idnits 2.17.1 draft-boucadair-pcp-yang-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document doesn't use any RFC 2119 keywords, yet seems to have RFC 2119 boilerplate text. -- The document date (November 22, 2016) is 2685 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 6536 (Obsoleted by RFC 8341) -- Obsolete informational reference (is this intentional?): RFC 6087 (Obsoleted by RFC 8407) Summary: 1 error (**), 0 flaws (~~), 2 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group M. Boucadair 3 Internet-Draft C. Jacquenet 4 Intended status: Standards Track Orange 5 Expires: May 26, 2017 S. Sivakumar 6 Cisco Systems 7 S. Vinapamula 8 Juniper Networks 9 November 22, 2016 11 YANG Data Models for the Port Control Protocol (PCP) 12 draft-boucadair-pcp-yang-03 14 Abstract 16 This document defines YANG data models for the Port Control Protocol 17 (PCP), including PCP client, PCP server, PCP proxy, and Universal 18 Plug and Play (UPnP) Internet Gateway Device - Port Control Protocol 19 Interworking Function. 21 Status of This Memo 23 This Internet-Draft is submitted in full conformance with the 24 provisions of BCP 78 and BCP 79. 26 Internet-Drafts are working documents of the Internet Engineering 27 Task Force (IETF). Note that other groups may also distribute 28 working documents as Internet-Drafts. The list of current Internet- 29 Drafts is at http://datatracker.ietf.org/drafts/current/. 31 Internet-Drafts are draft documents valid for a maximum of six months 32 and may be updated, replaced, or obsoleted by other documents at any 33 time. It is inappropriate to use Internet-Drafts as reference 34 material or to cite them other than as "work in progress." 36 This Internet-Draft will expire on May 26, 2017. 38 Copyright Notice 40 Copyright (c) 2016 IETF Trust and the persons identified as the 41 document authors. All rights reserved. 43 This document is subject to BCP 78 and the IETF Trust's Legal 44 Provisions Relating to IETF Documents 45 (http://trustee.ietf.org/license-info) in effect on the date of 46 publication of this document. Please review these documents 47 carefully, as they describe your rights and restrictions with respect 48 to this document. Code Components extracted from this document must 49 include Simplified BSD License text as described in Section 4.e of 50 the Trust Legal Provisions and are provided without warranty as 51 described in the Simplified BSD License. 53 Table of Contents 55 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 56 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 57 1.2. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 3 58 1.3. IP Address Format . . . . . . . . . . . . . . . . . . . . 4 59 2. Overview of the PCP Data Models . . . . . . . . . . . . . . . 4 60 2.1. Common PCP . . . . . . . . . . . . . . . . . . . . . . . 4 61 2.2. PCP Client . . . . . . . . . . . . . . . . . . . . . . . 4 62 2.3. UPnP IGD/PCP Interworking Function . . . . . . . . . . . 8 63 2.4. PCP Proxy . . . . . . . . . . . . . . . . . . . . . . . . 11 64 2.5. PCP Server . . . . . . . . . . . . . . . . . . . . . . . 15 65 3. YANG Modules . . . . . . . . . . . . . . . . . . . . . . . . 21 66 3.1. Common PCP Module . . . . . . . . . . . . . . . . . . . . 21 67 3.2. PCP Client . . . . . . . . . . . . . . . . . . . . . . . 38 68 3.3. UPnP IGD/PCP Interworking Function . . . . . . . . . . . 44 69 3.4. PCP Proxy . . . . . . . . . . . . . . . . . . . . . . . . 50 70 3.5. PCP Server . . . . . . . . . . . . . . . . . . . . . . . 58 71 4. Security Considerations . . . . . . . . . . . . . . . . . . . 74 72 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 75 73 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 76 74 6.1. Normative references . . . . . . . . . . . . . . . . . . 76 75 6.2. Informative references . . . . . . . . . . . . . . . . . 78 76 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 78 78 1. Introduction 80 This document defines a data model for the Port Control Protocol 81 (PCP, [RFC6887]) using the YANG data modeling language [RFC6020]. 82 The following functional elements are in scope: 84 o PCP client [RFC6887]. 86 o PCP server [RFC6887]. 88 o PCP proxy [RFC7648]. 90 o Universal Plug and Play (UPnP) Internet Gateway Device - Port 91 Control Protocol Interworking Function (UPnP IGD-PCP IWF) 92 [RFC6970]. 94 In addition to the base features defined in [RFC6887], this document 95 covers the following capabilities: 97 o PCP Description option [RFC7220]. 99 o PCP Prefix64 discovery option [RFC7225]. 101 o PCP Port set allocation [RFC7753]. 103 In conformance with [RFC7291] and [RFC7488], this document assumes 104 that multiple PCP servers may be configured to a PCP client, PCP 105 proxy, or UPnP IGD-PCP IWF; each server is defined by a list of IP 106 addresses. 108 This document follows the guidelines of [RFC6087]. 110 This document uses the common YANG types defined in [RFC6991]. 112 This document does not allow to manage advanced PCP authentication 113 features [RFC7652]. 115 1.1. Requirements Language 117 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 118 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 119 document are to be interpreted as described in [RFC2119]. 121 This document makes use of the terms defined in [RFC6887], [RFC7648], 122 [RFC6970], and [RFC6970]. 124 The terminology for describing YANG data models is defined in 125 [RFC6020]. 127 1.2. Tree Diagrams 129 The meaning of the symbols in these diagrams is as follows: 131 o Brackets "[" and "]" enclose list keys. 133 o Curly braces "{" and "}" contain names of optional features that 134 make the corresponding node conditional. 136 o Abbreviations before data node names: "rw" means configuration 137 (read-write), "ro" state data (read-only). 139 o Symbols after data node names: "?" means an optional node, "!" a 140 container with presence, and "*" denotes a "list" or "leaf-list". 142 o Parentheses enclose choice and case nodes, and case nodes are also 143 marked with a colon (":"). 145 o Ellipsis ("...") stands for contents of subtrees that are not 146 shown. 148 1.3. IP Address Format 150 Following the rationale defined in Section 5 of [RFC6887], this 151 document uses IPv4-mapped IPv6 addresses to encode IPv4 addresses. 153 The all-zeros IPv6 address are expressed as (::). 155 The all-zeros IPv4 address is expressed by 80 bits of zeros, 16 bits 156 of ones, and 32 bits of zeros (::ffff:0:0). 158 2. Overview of the PCP Data Models 160 The following sub-sections provide an overview of the PCP data 161 models. 163 2.1. Common PCP 165 Common PCP YANG data model groups a set of common definitions that 166 are used in all PCP modules. 168 2.2. PCP Client 170 Figure 1 depicts the YANG data model for the PCP client. 172 module: ietf-pcp-client 173 +--rw pcp-client-config 174 | +--rw enable? boolean 175 | +--rw description? string 176 | +--rw pcp-client-instances 177 | +--rw pcp-client-instance* [id] 178 | +--rw id uint32 179 | +--rw name? string 180 | +--rw version* [version] 181 | | +--rw version uint8 182 | +--rw pcp-servers* [pcp-server-id] 183 | | +--rw pcp-server-id uint32 184 | | +--rw pcp-server-ip-address* [address-id] 185 | | | +--rw address-id uint32 186 | | | +--rw ip-address inet:ipv6-address 187 | | +--rw external-address-familly inet:ip-version 188 | | +--rw stale-external-ip-address? inet:ipv6-prefix 189 | +--rw authentication-enable? boolean 190 | +--rw opcode-configuration 191 | | +--rw map? boolean 192 | | +--rw peer? boolean 193 | | +--rw announce? boolean 194 | +--rw option-configuration 195 | | +--rw third-party? boolean 196 | | +--rw prefer-failure? boolean 197 | | +--rw filter 198 | | | +--rw filter-enabled boolean 199 | | | +--rw max-filters? uint32 200 | | +--rw port-set? boolean 201 | | +--rw description 202 | | | +--rw description-enabled boolean 203 | | | +--rw max-description? uint32 204 | | +--rw prefix64? boolean 205 | +--rw mapping-table 206 | +--rw mapping-entry* [index] 207 | +--rw index uint32 208 | +--rw status? enumeration 209 | +--rw mapping-nonce string 210 | +--rw internal-ip-address inet:ipv6-prefix 211 | +--rw internal-port 212 | | +--rw (port-type)? 213 | | +--:(single-port-number) 214 | | | +--rw single-port-number? inet:port-number 215 | | +--:(port-range) 216 | | +--rw start-port-number? inet:port-number 217 | | +--rw end-port-number? inet:port-number 218 | +--rw external-ip-address inet:ipv6-prefix 219 | +--rw external-port 220 | | +--rw (port-type)? 221 | | +--:(single-port-number) 222 | | | +--rw single-port-number? inet:port-number 223 | | +--:(port-range) 224 | | +--rw start-port-number? inet:port-number 225 | | +--rw end-port-number? inet:port-number 226 | +--rw protocol uint8 227 | +--rw lifetime uint32 228 | +--rw third-party-address? inet:ipv6-prefix 229 | +--rw filter* [filter-id] 230 | | +--rw filter-id uint32 231 | | +--rw remote-ip-prefix inet:ipv6-prefix 232 | | +--rw remote-port-number inet:port-number 233 | +--rw description? string 234 | +--rw prefer-failure-tagged? boolean 235 +--ro pcp-client-state 236 +--ro pcp-client-instances 237 +--ro pcp-client-instance* [id] 238 +--ro id int32 239 +--ro name? string 240 +--ro pcp-client-ip-address* [address-id] 241 | +--ro address-id uint32 242 | +--ro ip-address? inet:ipv6-address 243 +--ro supported-version* [version] 244 | +--ro version uint8 245 +--ro preferred-version? uint8 246 +--ro pcp-server-address* [pcp-server-id] 247 | +--ro pcp-server-id uint32 248 | +--ro pcp-server-ip-address* [address-id] 249 | | +--ro address-id uint32 250 | | +--ro ip-address inet:ipv6-address 251 | +--ro external-address-familly inet:ip-version 252 | +--ro stale-external-ip-address? inet:ipv6-prefix 253 | +--ro source? enumeration 254 | +--ro in-use? boolean 255 | +--ro server-epoch? uint32 256 | +--ro client-epoch? uint32 257 | +--ro current-version? uint8 258 +--ro authentication-support? boolean 259 +--ro opcode-capability 260 | +--ro map? boolean 261 | +--ro peer? boolean 262 | +--ro announce? boolean 263 +--ro option-capability 264 | +--ro third-party? boolean 265 | +--ro prefer-failure? boolean 266 | +--ro filter 267 | | +--ro filter-enabled boolean 268 | | +--ro max-filters? uint32 269 | +--ro port-set? boolean 270 | +--ro description 271 | | +--ro description-enabled boolean 272 | | +--ro max-description? uint32 273 | +--ro prefix64? boolean 274 +--ro opcode-configuration 275 | +--ro map? boolean 276 | +--ro peer? boolean 277 | +--ro announce? boolean 278 +--ro option-configuration 279 | +--ro third-party? boolean 280 | +--ro prefer-failure? boolean 281 | +--ro filter 282 | | +--ro filter-enabled boolean 283 | | +--ro max-filters? uint32 284 | +--ro port-set? boolean 285 | +--ro description 286 | | +--ro description-enabled boolean 287 | | +--ro max-description? uint32 288 | +--ro prefix64? boolean 289 +--ro authentication-enabled? boolean 290 +--ro mapping-table 291 | +--ro mapping-entry* [index] 292 | +--ro index uint32 293 | +--ro status? enumeration 294 | +--ro mapping-nonce string 295 | +--ro internal-ip-address inet:ipv6-prefix 296 | +--ro internal-port 297 | | +--ro (port-type)? 298 | | +--:(single-port-number) 299 | | | +--ro single-port-number? inet:port-number 300 | | +--:(port-range) 301 | | +--ro start-port-number? inet:port-number 302 | | +--ro end-port-number? inet:port-number 303 | +--ro external-ip-address inet:ipv6-prefix 304 | +--ro external-port 305 | | +--ro (port-type)? 306 | | +--:(single-port-number) 307 | | | +--ro single-port-number? inet:port-number 308 | | +--:(port-range) 309 | | +--ro start-port-number? inet:port-number 310 | | +--ro end-port-number? inet:port-number 311 | +--ro protocol uint8 312 | +--ro lifetime uint32 313 | +--ro third-party-address? inet:ipv6-prefix 314 | +--ro filter* [filter-id] 315 | | +--ro filter-id uint32 316 | | +--ro remote-ip-prefix inet:ipv6-prefix 317 | | +--ro remote-port-number inet:port-number 318 | +--ro description? string 319 | +--ro prefer-failure-tagged? boolean 320 | +--ro status-code? enumeration 321 +--ro traffic-statistics 322 +--ro traffic-statistics 323 | +--ro sent-packet? yang:zero-based-counter64 324 | +--ro sent-byte? yang:zero-based-counter64 325 | +--ro rcvd-packet? yang:zero-based-counter64 326 | +--ro rcvd-byte? yang:zero-based-counter64 327 | +--ro dropped-packet? yang:zero-based-counter64 328 | +--ro dropped-byte? yang:zero-based-counter64 329 +--ro opcode-statistics 330 | +--ro sent-map? yang:zero-based-counter64 331 | +--ro rcvd-map? yang:zero-based-counter64 332 | +--ro sent-peer? yang:zero-based-counter64 333 | +--ro rcvd-peer? yang:zero-based-counter64 334 | +--ro sent-annonce? yang:zero-based-counter64 335 | +--ro rcvd-announce? yang:zero-based-counter64 336 | +--ro rcvd-unknown? yang:zero-based-counter64 337 | +--ro rcvd-malformed? yang:zero-based-counter64 338 +--ro mapping-table 339 +--ro current-mt-size? yang:zero-based-counter64 340 +--ro max-mt-size? uint32 342 Figure 1: PCP Client YANG Data Model 344 2.3. UPnP IGD/PCP Interworking Function 346 Figure 2 depicts the YANG data model for the UPnP IGD-PCP IWF. 348 module: ietf-pcp-iwf 349 +--rw pcp-iwf-config 350 | +--rw enable? boolean 351 | +--rw pcp-igd-iwf-instances 352 | +--rw pcp-igd-iwf-instance* [id] 353 | +--rw id uint32 354 | +--rw name? string 355 | +--rw version* [version] 356 | | +--rw version uint8 357 | +--rw pcp-servers* [pcp-server-id] 358 | | +--rw pcp-server-id uint32 359 | | +--rw pcp-server-ip-address* [address-id] 360 | | | +--rw address-id uint32 361 | | | +--rw ip-address inet:ipv6-address 362 | | +--rw external-address-familly inet:ip-version 363 | | +--rw stale-external-ip-address? inet:ipv6-prefix 364 | +--rw authentication-enable? boolean 365 | +--rw igd-version 366 | | +--rw igd-version? enumeration 367 | +--rw mapping-table 368 | +--rw mapping-entry* [index] 369 | +--rw igd-control-point-address? inet:ip-address 370 | +--rw igd-control-point-port? inet:port-number 371 | +--rw index uint32 372 | +--rw status? enumeration 373 | +--rw mapping-nonce string 374 | +--rw internal-ip-address inet:ipv6-prefix 375 | +--rw internal-port 376 | | +--rw (port-type)? 377 | | +--:(single-port-number) 378 | | | +--rw single-port-number? inet:port-number 379 | | +--:(port-range) 380 | | +--rw start-port-number? inet:port-number 381 | | +--rw end-port-number? inet:port-number 382 | +--rw external-ip-address inet:ipv6-prefix 383 | +--rw external-port 384 | | +--rw (port-type)? 385 | | +--:(single-port-number) 386 | | | +--rw single-port-number? inet:port-number 387 | | +--:(port-range) 388 | | +--rw start-port-number? inet:port-number 389 | | +--rw end-port-number? inet:port-number 390 | +--rw protocol uint8 391 | +--rw lifetime uint32 392 | +--rw third-party-address? inet:ipv6-prefix 393 | +--rw filter* [filter-id] 394 | | +--rw filter-id uint32 395 | | +--rw remote-ip-prefix inet:ipv6-prefix 396 | | +--rw remote-port-number inet:port-number 397 | +--rw description? string 398 | +--rw prefer-failure-tagged? boolean 399 +--ro pcp-iwf-state 400 +--ro pcp-igd-iwf-instances 401 +--ro pcp-igd-iwf-instance* [id] 402 +--ro id int32 403 +--ro name? string 404 +--ro supported-version* [version] 405 | +--ro version uint8 406 +--ro preferred-version? uint8 407 +--ro pcp-igd-iwf-ip-address* [address-id] 408 | +--ro address-id uint32 409 | +--ro ip-address? inet:ipv6-address 410 +--ro authentication-support? boolean 411 +--ro authentication-enabled? boolean 412 +--ro igd-version-capability 413 | +--ro igd-version? enumeration 414 +--ro enabled-igd-version 415 | +--ro igd-version? enumeration 416 +--ro pcp-server-address* [pcp-server-id] 417 | +--ro pcp-server-id uint32 418 | +--ro pcp-server-ip-address* [address-id] 419 | | +--ro address-id uint32 420 | | +--ro ip-address inet:ipv6-address 421 | +--ro external-address-familly inet:ip-version 422 | +--ro stale-external-ip-address? inet:ipv6-prefix 423 | +--ro source? enumeration 424 | +--ro in-use? boolean 425 | +--ro server-epoch? uint32 426 | +--ro client-epoch? uint32 427 | +--ro current-version? uint8 428 +--ro mapping-table 429 | +--ro mapping-entry* [index] 430 | +--ro index uint32 431 | +--ro status? enumeration 432 | +--ro mapping-nonce string 433 | +--ro internal-ip-address inet:ipv6-prefix 434 | +--ro internal-port 435 | | +--ro (port-type)? 436 | | +--:(single-port-number) 437 | | | +--ro single-port-number? inet:port-number 438 | | +--:(port-range) 439 | | +--ro start-port-number? inet:port-number 440 | | +--ro end-port-number? inet:port-number 441 | +--ro external-ip-address inet:ipv6-prefix 442 | +--ro external-port 443 | | +--ro (port-type)? 444 | | +--:(single-port-number) 445 | | | +--ro single-port-number? inet:port-number 446 | | +--:(port-range) 447 | | +--ro start-port-number? inet:port-number 448 | | +--ro end-port-number? inet:port-number 449 | +--ro protocol uint8 450 | +--ro lifetime uint32 451 | +--ro third-party-address? inet:ipv6-prefix 452 | +--ro filter* [filter-id] 453 | | +--ro filter-id uint32 454 | | +--ro remote-ip-prefix inet:ipv6-prefix 455 | | +--ro remote-port-number inet:port-number 456 | +--ro description? string 457 | +--ro prefer-failure-tagged? boolean 458 | +--ro status-code? enumeration 459 | +--ro igd-control-point-address? inet:ip-address 460 | +--ro igd-control-point-port? inet:port-number 461 +--ro traffic-statistics 462 +--ro traffic-statistics 463 | +--ro sent-packet? yang:zero-based-counter64 464 | +--ro sent-byte? yang:zero-based-counter64 465 | +--ro rcvd-packet? yang:zero-based-counter64 466 | +--ro rcvd-byte? yang:zero-based-counter64 467 | +--ro dropped-packet? yang:zero-based-counter64 468 | +--ro dropped-byte? yang:zero-based-counter64 469 +--ro opcode-statistics 470 | +--ro sent-map? yang:zero-based-counter64 471 | +--ro rcvd-map? yang:zero-based-counter64 472 | +--ro sent-peer? yang:zero-based-counter64 473 | +--ro rcvd-peer? yang:zero-based-counter64 474 | +--ro sent-annonce? yang:zero-based-counter64 475 | +--ro rcvd-announce? yang:zero-based-counter64 476 | +--ro rcvd-unknown? yang:zero-based-counter64 477 | +--ro rcvd-malformed? yang:zero-based-counter64 478 +--ro mapping-table 479 +--ro current-mt-size? yang:zero-based-counter64 480 +--ro max-mt-size? uint32 482 Figure 2: IWF YANG Data Model 484 2.4. PCP Proxy 486 Figure 3 depicts the YANG data model for the PCP proxy. 488 module: ietf-pcp-proxy 489 +--rw pcp-proxy-config 490 | +--rw enable? boolean 491 | +--rw description? string 492 | +--rw pcp-proxy-instances 493 | +--rw pcp-proxy-instance* [id] 494 | | +--rw id uint32 495 | | +--rw name? string 496 | | +--rw version* [version] 497 | | | +--rw version uint8 498 | | +--rw pcp-servers* [pcp-server-id] 499 | | | +--rw pcp-server-id uint32 500 | | | +--rw pcp-server-ip-address* [address-id] 501 | | | | +--rw address-id uint32 502 | | | | +--rw ip-address inet:ipv6-address 503 | | | +--rw external-address-familly inet:ip-version 504 | | | +--rw stale-external-ip-address? inet:ipv6-prefix 505 | | +--rw authentication-enable? boolean 506 | | +--rw opcode-configuration 507 | | +--rw map? boolean 508 | | +--rw peer? boolean 509 | | +--rw announce? boolean 510 | | +--rw relay-unknown? boolean 511 | +--rw option-configuration 512 | | +--rw third-party? boolean 513 | | +--rw prefer-failure? boolean 514 | | +--rw filter 515 | | | +--rw filter-enabled boolean 516 | | | +--rw max-filters? uint32 517 | | +--rw port-set? boolean 518 | | +--rw description 519 | | | +--rw description-enabled boolean 520 | | | +--rw max-description? uint32 521 | | +--rw prefix64? boolean 522 | | +--rw relay-mandatory-unknown-option? boolean 523 | | +--rw relay-optionnal-unknown-option? boolean 524 | +--rw terminate-proxy-recursion? boolean 525 | +--rw mapping-table 526 | +--rw mapping-entry* [index] 527 | +--rw index uint32 528 | +--rw status? enumeration 529 | +--rw mapping-nonce string 530 | +--rw internal-ip-address inet:ipv6-prefix 531 | +--rw internal-port 532 | | +--rw (port-type)? 533 | | +--:(single-port-number) 534 | | | +--rw single-port-number? inet:port-number 535 | | +--:(port-range) 536 | | +--rw start-port-number? inet:port-number 537 | | +--rw end-port-number? inet:port-number 538 | +--rw external-ip-address inet:ipv6-prefix 539 | +--rw external-port 540 | | +--rw (port-type)? 541 | | +--:(single-port-number) 542 | | | +--rw single-port-number? inet:port-number 543 | | +--:(port-range) 544 | | +--rw start-port-number? inet:port-number 545 | | +--rw end-port-number? inet:port-number 546 | +--rw protocol uint8 547 | +--rw lifetime uint32 548 | +--rw third-party-address? inet:ipv6-prefix 549 | +--rw filter* [filter-id] 550 | | +--rw filter-id uint32 551 | | +--rw remote-ip-prefix inet:ipv6-prefix 552 | | +--rw remote-port-number inet:port-number 553 | +--rw description? string 554 | +--rw prefer-failure-tagged? boolean 555 | +--rw local-assigned-ip-address? inet:ipv6-prefix 556 | +--rw local-assigned-port 557 | +--rw (port-type)? 558 | +--:(single-port-number) 559 | | +--rw single-port-number? inet:port-number 560 | +--:(port-range) 561 | +--rw start-port-number? inet:port-number 562 | +--rw end-port-number? inet:port-number 563 +--ro pcp-proxy-state 564 +--ro pcp-proxy-instances 565 +--ro pcp-proxy-instance* [id] 566 +--ro id int32 567 +--ro name? string 568 +--ro supported-version* [version] 569 | +--ro version uint8 570 +--ro preferred-version? uint8 571 +--ro pcp-proxy-ip-address* [address-id] 572 | +--ro address-id uint32 573 | +--ro pcp-proxy-ip-address? inet:ipv6-address 574 +--ro pcp-server-address* [pcp-server-id] 575 | +--ro pcp-server-id uint32 576 | +--ro pcp-server-ip-address* [address-id] 577 | | +--ro address-id uint32 578 | | +--ro ip-address inet:ipv6-address 579 | +--ro external-address-familly inet:ip-version 580 | +--ro stale-external-ip-address? inet:ipv6-prefix 581 | +--ro source? enumeration 582 | +--ro in-use? boolean 583 | +--ro server-epoch? uint32 584 | +--ro client-epoch? uint32 585 | +--ro current-version? uint8 586 +--ro authentication-support? boolean 587 +--ro pcp-controlled-function-capability 588 | +--ro nat44? boolean 589 | +--ro nat64? boolean 590 | +--ro ds-lite? boolean 591 | +--ro nptv6? boolean 592 | +--ro ipv4-firewall? boolean 593 | +--ro ipv6-firewall? boolean 594 | +--ro port-range-router? boolean 595 +--ro opcode-capability 596 | +--ro map? boolean 597 | +--ro peer? boolean 598 | +--ro announce? boolean 599 | +--ro relay-unknown? boolean 600 +--ro option-capability 601 | +--ro third-party? boolean 602 | +--ro prefer-failure? boolean 603 | +--ro filter 604 | | +--ro filter-enabled boolean 605 | | +--ro max-filters? uint32 606 | +--ro port-set? boolean 607 | +--ro description 608 | | +--ro description-enabled boolean 609 | | +--ro max-description? uint32 610 | +--ro prefix64? boolean 611 | +--ro relay-mandatory-unknown-option? boolean 612 | +--ro relay-optionnal-unknown-option? boolean 613 +--ro opcode-configuration 614 | +--ro map? boolean 615 | +--ro peer? boolean 616 | +--ro announce? boolean 617 +--ro option-configuration 618 | +--ro third-party? boolean 619 | +--ro prefer-failure? boolean 620 | +--ro filter 621 | | +--ro filter-enabled boolean 622 | | +--ro max-filters? uint32 623 | +--ro port-set? boolean 624 | +--ro description 625 | | +--ro description-enabled boolean 626 | | +--ro max-description? uint32 627 | +--ro prefix64? boolean 628 | +--ro relay-mandatory-unknown-option? boolean 629 | +--ro relay-optionnal-unknown-option? boolean 630 +--ro authentication-enabled? boolean 631 +--ro terminate-proxy-recursion-status? boolean 632 +--ro mapping-table 633 | +--ro mapping-entry* [index] 634 | +--ro index uint32 635 | +--ro status? enumeration 636 | +--ro mapping-nonce string 637 | +--ro internal-ip-address inet:ipv6-prefix 638 | +--ro internal-port 639 | | +--ro (port-type)? 640 | | +--:(single-port-number) 641 | | | +--ro single-port-number? inet:port-number 642 | | +--:(port-range) 643 | | +--ro start-port-number? inet:port-number 644 | | +--ro end-port-number? inet:port-number 645 | +--ro external-ip-address inet:ipv6-prefix 646 | +--ro external-port 647 | | +--ro (port-type)? 648 | | +--:(single-port-number) 649 | | | +--ro single-port-number? inet:port-number 650 | | +--:(port-range) 651 | | +--ro start-port-number? inet:port-number 652 | | +--ro end-port-number? inet:port-number 653 | +--ro protocol uint8 654 | +--ro lifetime uint32 655 | +--ro third-party-address? inet:ipv6-prefix 656 | +--ro filter* [filter-id] 657 | | +--ro filter-id uint32 658 | | +--ro remote-ip-prefix inet:ipv6-prefix 659 | | +--ro remote-port-number inet:port-number 660 | +--ro description? string 661 | +--ro prefer-failure-tagged? boolean 662 | +--ro local-assigned-ip-address? inet:ipv6-prefix 663 | +--ro local-assigned-port 664 | | +--ro (port-type)? 665 | | +--:(single-port-number) 666 | | | +--ro single-port-number? inet:port-number 667 | | +--:(port-range) 668 | | +--ro start-port-number? inet:port-number 669 | | +--ro end-port-number? inet:port-number 670 | +--ro status-code? enumeration 671 +--ro traffic-statistics 672 +--ro client-facing-interface 673 | +--ro traffic-statistics 674 | | +--ro sent-packet? yang:zero-based-counter64 675 | | +--ro sent-byte? yang:zero-based-counter64 676 | | +--ro rcvd-packet? yang:zero-based-counter64 677 | | +--ro rcvd-byte? yang:zero-based-counter64 678 | | +--ro dropped-packet? yang:zero-based-counter64 679 | | +--ro dropped-byte? yang:zero-based-counter64 680 | +--ro opcode-statistics 681 | +--ro sent-map? yang:zero-based-counter64 682 | +--ro rcvd-map? yang:zero-based-counter64 683 | +--ro sent-peer? yang:zero-based-counter64 684 | +--ro rcvd-peer? yang:zero-based-counter64 685 | +--ro sent-annonce? yang:zero-based-counter64 686 | +--ro rcvd-announce? yang:zero-based-counter64 687 | +--ro rcvd-unknown? yang:zero-based-counter64 688 | +--ro rcvd-malformed? yang:zero-based-counter64 689 +--ro server-facing-interface 690 | +--ro traffic-statistics 691 | | +--ro sent-packet? yang:zero-based-counter64 692 | | +--ro sent-byte? yang:zero-based-counter64 693 | | +--ro rcvd-packet? yang:zero-based-counter64 694 | | +--ro rcvd-byte? yang:zero-based-counter64 695 | | +--ro dropped-packet? yang:zero-based-counter64 696 | | +--ro dropped-byte? yang:zero-based-counter64 697 | +--ro opcode-statistics 698 | +--ro sent-map? yang:zero-based-counter64 699 | +--ro rcvd-map? yang:zero-based-counter64 700 | +--ro sent-peer? yang:zero-based-counter64 701 | +--ro rcvd-peer? yang:zero-based-counter64 702 | +--ro sent-annonce? yang:zero-based-counter64 703 | +--ro rcvd-announce? yang:zero-based-counter64 704 | +--ro rcvd-unknown? yang:zero-based-counter64 705 | +--ro rcvd-malformed? yang:zero-based-counter64 706 +--ro mapping-table 707 +--ro current-mt-size? yang:zero-based-counter64 708 +--ro max-mt-size? uint32 710 Figure 3: PCP Proxy YANG Data Model 712 2.5. PCP Server 714 Figure 4 depicts the YANG data model for the PCP server. 716 module: ietf-pcp-server 717 +--rw pcp-server-config 718 | +--rw enable? boolean 719 | +--rw pcp-server-instances 720 | +--rw pcp-server-instance* [id] 721 | +--rw id uint32 722 | +--rw name? string 723 | +--rw version* [version] 724 | | +--rw version uint8 725 | +--rw pcp-server-ip-address* [address-id] 726 | | +--rw address-id uint32 727 | | +--rw ip-address? inet:ipv6-address 728 | +--rw authentication-enable? boolean 729 | +--rw opcode-configuration 730 | | +--rw map? boolean 731 | | +--rw peer? boolean 732 | | +--rw announce? boolean 733 | +--rw option-configuration 734 | | +--rw third-party? boolean 735 | | +--rw prefer-failure? boolean 736 | | +--rw filter 737 | | | +--rw filter-enabled boolean 738 | | | +--rw max-filters? uint32 739 | | +--rw port-set-option 740 | | | +--rw port-set-enable boolean 741 | | | +--rw default-port-set-size? uint16 742 | | | +--rw maximum-port-set-size? uint16 743 | | +--rw description 744 | | | +--rw description-enabled boolean 745 | | | +--rw max-description? uint32 746 | | +--rw prefix64-option 747 | | +--rw prefix64-option-enable? boolean 748 | | +--rw prefix64* [prefix64-id] 749 | | +--rw prefix64-id uint32 750 | | +--rw prefix64? inet:ipv6-prefix 751 | | +--rw suffix? yang:hex-string 752 | | +--rw dest-ipv4-prefix* [ipv4-prefix-id] 753 | | +--rw ipv4-prefix-id uint32 754 | | +--rw ipv4-prefix? inet:ipv4-prefix 755 | +--rw port-randomization-enable? boolean 756 | +--rw port-preservation-enable? boolean 757 | +--rw port-parity-preservation-enable? boolean 758 | +--rw nonce-validation-checks-enable? boolean 759 | +--rw subscriber-mask? uint8 760 | +--rw port-quota? uint16 761 | +--rw exclude-ports* [id] 762 | | +--rw id uint16 763 | | +--rw (port-type)? 764 | | +--:(single-port-number) 765 | | | +--rw single-port-number? inet:port-number 766 | | +--:(port-range) 767 | | +--rw start-port-number? inet:port-number 768 | | +--rw end-port-number? inet:port-number 769 | +--rw protocol* [protocol-id] 770 | | +--rw protocol-id uint8 771 | +--rw epoch-set? uint32 772 | +--rw lifetime 773 | | +--rw minimum-lifetime? uint32 774 | | +--rw maximum-lifetime? uint32 775 | +--rw error-lifetime 776 | | +--rw minimum-error-lifetime? uint32 777 | | +--rw maximum-error-lifetime? uint32 778 | +--rw mapping-table 779 | +--rw mapping-entry* [index] 780 | +--rw index uint32 781 | +--rw status? enumeration 782 | +--rw mapping-nonce string 783 | +--rw internal-ip-address inet:ipv6-prefix 784 | +--rw internal-port 785 | | +--rw (port-type)? 786 | | +--:(single-port-number) 787 | | | +--rw single-port-number? inet:port-number 788 | | +--:(port-range) 789 | | +--rw start-port-number? inet:port-number 790 | | +--rw end-port-number? inet:port-number 791 | +--rw external-ip-address inet:ipv6-prefix 792 | +--rw external-port 793 | | +--rw (port-type)? 794 | | +--:(single-port-number) 795 | | | +--rw single-port-number? inet:port-number 796 | | +--:(port-range) 797 | | +--rw start-port-number? inet:port-number 798 | | +--rw end-port-number? inet:port-number 799 | +--rw protocol uint8 800 | +--rw lifetime uint32 801 | +--rw third-party-address? inet:ipv6-prefix 802 | +--rw filter* [filter-id] 803 | | +--rw filter-id uint32 804 | | +--rw remote-ip-prefix inet:ipv6-prefix 805 | | +--rw remote-port-number inet:port-number 806 | +--rw description? string 807 | +--rw prefer-failure-tagged? boolean 808 +--ro pcp-server-state 809 +--ro pcp-server-instances 810 +--ro pcp-server-instance* [id] 811 +--ro id int32 812 +--ro name? string 813 +--ro supported-version* [version] 814 | +--ro version uint8 815 +--ro preferred-version? uint8 816 +--ro configured-pcp-server-ip-address* [address-id] 817 | +--ro address-id uint32 818 | +--ro ip-address? inet:ipv6-address 819 +--ro external-ip-address-pool* [address-id] 820 | +--ro address-id uint32 821 | +--ro external-ip-pool? inet:ipv6-prefix 822 +--ro authentication-support? boolean 823 +--ro opcode-capability 824 | +--ro map? boolean 825 | +--ro peer? boolean 826 | +--ro announce? boolean 827 +--ro option-capability 828 | +--ro third-party? boolean 829 | +--ro prefer-failure? boolean 830 | +--ro filter 831 | | +--ro filter-enabled boolean 832 | | +--ro max-filters? uint32 833 | +--ro port-set? boolean 834 | +--ro description 835 | | +--ro description-enabled boolean 836 | | +--ro max-description? uint32 837 | +--ro prefix64? boolean 838 +--ro port-randomization-support? boolean 839 +--ro port-preservation-suport? boolean 840 +--ro port-parity-preservation-support? boolean 841 +--ro protocol-capabilities* [protocol-id] 842 | +--ro protocol-id uint8 843 +--ro pcp-controlled-function-capability 844 | +--ro nat44? boolean 845 | +--ro nat64? boolean 846 | +--ro ds-lite? boolean 847 | +--ro nptv6? boolean 848 | +--ro ipv4-firewall? boolean 849 | +--ro ipv6-firewall? boolean 850 | +--ro port-range-router? boolean 851 +--ro opcode-configuration 852 | +--ro map? boolean 853 | +--ro peer? boolean 854 | +--ro announce? boolean 855 +--ro option-configuration 856 | +--ro third-party? boolean 857 | +--ro prefer-failure? boolean 858 | +--ro filter 859 | | +--ro filter-enabled boolean 860 | | +--ro max-filters? uint32 861 | +--ro port-set-option 862 | | +--ro port-set-enable boolean 863 | | +--ro default-port-set-size? uint16 864 | | +--ro maximum-port-set-size? uint16 865 | +--ro description 866 | | +--ro description-enabled boolean 867 | | +--ro max-description? uint32 868 | +--ro prefix64-option 869 | +--ro prefix64-option-enable? boolean 870 | +--ro prefix64* [prefix64-id] 871 | +--ro prefix64-id uint32 872 | +--ro prefix64? inet:ipv6-prefix 873 | +--ro suffix? yang:hex-string 874 | +--ro dest-ipv4-prefix* [ipv4-prefix-id] 875 | +--ro ipv4-prefix-id uint32 876 | +--ro ipv4-prefix? inet:ipv4-prefix 877 +--ro authentication-enabled? boolean 878 +--ro port-randomization-enable? boolean 879 +--ro port-preservation-enable? boolean 880 +--ro port-parity-preservation-enable? boolean 881 +--ro enabled-protocol* [protocol-id] 882 | +--ro protocol-id uint8 883 +--ro subscriber-mask-support? boolean 884 +--ro subscriber-mask? uint8 885 +--ro port-quota? uint16 886 +--ro exclude-ports* [id] 887 | +--ro id uint16 888 | +--ro (port-type)? 889 | +--:(single-port-number) 890 | | +--ro single-port-number? inet:port-number 891 | +--:(port-range) 892 | +--ro start-port-number? inet:port-number 893 | +--ro end-port-number? inet:port-number 894 +--ro nonce-validation-checks-enable? boolean 895 +--ro epoch? uint32 896 +--ro lifetime 897 | +--ro minimum-lifetime? uint32 898 | +--ro maximum-lifetime? uint32 899 +--ro error-lifetime 900 | +--ro minimum-error-lifetime? uint32 901 | +--ro maximum-error-lifetime? uint32 902 +--ro mapping-table 903 | +--ro mapping-entry* [index] 904 | +--ro index uint32 905 | +--ro status? enumeration 906 | +--ro mapping-nonce string 907 | +--ro internal-ip-address inet:ipv6-prefix 908 | +--ro internal-port 909 | | +--ro (port-type)? 910 | | +--:(single-port-number) 911 | | | +--ro single-port-number? inet:port-number 912 | | +--:(port-range) 913 | | +--ro start-port-number? inet:port-number 914 | | +--ro end-port-number? inet:port-number 915 | +--ro external-ip-address inet:ipv6-prefix 916 | +--ro external-port 917 | | +--ro (port-type)? 918 | | +--:(single-port-number) 919 | | | +--ro single-port-number? inet:port-number 920 | | +--:(port-range) 921 | | +--ro start-port-number? inet:port-number 922 | | +--ro end-port-number? inet:port-number 923 | +--ro protocol uint8 924 | +--ro lifetime uint32 925 | +--ro third-party-address? inet:ipv6-prefix 926 | +--ro filter* [filter-id] 927 | | +--ro filter-id uint32 928 | | +--ro remote-ip-prefix inet:ipv6-prefix 929 | | +--ro remote-port-number inet:port-number 930 | +--ro description? string 931 | +--ro prefer-failure-tagged? boolean 932 | +--ro status-code? enumeration 933 +--ro traffic-statistics 934 +--ro traffic-statistics 935 | +--ro sent-packet? yang:zero-based-counter64 936 | +--ro sent-byte? yang:zero-based-counter64 937 | +--ro rcvd-packet? yang:zero-based-counter64 938 | +--ro rcvd-byte? yang:zero-based-counter64 939 | +--ro dropped-packet? yang:zero-based-counter64 940 | +--ro dropped-byte? yang:zero-based-counter64 941 +--ro opcode-statistics 942 | +--ro sent-map? yang:zero-based-counter64 943 | +--ro rcvd-map? yang:zero-based-counter64 944 | +--ro sent-peer? yang:zero-based-counter64 945 | +--ro rcvd-peer? yang:zero-based-counter64 946 | +--ro sent-annonce? yang:zero-based-counter64 947 | +--ro rcvd-announce? yang:zero-based-counter64 948 | +--ro rcvd-unknown? yang:zero-based-counter64 949 | +--ro rcvd-malformed? yang:zero-based-counter64 950 +--ro mapping-table 951 | +--ro current-mt-size? yang:zero-based-counter64 952 | +--ro max-mt-size? uint32 953 +--ro port-in-use? percent 955 Figure 4: PCP Server YANG Data Model 957 3. YANG Modules 959 3.1. Common PCP Module 961 file "ietf-pcp@2015-08-05.yang" 962 module ietf-pcp { 963 namespace "urn:ietf:params:xml:ns:yang:ietf-pcp"; 964 prefix pcp; 966 import ietf-inet-types { prefix inet; } 967 import ietf-yang-types { prefix yang; } 969 organization "xxx Working Group"; 970 contact 971 "Mohamed Boucadair 972 Christian Jacquenet "; 974 description 975 "This module embeds the core PCP characteristics, including 976 the description of PCP operations, options and mapping entries. 978 Copyright (c) 2016 IETF Trust and the persons identified as 979 authors of the code. All rights reserved. 981 Redistribution and use in source and binary forms, with or 982 without modification, is permitted pursuant to, and subject 983 to the license terms contained in, the Simplified BSD License 984 set forth in Section 4.c of the IETF Trust's Legal Provisions 985 Relating to IETF Documents 986 (http://trustee.ietf.org/license-info). 988 This version of this YANG module is part of RFC XXXX; see 989 the RFC itself for full legal notices."; 991 revision 2015-08-05 { 992 description "Changes tbc."; 993 reference "tbc"; 994 } 996 /* 997 * Grouping 998 */ 1000 //Description option 1002 grouping description-option { 1003 description 1004 "used to configure DESCRIPTION option [RFC7220]."; 1006 leaf description-enabled { 1007 type boolean; 1008 description 1009 "Enable/disable DESCRIPTION option."; 1010 } 1012 leaf max-description { 1013 type uint32; 1014 description 1015 "Indicates the maximum length of the description 1016 associated with a mapping."; 1017 } 1018 } 1020 //Filter option 1022 grouping filter-option { 1023 description 1024 "FILTER option as defined in [RFC6887]."; 1026 leaf filter-enabled { 1027 type boolean; 1028 description 1029 "Enable/disable FILTER option."; 1030 } 1032 leaf max-filters { 1033 type uint32; 1034 description 1035 "Indicates the maximum number of filters 1036 associated with a mapping."; 1037 } 1038 } 1040 // Port set option 1042 grouping port-set-option { 1043 description 1044 "PORT_SET option [RFC7753]."; 1046 leaf port-set-enable { 1047 type boolean; 1048 description 1049 "Enable/disable PORT_SET option."; 1050 } 1051 leaf default-port-set-size { 1052 type uint16; 1053 description 1054 "Indicates the default size of a port set."; 1055 } 1057 leaf maximum-port-set-size { 1058 type uint16; 1059 description 1060 "Indicates the maximum size of a port set."; 1061 } 1062 } 1064 //Opcodes 1066 grouping opcode { 1067 description 1068 "Indicates the set of supported/enabled PCP opcodes."; 1070 leaf map { 1071 type boolean; 1072 description 1073 "MAP opcode"; 1074 } 1076 leaf peer { 1077 type boolean; 1078 description 1079 "PEER opcode"; 1080 } 1082 leaf announce { 1083 type boolean; 1084 description 1085 "ANNOUNCE opcode."; 1086 } 1087 } 1089 //Options 1091 grouping option { 1092 description 1093 "A set of PCP options."; 1095 leaf third-party { 1096 type boolean; 1097 description 1098 "THIRD_PARTY option is used when a PCP client wants 1099 to control a mapping to an internal host other 1100 than itself [RFC6887]."; 1101 } 1103 leaf prefer-failure { 1104 type boolean; 1105 description 1106 "This option indicates that if the PCP server is unable 1107 to map both the suggested external port and suggested 1108 external address, the PCP server should not create 1109 a mapping. This differs from the behavior without this 1110 option, which is to create a mapping. 1112 PREFER_FAILURE is never necessary for a PCP client to 1113 manage mappings for itself, and its use causes 1114 additional work in the PCP client and in the PCP 1115 server. See Section 13.2 of [RFC6887]."; 1116 } 1118 container filter { 1119 description 1120 "This option indicates that filtering incoming packets 1121 is desired."; 1123 uses filter-option; 1124 } 1126 leaf port-set { 1127 type boolean; 1128 description 1129 "Indicates whether PORT_SET is supported/enabled."; 1131 } 1133 container description { 1134 description 1135 "Associates a description with a mapping [RFC7220]."; 1136 uses description-option; 1137 } 1139 leaf prefix64 { 1140 type boolean; 1141 description 1142 "PREFIX64 PCP option [RFC7225]."; 1143 } 1144 } 1146 // port numbers: single or port range 1147 grouping port-number { 1148 description 1149 "individual port or a range of ports."; 1151 choice port-type { 1152 default single-port-number; 1153 description 1154 "port type: single or port-range."; 1156 case single-port-number { 1157 leaf single-port-number { 1158 type inet:port-number; 1159 description 1160 "used for single port numbers."; 1161 } 1162 } 1164 case port-range { 1165 leaf start-port-number { 1166 type inet:port-number; 1167 description 1168 "Begining of the port range."; 1169 } 1171 leaf end-port-number { 1172 type inet:port-number; 1173 description 1174 "End of the port range."; 1175 } 1176 } 1177 } 1178 } 1180 // Filter 1182 grouping filter { 1183 description 1184 "The remote peer IP address and remote peer port of 1185 the FILTER option indicate the permitted remote peer's 1186 source IP address and source port for packets from 1187 the Internet; other traffic from other addresses 1188 is blocked."; 1190 leaf filter-id { 1191 type uint32; 1192 description 1193 "An identifier of the filter."; 1194 } 1195 leaf remote-ip-prefix { 1196 type inet:ipv6-prefix; 1197 description 1198 "The IP address of the remote peer."; 1200 } 1202 leaf remote-port-number { 1203 type inet:port-number; 1204 description 1205 "The port number of the remote peer. Value 0 1206 indicates 'all ports'."; 1207 } 1208 } 1210 // PCP mapping entry 1212 grouping mapping-entry { 1213 description 1214 "A PCP mapping entry."; 1216 leaf index { 1217 type uint32; 1218 description 1219 "A unique identifier of a mapping entry."; 1220 } 1222 leaf status { 1223 type enumeration { 1225 enum "disabled" { 1226 description 1227 "The mapping entry is not in use (Disabled)."; 1228 } 1230 enum "requested" { 1231 description 1232 "A PCP request has been sent for this mapping. 1233 Still waiting for a response from the server."; 1234 } 1236 enum "assigned" { 1237 description 1238 "This mapping has been granted by the server."; 1239 } 1241 enum "stale" { 1242 description 1243 "This is a stale mapping (case of reboot)."; 1244 } 1245 } 1246 description 1247 "Indicates the status of a mapping entry."; 1248 } 1250 leaf mapping-nonce { 1251 type string; 1252 description 1253 "A random value chosen by the PCP client"; 1254 } 1256 leaf internal-ip-address { 1257 type inet:ipv6-prefix; 1258 description 1259 "Corresponds to the PCP Client's IP Address 1260 defined in [RFC6887]."; 1261 } 1263 container internal-port { 1264 description 1265 "Internal port for the mapping. Value 0 indicates 1266 'all ports', and is legal when the lifetime is zero 1267 (a delete request), if the protocol does not use 1268 16-bit port numbers, or the client is requesting 1269 'all ports'. If the protocol is zero 1270 (meaning 'all protocols'), then internal port 1271 is set to zero."; 1273 uses port-number; 1274 } 1276 leaf external-ip-address { 1277 type inet:ipv6-prefix; 1278 description 1279 "External IP address. Can be 'Suggested' or 'Assigned'. 1281 It can be set by a client to stale-ip-address, if available 1282 or to (::) (for requesting external IPv6 addresses) 1283 or (::ffff:0:0) (for requesting external IPv4 addresses)."; 1284 } 1286 container external-port { 1287 description 1288 "External port number. Can be 'Suggested' or 'Assigned'."; 1290 uses port-number; 1292 } 1294 leaf protocol { 1295 type uint8; 1296 description 1297 "Upper-layer protocol associated with this Opcode. 1298 Values are taken from the IANA protocol registry. 1299 For example, this field contains 6 (TCP) if the Opcode 1300 is intended to create a TCP mapping. This field contains 1301 17 (UDP) if the Opcode is intended to create a UDP mapping. 1302 The value 0 has a special meaning for 'all protocols'."; 1303 } 1305 leaf lifetime { 1306 type uint32; 1307 description 1308 "Lifetime of the mapping. 1309 Can be requested/assigned/remaining"; 1310 } 1312 leaf third-party-address { 1313 type inet:ipv6-prefix; 1314 description 1315 "used to indicate the internal IP address 1316 when THIRD_PARTY is in use."; 1317 } 1319 list filter { 1320 key filter-id; 1322 description 1323 "a list of filters associated with the mapping."; 1324 uses filter; 1325 } 1327 leaf description { 1328 type string; 1329 description 1330 "a description string associated with the mapping."; 1331 } 1333 leaf prefer-failure-tagged { 1334 type boolean; 1335 description 1336 "a tag which indicates whether PREFER_FAILURE 1337 is (to be) used."; 1338 } 1339 } 1340 // PCP result code 1342 grouping status-code { 1344 description 1345 "stores the result status code"; 1347 leaf status-code { 1348 type enumeration { 1349 enum "SUCCESS" { 1350 description 1351 "Success"; 1352 } 1354 enum "unsupported-version" { 1355 description 1356 "The version number at the start of the PCP Request 1357 header is not recognized by this PCP server. 1358 This is a long lifetime error."; 1359 } 1361 enum "not-authorized" { 1362 description 1363 "The requested operation is disabled for this PCP 1364 client, or the PCP client requested an operation 1365 that cannot be fulfilled by the PCP server's 1366 security policy. 1368 This is a long lifetime error."; 1369 } 1371 enum "malformed-request" { 1372 description 1373 "The request could not be successfully parsed. 1375 This is a long lifetime error."; 1376 } 1378 enum "unsupported-opcode" { 1379 description 1380 "Unsupported Opcode. 1381 This is a long lifetime error."; 1382 } 1384 enum "unsupported-option" { 1385 description 1386 "Unsupported option. This error only occurs if 1387 the option is in the mandatory-to-process range. 1389 This is a long lifetime error."; 1390 } 1392 enum "malformed-option" { 1393 description 1394 "Malformed option (e.g., appears too many times, 1395 invalid length). 1397 This is a long lifetime error."; 1398 } 1400 enum "network-failure" { 1401 description 1402 "The PCP server or the device it controls is 1403 experiencing a network failure of some sort 1404 (e.g., has not yet obtained an external 1405 IP address). 1407 This is a short lifetime error."; 1408 } 1410 enum "no-resources" { 1411 description 1412 "Request is well-formed and valid, but the server 1413 has insufficient resources to complete 1414 the requested operation at this time. 1416 For example, the NAT device cannot create more 1417 mappings at this time, is short of CPU cycles 1418 or memory, or is unable to handle the request 1419 due to some other temporary condition. 1420 The same request may succeed in the future. 1421 This is a system-wide error, different from 1422 USER_EX_QUOTA. This can be used as a 1423 catch-all error, should no other error 1424 message be suitable. 1426 This is a short lifetime error."; 1427 } 1429 enum "unsupported-protocol" { 1430 description 1431 "Unsupported transport protocol, e.g., 1432 SCTP in a NAT that handles only UDP and TCP. 1434 This is a long lifetime error."; 1435 } 1436 enum "ex-quota" { 1437 description 1438 "This attempt to create a new mapping would 1439 exceed this subscriber's port quota. 1441 This is a short lifetime error."; 1442 } 1444 enum "cannot-provide-external" { 1445 description 1446 "The suggested external port and/or 1447 external address cannot be provided. 1448 This error must only be returned for: 1449 * MAP requests that included the 1450 PREFER_FAILURE option 1451 * MAP requests for the SCTP protocol 1452 (PREFER_FAILURE is implied) 1453 * PEER requests."; 1454 } 1456 enum "address-mismatch" { 1457 description 1458 "The source IP address of the request 1459 packet does not match the contents of the 1460 PCP Client's IP Address field, due to an 1461 unexpected NAT on the path between the PCP 1462 client and the PCP-controlled NAT or firewall. 1464 This is a long lifetime error."; 1465 } 1467 enum "extensive-remote-peer" { 1468 description 1469 "The PCP server was not able to create the 1470 filters in this request. This result code must 1471 only be returned if the MAP request contained 1472 the FILTER option. 1474 This is a long lifetime error."; 1475 } 1476 } 1477 description 1478 "result status code."; 1479 } 1480 } 1482 // PCP servers list 1483 grouping pcp-server-address { 1485 description 1486 "A list of PCP servers. Each PCP server can be identified 1487 by one or multiple IP addresses."; 1489 leaf pcp-server-id { 1490 type uint32; 1491 description 1492 "A unique identifier."; 1493 } 1495 list pcp-server-ip-address { 1497 key address-id; 1499 description 1500 "a list of IP addresses of a PCP server"; 1502 leaf address-id { 1503 type uint32; 1504 description 1505 "An identifier"; 1506 } 1508 leaf ip-address { 1509 type inet:ipv6-address; 1510 description 1511 "An IP address of a PCP server."; 1512 } 1513 } 1515 leaf external-address-familly { 1516 type inet:ip-version; 1517 description 1518 "The address family of the external address(es) 1519 managed by the PCP server. 1520 Can be IPv4, IPv6 or both."; 1521 } 1523 leaf stale-external-ip-address { 1524 type inet:ipv6-prefix; 1525 description 1526 "A stale address that can be used by the PCP client 1527 to be assigned the same address upon reboot 1528 or other failure events."; 1529 } 1530 } 1531 // status of the communication with configured PCP servers 1533 grouping pcp-server-address-status { 1535 description 1536 "Groups the status of the communication between 1537 a PCP client a server."; 1539 uses pcp-server-address; 1541 leaf source { 1542 type enumeration { 1543 enum "manual-configuration"{ 1544 description 1545 "The server has been manually configured."; 1546 } 1548 enum "dhcpv6"{ 1549 description 1550 "Retrieved from DHCPv6 [RFC7291]."; 1551 } 1553 enum "dhcpv4"{ 1554 description 1555 "Retrieved from DHCPv4 [RFC7291]."; 1556 } 1558 enum "else"{ 1559 description 1560 "Else (e.g., TR-96.)"; 1561 } 1562 } 1563 description 1564 "source of the PCP server reachability information."; 1565 } 1567 leaf in-use { 1568 type boolean; 1569 description 1570 "Indicates whether this in-use instance of the server 1571 is the result of the selection 1572 process defined in [RFC7488]."; 1573 } 1575 leaf server-epoch { 1576 type uint32; 1577 description 1578 "The PCP server's Epoch."; 1580 } 1582 leaf client-epoch { 1583 type uint32; 1584 description 1585 "The PCP client's Epoch."; 1586 } 1588 leaf current-version { 1589 type uint8; 1590 description 1591 "The version that is selected as per the version negotiation 1592 procedure specified in Section 9 of [RFC6877]."; 1593 } 1594 } 1596 // type of the PCP-controlled function. 1598 grouping pcp-controlled-function { 1599 description 1600 "A set of PCP-controlled functions. 1601 One or multiple functions can be controlled 1602 by the same PCP server. "; 1604 leaf nat44 { 1605 type boolean; 1606 description 1607 "NAT44"; 1608 } 1610 leaf nat64 { 1611 type boolean; 1612 description 1613 "NAT64"; 1614 } 1616 leaf ds-lite { 1617 type boolean; 1618 description 1619 "DS-Lite"; 1620 } 1622 leaf nptv6 { 1623 type boolean; 1624 description 1625 "NPTv6"; 1626 } 1627 leaf ipv4-firewall { 1628 type boolean; 1629 description 1630 "IPv4 firewall"; 1631 } 1633 leaf ipv6-firewall { 1634 type boolean; 1635 description 1636 "IPv6 firewall"; 1637 } 1639 leaf port-range-router { 1640 type boolean; 1641 description 1642 "Port Range Router"; 1643 } 1644 } 1646 // traffic statistics 1648 grouping traffic-stat { 1649 description 1650 "Groups a set of statistics."; 1652 container traffic-statistics { 1653 description 1654 "Generic traffic statistics."; 1656 leaf sent-packet { 1657 type yang:zero-based-counter64; 1658 description 1659 "Packets sent"; 1660 } 1662 leaf sent-byte { 1663 type yang:zero-based-counter64; 1664 description 1665 "Counter for sent traffic in bytes."; 1666 } 1668 leaf rcvd-packet { 1669 type yang:zero-based-counter64; 1670 description 1671 "Counter for received packets."; 1672 } 1673 leaf rcvd-byte { 1674 type yang:zero-based-counter64; 1675 description 1676 "Counter for received traffic in bytes."; 1677 } 1679 leaf dropped-packet { 1680 type yang:zero-based-counter64; 1681 description 1682 "Counter for dropped packets."; 1683 } 1685 leaf dropped-byte { 1686 type yang:zero-based-counter64; 1687 description 1688 "Counter for dropped traffic in bytes."; 1689 } 1690 } 1692 container opcode-statistics { 1693 description 1694 "Opcode-related statistics."; 1696 leaf sent-map { 1697 type yang:zero-based-counter64; 1698 description 1699 "Counter for sent MAP messages"; 1700 } 1702 leaf rcvd-map { 1703 type yang:zero-based-counter64; 1704 description 1705 "Counter for received MAP messages"; 1706 } 1708 leaf sent-peer { 1709 type yang:zero-based-counter64; 1710 description 1711 "Counter for sent PEER messages"; 1712 } 1714 leaf rcvd-peer { 1715 type yang:zero-based-counter64; 1716 description 1717 "Counter for received PEER messages"; 1718 } 1720 leaf sent-annonce { 1721 type yang:zero-based-counter64; 1722 description 1723 "Counter for sent ANNOUNCE messages"; 1724 } 1726 leaf rcvd-announce { 1727 type yang:zero-based-counter64; 1728 description 1729 "Counter for received ANNOUNCED messages"; 1730 } 1732 leaf rcvd-unknown { 1733 type yang:zero-based-counter64; 1734 description 1735 "Counter for received unknown opcodes"; 1736 } 1738 leaf rcvd-malformed { 1739 type yang:zero-based-counter64; 1740 description 1741 "Counter for received malformed opcodes"; 1742 } 1743 } 1744 } 1746 // mapping table statistics 1748 grouping mapping-table-stats { 1749 description 1750 "PCP mapping table related statistics."; 1752 leaf current-mt-size { 1753 type yang:zero-based-counter64; 1754 description 1755 "Size of the mapping table"; 1756 } 1758 leaf max-mt-size { 1759 type uint32; 1760 description 1761 "Maximum configured size of the mapping table."; 1762 } 1763 } 1765 // PCP versions 1767 grouping pcp-version { 1768 description 1769 "PCP version(s)"; 1771 leaf version { 1772 type uint8; 1773 description 1774 "Indicates a PCP server. 1775 Current versions are: 0, 1, and 2."; 1776 } 1777 } 1778 } 1779 1781 3.2. PCP Client 1783 file "ietf-pcp-client@2015-08-05.yang" 1784 module ietf-pcp-client { 1785 namespace "urn:ietf:params:xml:ns:yang:ietf-pcp-client"; 1786 prefix pcp-client; 1788 import ietf-inet-types { prefix inet; } 1789 import ietf-pcp { prefix pcp; } 1791 organization "N/A Working Group"; 1792 contact 1793 "Mohamed Boucadair 1794 Christian Jacquenet "; 1796 description 1797 "This module contains a collection of YANG definitions for 1798 PCP client implementations. 1800 Copyright (c) 2016 IETF Trust and the persons identified as 1801 authors of the code. All rights reserved. 1803 Redistribution and use in source and binary forms, with or 1804 without modification, is permitted pursuant to, and subject 1805 to the license terms contained in, the Simplified BSD License 1806 set forth in Section 4.c of the IETF Trust's Legal Provisions 1807 Relating to IETF Documents 1808 (http://trustee.ietf.org/license-info). 1810 This version of this YANG module is part of RFC XXXX; see 1811 the RFC itself for full legal notices."; 1813 revision 2015-08-05 { 1814 description "Changes tbc."; 1815 reference "tbc"; 1817 } 1819 /* 1820 *PCP Configuration 1821 */ 1823 container pcp-client-config { 1824 description 1825 "PCP client configuration"; 1827 leaf enable { 1828 type boolean; 1829 description 1830 "Enable/disable the PCP client."; 1831 } 1833 leaf description { 1834 type string; 1835 description 1836 "Associated a description with the module."; 1837 } 1839 container pcp-client-instances { 1840 description 1841 "A set of PCP client instances."; 1843 list pcp-client-instance { 1844 key "id"; 1846 description 1847 "A PCP client instance."; 1849 leaf id { 1850 type uint32; 1851 description 1852 "An identifier of the PCP client instance."; 1853 } 1855 leaf name { 1856 type string; 1857 description 1858 "A name of the PCP client instance."; 1859 } 1861 list version { 1862 key version; 1863 description 1864 "Indicates the set of supported PCP versions 1865 (0, 1, 2)"; 1867 uses pcp:pcp-version; 1868 } 1870 list pcp-servers { 1871 key "pcp-server-id"; 1872 description 1873 "List of provisioned PCP servers."; 1874 uses pcp:pcp-server-address; 1875 } 1877 leaf authentication-enable { 1878 type boolean; 1879 description 1880 "Enable/Disable PCP authentication."; 1881 } 1883 container opcode-configuration { 1884 description 1885 "Opcode-related configuration"; 1886 uses pcp:opcode; 1887 } 1889 container option-configuration { 1890 description 1891 "Options-related configuration."; 1892 uses pcp:option; 1893 } 1895 container mapping-table { 1896 description 1897 "Mapping table maintained by a PCP client 1898 instance."; 1900 list mapping-entry { 1901 key "index"; 1902 description 1903 "PCP Mapping entry."; 1904 uses pcp:mapping-entry; 1905 } 1906 } 1907 } 1908 } 1909 } 1911 /* 1912 * PCP state 1913 */ 1915 container pcp-client-state { 1917 config false; 1919 description 1920 "PCP client state"; 1922 container pcp-client-instances { 1923 description 1924 "PCP client instances"; 1926 list pcp-client-instance { 1928 key "id"; 1930 description 1931 "PCP client instance"; 1933 leaf id { 1934 type int32; 1935 description 1936 "PCP client instance identifier."; 1937 } 1939 leaf name { 1940 type string; 1941 description 1942 "A name associated with the PCP client instance."; 1943 } 1945 list pcp-client-ip-address { 1947 key address-id; 1949 description 1950 "list of configured PCP client addresses."; 1952 leaf address-id { 1953 type uint32; 1954 description 1955 "Address identifier"; 1956 } 1958 leaf ip-address { 1959 type inet:ipv6-address; 1960 description 1961 "IP address"; 1962 } 1963 } 1965 list supported-version { 1966 key version; 1967 description 1968 "list of supported PCP versions"; 1969 uses pcp:pcp-version; 1970 } 1972 leaf preferred-version { 1973 type uint8; 1974 description 1975 "The preferred version configured 1976 by an administrator."; 1977 } 1979 list pcp-server-address { 1980 key "pcp-server-id"; 1981 description 1982 "list of provisioned PCP server."; 1984 uses pcp:pcp-server-address-status; 1985 } 1987 leaf authentication-support { 1988 type boolean; 1989 description 1990 "Indicates whether PCP authentication is 1991 supported."; 1992 } 1994 container opcode-capability { 1995 description 1996 "Opcode-related capabilities."; 1997 uses pcp:opcode; 1998 } 2000 container option-capability { 2001 description 2002 "Option-related capabilities"; 2003 uses pcp:option; 2004 } 2006 container opcode-configuration { 2007 description 2008 "Opcode-related configuration."; 2009 uses pcp:opcode; 2010 } 2012 container option-configuration { 2013 description 2014 "Option-related configuration."; 2016 uses pcp:option; 2017 } 2019 leaf authentication-enabled { 2020 type boolean; 2021 description 2022 "Enable/disable PCP authentication"; 2023 } 2025 container mapping-table { 2026 description 2027 "Mapping table"; 2029 list mapping-entry { 2030 key "index"; 2031 description 2032 "Mapping entry"; 2034 uses pcp:mapping-entry; 2035 uses pcp:status-code; 2036 } 2037 } 2039 container traffic-statistics { 2040 description 2041 "traffic statistics."; 2043 uses pcp:traffic-stat; 2045 container mapping-table { 2046 description 2047 "mapping table related statistics."; 2049 uses pcp:mapping-table-stats; 2050 } 2051 } 2052 } 2053 } 2054 } 2055 } 2056 2058 3.3. UPnP IGD/PCP Interworking Function 2060 file "ietf-pcp-iwf@2015-08-05.yang" 2061 module ietf-pcp-iwf { 2062 namespace "urn:ietf:params:xml:ns:yang:ietf-pcp-iwf"; 2063 prefix pcp-iwf; 2065 import ietf-inet-types { prefix inet; } 2066 import ietf-pcp { prefix pcp; } 2068 organization "xxxx Working Group"; 2069 contact 2070 "Mohamed Boucadair 2071 Christian Jacquenet "; 2073 description 2074 "This module contains a collection of YANG definitions for 2075 UPnP IGD/PCP Interworking implementations. 2077 Copyright (c) 2016 IETF Trust and the persons identified as 2078 authors of the code. All rights reserved. 2080 Redistribution and use in source and binary forms, with or 2081 without modification, is permitted pursuant to, and subject 2082 to the license terms contained in, the Simplified BSD License 2083 set forth in Section 4.c of the IETF Trust's Legal Provisions 2084 Relating to IETF Documents 2085 (http://trustee.ietf.org/license-info). 2087 This version of this YANG module is part of RFC XXXX; see 2088 the RFC itself for full legal notices."; 2090 revision 2015-08-05 { 2091 description "Changes xxxx."; 2092 reference "xxxx"; 2093 } 2095 // IGD versions 2097 grouping igd-version { 2098 description 2099 "UPnp IGD Version"; 2101 leaf igd-version { 2102 type enumeration { 2104 enum "igd:1" { 2105 description 2106 "UPnP IGD:1"; 2107 } 2109 enum "igd:2" { 2110 description 2111 "UPnP IGD:2"; 2112 } 2114 enum "both" { 2115 description 2116 "UPnP IGD:1 and UPnP IGD:2"; 2117 } 2118 } 2119 description 2120 "UPnP IGD Version"; 2121 } 2122 } 2124 /* 2125 *PCP Configuration 2126 */ 2128 container pcp-iwf-config { 2129 description 2130 "UPnP IGD/PCP Interworking Function"; 2132 leaf enable { 2133 type boolean; 2134 description 2135 "Enable/Disable the UPnP IGD-PCP IWF"; 2136 } 2138 container pcp-igd-iwf-instances { 2139 description 2140 "UPnP IGD/PCP Interworking Function instances"; 2142 list pcp-igd-iwf-instance { 2143 key "id"; 2145 description 2146 "UPnP IGD/PCP Interworking Function instance"; 2148 leaf id { 2149 type uint32; 2150 description 2151 "An identifier of the IWF instance."; 2152 } 2154 leaf name { 2155 type string; 2156 description 2157 "A name of the UPnP IGD-PCP IWF instance"; 2158 } 2160 list version { 2161 key version; 2162 description 2163 "configures one or several PCP versions."; 2165 uses pcp:pcp-version; 2166 } 2168 list pcp-servers { 2169 key "pcp-server-id"; 2170 description 2171 "List of configured PCP servers."; 2172 uses pcp:pcp-server-address; 2173 } 2175 leaf authentication-enable { 2176 type boolean; 2177 description 2178 "Enable/disable PCP authentication"; 2179 } 2181 container igd-version { 2182 description 2183 "Configure UPnP IGD version(s)."; 2185 uses igd-version; 2186 } 2188 container mapping-table { 2189 description 2190 "Mapping table as maintained by a 2191 UPnP IGD-PCP IWF instance"; 2193 list mapping-entry { 2194 key "index"; 2195 description 2196 "PCP Mapping Entry."; 2198 leaf igd-control-point-address { 2199 type inet:ip-address; 2200 description 2201 "IP address of the UPnP Control Point."; 2202 } 2204 leaf igd-control-point-port { 2205 type inet:port-number; 2206 description 2207 "Port number"; 2208 } 2209 uses pcp:mapping-entry; 2210 } 2211 } 2212 } 2213 } 2214 } 2216 /* 2217 * PCP state 2218 */ 2220 container pcp-iwf-state { 2222 config false; 2224 description 2225 "UPnP IGD/PCP Interworking Function"; 2227 container pcp-igd-iwf-instances { 2228 description 2229 "UPnP IGD/PCP Interworking Function instances"; 2231 list pcp-igd-iwf-instance { 2233 key "id"; 2234 description 2235 "UPnP IGD/PCP Interworking Function instance"; 2237 leaf id { 2238 type int32; 2239 description 2240 "the identifier of the instance"; 2241 } 2243 leaf name { 2244 type string; 2245 description 2246 "the name of the instance"; 2247 } 2249 list supported-version { 2250 key version; 2251 description 2252 "list of supported PCP versions."; 2254 uses pcp:pcp-version; 2255 } 2257 leaf preferred-version { 2258 type uint8; 2259 description 2260 "Preferred version"; 2261 } 2263 list pcp-igd-iwf-ip-address { 2265 key address-id; 2267 description 2268 "local IP addresses of the UPnP IGD-PCP IWF"; 2270 leaf address-id { 2271 type uint32; 2272 description 2273 "An identifier of the address"; 2274 } 2276 leaf ip-address { 2277 type inet:ipv6-address; 2278 description 2279 "An address of the UPnP IGD-PCP IWF"; 2280 } 2281 } 2283 leaf authentication-support { 2284 type boolean; 2285 description 2286 "Indicates whether PCP authentication is 2287 supported."; 2288 } 2290 leaf authentication-enabled{ 2291 type boolean; 2292 description 2293 "Indicates whether PCP authentication 2294 is enabled."; 2295 } 2297 container igd-version-capability { 2298 description 2299 "List of supported UPnP IGD versions."; 2301 uses igd-version; 2302 } 2304 container enabled-igd-version { 2305 description 2306 "Configured UPnP IGD versions"; 2308 uses igd-version; 2309 } 2311 list pcp-server-address { 2312 key "pcp-server-id"; 2313 description 2314 "List of provisioned PCP servers"; 2316 uses pcp:pcp-server-address-status; 2317 } 2319 container mapping-table { 2320 description 2321 "PCP Mapping table"; 2323 list mapping-entry { 2324 key "index"; 2325 description 2326 "PCP mapping entry."; 2328 uses pcp:mapping-entry; 2329 uses pcp:status-code; 2331 leaf igd-control-point-address { 2332 type inet:ip-address; 2333 description 2334 "The IP address of a UPnP Control Point"; 2335 } 2337 leaf igd-control-point-port { 2338 type inet:port-number; 2339 description 2340 "The port number of a UPnP Control Point"; 2341 } 2343 } 2344 } 2346 container traffic-statistics { 2348 description 2349 "traffic statistics"; 2351 uses pcp:traffic-stat; 2353 container mapping-table { 2354 description 2355 "Mapping table related statistics"; 2357 uses pcp:mapping-table-stats; 2358 } 2359 } 2360 } 2361 } 2362 } 2363 } 2364 2366 3.4. PCP Proxy 2368 file "ietf-pcp-proxy@2015-08-05.yang" 2369 module ietf-pcp-proxy { 2370 namespace "urn:ietf:params:xml:ns:yang:ietf-pcp-proxy"; 2371 prefix pcp-proxy; 2373 import ietf-inet-types { prefix inet; } 2374 import ietf-pcp { prefix pcp; } 2376 organization "xxxx Working Group"; 2377 contact 2378 "Mohamed Boucadair 2379 Christian Jacquenet "; 2381 description 2382 "This module contains a collection of YANG definitions for 2383 PCP proxy implementations. 2385 Copyright (c) 2016 IETF Trust and the persons identified as 2386 authors of the code. All rights reserved. 2388 Redistribution and use in source and binary forms, with or 2389 without modification, is permitted pursuant to, and subject 2390 to the license terms contained in, the Simplified BSD License 2391 set forth in Section 4.c of the IETF Trust's Legal Provisions 2392 Relating to IETF Documents 2393 (http://trustee.ietf.org/license-info). 2395 This version of this YANG module is part of RFC XXXX; see 2396 the RFC itself for full legal notices."; 2398 revision 2015-08-05 { 2399 description "Changes xxxx."; 2400 reference "xxxx"; 2401 } 2403 /* 2404 *PCP Configuration 2405 */ 2407 container pcp-proxy-config { 2408 description 2409 "PCP proxy"; 2411 leaf enable { 2412 type boolean; 2413 description 2414 "Enable/Disable PCP proxy"; 2415 } 2417 leaf description { 2418 type string; 2419 description 2420 "Associated a description with the module."; 2421 } 2423 container pcp-proxy-instances { 2424 description 2425 "PCP proxy instances"; 2427 list pcp-proxy-instance { 2428 key "id"; 2429 description 2430 "PCP proxy instance"; 2432 leaf id { 2433 type uint32; 2434 description 2435 "An identifier of the PCP proxy instance"; 2436 } 2438 leaf name { 2439 type string; 2440 description 2441 "A name of the PCP proxy instance"; 2442 } 2444 list version { 2445 key version; 2446 description 2447 "Supported PCP versions."; 2448 uses pcp:pcp-version; 2449 } 2451 list pcp-servers { 2452 key "pcp-server-id"; 2453 description 2454 "List of provisioned PCP servers."; 2455 uses pcp:pcp-server-address; 2456 } 2458 leaf authentication-enable { 2459 type boolean; 2460 description 2461 "Enable/disable PCP authentication."; 2462 } 2464 container opcode-configuration { 2465 description 2466 "Opcode-related configuration"; 2467 uses pcp:opcode; 2469 leaf relay-unknown-opcode { 2470 type boolean; 2471 description 2472 "The proxy can be instructed to relay 2473 or to reject unknown opcodes."; 2474 } 2475 } 2476 } 2478 container option-configuration { 2479 description 2480 "Option-related configuration"; 2481 uses pcp:option; 2483 leaf relay-mandatory-unknown-option { 2484 type boolean; 2485 description 2486 "The proxy can be instructed to relay or 2487 to reject mandatory unknown options."; 2488 } 2490 leaf relay-optionnal-unknown-option { 2491 type boolean; 2492 description 2493 "The proxy can be instructed to relay or 2494 to reject optional unknown options."; 2495 } 2496 } 2498 leaf terminate-proxy-recursion { 2499 type boolean; 2500 description 2501 "The proxy can be instructed to terminate 2502 proxy recursion."; 2503 } 2505 container mapping-table { 2506 description 2507 "PCP mapping table maintained by the PCP proxy"; 2509 list mapping-entry { 2510 key "index"; 2511 description 2512 "PCP mapping entry"; 2514 uses pcp:mapping-entry; 2516 leaf local-assigned-ip-address { 2517 type inet:ipv6-prefix; 2518 description 2519 "If the local PCP-controlled function 2520 alters the source IP address, this 2521 information must be stored."; 2522 } 2524 container local-assigned-port { 2525 description 2526 "If the local PCP-controlled function 2527 alters the source port, this 2528 information must be stored."; 2530 uses pcp:port-number; 2531 } 2533 } 2535 } 2536 } 2537 } 2539 /* 2540 * PCP state 2541 */ 2543 container pcp-proxy-state { 2545 config false; 2547 description 2548 "PCP proxy"; 2550 container pcp-proxy-instances { 2551 description 2552 "PCP proxy Instances"; 2554 list pcp-proxy-instance { 2556 key "id"; 2557 description 2558 "PCP proxy Instance"; 2560 leaf id { 2561 type int32; 2562 description 2563 "Identifier"; 2564 } 2566 leaf name { 2567 type string; 2568 description 2569 "Name of the PCP proxy Instance"; 2570 } 2572 list supported-version { 2573 key version; 2574 description 2575 "List of supported versions"; 2577 uses pcp:pcp-version; 2578 } 2580 leaf preferred-version { 2581 type uint8; 2582 description 2583 "Configured preferred version"; 2584 } 2586 list pcp-proxy-ip-address { 2588 key address-id; 2590 description 2591 "List of configured addresses to the 2592 PCP proxy instance."; 2594 leaf address-id { 2595 type uint32; 2596 description 2597 "An identifier"; 2598 } 2600 leaf pcp-proxy-ip-address { 2601 type inet:ipv6-address; 2602 description 2603 "An address"; 2604 } 2605 } 2607 list pcp-server-address { 2608 key "pcp-server-id"; 2609 description 2610 "list of provisioned PCP servers."; 2612 uses pcp:pcp-server-address-status; 2613 } 2615 leaf authentication-support { 2616 type boolean; 2617 description 2618 "Indicates whether PCP authentication is 2619 enabled/disabled."; 2620 } 2622 container pcp-controlled-function-capability { 2623 description 2624 "list of controlled local functions."; 2626 uses pcp:pcp-controlled-function; 2627 } 2629 container opcode-capability { 2630 description 2631 "Opcode-related capabilities."; 2633 uses pcp:opcode; 2635 leaf relay-unknown-opcode { 2636 type boolean; 2637 description 2638 "instruction related to the processing of unknown 2639 opcodes."; 2640 } 2641 } 2643 container option-capability { 2644 description 2645 "Option-related capabilities."; 2647 uses pcp:option; 2649 leaf relay-mandatory-unknown-option { 2650 type boolean; 2651 description 2652 "instruction related to the processing 2653 of mandatory unknown options."; 2654 } 2656 leaf relay-optionnal-unknown-option { 2657 type boolean; 2658 description 2659 "instruction related to the processing 2660 of optional unknown options."; 2661 } 2662 } 2664 container opcode-configuration { 2665 description 2666 "opcode-related configurations."; 2667 uses pcp:opcode; 2668 } 2670 container option-configuration { 2671 description 2672 "opcode-related configurations."; 2674 uses pcp:option; 2676 leaf relay-mandatory-unknown-option { 2677 type boolean; 2679 description 2680 "instruction related to the processing 2681 of mandatory unknown options."; 2682 } 2684 leaf relay-optionnal-unknown-option { 2685 type boolean; 2686 description 2687 "instruction related to the processing 2688 of optional unknown options."; 2689 } 2690 } 2692 leaf authentication-enabled { 2693 type boolean; 2694 description 2695 "status of the PCP authentication activation"; 2696 } 2698 leaf terminate-proxy-recursion-status { 2699 type boolean; 2700 description 2701 "Indicates whether recursion is 2702 terminated or not"; 2703 } 2705 container mapping-table { 2706 description 2707 "mapping table"; 2708 list mapping-entry { 2709 key "index"; 2710 description 2711 "mapping entry"; 2712 uses pcp:mapping-entry; 2714 leaf local-assigned-ip-address { 2715 type inet:ipv6-prefix; 2716 description 2717 "An address assigned locally by 2718 the proxy"; 2719 } 2721 container local-assigned-port { 2722 description 2723 "a port assigned locally by the proxy"; 2725 uses pcp:port-number; 2726 } 2727 uses pcp:status-code; 2728 } 2729 } 2731 container traffic-statistics { 2733 description 2734 "traffic statistics"; 2736 container client-facing-interface { 2737 description 2738 "traffic statistics in the client-facing 2739 interface"; 2741 uses pcp:traffic-stat; 2742 } 2744 container server-facing-interface { 2745 description 2746 "traffic statistics in the server-facing 2747 interface"; 2748 uses pcp:traffic-stat; 2749 } 2751 container mapping-table { 2752 description 2753 "mapping table statistics"; 2754 uses pcp:mapping-table-stats; 2755 } 2756 } 2757 } 2758 } 2759 } 2760 } 2761 2763 3.5. PCP Server 2765 file "ietf-pcp-server@2015-08-05.yang" 2766 module ietf-pcp-server { 2767 namespace "urn:ietf:params:xml:ns:yang:ietf-pcp-server"; 2768 prefix pcp-server; 2770 import ietf-inet-types { prefix inet; } 2771 import ietf-yang-types { prefix yang; } 2772 import ietf-pcp { prefix pcp; } 2774 organization "xxxx Working Group"; 2775 contact 2776 "Mohamed Boucadair 2777 Christian Jacquenet "; 2779 description 2780 "This module contains a collection of YANG definitions for 2781 PCP server implementations. 2783 Copyright (c) 2016 IETF Trust and the persons identified as 2784 authors of the code. All rights reserved. 2786 Redistribution and use in source and binary forms, with or 2787 without modification, is permitted pursuant to, and subject 2788 to the license terms contained in, the Simplified BSD License 2789 set forth in Section 4.c of the IETF Trust's Legal Provisions 2790 Relating to IETF Documents 2791 (http://trustee.ietf.org/license-info). 2793 This version of this YANG module is part of RFC XXXX; see 2794 the RFC itself for full legal notices."; 2796 revision 2015-08-05 { 2797 description "Changes xxxx."; 2798 reference "xxxx"; 2799 } 2801 // Typedef 2803 typedef percent { 2804 type uint8 { 2805 range "0 .. 100"; 2806 } 2807 description 2808 "Percentage"; 2809 } 2811 /* 2812 * Grouping 2813 */ 2815 // Port set option 2817 grouping port-set-option { 2818 description 2819 "PORT_SET option."; 2821 leaf port-set-enable { 2822 type boolean; 2823 description 2824 "Enable/disable PORT_SET option."; 2825 } 2827 leaf default-port-set-size { 2828 type uint16; 2829 description 2830 "Indicates the default size of a port set."; 2831 } 2833 leaf maximum-port-set-size { 2834 type uint16; 2835 description 2836 "Indicates the maximum size of a port set."; 2837 } 2838 } 2840 // Prefix64 port set 2842 grouping prefix64-option { 2843 description 2844 "PREFIX64 option as defined in [RFC7225]."; 2846 leaf prefix64-option-enable { 2847 type boolean; 2848 description 2849 "Indicates whether the option is enabled/disabled."; 2850 } 2852 list prefix64 { 2853 key "prefix64-id"; 2854 description 2855 "maintains a list of Prefix64s."; 2857 leaf prefix64-id { 2858 type uint32; 2859 description 2860 "An identifier of a Prefix64."; 2861 } 2863 leaf prefix64 { 2864 type inet:ipv6-prefix; 2865 description 2866 "A Prefix64"; 2867 } 2869 leaf suffix { 2870 type yang:hex-string; 2871 description 2872 "The suffix is used for constructing an 2873 IPv4-converted IPv6 address from an IPv4 address as 2874 specified in Section 2.2 of [RFC6052]. No suffix is 2875 included if a /96 Prefix64 is used."; 2876 } 2878 list dest-ipv4-prefix { 2879 key "ipv4-prefix-id"; 2880 description 2881 "used to solve the destination-dependent 2882 Pref64::/n discovery problem discussed in 2883 Section 5.1 of [RFC7050]."; 2885 leaf ipv4-prefix-id { 2886 type uint32; 2887 description 2888 "An identifier of a destination IPv4 prefix"; 2889 } 2891 leaf ipv4-prefix { 2892 type inet:ipv4-prefix; 2893 description 2894 "an IPv4 prefix."; 2895 } 2896 } 2897 } 2898 } 2900 //option list: server side 2902 grouping option-server { 2903 description 2904 "Used for option-related operations 2905 at the server's side."; 2907 leaf third-party { 2908 type boolean; 2909 description 2910 "enable/disable THIRD_PARTY option."; 2911 } 2913 leaf prefer-failure { 2914 type boolean; 2915 description 2916 "enable/disable PREFER_FAILURE option."; 2917 } 2918 container filter { 2919 description 2920 "enable/disable FILTER option."; 2922 uses pcp:filter-option; 2923 } 2925 container port-set-option { 2926 description 2927 "enable/disable PORT_SET option."; 2929 uses pcp:port-set-option; 2930 } 2932 container description { 2933 description 2934 "enable/disable DESCRIPTION option."; 2935 uses pcp:description-option; 2936 } 2938 container prefix64-option { 2939 description 2940 "enable/disable PREFIX64 option."; 2941 uses prefix64-option; 2942 } 2943 } 2945 /* 2946 * PCP server Configuration 2947 */ 2949 container pcp-server-config { 2950 description 2951 "PCP server"; 2953 leaf enable { 2954 type boolean; 2955 description 2956 "Enable/Disable PCP server function."; 2957 } 2959 container pcp-server-instances { 2960 description 2961 "PCP server instances"; 2963 list pcp-server-instance { 2964 key "id"; 2965 description 2966 "a PCP server instance."; 2968 leaf id { 2969 type uint32; 2970 description 2971 "PCP server instance identifier."; 2972 } 2974 leaf name { 2975 type string; 2976 description 2977 "A name associated with the PCP server instance"; 2978 } 2980 list version { 2981 key version; 2982 description 2983 "Indicates the PCP version(s) supported by the 2984 PCP server. 2985 Current supported versions are 0, 1, and 2."; 2987 uses pcp:pcp-version; 2988 } 2990 list pcp-server-ip-address { 2992 key address-id; 2994 description 2995 "set one or multiple IP addresses for 2996 the PCP server"; 2998 leaf address-id { 2999 type uint32; 3000 description 3001 "The identifier of the address"; 3002 } 3004 leaf ip-address { 3005 type inet:ipv6-address; 3006 description 3007 "IP (v4/v6) address of the PCP server"; 3008 } 3009 } 3011 leaf authentication-enable { 3012 type boolean; 3013 description 3014 "Enable/disable PCP authentication"; 3015 } 3017 container opcode-configuration { 3018 description 3019 "Opcode-related configuration"; 3021 uses pcp:opcode; 3022 } 3024 container option-configuration { 3025 description 3026 "Option-related configuration"; 3028 uses option-server; 3029 } 3031 leaf port-randomization-enable { 3032 type boolean; 3033 description 3034 "Enable/disable port randomization 3035 feature."; 3036 } 3038 leaf port-preservation-enable { 3039 type boolean; 3040 description 3041 "Indicates whether the PCP server should 3042 preserve the internal port number."; 3043 } 3045 leaf port-parity-preservation-enable { 3046 type boolean; 3047 description 3048 "Indicates whether the PCP server should 3049 preserve the port parity of the 3050 internal port number."; 3051 } 3053 leaf nonce-validation-checks-enable { 3054 type boolean; 3055 description 3056 "Indicates whether the PCP server has to 3057 disable/enable Nonce validation checks."; 3058 } 3060 leaf subscriber-mask { 3061 type uint8 { 3062 range "0 .. 128"; 3063 } 3064 description 3065 "The subscriber-mask is an integer that indicates 3066 the length of significant bits to be applied on 3067 the source IPv6 address (internal side) to 3068 identify unambiguously a CPE. 3070 Subscriber-mask is a system-wide configuration 3071 parameter that is used to enforce generic per-subscriber 3072 policies (e.g., port-quota). 3074 Applying these generic policies does not require 3075 configuring every subscriber's prefix. 3077 Example: suppose the 2001:db8:100:100::/56 prefix is 3078 assigned to a DS-Lite enabled CPE. Suppose also that the 3079 2001:db8:100:100::1 is the IPv6 address used by the 3080 client that resides in that CPE. When the server 3081 receives a packet from this client, 3082 the server applies the subscriber-mask (e.g., 56) on 3083 the source IPv6 address to compute the associated prefix 3084 for this client (that is 2001:db8:100:100::/56). Then, 3085 the server enforces policies based on that prefix 3086 (2001:db8:100:100::/56), not on the exact 3087 source IPv6 address."; 3088 } 3090 leaf port-quota { 3091 type uint16; 3092 description 3093 "configure a port quota to be assigned per 3094 PCP client/subscriber."; 3095 } 3097 list exclude-ports { 3098 key "id"; 3099 description 3100 "The set of ports not to be assigned 3101 by the server."; 3103 leaf id { 3104 type uint16; 3105 description 3106 "An identifier"; 3107 } 3109 uses pcp:port-number; 3111 } 3113 list protocol { 3114 key "protocol-id"; 3115 description 3116 "set of protocols supported by 3117 the PCP-controlled function."; 3119 leaf protocol-id { 3120 type uint8; 3121 description 3122 "identifier of the protocol"; 3123 } 3124 } 3126 leaf epoch-set { 3127 type uint32; 3128 description 3129 "Set the Epoch parameter."; 3130 } 3132 container lifetime { 3133 description 3134 "Configure values for the lifetime to be 3135 assigned to requesting PCP clients. 3137 The client requests a certain lifetime, and the server 3138 responds with the assigned lifetime. 3140 The server may grant a lifetime smaller or larger than 3141 the requested lifetime. 3143 The minimum value should be 120 seconds. 3145 The maximum value should be the remaining 3146 lifetime of the IP address assigned to 3147 the PCP client if that information is available, 3148 or half the lifetime of IP address 3149 assignments, or 24 hours. 3151 Excessively long lifetimes can cause consumption 3152 of ports even if the internal host is no longer 3153 interested in receiving the traffic or is no 3154 longer connected to the network. 3155 (Section 15 [RFC6877]."; 3157 leaf minimum-lifetime { 3158 type uint32; 3159 default 120; 3160 description 3161 "Minimum lifetime."; 3162 } 3164 leaf maximum-lifetime { 3165 type uint32; 3166 default 86400; 3167 description 3168 "Maximum lifetime."; 3169 } 3170 } 3172 container error-lifetime { 3173 description 3174 "Configure values for the error lifetime to be 3175 returned to requesting PCP clients."; 3177 leaf minimum-error-lifetime { 3178 type uint32; 3179 default 30; 3180 description 3181 "Minimum error lifetime, in seconds. 3183 [RFC6877] recommends that short lifetime 3184 errors use a 30-second lifetime."; 3185 } 3187 leaf maximum-error-lifetime { 3188 type uint32; 3189 default 1800; 3190 description 3191 "Maximum error lifetime, in seconds. 3193 [RFC6877] recommends that long lifetime 3194 errors use a 30-minute lifetime."; 3195 } 3196 } 3198 container mapping-table { 3199 description 3200 "PCP mapping table as maintained by 3201 the PCP server"; 3203 list mapping-entry { 3204 key "index"; 3205 description 3206 "PCP mapping entry"; 3208 uses pcp:mapping-entry; 3209 } 3210 } 3211 } 3212 } 3213 } 3215 /* 3216 * PCP server State 3217 */ 3219 container pcp-server-state { 3221 config false; 3223 description 3224 "PCP server"; 3226 container pcp-server-instances { 3227 description 3228 "PCP server instances"; 3230 list pcp-server-instance { 3231 key "id"; 3233 description 3234 "PCP server instance"; 3236 leaf id { 3237 type int32; 3238 description 3239 "The identifier of the PCP server instance."; 3240 } 3242 leaf name { 3243 type string; 3244 description 3245 "The name of the PCP server instance"; 3246 } 3248 list supported-version { 3249 key version; 3250 description 3251 "List of supported PCP versions."; 3253 uses pcp:pcp-version; 3254 } 3255 leaf preferred-version { 3256 type uint8; 3257 description 3258 "List of preferred version. 3259 Mainly used for unsolicited messages."; 3260 } 3262 list configured-pcp-server-ip-address { 3264 key address-id; 3266 description 3267 "List of PCP server IP addresses"; 3269 leaf address-id { 3270 type uint32; 3271 description 3272 "The identifier of the address"; 3273 } 3275 leaf ip-address { 3276 type inet:ipv6-address; 3277 description 3278 "IP address of the PCP server"; 3279 } 3280 } 3282 list external-ip-address-pool { 3284 key address-id; 3286 description 3287 "Pool of external IP addresses used to service 3288 requesting clients."; 3290 leaf address-id { 3291 type uint32; 3292 description 3293 "An identifier"; 3294 } 3296 leaf external-ip-pool { 3297 type inet:ipv6-prefix; 3298 description 3299 "An address or prefix"; 3300 } 3301 } 3302 leaf authentication-support { 3303 type boolean; 3304 description 3305 "Status of the support of PCP authentication"; 3306 } 3308 container opcode-capability { 3309 description 3310 "Opcode-related capabilities"; 3311 uses pcp:opcode; 3312 } 3314 container option-capability { 3315 description 3316 "Option-related capabilities"; 3318 uses pcp:option; 3319 } 3321 leaf port-randomization-support { 3322 type boolean; 3323 description 3324 "Indicates whether port randomization is 3325 supported."; 3326 } 3328 leaf port-preservation-suport { 3329 type boolean; 3330 description 3331 "Indicates whether port preservation 3332 is supported."; 3333 } 3335 leaf port-parity-preservation-support { 3336 type boolean; 3337 description 3338 "Indicates whether port parity preservation is 3339 supported."; 3340 } 3342 list protocol-capabilities { 3343 key "protocol-id"; 3344 description 3345 "A set of supported transported protocols"; 3347 leaf protocol-id { 3348 type uint8; 3349 description 3350 "transport protocol"; 3351 } 3352 } 3354 container pcp-controlled-function-capability { 3355 description 3356 "list of controlled functions."; 3358 uses pcp:pcp-controlled-function; 3359 } 3361 container opcode-configuration { 3362 description 3363 "Opcode-related configuration"; 3365 uses pcp:opcode; 3366 } 3368 container option-configuration { 3369 description 3370 "Option-related configuration"; 3372 uses option-server; 3373 } 3375 leaf authentication-enabled{ 3376 type boolean; 3377 description 3378 "Indicates whether PCP authentication 3379 is enabled/disabled"; 3380 } 3382 leaf port-randomization-enable { 3383 type boolean; 3384 description 3385 "Indicates whether port randomization 3386 is enabled/disabled"; 3387 } 3389 leaf port-preservation-enable { 3390 type boolean; 3391 description 3392 "Indicates whether port preservation 3393 is enabled/disabled"; 3394 } 3396 leaf port-parity-preservation-enable { 3397 type boolean; 3399 description 3400 "Indicates whether port parity preservation 3401 is enabled/disabled"; 3402 } 3404 list enabled-protocol { 3405 key "protocol-id"; 3406 description 3407 "Indicates the set of enabled transport protocols."; 3409 leaf protocol-id { 3410 type uint8; 3411 description 3412 "A transport protocol"; 3413 } 3414 } 3416 leaf subscriber-mask-support{ 3417 type boolean; 3418 description 3419 "Indicates if the subscriber-mask feature is supported"; 3420 } 3422 leaf subscriber-mask { 3423 type uint8 { 3424 range "0 .. 128"; 3425 } 3426 description 3427 "Indicates the configured subscriber-mask"; 3428 } 3430 leaf port-quota { 3431 type uint16; 3432 description 3433 "Indicates the configured port quota."; 3434 } 3436 list exclude-ports { 3437 key "id"; 3438 description 3439 "Indicates ports that are excluded from 3440 dynamic assignment."; 3442 leaf id { 3443 type uint16; 3444 description 3445 "identifier"; 3446 } 3448 uses pcp:port-number; 3449 } 3451 leaf nonce-validation-checks-enable { 3452 type boolean; 3453 description 3454 "Indicates whether NONCE validation checks are 3455 enabled/disabled"; 3456 } 3458 leaf epoch { 3459 type uint32; 3460 description 3461 "value of the current server's epoch."; 3462 } 3464 container lifetime { 3465 description 3466 "lifetime-related configuration"; 3468 leaf minimum-lifetime { 3469 type uint32; 3470 description 3471 "configured minimum lifetime"; 3472 } 3474 leaf maximum-lifetime { 3475 type uint32; 3476 description 3477 "configured maximum-lifetime"; 3478 } 3479 } 3481 container error-lifetime { 3482 description 3483 "Vvalues for the error lifetime to be 3484 returned to requesting PCP clients."; 3486 leaf minimum-error-lifetime { 3487 type uint32; 3488 description 3489 "Configured minimum error lifetime, 3490 in seconds."; 3491 } 3493 leaf maximum-error-lifetime { 3494 type uint32; 3495 description 3496 "Configured maximum error lifetime, 3497 in seconds."; 3498 } 3499 } 3500 container mapping-table { 3501 description 3502 "Mapping table"; 3503 list mapping-entry { 3504 key "index"; 3505 description 3506 "mapping entry"; 3507 uses pcp:mapping-entry; 3508 uses pcp:status-code; 3509 } 3510 } 3512 container traffic-statistics { 3514 description 3515 "traffic statistics"; 3517 uses pcp:traffic-stat; 3519 container mapping-table { 3520 description 3521 "mapping table statistics"; 3523 uses pcp:mapping-table-stats; 3524 } 3526 leaf port-in-use { 3527 type percent; 3528 description 3529 "ratio of the port usage."; 3530 } 3531 } 3532 } 3533 } 3534 } 3535 } 3536 3538 4. Security Considerations 3540 The YANG module defined in this memo is designed to be accessed via 3541 the NETCONF protocol [RFC6241]. The lowest NETCONF layer is the 3542 secure transport layer and the support of SSH is mandatory to 3543 implement secure transport [RFC6242]. The NETCONF access control 3544 model [RFC6536] provides means to restrict access for particular 3545 NETCONF users to a pre-configured subset of all available NETCONF 3546 protocol operations and contents. 3548 There is a number of data nodes defined in the YANG module which can, 3549 be created, modified and deleted (i.e., config true, which is the 3550 default). These data nodes may be considered sensitive or vulnerable 3551 in some network environments. Write operations (e.g., edit-config) 3552 applied to these data nodes without proper protection can negatively 3553 affect network operations. In particular, configuring a fake PCP 3554 server may ve used to redirect the traffic from a PCP client to an 3555 illegitimate server. 3557 5. IANA Considerations 3559 This document requests IANA to register the following URIs in the 3560 "IETF XML Registry" [RFC3688]: 3562 URI: urn:ietf:params:xml:ns:yang:ietf-pcp 3563 Registrant Contact: The IESG. 3564 XML: N/A; the requested URI is an XML namespace. 3566 URI: urn:ietf:params:xml:ns:yang:ietf-pcp-client 3567 Registrant Contact: The IESG. 3568 XML: N/A; the requested URI is an XML namespace. 3570 URI: urn:ietf:params:xml:ns:yang:ietf-pcp-iwf 3571 Registrant Contact: The IESG. 3572 XML: N/A; the requested URI is an XML namespace. 3574 URI: urn:ietf:params:xml:ns:yang:ietf-pcp-proxy 3575 Registrant Contact: The IESG. 3576 XML: N/A; the requested URI is an XML namespace. 3578 URI: urn:ietf:params:xml:ns:yang:ietf-pcp-server 3579 Registrant Contact: The IESG. 3580 XML: N/A; the requested URI is an XML namespace. 3582 This document requests IANA to register the following YANG modules in 3583 the "YANG Module Names" registry [RFC6020]. 3585 name: ietf-pcp 3586 namespace: urn:ietf:params:xml:ns:yang:ietf-pcp 3587 prefix: pcp 3588 reference: RFC XXXX 3590 name: ietf-pcp-client 3591 namespace: urn:ietf:params:xml:ns:yang:ietf-pcp-client 3592 prefix: pcp-client 3593 reference: RFC XXXX 3595 name: ietf-pcp-iwf 3596 namespace: urn:ietf:params:xml:ns:yang:ietf-pcp-iwf 3597 prefix: pcp-iwf 3598 reference: RFC XXXX 3600 name: ietf-pcp-proxy 3601 namespace: urn:ietf:params:xml:ns:yang:ietf-pcp-proxy 3602 prefix: pcp-proxy 3603 reference: RFC XXXX 3605 name: ietf-pcp-server 3606 namespace: urn:ietf:params:xml:ns:yang:ietf-pcp-server 3607 prefix: pcp-server 3608 reference: RFC XXXX 3610 6. References 3612 6.1. Normative references 3614 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 3615 Requirement Levels", BCP 14, RFC 2119, 3616 DOI 10.17487/RFC2119, March 1997, 3617 . 3619 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 3620 DOI 10.17487/RFC3688, January 2004, 3621 . 3623 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 3624 the Network Configuration Protocol (NETCONF)", RFC 6020, 3625 DOI 10.17487/RFC6020, October 2010, 3626 . 3628 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 3629 and A. Bierman, Ed., "Network Configuration Protocol 3630 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 3631 . 3633 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 3634 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 3635 . 3637 [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration 3638 Protocol (NETCONF) Access Control Model", RFC 6536, 3639 DOI 10.17487/RFC6536, March 2012, 3640 . 3642 [RFC6887] Wing, D., Ed., Cheshire, S., Boucadair, M., Penno, R., and 3643 P. Selkirk, "Port Control Protocol (PCP)", RFC 6887, 3644 DOI 10.17487/RFC6887, April 2013, 3645 . 3647 [RFC6970] Boucadair, M., Penno, R., and D. Wing, "Universal Plug and 3648 Play (UPnP) Internet Gateway Device - Port Control 3649 Protocol Interworking Function (IGD-PCP IWF)", RFC 6970, 3650 DOI 10.17487/RFC6970, July 2013, 3651 . 3653 [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", 3654 RFC 6991, DOI 10.17487/RFC6991, July 2013, 3655 . 3657 [RFC7220] Boucadair, M., Penno, R., and D. Wing, "Description Option 3658 for the Port Control Protocol (PCP)", RFC 7220, 3659 DOI 10.17487/RFC7220, May 2014, 3660 . 3662 [RFC7225] Boucadair, M., "Discovering NAT64 IPv6 Prefixes Using the 3663 Port Control Protocol (PCP)", RFC 7225, 3664 DOI 10.17487/RFC7225, May 2014, 3665 . 3667 [RFC7291] Boucadair, M., Penno, R., and D. Wing, "DHCP Options for 3668 the Port Control Protocol (PCP)", RFC 7291, 3669 DOI 10.17487/RFC7291, July 2014, 3670 . 3672 [RFC7488] Boucadair, M., Penno, R., Wing, D., Patil, P., and T. 3673 Reddy, "Port Control Protocol (PCP) Server Selection", 3674 RFC 7488, DOI 10.17487/RFC7488, March 2015, 3675 . 3677 [RFC7648] Perreault, S., Boucadair, M., Penno, R., Wing, D., and S. 3678 Cheshire, "Port Control Protocol (PCP) Proxy Function", 3679 RFC 7648, DOI 10.17487/RFC7648, September 2015, 3680 . 3682 [RFC7652] Cullen, M., Hartman, S., Zhang, D., and T. Reddy, "Port 3683 Control Protocol (PCP) Authentication Mechanism", 3684 RFC 7652, DOI 10.17487/RFC7652, September 2015, 3685 . 3687 [RFC7753] Sun, Q., Boucadair, M., Sivakumar, S., Zhou, C., Tsou, T., 3688 and S. Perreault, "Port Control Protocol (PCP) Extension 3689 for Port-Set Allocation", RFC 7753, DOI 10.17487/RFC7753, 3690 February 2016, . 3692 6.2. Informative references 3694 [RFC6087] Bierman, A., "Guidelines for Authors and Reviewers of YANG 3695 Data Model Documents", RFC 6087, DOI 10.17487/RFC6087, 3696 January 2011, . 3698 Authors' Addresses 3700 Mohamed Boucadair 3701 Orange 3702 Rennes 35000 3703 France 3705 EMail: mohamed.boucadair@orange.com 3707 Christian Jacquenet 3708 Orange 3709 Rennes 35000 3710 France 3712 EMail: christian.jacquenet@orange.com 3714 Senthil Sivakumar 3715 Cisco Systems 3716 7100-8 Kit Creek Road 3717 Research Triangle Park, North Carolina 27709 3718 USA 3720 Phone: +1 919 392 5158 3721 EMail: ssenthil@cisco.com 3722 Suresh Vinapamula 3723 Juniper Networks 3724 1194 North Mathilda Avenue 3725 Sunnyvale, CA 94089 3726 USA 3728 Phone: +1 408 936 5441 3729 EMail: sureshk@juniper.net