| < draft-ietf-isis-sr-yang-08.txt | draft-ietf-isis-sr-yang-09.txt > | |||
|---|---|---|---|---|
| IS-IS Working Group S. Litkowski | IS-IS Working Group S. Litkowski | |||
| Internet-Draft Cisco Systems | Internet-Draft Cisco Systems | |||
| Intended status: Standards Track Y. Qu | Intended status: Standards Track Y. Qu | |||
| Expires: January 13, 2021 Futurewei | Expires: July 15, 2021 Futurewei | |||
| P. Sarkar | P. Sarkar | |||
| Individual | Individual | |||
| I. Chen | I. Chen | |||
| The MITRE Corporation | The MITRE Corporation | |||
| J. Tantsura | J. Tantsura | |||
| Apstra | Apstra | |||
| July 12, 2020 | January 11, 2021 | |||
| YANG Data Model for IS-IS Segment Routing | YANG Data Model for IS-IS Segment Routing | |||
| draft-ietf-isis-sr-yang-08 | draft-ietf-isis-sr-yang-09 | |||
| Abstract | Abstract | |||
| This document defines a YANG data model that can be used to configure | This document defines a YANG data model that can be used to configure | |||
| and manage IS-IS Segment Routing. | and manage IS-IS Segment Routing. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| skipping to change at page 1, line 38 ¶ | skipping to change at page 1, line 38 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on January 13, 2021. | This Internet-Draft will expire on July 15, 2021. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2020 IETF Trust and the persons identified as the | Copyright (c) 2021 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| skipping to change at page 2, line 22 ¶ | skipping to change at page 2, line 22 ¶ | |||
| 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 3 | 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 3 | |||
| 3. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . . . 3 | 3. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 4. IS-IS Segment Routing . . . . . . . . . . . . . . . . . . . . 3 | 4. IS-IS Segment Routing . . . . . . . . . . . . . . . . . . . . 3 | |||
| 5. IS-IS Segment Routing configuration . . . . . . . . . . . . . 6 | 5. IS-IS Segment Routing configuration . . . . . . . . . . . . . 6 | |||
| 5.1. Segment Routing activation . . . . . . . . . . . . . . . 6 | 5.1. Segment Routing activation . . . . . . . . . . . . . . . 6 | |||
| 5.2. Advertising mapping server policy . . . . . . . . . . . . 6 | 5.2. Advertising mapping server policy . . . . . . . . . . . . 6 | |||
| 5.3. IP Fast reroute . . . . . . . . . . . . . . . . . . . . . 6 | 5.3. IP Fast reroute . . . . . . . . . . . . . . . . . . . . . 6 | |||
| 6. IS-IS Segment Routing YANG Module . . . . . . . . . . . . . . 6 | 6. IS-IS Segment Routing YANG Module . . . . . . . . . . . . . . 6 | |||
| 7. Security Considerations . . . . . . . . . . . . . . . . . . . 21 | 7. Security Considerations . . . . . . . . . . . . . . . . . . . 21 | |||
| 8. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 22 | 8. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 22 | |||
| 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 22 | 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 23 | |||
| 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 22 | 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 23 | |||
| 11. Change log for ietf-isis-sr YANG module . . . . . . . . . . . 22 | 11. Change log for ietf-isis-sr YANG module . . . . . . . . . . . 23 | |||
| 11.1. From version -03 to version -04 . . . . . . . . . . . . 22 | 11.1. From version -03 to version -04 . . . . . . . . . . . . 23 | |||
| 11.2. From version -02 to version -03 . . . . . . . . . . . . 22 | 11.2. From version -02 to version -03 . . . . . . . . . . . . 23 | |||
| 11.3. From isis-sr document version -01 to version -02 . . . . 23 | 11.3. From isis-sr document version -01 to version -02 . . . . 23 | |||
| 11.4. From isis-sr document version -00 to version -01 . . . . 23 | 11.4. From isis-sr document version -00 to version -01 . . . . 24 | |||
| 11.5. From isis document version -12 to isis-sr document | 11.5. From isis document version -12 to isis-sr document | |||
| version -00 . . . . . . . . . . . . . . . . . . . . . . 23 | version -00 . . . . . . . . . . . . . . . . . . . . . . 24 | |||
| 11.6. From isis document version -12 to version -13 . . . . . 23 | 11.6. From isis document version -12 to version -13 . . . . . 24 | |||
| 11.7. From isis document version -09 to version -11 . . . . . 23 | 11.7. From isis document version -09 to version -11 . . . . . 24 | |||
| 11.8. From isis document version -08 to version -09 . . . . . 23 | 11.8. From isis document version -08 to version -09 . . . . . 24 | |||
| 11.9. From isis document version -07 to version -08 . . . . . 23 | 11.9. From isis document version -07 to version -08 . . . . . 24 | |||
| 12. Normative References . . . . . . . . . . . . . . . . . . . . 23 | 12. Normative References . . . . . . . . . . . . . . . . . . . . 24 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 25 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 26 | |||
| 1. Overview | 1. Overview | |||
| YANG [RFC6020] [RFC7950] is a data definition language used to define | YANG [RFC6020] [RFC7950] is a data definition language used to define | |||
| the contents of a conceptual data store that allows networked devices | the contents of a conceptual data store that allows networked devices | |||
| to be managed using NETCONF [RFC6241]. YANG is proving relevant | to be managed using NETCONF [RFC6241]. YANG is proving relevant | |||
| beyond its initial confines, as bindings to other interfaces (e.g., | beyond its initial confines, as bindings to other interfaces (e.g., | |||
| ReST) and encodings other than XML (e.g., JSON) are being defined. | ReST) and encodings other than XML (e.g., JSON) are being defined. | |||
| Furthermore, YANG data models can be used as the basis for | Furthermore, YANG data models can be used as the basis for | |||
| implementation of other interfaces, such as CLI and programmatic | implementation of other interfaces, such as CLI and programmatic | |||
| skipping to change at page 6, line 48 ¶ | skipping to change at page 6, line 48 ¶ | |||
| 5.3. IP Fast reroute | 5.3. IP Fast reroute | |||
| IS-IS SR model augments the fast-reroute container under interface. | IS-IS SR model augments the fast-reroute container under interface. | |||
| It brings the ability to activate TI-LFA (topology independent LFA) | It brings the ability to activate TI-LFA (topology independent LFA) | |||
| and also enhances remote LFA to use segment-routing tunneling instead | and also enhances remote LFA to use segment-routing tunneling instead | |||
| of LDP. | of LDP. | |||
| 6. IS-IS Segment Routing YANG Module | 6. IS-IS Segment Routing YANG Module | |||
| <CODE BEGINS> file "ietf-isis-sr@2020-07-12.yang" | <CODE BEGINS> file "ietf-isis-sr@2021-01-11.yang" | |||
| module ietf-isis-sr { | module ietf-isis-sr { | |||
| yang-version 1.1; | yang-version 1.1; | |||
| namespace "urn:ietf:params:xml:ns:" | namespace "urn:ietf:params:xml:ns:" | |||
| + "yang:ietf-isis-sr"; | + "yang:ietf-isis-sr"; | |||
| prefix isis-sr; | prefix isis-sr; | |||
| import ietf-routing { | import ietf-routing { | |||
| prefix "rt"; | prefix "rt"; | |||
| reference "RFC 8349 - A YANG Data Model for Routing | reference "RFC 8349 - A YANG Data Model for Routing | |||
| Management (NMDA Version)"; | Management (NMDA Version)"; | |||
| skipping to change at page 8, line 13 ¶ | skipping to change at page 8, line 13 ¶ | |||
| "; | "; | |||
| description | description | |||
| "The YANG module defines a generic configuration model for | "The YANG module defines a generic configuration model for | |||
| Segment routing ISIS extensions common across all of the vendor | Segment routing ISIS extensions common across all of the vendor | |||
| implementations. | implementations. | |||
| This YANG model conforms to the Network Management | This YANG model conforms to the Network Management | |||
| Datastore Architecture (NMDA) as described in RFC 8242. | Datastore Architecture (NMDA) as described in RFC 8242. | |||
| Copyright (c) 2020 IETF Trust and the persons identified as | Copyright (c) 2021 IETF Trust and the persons identified as | |||
| authors of the code. All rights reserved. | authors of the code. All rights reserved. | |||
| Redistribution and use in source and binary forms, with or | Redistribution and use in source and binary forms, with or | |||
| without modification, is permitted pursuant to, and subject to | without modification, is permitted pursuant to, and subject to | |||
| the license terms contained in, the Simplified BSD License set | the license terms contained in, the Simplified BSD License set | |||
| forth in Section 4.c of the IETF Trust's Legal Provisions | forth in Section 4.c of the IETF Trust's Legal Provisions | |||
| Relating to IETF Documents | Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info). | (https://trustee.ietf.org/license-info). | |||
| This version of this YANG module is part of RFC XXXX | This version of this YANG module is part of RFC XXXX | |||
| skipping to change at page 8, line 38 ¶ | skipping to change at page 8, line 38 ¶ | |||
| NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', | NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', | |||
| 'MAY', and 'OPTIONAL' in this document are to be interpreted as | 'MAY', and 'OPTIONAL' in this document are to be interpreted as | |||
| described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, | described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, | |||
| they appear in all capitals, as shown here. | they appear in all capitals, as shown here. | |||
| This version of this YANG module is part of RFC XXXX; | This version of this YANG module is part of RFC XXXX; | |||
| see the RFC itself for full legal notices."; | see the RFC itself for full legal notices."; | |||
| reference "RFC XXXX"; | reference "RFC XXXX"; | |||
| revision 2020-07-12 { | revision 2021-01-11 { | |||
| description | description | |||
| "Initial revision."; | "Initial revision."; | |||
| reference "RFC XXXX"; | reference "RFC XXXX"; | |||
| } | } | |||
| /* Identities */ | /* Identities */ | |||
| identity sr-capability { | identity sr-capability { | |||
| description | description | |||
| "Base identity for ISIS SR-Capabilities sub-TLV flgs"; | "Base identity for ISIS SR-Capabilities sub-TLV flgs"; | |||
| } | } | |||
| skipping to change at page 17, line 29 ¶ | skipping to change at page 17, line 29 ¶ | |||
| "/isis:isis" { | "/isis:isis" { | |||
| when "/rt:routing/rt:control-plane-protocols/"+ | when "/rt:routing/rt:control-plane-protocols/"+ | |||
| "rt:control-plane-protocol/rt:type = 'isis:isis'" { | "rt:control-plane-protocol/rt:type = 'isis:isis'" { | |||
| description | description | |||
| "This augment ISIS routing protocol when used"; | "This augment ISIS routing protocol when used"; | |||
| } | } | |||
| description | description | |||
| "This augments ISIS protocol configuration | "This augments ISIS protocol configuration | |||
| with segment routing."; | with segment routing."; | |||
| uses sr-mpls:sr-controlplane; | uses sr-mpls:sr-control-plane; | |||
| container protocol-srgb { | container protocol-srgb { | |||
| if-feature sr-mpls:protocol-srgb; | if-feature sr-mpls:protocol-srgb; | |||
| uses sr-cmn:srgb; | uses sr-cmn:srgb; | |||
| description | description | |||
| "Per-protocol SRGB."; | "Per-protocol SRGB."; | |||
| } | } | |||
| } | } | |||
| augment "/rt:routing/" + | augment "/rt:routing/" + | |||
| "rt:control-plane-protocols/rt:control-plane-protocol"+ | "rt:control-plane-protocols/rt:control-plane-protocol"+ | |||
| skipping to change at page 21, line 47 ¶ | skipping to change at page 21, line 47 ¶ | |||
| uses segment-routing-binding-tlv; | uses segment-routing-binding-tlv; | |||
| } | } | |||
| /* Notifications */ | /* Notifications */ | |||
| } | } | |||
| <CODE ENDS> | <CODE ENDS> | |||
| 7. Security Considerations | 7. Security Considerations | |||
| Configuration and state data defined in this document are designed to | The YANG module specified in this document defines a schema for data | |||
| be accessed via the NETCONF protocol [RFC6241]. | that is designed to be accessed via network management protocols such | |||
| as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer | ||||
| is the secure transport layer, and the mandatory-to-implement secure | ||||
| transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer | ||||
| is HTTPS, and the mandatory-to-implement secure transport is TLS | ||||
| [RFC8446]. | ||||
| As IS-IS is an IGP protocol (critical piece of the network), ensuring | The NETCONF Access Control Model (NACM) [RFC8341] provides the means | |||
| stability and security of the protocol is mandatory for the network | to restrict access for particular NETCONF or RESTCONF users to a pre- | |||
| service. | configured subset of all available NETCONF or RESTCONF protocol | |||
| operations and content. | ||||
| Authors recommends to implement NETCONF access control model | There are a number of data nodes defined in this YANG module that are | |||
| ([RFC6536]) to restrict access to all or part of the configuration to | writable/creatable/deletable (i.e., config true, which is the | |||
| specific users. | default). These data nodes may be considered sensitive or vulnerable | |||
| in some network environments. Write operations (e.g., edit-config) | ||||
| to these data nodes without proper protection can have a negative | ||||
| effect on network operations. These are the subtrees and data nodes | ||||
| and their sensitivity/vulnerability: | ||||
| /isis:isis/segment-routing | ||||
| /isis:isis/protocol-srgb | ||||
| /isis:isis/isis:interfaces/isis:interface/segment-routing | ||||
| Some of the readable data nodes in the modules may be considered | ||||
| sensitive or vulnerable in some network environments. It is thus | ||||
| important to control read access (e.g., via get, get-config, or | ||||
| notification) to these data nodes. | ||||
| /isis:router-capabilities/sr-capability | ||||
| /isis:router-capabilities/sr-algorithms | ||||
| /isis:router-capabilities/local-blocks | ||||
| /isis:router-capabilities/srms-preference | ||||
| And the augmentations to the ISIS link state database. | ||||
| Unauthorized access to any data node of these subtrees can disclose | ||||
| the operational state information of IS-IS protocol on this device. | ||||
| 8. Contributors | 8. Contributors | |||
| Authors would like to thank Derek Yeung, Acee Lindem, Yi Yang for | Authors would like to thank Derek Yeung, Acee Lindem, Yi Yang for | |||
| their major contributions to the draft. | their major contributions to the draft. | |||
| 9. Acknowledgements | 9. Acknowledgements | |||
| MITRE has approved this document for Public Release, Distribution | MITRE has approved this document for Public Release, Distribution | |||
| Unlimited, with Public Release Case Number 19-3033. | Unlimited, with Public Release Case Number 19-3033. | |||
| skipping to change at page 24, line 29 ¶ | skipping to change at page 25, line 15 ¶ | |||
| [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for | [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for | |||
| the Network Configuration Protocol (NETCONF)", RFC 6020, | the Network Configuration Protocol (NETCONF)", RFC 6020, | |||
| DOI 10.17487/RFC6020, October 2010, | DOI 10.17487/RFC6020, October 2010, | |||
| <https://www.rfc-editor.org/info/rfc6020>. | <https://www.rfc-editor.org/info/rfc6020>. | |||
| [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., | [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., | |||
| and A. Bierman, Ed., "Network Configuration Protocol | and A. Bierman, Ed., "Network Configuration Protocol | |||
| (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, | (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, | |||
| <https://www.rfc-editor.org/info/rfc6241>. | <https://www.rfc-editor.org/info/rfc6241>. | |||
| [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure | ||||
| Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, | ||||
| <https://www.rfc-editor.org/info/rfc6242>. | ||||
| [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration | [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration | |||
| Protocol (NETCONF) Access Control Model", RFC 6536, | Protocol (NETCONF) Access Control Model", RFC 6536, | |||
| DOI 10.17487/RFC6536, March 2012, | DOI 10.17487/RFC6536, March 2012, | |||
| <https://www.rfc-editor.org/info/rfc6536>. | <https://www.rfc-editor.org/info/rfc6536>. | |||
| [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", | [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", | |||
| RFC 7950, DOI 10.17487/RFC7950, August 2016, | RFC 7950, DOI 10.17487/RFC7950, August 2016, | |||
| <https://www.rfc-editor.org/info/rfc7950>. | <https://www.rfc-editor.org/info/rfc7950>. | |||
| [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF | ||||
| Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, | ||||
| <https://www.rfc-editor.org/info/rfc8040>. | ||||
| [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | |||
| 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | |||
| May 2017, <https://www.rfc-editor.org/info/rfc8174>. | May 2017, <https://www.rfc-editor.org/info/rfc8174>. | |||
| [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", | [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", | |||
| BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, | BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, | |||
| <https://www.rfc-editor.org/info/rfc8340>. | <https://www.rfc-editor.org/info/rfc8340>. | |||
| [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration | ||||
| Access Control Model", STD 91, RFC 8341, | ||||
| DOI 10.17487/RFC8341, March 2018, | ||||
| <https://www.rfc-editor.org/info/rfc8341>. | ||||
| [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., | [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., | |||
| and R. Wilton, "Network Management Datastore Architecture | and R. Wilton, "Network Management Datastore Architecture | |||
| (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, | (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, | |||
| <https://www.rfc-editor.org/info/rfc8342>. | <https://www.rfc-editor.org/info/rfc8342>. | |||
| [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol | ||||
| Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, | ||||
| <https://www.rfc-editor.org/info/rfc8446>. | ||||
| [RFC8667] Previdi, S., Ed., Ginsberg, L., Ed., Filsfils, C., | [RFC8667] Previdi, S., Ed., Ginsberg, L., Ed., Filsfils, C., | |||
| Bashandy, A., Gredler, H., and B. Decraene, "IS-IS | Bashandy, A., Gredler, H., and B. Decraene, "IS-IS | |||
| Extensions for Segment Routing", RFC 8667, | Extensions for Segment Routing", RFC 8667, | |||
| DOI 10.17487/RFC8667, December 2019, | DOI 10.17487/RFC8667, December 2019, | |||
| <https://www.rfc-editor.org/info/rfc8667>. | <https://www.rfc-editor.org/info/rfc8667>. | |||
| Authors' Addresses | Authors' Addresses | |||
| Stephane Litkowski | Stephane Litkowski | |||
| Cisco Systems | Cisco Systems | |||
| End of changes. 19 change blocks. | ||||
| 30 lines changed or deleted | 81 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||