Hi,
We currently have an Internet draft for a YANG data model for configuration of stateless packet filters (SPFs) and Access Control Lists (ACLs) - draft-huang-netmod-acl-03.txt (http://datatracker.ietf.org/doc/draft-huang-netmod-acl/). The draft is currently under discussion in the NETMOD working group; however, NETMOD's stance regarding the future development of YANG data models is not clear and we are wondering whether this would be a candidate for potential adoption in OPSAWG. The draft presents an extensible and modular framework for management of SPFs and ACLs, which are an important part of device configuration. They are needed both by administrators and by applications, for example for dynamic intrusion protection systems and applications that dynamically need to adjust firewall rules . Accordingly, many SDN-type applications involve control loops involving manipulation of stateless packet filters; in the context of I2RS (which looks like it will leverage YANG) and Open Daylight (which does today) this need been repeatedly stated. IP, MAC, and ARP are addressed as initial SPF types, more can be defined. Clearly, standardization is needed in this area, which we would like to see happen in IETF. Thoughts? Thank you --- Alex (also on behalf of Lisa, Andy)
_______________________________________________ OPSAWG mailing list OPSAWG@ietf.org https://www.ietf.org/mailman/listinfo/opsawg
