idnits 2.17.1 draft-barguil-opsawg-l2sm-l2nm-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 5 instances of too long lines in the document, the longest one being 46 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 485 has weird spacing: '...-target rt-...' == Line 510 has weird spacing: '...roup-id str...' == Line 513 has weird spacing: '...nt-type ide...' == Line 518 has weird spacing: '...roup-id str...' == Line 550 has weird spacing: '...peer-ip ine...' == (4 more instances...) -- The document date (May 26, 2020) is 1423 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) No issues found here. Summary: 1 error (**), 0 flaws (~~), 7 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Internet Engineering Task Force S. Barguil, Ed. 3 Internet-Draft O. Gonzalez de Dios, Ed. 4 Intended status: Standards Track Telefonica 5 Expires: November 27, 2020 M. Boucadair 6 Orange 7 L. Munoz 8 Vodafone 9 L. Jalil 10 Verizon 11 J. Ma 12 China Unicom 13 May 26, 2020 15 A Layer 2 VPN Network YANG Model 16 draft-barguil-opsawg-l2sm-l2nm-02 18 Abstract 20 This document defines a YANG Data model (called, L2NM) that can be 21 used to manage the provisioning of Layer 2 VPN services within a 22 Service Provider Network. This YANG module provides representation 23 of the Layer 2 VPN Service from a network standpoint. The module is 24 meant to be used by a Network Controller to derive the configuration 25 information that will be sent to relevant network devices. 27 The L2NM YANG Data model complements the Layer 2 Service Model 28 (RFC8466) by providing a network-centric view of the service that is 29 internal to a Service Provider. 31 Status of This Memo 33 This Internet-Draft is submitted in full conformance with the 34 provisions of BCP 78 and BCP 79. 36 Internet-Drafts are working documents of the Internet Engineering 37 Task Force (IETF). Note that other groups may also distribute 38 working documents as Internet-Drafts. The list of current Internet- 39 Drafts is at https://datatracker.ietf.org/drafts/current/. 41 Internet-Drafts are draft documents valid for a maximum of six months 42 and may be updated, replaced, or obsoleted by other documents at any 43 time. It is inappropriate to use Internet-Drafts as reference 44 material or to cite them other than as "work in progress." 46 This Internet-Draft will expire on November 27, 2020. 48 Copyright Notice 50 Copyright (c) 2020 IETF Trust and the persons identified as the 51 document authors. All rights reserved. 53 This document is subject to BCP 78 and the IETF Trust's Legal 54 Provisions Relating to IETF Documents 55 (https://trustee.ietf.org/license-info) in effect on the date of 56 publication of this document. Please review these documents 57 carefully, as they describe your rights and restrictions with respect 58 to this document. Code Components extracted from this document must 59 include Simplified BSD License text as described in Section 4.e of 60 the Trust Legal Provisions and are provided without warranty as 61 described in the Simplified BSD License. 63 Table of Contents 65 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 66 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 67 1.2. Requirements Language . . . . . . . . . . . . . . . . . . 4 68 2. Reference architecture . . . . . . . . . . . . . . . . . . . 4 69 3. Description of the L2NM YANG Module . . . . . . . . . . . . . 7 70 3.1. Structure of the Module . . . . . . . . . . . . . . . . . 7 71 3.2. L2 VPN Service . . . . . . . . . . . . . . . . . . . . . 7 72 3.2.1. L2 VPN Service Types . . . . . . . . . . . . . . . . 8 73 3.2.2. Underlying Transport Selection . . . . . . . . . . . 9 74 3.2.3. Other relevant Network Parameters . . . . . . . . . . 9 75 3.3. L2NM Module Tree . . . . . . . . . . . . . . . . . . . . 10 76 4. Relation with other YANG Models . . . . . . . . . . . . . . . 18 77 4.1. Relation with L2SM . . . . . . . . . . . . . . . . . . . 18 78 4.2. Relation with Network Topology . . . . . . . . . . . . . 18 79 4.3. Relation with Device Models . . . . . . . . . . . . . . . 18 80 5. YANG Module . . . . . . . . . . . . . . . . . . . . . . . . . 19 81 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 89 82 7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 89 83 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 89 84 9. Security Considerations . . . . . . . . . . . . . . . . . . . 90 85 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 91 86 10.1. Normative References . . . . . . . . . . . . . . . . . . 91 87 10.2. Informative References . . . . . . . . . . . . . . . . . 92 88 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 92 90 1. Introduction 92 [RFC8466] defines a L2VPN Service Model (L2SM) YANG data model that 93 can be used for L2VPN service ordering matters between customers and 94 Service Providers (SPs). This document complements the L2SM model by 95 creating a network-centric view of the service which can be exposed 96 by a Network to a Service Controller within the Service Provider 97 Network. In particular, the model can be used in the communication 98 between the entity that interacts directly with the customer, the 99 service orchestrator, (either fully automated or a human operator) 100 and the entity in charge of network orchestration and control 101 (a.k.a., network controller/orchestrator). 103 The data model defined in this document is called the L2VPN Network 104 Model (L2NM), playing the role of Service Delivery Model (Figure 3 of 105 [RFC8466]. The module supports additional capabilities, such as 106 exposing operational parameters, transport protocols selection and 107 precedence. It also serves as a multi-domain orchestration 108 interface, because this model can transport resources (i.e., VCID) 109 between domains. The data model keeps minimum customer-related 110 information. 112 The YANG module reuses containers and groupings from L2SM [RFC8466] 113 for the cases that the requirements from L2SM can be translated 114 directly to L2NM. 116 1.1. Terminology 118 This document assumes that the reader is familiar with the contents 119 of [RFC6241], [RFC7950], [RFC8466], [RFC8309], and [RFC8453] and uses 120 terminology from those documents. The meaning of the symbols in YANG 121 tree diagrams is [RFC8340]. 123 This document makes use of the following terms: 125 o L2 VPN Customer Service Model (L2SM): Describes the service 126 characterization (requirements) of a L2 VPN that interconnects a 127 set of sites from the perspective of the customer. The customer 128 service model does not provide details on the Service Provider 129 Network. The L2 VPN Customer Service model is defined in 130 [RFC8466]. 132 o L2 VPN Service Network Model (L2NM): Refers to the YANG module 133 that describes a L2 VPN Service with a network-centric view. It 134 contains information of the Service Provider network and might 135 include allocated resources. It can be used by network 136 controllers to manage the Layer 2 VPN Service configuration in the 137 Service Provider network. The YANG module can be consumed by a 138 Service Orchestrator to request a VPN Service to a Network 139 controller or to expose the list of active L2VPN services. 141 o Service Orchestrator: Refers to a functional entity that interacts 142 with the customer of a L2 VPN relying upon, e.g. L2SM. The 143 Service Orchestrator is responsible of the CE-PE attachment 144 circuits, the PE selection, and requesting the activation of the 145 L2 VPN service to a network controller. 147 o Network Controller: Denotes a functional entity responsible for 148 the management of the service provider network. 150 o VPN node (vpn-node): Is an abstraction that represents a set of 151 policies applied on a PE and that belong to a single VPN service 152 (vpn-service). A VPN service involves one or more VPN nodes. The 153 VPN node will identify the Service Provider node on which the VPN 154 is deployed. 156 o VPN network access (vpn-network-access): Is an abstraction that 157 represents the network interfaces that are associated to a given 158 VPN node. Traffic coming from the VPN network access belongs to 159 the VPN. The attachment circuits (bearers) between CEs and PEs 160 are terminated in the VPN network access. 162 o VPN Service Provider (SP): Is a Service Provider that offers VPN- 163 related services. 165 o Service Provider Network (SP Network): Is a network able to 166 provide VPN-related services. 168 1.2. Requirements Language 170 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 171 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 172 "OPTIONAL" in this document are to be interpreted as described in BCP 173 14 [RFC2119] [RFC8174] when, and only when, they appear in all 174 capitals, as shown here. 176 2. Reference architecture 178 Figure 1 illustrates how L2NM is used. As a reminder, this figure is 179 an expansion of the architecture presented in Section 3 of [RFC8466] 180 and decomposes the box marked "orchestration" in that figure into 181 three separate functional components called "Service Orchestration", 182 "Network Orchestration", and "Domain Orchestration". 184 The reader may refer to [RFC8309] for the distinction between the 185 "Customer Service Model", the "Service Delivery Model", the "Network 186 Configuration Model", and the "Device Configuration Model". The 187 "Domain Orchestration" and "Config Manager" roles may be performed by 188 "SDN Controllers". 190 +---------------+ 191 | Customer | 192 +---------------+ 193 Customer Service Model | 194 l2vpn-svc | 195 +---------------+ 196 | Service | 197 | Orchestration | 198 +---------------+ 199 Service Delivery Model | 200 L2NM | 201 (l2vpn-ntw) | 202 +---------------+ 203 | Network | 204 | Orchestration | 205 +---------------+ 206 Network Configuration Model | 207 __________|____________ 208 | | 209 +---------------+ +---------------+ 210 | Domain | | Domain | 211 | Orchestration | | Orchestration | 212 +---------------+ +---------------+ 213 Device | | | 214 Configuration | | | 215 Model | | | 216 +---------+ | | 217 | Config | | | 218 | Manager | | | 219 +---------+ | | 220 | | | 221 | NETCONF/CLI.................. 222 | | | 223 +------------------------------------------------+ 224 Network 226 +++++++ 227 + AAA + 228 +++++++ 230 ++++++++ Bearer ++++++++ ++++++++ ++++++++ 231 + CE A + ----------- + PE A + + PE B + ---- + CE B + 232 ++++++++ Connection ++++++++ ++++++++ ++++++++ 234 Site A Site B 236 Figure 1: L2SM and L2NM Interaction 238 Figure 2 shows how L2SM and L2NM may be used in the context of the 239 ACTN architecture [RFC8453]. Figure 2 shows the Customer Network 240 Controller (CNC), the Multi-Domain Service Coordinator (MDSC), and 241 the Provisioning Network Controller (PNC). It shows the interfaces 242 between these functional units: the CNC-MDSC Interface (CMI), the 243 MDSC-PNC Interface (MPI), and the Southbound Interface (SBI). 245 ---------------------------------- 246 | Customer | 247 | ----------------------------- | 248 | | CNC | | 249 | ----------------------------- | 250 ----:-----------------------:----- 251 : : 252 : L2SM : L2SM 253 : : 254 ---------:--------- ------------------- 255 | MDSC : | | MDSC | 256 | --------------- | | (parent) | 257 | | Service | | ------------------- 258 | | Orchestration | | : 259 | --------------- | : L2NM 260 | : | : 261 | : L2NM | ------------------- 262 | : | | MDSC | 263 | --------------- | | (child) | 264 | | Network | | ------------------- 265 | | Orchestration | | : 266 | --------------- | : 267 ---------:--------- : 268 : : 269 : Network Configuration : 270 : : 271 ------------:------- ---------:------------ 272 | Domain : | | : Domain | 273 | Controller : | | : Controller | 274 | --------- | | --------- | 275 | | PNC | | | | PNC | | 276 | --------- | | --------- | 277 ------------:------- ---------:------------ 278 : : 279 : Device Configuration : 280 : : 281 -------- -------- 282 | Device | | Device | 283 -------- -------- 285 Figure 2: L2SM and L2NM in the Context of ACTN 287 3. Description of the L2NM YANG Module 289 The L2NM module ('ietf-l2vpn-ntw') is meant to manage L2 VPNs within 290 a service provider network. In particular, the 'ietf-l2vpn-ntw' 291 module can be used to create, modify, and retrieve L2VPN Services in 292 a Network Controller. The module is not aimed at maintaining 293 customer-related information. 295 Editor's note: Next version of the document will include the full 296 description of the parameters. When the parameters match with L2SM, 297 the exact reference will be done 299 3.1. Structure of the Module 301 The 'ietf-l2vpn-ntw' module uses two main containers: 'vpn-services' 302 and 'vpn-profiles'. The 'vpn-services' container maintains a set of 303 L2 VPN Services managed in the service provider network. The module 304 allows to create a new l2 VPN service by adding a new instance of 305 'vpn-service'. The 'vpn-service' is the data structure that 306 abstracts the VPN Service. 308 module: ietf-l2vpn-ntw 309 +--rw l2vpn-ntw 310 +--rw vpn-profiles 311 | ....... 312 +--rw vpn-services 313 +--rw vpn-service* [vpn-id] 314 ........ 316 Figure 3: Simplified L2NM Tree Structure 318 3.2. L2 VPN Service 320 The 'vpn-service' is the data structure that abstracts a L2 VPN 321 Service within the SP Network. Every 'vpn-service' has a unique 322 identifier: vpn-id. Such vpn-id is only meaningful locally within 323 the Network controller. In order to facilitate the recognition of 324 the service, a 'customer-name' and a 'description' may be included. 325 The topology of the VPN service is expressed in the 'vpn-service- 326 topology' leaf. 328 A VPN Service is built by adding instances of 'vpn-node' to the 'vpn- 329 nodes' container. The 'vpn-node' is an abstraction that represents a 330 set of policies applied to a network node and that belong to a single 331 'vpn-service'. A 'vpn-node' contains 'vpn-network-accesses', which 332 are the interfaces involved in the creation of the VPN. The customer 333 sites are connected to the 'vpn_network_accesses'. Note that, as 334 this is a network data model, the information about customers site is 335 not needed. Such information, is only relevant in the L2SM model. 337 +--rw vpn-services 338 +--rw vpn-service* [vpn-id] 339 +--rw vpn-id svc-id 340 +--rw vpn-svc-type? identityref 341 +--rw customer-name? string 342 +--rw svc-topo? identityref 343 +-rw service-status 344 | +-rw admin 345 | | +-rw status? operational-type 346 | | +-rw timestamp? yang:date-and-time 347 | +-ro ops 348 | +-ro status? operational-type 349 | +-ro timestamp? yang:date-and-time 350 | ... 351 +--rw multicast-like {multicast-like}? 352 | ... 353 +--rw extranet-vpns {extranet-vpn}? 354 | ... 355 | +--rw local-sites-role? identityref 356 +--rw svc-mtu? uint32 357 +--rw ce-vlan-preservation? boolean 358 +--rw ce-vlan-cos-perservation? boolean 359 +--rw transport-encapsulation 360 +--rw protocol? protocols-type 361 +--rw vpn-nodes 363 Figure 4 365 3.2.1. L2 VPN Service Types 367 The L2 VPN Service types directly matches with the L2VPN Service 368 types defined in Section 5.1.3 of [RFC8466]: 370 o Point-to-point VPWSs. 372 o Point-to-point or point-to-multipoint VPWSs [RFC8214]. 374 o Multipoint VPLSs. 376 o Multipoint VPLSs connecting one or more root sites and a set of 377 leaf sites but preventing inter-leaf-site communication. 379 o EVPN services [RFC7432]. 381 o EVPN VPWSs between two customer sites or a set of customer sites 382 as specified in [RFC8214]. 384 3.2.2. Underlying Transport Selection 386 The model enables network operators to select the type of transport 387 protocol underlay. Also, in scenarios with multiple domains and NNI 388 types, the selection of the transport protocol underlay is required. 389 The Service Provider Network might have several underlay 390 possibilities available. If no underlay transport protocol is 391 specified, the Network Controller will take care of the transport 392 decision. The following options are supported in the "underlay- 393 transport" container: 395 LDP: MPLS with LDP (martini encapsulation). 397 GRE: A mesh of GRE tunnels is established between vpn-nodes. 399 BGP: BGP tunnels (kompella encapsulation) are preferred to route 400 traffic between VPN nodes. 402 TE: TE tunnels (either RSVP-TE or SR) are prefered. The mapping 403 details will be specified in draft-ietf-te-service-mapping. 405 SR: Non-TE SR is preferred to route traffic. 407 3.2.3. Other relevant Network Parameters 409 This draft is focus in the development of the network centric set of 410 parameters to provision L2VPNs. Thus, the covered scenarios include 411 the augmentation of Virtual Circuit Identifier synchronization in a 412 multidomain environment, precedence management (i.e., Primary and 413 backup coordination), Split Horizon group management. The parameters 414 are described by the container associated: 416 The set of augmentations done in the VPN service are: 418 Status: Request and modify the service status 420 The set of augmentations done in the Site Network Access are: 422 Site Bearer: Reference the NEs and Ports were each site Network 423 access belongs. This may help to preserve the local and farends 424 from the Network controller site. 426 Precedence: When two L2VPNs are created at the same time, the 427 primary secondary option is enabled according to the tunnel role 428 on the network. 430 Lag Interface Support. 432 Split Horizon group: Split-horizon group name is extended as part 433 of the Site Network Access container. 435 Status: Request and modify the interface status. 437 3.3. L2NM Module Tree 439 The tree structure of the YANG module proposed by this document is 440 shown below: 442 module: ietf-l2vpn-ntw 443 +--rw l2vpn-ntw 444 +--rw vpn-profiles 445 | +--rw valid-provider-identifiers 446 | +--rw cloud-identifier* string {cloud-access}? 447 | +--rw qos-profile-identifier* string 448 | +--rw bfd-profile-identifier* string 449 | +--rw remote-carrier-identifier* string 450 +--rw vpn-services 451 +--rw vpn-service* [vpn-id] 452 +--rw vpn-id svc-id 453 +--rw vpn-service-type? identityref 454 +--rw customer-name? string 455 +--rw svc-topo? identityref 456 +--rw status? operational-type 457 +--rw timestamp? yang:date-and-time 458 +--rw multicast-like {multicast-like}? 459 | +--rw enabled? boolean 460 | +--rw customer-tree-flavors 461 | | +--rw tree-flavor* identityref 462 | +--rw bum-frame-delivery-modes 463 | | +--rw bum-frame-delivery* [traffic-type] 464 | | +--rw traffic-type identityref 465 | | +--rw delivery-mode? identityref 466 | +--rw multicast-gp-port-mapping? identityref 467 +--rw extranet-vpns {extranet-vpn}? 468 | +--rw extranet-vpn* [vpn-id] 469 | +--rw vpn-id svc-id 470 | +--rw local-sites-role? identityref 471 +--rw svc-mtu? uint32 472 +--rw ce-vlan-preservation? boolean 473 +--rw ce-vlan-cos-perservation? boolean 474 +--rw underlay-transport 475 | +--rw type* protocol-type 476 +--rw vpn-nodes 477 +--rw vpn-node* [vpn-node-id ne-id] 478 +--rw vpn-node-id string 479 +--rw description? string 480 +--rw node-role? identityref 481 +--rw ne-id string 482 +--rw vpn-target* [id] 483 | +--rw id int8 484 | +--rw route-targets* [route-target] 485 | | +--rw route-target rt-types:route-target 486 | +--rw route-target-type 487 | rt-types:route-target-type 488 +--rw vpn-policies 489 | +--rw import-policy? leafref 490 | +--rw export-policy? leafref 491 +--rw vpn-network-accesses 492 +--rw vpn-network-access* [network-access-id] 493 +--rw network-access-id 494 | string 495 +--rw description? 496 | string 497 +--rw remote-carrier-name? 498 | string 499 +--rw Interface-mtu? 500 | uint32 501 +--rw status? 502 | operational-type 503 +--rw timestamp? 504 | yang:date-and-time 505 +--rw access-diversity {site-diversity}? 506 | +--rw groups 507 | | +--rw fate-sharing-group-size? uint16 508 | | +--rw group-color? string 509 | | +--rw group* [group-id] 510 | | +--rw group-id string 511 | +--rw constraints 512 | +--rw constraint* [constraint-type] 513 | +--rw constraint-type identityref 514 | +--rw target 515 | +--rw (target-flavor)? 516 | +--:(id) 517 | | +--rw group* [group-id] 518 | | +--rw group-id string 519 | +--:(all-accesses) 520 | | +--rw all-other-accesses? 521 | | empty 522 | +--:(all-groups) 523 | +--rw all-other-groups? 524 | empty 525 +--rw connection 526 | +--rw encapsulation-type? identityref 527 | +--rw eth-inf-type* identityref 528 | +--rw dot1q-interface 529 | | +--rw l2-access-type? identityref 530 | | +--rw dot1q {dot1q}? 531 | | | +--rw physical-inf? string 532 | | | +--rw c-vlan-id? uint32 533 | | +--rw sub-inf {sub-inf}? 534 | | | +--rw interface-description? 535 | | | | string 536 | | | +--rw sub-if-id? 537 | | | uint32 538 | | +--rw qinq {qinq}? 539 | | | +--rw s-vlan-id? uint32 540 | | | +--rw c-vlan-id? uint32 541 | | +--rw qinany {qinany}? 542 | | | +--rw s-vlan-id? uint32 543 | | +--rw atm {atm}? 544 | | | +--rw vpi? uint32 545 | | | +--rw vci? uint32 546 | | +--rw vxlan {vxlan}? 547 | | +--rw vni-id? uint32 548 | | +--rw peer-mode? identityref 549 | | +--rw peer-list* [peer-ip] 550 | | +--rw peer-ip inet:ip-address 551 | +--rw phy-interface 552 | | +--rw port-number? uint32 553 | | +--rw port-speed? uint32 554 | | +--rw mode? neg-mode 555 | | +--rw phy-mtu? uint32 556 | | +--rw flow-control? string 557 | | +--rw physical-if? string 558 | | +--rw circuit-id? string 559 | | +--rw lldp? boolean 560 | | +--rw oam-802.3ah-link {oam-3ah}? 561 | | | +--rw enable? boolean 562 | | +--rw uni-loop-prevention? boolean 563 | +--rw lag-interface {lag-interface}? 564 | | +--rw lag-interface* 565 | | [lag-interface-number] 566 | | +--rw lag-interface-number uint32 567 | | +--rw lacp 568 | | +--rw lacp-state? boolean 569 | | +--rw lacp-mode? boolean 570 | | +--rw lacp-speed? boolean 571 | | +--rw mini-link? uint32 572 | | +--rw system-priority? uint16 573 | | +--rw micro-bfd {micro-bfd}? 574 | | | +--rw micro-bfd-on-off? 575 | | | | enumeration 576 | | | +--rw bfd-interval? 577 | | | | uint32 578 | | | +--rw bfd-hold-timer? 579 | | | uint32 580 | | +--rw bfd {bfd}? 581 | | | +--rw bfd-enabled? 582 | | | | boolean 583 | | | +--rw (holdtime)? 584 | | | +--:(profile) 585 | | | | +--rw profile-name? 586 | | | | string 587 | | | +--:(fixed) 588 | | | +--rw fixed-value? 589 | | | uint32 590 | | +--rw member-link-list 591 | | | +--rw member-link* [name] 592 | | | +--rw name 593 | | | | string 594 | | | +--rw port-speed? 595 | | | | uint32 596 | | | +--rw mode? 597 | | | | neg-mode 598 | | | +--rw link-mtu? 599 | | | | uint32 600 | | | +--rw oam-802.3ah-link 601 | | | {oam-3ah}? 602 | | | +--rw enable? boolean 603 | | +--rw flow-control? string 604 | | +--rw lldp? boolean 605 | +--rw cvlan-id-to-svc-map* [svc-id] 606 | | +--rw svc-id leafref 607 | | +--rw cvlan-id* [vid] 608 | | +--rw vid uint32 609 | +--rw split-horizon 610 | | +--rw group-name? string 611 | +--rw l2cp-control {L2CP-control}? 612 | +--rw stp-rstp-mstp? control-mode 613 | +--rw pause? control-mode 614 | +--rw lacp-lamp? control-mode 615 | +--rw link-oam? control-mode 616 | +--rw esmc? control-mode 617 | +--rw l2cp-802.1x? control-mode 618 | +--rw e-lmi? control-mode 619 | +--rw lldp? boolean 620 | +--rw ptp-peer-delay? control-mode 621 | +--rw garp-mrp? control-mode 622 +--rw availability 623 | +--rw access-priority? uint32 624 | +--rw (redundancy-mode)? 625 | +--:(single-active) 626 | | +--rw single-active? boolean 627 | +--:(all-active) 628 | +--rw all-active? boolean 629 +--rw service 630 | +--rw svc-input-bandwidth {input-bw}? 631 | | +--rw input-bandwidth* [type] 632 | | +--rw type identityref 633 | | +--rw cos-id? uint8 634 | | +--rw vpn-id? svc-id 635 | | +--rw cir? uint64 636 | | +--rw cbs? uint64 637 | | +--rw eir? uint64 638 | | +--rw ebs? uint64 639 | | +--rw pir? uint64 640 | | +--rw pbs? uint64 641 | +--rw svc-output-bandwidth {output-bw}? 642 | | +--rw output-bandwidth* [type] 643 | | +--rw type identityref 644 | | +--rw cos-id? uint8 645 | | +--rw vpn-id? svc-id 646 | | +--rw cir? uint64 647 | | +--rw cbs? uint64 648 | | +--rw eir? uint64 649 | | +--rw ebs? uint64 650 | | +--rw pir? uint64 651 | | +--rw pbs? uint64 652 | +--rw qos {qos}? 653 | +--rw classification-policy 654 | | +--rw rule* [id] 655 | | +--rw id 656 | | | string 657 | | +--rw (match-type)? 658 | | | +--:(match-flow) 659 | | | | +--rw match-flow 660 | | | | +--rw dscp? 661 | | | | | inet:dscp 662 | | | | +--rw dot1q? 663 | | | | | uint16 664 | | | | +--rw pcp? 665 | | | | | uint8 666 | | | | +--rw src-mac? 667 | | | | | yang:mac-address 668 | | | | +--rw dst-mac? 669 | | | | | yang:mac-address 670 | | | | +--rw color-type? 671 | | | | | identityref 672 | | | | +--rw target-sites* 673 | | | | | svc-id 674 | | | | | {target-sites}? 675 | | | | +--rw any? 676 | | | | | empty 677 | | | | +--rw vpn-id? 678 | | | | svc-id 679 | | | +--:(match-application) 680 | | | +--rw match-application? 681 | | | identityref 682 | | +--rw target-class-id? 683 | | string 684 | +--rw qos-profile 685 | +--rw (qos-profile)? 686 | +--:(standard) 687 | | +--rw profile? leafref 688 | +--:(custom) 689 | +--rw classes {qos-custom}? 690 | +--rw class* [class-id] 691 | +--rw class-id 692 | | string 693 | +--rw direction? 694 | | identityref 695 | +--rw policing? 696 | | identityref 697 | +--rw byte-offset? 698 | | uint16 699 | +--rw frame-delay 700 | | +--rw (flavor)? 701 | | +--:(lowest) 702 | | | +--rw use-lowest 703 | | | -latency? empty 704 | | +--:(boundary) 705 | | +--rw delay- 706 | | bound? uint16 707 | +--rw frame-jitter 708 | | +--rw (flavor)? 709 | | +--:(lowest) 710 | | | +--rw use-lowest 711 | | | -jitter? empty 712 | | +--:(boundary) 713 | | +--rw delay- 714 | | bound? uint32 715 | +--rw frame-loss 716 | | +--rw rate? 717 | | decimal64 718 | +--rw bandwidth 719 | +--rw guaranteed-bw- 720 | | percent decimal64 721 | +--rw end-to-end? 722 | empty 723 +--rw svc-precedence 724 | +--rw precedence? identityref 725 +--rw broadcast-unknown-unicast-multicast 726 | +--rw multicast-site-type? 727 | | enumeration 728 | +--rw multicast-gp-address-mapping* [id] 729 | | +--rw id uint16 730 | | +--rw vlan-id? uint32 731 | | +--rw mac-gp-address? 732 | | | yang:mac-address 733 | | +--rw port-lag-number? uint32 734 | +--rw bum-overall-rate? 735 | | uint32 736 | +--rw bum-rate-per-type* [type] 737 | +--rw type identityref 738 | +--rw rate? uint32 739 +--rw ethernet-service-oam 740 | +--rw md-name? string 741 | +--rw md-level? uint8 742 | +--rw cfm-802.1-ag 743 | | +--rw n2-uni-c* [maid] 744 | | | +--rw maid 745 | | | | string 746 | | | +--rw mep-id? 747 | | | | uint32 748 | | | +--rw mep-level? 749 | | | | uint32 750 | | | +--rw mep-up-down? 751 | | | | enumeration 752 | | | +--rw remote-mep-id? 753 | | | | uint32 754 | | | +--rw cos-for-cfm-pdus? 755 | | | | uint32 756 | | | +--rw ccm-interval? 757 | | | | uint32 758 | | | +--rw ccm-holdtime? 759 | | | | uint32 760 | | | +--rw alarm-priority-defect? 761 | | | | identityref 762 | | | +--rw ccm-p-bits-pri? 763 | | | ccm-priority-type 764 | | +--rw n2-uni-n* [maid] 765 | | +--rw maid 766 | | | string 767 | | +--rw mep-id? 768 | | | uint32 769 | | +--rw mep-level? 770 | | | uint32 771 | | +--rw mep-up-down? 772 | | | enumeration 773 | | +--rw remote-mep-id? 774 | | | uint32 775 | | +--rw cos-for-cfm-pdus? 776 | | | uint32 777 | | +--rw ccm-interval? 778 | | | uint32 779 | | +--rw ccm-holdtime? 780 | | | uint32 781 | | +--rw alarm-priority-defect? 782 | | | identityref 783 | | +--rw ccm-p-bits-pri? 784 | | ccm-priority-type 785 | +--rw y-1731* [maid] 786 | +--rw maid 787 | | string 788 | +--rw mep-id? 789 | | uint32 790 | +--rw type? 791 | | identityref 792 | +--rw remote-mep-id? 793 | | uint32 794 | +--rw message-period? 795 | | uint32 796 | +--rw measurement-interval? 797 | | uint32 798 | +--rw cos? 799 | | uint32 800 | +--rw loss-measurement? 801 | | boolean 802 | +--rw synthethic-loss-measurement? 803 | | boolean 804 | +--rw delay-measurement 805 | | +--rw enable-dm? boolean 806 | | +--rw two-way? boolean 807 | +--rw frame-size? 808 | | uint32 809 | +--rw session-type? 810 | enumeration 811 +--rw mac-loop-prevention 812 | +--rw frequency? uint32 813 | +--rw protection-type? identityref 814 | +--rw number-retries? uint32 815 +--rw access-control-list 816 | +--rw mac* [mac-address] 817 | +--rw mac-address yang:mac-address 818 +--rw mac-addr-limit 819 | +--rw mac-num-limit? uint16 820 | +--rw time-interval? uint32 821 | +--rw action? identityref 822 +--rw site-bearers 823 +--rw bearer-id? 824 string 826 Figure 5 828 4. Relation with other YANG Models 830 The L2NM model, aimed at managing the L2VPN Services in a Service 831 Provider Network controller/orchestrator has relations with other 832 YANG modules. 834 4.1. Relation with L2SM 836 [RFC8466] defines a L2VPN Service YANG data Model (L2SM) that can be 837 used for communication between customers and VPN service providers. 838 Hence, the model provides inputs to the Network Operator to deliver 839 such service to the customer. Hence, most parts of the model can be 840 directly mapped into L2NM. 842 o Service requirements: The service requirements can be directly 843 taken from L2SM to L2NM. 845 o Sites: The sites from L2SM are used to select the Service Prodider 846 node. The site information is NOT maintained in L2NM 848 4.2. Relation with Network Topology 850 The L2NM model manages VPN Services running over Service Provider 851 Backbone network. The set of nodes over which it is possible to 852 deploy a L2 VPN Service MAY be part of the topology contained in an 853 ietf-network module. 855 4.3. Relation with Device Models 857 Creating services in the l2vpn-ntw module will will lead at some 858 point to the configuration of devices. Hence, it is foreseen that 859 the data for the device yang modules will be derived partially from 860 the L2NM vpn-service container. Note that L2NM is NOT a device 861 model. 863 5. YANG Module 865 file "ietf-l2vpn-ntw@2020-05-26.yang" 866 module ietf-l2vpn-ntw { 867 yang-version 1.1; 868 namespace "urn:ietf:params:xml:ns:yang:ietf-l2vpn-ntw"; 869 prefix l2vpn-ntw; 871 import ietf-inet-types { 872 prefix inet; 873 reference 874 "Section 4 of RFC 6991"; 875 } 876 import ietf-yang-types { 877 prefix yang; 878 reference 879 "Section 3 of RFC 6991"; 880 } 881 import ietf-netconf-acm { 882 prefix nacm; 883 reference 884 "RFC 8341: Network Configuration Access Control Model"; 885 } 886 import ietf-l3vpn-ntw { 887 prefix l3vpn-ntw; 888 reference 889 "RFC NNNN: A Layer 3 VPN Network YANG Model"; 890 } 891 import ietf-l2vpn-svc { 892 prefix l2vpn-svc; 893 reference 894 "RFC 8466: YANG Data Model for Layer 2 Virtual Private 895 Network (L2VPN) Service Delivery"; 896 } 897 import ietf-packet-fields { 898 prefix pf; 899 reference 900 "RFC 8519 - YANG Data Model for Network Access Control 901 Lists (ACLs)."; 902 } 903 import ietf-routing-types { 904 prefix rt-types; 905 reference 906 "RFC 8294: Common YANG Data Types for the Routing Area"; 907 } 909 organization 910 "IETF OPSA (Operations and Management Area) Working Group"; 912 contact 913 "WG Web: 914 WG List: 915 Editor: Samier Barguil 916 917 Editor: Oscar Gonzalez de Dios 918 919 Author: Mohamed Boucadair 920 921 Author: Luis Angel Munoz 922 923 Author: Luay Jalil 924 925 Author: Jichun Ma 926 927 "; 928 description 929 "The YANG module defines a generic network configuration 930 model for Layer 2 VPN services common across all of the 931 vendor implementations. 933 Copyright (c) 2020 IETF Trust and the persons identified as 934 authors of the code. All rights reserved. 936 Redistribution and use in source and binary forms, with or 937 without modification, is permitted pursuant to, and subject to 938 the license terms contained in, the Simplified BSD License set 939 forth in Section 4.c of the IETF Trust's Legal Provisions 940 Relating to IETF Documents 941 (https://trustee.ietf.org/license-info). 943 This version of this YANG module is part of RFC XXXX 944 (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself 945 for full legal notices."; 947 revision 2020-05-26 { 948 description 949 "Third revision -02 version"; 950 reference 951 "RFC XXXX: A Layer 2 VPN Network YANG Model."; 952 } 954 /* Features */ 956 feature multicast-like { 957 description 958 "Indicates the support of multicast-like capabilities 959 in a L2VPN."; 961 } 963 feature extranet-vpn { 964 description 965 "Indicates the Support of Extranet VPN."; 966 } 968 feature target-sites { 969 description 970 "Indicates the support of 'target-sites' match flow 971 parameter."; 972 } 974 feature l2cp-control { 975 description 976 "Indicates the support of L2CP control."; 977 } 979 feature input-bw { 980 description 981 "Indicates the suppport of Input Bandwidth 982 in a VPN."; 983 } 985 feature output-bw { 986 description 987 "Indicates the support of Output Bandwidth in 988 a VPN"; 989 } 991 feature uni-list { 992 description 993 "Indicates thesupport of UNI list in a VPN."; 994 } 996 feature cloud-access { 997 description 998 "Indicates the support of a VPN to connect to a Cloud Service 999 provider."; 1000 } 1002 feature oam-3ah { 1003 description 1004 "Indicates the support of OAM 802.3ah."; 1005 } 1007 feature micro-bfd { 1008 description 1009 "Indicates the support of Micro-BFD."; 1010 } 1012 feature bfd { 1013 description 1014 "Indicates the support of BFD."; 1015 } 1017 feature signaling-options { 1018 description 1019 "Indicates the support of signalling option."; 1020 } 1022 feature site-diversity { 1023 description 1024 "Indicates the support of site diversity constraints in 1025 a VPN."; 1026 } 1028 feature encryption { 1029 description 1030 "Indicates the support of encryption."; 1031 } 1033 feature always-on { 1034 description 1035 "Indicates the support for always-on access 1036 constraint."; 1037 } 1039 feature requested-type { 1040 description 1041 "Indicates the support for requested-type access 1042 constraint."; 1043 } 1045 feature bearer-reference { 1046 description 1047 "Indicates the support for bearer-reference access 1048 constraint."; 1049 } 1051 feature qos { 1052 description 1053 "Indicates the support of Class of Services."; 1054 } 1056 feature lag-interface { 1057 description 1058 "Enable lag-interface."; 1059 } 1061 feature vlan { 1062 description 1063 "Indicates the support of VLAN."; 1064 } 1066 feature dot1q { 1067 description 1068 "Indicates the support of Dot1Q."; 1069 } 1071 feature sub-inf { 1072 description 1073 "Indicates the support of Sub Interface."; 1074 } 1076 feature qinq { 1077 description 1078 "Indicates the support of QinQ."; 1079 } 1081 feature qinany { 1082 description 1083 "Indicates the support of QinAny."; 1084 } 1086 feature atm { 1087 description 1088 "Indicates the support of ATM."; 1089 } 1091 feature vxlan { 1092 description 1093 "Indicates the support of VxLAN."; 1094 } 1096 feature ipv4 { 1097 description 1098 "Indicates the support in a VPN."; 1099 } 1101 feature ipv6 { 1102 description 1103 "Indicates the support in a VPN."; 1104 } 1105 feature lan-tag { 1106 description 1107 "Indicates the LAN Tag support in a VPN."; 1108 } 1110 /* Typedefs */ 1112 typedef protocol-type { 1113 type enumeration { 1114 enum GRE { 1115 value 0; 1116 description 1117 "Transport based on GRE."; 1118 } 1119 enum LDP { 1120 value 1; 1121 description 1122 "Transport based on LDP."; 1123 reference 1124 "RFC 5036: LDP Specification"; 1125 } 1126 enum BGP { 1127 value 2; 1128 description 1129 "Transport based on BGP."; 1130 reference 1131 "RFC 4760: Multiprotocol Extensions for BGP-4"; 1132 } 1133 enum SR { 1134 value 3; 1135 description 1136 "Transport based on Segment Routing"; 1137 reference 1138 "RFC 8660: Segment Routing with the MPLS Data Plane"; 1139 } 1140 enum SR-TE { 1141 value 4; 1142 description 1143 "Transport based on Segment Routing for Traffic 1144 Engineering"; 1145 } 1146 enum RSVP-TE { 1147 value 5; 1148 description 1149 "Transport based on RSVP-TE signaled tunnels"; 1150 reference 1151 "RFC 3209: RSVP-TE: Extensions to RSVP for LSP Tunnels"; 1152 } 1154 } 1155 description 1156 "This are attributes used to identify underly 1157 transport protocols used to deliver the service."; 1158 } 1160 typedef operational-type { 1161 type enumeration { 1162 enum up { 1163 value 0; 1164 description 1165 "Operational status UP."; 1166 } 1167 enum down { 1168 value 1; 1169 description 1170 "Operational status DOWN"; 1171 } 1172 enum unknown { 1173 value 2; 1174 description 1175 "Operational status UNKNOWN"; 1176 } 1177 } 1178 description 1179 "This is an attribute used to determine the 1180 operational status of a particular element."; 1181 } 1183 typedef svc-id { 1184 type string; 1185 description 1186 "Indicates the type of service component identifier."; 1187 } 1189 typedef ccm-priority-type { 1190 type uint8 { 1191 range "0..7"; 1192 } 1193 description 1194 "A 3 bit priority value to be used in the VLAN tag, 1195 if present in the transmitted frame."; 1196 } 1198 typedef control-mode { 1199 type enumeration { 1200 enum peer { 1201 description 1202 "Peer mode, i.e., participate in the protocol towards 1203 the CE. Peering is common for LACP and E-LMI and 1204 occasionally for LLDP. For virtual private services 1205 the Subscriber can also request that the Service 1206 Provider peer spanning tree."; 1207 } 1208 enum tunnel { 1209 description 1210 "Tunnel mode,i.e.,pass to the egress or destination site. 1211 For EPL, the expectation is that L2CP frames are 1212 tunneled."; 1213 } 1214 enum discard { 1215 description 1216 "Discard mode,i.e.,discard the frame."; 1217 } 1218 } 1219 description 1220 "Defining a type of the control mode on L2CP protocols."; 1221 } 1223 typedef neg-mode { 1224 type enumeration { 1225 enum full-duplex { 1226 description 1227 "Defining Full duplex mode"; 1228 } 1229 enum auto-neg { 1230 description 1231 "Defining Auto negotiation mode"; 1232 } 1233 } 1234 description 1235 "Defining a type of the negotiation mode"; 1236 } 1238 /* Identities */ 1240 identity multicast-tree-type { 1241 base l2vpn-svc:multicast-tree-type; 1242 description 1243 "Base identity for multicast tree type."; 1244 } 1246 identity mapping-type { 1247 base l2vpn-svc:multicast-gp-address-mapping; 1248 description 1249 "Identity mapping-type."; 1251 } 1253 identity tf-type { 1254 base l2vpn-svc:tf-type; 1255 description 1256 "Identity traffic-type"; 1257 } 1259 identity pwe-encapsulation-type { 1260 base l2vpn-svc:encapsulation-type; 1261 description 1262 "Identity pwe-encapsulation-type"; 1263 } 1265 identity l2tp-pw-type { 1266 description 1267 "Identity for L2TP PW type"; 1268 } 1270 identity encapsulation-type { 1271 description 1272 "Identity for encapsulation type"; 1273 } 1275 identity ethernet-type { 1276 base encapsulation-type; 1277 description 1278 "Identity for encapsulation type"; 1279 } 1281 identity vlan-type { 1282 base encapsulation-type; 1283 description 1284 "Identity for encapsulation type"; 1285 } 1287 identity protection-mode { 1288 description 1289 "Identity of protection mode"; 1290 } 1292 identity oneplusone { 1293 base protection-mode; 1294 description 1295 "In this scheme, the primary circuit will be 1296 protected by a backup circuit, typically meeting certain 1297 diverse path/fiber/site/node criteria. Both primary and 1298 protection circuits are provisioned to be in the active 1299 forward ing state. The subscriber may choose to send the 1300 same service frames across both circuits simultaneously."; 1301 } 1303 identity one-to-one { 1304 base protection-mode; 1305 description 1306 "In this scheme, a backup circuit to the primary 1307 circuit is provisioned. Depending on the implementation 1308 agreement, the protection circuits may either always be 1309 in active forwarding state, or may only become active when 1310 a faulty state is detected on the primary circuit."; 1311 } 1313 identity eth-inf-type { 1314 base l2vpn-svc:eth-inf-type; 1315 description 1316 "Identity of Ethernet Interface Type"; 1317 } 1319 identity bw-type { 1320 base l2vpn-svc:bw-type; 1321 description 1322 "Identity of bandwidth"; 1323 } 1325 identity site-type { 1326 description 1327 "Identity of site type."; 1328 } 1330 identity uni { 1331 base site-type; 1332 description 1333 "Identity of User Network Interface "; 1334 } 1336 identity enni { 1337 base site-type; 1338 description 1339 "Identity of External Network to Network Interface"; 1340 } 1342 identity service-type { 1343 base l2vpn-svc:service-type; 1344 description 1345 "Base Identity of service type."; 1346 } 1347 identity bundling-type { 1348 base l2vpn-svc:bundling-type; 1349 description 1350 "This is base identity for Bundling type. It supports 1351 multiple CE-VLAN associated with L2VPN service or all 1352 CE-VLANs associated with L2VPN service."; 1353 } 1355 identity color-id { 1356 base l2vpn-svc:color-id; 1357 description 1358 "base identity of color id"; 1359 } 1361 identity cos-id { 1362 base l2vpn-svc:cos-id; 1363 description 1364 "Identity of class of service id"; 1365 } 1367 identity color-type { 1368 base l2vpn-svc:color-type; 1369 description 1370 "Identity of color types"; 1371 } 1373 identity perf-tier-opt { 1374 description 1375 "Identity of performance tier option."; 1376 } 1378 identity metro { 1379 base perf-tier-opt; 1380 description 1381 "Identity of metro"; 1382 } 1384 identity regional { 1385 base perf-tier-opt; 1386 description 1387 "Identity of regional"; 1388 } 1390 identity continental { 1391 base perf-tier-opt; 1392 description 1393 "Identity of continental"; 1394 } 1395 identity global { 1396 base perf-tier-opt; 1397 description 1398 "Identity of global"; 1399 } 1401 identity policing { 1402 description 1403 "Identity of policing type"; 1404 } 1406 identity one-rate-two-color { 1407 base policing; 1408 description 1409 "Identity of one-rate, two-color (1R2C)"; 1410 } 1412 identity two-rate-three-color { 1413 base policing; 1414 description 1415 "Identity of two-rate, three-color (2R3C)"; 1416 } 1418 identity bum-type { 1419 base l2vpn-svc:bum-type; 1420 description 1421 "Identity of BUM type"; 1422 } 1424 identity loop-prevention-type { 1425 base l2vpn-svc:loop-prevention-type; 1426 description 1427 "Identity of loop prevention"; 1428 } 1430 identity lacp-state { 1431 base l2vpn-svc:lacp-state; 1432 description 1433 "Identity of LACP state"; 1434 } 1436 identity lacp-mode { 1437 base l2vpn-svc:lacp-mode; 1438 description 1439 "Identity of LACP mode"; 1440 } 1442 identity lacp-speed { 1443 base l2vpn-svc:lacp-speed; 1444 description 1445 "Identity of LACP speed"; 1446 } 1448 identity vpn-signaling-type { 1449 description 1450 "Identity of VPN signaling types"; 1451 } 1453 identity l2vpn-bgp { 1454 base vpn-signaling-type; 1455 description 1456 "Identity of l2vpn-bgp"; 1457 } 1459 identity evpn-bgp { 1460 base vpn-signaling-type; 1461 description 1462 "Identity of evpn-bgp"; 1463 } 1465 identity t-ldp { 1466 base vpn-signaling-type; 1467 description 1468 "Identity of t-ldp."; 1469 } 1471 identity h-vpls { 1472 base vpn-signaling-type; 1473 description 1474 "Identity for h-vpls"; 1475 } 1477 identity l2tp { 1478 base vpn-signaling-type; 1479 description 1480 "Identity of l2tp."; 1481 } 1483 identity t-ldp-pwe-type { 1484 description 1485 "Identity for t-ldp-pwe-type."; 1486 } 1488 identity vpws-type { 1489 base t-ldp-pwe-type; 1490 description 1491 "Identity for VPWS"; 1492 } 1494 identity vpls-type { 1495 base t-ldp-pwe-type; 1496 description 1497 "Identity for vpls"; 1498 } 1500 identity hvpls { 1501 base t-ldp-pwe-type; 1502 description 1503 "Identity for h-vpls"; 1504 } 1506 identity l2vpn-type { 1507 description 1508 "Layer 2 VPN types"; 1509 } 1511 identity l2vpn-vpws { 1512 base l2vpn-type; 1513 description 1514 "VPWS L2VPN type."; 1515 } 1517 identity l2vpn-vpls { 1518 base l2vpn-type; 1519 description 1520 "VPLS L2VPN type."; 1521 } 1523 identity distribute-vpls { 1524 base l2vpn-type; 1525 description 1526 "distribute VPLS L2VPN type."; 1527 } 1529 identity evpn-type { 1530 description 1531 "Ethernet VPN types"; 1532 } 1534 identity evpn-vpws { 1535 base evpn-type; 1536 description 1537 "VPWS support in EVPN."; 1538 } 1539 identity evpn-pbb { 1540 base evpn-type; 1541 description 1542 " Provider Backbone Bridging Support in EVPN."; 1543 } 1545 identity management { 1546 base l2vpn-svc:management; 1547 description 1548 "Base identity for site management scheme."; 1549 } 1551 identity address-family { 1552 base l2vpn-svc:address-family; 1553 description 1554 "Base identity for an address family."; 1555 } 1557 identity vpn-topology { 1558 base l3vpn-ntw:vpn-topology; 1559 description 1560 "Base identity for VPN topology."; 1561 } 1563 identity site-role { 1564 base l2vpn-svc:site-role; 1565 description 1566 "Base identity for site type."; 1567 } 1569 identity any-to-any-role { 1570 base site-role; 1571 description 1572 "Any-to-any-role site type."; 1573 } 1575 identity pm-type { 1576 base l2vpn-svc:pm-type; 1577 description 1578 "Performance monitor type"; 1579 } 1581 identity fault-alarm-defect-type { 1582 base l2vpn-svc:fault-alarm-defect-type; 1583 description 1584 "Indicating the alarm priority defect"; 1585 } 1586 identity frame-delivery-mode { 1587 base l2vpn-svc:frame-delivery-mode; 1588 description 1589 "Delivery types"; 1590 } 1592 identity pw-topo-type { 1593 base l2vpn-svc:site-network-access-type; 1594 description 1595 "base identity for pw topology Type"; 1596 } 1598 identity placement-diversity { 1599 base l2vpn-svc:placement-diversity; 1600 description 1601 "Base identity for site placement 1602 constraints"; 1603 } 1605 identity l2-access-type { 1606 description 1607 "This identify the access type 1608 of the vpn acccess interface"; 1609 } 1611 identity untag { 1612 base l2-access-type; 1613 description 1614 "Untag"; 1615 } 1617 identity port { 1618 base l2-access-type; 1619 description 1620 "Port"; 1621 } 1623 identity dot1q { 1624 base l2-access-type; 1625 description 1626 "Qot1q"; 1627 } 1629 identity qinq { 1630 base l2-access-type; 1631 description 1632 "QinQ"; 1633 } 1634 identity sub-interface { 1635 base l2-access-type; 1636 description 1637 "Create a default sub-interface and keep vlan."; 1638 } 1640 identity atm { 1641 base l2-access-type; 1642 description 1643 "ATM Cell."; 1644 } 1646 identity vxlan { 1647 base l2-access-type; 1648 description 1649 "Vxlan access into the vpn"; 1650 } 1652 identity provision-model { 1653 base l2vpn-svc:provision-model; 1654 description 1655 "base identity for provision model."; 1656 } 1658 identity mac-learning-mode { 1659 base l2vpn-svc:mac-learning-mode; 1660 description 1661 "MAC learning mode"; 1662 } 1664 identity vpn-policy-filter-type { 1665 base l2vpn-svc:vpn-policy-filter-type; 1666 description 1667 "Base identity for filter type."; 1668 } 1670 identity mac-action { 1671 base l2vpn-svc:mac-action; 1672 description 1673 "Base identity for MAC action."; 1674 } 1676 identity load-balance-method { 1677 description 1678 "Base identity for load balance method."; 1679 } 1681 identity fat-pw { 1682 base load-balance-method; 1683 description 1684 "Identity for Fat PW. Fat label is 1685 applied to Pseudowires across MPLS 1686 network."; 1687 } 1689 identity entropy-label { 1690 base load-balance-method; 1691 description 1692 "Identity for entropy label.Entropy label 1693 is applied to IP forwarding, 1694 L2VPN or L3VPN across MPLS network"; 1695 } 1697 identity vxlan-source-port { 1698 base load-balance-method; 1699 description 1700 "Identity for vxlan source port.VxLAN 1701 Source Port is one load balancing method."; 1702 } 1704 identity qos-profile-direction { 1705 base l2vpn-svc:qos-profile-direction; 1706 description 1707 "Base identity for qos profile direction."; 1708 } 1710 identity vxlan-peer-mode { 1711 base l2vpn-svc:vxlan-peer-mode; 1712 description 1713 "Base identity for vxlan peer mode."; 1714 } 1716 identity customer-application { 1717 base l2vpn-svc:customer-application; 1718 description 1719 "Base identity for customer application."; 1720 } 1722 identity precedence-type { 1723 description 1724 "Redundancy type. The service can be created 1725 with active and bakcup signalization."; 1726 } 1728 identity primary { 1729 base precedence-type; 1730 description 1731 "Identifies the Main L2VPN."; 1732 } 1734 identity backup { 1735 base precedence-type; 1736 description 1737 "Identifies the Backup L2VPN."; 1738 } 1740 /* Groupings */ 1742 grouping vpn-route-targets { 1743 description 1744 "A grouping that specifies Route Target import-export rules 1745 used in a BGP-enabled VPN."; 1746 list vpn-target { 1747 key "id"; 1748 leaf id { 1749 type int8; 1750 description 1751 "Identifies each VPN Target"; 1752 } 1753 list route-targets { 1754 key "route-target"; 1755 leaf route-target { 1756 type rt-types:route-target; 1757 description 1758 "Route Target value"; 1759 } 1760 description 1761 "List of Route Targets."; 1762 } 1763 leaf route-target-type { 1764 type rt-types:route-target-type; 1765 mandatory true; 1766 description 1767 "Import/export type of the Route Target."; 1768 } 1769 description 1770 "l3vpn route targets. AND/OR Operations are available 1771 based on the RTs assigment"; 1772 } 1773 reference 1774 "RFC4364: BGP/MPLS IP Virtual Private Networks (VPNs) 1775 RFC4664: Framework for Layer 2 Virtual Private Networks 1776 (L2VPNs)"; 1777 container vpn-policies { 1778 description 1779 ""; 1780 leaf import-policy { 1781 type string; 1782 description 1783 "Reference to a VRF import policy."; 1784 } 1785 leaf export-policy { 1786 type string; 1787 description 1788 "Reference to a VRF export policy."; 1789 } 1790 } 1791 } 1793 grouping svc-transport-encapsulation { 1794 container transport-encapsulation { 1795 leaf-list protocol { 1796 type protocol-type; 1797 ordered-by user; 1798 description 1799 "Protocols used to support transport"; 1800 } 1801 description 1802 "Container for the Transport Underlay."; 1803 } 1804 description 1805 "This grouping defines the type of underlay transport 1806 for VPN service."; 1807 } 1809 grouping split-horizon-group { 1810 container split-horizon { 1811 leaf group-name { 1812 type string; 1813 description 1814 "group-name of the Split Horizon"; 1815 } 1816 description 1817 "Configuration with split horizon enabled"; 1818 } 1819 description 1820 "Configuration with split horizon enabled"; 1821 } 1823 grouping svc-precedence { 1824 container svc-precedence { 1825 leaf precedence { 1826 type identityref { 1827 base precedence-type; 1828 } 1829 description 1830 "Defining service redundancy in transport 1831 network."; 1832 } 1833 description 1834 "Transport netowrk precedence selector 1835 Primary or Secondary tunnel."; 1836 } 1837 description 1838 "Transport netowrk precedence selector 1839 Primary or Secondary tunnel."; 1840 } 1842 grouping vpn-service-cloud-access { 1843 container cloud-accesses { 1844 if-feature "cloud-access"; 1845 list cloud-access { 1846 key "cloud-identifier"; 1847 leaf cloud-identifier { 1848 type string; 1849 description 1850 "Identification of cloud service. Local 1851 admin meaning."; 1852 } 1853 choice list-flavor { 1854 case permit-any { 1855 leaf permit-any { 1856 type empty; 1857 description 1858 "Allow all sites."; 1859 } 1860 } 1861 case deny-any-except { 1862 leaf-list permit-site { 1863 type leafref { 1864 path "/l2vpn-ntw/sites/site/site-id"; 1865 } 1866 description 1867 "Site ID to be authorized."; 1868 } 1869 } 1870 case permit-any-except { 1871 leaf-list deny-site { 1872 type leafref { 1873 path "/l2vpn-ntw/sites/site/site-id"; 1874 } 1875 description 1876 "Site ID to be denied."; 1877 } 1878 } 1879 description 1880 "Choice for cloud access policy."; 1881 } 1882 container authorized-sites { 1883 list authorized-site { 1884 key "site-id"; 1885 leaf site-id { 1886 type leafref { 1887 path "/l2vpn-ntw/sites/site/site-id"; 1888 } 1889 description 1890 "Site ID."; 1891 } 1892 description 1893 "List of authorized sites."; 1894 } 1895 description 1896 "Configuration of authorized sites."; 1897 } 1898 container denied-sites { 1899 list denied-site { 1900 key "site-id"; 1901 leaf site-id { 1902 type leafref { 1903 path "/l2vpn-ntw/sites/site/site-id"; 1904 } 1905 description 1906 "Site ID."; 1907 } 1908 description 1909 "List of denied sites."; 1910 } 1911 description 1912 "Configuration of denied sites."; 1913 } 1914 description 1915 "Cloud access configuration."; 1916 } 1917 description 1918 "Container for cloud access configurations"; 1919 } 1920 description 1921 "Grouping for vpn cloud definition"; 1922 } 1924 grouping site-device { 1925 container device { 1926 list devices { 1927 key "device-id"; 1928 leaf device-id { 1929 type string; 1930 description 1931 "Device ID"; 1932 } 1933 leaf location { 1934 type leafref { 1935 path "/l2vpn-ntw/sites/site/locations/location/" + 1936 "location-id"; 1937 } 1938 description 1939 "Site name"; 1940 } 1941 container management { 1942 leaf address { 1943 type inet:ip-address; 1944 description 1945 "Address"; 1946 } 1947 leaf management-transport { 1948 type identityref { 1949 base address-family; 1950 } 1951 description 1952 "Transport protocol used for management."; 1953 } 1954 description 1955 "Container for management"; 1956 } 1957 description 1958 "List of devices"; 1959 } 1960 description 1961 "Devices configuration"; 1962 } 1963 description 1964 "Device parameters for the site."; 1965 } 1967 grouping site-management { 1968 container management { 1969 leaf type { 1970 type identityref { 1971 base management; 1972 } 1973 description 1974 "Management type of the connection."; 1975 } 1976 description 1977 "Container for management"; 1978 } 1979 description 1980 "Grouping for management"; 1981 } 1983 grouping site-vpn-policy { 1984 container vpn-policies { 1985 list vpn-policy { 1986 key "vpn-policy-id"; 1987 leaf vpn-policy-id { 1988 type string; 1989 description 1990 "Unique identifier for the VPN policy."; 1991 } 1992 list entries { 1993 key "id"; 1994 leaf id { 1995 type string; 1996 description 1997 "Unique identifier for the policy entry."; 1998 } 1999 container filters { 2000 list filter { 2001 key "type"; 2002 ordered-by user; 2003 leaf type { 2004 type identityref { 2005 base vpn-policy-filter-type; 2006 } 2007 description 2008 "Type of VPN Policy filter."; 2009 } 2011 description 2012 "List of filters used on the site. This list can 2013 be augmented."; 2014 } 2015 description 2016 "If a more-granular VPN attachment is necessary, 2017 filtering can be used. If used, it permits the 2018 splitting of site LANs among multiple VPNs. The 2019 Site LAN can be split based on either LAN-tag 2020 or LAN prefix. If no filter is used, all the LANs 2021 will be part of the same VPNs with the same role."; 2022 } 2023 list vpn { 2024 key "vpn-id"; 2025 leaf vpn-id { 2026 type leafref { 2027 path "/l2vpn-ntw/vpn-services/" 2028 + "vpn-service/vpn-id"; 2029 } 2030 mandatory true; 2031 description 2032 "Reference to an IP VPN."; 2033 } 2034 leaf site-role { 2035 type identityref { 2036 base site-role; 2037 } 2038 default "any-to-any-role"; 2039 description 2040 "Role of the site in the IP VPN."; 2041 } 2042 description 2043 "List of VPNs the LAN is associated with."; 2044 } 2045 description 2046 "List of entries for export policy."; 2047 } 2048 description 2049 "List of VPN policies."; 2050 } 2051 description 2052 "VPN policy."; 2053 } 2054 description 2055 "VPN policy parameters for the site."; 2056 } 2058 grouping bum-frame-delivery { 2059 container bum-frame-delivery-modes { 2060 list bum-frame-delivery { 2061 key "traffic-type"; 2062 leaf traffic-type { 2063 type identityref { 2064 base tf-type; 2066 } 2067 description 2068 "Type of frame delivery. It support unicast 2069 frame delivery, multicast frame delivery 2070 and broadcast frame delivery."; 2071 } 2072 leaf delivery-mode { 2073 type identityref { 2074 base frame-delivery-mode; 2075 } 2076 description 2077 " Define Frame Delivery Mode 2078 (unconditional[default], conditional, or discard)."; 2079 } 2080 description 2081 "List of frame delivery type and mode."; 2082 } 2083 description 2084 "Define frame delivery type and mode."; 2085 } 2086 description 2087 "Grouping for unicast, mulitcast, broadcast frame delivery"; 2088 } 2090 grouping cvlan-svc-map-grouping { 2091 list cvlan-id-to-svc-map { 2092 key "svc-id"; 2093 leaf svc-id { 2094 type leafref { 2095 path "/l2vpn-ntw/vpn-services/vpn-service/vpn-id"; 2096 } 2097 description 2098 "VPN Service identifier"; 2099 } 2100 list cvlan-id { 2101 key "vid"; 2102 leaf vid { 2103 type uint32; 2104 description 2105 "CVLAN ID"; 2106 } 2107 description 2108 "List of CVLAN-ID to SVC Map configurations"; 2109 } 2110 description 2111 "List for cvlan-id to L2VPn Service map configurations"; 2112 } 2113 description 2114 "Grouping for cvlan to L2VPN service mapping"; 2115 } 2117 grouping customer-location-info { 2118 container locations { 2119 list location { 2120 key "location-id"; 2121 leaf location-id { 2122 type string; 2123 description 2124 "Location ID"; 2125 } 2126 leaf address { 2127 type string; 2128 description 2129 "Address (number and street) of the site."; 2130 } 2131 leaf zip-code { 2132 type string; 2133 description 2134 "ZIP code of the site."; 2135 } 2136 leaf state { 2137 type string; 2138 description 2139 "State of the site. This leaf can also be used to 2140 describe a region for country who does not have 2141 states."; 2142 } 2143 leaf city { 2144 type string; 2145 description 2146 "City of the site."; 2147 } 2148 leaf country-code { 2149 type string; 2150 description 2151 "Country of the site."; 2152 } 2153 description 2154 "List for location"; 2155 } 2156 description 2157 "Location of the site."; 2158 } 2159 description 2160 "This grouping defines customer location parameters"; 2161 } 2162 grouping site-diversity { 2163 container site-diversity { 2164 if-feature "site-diversity"; 2165 container groups { 2166 list group { 2167 key "group-id"; 2168 leaf group-id { 2169 type string; 2170 description 2171 "Group-id the site is belonging to"; 2172 } 2173 description 2174 "List of group-id"; 2175 } 2176 description 2177 "Groups the site is belonging to. 2178 All site network accesses will inherit those group 2179 values."; 2180 } 2181 description 2182 "Diversity constraint type."; 2183 } 2184 description 2185 "This grouping defines site diversity parameters"; 2186 } 2188 grouping site-service { 2189 description 2190 "This grouping defines site service parameters"; 2191 } 2193 grouping vpn-service-multicast { 2194 container multicast-like { 2195 if-feature "multicast-like"; 2196 leaf enabled { 2197 type boolean; 2198 default "false"; 2199 description 2200 "Enables multicast."; 2201 } 2202 container customer-tree-flavors { 2203 leaf-list tree-flavor { 2204 type identityref { 2205 base multicast-tree-type; 2206 } 2207 description 2208 "Type of tree to be used."; 2209 } 2210 description 2211 "Type of trees used by customer."; 2212 } 2214 uses bum-frame-delivery; 2215 leaf multicast-gp-port-mapping { 2216 type identityref { 2217 base mapping-type; 2218 } 2219 description 2220 "Describe the way in which each interface is associated 2221 with the Multicast group"; 2222 } 2223 description 2224 "Multicast global parameters for the VPN service."; 2225 } 2226 description 2227 "Grouping for multicast VPN definition."; 2228 } 2230 grouping vpn-extranet { 2231 container extranet-vpns { 2232 if-feature "extranet-vpn"; 2233 list extranet-vpn { 2234 key "vpn-id"; 2235 leaf vpn-id { 2236 type svc-id; 2237 description 2238 "Identifies the target VPN."; 2239 } 2240 leaf local-sites-role { 2241 type identityref { 2242 base site-role; 2243 } 2244 default "any-to-any-role"; 2245 description 2246 "This describes the role of the 2247 local sites in the target VPN topology."; 2248 } 2249 description 2250 "List of extranet VPNs the local VPN is attached to."; 2251 } 2252 description 2253 "Container for extranet VPN configuration."; 2254 } 2255 description 2256 "Grouping for extranet VPN configuration. 2257 This provides an easy way to interconnect 2258 all sites from two VPNs."; 2259 } 2261 grouping signaling-options-grouping { 2262 list signaling-options { 2263 key "type"; 2264 leaf type { 2265 type identityref { 2266 base vpn-signaling-type; 2267 } 2268 description 2269 "VPN signaling types"; 2270 } 2271 container l2vpn-bgp { 2272 when "/l2vpn-ntw/vpn-services/vpn-service/vpn-nodes/vpn-node/signaling-options/type = 'l2vpn-ntw:l2vpn-bgp'" { 2273 description 2274 "Only applies when vpn signaling type is l2vpn 2275 BGP protocol."; 2276 } 2277 leaf vpn-id { 2278 type leafref { 2279 path "/l2vpn-ntw/vpn-services/vpn-service/vpn-id"; 2280 } 2281 description 2282 "Identifies the target VPN"; 2283 } 2284 leaf type { 2285 type identityref { 2286 base l2vpn-type; 2287 } 2288 description 2289 "L2VPN types"; 2290 } 2291 leaf pwe-encapsulation-type { 2292 type identityref { 2293 base pwe-encapsulation-type; 2294 } 2295 description 2296 "PWE Encapsulation Type"; 2297 } 2298 uses vpn-route-targets; 2299 container pwe-mtu { 2300 leaf allow-mtu-mismatch { 2301 type boolean; 2302 description 2303 "Allow MTU mismatch"; 2304 } 2305 description 2306 "Container of PWE MTU configurations"; 2307 } 2308 leaf address-family { 2309 type identityref { 2310 base address-family; 2311 } 2312 description 2313 "Address family used for management."; 2314 } 2315 description 2316 "Container for MP BGP L2VPN"; 2317 } 2318 container evpn-bgp { 2319 when "/l2vpn-ntw/vpn-services/vpn-service/vpn-nodes/vpn-node/signaling-options/type = 'l2vpn-ntw:evpn-bgp'" { 2320 description 2321 "Only applies when vpn signaling type is EVPN 2322 BGP protocol."; 2323 } 2324 leaf vpn-id { 2325 type leafref { 2326 path "/l2vpn-ntw/vpn-services/vpn-service/vpn-id"; 2327 } 2328 description 2329 "Identifies the target EVPN"; 2330 } 2331 leaf type { 2332 type identityref { 2333 base evpn-type; 2334 } 2335 description 2336 "L2VPN types"; 2337 } 2338 leaf address-family { 2339 type identityref { 2340 base address-family; 2341 } 2342 description 2343 "Address family used for management."; 2344 } 2345 leaf mac-learning-mode { 2346 type identityref { 2347 base mac-learning-mode; 2348 } 2349 description 2350 "Indicates through which plane MAC addresses are 2351 advertised."; 2352 } 2353 leaf arp-suppress { 2354 type boolean; 2355 default "false"; 2356 description 2357 "Indicates whether to suppress ARP broadcast."; 2358 } 2359 description 2360 "Container for MP BGP L2VPN"; 2361 } 2362 container t-ldp-pwe { 2363 when "/l2vpn-ntw/vpn-services/vpn-service/vpn-nodes/vpn-node/signaling-options/type = 'l2vpn-ntw:t-ldp'" { 2364 description 2365 "Only applies when vpn signaling type is Target LDP."; 2366 } 2367 leaf type { 2368 type identityref { 2369 base t-ldp-pwe-type; 2370 } 2371 description 2372 "T-LDP PWE type"; 2373 } 2374 leaf pwe-encapsulation-type { 2375 type identityref { 2376 base pwe-encapsulation-type; 2377 } 2378 description 2379 "PWE Encapsulation Type."; 2380 } 2381 leaf control-word { 2382 type boolean; 2383 description 2384 "Control word configurations"; 2385 } 2386 container pwe-mtu { 2387 leaf allow-mtu-mismatch { 2388 type boolean; 2389 description 2390 "Allow MTU mismatch"; 2391 } 2392 description 2393 "Container of PWE MTU configurations"; 2394 } 2395 leaf provision-mode { 2396 type identityref { 2397 base provision-model; 2398 } 2399 description 2400 "provision-models. It support Double-Sided Provisioning 2401 model or single-side provisioning model."; 2403 } 2404 list ac-pw-list { 2405 key "peer-addr vc-id"; 2406 leaf peer-addr { 2407 type inet:ip-address; 2408 description 2409 "Peer IP address."; 2410 } 2411 leaf vc-id { 2412 type string; 2413 description 2414 "VC lable used to identify PW."; 2415 } 2416 leaf pw-type { 2417 type identityref { 2418 base pw-topo-type; 2419 } 2420 description 2421 "PW topology type"; 2422 } 2423 leaf pw-priority { 2424 type uint32; 2425 description 2426 "Defines the priority for the PW. 2427 The higher the pw-priority value, 2428 the higher the preference of the PW will be."; 2429 } 2430 description 2431 "List of AC and PW bindings."; 2432 } 2433 container qinq { 2434 when "/l2vpn-ntw/vpn-services/vpn-service/vpn-nodes/vpn-node/signaling-options/type = 'l2vpn-ntw:h-vpls'" { 2435 description 2436 "Only applies when t-ldp pwe type is h-vpls."; 2437 } 2438 leaf s-tag { 2439 type uint32; 2440 description 2441 "S-TAG"; 2442 } 2443 leaf c-tag { 2444 type uint32; 2445 description 2446 "C-TAG"; 2447 } 2448 description 2449 "Container for QinQ"; 2450 } 2451 description 2452 "Container of T-LDP PWE configurations"; 2453 } 2454 container l2tp-pwe { 2455 when "/l2vpn-ntw/vpn-services/vpn-service/vpn-nodes/vpn-node/signaling-options/type = 'l2vpn-ntw:l2tp'" { 2456 description 2457 "Applies when vpn signaling type is L2TP protocol."; 2458 } 2459 leaf type { 2460 type identityref { 2461 base t-ldp-pwe-type; 2462 } 2463 description 2464 "T-LDP PWE type"; 2465 } 2466 leaf encapsulation-type { 2467 type identityref { 2468 base encapsulation-type; 2469 } 2470 description 2471 "Encapsulation type"; 2472 } 2473 leaf control-word { 2474 type boolean; 2475 description 2476 "Control word configurations"; 2477 } 2478 list ac-pw-list { 2479 key "peer-addr vc-id"; 2480 leaf peer-addr { 2481 type inet:ip-address; 2482 description 2483 "Peer IP address."; 2484 } 2485 leaf vc-id { 2486 type string; 2487 description 2488 "VC lable used to identify PW."; 2489 } 2491 leaf pw-type { 2492 type identityref { 2493 base pw-topo-type; 2494 } 2495 description 2496 "PW topology type"; 2497 } 2498 leaf pw-priority { 2499 type uint32; 2500 description 2501 "PW priority"; 2502 } 2503 description 2504 "List of AC and PW bindings."; 2505 } 2506 description 2507 "Container for l2tp pw"; 2508 } 2509 description 2510 "List of VPN Signaling Option."; 2511 } 2512 description 2513 "Grouping for signaling option"; 2514 } 2516 grouping operational-requirements-ops { 2517 leaf actual-site-start { 2518 type yang:date-and-time; 2519 config false; 2520 description 2521 "Optional leaf indicating actual date 2522 and time when the service at a particular 2523 site actually started"; 2524 } 2525 leaf actual-site-stop { 2526 type yang:date-and-time; 2527 config false; 2528 description 2529 "Optional leaf indicating actual date 2530 and time when the service at a particular 2531 site actually stopped"; 2532 } 2533 leaf bundling-type { 2534 type identityref { 2535 base bundling-type; 2536 } 2537 description 2538 "Bundling type"; 2539 } 2540 leaf default-ce-vlan-id { 2541 type uint32; 2542 description 2543 "Default CE VLAN ID set at site level."; 2544 } 2545 description 2546 "This grouping defines some operational parameters 2547 parameters"; 2548 } 2550 grouping cfm-802-grouping { 2551 leaf maid { 2552 type string; 2553 description 2554 "MA ID"; 2555 } 2556 leaf mep-id { 2557 type uint32; 2558 description 2559 "Local MEP ID"; 2560 } 2561 leaf mep-level { 2562 type uint32; 2563 description 2564 "MEP level"; 2565 } 2566 leaf mep-up-down { 2567 type enumeration { 2568 enum up { 2569 description 2570 "MEP up"; 2571 } 2572 enum down { 2573 description 2574 "MEP down"; 2575 } 2576 } 2577 description 2578 "MEP up/down"; 2579 } 2580 leaf remote-mep-id { 2581 type uint32; 2582 description 2583 "Remote MEP ID"; 2584 } 2585 leaf cos-for-cfm-pdus { 2586 type uint32; 2587 description 2588 "COS for CFM PDUs"; 2589 } 2590 leaf ccm-interval { 2591 type uint32; 2592 description 2593 "CCM interval"; 2594 } 2595 leaf ccm-holdtime { 2596 type uint32; 2597 description 2598 "CCM hold time"; 2599 } 2600 leaf alarm-priority-defect { 2601 type identityref { 2602 base fault-alarm-defect-type; 2603 } 2604 description 2605 "The lowest priority defect that is 2606 allowed to generate a Fault Alarm. 2607 The non-existence of this leaf means 2608 that no defects are to be reported"; 2609 } 2610 leaf ccm-p-bits-pri { 2611 type ccm-priority-type; 2612 description 2613 "The priority parameter for CCMs transmitted by the MEP"; 2614 } 2615 description 2616 "Grouping for 802.1ag CFM attribute"; 2617 } 2619 grouping y-1731 { 2620 list y-1731 { 2621 key "maid"; 2622 leaf maid { 2623 type string; 2624 description 2625 "MA ID "; 2626 } 2627 leaf mep-id { 2628 type uint32; 2629 description 2630 "Local MEP ID"; 2631 } 2632 leaf type { 2633 type identityref { 2634 base pm-type; 2635 } 2636 description 2637 "Performance monitor types"; 2638 } 2639 leaf remote-mep-id { 2640 type uint32; 2641 description 2642 "Remote MEP ID"; 2644 } 2645 leaf message-period { 2646 type uint32; 2647 description 2648 "Defines the interval between OAM messages. The message 2649 period is expressed in milliseconds"; 2650 } 2651 leaf measurement-interval { 2652 type uint32; 2653 description 2654 "Specifies the measurement interval for statistics. The 2655 measurement interval is expressed in seconds"; 2656 } 2657 leaf cos { 2658 type uint32; 2659 description 2660 "Class of service"; 2661 } 2662 leaf loss-measurement { 2663 type boolean; 2664 description 2665 "Whether enable loss measurement"; 2666 } 2667 leaf synthethic-loss-measurement { 2668 type boolean; 2669 description 2670 "Indicate whether enable synthetic loss measurement"; 2671 } 2672 container delay-measurement { 2673 leaf enable-dm { 2674 type boolean; 2675 description 2676 "Whether to enable delay measurement"; 2677 } 2678 leaf two-way { 2679 type boolean; 2680 description 2681 "Whether delay measurement is two-way (true) of one- 2682 way (false)"; 2683 } 2684 description 2685 "Container for delay measurement"; 2686 } 2687 leaf frame-size { 2688 type uint32; 2689 description 2690 "Frame size"; 2691 } 2692 leaf session-type { 2693 type enumeration { 2694 enum proactive { 2695 description 2696 "Proactive mode"; 2697 } 2698 enum on-demand { 2699 description 2700 "On demand mode"; 2701 } 2702 } 2703 description 2704 "Session type"; 2705 } 2706 description 2707 "List for y-1731."; 2708 } 2709 description 2710 "Grouping for y.1731"; 2711 } 2713 grouping enni-site-info-grouping { 2714 container site-info { 2715 leaf site-name { 2716 type string; 2717 description 2718 "Site name"; 2719 } 2720 leaf address { 2721 type inet:ip-address; 2722 description 2723 "Address"; 2724 } 2725 leaf Edge-Gateway-Device-Info { 2726 type string; 2727 description 2728 "Edge Gateway Device Info "; 2729 } 2730 description 2731 "Container of site info configurations"; 2732 } 2733 description 2734 "Grouping for site information"; 2735 } 2737 grouping acl-grouping { 2738 container access-control-list { 2739 list mac { 2740 key "mac-address"; 2741 leaf mac-address { 2742 type yang:mac-address; 2743 description 2744 "MAC address."; 2745 } 2746 description 2747 "List for MAC."; 2748 } 2749 description 2750 "Container for access control List."; 2751 } 2752 description 2753 "This grouping defines Access Control List."; 2754 } 2756 grouping lacp-grouping { 2757 container lacp { 2758 leaf lacp-state { 2759 type boolean; 2760 description 2761 "LACP on/off"; 2762 } 2763 leaf lacp-mode { 2764 type boolean; 2765 description 2766 "LACP mode"; 2767 } 2768 leaf lacp-speed { 2769 type boolean; 2770 description 2771 "LACP speed"; 2772 } 2773 leaf mini-link { 2774 type uint32; 2775 description 2776 "The minimum aggregate bandwidth for a LAG"; 2777 } 2778 leaf system-priority { 2779 type uint16; 2780 description 2781 "Indicates the LACP priority for the system. 2782 The range is from 0 to 65535. 2783 The default is 32768."; 2784 } 2785 container micro-bfd { 2786 if-feature "micro-bfd"; 2787 leaf micro-bfd-on-off { 2788 type enumeration { 2789 enum on { 2790 description 2791 "Micro-bfd on"; 2792 } 2793 enum off { 2794 description 2795 "Micro-bfd off"; 2796 } 2797 } 2798 description 2799 "Micro BFD ON/OFF"; 2800 } 2801 leaf bfd-interval { 2802 type uint32; 2803 description 2804 "BFD interval"; 2805 } 2806 leaf bfd-hold-timer { 2807 type uint32; 2808 description 2809 "BFD hold timer"; 2810 } 2811 description 2812 "Container of Micro-BFD configurations"; 2813 } 2814 container bfd { 2815 if-feature "bfd"; 2816 leaf bfd-enabled { 2817 type boolean; 2818 description 2819 "BFD activation"; 2820 } 2821 choice holdtime { 2822 case profile { 2823 leaf profile-name { 2824 type string; 2825 description 2826 "Service provider well known profile."; 2827 } 2828 description 2829 "Service provider well known profile."; 2830 } 2831 case fixed { 2832 leaf fixed-value { 2833 type uint32; 2834 units "msec"; 2835 description 2836 "Expected hold time expressed in msec."; 2837 } 2838 } 2839 description 2840 "Choice for hold time flavor."; 2841 } 2842 description 2843 "Container for BFD."; 2844 } 2845 container member-link-list { 2846 list member-link { 2847 key "name"; 2848 leaf name { 2849 type string; 2850 description 2851 "Member link name"; 2852 } 2853 leaf port-speed { 2854 type uint32; 2855 description 2856 "Port speed"; 2857 } 2858 leaf mode { 2859 type neg-mode; 2860 description 2861 "Negotiation mode"; 2862 } 2863 leaf link-mtu { 2864 type uint32; 2865 description 2866 "Link MTU size."; 2867 } 2868 container oam-802.3ah-link { 2869 if-feature "oam-3ah"; 2870 leaf enable { 2871 type boolean; 2872 description 2873 "Indicate whether support oam 802.3 ah link"; 2874 } 2875 description 2876 "Container for oam 802.3 ah link."; 2877 } 2878 description 2879 "Member link"; 2880 } 2881 description 2882 "Container of Member link list"; 2883 } 2884 leaf flow-control { 2885 type string; 2886 description 2887 "Flow control"; 2888 } 2889 leaf lldp { 2890 type boolean; 2891 description 2892 "LLDP"; 2893 } 2894 description 2895 "LACP"; 2896 } 2897 description 2898 "Grouping for lacp"; 2899 } 2901 grouping phy-interface-grouping { 2902 container phy-interface { 2903 leaf port-number { 2904 type uint32; 2905 description 2906 "Port number"; 2907 } 2908 leaf port-speed { 2909 type uint32; 2910 description 2911 "Port speed"; 2912 } 2913 leaf mode { 2914 type neg-mode; 2915 description 2916 "Negotiation mode"; 2917 } 2918 leaf phy-mtu { 2919 type uint32; 2920 description 2921 "PHY MTU"; 2922 } 2923 leaf flow-control { 2924 type string; 2925 description 2926 "Flow control"; 2927 } 2928 leaf physical-if { 2929 type string; 2930 description 2931 "Physical interface"; 2933 } 2934 leaf circuit-id { 2935 type string; 2936 description 2937 "Circuit ID"; 2938 } 2939 leaf lldp { 2940 type boolean; 2941 description 2942 "LLDP"; 2943 } 2944 container oam-802.3ah-link { 2945 if-feature "oam-3ah"; 2946 leaf enable { 2947 type boolean; 2948 description 2949 "Indicate whether support oam 802.3 ah link"; 2950 } 2951 description 2952 "Container for oam 802.3 ah link."; 2953 } 2954 leaf uni-loop-prevention { 2955 type boolean; 2956 description 2957 "If this leaf set to truth that the port automatically 2958 goes down when a physical loopback is detect."; 2959 } 2960 description 2961 "Container of PHY Interface Attributes configurations"; 2962 } 2963 description 2964 "Grouping for phy interface."; 2965 } 2967 grouping lag-interface-grouping { 2968 container lag-interface { 2969 if-feature "lag-interface"; 2970 list lag-interface { 2971 key "lag-interface-number"; 2972 leaf lag-interface-number { 2973 type uint32; 2974 description 2975 "LAG interface number"; 2976 } 2977 uses lacp-grouping; 2978 description 2979 "List of LAG interfaces"; 2980 } 2981 description 2982 "Container of LAG interface attributes configuration"; 2983 } 2984 description 2985 "Grouping for LAG interface"; 2986 } 2988 grouping dot1q-interface-grouping { 2989 container dot1q-interface { 2990 leaf l2-access-type { 2991 type identityref { 2992 base l2-access-type; 2993 } 2994 description 2995 "L2 Access Encapsulation Type"; 2996 } 2997 container dot1q { 2998 when "'../l2-access-type'='dot1q'"; 2999 if-feature "dot1q"; 3000 leaf physical-inf { 3001 type string; 3002 description 3003 "Physical Interface"; 3004 } 3005 leaf c-vlan-id { 3006 type uint32; 3007 description 3008 "VLAN identifier"; 3009 } 3010 description 3011 "Qot1q"; 3012 } 3013 container sub-inf { 3014 when "'../l2-access-type'='sub-interface'"; 3015 if-feature "sub-inf"; 3016 leaf interface-description { 3017 type string; 3018 description 3019 "Interface description"; 3020 } 3021 leaf sub-if-id { 3022 type uint32; 3023 description 3024 "Sub interface ID"; 3025 } 3026 description 3027 "sub interface"; 3028 } 3029 container qinq { 3030 when "'../l2-access-type'='qinq'"; 3031 if-feature "qinq"; 3032 leaf s-vlan-id { 3033 type uint32; 3034 description 3035 "S-VLAN Identifier"; 3036 } 3037 leaf c-vlan-id { 3038 type uint32; 3039 description 3040 "C-VLAN Identifier"; 3041 } 3042 description 3043 "QinQ"; 3044 } 3045 container qinany { 3046 if-feature "qinany"; 3047 leaf s-vlan-id { 3048 type uint32; 3049 description 3050 "S-Vlan ID"; 3051 } 3052 description 3053 "Container for Q in Any"; 3054 } 3055 container atm { 3056 when "'../l2-access-type'='atm'"; 3057 if-feature "atm"; 3058 leaf vpi { 3059 type uint32; 3060 description 3061 "VPI Identifier"; 3062 } 3063 leaf vci { 3064 type uint32; 3065 description 3066 "VCI Identifier"; 3067 } 3068 description 3069 "ATM Cell."; 3070 } 3071 container vxlan { 3072 when "'../l2-access-type'='vxlan'"; 3073 if-feature "vxlan"; 3074 leaf vni-id { 3075 type uint32; 3076 description 3077 "VNI Identifier"; 3078 } 3079 leaf peer-mode { 3080 type identityref { 3081 base vxlan-peer-mode; 3082 } 3083 description 3084 "specify the vxlan access mode"; 3085 } 3086 list peer-list { 3087 key "peer-ip"; 3088 leaf peer-ip { 3089 type inet:ip-address; 3090 description 3091 "Peer IP"; 3092 } 3093 description 3094 "List for peer IP"; 3095 } 3096 description 3097 "QinQ"; 3098 } 3099 description 3100 "Container for dot1Q Interface"; 3101 } 3102 description 3103 "Grouping for Layer2 access"; 3104 } 3106 grouping ethernet-connection-grouping { 3107 container connection { 3108 leaf port-id { 3109 type string; 3110 description 3111 "Reference to the Port-id. 3112 The semantic of the Port-Id depends on the vendor's 3113 semantic. i.e ge-X/Y/Z , xe-X/Y/Z , et-X/Y/Z,AeXXX.YYY, 3114 aeXXX,GigabitEthernetX/Y/Z"; 3115 } 3117 leaf encapsulation-type { 3118 type identityref { 3119 base encapsulation-type; 3120 } 3121 description 3122 "Encapsulation Type"; 3123 } 3124 leaf-list eth-inf-type { 3125 type identityref { 3126 base eth-inf-type; 3127 } 3128 description 3129 "Ethernet Interface Type"; 3130 } 3131 uses dot1q-interface-grouping; 3132 uses phy-interface-grouping; 3133 uses lag-interface-grouping; 3134 uses cvlan-svc-map-grouping; 3135 uses split-horizon-group; 3136 uses l2cp-grouping; 3137 description 3138 "Container for bearer"; 3139 } 3140 description 3141 "Grouping for bearer."; 3142 } 3144 grouping svc-mtu-grouping { 3145 leaf svc-mtu { 3146 type uint32; 3147 description 3148 "SVC MTU, it is also known as the maximum transmission unit 3149 or maximum frame size,When a frame is larger than the MTU, 3150 it is broken down, or fragmented, into smaller pieces by the 3151 network protocol to accommodate the MTU of the network"; 3152 } 3153 description 3154 "Grouping for service mtu."; 3155 } 3157 grouping svc-preservation-grouping { 3158 leaf ce-vlan-preservation { 3159 type boolean; 3160 description 3161 "Preserve the CE-VLAN ID from ingress to egress,i.e., 3162 CE-VLAN tag of the egress frame are identical to 3163 those of the ingress frame that yielded this egress 3164 service frame. If All-to-One bundling within a site 3165 is Enabled, then preservation applies to all Ingress 3166 service frames. If All-to-One bundling is Disabled, 3167 then preservation applies to tagged Ingress service 3168 frames having CE-VLAN ID 1 through 4094."; 3169 } 3170 leaf ce-vlan-cos-perservation { 3171 type boolean; 3172 description 3173 "CE vlan CoS preservation. PCP bits in the CE-VLAN tag 3174 of the egress frame are identical to those of the ingress 3175 frame that yielded this egress service frame."; 3176 } 3177 description 3178 "Grouping for service preservation."; 3179 } 3181 grouping mac-addr-limit-grouping { 3182 container mac-addr-limit { 3183 leaf mac-num-limit { 3184 type uint16; 3185 description 3186 "maximum number of MAC addresses learned from 3187 the subscriber for a single service instance."; 3188 } 3189 leaf time-interval { 3190 type uint32; 3191 units "milliseconds"; 3192 description 3193 "The aging time of the mac address."; 3194 } 3195 leaf action { 3196 type identityref { 3197 base mac-action; 3198 } 3199 description 3200 "specify the action when the upper limit is 3201 exceeded: drop the packet, flood the 3202 packet, or simply send a warning log message."; 3203 } 3204 description 3205 "Container of MAC-Addr limit configurations"; 3206 } 3207 description 3208 "Grouping for mac address limit"; 3209 } 3211 grouping availability-grouping { 3212 container availability { 3213 leaf access-priority { 3214 type uint32; 3215 description 3216 "Access priority"; 3217 } 3218 choice redundancy-mode { 3219 case single-active { 3220 leaf single-active { 3221 type boolean; 3222 description 3223 "Single active"; 3224 } 3225 description 3226 "Single active case"; 3227 } 3228 case all-active { 3229 leaf all-active { 3230 type boolean; 3231 description 3232 "All active"; 3233 } 3234 description 3235 "All active case"; 3236 } 3237 description 3238 "Redundancy mode choice"; 3239 } 3240 description 3241 "Container of availability optional configurations"; 3242 } 3243 description 3244 "Grouping for availability"; 3245 } 3247 grouping l2cp-grouping { 3248 container l2cp-control { 3249 if-feature "l2cp-control"; 3250 leaf stp-rstp-mstp { 3251 type control-mode; 3252 description 3253 "STP/RSTP/MSTP protocol type applicable to all UNIs"; 3254 } 3255 leaf pause { 3256 type control-mode; 3257 description 3258 "Pause protocol type applicable to all UNIs"; 3259 } 3260 leaf lacp-lamp { 3261 type control-mode; 3262 description 3263 "LACP/LAMP "; 3264 } 3265 leaf link-oam { 3266 type control-mode; 3267 description 3268 "Link OAM"; 3270 } 3271 leaf esmc { 3272 type control-mode; 3273 description 3274 "ESMC"; 3275 } 3276 leaf l2cp-802.1x { 3277 type control-mode; 3278 description 3279 "802.x"; 3280 } 3281 leaf e-lmi { 3282 type control-mode; 3283 description 3284 "E-LMI"; 3285 } 3286 leaf lldp { 3287 type boolean; 3288 description 3289 "LLDP protocol type applicable to all UNIs"; 3290 } 3291 leaf ptp-peer-delay { 3292 type control-mode; 3293 description 3294 "PTP peer delay"; 3295 } 3296 leaf garp-mrp { 3297 type control-mode; 3298 description 3299 "GARP/MRP"; 3300 } 3301 description 3302 "Container of L2CP control configurations"; 3303 } 3304 description 3305 "Grouping for l2cp control"; 3306 } 3308 grouping B-U-M-grouping { 3309 container broadcast-unknown-unicast-multicast { 3310 leaf multicast-site-type { 3311 type enumeration { 3312 enum receiver-only { 3313 description 3314 "The site only has receivers."; 3315 } 3316 enum source-only { 3317 description 3318 "The site only has sources."; 3319 } 3320 enum source-receiver { 3321 description 3322 "The site has both sources and receivers."; 3323 } 3324 } 3325 default "source-receiver"; 3326 description 3327 "Type of multicast site."; 3328 } 3329 list multicast-gp-address-mapping { 3330 key "id"; 3331 leaf id { 3332 type uint16; 3333 description 3334 "Unique identifier for the mapping."; 3335 } 3336 leaf vlan-id { 3337 type uint32; 3338 description 3339 "the VLAN ID of the Multicast group"; 3340 } 3341 leaf mac-gp-address { 3342 type yang:mac-address; 3343 description 3344 "the MAC address of the Multicast group"; 3345 } 3346 leaf port-lag-number { 3347 type uint32; 3348 description 3349 "the ports/LAGs belonging to the Multicast group"; 3350 } 3351 description 3352 "List of Port to group mappings."; 3353 } 3354 leaf bum-overall-rate { 3355 type uint32; 3356 description 3357 "overall rate for BUM"; 3358 } 3359 list bum-rate-per-type { 3360 key "type"; 3361 leaf type { 3362 type identityref { 3363 base bum-type; 3364 } 3365 description 3366 "BUM type"; 3367 } 3368 leaf rate { 3369 type uint32; 3370 description 3371 "rate for BUM"; 3372 } 3373 description 3374 "List of rate per type"; 3375 } 3376 description 3377 "Container of broadcast, unknown unicast, and multicast 3378 configurations"; 3379 } 3380 description 3381 "Grouping for broadcast, unknown unicast, and multicast "; 3382 } 3384 grouping mac-loop-prevention-grouping { 3385 container mac-loop-prevention { 3386 leaf frequency { 3387 type uint32; 3388 description 3389 "Frequency"; 3390 } 3391 leaf protection-type { 3392 type identityref { 3393 base loop-prevention-type; 3394 } 3395 description 3396 "Protection type"; 3397 } 3398 leaf number-retries { 3399 type uint32; 3400 description 3401 "Number of retries"; 3402 } 3403 description 3404 "Container of MAC loop prevention."; 3405 } 3406 description 3407 "Grouping for MAC loop prevention"; 3408 } 3410 grouping ethernet-svc-oam-grouping { 3411 container ethernet-service-oam { 3412 leaf md-name { 3413 type string; 3414 description 3415 "Maintenance domain name"; 3416 } 3417 leaf md-level { 3418 type uint8; 3419 description 3420 "Maintenance domain level"; 3421 } 3422 container cfm-802.1-ag { 3423 list n2-uni-c { 3424 key "maid"; 3425 uses cfm-802-grouping; 3426 description 3427 "List of UNI-N to UNI-C"; 3428 } 3429 list n2-uni-n { 3430 key "maid"; 3431 uses cfm-802-grouping; 3432 description 3433 "List of UNI-N to UNI-N"; 3434 } 3435 description 3436 "Container of 802.1ag CFM configurations."; 3437 } 3438 uses y-1731; 3439 description 3440 "Container for Ethernet service OAM."; 3441 } 3442 description 3443 "Grouping for Ethernet service OAM."; 3444 } 3446 grouping fate-sharing-group { 3447 container groups { 3448 leaf fate-sharing-group-size { 3449 type uint16; 3450 description 3451 "Fate sharing group size."; 3452 } 3453 leaf group-color { 3454 type string; 3455 description 3456 "Group color associated with a particular VPN."; 3457 } 3458 list group { 3459 key "group-id"; 3460 leaf group-id { 3461 type string; 3462 description 3463 "Group-id the site network access 3464 is belonging to"; 3465 } 3466 description 3467 "List of group-id"; 3468 } 3469 description 3470 "Groups the fate sharing group member 3471 is belonging to"; 3472 } 3473 description 3474 "Grouping for Fate sharing group."; 3475 } 3477 grouping site-group { 3478 container groups { 3479 list group { 3480 key "group-id"; 3481 leaf group-id { 3482 type string; 3483 description 3484 "Group-id the site is belonging to"; 3485 } 3486 description 3487 "List of group-id"; 3488 } 3489 description 3490 "Groups the site or vpn-network-access 3491 is belonging to."; 3492 } 3493 description 3494 "Grouping definition to assign 3495 group-ids to site or vpn-network-access"; 3496 } 3498 grouping access-diversity { 3499 container access-diversity { 3500 if-feature "site-diversity"; 3501 uses fate-sharing-group; 3502 container constraints { 3503 list constraint { 3504 key "constraint-type"; 3505 leaf constraint-type { 3506 type identityref { 3507 base placement-diversity; 3508 } 3509 description 3510 "Diversity constraint type."; 3511 } 3512 container target { 3513 choice target-flavor { 3514 case id { 3515 list group { 3516 key "group-id"; 3517 leaf group-id { 3518 type string; 3519 description 3520 "The constraint will apply 3521 against this particular 3522 group-id"; 3523 } 3524 description 3525 "List of groups"; 3526 } 3527 } 3528 case all-accesses { 3529 leaf all-other-accesses { 3530 type empty; 3531 description 3532 "The constraint will apply 3533 against all other site network 3534 access of this site"; 3535 } 3536 } 3537 case all-groups { 3538 leaf all-other-groups { 3539 type empty; 3540 description 3541 "The constraint will apply 3542 against all other groups the 3543 customer is managing"; 3544 } 3545 } 3546 description 3547 "Choice for the group definition"; 3548 } 3549 description 3550 "The constraint will apply against 3551 this list of groups"; 3552 } 3553 description 3554 "List of constraints"; 3555 } 3556 description 3557 "Constraints for placing this site 3558 network access"; 3559 } 3560 description 3561 "Diversity parameters."; 3562 } 3563 description 3564 "This grouping defines access diversity 3565 parameters"; 3566 } 3568 grouping request-type-profile-grouping { 3569 container request-type-profile { 3570 choice request-type-choice { 3571 case dot1q-case { 3572 container dot1q { 3573 leaf physical-if { 3574 type string; 3575 description 3576 "Physical interface"; 3577 } 3578 leaf vlan-id { 3579 type uint16; 3580 description 3581 "VLAN ID"; 3582 } 3583 description 3584 "Container for dot1q."; 3585 } 3586 description 3587 "Case for dot1q"; 3588 } 3589 case physical-case { 3590 leaf physical-if { 3591 type string; 3592 description 3593 "Physical interface"; 3594 } 3595 leaf circuit-id { 3596 type string; 3597 description 3598 "Circuit ID"; 3599 } 3600 description 3601 "Physical case"; 3602 } 3603 description 3604 "Choice for request type"; 3605 } 3606 description 3607 "Container for request type profile."; 3608 } 3609 description 3610 "Grouping for request type profile"; 3611 } 3613 grouping site-attachment-bearer { 3614 container bearer { 3615 container requested-type { 3616 if-feature "requested-type"; 3617 leaf requested-type { 3618 type string; 3619 description 3620 "Type of requested bearer Ethernet, ATM, Frame 3621 Relay, IP Layer 2 Transport, Frame Relay DLCI, 3622 SONET/SDH,PPP."; 3623 } 3624 leaf strict { 3625 type boolean; 3626 default "false"; 3627 description 3628 "Define if the requested-type is a preference 3629 or a strict requirement."; 3630 } 3631 description 3632 "Container for requested type."; 3633 } 3634 leaf always-on { 3635 if-feature "always-on"; 3636 type boolean; 3637 default "true"; 3638 description 3639 "Request for an always on access type. 3640 This means no Dial access type for 3641 example."; 3642 } 3643 leaf bearer-reference { 3644 if-feature "bearer-reference"; 3645 type string; 3646 description 3647 "This is an internal reference for the 3648 service provider."; 3649 } 3650 description 3651 "Bearer specific parameters. 3652 To be augmented."; 3653 } 3654 description 3655 "Grouping to define physical properties of 3656 a site attachment."; 3657 } 3659 grouping vpn-attachment-grouping { 3660 container vpn-attachment { 3661 leaf device-id { 3662 type string; 3663 description 3664 "Device ID"; 3665 } 3666 container management { 3667 leaf address-family { 3668 type identityref { 3669 base address-family; 3670 } 3671 description 3672 "Address family used for management."; 3673 } 3674 leaf address { 3675 type inet:ip-address; 3676 description 3677 "Management address"; 3678 } 3679 description 3680 "Management configuration.."; 3681 } 3682 choice attachment-flavor { 3683 case vpn-flavor { 3684 list vpn-flavor { 3685 key "vpn-id"; 3686 leaf vpn-id { 3687 type leafref { 3688 path "/l2vpn-ntw/vpn-services" 3689 + "/vpn-service/vpn-id"; 3690 } 3691 description 3692 "Reference to a VPN."; 3693 } 3694 leaf site-role { 3695 type identityref { 3696 base site-role; 3697 } 3698 default "any-to-any-role"; 3699 description 3700 "Role of the site in the IPVPN."; 3701 } 3702 description 3703 "List of IPVPNs attached by the Site Network Access"; 3704 } 3705 } 3706 case vpn-policy-id { 3707 leaf vpn-policy-id { 3708 type leafref { 3709 path "/l2vpn-ntw/sites/site/vpn-policies/vpn-policy/"+ 3710 "vpn-policy-id"; 3711 } 3712 description 3713 "Reference to a vpn policy"; 3714 } 3715 } 3716 mandatory true; 3717 description 3718 "Choice for VPN attachment flavor."; 3719 } 3720 description 3721 "Defines VPN attachment of a site."; 3722 } 3723 description 3724 "Grouping for access attachment"; 3725 } 3727 grouping site-service-basic { 3728 container svc-input-bandwidth { 3729 if-feature "input-bw"; 3730 list input-bandwidth { 3731 key "type"; 3732 leaf type { 3733 type identityref { 3734 base bw-type; 3735 } 3736 description 3737 "Bandwidth Type"; 3738 } 3739 leaf cos-id { 3740 type uint8; 3741 description 3742 "Identifier of Class of Service 3743 , indicated by DSCP or a CE-CLAN 3744 CoS(802.1p)value in the service frame."; 3745 } 3746 leaf vpn-id { 3747 type svc-id; 3748 description 3749 "Identifies the target VPN."; 3751 } 3752 leaf cir { 3753 type uint64; 3754 description 3755 "Committed Information Rate. The maximum number of 3756 bits that a port can receive or send during 3757 one-second over an interface."; 3758 } 3759 leaf cbs { 3760 type uint64; 3761 description 3762 "Committed Burst Size.CBS controls the bursty nature 3763 of the traffic. Traffic that does not use the 3764 configured CIR accumulates credits until the credits 3765 reach the configured CBS."; 3766 } 3767 leaf eir { 3768 type uint64; 3769 description 3770 "Excess Information Rate,i.e.,Excess frame delivery 3771 allowed not subject to SLA.The traffic rate can be 3772 limited by eir."; 3773 } 3774 leaf ebs { 3775 type uint64; 3776 description 3777 "Excess Burst Size. The bandwidth available for burst 3778 traffic from the EBS is subject to the amount of 3779 bandwidth that is accumulated during periods when 3780 traffic allocated by the EIR policy is not used."; 3781 } 3782 leaf pir { 3783 type uint64; 3784 description 3785 "Peak Information Rate, i.e., maixmum frame delivery 3786 allowed. It is equal to or less than sum of cir and 3787 eir."; 3788 } 3789 leaf pbs { 3790 type uint64; 3791 description 3792 "Peak Burst Size. It is measured in bytes per second."; 3793 } 3794 description 3795 "List for input bandwidth"; 3796 } 3797 description 3798 "From the PE perspective, the service input 3799 bandwidth of the connection."; 3800 } 3801 container svc-output-bandwidth { 3802 if-feature "output-bw"; 3803 list output-bandwidth { 3804 key "type"; 3805 leaf type { 3806 type identityref { 3807 base bw-type; 3808 } 3809 description 3810 "Bandwidth Type"; 3811 } 3812 leaf cos-id { 3813 type uint8; 3814 description 3815 "Identifier of Class of Service 3816 , indicated by DSCP or a CE-CLAN 3817 CoS(802.1p)value in the service frame."; 3818 } 3819 leaf vpn-id { 3820 type svc-id; 3821 description 3822 "Identifies the target VPN."; 3823 } 3824 leaf cir { 3825 type uint64; 3826 description 3827 "Committed Information Rate. The maximum number of 3828 bits that a port can receive or send during 3829 one-second over an interface."; 3830 } 3831 leaf cbs { 3832 type uint64; 3833 description 3834 "Committed Burst Size.CBS controls the bursty nature 3835 of the traffic. Traffic that does not use the 3836 configured CIR accumulates credits until the credits 3837 reach the configured CBS."; 3838 } 3839 leaf eir { 3840 type uint64; 3841 description 3842 "Excess Information Rate,i.e.,Excess frame delivery 3843 allowed not subject to SLA.The traffic rate can be 3844 limited by eir."; 3845 } 3846 leaf ebs { 3847 type uint64; 3848 description 3849 "Excess Burst Size. The bandwidth available for burst 3850 traffic from the EBS is subject to the amount of 3851 bandwidth that is accumulated during periods when 3852 traffic allocated by the EIR policy is not used."; 3853 } 3854 leaf pir { 3855 type uint64; 3856 description 3857 "Peak Information Rate, i.e., maixmum frame delivery 3858 allowed. It is equal to or less than sum of cir and 3859 eir."; 3860 } 3861 leaf pbs { 3862 type uint64; 3863 description 3864 "Peak Burst Size. It is measured in bytes per second."; 3865 } 3866 description 3867 "List for output bandwidth"; 3868 } 3869 description 3870 "From the PE perspective, the service output 3871 bandwidth of the connection."; 3872 } 3873 description 3874 "Grouping for site service"; 3875 } 3877 grouping flow-definition { 3878 container match-flow { 3879 leaf dscp { 3880 type inet:dscp; 3881 description 3882 "DSCP value."; 3883 } 3884 leaf dot1q { 3885 type uint32; 3886 description 3887 "802.1q matching. It is VLAN Tag added into frame."; 3888 } 3889 leaf pcp { 3890 type uint8 { 3891 range "0 .. 7"; 3892 } 3893 description 3894 "PCP value"; 3896 } 3898 uses pf:acl-eth-header-fields; 3899 leaf color-type { 3900 type identityref { 3901 base color-type; 3902 } 3903 description 3904 "Color Types"; 3905 } 3906 leaf-list target-sites { 3907 type svc-id; 3908 description 3909 "Identify a site as traffic destination."; 3910 } 3911 leaf any { 3912 type empty; 3913 description 3914 "Allow all."; 3915 } 3916 leaf vpn-id { 3917 type svc-id; 3918 description 3919 "Reference to the target VPN."; 3920 } 3921 description 3922 "Describe flow matching criteria."; 3923 } 3924 description 3925 "Flow definition based on criteria."; 3926 } 3928 grouping services-grouping { 3929 container service { 3930 uses site-service-qos-profile; 3931 description 3932 "Container for service"; 3933 } 3934 description 3935 "Grouping for Services"; 3936 } 3938 grouping service-grouping { 3939 container service { 3940 uses site-service-basic; 3941 uses site-service-qos-profile; 3942 uses svc-precedence; 3943 description 3944 "Container for service"; 3945 } 3946 description 3947 "Grouping for service."; 3948 } 3950 grouping site-service-qos-profile { 3951 container qos { 3952 if-feature "qos"; 3953 container classification-policy { 3954 list rule { 3955 key "id"; 3956 ordered-by user; 3957 leaf id { 3958 type string; 3959 description 3960 "A description identifying qos classification 3961 policy rule."; 3962 } 3963 choice match-type { 3964 default "match-flow"; 3965 case match-flow { 3966 container match-flow { 3967 leaf dscp { 3968 type inet:dscp; 3969 description 3970 "DSCP value."; 3971 } 3972 leaf dot1q { 3973 type uint16; 3974 description 3975 "802.1q matching. It is VLAN Tag added into 3976 frame."; 3977 } 3978 leaf pcp { 3979 type uint8 { 3980 range "0 .. 7"; 3981 } 3982 description 3983 "PCP value."; 3984 } 3985 uses pf:acl-eth-header-fields; 3986 leaf color-type { 3987 type identityref { 3988 base color-type; 3989 } 3990 description 3991 "Color Types."; 3993 } 3994 leaf-list target-sites { 3995 if-feature "target-sites"; 3996 type svc-id; 3997 description 3998 "Identify a site as traffic destination."; 3999 } 4000 leaf any { 4001 type empty; 4002 description 4003 "Allow all."; 4004 } 4005 leaf vpn-id { 4006 type svc-id; 4007 description 4008 "Reference to the target VPN."; 4009 } 4010 description 4011 "Describe flow matching criteria."; 4012 } 4013 } 4014 case match-application { 4015 leaf match-application { 4016 type identityref { 4017 base customer-application; 4018 } 4019 description 4020 "Defines the application to match."; 4021 } 4022 } 4023 description 4024 "Choice for classification"; 4025 } 4026 leaf target-class-id { 4027 type string; 4028 description 4029 "Identification of the class of service. 4030 This identifier is internal to the 4031 administration."; 4032 } 4033 description 4034 "List of marking rules."; 4035 } 4036 description 4037 "Configuration of the traffic classification policy."; 4038 } 4039 container qos-profile { 4040 leaf profile { 4041 type leafref { 4042 path "/l2vpn-ntw/vpn-profiles/" 4043 + "valid-provider-identifiers" 4044 + "/qos-profile-identifier"; 4045 } 4046 description 4047 "QoS profile configuration."; 4048 } 4049 description 4050 "QoS profile configuration."; 4051 } 4052 description 4053 "QoS configuration."; 4054 } 4055 description 4056 "This grouping defines QoS parameters 4057 for a site"; 4058 } 4060 /* MAIN L2VPN SERVICE */ 4062 container l2vpn-ntw { 4063 container vpn-profiles { 4064 container valid-provider-identifiers { 4065 leaf-list cloud-identifier { 4066 if-feature "cloud-access"; 4067 type string; 4068 description 4069 "Identification of public cloud service 4070 or internet service. Local administration 4071 meaning."; 4072 } 4073 leaf-list qos-profile-identifier { 4074 type string; 4075 description 4076 "Identification of the QoS Profile to be used. 4077 Local administration meaning."; 4078 } 4079 leaf-list bfd-profile-identifier { 4080 type string; 4081 description 4082 "Identification of the SP BFD Profile to be used. 4083 Local administration meaning."; 4084 } 4085 leaf-list remote-carrier-identifier { 4086 type string; 4087 description 4088 "Identification of the remote carrier name to be used. 4090 It can be L2VPN partner, Data center service provider 4091 or private cloud service provider. Local administration 4092 meaning."; 4093 } 4094 nacm:default-deny-write; 4095 description 4096 "Container for Valid Provider Identifies."; 4097 } 4098 description 4099 "Container for VPN Profiles."; 4100 } 4101 container vpn-services { 4102 list vpn-service { 4103 key "vpn-id"; 4104 leaf vpn-id { 4105 type svc-id; 4106 description 4107 "Refers to unique identifier for the L2NM."; 4108 } 4109 leaf l2sm-vpn-id { 4110 type svc-id; 4111 description 4112 "Pointer to the L2SM service."; 4113 } 4114 leaf vpn-svc-type { 4115 type identityref { 4116 base service-type; 4117 } 4118 description 4119 "Service type"; 4120 } 4121 leaf customer-name { 4122 type string; 4123 description 4124 "Customer name"; 4125 } 4126 leaf svc-topo { 4127 type identityref { 4128 base vpn-topology; 4129 } 4130 description 4131 "Defining service topology, such as 4132 any-to-any,hub-spoke, etc."; 4133 } 4134 uses l3vpn-ntw:service-status; 4135 uses site-service; 4136 uses vpn-service-multicast; 4137 uses vpn-extranet; 4138 uses svc-mtu-grouping; 4139 uses svc-preservation-grouping; 4140 uses l3vpn-ntw:svc-transport-encapsulation; 4141 container vpn-nodes { 4142 list vpn-node { 4143 key "vpn-node-id ne-id"; 4144 leaf vpn-node-id { 4145 type string; 4146 description 4147 ""; 4148 } 4149 leaf description { 4150 type string; 4151 description 4152 "Textual description of a VPN node."; 4153 } 4154 leaf node-role { 4155 type identityref { 4156 base site-role; 4157 } 4158 default "any-to-any-role"; 4159 description 4160 "Role of the vpn-node in the IP VPN."; 4161 } 4162 leaf ne-id { 4163 type string; 4164 description 4165 "NE IP address"; 4166 } 4167 leaf port-id { 4168 type string; 4169 description 4170 "NE Port-id"; 4171 } 4172 uses signaling-options-grouping; 4173 container vpn-network-accesses { 4174 list vpn-network-access { 4175 key "network-access-id"; 4176 leaf network-access-id { 4177 type string; 4178 description 4179 "Identifier of network access"; 4180 } 4181 leaf description { 4182 type string; 4183 description 4184 "String to describe the element."; 4185 } 4186 leaf remote-carrier-name { 4187 when "'../site-type' = 'enni'" { 4188 description 4189 "Site type = enni"; 4190 } 4191 type string; 4192 description 4193 "Remote carrier name"; 4194 } 4195 leaf Interface-mtu { 4196 type uint32; 4197 description 4198 "Interface MTU, it is also known as the maximum 4199 transmission unit or maximum frame size. When a 4200 frame is larger than the MTU, it is broken down, 4201 or fragmented, into smaller pieces by the 4202 network protocol to accommodate the MTU of the 4203 network"; 4204 } 4205 uses l3vpn-ntw:service-status; 4206 uses access-diversity; 4207 uses ethernet-connection-grouping; 4208 uses availability-grouping; 4209 uses service-grouping; 4210 uses B-U-M-grouping; 4211 uses ethernet-svc-oam-grouping; 4212 uses mac-loop-prevention-grouping; 4213 uses acl-grouping; 4214 uses mac-addr-limit-grouping; 4215 description 4216 "List of VPN Network Accesses."; 4217 } 4218 description 4219 "List of VPN Nodes."; 4220 } 4221 description 4222 "Container of VPN Nodes."; 4223 } 4224 description 4225 "List of vpn-svc"; 4226 } 4227 description 4228 "Container of port configurations"; 4229 } 4230 description 4231 "Container for L2VPN service"; 4232 } 4233 description 4234 "Container for VPN services."; 4235 } 4236 } 4237 4239 Figure 6 4241 6. Acknowledgements 4243 The authors would like to thank Tom Petch for the comments to improve 4244 the document. 4246 7. Contributors 4248 Daniel King 4249 Old Dog Consulting 4250 Email: daniel@olddog.co.uk 4252 Victor Lopez 4253 Telefonica 4254 Email: victor.lopezalvarez@telefonica.com 4256 Zhang Guiyu 4257 China Unicom 4258 Email: zhanggy113@chinaunicom.cn 4260 Qin Wu 4261 Huawei 4262 Email: bill.wu@huawei.com 4264 8. IANA Considerations 4266 This document requests IANA to register the following URI in the "ns" 4267 subregistry within the "IETF XML Registry" [RFC3688]: 4269 URI: urn:ietf:params:xml:ns:yang:ietf-l2vpn-ntw 4271 Registrant Contact: The IESG. 4273 XML: N/A; the requested URI is an XML namespace. 4275 This document requests IANA to register the following YANG module in 4276 the "YANG Module Names" subregistry [RFC6020] within the "YANG 4277 Parameters" registry. 4279 name: ietf-l2vpn-ntw 4281 namespace: urn:ietf:params:xml:ns:yang:ietf-l2vpn-ntw 4282 maintained by IANA: N 4284 prefix: l2vpn-ntw 4286 reference: RFC XXXX 4288 9. Security Considerations 4290 The YANG module specified in this document defines a schema for data 4291 that is designed to be accessed via network management protocols such 4292 as NETCONF [RFC6241] or RESTCONF [RFC8040] . The lowest NETCONF 4293 layer is the secure transport layer, and the mandatory-to-implement 4294 secure transport is Secure Shell (SSH) [RFC6242]. The lowest 4295 RESTCONF layer is HTTPS, and the mandatory-to-implement secure 4296 transport is TLS [RFC8466]. 4298 The Network Configuration Access Control Model (NACM) [RFC8341] 4299 provides the means to restrict access for particular NETCONF or 4300 RESTCONF users to a preconfigured subset of all available NETCONF or 4301 RESTCONF protocol operations and content. 4303 The ietf-l2vpn-ntw module is used to manage L2 VPNs in a service 4304 provider backbone network. Hence, the module can be used to request, 4305 modify, or retrieve L2VPN services. There are a number of data nodes 4306 defined in this YANG module that are writable/creatable/deletable 4307 (i.e., config true, which is the default). These data nodes MAY be 4308 considered sensitive or vulnerable in some network environments. 4309 Write operations (e.g., edit-config) and delete operations to these 4310 data nodes without proper protection or authentication can have a 4311 negative effect on network operations. These are the subtrees and 4312 data nodes and their sensitivity/vulnerability in the ietf-l2vpn-ntw 4313 module: 4315 o vpn-service: An attacker who is able to access network nodes can 4316 undertake various attacks, such as deleting a running L2 VPN 4317 Service, interrupting all the traffic of a client. 4319 Some of the readable data nodes in this YANG module may be considered 4320 sensitive or vulnerable in some network environments. It is thus 4321 important to control read access (e.g., via get, get-config, or 4322 notification) to these data nodes. These are the subtrees and data 4323 nodes and their sensitivity/vulnerability: 4325 o customer-name: An attacker can retrieve privacy-related 4326 information which can be used to track a customer. Disclosing 4327 such information may be considered as a violation of the customer- 4328 provider trust relationship. 4330 10. References 4332 10.1. Normative References 4334 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 4335 Requirement Levels", BCP 14, RFC 2119, 4336 DOI 10.17487/RFC2119, March 1997, 4337 . 4339 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 4340 DOI 10.17487/RFC3688, January 2004, 4341 . 4343 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 4344 the Network Configuration Protocol (NETCONF)", RFC 6020, 4345 DOI 10.17487/RFC6020, October 2010, 4346 . 4348 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 4349 and A. Bierman, Ed., "Network Configuration Protocol 4350 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 4351 . 4353 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 4354 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 4355 . 4357 [RFC7432] Sajassi, A., Ed., Aggarwal, R., Bitar, N., Isaac, A., 4358 Uttaro, J., Drake, J., and W. Henderickx, "BGP MPLS-Based 4359 Ethernet VPN", RFC 7432, DOI 10.17487/RFC7432, February 4360 2015, . 4362 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 4363 RFC 7950, DOI 10.17487/RFC7950, August 2016, 4364 . 4366 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 4367 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 4368 . 4370 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 4371 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 4372 May 2017, . 4374 [RFC8214] Boutros, S., Sajassi, A., Salam, S., Drake, J., and J. 4375 Rabadan, "Virtual Private Wire Service Support in Ethernet 4376 VPN", RFC 8214, DOI 10.17487/RFC8214, August 2017, 4377 . 4379 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration 4380 Access Control Model", STD 91, RFC 8341, 4381 DOI 10.17487/RFC8341, March 2018, 4382 . 4384 [RFC8466] Wen, B., Fioccola, G., Ed., Xie, C., and L. Jalil, "A YANG 4385 Data Model for Layer 2 Virtual Private Network (L2VPN) 4386 Service Delivery", RFC 8466, DOI 10.17487/RFC8466, October 4387 2018, . 4389 10.2. Informative References 4391 [RFC8309] Wu, Q., Liu, W., and A. Farrel, "Service Models 4392 Explained", RFC 8309, DOI 10.17487/RFC8309, January 2018, 4393 . 4395 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 4396 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 4397 . 4399 [RFC8453] Ceccarelli, D., Ed. and Y. Lee, Ed., "Framework for 4400 Abstraction and Control of TE Networks (ACTN)", RFC 8453, 4401 DOI 10.17487/RFC8453, August 2018, 4402 . 4404 Authors' Addresses 4406 Samier Barguil (editor) 4407 Telefonica 4408 Madrid 4409 ES 4411 Email: samier.barguilgiraldo.ext@telefonica.com 4413 Oscar Gonzalez de Dios (editor) 4414 Telefonica 4415 Madrid 4416 ES 4418 Email: oscar.gonzalezdedios@telefonica.com 4420 Mohamed Boucadair 4421 Orange 4422 France 4424 Email: "mohamed.boucadair@orange.com 4425 Luis Angel Munoz 4426 Vodafone 4427 ES 4429 Email: luis-angel.munoz@vodafone.com 4431 Luay Jalil 4432 Verizon 4433 USA 4435 Email: luay.jalil@verizon.com 4437 Jichun Ma 4438 China Unicom 4439 China 4441 Email: majc16@chinaunicom.cn