[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

snmpconf RE: Policy issues: definition of Roles



At 12:56 PM 02/08/2000, James_Binder@3com.com wrote:

And what is T1's responsibility? ;-)
(...to deliver data faster than dial-up and slower than T3? ;-)

Shai



>Maybe we should be thinking terms of "Responsibilities" as well as "Roles".
>That is, Edge is "responsible" for packet classification, marking, shapping,
>ect..
>
>/jsb
>
>
>
>
>
>Shai Herzog <herzog@iphighway.com> on 02/08/2000 11:00:46 AM
>
>To:   avri.doria@nokia.com, jstrassn@cisco.com, andrew@extremenetworks.com,
>       kjr@nortelnetworks.com
>cc:   policy@raleigh.ibm.com, snmpconf@snmp.com, rap@iphighway.com,
>       ipsec-policy@vpnc.org (bcc: James Binder/HQ/3Com)
>
>Subject:  RE: Policy issues: definition of Roles
>
>
>
>
>Yap.
>
>It just dawned on me that a roles are "logical interfaces" in the
>router, as opposed to "physical interfaces".
>
>So, in a router with physical interfaces S0..S4, rather than
>
>SNMP:
>
>"Configure interface S0 with ....."
>"Configure interface S1 with ....."
>"Configure interface S2 with ....."
>"Configure interface S3 with ....."
>"Configure interface S4 with ....."
>
>The PDP says (using COPS or similar):
>
>"Configure role "Edge+Serial" with ....."
>
>And the PEP knows that it has 5 serial physical interfaces with this
>role combination and configures S0..S4 with ....
>
>Shai
>
>P.S., ...With a note regarding "user profiles" and other attributes
>used in the schema, which may overload the term Roles but aren't
>related to the PEP roles. I call it user profiles since this
>is the terminology used in security, access policies, and many
>other areas of networking.
>
>
>At 12:44 PM 02/08/2000, avri.doria@nokia.com wrote:
> >So, the role isn't a selector in the schema (although simple schema may
> >use it) it is also not a selector at the PDP, but only a selector
> >for the PEP to advertise the kind of roles it has, and receive policy
> >for each one of its roles.
> >...
> >
> >
> >
> >
> >
> >
> >
> ><js>
> >Seems to me that you want to differentiate between roles as used to
> >influence device configuration on the PEP level vs. roles as used to build
> >policy statements at the PDP level. Is this what you meant by "levels" of
> >roles?
> >
> >If so, then I suggest that we talk about PEP roles vs. PDP roles (as Keith
> >suggested earlier) vs. roles as a selector (to make me happy ;-) )
> ></js>
> >
> >
> >
> >YES YES YES, you hit it bulls eye! I was talking about PEP roles only
> >and was trying (clumsily) to express myself, thanks!
> >
> >So, lets call it "PEP ROLES"
> >
> >As for the other one, I believe PDP is merely an interpreter (in comes
> >abstract policy, out goes device policy) so it doesn't really have
> >roles. So, we should find another name for the second type that you
> >described, perhaps "Profile" (as in "user profile, application
> >profile,...)? or "Usage Roles".
> >
> >Shai
> >
> >
> >
> >
> >
> >__________________________________________________________________
> >Shai Herzog, Founder & CTO   IPHighway Inc.   Tel : (914) 654-4810
> >55 New York Avenue                            Main: (508) 620-1141
> >Framingham, MA 01701                          Fax : (212) 656-1006
> >
> >
> >
> >
> >
>
>
>__________________________________________________________________
>Shai Herzog, Founder & CTO   IPHighway Inc.   Tel : (914) 654-4810
>55 New York Avenue                            Main: (508) 620-1141
>Framingham, MA 01701                          Fax : (212) 656-1006
>
>
>
>
>
>


__________________________________________________________________
Shai Herzog, Founder & CTO   IPHighway Inc.   Tel : (914) 654-4810
55 New York Avenue                            Main: (508) 620-1141
Framingham, MA 01701                          Fax : (212) 656-1006