idnits 2.17.1 draft-bestbar-teas-yang-slice-policy-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document doesn't use any RFC 2119 keywords, yet seems to have RFC 2119 boilerplate text. -- The document date (July 12, 2021) is 1018 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-10) exists of draft-bestbar-teas-ns-packet-02 ** Downref: Normative reference to an Informational draft: draft-bestbar-teas-ns-packet (ref. 'I-D.bestbar-teas-ns-packet') == Outdated reference: A later version (-05) exists of draft-bestbar-teas-yang-topology-filter-00 == Outdated reference: A later version (-25) exists of draft-ietf-teas-ietf-network-slices-00 ** Downref: Normative reference to an Informational draft: draft-ietf-teas-ietf-network-slices (ref. 'I-D.ietf-teas-ietf-network-slices') Summary: 2 errors (**), 0 flaws (~~), 5 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 TEAS Working Group T. Saad 3 Internet-Draft V. Beeram 4 Intended status: Standards Track Juniper Networks 5 Expires: January 13, 2022 B. Wen 6 Comcast 7 D. Ceccarelli 8 Ericsson 9 S. Peng 10 R. Chen 11 ZTE Corporation 12 LM. Contreras 13 Telefonica 14 X. Liu 15 Volta Networks 16 July 12, 2021 18 YANG Data Model for Slice Policy 19 draft-bestbar-teas-yang-slice-policy-01 21 Abstract 23 A slice policy is a policy construct that enables instantiation of 24 mechanisms in support of IETF network slice specific control and data 25 plane behaviors on select topological elements. This document 26 defines a YANG data model for the management of slice policies on 27 slice policy capable nodes and controllers in IP/MPLS networks. 29 Requirements Language 31 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 32 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 33 "OPTIONAL" in this document are to be interpreted as described in BCP 34 14 [RFC2119] [RFC8174] when, and only when, they appear in all 35 capitals, as shown here. 37 Status of This Memo 39 This Internet-Draft is submitted in full conformance with the 40 provisions of BCP 78 and BCP 79. 42 Internet-Drafts are working documents of the Internet Engineering 43 Task Force (IETF). Note that other groups may also distribute 44 working documents as Internet-Drafts. The list of current Internet- 45 Drafts is at https://datatracker.ietf.org/drafts/current/. 47 Internet-Drafts are draft documents valid for a maximum of six months 48 and may be updated, replaced, or obsoleted by other documents at any 49 time. It is inappropriate to use Internet-Drafts as reference 50 material or to cite them other than as "work in progress." 52 This Internet-Draft will expire on January 13, 2022. 54 Copyright Notice 56 Copyright (c) 2021 IETF Trust and the persons identified as the 57 document authors. All rights reserved. 59 This document is subject to BCP 78 and the IETF Trust's Legal 60 Provisions Relating to IETF Documents 61 (https://trustee.ietf.org/license-info) in effect on the date of 62 publication of this document. Please review these documents 63 carefully, as they describe your rights and restrictions with respect 64 to this document. Code Components extracted from this document must 65 include Simplified BSD License text as described in Section 4.e of 66 the Trust Legal Provisions and are provided without warranty as 67 described in the Simplified BSD License. 69 Table of Contents 71 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 72 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 73 1.2. Tree Structure . . . . . . . . . . . . . . . . . . . . . 4 74 2. Slice Policy Data Model . . . . . . . . . . . . . . . . . . . 4 75 2.1. Model Usage . . . . . . . . . . . . . . . . . . . . . . . 4 76 2.2. Model Structure . . . . . . . . . . . . . . . . . . . . . 5 77 2.3. Per-Hop-Behaviors . . . . . . . . . . . . . . . . . . . . 6 78 2.4. Slice Policies . . . . . . . . . . . . . . . . . . . . . 6 79 2.4.1. Resource Reservation . . . . . . . . . . . . . . . . 7 80 2.4.2. Slice Selectors . . . . . . . . . . . . . . . . . . . 7 81 2.4.3. Per-Hop-Behavior . . . . . . . . . . . . . . . . . . 8 82 2.4.4. Member Topologies . . . . . . . . . . . . . . . . . . 9 83 2.5. YANG Module . . . . . . . . . . . . . . . . . . . . . . . 9 84 3. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 26 85 4. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 26 86 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 26 87 6. Security Considerations . . . . . . . . . . . . . . . . . . . 27 88 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 28 89 7.1. Normative References . . . . . . . . . . . . . . . . . . 28 90 7.2. Informative References . . . . . . . . . . . . . . . . . 29 91 Appendix A. Complete Model Tree Structure . . . . . . . . . . . 29 92 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 32 94 1. Introduction 96 An IETF network slice [I-D.ietf-teas-ietf-network-slices] is a well- 97 defined structure of connectivity requirements and associated network 98 behaviors. An IETF Network Slice Controller (NSC) can realize an 99 IETF network slice by mapping it to a slice aggregate 100 [I-D.bestbar-teas-ns-packet]. A slice aggregate comprises of one or 101 more IETF network slice traffic streams. The NSC uses a policy 102 construct called the slice policy to enable the instantiation of 103 mechanisms in support of IETF network slice specific control and data 104 plane behaviors on select topological elements. The enforcement of 105 the slice policy results in the creation of a slice aggregate. 107 A slice policy specifies the topology associated with the slice 108 aggregate and dictates how a slice aggregate can be realized in IP/ 109 MPLS networks using one of three modes. The slice policy dictates if 110 the partitioning of the shared network resources can be achieved in 111 (a) just the data plane or in (b) just the control plane or in (c) 112 both the control and data planes. 114 The slice policy modes (a) and (c) require the forwarding engine on 115 each slice policy capable node to identify the traffic belonging to a 116 specific slice aggregate and to apply the corresponding Per-Hop 117 Behavior (PHB) that determines the forwarding treatment of the 118 packets belonging to the slice aggregate. The identification of the 119 slice aggregate that the packet belongs to and the corresponding 120 forwarding treatment that needs to be applied to the packet is 121 dictated by the slice policy. 123 The slice policy modes (b) and (c) require the distributed/ 124 centralized resource reservation manager in the control plane to 125 manage slice aggregate resource reservation. The provisions for 126 enabling slice aggregate aware traffic engineering are dictated by 127 the slice policy. 129 This document defines a YANG data model for the management of slice 130 policies on slice policy capable nodes and controllers in IP/MPLS 131 networks. 133 1.1. Terminology 135 The terminology for describing YANG data models is found in 136 [RFC7950]. 138 The reader is expected to be familiar with the terminology specified 139 in [I-D.ietf-teas-ietf-network-slices] and 140 [I-D.bestbar-teas-ns-packet]. The term "Network Slice" used in this 141 document must be interpreted as "IETF Network Slice" 142 [I-D.ietf-teas-ietf-network-slices]. 144 1.2. Tree Structure 146 A simplified graphical representation of the data model is presented 147 in Appendix A of this document. The tree format defined in [RFC8340] 148 is used for the YANG data model tree representation. 150 2. Slice Policy Data Model 152 2.1. Model Usage 154 The onus is on the IETF network slice controller to consume the 155 service layer network slice intent and realize it with an appropriate 156 slice policy. Multiple IETF network slices can be mapped to the same 157 slice aggregate resulting in the application of the same slice 158 policy. The network wide consistent slice policy definition 159 (provided by the data model defined in this document) is distributed 160 to the slice policy capable nodes and controllers as shown in 161 Figure 1. The specification of the network slice intent on the 162 northbound interface of the controller and the mechanism used to 163 associate the network slice to a slice policy are outside the scope 164 of this document. 166 | 167 | IETF Network Slice 168 | (service) 169 +--------------------+ 170 | IETF Network | 171 | Slice Controller | 172 +--------------------+ 173 | 174 | Slice Policy 175 /|\ 176 / | \ 177 slice policy capable 178 nodes/controllers 179 / / | \ \ 180 v v v v v 181 xxxxxxxxxxxxxxxxxxxx 182 xxxx xxxx 183 xxxx Slice xxxx 184 xxxx Aggregate xxxx 185 xxxx xxxx 186 xxxxxxxxxxxxxxxxxxxx 188 <------ Path Control ------> 189 RSVP-TE/SR-Policy/SR-FlexAlgo 191 Figure 1: Slice Policy Instantiation 193 2.2. Model Structure 195 The high-level model structure defined by this document is as shown 196 below: 198 module: ietf-slice-policy 199 +--rw network-slicing! 200 +--rw phbs 201 | +--rw phb* [id] 202 | ............ 203 +--rw slice-policies 204 +--rw slice-policy* [name] 205 + ............ 206 +--rw resource-reservation 207 | ............ 208 +--rw slice-selectors 209 | +--rw slice-selector* [index] 210 | ............ 211 +--rw phb? slice-policy-phb-ref 212 +--rw member-topologies 213 +--rw member-topology* [topology-filter] 214 ............ 216 In addition to the set of slice policies, the top-level container 217 also includes a placeholder for the set of PHBs that are referenced 218 by the slice policies. 220 2.3. Per-Hop-Behaviors 222 The 'phbs' container carries a list of PHB entries. Each of these 223 entries can be referenced by one or more slice policies. A PHB entry 224 can either carry a reference to a generic PHB profile available on 225 the node or carry a custom PHB profile. The custom PHB profile 226 includes attributes to construct a slice aggregate specific QoS 227 profile and any classes within it. 229 +--rw phbs 230 | +--rw phb* [id] 231 | +--rw id uint16 232 | +--rw (profile-type)? 233 | +--:(profile) 234 | | +--rw profile? string 235 | +--:(custom-profile) 236 | ............ 238 2.4. Slice Policies 240 The 'slice-policies' container carries a list of slice policies. 241 Each slice-policy entry is identified by a name and holds the set of 242 attributes needed to instantiate a slice aggregate. The key elements 243 of each slice-policy entry are discussed in the following sub- 244 sections. 246 2.4.1. Resource Reservation 248 The 'resource-reservation' container carries data nodes that are used 249 to support slice aggregate aware bandwidth engineering. The data 250 nodes in this container facilitate preference-based preemption of 251 slice aggregate aware TE paths, sharing of resources amongst a group 252 of slice aggregates and backup slice aggregate path bandwidth 253 protection. 255 +--rw resource-reservation 256 | +--rw preference? uint16 257 | +--rw (max-bw-type)? 258 | | +--:(bw-value) 259 | | | +--rw maximum-bandwidth? uint64 260 | | +--:(bw-percentage) 261 | | +--rw maximum-bandwidth-percent? 262 | | rt-types:percentage 263 | +--rw shared-resource-groups* uint32 264 | +--rw protection 265 | +--rw backup-sa-id? uint32 266 | +--rw (backup-bw-type)? 267 | +--:(backup-bw-value) 268 | | +--rw backup-bandwidth? uint64 269 | +--:(backup-bw-percentage) 270 | +--rw backup-bandwidth-percent? 271 | rt-types:percentage 273 2.4.2. Slice Selectors 275 The 'slice-selectors' container carries a set of data plane field 276 selectors which are used to identify the packets belonging to the 277 given slice aggregate. Each slice-selector entry in the list has an 278 index associated with it. The slice selector with the lowest index 279 is the default slice selector used by all the topological elements 280 that are members of the given slice policy. The other entries are 281 used only when there is a need to override the default slice selector 282 on some select topological elements. 284 +--rw slice-selectors 285 | +--rw slice-selector* [index] 286 | +--rw index uint16 287 | +--rw mpls 288 | | +--rw (ss-mpls-type)? 289 | | +--:(label) 290 | | | +--rw (specification-type)? 291 | | | +--:(derived) 292 | | | | +--rw forwarding-label? empty 293 | | | +--:(explicit) 294 | | | +--rw label? 295 | | | | rt-types:mpls-label 296 | | | +--rw label-position? 297 | | | | identityref 298 | | | +--rw label-position-offset? uint8 299 | | +--:(label-ranges) 300 | | +--rw label-range* [index] 301 | | +--rw index string 302 | | +--rw start-label? 303 | | | rt-types:mpls-label 304 | | +--rw end-label? 305 | | | rt-types:mpls-label 306 | | +--rw label-position? 307 | | | identityref 308 | | +--rw label-position-offset? uint8 309 | +--rw ipv4 310 | | +--rw destination-prefix* inet:ipv4-prefix 311 | +--rw ipv6 312 | | +--rw (ss-ipv6-type)? 313 | | +--:(ipv6-destination) 314 | | | +--rw destination-prefix* 315 | | | inet:ipv6-prefix 316 | | +--:(ipv6-flow-label) 317 | | +--rw slid-flow-labels 318 | | +--rw slid-flow-label* [slid] 319 | | +--rw slid inet:ipv6-flow-label 320 | | +--rw bitmask? uint32 321 | +--rw acl-ref* slice-policy-acl-ref 323 2.4.3. Per-Hop-Behavior 325 The 'phb' leaf carries a reference to the appropriate PHB that needs 326 to be applied for the given slice aggregate. Unless specified 327 otherwise, this is the default phb to be used by all the topological 328 elements that are members of the given slice policy. 330 +--rw phb? slice-policy-phb-ref 332 2.4.4. Member Topologies 334 The 'member-topologies' container consists of a set of member 335 topologies. Each member topology references a topology filter 336 [I-D.bestbar-teas-yang-topology-filter]. The topological elements 337 that satisfy the membership criteria can optionally override the 338 default PHB and/or the default slice selector. 340 +--rw member-topologies 341 +--rw member-topology* [topology-filter] 342 +--rw topology-filter 343 | slice-policy-topo-filter-ref 344 +--rw slice-selector-override? slice-policy-ss-ref 345 +--rw phb-override? 346 slice-policy-phb-ref 348 2.5. YANG Module 350 file "ietf-slice-policy@2021-07-12.yang" 351 module ietf-slice-policy { 352 yang-version 1.1; 353 namespace "urn:ietf:params:xml:ns:yang:ietf-slice-policy"; 354 prefix sl-pol; 356 import ietf-inet-types { 357 prefix inet; 358 reference 359 "RFC 6991: Common YANG Data Types"; 360 } 361 import ietf-routing-types { 362 prefix rt-types; 363 reference 364 "RFC 8294: Common YANG Data Types for the Routing Area"; 365 } 366 import ietf-routing { 367 prefix rt; 368 reference 369 "RFC 8349: A YANG Data Model for Routing Management 370 (NMDA Version)"; 371 } 372 import ietf-access-control-list { 373 prefix acl; 374 reference 375 "RFC 8519: YANG Data Model for Network Access Control Lists 376 (ACLs)"; 377 } 378 import ietf-topology-filter { 379 prefix topo-filt; 380 reference 381 "I-D.bestbar-teas-yang-topology-filter: YANG Data Model 382 for Topology Filter"; 383 } 385 organization 386 "IETF Traffic Engineering Architecture and Signaling (TEAS) 387 Working Group."; 388 contact 389 "WG Web: 390 WG List: 392 Editor: Vishnu Pavan Beeram 393 395 Editor: Tarek Saad 396 398 Editor: Bin Wen 399 401 Editor: Daniele Ceccarelli 402 404 Editor: Shaofu Peng 405 407 Editor: Ran Chen 408 410 Editor: Luis M. Contreras 411 413 Editor: Xufeng Liu 414 "; 415 description 416 "This YANG module defines a data model for managing slice 417 policies on slice policy capable nodes and controllers. 419 Copyright (c) 2021 IETF Trust and the persons identified as 420 authors of the code. All rights reserved. 422 Redistribution and use in source and binary forms, with or 423 without modification, is permitted pursuant to, and subject to 424 the license terms contained in, the Simplified BSD License set 425 forth in Section 4.c of the IETF Trust's Legal Provisions 426 Relating to IETF Documents 427 (https://trustee.ietf.org/license-info). 429 This version of this YANG module is part of RFC XXXX; see the 430 RFC itself for full legal notices."; 432 revision 2021-07-12 { 433 description 434 "Initial revision."; 435 reference 436 "RFC XXXX: YANG Data Model for Slice Policies."; 437 } 439 /* 440 * I D E N T I T I E S 441 */ 443 /* 444 * Identity - MPLS Slice Selector Label Position Type 445 */ 447 identity ss-mpls-label-position-type { 448 description 449 "Base identity for the position of the MPLS label that is used 450 for slice selection."; 451 } 453 identity ss-mpls-label-position-top { 454 base ss-mpls-label-position-type; 455 description 456 "MPLS label that is used for slice selection is at the top of 457 the label stack."; 458 } 460 identity ss-mpls-label-position-bottom { 461 base ss-mpls-label-position-type; 462 description 463 "MPLS label that is used for slice selection is either at the 464 bottom or at a specific offset from the bottom of the label 465 stack."; 466 } 468 identity ss-mpls-label-position-indicator { 469 base ss-mpls-label-position-type; 470 description 471 "MPLS label that is used for slice selection is preceded by 472 a special purpose indicator label in the label stack."; 473 } 475 /* 476 * Identity - S-PHB Class Direction 477 */ 479 identity s-phb-class-direction { 480 description 481 "Base identity for the direction of traffic to which the Slice 482 PHB class profile is applied."; 483 } 485 identity s-phb-class-direction-in { 486 base s-phb-class-direction; 487 description 488 "Slice PHB class profile is applied to incoming traffic."; 489 } 491 identity s-phb-class-direction-out { 492 base s-phb-class-direction; 493 description 494 "Slice PHB class profile is applied to outgoing traffic."; 495 } 497 identity s-phb-class-direction-in-out { 498 base s-phb-class-direction; 499 description 500 "Slice PHB class profile is applied to both incoming and 501 outgoing directions of traffic."; 502 } 504 /* 505 * Identity - S-PHB Class Priority 506 */ 508 identity s-phb-class-priority { 509 description 510 "Base identity for the priority of the child class scheduler."; 511 } 513 identity s-phb-class-priority-low { 514 base s-phb-class-priority; 515 description 516 "Priority of the child class scheduler is low."; 517 } 519 identity s-phb-class-priority-strict-high { 520 base s-phb-class-priority; 521 description 522 "Priority of the child class scheduler is strict-high."; 523 } 524 /* 525 * Identity - S-PHB Class Drop Probability 526 */ 528 identity s-phb-class-drop-probability { 529 description 530 "Base identity for the drop probability applied to packets 531 exceeding the CIR of the class queue."; 532 } 534 identity s-phb-class-drop-probability-low { 535 base s-phb-class-drop-probability; 536 description 537 "Low drop probability applied to packets exceeding the CIR of 538 the class queue."; 539 } 541 identity s-phb-class-drop-probability-medium { 542 base s-phb-class-drop-probability; 543 description 544 "Medium drop probability applied to packets exceeding the CIR 545 of the class queue."; 546 } 548 identity s-phb-class-drop-probability-high { 549 base s-phb-class-drop-probability; 550 description 551 "High drop probability applied to packets exceeding the CIR of 552 the class queue."; 553 } 555 /* 556 * T Y P E D E F S 557 */ 559 typedef slice-policy-acl-ref { 560 type leafref { 561 path "/acl:acls/acl:acl/acl:name"; 562 } 563 description 564 "This type is used to reference an ACL."; 565 } 567 typedef slice-policy-ss-ref { 568 type leafref { 569 path "/network-slicing/slice-policies/slice-policy/" 570 + "slice-selectors/slice-selector/index"; 571 } 572 description 573 "This type is used to reference a Slice Selector (SS)."; 574 } 576 typedef slice-policy-phb-ref { 577 type leafref { 578 path "/network-slicing/phbs/phb/" 579 + "id"; 580 } 581 description 582 "This type is used to reference a Slice Policy Per-Hop 583 Behavior (S-PHB)."; 584 } 586 typedef slice-policy-topo-filter-ref { 587 type leafref { 588 path "/rt:routing/topo-filt:topology-filters/" 589 + "topo-filt:topology-filter/topo-filt:name"; 590 } 591 description 592 "This type is used to reference a Slice Policy Topology."; 593 } 595 /* 596 * G R O U P I N G S 597 */ 599 /* 600 * Grouping - Slice Selector MPLS: Label location specific fields 601 */ 603 grouping sl-pol-ss-mpls-label-location { 604 description 605 "Grouping for MPLS (SS) label location specific fields."; 606 leaf label-position { 607 type identityref { 608 base ss-mpls-label-position-type; 609 } 610 description 611 "MPLS label position - top, bottom with offset, Slice label 612 indicator."; 613 } 614 leaf label-position-offset { 615 when "derived-from-or-self(../label-position," 616 + "'sl-pol:ss-mpls-label-position-bottom')" { 617 description 618 "MPLS label position offset is relevant only when the 619 label-position is set to 'bottom'."; 621 } 622 type uint8; 623 description 624 "MPLS label position offset."; 625 } 626 } 628 /* 629 * Grouping - Slice Selector (SS) 630 */ 632 grouping sl-pol-slice-selector { 633 description 634 "Grouping for Slice Selectors."; 635 container slice-selectors { 636 description 637 "Container for Slice Selectors."; 638 list slice-selector { 639 key "index"; 640 description 641 "List of Slice Selectors - this includes the default 642 selector and others that are used for overriding the 643 default."; 644 leaf index { 645 type uint16; 646 description 647 "An index to identify an entry in the slice-selector 648 list. The entry with the lowest index is the 649 default slice-selector."; 650 } 651 container mpls { 652 description 653 "Container for MPLS Slice Selector."; 654 choice ss-mpls-type { 655 description 656 "Choices for MPLS Slice Selector."; 657 case label { 658 choice specification-type { 659 description 660 "Choices for MPLS label specification."; 661 case derived { 662 leaf forwarding-label { 663 type empty; 664 description 665 "MPLS Slice Selector Label is 666 derived from forwarding label."; 667 } 668 } 669 case explicit { 670 leaf label { 671 type rt-types:mpls-label; 672 description 673 "MPLS Slice Selector Label is 674 explicitly specified."; 675 } 676 uses sl-pol-ss-mpls-label-location; 677 } 678 } 679 } 680 case label-ranges { 681 list label-range { 682 key "index"; 683 unique "start-label end-label"; 684 description 685 "MPLS Slice Selector Label is picked from a 686 specified set of label ranges."; 687 leaf index { 688 type string; 689 description 690 "A string that uniquely identifies a label 691 range."; 692 } 693 leaf start-label { 694 type rt-types:mpls-label; 695 must '. <= ../end-label' { 696 error-message 697 "The start-label must be less than or equal " 698 + "to end-label"; 699 } 700 description 701 "Label-range start."; 702 } 703 leaf end-label { 704 type rt-types:mpls-label; 705 must '. >= ../start-label' { 706 error-message 707 "The end-label must be greater than or equal " 708 + "to start-label"; 709 } 710 description 711 "Label-range end."; 712 } 713 uses sl-pol-ss-mpls-label-location; 714 } 715 } 716 } 718 } 719 container ipv4 { 720 description 721 "Container for IPv4 Slice Selector."; 722 leaf-list destination-prefix { 723 type inet:ipv4-prefix; 724 description 725 "IPv4 Slice Selector is picked from a specified set of 726 IPv4 destination prefixes."; 727 } 728 } 729 container ipv6 { 730 description 731 "Container for IPv6 Slice Selector."; 732 choice ss-ipv6-type { 733 description 734 "Choices for IPv6 Slice Selector."; 735 case ipv6-destination { 736 leaf-list destination-prefix { 737 type inet:ipv6-prefix; 738 description 739 "IPv6 Slice Selector is picked from a specified 740 set of IPv6 destination prefixes."; 741 } 742 } 743 case ipv6-flow-label { 744 container slid-flow-labels { 745 description 746 "Container for a set of Slice IDs that are 747 encoded within the flow label."; 748 list slid-flow-label { 749 key "slid"; 750 description 751 "IPv6 Slice Selector is picked from a set of 752 Slice IDs that are encoded within the flow 753 label."; 754 leaf slid { 755 type inet:ipv6-flow-label; 756 description 757 "Slice ID encoded inside the IPv6 flow label."; 758 } 759 leaf bitmask { 760 type uint32; 761 description 762 "Bitmask to extract the encoded Slice ID from 763 the IPv6 flow label."; 764 } 765 } 767 } 768 } 769 } 770 } 771 leaf-list acl-ref { 772 type slice-policy-acl-ref; 773 description 774 "Slice Selection is done based on the specified list of 775 ACLs."; 776 } 777 } 778 } 779 } 781 /* 782 * Grouping - Slice Policy Resource Reservation 783 */ 785 grouping sl-pol-resource-reservation { 786 description 787 "Grouping for slice policy resource reservation."; 788 container resource-reservation { 789 description 790 "Container for slice policy resource reservation."; 791 leaf preference { 792 type uint16; 793 description 794 "Control plane preference for the corresponding 795 slice aggregate. A higher preference 796 indicates a more favorable resource 797 reservation than a lower preference."; 798 } 799 choice max-bw-type { 800 description 801 "Choice of maximum bandwidth specification."; 802 case bw-value { 803 leaf maximum-bandwidth { 804 type uint64; 805 description 806 "The maximum bandwidth allocated to a slice aggregate 807 on the network resources - specified as absolute 808 value."; 809 } 810 } 811 case bw-percentage { 812 leaf maximum-bandwidth-percent { 813 type rt-types:percentage; 814 description 815 "The maximum bandwidth allocated to a slice aggregate 816 on the network resources - specified as percentage 817 of link capacity."; 818 } 819 } 820 } 821 leaf-list shared-resource-groups { 822 type uint32; 823 description 824 "List of shared resource groups that a slice aggregate 825 shares its allocated resources with."; 826 } 827 container protection { 828 description 829 "Container for slice aggregate protection reservation."; 830 leaf backup-sa-id { 831 type uint32; 832 description 833 "The ID that identifies the slice aggregate used 834 for backup paths that protect primary paths in a 835 specific slice aggregate."; 836 } 837 choice backup-bw-type { 838 description 839 "Choice of backup bandwidth specification."; 840 case backup-bw-value { 841 leaf backup-bandwidth { 842 type uint64; 843 description 844 "The maximum bandwidth on a network resource that 845 is allocated for backup traffic - specified as 846 absolute value."; 847 } 848 } 849 case backup-bw-percentage { 850 leaf backup-bandwidth-percent { 851 type rt-types:percentage; 852 description 853 "The maximum bandwidth on a network resource that 854 is allocated for backup traffic - specified as 855 percentage of the link capacity."; 856 } 857 } 858 } 859 } 860 } 861 } 862 /* 863 * Grouping - Slice policy PHB (S-PHB) 864 */ 866 grouping sl-pol-phb { 867 description 868 "Grouping for S-PHB."; 869 leaf phb { 870 type slice-policy-phb-ref; 871 description 872 "Reference to a specific PHB from the list of global 873 PHBs."; 874 } 875 } 877 /* 878 * Grouping - Slice policy default profile override 879 */ 881 grouping sl-pol-override-options { 882 description 883 "Grouping of fields that are used to override the default 884 profile of the slice policy."; 885 leaf slice-selector-override { 886 type slice-policy-ss-ref; 887 description 888 "Reference to a specific Slice Selector (different from 889 default)."; 890 } 891 leaf phb-override { 892 type slice-policy-phb-ref; 893 description 894 "Reference to a specific PHB (different from default)."; 895 } 896 } 898 /* 899 * Grouping - Member Topologies 900 */ 902 grouping sl-pol-member-topologies { 903 description 904 "Grouping for member topologies."; 905 container member-topologies { 906 description 907 "Container for member topologies."; 908 list member-topology { 909 key "topology-filter"; 910 description 911 "List of member topologies."; 912 leaf topology-filter { 913 type slice-policy-topo-filter-ref; 914 description 915 "Reference to a specific topology filter from the list 916 of global topology filters."; 917 } 918 uses sl-pol-override-options; 919 } 920 } 921 } 923 /* 924 * Grouping - Per-Hop Behaviors (PHBs) 925 */ 927 grouping sl-pol-phbs { 928 description 929 "Grouping for PHBs."; 930 container phbs { 931 description 932 "Container for PHBs."; 933 list phb { 934 key "id"; 935 description 936 "List of PHBs."; 937 leaf id { 938 type uint16; 939 description 940 "A 16-bit ID that uniquely identifies the PHB."; 941 } 942 choice profile-type { 943 description 944 "Choice of PHB profile type."; 945 case profile { 946 description 947 "Generic PHB profile available on the network 948 element."; 949 leaf profile { 950 type string; 951 description 952 "Generic PHB profile identifier."; 953 } 954 } 955 case custom-profile { 956 description 957 "Custom PHB profile."; 959 choice guaranteed-rate-type { 960 description 961 "Guaranteed rate is the committed information rate 962 (CIR) of the slice aggregate. The guaranteed rate 963 also determines the amount of excess (extra) 964 bandwidth that a group of slice aggregates can 965 share. Extra bandwidth is allocated among the 966 group in proportion to the guaranteed rate of 967 each slice aggregate."; 968 case rate { 969 leaf guaranteed-rate { 970 type uint64; 971 description 972 "Guaranteed rate specified as absolute value."; 973 } 974 } 975 case percentage { 976 leaf guaranteed-rate-percent { 977 type rt-types:percentage; 978 description 979 "Guaranteed rate specified in percentage."; 980 } 981 } 982 } 983 choice shaping-rate-type { 984 description 985 "Shaping rate is the maximum bandwidth of the slice 986 aggregate; the peak information rate (PIR) of a 987 slice aggregate."; 988 case rate { 989 leaf shaping-rate { 990 type uint64; 991 description 992 "Shaping rate specified as absolute value."; 993 } 994 } 995 case percentage { 996 leaf shaping-rate-percent { 997 type rt-types:percentage; 998 description 999 "Shaping rate specified in percentage."; 1000 } 1001 } 1002 } 1003 container classes { 1004 description 1005 "Container for classes."; 1006 list class { 1007 key "class-id"; 1008 description 1009 "List of classes."; 1010 leaf class-id { 1011 type string; 1012 description 1013 "A string to uniquely identify a class."; 1014 } 1015 leaf direction { 1016 type identityref { 1017 base s-phb-class-direction; 1018 } 1019 description 1020 "Class direction."; 1021 } 1022 leaf priority { 1023 type identityref { 1024 base s-phb-class-priority; 1025 } 1026 description 1027 "Priority of the class scheduler. Only one slice 1028 aggregate class queue can be set as a 1029 strict-high priority queue. Strict-high 1030 priority allocates the scheduled bandwidth to 1031 the queue before any other queue receives 1032 bandwidth. Other queues receive the bandwidth 1033 that remains after the strict-high queue has 1034 been serviced."; 1035 } 1036 choice guaranteed-rate-type { 1037 description 1038 "Guaranteed Rate is the Committed information 1039 rate (CIR) of slice aggregate class - specified 1040 as absolute value or percentage."; 1041 case rate { 1042 leaf guaranteed-rate { 1043 type uint64; 1044 description 1045 "Guaranteed rate specified as absolute 1046 value."; 1047 } 1048 } 1049 case percentage { 1050 leaf guaranteed-rate-percent { 1051 type rt-types:percentage; 1052 description 1053 "Guaranteed rate specified in percentage."; 1054 } 1056 } 1057 } 1058 leaf drop-probability { 1059 type identityref { 1060 base s-phb-class-drop-probability; 1061 } 1062 description 1063 "Drop probability applied to packets exceeding 1064 the CIR of the class queue."; 1065 } 1066 choice maximum-bandwidth-type { 1067 description 1068 "Maximum bandwidth is the Peak information 1069 rate (PIR) of slice aggregate class - specified 1070 as absolute value or percentage."; 1071 case rate { 1072 leaf maximum-bandwidth { 1073 type uint64; 1074 description 1075 "Maximum bandwidth specified as absolute 1076 value."; 1077 } 1078 } 1079 case percentage { 1080 leaf maximum-bandwidth-percent { 1081 type rt-types:percentage; 1082 description 1083 "Maximum bandwidth specified as percentage."; 1084 } 1085 } 1086 } 1087 choice delay-buffer-size-type { 1088 description 1089 "Size of the queue buffer as a percentage of the 1090 dedicated buffer space - specified as value or 1091 percentage."; 1092 case value { 1093 leaf delay-buffer-size { 1094 type uint64; 1095 description 1096 "Delay buffer size."; 1097 } 1098 } 1099 case percentage { 1100 leaf delay-buffer-size-percent { 1101 type rt-types:percentage; 1102 description 1103 "Delay buffer size specified as percentage."; 1105 } 1106 } 1107 } 1108 } 1109 } 1110 } 1111 } 1112 } 1113 } 1114 } 1116 /* 1117 * Grouping - Slice Policies 1118 */ 1120 grouping sl-policies { 1121 description 1122 "Grouping for slice policies."; 1123 container slice-policies { 1124 description 1125 "Container for slice policies."; 1126 list slice-policy { 1127 key "name"; 1128 unique "sa-id"; 1129 description 1130 "List of slice policies."; 1131 leaf name { 1132 type string; 1133 description 1134 "A string that uniquely identifies the slice policy."; 1135 } 1136 leaf sa-id { 1137 type uint32; 1138 description 1139 "A 32-bit ID that uniquely identifies the slice 1140 aggregate created by the enforcement of this slice 1141 policy."; 1142 } 1143 uses sl-pol-resource-reservation; 1144 uses sl-pol-slice-selector; 1145 uses sl-pol-phb; 1146 uses sl-pol-member-topologies; 1147 } 1148 } 1149 } 1151 /* 1152 * Top-level container - Network Slicing 1153 */ 1155 container network-slicing { 1156 presence "Enable network slicing."; 1157 description 1158 "Top-level container for network slicing specific constructs 1159 on a slice policy capable network entity."; 1160 uses sl-pol-phbs; 1161 uses sl-policies; 1162 } 1163 } 1164 1166 3. Acknowledgements 1168 The authors would like to thank Krzysztof Szarkowicz for his input 1169 from discussions. 1171 4. Contributors 1173 The following individuals contributed to this document: 1175 Colby Barth 1176 Juniper Networks 1177 Email: cbarth@juniper.net 1179 Srihari R. Sangli 1180 Juniper Networks 1181 Email: ssangli@juniper.net 1183 Chandra Ramachandran 1184 Juniper Networks 1185 Email: csekar@juniper.net 1187 5. IANA Considerations 1189 This document registers the following URI in the IETF XML registry 1190 [RFC3688]. Following the format in [RFC3688], the following 1191 registration is requested to be made. 1193 URI: urn:ietf:params:xml:ns:yang:ietf-slice-policy 1194 Registrant Contact: The TEAS WG of the IETF. 1195 XML: N/A, the requested URI is an XML namespace. 1197 This document registers a YANG module in the YANG Module Names 1198 registry [RFC6020]. 1200 name: ietf-slice-policy 1201 namespace: urn:ietf:params:xml:ns:yang:ietf-slice-policy 1202 prefix: sl-pol 1203 reference: RFCXXXX 1205 6. Security Considerations 1207 The YANG module specified in this document defines a schema for data 1208 that is designed to be accessed via network management protocols such 1209 as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer 1210 is the secure transport layer, and the mandatory-to-implement secure 1211 transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer 1212 is HTTPS, and the mandatory-to-implement secure transport is TLS 1213 [RFC8446]. 1215 The Network Configuration Access Control Model (NACM) [RFC8341] 1216 provides the means to restrict access for particular NETCONF or 1217 RESTCONF users to a preconfigured subset of all available NETCONF or 1218 RESTCONF protocol operations and content. 1220 The data nodes defined in this YANG module that are 1221 writable/creatable/deletable (i.e., config true, which is the 1222 default) may be considered sensitive or vulnerable in some network 1223 environments. Write operations (e.g., edit-config) to these data 1224 nodes without proper protection can have a negative effect on network 1225 operations. These are the subtrees and data nodes and their 1226 sensitivity/vulnerability: 1228 * "/network-slicing/phbs": This subtree specifies the configurations 1229 for slice policy per-hop behaviors. By manipulating these data 1230 nodes, a malicious attacker may cause unauthorized and improper 1231 behavior to be provided for the slice aggregate traffic on the 1232 network element. 1234 * "/network-slicing/slice-policies": This subtree specifies the 1235 configurations for slice policies on a given network element. By 1236 manipulating these data nodes, a malicious attacker may cause 1237 unauthorized and improper behavior to be provided for the slice 1238 aggregate traffic on the network element. 1240 The readable data nodes in this YANG module may be considered 1241 sensitive or vulnerable in some network environments. It is thus 1242 important to control read access (e.g., via get, get-config, or 1243 notification) to these data nodes. These are the subtrees and data 1244 nodes and their sensitivity/vulnerability: 1246 * "/network-slicing/phbs": Unauthorized access to this subtree can 1247 disclose the slice policy PHBs defined on the network element. 1249 * "/network-slicing/slice-policies": Unauthorized access to this 1250 subtree can disclose the slice policy definitions on the network 1251 element. 1253 7. References 1255 7.1. Normative References 1257 [I-D.bestbar-teas-ns-packet] 1258 Saad, T., Beeram, V. P., Wen, B., Ceccarelli, D., Halpern, 1259 J., Peng, S., Chen, R., Liu, X., and L. M. Contreras, 1260 "Realizing Network Slices in IP/MPLS Networks", draft- 1261 bestbar-teas-ns-packet-02 (work in progress), February 1262 2021. 1264 [I-D.bestbar-teas-yang-topology-filter] 1265 Beeram, V. P. and T. Saad, "YANG Data Model for Topology 1266 Filter", draft-bestbar-teas-yang-topology-filter-00 (work 1267 in progress), July 2021. 1269 [I-D.ietf-teas-ietf-network-slices] 1270 Farrel, A., Gray, E., Drake, J., Rokui, R., Homma, S., 1271 Makhijani, K., Contreras, L. M., and J. Tantsura, 1272 "Framework for IETF Network Slices", draft-ietf-teas-ietf- 1273 network-slices-00 (work in progress), April 2021. 1275 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1276 Requirement Levels", BCP 14, RFC 2119, 1277 DOI 10.17487/RFC2119, March 1997, 1278 . 1280 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 1281 DOI 10.17487/RFC3688, January 2004, 1282 . 1284 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 1285 the Network Configuration Protocol (NETCONF)", RFC 6020, 1286 DOI 10.17487/RFC6020, October 2010, 1287 . 1289 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 1290 and A. Bierman, Ed., "Network Configuration Protocol 1291 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 1292 . 1294 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 1295 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 1296 . 1298 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 1299 RFC 7950, DOI 10.17487/RFC7950, August 2016, 1300 . 1302 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 1303 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 1304 . 1306 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 1307 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 1308 May 2017, . 1310 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration 1311 Access Control Model", STD 91, RFC 8341, 1312 DOI 10.17487/RFC8341, March 2018, 1313 . 1315 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 1316 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 1317 . 1319 7.2. Informative References 1321 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 1322 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 1323 . 1325 Appendix A. Complete Model Tree Structure 1327 module: ietf-slice-policy 1328 +--rw network-slicing! 1329 +--rw phbs 1330 | +--rw phb* [id] 1331 | +--rw id uint16 1332 | +--rw (profile-type)? 1333 | +--:(profile) 1334 | | +--rw profile? string 1335 | +--:(custom-profile) 1336 | +--rw (guaranteed-rate-type)? 1337 | | +--:(rate) 1338 | | | +--rw guaranteed-rate? uint64 1339 | | +--:(percentage) 1340 | | +--rw guaranteed-rate-percent? 1341 | | rt-types:percentage 1342 | +--rw (shaping-rate-type)? 1343 | | +--:(rate) 1344 | | | +--rw shaping-rate? uint64 1345 | | +--:(percentage) 1346 | | +--rw shaping-rate-percent? 1347 | | rt-types:percentage 1348 | +--rw classes 1349 | +--rw class* [class-id] 1350 | +--rw class-id 1351 | | string 1352 | +--rw direction? 1353 | | identityref 1354 | +--rw priority? 1355 | | identityref 1356 | +--rw (guaranteed-rate-type)? 1357 | | +--:(rate) 1358 | | | +--rw guaranteed-rate? 1359 | | | uint64 1360 | | +--:(percentage) 1361 | | +--rw guaranteed-rate-percent? 1362 | | rt-types:percentage 1363 | +--rw drop-probability? 1364 | | identityref 1365 | +--rw (maximum-bandwidth-type)? 1366 | | +--:(rate) 1367 | | | +--rw maximum-bandwidth? 1368 | | | uint64 1369 | | +--:(percentage) 1370 | | +--rw maximum-bandwidth-percent? 1371 | | rt-types:percentage 1372 | +--rw (delay-buffer-size-type)? 1373 | +--:(value) 1374 | | +--rw delay-buffer-size? 1375 | | uint64 1376 | +--:(percentage) 1377 | +--rw delay-buffer-size-percent? 1378 | rt-types:percentage 1379 +--rw slice-policies 1380 +--rw slice-policy* [name] 1381 +--rw name string 1382 +--rw sa-id? uint32 1383 +--rw resource-reservation 1384 | +--rw preference? uint16 1385 | +--rw (max-bw-type)? 1386 | | +--:(bw-value) 1387 | | | +--rw maximum-bandwidth? uint64 1388 | | +--:(bw-percentage) 1389 | | +--rw maximum-bandwidth-percent? 1390 | | rt-types:percentage 1391 | +--rw shared-resource-groups* uint32 1392 | +--rw protection 1393 | +--rw backup-sa-id? uint32 1394 | +--rw (backup-bw-type)? 1395 | +--:(backup-bw-value) 1396 | | +--rw backup-bandwidth? uint64 1397 | +--:(backup-bw-percentage) 1398 | +--rw backup-bandwidth-percent? 1399 | rt-types:percentage 1400 +--rw slice-selectors 1401 | +--rw slice-selector* [index] 1402 | +--rw index uint16 1403 | +--rw mpls 1404 | | +--rw (ss-mpls-type)? 1405 | | +--:(label) 1406 | | | +--rw (specification-type)? 1407 | | | +--:(derived) 1408 | | | | +--rw forwarding-label? empty 1409 | | | +--:(explicit) 1410 | | | +--rw label? 1411 | | | | rt-types:mpls-label 1412 | | | +--rw label-position? 1413 | | | | identityref 1414 | | | +--rw label-position-offset? uint8 1415 | | +--:(label-ranges) 1416 | | +--rw label-range* [index] 1417 | | +--rw index string 1418 | | +--rw start-label? 1419 | | | rt-types:mpls-label 1420 | | +--rw end-label? 1421 | | | rt-types:mpls-label 1422 | | +--rw label-position? 1423 | | | identityref 1424 | | +--rw label-position-offset? uint8 1425 | +--rw ipv4 1426 | | +--rw destination-prefix* inet:ipv4-prefix 1427 | +--rw ipv6 1428 | | +--rw (ss-ipv6-type)? 1429 | | +--:(ipv6-destination) 1430 | | | +--rw destination-prefix* 1431 | | | inet:ipv6-prefix 1432 | | +--:(ipv6-flow-label) 1433 | | +--rw slid-flow-labels 1434 | | +--rw slid-flow-label* [slid] 1435 | | +--rw slid inet:ipv6-flow-label 1436 | | +--rw bitmask? uint32 1437 | +--rw acl-ref* slice-policy-acl-ref 1438 +--rw phb? slice-policy-phb-ref 1439 +--rw member-topologies 1440 +--rw member-topology* [topology-filter] 1441 +--rw topology-filter 1442 | slice-policy-topo-filter-ref 1443 +--rw slice-selector-override? slice-policy-ss-ref 1444 +--rw phb-override? 1445 slice-policy-phb-ref 1447 Authors' Addresses 1449 Tarek Saad 1450 Juniper Networks 1452 Email: tsaad@juniper.net 1454 Vishnu Pavan Beeram 1455 Juniper Networks 1457 Email: vbeeram@juniper.net 1459 Bin Wen 1460 Comcast 1462 Email: Bin_Wen@cable.comcast.com 1464 Daniele Ceccarelli 1465 Ericsson 1467 Email: daniele.ceccarelli@ericsson.com 1469 Shaofu Peng 1470 ZTE Corporation 1472 Email: peng.shaofu@zte.com.cn 1474 Ran Chen 1475 ZTE Corporation 1477 Email: chen.ran@zte.com.cn 1479 Luis M. Contreras 1480 Telefonica 1482 Email: luismiguel.contrerasmurillo@telefonica.com 1483 Xufeng Liu 1484 Volta Networks 1486 Email: xufeng.liu.ietf@gmail.com