-
Notifications
You must be signed in to change notification settings - Fork 116
gNXI capable Network Element
The management-plane is fundamental for testing, deploying and operating a Network Element. However, management-plane characterization traditionally leans on operating and overlooks testing and deploying. Under the lenses of testing, deploying and operating, this document states requirements for the management-plane together with the motivation that justify those requirements. The aggregate of these management-plane requirements is the definition of a gNXI capable Network Element.
From an implementation perspective, it is required that the Network Element be provisioned automatically after it is unboxed from factory and deployed. There must be no additional human interaction with any configuration of the Network Element via any sort of terminal. This provides simplicity and agility to deployments.
From a testing perspective it is required that a Network Element be capable of setting itself to a factory default state. This facilitates automation for integration testing, of which (among others) the ability to test automatic provisioning of a Network Element at factory default state.
From an implementation and operational perspective, be able to configure the Network Element using a well defined single layered programmatic interface.
Programmatic interface - because the Network Element is meant to be automatically configured.
Single layered - in order to avoid complexities converting or translating between configuration languages or protocols.
Well defined and prescriptive - in order to avoid ambiguous implementations in different Network Elements.
From an implementation and operational perspective, it must be possible to apply exactly the same process to different Network Elements in order to achieve the same result. As an example, an operating system upgrade should have exactly the same process in different Network Elements.
From an operational perspective, the Network Element must be able to self care for non networking domain specific systems. As an example, the Network Element must be able to manage its own file system space. This releases operations from nonessential toil.
Passwords are artifacts for human interaction. Operating and managing a Network Element is in the domain of automation. It is required that services which depend on authentication use Certificates to achieve it. This adds, among other benefits, separation of roles which also increases security.
These are the requirements that a Network Element must satisfy in order to fulfill the motivation of this document and be gNXI capable.
The management port must perform DHCP while at factory defaults. The DHCP stack must handle lease expirations and attempt to extend the lease.
The management port MAC address must be clearly marked in the Network Element’s body together with a barcode or QR code with the same value.
Network Elements with different roles have specific requirements:
The Network Element must expose a gNMI service that allows configuring and collecting telemetry of required services. The Network Element must make use of Openconfig YANG models to model its configuration and telemetry surface. Configuration and telemetry must be performed exclusively via gNMI.
The exact list of YANG models is dependent on the role of the Network Element:
The Network Element must expose required gNOI services. These services present methods to perform traditional operational procedures with a Network Element. These procedures and the gNOI services that support them are:
The Network Element must be able to bootstrap gNOI and gNMI when at factory defaults. For this, it must make use of the process known as Simplified Bootstrapping for gNOI and gNMI. A DHCP third party option must be used to signal that gNOI and gNMI services must be enabled.
gNOI and gNMI services must coexist on the same TCP port. The port used must be the one allocated by IANA, port 9339.
The Network Element must make use of the Simplified security model for the gNOI Certificate Management service published in Openconfig.