idnits 2.17.1 draft-boydseda-ipfix-psamp-bulk-data-yang-model-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 55 instances of too long lines in the document, the longest one being 38 characters in excess of 72. ** The abstract seems to contain references ([RFC6728]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. == There are 1 instance of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 1511 has weird spacing: '...main-id uin...' == Line 1525 has weird spacing: '...nterval uin...' == Line 1529 has weird spacing: '...nterval uin...' == Line 1534 has weird spacing: '...ulation uin...' == Line 1537 has weird spacing: '...ability dec...' == (1 more instance...) -- The document date (October 22, 2018) is 2012 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Obsolete informational reference (is this intentional?): RFC 5246 (Obsoleted by RFC 8446) -- Obsolete informational reference (is this intentional?): RFC 6536 (Obsoleted by RFC 8341) Summary: 2 errors (**), 0 flaws (~~), 8 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group J. Boyd 3 Internet-Draft ADTRAN 4 Obsoletes: 6728 (if approved) M. Seda 5 Intended status: Standards Track Calix 6 Expires: April 25, 2019 October 22, 2018 8 Data Models for the IP Flow Information Export (IPFIX) Protocol, Packet 9 Sampling (PSAMP) Protocol, and Bulk Data Export 10 draft-boydseda-ipfix-psamp-bulk-data-yang-model-00 12 Abstract 14 This document defines a flexible modular alternative YANG model for 15 bulk data collection and export via the IPFIX protocol to the model 16 defined in [RFC6728] "Configuration Data Model for the IP Flow 17 Information Export (IPFIX) and Packet Sampling (PSAMP) Protocols". 18 The model defined in this RFC configures the IPFIX exporter and 19 collector (if applicable) and refers to the bulk data monitoring 20 configuration. Optionally, the model can be configured to support 21 PSAMP export of data via IPFIX. 23 This document obsoletes [RFC6728] (if approved). 25 Status of This Memo 27 This Internet-Draft is submitted in full conformance with the 28 provisions of BCP 78 and BCP 79. 30 Internet-Drafts are working documents of the Internet Engineering 31 Task Force (IETF). Note that other groups may also distribute 32 working documents as Internet-Drafts. The list of current Internet- 33 Drafts is at https://datatracker.ietf.org/drafts/current/. 35 Internet-Drafts are draft documents valid for a maximum of six months 36 and may be updated, replaced, or obsoleted by other documents at any 37 time. It is inappropriate to use Internet-Drafts as reference 38 material or to cite them other than as "work in progress." 40 This Internet-Draft will expire on April 25, 2019. 42 Copyright Notice 44 Copyright (c) 2018 IETF Trust and the persons identified as the 45 document authors. All rights reserved. 47 This document is subject to BCP 78 and the IETF Trust's Legal 48 Provisions Relating to IETF Documents 49 (https://trustee.ietf.org/license-info) in effect on the date of 50 publication of this document. Please review these documents 51 carefully, as they describe your rights and restrictions with respect 52 to this document. Code Components extracted from this document must 53 include Simplified BSD License text as described in Section 4.e of 54 the Trust Legal Provisions and are provided without warranty as 55 described in the Simplified BSD License. 57 Table of Contents 59 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 60 1.1. Historical Perspective . . . . . . . . . . . . . . . . . 3 61 1.2. Relationship with RFC 6728 . . . . . . . . . . . . . . . 5 62 1.3. Terminology . . . . . . . . . . . . . . . . . . . . . . . 6 63 1.4. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 6 64 2. Objectives . . . . . . . . . . . . . . . . . . . . . . . . . 6 65 3. YANG Modules . . . . . . . . . . . . . . . . . . . . . . . . 6 66 3.1. ietf-ipfix . . . . . . . . . . . . . . . . . . . . . . . 6 67 3.1.1. ietf-ipfix Module Structure . . . . . . . . . . . . . 6 68 3.1.2. ietf-ipfix YANG Module . . . . . . . . . . . . . . . 9 69 3.2. ietf-psamp . . . . . . . . . . . . . . . . . . . . . . . 32 70 3.2.1. ietf-psamp Module Structure . . . . . . . . . . . . . 32 71 3.2.2. ietf-psamp YANG module . . . . . . . . . . . . . . . 35 72 3.3. ietf-bulk-data-export . . . . . . . . . . . . . . . . . . 61 73 3.3.1. ietf-bulk-data-export Module Structure . . . . . . . 61 74 3.3.2. ietf-bulk-data-export YANG module . . . . . . . . . . 61 75 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 61 76 5. Security Considerations . . . . . . . . . . . . . . . . . . . 61 77 6. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 63 78 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 63 79 7.1. Normative References . . . . . . . . . . . . . . . . . . 63 80 7.2. Informative References . . . . . . . . . . . . . . . . . 64 81 Appendix A. Example: ietf-ipfix Usage . . . . . . . . . . . . . 65 82 Appendix B. Example: ietf-psamp Usage . . . . . . . . . . . . . 67 83 Appendix C. Example: ietf-bulk-data-export Usage . . . . . . . . 67 84 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 67 86 1. Introduction 88 Bulk data collection is an automated collection of data from a device 89 that is packaged together and delivered to an IPFIX collector. The 90 IPFIX protocol may be used to transport bulk data such as: 92 o Sampled (metered) Packet SAMPling (PSAMP) data: [RFC5476] defines 93 PSAMP operations that a device may implement to sample packets 94 passing a network element for reporting purposes. 96 o Statistics from interfaces, subinterfaces and sessions: YANG 97 models define statistics that can be retrieved via protocols such 98 as NETCONF [RFC6241] or RESTCONF [RFC8040]. These statistics can 99 be streamed using an IPFIX transport to an IPFIX collector that 100 supports analytics tools. An operator may wish to take the bulk 101 data and analyze it for trend analysis purposes or other usages 102 (e.g., collect octet counts every 5 minutes for service level 103 agreement purposes or collect reported device temperature for 104 network health purposes). 106 IPFIX can also be used to meet the bulk transport requirements of 107 other protocols. For example: * [BBF.TR-352] ICTP (Inter-Channel 108 Transport Protocol): ICTP uses IPFIX to transport dynamic data (e.g., 109 lease information) across participating NGPON2 (Next-Generation 110 Passive Optical Network 2) systems. 112 1.1. Historical Perspective 114 Below is a historical timeline of IETF IPFIX and YANG RFCs: 116 o RFC 5101 (2008), obsoleted by [RFC7011] (2013), defines the IPFIX 117 protocol. 119 o [RFC5476] (2009) defines the PSAMP operations of selection (random 120 selection, deterministic selection or hash-based selection) for 121 capturing or metering packets arriving on a device. 123 o RFC 6020 (2010) and [RFC7950] (2016) define v1.0 and v1.1 of the 124 YANG data modeling language (respectively), and [RFC8342] (2018) 125 updates RFC 7950 to define NMDA (Network Management Datastore 126 Architecture). 128 o [RFC6728] (2012) defines a Packet SAMPling (PSAMP) YANG model for 129 devices that use PSAMP for capturing (for metering purposes) a 130 subset of all packets traversing a device. 132 o RFC 7223 (2014), obsoleted by [RFC8343] (2018), defines a YANG 133 data model for interfaces. 135 o IETF, IEEE, BBF etc. (2015 to 2018) have incorporated reporting of 136 statistics into corresponding YANG models (G.fast, PON, etc.). 138 [RFC6728] defines a single YANG module that performs PSAMP sampling. 139 The collection process (PSAMP) and the IPFIX exporting process are 140 part of the same YANG module. The PSAMP YANG model defines a variety 141 of features. However, it only supports a PSAMP meter and it assumes 142 a device supports SCTP (minimally). Both constructs prove 143 challenging to other applications that use IPFIX for transport of 144 bulk data: 146 o [BBF.TR-352] supports only TCP and TLS as IPFIX transport 147 protocols. The [RFC6728] YANG model does not allow for explicit 148 non-support for SCTP, therefore requiring the need for YANG 149 deviations to announce non-support. 151 * A preferable solution is one that is more flexible (e.g., 152 allows different underlying transport options and avoids the 153 need for deviations to announce non-support for features which 154 an access node is not required to support). 156 o The PSAMP meter does not need to be configured if the observation 157 point is already defined by other YANG models. One could attempt 158 to augment PSAMP YANG to reference where the observation point is 159 being configured (but then would have to express feature "non- 160 support" on features unlikely to be needed or required by access 161 devices). 163 Rather than these approaches, it would be preferable that a new YANG 164 model be developed where functionality is separated into different 165 modules such that the functions can be independently leveraged. 167 These are some of the other issues with the current model: 169 o The PSAMP YANG model defines the frequency of export in the PSAMP 170 cache. Bulk data needs the export frequency to be controlled by 171 the exporting process. 173 * It would be preferable that these cache functions be moved 174 closer to the function performing the export. 176 * If a new YANG model is developed, the bulk data and PSAMP 177 collection processes can be modeled independently. 179 o The PSAMP YANG model supports IPFIX mediators. Access nodes may 180 need to support large IPFIX mediation functions. 182 * If a new YANG model is developed, the transport sessions should 183 be modeled such that they can be retrieved individually in 184 addition to retrieving the entire list (which may be quite 185 large for access devices such as an NG-PON2 OLT). 187 o The PSAMP YANG model contains references which correlate to MIB 188 definitions. For example, interfaces are referenced via ifIndex. 189 For most NETCONF managed devices, interfaces are referenced by 190 name as defined in [RFC8343]. 192 * If a new YANG model is developed, options should be provided to 193 allow use of either MIB or newer reference methods. 195 1.2. Relationship with RFC 6728 197 This RFC uses the general principles defined in [RFC6728] with the 198 following exceptions: 200 o [RFC6728] was developed prior to [RFC8407] YANG guidelines 201 publication. This RFC adopts and conforms to the latest YANG 202 guidelines for identifier naming conventions and is therefore not 203 backwards compatible with RFC 6728. 205 o The YANG model adds support for [RFC8343] interface references. 207 o The YANG model is separated into the following three modules: 209 * ietf-ipfix: Describes the IPFIX collector and exporter 210 functions. 212 * ietf-psamp: Describes the PSAMP functions for configuring a 213 device to sample/meter a subset of packets from the network. 215 * ietf-bulk-data-export: Describes the bulk data IPFIX templates 216 and filtering functions to apply to bulk data (outside PSAMP 217 bulk data application). 219 o SCTP data nodes are made optional via the sctp feature for 220 applications not requiring to support SCTP. 222 o IPFIX transport sessions allow transport session information to be 223 retrieved individually. 225 o Source and destination address type choice statements are added to 226 improve extensibility of the model. 228 Bulk data applications that use this RFC are expected to only need to 229 import the applicable YANG modules. For example: 231 o PSAMP uses the ietf-ipfix and ietf-psamp modules. 233 o Statistics use the ietf-ipfix and ietf-bulk-data-export modules. 235 o TR-352 ICTP applications use only the ietf-ipfix module. 237 1.3. Terminology 239 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 240 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 241 "OPTIONAL" in this document are to be interpreted as described in BCP 242 14 [RFC2119] [RFC8174] when, and only when, they appear in all 243 capitals, as shown here. 245 The following terms are defined in [RFC7950] and are not redefined 246 here: 248 o TBD 250 1.4. Tree Diagrams 252 Tree diagrams used in this document follow the notation defined in 253 [RFC8340]. 255 2. Objectives 257 This document defines a YANG data model for the configuration and 258 state retrieval of bulk data collection and export via IPFIX. The 259 YANG module in this document conforms to the Network Management 260 Datastore Architecture (NMDA) [RFC8342] and [RFC8407] YANG 261 guidelines. 263 3. YANG Modules 265 This document defines three YANG modules: 267 o ietf-ipfix 269 o ietf-psamp 271 o ietf-bulk-data-export 273 3.1. ietf-ipfix 275 3.1.1. ietf-ipfix Module Structure 277 This document defines the YANG module "ietf-ipfix", which has the 278 following structure: 280 module: ietf-ipfix 281 +--rw ipfix 282 +--rw collecting-process* [name] {collector}? 283 | +--rw name name-type 284 | +--rw tcp-collector* [name] {tcp-transport}? 285 | | +--rw name name-type 286 | | +--rw local-port? inet:port-number 287 | | +--rw transport-layer-security! 288 | | | +--rw local-certification-authority-dn* string 289 | | | +--rw local-subject-dn* string 290 | | | +--rw local-subject-fqdn* inet:domain-name 291 | | | +--rw remote-certification-authority-dn* string 292 | | | +--rw remote-subject-dn* string 293 | | | +--rw remote-subject-fqdn* inet:domain-name 294 | | +--rw (local-address-method)? 295 | | | +--:(local-address) 296 | | | +--rw local-ip-address* inet:ip-address 297 | | +--ro transport-session* [name] 298 | | +--ro name name-type 299 | | +--ro ipfix-version? uint16 300 | | +--ro source-ip-address? inet:ip-address 301 | | +--ro destination-ip-address? inet:ip-address 302 | | +--ro source-port? inet:port-number 303 | | +--ro destination-port? inet:port-number 304 | | +--ro status? transport-session-status 305 | | +--ro rate? yang:gauge32 306 | | +--ro bytes? yang:counter64 307 | | +--ro messages? yang:counter64 308 | | +--ro discarded-messages? yang:counter64 309 | | +--ro records? yang:counter64 310 | | +--ro templates? yang:counter32 311 | | +--ro options-templates? yang:counter32 312 | | +--ro transport-session-start-time? yang:date-and-time 313 | | +--ro transport-session-discontinuity-time? yang:date-and-time 314 | | +--ro template* [] 315 | | +--ro observation-domain-id? uint32 316 | | +--ro template-id? uint16 317 | | +--ro set-id? uint16 318 | | +--ro access-time? yang:date-and-time 319 | | +--ro template-data-records? yang:counter64 320 | | +--ro template-discontinuity-time? yang:date-and-time 321 | | +--ro field* [] 322 | | +--ro ie-id? ie-id-type 323 | | +--ro ie-length? uint16 324 | | +--ro ie-enterprise-number? uint32 325 | | +--ro is-flow-key? empty 326 | | +--ro is-scope? empty 327 | +--rw exporting-process* -> /ipfix/exporting-process/name {exporter}? 328 +--rw exporting-process* [name] {exporter}? 329 +--rw name name-type 330 +--rw export-mode? identityref 331 +--rw destination* [name] 332 | +--rw name name-type 333 | +--rw (destination-parameters) 334 | +--:(tcp-exporter) 335 | +--rw tcp-exporter {tcp-transport}? 336 | +--rw ipfix-version? uint16 337 | +--rw destination-port? inet:port-number 338 | +--rw send-buffer-size? uint32 339 | +--rw rate-limit? uint32 340 | +--rw transport-layer-security! 341 | | +--rw local-certification-authority-dn* string 342 | | +--rw local-subject-dn* string 343 | | +--rw local-subject-fqdn* inet:domain-name 344 | | +--rw remote-certification-authority-dn* string 345 | | +--rw remote-subject-dn* string 346 | | +--rw remote-subject-fqdn* inet:domain-name 347 | +--rw (source-method)? 348 | | +--:(source-address) 349 | | +--rw source-address? inet:ip-address 350 | +--rw (destination-method) 351 | | +--:(destination-address) 352 | | +--rw destination-address? inet:host 353 | +--ro transport-session 354 | +--ro ipfix-version? uint16 355 | +--ro source-ip-address? inet:ip-address 356 | +--ro destination-ip-address? inet:ip-address 357 | +--ro source-port? inet:port-number 358 | +--ro destination-port? inet:port-number 359 | +--ro status? transport-session-status 360 | +--ro rate? yang:gauge32 361 | +--ro bytes? yang:counter64 362 | +--ro messages? yang:counter64 363 | +--ro discarded-messages? yang:counter64 364 | +--ro records? yang:counter64 365 | +--ro templates? yang:counter32 366 | +--ro options-templates? yang:counter32 367 | +--ro transport-session-start-time? yang:date-and-time 368 | +--ro transport-session-discontinuity-time? yang:date-and-time 369 | +--ro template* [] 370 | +--ro observation-domain-id? uint32 371 | +--ro template-id? uint16 372 | +--ro set-id? uint16 373 | +--ro access-time? yang:date-and-time 374 | +--ro template-data-records? yang:counter64 375 | +--ro template-discontinuity-time? yang:date-and-time 376 | +--ro field* [] 377 | +--ro ie-id? ie-id-type 378 | +--ro ie-length? uint16 379 | +--ro ie-enterprise-number? uint32 380 | +--ro is-flow-key? empty 381 | +--ro is-scope? empty 382 +--rw options* [name] 383 | +--rw name name-type 384 | +--rw options-type identityref 385 | +--rw options-timeout? uint32 386 +--ro exporting-process-id? uint32 388 3.1.2. ietf-ipfix YANG Module 390 This YANG Module imports typedefs from [RFC6991]. 392 file "ietf-ipfix@2018-10-22.yang" 394 module ietf-ipfix { 395 yang-version 1.1; 397 namespace "urn:ietf-params:xml:ns:yang:ietf-ipfix"; 399 prefix ietf-ipfix; 401 import ietf-inet-types { 402 prefix inet; 403 } 405 import ietf-yang-types { 406 prefix yang; 407 } 409 organization 410 "TBD"; 412 contact 413 "TBD"; 415 description 416 "TBD. 418 Copyright (c) 2018 IETF Trust and the persons identified 419 as authors of the code. All rights reserved. 421 Redistribution and use in source and binary forms, with or 422 without modification, is permitted pursuant to, and subject 423 to the license terms contained in, the Simplified BSD License 424 set forth in Section 4.c of the IETF Trust's Legal Provisions 425 Relating to IETF Documents 426 (http://trustee.ietf.org/license-info). 428 This version of this YANG module is part of XXX; see the RFC 429 itself for full legal notices."; 431 revision 2018-10-22 { 432 description 433 "Initial revision."; 434 reference 435 "Internet draft: draft-ipfix-psamp-bulk-data-yang-model-00"; 436 } 438 feature exporter { 439 description 440 "If supported, the Monitoring Device can be used as 441 an Exporter. Exporting Processes can be configured."; 442 } 444 feature tcp-transport { 445 description 446 "If supported, the Monitoring Device supports TCP 447 as the transport protocol."; 448 } 450 feature collector { 451 description 452 "If supported, the Monitoring Device can be used as 453 a Collector. Collecting Processes can be configured."; 454 } 456 identity export-mode { 457 description 458 "Base identity for different usages of export 459 destinations configured for an Exporting Process."; 460 } 462 identity parallel { 463 base export-mode; 464 description 465 "Parallel export of Data Records to all 466 destinations configured for the Exporting Process."; 467 } 469 identity load-balancing { 470 base export-mode; 471 description 472 "Load-balancing between the different destinations 473 configured for the Exporting Process."; 474 } 475 identity fallback { 476 base export-mode; 477 description 478 "Export to the primary destination (i.e., the first 479 destination configured for the Exporting Process). If the 480 export to the primary destination fails, the Exporting Process 481 tries to export to the secondary destination. If the 482 secondary destination fails as well, it continues with the 483 tertiary, etc."; 484 } 486 identity options-type { 487 description 488 "Base identity for report types exported with 489 options templates."; 490 } 492 identity metering-statistics { 493 base options-type; 494 description 495 "Metering Process Statistics."; 496 reference 497 "RFC 5101, Section 4.1."; 498 } 500 identity metering-reliability { 501 base options-type; 502 description 503 "Metering Process Reliability Statistics."; 504 reference 505 "RFC 5101, Section 4.2."; 506 } 508 identity exporting-reliability { 509 base options-type; 510 description 511 "Exporting Process Reliability Statistics."; 512 reference 513 "RFC 5101, Section 4.3."; 514 } 516 identity flow-keys { 517 base options-type; 518 description 519 "Flow Keys."; 520 reference 521 "RFC 5101, Section 4.4."; 522 } 523 identity selection-sequence { 524 base options-type; 525 description 526 "Selection Sequence and Selector Reports."; 527 reference 528 "RFC 5476, Sections 6.5.1 and 6.5.2."; 529 } 531 identity selection-statistics { 532 base options-type; 533 description 534 "Selection Sequence Statistics Report."; 535 reference 536 "RFC 5476, Sections 6.5.3."; 537 } 539 identity accuracy { 540 base options-type; 541 description 542 "Accuracy Report."; 543 reference 544 "RFC 5476, Section 6.5.4."; 545 } 547 identity reducing-redundancy { 548 base options-type; 549 description 550 "Enables the utilization of Options Templates to 551 reduce redundancy in the exported Data Records."; 552 reference 553 "RFC 5473."; 554 } 556 identity extended-type-information { 557 base options-type; 558 description 559 "Export of extended type information for 560 enterprise-specific Information Elements used in the 561 exported Templates."; 562 reference 563 "RFC 5610."; 564 } 566 typedef ie-name-type { 567 type string { 568 length "1..max"; 569 pattern '\S+'; 570 } 571 description 572 "Type for Information Element names. Whitespaces 573 are not allowed."; 574 } 576 typedef name-type { 577 type string { 578 length "1..max"; 579 pattern '\S(.*\S)?'; 580 } 581 description 582 "Type for 'name' leafs, which are used to identify 583 specific instances within lists, etc. 584 Leading and trailing whitespaces are not allowed."; 585 } 587 typedef ie-id-type { 588 type uint16 { 589 range "1..32767"; 590 } 591 description 592 "Type for Information Element identifiers."; 593 } 595 typedef transport-session-status { 596 type enumeration { 597 enum "inactive" { 598 value 0; 599 description 600 "This value MUST be used for Transport Sessions 601 that are specified in the system but currently not active. 602 The value can be used for Transport Sessions that are 603 backup (secondary) sessions."; 604 } 605 enum "active" { 606 value 1; 607 description 608 "This value MUST be used for Transport Sessions 609 that are currently active and transmitting or receiving 610 data."; 611 } 612 enum "unknown" { 613 value 2; 614 description 615 "This value MUST be used if the status of the 616 Transport Sessions cannot be detected by the device. 617 This value should be avoided as far as possible."; 618 } 620 } 621 description 622 "Status of a Transport Session."; 623 reference 624 "RFC 6615, Section 8 (ipfixTransportSessionStatus)."; 625 } 627 grouping transport-layer-security-parameters { 628 description 629 "TLS or DTLS parameters."; 631 leaf-list local-certification-authority-dn { 632 type string; 633 description 634 "Distinguished names of certification authorities 635 whose certificates may be used to identify the local 636 endpoint."; 637 reference 638 "RFC 5280."; 639 } 641 leaf-list local-subject-dn { 642 type string; 643 description 644 "Distinguished names that may be used in the 645 certificates to identify the local endpoint."; 646 reference 647 "RFC 5280."; 648 } 650 leaf-list local-subject-fqdn { 651 type inet:domain-name; 652 description 653 "Fully qualified domain names that may be used to 654 in the certificates to identify the local endpoint."; 655 reference 656 "RFC 5280."; 657 } 659 leaf-list remote-certification-authority-dn { 660 type string; 661 description 662 "Distinguished names of certification authorities 663 whose certificates are accepted to authorize remote 664 endpoints."; 665 reference 666 "RFC 5280."; 668 } 670 leaf-list remote-subject-dn { 671 type string; 672 description 673 "Distinguished names which are accepted in 674 certificates to authorize remote endpoints."; 675 reference 676 "RFC 5280."; 677 } 679 leaf-list remote-subject-fqdn { 680 type inet:domain-name; 681 description 682 "Fully qualified domain names that are accepted in 683 certificates to authorize remote endpoints."; 684 reference 685 "RFC 5280."; 686 } 687 } 689 grouping transport-session-state-parameters { 690 description 691 "State parameters of a Transport Session originating 692 from an Exporting Process or terminating at a Collecting 693 Process. Parameter names and semantics correspond to the 694 managed objects in IPFIX-MIB."; 695 reference 696 "RFC 5101; RFC 6615, Section 8 697 (ipfixTransportSessionEntry, 698 ipfixTransportSessionStatsEntry)."; 700 leaf ipfix-version { 701 type uint16; 702 description 703 "Used for Exporting Processes, this parameter 704 contains the version number of the IPFIX protocol that the 705 Exporter uses to export its data in this Transport Session. 707 Used for Collecting Processes, this parameter contains the 708 version number of the IPFIX protocol it receives for 709 this Transport Session. If IPFIX Messages of different 710 IPFIX protocol versions are received, this parameter 711 contains the maximum version number. 713 Note that this parameter corresponds to 714 ipfixTransportSessionIpfixVersion in the IPFIX MIB 715 module."; 717 reference 718 "RFC 6615, Section 8 719 (ipfixTransportSessionIpfixVersion)."; 720 } 722 leaf source-ip-address { 723 type inet:ip-address; 724 description 725 "The source address of the Exporter of the 726 IPFIX Transport Session. "; 727 reference 728 "RFC 6615, Section 8 729 (ipfixTransportSessionSourceAddressType, 730 ipfixTransportSessionSourceAddress); 731 RFC 4960, Section 6.4."; 732 } 734 leaf destination-ip-address { 735 type inet:ip-address; 736 description 737 "The destination IP address of the 738 path that is selected by the Exporter to 739 send IPFIX messages to the Collector. 741 In the case of TCP, it is possible 742 that if an FQDN address is configured it 743 resolves into many IP addresses. 745 Note that this parameter functionally corresponds to 746 ipfixTransportSessionDestinationAddressType and 747 ipfixTransportSessionDestinationAddress in the IPFIX MIB 748 module."; 749 reference 750 "RFC 6615, Section 8 751 (ipfixTransportSessionDestinationAddressType, 752 ipfixTransportSessionDestinationAddress); 753 RFC 4960, Section 6.4."; 754 } 756 leaf source-port { 757 type inet:port-number; 758 description 759 "The transport-protocol port number of the 760 Exporter of the IPFIX Transport Session. 762 Note that this parameter corresponds to 763 ipfixTransportSessionSourcePort in the IPFIX MIB module."; 764 reference 765 "RFC 6615, Section 8 766 (ipfixTransportSessionSourcePort)."; 767 } 769 leaf destination-port { 770 type inet:port-number; 771 description 772 "The transport-protocol port number of the 773 Collector of the IPFIX Transport Session. 775 Note that this parameter corresponds to 776 ipfixTransportSessionDestinationPort in the IPFIX MIB 777 module."; 778 reference 779 "RFC 6615, Section 8 780 (ipfixTransportSessionDestinationPort)."; 781 } 783 leaf status { 784 type transport-session-status; 785 description 786 "Status of the Transport Session. 788 Note that this parameter corresponds to 789 ipfixTransportSessionStatus in the IPFIX MIB module."; 790 reference 791 "RFC 6615, Section 8 (ipfixTransportSessionStatus)."; 792 } 794 leaf rate { 795 type yang:gauge32; 796 units "bytes per second"; 797 description 798 "The number of bytes per second transmitted by the 799 Exporting Process or received by the Collecting Process. 800 This parameter is updated every second. 802 Note that this parameter corresponds to 803 ipfixTransportSessionRate in the IPFIX MIB module."; 804 reference 805 "RFC 6615, Section 8 (ipfixTransportSessionRate)."; 806 } 808 leaf bytes { 809 type yang:counter64; 810 units "bytes"; 811 description 812 "The number of bytes transmitted by the 813 Exporting Process or received by the Collecting Process. 814 Discontinuities in the value of this counter can occur at 815 re-initialization of the management system, and at other 816 times as indicated by the value of 817 transportSessionDiscontinuityTime. 819 Note that this parameter corresponds to 820 ipfixTransportSessionBytes in the IPFIX MIB module."; 821 reference 822 "RFC 6615, Section 8 (ipfixTransportSessionBytes)."; 823 } 825 leaf messages { 826 type yang:counter64; 827 units "IPFIX Messages"; 828 description 829 "The number of messages transmitted by the 830 Exporting Process or received by the Collecting Process. 831 Discontinuities in the value of this counter can occur at 832 re-initialization of the management system, and at other 833 times as indicated by the value of 834 transportSessionDiscontinuityTime. 836 Note that this parameter corresponds to 837 ipfixTransportSessionMessages in the IPFIX MIB module."; 838 reference 839 "RFC 6615, Section 8 840 (ipfixTransportSessionMessages)."; 841 } 843 leaf discarded-messages { 844 type yang:counter64; 845 units "IPFIX Messages"; 846 description 847 "Used for Exporting Processes, this parameter 848 indicates the number of messages that could not be sent due 849 to internal buffer overflows, network congestion, routing 850 issues, etc. Used for Collecting Process, this parameter 851 indicates the number of received IPFIX Message that are 852 malformed, cannot be decoded, are received in the wrong 853 order or are missing according to the sequence number. 854 Discontinuities in the value of this counter can occur at 855 re-initialization of the management system, and at other 856 times as indicated by the value of 857 transport-session-discontinuity-time. 859 Note that this parameter corresponds to 860 ipfixTransportSessionDiscardedMessages in the IPFIX MIB 861 module."; 862 reference 863 "RFC 6615, Section 8 864 (ipfixTransportSessionDiscardedMessages)."; 865 } 867 leaf records { 868 type yang:counter64; 869 units "Data Records"; 870 description 871 "The number of Data Records transmitted by the 872 Exporting Process or received by the Collecting Process. 873 Discontinuities in the value of this counter can occur at 874 re-initialization of the management system, and at other 875 times as indicated by the value of 876 transportSessionDiscontinuityTime. 878 Note that this parameter corresponds to 879 ipfixTransportSessionRecords in the IPFIX MIB module."; 880 reference 881 "RFC 6615, Section 8 882 (ipfixTransportSessionRecords)."; 883 } 885 leaf templates { 886 type yang:counter32; 887 units "Templates"; 888 description 889 "The number of Templates transmitted by the 890 Exporting Process or received by the Collecting Process. 891 Discontinuities in the value of this counter can occur at 892 re-initialization of the management system, and at other 893 times as indicated by the value of 894 transportSessionDiscontinuityTime. 896 Note that this parameter corresponds to 897 ipfixTransportSessionTemplates in the IPFIX MIB module."; 898 reference 899 "RFC 6615, Section 8 900 (ipfixTransportSessionTemplates)."; 901 } 903 leaf options-templates { 904 type yang:counter32; 905 units "Options Templates"; 906 description 907 "The number of Option Templates transmitted by the 908 Exporting Process or received by the Collecting Process. 910 Discontinuities in the value of this counter can occur at 911 re-initialization of the management system, and at other 912 times as indicated by the value of 913 transportSessionDiscontinuityTime. 915 Note that this parameter corresponds to 916 ipfixTransportSessionOptionsTemplates in the IPFIX MIB 917 module."; 918 reference 919 "RFC 6615, Section 8 920 (ipfixTransportSessionOptionsTemplates)."; 921 } 923 leaf transport-session-start-time { 924 type yang:date-and-time; 925 description 926 "Timestamp of the start of the given Transport 927 Session. 929 This state parameter does not correspond to any object in 930 the IPFIX MIB module."; 931 } 933 leaf transport-session-discontinuity-time { 934 type yang:date-and-time; 935 description 936 "Timestamp of the most recent occasion at which 937 one or more of the Transport Session counters suffered a 938 discontinuity. 940 Note that this parameter functionally corresponds to 941 ipfixTransportSessionDiscontinuityTime in the IPFIX MIB 942 module. In contrast to 943 ipfixTransportSessionDiscontinuityTime, the time is 944 absolute and not relative to sysUpTime."; 945 reference 946 "RFC 6615, Section 8 947 (ipfixTransportSessionDiscontinuityTime)."; 948 } 950 list template { 951 description 952 "This list contains the Templates and Options 953 Templates that are transmitted by the Exporting Process 954 or received by the Collecting Process. 956 Withdrawn or invalidated (Options) Templates MUST be removed 957 from this list."; 959 uses template-parameters-state; 960 } 961 } 963 grouping template-parameters-state { 964 description 965 "State parameters of a Template used by an Exporting 966 Process or received by a Collecting Process in a specific 967 Transport Session. Parameter names and semantics 968 correspond to the managed objects in IPFIX-MIB"; 969 reference 970 "RFC 5101; RFC 6615, Section 8 (ipfixTemplateEntry, 971 ipfixTemplateDefinitionEntry, ipfixTemplateStatsEntry)"; 973 leaf observation-domain-id { 974 type uint32; 975 description 976 "The ID of the Observation Domain for which this 977 Template is defined. 979 Note that this parameter corresponds to 980 ipfixTemplateObservationDomainId in the IPFIX MIB module."; 981 reference 982 "RFC 6615, Section 8 983 (ipfixTemplateObservationDomainId)."; 984 } 986 leaf template-id { 987 type uint16 { 988 range "256..65535"; 989 } 990 description 991 "This number indicates the Template ID in the IPFIX 992 message. 993 Note that this parameter corresponds to ipfixTemplateId in 994 the IPFIX MIB module."; 995 reference 996 "RFC 6615, Section 8 (ipfixTemplateId)."; 997 } 999 leaf set-id { 1000 type uint16; 1001 description 1002 "This number indicates the Set ID of the Template. 1003 Currently, there are two values defined. The value 2 1004 is used for Sets containing Template definitions. 1005 The value 3 is used for Sets containing Options 1006 Template definitions. Note that this parameter 1007 corresponds to ipfixTemplateSetId 1008 in the IPFIX MIB module."; 1009 reference 1010 "RFC 6615, Section 8 (ipfixTemplateSetId)."; 1011 } 1013 leaf access-time { 1014 type yang:date-and-time; 1015 description 1016 "Used for Exporting Processes, this parameter 1017 contains the time when this (Options) Template was last 1018 sent to the Collector(s) or written to the file. 1019 Used for Collecting Processes, this parameter contains the 1020 time when this (Options) Template was last received from the 1021 Exporter or read from the file. 1022 Note that this parameter corresponds to 1023 ipfixTemplateAccessTime in the IPFIX MIB module."; 1024 reference 1025 "RFC 6615, Section 8 ( 1026 ipfixTemplateAccessTime)."; 1027 } 1029 leaf template-data-records { 1030 type yang:counter64; 1031 description 1032 "The number of transmitted or received Data 1033 Records defined by this (Options) Template. 1034 Discontinuities in the value of this counter can occur at 1035 re-initialization of the management system, and at other 1036 times as indicated by the value of 1037 templateDiscontinuityTime. 1038 Note that this parameter corresponds to 1039 ipfixTemplateDataRecords in the IPFIX MIB module."; 1040 reference 1041 "RFC 6615, Section 8 (ipfixTemplateDataRecords)."; 1042 } 1044 leaf template-discontinuity-time { 1045 type yang:date-and-time; 1046 description 1047 "Timestamp of the most recent occasion at which 1048 the counter templateDataRecords suffered a discontinuity. 1049 Note that this parameter functionally corresponds to 1050 ipfixTemplateDiscontinuityTime in the IPFIX MIB module. 1051 In contrast to ipfixTemplateDiscontinuityTime, the time 1052 is absolute and not relative to sysUpTime."; 1053 reference 1054 "RFC 6615, Section 8 1055 (ipfixTemplateDiscontinuityTime)."; 1056 } 1058 list field { 1059 description 1060 "This list contains the (Options) Template 1061 fields of which the (Options) Template is defined. 1062 The order of the list corresponds to the order of the fields 1063 in the (Option) Template Record."; 1065 leaf ie-id { 1066 type ie-id-type; 1067 description 1068 "This parameter indicates the Information 1069 Element identifier of the field. 1071 Note that this parameter corresponds to 1072 ipfixTemplateDefinitionIeId in the IPFIX MIB module."; 1073 reference 1074 "RFC 5101; RFC 6615, Section 8 1075 (ipfixTemplateDefinitionIeId)."; 1076 } 1078 leaf ie-length { 1079 type uint16; 1080 units "octets"; 1081 description 1082 "This parameter indicates the length of the 1083 Information Element of the field. 1085 Note that this parameter corresponds to 1086 ipfixTemplateDefinitionIeLength in the IPFIX MIB 1087 module."; 1088 reference 1089 "RFC 5101; RFC 6615, Section 8 1090 (ipfixTemplateDefinitionIeLength)."; 1091 } 1093 leaf ie-enterprise-number { 1094 type uint32; 1095 description 1096 "This parameter indicates the IANA enterprise 1097 number of the authority defining the Information Element 1098 identifier. 1099 If the Information Element is not enterprise-specific, 1100 this state parameter is zero. 1102 Note that this parameter corresponds to 1103 ipfixTemplateDefinitionIeEnterpriseNumber in the IPFIX 1104 MIB module."; 1105 reference 1106 "RFC 6615, Section 8 1107 (ipfixTemplateDefinitionIeEnterpriseNumber); 1108 IANA registry for Private Enterprise Numbers, 1109 http://www.iana.org/assignments/enterprise-numbers."; 1110 } 1112 leaf is-flow-key { 1113 when "../../set-id = 2" { 1114 description 1115 "This parameter is available for non-Options 1116 Templates (Set ID is 2)."; 1117 } 1118 type empty; 1119 description 1120 "If present, this is a Flow Key field. 1122 Note that this corresponds to flowKey(1) being set in 1123 ipfixTemplateDefinitionFlags."; 1124 reference 1125 "RFC 6615, Section 8 1126 (ipfixTemplateDefinitionFlags)."; 1127 } 1129 leaf is-scope { 1130 when "../../set-id = 3" { 1131 description 1132 "This parameter is available for Options 1133 Templates (Set ID is 3)."; 1134 } 1135 type empty; 1136 description 1137 "If present, this is a scope field. 1139 Note that this corresponds to scope(0) being set in 1140 ipfixTemplateDefinitionFlags."; 1141 reference 1142 "RFC 6615, Section 8 1143 (ipfixTemplateDefinitionFlags)."; 1144 } 1145 } 1146 } 1148 grouping common-collector-parameters { 1149 description 1150 "Parameters of a Collecting Process that are 1151 common to all transport protocols."; 1153 leaf local-port { 1154 type inet:port-number; 1155 description 1156 "If not configured, the Monitoring Device uses the 1157 default port number for IPFIX, which is 4739 without 1158 TLS or DTLS and 4740 if TLS or DTLS is activated."; 1159 } 1161 container transport-layer-security { 1162 presence 1163 "The presence of this container indicates TLS is enabled."; 1164 description 1165 "TLS or DTLS configuration."; 1167 uses transport-layer-security-parameters; 1168 } 1169 } 1171 grouping common-collector-parameters-state { 1172 description 1173 "Parameters of a Collecting Process that are 1174 common to all transport protocols."; 1176 list transport-session { 1177 key name; 1178 config false; 1179 description 1180 "This list contains the currently established 1181 Transport Sessions terminating at the given socket."; 1183 leaf name { 1184 type name-type; 1185 description 1186 "The name of the transporter session."; 1187 } 1189 uses transport-session-state-parameters; 1190 } 1191 } 1193 grouping tcp-collector-parameters { 1194 description 1195 "Parameters of a listening TCP socket at a 1196 Collecting Process."; 1198 uses common-collector-parameters; 1200 choice local-address-method { 1201 description 1202 "Method to configure the local IP address 1203 of the collecting process. Note that it is 1204 expected that other methods be available. Those 1205 method can augment this choice."; 1207 case local-address { 1208 leaf-list local-ip-address { 1209 type inet:ip-address; 1210 description 1211 "List of local IP addresses on which the Collecting 1212 Process listens for IPFIX Messages."; 1213 } 1214 } 1215 } 1216 } 1218 grouping collecting-process-parameters { 1219 description 1220 "Parameters of a Collecting Process."; 1222 list tcp-collector { 1223 if-feature tcp-transport; 1224 key "name"; 1225 description 1226 "List of TCP receivers (sockets) on which the 1227 Collecting Process receives IPFIX Messages."; 1229 leaf name { 1230 type name-type; 1231 description 1232 "Name of the TCP collector."; 1233 } 1235 uses tcp-collector-parameters; 1237 uses common-collector-parameters-state; 1238 } 1239 } 1241 grouping exporting-process-parameters { 1242 description 1243 "Parameters of an Exporting Process."; 1245 leaf export-mode { 1246 type identityref { 1247 base export-mode; 1248 } 1249 default 'parallel'; 1250 description 1251 "This parameter determines to which configured 1252 destination(s) the incoming Data Records are exported."; 1253 } 1255 list destination { 1256 key "name"; 1257 min-elements 1; 1258 description 1259 "List of export destinations."; 1261 leaf name { 1262 type name-type; 1263 description 1264 "Export destination name."; 1265 } 1267 choice destination-parameters { 1268 mandatory true; 1269 description 1270 "Destination configuration."; 1272 container tcp-exporter { 1273 if-feature tcp-transport; 1274 description 1275 "TCP parameters."; 1277 uses tcp-exporter-parameters; 1279 container transport-session { 1280 config false; 1281 description 1282 "Transport session state data."; 1284 uses transport-session-state-parameters; 1285 } 1286 } 1287 } 1288 } 1290 list options { 1291 key "name"; 1292 description 1293 "List of options reported by the Exporting Process."; 1295 leaf name { 1296 type name-type; 1297 description 1298 "Name of the option."; 1299 } 1300 uses options-parameters; 1301 } 1302 } 1304 grouping common-exporter-parameters { 1305 description 1306 "Parameters of en export destination that are 1307 common to all transport protocols."; 1309 leaf ipfix-version { 1310 type uint16; 1311 default '10'; 1312 description 1313 "IPFIX version number."; 1314 reference 1315 "RFC 5101."; 1316 } 1318 leaf destination-port { 1319 type inet:port-number; 1320 description 1321 "If not configured by the user, the Monitoring 1322 Device uses the default port number for IPFIX, which is 1323 4739 without TLS or DTLS and 4740 if TLS or DTLS is 1324 activated."; 1325 } 1327 leaf send-buffer-size { 1328 type uint32; 1329 units "bytes"; 1330 description 1331 "Size of the socket send buffer. 1333 If not configured by the user, this parameter is set by 1334 the Monitoring Device."; 1335 } 1337 leaf rate-limit { 1338 type uint32; 1339 units "bytes per second"; 1340 description 1341 "Maximum number of bytes per second the Exporting 1342 Process may export to the given destination. The number of 1343 bytes is calculated from the lengths of the IPFIX Messages 1344 exported. If not configured, no rate limiting is 1345 performed."; 1346 reference 1347 "RFC 5476, Section 6.3."; 1348 } 1350 container transport-layer-security { 1351 presence 1352 "The presence of this container indicates TLS is enabled."; 1353 description 1354 "TLS or DTLS configuration."; 1356 uses transport-layer-security-parameters; 1357 } 1358 } 1360 grouping tcp-exporter-parameters { 1361 description 1362 "Parameters of a TCP export destination."; 1364 uses common-exporter-parameters; 1366 choice source-method { 1367 description 1368 "Method to configure the source IP address 1369 of the exporter. 1371 Note that it is expected that other methods be available. 1372 Those methods can augment this choice."; 1374 case source-address { 1375 leaf source-address { 1376 type inet:ip-address; 1377 description 1378 "Select the source IP address used by the Exporting 1379 Process."; 1380 } 1381 } 1382 } 1384 choice destination-method { 1385 mandatory true; 1386 description 1387 "Method to configuring the IP address destination 1388 of the Collection Process to which IPFIX Messages are sent. 1390 Note it is expected that if other methods are available 1391 that they would augment from this statement."; 1393 case destination-address { 1394 leaf destination-address { 1395 type inet:host; 1396 description 1397 "Destination IP address or hostname. A hostname may 1398 resolve to one or more IP addresses."; 1399 } 1400 } 1401 } 1402 } 1404 grouping options-parameters { 1405 description 1406 "Parameters specifying the data export using an 1407 Options Template."; 1409 leaf options-type { 1410 type identityref { 1411 base options-type; 1412 } 1413 mandatory true; 1414 description 1415 "Type of the exported options data."; 1416 } 1418 leaf options-timeout { 1419 type uint32; 1420 units "milliseconds"; 1421 description 1422 "Time interval for periodic export of the options 1423 data. If set to zero, the export is triggered when the 1424 options data has changed. 1426 If not configured by the user, this parameter is set by the 1427 Monitoring Device."; 1428 } 1429 } 1431 container ipfix { 1432 description 1433 "IPFIX Exporter and/or Collector data nodes."; 1435 list collecting-process { 1436 if-feature collector; 1437 key "name"; 1438 description 1439 "Collecting Process of the Monitoring Device."; 1441 leaf name { 1442 type name-type; 1443 description 1444 "Name of the collecting process."; 1445 } 1447 uses collecting-process-parameters; 1449 leaf-list exporting-process { 1450 if-feature exporter; 1451 type leafref { 1452 path "/ietf-ipfix:ipfix" 1453 + "/ietf-ipfix:exporting-process" 1454 + "/ietf-ipfix:name"; 1455 } 1456 description 1457 "Export of received records without any 1458 modifications. Records are processed by all Exporting 1459 Processes in the list."; 1460 } 1461 } 1463 list exporting-process { 1464 if-feature exporter; 1465 key "name"; 1466 description 1467 "List of Exporting Processes of the IPFIX Monitoring Device 1468 for which configuration will be applied."; 1470 leaf name { 1471 type name-type; 1472 description 1473 "Name of the exporting process."; 1474 } 1476 uses exporting-process-parameters; 1478 leaf exporting-process-id { 1479 type uint32; 1480 config false; 1481 description 1482 "The identifier of the Exporting Process. 1483 This parameter corresponds to the Information Element 1484 exportingProcessId. Its occurrence helps to associate 1485 Exporting Process parameters with Exporing Process 1486 statistics exported by the Monitoring Device using the 1487 Exporting Process Reliability Statistics Template as 1488 defined by the IPFIX protocol specification."; 1489 reference 1490 "RFC 5101, Section 4.3; IANA registry for IPFIX 1491 Entities, http://www.iana.org/assignments/ipfix."; 1492 } 1493 } 1494 } 1495 } 1497 1499 3.2. ietf-psamp 1501 3.2.1. ietf-psamp Module Structure 1503 This document defines the YANG module "ietf-psamp", which has the 1504 following structure: 1506 module: ietf-psamp 1507 augment /ietf-ipfix:ipfix: 1508 +--rw psamp 1509 +--rw observation-point* [name] {meter}? 1510 | +--rw name ietf-ipfix:name-type 1511 | +--rw observation-domain-id uint32 1512 | +--rw interface-ref* if:interface-ref 1513 | +--rw ent-physical-name* string 1514 | +--rw direction? direction 1515 | +--rw selection-process* -> /ietf-ipfix:ipfix/psamp/selection-process/name 1516 +--rw selection-process* [name] {meter}? 1517 | +--rw name ietf-ipfix:name-type 1518 | +--rw selector* [name] 1519 | | +--rw name ietf-ipfix:name-type 1520 | | +--rw (method) 1521 | | | +--:(select-all) 1522 | | | | +--rw select-all? empty 1523 | | | +--:(samp-count-based) 1524 | | | | +--rw samp-count-based {psamp-samp-count-based}? 1525 | | | | +--rw packet-interval uint32 1526 | | | | +--rw packet-space uint32 1527 | | | +--:(samp-time-based) 1528 | | | | +--rw samp-time-based {psamp-samp-time-based}? 1529 | | | | +--rw time-interval uint32 1530 | | | | +--rw time-space uint32 1531 | | | +--:(samp-rand-out-of-n) 1532 | | | | +--rw samp-rand-out-of-n {psamp-samp-rand-out-of-n}? 1533 | | | | +--rw size uint32 1534 | | | | +--rw population uint32 1535 | | | +--:(samp-uni-prob) 1536 | | | | +--rw samp-uni-prob {psamp-samp-uni-prob}? 1537 | | | | +--rw probability decimal64 1538 | | | +--:(filter-match) 1539 | | | | +--rw filter-match {psamp-filter-match}? 1540 | | | | +--rw (name-or-id) 1541 | | | | | +--:(ie-name) 1542 | | | | | | +--rw ie-name? ietf-ipfix:ie-name-type 1543 | | | | | +--:(ie-id) 1544 | | | | | +--rw ie-id? ietf-ipfix:ie-id-type 1545 | | | | +--rw ie-enterprise-number? uint32 1546 | | | | +--rw value string 1547 | | | +--:(filter-hash) 1548 | | | +--rw filter-hash {psamp-filter-hash}? 1549 | | | +--rw hash-function? identityref 1550 | | | +--rw initializer-value? uint64 1551 | | | +--rw ip-payload-offset? uint64 1552 | | | +--rw ip-payload-size? uint64 1553 | | | +--rw digest-output? boolean 1554 | | | +--rw selected-range* [name] 1555 | | | | +--rw name ietf-ipfix:name-type 1556 | | | | +--rw min? uint64 1557 | | | | +--rw max? uint64 1558 | | | +--ro output-range-min? uint64 1559 | | | +--ro output-range-max? uint64 1560 | | +--ro packets-observed? yang:counter64 1561 | | +--ro packets-dropped? yang:counter64 1562 | | +--ro selector-discontinuity-time? yang:date-and-time 1563 | +--rw cache? -> /ietf-ipfix:ipfix/psamp/cache/name 1564 | +--ro selection-sequence* [] 1565 | +--ro observation-domain-id? uint32 1566 | +--ro selection-sequence-id? uint64 1567 +--rw cache* [name] {meter}? 1568 +--rw name ietf-ipfix:name-type 1569 +--ro metering-process-id? uint32 1570 +--ro data-records? yang:counter64 1571 +--ro cache-discontinuity-time? yang:date-and-time 1572 +--rw (cache-type) 1573 | +--:(immediate-cache) 1574 | | +--rw immediate-cache {immediate-cache}? 1575 | | +--rw cache-layout 1576 | | +--rw cache-field* [name] 1577 | | +--rw name ietf-ipfix:name-type 1578 | | +--rw (name-or-id) 1579 | | | +--:(ie-name) 1580 | | | | +--rw ie-name? ietf-ipfix:ie-name-type 1581 | | | +--:(ie-id) 1582 | | | +--rw ie-id? ietf-ipfix:ie-id-type 1583 | | +--rw ie-length? uint16 1584 | | +--rw ie-enterprise-number? uint32 1585 | | +--rw is-flow-key? empty 1586 | +--:(timeout-cache) 1587 | | +--rw timeout-cache {timeout-cache}? 1588 | | +--rw max-flows? uint32 1589 | | +--rw active-timeout? uint32 1590 | | +--rw idle-timeout? uint32 1591 | | +--rw export-interval? uint32 1592 | | +--rw cache-layout 1593 | | | +--rw cache-field* [name] 1594 | | | +--rw name ietf-ipfix:name-type 1595 | | | +--rw (name-or-id) 1596 | | | | +--:(ie-name) 1597 | | | | | +--rw ie-name? ietf-ipfix:ie-name-type 1598 | | | | +--:(ie-id) 1599 | | | | +--rw ie-id? ietf-ipfix:ie-id-type 1600 | | | +--rw ie-length? uint16 1601 | | | +--rw ie-enterprise-number? uint32 1602 | | | +--rw is-flow-key? empty 1603 | | +--ro active-flows? yang:gauge32 1604 | | +--ro unused-cache-entries? yang:gauge32 1605 | +--:(natural-cache) 1606 | | +--rw natural-cache {natural-cache}? 1607 | | +--rw max-flows? uint32 1608 | | +--rw active-timeout? uint32 1609 | | +--rw idle-timeout? uint32 1610 | | +--rw export-interval? uint32 1611 | | +--rw cache-layout 1612 | | | +--rw cache-field* [name] 1613 | | | +--rw name ietf-ipfix:name-type 1614 | | | +--rw (name-or-id) 1615 | | | | +--:(ie-name) 1616 | | | | | +--rw ie-name? ietf-ipfix:ie-name-type 1617 | | | | +--:(ie-id) 1618 | | | | +--rw ie-id? ietf-ipfix:ie-id-type 1619 | | | +--rw ie-length? uint16 1620 | | | +--rw ie-enterprise-number? uint32 1621 | | | +--rw is-flow-key? empty 1622 | | +--ro active-flows? yang:gauge32 1623 | | +--ro unused-cache-entries? yang:gauge32 1624 | +--:(permanent-cache) 1625 | +--rw permanent-cache {permanent-cache}? 1626 | +--rw max-flows? uint32 1627 | +--rw active-timeout? uint32 1628 | +--rw idle-timeout? uint32 1629 | +--rw export-interval? uint32 1630 | +--rw cache-layout 1631 | | +--rw cache-field* [name] 1632 | | +--rw name ietf-ipfix:name-type 1633 | | +--rw (name-or-id) 1634 | | | +--:(ie-name) 1635 | | | | +--rw ie-name? ietf-ipfix:ie-name-type 1636 | | | +--:(ie-id) 1637 | | | +--rw ie-id? ietf-ipfix:ie-id-type 1638 | | +--rw ie-length? uint16 1639 | | +--rw ie-enterprise-number? uint32 1640 | | +--rw is-flow-key? empty 1641 | +--ro active-flows? yang:gauge32 1642 | +--ro unused-cache-entries? yang:gauge32 1643 +--rw exporting-process* -> /ietf-ipfix:ipfix/exporting-process/name {ietf-ipfix:exporter}? 1645 3.2.2. ietf-psamp YANG module 1647 This YANG Module imports typedefs from [RFC6991]. 1649 file "ietf-psamp@2018-10-22.yang" 1651 module ietf-psamp { 1652 yang-version 1.1; 1654 namespace "urn:ietf-params:xml:ns:yang:ietf-psamp"; 1656 prefix ietf-psamp; 1658 import ietf-yang-types { 1659 prefix yang; 1660 } 1662 import ietf-ipfix { 1663 prefix ietf-ipfix; 1664 } 1666 import ietf-interfaces { 1667 prefix if; 1668 } 1670 organization 1671 "TBD"; 1673 contact 1674 "TBD"; 1676 description 1677 "TBD. 1679 Copyright (c) 2018 IETF Trust and the persons identified 1680 as authors of the code. All rights reserved. 1682 Redistribution and use in source and binary forms, with or 1683 without modification, is permitted pursuant to, and subject 1684 to the license terms contained in, the Simplified BSD License 1685 set forth in Section 4.c of the IETF Trust's Legal Provisions 1686 Relating to IETF Documents 1687 (http://trustee.ietf.org/license-info). 1689 This version of this YANG module is part of XXX; see the RFC 1690 itself for full legal notices."; 1692 revision 2018-10-22 { 1693 description 1694 "Initial revision."; 1695 reference 1696 "Internet draft: draft-ipfix-psamp-bulk-data-yang-model-00"; 1697 } 1699 feature meter { 1700 description 1701 "If supported, Observation Points, Selection 1702 Processes, and Caches can be configured."; 1703 } 1705 feature psamp-samp-count-based { 1706 description 1707 "If supported, the Monitoring Device supports 1708 count-based Sampling. The Selector method sampCountBased can 1709 be configured."; 1710 } 1712 feature psamp-samp-time-based { 1713 description 1714 "If supported, the Monitoring Device supports 1715 time-based Sampling. The Selector method sampTimeBased can 1716 be configured."; 1717 } 1719 feature psamp-samp-rand-out-of-n { 1720 description 1721 "If supported, the Monitoring Device supports 1722 random n-out-of-N Sampling. The Selector method 1723 sampRandOutOfN can be configured."; 1724 } 1725 feature psamp-samp-uni-prob { 1726 description 1727 "If supported, the Monitoring Device supports 1728 uniform probabilistic Sampling. The Selector method 1729 sampUniProb can be configured."; 1730 } 1732 feature psamp-filter-match { 1733 description 1734 "If supported, the Monitoring Device supports 1735 property match Filtering. The Selector method filterMatch 1736 can be configured."; 1737 } 1739 feature psamp-filter-hash { 1740 description 1741 "If supported, the Monitoring Device supports 1742 hash-based Filtering. The Selector method filterHash can be 1743 configured."; 1744 } 1746 feature immediate-cache { 1747 description 1748 "If supported, the Monitoring Device supports 1749 Caches generating PSAMP Packet Reports by configuration with 1750 immediateCache."; 1751 } 1753 feature timeout-cache { 1754 description 1755 "If supported, the Monitoring Device supports 1756 Caches generating IPFIX Flow Records by configuration with 1757 timeoutCache."; 1758 } 1760 feature natural-cache { 1761 description 1762 "If supported, the Monitoring Device supports 1763 Caches generating IPFIX Flow Records by configuration with 1764 naturalCache."; 1765 } 1767 feature permanent-cache { 1768 description 1769 "If supported, the Monitoring Device supports 1770 Caches generating IPFIX Flow Records by configuration with 1771 permanentCache."; 1772 } 1773 identity bob { 1774 base hash-function; 1775 description 1776 "BOB hash function."; 1777 reference 1778 "RFC 5475, Section 6.2.4.1."; 1779 } 1781 identity ipsx { 1782 base hash-function; 1783 description 1784 "IPSX hash function."; 1785 reference 1786 "RFC 5475, Section 6.2.4.1."; 1787 } 1789 identity crc { 1790 base hash-function; 1791 description 1792 "CRC hash function."; 1793 reference 1794 "RFC 5475, Section 6.2.4.1."; 1795 } 1797 identity hash-function { 1798 description 1799 "Base identity for all hash functions used for 1800 hash-based packet Filtering."; 1801 } 1803 typedef if-name-type { 1804 type string { 1805 length "1..255"; 1806 } 1807 description 1808 "This corresponds to the DisplayString textual 1809 convention of SNMPv2-TC, which is used for ifName in the IF 1810 MIB module."; 1811 reference 1812 "RFC 2863 (ifName)."; 1813 } 1815 typedef direction { 1816 type enumeration { 1817 enum "ingress" { 1818 value 0; 1819 description 1820 "This value is used for monitoring incoming packets."; 1822 } 1823 enum "egress" { 1824 value 1; 1825 description 1826 "This value is used for monitoring outgoing packets."; 1827 } 1828 enum "both" { 1829 value 2; 1830 description 1831 "This value is used for monitoring incoming and 1832 outgoing packets."; 1833 } 1834 } 1835 description 1836 "Direction of packets going through an interface."; 1837 } 1839 grouping observation-point-parameters { 1840 description 1841 "Interface as input to Observation Point."; 1842 leaf observation-domain-id { 1843 type uint32; 1844 mandatory true; 1845 description 1846 "The Observation Domain ID associates the 1847 Observation Point to an Observation Domain. Observation 1848 Points with identical Observation Domain IDs belong to the 1849 same Observation Domain. 1851 Note that this parameter corresponds to 1852 ipfixObservationPointObservationDomainId in the IPFIX MIB 1853 module."; 1854 reference 1855 "RFC 5101; RFC 6615, Section 8 1856 (ipfixObservationPointObservationDomainId)."; 1857 } 1859 leaf-list interface-ref { 1860 type if:interface-ref; 1861 description 1862 "List of names identifying interfaces of the 1863 Monitoring Device. The Observation Point observes packets at 1864 the specified interfaces."; 1865 } 1867 leaf-list ent-physical-name { 1868 type string; 1869 description 1870 "List of names identifying physical entities of the 1871 Monitoring Device. The Observation Point observes packets at 1872 the specified entities."; 1873 } 1875 leaf direction { 1876 type direction; 1877 default "both"; 1878 description 1879 "Direction of packets. If not applicable (e.g., in 1880 the case of a sniffing interface in promiscuous mode), this 1881 parameter is ignored."; 1882 } 1883 } 1885 grouping samp-count-based-parameters { 1886 description 1887 "Configuration parameters of a Selector applying 1888 systematic count-based packet Sampling to the packet 1889 stream."; 1890 reference 1891 "RFC 5475, Section 5.1; RFC 5476, Section 6.5.2.1."; 1893 leaf packet-interval { 1894 type uint32; 1895 units "packets"; 1896 mandatory true; 1897 description 1898 "The number of packets that are consecutively 1899 sampled between gaps of length packetSpace. 1901 This parameter corresponds to the Information Element 1902 samplingPacketInterval and to psampSampCountBasedInterval 1903 in the PSAMP MIB module."; 1904 reference 1905 "RFC 5477, Section 8.2.2; RFC 6727, Section 6 1906 (psampSampCountBasedInterval)."; 1907 } 1909 leaf packet-space { 1910 type uint32; 1911 units "packets"; 1912 mandatory true; 1913 description 1914 "The number of unsampled packets between two 1915 Sampling intervals. 1917 This parameter corresponds to the Information Element 1918 samplingPacketSpace and to psampSampCountBasedSpace 1919 in the PSAMP MIB module."; 1920 reference 1921 "RFC 5477, Section 8.2.3; RFC 6727, Section 6 1922 (psampSampCountBasedSpace)."; 1923 } 1924 } 1926 grouping samp-time-based-parameters { 1927 description 1928 "Configuration parameters of a Selector applying 1929 systematic time-based packet Sampling to the packet 1930 stream."; 1931 reference 1932 "RFC 5475, Section 5.1; RFC 5476, Section 6.5.2.2."; 1934 leaf time-interval { 1935 type uint32; 1936 units "microseconds"; 1937 mandatory true; 1938 description 1939 "The time interval in microseconds during 1940 which all arriving packets are sampled between gaps 1941 of length timeSpace. 1943 This parameter corresponds to the Information Element 1944 samplingTimeInterval and to psampSampTimeBasedInterval 1945 in the PSAMP MIB module."; 1946 reference 1947 "RFC 5477, Section 8.2.4; RFC 6727, Section 6 1948 (psampSampTimeBasedInterval)."; 1949 } 1951 leaf time-space { 1952 type uint32; 1953 units "microseconds"; 1954 mandatory true; 1955 description 1956 "The time interval in microseconds during 1957 which no packets are sampled between two Sampling 1958 intervals specified by timeInterval. 1960 This parameter corresponds to the Information Element 1961 samplingTimeInterval and to psampSampTimeBasedSpace 1962 in the PSAMP MIB module."; 1963 reference 1964 "RFC 5477, Section 8.2.5; RFC 6727, Section 6 1965 (psampSampTimeBasedSpace)."; 1967 } 1968 } 1970 grouping samp-rand-out-of-n-parameters { 1971 description 1972 "Configuration parameters of a Selector applying 1973 n-out-of-N packet Sampling to the packet stream."; 1974 reference 1975 "RFC 5475, Section 5.2.1; RFC 5476, Section 6.5.2.3."; 1977 leaf size { 1978 type uint32; 1979 units "packets"; 1980 mandatory true; 1981 description 1982 "The number of elements taken from the parent 1983 population. 1985 This parameter corresponds to the Information Element 1986 samplingSize and to psampSampRandOutOfNSize in the PSAMP 1987 MIB module."; 1988 reference 1989 "RFC 5477, Section 8.2.6; RFC 6727, Section 6 1990 (psampSampRandOutOfNSize)."; 1991 } 1993 leaf population { 1994 type uint32; 1995 units "packets"; 1996 mandatory true; 1997 description 1998 "The number of elements in the parent 1999 population. 2001 This parameter corresponds to the Information Element 2002 samplingPopulation and to psampSampRandOutOfNPopulation 2003 in the PSAMP MIB module."; 2004 reference 2005 "RFC 5477, Section 8.2.7; RFC 6727, Section 6 2006 (psampSampRandOutOfNPopulation)."; 2007 } 2008 } 2010 grouping samp-uni-prob-parameters { 2011 description 2012 "Configuration parameters of a Selector applying 2013 uniform probabilistic packet Sampling (with equal 2014 probability per packet) to the packet stream."; 2016 reference 2017 "RFC 5475, Section 5.2.2.1; 2018 RFC 5476, Section 6.5.2.4."; 2020 leaf probability { 2021 type decimal64 { 2022 fraction-digits 18; 2023 range "0..1"; 2024 } 2025 mandatory true; 2026 description 2027 "Probability that a packet is sampled, 2028 expressed as a value between 0 and 1. The probability 2029 is equal for every packet. 2031 This parameter corresponds to the Information Element 2032 samplingProbability and to psampSampUniProbProbability 2033 in the PSAMP MIB module."; 2034 reference 2035 "RFC 5477, Section 8.2.8; RFC 6727, Section 6 2036 (psampSampUniProbProbability)."; 2037 } 2038 } 2040 grouping filter-match-parameters { 2041 description 2042 "Configuration parameters of a Selector applying 2043 property match Filtering to the packet stream. 2045 The field to be matched is specified as an Information 2046 Element."; 2047 reference 2048 "RFC 5475, Section 6.1; RFC 5476, Section 6.5.2.5."; 2050 choice name-or-id { 2051 mandatory true; 2052 description 2053 "The field to be matched is specified by 2054 either the name or the identifier of the Information 2055 Element."; 2057 leaf ie-name { 2058 type ietf-ipfix:ie-name-type; 2059 description 2060 "Name of the Information Element."; 2061 } 2063 leaf ie-id { 2064 type ietf-ipfix:ie-id-type; 2065 description 2066 "Identifier of the Information Element."; 2067 } 2068 } 2070 leaf ie-enterprise-number { 2071 type uint32; 2072 default '0'; 2073 description 2074 "If this parameter is zero, the Information 2075 Element is registered in the IANA registry of IPFIX 2076 Information Elements. 2078 If this parameter is configured with a non-zero private 2079 enterprise number, the Information Element is 2080 enterprise-specific."; 2081 reference 2082 "IANA registry for Private Enterprise Numbers, 2083 http://www.iana.org/assignments/enterprise-numbers; 2084 IANA registry for IPFIX Entities, 2085 http://www.iana.org/assignments/ipfix."; 2086 } 2088 leaf value { 2089 type string; 2090 mandatory true; 2091 description 2092 "Matching value of the Information Element."; 2093 } 2094 } 2096 grouping filter-hash-parameters { 2097 description 2098 "Configuration parameters of a Selector applying 2099 hash-based Filtering to the packet stream."; 2100 reference 2101 "RFC 5475, Section 6.2; RFC 5476, Section 6.5.2.6."; 2103 leaf hash-function { 2104 type identityref { 2105 base hash-function; 2106 } 2107 default 'bob'; 2108 description 2109 "Hash function to be applied. According to 2110 RFC 5475, Section 6.2.4.1, 'BOB' must be used in order to 2111 be compliant with PSAMP. 2113 This parameter functionally corresponds to 2114 psampFiltHashFunction in the PSAMP MIB module."; 2115 reference 2116 "RFC 6727, Section 6 (psampFiltHashFunction)"; 2117 } 2119 leaf initializer-value { 2120 type uint64; 2121 description 2122 "Initializer value to the hash function. 2123 If not configured by the user, the Monitoring Device 2124 arbitrarily chooses an initializer value. 2126 This parameter corresponds to the Information Element 2127 hashInitialiserValue and to psampFiltHashInitializerValue 2128 in the PSAMP MIB module."; 2129 reference 2130 "RFC 5477, Section 8.3.9; RFC 6727, Section 6 2131 (psampFiltHashInitializerValue)."; 2132 } 2134 leaf ip-payload-offset { 2135 type uint64; 2136 units "octets"; 2137 default '0'; 2138 description 2139 "IP payload offset indicating the position of 2140 the first payload byte considered as input to the hash 2141 function. 2142 Default value 0 corresponds to the minimum offset that 2143 must be configurable according to RFC 5476, Section 2144 6.5.2.6. 2146 This parameter corresponds to the Information Element 2147 hashIPPayloadOffset and to psampFiltHashIpPayloadOffset 2148 in the PSAMP MIB module."; 2149 reference 2150 "RFC 5477, Section 8.3.2; RFC 6727, Section 6 2151 (psampFiltHashIpPayloadOffset)."; 2152 } 2154 leaf ip-payload-size { 2155 type uint64; 2156 units "octets"; 2157 default '8'; 2158 description 2159 "Number of IP payload bytes used as input to 2160 the hash function, counted from the payload offset. 2162 If the IP payload is shorter than the payload range, 2163 all available payload octets are used as input. 2164 Default value 8 corresponds to the minimum IP payload 2165 size that must be configurable according to RFC 5476, 2166 Section 6.5.2.6. 2168 This parameter corresponds to the Information Element 2169 hashIPPayloadSize and to psampFiltHashIpPayloadSize 2170 in the PSAMP MIB module."; 2171 reference 2172 "RFC 5477, Section 8.3.3; RFC 6727, Section 6 2173 (psampFiltHashIpPayloadSize)."; 2174 } 2176 leaf digest-output { 2177 type boolean; 2178 default 'false'; 2179 description 2180 "If true, the output from this Selector is 2181 included in the Packet Report as a packet digest. 2182 Therefore, the configured Cache Layout needs to contain 2183 a digestHashValue field. 2185 This parameter corresponds to the Information Element 2186 hashDigestOutput."; 2187 reference 2188 "RFC 5477, Section 8.3.8."; 2189 } 2191 list selected-range { 2192 key "name"; 2193 min-elements 1; 2194 description 2195 "List of hash function return ranges for 2196 which packets are selected."; 2198 leaf name { 2199 type ietf-ipfix:name-type; 2200 description 2201 "Name of the selected range."; 2202 } 2204 leaf min { 2205 type uint64; 2206 description 2207 "Beginning of the hash function's selected 2208 range. 2210 This parameter corresponds to the Information Element 2211 hashSelectedRangeMin and to psampFiltHashSelectedRangeMin 2212 in the PSAMP MIB module."; 2213 reference 2214 "RFC 5477, Section 8.3.6; RFC 6727, Section 6 2215 (psampFiltHashSelectedRangeMin)."; 2216 } 2218 leaf max { 2219 type uint64; 2220 description 2221 "End of the hash function's selected range. 2223 This parameter corresponds to the Information Element 2224 hashSelectedRangeMax and to psampFiltHashSelectedRangeMax 2225 in the PSAMP MIB module."; 2226 reference 2227 "RFC 5477, Section 8.3.7; RFC 6727, Section 6 2228 (psampFiltHashSelectedRangeMax)."; 2229 } 2230 } 2231 } 2233 grouping filter-hash-parameters-state { 2234 description 2235 "Configuration parameters of a Selector applying 2236 hash-based Filtering to the packet stream."; 2237 reference 2238 "RFC 5475, Section 6.2; RFC 5476, Section 6.5.2.6."; 2240 leaf output-range-min { 2241 type uint64; 2242 config false; 2243 description 2244 "Beginning of the hash function's potential 2245 range. 2247 This parameter corresponds to the Information Element 2248 hashOutputRangeMin and to psampFiltHashOutputRangeMin 2249 in the PSAMP MIB module."; 2250 reference 2251 "RFC 5477, Section 8.3.4; RFC 6727, Section 6 2252 (psampFiltHashOutputRangeMin)."; 2253 } 2255 leaf output-range-max { 2256 type uint64; 2257 config false; 2258 description 2259 "End of the hash function's potential range. 2261 This parameter corresponds to the Information Element 2262 hashOutputRangeMax and to psampFiltHashOutputRangeMax 2263 in the PSAMP MIB module."; 2264 reference 2265 "RFC 5477, Section 8.3.5; RFC 6727, Section 6 2266 (psampFiltHashOutputRangeMax)."; 2267 } 2268 } 2270 grouping selector-parameters { 2271 description 2272 "Configuration and state parameters of a Selector."; 2274 choice method { 2275 mandatory true; 2276 description 2277 "Packet selection method applied by the Selector."; 2279 leaf select-all { 2280 type empty; 2281 description 2282 "Method that selects all packets."; 2283 } 2285 container samp-count-based { 2286 if-feature psamp-samp-count-based; 2287 description 2288 "Systematic count-based packet Sampling."; 2290 uses samp-count-based-parameters; 2291 } 2293 container samp-time-based { 2294 if-feature psamp-samp-time-based; 2295 description 2296 "Systematic time-based packet Sampling."; 2298 uses samp-time-based-parameters; 2299 } 2301 container samp-rand-out-of-n { 2302 if-feature psamp-samp-rand-out-of-n; 2303 description 2304 "n-out-of-N packet Sampling."; 2306 uses samp-rand-out-of-n-parameters; 2307 } 2309 container samp-uni-prob { 2310 if-feature psamp-samp-uni-prob; 2311 description 2312 "Uniform probabilistic packet Sampling."; 2314 uses samp-uni-prob-parameters; 2315 } 2317 container filter-match { 2318 if-feature psamp-filter-match; 2319 description 2320 "Property match Filtering."; 2322 uses filter-match-parameters; 2323 } 2325 container filter-hash { 2326 if-feature psamp-filter-hash; 2327 description 2328 "Hash-based Filtering."; 2330 uses filter-hash-parameters; 2331 uses filter-hash-parameters-state; 2332 } 2333 } 2334 } 2336 grouping selector-parameters-state { 2337 description 2338 "Configuration and state parameters of a Selector."; 2340 leaf packets-observed { 2341 type yang:counter64; 2342 config false; 2343 description 2344 "The number of packets observed at the input of 2345 the Selector. 2347 If this is the first Selector in the Selection Process, 2348 this counter corresponds to the total number of packets in 2349 all Observed Packet Streams at the input of the Selection 2350 Process. Otherwise, the counter corresponds to the total 2351 number of packets at the output of the preceding Selector. 2352 Discontinuities in the value of this counter can occur at 2353 re-initialization of the management system, and at other 2354 times as indicated by the value of 2355 selectorDiscontinuityTime. 2357 Note that this parameter corresponds to 2358 ipfixSelectorStatsPacketsObserved in the IPFIX MIB 2359 module."; 2360 reference 2361 "RFC 6615, Section 8 2362 (ipfixSelectorStatsPacketsObserved)."; 2363 } 2365 leaf packets-dropped { 2366 type yang:counter64; 2367 config false; 2368 description 2369 "The total number of packets discarded by the 2370 Selector. 2372 Discontinuities in the value of this counter can occur at 2373 re-initialization of the management system, and at other 2374 times as indicated by the value of 2375 selectorDiscontinuityTime. 2377 Note that this parameter corresponds to 2378 ipfixSelectorStatsPacketsDropped in the IPFIX MIB 2379 module."; 2380 reference 2381 "RFC 6615, Section 8 2382 (ipfixSelectorStatsPacketsDropped)."; 2383 } 2385 leaf selector-discontinuity-time { 2386 type yang:date-and-time; 2387 config false; 2388 description 2389 "Timestamp of the most recent occasion at which 2390 one or more of the Selector counters suffered a 2391 discontinuity. 2393 Note that this parameter functionally corresponds to 2394 ipfixSelectionProcessStatsDiscontinuityTime in the IPFIX 2395 MIB module. In contrast to 2396 ipfixSelectionProcessStatsDiscontinuityTime, the time is 2397 absolute and not relative to sysUpTime."; 2398 reference 2399 "RFC 6615, Section 8 2400 (ipfixSelectionProcessStatsDiscontinuityTime)."; 2401 } 2403 } 2405 grouping cache-layout-parameters { 2406 description 2407 "Cache Layout parameters used by immediateCache, 2408 timeoutCache, naturalCache, and permanentCache."; 2410 container cache-layout { 2411 description 2412 "Cache Layout parameters."; 2414 list cache-field { 2415 key "name"; 2416 min-elements 1; 2417 description 2418 "Superset of fields that are included in the 2419 Packet Reports or Flow Records generated by the Cache."; 2421 leaf name { 2422 type ietf-ipfix:name-type; 2423 description 2424 "Name of the cache field."; 2425 } 2427 choice name-or-id { 2428 mandatory true; 2429 description 2430 "Name or identifier of the Information 2431 Element."; 2432 reference 2433 "RFC 5102, Section 2; IANA registry for IPFIX 2434 Entities, http://www.iana.org/assignments/ipfix."; 2436 leaf ie-name { 2437 type ietf-ipfix:ie-name-type; 2438 description 2439 "Name of the Information Element."; 2440 } 2442 leaf ie-id { 2443 type ietf-ipfix:ie-id-type; 2444 description 2445 "Identifier of the Information Element."; 2446 } 2447 } 2449 leaf ie-length { 2450 type uint16; 2451 units "octets"; 2452 description 2453 "Length of the field in which the Information 2454 Element is encoded. A value of 65535 specifies a 2455 variable-length Information Element. For Information 2456 Elements of integer and float type, the field length MAY 2457 be set to a smaller value than the standard length of 2458 the abstract data type if the rules of reduced size 2459 encoding are fulfilled. 2461 If not configured by the user, this parameter is set by 2462 the Monitoring Device."; 2463 reference 2464 "RFC 5101, Section 6.2."; 2465 } 2467 leaf ie-enterprise-number { 2468 type uint32; 2469 default '0'; 2470 description 2471 "If this parameter is zero, the Information 2472 Element is registered in the IANA registry of IPFIX 2473 Information Elements. 2475 If this parameter is configured with a non-zero private 2476 enterprise number, the Information Element is 2477 enterprise-specific. 2479 If the enterprise number is set to 29305, this field 2480 contains a Reverse Information Element. In this case, 2481 the Cache MUST generate Data Records in accordance to 2482 RFC 5103."; 2483 reference 2484 "RFC 5101; RFC 5103; 2485 IANA registry for Private Enterprise Numbers, 2486 http://www.iana.org/assignments/enterprise-numbers; 2487 IANA registry for IPFIX Entities, 2488 http://www.iana.org/assignments/ipfix."; 2489 } 2491 leaf is-flow-key { 2492 when 2493 "(name(../../..) != 'immediate-cache') 2494 and 2495 ((count(../ie-enterprise-number) = 0) 2496 or 2497 (../ie-enterprise-number != 29305))" { 2498 description 2499 "This parameter is not available for 2500 Reverse Information Elements (which have enterprise 2501 number 29305). It is also not available for 2502 immediateCache."; 2503 } 2504 type empty; 2505 description 2506 "If present, this is a flow key."; 2507 } 2508 } 2509 } 2510 } 2512 grouping flow-cache-parameters { 2513 description 2514 "Configuration parameters of a Cache generating Flow Records."; 2516 leaf max-flows { 2517 type uint32; 2518 units "flows"; 2519 description 2520 "This parameter configures the maximum number of 2521 Flows in the Cache, which is the maximum number of Flows 2522 that can be measured simultaneously. 2524 The Monitoring Device MUST ensure that sufficient resources 2525 are available to store the configured maximum number of 2526 Flows. 2528 If the maximum number of Flows is measured, an additional 2529 Flow can be measured only if an existing entry is removed. 2530 However, traffic that pertains to existing Flows can 2531 continue to be measured."; 2532 } 2534 leaf active-timeout { 2535 when "(name(..) = 'timeout-cache') or 2536 (name(..) = 'natural-cache')" { 2537 description 2538 "This parameter is only available for 2539 timeoutCache and naturalCache."; 2540 } 2541 type uint32; 2542 units "seconds"; 2543 description 2544 "This parameter configures the time in 2545 seconds after which a Flow is expired even though packets 2546 matching this Flow are still received by the Cache. 2548 The parameter value zero indicates infinity, meaning that 2549 there is no active timeout. 2551 If not configured by the user, the Monitoring Device sets 2552 this parameter. 2554 Note that this parameter corresponds to 2555 ipfixMeteringProcessCacheActiveTimeout in the IPFIX 2556 MIB module."; 2557 reference 2558 "RFC 6615, Section 8 2559 (ipfixMeteringProcessCacheActiveTimeout)."; 2560 } 2562 leaf idle-timeout { 2563 when 2564 "(name(..) = 'timeout-cache') or 2565 (name(..) = 'natural-cache')" { 2566 description 2567 "This parameter is only available for 2568 timeoutCache and naturalCache."; 2569 } 2570 type uint32; 2571 units "seconds"; 2572 description 2573 "This parameter configures the time in 2574 seconds after which a Flow is expired if no more packets 2575 matching this Flow are received by the Cache. 2577 The parameter value zero indicates infinity, meaning that 2578 there is no idle timeout. 2580 If not configured by the user, the Monitoring Device sets 2581 this parameter. 2583 Note that this parameter corresponds to 2584 ipfixMeteringProcessCacheIdleTimeout in the IPFIX 2585 MIB module."; 2586 reference 2587 "RFC 6615, Section 8 2588 (ipfixMeteringProcessCacheIdleTimeout)."; 2589 } 2591 leaf export-interval { 2592 when "name(..) = 'permanent-cache'" { 2593 description 2594 "This parameter is only available for permanentCache."; 2595 } 2596 type uint32; 2597 units "seconds"; 2598 description 2599 "This parameter configures the interval (in 2600 seconds) for periodical export of Flow Records. 2601 If not configured by the user, the Monitoring Device sets 2602 this parameter."; 2603 } 2604 } 2606 grouping flow-cache-parameters-state { 2607 description 2608 "State parameters of a Cache generating Flow Records."; 2610 leaf active-flows { 2611 type yang:gauge32; 2612 units "flows"; 2613 config false; 2614 description 2615 "The number of Flows currently active in this Cache. 2617 Note that this parameter corresponds to 2618 ipfixMeteringProcessCacheActiveFlows in the IPFIX MIB 2619 module."; 2620 reference 2621 "RFC 6615, Section 8 2622 (ipfixMeteringProcessCacheActiveFlows)."; 2623 } 2625 leaf unused-cache-entries { 2626 type yang:gauge32; 2627 units "flows"; 2628 config false; 2629 description 2630 "The number of unused Cache entries in this 2631 Cache. 2633 Note that this parameter corresponds to 2634 ipfixMeteringProcessCacheUnusedCacheEntries in the IPFIX 2635 MIB module."; 2636 reference 2637 "RFC 6615, Section 8 2638 (ipfixMeteringProcessCacheUnusedCacheEntries)."; 2639 } 2640 } 2642 augment '/ietf-ipfix:ipfix' { 2643 description 2644 "Augment IPFIX transport to add PSAMP."; 2646 container psamp { 2647 description 2648 "Container for PSAMP configuration."; 2650 list observation-point { 2651 if-feature meter; 2652 key "name"; 2653 description 2654 "Observation Point of the Monitoring Device."; 2656 leaf name { 2657 type ietf-ipfix:name-type; 2658 description "Name of the observation point."; 2659 } 2661 uses observation-point-parameters; 2663 leaf-list selection-process { 2664 type leafref { 2665 path "/ietf-ipfix:ipfix/psamp/selection-process/name"; 2666 } 2667 description 2668 "Selection Processes in this list process 2669 packets in parallel."; 2670 } 2671 } 2673 list selection-process { 2674 if-feature meter; 2675 key "name"; 2676 description 2677 "Selection Process of the Monitoring Device."; 2679 leaf name { 2680 type ietf-ipfix:name-type; 2681 description 2682 "Name of the selection process."; 2683 } 2685 list selector { 2686 key "name"; 2687 min-elements 1; 2688 ordered-by user; 2689 description 2690 "List of Selectors that define the action of the 2691 Selection Process on a single packet. The Selectors 2692 are serially invoked in the same order as they appear 2693 in this list."; 2695 leaf name { 2696 type ietf-ipfix:name-type; 2697 description 2698 "Name of the selector."; 2699 } 2701 uses selector-parameters; 2703 uses selector-parameters-state; 2704 } 2706 leaf cache { 2707 type leafref { 2708 path "/ietf-ipfix:ipfix/psamp/cache/name"; 2709 } 2710 description 2711 "Cache that receives the output of the 2712 Selection Process."; 2713 } 2715 list selection-sequence { 2716 config false; 2717 description 2718 "This list contains the Selection Sequence IDs 2719 that are assigned by the Monitoring Device to 2720 distinguish different Selection Sequences passing 2721 through the Selection Process. 2723 As Selection Sequence IDs are unique per Observation 2724 Domain, the corresponding Observation Domain IDs are 2725 included as well. 2727 With this information, it is possible to associate 2728 Selection Sequence (Statistics) Report Interpretations 2729 exported according to the PSAMP protocol with a 2730 Selection Process in the configuration data."; 2731 reference 2732 "RFC 5476."; 2734 leaf observation-domain-id { 2735 type uint32; 2736 description 2737 "Observation Domain ID for which the 2738 Selection Sequence ID is assigned."; 2739 } 2740 leaf selection-sequence-id { 2741 type uint64; 2742 description 2743 "Selection Sequence ID used in the Selection 2744 Sequence (Statistics) Report Interpretation."; 2745 } 2746 } 2747 } 2749 list cache { 2750 if-feature meter; 2751 key "name"; 2752 description 2753 "Cache of the Monitoring Device."; 2755 leaf name { 2756 type ietf-ipfix:name-type; 2757 description 2758 "Name of the cache."; 2759 } 2761 leaf metering-process-id { 2762 type uint32; 2763 config false; 2764 description 2765 "The identifier of the Metering Process this 2766 Cache belongs to. 2768 This parameter corresponds to the Information Element 2769 meteringProcessId. Its occurrence helps to associate 2770 Cache parameters with Metering Process statistics 2771 exported by the Monitoring Device using the Metering 2772 Process (Reliability) Statistics Template as 2773 defined by the IPFIX protocol specification."; 2774 reference 2775 "RFC 5101, Sections 4.1 and 4.2; 2776 IANA registry for IPFIX Entities, 2777 http://www.iana.org/assignments/ipfix."; 2778 } 2780 leaf data-records { 2781 type yang:counter64; 2782 units "Data Records"; 2783 config false; 2784 description 2785 "The number of Data Records generated by this 2786 Cache. 2788 Discontinuities in the value of this counter can occur 2789 at re-initialization of the management system, and at 2790 other times as indicated by the value of 2791 cacheDiscontinuityTime. 2793 Note that this parameter corresponds to 2794 ipfixMeteringProcessDataRecords in the IPFIX MIB 2795 module."; 2796 reference 2797 "RFC 6615, Section 8 2798 (ipfixMeteringProcessDataRecords)."; 2799 } 2801 leaf cache-discontinuity-time { 2802 type yang:date-and-time; 2803 config false; 2804 description 2805 "Timestamp of the most recent occasion at which 2806 the counter dataRecords suffered a discontinuity. 2808 Note that this parameter functionally corresponds to 2809 ipfixMeteringProcessDiscontinuityTime in the IPFIX MIB 2810 module. In contrast to 2811 ipfixMeteringProcessDiscontinuityTime, the time is 2812 absolute and not relative to sysUpTime."; 2813 reference 2814 "RFC 6615, Section 8 2815 (ipfixMeteringProcessDiscontinuityTime)."; 2816 } 2818 choice cache-type { 2819 mandatory true; 2820 description 2821 "Type of Cache and specific parameters."; 2823 container immediate-cache { 2824 if-feature immediate-cache; 2825 description 2826 "Flow expiration after the first packet; 2827 generation of Packet Records."; 2829 uses cache-layout-parameters; 2830 } 2832 container timeout-cache { 2833 if-feature timeout-cache; 2834 description 2835 "Flow expiration after active and idle 2836 timeout; generation of Flow Records."; 2838 uses flow-cache-parameters; 2839 uses cache-layout-parameters; 2840 uses flow-cache-parameters-state; 2842 } 2844 container natural-cache { 2845 if-feature natural-cache; 2846 description 2847 "Flow expiration after active and idle 2848 timeout, or on natural termination (e.g., TCP FIN or 2849 TCP RST) of the Flow; generation of Flow Records."; 2850 uses flow-cache-parameters; 2851 uses cache-layout-parameters; 2852 uses flow-cache-parameters-state; 2853 } 2855 container permanent-cache { 2856 if-feature permanent-cache; 2857 description 2858 "No flow expiration, periodical export with 2859 time interval exportInterval; generation of Flow 2860 Records."; 2861 uses flow-cache-parameters; 2862 uses cache-layout-parameters; 2863 uses flow-cache-parameters-state; 2864 } 2865 } 2867 leaf-list exporting-process { 2868 if-feature ietf-ipfix:exporter; 2869 type leafref { 2870 path "/ietf-ipfix:ipfix" 2871 + "/ietf-ipfix:exporting-process" 2872 + "/ietf-ipfix:name"; 2873 } 2874 description 2875 "Records are exported by all Exporting Processes 2876 in the list."; 2877 } 2878 } 2879 } 2880 } 2881 } 2883 2885 3.3. ietf-bulk-data-export 2887 3.3.1. ietf-bulk-data-export Module Structure 2889 This document defines the YANG module "ietf-bulk-data-export", which 2890 has the following tentative structure: 2892 TBD 2894 3.3.2. ietf-bulk-data-export YANG module 2896 This YANG Module imports typedefs from [RFC6991]. 2898 TBD 2900 4. IANA Considerations 2902 This document registers a URI in the "IETF XML Registry". [RFC3688]. 2903 Following the format in RFC 3688, the following registration has been 2904 made. 2906 URI: urn:ietf:params:xml:ns:yang:ietf-TBD 2907 Registrant Contact: The IESG. 2908 XML: N/A, the requested URI is an XML namespace. 2910 This document registers a YANG module in the "YANG Module Names" 2911 registry. Following the format in [RFC7950], the following has been 2912 registered. 2914 Name: ietf-TBD 2915 Namespace: urn:ietf:params:xml:ns:yang:ietf-TBD 2916 Prefix: TBD 2917 Reference: TBD 2919 5. Security Considerations 2921 The YANG module specified in this document defines a schema for data 2922 that is designed to be accessed via network management protocols such 2923 as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer 2924 is the secure transport layer, and the mandatory-to-implement secure 2925 transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer 2926 is HTTPS, and the mandatory-to-implement secure transport is TLS 2927 [RFC5246]. 2929 The NETCONF access control model [RFC6536] provides the means to 2930 restrict access for particular NETCONF or RESTCONF users to a 2931 preconfigured subset of all available NETCONF or RESTCONF protocol 2932 operations and content. 2934 There are a number of data nodes defined in this YANG module that are 2935 writable/creatable/deletable (i.e., config true, which is the 2936 default). These data nodes may be considered sensitive or vulnerable 2937 in some network environments. Write operations (e.g., edit-config) 2938 to these data nodes without proper protection can have a negative 2939 effect on network operations. These are the subtrees and data nodes 2940 and their sensitivity/vulnerability: 2942 o /ipfix/psamp/observation-point: The configuration parameters in 2943 this subtree specify where packets are observed and by which 2944 Selection Processes they will be processed. Write access to this 2945 subtree allows observing packets at arbitrary interfaces or 2946 linecards of the Monitoring Device and may thus lead to the export 2947 of sensitive traffic information. 2949 o /ipfix/psamp/selection-process: The configuration parameters in 2950 this subtree specify for which packets information will be 2951 reported in Packet Reports or Flow Records. Write access to this 2952 subtree allows changing the subset of packets for which 2953 information will be reported and may thus lead to the export of 2954 sensitive traffic information. 2956 o /ipfix/psamp/cache: The configuration parameters in this subtree 2957 specify the fields included in Packet Reports or Flow Records. 2958 Write access to this subtree allows adding fields which may 2959 contain sensitive traffic information, such as IP addresses or 2960 parts of the packet payload. 2962 o /ipfix/exporting-process: The configuration parameters in this 2963 subtree specify to which Collectors Packet Reports or Flow Records 2964 are exported. Write access to this subtree allows exporting 2965 potentially sensitive traffic information to illegitimate 2966 Collectors. Furthermore, TLS/DTLS parameters can be changed, 2967 which may affect the mutual authentication between Exporters and 2968 Collectors as well as the encrypted transport of the data. 2970 o /ipfix/collecting-process: The configuration parameters in this 2971 subtree may specify that collected Packet Reports and Flow Records 2972 are reexported to another Collector or written to a file. Write 2973 access to this subtree potentially allows reexporting or storing 2974 the sensitive traffic information. 2976 Some of the readable data nodes in this YANG module may be considered 2977 sensitive or vulnerable in some network environments. It is thus 2978 important to control read access (e.g., via get, get-config, or 2979 notification) to these data nodes. These are the subtrees and data 2980 nodes and their sensitivity/vulnerability: 2982 o /ipfix/psamp/observation-point: Parameters in this subtree may be 2983 sensitive because they reveal information about the Monitoring 2984 Device itself and the network infrastructure. 2986 o /ipfix/psamp/selection-process: Parameters in this subtree may be 2987 sensitive because they reveal information about the Monitoring 2988 Device itself and the observed traffic. For example, the counters 2989 packetsObserved and packetsDropped inferring the number of 2990 observed packets. 2992 o /ipfix/psamp/cache: Parameters in this subtree may be sensitive 2993 because they reveal information about the Monitoring Device itself 2994 and the observed traffic. For example, the counters activeFlows 2995 and dataRecords allow inferring the number of measured Flows or 2996 packets. 2998 o /ipfix/exporting-process: Parameters in this subtree may be 2999 sensitive because they reveal information about the network 3000 infrastructure and the outgoing IPFIX Transport Sessions. For 3001 example, it discloses the IP addresses of Collectors as well as 3002 the deployed TLS/DTLS configuration, which may facilitate the 3003 interception of outgoing IPFIX Messages. 3005 o /ipfix/collecting-process: Parameters in this subtree may be 3006 sensitive because they reveal information about the network 3007 infrastructure and the incoming IPFIX Transport Sessions. For 3008 example, it discloses the IP addresses of Exporters as well as the 3009 deployed TLS/DTLS configuration, which may facilitate the 3010 interception of incoming IPFIX Messages. 3012 (The section needs to be expanded to include bulk data export YANG.) 3014 6. Acknowledgments 3016 TBD 3018 7. References 3020 7.1. Normative References 3022 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 3023 Requirement Levels", BCP 14, RFC 2119, 3024 DOI 10.17487/RFC2119, March 1997, 3025 . 3027 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 3028 DOI 10.17487/RFC3688, January 2004, 3029 . 3031 [RFC5476] Claise, B., Ed., Johnson, A., and J. Quittek, "Packet 3032 Sampling (PSAMP) Protocol Specifications", RFC 5476, 3033 DOI 10.17487/RFC5476, March 2009, 3034 . 3036 [RFC6728] Muenz, G., Claise, B., and P. Aitken, "Configuration Data 3037 Model for the IP Flow Information Export (IPFIX) and 3038 Packet Sampling (PSAMP) Protocols", RFC 6728, 3039 DOI 10.17487/RFC6728, October 2012, 3040 . 3042 [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", 3043 RFC 6991, DOI 10.17487/RFC6991, July 2013, 3044 . 3046 [RFC7011] Claise, B., Ed., Trammell, B., Ed., and P. Aitken, 3047 "Specification of the IP Flow Information Export (IPFIX) 3048 Protocol for the Exchange of Flow Information", STD 77, 3049 RFC 7011, DOI 10.17487/RFC7011, September 2013, 3050 . 3052 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 3053 RFC 7950, DOI 10.17487/RFC7950, August 2016, 3054 . 3056 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 3057 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 3058 May 2017, . 3060 [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., 3061 and R. Wilton, "Network Management Datastore Architecture 3062 (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, 3063 . 3065 [RFC8343] Bjorklund, M., "A YANG Data Model for Interface 3066 Management", RFC 8343, DOI 10.17487/RFC8343, March 2018, 3067 . 3069 7.2. Informative References 3071 [BBF.TR-352] 3072 Broadband Forum, "Multi-wavelength PON Inter-Channel- 3073 Termination Protocol (ICTP) Specification", May 2017, 3074 . 3077 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security 3078 (TLS) Protocol Version 1.2", RFC 5246, 3079 DOI 10.17487/RFC5246, August 2008, 3080 . 3082 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 3083 and A. Bierman, Ed., "Network Configuration Protocol 3084 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 3085 . 3087 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 3088 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 3089 . 3091 [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration 3092 Protocol (NETCONF) Access Control Model", RFC 6536, 3093 DOI 10.17487/RFC6536, March 2012, 3094 . 3096 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 3097 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 3098 . 3100 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 3101 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 3102 . 3104 [RFC8407] Bierman, A., "Guidelines for Authors and Reviewers of 3105 Documents Containing YANG Data Models", BCP 216, RFC 8407, 3106 DOI 10.17487/RFC8407, October 2018, 3107 . 3109 Appendix A. Example: ietf-ipfix Usage 3111 This configuration example configures an IPFIX exporter for a BBF 3112 TR-352 ICTP Proxy. 3114 3115 3116 TR352-exporter 3117 3118 ICTP-Proxy1-collector 3119 3120 source-address 3121 192.0.2.1 3122 3123 destination-address 3124 ictp-proxy-1.ngpon2-system1.com 3125 3126 3127 3128 3129 Options 1 3130 extended-type-information 3131 0 3132 3133 3134 3136 This configuration example configures an IPFIX mediator. 3138 3139 3140 OLT-collector 3141 3142 myolt-tcp-collector 3143 local-ip-address 3144 192.100.2.1 3145 3146 3147 OLT-exporter 3148 3149 3150 OLT-exporter 3151 3152 big-collector 3153 3154 source-address 3155 192.100.2.1 3156 3157 destination-address 3158 big-collector1.system.com 3159 3160 3161 Options 1 3162 extended-type-information 3163 0 3164 3165 3166 3168 Appendix B. Example: ietf-psamp Usage 3170 TBD 3172 Appendix C. Example: ietf-bulk-data-export Usage 3174 The configuration example configures a field-layout template: 3176 TBD 3178 Authors' Addresses 3180 Joey Boyd 3181 ADTRAN 3183 Email: joey.boyd@adtran.com 3184 Marta Seda 3185 Calix 3187 Email: marta.seda@calix.com