Cisco Systems

evoit@cisco.com

Cisco Systems

rrahman@cisco.com

Cisco Systems

einarnn@cisco.com

Futurewei

ludwig@clemm.org

YumaWorks

andy@yumaworks.com

Operations & Management NETCONF YANG-Push This document provides a RESTCONF binding to the dynamic subscription capability of both subscribed notifications and YANG-Push.

Status of This Memo This is an Internet Standards Track document. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 7841. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at .

Copyright Notice Copyright (c) 2019 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents () in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.

Table of Contents

• .  Introduction
• .  Terminology
• .  Dynamic Subscriptions
  • .  Transport Connectivity
  • .  Discovery
  • .  RESTCONF RPCs and HTTP Status Codes
  • .  Call Flow for Server-Sent Events
• .  QoS Treatment
• .  Notification Messages
• .  YANG Tree
• .  YANG Module
• .  IANA Considerations
• .  Security Considerations
• . References
  • .  Normative References
  • .  Informative References
• .  Examples
  • .  Dynamic Subscriptions
    • .  Establishing Dynamic Subscriptions
    • .  Modifying Dynamic Subscriptions
    • .  Deleting Dynamic Subscriptions
  • .  Subscription State Notifications
    • .  "subscription-modified"
    • .  "subscription-completed", "subscription-resumed", and "replay-completed"
    • .  "subscription-terminated" and "subscription-suspended"
  • .  Filter Example
• Acknowledgments
• Authors' Addresses

Introduction Mechanisms to support event subscription and YANG-Push are defined in . Enhancements to that enable YANG datastore subscription and YANG-Push are defined in . This document provides a transport specification for dynamic subscriptions over RESTCONF . Requirements for these mechanisms are captured in . The streaming of notifications that encapsulate the resulting information push is done via the mechanism described in .

Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here. The following terms use the definitions from : dynamic subscription, event stream, notification message, publisher, receiver, subscriber, and subscription. Other terms reused include datastore, which is defined in , and HTTP/2 stream, which maps to the definition of "stream" within .

Dynamic Subscriptions This section provides specifics on how to establish and maintain dynamic subscriptions over RESTCONF . Subscribing to event streams is accomplished in this way via RPCs defined within . The RPCs are done via RESTCONF POSTs. YANG datastore subscription is accomplished via augmentations to as described within . As described in , a GET needs to be performed on a specific URI on the publisher. Subscribers cannot predetermine the URI against which a subscription might exist on a publisher, as the URI will only exist after the "establish-subscription" RPC has been accepted. Therefore, the POST for the "establish-subscription" RPC replaces the GET request for the "location" leaf that is used in to obtain the URI. The subscription URI will be determined and sent as part of the response to the "establish-subscription" RPC, and a subsequent GET to this URI will be done in order to start the flow of notification messages back to the subscriber. As specified in , a subscription does not move to the active state until the GET is received.

Transport Connectivity For a dynamic subscription, when a RESTCONF session doesn't already exist, a new RESTCONF session is initiated from the subscriber. As stated in , a subscriber MUST establish the HTTP session over TLS in order to secure the content in transit. Without the involvement of additional protocols, HTTP sessions by themselves do not support quick recognition of the loss of the communication path to the publisher. Where quick recognition of the loss of a publisher is required, a subscriber SHOULD use a TLS heartbeat , just from subscriber to publisher, to track HTTP session continuity. Loss of the heartbeat MUST result in the teardown of any subscription-related TCP sessions between those endpoints. A subscriber can then attempt to re-establish the dynamic subscription by using the procedure described in .

Discovery Subscribers can learn which event streams a RESTCONF server supports by querying the "streams" container of ietf-subscribed-notifications.yang in . Support for the "streams" container of ietf-restconf-monitoring.yang in is not required. In the case when the RESTCONF binding specified by this document is used to convey the "streams" container from ietf-restconf-monitoring.yang (i.e., that feature is supported), any event streams contained therein are also expected to be present in the "streams" container of ietf-restconf-monitoring.yang. Subscribers can learn which datastores a RESTCONF server supports by following .

RESTCONF RPCs and HTTP Status Codes Specific HTTP response codes as defined in will indicate the result of RESTCONF RPC requests with the publisher. An HTTP status code of 200 is the proper response to any successful RPC defined within or . If a publisher fails to serve the RPC request for one of the reasons indicated in or , this will be indicated by an appropriate error code, as shown below, transported in the HTTP response. When an HTTP error code is returned, the RPC reply MUST include an <rpc-error> element per with the following parameter values:

• an "error-type" node of "application".
• an "error-tag" node whose value is a string that corresponds to an identity associated with the error. This "error-tag" will come from one of two places and will correspond to the error identities either within for general subscription errors () or within for subscription errors specific to YANG datastores ().
• an "error-app-tag" node whose value is a string that corresponds to an identity associated with the error, as defined in for general subscriptions or for subscription errors specific to YANG datastores. The tag to use depends on the RPC for which the error occurred. Viable errors for different RPCs are found in .

General Subscription Error Identities and Associated "error-tag" Use

Error identity	Uses "error-tag"	HTTP code
dscp-unavailable	invalid-value	400
encoding-unsupported	invalid-value	400
filter-unsupported	invalid-value	400
insufficient-resources	resource-denied	409
no-such-subscription	invalid-value	404
replay-unsupported	operation-not-supported	501

Datastore-Specific Error Identities and Associated "error-tag" Use

Error identity	Uses "error-tag"	HTTP code
cant-include	operation-not-supported	501
datastore-not-subscribable	invalid-value	400
no-such-subscription-resync	invalid-value	404
on-change-unsupported	operation-not-supported	501
on-change-sync-unsupported	operation-not-supported	501
period-unsupported	invalid-value	400
update-too-big	too-big	400
sync-too-big	too-big	400
unchanging-selection	operation-failed	500

RPC Errors and Associated Error Identities

RPC	Select an identity with a base
establish-subscription	establish-subscription-error
modify-subscription	modify-subscription-error
delete-subscription	delete-subscription-error
kill-subscription	delete-subscription-error
resync-subscription	resync-subscription-error

Each error identity will be inserted as the "error-app-tag" using JSON encoding following the form <modulename>:<identityname>. An example of such a valid encoding would be "ietf-subscribed-notifications:no-such-subscription". In the case of error responses to an "establish-subscription" or "modify-subscription" request, there is the option to include an "error-info" node. This node may contain hints for parameter settings that might lead to successful RPC requests in the future. Tables and show the yang-data structures that may be returned. Optional "error-info" Node Hints for an "establish-subscription" Request

Target:	Return hints in yang-data structure
event stream	establish-subscription-stream-error-info
datastore	establish-subscription-datastore-error-info

Optional "error-info" Node Hints for an "modify-subscription" Request

Target:	Returns hints in yang-data structure
event stream	modify-subscription-stream-error-info
datastore	modify-subscription-datastore-error-info

The yang-data included within "error-info" SHOULD NOT include the optional leaf "reason", as such a leaf would be redundant with information that is already placed within the "error-app-tag". In case of an <rpc-error> as a result of a "delete-subscription", a "kill-subscription", or a "resync-subscription" request, no "error-info" needs to be included, as the "subscription-id" is the only RPC input parameter, and no hints regarding this RPC input parameters need to be provided. Note that "error-path" does not need to be included with the <rpc-error> element, as subscription errors are generally associated with the choice of RPC input parameters.

Call Flow for Server-Sent Events The call flow for Server-Sent Events (SSE) is defined in . The logical connections denoted by (a) and (b) can be a TCP connection or an HTTP/2 stream (if HTTP/2 is used, multiple HTTP/2 streams can be carried in one TCP connection). Requests to RPCs as defined in or are sent on a connection indicated by (a). A successful "establish-subscription" will result in an RPC response returned with both a subscription identifier that uniquely identifies a subscription, as well as a URI that uniquely identifies the location of subscription on the publisher (b). This URI is defined via the "uri" leaf in the data model in . An HTTP GET is then sent on a separate logical connection (b) to the URI on the publisher. This signals the publisher to initiate the flow of notification messages that are sent in SSE as a response to the GET. There cannot be two or more simultaneous GET requests on a subscription URI: any GET request received while there is a current GET request on the same URI MUST be rejected with HTTP error code 409. As described in , RESTCONF servers SHOULD NOT send the "event" or "id" fields in the SSE event notifications.

Dynamic Subscriptions with Server-Sent Events +--------------+ +--------------+ | Subscriber | | Publisher | | | | | | Logical | | Logical | | Connection | | Connection | | (a) (b) | | (a) (b) | +--------------+ +--------------+ | RESTCONF POST (RPC:establish-subscription) | |--------------------------------------------->| | HTTP 200 OK (ID,URI)| |<---------------------------------------------| | |HTTP GET (URI) | | |--------------------------------------------->| | | HTTP 200 OK| | |<---------------------------------------------| | | SSE (notif-message)| | |<---------------------------------------------| | RESTCONF POST (RPC:modify-subscription) | | |--------------------------------------------->| | | | HTTP 200 OK| | |<---------------------------------------------| | | | SSE (subscription-modified)| | |<------------------------------------------(c)| | | SSE (notif-message)| | |<---------------------------------------------| | RESTCONF POST (RPC:delete-subscription) | | |--------------------------------------------->| | | | HTTP 200 OK| | |<---------------------------------------------| | | | | | | | | | (a) (b) (a) (b)

Additional requirements for dynamic subscriptions over SSE include:

• A publisher MUST return all subscription state notifications in a separate SSE message used by the subscription to which the state change refers.
• Subscription RPCs MUST NOT use the connection currently providing notification messages for that subscription.
• In addition to an RPC response for a "modify-subscription" RPC traveling over (a), a "subscription-modified" state change notification MUST be sent within (b). This allows the receiver to know exactly when, within the stream of events, the new terms of the subscription have been applied to the notification messages. See arrow (c).
• In addition to any required access permissions (e.g., Network Configuration Access Control Model (NACM)), the RPCs "modify-subscription", "resync-subscription", and "delete-subscription" SHOULD only be allowed by the same RESTCONF username that invoked "establish-subscription". Such a restriction generally serves to preserve users' privacy, but exceptions might be made for administrators that may need to modify or delete other users' subscriptions.
• The "kill-subscription" RPC can be invoked by any RESTCONF username with the required administrative permissions.

A publisher MUST terminate a subscription in the following cases:

• Receipt of a "delete-subscription" or a "kill-subscription" RPC for that subscription
• Loss of TLS heartbeat

A publisher MAY terminate a subscription at any time as stated in .

QoS Treatment Qos treatment for event streams is described in . In addition, if HTTP/2 is used, the publisher MUST:

• Take the "weighting" leaf node in and copy it into the HTTP/2 stream weight, , and
• Take any existing subscription "dependency", as specified by the "dependency" leaf node in , and use the HTTP/2 stream for the parent subscription as the HTTP/2 stream dependency (as described in ) of the dependent subscription.
• Set the exclusive flag () to 0.

For dynamic subscriptions with the same Differentiated Services Code Point (DSCP) value to a specific publisher, it is recommended that the subscriber sends all URI GET requests on a common HTTP/2 session (if HTTP/2 is used). Conversely, a subscriber cannot use a common HTTP/2 session for subscriptions with different DSCP values.

Notification Messages Notification messages transported over RESTCONF will be encoded according to .

YANG Tree The YANG module defined in has one leaf that augments three nodes of . module: ietf-restconf-subscribed-notifications augment /sn:establish-subscription/sn:output: +--ro uri? inet:uri augment /sn:subscriptions/sn:subscription: +--ro uri? inet:uri augment /sn:subscription-modified: +--ro uri? inet:uri

YANG Module This module references . module ietf-restconf-subscribed-notifications { yang-version 1.1; namespace "urn:ietf:params:xml:ns:yang:" + "ietf-restconf-subscribed-notifications"; prefix rsn; import ietf-subscribed-notifications { prefix sn; } import ietf-inet-types { prefix inet; } organization "IETF NETCONF (Network Configuration) Working Group"; contact "WG Web: <https://datatracker.ietf.org/wg/netconf/> WG List: <mailto:netconf@ietf.org> Editor: Eric Voit <mailto:evoit@cisco.com> Editor: Alexander Clemm <mailto:ludwig@clemm.org> Editor: Reshad Rahman <mailto:rrahman@cisco.com>"; description "Defines RESTCONF as a supported transport for subscribed event notifications. Copyright (c) 2019 IETF Trust and the persons identified as authors of the code. All rights reserved. Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Simplified BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info). This version of this YANG module is part of RFC 8650; see the RFC itself for full legal notices."; revision 2019-11-17 { description "Initial version"; reference "RFC 8650: Dynamic Subscription to YANG Events and Datastores over RESTCONF"; } grouping uri { description "Provides a reusable description of a URI."; leaf uri { type inet:uri; config false; description "Location of a subscription-specific URI on the publisher."; } } augment "/sn:establish-subscription/sn:output" { description "This augmentation allows RESTCONF-specific parameters for a response to a publisher's subscription request."; uses uri; } augment "/sn:subscriptions/sn:subscription" { description "This augmentation allows RESTCONF-specific parameters to be exposed for a subscription."; uses uri; } augment "/sn:subscription-modified" { description "This augmentation allows RESTCONF-specific parameters to be included as part of the notification that a subscription has been modified."; uses uri; } }

IANA Considerations This document registers the following namespace URI in the "ns" subregistry of the "IETF XML Registry" :

URI:

urn:ietf:params:xml:ns:yang:ietf-restconf-subscribed-notifications

Registrant Contact:

The IESG.

XML:

N/A; the requested URI is an XML namespace.

This document registers the following YANG module in the "YANG Module Names" registry :

Name:

ietf-restconf-subscribed-notifications

Namespace:

urn:ietf:params:xml:ns:yang:ietf-restconf-subscribed-notifications

Prefix:

rsn

Reference:

RFC 8650

Security Considerations The YANG module specified in this document defines a schema for data that is designed to be accessed via network management transports such as NETCONF or RESTCONF . The lowest NETCONF layer is the secure transport layer, and the mandatory-to-implement secure transport is Secure Shell (SSH) . The lowest RESTCONF layer is HTTPS, and the mandatory-to-implement secure transport is TLS . The Network Configuration Access Control Model (NACM) provides the means to restrict access for particular NETCONF or RESTCONF users to a preconfigured subset of all available NETCONF or RESTCONF protocol operations and content. The one new data node introduced in this YANG module may be considered sensitive or vulnerable in some network environments. It is thus important to control read access (e.g., via get, get-config, or notification) to this data node. These are the subtrees and data nodes and their sensitivity/vulnerability: Container: "/subscriptions"

• "uri": leaf will show where subscribed resources might be located on a publisher. Access control must be set so that only someone with proper access permissions, i.e., the same RESTCONF user credentials that invoked the corresponding "establish-subscription", has the ability to access this resource.

The subscription URI is implementation specific and is encrypted via the use of TLS. Therefore, even if an attacker succeeds in guessing the subscription URI, a RESTCONF username with the required administrative permissions must be used to be able to access or modify that subscription. It is recommended that the subscription URI values not be easily predictable. The access permission considerations for the RPCs "modify-subscription", "resync-subscription", "delete-subscription", and "kill-subscription" are described in . If a buggy or compromised RESTCONF subscriber sends a number of "establish-subscription" requests, then these subscriptions accumulate and may use up system resources. In such a situation, the publisher MAY also suspend or terminate a subset of the active subscriptions from that RESTCONF subscriber in order to reclaim resources and preserve normal operation for the other subscriptions.

References Normative References In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. This document describes an IANA maintained registry for IETF standards which use Extensible Markup Language (XML) related items such as Namespaces, Document Type Declarations (DTDs), Schemas, and Resource Description Framework (RDF) Schemas. YANG is a data modeling language used to model configuration and state data manipulated by the Network Configuration Protocol (NETCONF), NETCONF remote procedure calls, and NETCONF notifications. [STANDARDS-TRACK] The Network Configuration Protocol (NETCONF) defined in this document provides mechanisms to install, manipulate, and delete the configuration of network devices. It uses an Extensible Markup Language (XML)-based data encoding for the configuration data as well as the protocol messages. The NETCONF protocol operations are realized as remote procedure calls (RPCs). This document obsoletes RFC 4741. [STANDARDS-TRACK] This document describes a method for invoking and running the Network Configuration Protocol (NETCONF) within a Secure Shell (SSH) session as an SSH subsystem. This document obsoletes RFC 4742. [STANDARDS-TRACK] This document describes the Heartbeat Extension for the Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) protocols. The Heartbeat Extension provides a new protocol for TLS/DTLS allowing the usage of keep-alive functionality without performing a renegotiation and a basis for path MTU (PMTU) discovery for DTLS. [STANDARDS-TRACK] This specification describes an optimized expression of the semantics of the Hypertext Transfer Protocol (HTTP), referred to as HTTP version 2 (HTTP/2). HTTP/2 enables a more efficient use of network resources and a reduced perception of latency by introducing header field compression and allowing multiple concurrent exchanges on the same connection. It also introduces unsolicited push of representations from servers to clients. This specification is an alternative to, but does not obsolete, the HTTP/1.1 message syntax. HTTP's existing semantics remain unchanged. This document describes an HTTP-based protocol that provides a programmatic interface for accessing data defined in YANG, using the datastore concepts defined in the Network Configuration Protocol (NETCONF). RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings. The standardization of network configuration interfaces for use with the Network Configuration Protocol (NETCONF) or the RESTCONF protocol requires a structured and secure operating environment that promotes human usability and multi-vendor interoperability. There is a need for standard mechanisms to restrict NETCONF or RESTCONF protocol access for particular users to a preconfigured subset of all available NETCONF or RESTCONF protocol operations and content. This document defines such an access control model. This document obsoletes RFC 6536. Datastores are a fundamental concept binding the data models written in the YANG data modeling language to network management protocols such as the Network Configuration Protocol (NETCONF) and RESTCONF. This document defines an architectural framework for datastores based on the experience gained with the initial simpler model, addressing requirements that were not well supported in the initial model. This document updates RFC 7950. This document specifies version 1.3 of the Transport Layer Security (TLS) protocol. TLS allows client/server applications to communicate over the Internet in a way that is designed to prevent eavesdropping, tampering, and message forgery. This document updates RFCs 5705 and 6066, and obsoletes RFCs 5077, 5246, and 6961. This document also specifies new requirements for TLS 1.2 implementations. This document defines a YANG data model and associated mechanisms enabling subscriber-specific subscriptions to a publisher's event streams. Applying these elements allows a subscriber to request and receive a continuous, customized feed of publisher-generated information. This document describes a mechanism that allows subscriber applications to request a continuous and customized stream of updates from a YANG datastore. Providing such visibility into updates enables new capabilities based on the remote mirroring and monitoring of configuration and operational state. Latest version available at <>. Informative References The Hypertext Transfer Protocol (HTTP) is a stateless \%application- level protocol for distributed, collaborative, hypertext information systems. This document defines the semantics of HTTP/1.1 messages, as expressed by request methods, request header fields, response status codes, and response header fields, along with the payload of messages (metadata and body content) and mechanisms for content negotiation. This document provides requirements for a service that allows client applications to subscribe to updates of a YANG datastore. Based on criteria negotiated as part of a subscription, updates will be pushed to targeted recipients. Such a capability eliminates the need for periodic polling of YANG datastores by applications and fills a functional gap in existing YANG transports (i.e., Network Configuration Protocol (NETCONF) and RESTCONF). Such a service can be summarized as a "pub/sub" service for YANG datastore updates. Beyond a set of basic requirements for the service, various refinements are addressed. These refinements include: periodicity of object updates, filtering out of objects underneath a requested a subtree, and delivery QoS guarantees. This document defines encoding rules for representing configuration data, state data, parameters of Remote Procedure Call (RPC) operations or actions, and notifications defined using YANG as JavaScript Object Notation (JSON) text. This document describes a data model for the Virtual Router Redundancy Protocol (VRRP). Both versions 2 and 3 of VRRP are covered. This document extends the RESTCONF protocol defined in RFC 8040 in order to support the Network Management Datastore Architecture (NMDA) defined in RFC 8342. This document updates RFC 8040 by introducing new datastore resources, adding a new query parameter, and requiring the usage of the YANG library (described in RFC 8525) by RESTCONF servers implementing the NMDA. This document provides a Network Configuration Protocol (NETCONF) binding to the dynamic subscription capability of both subscribed notifications and YANG-Push. Latest version available at <>.

Examples This section is non-normative. To allow easy comparison, this section mirrors the functional examples shown with NETCONF over XML within . In addition, HTTP/2 vs HTTP/1.1 headers are not shown as the contents of the JSON encoded objects are identical within. The subscription URI values used in the examples in this section are purely illustrative, and are not indicative of the expected usage that is described in . The DSCP values are only for example purposes and are all indicated in decimal since the encoding is JSON .

Dynamic Subscriptions

Establishing Dynamic Subscriptions The following figure shows two successful "establish-subscription" RPC requests as per . The first request is given a subscription identifier of 22, and the second, an identifier of 23.

Multiple Subscriptions over RESTCONF/HTTP +------------+ +-----------+ | Subscriber | | Publisher | +------------+ +-----------+ | | |establish-subscription | |------------------------------>| (a) | HTTP 200 OK, id#22, URI#1 | |<------------------------------| (b) |GET (URI#1) | |------------------------------>| (c) | HTTP 200 OK,notif-mesg (id#22)| |<------------------------------| | | | | |establish-subscription | |------------------------------>| | HTTP 200 OK, id#23, URI#2| |<------------------------------| |GET (URI#2) | |------------------------------>| | | | | | notif-mesg (id#22)| |<------------------------------| | HTTP 200 OK,notif-mesg (id#23)| |<------------------------------| | |

To provide examples of the information being transported, example messages for interactions in are detailed below:

"establish-subscription" Request (a) POST /restconf/operations /ietf-subscribed-notifications:establish-subscription { "ietf-subscribed-notifications:input": { "stream-xpath-filter": "/example-module:foo/", "stream": "NETCONF", "dscp": 10 } }

As the publisher was able to fully satisfy the request, the publisher sends the subscription identifier of the accepted subscription and the URI:

"establish-subscription" Success (b) HTTP status code - 200 { "id": 22, "uri": "https://example.com/restconf/subscriptions/22" }

Upon receipt of the successful response, the subscriber does a GET to the provided URI to start the flow of notification messages. When the publisher receives this, the subscription is moved to the active state (c).

"establish-subscription" Subsequent POST GET /restconf/subscriptions/22

While not shown in , if the publisher had not been able to fully satisfy the request, or the subscriber has no authorization to establish the subscription, the publisher would have sent an RPC error response. For instance, if the "dscp" value of 10 asserted by the subscriber in proved unacceptable, the publisher may have returned:

An Unsuccessful "establish-subscription" HTTP status code - 400 { "ietf-restconf:errors" : { "error" : [ { "error-type": "application", "error-tag": "invalid-value", "error-severity": "error", "error-app-tag": "ietf-subscribed-notifications:dscp-unavailable" } ] } }

The subscriber can use this information in future attempts to establish a subscription.

Modifying Dynamic Subscriptions An existing subscription may be modified. The following exchange shows a negotiation of such a modification via several exchanges between a subscriber and a publisher. This negotiation consists of a failed RPC modification request/response followed by a successful one.

Interaction Model for Successful Subscription Modification +------------+ +-----------+ | Subscriber | | Publisher | +------------+ +-----------+ | | | notification message (id#23)| |<-----------------------------| | | |modify-subscription (id#23) | |----------------------------->| (d) | HTTP 400 error (with hint)| |<-----------------------------| (e) | | |modify-subscription (id#23) | |----------------------------->| | HTTP 200 OK | |<-----------------------------| | | | notif-mesg (id#23)| |<-----------------------------| | |

If the subscription being modified in is a datastore subscription as per , the modification request made in (d) may look like that shown in . As can be seen, the modifications being attempted are the application of a new XML Path Language (XPath) filter as well as the setting of a new periodic time interval.

Subscription Modification Request (c) POST /restconf/operations /ietf-subscribed-notifications:modify-subscription { "ietf-subscribed-notifications:input": { "id": 23, "ietf-yang-push:datastore-xpath-filter": "/example-module:foo/example-module:bar", "ietf-yang-push:periodic": { "ietf-yang-push:period": 500 } } }

If the publisher can satisfy both changes, the publisher sends a positive result for the RPC. If the publisher cannot satisfy either of the proposed changes, the publisher sends an RPC error response (e). The following is an example RPC error response for (e) that includes a hint. This hint is an alternative time period value that might have resulted in a successful modification:

"modify-subscription" Failure with Hint (e) HTTP status code - 400 { "ietf-restconf:errors" : { "error" : [ "error-type": "application", "error-tag": "invalid-value", "error-severity": "error", "error-app-tag": "ietf-yang-push:period-unsupported", "error-info": { "ietf-yang-push": "modify-subscription-datastore-error-info": { "period-hint": 3000 } } ] } }

Deleting Dynamic Subscriptions The following demonstrates deleting a subscription. This subscription may have been to either a stream or a datastore.

"delete-subscription" Request POST /restconf/operations /ietf-subscribed-notifications:delete-subscription { "delete-subscription": { "id": "22" } }

If the publisher can satisfy the request, the publisher replies with success to the RPC request. If the publisher cannot satisfy the request, the publisher sends an <rpc-error> element indicating the modification didn't work. shows a valid response for an existing valid subscription identifier, but that subscription identifier was created on a different transport session:

Unsuccessful "delete-subscription" HTTP status code - 404 { "ietf-restconf:errors" : { "error" : [ "error-type": "application", "error-tag": "invalid-value", "error-severity": "error", "error-app-tag": "ietf-subscribed-notifications:no-such-subscription" ] } }

Subscription State Notifications A publisher will send subscription state notifications according to the definitions within .

"subscription-modified" A "subscription-modified" encoded in JSON would look like:

"subscription-modified" Subscription State Notification { "ietf-restconf:notification" : { "eventTime": "2007-09-01T10:00:00Z", "ietf-subscribed-notifications:subscription-modified": { "id": 39, "uri": "https://example.com/restconf/subscriptions/22" "stream-xpath-filter": "/example-module:foo", "stream": { "ietf-netconf-subscribed-notifications" : "NETCONF" } } } }

"subscription-completed", "subscription-resumed", and "replay-completed" A "subscription-completed" notification would look like:

"subscription-completed" Notification in JSON { "ietf-restconf:notification" : { "eventTime": "2007-09-01T10:00:00Z", "ietf-subscribed-notifications:subscription-completed": { "id": 39, } } }

The "subscription-resumed" and "replay-complete" are virtually identical, with "subscription-completed" simply being replaced by "subscription-resumed" and "replay-complete".

"subscription-terminated" and "subscription-suspended" A "subscription-terminated" would look like:

"subscription-terminated" Subscription State Notification { "ietf-restconf:notification" : { "eventTime": "2007-09-01T10:00:00Z", "ietf-subscribed-notifications:subscription-terminated": { "id": 39, "error-id": "suspension-timeout" } } }

The "subscription-suspended" is virtually identical, with "subscription-terminated" simply being replaced by "subscription-suspended".

Filter Example This section provides an example that illustrates the method of filtering event record contents. The example is based on the YANG notification "vrrp-protocol-error-event" as defined per the ietf-vrrp.yang module within . Event records based on this specification that are generated by the publisher might appear as:

RFC 8347 (VRRP) - Example Notification data: { data: "ietf-restconf:notification" : { data: "eventTime" : "2018-09-14T08:22:33.44Z", data: "ietf-vrrp:vrrp-protocol-error-event" : { data: "protocol-error-reason" : "checksum-error" data: } data: } data: }

Suppose a subscriber wanted to establish a subscription that only passes instances of event records where there is a "checksum-error" as part of a Virtual Router Redundancy Protocol (VRRP) protocol event. Also assume the publisher places such event records into the NETCONF stream. To get a continuous series of matching event records, the subscriber might request the application of an XPath filter against the NETCONF stream. An "establish-subscription" RPC to meet this objective might be:

Establishing a Subscription Error Reason via XPath POST /restconf/operations /ietf-subscribed-notifications:establish-subscription { "ietf-subscribed-notifications:input": { "stream": "NETCONF", "stream-xpath-filter": "/ietf-vrrp:vrrp-protocol-error-event[ protocol-error-reason='checksum-error']/", } }

For more examples of XPath filters, see . Suppose the "establish-subscription" in was accepted. And suppose later a subscriber decided they wanted to broaden this subscription cover to all VRRP protocol events (i.e., not just those with a "checksum error"). The subscriber might attempt to modify the subscription in a way that replaces the XPath filter with a subtree filter that sends all VRRP protocol events to a subscriber. Such a "modify-subscription" RPC might look like:

Example "modify-subscription" RPC POST /restconf/operations /ietf-subscribed-notifications:modify-subscription { "ietf-subscribed-notifications:input": { "stream": "NETCONF", "stream-subtree-filter": { "/ietf-vrrp:vrrp-protocol-error-event" : {} } } }

For more examples of subtree filters, see .

Acknowledgments We wish to acknowledge the helpful contributions, comments, and suggestions that were received from Ambika Prasad Tripathy, Alberto Gonzalez Prieto, Susan Hares, Tim Jenkins, Balazs Lengyel, Kent Watsen, Michael Scharf, Guangying Zheng, Martin Bjorklund, Qin Wu, and Robert Wilton.

Authors' Addresses Cisco Systems

evoit@cisco.com

Cisco Systems

rrahman@cisco.com

Cisco Systems

einarnn@cisco.com

Futurewei

ludwig@clemm.org

YumaWorks

andy@yumaworks.com