idnits 2.17.1 draft-bestbar-teas-yang-slice-policy-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document doesn't use any RFC 2119 keywords, yet seems to have RFC 2119 boilerplate text. -- The document date (October 25, 2021) is 915 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-10) exists of draft-bestbar-teas-ns-packet-04 ** Downref: Normative reference to an Informational draft: draft-bestbar-teas-ns-packet (ref. 'I-D.bestbar-teas-ns-packet') == Outdated reference: A later version (-05) exists of draft-bestbar-teas-yang-topology-filter-01 == Outdated reference: A later version (-25) exists of draft-ietf-teas-ietf-network-slices-04 Summary: 1 error (**), 0 flaws (~~), 5 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 TEAS Working Group T. Saad 3 Internet-Draft V. Beeram 4 Intended status: Standards Track Juniper Networks 5 Expires: April 28, 2022 B. Wen 6 Comcast 7 D. Ceccarelli 8 Ericsson 9 S. Peng 10 R. Chen 11 ZTE Corporation 12 LM. Contreras 13 Telefonica 14 X. Liu 15 Volta Networks 16 October 25, 2021 18 YANG Data Model for Slice Policy 19 draft-bestbar-teas-yang-slice-policy-02 21 Abstract 23 A slice policy is a policy construct that enables instantiation of 24 mechanisms in support of IETF network slice specific control and data 25 plane behaviors on select topological elements. This document 26 defines a YANG data model for the management of slice policies on 27 slice policy capable nodes and controllers in IP/MPLS networks. 29 Requirements Language 31 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 32 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 33 "OPTIONAL" in this document are to be interpreted as described in BCP 34 14 [RFC2119] [RFC8174] when, and only when, they appear in all 35 capitals, as shown here. 37 Status of This Memo 39 This Internet-Draft is submitted in full conformance with the 40 provisions of BCP 78 and BCP 79. 42 Internet-Drafts are working documents of the Internet Engineering 43 Task Force (IETF). Note that other groups may also distribute 44 working documents as Internet-Drafts. The list of current Internet- 45 Drafts is at https://datatracker.ietf.org/drafts/current/. 47 Internet-Drafts are draft documents valid for a maximum of six months 48 and may be updated, replaced, or obsoleted by other documents at any 49 time. It is inappropriate to use Internet-Drafts as reference 50 material or to cite them other than as "work in progress." 52 This Internet-Draft will expire on April 28, 2022. 54 Copyright Notice 56 Copyright (c) 2021 IETF Trust and the persons identified as the 57 document authors. All rights reserved. 59 This document is subject to BCP 78 and the IETF Trust's Legal 60 Provisions Relating to IETF Documents 61 (https://trustee.ietf.org/license-info) in effect on the date of 62 publication of this document. Please review these documents 63 carefully, as they describe your rights and restrictions with respect 64 to this document. Code Components extracted from this document must 65 include Simplified BSD License text as described in Section 4.e of 66 the Trust Legal Provisions and are provided without warranty as 67 described in the Simplified BSD License. 69 Table of Contents 71 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 72 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 73 1.2. Tree Structure . . . . . . . . . . . . . . . . . . . . . 4 74 2. Slice Policy Data Model . . . . . . . . . . . . . . . . . . . 4 75 2.1. Model Usage . . . . . . . . . . . . . . . . . . . . . . . 4 76 2.2. Model Structure . . . . . . . . . . . . . . . . . . . . . 4 77 2.3. Per-Hop-Behaviors . . . . . . . . . . . . . . . . . . . . 5 78 2.4. Slice Policies . . . . . . . . . . . . . . . . . . . . . 5 79 2.4.1. Resource Reservation . . . . . . . . . . . . . . . . 5 80 2.4.2. Slice Selectors . . . . . . . . . . . . . . . . . . . 6 81 2.4.3. Per-Hop-Behavior . . . . . . . . . . . . . . . . . . 7 82 2.4.4. Member Topologies . . . . . . . . . . . . . . . . . . 8 83 2.5. YANG Module . . . . . . . . . . . . . . . . . . . . . . . 8 84 3. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 25 85 4. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 25 86 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 25 87 6. Security Considerations . . . . . . . . . . . . . . . . . . . 26 88 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 27 89 7.1. Normative References . . . . . . . . . . . . . . . . . . 27 90 7.2. Informative References . . . . . . . . . . . . . . . . . 28 91 Appendix A. Complete Model Tree Structure . . . . . . . . . . . 28 92 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 31 94 1. Introduction 96 An IETF network slice [I-D.ietf-teas-ietf-network-slices] is a well- 97 defined structure of connectivity requirements and associated network 98 behaviors. An IETF Network Slice Controller (NSC) is responsible for 99 the aggregation of multiple IETF network slice traffic streams into a 100 slice aggregate [I-D.bestbar-teas-ns-packet]. The controller uses a 101 policy construct called the slice policy to instantiate control and 102 data plane behaviors on select topological elements associated with 103 the Network Resource Partition (NRP) that supports a slice aggregate. 104 An NRP is the collection of resources that are used to support a 105 slice aggregate. The enforcement of the slice policy results in the 106 creation of an NRP. 108 A slice policy specifies the topology associated with the NRP and 109 dictates how an NRP associated with a slice aggregate can be realized 110 in IP/MPLS networks using one of three modes. The slice policy 111 dictates if the partitioning of the shared network resources can be 112 achieved in (a) just the data plane or in (b) just the control plane 113 or in (c) both the control and data planes. 115 The slice policy modes (a) and (c) require the forwarding engine on 116 each slice policy capable node to identify the traffic belonging to a 117 specific slice aggregate and to apply the corresponding Per-Hop 118 Behavior (PHB) that determines the forwarding treatment of the 119 packets belonging to the slice aggregate. The identification of the 120 slice aggregate that the packet belongs to and the corresponding 121 forwarding treatment that needs to be applied to the packet is 122 dictated by the slice policy. 124 The slice policy modes (b) and (c) require the distributed/ 125 centralized resource reservation manager in the control plane to 126 manage NRP resource reservation. The provisions for enabling slice 127 aggregate aware traffic engineering are dictated by the slice policy. 129 This document defines a YANG data model for the management of slice 130 policies on slice policy capable nodes and controllers in IP/MPLS 131 networks. 133 1.1. Terminology 135 The terminology for describing YANG data models is found in 136 [RFC7950]. 138 The reader is expected to be familiar with the terminology specified 139 in [I-D.ietf-teas-ietf-network-slices] and 140 [I-D.bestbar-teas-ns-packet]. The term "Network Slice" used in this 141 document must be interpreted as "IETF Network Slice" 142 [I-D.ietf-teas-ietf-network-slices]. 144 1.2. Tree Structure 146 A simplified graphical representation of the data model is presented 147 in Appendix A of this document. The tree format defined in [RFC8340] 148 is used for the YANG data model tree representation. 150 2. Slice Policy Data Model 152 2.1. Model Usage 154 The onus is on the IETF network slice controller to consume the 155 network slice service intent and realize it with an appropriate slice 156 policy. Multiple IETF network slices can be mapped to the same slice 157 aggregate resulting in the application of the same slice policy. The 158 network wide consistent slice policy definition (provided by the data 159 model defined in this document) is distributed to the slice policy 160 capable nodes and controllers. The specification of the network 161 slice intent on the northbound interface of the controller and the 162 mechanism used to associate the network slice to a slice policy are 163 outside the scope of this document. 165 2.2. Model Structure 167 The high-level model structure defined by this document is as shown 168 below: 170 module: ietf-slice-policy 171 +--rw network-slicing! 172 +--rw phbs 173 | +--rw phb* [id] 174 | ............ 175 +--rw slice-policies 176 +--rw slice-policy* [name] 177 + ............ 178 +--rw resource-reservation 179 | ............ 180 +--rw slice-selectors 181 | +--rw slice-selector* [index] 182 | ............ 183 +--rw phb? slice-policy-phb-ref 184 +--rw member-topologies 185 +--rw member-topology* [topology-filter] 186 ............ 188 In addition to the set of slice policies, the top-level container 189 also includes a placeholder for the set of PHBs that are referenced 190 by the slice policies. 192 2.3. Per-Hop-Behaviors 194 The 'phbs' container carries a list of PHB entries. Each of these 195 entries can be referenced by one or more slice policies. A PHB entry 196 can either carry a reference to a generic PHB profile available on 197 the node or carry a custom PHB profile. The custom PHB profile 198 includes attributes to construct an NRP specific QoS profile and any 199 classes within it. 201 +--rw phbs 202 | +--rw phb* [id] 203 | +--rw id uint16 204 | +--rw (profile-type)? 205 | +--:(profile) 206 | | +--rw profile? string 207 | +--:(custom-profile) 208 | ............ 210 2.4. Slice Policies 212 The 'slice-policies' container carries a list of slice policies. 213 Each slice-policy entry is identified by a name and holds the set of 214 attributes needed to instantiate the NRP associated with a slice 215 aggregate. The key elements of each slice-policy entry are discussed 216 in the following sub-sections. 218 2.4.1. Resource Reservation 220 The 'resource-reservation' container carries data nodes that are used 221 to support slice aggregate aware bandwidth engineering. The data 222 nodes in this container facilitate preference-based preemption of 223 slice aggregate aware TE paths, sharing of resources amongst a group 224 of NRPs and backup path bandwidth protection. 226 +--rw resource-reservation 227 | +--rw preference? uint16 228 | +--rw (max-bw-type)? 229 | | +--:(bw-value) 230 | | | +--rw maximum-bandwidth? uint64 231 | | +--:(bw-percentage) 232 | | +--rw maximum-bandwidth-percent? 233 | | rt-types:percentage 234 | +--rw shared-resource-groups* uint32 235 | +--rw protection 236 | +--rw backup-nrp-id? uint32 237 | +--rw (backup-bw-type)? 238 | +--:(backup-bw-value) 239 | | +--rw backup-bandwidth? uint64 240 | +--:(backup-bw-percentage) 241 | +--rw backup-bandwidth-percent? 242 | rt-types:percentage 244 2.4.2. Slice Selectors 246 The 'slice-selectors' container carries a set of data plane field 247 selectors which are used to identify the packets belonging to the 248 given slice aggregate. Each slice-selector entry in the list has an 249 index associated with it. The slice selector with the lowest index 250 is the default slice selector used by all the topological elements 251 that are members of the given slice policy. The other entries are 252 used only when there is a need to override the default slice selector 253 on some select topological elements. 255 +--rw slice-selectors 256 | +--rw slice-selector* [index] 257 | +--rw index uint16 258 | +--rw mpls 259 | | +--rw (ss-mpls-type)? 260 | | +--:(label) 261 | | | +--rw (specification-type)? 262 | | | +--:(derived) 263 | | | | +--rw forwarding-label? empty 264 | | | +--:(explicit) 265 | | | +--rw label? 266 | | | | rt-types:mpls-label 267 | | | +--rw label-position? 268 | | | | identityref 269 | | | +--rw label-position-offset? uint8 270 | | +--:(label-ranges) 271 | | +--rw label-range* [index] 272 | | +--rw index string 273 | | +--rw start-label? 274 | | | rt-types:mpls-label 275 | | +--rw end-label? 276 | | | rt-types:mpls-label 277 | | +--rw label-position? 278 | | | identityref 279 | | +--rw label-position-offset? uint8 280 | +--rw ipv4 281 | | +--rw destination-prefix* inet:ipv4-prefix 282 | +--rw ipv6 283 | | +--rw (ss-ipv6-type)? 284 | | +--:(ipv6-destination) 285 | | | +--rw destination-prefix* 286 | | | inet:ipv6-prefix 287 | | +--:(ipv6-flow-label) 288 | | +--rw slid-flow-labels 289 | | +--rw slid-flow-label* [slid] 290 | | +--rw slid inet:ipv6-flow-label 291 | | +--rw bitmask? uint32 292 | +--rw acl-ref* slice-policy-acl-ref 294 2.4.3. Per-Hop-Behavior 296 The 'phb' leaf carries a reference to the appropriate PHB that needs 297 to be applied for the given slice aggregate. Unless specified 298 otherwise, this is the default phb to be used by all the topological 299 elements that are members of the given slice policy. 301 +--rw phb? slice-policy-phb-ref 303 2.4.4. Member Topologies 305 The 'member-topologies' container consists of a set of member 306 topologies. Each member topology references a topology filter 307 [I-D.bestbar-teas-yang-topology-filter]. The topological elements 308 that satisfy the membership criteria can optionally override the 309 default PHB and/or the default slice selector. 311 +--rw member-topologies 312 +--rw member-topology* [topology-filter] 313 +--rw topology-filter 314 | slice-policy-topo-filter-ref 315 +--rw slice-selector-override? slice-policy-ss-ref 316 +--rw phb-override? 317 slice-policy-phb-ref 319 2.5. YANG Module 321 file "ietf-slice-policy@2021-10-25.yang" 322 module ietf-slice-policy { 323 yang-version 1.1; 324 namespace "urn:ietf:params:xml:ns:yang:ietf-slice-policy"; 325 prefix sl-pol; 327 import ietf-inet-types { 328 prefix inet; 329 reference 330 "RFC 6991: Common YANG Data Types"; 331 } 332 import ietf-routing-types { 333 prefix rt-types; 334 reference 335 "RFC 8294: Common YANG Data Types for the Routing Area"; 336 } 337 import ietf-network { 338 prefix nw; 339 reference 340 "RFC 8345: A YANG Data Model for Network Topologies"; 341 } 342 import ietf-access-control-list { 343 prefix acl; 344 reference 345 "RFC 8519: YANG Data Model for Network Access Control Lists 346 (ACLs)"; 347 } 348 import ietf-topology-filter { 349 prefix topo-filt; 350 reference 351 "draft-bestbar-teas-yang-topology-filter: YANG Data Model 352 for Topology Filter"; 353 } 355 organization 356 "IETF Traffic Engineering Architecture and Signaling (TEAS) 357 Working Group."; 358 contact 359 "WG Web: 360 WG List: 362 Editor: Vishnu Pavan Beeram 363 365 Editor: Tarek Saad 366 368 Editor: Bin Wen 369 371 Editor: Daniele Ceccarelli 372 374 Editor: Shaofu Peng 375 377 Editor: Ran Chen 378 380 Editor: Luis M. Contreras 381 383 Editor: Xufeng Liu 384 "; 385 description 386 "This YANG module defines a data model for managing slice 387 policies on slice policy capable nodes and controllers. 389 Copyright (c) 2021 IETF Trust and the persons identified as 390 authors of the code. All rights reserved. 392 Redistribution and use in source and binary forms, with or 393 without modification, is permitted pursuant to, and subject to 394 the license terms contained in, the Simplified BSD License set 395 forth in Section 4.c of the IETF Trust's Legal Provisions 396 Relating to IETF Documents 397 (https://trustee.ietf.org/license-info). 399 This version of this YANG module is part of RFC XXXX; see the 400 RFC itself for full legal notices."; 402 revision 2021-10-25 { 403 description 404 "Initial revision."; 405 reference 406 "RFC XXXX: YANG Data Model for Slice Policies."; 407 } 409 /* 410 * I D E N T I T I E S 411 */ 412 /* 413 * Identity - MPLS Slice Selector Label Position Type 414 */ 416 identity ss-mpls-label-position-type { 417 description 418 "Base identity for the position of the MPLS label that is used 419 for slice selection."; 420 } 422 identity ss-mpls-label-position-top { 423 base ss-mpls-label-position-type; 424 description 425 "MPLS label that is used for slice selection is at the top of 426 the label stack."; 427 } 429 identity ss-mpls-label-position-bottom { 430 base ss-mpls-label-position-type; 431 description 432 "MPLS label that is used for slice selection is either at the 433 bottom or at a specific offset from the bottom of the label 434 stack."; 435 } 437 identity ss-mpls-label-position-indicator { 438 base ss-mpls-label-position-type; 439 description 440 "MPLS label that is used for slice selection is preceded by 441 a special purpose indicator label in the label stack."; 442 } 444 /* 445 * Identity - S-PHB Class Direction 446 */ 448 identity s-phb-class-direction { 449 description 450 "Base identity for the direction of traffic to which the Slice 451 PHB class profile is applied."; 452 } 454 identity s-phb-class-direction-in { 455 base s-phb-class-direction; 456 description 457 "Slice PHB class profile is applied to incoming traffic."; 458 } 460 identity s-phb-class-direction-out { 461 base s-phb-class-direction; 462 description 463 "Slice PHB class profile is applied to outgoing traffic."; 464 } 466 identity s-phb-class-direction-in-out { 467 base s-phb-class-direction; 468 description 469 "Slice PHB class profile is applied to both incoming and 470 outgoing directions of traffic."; 471 } 473 /* 474 * Identity - S-PHB Class Priority 475 */ 477 identity s-phb-class-priority { 478 description 479 "Base identity for the priority of the child class scheduler."; 480 } 482 identity s-phb-class-priority-low { 483 base s-phb-class-priority; 484 description 485 "Priority of the child class scheduler is low."; 486 } 488 identity s-phb-class-priority-strict-high { 489 base s-phb-class-priority; 490 description 491 "Priority of the child class scheduler is strict-high."; 492 } 494 /* 495 * Identity - S-PHB Class Drop Probability 496 */ 498 identity s-phb-class-drop-probability { 499 description 500 "Base identity for the drop probability applied to packets 501 exceeding the CIR of the class queue."; 502 } 504 identity s-phb-class-drop-probability-low { 505 base s-phb-class-drop-probability; 506 description 507 "Low drop probability applied to packets exceeding the CIR of 508 the class queue."; 509 } 511 identity s-phb-class-drop-probability-medium { 512 base s-phb-class-drop-probability; 513 description 514 "Medium drop probability applied to packets exceeding the CIR 515 of the class queue."; 516 } 518 identity s-phb-class-drop-probability-high { 519 base s-phb-class-drop-probability; 520 description 521 "High drop probability applied to packets exceeding the CIR of 522 the class queue."; 523 } 525 /* 526 * T Y P E D E F S 527 */ 529 typedef slice-policy-acl-ref { 530 type leafref { 531 path "/acl:acls/acl:acl/acl:name"; 532 } 533 description 534 "This type is used to reference an ACL."; 535 } 537 typedef slice-policy-ss-ref { 538 type leafref { 539 path "/network-slicing/slice-policies/slice-policy/" 540 + "slice-selectors/slice-selector/index"; 541 } 542 description 543 "This type is used to reference a Slice Selector (SS)."; 545 } 547 typedef slice-policy-phb-ref { 548 type leafref { 549 path "/network-slicing/phbs/phb/" 550 + "id"; 551 } 552 description 553 "This type is used to reference a Slice Policy Per-Hop 554 Behavior (S-PHB)."; 555 } 557 typedef slice-policy-topo-filter-ref { 558 type leafref { 559 path "/nw:networks/topo-filt:topology-filters/" 560 + "topo-filt:topology-filter/topo-filt:name"; 561 } 562 description 563 "This type is used to reference a Slice Policy Topology."; 564 } 566 /* 567 * G R O U P I N G S 568 */ 569 /* 570 * Grouping - Slice Selector MPLS: Label location specific fields 571 */ 573 grouping sl-pol-ss-mpls-label-location { 574 description 575 "Grouping for MPLS (SS) label location specific fields."; 576 leaf label-position { 577 type identityref { 578 base ss-mpls-label-position-type; 579 } 580 description 581 "MPLS label position - top, bottom with offset, Slice label 582 indicator."; 583 } 584 leaf label-position-offset { 585 when "derived-from-or-self(../label-position," 586 + "'sl-pol:ss-mpls-label-position-bottom')" { 587 description 588 "MPLS label position offset is relevant only when the 589 label-position is set to 'bottom'."; 590 } 591 type uint8; 592 description 593 "MPLS label position offset."; 594 } 595 } 597 /* 598 * Grouping - Slice Selector (SS) 599 */ 601 grouping sl-pol-slice-selector { 602 description 603 "Grouping for Slice Selectors."; 604 container slice-selectors { 605 description 606 "Container for Slice Selectors."; 607 list slice-selector { 608 key "index"; 609 description 610 "List of Slice Selectors - this includes the default 611 selector and others that are used for overriding the 612 default."; 613 leaf index { 614 type uint16; 615 description 616 "An index to identify an entry in the slice-selector 617 list. The entry with the lowest index is the 618 default slice-selector."; 619 } 620 container mpls { 621 description 622 "Container for MPLS Slice Selector."; 623 choice ss-mpls-type { 624 description 625 "Choices for MPLS Slice Selector."; 626 case label { 627 choice specification-type { 628 description 629 "Choices for MPLS label specification."; 630 case derived { 631 leaf forwarding-label { 632 type empty; 633 description 634 "MPLS Slice Selector Label is 635 derived from forwarding label."; 636 } 637 } 638 case explicit { 639 leaf label { 640 type rt-types:mpls-label; 641 description 642 "MPLS Slice Selector Label is 643 explicitly specified."; 644 } 645 uses sl-pol-ss-mpls-label-location; 646 } 647 } 648 } 649 case label-ranges { 650 list label-range { 651 key "index"; 652 unique "start-label end-label"; 653 description 654 "MPLS Slice Selector Label is picked from a 655 specified set of label ranges."; 656 leaf index { 657 type string; 658 description 659 "A string that uniquely identifies a label 660 range."; 661 } 662 leaf start-label { 663 type rt-types:mpls-label; 664 must '. <= ../end-label' { 665 error-message 666 "The start-label must be less than or equal " 667 + "to end-label"; 668 } 669 description 670 "Label-range start."; 671 } 672 leaf end-label { 673 type rt-types:mpls-label; 674 must '. >= ../start-label' { 675 error-message 676 "The end-label must be greater than or equal " 677 + "to start-label"; 678 } 679 description 680 "Label-range end."; 681 } 682 uses sl-pol-ss-mpls-label-location; 683 } 684 } 685 } 686 } 687 container ipv4 { 688 description 689 "Container for IPv4 Slice Selector."; 690 leaf-list destination-prefix { 691 type inet:ipv4-prefix; 692 description 693 "IPv4 Slice Selector is picked from a specified set of 694 IPv4 destination prefixes."; 695 } 696 } 697 container ipv6 { 698 description 699 "Container for IPv6 Slice Selector."; 700 choice ss-ipv6-type { 701 description 702 "Choices for IPv6 Slice Selector."; 703 case ipv6-destination { 704 leaf-list destination-prefix { 705 type inet:ipv6-prefix; 706 description 707 "IPv6 Slice Selector is picked from a specified 708 set of IPv6 destination prefixes."; 709 } 710 } 711 case ipv6-flow-label { 712 container slid-flow-labels { 713 description 714 "Container for a set of Slice IDs that are 715 encoded within the flow label."; 716 list slid-flow-label { 717 key "slid"; 718 description 719 "IPv6 Slice Selector is picked from a set of 720 Slice IDs that are encoded within the flow 721 label."; 722 leaf slid { 723 type inet:ipv6-flow-label; 724 description 725 "Slice ID encoded inside the IPv6 flow label."; 726 } 727 leaf bitmask { 728 type uint32; 729 description 730 "Bitmask to extract the encoded Slice ID from 731 the IPv6 flow label."; 732 } 733 } 734 } 735 } 736 } 738 } 739 leaf-list acl-ref { 740 type slice-policy-acl-ref; 741 description 742 "Slice Selection is done based on the specified list of 743 ACLs."; 744 } 745 } 746 } 747 } 749 /* 750 * Grouping - Slice Policy Resource Reservation 751 */ 753 grouping sl-pol-resource-reservation { 754 description 755 "Grouping for slice policy resource reservation."; 756 container resource-reservation { 757 description 758 "Container for slice policy resource reservation."; 759 leaf preference { 760 type uint16; 761 description 762 "Control plane preference for the corresponding 763 Network Resource Partition (NRP). A higher 764 preference indicates a more favorable resource 765 reservation than a lower preference."; 766 } 767 choice max-bw-type { 768 description 769 "Choice of maximum bandwidth specification."; 770 case bw-value { 771 leaf maximum-bandwidth { 772 type uint64; 773 description 774 "The maximum bandwidth allocated to an NRP 775 - specified as absolute value."; 776 } 777 } 778 case bw-percentage { 779 leaf maximum-bandwidth-percent { 780 type rt-types:percentage; 781 description 782 "The maximum bandwidth allocated to an NRP 783 - specified as percentage of link 784 capacity."; 785 } 787 } 788 } 789 leaf-list shared-resource-groups { 790 type uint32; 791 description 792 "List of shared resource groups that an NRP 793 shares its allocated resources with."; 794 } 795 container protection { 796 description 797 "Container for NRP rotection reservation."; 798 leaf backup-nrp-id { 799 type uint32; 800 description 801 "The ID that identifies the NRP used for 802 backup paths that protect primary paths 803 setup over a specific NRP."; 804 } 805 choice backup-bw-type { 806 description 807 "Choice of backup bandwidth specification."; 808 case backup-bw-value { 809 leaf backup-bandwidth { 810 type uint64; 811 description 812 "The maximum bandwidth on a network resource that 813 is allocated for backup traffic - specified as 814 absolute value."; 815 } 816 } 817 case backup-bw-percentage { 818 leaf backup-bandwidth-percent { 819 type rt-types:percentage; 820 description 821 "The maximum bandwidth on a network resource that 822 is allocated for backup traffic - specified as 823 percentage of the link capacity."; 824 } 825 } 826 } 827 } 828 } 829 } 831 /* 832 * Grouping - Slice policy PHB (S-PHB) 833 */ 835 grouping sl-pol-phb { 836 description 837 "Grouping for S-PHB."; 838 leaf phb { 839 type slice-policy-phb-ref; 840 description 841 "Reference to a specific PHB from the list of global 842 PHBs."; 843 } 844 } 846 /* 847 * Grouping - Slice policy default profile override 848 */ 850 grouping sl-pol-override-options { 851 description 852 "Grouping of fields that are used to override the default 853 profile of the slice policy."; 854 leaf slice-selector-override { 855 type slice-policy-ss-ref; 856 description 857 "Reference to a specific Slice Selector (different from 858 default)."; 859 } 860 leaf phb-override { 861 type slice-policy-phb-ref; 862 description 863 "Reference to a specific PHB (different from default)."; 864 } 865 } 867 /* 868 * Grouping - Member Topologies 869 */ 871 grouping sl-pol-member-topologies { 872 description 873 "Grouping for member topologies."; 874 container member-topologies { 875 description 876 "Container for member topologies."; 877 list member-topology { 878 key "topology-filter"; 879 description 880 "List of member topologies."; 881 leaf topology-filter { 882 type slice-policy-topo-filter-ref; 883 description 884 "Reference to a specific topology filter from the list 885 of global topology filters."; 886 } 887 uses sl-pol-override-options; 888 } 889 } 890 } 892 /* 893 * Grouping - Per-Hop Behaviors (PHBs) 894 */ 896 grouping sl-pol-phbs { 897 description 898 "Grouping for PHBs."; 899 container phbs { 900 description 901 "Container for PHBs."; 902 list phb { 903 key "id"; 904 description 905 "List of PHBs."; 906 leaf id { 907 type uint16; 908 description 909 "A 16-bit ID that uniquely identifies the PHB."; 910 } 911 choice profile-type { 912 description 913 "Choice of PHB profile type."; 914 case profile { 915 description 916 "Generic PHB profile available on the network 917 element."; 918 leaf profile { 919 type string; 920 description 921 "Generic PHB profile identifier."; 922 } 923 } 924 case custom-profile { 925 description 926 "Custom PHB profile."; 927 choice guaranteed-rate-type { 928 description 929 "Guaranteed rate is the committed information rate 930 (CIR) of the slice aggregate that the NRP is 931 associated with. The guaranteed rate 932 also determines the amount of excess (extra) 933 bandwidth that a group of NRPs can 934 share. Extra bandwidth is allocated among the 935 group in proportion to the guaranteed rate of 936 each associated slice aggregate."; 937 case rate { 938 leaf guaranteed-rate { 939 type uint64; 940 description 941 "Guaranteed rate specified as absolute value."; 942 } 943 } 944 case percentage { 945 leaf guaranteed-rate-percent { 946 type rt-types:percentage; 947 description 948 "Guaranteed rate specified in percentage."; 949 } 950 } 951 } 952 choice shaping-rate-type { 953 description 954 "Shaping rate (peak information rate - PIR) 955 is the maximum bandwidth of the slice 956 aggregate that the NRP is associated 957 with."; 958 case rate { 959 leaf shaping-rate { 960 type uint64; 961 description 962 "Shaping rate specified as absolute value."; 963 } 964 } 965 case percentage { 966 leaf shaping-rate-percent { 967 type rt-types:percentage; 968 description 969 "Shaping rate specified in percentage."; 970 } 971 } 972 } 973 container classes { 974 description 975 "Container for classes."; 976 list class { 977 key "class-id"; 978 description 979 "List of classes."; 980 leaf class-id { 981 type string; 982 description 983 "A string to uniquely identify a class."; 984 } 985 leaf direction { 986 type identityref { 987 base s-phb-class-direction; 988 } 989 description 990 "Class direction."; 991 } 992 leaf priority { 993 type identityref { 994 base s-phb-class-priority; 995 } 996 description 997 "Priority of the class scheduler. Only one NRP 998 class queue can be set as a strict-high 999 priority queue. Strict-high priority 1000 allocates the scheduled bandwidth to 1001 the queue before any other queue receives 1002 bandwidth. Other queues receive the bandwidth 1003 that remains after the strict-high queue has 1004 been serviced."; 1005 } 1006 choice guaranteed-rate-type { 1007 description 1008 "Guaranteed Rate is the Committed information 1009 rate (CIR) of slice aggregate class (that 1010 the NRP is associated with) - specified 1011 as absolute value or percentage."; 1012 case rate { 1013 leaf guaranteed-rate { 1014 type uint64; 1015 description 1016 "Guaranteed rate specified as absolute 1017 value."; 1018 } 1019 } 1020 case percentage { 1021 leaf guaranteed-rate-percent { 1022 type rt-types:percentage; 1023 description 1024 "Guaranteed rate specified in percentage."; 1025 } 1026 } 1028 } 1029 leaf drop-probability { 1030 type identityref { 1031 base s-phb-class-drop-probability; 1032 } 1033 description 1034 "Drop probability applied to packets exceeding 1035 the CIR of the class queue."; 1036 } 1037 choice maximum-bandwidth-type { 1038 description 1039 "Maximum bandwidth is the Peak information 1040 rate (PIR) of slice aggregate class (that 1041 the NRP is associated with) - specified 1042 as absolute value or percentage."; 1043 case rate { 1044 leaf maximum-bandwidth { 1045 type uint64; 1046 description 1047 "Maximum bandwidth specified as absolute 1048 value."; 1049 } 1050 } 1051 case percentage { 1052 leaf maximum-bandwidth-percent { 1053 type rt-types:percentage; 1054 description 1055 "Maximum bandwidth specified as percentage."; 1056 } 1057 } 1058 } 1059 choice delay-buffer-size-type { 1060 description 1061 "Size of the queue buffer as a percentage of the 1062 dedicated buffer space - specified as value or 1063 percentage."; 1064 case value { 1065 leaf delay-buffer-size { 1066 type uint64; 1067 description 1068 "Delay buffer size."; 1069 } 1070 } 1071 case percentage { 1072 leaf delay-buffer-size-percent { 1073 type rt-types:percentage; 1074 description 1075 "Delay buffer size specified as percentage."; 1077 } 1078 } 1079 } 1080 } 1081 } 1082 } 1083 } 1084 } 1085 } 1086 } 1088 /* 1089 * Grouping - Slice Policies 1090 */ 1092 grouping sl-policies { 1093 description 1094 "Grouping for slice policies."; 1095 container slice-policies { 1096 description 1097 "Container for slice policies."; 1098 list slice-policy { 1099 key "name"; 1100 unique "nrp-id"; 1101 description 1102 "List of slice policies."; 1103 leaf name { 1104 type string; 1105 description 1106 "A string that uniquely identifies the slice policy."; 1107 } 1108 leaf nrp-id { 1109 type uint32; 1110 description 1111 "A 32-bit ID that uniquely identifies the NRP 1112 created by the enforcement of this slice 1113 policy."; 1114 } 1115 uses sl-pol-resource-reservation; 1116 uses sl-pol-slice-selector; 1117 uses sl-pol-phb; 1118 uses sl-pol-member-topologies; 1119 } 1120 } 1121 } 1123 /* 1124 * Top-level container - Network Slicing 1125 */ 1127 container network-slicing { 1128 presence "Enable network slicing."; 1129 description 1130 "Top-level container for network slicing specific constructs 1131 on a slice policy capable network entity."; 1132 uses sl-pol-phbs; 1133 uses sl-policies; 1134 } 1135 } 1136 1138 3. Acknowledgements 1140 The authors would like to thank Krzysztof Szarkowicz for his input 1141 from discussions. 1143 4. Contributors 1145 The following individuals contributed to this document: 1147 Colby Barth 1148 Juniper Networks 1149 Email: cbarth@juniper.net 1151 Srihari R. Sangli 1152 Juniper Networks 1153 Email: ssangli@juniper.net 1155 Chandra Ramachandran 1156 Juniper Networks 1157 Email: csekar@juniper.net 1159 5. IANA Considerations 1161 This document registers the following URI in the IETF XML registry 1162 [RFC3688]. Following the format in [RFC3688], the following 1163 registration is requested to be made. 1165 URI: urn:ietf:params:xml:ns:yang:ietf-slice-policy 1166 Registrant Contact: The TEAS WG of the IETF. 1167 XML: N/A, the requested URI is an XML namespace. 1169 This document registers a YANG module in the YANG Module Names 1170 registry [RFC6020]. 1172 name: ietf-slice-policy 1173 namespace: urn:ietf:params:xml:ns:yang:ietf-slice-policy 1174 prefix: sl-pol 1175 reference: RFCXXXX 1177 6. Security Considerations 1179 The YANG module specified in this document defines a schema for data 1180 that is designed to be accessed via network management protocols such 1181 as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer 1182 is the secure transport layer, and the mandatory-to-implement secure 1183 transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer 1184 is HTTPS, and the mandatory-to-implement secure transport is TLS 1185 [RFC8446]. 1187 The Network Configuration Access Control Model (NACM) [RFC8341] 1188 provides the means to restrict access for particular NETCONF or 1189 RESTCONF users to a preconfigured subset of all available NETCONF or 1190 RESTCONF protocol operations and content. 1192 The data nodes defined in this YANG module that are 1193 writable/creatable/deletable (i.e., config true, which is the 1194 default) may be considered sensitive or vulnerable in some network 1195 environments. Write operations (e.g., edit-config) to these data 1196 nodes without proper protection can have a negative effect on network 1197 operations. These are the subtrees and data nodes and their 1198 sensitivity/vulnerability: 1200 * "/network-slicing/phbs": This subtree specifies the configurations 1201 for slice policy per-hop behaviors. By manipulating these data 1202 nodes, a malicious attacker may cause unauthorized and improper 1203 behavior to be provided for the slice aggregate traffic on the 1204 network element. 1206 * "/network-slicing/slice-policies": This subtree specifies the 1207 configurations for slice policies on a given network element. By 1208 manipulating these data nodes, a malicious attacker may cause 1209 unauthorized and improper behavior to be provided for the slice 1210 aggregate traffic on the network element. 1212 The readable data nodes in this YANG module may be considered 1213 sensitive or vulnerable in some network environments. It is thus 1214 important to control read access (e.g., via get, get-config, or 1215 notification) to these data nodes. These are the subtrees and data 1216 nodes and their sensitivity/vulnerability: 1218 * "/network-slicing/phbs": Unauthorized access to this subtree can 1219 disclose the slice policy PHBs defined on the network element. 1221 * "/network-slicing/slice-policies": Unauthorized access to this 1222 subtree can disclose the slice policy definitions on the network 1223 element. 1225 7. References 1227 7.1. Normative References 1229 [I-D.bestbar-teas-ns-packet] 1230 Saad, T., Beeram, V. P., Wen, B., Ceccarelli, D., Halpern, 1231 J., Peng, S., Chen, R., Liu, X., Contreras, L. M., and R. 1232 Rokui, "Realizing Network Slices in IP/MPLS Networks", 1233 draft-bestbar-teas-ns-packet-04 (work in progress), 1234 October 2021. 1236 [I-D.bestbar-teas-yang-topology-filter] 1237 Beeram, V. P., Saad, T., and R. Gandhi, "YANG Data Model 1238 for Topology Filter", draft-bestbar-teas-yang-topology- 1239 filter-01 (work in progress), October 2021. 1241 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1242 Requirement Levels", BCP 14, RFC 2119, 1243 DOI 10.17487/RFC2119, March 1997, 1244 . 1246 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 1247 DOI 10.17487/RFC3688, January 2004, 1248 . 1250 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 1251 the Network Configuration Protocol (NETCONF)", RFC 6020, 1252 DOI 10.17487/RFC6020, October 2010, 1253 . 1255 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 1256 and A. Bierman, Ed., "Network Configuration Protocol 1257 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 1258 . 1260 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 1261 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 1262 . 1264 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 1265 RFC 7950, DOI 10.17487/RFC7950, August 2016, 1266 . 1268 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 1269 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 1270 . 1272 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 1273 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 1274 May 2017, . 1276 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration 1277 Access Control Model", STD 91, RFC 8341, 1278 DOI 10.17487/RFC8341, March 2018, 1279 . 1281 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 1282 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 1283 . 1285 7.2. Informative References 1287 [I-D.ietf-teas-ietf-network-slices] 1288 Farrel, A., Gray, E., Drake, J., Rokui, R., Homma, S., 1289 Makhijani, K., Contreras, L. M., and J. Tantsura, 1290 "Framework for IETF Network Slices", draft-ietf-teas-ietf- 1291 network-slices-04 (work in progress), August 2021. 1293 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 1294 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 1295 . 1297 Appendix A. Complete Model Tree Structure 1299 module: ietf-slice-policy 1300 +--rw network-slicing! 1301 +--rw phbs 1302 | +--rw phb* [id] 1303 | +--rw id uint16 1304 | +--rw (profile-type)? 1305 | +--:(profile) 1306 | | +--rw profile? string 1307 | +--:(custom-profile) 1308 | +--rw (guaranteed-rate-type)? 1309 | | +--:(rate) 1310 | | | +--rw guaranteed-rate? uint64 1311 | | +--:(percentage) 1312 | | +--rw guaranteed-rate-percent? 1313 | | rt-types:percentage 1314 | +--rw (shaping-rate-type)? 1315 | | +--:(rate) 1316 | | | +--rw shaping-rate? uint64 1317 | | +--:(percentage) 1318 | | +--rw shaping-rate-percent? 1319 | | rt-types:percentage 1320 | +--rw classes 1321 | +--rw class* [class-id] 1322 | +--rw class-id 1323 | | string 1324 | +--rw direction? 1325 | | identityref 1326 | +--rw priority? 1327 | | identityref 1328 | +--rw (guaranteed-rate-type)? 1329 | | +--:(rate) 1330 | | | +--rw guaranteed-rate? 1331 | | | uint64 1332 | | +--:(percentage) 1333 | | +--rw guaranteed-rate-percent? 1334 | | rt-types:percentage 1335 | +--rw drop-probability? 1336 | | identityref 1337 | +--rw (maximum-bandwidth-type)? 1338 | | +--:(rate) 1339 | | | +--rw maximum-bandwidth? 1340 | | | uint64 1341 | | +--:(percentage) 1342 | | +--rw maximum-bandwidth-percent? 1343 | | rt-types:percentage 1344 | +--rw (delay-buffer-size-type)? 1345 | +--:(value) 1346 | | +--rw delay-buffer-size? 1347 | | uint64 1348 | +--:(percentage) 1349 | +--rw delay-buffer-size-percent? 1350 | rt-types:percentage 1351 +--rw slice-policies 1352 +--rw slice-policy* [name] 1353 +--rw name string 1354 +--rw nrp-id? uint32 1355 +--rw resource-reservation 1356 | +--rw preference? uint16 1357 | +--rw (max-bw-type)? 1358 | | +--:(bw-value) 1359 | | | +--rw maximum-bandwidth? uint64 1360 | | +--:(bw-percentage) 1361 | | +--rw maximum-bandwidth-percent? 1362 | | rt-types:percentage 1363 | +--rw shared-resource-groups* uint32 1364 | +--rw protection 1365 | +--rw backup-nrp-id? uint32 1366 | +--rw (backup-bw-type)? 1367 | +--:(backup-bw-value) 1368 | | +--rw backup-bandwidth? uint64 1369 | +--:(backup-bw-percentage) 1370 | +--rw backup-bandwidth-percent? 1371 | rt-types:percentage 1372 +--rw slice-selectors 1373 | +--rw slice-selector* [index] 1374 | +--rw index uint16 1375 | +--rw mpls 1376 | | +--rw (ss-mpls-type)? 1377 | | +--:(label) 1378 | | | +--rw (specification-type)? 1379 | | | +--:(derived) 1380 | | | | +--rw forwarding-label? empty 1381 | | | +--:(explicit) 1382 | | | +--rw label? 1383 | | | | rt-types:mpls-label 1384 | | | +--rw label-position? 1385 | | | | identityref 1386 | | | +--rw label-position-offset? uint8 1387 | | +--:(label-ranges) 1388 | | +--rw label-range* [index] 1389 | | +--rw index string 1390 | | +--rw start-label? 1391 | | | rt-types:mpls-label 1392 | | +--rw end-label? 1393 | | | rt-types:mpls-label 1394 | | +--rw label-position? 1395 | | | identityref 1396 | | +--rw label-position-offset? uint8 1397 | +--rw ipv4 1398 | | +--rw destination-prefix* inet:ipv4-prefix 1399 | +--rw ipv6 1400 | | +--rw (ss-ipv6-type)? 1401 | | +--:(ipv6-destination) 1402 | | | +--rw destination-prefix* 1403 | | | inet:ipv6-prefix 1404 | | +--:(ipv6-flow-label) 1405 | | +--rw slid-flow-labels 1406 | | +--rw slid-flow-label* [slid] 1407 | | +--rw slid 1408 | | | inet:ipv6-flow-label 1409 | | +--rw bitmask? uint32 1410 | +--rw acl-ref* slice-policy-acl-ref 1411 +--rw phb? slice-policy-phb-ref 1412 +--rw member-topologies 1413 +--rw member-topology* [topology-filter] 1414 +--rw topology-filter 1415 | slice-policy-topo-filter-ref 1416 +--rw slice-selector-override? 1417 | slice-policy-ss-ref 1418 +--rw phb-override? 1419 slice-policy-phb-ref 1421 Authors' Addresses 1423 Tarek Saad 1424 Juniper Networks 1426 Email: tsaad@juniper.net 1428 Vishnu Pavan Beeram 1429 Juniper Networks 1431 Email: vbeeram@juniper.net 1433 Bin Wen 1434 Comcast 1436 Email: Bin_Wen@cable.comcast.com 1438 Daniele Ceccarelli 1439 Ericsson 1441 Email: daniele.ceccarelli@ericsson.com 1443 Shaofu Peng 1444 ZTE Corporation 1446 Email: peng.shaofu@zte.com.cn 1448 Ran Chen 1449 ZTE Corporation 1451 Email: chen.ran@zte.com.cn 1452 Luis M. Contreras 1453 Telefonica 1455 Email: luismiguel.contrerasmurillo@telefonica.com 1457 Xufeng Liu 1458 Volta Networks 1460 Email: xufeng.liu.ietf@gmail.com