[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: A few potential requirements
- To: ops-nm@ops.ietf.org
- Subject: Re: A few potential requirements
- From: "R.P. Aditya" <aditya@grot.org>
- Date: Mon, 25 Jun 2001 13:17:58 -0700
- Delivery-date: Mon, 25 Jun 2001 13:19:54 -0700
- Envelope-to: ops-nm-data@psg.com
- Reply-To: "R.P. Aditya" <aditya@grot.org>
On Mon, Jun 25, 2001 at 11:01:07AM -0700, Bill Woodcock wrote:
> 01) Any management system which results from this work needs to
> include provision for multiple permissions-levels of authenticated
> access, each with read and write access to different resources
> within the managed device or system. For instance, some users
> should have only read access, and only to specific portions of a
> device. Other users would have the authority to create new
> instances by applying a predefined template (turning up new BGP
> peers using a peer-group). More advanced users would have
> permission to apply a template but also make specific
> individual-line overrides to the predefined configuration of the
> template. Superusers would have the ability to define new templates
> and destroy old ones. This requirement is related to requirements
> 07 and 08. -woody@pch.net
So a requirement to have multiple privilege levels on the device itself is
unnecessary? Just asking to make sure that is what is implied.
> 04) Reads and writes should, wherever possible, share the same
> name-space. This requirement is related to requirement 03.
> -saperia@jdscons.com
To be more explicit, the configuration commands should be retrieveable from
the device in an "ascii text configuration file format" and uploadable in the
same format.
> 05) SMTP should be taken as a model of a good on-the-wire protocol
> for operational use. It's easily implemented, whether in code or in
> scripts. It's also easily typed manually, for debugging purposes.
> It contains machine-readable numeric error codes, as well as verbose
> text descriptions of the errors which can be either observed by an
> operator performing interactive debugging, or communicated by an
> automated system to someone capable of interpreting them. It
> requires no special tools of the person attempting the debugging, as
> they can do so simply by telnetting to a well-known port. The
> commands are simple enough and memorable enough that a person of
> average intelligence can use them from memory, in the middle of the
> night, without enough coffee, and it contains a rudimentary
> interactive help system which allows an interactive user to
> determine what commands are available. If a device-management
> protocol were to be implemented in a manner similar to SMTP, a "no
> verbose" command should be included so that automated console
> implementations could minimize the volume of return traffic from the
> device. -woody@pch.net
However, a stronger requirement than "looking like SMTP" is that it should
also be over a secure, authenticated, encrypted method to connect to the
network device AND transfer the configuration file/commands to and from the
device. I would think that ssh is the minimum level of protection. IP-address
based authentication is insufficient. scp to transfer the config would be a
monumental improvement over rcp or SNMP-initiated tftp.
Adi