Network Working Group L. Zheng, Ed. Internet-Draft Huawei Technologies Intended status: Standards Track R. Rahman, Ed. Expires:FebruaryAugust 20, 2016 Cisco Systems S. PallagattiJuniper NetworksM. Jethanandani Cisco Systems G. Mirsky EricssonAugust 19, 2015February 17, 2016 Yang Data Model for Bidirectional Forwarding Detection (BFD)draft-ietf-bfd-yang-00.txtdraft-ietf-bfd-yang-01.txt Abstract This document defines a YANG data model that can be used to configure and manage Bidirectional Forwarding Detection (BFD). Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire onFebruaryAugust 20, 2016. Copyright Notice Copyright (c)20152016 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Contributors . . . . . . . . . . . . . . . . . . . . . .34 2. Design of the Data Model . . . . . . . . . . . . . . . . . .34 2.1. Design of Configuration Model . . . . . . . . . . . . . . 4 2.1.1. Common BFD configuration parameters . . . . . . . . . 5 2.1.2. Single-hop IP . . . . . . . . . . . . . . . . . . . .4 2.1.2.6 2.1.3. Multi-hop IP . . . . . . . . . . . . . . . . . . . .5 2.1.3.6 2.1.4. MPLS Traffic Engineering Tunnels . . . . . . . . . .. . .62.1.4. LDP2.1.5. MPLS Label Switched Paths . . . . . . . . . . . . . .6 2.1.5.7 2.1.6. Link Aggregation Groups . . . . . . . . . . . . . . .6 2.1.6. Per-interface Configuration . . . . . . . . . . . . .7 2.2. Design of Operational Model . . . . . . . . . . . . . . . 7 2.3. Notifications . . . . . . . . . . . . . . . . . . . . . . 8 2.4. RPC Operations . . . . . . . . . . . . . . . . . . . . . 8 2.5. BFDConfiguration Data Hierarchytop level hierarchy . . . . . . . . . . . . . . . . . 82.5.1. Centralized2.6. BFDConfigurationIP single-hop hierarchy . . . . . . . . . . . .8 2.5.2. Configuration in. . . 9 2.7. BFDclientsIP multi-hop hierarchy . . . . . . . . . . . .9 2.6. Operational Data Hierarchy. . . 11 2.8. BFD over LAG hierarchy . . . . . . . . . . . .11 2.7. Notifications. . . . . 13 2.9. BFD over MPLS LSPs hierarchy . . . . . . . . . . . . . . 15 2.10. BFD over MPLS-TE hierarchy . . .14 2.8.. . . . . . . . . . . . 17 2.11. Examples . . . . . . . . . . . . . . . . . . . . . . . .16 2.9.19 2.12. Interaction with other YANG modules . . . . . . . . . . .16 2.10.19 2.13. BFD top-level Yang Module . . . . . . . . . . . . . . . . 19 2.14. BFD IP single-hop Yang Module . . . . . . .16 2.11.. . . . . . . 32 2.15. BFDClient Example ConfigurationIP multi-hop Yang Module . . . . . .31 2.12. Security Considerations. . . . . . . . 35 2.16. BFD over LAG Yang Module . . . . . . . . . . . . . . .33 2.13. IANA Considerations. 38 2.17. BFD over MPLS Yang Module . . . . . . . . . . . . . . . . 41 2.18. BFD over MPLS-TEYang Module . .33 2.14. Acknowledgements. . . . . . . . . . . . . 45 2.19. Security Considerations . . . . . . .33 3. References. . . . . . . . . . 47 2.20. IANA Considerations . . . . . . . . . . . . . . .33 3.1. Normative References. . . . 47 2.21. Acknowledgements . . . . . . . . . . . . . .33 3.2. Informative. . . . . . 47 3. References . . . . . . . . . . . . . . . . .34 Appendix A. Change log. . . . . . . . 47 3.1. Normative References . . . . . . . . . . . . .35 A.1. Changes between versions -03 and -04. . . . . 47 3.2. Informative References . . . . .35 A.2. Changes between versions -02 and -03. . . . . . . . . .35 A.3. Changes between versions -01 and -02. . 49 Appendix A. Change log . . . . . . . .35 A.4.. . . . . . . . . . . . . 49 A.1. Changes between versions -00 and -01 . . . . . . . . . .3549 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . .3550 1. Introduction YANG [RFC6020] is a data definition language that was introduced to define the contents of a conceptual data store that allows networked devices to be managed using NETCONF [RFC6241]. YANG is proving relevant beyond its initial confines, as bindings to other interfaces (e.g RESTCONF [I-D.ietf-netconf-restconf]) and encodings other than XML (e.g JSON) are being defined. Furthermore, YANG data models can be used as the basis of implementation for other interfaces, such as CLI and programmatic APIs. This document defines a YANG data model that can be used to configure and manage Bidirectional Forwarding Detection (BFD)[RFC5880]. BFD is a network protocol which is used for liveness detection of arbitrary paths between systems. Some examples of different types of paths over which we have BFD: 1) Two systems directly connected via IP. This is known as BFD over single-hop IP [RFC5881] 2) Two systems connected via multiple hops [RFC5883] 3) Two systems connected via MPLS Label Switched Paths (LSPs) [RFC5884] 4) Two systems connected via pseudowires (PWs), this is known as Virtual Circuit Connectivity Verification (VCCV) [RFC5885] 5) Two systems connected via a Link Aggregation Group (LAG) interface [RFC7130] BFD typically does not operate on its own. Various control protocols, also known as BFD clients, use the services provided by BFD for their own operation [RFC5882]. The obvious candidates which use BFD are those which do not have Hellos to detect failures, e.g. static routes, and routing protocols whose Hellos do notsuportsupport sub- second failure detection, e.g. OSPF and IS-IS. 1.1. Contributors 2. Design of the Data Model Since BFD is used for liveliness detection of various forwarding paths, there is no uniform key to identify a BFD session. So the BFD data model is split in multiple YANG modules where each module corresponds to one type of forwarding path. For example, BFD for IP single-hop is in one YANG module and BFD for MPLS-TE is in another YANG module. The main difference between these modules is how a BFD session is uniquely identified, i.e the key for the list containing the BFD sessions for that forwarding path. To avoid duplication of BFD definitions, we have common types and groupings which are used by all the modules. The new top-level container "bfd" is augmented by all the YANG modules for their respective specific information. The "routing-protocol" datamodel followsnode in [I-D.ietf-netmod-routing-cfg] has been augmented with the "bfd" data node. Where appropriate for specific types of forwarding path, the respective BFD YANG modules follow a VRF-centric model by augmentingthe "routing-protocol" datathat new "bfd" node under "routing-protocol". Each node in[I-D.ietf-netmod-routing-cfg].every "bfd" sub-tree has a "config" node and an "oper" node. 2.1. Design of Configuration Model The configuration model consists mainly of the parameters specified in [RFC5880]. Some examples are desired minimum transmit interval, required minimum receive interval, detection multiplier, etc Some implementations have BFD session configuration under the BFD clients. For example, BFD session configuration is under routing applications such as OSPF, IS-IS, BGP etc. Other implementations have BFD session configuration centralized under BFD, i.e. outside the multiple BFD clients. The BFD parameters of interest to a BFD client are mainly the multiplier and interval(s) since those parameters impact the convergence time of the BFD clients when a failure occurs.So the configuration model has groupings, containing multiplier and interval(s), whichOther parameters such as BFD authentication are not specific tobe used bythe requirements of the BFDclients. Other parameters which remain underclient. To avoid splitting the BFDcontrol, e.g. demand modeconfiguration between BFD clients andauthentication, are configuredBFD, all the configuration is under BFD.We provide groupings, which contain the basicThe only BFDsession parameters, for applicationsconfiguration under BFD clients should be an "enable" knob which makes those clients react touse. This ensures consistency ofBFD liveliness detection events. 2.1.1. Common BFD configuration parametersacross applications.The basic BFD configuration parameters are: local-multiplier This is the detection time multiplier as defined in [RFC5880]. desired-min-tx-interval This is the Desired Min TX Interval as defined in [RFC5880]. required-min-rx-interval This is the Required Min RX Interval as defined in [RFC5880]. Although [RFC5880] allows for different values for transmit and receive intervals,manysome implementations allow users to specify just one interval which is used for both transmit and receive intervals or separate values for transmit and receive intervals.OurThe BFD YANG model supports this: there is a choice between "min-interval", used for both transmit and receive intervals, and"desired-min-tx-interval""desired-min-tx- interval" and "required-min-rx-interval".2.1.1. Single-hop IP For single-hop IP, the BFD multiplier and interval(s) are configured in BFD clients. ItThis ishighly desirable to have the BFD configuration consistent between those clients. Therefore, we havesupported via a groupingfor BFD configuration that applications can import in their YANG module: - This provides consistency since the same groupingwhich isbeingusedin all applications making use of BFD. - Not all implementations of those BFD clients have support for BFD, we must use if-feature inby therespectiveYANGmodules. An application importingmodules for theBFD configuration grouping could do so in a hierarchical manner if it has multiple levels at which BFD configuration can be applied. In a subsequent section, we provide an example of how a BFD client would usevarious forwarding paths. There are also intervals for thegrouping in such a way. The configuration items are: enabled Set to true to enable BFD. local-multiplierecho function (if supported): desired-min-echo-tx-interval This is thedetection time multiplierminimum interval that the local system would like to use when transmitting BFD echo packets. If 0, the echo function as defined in[RFC5880]. min-interval[RFC5880] is disabled. required-min-echo-rx-interval This is theDesired Min TX Interval andRequired Min Echo RX Interval as defined in [RFC5880].OR desired-min-tx-intervalFor BFD authentication we have: key-chain This isthe Desired Min TX Interval asa reference to key-chain defined in[RFC5880]. required-min-rx-interval[I-D.ietf-rtgwg-yang-key-chain]. The keys, cryptographic algotihms, key lifetime etc are all defined in the key-chain model. replay-protection This specifies meticulous v/s non-meticulous mode as per [RFC5880]. 2.1.2. Single-hop IP For single-hop IP, there is an augment of the "bfd" data node under "routing-protocol" in Section 2. We have a list of IP single-hop sessions where each session is uniquely identified by theRequired Min RX Interval asinterface and destination address pair. For the configuration parameters we use what is defined in[RFC5880]. 2.1.2.Section 2.1.1 2.1.3. Multi-hop IP For multi-hop IP, there is an augment of the "bfd" data node under "routing-protocol" in Section 2. We have a list for BFD sessions over multi-hop IP. The key consists of: source address Address belonging to the local system as per [RFC5883] destination address Address belonging to the remote system as per [RFC5883] Since we are following a VRF-centric model we do not need a VRF field in the key.Here is the list of parameters: local-multiplier This is the detection time multiplier as defined in [RFC5880]. desired-min-tx-interval This isFor theDesired Min TX Interval as defined in [RFC5880]. required-min-rx-interval Thisconfiguration parameters we use what isthe Required Min RX Interval asdefined in[RFC5880]. demand-enabled Set to true to enable demand mode as defined in [RFC5880]. enable-authentication Set to true to enable BFD authentication. authentication-algorithm Authentication algorithm to use, if enabled. key-chain-name Key-chain to be used for authentication, if enabled.Section 2.1.1 Here are some extra parameters: tx-ttl TTL of outgoing BFD control packets. rx-ttl Minimum TTL of incoming BFD control packets.2.1.3.2.1.4. MPLS Traffic Engineering Tunnels ForTraffic Engineering (TE)MPLS-TE tunnels, BFD is configured under theTEMPLS-TE tunnel sinceit is the Traffic Enginnering application which knowsthe desired failure detectionparameters. The grouping for BFD clients in Section 2.1.1 can be used byparameters is a property of theTE application forMPLS-TE tunnel. This is achieved by augmenting thebasic BFD parameters.MPLS-TE data model in [I-D.ietf-teas-yang-te]. For BFD parameters which are specific to the TE application, e.g. whether to tear down the tunnel in the event of a BFD session failure, these parameters will be defined in the YANG model of theTEMPLS-TE application.2.1.4. LDP Label Switched Paths For LDP LSPs,On top of the usual BFDis configured underparameters, we have theLDP FEC. The groupingfollowing per MPLS-TE tunnel: encap Encapsulation for the BFDclientspackets: choice between IP, G-ACh and IP with G-ACh as per [RFC5586] For general MPLS-TE data, "mpls-te" data node is added under the top- level "bfd" node in Section2.1.1 can be used by the LDP application2. Since some MPLS-TE tunnels are uni- directional there is no MPLS-TE configuration for these tunnels on thebasic BFD parameters. Foregress node (note that this does not apply to bi-directional MPLS-TP tunnels). The BFD parameters for the egress node are added under "mpls-te". 2.1.5. MPLS Label Switched Paths Here we address MPLS LSPs whose FEC is an IP address. The top-level "bfd" node in Section 2 is augmented with "mpls" which contains a list of sessions uniquely identified by an IP address. Since these LSPs arespecific touni-directional there is no LSP configuration on theLDP application, if any, theseegress node. The BFD parameterswill be defined in the YANG model offor theLDP application. 2.1.5.egress node are added under "mpls". 2.1.6. Link Aggregation Groups Per [RFC7130], configuring BFD on LAG consists of having micro-BFD sessions on each LAG member link.The grouping for BFD clients in Section 2.1.1 can be used by the LAG application forSince thebasic BFD parameters. This grouping can be used per-LAG or per member-link. ForBFD parameterswhicharespecific to the LAG application, e.g. the IP addressan attribute of thepeer system which can be reached by theLAG,the parameters willthey should bedefined inunder the LAG. However there is no LAG YANG modelof the LAG application. 2.1.6. Per-interface Configuration With multiplier and intervals configured under the BFD clients,which westill need a central location to configure authentication, demand mode, etc. Thiscanbe done by configuring the following parameters per interface: demand-enabled Set to true to enable demand mode as defined in [RFC5880]. enable-authentication Set to true to enable BFD authentication. authentication-algorithm Authentication algorithm to use, if enabled. key-chain-name Key-chain to be used for authentication, if enabled. desired-min-echo-tx-interval Thisaugment. So a "lag" data node isthe minimum interval that the local system would likeadded touse when transmitting BFD echo packets. If 0,theecho function as definedtop-level "bfd" node in[RFC5880] is disabled. required-min-echo-rx-interval ThisSection 2, the configuration is per-LAG: we have a list of LAGs. The destination IP address of theRequired Min Echo RX Interval as defined in [RFC5880].micro-BFD sessions is configured per-LAG and per address-family (IPv4 and IPv6) 2.2. Design of Operational Model The operational model contains both the overall statistics of BFD sessions running on the device and the per session operationalstatistics. Since BFD is used for liveness detectioninformation. The overall statistics ofarbitrary paths, there is no uniform key to identify aBFDsession. E.g. asessions consist of number of BFDsingle-hop IP session is uniquely identified by the combinationsessions, number ofdestination IP address and interface whereas a multihop IP sessionBFD sessions up etc. This information isuniquely identified byavailable globally (i.e. for all BFD sessions) under thecombination of source IP addresstop level "bfd" node in Section 2 anddestination IP address (in the contextalso per type ofa VRF).forwarding path. Forthis reason, for per-session operational statistics, we do not have a single list with different type BFD sessions. Instead, we have a container where we have multiple lists, whereeachlist corresponds to one specific path type for BFD. For example, we have one operational list for BFD single-hop IP, another list forBFDmulti-hop IP, etc. In each list,session, mainly three categories of operational items are shown. The fundamental information of a BFD session such as the local discriminator, remote discriminator and the capability of supporting demand detect mode are shown in the first category. The second category includes a BFD session running information, e.g. theFSM the device inremote BFD state and the diagnostic code received. Another example is the actual transmit interval between the control packets, which may be different from the desired minimum transmit interval configured, is shown in this category. Similar examples are actual received interval between the control packets and the actual transmit interval between the echo packets. The third category contains the detailed statistics of the session, e.g. when the session transitioned up/down and how long it has been in that state. For some session types, there may be more than 1 session on the virtual path to the destination. For example, with IP multi-hop there could be multiple BFD sessions from the source to the same destination to test the various paths (ECMP) to the destination. Each of the BFD sessions on the same virtual path is uniquely identified by thesource UDP portlocal discriminator. 2.3. Notifications This YANG model definesa list ofnotifications to inform clients of BFD of important events detected during the protocol operation. Pair of local and remote discriminator identifies a BFD session on local system. Notifications also give more important details about BFD sessions; e.g. new state, time in previous state, routing-instance and the reason that the BFD session state changed. The notifications are defined for each type of forwarding path but use groupings for common information. 2.4. RPC Operations TBD 2.5. BFDConfiguration Data Hierarchy 2.5.1. Centralized BFD Configuration The following istop level hierarchy At thecentralizedtop level there is no configuration data, only operational data. The operational datahierarchy: We have a container which contains a list for each session type. This containsconsist of overall BFD sessionconfiguration for onlystatistics globally and per routing-instance module: ietf-bfd +--rw bfd! +--rw config +--ro oper +--ro bfd-session-statistics +--ro session-count? uint32 +--ro session-up-count? uint32 +--ro session-down-count? uint32 +--ro session-admin-down-count? uint32 augment /rt:routing/rt:routing-instance /rt:routing-protocols/rt:routing-protocol: +--rw bfd! +--rw config +--ro oper +--ro bfd-session-statistics +--ro session-count? uint32 +--ro session-up-count? uint32 +--ro session-down-count? uint32 +--ro session-admin-down-count? uint32 2.6. BFD IPmulti-hop sessions. We have per-interfacesingle-hop hierarchy The configuration and operational data forauthentication, demand-mode, etc. This is used e.g. foreach BFD IP single-hopsessions whose base BFD configuration belongs to thesession is under "ip-sh" node under routing-instance. Overall BFDclients.IP single-hop session statistics are available per routing-instance and globally (for all routing instances). module:ietf-bfdietf-bfd-ip-sh augment/rt:routing/rt:routing-instance/rt:routing-protocols/ rt:routing-protocol:/bfd:bfd: +--rwbfdip-sh +--rwbfd-cfg |config +--ro oper +--ro bfd-session-statistics +--ro session-count? uint32 +--ro session-up-count? uint32 +--ro session-down-count? uint32 +--ro session-admin-down-count? uint32 augment /rt:routing/rt:routing-instance/rt:routing-protocols /rt:routing-protocol/bfd:bfd: +--rw ip-sh +--rwbfd-session-cfgconfig | +--rw session-cfg | +--rwsession-ip-mh* [source-addrsessions* [interface dest-addr] ||+--rwsource-addr inet:ip-address |interface if:interface-ref | +--rw dest-addr inet:ip-address ||+--rwadmin-down? boolean |source-addr? inet:ip-address | +--rw local-multiplier?multiplier |bfd-multiplier | +--rw (interval-config-type)? | ||+--:(tx-rx-intervals) | | ||+--rw desired-min-tx-interval uint32 | | ||+--rw required-min-rx-interval uint32 | ||+--:(single-interval) | ||+--rw min-interval uint32 ||+--rw demand-enabled? boolean ||+--rwenable-authentication?admin-down? boolean ||+--rwauthentication-parmsauthentication-parms! {bfd-authentication}? | ||+--rwkey-chain-name? string |key-chain? kc:key-chain-ref | | +--rwalgorithm? bfd-auth-algorithmreplay-protection? identityref | +--rw desired-min-echo-tx-interval? uint32 | +--rwtx-ttl? ttlrequired-min-echo-rx-interval? uint32 +--ro oper +--ro bfd-session-statistics | +--ro session-count? uint32 |+--rw rx-ttl ttl+--ro session-up-count? uint32 |+--rw bfd-interface-cfg* [interface] {bfd-interface-config}?+--ro session-down-count? uint32 |+--rw+--ro session-admin-down-count? uint32 +--ro sessions* [interface dest-addr] +--ro interface if:interface-ref +--ro dest-addr inet:ip-address +--ro source-addr? inet:ip-address +--ro path-type? identityref +--ro local-discriminator? bfd-discriminator +--ro remote-discriminator? bfd-discriminator +--ro remote-multiplier? bfd-multiplier +--ro out-interface? if:interface-ref +--ro demand-capability? boolean +--ro source-port? inet:port-number +--ro dest-port? inet:port-number +--ro session-running |+--rw local-multiplier? multiplier+--ro session-index? uint32 |+--rw (interval-config-type)?+--ro local-state? bfd-state | +--ro remote-state? bfd-state |+--:(tx-rx-intervals)+--ro local-diagnostic? bfd-diagnostic | +--ro remote-diagnostic? bfd-diagnostic | +--ro detection-mode? enumeration |+--rw desired-min-tx-interval+--ro negotiated-tx-interval? uint32 || | +--rw required-min-rx-interval+--ro negotiated-rx-interval? uint32 || +--:(single-interval) | | +--rw min-interval+--ro echo-tx-interval-in-use? uint32 |+--rw demand-enabled? boolean | +--rw enable-authentication? boolean | +--rw authentication-parms {bfd-authentication}? | | +--rw key-chain-name? string | | +--rw algorithm? bfd-auth-algorithm | +--rw desired-min-echo-tx-interval?+--ro detection-time? uint32| +--rw required-min-echo-rx-interval?+--ro sesssion-statistics +--ro create-time? yang:date-and-time +--ro last-down-time? yang:date-and-time +--ro last-up-time? yang:date-and-time +--ro down-count? uint322.5.2. Configuration in+--ro admin-down-count? uint32 +--ro receive-packet-count? uint64 +--ro send-packet-count? uint64 +--ro receive-bad-packet? uint64 +--ro send-failed-packet? uint64 notifications: +---n bfd-singlehop-notification +--ro local-discr? bfd-discriminator +--ro remote-discr? bfd-discriminator +--ro new-state? bfd-state +--ro state-change-reason? string +--ro time-in-previous-state? string +--ro dest-addr? inet:ip-address +--ro source-addr? inet:ip-address +--ro session-index? uint32 +--ro path-type? identityref +--ro interface? if:interface-ref +--ro echo-enabled? boolean 2.7. BFDclients The following is the configuration dataIP multi-hop hierarchyfor a hypothetical BFD client called example-bfd-routing-app.TheBFDconfigurationis supported conditionally via use of if-feature. We have a list of areasandinoperational data for eacharea we have a list of interfaces. TheBFDconfiguration grouping is used in a hierarchical fashion, it can be applied in "area" and "interface": - If BFD configurationIP multi-hop session isappliedunderan interface, that configuration takes precedence over any BFD configuration, if any, at the area level - If BFD configuration is applied"ip-mh" node underan "area" and none of the interfaces in that area has BFD configuration, then all interfaces belong to the "area" in question inherit the BFD configuration for the area in question. - Ifrouting-instance. In the operational model we support multiple BFDclient implementation supports "interface all", then all the interfaces belonging to that area will inheritmulti-hop sessions per remote address (ECMP), theBFD configuration under "interface all". Additionally, if therelocal discriminator isspecific interface configuration, then the specific interface will override the "interface all" parameters. - The txused as key. Overall BFD IP multi-hop session statistics are available per routing-instance andrx intervals can be configured separately or a single interval can be configured.globally (for all routing instances). module:example-bfd-routing-appietf-bfd-ip-mh augment /bfd:bfd: +--rwarea* [area-id]ip-mh +--rwarea-idconfig +--ro oper +--ro bfd-session-statistics +--ro session-count? uint32 +--ro session-up-count? uint32 +--ro session-down-count? uint32 +--ro session-admin-down-count? uint32 augment /rt:routing/rt:routing-instance/rt:routing-protocols /rt:routing-protocol/bfd:bfd: +--rwbfd-cfgip-mh +--rw config | +--rwenabled? booleansession-cfg | +--rw sessions* [source-addr dest-addr] | +--rw source-addr inet:ip-address | +--rw dest-addr inet:ip-address | +--rw local-multiplier?multiplierbfd-multiplier | +--rw (interval-config-type)? | | +--:(tx-rx-intervals) | | | +--rw desired-min-tx-interval uint32 | | | +--rw required-min-rx-interval uint32 | | +--:(single-interval) | | +--rw min-interval uint32 | +--rwinterface* [interface] +--rw interface if:interface-ref +--rw bfd-cfg +--rw enabled?demand-enabled? boolean | +--rwlocal-multiplier? multiplieradmin-down? boolean | +--rw(interval-config-type)? +--:(tx-rx-intervals)authentication-parms! {bfd-authentication}? | | +--rwdesired-min-tx-interval uint32key-chain? kc:key-chain-ref | | +--rwrequired-min-rx-interval uint32 +--:(single-interval)replay-protection? identityref | +--rwmin-interval uint32 2.6. Operational Data Hierarchy The complete data hierarchy of BFD YANG operational model is presented below. module: ietf-bfd augment /rt:routing/rt:routing-instance/rt:routing-protocols/ rt:routing-protocol:tx-ttl? bfd:ttl | +--rwbfdrx-ttl bfd:ttl +--robfd-operoper +--ro bfd-session-statistics | +--roip-sh-session-num? uint32 | +--ro ip-mh-session-num? uint32bfd-session-statistics | +--rototal-session-num?session-count? uint32 | +--rosession-up-num?session-up-count? uint32 | +--rosess-down-num?session-down-count? uint32 | +--rosess-admin-down-num?session-admin-down-count? uint32 +--robfd-session-lists +--ro session-ip-sh* [interfacesession-group* [source-addr dest-addr]|+--rointerface if:interface-ref |source-addr inet:ip-address +--ro dest-addr inet:ip-address|+--rosource-addr? inet:ip-address |sessions* [local-discriminator] +--rosession-type? bfd-session-type |ttl? bfd:ttl +--rolocal-discriminator? discriminator |path-type? identityref +--ro local-discriminator bfd-discriminator +--ro remote-discriminator?discriminator |bfd-discriminator +--ro remote-multiplier?multiplier |bfd-multiplier +--ro out-interface? if:interface-ref|+--ro demand-capability? boolean|+--ro source-port? inet:port-number|+--ro dest-port? inet:port-number|+--rosession-running* |session-running | +--ro session-index? uint32 ||+--ro local-state?state |bfd-state | +--ro remote-state?state |bfd-state | +--ro local-diagnostic?diagnostic |bfd-diagnostic | +--ro remote-diagnostic?diagnostic |bfd-diagnostic | +--ro detection-mode? enumeration ||+--ro negotiated-tx-interval? uint32 ||+--ro negotiated-rx-interval? uint32 ||+--ronegotiated-echo-tx-interval?echo-tx-interval-in-use? uint32 ||+--ro detection-time? uint32|+--rosesssion-statistics* |sesssion-statistics +--ro create-time? yang:date-and-time|+--ro last-down-time? yang:date-and-time|+--ro last-up-time? yang:date-and-time|+--ro down-count? uint32|+--ro admin-down-count? uint32|+--ro receive-packet-count? uint64|+--ro send-packet-count? uint64|+--ro receive-bad-packet? uint64|+--ro send-failed-packet? uint64 notifications: +---n bfd-multihop-notification +--rosession-ip-mh-group* [source-addr dest-addr] |local-discr? bfd-discriminator +--rosource-addr inet:ip-address |remote-discr? bfd-discriminator +--rodest-addrnew-state? bfd-state +--ro state-change-reason? string +--ro time-in-previous-state? string +--ro dest-addr? inet:ip-address|+--rosession-ip-mh* [source-port] |source-addr? inet:ip-address +--rottl? ttl |session-index? uint32 +--rosession-type? bfd-session-type |path-type? identityref +--rolocal-discriminator? discriminatorrouting-instance? rt:routing-instance-ref 2.8. BFD over LAG hierarchy The configuration and operational data for each BFD LAG session is under "lag" node. Overall BFD LAG session statistics are available globally. module: ietf-bfd-lag augment /bfd:bfd: +--rw lag +--rw config |+--ro remote-discriminator? discriminator+--rw session-cfg |+--ro remote-multiplier? multiplier+--rw sessions* [lag-name] |+--ro out-interface?+--rw lag-name if:interface-ref |+--ro demand-capability? boolean+--rw ipv4-dest-addr? inet:ipv4-address |+--ro source-port inet:port-number+--rw ipv6-dest-addr? inet:ipv6-address |+--ro dest-port? inet:port-number+--rw local-multiplier? bfd-multiplier |+--ro session-running*+--rw (interval-config-type)? | |+--ro session-index?+--:(tx-rx-intervals) | | | +--rw desired-min-tx-interval uint32 | |+--ro local-state? state| +--rw required-min-rx-interval uint32 |+--ro remote-state? state| +--:(single-interval) |+--ro local-diagnostic? diagnostic| +--rw min-interval uint32 |+--ro remote-diagnostic? diagnostic+--rw demand-enabled? boolean | +--rw admin-down? boolean |+--ro detection-mode? enumeration+--rw authentication-parms! {bfd-authentication}? | +--rw key-chain? kc:key-chain-ref | +--rw replay-protection? identityref +--ronegotiated-tx-interval? uint32oper +--ro micro-bfd-ipv4-session-statistics | +--ro bfd-session-statistics | +--ronegotiated-rx-interval?session-count? uint32 ||+--ronegotiated-echo-tx-interval?session-up-count? uint32 ||+--rodetection-time?session-down-count? uint32 | +--rosesssion-statistics* |session-admin-down-count? uint32 +--rocreate-time? yang:date-and-timemicro-bfd-ipv6-session-statistics | +--rolast-down-time? yang:date-and-timebfd-session-statistics | +--rolast-up-time? yang:date-and-timesession-count? uint32 | +--rodown-count?session-up-count? uint32 | +--roadmin-down-count?session-down-count? uint32 | +--roreceive-packet-count? uint64 |session-admin-down-count? uint32 +--rosend-packet-count? uint64 |session-lag* [lag-name] +--roreceive-bad-packet? uint64 |lag-name if:interface-ref +--rosend-failed-packet? uint64use-ipv4? boolean +--rosession-te-tunnel* [tunnel-name] |use-ipv6? boolean +--rotunnel-name stringmember-links* [member-link] +--ro member-link if:interface-ref +--ro micro-bfd-ipv4 | +--rosession-type? bfd-session-typepath-type? identityref | +--ro local-discriminator?discriminatorbfd-discriminator | +--ro remote-discriminator?discriminatorbfd-discriminator | +--ro remote-multiplier?multiplierbfd-multiplier | +--ro out-interface? if:interface-ref | +--ro demand-capability? boolean | +--ro source-port? inet:port-number | +--ro dest-port? inet:port-number | +--rosession-running*session-running | | +--ro session-index? uint32 | | +--ro local-state?statebfd-state | | +--ro remote-state?statebfd-state | | +--ro local-diagnostic?diagnosticbfd-diagnostic | | +--ro remote-diagnostic?diagnosticbfd-diagnostic | | +--ro detection-mode? enumeration | | +--ro negotiated-tx-interval? uint32 | | +--ro negotiated-rx-interval? uint32 | | +--ronegotiated-echo-tx-interval?echo-tx-interval-in-use? uint32 | | +--ro detection-time? uint32 | +--rosesssion-statistics*sesssion-statistics | +--ro create-time? yang:date-and-time | +--ro last-down-time? yang:date-and-time | +--ro last-up-time? yang:date-and-time | +--ro down-count? uint32 | +--ro admin-down-count? uint32 | +--ro receive-packet-count? uint64 | +--ro send-packet-count? uint64 | +--ro receive-bad-packet? uint64 | +--ro send-failed-packet? uint64 +--rosession-ldp-lsp-group* [ldp-fec] | +--ro ldp-fec inet:ip-prefix | +--ro session-ldp-lsp* [source-port] | +--ro ttl? ttl |micro-bfd-ipv6 +--rosession-type? bfd-session-type |path-type? identityref +--ro local-discriminator?discriminator |bfd-discriminator +--ro remote-discriminator?discriminator |bfd-discriminator +--ro remote-multiplier?multiplier |bfd-multiplier +--ro out-interface? if:interface-ref|+--ro demand-capability? boolean|+--rosource-portsource-port? inet:port-number|+--ro dest-port? inet:port-number|+--rosession-running* |session-running | +--ro session-index? uint32 ||+--ro local-state?state |bfd-state | +--ro remote-state?state |bfd-state | +--ro local-diagnostic?diagnostic |bfd-diagnostic | +--ro remote-diagnostic?diagnostic |bfd-diagnostic | +--ro detection-mode? enumeration ||+--ro negotiated-tx-interval? uint32 ||+--ro negotiated-rx-interval? uint32 ||+--ronegotiated-echo-tx-interval?echo-tx-interval-in-use? uint32 ||+--ro detection-time? uint32|+--rosesssion-statistics* |sesssion-statistics +--ro create-time? yang:date-and-time|+--ro last-down-time? yang:date-and-time|+--ro last-up-time? yang:date-and-time|+--ro down-count? uint32|+--ro admin-down-count? uint32|+--ro receive-packet-count? uint64|+--ro send-packet-count? uint64|+--ro receive-bad-packet? uint64|+--ro send-failed-packet? uint64 notifications: +---n bfd-lag-notification +--rosession-lag* [lag-name]local-discr? bfd-discriminator +--rolag-name if:interface-refremote-discr? bfd-discriminator +--rosession-lag-micro* [member-link]new-state? bfd-state +--romember-link if:interface-refstate-change-reason? string +--ro time-in-previous-state? string +--rosession-type? bfd-session-typedest-addr? inet:ip-address +--rolocal-discriminator?source-addr? inet:ip-address +--ro session-index? uint32 +--ro path-type? identityref +--ro lag-name? if:interface-ref +--ro member-link? if:interface-ref 2.9. BFD over MPLS LSPs hierarchy The configuration is per MPLS FEC under "mpls". In the operational model we support multiple BFD sessions per MPLS FEC (ECMP), the local discriminator is used as key. module: ietf-bfd-mpls augment /bfd:bfd: +--rw mpls +--rw config | +--rw egress | +--rw local-multiplier? bfd-multiplier | +--rw (interval-config-type)? | | +--:(tx-rx-intervals) | | | +--rw desired-min-tx-interval uint32 | | | +--rw required-min-rx-interval uint32 | | +--:(single-interval) | | +--rw min-interval uint32 | +--rw authentication-parms! {bfd-authentication}? | +--rw key-chain? kc:key-chain-ref | +--rw replay-protection? identityref +--ro oper +--ro bfd-session-statistics +--ro session-count? uint32 +--ro session-up-count? uint32 +--ro session-down-count? uint32 +--ro session-admin-down-count? uint32 augment /rt:routing/rt:routing-instance/rt:routing-protocols /rt:routing-protocol/bfd:bfd: +--rw mpls +--rw config | +--rw session-cfg | +--rw sessions* [mpls-fec] | +--rw mpls-fec inet:ip-address | +--rw local-multiplier? bfd-multiplier | +--rw (interval-config-type)? | | +--:(tx-rx-intervals) | | | +--rw desired-min-tx-interval uint32 | | | +--rw required-min-rx-interval uint32 | | +--:(single-interval) | | +--rw min-interval uint32 | +--rw demand-enabled? boolean | +--rw admin-down? boolean | +--rw authentication-parms! {bfd-authentication}? | +--rw key-chain? kc:key-chain-ref | +--rw replay-protection? identityref +--ro oper +--ro bfd-session-statistics | +--ro session-count? uint32 | +--ro session-up-count? uint32 | +--ro session-down-count? uint32 | +--ro session-admin-down-count? uint32 +--ro session-group* [mpls-fec] +--ro mpls-fec inet:ip-address +--ro sessions* [local-discriminator] +--ro path-type? identityref +--ro local-discriminator bfd-discriminator +--ro remote-discriminator?discriminatorbfd-discriminator +--ro remote-multiplier?multiplierbfd-multiplier +--ro out-interface? if:interface-ref +--ro demand-capability? boolean +--ro source-port? inet:port-number +--ro dest-port? inet:port-number +--rosession-running*session-running | +--ro session-index? uint32 | +--ro local-state?statebfd-state | +--ro remote-state?statebfd-state | +--ro local-diagnostic?diagnosticbfd-diagnostic | +--ro remote-diagnostic?diagnosticbfd-diagnostic | +--ro detection-mode? enumeration | +--ro negotiated-tx-interval? uint32 | +--ro negotiated-rx-interval? uint32 | +--ronegotiated-echo-tx-interval?echo-tx-interval-in-use? uint32 | +--ro detection-time? uint32 +--rosesssion-statistics*sesssion-statistics | +--ro create-time? yang:date-and-time | +--ro last-down-time? yang:date-and-time | +--ro last-up-time? yang:date-and-time | +--ro down-count? uint32 | +--ro admin-down-count? uint32 | +--ro receive-packet-count? uint64 | +--ro send-packet-count? uint64 | +--ro receive-bad-packet? uint64 | +--ro send-failed-packet? uint642.7. Notifications The BFD YANG data model defines notifications for BFD session state changes. module: ietf-bfd augment /rt:routing/rt:routing-instance/rt:routing-protocols/ rt:routing-protocol:+--ro mpls-dest-address? inet:ip-address notifications: +---nbfd-singlehop-notification |bfd-mpls-notification +--ro local-discr?discriminator |bfd-discriminator +--ro remote-discr?discriminator |bfd-discriminator +--ro new-state?state |bfd-state +--ro state-change-reason? string|+--ro time-in-previous-state? string|+--ro dest-addr? inet:ip-address|+--ro source-addr? inet:ip-address|+--ro session-index? uint32|+--rosession-type? bfd-session-type |path-type? identityref +--rointerface? if:interface-ref |routing-instance? rt:routing-instance-ref +--roecho-enabled? boolean +---n bfd-multihop-notificationmpls-dest-address? inet:ip-address 2.10. BFD over MPLS-TE hierarchy The MPLS-TE YANG model [I-D.ietf-teas-yang-te] is augmented. BFD is configured per MPLS-TE tunnel, and BFD session operational data is provided per MPLS-TE LSP. module: ietf-bfd-mpls-te augment /bfd:bfd: +--rw mpls-te +--rw config |+--ro local-discr? discriminator+--rw egress |+--ro remote-discr? discriminator+--rw local-multiplier? bfd-multiplier |+--ro new-state? state+--rw (interval-config-type)? |+--ro state-change-reason? string|+--ro time-in-previous-state? string+--:(tx-rx-intervals) |+--ro dest-addr? inet:ip-address|+--ro source-addr? inet:ip-address|+--ro session-index?+--rw desired-min-tx-interval uint32 | | | +--rw required-min-rx-interval uint32 | | +--:(single-interval) | | +--rw min-interval uint32 | +--rw authentication-parms! {bfd-authentication}? | +--rw key-chain? kc:key-chain-ref | +--rw replay-protection? identityref +--rosession-type? bfd-session-type +---n bfd-te-tunnel-notificationoper +--ro bfd-session-statistics +--ro session-count? uint32 +--ro session-up-count? uint32 +--ro session-down-count? uint32 +--ro session-admin-down-count? uint32 augment /te:te/te:tunnels/te:tunnel/te:config: +--rw local-multiplier? bfd-multiplier +--rw (interval-config-type)? | +--:(tx-rx-intervals) | | +--rw desired-min-tx-interval uint32 | | +--rw required-min-rx-interval uint32 | +--:(single-interval) | +--rw min-interval uint32 +--rw demand-enabled? boolean +--rw admin-down? boolean +--rw authentication-parms! {bfd-authentication}? | +--rw key-chain? kc:key-chain-ref | +--rw replay-protection? identityref +--rw encap? identityref augment /te:te/te:lsps-state/te:lsp: +--rolocal-discr? discriminatorpath-type? identityref +--ro local-discriminator? bfd-discriminator +--ro remote-discriminator? bfd-discriminator +--ro remote-multiplier? bfd-multiplier +--ro out-interface? if:interface-ref +--ro demand-capability? boolean +--ro source-port? inet:port-number +--ro dest-port? inet:port-number +--ro session-running | +--roremote-discr? discriminatorsession-index? uint32 | +--ronew-state? statelocal-state? bfd-state | +--rostate-change-reason? stringremote-state? bfd-state | +--rotime-in-previous-state? stringlocal-diagnostic? bfd-diagnostic | +--rodest-addr? inet:ip-addressremote-diagnostic? bfd-diagnostic | +--rosource-addr? inet:ip-addressdetection-mode? enumeration | +--rosession-index?negotiated-tx-interval? uint32 | +--rosession-type? bfd-session-typenegotiated-rx-interval? uint32 | +--rotunnel-name? string +---n bfd-ldp-lsp-notificationecho-tx-interval-in-use? uint32 | +--rolocal-discr? discriminator |detection-time? uint32 +--roremote-discr? discriminatorsesssion-statistics | +--ronew-state? statecreate-time? yang:date-and-time | +--rostate-change-reason? stringlast-down-time? yang:date-and-time | +--rotime-in-previous-state? stringlast-up-time? yang:date-and-time | +--rodest-addr? inet:ip-addressdown-count? uint32 | +--rosource-addr? inet:ip-addressadmin-down-count? uint32 | +--rosession-index? uint32receive-packet-count? uint64 | +--rosession-type? bfd-session-typesend-packet-count? uint64 | +--roldp-fec? inet:ip-prefixreceive-bad-packet? uint64 | +--rosource-port? inet:port-numbersend-failed-packet? uint64 +--ro mpls-dest-address? inet:ip-address notifications: +---nbfd-lag-notificationbfd-mpls-te-notification +--ro local-discr?discriminatorbfd-discriminator +--ro remote-discr?discriminatorbfd-discriminator +--ro new-state?statebfd-state +--ro state-change-reason? string +--ro time-in-previous-state? string +--ro dest-addr? inet:ip-address +--ro source-addr? inet:ip-address2.8.+--ro session-index? uint32 +--ro path-type? identityref +--ro mpls-dest-address? inet:ip-address +--ro tunnel-name? string 2.11. Examples2.9.2.12. Interaction with other YANG modules TBD.2.10.2.13. BFD top-level Yang Module <CODE BEGINS> file"ietf-bfd@2015-07-01.yang""ietf-bfd@2016-02-17.yang" module ietf-bfd { namespace "urn:ietf:params:xml:ns:yang:ietf-bfd"; // replace with IANA namespace when assigned prefix "bfd"; import ietf-interfaces { prefix "if"; } import ietf-inet-types { prefix "inet"; } import ietf-yang-types { prefix "yang"; } import ietf-routing { prefix "rt"; } import ietf-key-chain { prefix "kc"; } organization "IETF BFD Working Group"; contact "WG Web: <http://tools.ietf.org/wg/bfd> WG List: <rtg-bfd@ietf.org> WG Chair: Jeff Haas WG Chair:Nobo AkiyaReshad Rahman Editor: Lianshu Zheng and Reshad Rahman"; description "This module contains the YANG definition for BFD parameters as perRFC5880, RFC5881RFC5880."; revision 2016-02-17 { description "* Split in several modules * This module contains common definitions andRFC5883";summary information."; reference "RFC XXXX: A YANG data model for BFD"; } revision 2015-07-01 { description "Initial revision."; reference "RFC XXXX: A YANG data model for BFD"; } identity bfd { base "rt:routing-protocol"; description "BFD protocol"; } typedefdiscriminatorbfd-discriminator { type uint32 { range 1..4294967295; } description "BFD discriminator"; } typedefdiagnosticbfd-diagnostic { type enumeration { enum none { value 0; description "None"; } enum controlExpiry { value 1; description "Control timer expiry"; } enum echoFailed { value 2; description "Echo failure"; } enum nborDown { value 3; description "Neighbor down"; } enum fwdingReset { value 4; description "Forwarding reset"; } enum pathDown { value 5; description "Path down"; } enum concPathDown { value 6; description "Concatenated path down"; } enum adminDown { value 7; description "Admin down"; } enum reverseConcPathDown { value 8; description "Reverse concatenated path down"; } } description "BFD diagnostic"; } typedefstatebfd-state { type enumeration { enum adminDown { value 0; description "admindown"; } enum down { value 1; description "down"; } enum init { value 2; description "init"; } enum up { value 3; description "up"; } } description "BFD state"; } typedefmultiplierbfd-multiplier { type uint8 { range 1..255; } description "Multiplier"; } typedef ttl { type uint8 { range 1..255; } description "Time To Live"; }typedef bfd-session-typeidentity bfd-path-type { description "Base identity for BFD path type. The session typeenumeration { enum ip-single-hopindicates the type of path on which BFD is running"; } identity bfd-path-ip-sh { base bfd-path-type; description"IP"BFD on IP single hop"; }enum ip-multi-hopidentity bfd-path-ip-mh { base bfd-path-type; description"IP"BFD on IP multi hop"; }enum te-tunnelidentity bfd-path-mpls-te { base bfd-path-type; description"Traffic Engineering tunnes";"BFD on MPLS Traffic Engineering"; }enum ldp-lspidentity bfd-path-mpls-lsp { base bfd-path-type; description"LDP"BFD on MPLS Label Switched Path"; }enum lagidentity bfd-path-lag { base bfd-path-type; description "Micro-BFD on LAG member links"; }}identity bfd-encap-type { description"BFD session type, this indicates the path type that"Base identity for BFDis running on";encapsulation type."; }typedef bfd-auth-algorithm { type enumeration { enum simple-passwordidentity bfd-encap-ip { base bfd-encap-type; description"Simple password";"BFD with IP encapsulation."; }enum keyed-md5feature bfd-authentication { description"Keyed message Digest 5";"BFD authentication supported"; }enum meticulous-keyed-md5identity bfd-auth-replay-protection { description"Meticulous keyed message Digest 5";"Base identity for BFD authentication replay protection"; }enum keyed-sha-1identity bfd-auth-replay-protection-non-meticulous { base bfd-auth-replay-protection; description"Keyed secure hash algorithm (SHA1) ";"Non-meticulous (see RFC5880)"; }enum meticulous-keyed-sha-1identity bfd-auth-replay-protection-meticulous { base bfd-auth-replay-protection; description "Meticulouskeyed secure hash algorithm (SHA1) "; }(see RFC5880)"; } grouping bfd-auth-parms { description"Authentication algorithm"; } feature bfd-interface-config"Grouping for BFD authentication parameters (see section 6.7 of RFC5880)."; container authentication-parms { if-feature bfd-authentication; presence "Enables BFD authentication (see section 6.7 of RFC5880)."; description "Parameters for BFD authentication"; leaf key-chain { type kc:key-chain-ref; description"BFD per-interface config supported";"Name of key-chain"; }feature bfd-authenticationleaf replay-protection { type identityref { base bfd-auth-replay-protection; } description"BFD authentication supported";"Protection against replays"; } } } grouping bfd-grouping-base-cfg-parms { description "BFD grouping for base config parameters"; leaf local-multiplier { typemultiplier;bfd-multiplier; default 3; description "Multiplier transmitted by local system"; } choice interval-config-type { description "Two interval values or 1 value used for both tx and rx"; case tx-rx-intervals { leaf desired-min-tx-interval { type uint32; units microseconds; mandatory true; description "Desired minimum transmit interval of control packets"; } leaf required-min-rx-interval { type uint32; units microseconds; mandatory true; description "Required minimum receive interval of control packets"; } } case single-interval { leaf min-interval { type uint32; units microseconds; mandatory true; description "Desired minimum transmit interval and required " + "minimum receive interval of control packets"; } } } } grouping bfd-grouping-common-cfg-parms { description "BFD grouping for common config parameters"; uses bfd-grouping-base-cfg-parms; leaf demand-enabled { type boolean; default false; description "Toenbaleenable demand mode"; } leafenable-authenticationadmin-down { type boolean; default false; description"If set, the Authentication Section is present and"Is the BFD sessionis to be authenticated (see RFC5880 section 6.7 for details)."; } container authentication-parms { if-feature bfd-authentication; description "Parameters for authentication"; leaf key-chain-name { type string; must "../algorithm" { error-message "May not be configured without algorithm"; description "Requires algorithm"; } description "Key chain name"; } leaf algorithm { type bfd-auth-algorithm; must "../key-chain" { error-message "May not be configured without key-chain"; description "Requires key-chain"; } description "Authentication algorithm to be used"; }administratively down"; } uses bfd-auth-parms; } grouping bfd-grouping-echo-cfg-parms { description "BFD grouping for echo config parameters"; leaf desired-min-echo-tx-interval { type uint32; units microseconds; default 0; description "Desired minumum transmit interval for echo"; } leaf required-min-echo-rx-interval { type uint32; units microseconds; default 0; description "Required minimum receive interval for echo"; } } grouping bfd-client-base-cfg-parms { description "BFD groupingfor base config parameterswhich could be used by a protocol which is a client of BFD to enable its use of BFD"; container bfd-cfg { description "BFD configuration"; leaf enabled { type boolean; default false; description "True if BFD is enabled"; }uses bfd-grouping-base-cfg-parms;} } grouping bfd-all-session { description "BFD session operational information"; leafsession-typepath-type { typebfd-session-type;identityref { base bfd-path-type; } description "BFD session type, this indicates the path type that BFD is running on"; } leaf local-discriminator { typediscriminator;bfd-discriminator; description "Local discriminator"; } leaf remote-discriminator { typediscriminator;bfd-discriminator; description "Remote discriminator"; } leaf remote-multiplier { typemultiplier;bfd-multiplier; description "Remote multiplier"; } leaf out-interface { type if:interface-ref; description "Outgoing physical interface name"; } leaf demand-capability { type boolean; description "Local demand mode capability"; } leaf source-port { type inet:port-number; description "Source UDP port"; } leaf dest-port { type inet:port-number; description "Destination UDP port"; }listcontainer session-running { description "BFD session running information"; leaf session-index { type uint32; description "An index used to uniquely identify BFD sessions"; } leaf local-state { typestate;bfd-state; description "Local state"; } leaf remote-state { typestate;bfd-state; description "Remote state"; } leaf local-diagnostic { typediagnostic;bfd-diagnostic; description "Local diagnostic"; } leaf remote-diagnostic { typediagnostic;bfd-diagnostic; description "Remote diagnostic"; } leaf detection-mode { type enumeration { enum async-with-echo { value "1"; description "Async with echo"; } enum async-without-echo { value "2"; description "Async without echo"; } enum demand-with-echo { value "3"; description "Demand with echo"; } enum demand-without-echo { value "4"; description "Demand without echo"; } } description "Detection mode"; } leaf negotiated-tx-interval { type uint32; units microseconds; description "Negotiated transmit interval"; } leaf negotiated-rx-interval { type uint32; units microseconds; description "Negotiated receive interval"; } leafnegotiated-echo-tx-intervalecho-tx-interval-in-use { when "../../path-type = 'bfd-path-ip-sh'" { description "Echo is supported for IP single-hop only."; } type uint32; units microseconds; description"Negotiated echo"Echo transmitinterval";interval in use"; } leaf detection-time { type uint32; units microseconds; description "Detection time"; } }listcontainer sesssion-statistics { description "BFDsessionper-session statistics"; leaf create-time { type yang:date-and-time; description "Time and date when session was created"; } leaf last-down-time { type yang:date-and-time; description "Time and date of last time the session went down"; } leaf last-up-time { type yang:date-and-time; description "Time and date of last time the session went up"; } leaf down-count { type uint32; description "Session Down Count"; } leaf admin-down-count { type uint32; description "Session Admin-Down Count"; } leaf receive-packet-count { type uint64; description "Received Packet Count"; } leaf send-packet-count { type uint64; description "Sent Packet Count"; } leaf receive-bad-packet { type uint64; description "Received bad packet count"; } leaf send-failed-packet { type uint64; description "Packet Failed to Send Count"; } } } grouping bfd-session-statistics { description "Grouping for session counters"; container bfd-session-statistics { description "BFD session counters"; leaf session-count { type uint32; description "Number of sessions"; } leaf session-up-count { type uint32; description "Count of sessions which are up"; } leaf session-down-count { type uint32; description "Count of sessions which are down"; } leaf session-admin-down-count { type uint32; description "Count of sessions which are admin-down"; } } } grouping bfd-notification-parms { description "This group describes common parameters that will be sent " + "as part of BFD notification"; leaf local-discr { type bfd-discriminator; description "BFD local discriminator"; } leaf remote-discr { type bfd-discriminator; description "BFD remote discriminator"; } leaf new-state { type bfd-state; description "Current BFD state"; } leaf state-change-reason { type string; description "BFD state change reason"; } leaf time-in-previous-state { type string; description "How long the BFD session was in the previous state"; } leaf dest-addr { type inet:ip-address; description "BFD peer address"; } leaf source-addr { type inet:ip-address; description "BFD local address"; } leaf session-index { type uint32; description "An index used to uniquely identify BFD sessions"; } leaf path-type { type identityref { base bfd-path-type; } description "BFD path type"; } } augment "/rt:routing/rt:routing-instance/rt:routing-protocols/" + "rt:routing-protocol" { when "rt:type = 'bfd:bfd'" { description "This augment is only valid for a protocol instance of BFD."; } description "BFD augmentation."; container bfd { presence "BFD"; description "BFDtop-leveltop level container"; containerbfd-cfgconfig { description "BFD configuration container"; } container oper { config "false"; description "BFD operational container for this routing instance"; uses bfd-session-statistics; } } } container bfd { presence "BFD"; description "BFD top level container"; container config { description "BFD configuration container"; } container oper { config "false"; description "BFD operational container."; uses bfd-session-statistics; } } } <CODE ENDS> 2.14. BFD IP single-hop Yang Module <CODE BEGINS> file "ietf-bfd-ip-sh@2016-02-17.yang" module ietf-bfd-ip-sh { namespace "urn:ietf:params:xml:ns:yang:ietf-bfd-ip-sh"; // replace with IANA namespace when assigned prefix "bfd-ip-sh"; import ietf-bfd { prefix "bfd"; } import ietf-interfaces { prefix "if"; } import ietf-inet-types { prefix "inet"; } import ietf-routing { prefix "rt"; } organization "IETF BFD Working Group"; contact "WG Web: <http://tools.ietf.org/wg/bfd> WG List: <rtg-bfd@ietf.org> WG Chair: Jeff Haas WG Chair: Reshad Rahman Editor: Lianshu Zheng and Reshad Rahman"; description "This module contains the YANG definition for BFD IP single-hop as per RFC5881."; revision 2016-02-17 { description "Initial revision."; reference "RFC XXXX: A YANG data model for BFD IP single-hop"; } augment "/bfd:bfd" { description "BFD augmentation for IP single-hop"; container ip-sh { description "BFD IP single-hop top level container"; container config { description "BFD IP single-hop configuration container"; } container oper { config "false"; description "BFD IP single-hop operational container"; uses bfd:bfd-session-statistics; } } } augment "/rt:routing/rt:routing-instance/rt:routing-protocols/" + "rt:routing-protocol/bfd:bfd" { description "BFD augmentation for IP single-hop."; container ip-sh { description "BFD IP single-hop container"; container config { description "BFD configuration"; containerbfd-session-cfgsession-cfg { description "BFD IP single-hop session configuration"; listsession-ip-mhsessions { key"source-addr"interface dest-addr"; description "List of IPmulti-hopsingle-hop sessions"; leafsource-addrinterface { typeinet:ip-address;if:interface-ref; description"Local IP address";"Interface on which the BFD session is running."; } leaf dest-addr { type inet:ip-address; description "IP address of the peer"; } leafadmin-downsource-addr { typeboolean; default false;inet:ip-address; description"Is"Local address"; } uses bfd:bfd-grouping-common-cfg-parms; uses bfd:bfd-grouping-echo-cfg-parms; } } } container oper { config "false"; description "BFD operational container"; uses bfd:bfd-session-statistics; list sessions { key "interface dest-addr"; description "BFD IP single-hop sessions"; leaf interface { type if:interface-ref; description "Interface on which the BFD sessionadministratively down";is running."; }uses bfd-grouping-common-cfg-parms;leaftx-ttldest-addr { typettl; default 255;inet:ip-address; description"TTL of outgoing BFD control packets";"BFD peer address"; } leafrx-ttlsource-addr { typettl; mandatory true;inet:ip-address; description"Minimum allowed TTL value for incoming BFD control packets";"BFD source address"; } uses bfd:bfd-all-session; } }list bfd-interface-cfg} } notification bfd-singlehop-notification {if-feature bfd-interface-config; key interface;description"Per-interface"Notification for BFDconfiguration";single-hop session state change. An " + "implementation may rate-limit notifications, e.g. when a" + "session is continuously changing state."; uses bfd:bfd-notification-parms; leaf interface { type if:interface-ref; description"Interface";"Interface to which this BFD session belongs to"; }uses bfd-grouping-common-cfg-parms; uses bfd-grouping-echo-cfg-parms;leaf echo-enabled { type boolean; description "Was echo enabled for BFD"; } }container bfd-oper} <CODE ENDS> 2.15. BFD IP multi-hop Yang Module <CODE BEGINS> file "ietf-bfd-ip-mh@2016-02-17.yang" module ietf-bfd-ip-mh { namespace "urn:ietf:params:xml:ns:yang:ietf-bfd-ip-mh"; // replace with IANA namespace when assigned prefix "bfd-ip-mh"; import ietf-bfd { prefix "bfd"; } import ietf-inet-types { prefix "inet"; } import ietf-routing { prefix "rt"; } organization "IETF BFD Working Group"; contact "WG Web: <http://tools.ietf.org/wg/bfd> WG List: <rtg-bfd@ietf.org> WG Chair: Jeff Haas WG Chair: Reshad Rahman Editor: Lianshu Zheng and Reshad Rahman"; description "This module contains the YANG definition for BFD IP multi-hop asper RFC5883."; revision 2016-02-17 { description "Initial revision."; reference "RFC XXXX: A YANG data model for BFD IP multi-hop"; } augment "/bfd:bfd" {config "false";description "BFDoperational container";augmentation for IP multi-hop"; containerbfd-session-statisticsip-mh { description "BFDsession counters"; leaf ip-sh-session-numIP multi-hop top level container"; container config {type uint32;description"IP single hop session number";"BFD IP multi-hop configuration container"; }leaf ip-mh-session-numcontainer oper {type uint32;config "false"; description"IP multi hop session Number";"BFD IP multi-hop operational container"; uses bfd:bfd-session-statistics; }leaf total-session-num { type uint32; description "Total session number";}leaf session-up-num} augment "/rt:routing/rt:routing-instance/rt:routing-protocols/" + "rt:routing-protocol/bfd:bfd" { when "rt:type = 'bfd:bfd'" {type uint32;description"Session up number";"This augment is only valid for a protocol instance of BFD."; }leaf sess-down-numdescription "BFD augmentation for IP multi-hop."; container ip-mh {type uint32;description"Session down number"; } leaf sess-admin-down-num"BFD IP multi-hop container"; container config {type uint32;description"Session admin-down number"; } }"BFD configuration"; containerbfd-session-listssession-cfg { description"Contains multiple"BFD IP multi-hop sessionlists, one per type";configuration"; listsession-ip-shsessions { key"interface"source-addr dest-addr"; description"BFD"List of IPsingle-hopmulti-hop sessions"; leafinterfacesource-addr { typeif:interface-ref;inet:ip-address; description"Interface on which the BFD session is running.";"Local IP address"; } leaf dest-addr { type inet:ip-address; description"BFD peer address";"IP address of the peer"; } uses bfd:bfd-grouping-common-cfg-parms; leafsource-addrtx-ttl { typeinet:ip-address;bfd:ttl; default 255; description"BFD source address";"TTL of outgoing BFD control packets"; } leaf rx-ttl { type bfd:ttl; mandatory true; description "Minimum allowed TTL value for incoming BFD control packets"; } } } } container oper { config "false"; description "BFD operational container"; container bfd-session-statistics { description "BFD session counters"; usesbfd-all-session;bfd:bfd-session-statistics; } listsession-ip-mh-groupsession-group { key "source-addr dest-addr"; description "BFD IP multi-hop group of sessions. A group of " + "sessions is between 1 source and 1 destination, " + "each sessionuseshas a differentsource UDP portfield in UDP/IP hdr for " + "ECMP."; leaf source-addr { type inet:ip-address; description "BFD source address"; } leaf dest-addr { type inet:ip-address; description "BFD peer address"; } listsession-ip-mhsessions { key"source-port";"local-discriminator"; description "The BFD sessions between a source and a. " + "destination.Source UDP portLocal discriminator is unique for " + "each session in the group."; leaf ttl { typettl;bfd:ttl; description "TTL of outgoing packets"; } usesbfd-all-session;bfd:bfd-all-session; } }list session-te-tunnel} } } notification bfd-multihop-notification {key "tunnel-name";description"BFD over TE tunnel";"Notification for BFD multi-hop session state change. An " + "implementation may rate-limit notifications, e.g. when a" + "session is continuously changing state."; uses bfd:bfd-notification-parms; leaftunnel-namerouting-instance { typestring;rt:routing-instance-ref; description"Name of TE tunnel";"Routing instance"; }uses bfd-all-session;}list session-ldp-lsp-group} <CODE ENDS> 2.16. BFD over LAG Yang Module <CODE BEGINS> file "ietf-bfd-lag@2016-02-17.yang" module ietf-bfd-lag {key "ldp-fec";namespace "urn:ietf:params:xml:ns:yang:ietf-bfd-lag"; // replace with IANA namespace when assigned prefix "bfd-lag"; import ietf-bfd { prefix "bfd"; } import ietf-interfaces { prefix "if"; } import ietf-inet-types { prefix "inet"; } organization "IETF BFD Working Group"; contact "WG Web: <http://tools.ietf.org/wg/bfd> WG List: <rtg-bfd@ietf.org> WG Chair: Jeff Haas WG Chair: Reshad Rahman Editor: Lianshu Zheng and Reshad Rahman"; description"BFD"This module contains the YANG definition for BFD overLDP LSP group of sessions.LAG interfaces as per RFC7130."; revision 2016-02-17 { description "Initial revision."; reference "RFC XXXX: Agroup of " + "sessions is to one LDP FEC, each session uses a " + "different source UDP portYANG data model forECMP."; leaf ldp-fecBFD over LAG"; } augment "/bfd:bfd" {type inet:ip-prefix;description"LDP FEC"; }"BFD augmentation for LAG"; container lag { description "BFD over LAG top level container"; container config { description "BFD over LAG configuration container"; container session-cfg { description "BFD over LAG session configuration"; listsession-ldp-lspsessions { key"source-port";"lag-name"; description"The BFD sessions"A LAG interface onan LDP FEC. Source UDP " + "portwhich BFD isunique for each session inrunning"; leaf lag-name { type if:interface-ref ; description "Name of thegroup.";LAG"; } leafttlipv4-dest-addr { typettl;inet:ipv4-address; description"TTL"IPv4 address ofoutgoing packets";the peer, for IPv4 micro-BFD."; } leaf ipv6-dest-addr { type inet:ipv6-address; description "IPv6 address of the peer, for IPv6 micro-BFD."; } usesbfd-all-session;bfd:bfd-grouping-common-cfg-parms; } } } container oper { config "false"; description "BFD over LAG operational container."; container micro-bfd-ipv4-session-statistics { description "Micro-BFD IPv4 session counters"; uses bfd:bfd-session-statistics; } container micro-bfd-ipv6-session-statistics { description "Micro-BFD IPv6 session counters"; uses bfd:bfd-session-statistics; } list session-lag { key "lag-name"; description "A LAG interface on which BFD is running"; leaf lag-name { type if:interface-ref ; description "Name of the LAG"; } leaf use-ipv4 { type boolean; description "Using IPv4 micro-BFD."; } leaf use-ipv6 { type boolean; description "Using IPv6 micro-BFD."; } listsession-lag-micromember-links { key "member-link"; description "Micro-BFD over LAG. This representsBFD " + "overone member link"; leaf member-link { type if:interface-ref; description "Member link on which micro-BFD is running"; } container micro-bfd-ipv4 { when "../use-ipv4 = 'true'" { description "Needed only if IPv4 is used."; } description "Micro-BFD IPv4 session state on member link"; uses bfd:bfd-all-session; } container micro-bfd-ipv6 { when "../use-ipv6 = 'true'" { description "Needed only if IPv6 is used."; } description "Micro-BFD IPv6 session state on member link"; usesbfd-all-session;bfd:bfd-all-session; } } } } } }grouping bfd-notification-parmsnotification bfd-lag-notification { description"This group describes common parameters that will be sent"Notification for BFD over LAG session state change. " +"as part of BFD notification";"An implementation may rate-limit notifications, e.g. when a" + "session is continuously changing state."; uses bfd:bfd-notification-parms; leaflocal-discrlag-name { typediscriminator;if:interface-ref; description"BFD local discriminator";"LAG interface name"; } leafremote-discrmember-link { typediscriminator;if:interface-ref; description"BFD remote discriminator";"Member link on which BFD is running"; }leaf new-state { type state; description "Current} } <CODE ENDS> 2.17. BFDstate";over MPLS Yang Module <CODE BEGINS> file "ietf-bfd-mpls@2016-02-17.yang" module ietf-bfd-mpls { namespace "urn:ietf:params:xml:ns:yang:ietf-bfd-mpls"; // replace with IANA namespace when assigned prefix "bfd-mpls"; import ietf-bfd { prefix "bfd"; }leaf state-change-reasonimport ietf-inet-types {type string; description "BFD state change reason";prefix "inet"; }leaf time-in-previous-stateimport ietf-routing {type string;prefix "rt"; } organization "IETF BFD Working Group"; contact "WG Web: <http://tools.ietf.org/wg/bfd> WG List: <rtg-bfd@ietf.org> WG Chair: Jeff Haas WG Chair: Reshad Rahman Editor: Lianshu Zheng and Reshad Rahman"; description"How long"This module contains the YANG definition for BFDsession was in the previous state";parameters for MPLS LSPs as per RFC5884."; revision 2016-02-17 { description "Initial revision."; reference "RFC XXXX: A YANG data model for BFD over MPLS LSPs"; }leaf dest-addridentity bfd-encap-gach {type inet:ip-address;base bfd:bfd-encap-type; description "BFDpeer address";with G-ACh encapsulation as per RFC5586."; }leaf source-addridentity bfd-encap-ip-gach {type inet:ip-address;base bfd:bfd-encap-type; description "BFDlocal address";with IP and G-ACh encapsulation as per RFC5586."; }leaf session-indexgrouping bfd-encap-cfg {type uint32;description"An index used to uniquely identify"Configuration for BFDsessions"; }encapsulation"; leafsession-typeencap { typebfd-session-type;identityref { base bfd:bfd-encap-type; } default bfd:bfd-encap-ip; description "BFDsession type";encapsulation"; } }notification bfd-singlehop-notificationgrouping bfd-mpls-dest-address { description"Notification for BFD single-hop session state change. An " + "implementation may rate-limit notifications, e.g. when a" + "session is continuously changing state."; uses bfd-notification-parms;"Destination address as per RFC5884"; leafinterfacempls-dest-address { typeif:interface-ref;inet:ip-address; config "false"; description"Interface to which this BFD session belongs to";"Destination address as per RFC5884. Needed if IP encapsulation is used"; }leaf echo-enabled} augment "/bfd:bfd" {type boolean;description"Was echo enabled"BFD augmentation forBFD";MPLS"; container mpls { description "BFD MPLS top level container"; container config { description "BFD MPLS configuration container"; container egress { description "Egress configuration"; uses bfd:bfd-grouping-base-cfg-parms; uses bfd:bfd-auth-parms; } }notification bfd-multihop-notificationcontainer oper { config "false"; description"Notification for BFD multi-hop session state change. An " + "implementation may rate-limit notifications, e.g. when a" + "session is continuously changing state.";"BFD MPLS operational container"; usesbfd-notification-parms;bfd:bfd-session-statistics; }notification bfd-te-tunnel-notification} } augment "/rt:routing/rt:routing-instance/rt:routing-protocols/" + "rt:routing-protocol/bfd:bfd" { description"Notification"BFD augmentation forBFD over TE tunnelMPLS."; container mpls { description "BFD MPLS container"; container config { description "BFD MPLS configuration container"; container session-cfg { description "BFD MPLS sessionstate change. " + "An implementation may rate-limit notifications, e.g. when a" + "session is continuously changing state."; uses bfd-notification-parms;configuration"; list sessions { key "mpls-fec"; description "List of BFD MPLS sessions"; leaftunnel-namempls-fec { typestring;inet:ip-address; description"TE tunnel to which this BFD session belongs to";"MPLS FEC"; } uses bfd:bfd-grouping-common-cfg-parms; }notification bfd-ldp-lsp-notification} } container oper { config "false"; description"Notification for BFD over LDP LSP"BFD MPLS operational container"; uses bfd:bfd-session-statistics; list session-group { key "mpls-fec"; description "BFD MPLS group of sessions. A group of sessions is" + "for 1 FEC, each sessionstate change.has a different field in " +"An implementation may rate-limit notifications, e.g. when a" + "session is continuously changing state."; uses bfd-notification-parms;"UDP/IP hdr for ECMP."; leafldp-fecmpls-fec { typeinet:ip-prefix;inet:ip-address; description"LDP FEC";"MPLS-FEC"; }leaf source-portlist sessions {type inet:port-number;key "local-discriminator"; description"Source UDP port";"The BFD sessions for an MPLS FEC. Local " + "discriminator is unique for each session in the " + "group."; uses bfd:bfd-all-session; uses bfd-mpls:bfd-mpls-dest-address; } } } } } notificationbfd-lag-notificationbfd-mpls-notification { description "Notification for BFD overLAGMPLS FEC session state change. " + "An implementation may rate-limit notifications, e.g. when a" + "session is continuously changing state."; usesbfd-notification-parms;bfd:bfd-notification-parms; leaflag-namerouting-instance { typeif:interface-ref;rt:routing-instance-ref; description"LAG interface name";"Routing instance"; } leafmember-linkmpls-dest-address { typeif:interface-ref;inet:ip-address; description"Member link on which BFD"Destination address as per RFC5884. Needed if IP encapsulation isrunning";used"; } } } <CODE ENDS>2.11.2.18. BFDClient Example Configuration Yangover MPLS-TEYang Module <CODE BEGINS> file "ietf-bfd-mpls-te@2016-02-17.yang" moduleexample-bfd-routing-appietf-bfd-mpls-te { namespace"urn:ietf:params:xml:ns:yang:example-bfd-routing-app";"urn:ietf:params:xml:ns:yang:ietf-bfd-mpls-te"; // replace with IANA namespace when assigned prefixbfd-routing-app;"bfd-mpls-te"; import ietf-bfd { prefix "bfd"; } importietf-interfacesietf-bfd-mpls { prefix"if";"bfd-mpls"; } import ietf-te { prefix "te"; } organization"ACME";"IETF BFD Working Group"; contact"acme@acme.com";"WG Web: <http://tools.ietf.org/wg/bfd> WG List: <rtg-bfd@ietf.org> WG Chair: Jeff Haas WG Chair: Reshad Rahman Editor: Lianshu Zheng and Reshad Rahman"; description"Testing"This module contains the YANG definition for BFDgrouping (simulating a routing application)";parameters for MPLS Traffic Engineering as per RFC5884."; revision2015-07-012016-02-04 { description "Initial revision."; reference "RFC XXXX:An exampleA YANG data model for BFDrouting application";over MPLS-TE"; }feature routing-app-bfdaugment "/bfd:bfd" { description "BFD augmentation for MPLS-TE"; container mpls-te { description "BFD MPLS-TE top level container"; container config { description "BFD MPLS-TE configurationunder routing-app"; } list areacontainer"; container egress {key "area-id";description"Specify a routing area."; leaf area-id"Egress configuration"; uses bfd:bfd-grouping-base-cfg-parms; uses bfd:bfd-auth-parms; } } container oper {type uint32;config "false"; description"Area";"BFD operational container"; uses bfd:bfd-session-statistics; } } } augment "/te:te/te:tunnels/te:tunnel/te:config" { description "BFD configuration on MPLS-TE tunnel."; uses bfd:bfd-grouping-common-cfg-parms; usesbfd:bfd-client-base-cfg-parmsbfd-mpls:bfd-encap-cfg; } augment "/te:te/te:lsps-state/te:lsp" {if-feature routing-app-bfd;when "/te:te/te:lsps-state/te:lsp/te:origin-type != 'transit'" { description "BFD information not needed at transit points"; }list interfacedescription "BFD state information on MPLS-TE LSP."; uses bfd:bfd-all-session; uses bfd-mpls:bfd-mpls-dest-address; } notification bfd-mpls-te-notification {key "interface";description"List of interfaces";"Notification for BFD over MPLS-TE session state change. " + "An implementation may rate-limit notifications, e.g. when a" + "session is continuously changing state."; uses bfd:bfd-notification-parms; uses bfd-mpls:bfd-mpls-dest-address; leafinterfacetunnel-name { typeif:interface-ref;string; description"Interface"; } uses bfd:bfd-client-base-cfg-parms { if-feature routing-app-bfd; }"MPLS-TE tunnel on which BFD was running."; } } }2.12.<CODE ENDS> 2.19. Security Considerations The YANG module defined in this memo is designed to be accessed via the NETCONF protocol [RFC6241]. The lowest NETCONF layer is the secure transport layer and the mandatory to implement secure transport is SSH [RFC6242]. The NETCONF access control model [RFC6536] provides the means to restrict access for particular NETCONF users to a pre-configured subset of all available NETCONF protocol operations and content. The YANG module has writeable data nodes which can be used for creation of BFD sessions and modification of BFD session parameters. The system should "police" creation of BFD sessions to prevent new sessions from causing existing BFD sessions to fail. For BFD session modification, the BFD protocol has mechanisms in place which allow for in service modification.2.13.2.20. IANA Considerations The IANA is requested to as assign a new new namespace URI from the IETF XML registry. URI:TBD2.14.2.21. Acknowledgements We would also like to thank Nobo Akiya and Jeff Haas for their encouragement on this work. We would also like to thank Rakesh Gandhi and Tarek Saad for their help on the MPLS-TE model. 3. References 3.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <http://www.rfc-editor.org/info/rfc2119>. [RFC5586] Bocci, M., Ed., Vigoureux, M., Ed., and S. Bryant, Ed., "MPLS Generic Associated Channel", RFC 5586, DOI 10.17487/RFC5586, June 2009, <http://www.rfc-editor.org/info/rfc5586>. [RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection (BFD)", RFC 5880, DOI 10.17487/RFC5880, June 2010, <http://www.rfc-editor.org/info/rfc5880>. [RFC5881] Katz, D. and D. Ward, "Bidirectional Forwarding Detection (BFD) for IPv4 and IPv6 (Single Hop)", RFC 5881, DOI 10.17487/RFC5881, June 2010, <http://www.rfc-editor.org/info/rfc5881>. [RFC5882] Katz, D. and D. Ward, "Generic Application of Bidirectional Forwarding Detection (BFD)", RFC 5882, DOI 10.17487/RFC5882, June 2010, <http://www.rfc-editor.org/info/rfc5882>. [RFC5883] Katz, D. and D. Ward, "Bidirectional Forwarding Detection (BFD) for Multihop Paths", RFC 5883, DOI 10.17487/RFC5883, June 2010, <http://www.rfc-editor.org/info/rfc5883>. [RFC5884] Aggarwal, R., Kompella, K., Nadeau, T., and G. Swallow, "Bidirectional Forwarding Detection (BFD) for MPLS Label Switched Paths (LSPs)", RFC 5884, DOI 10.17487/RFC5884, June 2010, <http://www.rfc-editor.org/info/rfc5884>. [RFC5885] Nadeau, T., Ed. and C. Pignataro, Ed., "Bidirectional Forwarding Detection (BFD) for the Pseudowire Virtual Circuit Connectivity Verification (VCCV)", RFC 5885, DOI 10.17487/RFC5885, June 2010, <http://www.rfc-editor.org/info/rfc5885>. [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for the Network Configuration Protocol (NETCONF)", RFC 6020, DOI 10.17487/RFC6020, October 2010, <http://www.rfc-editor.org/info/rfc6020>. [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., and A. Bierman, Ed., "Network Configuration Protocol (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, <http://www.rfc-editor.org/info/rfc6241>. [RFC7130] Bhatia, M., Ed., Chen, M., Ed., Boutros, S., Ed., Binderberger, M., Ed., and J. Haas, Ed., "Bidirectional Forwarding Detection (BFD) on Link Aggregation Group (LAG) Interfaces", RFC 7130, DOI 10.17487/RFC7130, February 2014, <http://www.rfc-editor.org/info/rfc7130>. 3.2. Informative References [I-D.ietf-netconf-restconf] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF Protocol",draft-ietf-netconf-restconf-07draft-ietf-netconf-restconf-09 (work in progress),JulyDecember 2015. [I-D.ietf-netmod-routing-cfg] Lhotka, L. and A. Lindem, "A YANG Data Model for Routing Management",draft-ietf-netmod-routing-cfg-19draft-ietf-netmod-routing-cfg-20 (work in progress),MayOctober 2015. [I-D.ietf-rtgwg-yang-key-chain] Lindem, A., Qu, Y., Yeung, D., Chen, H., Zhang, J., and Y. Yang, "Key Chain YANG Data Model", draft-ietf-rtgwg-yang- key-chain-01 (work in progress), February 2016. [I-D.ietf-teas-yang-te] Saad, T., Gandhi, R., Liu, X., Beeram, V., Shah, H., Chen, X., Jones, R., and B. Wen, "A YANG Data Model for Traffic Engineering Tunnels and Interfaces", draft-ietf-teas-yang- te-02 (work in progress), October 2015. Appendix A. Change log RFC Editor: Remove this section upon publication as an RFC. A.1. Changes between versions-03-00 and-04 o Follow VRF-centric model-01 oIP single-hop sessionRemove BFD configuration parameters from BFD clients, all BFD configuration parameters in BFDclients A.2. Changes between versions -02 and -03oFixed date mismatch o Updated authors A.3. Changes between versions -01 and -02 o Fixed errors and warnings from "pyang --ietf" o Added appendix for "Change log" A.4. Changes between versions -00 and -01 In theYANG modulesection:split in multiple YANG modules (one per type of forwarding path) oAdded missing filenameFor BFD over MPLS-TE we augment MPLS-TE model oAdded missing CODE ENDSFor BFD authentication we now use key-chain in [I-D.ietf-rtgwg-yang-key-chain] Authors' Addresses Lianshu Zheng (editor) Huawei Technologies China Email: vero.zheng@huawei.com Reshad Rahman (editor) Cisco Systems Canada Email: rrahman@cisco.com Santosh PallagattiJuniper NetworksIndia Email:santoshpk@juniper.netsantosh.pallagatti@gmail.com Mahesh Jethanandani Cisco Systems Email: mjethanandani@gmail.com Greg Mirsky Ericsson Email: gregory.mirsky@ericsson.com