[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: snmpconf well, back to work
Marcus Brunner wrote:
> > I believe that the split between a filter script and an action script
> > is not useful. In fact, this level of granularity will just turn out
> > to be very impractical if you express real-world policies. I actually
> > believe that the unit of concern should be a set of logically related
> > policy rules. (This probably maps to the concept of a PolicyGroup in
> > PCIM.)
> I do not understand your concern. I think the split is very useful,
> because from it nature filters and actions are different things and have
> different properties. Why are they impractical?
It is impractical because of the fine granularity. The problem is not only
the separation of filters and actions but also the implied separate handling
of each policy. I do not see the need to handle and modify each single policy
separately on the device level. Rather I see a significant potential for
simplification of both the SNMP agent and the management applications, if
policies are being managed in terms of policy groups.
If you would extend the proposed policy language by separators between
filters and actions, and by separators between different policies, you could
describe a complete policy group by a single piece of code that can be
handled as a one entity.
Then, the size of the policy tables would depend on the number of groups
rather than on the number of policies; activating a group would be possible
by a single activation seqence; and so on. This might be really "practical".
Juergen Quittek firstname.lastname@example.org Tel: +49 30 254230-19
NEC Europe Ltd., C&C Research Laboratories Fax: +49 30 254230-99
Hardenbergplatz 2, 10623 Berlin, Germany http://www.ccrle.nec.de