.zhou-netconf-multi-stream-originators]
Zhou, T., Zheng, G., Voit, E., Clemm, A., and A. Bierman, Zhou, T., Zheng, G., Voit, E., Clemm, A., and A. Bierman,
"Subscription to Multiple Stream Originators", draft-zhou- "Subscription to Multiple Stream Originators", draft-zhou-
netconf-multi-stream-originators-03 (work in progress), netconf-multi-stream-originators-03 (work in progress),
October 2018. October 2018.
13.3. URIs 12.3. URIs
[1] https://developers.google.com/protocol-buffers/ [1] https://developers.google.com/protocol-buffers/
Appendix A. Change Log Appendix A. Change Log
(To be removed by RFC editor prior to publication) (To be removed by RFC editor prior to publication)
A.1. draft-ietf-zheng-udp-pub-channel-00 to v00 A.1. draft-ietf-zheng-udp-pub-channel-00 to v00
o Modified the message header format. o Modified the message header format.
skipping to change at page 22, line 17 skipping to change at page 20, line 43
A.2. v03 A.2. v03
o Clarify term through the document. o Clarify term through the document.
o Add a section on DTLS support. o Add a section on DTLS support.
A.2. v04 A.2. v04
o Add a section on UPC subscription model. o Add a section on UPC subscription model.
Authors' Addresses A.2. v05
o Remove the redundant solution overview section and refer to the
multi stream originator draft.
Authors' Addresses
Guangying Zheng Guangying Zheng
Huawei Huawei
101 Yu-Hua-Tai Software Road 101 Yu-Hua-Tai Software Road
Nanjing, Jiangsu Nanjing, Jiangsu
China China
Email: zhengguangying@huawei.com Email: zhengguangying@huawei.com
Tianran Zhou Tianran Zhou
Huawei Huawei
 End of changes. 43 change blocks. 
135 lines changed or deleted 81 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/