[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

snmpconf RE: Policy issues: definition of Roles



e.g. "HTTP traffic gets AF treatment on all Ethernet and FDDI interfaces" is
a policy rule that references two roles: "Ethernet interfaces" and "FDDI
interfaces". You wouldn't bother sending that rule to token-ring devices.

(I guess I'm really an assembler programmer so I don't understand these
"class" and "subclass" things you talk about).

Andrew

P.S. Maybe we should drop the "policy framework" list from this thread since
this appears to be purely a "device" thing. But I did think we were
attempting the (maybe thankless) task of unifying the terminology between
all the WGs.

-----Original Message-----
From: Ken Roberts [mailto:kjr@nortelnetworks.com]
Sent: Monday, January 31, 2000 4:42 PM
To: Andrew Smith; 'Bob Natale'
Cc: policy@raleigh.ibm.com; 'snmpconf@snmp.com'
Subject: RE: Policy issues: definition of Roles


Gents & others, 
I'm a little confused by Andrew's statement of a policy that has multiple
roles. I understood a policy had rules. Rules may be crafted to include the
notion of roles but are they separate rules or sub classes of one rule?
When the statement "A policy that references roles W and X" is made does
this imply there is a matrix relationship that can be established from one
parent policy (/rule)? How is this managed? Why is this required? If
policies have hierarchical structure can this not be done with containment
or another relationship?
I think I had better re-read the thread as maybe I've missed something. 
-------------------------------------------------------------------------- 
Regards, 
Ken Roberts 
INM Product Architecture 
Nortel Networks 
?ESN   :        655-7844                        ?Direct  : 408-565-7844 
?  Fax    :        408-565-8226 
? email :      kjr@nortelnetworks.com 
  
This message may contain information proprietary to Nortel Networks
Corporation so any 
unauthorised disclosure, copying or distribution of its contents is strictly
prohibited. 
 -----Original Message----- 
From:   Andrew Smith [mailto:andrew@extremenetworks.com] 
Sent:   Monday, January 31, 2000 3:36 PM 
To:     'Bob Natale' 
Cc:     policy@raleigh.ibm.com; 'snmpconf@snmp.com' 
Subject:        RE: Policy issues: definition of Roles 
And, in particular, you only need to tell the device about those roles that 
are relevant to it - that is where the big savings are, I think. e.g. 
1. Device A has roles W, X and Y. 
2. Device B has roles W, X and Z. 
3. A policy that references roles W and X should be downloaded to both 
devices. 
4. A policy that references roles W and Y should be downloaded only to 
device A, not device B. 
The role combination concept in the PIB was introduced specifically in order

to do this: you have to be able to list only those roles that are relevant 
to the policy, not necessarily ALL roles on the device, in a role 
combination. 
(Apologies if I'm repeating stuff here). 
Andrew 


> -----Original Message----- 
> From: Bob Natale [mailto:bnatale@acecomm.com] 
> Sent: Monday, January 31, 2000 3:27 PM 
> To: Andrew Smith 
> Cc: policy@raleigh.ibm.com 
> Subject: RE: Policy issues: definition of Roles 
... 
> That works fine for me.  All I care about on this thread is that a 
> "role combination" DOES NOT HAVE to include ALL of the roles supported 
> by a network entity/component (although there MAY well be a role 
> combination which does incorporate all roles supported by a network 
> entity/component).