rajatiet
commented
2 years ago Hi OC-Team,
Can you please revert back on this?
Thanks Rajat
Open rajatiet opened 2 years ago
rajatiet
commented
2 years ago Hi OC-Team,
Can you please revert back on this?
Thanks Rajat
github-actions[bot]
commented
3 months ago This issue is stale because it has been open 180 days with no activity. If you wish to keep this issue active, please remove the stale label or add a comment, otherwise will be closed in 14 days.
rajatiitd
commented
3 months ago Hi OC-Team,
My name is Rajat Rastogi (Company name: Juniper Networks Inc).
While configuring ACL via openconfig-acl on Juniper Routers, the following problem was faced. Please go through the problem statement.
Problem Statement
In the present OC-ACL model, there is no knob to enable/disable counter per acl-entry for an acl-set. Due to this, a vendor has one of the two choices:
Enable: Enable counter per acl-entry by default. More hardware resources (i.e., counters) will be consumed, which may not be desired for scale use cases. HW performance also degrades or
Disable: Disable counter per acl-entry by default. HW performance will be good as compared to the previous case where per acl-entry counters enabled. But In this case per acl-entry statistics cannot be obtained.
Proposed Solution
Knob to disable/enable counter at ACL set level
Using this counter can be disabled/enabled as based upon requirement as below
[edit] root@evovbrackla-RE0# set openconfig-acl:acl acl-sets acl-set f1 ACL_IPV4 config counter-reporting ? Possible completions: ACL_COUNTING_DISABLED Target system will not report the counting. ACL_COUNTING_ENABLED Target system will report the counting. [edit] root@evovbrackla-RE0#
Please let me know your inputs regarding this.
Thanks and regards Rajat Rastogi Company: Juniper Networks Inc
Gentle reminder.
rajatiitd
commented
3 months ago Gentle reminder, can you please revert to my comment, as its been long time?
dplore
commented
3 months ago It sounds reasonable to me in concept. If you can show that at least two implementations support this capability and propose how it would be modeled (preferrably with a pull request include the yang changes), the OC operators gorup will review the changes.
Hi OC-Team,
My name is Rajat Rastogi (Company name: Juniper Networks Inc).
While configuring ACL via openconfig-acl on Juniper Routers, the following problem was faced. Please go through the problem statement.
Problem Statement
In the present OC-ACL model, there is no knob to enable/disable counter per acl-entry for an acl-set. Due to this, a vendor has one of the two choices:
Enable: Enable counter per acl-entry by default. More hardware resources (i.e., counters) will be consumed, which may not be desired for scale use cases. HW performance also degrades or
Disable: Disable counter per acl-entry by default. HW performance will be good as compared to the previous case where per acl-entry counters enabled. But In this case per acl-entry statistics cannot be obtained.
Proposed Solution
Knob to disable/enable counter at ACL set level
Using this counter can be disabled/enabled as based upon requirement as below
[edit] root@evovbrackla-RE0# set openconfig-acl:acl acl-sets acl-set f1 ACL_IPV4 config counter-reporting ? Possible completions: ACL_COUNTING_DISABLED Target system will not report the counting. ACL_COUNTING_ENABLED Target system will report the counting. [edit] root@evovbrackla-RE0#
Please let me know your inputs regarding this.
Thanks and regards Rajat Rastogi Company: Juniper Networks Inc