< draft-ietf-rtgwg-policy-model-29.txt   draft-ietf-rtgwg-policy-model-30.txt >
RTGWG Y. Qu RTGWG Y. Qu
Internet-Draft Futurewei Internet-Draft Futurewei
Intended status: Standards Track J. Tantsura Intended status: Standards Track J. Tantsura
Expires: December 20, 2021 Juniper Networks Expires: January 30, 2022 Juniper Networks
A. Lindem A. Lindem
Cisco Cisco
X. Liu X. Liu
Volta Networks Volta Networks
June 18, 2021 July 29, 2021
A YANG Data Model for Routing Policy A YANG Data Model for Routing Policy
draft-ietf-rtgwg-policy-model-29 draft-ietf-rtgwg-policy-model-30
Abstract Abstract
This document defines a YANG data model for configuring and managing This document defines a YANG data model for configuring and managing
routing policies in a vendor-neutral way. The model provides a routing policies in a vendor-neutral way. The model provides a
generic routing policy framework which can be extended for specific generic routing policy framework which can be extended for specific
routing protocols using the YANG 'augment' mechanism. routing protocols using the YANG 'augment' mechanism.
Status of This Memo Status of This Memo
skipping to change at page 1, line 38 skipping to change at page 1, line 38
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on December 20, 2021. This Internet-Draft will expire on January 30, 2022.
Copyright Notice Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 29 skipping to change at page 2, line 29
4.2. Policy conditions . . . . . . . . . . . . . . . . . . . . 7 4.2. Policy conditions . . . . . . . . . . . . . . . . . . . . 7
4.3. Policy actions . . . . . . . . . . . . . . . . . . . . . 8 4.3. Policy actions . . . . . . . . . . . . . . . . . . . . . 8
4.4. Policy subroutines . . . . . . . . . . . . . . . . . . . 9 4.4. Policy subroutines . . . . . . . . . . . . . . . . . . . 9
5. Policy evaluation . . . . . . . . . . . . . . . . . . . . . . 10 5. Policy evaluation . . . . . . . . . . . . . . . . . . . . . . 10
6. Applying routing policy . . . . . . . . . . . . . . . . . . . 10 6. Applying routing policy . . . . . . . . . . . . . . . . . . . 10
7. YANG Module and Tree . . . . . . . . . . . . . . . . . . . . 11 7. YANG Module and Tree . . . . . . . . . . . . . . . . . . . . 11
7.1. Routing Policy Model Tree . . . . . . . . . . . . . . . . 11 7.1. Routing Policy Model Tree . . . . . . . . . . . . . . . . 11
7.2. Routing policy model . . . . . . . . . . . . . . . . . . 12 7.2. Routing policy model . . . . . . . . . . . . . . . . . . 12
8. Security Considerations . . . . . . . . . . . . . . . . . . . 32 8. Security Considerations . . . . . . . . . . . . . . . . . . . 32
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 34 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 34
10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 35 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 34
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 35 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 34
11.1. Normative references . . . . . . . . . . . . . . . . . . 35 11.1. Normative references . . . . . . . . . . . . . . . . . . 34
11.2. Informative references . . . . . . . . . . . . . . . . . 37 11.2. Informative references . . . . . . . . . . . . . . . . . 36
Appendix A. Routing protocol-specific policies . . . . . . . . . 37 Appendix A. Routing protocol-specific policies . . . . . . . . . 36
Appendix B. Policy examples . . . . . . . . . . . . . . . . . . 40 Appendix B. Policy examples . . . . . . . . . . . . . . . . . . 39
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 42 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 41
1. Introduction 1. Introduction
This document describes a YANG [RFC7950] data model for routing This document describes a YANG [RFC7950] data model for routing
policy configuration based on operational usage and best practices in policy configuration based on operational usage and best practices in
a variety of service provider networks. The model is intended to be a variety of service provider networks. The model is intended to be
vendor-neutral, to allow operators to manage policy configuration in vendor-neutral, to allow operators to manage policy configuration in
a consistent way in environments with routers supplied by multiple a consistent way in environments with routers supplied by multiple
vendors. vendors.
skipping to change at page 5, line 13 skipping to change at page 5, line 13
[RFC8340]. [RFC8340].
2.2. Prefixes in Data Node Names 2.2. Prefixes in Data Node Names
In this document, names of data nodes, actions, and other data model In this document, names of data nodes, actions, and other data model
objects are often used without a prefix, as long as it is clear from objects are often used without a prefix, as long as it is clear from
the context in which YANG module each name is defined. Otherwise, the context in which YANG module each name is defined. Otherwise,
names are prefixed using the standard prefix associated with the names are prefixed using the standard prefix associated with the
corresponding YANG module, as shown in Table 1. corresponding YANG module, as shown in Table 1.
+---------+--------------------------------+----------------------+ +--------+-----------------+-----------+
| Prefix | YANG module | Reference | | Prefix | YANG module | Reference |
+---------+--------------------------------+----------------------+ +--------+-----------------+-----------+
| if | ietf-interfaces | [RFC8343] | | if | ietf-interfaces | [RFC8343] |
| | | | | | | |
| rt | ietf-routing | [RFC8349] | | rt | ietf-routing | [RFC8349] |
| | | | | | | |
| yang | ietf-yang-types | [RFC6991] | | yang | ietf-yang-types | [RFC6991] |
| | | | | | | |
| inet | ietf-inet-types | [RFC6991] | | inet | ietf-inet-types | [RFC6991] |
| | | | +--------+-----------------+-----------+
| if-ext | ietf-if-extensions | [INTF-EXT-YANG] |
| | | |
| if-flex | ietf-if-flexible-encapsulation | [SUB-INTF-VLAN-YANG] |
+---------+--------------------------------+----------------------+
Table 1: Prefixes and Corresponding YANG Modules Table 1: Prefixes and Corresponding YANG Modules
3. Model overview 3. Model overview
The routing policy module has three main parts: The routing policy module has three main parts:
o A generic framework is provided to express policies as sets of o A generic framework is provided to express policies as sets of
related conditions and actions. This includes match sets and related conditions and actions. This includes match sets and
actions that are useful across many routing protocols. actions that are useful across many routing protocols.
skipping to change at page 6, line 20 skipping to change at page 6, line 16
Policies are expressed as a sequence of top-level policy definitions Policies are expressed as a sequence of top-level policy definitions
each of which consists of a sequence of policy statements. Policy each of which consists of a sequence of policy statements. Policy
statements in turn consist of simple condition-action tuples. statements in turn consist of simple condition-action tuples.
Conditions may include multiple match or comparison operations, and Conditions may include multiple match or comparison operations, and
similarly, actions may effect multiple changes to route attributes, similarly, actions may effect multiple changes to route attributes,
or indicate a final disposition of accepting or rejecting the route. or indicate a final disposition of accepting or rejecting the route.
This structure is shown below. This structure is shown below.
+--rw routing-policy +--rw routing-policy
+--ro match-modified-attributes? boolean
+--rw policy-definitions +--rw policy-definitions
+--rw policy-definition* [name] +--rw policy-definition* [name]
+--rw name string +--rw name string
+--rw statements +--rw statements
+--rw statement* [name] +--rw statement* [name]
+--rw name string +--rw name string
+--rw conditions +--rw conditions
| ... | ...
+--rw actions +--rw actions
... ...
skipping to change at page 8, line 35 skipping to change at page 8, line 35
| | +--rw interface? | | +--rw interface?
| +--rw match-prefix-set | +--rw match-prefix-set
| | +--rw prefix-set? | | +--rw prefix-set?
| | +--rw match-set-options? | | +--rw match-set-options?
| +--rw match-neighbor-set | +--rw match-neighbor-set
| | +--rw neighbor-set? | | +--rw neighbor-set?
| +--rw match-tag-set | +--rw match-tag-set
| | +--rw tag-set? | | +--rw tag-set?
| | +--rw match-set-options? | | +--rw match-set-options?
| +--rw match-route-type* identityref | +--rw match-route-type* identityref
| +--rw route-type*
4.3. Policy actions 4.3. Policy actions
When policy conditions are satisfied, policy actions are used to set When policy conditions are satisfied, policy actions are used to set
various attributes of the route being processed, or to indicate the various attributes of the route being processed, or to indicate the
final disposition of the route, i.e., accept or reject. final disposition of the route, i.e., accept or reject.
Similar to policy conditions, the routing policy model includes Similar to policy conditions, the routing policy model includes
generic actions in addition to the basic route disposition actions. generic actions in addition to the basic route disposition actions.
These are shown below. These are shown below.
skipping to change at page 10, line 30 skipping to change at page 10, line 30
of policy definitions (as described in Section 4). of policy definitions (as described in Section 4).
If the conditions are not satisfied, then evaluation proceeds to the If the conditions are not satisfied, then evaluation proceeds to the
next policy statement. If none of the policy statement conditions next policy statement. If none of the policy statement conditions
are satisfied, then evaluation of the current policy definition are satisfied, then evaluation of the current policy definition
stops, and the next policy definition in the chain is evaluated. stops, and the next policy definition in the chain is evaluated.
When the end of the policy chain is reached, the default route When the end of the policy chain is reached, the default route
disposition action is performed (i.e., reject-route unless an disposition action is performed (i.e., reject-route unless an
alternate default action is specified for the chain). alternate default action is specified for the chain).
Note that the route's pre-policy attributes are always used for Whether or not the route's pre-policy attributes are used for testing
testing policy statement conditions. In other words, if actions policy statement conditions is dependent on the implementation
modify the policy application-specific attributes, those specific value of the match-modified-attributes leaf. If match-
modifications are not used for policy statement conditions. modified-attributes is false and actions modify route attributes,
these modifications are not used for policy statement conditions.
Conversely, if match-modified-attributes is true and actions modify
the policy application-specific attributes, the attributes as
modified by the policy are used for policy condition statements.
6. Applying routing policy 6. Applying routing policy
Routing policy is applied by defining and attaching policy chains in Routing policy is applied by defining and attaching policy chains in
various routing contexts. Policy chains are sequences of policy various routing contexts. Policy chains are sequences of policy
definitions (described in Section 4). They can be referenced from definitions (described in Section 4). They can be referenced from
different contexts. For example, a policy chain could be associated different contexts. For example, a policy chain could be associated
with a routing protocol and used to control its interaction with its with a routing protocol and used to control its interaction with its
protocol peers. Or it could be used to control the interaction protocol peers. Or it could be used to control the interaction
between a routing protocol and the local routing information base. A between a routing protocol and the local routing information base. A
skipping to change at page 11, line 42 skipping to change at page 11, line 48
| | +--rw mask-length-upper uint8 | | +--rw mask-length-upper uint8
| +--rw neighbor-sets | +--rw neighbor-sets
| | +--rw neighbor-set* [name] | | +--rw neighbor-set* [name]
| | +--rw name string | | +--rw name string
| | +--rw address* inet:ip-address | | +--rw address* inet:ip-address
| +--rw tag-sets | +--rw tag-sets
| +--rw tag-set* [name] | +--rw tag-set* [name]
| +--rw name string | +--rw name string
| +--rw tag-value* tag-type | +--rw tag-value* tag-type
+--rw policy-definitions +--rw policy-definitions
+--ro match-modified-attributes? boolean
+--rw policy-definition* [name] +--rw policy-definition* [name]
+--rw name string +--rw name string
+--rw statements +--rw statements
+--rw statement* [name] +--rw statement* [name]
+--rw name string +--rw name string
+--rw conditions +--rw conditions
| +--rw call-policy? -> ../../../../../.. | +--rw call-policy? -> ../../../../../..
| /policy-definitions | /policy-definitions
| /policy-definition/name | /policy-definition/name
| +--rw source-protocol? identityref | +--rw source-protocol? identityref
skipping to change at page 12, line 40 skipping to change at page 12, line 47
+--rw set-route-preference? uint16 +--rw set-route-preference? uint16
+--rw set-tag? tag-type +--rw set-tag? tag-type
+--rw set-application-tag? tag-type +--rw set-application-tag? tag-type
7.2. Routing policy model 7.2. Routing policy model
The following RFCs are not referenced in the document text but are The following RFCs are not referenced in the document text but are
referenced in the ietf-routing-policy.yang module: [RFC2328], referenced in the ietf-routing-policy.yang module: [RFC2328],
[RFC3101], [RFC5130], [RFC5302], [RFC6991], and [RFC8343]. [RFC3101], [RFC5130], [RFC5302], [RFC6991], and [RFC8343].
<CODE BEGINS> file "ietf-routing-policy@2021-06-18.yang" <CODE BEGINS> file "ietf-routing-policy@2021-07-28.yang"
module ietf-routing-policy { module ietf-routing-policy {
yang-version "1.1"; yang-version "1.1";
namespace "urn:ietf:params:xml:ns:yang:ietf-routing-policy"; namespace "urn:ietf:params:xml:ns:yang:ietf-routing-policy";
prefix rt-pol; prefix rt-pol;
import ietf-inet-types { import ietf-inet-types {
prefix "inet"; prefix "inet";
reference "RFC 6991: Common YANG Data Types"; reference
"RFC 6991: Common YANG Data Types";
} }
import ietf-yang-types { import ietf-yang-types {
prefix "yang"; prefix "yang";
reference "RFC 6991: Common YANG Data Types"; reference
"RFC 6991: Common YANG Data Types";
} }
import ietf-interfaces { import ietf-interfaces {
prefix "if"; prefix "if";
reference "RFC 8343: A YANG Data Model for Interface reference
Management (NMDA Version)"; "RFC 8343: A YANG Data Model for Interface
Management (NMDA Version)";
} }
import ietf-routing { import ietf-routing {
prefix "rt"; prefix "rt";
reference "RFC 8349: A YANG Data Model for Routing reference
"RFC 8349: A YANG Data Model for Routing
Management (NMDA Version)"; Management (NMDA Version)";
} }
organization organization
"IETF RTGWG - Routing Area Working Group"; "IETF RTGWG - Routing Area Working Group";
contact contact
"WG Web: <https://datatracker.ietf.org/wg/rtgwg/> "WG Web: <https://datatracker.ietf.org/wg/rtgwg/>
WG List: <mailto: rtgwg@ietf.org> WG List: <mailto: rtgwg@ietf.org>
Editor: Yingzhen Qu Editor: Yingzhen Qu
skipping to change at page 14, line 23 skipping to change at page 14, line 35
see the RFC itself for full legal notices. see the RFC itself for full legal notices.
The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT
RECOMMENDED', 'MAY', and 'OPTIONAL' in this document are to be RECOMMENDED', 'MAY', and 'OPTIONAL' in this document are to be
interpreted as described in BCP 14 (RFC 2119) (RFC 8174) when, interpreted as described in BCP 14 (RFC 2119) (RFC 8174) when,
and only when, they appear in all capitals, as shown here."; and only when, they appear in all capitals, as shown here.";
reference "RFC XXXX: A YANG Data Model for Routing Policy."; reference "RFC XXXX: A YANG Data Model for Routing Policy.";
revision "2021-06-18" { revision "2021-07-28" {
description description
"Initial revision."; "Initial revision.";
reference reference
"RFC XXXX: A YANG Data Model for Routing Policy Management."; "RFC XXXX: A YANG Data Model for Routing Policy Management.";
} }
/* Identities */ /* Identities */
identity metric-type { identity metric-type {
description description
"Base identity for route metric types."; "Base identity for route metric types.";
} }
identity ospf-type-1-metric { identity ospf-type-1-metric {
base metric-type; base metric-type;
description description
"Identity for the OSPF type 1 external metric types. It "Identity for the OSPF type 1 external metric types. It
is only applicable to OSPF routes."; is only applicable to OSPF routes.";
reference reference
"RFC 2328 - OSPF Version 2"; "RFC 2328: OSPF Version 2";
} }
identity ospf-type-2-metric { identity ospf-type-2-metric {
base metric-type; base metric-type;
description description
"Identity for the OSPF type 2 external metric types. It "Identity for the OSPF type 2 external metric types. It
is only applicable to OSPF routes."; is only applicable to OSPF routes.";
reference reference
"RFC 2328 - OSPF Version 2"; "RFC 2328: OSPF Version 2";
} }
identity isis-internal-metric { identity isis-internal-metric {
base metric-type; base metric-type;
description description
"Identity for the IS-IS internal metric types. It is only "Identity for the IS-IS internal metric types. It is only
applicable to IS-IS routes."; applicable to IS-IS routes.";
reference reference
"RFC 5302 - Domain-Wide Prefix Distribution with "RFC 5302: Domain-Wide Prefix Distribution with
Two-Level IS-IS"; Two-Level IS-IS";
} }
identity isis-external-metric { identity isis-external-metric {
base metric-type; base metric-type;
description description
"Identity for the IS-IS external metric types. It is only "Identity for the IS-IS external metric types. It is only
applicable to IS-IS routes."; applicable to IS-IS routes.";
reference reference
"RFC 5302 - Domain-Wide Prefix Distribution with "RFC 5302: Domain-Wide Prefix Distribution with
Two-Level IS-IS"; Two-Level IS-IS";
} }
identity route-level { identity route-level {
description description
"Base identity for route import level."; "Base identity for route import level.";
} }
identity ospf-normal { identity ospf-normal {
base route-level; base route-level;
description description
"Identity for OSPF importation into normal areas "Identity for OSPF importation into normal areas
It is only applicable to routes imported It is only applicable to routes imported
into the OSPF protocol."; into the OSPF protocol.";
reference reference
"RFC 2328 - OSPF Version 2"; "RFC 2328: OSPF Version 2";
} }
identity ospf-nssa-only { identity ospf-nssa-only {
base route-level; base route-level;
description description
"Identity for the OSPF Not-So-Stubby Area (NSSA) area "Identity for the OSPF Not-So-Stubby Area (NSSA) area
importation. It is only applicable to routes imported importation. It is only applicable to routes imported
into the OSPF protocol."; into the OSPF protocol.";
reference reference
"RFC 3101: The OSPF Not-So-Stubby Area (NSSA) Option"; "RFC 3101: The OSPF Not-So-Stubby Area (NSSA) Option";
skipping to change at page 16, line 19 skipping to change at page 16, line 33
reference reference
"RFC 3101: The OSPF Not-So-Stubby Area (NSSA) Option"; "RFC 3101: The OSPF Not-So-Stubby Area (NSSA) Option";
} }
identity isis-level-1 { identity isis-level-1 {
base route-level; base route-level;
description description
"Identity for IS-IS Level 1 area importation. It is only "Identity for IS-IS Level 1 area importation. It is only
applicable to routes imported into the IS-IS protocol."; applicable to routes imported into the IS-IS protocol.";
reference reference
"RFC 5302 - Domain-Wide Prefix Distribution with "RFC 5302: Domain-Wide Prefix Distribution with
Two-Level IS-IS"; Two-Level IS-IS";
} }
identity isis-level-2 { identity isis-level-2 {
base route-level; base route-level;
description description
"Identity for IS-IS Level 2 area importation. It is only "Identity for IS-IS Level 2 area importation. It is only
applicable to routes imported into the IS-IS protocol."; applicable to routes imported into the IS-IS protocol.";
reference reference
"RFC 5302 - Domain-Wide Prefix Distribution with "RFC 5302: Domain-Wide Prefix Distribution with
Two-Level IS-IS"; Two-Level IS-IS";
} }
identity isis-level-1-2 { identity isis-level-1-2 {
base route-level; base route-level;
description description
"Identity for IS-IS Level 1 and Level 2 area importation. It "Identity for IS-IS Level 1 and Level 2 area importation. It
is only applicable to routes imported into the IS-IS is only applicable to routes imported into the IS-IS
protocol."; protocol.";
reference reference
"RFC 5302 - Domain-Wide Prefix Distribution with "RFC 5302: Domain-Wide Prefix Distribution with
Two-Level IS-IS"; Two-Level IS-IS";
} }
identity proto-route-type { identity proto-route-type {
description description
"Base identity for route type within a protocol."; "Base identity for route type within a protocol.";
} }
identity isis-level-1-type { identity isis-level-1-type {
base proto-route-type; base proto-route-type;
description description
"Identity for IS-IS Level 1 route type. It is only "Identity for IS-IS Level 1 route type. It is only
applicable to IS-IS routes."; applicable to IS-IS routes.";
reference reference
"RFC 5302 - Domain-Wide Prefix Distribution with "RFC 5302: Domain-Wide Prefix Distribution with
Two-Level IS-IS"; Two-Level IS-IS";
} }
identity isis-level-2-type { identity isis-level-2-type {
base proto-route-type; base proto-route-type;
description description
"Identity for IS-IS Level 2 route type. It is only "Identity for IS-IS Level 2 route type. It is only
applicable to IS-IS routes."; applicable to IS-IS routes.";
reference reference
"RFC 5302 - Domain-Wide Prefix Distribution with "RFC 5302: Domain-Wide Prefix Distribution with
Two-Level IS-IS"; Two-Level IS-IS";
} }
identity ospf-internal-type { identity ospf-internal-type {
base proto-route-type; base proto-route-type;
description description
"Identity for OSPF intra-area or inter-area route type. "Identity for OSPF intra-area or inter-area route type.
It is only applicable to OSPF routes."; It is only applicable to OSPF routes.";
reference reference
"RFC 2328 - OSPF Version 2"; "RFC 2328: OSPF Version 2";
} }
identity ospf-external-type { identity ospf-external-type {
base proto-route-type; base proto-route-type;
description description
"Identity for OSPF external type 1/2 route type. "Identity for OSPF external type 1/2 route type.
It is only applicable to OSPF routes."; It is only applicable to OSPF routes.";
reference reference
"RFC 2328 - OSPF Version 2"; "RFC 2328: OSPF Version 2";
} }
identity ospf-external-t1-type { identity ospf-external-t1-type {
base ospf-external-type; base ospf-external-type;
description description
"Identity for OSPF external type 1 route type. "Identity for OSPF external type 1 route type.
It is only applicable to OSPF routes."; It is only applicable to OSPF routes.";
reference reference
"RFC 2328 - OSPF Version 2"; "RFC 2328: OSPF Version 2";
} }
identity ospf-external-t2-type { identity ospf-external-t2-type {
base ospf-external-type; base ospf-external-type;
description description
"Identity for OSPF external type 2 route type. "Identity for OSPF external type 2 route type.
It is only applicable to OSPF routes."; It is only applicable to OSPF routes.";
reference reference
"RFC 2328 - OSPF Version 2"; "RFC 2328: OSPF Version 2";
} }
identity ospf-nssa-type { identity ospf-nssa-type {
base proto-route-type; base proto-route-type;
description description
"Identity for OSPF NSSA type 1/2 route type. "Identity for OSPF NSSA type 1/2 route type.
It is only applicable to OSPF routes."; It is only applicable to OSPF routes.";
reference reference
"RFC 3101: The OSPF Not-So-Stubby Area (NSSA) Option"; "RFC 3101: The OSPF Not-So-Stubby Area (NSSA) Option";
} }
skipping to change at page 19, line 40 skipping to change at page 20, line 4
"Policy accepts the route."; "Policy accepts the route.";
} }
enum reject-route { enum reject-route {
description description
"Policy rejects the route."; "Policy rejects the route.";
} }
} }
description description
"Type used to specify route disposition in "Type used to specify route disposition in
a policy chain."; a policy chain.";
} }
typedef tag-type { typedef tag-type {
type union { type union {
type uint32; type uint32;
type yang:hex-string; type yang:hex-string;
} }
description description
"Type for expressing route tags on a local system, "Type for expressing route tags on a local system,
including IS-IS and OSPF; may be expressed as either decimal including IS-IS and OSPF; may be expressed as either decimal
or hexadecimal integer."; or hexadecimal integer.";
reference reference
"RFC 2328 - OSPF Version 2 "RFC 2328: OSPF Version 2
RFC 5130 - A Policy Control Mechanism in IS-IS Using RFC 5130: A Policy Control Mechanism in IS-IS Using
Administrative Tags"; Administrative Tags";
} }
typedef match-set-options-type { typedef match-set-options-type {
type enumeration { type enumeration {
enum any { enum any {
description description
"Match is true if given value matches any member "Match is true if given value matches any member
of the defined set."; of the defined set.";
} }
enum all { enum all {
skipping to change at page 23, line 10 skipping to change at page 23, line 23
} }
} }
description description
"Optional parameter that governs the behavior of the "Optional parameter that governs the behavior of the
match operation. This leaf only supports matching on match operation. This leaf only supports matching on
'any' member of the set or 'invert' the match. 'any' member of the set or 'invert' the match.
Matching on 'all' is not supported."; Matching on 'all' is not supported.";
} }
} }
grouping match-interface-condition { grouping apply-policy-group {
description description
"This grouping provides interface match condition."; "Top level container for routing policy applications. This
grouping is intended to be used in routing models where
needed.";
container match-interface { container apply-policy {
leaf interface {
type leafref {
path "/if:interfaces/if:interface/if:name";
}
description
"Reference to a base interface.";
}
description description
"Container for interface match conditions"; "Anchor point for routing policies in the model.
} Import and export policies are with respect to the local
} routing table, i.e., export (send) and import (receive),
depending on the context.";
grouping match-route-type-condition {
description
"This grouping provides route-type match condition";
leaf-list match-route-type {
type identityref {
base proto-route-type;
}
description
"Condition to check the protocol-specific type
of route. This is normally used during route
importation to select routes or to set protocol
specific attributes based on the route type.";
}
}
grouping prefix-set-condition {
description
"This grouping provides prefix-set conditions.";
container match-prefix-set { leaf-list import-policy {
leaf prefix-set {
type leafref { type leafref {
path "../../../../../../../defined-sets/" + path "/rt-pol:routing-policy/rt-pol:policy-definitions/" +
"prefix-sets/prefix-set/name"; "rt-pol:policy-definition/rt-pol:name";
require-instance true;
} }
ordered-by user;
description description
"References a defined prefix set."; "List of policy names in sequence to be applied on
receiving redistributed routes from another routing protocol
or receiving a routing update in the current context, e.g.,
for the current peer group, neighbor, address family, etc.";
} }
uses match-set-options-restricted-group;
description leaf default-import-policy {
"Match a referenced prefix-set according to the logic type default-policy-type;
defined in the match-set-options leaf."; default reject-route;
}
}
grouping neighbor-set-condition {
description
"This grouping provides neighbor-set conditions.";
container match-neighbor-set {
leaf neighbor-set {
type leafref {
path "../../../../../../../defined-sets/neighbor-sets/" +
"neighbor-set/name";
require-instance true;
}
description description
"References a defined neighbor set."; "Explicitly set a default policy if no policy definition
in the import policy chain is satisfied.";
} }
description leaf-list export-policy {
"Match a referenced neighbor set according to the logic
defined in the match-set-options-leaf.";
}
}
grouping tag-set-condition {
description
"This grouping provides tag-set conditions.";
container match-tag-set {
leaf tag-set {
type leafref { type leafref {
path "../../../../../../../defined-sets/tag-sets" + path "/rt-pol:routing-policy/rt-pol:policy-definitions/" +
"/tag-set/name"; "rt-pol:policy-definition/rt-pol:name";
require-instance true; require-instance true;
} }
ordered-by user;
description description
"References a defined tag set."; "List of policy names in sequence to be applied on
redistributing routes from one routing protocol to another
or sending a routing update in the current context, e.g.,
for the current peer group, neighbor, address family, etc.";
} }
uses match-set-options-group;
description
"Match a referenced tag set according to the logic defined
in the match-options-set leaf.";
}
}
grouping apply-policy-import { leaf default-export-policy {
description type default-policy-type;
"Grouping for applying import policies."; default reject-route;
description
leaf-list import-policy { "Explicitly set a default policy if no policy definition
type leafref { in the export policy chain is satisfied.";
path "/rt-pol:routing-policy/rt-pol:policy-definitions/" +
"rt-pol:policy-definition/rt-pol:name";
require-instance true;
} }
ordered-by user;
description
"List of policy names in sequence to be applied on
receiving redistributed routes from another routing protocol
or receiving a routing update in the current context, e.g.,
for the current peer group, neighbor, address family,
etc.";
}
leaf default-import-policy {
type default-policy-type;
default reject-route;
description
"Explicitly set a default policy if no policy definition
in the import policy chain is satisfied.";
}
}
grouping apply-policy-export {
description
"Grouping for applying export policies.";
leaf-list export-policy {
type leafref {
path "/rt-pol:routing-policy/rt-pol:policy-definitions/" +
"rt-pol:policy-definition/rt-pol:name";
require-instance true;
}
ordered-by user;
description
"List of policy names in sequence to be applied on
redistributing routes from one routing protocol to another
or sending a routing update in the current context, e.g.,
for the current peer group, neighbor, address family,
etc.";
}
leaf default-export-policy {
type default-policy-type;
default reject-route;
description
"Explicitly set a default policy if no policy definition
in the export policy chain is satisfied.";
}
}
grouping apply-policy-group {
description
"Top level container for routing policy applications. This
grouping is intended to be used in routing models where
needed.";
container apply-policy {
description
"Anchor point for routing policies in the model.
Import and export policies are with respect to the local
routing table, i.e., export (send) and import (receive),
depending on the context.";
uses apply-policy-import;
uses apply-policy-export;
} }
} }
container routing-policy { container routing-policy {
description description
"Top-level container for all routing policy."; "Top-level container for all routing policy.";
container defined-sets { container defined-sets {
description description
"Predefined sets of attributes used in policy match "Predefined sets of attributes used in policy match
skipping to change at page 27, line 28 skipping to change at page 25, line 25
description description
"Prefix set contains IPv4 prefixes only."; "Prefix set contains IPv4 prefixes only.";
} }
enum ipv6 { enum ipv6 {
description description
"Prefix set contains IPv6 prefixes only."; "Prefix set contains IPv6 prefixes only.";
} }
} }
description description
"Indicates the mode of the prefix set, in terms of "Indicates the mode of the prefix set, in terms of
which address families (IPv4, IPv6, or both) are which address families (IPv4 or IPv6) are present.
present. The mode provides a hint, all prefixes MUST The mode provides a hint, all prefixes MUST be of
be of the indicated type. The device MUST validate the indicated type. The device MUST validate that
that all prefixes and reject the configuration if all prefixes and reject the configuration if there
there is a discrepancy."; is a discrepancy.";
} }
container prefixes { container prefixes {
description description
"Container for the list of prefixes in a policy "Container for the list of prefixes in a policy
prefix list. Since individual prefixes do not have prefix list. Since individual prefixes do not have
unique actions, the order in which the prefix in unique actions, the order in which the prefix in
prefix-list are matched has no impact on the outcome prefix-list are matched has no impact on the outcome
and is left to the implementation. A given prefix-set and is left to the implementation. A given prefix-set
condition is satisfied if the input prefix matches condition is satisfied if the input prefix matches
skipping to change at page 29, line 8 skipping to change at page 27, line 4
"Name of the tag set -- this is used as a label to "Name of the tag set -- this is used as a label to
reference the set in match conditions."; reference the set in match conditions.";
} }
leaf-list tag-value { leaf-list tag-value {
type tag-type; type tag-type;
description description
"Value of the tag set member."; "Value of the tag set member.";
} }
} }
} }
} }
container policy-definitions { container policy-definitions {
description description
"Enclosing container for the list of top-level policy "Enclosing container for the list of top-level policy
definitions."; definitions.";
leaf match-modified-attributes {
type boolean;
config false;
description
"This boolean value dictates whether matches are performed
on the actual route attributes or route attributes
modified by policy statements preceding the match.";
}
list policy-definition { list policy-definition {
key "name"; key "name";
description description
"List of top-level policy definitions, keyed by unique "List of top-level policy definitions, keyed by unique
name. These policy definitions are expected to be name. These policy definitions are expected to be
referenced (by name) in policy chains specified in referenced (by name) in policy chains specified in
import or export configuration statements."; import or export configuration statements.";
leaf name { leaf name {
type string; type string;
skipping to change at page 29, line 41 skipping to change at page 27, line 47
container statements { container statements {
description description
"Enclosing container for policy statements."; "Enclosing container for policy statements.";
list statement { list statement {
key "name"; key "name";
ordered-by user; ordered-by user;
description description
"Policy statements group conditions and actions "Policy statements group conditions and actions
within a policy definition. They are evaluated in within a policy definition. They are evaluated in
the order specified (see the description of policy the order specified.";
evaluation at the top of this module.";
leaf name { leaf name {
type string; type string;
description description
"Name of the policy statement."; "Name of the policy statement.";
} }
container conditions { container conditions {
description description
"Condition statements for the current policy "Condition statements for the current policy
statement."; statement.";
leaf call-policy { leaf call-policy {
type leafref { type leafref {
path "../../../../../../" + path "../../../../../../" +
skipping to change at page 30, line 37 skipping to change at page 28, line 42
leaf source-protocol { leaf source-protocol {
type identityref { type identityref {
base rt:control-plane-protocol; base rt:control-plane-protocol;
} }
description description
"Condition to check the protocol / method used to "Condition to check the protocol / method used to
install the route into the local routing table."; install the route into the local routing table.";
} }
uses match-interface-condition; container match-interface {
uses prefix-set-condition; leaf interface {
uses neighbor-set-condition; type leafref {
uses tag-set-condition; path "/if:interfaces/if:interface/if:name";
uses match-route-type-condition; }
description
"Reference to a base interface.";
}
description
"Container for interface match conditions";
}
container match-prefix-set {
leaf prefix-set {
type leafref {
path "../../../../../../../defined-sets/" +
"prefix-sets/prefix-set/name";
}
description
"References a defined prefix set.";
}
uses match-set-options-restricted-group;
description
"Match a referenced prefix-set according to the
logic defined in the match-set-options leaf.";
}
container match-neighbor-set {
leaf neighbor-set {
type leafref {
path "../../../../../../../defined-sets/" +
"neighbor-sets/neighbor-set/name";
require-instance true;
}
description
"References a defined neighbor set.";
}
description
"Match a referenced neighbor set.";
}
container match-tag-set {
leaf tag-set {
type leafref {
path "../../../../../../../defined-sets/" +
"tag-sets/tag-set/name";
require-instance true;
}
description
"References a defined tag set.";
}
uses match-set-options-group;
description
"Match a referenced tag set according to the logic
defined in the match-set-options leaf.";
}
container match-route-type {
description
"This container provides route-type match condition";
leaf-list route-type {
type identityref {
base proto-route-type;
}
description
"Condition to check the protocol-specific type
of route. This is normally used during route
importation to select routes or to set protocol
specific attributes based on the route type.";
}
}
} }
container actions { container actions {
description description
"Top-level container for policy action "Top-level container for policy action
statements."; statements.";
leaf policy-result { leaf policy-result {
type policy-result-type; type policy-result-type;
default reject-route; default reject-route;
description description
skipping to change at page 33, line 7 skipping to change at page 32, line 32
operations and content. operations and content.
There are a number of data nodes defined in this YANG module that are There are a number of data nodes defined in this YANG module that are
writable/creatable/deletable (i.e., config true, which is the writable/creatable/deletable (i.e., config true, which is the
default). These data nodes may be considered sensitive or vulnerable default). These data nodes may be considered sensitive or vulnerable
in some network environments. Write operations (e.g., edit-config) in some network environments. Write operations (e.g., edit-config)
to these data nodes without proper protection can have a negative to these data nodes without proper protection can have a negative
effect on network operations. These are the subtrees and data nodes effect on network operations. These are the subtrees and data nodes
and their sensitivity/vulnerability: and their sensitivity/vulnerability:
/routing-policy
/routing-policy/defined-sets/prefix-sets -- Modification to /routing-policy/defined-sets/prefix-sets -- Modification to
prefix-sets could result in a Denial-of-Service (DoS) attack. An prefix-sets could result in a Denial-of-Service (DoS) attack. An
attacker may try to modify prefix-sets and redirect or drop attacker may try to modify prefix-sets and redirect or drop
traffic. Redirection of traffic could be used as part of a more traffic. Redirection of traffic could be used as part of a more
elaborate attack to either collect sensitive information or elaborate attack to either collect sensitive information or
masquerade a service. Additionally, a control-plane DoS attack masquerade a service. Additionally, a control-plane DoS attack
could be accomplished by allowing a large number of routes to be could be accomplished by allowing a large number of routes to be
leaked into a routing protocol domian (e.g., BGP). leaked into a routing protocol domain (e.g., BGP).
/routing-policy/defined-sets/neighbor-sets -- Modification to the /routing-policy/defined-sets/neighbor-sets -- Modification to the
neighbor-sets could be used to mount a DoS attack or more neighbor-sets could be used to mount a DoS attack or more
elaborate attack as with prefix-sets. For example, a DoS attack elaborate attack as with prefix-sets. For example, a DoS attack
could be mounted by changing the neighbor-set from which routes could be mounted by changing the neighbor-set from which routes
are accepted. are accepted.
/routing-policy/defined-sets/tag-sets -- Modification to the tag- /routing-policy/defined-sets/tag-sets -- Modification to the tag-
sets could be used to mount a DoS attack. Routes with certain sets could be used to mount a DoS attack. Routes with certain
tags might be redirected or dropped. The implications are similar tags might be redirected or dropped. The implications are similar
to prefix-sets and neighbor-sets. However, the attack may be more to prefix-sets and neighbor-sets. However, the attack may be more
difficult to detect as the routing policy usage of route tags and difficult to detect as the routing policy usage of route tags and
intent must be understood to recognize the breach. Conversely, intent must be understood to recognize the breach. Conversely,
the implications of prefix-set or neighbor set modification are the implications of prefix-set or neighbor set modification are
easier to recognize. easier to recognize.
/routing-policy/policy-definitions
/routing-policy/policy-definitions/policy-definition /routing-policy/policy-definitions/policy-definition
/statements/statement/conditions -- Modification to the conditions /statements/statement/conditions -- Modification to the conditions
could be used to mount a DoS attack or other attack. An attacker could be used to mount a DoS attack or other attack. An attacker
may change a policy condition and redirect or drop traffic. As may change a policy condition and redirect or drop traffic. As
with prefix-sets, neighbor-sets, or tag-sets, traffic redirection with prefix-sets, neighbor-sets, or tag-sets, traffic redirection
could be used as part of a more elaborate attack. could be used as part of a more elaborate attack.
/routing-policy/policy-definitions/policy-definition /routing-policy/policy-definitions/policy-definition
/statements/statement/actions -- Modification to actions could be /statements/statement/actions -- Modification to actions could be
used to mount a DoS attack or other attack. Traffic may be used to mount a DoS attack or other attack. Traffic may be
skipping to change at page 34, line 10 skipping to change at page 33, line 31
to mount a second-level attack that is more difficult to detect. to mount a second-level attack that is more difficult to detect.
Some of the readable data nodes in the YANG module may be considered Some of the readable data nodes in the YANG module may be considered
sensitive or vulnerable in some network environments. It is thus sensitive or vulnerable in some network environments. It is thus
important to control read access (e.g., via get, get-config, or important to control read access (e.g., via get, get-config, or
notification) to these data nodes. These are the subtrees and data notification) to these data nodes. These are the subtrees and data
nodes and their sensitivity/vulnerability: nodes and their sensitivity/vulnerability:
/routing-policy/defined-sets/prefix-sets -- Knowledge of these /routing-policy/defined-sets/prefix-sets -- Knowledge of these
data nodes can be used to ascertain which local prefixes are data nodes can be used to ascertain which local prefixes are
suspectable to a Denial-of-Service (DoS) attack. susceptible to a Denial-of-Service (DoS) attack.
/routing-policy/defined-sets/prefix-sets -- Knowledge of these /routing-policy/defined-sets/prefix-sets -- Knowledge of these
data nodes can be used to ascertain local neighbors against whom data nodes can be used to ascertain local neighbors against whom
to mount a Denial-of-Service (DoS) attack. to mount a Denial-of-Service (DoS) attack.
/routing-policy/policy-definitions/policy-definition /statements/ /routing-policy/policy-definitions/policy-definition /statements/
-- Knowledge of these data nodes can be used to attack the local -- Knowledge of these data nodes can be used to attack the local
router with a Denial-of-Service (DoS) attack. Additionally, router with a Denial-of-Service (DoS) attack. Additionally,
policies and their attendant conditions and actions should be policies and their attendant conditions and actions should be
considered proprietary and disclosure could be used to ascertain considered proprietary and disclosure could be used to ascertain
partners, customers, and supplies. Furthermore, the policies partners, customers, and supplies. Furthermore, the policies
themselves could represent intellectual property and disclosure themselves could represent intellectual property and disclosure
could diminish their corresponding business advantage. could diminish their corresponding business advantage.
Routing policy configuration has a significant impact on network Routing policy configuration has a significant impact on network
operations, and, as such, any related model carries potential operations, and, as such, other YANG models that reference routing
security risks. Unauthorized access or invalid data could cause policies are also susceptible to vulnerabilities relating the YANG
major disruption. data nodes specified above.
9. IANA Considerations 9. IANA Considerations
This document registers a URI in the IETF XML registry [RFC3688]. This document registers a URI in the IETF XML registry [RFC3688].
Following the format in [RFC3688], the following registration is Following the format in [RFC3688], the following registration is
requested to be made: requested to be made:
URI: urn:ietf:params:xml:ns:yang:ietf-routing-policy URI: urn:ietf:params:xml:ns:yang:ietf-routing-policy
Registrant Contact: The IESG. Registrant Contact: The IESG.
XML: N/A, the requested URI is an XML namespace. XML: N/A, the requested URI is an XML namespace.
skipping to change at page 35, line 25 skipping to change at page 34, line 43
Steve Padgett, Juergen Schoenwaelder, Jim Uttaro, Russ White, and Steve Padgett, Juergen Schoenwaelder, Jim Uttaro, Russ White, and
John Heasley. John Heasley.
Thanks to Mahesh Jethanandani, John Scudder, Chris Bower and Tom Thanks to Mahesh Jethanandani, John Scudder, Chris Bower and Tom
Petch for their reviews and comments. Petch for their reviews and comments.
11. References 11. References
11.1. Normative references 11.1. Normative references
[INTF-EXT-YANG]
Wilton, R., Ball, D., tapsingh@cisco.com, t., and S.
Sivaraj,, "Common Interface Extension YANG Data Models",
2019, <https://datatracker.ietf.org/doc/draft-ietf-netmod-
intf-ext-yang/>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC2328] Moy, J., "OSPF Version 2", STD 54, RFC 2328, [RFC2328] Moy, J., "OSPF Version 2", STD 54, RFC 2328,
DOI 10.17487/RFC2328, April 1998, DOI 10.17487/RFC2328, April 1998,
<https://www.rfc-editor.org/info/rfc2328>. <https://www.rfc-editor.org/info/rfc2328>.
[RFC3101] Murphy, P., "The OSPF Not-So-Stubby Area (NSSA) Option", [RFC3101] Murphy, P., "The OSPF Not-So-Stubby Area (NSSA) Option",
skipping to change at page 37, line 23 skipping to change at page 36, line 36
[RFC8349] Lhotka, L., Lindem, A., and Y. Qu, "A YANG Data Model for [RFC8349] Lhotka, L., Lindem, A., and Y. Qu, "A YANG Data Model for
Routing Management (NMDA Version)", RFC 8349, Routing Management (NMDA Version)", RFC 8349,
DOI 10.17487/RFC8349, March 2018, DOI 10.17487/RFC8349, March 2018,
<https://www.rfc-editor.org/info/rfc8349>. <https://www.rfc-editor.org/info/rfc8349>.
[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
<https://www.rfc-editor.org/info/rfc8446>. <https://www.rfc-editor.org/info/rfc8446>.
[SUB-INTF-VLAN-YANG]
Wilton, R., Ball, D., tapsingh@cisco.com, t., and S.
Sivaraj, "Sub-interface VLAN YANG Data Model", 2019,
<https://datatracker.ietf.org/doc/draft-ietf-netmod-sub-
intf-vlan-model/>.
11.2. Informative references 11.2. Informative references
[I-D.ietf-idr-bgp-model] [I-D.ietf-idr-bgp-model]
Jethanandani, M., Patel, K., Hares, S., and J. Haas, "BGP Jethanandani, M., Patel, K., Hares, S., and J. Haas, "BGP
YANG Model for Service Provider Networks", draft-ietf-idr- YANG Model for Service Provider Networks", draft-ietf-idr-
bgp-model-10 (work in progress), November 2020. bgp-model-11 (work in progress), July 2021.
Appendix A. Routing protocol-specific policies Appendix A. Routing protocol-specific policies
Routing models that require the ability to apply routing policy may Routing models that require the ability to apply routing policy may
augment the routing policy model with protocol or other specific augment the routing policy model with protocol or other specific
policy configuration. The routing policy model assumes that policy configuration. The routing policy model assumes that
additional defined sets, conditions, and actions may all be added by additional defined sets, conditions, and actions may all be added by
other models. other models.
The example below provides an illustration of how another data model The example below provides an illustration of how another data model
skipping to change at page 38, line 42 skipping to change at page 37, line 48
| | +--rw bp:member* union | | +--rw bp:member* union
| +--rw bp:ext-community-sets | +--rw bp:ext-community-sets
| | +--rw bp:ext-community-set* [name] | | +--rw bp:ext-community-set* [name]
| | +--rw bp:name string | | +--rw bp:name string
| | +--rw bp:member* union | | +--rw bp:member* union
| +--rw bp:as-path-sets | +--rw bp:as-path-sets
| +--rw bp:as-path-set* [name] | +--rw bp:as-path-set* [name]
| +--rw bp:name string | +--rw bp:name string
| +--rw bp:member* string | +--rw bp:member* string
+--rw policy-definitions +--rw policy-definitions
+--ro match-modified-attributes? boolean
+--rw policy-definition* [name] +--rw policy-definition* [name]
+--rw name string +--rw name string
+--rw statements +--rw statements
+--rw statement* [name] +--rw statement* [name]
+--rw name string +--rw name string
+--rw conditions +--rw conditions
| +--rw call-policy? | +--rw call-policy?
| +--rw source-protocol? identityref | +--rw source-protocol? identityref
| +--rw match-interface | +--rw match-interface
| | +--rw interface? | | +--rw interface?
 End of changes. 71 change blocks. 
244 lines changed or deleted 200 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/