Network Working Group S. Chisholm Request for Comments: 5277 Nortel Category: Standards Track H. Trevino Cisco July 2008
Network Working Group S. Chisholm Request for Comments: 5277 Nortel Category: Standards Track H. Trevino Cisco July 2008
NETCONF Event Notifications
NETCONF事件通知
Status of This Memo
关于下段备忘
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
本文件规定了互联网社区的互联网标准跟踪协议,并要求进行讨论和提出改进建议。有关本协议的标准化状态和状态,请参考当前版本的“互联网官方协议标准”(STD 1)。本备忘录的分发不受限制。
Abstract
摘要
This document defines mechanisms that provide an asynchronous message notification delivery service for the Network Configuration protocol (NETCONF). This is an optional capability built on top of the base NETCONF definition. This document defines the capabilities and operations necessary to support this service.
本文档定义了为网络配置协议(NETCONF)提供异步消息通知传递服务的机制。这是构建在基本NETCONF定义之上的可选功能。本文档定义了支持此服务所需的功能和操作。
Table of Contents
目录
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Definition of Terms . . . . . . . . . . . . . . . . . . . 3 1.2. Motivation . . . . . . . . . . . . . . . . . . . . . . . . 4 1.3. Event Notifications in NETCONF . . . . . . . . . . . . . . 5 2. Notification-Related Operations . . . . . . . . . . . . . . . 5 2.1. Subscribing to Receive Event Notifications . . . . . . . . 5 2.1.1. <create-subscription> . . . . . . . . . . . . . . . . 6 2.2. Sending Event Notifications . . . . . . . . . . . . . . . 9 2.2.1. <notification> . . . . . . . . . . . . . . . . . . . . 9 2.3. Terminating the Subscription . . . . . . . . . . . . . . . 9 3. Supporting Concepts . . . . . . . . . . . . . . . . . . . . . 10 3.1. Capabilities Exchange . . . . . . . . . . . . . . . . . . 10 3.1.1. Capability Identifier . . . . . . . . . . . . . . . . 10 3.1.2. Capability Example . . . . . . . . . . . . . . . . . . 10 3.2. Event Streams . . . . . . . . . . . . . . . . . . . . . . 10 3.2.1. Event Stream Definition . . . . . . . . . . . . . . . 12 3.2.2. Event Stream Content Format . . . . . . . . . . . . . 12 3.2.3. Default Event Stream . . . . . . . . . . . . . . . . . 12 3.2.4. Event Stream Sources . . . . . . . . . . . . . . . . . 12 3.2.5. Event Stream Discovery . . . . . . . . . . . . . . . . 12 3.3. Notification Replay . . . . . . . . . . . . . . . . . . . 15 3.3.1. Overview . . . . . . . . . . . . . . . . . . . . . . . 15 3.3.2. Creating a Subscription with Replay . . . . . . . . . 16 3.4. Notification Management Schema . . . . . . . . . . . . . . 16 3.5. Subscriptions Data . . . . . . . . . . . . . . . . . . . . 20 3.6. Filter Mechanics . . . . . . . . . . . . . . . . . . . . . 20 3.6.1. Filtering . . . . . . . . . . . . . . . . . . . . . . 20 3.7. Message Flow . . . . . . . . . . . . . . . . . . . . . . . 20 4. XML Schema for Event Notifications . . . . . . . . . . . . . . 22 5. Filtering Examples . . . . . . . . . . . . . . . . . . . . . . 26 5.1. Subtree Filtering . . . . . . . . . . . . . . . . . . . . 28 5.2. XPATH Filters . . . . . . . . . . . . . . . . . . . . . . 29 6. Interleave Capability . . . . . . . . . . . . . . . . . . . . 30 6.1. Description . . . . . . . . . . . . . . . . . . . . . . . 30 6.2. Dependencies . . . . . . . . . . . . . . . . . . . . . . . 30 6.3. Capability Identifier . . . . . . . . . . . . . . . . . . 30 6.4. New Operations . . . . . . . . . . . . . . . . . . . . . . 31 6.5. Modifications to Existing Operations . . . . . . . . . . . 31 7. Security Considerations . . . . . . . . . . . . . . . . . . . 31 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 32 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 33 10. Normative References . . . . . . . . . . . . . . . . . . . . . 33
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Definition of Terms . . . . . . . . . . . . . . . . . . . 3 1.2. Motivation . . . . . . . . . . . . . . . . . . . . . . . . 4 1.3. Event Notifications in NETCONF . . . . . . . . . . . . . . 5 2. Notification-Related Operations . . . . . . . . . . . . . . . 5 2.1. Subscribing to Receive Event Notifications . . . . . . . . 5 2.1.1. <create-subscription> . . . . . . . . . . . . . . . . 6 2.2. Sending Event Notifications . . . . . . . . . . . . . . . 9 2.2.1. <notification> . . . . . . . . . . . . . . . . . . . . 9 2.3. Terminating the Subscription . . . . . . . . . . . . . . . 9 3. Supporting Concepts . . . . . . . . . . . . . . . . . . . . . 10 3.1. Capabilities Exchange . . . . . . . . . . . . . . . . . . 10 3.1.1. Capability Identifier . . . . . . . . . . . . . . . . 10 3.1.2. Capability Example . . . . . . . . . . . . . . . . . . 10 3.2. Event Streams . . . . . . . . . . . . . . . . . . . . . . 10 3.2.1. Event Stream Definition . . . . . . . . . . . . . . . 12 3.2.2. Event Stream Content Format . . . . . . . . . . . . . 12 3.2.3. Default Event Stream . . . . . . . . . . . . . . . . . 12 3.2.4. Event Stream Sources . . . . . . . . . . . . . . . . . 12 3.2.5. Event Stream Discovery . . . . . . . . . . . . . . . . 12 3.3. Notification Replay . . . . . . . . . . . . . . . . . . . 15 3.3.1. Overview . . . . . . . . . . . . . . . . . . . . . . . 15 3.3.2. Creating a Subscription with Replay . . . . . . . . . 16 3.4. Notification Management Schema . . . . . . . . . . . . . . 16 3.5. Subscriptions Data . . . . . . . . . . . . . . . . . . . . 20 3.6. Filter Mechanics . . . . . . . . . . . . . . . . . . . . . 20 3.6.1. Filtering . . . . . . . . . . . . . . . . . . . . . . 20 3.7. Message Flow . . . . . . . . . . . . . . . . . . . . . . . 20 4. XML Schema for Event Notifications . . . . . . . . . . . . . . 22 5. Filtering Examples . . . . . . . . . . . . . . . . . . . . . . 26 5.1. Subtree Filtering . . . . . . . . . . . . . . . . . . . . 28 5.2. XPATH Filters . . . . . . . . . . . . . . . . . . . . . . 29 6. Interleave Capability . . . . . . . . . . . . . . . . . . . . 30 6.1. Description . . . . . . . . . . . . . . . . . . . . . . . 30 6.2. Dependencies . . . . . . . . . . . . . . . . . . . . . . . 30 6.3. Capability Identifier . . . . . . . . . . . . . . . . . . 30 6.4. New Operations . . . . . . . . . . . . . . . . . . . . . . 31 6.5. Modifications to Existing Operations . . . . . . . . . . . 31 7. Security Considerations . . . . . . . . . . . . . . . . . . . 31 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 32 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 33 10. Normative References . . . . . . . . . . . . . . . . . . . . . 33
[NETCONF] can be conceptually partitioned into four layers:
[NETCONF]在概念上可分为四层:
Layer Example +-------------+ +-------------------------------------------+ | Content | | Configuration data | +-------------+ +-------------------------------------------+ | | +-------------+ +-------------------------------------------+ | Operations | |<get-config>, <edit-config>, <notification>| +-------------+ +-------------------------------------------+ | | | +-------------+ +-----------------------------+ | | RPC | | <rpc>, <rpc-reply> | | +-------------+ +-----------------------------+ | | | | +-------------+ +-------------------------------------------+ | Transport | | BEEP, SSH, SSL, console | | Protocol | | | +-------------+ +-------------------------------------------+
Layer Example +-------------+ +-------------------------------------------+ | Content | | Configuration data | +-------------+ +-------------------------------------------+ | | +-------------+ +-------------------------------------------+ | Operations | |<get-config>, <edit-config>, <notification>| +-------------+ +-------------------------------------------+ | | | +-------------+ +-----------------------------+ | | RPC | | <rpc>, <rpc-reply> | | +-------------+ +-----------------------------+ | | | | +-------------+ +-------------------------------------------+ | Transport | | BEEP, SSH, SSL, console | | Protocol | | | +-------------+ +-------------------------------------------+
Figure 1
图1
This document defines mechanisms that provide an asynchronous message notification delivery service for the [NETCONF] protocol. This is an optional capability built on top of the base NETCONF definition. This memo defines the capabilities and operations necessary to support this service.
本文档定义了为[NETCONF]协议提供异步消息通知传递服务的机制。这是构建在基本NETCONF定义之上的可选功能。本备忘录定义了支持此服务所需的功能和操作。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].
本文件中的关键词“必须”、“不得”、“必需”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照[RFC2119]中所述进行解释。
Element: An [XML] Element.
元素:一个[XML]元素。
Subscription: An agreement and method to receive event notifications over a NETCONF session. A concept related to the delivery of notifications (if there are any to send) involving destination and selection of notifications. It is bound to the lifetime of a session.
订阅:通过NETCONF会话接收事件通知的协议和方法。与通知交付(如果有任何通知要发送)相关的概念,涉及通知的目的地和选择。它绑定到会话的生存期。
Operation: This term is used to refer to NETCONF protocol operations [NETCONF]. Within this document, operation refers to NETCONF protocol operations defined in support of NETCONF notifications.
操作:此术语用于指NETCONF协议操作[NETCONF]。在本文档中,操作是指为支持NETCONF通知而定义的NETCONF协议操作。
Event: An event is something that happens that may be of interest - a configuration change, a fault, a change in status, crossing a threshold, or an external input to the system, for example. Often, this results in an asynchronous message, sometimes referred to as a notification or event notification, being sent to interested parties to notify them that this event has occurred.
事件:事件是可能引起关注的事件-例如,配置更改、故障、状态更改、超过阈值或系统的外部输入。通常,这会导致异步消息(有时称为通知或事件通知)被发送给相关方,以通知他们该事件已发生。
Replay: The ability to send/re-send previously logged notifications upon request. These notifications are sent asynchronously. This feature is implemented by the NETCONF server and invoked by the NETCONF client.
Replay:根据请求发送/重新发送以前记录的通知的功能。这些通知是异步发送的。此功能由NETCONF服务器实现,并由NETCONF客户端调用。
Stream: An event stream is a set of event notifications matching some forwarding criteria and available to NETCONF clients for subscription.
流:事件流是一组符合某些转发条件的事件通知,可供NETCONF客户端订阅。
Filter: A parameter that indicates which subset of all possible events are of interest. A filter is defined as one or more filter elements [NETCONF], each of which identifies a portion of the overall filter.
筛选器:一个参数,指示所有可能事件的哪个子集是感兴趣的。过滤器定义为一个或多个过滤器元件[NETCONF],每个元件标识整个过滤器的一部分。
The motivation for this work is to enable the sending of asynchronous messages that are consistent with the data model (content) and security model used within a NETCONF implementation.
这项工作的动机是允许发送与NETCONF实现中使用的数据模型(内容)和安全模型一致的异步消息。
The scope of the work aims at meeting the following operational needs:
工作范围旨在满足以下运营需求:
o Initial release should ensure it supports notifications in support of configuration operations.
o 初始版本应确保它支持支持配置操作的通知。
o It should be possible to use the same data model for notifications as for configuration operations.
o 对于通知和配置操作,应该可以使用相同的数据模型。
o The solution should support a reasonable message size limit (i.e., not too short).
o 解决方案应支持合理的消息大小限制(即,不要太短)。
o The notifications should be carried over a connection-oriented delivery mechanism.
o 通知应通过面向连接的传递机制传递。
o A subscription mechanism for notifications should be provided. This takes into account that a NETCONF server does not send notifications before being asked to do so, and that it is the NETCONF client who initiates the flow of notifications.
o 应提供通知的订阅机制。这考虑到NETCONF服务器在被要求发送通知之前不会发送通知,并且是NETCONF客户端发起通知流。
o A filtering mechanism for sending notifications should be put in place within the NETCONF server.
o 应在NETCONF服务器中设置发送通知的过滤机制。
o The information contained in a notification should be sufficient so that it can be analyzed independent of the transport mechanism. In other words, the data content fully describes a notification; protocol information is not needed to understand a notification.
o 通知中包含的信息应足够,以便能够独立于传输机制进行分析。换句话说,数据内容充分描述了通知;理解通知不需要协议信息。
o The server should have the capability to replay locally logged notifications.
o 服务器应该能够重播本地记录的通知。
This memo defines a mechanism whereby the NETCONF client indicates interest in receiving event notifications from a NETCONF server by creating a subscription to receive event notifications. The NETCONF server replies to indicate whether the subscription request was successful and, if it was successful, begins sending the event notifications to the NETCONF client as the events occur within the system. These event notifications will continue to be sent until either the NETCONF session is terminated or the subscription terminates for some other reason. The event notification subscription allows a number of options to enable the NETCONF client to specify which events are of interest. These are specified when the subscription is created. Note that a subscription cannot be modified once created.
此备忘录定义了一种机制,NETCONF客户端通过创建订阅以接收事件通知来表示对从NETCONF服务器接收事件通知的兴趣。NETCONF服务器会回复以指示订阅请求是否成功,如果成功,则会在系统内发生事件时开始向NETCONF客户端发送事件通知。这些事件通知将继续发送,直到NETCONF会话终止或订阅因其他原因终止。事件通知订阅允许许多选项使NETCONF客户端能够指定感兴趣的事件。这些是在创建订阅时指定的。请注意,订阅一经创建就无法修改。
The NETCONF server MUST accept and process the <close-session> operation, even while the notification subscription is active. The NETCONF server MAY accept and process other commands; otherwise, they will be rejected and the server MUST send a 'resource-denied' error. A NETCONF server advertises support of the ability to process other commands via the :interleave capability.
NETCONF服务器必须接受并处理<close session>操作,即使通知订阅处于活动状态。NETCONF服务器可以接受和处理其他命令;否则,它们将被拒绝,服务器必须发送“资源被拒绝”错误。NETCONF服务器通过:交织功能宣传对处理其他命令的能力的支持。
The event notification subscription is initiated by the NETCONF client and responded to by the NETCONF server. A subscription is bound to a single stream for the lifetime of the subscription. When the event notification subscription is created, the events of interest are specified.
事件通知订阅由NETCONF客户端启动,并由NETCONF服务器响应。订阅在订阅的生存期内绑定到单个流。创建事件通知订阅时,将指定感兴趣的事件。
Content for an event notification subscription can be selected by applying user-specified filters.
可以通过应用用户指定的筛选器来选择事件通知订阅的内容。
Description:
说明:
This operation initiates an event notification subscription that will send asynchronous event notifications to the initiator of the command until the subscription terminates.
此操作启动事件通知订阅,该订阅将向命令的启动器发送异步事件通知,直到订阅终止。
Parameters:
参数:
Stream:
流:
An optional parameter, <stream>, that indicates which stream of events is of interest. If not present, events in the default NETCONF stream will be sent.
一个可选参数,<stream>,指示感兴趣的事件流。如果不存在,将发送默认NETCONF流中的事件。
Filter:
过滤器:
An optional parameter, <filter>, that indicates which subset of all possible events is of interest. The format of this parameter is the same as that of the filter parameter in the NETCONF protocol operations. If not present, all events not precluded by other parameters will be sent. See section 3.6 for more information on filters.
一个可选参数,<filter>,指示所有可能事件的哪个子集是感兴趣的。此参数的格式与NETCONF协议操作中的过滤器参数的格式相同。如果不存在,将发送其他参数未排除的所有事件。有关过滤器的更多信息,请参见第3.6节。
Start Time:
开始时间:
A parameter, <startTime>, used to trigger the replay feature and indicate that the replay should start at the time specified. If <startTime> is not present, this is not a replay subscription. It is not valid to specify start times that are later than the current time. If the <startTime> specified is earlier than the log can support, the replay will begin with the earliest available notification. This parameter is of type dateTime and compliant to [RFC3339]. Implementations must support time zones.
一个参数,<startTime>,用于触发重播功能并指示重播应在指定的时间开始。如果<startTime>不存在,则这不是重播订阅。指定晚于当前时间的开始时间无效。如果指定的<startTime>早于日志支持的时间,则重播将以最早的可用通知开始。此参数的类型为dateTime,并符合[RFC3339]。实现必须支持时区。
Stop Time:
停止时间:
An optional parameter, <stopTime>, used with the optional replay feature to indicate the newest notifications of interest. If <stopTime> is not present, the notifications will continue until the subscription is terminated. Must be used with and be later than <startTime>. Values of <stopTime> in the future are valid. This parameter is of type dateTime and compliant to [RFC3339]. Implementations must support time zones.
可选参数<stopTime>,与可选重播功能一起使用,以指示最新的感兴趣通知。如果<stopTime>不存在,则通知将继续,直到订阅终止。必须与一起使用,并且必须晚于<startTime>。未来的<stopTime>值有效。此参数的类型为dateTime,并符合[RFC3339]。实现必须支持时区。
Positive Response:
积极回应:
If the NETCONF server can satisfy the request, the server sends an <ok> element.
如果NETCONF服务器能够满足请求,服务器将发送一个<ok>元素。
Negative Response:
否定回答:
An <rpc-error> element is included within the <rpc-reply> if the request cannot be completed for any reason. Subscription requests will fail if a filter with invalid syntax is provided or if the name of a non-existent stream is provided.
如果由于任何原因无法完成请求,则<rpc error>元素将包含在<rpc reply>中。如果提供了语法无效的筛选器或提供了不存在的流的名称,则订阅请求将失败。
If a <stopTime> is specified in a request without having specified a <startTime>, the following error is returned:
如果在请求中指定了<stopTime>,但未指定<startTime>,则返回以下错误:
Tag: missing-element
标记:缺少元素
Error-type: protocol
错误类型:协议
Severity: error
严重性:错误
Error-info: <bad-element>: startTime
Error-info: <bad-element>: startTime
Description: An expected element is missing.
描述:缺少所需的元素。
If the optional replay feature is requested but it is not supported by the NETCONF server, the following error is returned:
如果请求了可选重播功能,但NETCONF服务器不支持该功能,则返回以下错误:
Tag: operation-failed
标记:操作失败
Error-type: protocol
错误类型:协议
Severity: error
严重性:错误
Error-info: none
错误信息:无
Description: Request could not be completed because the requested operation failed for some reason not covered by any other error condition.
描述:请求无法完成,因为请求的操作因任何其他错误条件未涵盖的原因而失败。
If a <stopTime> is requested that is earlier than the specified <startTime>, the following error is returned:
如果请求的<stopTime>早于指定的<startTime>,则返回以下错误:
Tag: bad-element
标签:坏元素
Error-type: protocol
错误类型:协议
Severity: error
严重性:错误
Error-info: <bad-element>: stopTime
Error-info: <bad-element>: stopTime
Description: An element value is not correct; e.g., wrong type, out of range, pattern mismatch.
说明:元素值不正确;e、 例如,类型错误、超出范围、图案不匹配。
If a <startTime> is requested that is later than the current time, the following error is returned:
如果请求的<startTime>晚于当前时间,则返回以下错误:
Tag: bad-element
标签:坏元素
Error-type: protocol
错误类型:协议
Severity: error
严重性:错误
Error-info: <bad-element>: startTime
Error-info: <bad-element>: startTime
Description: An element value is not correct; e.g., wrong type, out of range, pattern mismatch.
说明:元素值不正确;e、 例如,类型错误、超出范围、图案不匹配。
The following demonstrates creating a simple subscription. More complex examples can be found in section 5.
下面演示如何创建简单订阅。更复杂的例子见第5节。
<netconf:rpc message-id="101" xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0"> <create-subscription xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> </create-subscription> </netconf:rpc>
<netconf:rpc message-id="101" xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0"> <create-subscription xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> </create-subscription> </netconf:rpc>
Once the subscription has been set up, the NETCONF server sends the event notifications asynchronously over the connection.
设置订阅后,NETCONF服务器将通过连接异步发送事件通知。
Description:
说明:
An event notification is sent to the client who initiated a <create-subscription> command asynchronously when an event of interest (i.e., meeting the specified filtering criteria) has occurred. An event notification is a complete and well-formed XML document. Note that <notification> is not a Remote Procedure Call (RPC) method but rather the top-level element identifying the one-way message as a notification.
当发生感兴趣的事件(即满足指定的筛选条件)时,将向异步启动<create subscription>命令的客户端发送事件通知。事件通知是一个完整且格式良好的XML文档。请注意,<notification>不是远程过程调用(RPC)方法,而是将单向消息标识为通知的顶级元素。
Parameters:
参数:
eventTime
活动时间
The time the event was generated by the event source. This parameter is of type dateTime and compliant to [RFC3339]. Implementations must support time zones.
事件源生成事件的时间。此参数的类型为dateTime,并符合[RFC3339]。实现必须支持时区。
Also contains notification-specific tagged content, if any. With the exception of <eventTime>, the content of the notification is beyond the scope of this document.
还包含特定于通知的标记内容(如果有)。除了<eventTime>之外,通知的内容超出了本文档的范围。
Response:
答复:
No response. Not applicable.
没有回应。不适用。
Closing of the event notification subscription can be done by using the <close-session> operation from the subscriptions session or terminating the NETCONF session ( <kill-session> ) or the underlying transport session from another session. If a stop time is provided when the subscription is created, the subscription will terminate after the stop time is reached. In this case, the NETCONF session will still be an active session.
通过使用订阅会话中的<close session>操作或终止NETCONF会话(<kill session>)或其他会话中的基础传输会话,可以关闭事件通知订阅。如果在创建订阅时提供了停止时间,则订阅将在达到停止时间后终止。在这种情况下,NETCONF会话仍然是活动会话。
The ability to process and send event notifications is advertised during the capability exchange between the NETCONF client and server.
处理和发送事件通知的能力在NETCONF客户端和服务器之间的能力交换期间公布。
"urn:ietf:params:netconf:capability:notification:1.0"
"urn:ietf:params:netconf:capability:notification:1.0"
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <capabilities> <capability> urn:ietf:params:xml:ns:netconf:base:1.0 </capability> <capability> urn:ietf:params:netconf:capability:startup:1.0 </capability> <capability> urn:ietf:params:netconf:capability:notification:1.0 </capability> </capabilities> <session-id>4</session-id> </hello>
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <capabilities> <capability> urn:ietf:params:xml:ns:netconf:base:1.0 </capability> <capability> urn:ietf:params:netconf:capability:startup:1.0 </capability> <capability> urn:ietf:params:netconf:capability:notification:1.0 </capability> </capabilities> <session-id>4</session-id> </hello>
An event stream is defined as a set of event notifications matching some forwarding criteria.
事件流定义为一组符合某些转发条件的事件通知。
Figure 2 illustrates the notification flow and concepts identified in this document. It does not mandate and/or preclude an implementation. The following is observed from the diagram below: System components (c1..cn) generate event notifications that are passed to a central component for classification and distribution. The central component inspects each event notification and matches the event notification against the set of stream definitions. When a match occurs, the event notification is considered to be a member of that event stream (stream 1..stream n). An event notification may be part of multiple event streams.
图2说明了本文档中确定的通知流和概念。它不授权和/或阻止实施。从下图可以看出:系统组件(c1..cn)生成事件通知,并将其传递给中心组件进行分类和分发。中心组件检查每个事件通知,并根据流定义集匹配事件通知。当匹配发生时,事件通知被视为该事件流(流1..n)的成员。事件通知可能是多个事件流的一部分。
At some point after the NETCONF server receives the internal event from a stream, it is converted to an appropriate XML encoding by the server, and a <notification> element is ready to send to all NETCONF sessions subscribed to that stream.
在NETCONF服务器从流接收到内部事件后的某个时刻,服务器将其转换为适当的XML编码,并且<notification>元素准备发送到订阅到该流的所有NETCONF会话。
After generation of the <notification> element, access control is applied by the server. If a session does not have permission to receive the <notification>, then it is discarded for that session, and processing of the internal event is completed for that session.
生成<notification>元素后,服务器将应用访问控制。如果会话没有接收<通知>的权限,则该会话将丢弃该会话,并完成该会话的内部事件处理。
When a NETCONF client subscribes to a given event stream, user-defined filter elements, if applicable, are applied to the event stream and matching event notifications are forwarded to the NETCONF server for distribution to subscribed NETCONF clients. A filter is transferred from the client to the server during the <create-subscription> operation and applied against each <notification> element generated by the stream. For more information on filtering, see Section 3.6.
当NETCONF客户端订阅给定的事件流时,用户定义的筛选器元素(如果适用)将应用于事件流,并将匹配的事件通知转发给NETCONF服务器以分发给订阅的NETCONF客户端。在<create subscription>操作期间,过滤器从客户端传输到服务器,并应用于流生成的每个<notification>元素。有关过滤的更多信息,请参见第3.6节。
A notification-logging service may also be available, in which case, the central component logs notifications. The NETCONF server may later retrieve logged notifications via the optional replay feature. For more information on replay, see section 3.3.
通知日志记录服务也可能可用,在这种情况下,中心组件记录通知。NETCONF服务器稍后可以通过可选的重播功能检索记录的通知。有关回放的更多信息,请参见第3.3节。
+----+ | c1 |----+ available streams +----+ | +---------+ +----+ | |central |-> stream 1 | c2 | +--->|event |-> stream 2 filter +-------+ +----+ | |processor|-> NETCONF stream ----->|NETCONF| ... | | |-> stream n |server | System | +---------+ +-------+ Components| | /\ ... | | || +----+ | | (------------) || | cn |----+ | (notification) || +----+ +-----> ( logging ) || ( service ) || (------------) || || || \/ +-------+ |NETCONF| |client | +-------+
+----+ | c1 |----+ available streams +----+ | +---------+ +----+ | |central |-> stream 1 | c2 | +--->|event |-> stream 2 filter +-------+ +----+ | |processor|-> NETCONF stream ----->|NETCONF| ... | | |-> stream n |server | System | +---------+ +-------+ Components| | /\ ... | | || +----+ | | (------------) || | cn |----+ | (notification) || +----+ +-----> ( logging ) || ( service ) || (------------) || || || \/ +-------+ |NETCONF| |client | +-------+
Figure 2
图2
Event streams are predefined on the managed device. The configuration of event streams is outside the scope of this document. However, it is envisioned that event streams are either pre-established by the vendor (pre-configured), user configurable (e.g., part of the device's configuration), or both. Device vendors may allow event stream configuration via the NETCONF protocol (i.e., <edit-config> operation).
事件流是在受管设备上预定义的。事件流的配置不在本文档的范围内。然而,可以设想,事件流要么由供应商预先建立(预先配置),要么由用户配置(例如,设备配置的一部分),要么两者都是。设备供应商可能允许通过NETCONF协议配置事件流(即,<edit config>操作)。
The contents of all event streams made available to a NETCONF client (i.e., the notification sent by the NETCONF server) MUST be encoded in XML.
NETCONF客户端可用的所有事件流的内容(即NETCONF服务器发送的通知)必须用XML编码。
A NETCONF server implementation supporting the notification capability MUST support the "NETCONF" notification event stream. This stream contains all NETCONF XML event notifications supported by the NETCONF server. The exact string "NETCONF" is used during the advertisement of stream support during the <get> operation on <streams> and during the <create-subscription> operation. Definition of the event notifications and their contents, beyond the inclusion of <eventTime>, for this event stream is outside the scope of this document.
支持通知功能的NETCONF服务器实现必须支持“NETCONF”通知事件流。此流包含NETCONF服务器支持的所有NETCONF XML事件通知。在<streams>上的<get>操作和<create subscription>操作期间,在发布流支持期间使用确切的字符串“NETCONF”。此事件流的事件通知及其内容的定义(不包括<eventTime>)不在本文档的范围内。
With the exception of the default event stream (NETCONF), specification of additional event stream sources (e.g., Simple Network Management Protocol (SNMP), syslog) is outside the scope of this document. NETCONF server implementations may leverage any desired event stream source in the creation of supported event streams.
除默认事件流(NETCONF)外,其他事件流源(如简单网络管理协议(SNMP)、系统日志)的规范不在本文档的范围内。NETCONF服务器实现可以利用任何所需的事件流源来创建受支持的事件流。
A NETCONF client retrieves the list of supported event streams from a NETCONF server using the <get> operation.
NETCONF客户端使用<get>操作从NETCONF服务器检索支持的事件流列表。
The list of available event streams is retrieved by requesting the <streams> subtree via a <get> operation. Available event streams for the requesting session are returned in the reply containing the <name> and <description> elements, where the <name> element is
The list of available event streams is retrieved by requesting the <streams> subtree via a <get> operation. Available event streams for the requesting session are returned in the reply containing the <name> and <description> elements, where the <name> element is
mandatory, and its value is unique within the scope of a NETCONF server. An empty reply is returned if there are no available event streams, due to user-specified filters on the <get> operation.
必需,并且其值在NETCONF服务器范围内是唯一的。如果由于用户在<get>操作上指定的筛选器,没有可用的事件流,则返回空回复。
Additional information available about a stream includes whether notification replay is available and, if so, the timestamp of the earliest possible notification to replay.
关于流的其他可用信息包括通知重播是否可用,以及如果可用,最早可能重播的通知的时间戳。
The following example shows retrieving the list of available event stream list using the <get> operation.
下面的示例显示使用<get>操作检索可用事件流列表的列表。
<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <get> <filter type="subtree"> <netconf xmlns="urn:ietf:params:xml:ns:netmod:notification"> <streams/> </netconf> </filter> </get> </rpc>
<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <get> <filter type="subtree"> <netconf xmlns="urn:ietf:params:xml:ns:netmod:notification"> <streams/> </netconf> </filter> </get> </rpc>
The NETCONF server returns a list of event streams available for subscription: NETCONF, SNMP, and syslog-critical in this example.
NETCONF服务器返回可供订阅的事件流列表:本例中为NETCONF、SNMP和syslog-critical。
<rpc-reply message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <data> <netconf xmlns="urn:ietf:params:xml:ns:netmod:notification"> <streams> <stream> <name>NETCONF</name> <description>default NETCONF event stream </description> <replaySupport>true</replaySupport> <replayLogCreationTime> 2007-07-08T00:00:00Z </replayLogCreationTime> </stream> <stream> <name>SNMP</name> <description>SNMP notifications</description> <replaySupport>false</replaySupport> </stream> <stream> <name>syslog-critical</name> <description>Critical and higher severity </description> <replaySupport>true</replaySupport> <replayLogCreationTime> 2007-07-01T00:00:00Z </replayLogCreationTime> </stream> </streams> </netconf> </data> </rpc-reply>
<rpc-reply message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <data> <netconf xmlns="urn:ietf:params:xml:ns:netmod:notification"> <streams> <stream> <name>NETCONF</name> <description>default NETCONF event stream </description> <replaySupport>true</replaySupport> <replayLogCreationTime> 2007-07-08T00:00:00Z </replayLogCreationTime> </stream> <stream> <name>SNMP</name> <description>SNMP notifications</description> <replaySupport>false</replaySupport> </stream> <stream> <name>syslog-critical</name> <description>Critical and higher severity </description> <replaySupport>true</replaySupport> <replayLogCreationTime> 2007-07-01T00:00:00Z </replayLogCreationTime> </stream> </streams> </netconf> </data> </rpc-reply>
A NETCONF client may request from the NETCONF server the list of event streams available to this session and then issue a <create-subscription> request with the desired event stream name. Omitting the event stream name from the <create-subscription> request results in subscription to the default NETCONF event stream.
NETCONF客户端可以从NETCONF服务器请求此会话可用的事件流列表,然后发出带有所需事件流名称的<create subscription>请求。从<create subscription>请求中省略事件流名称将导致订阅默认的NETCONF事件流。
The set of event notifications delivered in an event stream may be further refined by applying a user-specified filter supplied at subscription creation time ( <create-subscription> ). This is a transient filter associated with the event notification subscription and does not modify the event stream configuration. The filter element is applied against the contents of the <notification> wrapper and not the wrapper itself. See section 5 for examples. Either subtree or XPATH filtering can be used.
通过应用订阅创建时提供的用户指定筛选器(<create subscription>),可以进一步细化事件流中传递的事件通知集。这是与事件通知订阅关联的临时筛选器,不会修改事件流配置。过滤器元素应用于<notification>包装的内容,而不是包装本身。示例见第5节。可以使用子树或XPATH筛选。
XPATH support for the Notification capability is advertised as part of the normal XPATH capability advertisement. If XPATH support is advertised via the XPATH capability, then XPATH is supported for notification filtering. If this capability is not advertised, XPATH is not supported for notification filtering.
通知功能的XPATH支持作为普通XPATH功能公告的一部分进行公告。如果XPATH支持是通过XPATH功能发布的,那么XPATH支持通知过滤。如果未公布此功能,则不支持XPATH进行通知筛选。
Replay is the ability to create an event subscription that will resend recently generated notifications, or in some cases send them for the first time to a particular NETCONF client. These notifications are sent the same way as normal notifications.
Replay是一种创建事件订阅的功能,该订阅将重新发送最近生成的通知,或者在某些情况下第一次将它们发送到特定的NETCONF客户端。这些通知的发送方式与普通通知相同。
A replay of notifications is specified by including the optional <startTime> parameter to the subscription command, which indicates the start time of the replay. The end time is specified using the optional <stopTime> parameter. If not present, notifications will continue to be sent until the subscription is terminated.
通过在subscription命令中包含可选的<startTime>参数来指定通知的重播,该参数指示重播的开始时间。使用可选的<stopTime>参数指定结束时间。如果不存在,将继续发送通知,直到订阅终止。
A notification stream that supports replay is not expected to have an unlimited supply of saved notifications available to accommodate any replay request. Clients can query <replayLogCreationTime> and <replayLogAgedTime> to learn about the availability of notifications for replay.
支持replay的通知流不需要无限量地提供已保存的通知以适应任何replay请求。客户端可以查询<replayLogCreationTime>和<ReplayLogAgagedTime>,了解replay通知的可用性。
The actual number of stored notifications available for retrieval at any given time is a NETCONF server implementation-specific matter. Control parameters for this aspect of the feature are outside the scope of this document.
在任何给定时间可供检索的存储通知的实际数量取决于NETCONF服务器实现。此特性方面的控制参数不在本文档范围内。
Replay is dependent on a notification stream supporting some form of notification logging, although it puts no restrictions on the size or form of the log, or where it resides within the device. Whether or not a stream supports replay can be discovered by doing a <get> operation on the <streams> element of the Notification Management
Replay依赖于支持某种形式的通知日志记录的通知流,尽管它没有限制日志的大小或形式,也没有限制日志在设备中的位置。通过对通知管理的<streams>元素执行<get>操作,可以发现流是否支持重播
Schema and looking at the value of the <replaySupport> object. This schema also provides the <replayLogCreationTime> element to indicate the earliest available logged notification.
架构并查看<replaySupport>对象的值。此模式还提供了<replayLogCreationTime>元素来指示最早的可用日志通知。
This feature uses optional parameters to the <create-subscription> command called <startTime> and <stopTime>. <startTime> identifies the earliest date and time of interest for event notifications being replayed and also indicates that a subscription will be providing replay of notifications. Events generated before this time are not matched. <stopTime> specifies the latest date and time of interest for event notifications being replayed. If it is not present, then notifications will continue to be sent until the subscription is terminated.
此功能将可选参数用于名为<startTime>和<stopTime>的<create subscription>命令<startTime>标识正在重播的事件通知的最早关注日期和时间,还指示订阅将提供通知重播。在此时间之前生成的事件不匹配<stopTime>指定正在重播的事件通知的最新关注日期和时间。如果不存在,则将继续发送通知,直到订阅终止。
Note that <startTime> and <stopTime> are associated with the time an event was generated by the event source.
请注意,<startTime>和<stopTime>与事件源生成事件的时间相关。
A <replayComplete> notification is sent to indicate that all of the replay notifications have been sent and must not be sent for any other reason. If this subscription has a stop time, then this session becomes a normal NETCONF session again. The NETCONF server will then accept <rpc> operations even if the server did not previously accept such operations due to lack of interleave support. In the case of a subscription without a stop time, after the <replayComplete> notification has been sent, it can be expected that any notifications generated since the start of the subscription creation will be sent, followed by notifications as they arise naturally within the system.
发送一个<replayComplete>通知,指示所有重播通知都已发送,并且不得出于任何其他原因发送。如果此订阅有停止时间,则此会话将再次成为正常的NETCONF会话。NETCONF服务器随后将接受<rpc>操作,即使该服务器之前由于缺乏交织支持而未接受此类操作。如果订阅没有停止时间,则在发送<replayComplete>通知后,可以预期自订阅创建开始以来生成的任何通知都将被发送,然后是系统内自然产生的通知。
The <replayComplete> and <notificationComplete> notifications cannot be filtered out. They will always be sent on a replay subscription that specified a <startTime> and <stopTime>, respectively.
无法筛选出<replayComplete>和<notificationComplete>通知。它们将始终在分别指定了<startTime>和<stopTime>的replay订阅上发送。
This Schema is used to learn about the event streams supported on the system. It also contains the definition of the <replayComplete> and <notificationComplete> notifications, which are sent to indicate that an event replay has sent all applicable notifications and that the subscription has terminated, respectively.
此模式用于了解系统上支持的事件流。它还包含<replayComplete>和<notificationComplete>通知的定义,发送这些通知分别表示事件重播已发送所有适用的通知和订阅已终止。
<?xml version="1.0" encoding="UTF-8"?> <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:ncEvent="urn:ietf:params:xml:ns:netconf:notification:1.0" xmlns:manageEvent="urn:ietf:params:xml:ns:netmod:notification" targetNamespace="urn:ietf:params:xml:ns:netmod:notification" elementFormDefault="qualified" attributeFormDefault="unqualified" xml:lang="en" version="1.0"> <xs:annotation> <xs:documentation xml:lang="en"> A schema that can be used to learn about current event streams. It also contains the replayComplete and notificationComplete notification. </xs:documentation> </xs:annotation>
<?xml version="1.0" encoding="UTF-8"?> <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:ncEvent="urn:ietf:params:xml:ns:netconf:notification:1.0" xmlns:manageEvent="urn:ietf:params:xml:ns:netmod:notification" targetNamespace="urn:ietf:params:xml:ns:netmod:notification" elementFormDefault="qualified" attributeFormDefault="unqualified" xml:lang="en" version="1.0"> <xs:annotation> <xs:documentation xml:lang="en"> A schema that can be used to learn about current event streams. It also contains the replayComplete and notificationComplete notification. </xs:documentation> </xs:annotation>
<xs:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/> <xs:import namespace="urn:ietf:params:xml:ns:netconf:base:1.0" schemaLocation="netconf.xsd"/> <xs:import namespace= "urn:ietf:params:xml:ns:netconf:notification:1.0" schemaLocation="notification.xsd"/>
<xs:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/> <xs:import namespace="urn:ietf:params:xml:ns:netconf:base:1.0" schemaLocation="netconf.xsd"/> <xs:import namespace= "urn:ietf:params:xml:ns:netconf:notification:1.0" schemaLocation="notification.xsd"/>
<xs:element name="netconf" type="manageEvent:Netconf"/>
<xs:element name="netconf" type="manageEvent:Netconf"/>
<xs:complexType name="Netconf"> <xs:sequence> <xs:element name="streams" > <xs:annotation> <xs:documentation> The list of event streams supported by the system. When a query is issued, the returned set of streams is determined based on user privileges. </xs:documentation> </xs:annotation> <xs:complexType> <xs:sequence minOccurs="1" maxOccurs="unbounded"> <xs:element name="stream"> <xs:annotation> <xs:documentation> Stream name, description, and other information. </xs:documentation> </xs:annotation> <xs:complexType> <xs:sequence>
<xs:complexType name="Netconf"> <xs:sequence> <xs:element name="streams" > <xs:annotation> <xs:documentation> The list of event streams supported by the system. When a query is issued, the returned set of streams is determined based on user privileges. </xs:documentation> </xs:annotation> <xs:complexType> <xs:sequence minOccurs="1" maxOccurs="unbounded"> <xs:element name="stream"> <xs:annotation> <xs:documentation> Stream name, description, and other information. </xs:documentation> </xs:annotation> <xs:complexType> <xs:sequence>
<xs:element name="name" type="ncEvent:streamNameType"> <xs:annotation> <xs:documentation> The name of the event stream. If this is the default NETCONF stream, this must have the value "NETCONF". </xs:documentation> </xs:annotation> </xs:element> <xs:element name="description" type="xs:string"> <xs:annotation> <xs:documentation> A description of the event stream, including such information as the type of events that are sent over this stream. </xs:documentation> </xs:annotation> </xs:element> <xs:element name="replaySupport" type="xs:boolean"> <xs:annotation> <xs:documentation> An indication of whether or not event replay is available on this stream. </xs:documentation> </xs:annotation> </xs:element> <xs:element name="replayLogCreationTime" type="xs:dateTime" minOccurs="0"> <xs:annotation> <xs:documentation> The timestamp of the creation of the log used to support the replay function on this stream. Note that this might be earlier then the earliest available notification in the log. This object is updated if the log resets for some reason. This object MUST be present if replay is supported. </xs:documentation> </xs:annotation> </xs:element> <xs:element name="replayLogAgedTime" type="xs:dateTime" minOccurs="0">
<xs:element name="name" type="ncEvent:streamNameType"> <xs:annotation> <xs:documentation> The name of the event stream. If this is the default NETCONF stream, this must have the value "NETCONF". </xs:documentation> </xs:annotation> </xs:element> <xs:element name="description" type="xs:string"> <xs:annotation> <xs:documentation> A description of the event stream, including such information as the type of events that are sent over this stream. </xs:documentation> </xs:annotation> </xs:element> <xs:element name="replaySupport" type="xs:boolean"> <xs:annotation> <xs:documentation> An indication of whether or not event replay is available on this stream. </xs:documentation> </xs:annotation> </xs:element> <xs:element name="replayLogCreationTime" type="xs:dateTime" minOccurs="0"> <xs:annotation> <xs:documentation> The timestamp of the creation of the log used to support the replay function on this stream. Note that this might be earlier then the earliest available notification in the log. This object is updated if the log resets for some reason. This object MUST be present if replay is supported. </xs:documentation> </xs:annotation> </xs:element> <xs:element name="replayLogAgedTime" type="xs:dateTime" minOccurs="0">
<xs:annotation> <xs:documentation> The timestamp of the last notification aged out of the log. This object MUST be present if replay is supported and any notifications have been aged out of the log. </xs:documentation> </xs:annotation> </xs:element> </xs:sequence> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType>
<xs:annotation> <xs:documentation> The timestamp of the last notification aged out of the log. This object MUST be present if replay is supported and any notifications have been aged out of the log. </xs:documentation> </xs:annotation> </xs:element> </xs:sequence> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType>
<xs:complexType name="ReplayCompleteNotificationType"> <xs:complexContent> <xs:extension base="ncEvent:NotificationContentType"/> </xs:complexContent> </xs:complexType>
<xs:complexType name="ReplayCompleteNotificationType"> <xs:complexContent> <xs:extension base="ncEvent:NotificationContentType"/> </xs:complexContent> </xs:complexType>
<xs:element name="replayComplete" type="manageEvent:ReplayCompleteNotificationType" substitutionGroup="ncEvent:notificationContent"> <xs:annotation> <xs:documentation> This notification is sent to signal the end of a replay portion of a subscription. </xs:documentation> </xs:annotation> </xs:element>
<xs:element name="replayComplete" type="manageEvent:ReplayCompleteNotificationType" substitutionGroup="ncEvent:notificationContent"> <xs:annotation> <xs:documentation> This notification is sent to signal the end of a replay portion of a subscription. </xs:documentation> </xs:annotation> </xs:element>
<xs:complexType name="NotificationCompleteNotificationType"> <xs:complexContent> <xs:extension base="ncEvent:NotificationContentType"/> </xs:complexContent> </xs:complexType>
<xs:complexType name="NotificationCompleteNotificationType"> <xs:complexContent> <xs:extension base="ncEvent:NotificationContentType"/> </xs:complexContent> </xs:complexType>
<xs:element name="notificationComplete" type="manageEvent:NotificationCompleteNotificationType" substitutionGroup="ncEvent:notificationContent"> <xs:annotation> <xs:documentation> This notification is sent to signal the end of a
<xs:element name="notificationComplete" type="manageEvent:NotificationCompleteNotificationType" substitutionGroup="ncEvent:notificationContent"> <xs:annotation> <xs:documentation> This notification is sent to signal the end of a
notification subscription. It is sent in the case that stopTime was specified during the creation of the subscription. </xs:documentation> </xs:annotation> </xs:element>
notification subscription. It is sent in the case that stopTime was specified during the creation of the subscription. </xs:documentation> </xs:annotation> </xs:element>
</xs:schema>
</xs:schema>
Subscriptions are non-persistent state information, and their lifetime is defined by their session or by the <stopTime> parameter.
订阅是非持久状态信息,其生存期由会话或<stopTime>参数定义。
If a filter element is specified to look for data of a particular value, and the data item is not present within a particular event notification for its value to be checked against, the notification will be filtered out. For example, if one were to check for 'severity=critical' in a configuration event notification where this field was not supported, then the notification would be filtered out.
如果指定了一个筛选器元素来查找特定值的数据,并且该数据项在特定事件通知中不存在,则该通知将被过滤掉。例如,如果要在不支持此字段的配置事件通知中检查“severity=critical”,则该通知将被过滤掉。
For subtree filtering, a non-empty node set means that the filter matches. For XPath filtering, the mechanisms defined in [XPATH] should be used to convert the returned value to boolean.
对于子树筛选,非空节点集表示筛选器匹配。对于XPath筛选,应该使用[XPath]中定义的机制将返回值转换为布尔值。
Filtering is explicitly stated when the event notification subscription is created. This is specified via the 'filter' parameter. A Filter only exists as a parameter to the subscription.
在创建事件通知订阅时明确说明筛选。这是通过“过滤器”参数指定的。筛选器仅作为订阅的参数存在。
The following figure depicts message flow between a NETCONF client (C) and NETCONF server (S) in order to create a subscription and begin the flow of notifications. This subscription specifies a <startTime>, so the server starts by replaying logged notifications. It is possible that many rpc/rpc-reply sequences occur before the subscription is created, but this is not depicted in the figure.
下图描述了NETCONF客户端(C)和NETCONF服务器之间的消息流,以创建订阅并开始通知流。此订阅指定一个<startTime>,因此服务器通过重播记录的通知启动。在创建订阅之前,可能会出现许多rpc/rpc应答序列,但图中没有描述。
C S | | | capability exchange | |-------------------------->| |<------------------------->| | | | <create-subscription> | (startTime) |-------------------------->| |<--------------------------| | <rpc-reply> | | | | <notification> | |<--------------------------| | | | <notification> | |<--------------------------| | <notification> | (replayComplete) |<--------------------------| | | | | | | | <notification> | |<--------------------------| | | | | | <notification> | |<--------------------------| | | | |
C S | | | capability exchange | |-------------------------->| |<------------------------->| | | | <create-subscription> | (startTime) |-------------------------->| |<--------------------------| | <rpc-reply> | | | | <notification> | |<--------------------------| | | | <notification> | |<--------------------------| | <notification> | (replayComplete) |<--------------------------| | | | | | | | <notification> | |<--------------------------| | | | | | <notification> | |<--------------------------| | | | |
Figure 3
图3
The following figure depicts message flow between a NETCONF client (C) and NETCONF server (S) in order to create a subscription and begin the flow of notifications. This subscription specified a <startTime> and <stopTime> so it starts by replaying logged notifications and then returns to be a normal command-response NETCONF session after the <replayComplete> and <notificationComplete> notifications are sent and it is available to process <rpc> requests. It is possible that many rpc/rpc-reply sequences occur before the subscription is created, but this is not depicted in the figure.
下图描述了NETCONF客户端(C)和NETCONF服务器之间的消息流,以创建订阅并开始通知流。此订阅指定了<startTime>和<stopTime>,因此它通过重播记录的通知开始,然后在发送<replayComplete>和<notificationComplete>通知后返回为正常命令响应NETCONF会话,并可用于处理<rpc>请求。在创建订阅之前,可能会出现许多rpc/rpc应答序列,但图中没有描述。
C S | | | capability exchange | |-------------------------->| |<------------------------->| | | | <create-subscription> | (startTime, |-------------------------->| stopTime) |<--------------------------| | <rpc-reply> | | | | <notification> | |<--------------------------| | | | <notification> | |<--------------------------| | <notification> | (replayComplete) |<--------------------------| | <notification> |(notificationComplete) |<--------------------------| | | | | | | | <rpc> | |-------------------------->| |<--------------------------| | <rpc-reply> | | |
C S | | | capability exchange | |-------------------------->| |<------------------------->| | | | <create-subscription> | (startTime, |-------------------------->| stopTime) |<--------------------------| | <rpc-reply> | | | | <notification> | |<--------------------------| | | | <notification> | |<--------------------------| | <notification> | (replayComplete) |<--------------------------| | <notification> |(notificationComplete) |<--------------------------| | | | | | | | <rpc> | |-------------------------->| |<--------------------------| | <rpc-reply> | | |
Figure 4
图4
The following [XMLSchema] defines NETCONF Event Notifications.
以下[XMLSchema]定义了NETCONF事件通知。
<?xml version="1.0" encoding="UTF-8"?> <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0" xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0" targetNamespace= "urn:ietf:params:xml:ns:netconf:notification:1.0" elementFormDefault="qualified" attributeFormDefault="unqualified" xml:lang="en">
<?xml version="1.0" encoding="UTF-8"?> <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0" xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0" targetNamespace= "urn:ietf:params:xml:ns:netconf:notification:1.0" elementFormDefault="qualified" attributeFormDefault="unqualified" xml:lang="en">
<!-- import standard XML definitions -->
<!-- import standard XML definitions -->
<xs:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"> <xs:annotation> <xs:documentation> This import accesses the xml: attribute groups for the xml:lang as declared on the error-message element. </xs:documentation> </xs:annotation> </xs:import>
<xs:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"> <xs:annotation> <xs:documentation> This import accesses the xml: attribute groups for the xml:lang as declared on the error-message element. </xs:documentation> </xs:annotation> </xs:import>
<!-- import base netconf definitions --> <xs:import namespace="urn:ietf:params:xml:ns:netconf:base:1.0" schemaLocation="netconf.xsd"/>
<!-- import base netconf definitions --> <xs:import namespace="urn:ietf:params:xml:ns:netconf:base:1.0" schemaLocation="netconf.xsd"/>
<!-- ************** Symmetrical Operations ********************-->
<!-- ************** Symmetrical Operations ********************-->
<!-- <create-subscription> operation -->
<!-- <create-subscription> operation -->
<xs:complexType name="createSubscriptionType"> <xs:complexContent> <xs:extension base="netconf:rpcOperationType"> <xs:sequence> <xs:element name="stream" type="streamNameType" minOccurs="0"> <xs:annotation> <xs:documentation> An optional parameter that indicates which stream of events is of interest. If not present, then events in the default NETCONF stream will be sent. </xs:documentation> </xs:annotation> </xs:element> <xs:element name="filter" type="netconf:filterInlineType" minOccurs="0"> <xs:annotation> <xs:documentation> An optional parameter that indicates which subset of all possible events is of interest. The format of this parameter is the same as that of the filter parameter in the NETCONF protocol operations. If not present, all events not precluded by other parameters will be sent.
<xs:complexType name=“createSubscriptionType”><xs:complexContent><xs:extension base=“netconf:rpcopeontitype”><xs:sequence><xs:element name=“stream”type=“streamNameType”minOccurs=“0”><xs:annotation><xs:documentation>一个可选参数,用于指示感兴趣的事件流。如果不存在,则将发送默认NETCONF流中的事件</xs:documentation></xs:annotation></xs:element><xs:element name=“filter”type=“netconf:filterlinetype”minOccurs=“0”><xs:annotation><xs:documentation>一个可选参数,用于指示所有可能事件的哪个子集值得关注。此参数的格式与NETCONF协议操作中的过滤器参数的格式相同。如果不存在,将发送其他参数未排除的所有事件。
</xs:documentation> </xs:annotation> </xs:element> <xs:element name="startTime" type="xs:dateTime" minOccurs="0" > <xs:annotation> <xs:documentation> A parameter used to trigger the replay feature indicating that the replay should start at the time specified. If start time is not present, this is not a replay subscription. </xs:documentation> </xs:annotation> </xs:element> <xs:element name="stopTime" type="xs:dateTime" minOccurs="0" > <xs:annotation> <xs:documentation> An optional parameter used with the optional replay feature to indicate the newest notifications of interest. If stop time is not present, the notifications will continue until the subscription is terminated. Must be used with startTime. </xs:documentation> </xs:annotation> </xs:element> </xs:sequence> </xs:extension> </xs:complexContent> </xs:complexType> <xs:simpleType name="streamNameType"> <xs:annotation> <xs:documentation> The name of an event stream. </xs:documentation> </xs:annotation> <xs:restriction base="xs:string"/> </xs:simpleType>
</xs:documentation> </xs:annotation> </xs:element> <xs:element name="startTime" type="xs:dateTime" minOccurs="0" > <xs:annotation> <xs:documentation> A parameter used to trigger the replay feature indicating that the replay should start at the time specified. If start time is not present, this is not a replay subscription. </xs:documentation> </xs:annotation> </xs:element> <xs:element name="stopTime" type="xs:dateTime" minOccurs="0" > <xs:annotation> <xs:documentation> An optional parameter used with the optional replay feature to indicate the newest notifications of interest. If stop time is not present, the notifications will continue until the subscription is terminated. Must be used with startTime. </xs:documentation> </xs:annotation> </xs:element> </xs:sequence> </xs:extension> </xs:complexContent> </xs:complexType> <xs:simpleType name="streamNameType"> <xs:annotation> <xs:documentation> The name of an event stream. </xs:documentation> </xs:annotation> <xs:restriction base="xs:string"/> </xs:simpleType>
<xs:element name="create-subscription" type="createSubscriptionType" substitutionGroup="netconf:rpcOperation"> <xs:annotation> <xs:documentation> The command to create a notification subscription. It takes as argument the name of the notification stream and filter. Both of those options limit the content of the subscription. In addition, there are two time-related parameters, startTime and stopTime, which can be used to select the time interval of interest to the notification replay feature. </xs:documentation> </xs:annotation> </xs:element>
<xs:element name="create-subscription" type="createSubscriptionType" substitutionGroup="netconf:rpcOperation"> <xs:annotation> <xs:documentation> The command to create a notification subscription. It takes as argument the name of the notification stream and filter. Both of those options limit the content of the subscription. In addition, there are two time-related parameters, startTime and stopTime, which can be used to select the time interval of interest to the notification replay feature. </xs:documentation> </xs:annotation> </xs:element>
<!-- ************** One-way Operations ******************-->
<!-- ************** One-way Operations ******************-->
<!-- <Notification> operation --> <xs:complexType name="NotificationContentType"/>
<!-- <Notification> operation --> <xs:complexType name="NotificationContentType"/>
<xs:element name="notificationContent" type="NotificationContentType" abstract="true"/>
<xs:element name="notificationContent" type="NotificationContentType" abstract="true"/>
<xs:complexType name="NotificationType"> <xs:sequence> <xs:element name="eventTime" type="xs:dateTime"> <xs:annotation> <xs:documentation> The time the event was generated by the event source. </xs:documentation> </xs:annotation> </xs:element> <xs:element ref="notificationContent"/> </xs:sequence> </xs:complexType>
<xs:complexType name="NotificationType"> <xs:sequence> <xs:element name="eventTime" type="xs:dateTime"> <xs:annotation> <xs:documentation> The time the event was generated by the event source. </xs:documentation> </xs:annotation> </xs:element> <xs:element ref="notificationContent"/> </xs:sequence> </xs:complexType>
<xs:element name="notification" type="NotificationType"/> </xs:schema>
<xs:element name="notification" type="NotificationType"/> </xs:schema>
The following section provides examples to illustrate the various methods of filtering content on an event notification subscription.
以下部分提供了示例,以说明筛选事件通知订阅内容的各种方法。
In order to illustrate the use of filter expressions, it is necessary to assume some of the event notification content. The examples below assume that the event notification schema definition has an <event> element at the top level consisting of the event class (e.g., fault, state, config), reporting entity, and either severity or operational state.
为了说明筛选器表达式的使用,有必要假定一些事件通知内容。下面的示例假设事件通知模式定义在顶层有一个<event>元素,由事件类(例如,fault、state、config)、报告实体以及严重性或操作状态组成。
Examples in this section are generated from the following fictional Schema.
本节中的示例由以下虚构模式生成。
<?xml version="1.0" encoding="UTF-8"?> <xs:schema targetNamespace="http://example.com/event/1.0" xmlns="http://example.com/event/1.0" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ncEvent="urn:ietf:params:xml:ns:netconf:notification:1.0">
<?xml version="1.0" encoding="UTF-8"?> <xs:schema targetNamespace="http://example.com/event/1.0" xmlns="http://example.com/event/1.0" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ncEvent="urn:ietf:params:xml:ns:netconf:notification:1.0">
<xs:import namespace= "urn:ietf:params:xml:ns:netconf:notification:1.0" schemaLocation="notification.xsd"/>
<xs:import namespace= "urn:ietf:params:xml:ns:netconf:notification:1.0" schemaLocation="notification.xsd"/>
<xs:complexType name="eventType"> <xs:complexContent> <xs:extension base="ncEvent:NotificationContentType"> <xs:sequence> <xs:element name="eventClass" /> <xs:element name="reportingEntity"> <xs:complexType> <xs:sequence> <xs:any namespace="##any" processContents="lax"/> </xs:sequence> </xs:complexType> </xs:element> <xs:choice> <xs:element name="severity"/> <xs:element name="operState"/> </xs:choice> </xs:sequence> </xs:extension> </xs:complexContent> </xs:complexType>
<xs:complexType name="eventType"> <xs:complexContent> <xs:extension base="ncEvent:NotificationContentType"> <xs:sequence> <xs:element name="eventClass" /> <xs:element name="reportingEntity"> <xs:complexType> <xs:sequence> <xs:any namespace="##any" processContents="lax"/> </xs:sequence> </xs:complexType> </xs:element> <xs:choice> <xs:element name="severity"/> <xs:element name="operState"/> </xs:choice> </xs:sequence> </xs:extension> </xs:complexContent> </xs:complexType>
<xs:element name="event" type="eventType" substitutionGroup="ncEvent:notificationContent"/>
<xs:element name="event" type="eventType" substitutionGroup="ncEvent:notificationContent"/>
</xs:schema>
</xs:schema>
The above fictional notification definition could result in the following sample notification list, which is used in the examples in this section.
上述虚构的通知定义可能会产生以下示例通知列表,本节的示例中将使用该列表。
<notification xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> <eventTime>2007-07-08T00:01:00Z</eventTime> <event xmlns="http://example.com/event/1.0"> <eventClass>fault</eventClass> <reportingEntity> <card>Ethernet0</card> </reportingEntity> <severity>major</severity> </event> </notification>
<notification xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> <eventTime>2007-07-08T00:01:00Z</eventTime> <event xmlns="http://example.com/event/1.0"> <eventClass>fault</eventClass> <reportingEntity> <card>Ethernet0</card> </reportingEntity> <severity>major</severity> </event> </notification>
<notification xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> <eventTime>2007-07-08T00:02:00Z</eventTime> <event xmlns="http://example.com/event/1.0"> <eventClass>fault</eventClass> <reportingEntity> <card>Ethernet2</card> </reportingEntity> <severity>critical</severity> </event> </notification>
<notification xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> <eventTime>2007-07-08T00:02:00Z</eventTime> <event xmlns="http://example.com/event/1.0"> <eventClass>fault</eventClass> <reportingEntity> <card>Ethernet2</card> </reportingEntity> <severity>critical</severity> </event> </notification>
<notification xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> <eventTime>2007-07-08T00:04:00Z</eventTime> <event xmlns="http://example.com/event/1.0"> <eventClass>fault</eventClass> <reportingEntity> <card>ATM1</card> </reportingEntity> <severity>minor</severity> </event> </notification>
<notification xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> <eventTime>2007-07-08T00:04:00Z</eventTime> <event xmlns="http://example.com/event/1.0"> <eventClass>fault</eventClass> <reportingEntity> <card>ATM1</card> </reportingEntity> <severity>minor</severity> </event> </notification>
<notification xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> <eventTime>2007-07-08T00:10:00Z</eventTime> <event xmlns="http://example.com/event/1.0"> <eventClass>state</eventClass> <reportingEntity> <card>Ethernet0</card> </reportingEntity> <operState>enabled</operState> </event> </notification>
<notification xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> <eventTime>2007-07-08T00:10:00Z</eventTime> <event xmlns="http://example.com/event/1.0"> <eventClass>state</eventClass> <reportingEntity> <card>Ethernet0</card> </reportingEntity> <operState>enabled</operState> </event> </notification>
XML subtree filtering is not well-suited for creating elaborate filter definitions given that it only supports equality comparisons and application of the logical OR operators (e.g., in an event subtree, give me all event notifications that have severity=critical, severity=major, or severity=minor). Nevertheless, it may be used for defining simple event notification forwarding filters as shown below.
XML子树筛选不太适合创建复杂的筛选定义,因为它只支持相等比较和逻辑OR运算符的应用(例如,在事件子树中,为我提供严重性=严重、严重性=主要或严重性=次要的所有事件通知)。然而,它可以用于定义简单的事件通知转发过滤器,如下所示。
The following example illustrates how to select fault events which have severities of critical, major, or minor. The filtering criteria evaluation is as follows:
以下示例说明了如何选择严重程度为严重、严重或轻微的故障事件。过滤标准评估如下:
((fault & severity=critical) | (fault & severity=major) | (fault & severity=minor))
((fault & severity=critical) | (fault & severity=major) | (fault & severity=minor))
<netconf:rpc netconf:message-id="101" xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0"> <create-subscription xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> <filter netconf:type="subtree"> <event xmlns="http://example.com/event/1.0"> <eventClass>fault</eventClass> <severity>critical</severity> </event> <event xmlns="http://example.com/event/1.0"> <eventClass>fault</eventClass> <severity>major</severity> </event> <event xmlns="http://example.com/event/1.0"> <eventClass>fault</eventClass> <severity>minor</severity> </event> </filter> </create-subscription> </netconf:rpc>
<netconf:rpc netconf:message-id="101" xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0"> <create-subscription xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> <filter netconf:type="subtree"> <event xmlns="http://example.com/event/1.0"> <eventClass>fault</eventClass> <severity>critical</severity> </event> <event xmlns="http://example.com/event/1.0"> <eventClass>fault</eventClass> <severity>major</severity> </event> <event xmlns="http://example.com/event/1.0"> <eventClass>fault</eventClass> <severity>minor</severity> </event> </filter> </create-subscription> </netconf:rpc>
The following example illustrates how to select state or config EventClasses or fault events that are related to card Ethernet0. The filtering criteria evaluation is as follows:
以下示例说明如何选择与卡Ethernet0相关的状态或配置事件类或故障事件。过滤标准评估如下:
( state | config | ( fault & ( card=Ethernet0)))
(状态|配置|(故障和(卡=Ethernet0)))
<netconf:rpc netconf:message-id="101" xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0"> <create-subscription xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> <filter netconf:type="subtree"> <event xmlns="http://example.com/event/1.0"> <eventClass>state</eventClass> </event> <event xmlns="http://example.com/event/1.0"> <eventClass>config</eventClass> </event> <event xmlns="http://example.com/event/1.0"> <eventClass>fault</eventClass> <reportingEntity> <card>Ethernet0</card> </reportingEntity> </event> </filter> </create-subscription> </netconf:rpc>
<netconf:rpc netconf:message-id="101" xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0"> <create-subscription xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> <filter netconf:type="subtree"> <event xmlns="http://example.com/event/1.0"> <eventClass>state</eventClass> </event> <event xmlns="http://example.com/event/1.0"> <eventClass>config</eventClass> </event> <event xmlns="http://example.com/event/1.0"> <eventClass>fault</eventClass> <reportingEntity> <card>Ethernet0</card> </reportingEntity> </event> </filter> </create-subscription> </netconf:rpc>
The following [XPATH] example illustrates how to select fault EventClass notifications that have severities of critical, major, or minor. The filtering criteria evaluation is as follows:
下面的[XPATH]示例说明了如何选择严重性为critical、major或minor的fault EventClass通知。过滤标准评估如下:
((fault) & ((severity=critical) | (severity=major) | (severity = minor)))
((fault) & ((severity=critical) | (severity=major) | (severity = minor)))
<netconf:rpc netconf:message-id="101" xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0"> <create-subscription xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> <filter netconf:type="xpath" xmlns:ex="http://example.com/event/1.0" select="/ex:event[ex:eventClass='fault' and (ex:severity='minor' or ex:severity='major' or ex:severity='critical')]"/> </create-subscription> </netconf:rpc>
<netconf:rpc netconf:message-id="101" xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0"> <create-subscription xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> <filter netconf:type="xpath" xmlns:ex="http://example.com/event/1.0" select="/ex:event[ex:eventClass='fault' and (ex:severity='minor' or ex:severity='major' or ex:severity='critical')]"/> </create-subscription> </netconf:rpc>
The following example illustrates how to select state and config EventClasses or fault events of any severity that come from card Ethernet0. The filtering criteria evaluation is as follows:
以下示例说明如何选择来自Ethernet0卡的状态和配置事件类或任何严重性的故障事件。过滤标准评估如下:
( state | config | (fault & card=Ethernet0))
(状态|配置|(故障和卡=Ethernet0))
<netconf:rpc message-id="101" xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0"> <create-subscription xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> <filter netconf:type="xpath" xmlns:ex="http://example.com/event/1.0" select="/ex:event[ (ex:eventClass='state' or ex:eventClass='config') or ((ex:eventClass='fault' and ex:card='Ethernet0'))]"/> </create-subscription> </netconf:rpc>
<netconf:rpc message-id="101" xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0"> <create-subscription xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> <filter netconf:type="xpath" xmlns:ex="http://example.com/event/1.0" select="/ex:event[ (ex:eventClass='state' or ex:eventClass='config') or ((ex:eventClass='fault' and ex:card='Ethernet0'))]"/> </create-subscription> </netconf:rpc>
The :interleave capability indicates that the NETCONF peer supports the ability to interleave other NETCONF operations within a notification subscription. This means the NETCONF server MUST receive, process, and respond to NETCONF requests on a session with an active notification subscription. This capability helps scalability by reducing the total number of NETCONF sessions required by a given operator or management application.
:interleave功能表示NETCONF对等方支持在通知订阅中交错其他NETCONF操作。这意味着NETCONF服务器必须在具有活动通知订阅的会话上接收、处理和响应NETCONF请求。此功能通过减少给定操作员或管理应用程序所需的NETCONF会话总数来帮助实现可伸缩性。
This capability is dependent on the notification capability being supported.
此功能取决于所支持的通知功能。
The :interleave capability is identified by the following capability string:
:交织功能由以下功能字符串标识:
urn:ietf:params:netconf:capability:interleave:1.0
urn:ietf:params:netconf:capability:interleave:1.0
None.
没有一个
When a <create-subscription> is sent while another subscription is active on that session, the following error will be returned:
当另一个订阅在该会话上处于活动状态时发送<create subscription>时,将返回以下错误:
Tag: operation-failed
标记:操作失败
Error-type: protocol
错误类型:协议
Severity: error
严重性:错误
Error-info: none
错误信息:无
Description: Request could not be completed because the requested operation failed for some reason not covered by any other error condition.
描述:请求无法完成,因为请求的操作因任何其他错误条件未涵盖的原因而失败。
The security considerations from the base [NETCONF] document also apply to the Notification capability.
基本[NETCONF]文档中的安全注意事项也适用于通知功能。
The access control framework and the choice of transport will have a major impact on the security of the solution.
访问控制框架和传输的选择将对解决方案的安全性产生重大影响。
The <notification> elements are never sent before the transport layer and the NETCONF layer, including capabilities exchange, have been established and the manager has been identified and authenticated.
在传输层和NETCONF层(包括功能交换)建立并且管理器已被识别和验证之前,决不会发送<notification>元素。
It is recommended that care be taken to secure execution:
建议注意确保执行:
o <create-subscription> invocation
o <create subscription>调用
o <get> on read-only data models
o 只读数据模型上的<get>
o <notification> content
o <notification>内容
Secure execution means ensuring that a secure transport is used as well as ensuring that the user has sufficient authorization to perform the function they are requesting against the specific subset of NETCONF content involved. When a <get> is received that refers to the content defined in this memo, clients should only be able to view the content for which they have sufficient privileges. A create <create-subscription> operation can be considered like a deferred
安全执行意味着确保使用安全传输,以及确保用户有足够的权限针对所涉及的NETCONF内容的特定子集执行其请求的功能。当收到引用此备忘录中定义的内容的<get>时,客户端应只能查看其具有足够权限的内容。创建<create subscription>操作可以被视为是延迟的
<get>, and the content that different users can access may vary. This different access is reflected in the <notification> that different users are able to subscribe to.
<get>,不同用户可以访问的内容可能不同。这种不同的访问反映在不同用户能够订阅的<notification>中。
One potential security issue is the transport of data from non-NETCONF streams, such as syslog and SNMP. This data may be more vulnerable (or less vulnerable) when being transported over NETCONF than when being transported using the protocol normally used for transporting it, depending on the security credentials of the two subsystems. The NETCONF server is responsible for applying access control to stream content.
一个潜在的安全问题是从非NETCONF流(如syslog和SNMP)传输数据。根据两个子系统的安全凭据,通过NETCONF传输数据时,该数据可能比使用通常用于传输数据的协议传输数据时更易受攻击(或更不易受攻击)。NETCONF服务器负责对流内容应用访问控制。
The contents of notifications, as well as the names of event streams, may contain sensitive information and care should be taken to ensure that they are viewed only by authorized users. The NETCONF server MUST NOT include any content in a notification that the user is not authorized to view.
通知的内容以及事件流的名称可能包含敏感信息,应注意确保只有授权用户才能查看这些信息。NETCONF服务器不得在通知中包含任何用户无权查看的内容。
If a subscription is created with a <stopTime>, the NETCONF session will return to being a normal command-response NETCONF session when the replay is completed. It is the responsibility of the NETCONF client to close this session when it is no longer of use.
如果使用<stopTime>创建订阅,则在重播完成时,NETCONF会话将恢复为正常命令响应NETCONF会话。NETCONF客户端有责任在会话不再使用时关闭该会话。
If a malicious or buggy NETCONF client sends a number of <create-subscription> requests, then these subscriptions accumulate and may use up system resources. In such a situation, subscriptions can be terminated by terminating the suspect underlying NETCONF sessions using the <kill-session> operation.
如果恶意或有缺陷的NETCONF客户端发送大量<create subscription>请求,则这些订阅会累积,并可能耗尽系统资源。在这种情况下,可以通过使用<kill session>操作终止可疑的底层NETCONF会话来终止订阅。
This document registers three URIs for the NETCONF XML namespace in the IETF XML registry [RFC3688].
本文档在IETF XML注册表[RFC3688]中为NETCONF XML命名空间注册了三个URI。
Following the format in RFC 3688, IANA has made the following registration. Note that the capability URNs are also compliant to section 10.3 of [NETCONF].
按照RFC 3688中的格式,IANA进行了以下注册。请注意,功能URN也符合[NETCONF]第10.3节的要求。
+--------------------+----------------------------------------------+ | Index | Capability Identifier | +--------------------+----------------------------------------------+ | :notification | urn:ietf:params:netconf:capability: | | | notification:1.0 | | | | | :interleave | urn:ietf:params:netconf:capability: | | | interleave:1.0 | +--------------------+----------------------------------------------+
+--------------------+----------------------------------------------+ | Index | Capability Identifier | +--------------------+----------------------------------------------+ | :notification | urn:ietf:params:netconf:capability: | | | notification:1.0 | | | | | :interleave | urn:ietf:params:netconf:capability: | | | interleave:1.0 | +--------------------+----------------------------------------------+
URI: urn:ietf:params:xml:ns:netmod:notification
URI: urn:ietf:params:xml:ns:netmod:notification
URI: urn:ietf:params:xml:ns:netconf:notification:1.0
URI: urn:ietf:params:xml:ns:netconf:notification:1.0
Registrant Contact: The IESG.
注册人联系人:IESG。
XML: N/A, the requested URI is an XML namespace.
XML:N/A,请求的URI是一个XML名称空间。
In addition, IANA registered the XML Schema defined in Section 4.
此外,IANA注册了第4节中定义的XML模式。
Thanks to Gilbert Gagnon, Greg Wilbur, and Kim Curran for providing their input into the early work on this document. In addition, the editors would like to acknowledge input at the Vancouver editing session from the following people: Orly Nicklass, James Balestriere, Yoshifumi Atarashi, Glenn Waters, Alexander Clemm, Dave Harrington, Dave Partain, Ray Atarashi, David Perkins, and the following additional people from the Montreal editing session: Balazs Lengyel, Phil Shafer, Rob Enns, Andy Bierman, Dan Romascanu, Bert Wijnen, Simon Leinen, Juergen Schoenwaelder, Hideki Okita, Vincent Cridlig, Martin Bjorklund, Olivier Festor, Radu State, Brian Trammell, and William Chow. We would also like to thank Li Yan for his numerous reviews, as well as Suresh Krishnan for his gen-art review of the document.
感谢Gilbert Gagnon、Greg Wilbur和Kim Curran为本文档的早期工作提供了投入。此外,编辑们还想感谢以下人士在温哥华编辑会议上的意见:奥利·尼克拉斯、詹姆斯·巴莱斯特里埃、吉文米·阿塔拉希、格伦·沃特斯、亚历山大·克莱姆、戴夫·哈灵顿、戴夫·帕坦、雷·阿塔拉希、大卫·帕金斯,以及蒙特利尔编辑会议上的其他人士:巴拉兹·伦杰尔,Phil Shafer、Rob Enns、Andy Bierman、Dan Romascanu、Bert Wijnen、Simon Leinen、Juergen Schoenwaeld、Hideki Okita、Vincent Cridlig、Martin Bjorklund、Olivier Festor、Radu State、Brian Trammell和William Chow。我们还要感谢李岩的众多评论,以及苏雷什·克里希南对该文件的艺术评论。
[NETCONF] Enns, R., Ed., "NETCONF Configuration Protocol", RFC 4741, December 2006.
[NETCONF]Enns,R.,编辑,“NETCONF配置协议”,RFC 47412006年12月。
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[RFC3339] Klyne, G., Ed. and C. Newman, "Date and Time on the Internet: Timestamps", RFC 3339, July 2002.
[RFC3339]Klyne,G.,Ed.和C.Newman,“互联网上的日期和时间:时间戳”,RFC33392002年7月。
[RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, January 2004.
[RFC3688]Mealling,M.“IETF XML注册表”,BCP 81,RFC 3688,2004年1月。
[XML] World Wide Web Consortium, "Extensible Markup Language (XML) 1.0", W3C XML, February 1998, <http://www.w3.org/TR/1998/REC-xml-19980210>.
[XML]万维网联盟,“可扩展标记语言(XML)1.0”,W3C XML,1998年2月<http://www.w3.org/TR/1998/REC-xml-19980210>.
[XMLSchema] Thompson, H., Beech, D., Maloney, M., and N. Mendelsohn, "XML Schema Part 1: Structures Second Edition", W3C http ://www.w3.org/TR/2004/REC-xmlschema-1-20041028/ structures.html, October 2004.
[XMLSchema]Thompson,H.,Beech,D.,Maloney,M.,和N.Mendelsohn,“XML模式第1部分:结构第二版”,W3C http://www.w3.org/TR/2004/REC-XMLSchema-1-20041028/Structures.html,2004年10月。
[XPATH] Clark, J. and S. DeRose, "XML Path Language (XPath) Version 1.0", W3C http://www.w3.org/TR/1999/REC-xpath-19991116, November 1999.
[XPATH]Clark,J.和S.DeRose,“XML路径语言(XPATH)1.0版”,W3Chttp://www.w3.org/TR/1999/REC-xpath-19991116,1999年11月。
Authors' Addresses
作者地址
Sharon Chisholm Nortel 3500 Carling Ave Nepean, Ontario K2H 8E9 Canada
加拿大安大略省内皮恩卡林大道3500号莎伦·奇肖姆北电K2H 8E9
EMail: schishol@nortel.com
EMail: schishol@nortel.com
Hector Trevino Cisco Suite 400 9155 E. Nichols Ave Englewood, CO 80112 USA
Hector Trevino Cisco套房400 9155 E.Nichols Ave Englewood,美国科罗拉多州,邮编:80112
EMail: htrevino@cisco.com
EMail: htrevino@cisco.com
Full Copyright Statement
完整版权声明
Copyright (C) The IETF Trust (2008).
版权所有(C)IETF信托基金(2008年)。
This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.
本文件受BCP 78中包含的权利、许可和限制的约束,除其中规定外,作者保留其所有权利。
This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件及其包含的信息以“原样”为基础提供,贡献者、他/她所代表或赞助的组织(如有)、互联网协会、IETF信托基金和互联网工程任务组不承担任何明示或暗示的担保,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。
Intellectual Property
知识产权
The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.
IETF对可能声称与本文件所述技术的实施或使用有关的任何知识产权或其他权利的有效性或范围,或此类权利下的任何许可可能或可能不可用的程度,不采取任何立场;它也不表示它已作出任何独立努力来确定任何此类权利。有关RFC文件中权利的程序信息,请参见BCP 78和BCP 79。
Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.
向IETF秘书处披露的知识产权副本和任何许可证保证,或本规范实施者或用户试图获得使用此类专有权利的一般许可证或许可的结果,可从IETF在线知识产权存储库获取,网址为http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.
IETF邀请任何相关方提请其注意任何版权、专利或专利申请,或其他可能涵盖实施本标准所需技术的专有权利。请将信息发送至IETF的IETF-ipr@ietf.org.