idnits 2.17.1 draft-boydseda-ipfix-psamp-bulk-data-yang-model-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 1 instance of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 1029 has weird spacing: '...main-id uin...' == Line 1083 has weird spacing: '...nterval uin...' == Line 1087 has weird spacing: '...nterval uin...' == Line 1093 has weird spacing: '...ulation uin...' == Line 1096 has weird spacing: '...ability dec...' == (8 more instances...) -- The document date (March 11, 2019) is 1867 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Possible downref: Non-RFC (?) normative reference: ref. 'IANA-IPFIX' ** Obsolete normative reference: RFC 4960 (Obsoleted by RFC 9260) ** Obsolete normative reference: RFC 6347 (Obsoleted by RFC 9147) Summary: 2 errors (**), 0 flaws (~~), 8 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group J. Boyd 3 Internet-Draft ADTRAN 4 Obsoletes: 6728 (if approved) M. Seda 5 Intended status: Standards Track Calix 6 Expires: September 12, 2019 March 11, 2019 8 YANG Data Models for the IP Flow Information Export (IPFIX) Protocol, 9 Packet Sampling (PSAMP) Protocol, and Bulk Data Export 10 draft-boydseda-ipfix-psamp-bulk-data-yang-model-01 12 Abstract 14 This document defines a flexible modular YANG model for packet 15 sampling (PSAMP) and bulk data collection and export via the IPFIX 16 protocol. This new model is an alternative to the model defined in 17 RFC 6728, "Configuration Data Model for the IP Flow Information 18 Export (IPFIX) and Packet Sampling (PSAMP) Protocols". All 19 functionality modeled in RFC 6728 has been carried over to this new 20 model. 22 The YANG data model in this document conforms to the Network 23 Management Datastore Architecture (NMDA) defined in RFC 8342. 25 This document obsoletes RFC 6728 (if approved). 27 Status of This Memo 29 This Internet-Draft is submitted in full conformance with the 30 provisions of BCP 78 and BCP 79. 32 Internet-Drafts are working documents of the Internet Engineering 33 Task Force (IETF). Note that other groups may also distribute 34 working documents as Internet-Drafts. The list of current Internet- 35 Drafts is at https://datatracker.ietf.org/drafts/current/. 37 Internet-Drafts are draft documents valid for a maximum of six months 38 and may be updated, replaced, or obsoleted by other documents at any 39 time. It is inappropriate to use Internet-Drafts as reference 40 material or to cite them other than as "work in progress." 42 This Internet-Draft will expire on September 12, 2019. 44 Copyright Notice 46 Copyright (c) 2019 IETF Trust and the persons identified as the 47 document authors. All rights reserved. 49 This document is subject to BCP 78 and the IETF Trust's Legal 50 Provisions Relating to IETF Documents 51 (https://trustee.ietf.org/license-info) in effect on the date of 52 publication of this document. Please review these documents 53 carefully, as they describe your rights and restrictions with respect 54 to this document. Code Components extracted from this document must 55 include Simplified BSD License text as described in Section 4.e of 56 the Trust Legal Provisions and are provided without warranty as 57 described in the Simplified BSD License. 59 Table of Contents 61 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 62 1.1. Historical Perspective . . . . . . . . . . . . . . . . . 4 63 1.2. Relationship with RFC 6728 . . . . . . . . . . . . . . . 6 64 1.3. Terminology . . . . . . . . . . . . . . . . . . . . . . . 7 65 1.4. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 13 66 2. Objectives . . . . . . . . . . . . . . . . . . . . . . . . . 14 67 3. Structure of the Configuration Data Model . . . . . . . . . . 14 68 3.1. PSAMP-IPFIX Metered Decomposition . . . . . . . . . . . . 17 69 3.1.1. Metering Process Decomposition in Selection Process 70 and Cache . . . . . . . . . . . . . . . . . . . . . . 17 71 3.1.2. Exporter Configuration . . . . . . . . . . . . . . . 18 72 3.2. Collector/Exporter Model . . . . . . . . . . . . . . . . 20 73 3.2.1. Collector/Exporter Decomposition . . . . . . . . . . 20 74 3.3. Bulk Data Model . . . . . . . . . . . . . . . . . . . . . 20 75 3.3.1. Bulk Data Exporter Decomposition . . . . . . . . . . 21 76 4. Configuration Parameters . . . . . . . . . . . . . . . . . . 21 77 4.1. Observation Point Class . . . . . . . . . . . . . . . . . 21 78 4.2. Selection Process Class . . . . . . . . . . . . . . . . . 23 79 4.2.1. Selection Process Class Method . . . . . . . . . . . 25 80 4.2.2. Selection Process Filter Classes . . . . . . . . . . 27 81 4.3. Cache Class . . . . . . . . . . . . . . . . . . . . . . . 29 82 4.3.1. Immediate Cache Type Class . . . . . . . . . . . . . 31 83 4.3.2. Timeout Cache, Natural Cache, and Permanent Cache 84 Type Class . . . . . . . . . . . . . . . . . . . . . 32 85 4.3.3. Cache Layout Class . . . . . . . . . . . . . . . . . 33 86 4.4. Exporting Process Class . . . . . . . . . . . . . . . . . 36 87 4.4.1. SCTP Exporter Class . . . . . . . . . . . . . . . . . 38 88 4.4.2. UDP Exporter Class . . . . . . . . . . . . . . . . . 40 89 4.4.3. TCP Exporter Class . . . . . . . . . . . . . . . . . 42 90 4.4.4. File Writer Class . . . . . . . . . . . . . . . . . . 43 91 4.4.5. Options Class . . . . . . . . . . . . . . . . . . . . 45 92 4.5. Collecting Process Class . . . . . . . . . . . . . . . . 47 93 4.5.1. SCTP Collector Class . . . . . . . . . . . . . . . . 47 94 4.5.2. UDP Collector Class . . . . . . . . . . . . . . . . . 48 95 4.5.3. TCP Collector Class . . . . . . . . . . . . . . . . . 49 96 4.5.4. File Reader Class . . . . . . . . . . . . . . . . . . 50 98 4.6. Transport Layer Security Class . . . . . . . . . . . . . 51 99 4.7. Transport Session Class . . . . . . . . . . . . . . . . . 54 100 4.8. Template Class . . . . . . . . . . . . . . . . . . . . . 57 101 4.9. Bulk Data Class . . . . . . . . . . . . . . . . . . . . . 59 102 5. Adaptation to Device Capabilities . . . . . . . . . . . . . . 60 103 6. YANG Modules . . . . . . . . . . . . . . . . . . . . . . . . 62 104 6.1. ietf-ipfix . . . . . . . . . . . . . . . . . . . . . . . 63 105 6.1.1. ietf-ipfix Module Structure . . . . . . . . . . . . . 63 106 6.1.2. ietf-ipfix YANG Module . . . . . . . . . . . . . . . 63 107 6.2. ietf-psamp . . . . . . . . . . . . . . . . . . . . . . . 101 108 6.2.1. ietf-psamp Module Structure . . . . . . . . . . . . . 101 109 6.2.2. ietf-psamp YANG module . . . . . . . . . . . . . . . 102 110 6.3. ietf-bulk-data-export . . . . . . . . . . . . . . . . . . 130 111 6.3.1. ietf-bulk-data-export Module Structure . . . . . . . 130 112 6.3.2. ietf-bulk-data-export YANG module . . . . . . . . . . 131 113 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 136 114 8. Security Considerations . . . . . . . . . . . . . . . . . . . 137 115 9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 139 116 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 139 117 10.1. Normative References . . . . . . . . . . . . . . . . . . 139 118 10.2. Informative References . . . . . . . . . . . . . . . . . 142 119 Appendix A. Example: ietf-ipfix Usage . . . . . . . . . . . . . 143 120 Appendix B. Example: ietf-psamp Usage . . . . . . . . . . . . . 145 121 Appendix C. Example: ietf-bulk-data-export Usage . . . . . . . . 148 122 Appendix D. Tree diagrams . . . . . . . . . . . . . . . . . . . 150 123 D.1. ietf-ipfix . . . . . . . . . . . . . . . . . . . . . . . 150 124 D.2. ietf-psamp . . . . . . . . . . . . . . . . . . . . . . . 160 125 D.3. ietf-bulk-data-export . . . . . . . . . . . . . . . . . . 164 126 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 164 128 1. Introduction 130 Bulk data collection is an automated collection of device data that 131 is packaged together and delivered to an IPFIX collector. The IPFIX 132 protocol may be used to transport bulk data such as: 134 o Sampled (metered) Packet SAMPling (PSAMP) data: [RFC5476] defines 135 PSAMP operations that a device may implement to sample packets 136 passing a network element for reporting purposes. 138 o Statistics from interfaces, sub-interfaces and sessions: YANG 139 models define statistics that can be retrieved via protocols such 140 as NETCONF [RFC6241] or RESTCONF [RFC8040]. These statistics can 141 be streamed using an IPFIX transport to an IPFIX collector that 142 supports analytics tools. An operator may wish to take the bulk 143 data and analyze it for trend analysis purposes or other usages 144 (e.g., collect octet counts every 5 minutes for service level 145 agreement purposes or collect reported device temperature for 146 network health purposes). 148 IPFIX can also be used to meet the bulk transport requirements of 149 other protocols. For example: 151 o [BBF.TR-352] ICTP (Inter-Channel Transport Protocol): ICTP uses 152 IPFIX to transport dynamic data (e.g., lease information) across 153 participating NG-PON2 (Next-Generation Passive Optical Network 2) 154 systems. 156 The YANG data model in this document conforms to the Network 157 Management Datastore Architecture (NMDA) defined in [RFC8342]. 159 1.1. Historical Perspective 161 Below is a historical timeline of IETF IPFIX and YANG RFCs: 163 o RFC 5101 (2008), obsoleted by [RFC7011] (2013), defined the IPFIX 164 protocol. 166 o [RFC5476] (2009) defines the PSAMP operations of selection (random 167 selection, deterministic selection or hash-based selection) for 168 capturing or metering packets arriving on a device. 170 o RFC 6020 (2010) and [RFC7950] (2016) define v1.0 and v1.1 of the 171 YANG data modeling language (respectively), and [RFC8342] (2018) 172 updates RFC 7950 to define NMDA (Network Management Datastore 173 Architecture). 175 o [RFC6728] (2012) defined a Packet SAMPling (PSAMP) YANG model for 176 devices that use PSAMP for capturing (for metering purposes) a 177 subset of all packets traversing a device. 179 o RFC 7223 (2014), obsoleted by [RFC8343] (2018), defined a YANG 180 data model for interfaces. 182 o IETF, IEEE, BBF etc. (2015 to 2018) have incorporated reporting of 183 statistics into corresponding YANG models (G.fast, PON, etc.). 185 [RFC6728] defines a single YANG module that performs PSAMP sampling. 186 The collection process (PSAMP) and the IPFIX exporting process are 187 part of the same YANG module. The PSAMP YANG model defines a variety 188 of features. However, it only supports a PSAMP meter and it assumes 189 a device supports SCTP (minimally). Both constructs prove 190 challenging to other applications that use IPFIX for transport of 191 bulk data: 193 o [BBF.TR-352] supports only TCP and TLS as IPFIX transport 194 protocols. The [RFC6728] YANG model does not allow for explicit 195 non-support for SCTP, therefore requiring the need for YANG 196 deviations to announce non-support. 198 * A preferable solution is one that is more flexible (e.g., 199 allows different underlying transport options and avoids the 200 need for deviations to announce non-support for features which 201 an access node is not required to support). 203 o The PSAMP meter does not need to be configured if the observation 204 point is already defined by other YANG models. One could attempt 205 to augment PSAMP YANG to reference where the observation point is 206 being configured (but then would have to express feature "non- 207 support" on features unlikely to be needed or required by access 208 devices). 210 Rather than these approaches, new YANG model have been developed 211 where functionality is separated into different modules such that the 212 functions can be independently leveraged. 214 These are some of the other issues with the current model and how 215 these new models address them: 217 o The PSAMP YANG model defines the frequency of export in the PSAMP 218 cache. Bulk data needs the export frequency to be controlled by 219 the exporting process. 221 * The new models bring the cache closer to the function 222 performing the export. 224 * The bulk data and PSAMP collection processes are modeled 225 independently. 227 o The PSAMP YANG model supports IPFIX mediators. Access nodes may 228 need to support large IPFIX mediation functions. 230 * The transport sessions are modeled such that they can be 231 retrieved individually in addition to retrieving the entire 232 list (which may be quite large for access devices such as an 233 NG-PON2 OLT). 235 o The PSAMP YANG model contains references which correlate to MIB 236 definitions. For example, interfaces are referenced via ifIndex. 237 For most NETCONF managed devices, interfaces are referenced by 238 name as defined in [RFC8343]. 240 * The ability to reference via the interface list in ietf- 241 interfaces [RFC8343] is added alongside the ifName and ifIndex. 243 * The ability to reference via the hardware component list in 244 ietf-hardware [RFC8348] is added alongside the entPhysicalName 245 and entPhysicalIndex. 247 1.2. Relationship with RFC 6728 249 This RFC uses the general principles defined in [RFC6728] with the 250 following exceptions: 252 o [RFC6728] was developed prior to [RFC8407] YANG guidelines 253 publication. This RFC adopts and conforms to the latest YANG 254 guidelines for identifier naming conventions. 256 o The YANG model adds support for [RFC8343] interface references. 258 o The YANG model is separated into the following three modules: 260 * ietf-ipfix: Defines the IPFIX collector and exporter functions. 262 * ietf-psamp: Defines the PSAMP functions for configuring a 263 device to sample/meter a subset of packets from the network. 265 * ietf-bulk-data-export: Defines the bulk data IPFIX templates 266 used to export bulk data. 268 o SCTP data nodes are made optional via the 'sctp' feature for 269 applications not requiring to support SCTP. 271 o IPFIX transport sessions allow transport session information to be 272 retrieved individually. 274 o Source and destination address type choice statements are added to 275 improve extensibility of the model. 277 Applications that use this RFC are expected to only need to import 278 the applicable YANG modules. For example: 280 o PSAMP uses the ietf-ipfix and ietf-psamp modules. 282 o Bulk data export uses the ietf-ipfix and ietf-bulk-data-export 283 modules. 285 o Mediators and file readers/writers use the ietf-ipfix module. 287 1.3. Terminology 289 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 290 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 291 "OPTIONAL" in this document are to be interpreted as described in BCP 292 14 [RFC2119] [RFC8174] when, and only when, they appear in all 293 capitals, as shown here. 295 The following terms are used in this RFC: 297 Bulk Data 298 Bulk data is the collection of data from a device that is packaged 299 together and delivered to an IPFIX collector. 301 Cache 302 The Cache is a functional block in a Metering Process that 303 generates IPFIX Flow Records or PSAMP Packet Reports from a 304 Selected Packet Stream, in accordance with its configuration. If 305 Flow Records are generated, the Cache performs tasks like creating 306 new records, updating existing ones, computing Flow statistics, 307 deriving further Flow properties, detecting Flow expiration, 308 passing Flow Records to the Exporting Process, and deleting Flow 309 Records. If Packet Reports are generated, the Cache performs 310 tasks like extracting packet contents and derived packet 311 properties from the Selected Packet Stream, creating new records, 312 and passing them as Packet Reports to the Exporting Process. 313 [RFC6728] 315 Cache Layout 316 The Cache Layout defines the superset of fields that are included 317 in the Packet Reports or Flow Records maintained by the Cache. 318 [RFC6728] 320 Collector 321 A device that host one or more Collecting Processes is termed a 322 Collector. [RFC7011] 324 Collection Process 325 A Collecting Process received IPFIX messages from one or more 326 Exporting Processes. The Collecting Process might process or 327 store received Flow Records. [RFC7011] 329 Composite Selector 330 A Composite Selector is an ordered composition of Selectors, in 331 which the output Packet Stream issuing from one Selector forms the 332 input Packet Stream to the succeeding Selector. [RFC5476] 334 Data Record 335 A data record is a record that contains values of the parameters 336 corresponding to a template record. [RFC7011] 338 Exporter 339 A device that hosts one or more Exporting Process is termed an 340 Exporter. [RFC7011] 342 Exporting Process 343 Depending on its deployment as part of an IPFIX Device or PSAMP 344 Device, the Exporting Process sends IPFIX Flow Records or PSAMP 345 Packet Reports to one or more Collecting Processes. The IPFIX 346 Flow Records or PSAMP Packet Reports are generated by one or more 347 Metering Processes. [RFC6728] 349 Filtering 350 A filter is a Selector that selects a packet deterministically 351 based on the Packet Content or its treatment or functions of these 352 occurring in the Selection State. Two examples are: 354 * Property Match filtering: A packet is selected if the specific 355 field in the packet equals a predefined value. 357 * Hash-based Selection: A Hash Function is applied to the Packet 358 Content and the packet is selected if the result falls in a 359 specific range. [RFC5476] 361 Flow Key 362 Each of the fields that: 364 * belong to the packet header (e.g., destination IP address), or 366 * are a property of the packet itself (e.g., packet length), or 368 * are derived from Packet Treatment (e.g., Autonomous System (AS) 369 number), and 371 * that are used to define a Flow (i.e., are the properties common 372 to all packets in the Flow) are termed Flow Keys. 374 As an example, the traditional '5-tuple' Flow Key of source and 375 destination IP address, source and destination transport port, and 376 transport protocol, groups together all packets belonging to a 377 single direction of communication on a single socket. [RFC7011] 379 Flow Record 380 A Flow Record contains information about a specific Flow that was 381 observed at an Observation Point. A Flow Record contains measured 382 properties of the Flow (e.g., the total number of bytes for all 383 the Flow's packets) and usually contains characteristic properties 384 of the Flow (e.g., source IP address). [RFC7011] 386 Informational Element 387 An Information Element is a protocol and encoding independent 388 description of an attribute that may appear in an IPFIX Record. 389 Information Elements are defined in the [IANA-IPFIX] Registry]. 390 The type associated with an Information Element indicates 391 constraints on what it may contain and also determines the valid 392 encoding mechanisms for use in IPFIX. [RFC7011] 394 IPFIX Device 395 An IPFIX Device host at least one Exporting Process. It may host 396 further Exporting Processes as well as arbitrary number of 397 Observation Points and Metering Processing. [RFC7011] 399 IPFIX FIle 400 An IPFIX File is a serialized stream of IPFIX Messages; this 401 stream may be stored in a filesystem or transported using some 402 technique customarily used for files. [RFC5655] 404 IPFIX File Writer 405 An IPFIX File Writer is a process that writes IPFIX Files to a 406 filesystem. [RFC5655] 408 IPFIX Mediator 409 An IPFIX Mediator is an IPFIX Device that provides IPFIX Mediation 410 by receiving a record stream from some data sources, hosting one 411 or more Intermediate Processes to transform that stream, and 412 exporting the transformed record stream into IPFIX Messages via an 413 Exporting Process. [RFC7119] 415 IPFIX Message 416 An IPFIX Message is a message that originates at the Exporting 417 Process and carries the IPFIX record for this Exporting Process 418 and whose destination is a Collecting Process. An IPFIX Message 419 is encapsulated at the transport layer. [RFC7011] 421 Metering Process 422 The Metering Process is split into two functional blocks: 424 * Selection Process: A Selection Process takes the Observed 425 Packet Stream as its input and selects a subset of that stream 426 as its output. 428 * Cache: The Cache is a functional block in a Metering Process 429 that generates IPFIX Flow Records or PSAMP Packet Reports from 430 a Selected Packet Stream, in accordance with its configuration. 432 The Metering Process generates IPFIX Flow Records or PSAMP Packet 433 Reports, depending on its deployment as part of an IPFIX Device or 434 PSAMP Device. If IPFIX Flow Records are generated, the Metering 435 Process MUST NOT aggregate packets observed at different 436 Observation Domains in the same Flow. [RFC6728] 438 Monitoring Device 439 A Monitoring Device implements at least one of the functional 440 blocks specified in the context of IPFIX or PSAMP. In particular, 441 the term Monitoring Device encompasses Exporters, Collectors, 442 IPFIX Devices, and PSAMP Devices. [RFC6728] 444 Observation Domain 445 An Observation Domain is the largest set of Observation Points for 446 which Flow Information can be aggregated by a Metering Process. 447 For example, a router line card may be an Observation Domain if it 448 is composed of several interfaces, each of which is an Observation 449 Point. If the IPFIX Message it generates, the Observation Domain 450 includes it Observation Domain ID, which is unique per Exporting 451 Process. That way, the Collecting Process can identify the 452 specific Observation Domain from the Exporter that sends the IPFIX 453 Messages. Every Observation Point is associated with an 454 Observation Domain. It is RECOMMENDED that Observation Domain IDs 455 also be unique per IPFIX Device. [RFC7011] 457 Observation Point 458 An Observation Point is a location in the network where packets 459 can be observed. Examples include a line to which a probe is 460 attached, a shared medium, such as an Ethernet based LAN, a single 461 port of a router, or a set of interfaces (physical or logical) of 462 a router. Note that every Observation Point is associated with an 463 Observation Domain and that one Observation Point can be an entire 464 line card. That would be a subset of the individual Observation 465 Points at the line card's interfaces. [RFC7011] 467 Options Template Record 468 An Options Template Record is a Template Record that defines the 469 structure and interpretation of fields in a Data Record, including 470 defining how to scope the applicability of the Data Record. 471 [RFC7011] 473 Options Template/Options Template Set 474 An Options Template Set is a collection of one or more Options 475 Template Records that have been grouped together in an IPFIX 476 Message. [RFC7011] 478 Packet Report 479 Packet Reports comprise a configurable subset of a packet's input 480 to the Selection Process include the Packet Content, information 481 relating to its treatment (e.g., the output interface) and its 482 associated selection state (e.g., the hash of a packet content). 483 [RFC5476] 485 Primitive Selector 486 A Selector is primitive if it is not a Composite Selector. 487 [RFC5476] 489 PSAMP Device 490 A PSAMP device is a device hosting at least an Observation Point, 491 a Selection Process and an Exporting Process. Typically 492 corresponding Observation Point(s), Selection Process(es) and 493 Exporting Process(es) are co-located at this device, for example, 494 at a router. [RFC5476] 496 Reverse Information Element 497 An Information Element defined as corresponding to a normal (or 498 forward) Information Element, but associated with the reverse 499 direction of a Biflow. [RFC5103] 501 Sampling 502 A Selector that is not a filter is called a Sampling operation. 503 This reflects the intuitive notion that if the selection of a 504 packet cannot be determine from its content alone, there must be 505 some type of Sampling taking place. [RFC5476] 507 Selected Packet Stream 508 The Selected Packet Stream is the set of all packets selected by a 509 Selection Process. [RFC6728] 511 Selection Process 512 A Selection Process takes the Observed Packet Stream as its input 513 and selects a subset of that stream as its output. [RFC5476] 515 Selection Sequence 516 From all the packets observed at an Observation Point, only a few 517 packets are selected by one or more Selectors. The Selection 518 Sequence is a unique value per Observation Domain describing the 519 Observation Point and the Selector IDs through the packets are 520 selected. [RFC5476] 522 Selection Sequence Report Interpretation 523 Each Packet Report contains a selectionSequenceId Information 524 Element that identifies the particular combination of Observation 525 Point and Selector(s) used for its selection. For every 526 selectionSequenceId Information Element in use, the PSAMP Device 527 MUST export a Selection Sequence Report Interpretation using an 528 Options Template. [RFC5476] 530 Selection Sequence Statistics Report Interpretation 531 A Selector MAY be used in multiple Selection Sequences. However, 532 each use of a Selector must be independent, so each separate 533 logical instance of a Selector MUST maintain its own individual 534 Selection State and statistics. The Selection Sequence Statistics 535 Report Interpretation MUST include the number of observed packets 536 (Population Size) and the number of packets selected (Sample Size) 537 by each instance of its Primitive Selectors. [RFC5476] 539 Selection State 540 A Selection Process may maintain state information for use by the 541 Selection Process. At a given time, the Selection State may 542 depend on packets observed at and before that time, and other 543 variables. Examples include: 545 * sequence numbers of packets at the input of Selectors 547 * a timestamp of observation of the packet at the Observation 548 Point 550 * iterators for pseudorandom number generators 552 * hash values calculated during selection 554 * indicators of whether the packet was selected by a given 555 Selector 557 Selection Processes may change portions of the Selection State as 558 a result of processing a packet. Selection state for a packet is 559 to reflect the state after processing the packet. [RFC5476] 561 Selector 562 A Selector defines the action of a Selection Process on a single 563 packet of its input. If selected, the packet becomes an element 564 of the output Packet Stream. The Selector can make use of the 565 following information in determining whether a packet is selected: 567 * the Packet Content 569 * information derived from the packet's treatment at the 570 Observation Point 572 * any selection state that may be maintained by the Selection 573 Process [RFC5476] 575 Selector Report Interpretation 576 An IPFIX Data Record, defined by an Options Template Record, MUST 577 be used to send the configuration details of every Selector in 578 use. The Options Template Record MUST contain: 580 * selectorId Information Element as the Scope field 582 * SelectorAlgorithm Information Element [RFC5476] 584 Template Record 585 A Template Record defines the structure and interpretation of 586 fields in a Data Record. [RFC7011] 588 Template/Template Set 589 A Template Set is a collection of one or more Template Records 590 that have been grouped together in an IPFIX Message. [RFC7011] 592 Traffic Flow or Flow 593 A Flow is defined as a set of packets or frames passing an 594 Observation Point in the network during a certain time interval. 595 All packets belonging to a particular Flow have a set of common 596 properties. Each property is defined as the result of applying a 597 function to the values of: 599 * one or more packet header fields (e.g., destination IP 600 address), transport header fields (e.g., destination port 601 number), or application header fields (e.g., RTP header fields) 603 * one or more characteristics of the packet itself (e.g., number 604 of MPLS labels, etc.) 606 * one or more of the fields derived from Packet Treatment (e.g., 607 next-hop IP address, the output interface, etc.) 609 A packet is defined as belonging to a Flow if it completely 610 satisfies all the defined properties of the Flow. Note that the 611 set of packets represented by a Flow may be empty; that is, a Flow 612 may represent zero or more packets. As sampling is a Packet 613 Treatment, this definition includes packets selected by a sampling 614 mechanism. [RFC7011] 616 1.4. Tree Diagrams 618 Tree diagrams used in this document follow the notation defined in 619 [RFC8340]. 621 2. Objectives 623 This document defines a YANG data model for the configuration and 624 state retrieval of basic IPFIX functionality as well as PSAMP and 625 bulk data export applications over IPFIX. The YANG modules in this 626 document conform to the Network Management Datastore Architecture 627 (NMDA) [RFC8342] and [RFC8407] YANG guidelines. 629 3. Structure of the Configuration Data Model 631 The reference model described in this RFC describes the following 632 models: 634 o A PSAMP/IPFIX metered model based on [RFC6728] where a PSAMP/IPFIX 635 device configures a meter that samples packets passing through a 636 device, applies an IPFIX template to those packets, and exports 637 IPFIX templates/data records to an IPFIX collector. 639 o An IPFIX collector/exporter model based on [RFC6728] where an 640 IPFIX device can: 642 * terminate multiple IPFIX sessions to a collection process and 643 then exports those IPFIX packets to an external IPFIX collector 644 or 646 * read an IPFIX formatted file into the collection process and 647 export that file to a destination location. 649 o A bulk data model where an IPFIX template is applied to configured 650 reference resource that can export bulk data (e.g., statistics, 651 [BBF.TR-352] ICTP IPFIX data). 653 Figure 1 illustrates the PSAMP metered UML model for a PSAMP/IPFIX 654 monitoring device. The metering process is contained in the ietf- 655 psamp module. The metering process is comprised of a selection- 656 process and cache that refers to an exporting-process. Further 657 explanations about the relationship between selection-process and 658 cache are given in Section 3.1.1. Section 4.4 describes the 659 exporting-process configuration. 661 +--------------------------------------------------------------+ 662 | +--------------------+ Metering Process | 663 | | Module: ietf-psamp | | 664 | |--------------------|<------------------------+ | 665 | | |<--------+ 1 | | 666 | +--------------------+ | +-------------+-----------+ | 667 | ^ | | list: selection-process | | 668 | | | |-------------------------| | 669 | 1 | | | | | 670 | +--------+-------------+ | +-----------------+-------+ | 671 | | list: observation-pt | | ^ | | 672 | |----------------------| selection-process-ref | | | 673 | | +-------|---------------+ | | 674 | +----------------------+ | 0..* | | 675 | 1 | | | 676 | +-------+-------+ | | 677 | | list: cache | | | 678 | |---------------| 0..1 | | 679 | | |<----------+ | 680 | +---------------+ cache-ref | 681 +--------------------------------+-----------------------------+ 682 +--------------------+ | 683 | Module: ietf-ipfix | | 684 |--------------------| | 685 | | | 686 +--------------------+ | 687 ^ | exporting-process-ref 688 | | 689 1 | | 690 +---------+---------------+ | 691 | list: exporting-process | | 692 |-------------------------| | 693 | |<----+ 694 +-------------------------+ 0..* 696 Figure 1: PSAMP-IPFIX metered model 698 PSAMP/IPFIX monitoring device implementations usually maintain the 699 separation of various functional blocks, although they do not 700 necessarily implement all of them. The configuration data model 701 enables the setting of commonly available configuration parameters 702 for selection-processes, and caches and supports optional 703 configuration for features like the [RFC2863] IF-MIB and [RFC6933] 704 Entity MIB. 706 Figure 2 illustrates the collector/export UML model for a PSAMP/IPFIX 707 monitoring device. A device supports a collector that terminates 708 IPFIX message or reads an IPFIX file (e.g., from a remote device) and 709 optionally exports that data to an external IPFIX collector (this 710 model taken from [RFC6728] could be used for IPFIX mediators). 712 +--------------------+ 713 | Module: ietf-ipfix | 714 |--------------------|<------------------+ 715 | | 1 | 716 +--------------------+ +-------------+------------+ 717 ^ | list: collecting-process | 718 | |--------------------------| 719 | +-------------+------------+ 720 | | 721 1 | | 722 +---------+---------------+ | 723 | list: exporting-process | | 724 |-------------------------| 0..* | 725 | |<-------------+ 726 +-------------------------+ exporting-process-ref 728 Figure 2: Collector/Exporter Model 730 Figure 3 shows the bulk data model for an IPFIX monitoring device. A 731 device configures a resource (through other YANG modules for 732 example). A bulk-data template is created and applied to that 733 resource. For example, if a resource had enabled statistics 734 collecting or BBF WT-352 ICTP, the application of the bulk-data- 735 template would determine the IPFIX data exported to an IPFIX 736 collector. 738 +------------------------------+ 739 | module:ietf-bulk-data-export | 740 |------------------------------| 741 +------------------------------+ 742 ^ 743 | 744 1 | 745 +------------+------------+ +---------------+ 746 | list:bulk-data-template | | list:resource | 747 |-------------------------|------------->+---------------| 748 +------------+------------+ 0..* +---------------+ 749 | 750 0..* | exporting-process-ref 751 v 752 +-------------------------+ 753 | list:exporting-process | 754 |-------------------------| 755 +-------------------------+ 757 Figure 3: Bulk Data Model 759 3.1. PSAMP-IPFIX Metered Decomposition 761 3.1.1. Metering Process Decomposition in Selection Process and Cache 763 In a monitoring device implementation, the functionality of the 764 metering process is split into the selection process and cache. 765 Figure 4 shows a metering process example. The selection-process 766 takes an observed packet stream as its input and selects a subset of 767 that stream as its output (selected packet stream). The action of 768 the selection-process on a single packet of its input is defined by 769 one selector (called a primitive selector) or an ordered composition 770 of multiple selectors (called a composite selector). The cache 771 generates flow records or packet reports from the selected packet 772 stream, depending on its configuration. 774 +------------------------------------+ 775 | Metering Process | 776 | +------------+ Selected | 777 Observed | | selection- | Packet +-------+ | Stream of 778 Packet -->| process |---------->| cache |--> Flow Records or 779 Stream | +------------+ Stream +-------+ | Packet Reports 780 +------------------------------------+ 782 Figure 4: Selection Process and Cache forming a Metering Process 784 A metering process must always have a selection-process. It is 785 possible to select all in the observed packet stream, and pass them 786 to the cache unfiltered by configuring the selector-method to 787 "select-all". 789 A metering process can be configured to support multiple selection 790 processes that receive packets from multiple observation points 791 within the same observation domain. In this case, the observed 792 packet streams of the observation points are processed in independent 793 selection sequences. As specified in [RFC5476], a distinct set of 794 selector instances needs to be maintained per selection sequence in 795 order to keep the selection states and statistics separate. 797 With the configuration data model, it is possible to configure a 798 metering process with more than one selection processes whose output 799 is processed by a single cache. This is illustrated in Figure 5. 801 +--------------------------------------+ 802 | Metering Process | 803 | +------------+ Selected | 804 Observed | | selection- | Packet | 805 Packet -->| process |----------+ +-------+ | 806 Stream | +------------+ Stream +->| | | Stream of 807 | ... | cache |--> Flow Records or 808 | +------------+ Selected +->| | | Packet Reports 809 Observed | | selection- | Packet | +-------+ | 810 Packet -->| process |----------+ | 811 Stream | +------------+ Stream | 812 +--------------------------------------+ 814 Figure 5: Metering Process with multiple Selection Processes 816 The observed packet streams at the input of a metering process may 817 originate from observation points belonging to different observation 818 domains. By definition of the observation domain (see [RFC7011]), a 819 cache must not aggregate packets observed at different observation 820 domains in the same flow. Hence, if the cache is configured to 821 generate flow records, it needs to distinguish packets according to 822 their observation domains. 824 3.1.2. Exporter Configuration 826 Figure 6 below shows the main classes of the configuration data model 827 that are involved in the configuration of an IPFIX or PSAMP Exporter. 828 The role of the classes can be briefly summarized as follows: 830 o The observation-point class specifies an observation-point (e.g., 831 an interface or line card) of the Monitoring Device that captures 832 packets for traffic measurements. An observation-point may be 833 associated with one or more selection-process classes when a 834 device is capable of processing observed packets in parallel. 836 * When an observation-point is configured without references to 837 the selection-process, the captured packets are not considered 838 part of the metering process. 840 o The selection-process class contains the configuration and state 841 parameters of a selection-process. The selection-process may be 842 composed of a single selector or a sequence of selectors, defining 843 a primitive or composite Selector, respectively. The selection- 844 process selects packets from one or more observed packet streams, 845 each originating from a different observation-point. A selection- 846 process instance may be referred to from one or more observation- 847 point instances. 849 * A selection process may pass the selected packet stream to a 850 cache. Therefore, the selection-process class contains a 851 reference to an instance of the cache class. 853 * If a selection-process is configured without any reference to a 854 cache, the selected packets are not accounted in any packet 855 report or flow record. 857 o The cache class contains configuration and state parameters of a 858 cache. A cache may receive the output of one or more selection 859 processes and maintains corresponding packet reports or flow 860 records. Therefore, an instance of the cache class may be 861 referred to from multiple selection process instances. 862 Configuration parameters of the cache class specify the size of 863 the cache, the cache layout, and expiration parameters if 864 applicable. The cache configuration also determines whether 865 packet reports or flow records are generated. 867 * A cache may pass its output to one or more exporting processes. 868 Therefore, the cache class enables references to one or more 869 instances of the exporting process class. 871 * If a cache instance does not specify any reference to an 872 exporting process instance, the cache output is dropped. 874 o The exporting-process class contains configuration and state 875 parameters of an exporting-process. It includes various 876 transport-protocol-specific parameters and the export 877 destinations. 879 * An instance of the exporting process class may be referred to 880 from multiple instances of the cache class. 882 +-------------------+ 883 | observation-point | 884 +---------+---------+ 885 0..* | 886 | 887 0..* v 888 +-------------------+ 889 | selection-process | 890 +---------+---------+ 891 0..* | 892 | 893 0..1 v 894 +-------------------+ 895 | cache | 896 +---------+---------+ 897 0..* | 898 | 899 0..* v 900 +-------------------+ 901 | exporting-process | 902 +-------------------+ 904 Figure 6: Class diagram of Exporter configuration 906 3.2. Collector/Exporter Model 908 3.2.1. Collector/Exporter Decomposition 910 Figure 2 shows the main classes of the configuration data model that 911 are involved in the configuration of a collector. An instance of the 912 collecting-process class specifies the local IP addresses, transport 913 protocols, and port numbers of a collecting-process. 915 A collecting-process MAY be configured as a File Reader according to 916 [RFC5655]. 918 A collecting-process class instance may refer to one or more 919 exporting-process instances configuring exporting processes that re- 920 export the received data. As an example, an exporting process can be 921 configured as a file-writer in order to save the received IPFIX 922 messages in a file. 924 3.3. Bulk Data Model 925 3.3.1. Bulk Data Exporter Decomposition 927 Figure 3 shows the main classes of the configuration model that are 928 involved in bulk data export. A device that has a resource instance 929 capable of reporting bulk data through IPFIX does not need an IPFIX 930 meter to be created. Instead a bulk-data template is created and 931 applied to that resource instance. 933 The exporting-process class contains configuration and state 934 parameters of an exporting-process. It includes various transport- 935 protocol-specific parameters and the export destinations. The bulk- 936 data-template may refer to multiple instances of the exporting- 937 process class. 939 4. Configuration Parameters 941 This section specifies the configuration and state parameters of the 942 configuration data model separately for each class. 944 4.1. Observation Point Class 946 Figure 7 shows the observation-point attributes of an IPFIX 947 monitoring device. As defined in [RFC7011], an observation point can 948 be any location where packets are observed. A IPFIX monitoring 949 device potentially has more than one such location. An instance of 950 observation-point defines which location is associated with a 951 specific observation point. For this purpose, interfaces and 952 physical entities are identified using their names. 954 o Alternatively, index values of the corresponding entries in the 955 IfTable (if-mib module [RFC2863]) or the EntPhysicalTable (entity- 956 mib module [RFC6933]) can be used as identifiers. However, 957 indices should only be used as identifiers if an SNMP agent on the 958 same monitoring device enables access to the corresponding mib 959 tables. 961 By its definition in [RFC7011], an observation point may be 962 associated with a set of interfaces. Therefore, the configuration 963 data model allows configuring multiple interfaces and physical 964 entities for a single observation point. The observation-point-id 965 (i.e., the value of the information element observation-point-id 966 [IANA-IPFIX]) is assigned by the monitoring device. 968 The configuration parameters of the observation point are: 970 observation-domain-id 971 This parameter defines the identifier of the observation domain 972 that the observation point belongs to. Observation points that 973 are configured with the same observation domain ID belong to the 974 same observation domain. Note that this parameter corresponds to 975 ipfixObservationPointObservationDomainId in the IPFIX MIB module 976 [RFC6615]. 978 if-name 979 This parameter identifies the interface (via the IfName in the IF- 980 MIB [RFC2863]) on the monitoring device that is associated with 981 the given observation point. if-name should only be used if an 982 SNMP agent enables access to the IfTable. 984 if-index 985 This parameter identifies the interface (via the IfIndex value in 986 the IF-MIB [RFC2863]) on the monitoring device that is associated 987 with the given observation point. if-index should only be used if 988 an SNMP agent enables access to the IfTable. 990 interface-ref 991 This parameter identifies the interface via the interface 992 reference [RFC8343] on the monitoring device that is associated 993 with the given observation point. 995 hardware-ref 996 This parameter identifies a hardware component via the hardware 997 reference [RFC8348] on the monitoring device that is associated 998 with the given observation point. 1000 ent-physical-name 1001 This parameter identifies a physical entity (via the 1002 EntPhysicalName in the ENTITY-MIB module [RFC6933]) on the 1003 monitoring device that is associated with the given observation 1004 point. ent-physical-name should only be used if an SNMP agent 1005 enables access to the EntPhysicalTable. 1007 ent-physical-index 1008 This parameter identifies a physical entity (via the 1009 EntPhysicalIndex in the ENTITY-MIB module [RFC6933]) on the 1010 monitoring device that is associated with the given observation 1011 point. ent-physical-name should only be used if an SNMP agent 1012 enables access to the EntPhysicalTable. 1014 direction 1015 This parameter specifies if ingress traffic, egress traffic, or 1016 both ingress and egress traffic is captured, using the values 1017 "ingress", "egress", and "both", respectively. if not configured, 1018 ingress and egress traffic is captured (i.e., the default value is 1019 "both"). If not applicable (e.g., in the case of a sniffing 1020 interface in promiscuous mode), the value of this parameter is 1021 ignored. 1023 selection-process-reference 1024 An observation-point instance may refer to one or more selection- 1025 process instances that process the observed packets in parallel. 1027 +--rw observation-point* [name] 1028 +--rw name ietf-ipfix:name-type 1029 +--rw observation-domain-id uint32 1030 +--rw interface-ref* if:interface-ref 1031 +--rw if-name* if-name-type {if-mib}? 1032 +--rw if-index* uint32 {if-mib}? 1033 +--rw hardware-ref* hardware-ref 1034 +--rw ent-physical-name* string {entity-mib}? 1035 +--rw ent-physical-index* uint32 {entity-mib}? 1036 +--rw direction? direction 1037 +--ro observation-point-id? uint32 1038 +--rw selection-process* 1039 -> /ietf-ipfix:ipfix/psamp/selection-process/name 1041 Figure 7: Observation Point Attributes 1043 4.2. Selection Process Class 1045 Figure 8 shows the selection-process attributes. The selection- 1046 process class contains the configuration and state parameters of a 1047 selection process that selects packets from one or more observed 1048 packet streams and generates a selected packet stream as its output. 1049 A non-empty ordered list defines a sequence of selectors. The 1050 actions defined by the selectors are applied to the stream of 1051 incoming packets in the specified order. 1053 If the selection process receives packets from multiple observation 1054 points, the observed packet streams need to be processed 1055 independently in separate selection sequences. Each selection 1056 sequence is identified by a selection sequence id that is unique 1057 within the observation domain the observation point belongs to (see 1058 [RFC5477]). Selection sequence ids are assigned by the monitoring 1059 device. 1061 As state parameters, the selection-process class contains a list of 1062 (observation-domain-id, selection-sequence-id) tuples specifying the 1063 assigned selection sequence ids and corresponding observation domain 1064 ids. With this information, it is possible to associate selection 1065 sequence (statistics) report interpretations exported according to 1066 the PSAMP protocol specification [RFC5476] with the corresponding 1067 selection-process instance. 1069 A selection-process instance may include a reference to cache class 1070 instance to generate packet reports or flow records from the selected 1071 packet stream. 1073 +--rw selection-process* [name] 1074 +--rw name ietf-ipfix:name-type 1075 +--rw selector* [name] 1076 | +--rw name 1077 | | ietf-ipfix:name-type 1078 | +--rw (method) 1079 | | +--:(select-all) 1080 | | | +--rw select-all? empty 1081 | | +--:(samp-count-based) 1082 | | | +--rw samp-count-based {psamp-samp-count-based}? 1083 | | | +--rw packet-interval uint32 1084 | | | +--rw packet-space uint32 1085 | | +--:(samp-time-based) 1086 | | | +--rw samp-time-based {psamp-samp-time-based}? 1087 | | | +--rw time-interval uint32 1088 | | | +--rw time-space uint32 1089 | | +--:(samp-rand-out-of-n) 1090 | | | +--rw samp-rand-out-of-n 1091 | | | {psamp-samp-rand-out-of-n}? 1092 | | | +--rw size uint32 1093 | | | +--rw population uint32 1094 | | +--:(samp-uni-prob) 1095 | | | +--rw samp-uni-prob {psamp-samp-uni-prob}? 1096 | | | +--rw probability decimal64 1097 | | +--:(filter-match) 1098 | | | +--rw filter-match {psamp-filter-match}? 1099 | | | +--rw (information-element) 1100 | | | | +--:(ie-name) 1101 | | | | | +--rw ie-name? 1102 | | | | | ietf-ipfix:ie-name-type 1103 | | | | +--:(ie-id) 1104 | | | | +--rw ie-id? 1105 | | | | ietf-ipfix:ie-id-type 1106 | | | +--rw ie-enterprise-number? uint32 1107 | | | +--rw value string 1108 | | +--:(filter-hash) 1109 | | +--rw filter-hash {psamp-filter-hash}? 1110 | | +--rw hash-function? identityref 1111 | | +--rw initializer-value? uint64 1112 | | +--rw ip-payload-offset? uint64 1113 | | +--rw ip-payload-size? uint64 1114 | | +--rw digest-output? boolean 1115 | | +--rw selected-range* [name] 1116 | | | +--rw name ietf-ipfix:name-type 1117 | | | +--rw min? uint64 1118 | | | +--rw max? uint64 1119 | | +--ro output-range-min? uint64 1120 | | +--ro output-range-max? uint64 1121 | +--ro packets-observed? yang:counter64 1122 | +--ro packets-dropped? yang:counter64 1123 | +--ro selector-discontinuity-time? yang:date-and-time 1124 +--rw cache? 1125 | -> /ietf-ipfix:ipfix/psamp/cache/name 1126 +--ro selection-sequence* [] 1127 +--ro observation-domain-id? uint32 1128 +--ro selection-sequence-id? uint64 1130 Figure 8: Selection Process Attributes 1132 4.2.1. Selection Process Class Method 1134 Standardized PSAMP sampling and filtering methods are described in 1135 [RFC5475]; their configuration parameters are specified in the 1136 classes samp-count-based, samp-time-based, samp-rand-out-of-n, samp- 1137 uni-prob, filter-match, and filter-hash. In addition, the select-all 1138 class, which has no parameters, is used for a selector that selects 1139 all packets. The selector class includes exactly one of these 1140 sampler and filter classes, depending on the applied method. 1142 The selector class contains the selector statistics packets-observed 1143 and packets-dropped as well as selector-discontinuity-time, which 1144 correspond to the IPFIX MIB module objects 1145 ipfixSelectionProcessStatsPacketsObserved, 1146 ipfixSelectionProcessStatsPacketsDropped, and 1147 ipfixSelectionProcessStatsDiscontinuityTime, respectively [RFC6615]: 1149 packets-observed 1150 The total number of packets observed at the input of the selector. 1151 If this is the first selector in the selection process, this 1152 counter corresponds to the total number of packets in all observed 1153 packet streams at the input of the selection process. Otherwise, 1154 the counter corresponds to the total number of packets at the 1155 output of the preceding selector. Discontinuities in the value of 1156 this counter can occur at re-initialization of the management 1157 system, and at other times as indicated by the value of selector- 1158 discontinuity-time. 1160 packets-dropped 1161 The total number of packets discarded by the selector. 1162 Discontinuities in the value of this counter can occur at re- 1163 initialization of the management system, and at other times as 1164 indicated by the value of selector-discontinuity-time. 1166 selector-discontinuity-time 1167 Timestamp of the most recent occasion at which one or more of the 1168 selector counters suffered a discontinuity. In contrast to 1169 ipfixSelectionProcessStatsDiscontinuityTime, the time is 1170 absoluteand not relative to sys-uptime. 1172 Note that packets-observed and packets-dropped are aggregate 1173 statistics calculated over all selection sequences of the selection 1174 process. This is in contrast to the counter values in the selection 1175 sequence statistics report interpretation [RFC5476], which are 1176 related to a single selection sequence only. 1178 4.2.1.1. Selection Process Class Method: Sampler Methods 1180 Figure 8 shows the following sampler methods: 1182 Samp-Count-Based (Systematic Count-based Sampling): The following 1183 attributes are configurable: 1185 packet-interval 1186 The number of packets that are consecutively sampled between gaps 1187 of length packet-space. This parameter corresponds with the 1188 Information Element samplingPacketInterval and 1189 psampSampCountBasedInterval attribute [RFC5477]. 1191 packet-space: 1192 The number of unsampled packets between two sampling intervals. 1193 This parameter corresponds to the Information Element 1194 samplingPacketSpace and psampSampCountBasedSpace attribute 1195 [RFC6727]. 1197 Samp-Time-Based (Systematic Time-based Sampling): The following 1198 attributes are configurable: 1200 time-interval 1201 The time interval during which all arriving packets are sampled. 1202 The unit is microseconds. This parameter corresponds to 1203 corresponds to the Information Element samplingTimeInterval and to 1204 psampSampTimeBasedInterval attribute [RFC6727]. 1206 time-space 1207 The gap between two Sampling intervals, in microseconds. This 1208 parameter corresponds to Information Element samplingTimeSpace and 1209 to psampSampTimeBasedSpace attribute [RFC6727]. 1211 Samp-Rand-Out-of-N: The following attributes are configurable: 1213 size 1214 The number of elements taken from the parent population. This 1215 parameter corresponds to Information Element samplingSize and 1216 psampSampRandOutOfNSize attribute [RFC6727]. 1218 population 1219 The number of elements in the parent population. These parameters 1220 corresponds to Information Element samplingPopulation and 1221 psampSampRandOutOfNPopulation attribute [RFC6727]. 1223 Samp-Uni_Prob: The following attributes are configurable: 1225 probability 1226 The probability for uniform probabilistic sampling. The 1227 probability is expressed as a value between 0 and 1. This 1228 parameter corresponds to Information Element samplingProbability 1229 and psampSampUniProbProbability attribute [RFC6727]. 1231 4.2.2. Selection Process Filter Classes 1233 Figure 8 shows the following filter methods: 1235 Property-Match Filtering: The following attributes are configurable: 1237 Filtering based on ie-id, ie-name, ie-enterprise-number 1238 The property to be matched is specified by either ie-id or ie- 1239 name, specifying the identifier or name of the Information 1240 Element, respectively. If ie-enterprise-number is zero (which is 1241 the default), this Information Element is registered in the IANA 1242 registry of IPFIX Information Elements [IANA-IPFIX]. A non-zero 1243 value of ie-enterprise-number specifies an enterprise-specific 1244 Information Element [IANA-ENTERPRISE-NUMBERS]. 1246 value 1247 The matching value. 1249 For hash-based filtering, the configuration and state attributes are: 1251 hash-function 1252 The following values are defined: 1254 * BOB: BOB Hash Function as specified in [RFC5475], Appendix A.2 1256 * IPSX: IP Shift-XOR (IPSX) Hash Function as specified in 1257 [RFC5475], Appendix A.1 1259 * CRC: CRC-32 function as specified in [RFC1141] Default value is 1260 "BOB". This parameter corresponds to the PSAMP MIB object 1261 psampFiltHashFunction [RFC6727]. 1263 initializer-value 1264 This parameter corresponds to the Information Element 1265 hashInitialiserValue [RFC5477], as well as to the PSAMP MIB object 1266 psampFiltHashInitializerValue [RFC6727]. If not configured by the 1267 user, the Monitoring Device arbitrarily chooses an initializer 1268 value. 1270 ip-payload-offset 1271 Configures the offset of the payload section used as input to the 1272 hash function. Default value is 0 (minimum configurable values 1273 according to [RFC5476], Section 6.5.2.6.). This parameter 1274 corresponds to the Information Element hashIPPayloadOffset 1275 [RFC5477] as well as to the PSAMP MIB object 1276 psampFiltHashIpPayloadOffset [RFC6727]. 1278 ip-payload-size 1279 Configures the size of the payload section used as input to the 1280 hash function. Default value is 8 (minimum configurable values 1281 according to [RFC5476], Section 6.5.2.6.). This parameter 1282 corresponds to the Information Element hashIPPayloadSize 1283 [RFC5477], as well as to the PSAMP MIB object 1284 psampFiltHashIpPayloadSize [RFC6727]. 1286 digest-output 1287 Enables or disables the inclusion of the packet digest in the 1288 resulting PSAMP Packet Report. This requires that the Cache 1289 Layout of the Cache generating the Packet Reports includes a 1290 digest-hash-value field. This parameter corresponds to the 1291 Information Element hashDigestOutput [RFC5477]. 1293 output-range-min 1294 Defines the beginning of the hash's function potential output 1295 range. This parameter correspond to the Information Element 1296 hashOutputRangeMin [RFC5477], as well as to the PSAMP MIB object 1297 psampFiltHashOutputRangeMin [RFC6727]. 1299 output-range-max 1300 Defines the end of the hash function's potential output range. 1301 This parameter correspond to the Information Element 1302 hashOutputRangeMax [RFC5477], as well as to the PSAMP MIB object 1303 psampFiltHashOutputRangeMax [RFC6727]. 1305 One or more ranges of matching hash values are defined by the min and 1306 max parameters of the selected-range subclass. These parameters 1307 correspond to the Information Elements hashSelectedRangeMin and 1308 hashSelectedRangeMax [RFC5477], as well as to the PSAMP MIB objects 1309 psampFiltHashSelectedRangeMin and psampFiltHashSelectedRangeMax 1310 [RFC6727]. 1312 4.3. Cache Class 1314 Figure 9 shows the cache class that contains the configuration and 1315 state parameters of a cache. Most of these parameters are specific 1316 to the type of the cache and therefore contained in the subclasses 1317 immediate-cache, timeout-cache, natural-cache, and permanent-cache, 1318 which are presented below in Section 4.3.1 and Section 4.3.2. The 1319 following three state parameters are common to all caches and 1320 therefore included in the cache class itself: 1322 enabled 1323 Enables the cache so that specified data may be exported. The 1324 default is "enabled". 1326 metering-process-id 1327 The identifier of the metering process that cache belongs to. 1328 This parameter corresponds to the information element 1329 meteringprocessid [IANA-IPFIX]. Its occurrence helps to associate 1330 metering process (reliability) statistics exported according to 1331 the IPFIX protocol specification [RFC7011] with the corresponding 1332 metering-process class identifier. 1334 data-records 1335 The number of data records generated by this cache. 1337 discontinuities 1338 The value of this counter can occur at re-initialization of the 1339 management system, and at other times as indicated by the value of 1340 cache-discontinuity-time. Note that this parameter corresponds to 1341 ipfixMeteringProcessDataRecords in the IPFIX MIB module [RFC6615]. 1343 cache-discontinuity-time 1344 The timestamp of the most recent occasion at which datarecords 1345 suffered a discontinuity. The time is absolute and not relative 1346 to sysUpTime. Note that this parameter functionally corresponds 1347 to ipfixMeteringProcessDiscontinuityTime in the IPFIX MIB module 1348 [RFC6615]. 1350 A cache object may refer to one or more exporting-process instances. 1352 +--rw cache* [name] 1353 +--rw name ietf-ipfix:name-type 1354 +--rw enabled boolean 1355 +--ro metering-process-id? uint32 1356 +--ro data-records? yang:counter64 1357 +--ro cache-discontinuity-time? yang:date-and-time 1358 +--rw (cache-type) 1359 | +--:(immediate-cache) 1360 | | +--rw immediate-cache {immediate-cache}? 1361 | | +--rw cache-layout 1362 | | +--rw cache-field* [name] 1363 | | +--rw name 1364 | | | ietf-ipfix:name-type 1365 | | +--rw (information-element) 1366 | | | +--:(ie-name) 1367 | | | | +--rw ie-name? 1368 | | | | ietf-ipfix:ie-name-type 1369 | | | +--:(ie-id) 1370 | | | +--rw ie-id? 1371 | | | ietf-ipfix:ie-id-type 1372 | | +--rw ie-length? uint16 1373 | | +--rw ie-enterprise-number? uint32 1374 | | +--rw is-flow-key? empty 1375 | +--:(timeout-cache) 1376 | | +--rw timeout-cache {timeout-cache}? 1377 | | +--rw max-flows? uint32 1378 | | +--rw active-timeout? uint32 1379 | | +--rw idle-timeout? uint32 1380 | | +--rw export-interval? uint32 1381 | | +--rw cache-layout 1382 | | | +--rw cache-field* [name] 1383 | | | +--rw name 1384 | | | | ietf-ipfix:name-type 1385 | | | +--rw (information-element) 1386 | | | | +--:(ie-name) 1387 | | | | | +--rw ie-name? 1388 | | | | | ietf-ipfix:ie-name-type 1389 | | | | +--:(ie-id) 1390 | | | | +--rw ie-id? 1391 | | | | ietf-ipfix:ie-id-type 1392 | | | +--rw ie-length? uint16 1393 | | | +--rw ie-enterprise-number? uint32 1394 | | | +--rw is-flow-key? empty 1395 | | +--ro active-flows? yang:gauge32 1396 | | +--ro unused-cache-entries? yang:gauge32 1397 | +--:(natural-cache) 1398 | | +--rw natural-cache {natural-cache}? 1399 | | +--rw max-flows? uint32 1400 | | +--rw active-timeout? uint32 1401 | | +--rw idle-timeout? uint32 1402 | | +--rw export-interval? uint32 1403 | | +--rw cache-layout 1404 | | | +--rw cache-field* [name] 1405 | | | +--rw name 1406 | | | | ietf-ipfix:name-type 1407 | | | +--rw (information-element) 1408 | | | | +--:(ie-name) 1409 | | | | | +--rw ie-name? 1410 | | | | | ietf-ipfix:ie-name-type 1411 | | | | +--:(ie-id) 1412 | | | | +--rw ie-id? 1413 | | | | ietf-ipfix:ie-id-type 1414 | | | +--rw ie-length? uint16 1415 | | | +--rw ie-enterprise-number? uint32 1416 | | | +--rw is-flow-key? empty 1417 | | +--ro active-flows? yang:gauge32 1418 | | +--ro unused-cache-entries? yang:gauge32 1419 | +--:(permanent-cache) 1420 | +--rw permanent-cache {permanent-cache}? 1421 | +--rw max-flows? uint32 1422 | +--rw active-timeout? uint32 1423 | +--rw idle-timeout? uint32 1424 | +--rw export-interval? uint32 1425 | +--rw cache-layout 1426 | | +--rw cache-field* [name] 1427 | | +--rw name 1428 | | | ietf-ipfix:name-type 1429 | | +--rw (information-element) 1430 | | | +--:(ie-name) 1431 | | | | +--rw ie-name? 1432 | | | | ietf-ipfix:ie-name-type 1433 | | | +--:(ie-id) 1434 | | | +--rw ie-id? 1435 | | | ietf-ipfix:ie-id-type 1436 | | +--rw ie-length? uint16 1437 | | +--rw ie-enterprise-number? uint32 1438 | | +--rw is-flow-key? empty 1439 | +--ro active-flows? yang:gauge32 1440 | +--ro unused-cache-entries? yang:gauge32 1441 +--rw exporting-process* 1442 -> /ietf-ipfix:ipfix/exporting-process/name 1443 {ietf-ipfix:exporter}? 1445 Figure 9: Cache Attributes 1447 4.3.1. Immediate Cache Type Class 1449 The immediate-cache type class depicted in Figure 9 is used to 1450 configure a cache that generates a PSAMP Packet Report for each 1451 packet at its input. The fields contained in the generated data 1452 records are defined in an object of the cache-layout, which is 1453 defined below in Section 4.3.3. 1455 4.3.2. Timeout Cache, Natural Cache, and Permanent Cache Type Class 1457 Figure 9 shows the timeout-cache, natural-cache, and permanent-cache 1458 type classes. These classes are used to configure a cache that 1459 aggregates the packets at its input and generates IPFIX flow records. 1460 The three classes differ in when flows expire: 1462 timeout-cache 1463 Flows expire after active or idle timeout. 1465 natural-cache 1466 Flows expire after active or idle timeout, or on natural 1467 termination (e.g., TCP FIN or TCP RST) of the flow. 1469 permanent-cache 1470 Flows never expire, but are periodically exported with the 1471 interval set by export-interval. 1473 The following configuration and state parameters are common to the 1474 three classes: 1476 max-flows 1477 This parameter configures the maximum number of entries in the 1478 cache, which is the maximum number of flows that can be measured 1479 simultaneously. If this parameter is configured, the monitoring 1480 device must ensure that sufficient resources are available to 1481 store the configured maximum number of flows. If the maximum 1482 number of cache entries is in use, no additional flows can be 1483 measured. However, traffic that pertains to existing flows can 1484 continue to be measured. 1486 active-flows 1487 This state parameter indicates the number of flows currently 1488 active in this cache (i.e., the number of cache entries currently 1489 in use). Note that this parameter corresponds to 1490 ipfixmeteringprocesscacheactiveflows in the IPFIX MIB module 1491 [RFC6615]. 1493 unused-cache-entries 1494 The number of unused cache entries. Note that the sum of active- 1495 flows and unused-cache-entries equals max-flows if max-flows is 1496 configured. Note that this parameter corresponds to 1497 ipfixMeteringProcessCacheUnusedCacheEntries in the IPFIX MIB 1498 module [RFC6615]. 1500 The following timeout parameters are only available in the timeout- 1501 cache and the natural-cache cache-types: 1503 active-timeout 1504 This parameter configures the time in secondsafter which a flow is 1505 expired even though packets matching this flow are still received 1506 by the cache. The parameter value zero indicates infinity, 1507 meaning that there is no active timeout. If not configured by the 1508 user, the monitoring device sets this parameter. Note that this 1509 parameter corresponds to ipfixMeteringProcessCacheActiveTimeout in 1510 the IPFIX MIB module [RFC6615]. 1512 idle-timeout 1513 This parameter configures the time in seconds after which a flow 1514 is expired if no more packets matching this flow are received by 1515 the cache. The parameter value zero indicates infinity, meaning 1516 that there is no idle timeout. If not configured by the user, the 1517 monitoring device sets this parameter. Note that this parameter 1518 corresponds to ipfixMeteringProcessCacheIdleTimeout in the IPFIX 1519 MIB module [RFC6615]. 1521 The following interval parameter is only available in the permanent- 1522 cache class: 1524 export-interval 1525 This parameter configures the interval (in seconds) for periodical 1526 export of flow records. If not configured by the user, the 1527 monitoring device sets this parameter. 1529 Every generated flow record must be associated with a single 1530 observation domain. Hence, although a cache may be configured to 1531 process packets observed at multiple observation domains, the cache 1532 must not aggregate packets observed at different observation domains 1533 in the same flow. 1535 An object of the cache class contains an object of the cache-layout 1536 class that defines which fields are included in the flow records. 1538 4.3.3. Cache Layout Class 1540 A cache generates and maintains packet reports or flow records 1541 containing information that has been extracted from the incoming 1542 stream of packets. Using the cache-field class, the cache-layout 1543 class specifies the superset of fields that are included in the 1544 packet reports or flow records (see Figure 9). 1546 If packet reports are generated (i.e., if immediate-cache class is 1547 used to configure the cache), every field specified by the cache- 1548 layout must be included in the resulting packet report unless the 1549 corresponding information element is not applicable or cannot be 1550 derived from the content or treatment of the incoming packet. Any 1551 other field specified by the cache layout may only be included in the 1552 packet report if it is obvious from the field value itself or from 1553 the values of other fields in same packet report that the field value 1554 was not determined from the packet. 1556 For example, if a field is configured to contain the TCP source port 1557 (information element tcpsourceport [IANA-IPFIX]), the field must be 1558 included in all packet reports that are related to TCP packets. 1559 Although the field value cannot be determined for non-TCP packets, 1560 the field may be included in the packet reports if another field 1561 contains the transport protocol identifier (information element 1562 ProtocolIdentifier [IANA-IPFIX]). 1564 If flow records are generated (i.e., if timeout-cache, natural-cache, 1565 or permanent-cache class is used to configure the cache), the cache 1566 layout differentiates between flow key fields and non-key fields. 1567 Every flow key field specified by the cache layout must be included 1568 as flow key in the resulting flow record unless the corresponding 1569 information element is not applicable or cannot be derived from the 1570 content or treatment of the incoming packet. Any other flow key 1571 field specified by the cache layout may only be included in the flow 1572 record if it is obvious from the field value itself or from the 1573 values of other flow key fields in the same flow record that the 1574 field value was not determined from the packet. Two packets are 1575 accounted by the same flow record if none of their flow key fields 1576 differ. If a flow key field can be determined for one packet but not 1577 for the other, the two packets are accounted in different flow 1578 records. 1580 Every non-key field specified by the cache layout must be included in 1581 the resulting flow record unless the corresponding information 1582 element is not applicable or cannot be derived for the given flow. 1583 Any other non-key field specified by the cache layout may only be 1584 included in the flow record if it is obvious from the field value 1585 itself or from the values of other fields in same flow record that 1586 the field value was not determined from the packet. Packets which 1587 are accounted by the same flow record may differ in their non-key 1588 fields, or one or more of the non-key fields can be undetermined for 1589 all or some of the packets. 1591 For example, if a non-key field specifies an information element 1592 whose value is determined by the first packet observed within a flow 1593 (which is the default rule according to [RFC7012] unless specified 1594 differently in the description of the information element), this 1595 field must be included in the resulting flow record if it can be 1596 determined from the first packet of the flow. 1598 The cache-layout class does not have any parameters. The 1599 configuration parameters of the cache-field class (under cache- 1600 layout) are as follows: 1602 ie-id 1603 Specifies the information element identifier to be used. Either 1604 ie-id or ie-name must be specified. 1606 ie-name 1607 Specifies the information element name to be used. Either ie-id 1608 or ie-name must be specified. 1610 ie-enterprise-number 1611 Specifies the enterprise id of the ie-id or ie-name. If the ie- 1612 enterprise-number is zero (which is the default), this information 1613 element is registered in the IANA registry of IPFIX information 1614 elements [IANA-IPFIX]. A non-zero value of ie-enterprise-number 1615 specifies an enterprise-specific information element 1616 [IANA-ENTERPRISE-NUMBERS]. If the enterprise number is set to 1617 29305, this field contains a reverse information element. In this 1618 case, the cache must generate data records in accordance to 1619 [RFC5103]. 1621 ie-length 1622 This parameter specifies the length of the field in octets. A 1623 value of 65535 means that the field is encoded as a variable- 1624 length information element. For information elements of integer 1625 and float type, the field length may be set to a smaller value 1626 than the standard length of the abstract data type if the rules of 1627 reduced size encoding are fulfilled (see [RFC7011], section 6.2). 1628 If not configured by the user, the field length is set by the 1629 monitoring device. 1631 is-flow-key 1632 If present, this field is a flow key. If the field contains a 1633 reverse information element, it must not be configured as flow 1634 key. This parameter is not available if the cache is configured 1635 using the immediate-cache class since there is no distinction 1636 between flow key fields and non-key fields in packet reports. 1638 Note that the use of information elements can be restricted to 1639 certain cache types as well as to flow key or non-key fields. Such 1640 restrictions may result from information element definitions or from 1641 device-specific constraints. According to Section 5, the monitoring 1642 device must notify the user if a cache field cannot be configured 1643 with the given information element. 1645 4.4. Exporting Process Class 1647 The exporting-process class in Figure 10) specifies destinations to 1648 which the incoming packet reports and flow records are exported using 1649 objects of the destination class. The destination class includes a 1650 choice of type of exporter (sctp-exporter, udp-exporter, tcp- 1651 exporter, or file-writer) which contains further configuration 1652 parameters. Those exporter type classes are described in 1653 Section 4.4.1, Section 4.4.2, Section 4.4.3, and Section 4.4.4. 1655 The exporting-process class contains the identifier of the exporting 1656 process (exporting-process-id). This parameter corresponds to the 1657 information element exportingprocessid [IANA-IPFIX]. Its occurrence 1658 helps to associate exporting process reliability statistics exported 1659 according to the IPFIX protocol specification [RFC7011] with the 1660 corresponding object of the exporting-process class. 1662 The order in which destination instances appear has a specific 1663 meaning only if the export-mode parameter is set to "fallback". The 1664 export-mode parameter is defined as follows: 1666 enabled 1667 Enables the exporting process to begin exporting data. The 1668 default is "enabled". 1670 export-mode 1671 Determines to which configured destination(s) the incoming data 1672 records are exported. The following parameter values are 1673 specified by the configuration data model: 1675 * parallel: every data record is exported to all configured 1676 destinations in parallel 1678 * load-balancing: every data record is exported to exactly one 1679 configured destination according to a device-specific load- 1680 balancing policy 1682 * fallback: every data record is exported to exactly one 1683 configured destination according to the fallback policy 1684 described below 1686 If export-mode is set to "fallback", the first destination instance 1687 defines the primary destination, the second destination instance 1688 defines the secondary destination, and so on. If the exporting 1689 process fails to export data records to the primary destination, it 1690 tries to export them to the secondary one. If the secondary 1691 destination fails as well, it continues with the tertiary, etc. 1692 "parallel" is the default value if exportmode is not configured. 1694 Note that the export-mode parameter is related to the 1695 ipfixExportMemberType object in [RFC6615]. If export-mode is 1696 "parallel", the ipfixExportMemberType values of the corresponding 1697 entries in IpfixExportTable are set to parallel(3). If export-mode 1698 is "load-balancing", the ipfixExportMemberType values of the 1699 corresponding entries in IpfixExportTable are set to 1700 loadBalancing(4). If exportmode is "fallback", the 1701 ipfixExportMemberType value that refers to the primary destination is 1702 set to primary(1); the ipfixExportMemberType values that refer to the 1703 remaining destinations need to be set to secondary(2). The IPFIX mib 1704 module does not define any value for tertiary destination, etc. 1706 The reporting of information with options templates is defined with 1707 objects of the options class. 1709 The exporting process may modify the packet reports and flow records 1710 to enable a more efficient transmission or storage under the 1711 condition that no information is changed or suppressed. For example, 1712 the exporting process may shorten the length of a field according to 1713 the rules of reduced size encoding [RFC7011]. The exporting process 1714 may also export certain fields in a separate data record as described 1715 in [RFC5476]. 1717 +--rw exporting-process* [name] {exporter}? 1718 +--rw name name-type 1719 +--rw enabled? boolean 1720 +--rw export-mode? identityref 1721 +--rw destination* [name] 1722 | +--rw name name-type 1723 | +--rw (destination-parameters) 1724 | +--:(tcp-exporter) 1725 | ... 1726 | +--:(udp-exporter) 1727 | ... 1728 | +--:(sctp-exporter) 1729 | ... 1730 | +--:(file-writer) 1731 | ... 1732 +--rw options* [name] 1733 | +--rw name name-type 1734 | +--rw options-type identityref 1735 | +--rw options-timeout? uint32 1736 +--ro exporting-process-id? uint32 1738 Figure 10: Exporting Process Class 1740 4.4.1. SCTP Exporter Class 1742 The sctp-exporter class shown in Figure 11 contains the configuration 1743 parameters of an SCTP export destination. The configuration 1744 parameters are: 1746 ipfix-version 1747 Version number of the IPFIX protocol used. If omitted, the 1748 default value is 10 (=0x000a) as specified in [RFC7011]. 1750 source-address 1751 List of source IP addresses used by the exporting process. If 1752 configured, the specified addresses are eligible local IP 1753 addresses of the multihomed SCTP endpoint. If not configured, all 1754 locally assigned IP addresses are eligible local IP addresses. 1756 destination-address 1757 One or more IP addresses of the collecting process to which IPFIX 1758 Messages are sent. The user must ensure that all configured IP 1759 addresses belong to the same collecting process. The exporting 1760 process tries to establish an SCTP association to any of the 1761 configured destination IP addresses. 1763 destination-port 1764 Destination port number to be used. If not configured, standard 1765 port 4739 (IPFIX without TLS and DTLS) or 4740 (IPFIX over TLS or 1766 DTLS) is used. 1768 if-index 1769 The index of the interface used by the exporting process to export 1770 IPFIX Messages to the given destination MAY be specified according 1771 to corresponding objects in the IF-MIB [RFC2863]. If omitted, the 1772 Exporting Process selects the outgoing interface based on local 1773 routing decision and accepts return traffic, such as transport- 1774 layer acknowledgments, on all available interfaces. 1776 if-name 1777 The name of the interface used by the exporting process to export 1778 IPFIX Messages to the given destination MAY be specified according 1779 to corresponding objects in the IF-MIB [RFC2863]. If omitted, the 1780 Exporting Process selects the outgoing interface based on local 1781 routing decision and accepts return traffic, such as transport- 1782 layer acknowledgments, on all available interfaces. 1784 send-buffersize 1785 Size of the socket send buffer in bytes. If not configured by the 1786 user, the buffer size is set by the monitoring device. 1788 rate-limit 1789 Maximum number of bytes per second the exporting process may 1790 export to the given destination as required by [RFC5476]. The 1791 number of bytes is calculated from the lengths of the IPFIX 1792 Messages exported. If this parameter is not configured, no rate 1793 limiting is performed for this destination. 1795 timed-reliability 1796 Lifetime in milliseconds until an IPFIX message containing data 1797 sets only is "abandoned" due to the timed reliability mechanism of 1798 the partial reliability extension of SCTP (pr-SCTP) [RFC3758]. if 1799 this parameter is set to zero, reliable SCTP transport must be 1800 used for all data records. Regardless of the value of this 1801 parameter, the exporting process may use reliable SCTP transport 1802 for data sets associated with certain options templates, such as 1803 the data record reliability options template specified in 1804 [RFC6526]. 1806 Using the transport-layer-security class described in Section 4.6, 1807 Datagram Transport Layer Security (DTLS) is enabled and configured 1808 for this export destination. 1810 The Transport-Session class is discussed in Section 4.7. 1812 +--:(sctp-exporter) 1813 +--rw sctp-exporter {sctp-transport}? 1814 +--rw ipfix-version? uint16 1815 +--rw destination-port? 1816 | inet:port-number 1817 +--rw send-buffer-size? uint32 1818 +--rw rate-limit? uint32 1819 +--rw transport-layer-security! 1820 | ... 1821 +--rw source 1822 | +--rw (source-method)? 1823 | +--:(source-address) 1824 | | +--rw source-address? inet:host 1825 | +--:(interface-ref) 1826 | | +--rw interface-ref? if:interface-ref 1827 | +--:(if-index) {if-mib}? 1828 | | +--rw if-index? uint32 1829 | +--:(if-name) {if-mib}? 1830 | +--rw if-name? string 1831 +--rw destination 1832 | +--rw (destination-method) 1833 | +--:(destination-address) 1834 | +--rw destination-address? inet:host 1835 +--rw timed-reliability? uint32 1836 +--ro transport-session 1837 ... 1839 Figure 11: SCTP Exporter Class 1841 4.4.2. UDP Exporter Class 1843 The udp-exporter class shown in Figure 12 contains the configuration 1844 parameters of a UDP export destination. The parameters ipfix- 1845 version, destination-port, if-name, if-index, send-buffer-size, and 1846 rate-limit have the same meaning as in the sctp-exporter class (see 1847 Section 4.4.1). The remaining configuration parameters are: 1849 source-address 1850 This parameter specifies the source IP address used by the 1851 exporting process. If this parameter is omitted, the IP address 1852 assigned to the outgoing interface is used as the source IP 1853 address. 1855 destination-address 1856 Destination IP address to which IPFIX messages are sent (i.e., the 1857 IP address of the collecting process). 1859 max-packet-size 1860 This parameter specifies the maximum size of IP packets sent to 1861 the collector. If set to zero, the exporting device must derive 1862 the maximum packet size from path mtu discovery mechanisms. If 1863 not configured by the user, this parameter is set by the 1864 monitoring device. 1866 template-refresh-timeout 1867 This parameter specifies when templates are refreshed by the 1868 exporting process. This timeout is specified in seconds between 1869 re-sending of templates. If omitted, the default value of 600 1870 seconds (10 minutes) is used [RFC7011]. This parameter 1871 corresponds to ipfixTransportSessionTemplateRefreshTimeout in the 1872 IPFIX MIB module [RFC6615]. 1874 options-template-refresh-timeout 1875 This parameter specifies when options templates are refreshed by 1876 the exporting process. This timeout is specified in seconds 1877 between re-sending of options templates. If omitted, the default 1878 value of 600 seconds (10 minutes) is used [RFC7011]. This 1879 parameter corresponds to 1880 ipfixTransportSessionOptionsTemplateRefreshTimeout in the IPFIX 1881 MIB module [RFC6615]. 1883 template-refresh-packet 1884 This parameter specifies the number of IPFIX messages after which 1885 templates are re-sent. If omitted, the templates are only resent 1886 after timeout. This parameter corresponds to 1887 ipfixTransportSessionTemplateRefreshTimeout in the IPFIX MIB 1888 module [RFC6615]. 1890 options-template-refresh-packet 1891 This parameter specifies the number of IPFIX messages after which 1892 options templates are re-sent. If omitted, the options templates 1893 are only resent after timeout. This parameter corresponds to 1894 ipfixTransportSessionOptionsTemplateRefreshTimeout in the IPFIX 1895 MIB module [RFC6615]. 1897 Note that the values configured for template-refresh-timeout and 1898 options-template-refresh-timeout must be adapted to the template- 1899 lifetime and options-template-lifetime parameter settings at the 1900 receiving collecting process (see Section 4.5.2). 1902 Using the transport-layer-security class described in Section 4.6, 1903 DTLS is enabled and configured for this export destination. The 1904 transport-session class is specified in Section 4.7. 1906 +--:(udp-exporter) 1907 +--rw udp-exporter {udp-transport}? 1908 +--rw ipfix-version? uint16 1909 +--rw destination-port? 1910 | inet:port-number 1911 +--rw send-buffer-size? uint32 1912 +--rw rate-limit? uint32 1913 +--rw transport-layer-security! 1914 | ... 1915 +--rw source 1916 | +--rw (source-method)? 1917 | +--:(source-address) 1918 | | +--rw source-address? inet:host 1919 | +--:(interface-ref) 1920 | | +--rw interface-ref? if:interface-ref 1921 | +--:(if-index) {if-mib}? 1922 | | +--rw if-index? uint32 1923 | +--:(if-name) {if-mib}? 1924 | +--rw if-name? string 1925 +--rw destination 1926 | +--rw (destination-method) 1927 | +--:(destination-address) 1928 | +--rw destination-address? inet:host 1929 +--rw maximum-packet-size? uint16 1930 +--rw template-refresh-timeout? uint32 1931 +--rw options-template-refresh-timeout? uint32 1932 +--rw template-refresh-packet? uint32 1933 +--rw options-template-refresh-packet? uint32 1934 +--ro transport-session 1935 .... 1937 Figure 12: UDP Exporter Class 1939 4.4.3. TCP Exporter Class 1941 The tcp-exporter class shown in Figure 13 contains the configuration 1942 parameters of a TCP export destination. The parameters have the same 1943 meaning as in the udp-exporter class (see Section 4.4.2). 1945 Using the transport-layer-security class described in Section 4.6, 1946 Transport Layer Security (TLS) is enabled and configured for this 1947 export destination. 1949 The transport-session class is specified in Section 4.7. 1951 +--:(tcp-exporter) 1952 +--rw tcp-exporter {tcp-transport}? 1953 +--rw ipfix-version? uint16 1954 +--rw destination-port? 1955 | inet:port-number 1956 +--rw send-buffer-size? uint32 1957 +--rw rate-limit? uint32 1958 +--rw transport-layer-security! 1959 | ... 1960 +--rw source 1961 | +--rw (source-method)? 1962 | +--:(source-address) 1963 | | +--rw source-address? inet:host 1964 | +--:(interface-ref) 1965 | | +--rw interface-ref? if:interface-ref 1966 | +--:(if-index) {if-mib}? 1967 | | +--rw if-index? uint32 1968 | +--:(if-name) {if-mib}? 1969 | +--rw if-name? string 1970 +--rw destination 1971 | +--rw (destination-method) 1972 | +--:(destination-address) 1973 | +--rw destination-address? inet:host 1974 +--ro transport-session 1976 Figure 13: TCP Exporter Class 1978 4.4.4. File Writer Class 1980 If file-writer instance is included in an object of the destination 1981 class, IPFIX messages are written into a file as specified in 1982 [RFC5655]. The file-writer class contains the following 1983 configuration parameters: 1985 ipfix-version 1986 Version number of the IPFIX protocol used. If omitted, the 1987 default value is 10 (=0x000a) as specified in [RFC7011]. 1989 file 1990 File name and location specified as URI. 1992 The state parameters of the file-writer class are: 1994 bytes, messages, records, templates, options-templates 1995 The number of bytes, IPFIX messages, data records, template 1996 records, and options template records written by the file writer. 1997 Discontinuities in the values of these counters can occur at re- 1998 initialization of the management system, and at other times as 1999 indicated by the value of file-writer-discontinuity-time. 2001 discarded-messages 2002 The number of IPFIX messages that could not be written by the file 2003 writer due to internal buffer overflows, limited storage capacity, 2004 etc. Discontinuities in the value of this counter can occur at 2005 re-initialization of the management system, and at other times as 2006 indicated by the value of file-writer-discontinuity-time. 2008 file-writer-discontinuity-time 2009 Timestamp of the most recent occasion at which one or more file 2010 writer counters suffered a discontinuity. The time is absolute 2011 and not relative to sysUpTime. 2013 Each file-writer class instance includes statistics about the 2014 templates written to the file. The template class is specified in 2015 Section 4.8. 2017 +--:(file-writer) 2018 +--rw file-writer {file-writer}? 2019 +--rw ipfix-version? uint16 2020 +--rw file inet:uri 2021 +--ro file-writer-state 2022 +--ro bytes? 2023 | yang:counter64 2024 +--ro messages? 2025 | yang:counter64 2026 +--ro discarded-messages? 2027 | yang:counter64 2028 +--ro records? 2029 | yang:counter64 2030 +--ro templates? 2031 | yang:counter32 2032 +--ro options-templates? 2033 | yang:counter32 2034 +--ro file-writer-discontinuity-time? 2035 | yang:date-and-time 2036 +--ro template* [] 2037 +--ro observation-domain-id? uint32 2038 +--ro template-id? uint16 2039 +--ro set-id? uint16 2040 +--ro access-time? 2041 | yang:date-and-time 2042 +--ro template-data-records? 2043 | yang:counter64 2044 +--ro template-discontinuity-time? 2045 | yang:date-and-time 2046 +--ro field* [] 2047 +--ro ie-id? ie-id-type 2048 +--ro ie-length? uint16 2049 +--ro ie-enterprise-number? uint32 2050 +--ro is-flow-key? empty 2051 +--ro is-scope? empty 2053 Figure 14: File Writer Class 2055 4.4.5. Options Class 2057 The options class in Figure 15 defines the type of specific 2058 information to be reported, such as statistics, flow keys, sampling 2059 and filtering parameters, etc. [RFC7011] and [RFC5476] specify 2060 several types of reporting information that may be exported. The 2061 following parameter values are specified by the configuration data 2062 model: 2064 metering-statistics 2065 Export of metering process statistics using the metering process 2066 statistics options template [RFC7011]. 2068 metering-reliability 2069 Export of metering process reliability statistics using the 2070 metering process reliability statistics options template 2071 [RFC7011]. 2073 exporting-reliability 2074 Export of exporting process reliability statistics using the 2075 exporting process reliability statistics options template 2076 [RFC7011]. 2078 flow-keys 2079 Export of the flow key specification using the flow keys options 2080 template [RFC7011]. 2082 selection-sequence 2083 Export of selection sequence report interpretation and selector 2084 report interpretation [RFC5476]. 2086 selection-statistics 2087 Export of selection sequence statistics report interpretation 2088 [RFC5476]. 2090 accuracy 2091 Export of accuracy report interpretation [RFC5476]. 2093 reducing-redundancy 2094 Enables the utilization of options templates to reduce redundancy 2095 in the exported data records according to [RFC5473]. The 2096 exporting process decides when to apply these options templates. 2098 extended-type-information 2099 Export of extended type information for enterprise-specific 2100 information elements used in the exported templates [RFC5610]. 2102 The exporting process must choose a template definition according to 2103 the options type and available options data. The options-timeout 2104 parameter specifies the reporting interval (in milliseconds) for 2105 periodic export of the option data. A parameter value of zero means 2106 that the export of the option data is not triggered periodically, but 2107 whenever the available option data has changed. this is the typical 2108 setting for options types flow-keys, selection-sequence, accuracy, 2109 and reducing-redundancy. If options-timeout is not configured by the 2110 user, it is set by the monitoring device. 2112 +--rw options* [name] 2113 +--rw name name-type 2114 +--rw options-type identityref 2115 +--rw options-timeout? uint32 2117 Figure 15: Options Class 2119 4.5. Collecting Process Class 2121 Figure 16 shows the collecting-process class that contains the 2122 configuration and state parameters of a collecting process. The 2123 sctp-collector, udp-collector, and tcp-collector classes specify how 2124 IPFIX messages are received from remote exporters. The collecting 2125 process can also be configured as a file reader using the file-reader 2126 class. These classes are described in Section 4.5.1, Section 4.5.2, 2127 Section 4.5.3, and Section 4.5.4. 2129 A collecting-process instance may refer to one or more exporting- 2130 process instances configuring exporting processes that export the 2131 received data without modifications to a file or to another remote 2132 collector. 2134 +--rw collecting-process* [name] {collector}? 2135 +--rw name name-type 2136 +--rw tcp-collector* [name] {tcp-transport}? 2137 ... 2138 +--rw udp-collector* [name] {udp-transport}? 2139 ... 2140 +--rw sctp-collector* [name] {sctp-transport}? 2141 ... 2142 +--rw file-reader* [name] {file-reader}? 2143 ... 2144 +--rw exporting-process* -> /ipfix/exporting-process/name 2145 {exporter}? 2147 Figure 16: Collecting Process Class 2149 4.5.1. SCTP Collector Class 2151 The sctp-collector class contains the configuration parameters of a 2152 listening SCTP socket at a collecting process. The parameters are: 2154 local-ip-address 2155 List of local IP addresses on which the collecting process listens 2156 for IPFIX messages. The IP addresses are used as eligible local 2157 IP addresses of the multihomed SCTP endpoint [RFC4960]. IF 2158 omitted, the collecting process listens on all local IP addresses. 2160 local-port 2161 Local port number on which the collecting process listens for 2162 IPFIX messages. If omitted, standard port 4739 (IPFIX without TLS 2163 and DTLS) or 4740 (IPFIX over TLS or DTLS) is used. 2165 Using the transport-layer-security class described in Section 4.6, 2166 DTLS is enabled and configured for this receiving socket. 2168 The transport-session class is specified in Section 4.7. 2170 +--rw sctp-collector* [name] {sctp-transport}? 2171 +--rw name name-type 2172 +--rw local-port? inet:port-number 2173 | +--rw transport-layer-security! 2174 | | ... 2175 +--rw (local-address-method)? 2176 | +--:(local-address) 2177 | +--rw local-address* inet:host 2178 +--ro transport-session* [name] 2179 ... 2181 Figure 17: SCTP Collector Class 2183 4.5.2. UDP Collector Class 2185 The udp-collector class contains the configuration parameters of a 2186 listening UDP socket at a collecting process. The parameter local- 2187 port has the same meaning as in the sctp-collector class (see 2188 Section 4.5.1). The remaining parameters are: 2190 local-ip-address 2191 List of local IP addresses on which the collecting process listens 2192 for IPFIX messages. If omitted, the collecting process listens on 2193 all local IP addresses. 2195 template-life-time, options-template-life-time 2196 (options) template lifetime in seconds for all UDP transport 2197 sessions terminating at this UDP socket. (options) templates that 2198 are not received again within the configured lifetime become 2199 invalid at the collecting process. As specified in [RFC7011], 2200 section 10.3.7, the lifetime of templates and options templates 2201 must be at least three times higher than the template-refresh- 2202 timeout and option-templates-refresh-timeout parameter values 2203 configured on the corresponding exporting processes. If not 2204 configured, the default value 1800 is used, which is three times 2205 the default (options) template refresh timeout (see Section 4.4.2) 2206 as specified in [RFC7011]. Note that these parameters correspond 2207 to ipfixTransportSessionTemplateRefreshTimeout and 2208 ipfixTransportSessionOptionsTemplateRefreshTimeout in the IPFIX 2209 MIB module [RFC6615]. 2211 template-life-packet, options-template-life-packet 2212 If template-life-packet is configured, templates defined in a UDP 2213 transport session become invalid if they are neither included in a 2214 sequence of more than this number of IPFIX messages nor received 2215 again within the period of time specified by template-lifetime. 2216 Similarly, if options-template-life-packet is configured, options 2217 templates become invalid if they are neither included in a 2218 sequence of more than this number of IPFIX messages nor received 2219 again within the period of time specified by options-template- 2220 lifetime. If not configured, templates and options templates only 2221 become invalid according to the lifetimes specified by template- 2222 lifetime and options-template-lifetime, respectively. Note that 2223 these parameters correspond to 2224 ipfixTransportSessionTemplateRefreshPacket and 2225 ipfixTransportSessionOptionsTemplateRefreshPacket in the IPFIX MIB 2226 module [RFC6615]. 2228 Using the transport-layer-security class described in Section 4.6, 2229 DTLS is enabled and configured for this receiving socket. 2231 The transport-session class is specified in Section 4.7. 2233 +--rw udp-collector* [name] {udp-transport}? 2234 +--rw name name-type 2235 +--rw local-port? inet:port-number 2236 +--rw transport-layer-security! 2237 | ... 2238 +--rw (local-address-method)? 2239 | +--:(local-address) 2240 | +--rw local-address* inet:host 2241 +--rw template-life-time? uint32 2242 +--rw options-template-life-time? uint32 2243 +--rw template-life-packet? uint32 2244 +--rw options-template-life-packet? uint32 2245 +--ro transport-session* [name] 2246 ... 2248 Figure 18: UDP Collector Class 2250 4.5.3. TCP Collector Class 2252 The tcp-collector class contains the configuration parameters of a 2253 listening TCP socket at a collecting process. The parameters have 2254 the same meaning as in the udp-collector class (Section 4.5.2). 2256 Using the transport-layer-security class described in Section 4.6, 2257 TLS is enabled and configured for this receiving socket. 2259 The transport-session class is specified in Section 4.7. 2261 +--rw tcp-collector* [name] {tcp-transport}? 2262 +--rw name name-type 2263 +--rw local-port? inet:port-number 2264 +--rw transport-layer-security! 2265 | ... 2266 +--rw (local-address-method)? 2267 | +--:(local-address) 2268 | +--rw local-address* inet:host 2269 +--ro transport-session* [name] 2270 ... 2272 Figure 19: TCP Collector Class 2274 4.5.4. File Reader Class 2276 The collecting process may import IPFIX messages from a file as 2277 specified in [RFC5655]. The file-reader class defines the following 2278 configuration parameter: 2280 file 2281 File name and location specified as URI. 2283 The state parameters of the file-reader class are: 2285 bytes, messages, records, templates, options-templates 2286 The number of bytes, IPFIX messages, data records, template 2287 records, and options template records read by the file reader. 2288 Discontinuities in the values of these counters can occur at re- 2289 initialization of the management system, and at other times as 2290 indicated by the value of file-reader-discontinuity-time. 2292 file-reader-discontinuity-time 2293 Timestamp of the most recent occasion at which one or more file 2294 reader counters suffered a discontinuity. The time is absolute 2295 and not relative to sysUpTime. 2297 The file-reader class includes information about the template class 2298 and statistics. The template class is specified in Section 4.8. 2300 +--rw file-reader* [name] {file-reader}? 2301 +--rw name name-type 2302 +--rw file inet:uri 2303 +--ro file-reader-state 2304 +--ro bytes? yang:counter64 2305 +--ro messages? yang:counter64 2306 +--ro records? yang:counter64 2307 +--ro templates? yang:counter32 2308 +--ro options-templates? yang:counter32 2309 +--ro file-reader-discontinuity-time? 2310 | yang:date-and-time 2311 +--ro template* [] 2312 ... 2314 Figure 20: File Reader Class 2316 4.6. Transport Layer Security Class 2318 The transport-layer-security class is used in the exporting process's 2319 sctp-exporter, udp-exporter, and tcp-exporter classes, and the 2320 collecting process's sctp-collector, udp-collector, and tcp-collector 2321 classes to enable and configure TLS/DTLS for IPFIX. If TLS/DTLS is 2322 enabled, the endpoint must use DTLS [RFC6347] if the transport 2323 protocol is SCTP or UDP and TLS [RFC8446] if the transport protocol 2324 is TCP. 2326 [RFC7011] mandates strong mutual authentication of exporting 2327 processes and collecting process as follows. IPFIX exporting 2328 processes and IPFIX collecting processes are identified by the fully 2329 qualified domain name (FQDN) of the interface on which IPFIX messages 2330 are sent or received, for purposes of X.509 client and server 2331 certificates as in [RFC5280]. To prevent man-in-the-middle attacks 2332 from impostor exporting or collecting processes, the acceptance of 2333 data from an unauthorized exporting process, or the export of data to 2334 an unauthorized collecting process, strong mutual authentication via 2335 asymmetric keys must be used for both TLS and DTLS. Each of the 2336 IPFIX exporting and collecting processes must verify the identity of 2337 its peer against its authorized certificates, and must verify that 2338 the peer's certificate matches its fully qualified domain name, or, 2339 in the case of SCTP, the fully qualified domain name of one of its 2340 endpoints. 2342 The fully qualified domain name used to identify an IPFIX collecting 2343 process or exporting process may be stored either in a subjectaltname 2344 extension of type dnsname, or in the most specific common name field 2345 of the subject field of the x.509 certificate. If both are present, 2346 the subjectaltname extension is given preference. 2348 In order to use TLS/DTLS, appropriate certificates and keys have to 2349 be previously installed on the monitoring devices. For security 2350 reasons, the configuration data model does not offer the possibility 2351 to upload any certificates or keys on a monitoring device. If TLS/ 2352 DTLS is enabled on a monitoring device that does not dispose of 2353 appropriate certificates and keys, the configuration must be rejected 2354 with an error. 2356 The configuration data model allows restricting the authorization of 2357 remote endpoints to certificates issued by specific certification 2358 authorities or identifying specific fqdns for authorization. 2359 Furthermore, the configuration data model allows restricting the 2360 utilization of certificates identifying the local endpoint. This is 2361 useful if the monitoring device disposes of more than one certificate 2362 for the given local endpoint. 2364 The configuration parameters are defined as follows: 2366 local-certification-authority-dn 2367 This parameter may appear one or more times to restrict the 2368 identification of the local endpoint during the tls/dtls handshake 2369 to certificates issued by the configured certification 2370 authorities. each occurrence of this parameter contains the 2371 distinguished name of one certification authority. To identify 2372 the local endpoint, the exporting process or collecting process 2373 must use a certificate issued by one of the configured 2374 certification authorities. Certificates issued by any other 2375 certification authority must not be sent to the remote peer during 2376 TLS/DTLS handshake. If none of the certificates installed on the 2377 monitoring device fulfills the specified restrictions, the 2378 configuration must be rejected with an error. If local- 2379 certification-authority-dn is not configured, the choice of 2380 certificates identifying the local endpoint is not restricted with 2381 respect to the issuing certification authority. 2383 local-subject-dn, local-subject-fqdn 2384 Each of these parameters may appear one or more times to restrict 2385 the identification of the local endpoint during the TLS/DTLS 2386 handshake to certificates issued for specific subjects or for 2387 specific FQDNs. Each occurrence of local-subject-dn contains a 2388 distinguished name identifying the local endpoint. Each 2389 occurrence of local-subject-fqdn contains a FQDN which is assigned 2390 to the local endpoint. To identify the local endpoint, the 2391 exporting process or collecting process must use a certificate 2392 that contains either one of the configured distinguished names in 2393 the subject field or at least one of the configured FQDNs in a 2394 dnsname component of the subject alternative extension field or in 2395 the most specific commonname component of the subject field. If 2396 none of the certificates installed on the monitoring device 2397 fulfills the specified restrictions, the configuration must be 2398 rejected with an error. If any of the parameters local-subject-dn 2399 and local-subject-fqdn is configured at the same time as the 2400 local-certification-authority-dn parameter, certificates must also 2401 fulfill the specified restrictions regarding the certification 2402 authority. If local-subject-dn and local-subject-fqdn are not 2403 configured, the choice of certificates identifying the local 2404 endpoint is not restricted with respect to the subject's 2405 distinguished name or FQDN. 2407 remote-certification-authority-dn 2408 This parameter may appear one or more times to restrict the 2409 authentication of remote endpoints during the TLS/DTLS handshake 2410 to certificates issued by the configured certification 2411 authorities. Each occurrence of this parameter contains the 2412 distinguished name of one certification authority. To 2413 authenticate the remote endpoint, the remote exporting process or 2414 collecting process must provide a certificate issued by one of the 2415 configured certification authorities. Certificates issued by any 2416 other certification authority must be rejected during TLS/DTLS 2417 handshake. If the monitoring device is not able to validate 2418 certificates issued by the configured certification authorities 2419 (e.g., because of missing public keys), the configuration must be 2420 rejected with an error. If remote-certification-authority-dn is 2421 not configured, the authorization of remote endpoints is not 2422 restricted with respect to the issuing certification authority of 2423 the delivered certificate. 2425 remote-subject-dn, remote-subject-fqdn 2426 Each of these parameters may appear one or more times to restrict 2427 the authentication of remote endpoints during the TLS/DTLS 2428 handshake to certificates issued for specific subjects or for 2429 specific FQDNs. Each occurrence of remote-subject-dn contains a 2430 distinguished name identifying a remote endpoint. Each occurrence 2431 of remote-subject-fqdn contains a FQDN that is assigned to a 2432 remote endpoint. To authenticate a remote endpoint, the remote 2433 exporting process or collecting process must provide a certificate 2434 that contains either one of the configured distinguished names in 2435 the subject field or at least one of the configured FQDNs in a 2436 dnsname component of the subject alternative extension field or in 2437 the most specific common name component of the subject field. 2438 Certificates not fulfilling this condition must be rejected during 2439 TLS/DTLS handshake. If any of the parameters remote-subject-dn 2440 and remote-subject-fqdn is configured at the same time as the 2441 remote-certification-authority-dn parameter, certificates must 2442 also fulfill the specified restrictions regarding the 2443 certification authority in order to be accepted. If remote- 2444 subject-dn and remote-subject-FQDN are not configured, the 2445 authorization of remote endpoints is not restricted with respect 2446 to the subject's distinguished name or FQDN of the delivered 2447 certificate. 2449 +--rw transport-layer-security! 2450 +--rw local-certification-authority-dn* string 2451 +--rw local-subject-dn* string 2452 +--rw local-subject-fqdn* inet:domain-name 2453 +--rw remote-certification-authority-dn* string 2454 +--rw remote-subject-dn* string 2455 +--rw remote-subject-fqdn* inet:domain-name 2457 Figure 21: Transport Layer Security Class 2459 4.7. Transport Session Class 2461 The transport-session class contains state data about transport 2462 sessions originating from an exporting process or terminating at a 2463 collecting process. If SCTP is the transport protocol, the exporter 2464 or collector may be multihomed SCTP endpoints (see [RFC4960], 2465 Section 6.4), in which can more than one IP address will be used. 2467 The following attributes are supported: 2469 ipfix-version 2470 Used for exporting processes, this parameter contains the version 2471 number of the IPFIX protocol that the exporter uses to export its 2472 data in this transport session. Hence, it is identical to the 2473 value of the configuration parameter ipfix-version of the sctp- 2474 exporter, udp-exporter, or tcp-exporter object. When used for 2475 collecting processes, this parameter contains the version-number 2476 of the IPFIX protocol it receives for this transport session. If 2477 IPFIX messages of different IPFIX protocol versions are received, 2478 this parameter contains the maximum version number. This state 2479 parameter is identical to ipfixTransportSessionIpfixVersion in the 2480 IPFIX MIB module [RFC6615]. 2482 source-address, destination-address 2483 If TCP or UDP is the transport protocol, source-address contains 2484 the IP address of the exporter, and destination-address contains 2485 the IP addresses of the collector. Hence, the two parameters have 2486 identical values as ipfixTransportSessionSourceAddress and 2487 ipfixTransportSessionDestinationAddress in the IPFIX MIB module 2488 [RFC6615]. if SCTP is the transport protocol, source-address 2489 contains one of the IP addresses of the exporter and destination- 2490 address one of the IP addresses of the collector. Preferably, the 2491 IP addresses of the path that is usually selected by the exporter 2492 to send IPFIX messages to the collector should be contained. 2494 source-port, destination-port 2495 These state parameters contain the transport-protocol port numbers 2496 of the exporter and the collector of the transport session and 2497 thus are identical to ipfixTransportSessionSourcePort and 2498 ipfixTransportSessionDestinationPort in the IPFIX MIB module 2499 [RFC6615]. 2501 sctp-assoc-id 2502 The association id used for the SCTP session between the exporter 2503 and the collector of the transport session. It is equal to the 2504 sctpassocid entry in the SctpAssocTable defined in the SCTP-MIB 2505 [RFC3871]. This parameter is only available if the transport 2506 protocol is SCTP and if an SNMP agent on the same monitoring 2507 device enables access to the corresponding MIB objects in the 2508 SctpAssocTable. This state parameter is identical to 2509 ipfixTransportSessionSctpAssocId in the IPFIX MIB module 2510 [RFC6615]. 2512 status 2513 Status of the transport session, which can be one of the 2514 following: 2516 * inactive: transport session is established, but no IPFIX 2517 messages are currently transferred (e.g., because this is a 2518 backup (secondary) session) 2520 * active: transport session is established and transfers IPFIX 2521 messages 2523 * unknown: transport session status cannot be determined; this 2524 state parameter is identical to ipfixTransportSessionStatus in 2525 the IPFIX MIB module [RFC6615] 2527 rate 2528 The number of bytes per second transmitted by the exporting 2529 process or received by the collecting process. This parameter is 2530 updated every second. This state parameter is identical to 2531 ipfixtransportsessionrate in the IPFIX MIB module [RFC6615]. 2533 bytes, messages, records, templates, options-templates 2534 The number of bytes, IPFIX messages, data records, template 2535 records, and options template records transmitted by the exporting 2536 process or received by the collecting process. Discontinuities in 2537 the values of these counters can occur at re-initialization of the 2538 management system, and at other times as indicated by the value of 2539 transport-session-discontinuity-time. 2541 discarded-messages 2542 Used for exporting processes, this parameter indicates the number 2543 of messages that could not be sent due to internal buffer 2544 overflows, network congestion, routing issues, etc. Used for 2545 collecting process, this parameter indicates the number of 2546 received IPFIX messages that are malformed, cannot be decoded, are 2547 received in the wrong order or are missing according to the 2548 sequence number. Discontinuities in the value of this counter can 2549 occur at re-initialization of the management system, and at other 2550 times as indicated by the value of transport-session- 2551 discontinuity-time. 2553 transport-session-start-time 2554 Timestamp of the start of the given transport session. 2556 transport-session-discontinuity-time 2557 Timestamp of the most recent occasion at which one or more of the 2558 transport session counters suffered a discontinuity. The time is 2559 absolute and not relative to sysUpTime. Note that, if used for 2560 exporting processes, the values of the state parameters 2561 destination-address and destination-port match the values of the 2562 configuration parameters destination-ip-address and destination- 2563 port of the sctp-exporter, tcp-exporter, and udp-exporter (in the 2564 case of sctp-exporter, one of the configured destination-ip- 2565 address values); if the transport protocol is UDP or SCTP and if 2566 the parameter source-ip-address is configured in the udp-exporter 2567 or sctp-exporter object, the value of source-address equals the 2568 configured value or one of the configured values. Used for 2569 collecting processes, the value of destination-address equals the 2570 value (or one of the values) of the parameter local-ip-address if 2571 this parameter is configured in the udp-collector, tcp-collector, 2572 or sctp-collector; destination-port equals the value of the 2573 configuration parameter local-port. 2575 The transport-session class includes template class information and 2576 statistics about the templates transmitted or received on the given 2577 transport session. The template class is specified in Section 4.8. 2579 +--ro transport-session* [name] 2580 +--ro name name-type 2581 +--ro ipfix-version? uint16 2582 +--ro source-address? inet:host 2583 +--ro destination-address? inet:host 2584 +--ro source-port? 2585 | inet:port-number 2586 +--ro destination-port? 2587 | inet:port-number 2588 +--ro status? 2589 | transport-session-status 2590 +--ro rate? 2591 | yang:gauge32 2592 +--ro bytes? 2593 | yang:counter64 2594 +--ro messages? 2595 | yang:counter64 2596 +--ro discarded-messages? 2597 | yang:counter64 2598 +--ro records? 2599 | yang:counter64 2600 +--ro templates? 2601 | yang:counter32 2602 +--ro options-templates? 2603 | yang:counter32 2604 +--ro transport-session-start-time? 2605 | yang:date-and-time 2606 +--ro transport-session-discontinuity-time? 2607 | yang:date-and-time 2608 +--ro template* [] 2609 ... 2611 Figure 22: Transport Session Class 2613 4.8. Template Class 2615 The template class contains state data about templates used by an 2616 exporting process or received by a collecting process in a specific 2617 transport session. The field class defines one field of the 2618 template. The names and semantics of the state parameters correspond 2619 to the managed objects in the ipfixTemplateTable, 2620 ipfixTemplateDefinitionTable, and ipfixTemplateStatsTable of the 2621 IPFIX MIB module [RFC6615]: 2623 observation-domain-id 2624 The identifier of the observation domain for which this template 2625 is defined. 2627 template-id 2628 This number indicates the template identifier in the IPFIX 2629 Message. 2631 set-id 2632 This number indicates the set identifier of this template. 2633 Currently, there are two values defined [RFC7011]. The value 2 is 2634 used for sets containing template definitions. The value 3 is 2635 used for sets containing options template definitions. 2637 access-time 2638 Used for exporting processes, this parameter contains the time 2639 when this (Options) Template was last sent to the Collector or 2640 written to the file. Used for Collecting Processes, this 2641 parameter contains the time when this (Options) Template was last 2642 received from the Exporter or read from the file. 2644 template-data-records 2645 The number of transmitted or received data records defined by this 2646 (options) template since the point in time indicated by template- 2647 definition-time. 2649 template-discontinuity-time 2650 Timestamp of the most recent occasion at which the counter 2651 template-data-records suffered a discontinuity. The time is 2652 absolute and not relative to sysUpTime. 2654 ie-id, ie-length, ie-enterprise-number 2655 Information Element identifier, length, and enterprise number of a 2656 field in the template. If this is not an enterprise-specific 2657 Information Element, ie-enterprise-number is zero. These state 2658 parameters are identical to ipfixTemplateDefinitionIeId, 2659 ipfixTemplateDefinitionIeLength, and 2660 ipfixTemplateDefinitionIeEnterpriseNumber in the IPFIX MIB module 2661 [RFC6615]. 2663 is-flow-key 2664 If this state parameter is present, this is a flow key field. 2665 This parameter is only available for non-Options Templates (i.e., 2666 if setId is 2). 2668 is-scope 2669 If this state parameter is present, this is a scope field. This 2670 parameter is only available for options templates (i.e., if setId 2671 is 3). 2673 +--ro template* [] 2674 +--ro observation-domain-id? uint32 2675 +--ro template-id? uint16 2676 +--ro set-id? uint16 2677 +--ro access-time? yang:date-and-time 2678 +--ro template-data-records? yang:counter64 2679 +--ro template-discontinuity-time? yang:date-and-time 2680 +--ro field* [] 2681 +--ro ie-id? ie-id-type 2682 +--ro ie-length? uint16 2683 +--ro ie-enterprise-number? uint32 2684 +--ro is-flow-key? empty 2685 +--ro is-scope? empty 2687 Figure 23: Template Class 2689 4.9. Bulk Data Class 2691 The bulk data process class in Figure 24) specifies the bulk data 2692 template to be applied to resource or set of resources and provides 2693 state information about the template records. The following 2694 attributes are supported: 2696 enabled 2697 Enables the template so that specified data may be exported. The 2698 default is "enabled". 2700 export-interval 2701 The interval (in seconds) for periodical export of data records. 2703 observation-domain-id 2704 The Observation Domain that is locally unique to an Exporting 2705 Process 2707 field-layout 2708 The IPFIX template to be applied to the resource. The following 2709 attributes are configurable: 2711 * ie-id: Identifies the Information Element identifier. 2713 * ie-enterprise-id: Identifies the enterprise identifier of the 2714 Information Element. If 0, the enterprise ID is an IANA based 2715 Information Element. 2717 * ie-length: Identifies the length of the Information Element. 2719 A bulk data instance may refer to: 2721 o one or more exporting-process instances 2723 o one or more resource instances (e.g., different interface 2724 instances on a line card) 2726 The following state information is available; 2728 data-records 2729 Reports the number of data records generated for this bulk data 2730 template. 2732 discontinuity-time 2733 Timestamp of the most recent occasion at which the counter data 2734 records suffered a discontinuity. 2736 +--rw bulk-data-export 2737 +--rw template* [name] 2738 +--rw name ietf-ipfix:name-type 2739 +--rw enabled? boolean 2740 +--rw export-interval? uint32 2741 +--rw observation-domain-id? uint32 2742 +--rw field-layout 2743 | +--rw field* [name] 2744 | +--rw name ietf-ipfix:name-type 2745 | +--rw (identifier) 2746 | | +--:(ie-id) 2747 | | +--rw ie-id? ietf-ipfix:ie-id-type 2748 | +--rw ie-length? uint16 2749 | +--rw ie-enterprise-number? uint32 2750 +--rw exporting-process* 2751 | -> /ietf-ipfix:ipfix/exporting-process/name 2752 | {ietf-ipfix:exporter}? 2753 +--rw resource* resource 2754 +--ro data-records? yang:counter64 2755 +--ro discontinuity-time? yang:date-and-time 2757 Figure 24: Bulk Data Class 2759 5. Adaptation to Device Capabilities 2761 The configuration data model standardizes a superset of common IPFIX 2762 and PSAMP configuration parameters. A typical monitoring device 2763 implementation will not support the entire range of possible 2764 configurations. Certain functions may not be supported, such as the 2765 collecting process that does not exist on a monitoring device that is 2766 conceived as exporter only. The configuration of other functions may 2767 be subject to resource limitations or functional restrictions. For 2768 example, the cache size is typically limited according to the 2769 available memory on the device. It is also possible that a 2770 monitoring device implementation requires the configuration of 2771 additional parameters that are not part of the configuration data 2772 model in order to function properly. 2774 The configuration data model for IPFIX and PSAMP covers the 2775 configuration of Exporters, Collectors, and devices that may act as 2776 both. As Exporters and Collectors implement different functions, the 2777 corresponding proportions of the model are conditional on the 2778 following features: 2780 exporter 2781 If this feature is supported, Exporting Processes can be 2782 configured. 2784 collector 2785 If this feature is supported, Collecting Processes can be 2786 configured. 2788 Exporters do not necessarily implement any Selection Processes, 2789 Caches, or even Observation Points in particular cases. Therefore, 2790 the corresponding proportions of the model are conditional on the 2791 following feature: 2793 Additional features refer to different PSAMP Sampling and Filtering 2794 methods as well as to the supported types of Caches: 2796 psamp-samp-count-based 2797 If this feature is supported, Sampling method samp-count-based can 2798 be configured. 2800 psamp-samp-time-based 2801 If this feature is supported, Sampling method samp-time-based can 2802 be configured. 2804 psamp-samp-rand-out-of-n 2805 If this feature is supported, Sampling method samp-rand-out-of-n 2806 can be configured. 2808 psamp-samp-uni-prob 2809 If this feature is supported, Sampling method samp-uni-prob can be 2810 configured. 2812 psampfilter-match 2813 If this feature is supported, Filtering method filter-match can be 2814 configured. 2816 psamp-filter-hash 2817 If this feature is supported, Filtering method filter-hash can be 2818 configured. 2820 immediate-cache 2821 If this feature is supported, a Cache generating PSAMP Packet 2822 Reports can be configured using the Immediate Cache class. 2824 timeout-cache 2825 If this feature is supported, a Cache generating IPFIX Flow 2826 Records can be configured using the Timeout Cache class. 2828 natural-cache 2829 If this feature is supported, a Cache generating IPFIX Flow 2830 Records can be configured using the Natural Cache class. 2832 permanent-cache 2833 If this feature is supported, a Cache generating IPFIX Flow 2834 Records can be configured using the Permanent Cache class. 2836 The following features concern the support of UDP and TCP as 2837 transport protocols and the support of File Readers and File Writers: 2839 sctp-transport 2840 If this feature is supported, SCTP can be used as transport 2841 protocol by Exporting Processes and Collecting Processes. 2843 udp-transport 2844 If this feature is supported, UDP can be used as transport 2845 protocol by Exporting Processes and Collecting Processes. 2847 tcp-transport 2848 If this feature is supported, TCP can be used as transport 2849 protocol by Exporting Processes and Collecting Processes. 2851 file-reader 2852 If this feature is supported, File Readers can be configured as 2853 part of Collecting Processes. 2855 file-writer 2856 If this feature is supported, File Writers can be configured as 2857 part of Exporting Processes. 2859 6. YANG Modules 2861 This document defines three YANG modules: 2863 o ietf-ipfix 2864 o ietf-psamp 2866 o ietf-bulk-data-export 2868 6.1. ietf-ipfix 2870 6.1.1. ietf-ipfix Module Structure 2872 This document defines the YANG module "ietf-ipfix", which has the 2873 following structure: 2875 module: ietf-ipfix 2876 +--rw ipfix 2877 +--rw collecting-process* [name] {collector}? 2878 | +--rw name name-type 2879 | +--rw tcp-collector* [name] {tcp-transport}? 2880 | | ... 2881 | +--rw udp-collector* [name] {udp-transport}? 2882 | | ... 2883 | +--rw sctp-collector* [name] {sctp-transport}? 2884 | | ... 2885 | +--rw file-reader* [name] {file-reader}? 2886 | | ... 2887 | +--rw exporting-process* -> /ipfix/exporting-process/name 2888 | {exporter}? 2889 +--rw exporting-process* [name] {exporter}? 2890 +--rw name name-type 2891 +--rw enabled? boolean 2892 +--rw export-mode? identityref 2893 +--rw destination* [name] 2894 | ... 2895 +--rw options* [name] 2896 | ... 2897 +--ro exporting-process-id? uint32 2899 6.1.2. ietf-ipfix YANG Module 2901 This YANG Module imports typedefs from [RFC6991]. 2903 file "ietf-ipfix@2018-10-22.yang" 2905 module ietf-ipfix { 2906 yang-version 1.1; 2908 namespace "urn:ietf:params:xml:ns:yang:ietf-ipfix"; 2910 prefix ietf-ipfix; 2911 import ietf-inet-types { 2912 prefix inet; 2913 } 2915 import ietf-yang-types { 2916 prefix yang; 2917 } 2919 import ietf-interfaces { 2920 prefix if; 2921 } 2923 organization 2924 "IETF"; 2926 contact 2927 "Web: TBD 2928 List: TBD 2930 Editor: Joey Boyd 2931 2933 Editor: Marta Seda 2934 "; 2936 // RFC Ed.: replace XXXX with actual RFC numbers and 2937 // remove this note. 2939 description 2940 "This module contains a collection of YANG definitions for the 2941 management of IP Flow Information Export (IPFIX). 2943 This data model is designed for the Network Management Datastore 2944 Architecture defined in RFC 8342. 2946 Copyright (c) 2019 IETF Trust and the persons identified 2947 as authors of the code. All rights reserved. 2949 Redistribution and use in source and binary forms, with or 2950 without modification, is permitted pursuant to, and subject 2951 to the license terms contained in, the Simplified BSD License 2952 set forth in Section 4.c of the IETF Trust's Legal Provisions 2953 Relating to IETF Documents 2954 (http://trustee.ietf.org/license-info). 2956 This version of this YANG module is part of XXXX; see the RFC 2957 itself for full legal notices."; 2959 revision 2019-03-11 { 2960 description 2961 "Initial revision."; 2962 reference 2963 "RFC XXXX: YANG Data Models for the IP Flow Information Export 2964 (IPFIX) Protocol, Packet Sampling (PSAMP) Protocol, 2965 and Bulk Data Export"; 2966 } 2968 feature exporter { 2969 description 2970 "If supported, the Monitoring Device can be used as 2971 an Exporter. Exporting Processes can be configured."; 2972 } 2974 feature collector { 2975 description 2976 "If supported, the Monitoring Device can be used as 2977 a Collector. Collecting Processes can be configured."; 2978 } 2980 feature tcp-transport { 2981 description 2982 "If supported, the Monitoring Device supports TCP 2983 as the transport protocol."; 2984 } 2986 feature udp-transport { 2987 description 2988 "If supported, the Monitoring Device supports UDP 2989 as the transport protocol."; 2990 } 2992 feature sctp-transport { 2993 description 2994 "If supported, the Monitoring Device supports SCTP 2995 as the transport protocol."; 2996 } 2998 feature file-reader { 2999 description 3000 "If supported, the Monitoring Device supports the 3001 configuration of Collecting Processes as File Readers."; 3002 } 3004 feature file-writer { 3005 description 3006 "If supported, the Monitoring Device supports the 3007 configuration of Exporting Processes as File Writers."; 3008 } 3010 feature if-mib { 3011 description 3012 "This feature indicates that the device implements 3013 the IF-MIB."; 3014 reference 3015 "RFC 2863: The Interfaces Group MIB"; 3016 } 3018 identity export-mode { 3019 description 3020 "Base identity for different usages of export 3021 destinations configured for an Exporting Process."; 3022 } 3024 identity parallel { 3025 base export-mode; 3026 description 3027 "Parallel export of Data Records to all 3028 destinations configured for the Exporting Process."; 3029 } 3031 identity load-balancing { 3032 base export-mode; 3033 description 3034 "Load-balancing between the different destinations 3035 configured for the Exporting Process."; 3036 } 3038 identity fallback { 3039 base export-mode; 3040 description 3041 "Export to the primary destination (i.e., the first 3042 destination configured for the Exporting Process). If the 3043 export to the primary destination fails, the Exporting Process 3044 tries to export to the secondary destination. If the 3045 secondary destination fails as well, it continues with the 3046 tertiary, etc."; 3047 } 3049 identity options-type { 3050 description 3051 "Base identity for report types exported with 3052 options templates."; 3053 } 3054 identity metering-statistics { 3055 base options-type; 3056 description 3057 "Metering Process Statistics."; 3058 reference 3059 "RFC 5101, Section 4.1."; 3060 } 3062 identity metering-reliability { 3063 base options-type; 3064 description 3065 "Metering Process Reliability Statistics."; 3066 reference 3067 "RFC 5101, Section 4.2."; 3068 } 3070 identity exporting-reliability { 3071 base options-type; 3072 description 3073 "Exporting Process Reliability Statistics."; 3074 reference 3075 "RFC 5101, Section 4.3."; 3076 } 3078 identity flow-keys { 3079 base options-type; 3080 description 3081 "Flow Keys."; 3082 reference 3083 "RFC 5101, Section 4.4."; 3084 } 3086 identity selection-sequence { 3087 base options-type; 3088 description 3089 "Selection Sequence and Selector Reports."; 3090 reference 3091 "RFC 5476, Sections 6.5.1 and 6.5.2."; 3092 } 3094 identity selection-statistics { 3095 base options-type; 3096 description 3097 "Selection Sequence Statistics Report."; 3098 reference 3099 "RFC 5476, Sections 6.5.3."; 3100 } 3101 identity accuracy { 3102 base options-type; 3103 description 3104 "Accuracy Report."; 3105 reference 3106 "RFC 5476, Section 6.5.4."; 3107 } 3109 identity reducing-redundancy { 3110 base options-type; 3111 description 3112 "Enables the utilization of Options Templates to 3113 reduce redundancy in the exported Data Records."; 3114 reference 3115 "RFC 5473."; 3116 } 3118 identity extended-type-information { 3119 base options-type; 3120 description 3121 "Export of extended type information for 3122 enterprise-specific Information Elements used in the 3123 exported Templates."; 3124 reference 3125 "RFC 5610."; 3126 } 3128 typedef ie-name-type { 3129 type string { 3130 length "1..max"; 3131 pattern '\S+'; 3132 } 3133 description 3134 "Type for Information Element names. Whitespaces 3135 are not allowed."; 3136 } 3138 typedef name-type { 3139 type string { 3140 length "1..max"; 3141 pattern '\S(.*\S)?'; 3142 } 3143 description 3144 "Type for 'name' leafs, which are used to identify 3145 specific instances within lists, etc. 3146 Leading and trailing whitespaces are not allowed."; 3147 } 3148 typedef ie-id-type { 3149 type uint16 { 3150 range "1..32767"; 3151 } 3152 description 3153 "Type for Information Element identifiers."; 3154 } 3156 typedef transport-session-status { 3157 type enumeration { 3158 enum "inactive" { 3159 value 0; 3160 description 3161 "This value MUST be used for Transport Sessions 3162 that are specified in the system but currently not active. 3163 The value can be used for Transport Sessions that are 3164 backup (secondary) sessions."; 3165 } 3166 enum "active" { 3167 value 1; 3168 description 3169 "This value MUST be used for Transport Sessions 3170 that are currently active and transmitting or receiving 3171 data."; 3172 } 3173 enum "unknown" { 3174 value 2; 3175 description 3176 "This value MUST be used if the status of the 3177 Transport Sessions cannot be detected by the device. 3178 This value should be avoided as far as possible."; 3179 } 3180 } 3181 description 3182 "Status of a Transport Session."; 3183 reference 3184 "RFC 6615, Section 8 (ipfixTransportSessionStatus)."; 3185 } 3187 grouping transport-layer-security-parameters { 3188 description 3189 "TLS or DTLS parameters."; 3191 leaf-list local-certification-authority-dn { 3192 type string; 3193 description 3194 "Distinguished names of certification authorities 3195 whose certificates may be used to identify the local 3196 endpoint."; 3197 reference 3198 "RFC 5280."; 3199 } 3201 leaf-list local-subject-dn { 3202 type string; 3203 description 3204 "Distinguished names that may be used in the 3205 certificates to identify the local endpoint."; 3206 reference 3207 "RFC 5280."; 3208 } 3210 leaf-list local-subject-fqdn { 3211 type inet:domain-name; 3212 description 3213 "Fully qualified domain names that may be used to 3214 in the certificates to identify the local endpoint."; 3215 reference 3216 "RFC 5280."; 3217 } 3219 leaf-list remote-certification-authority-dn { 3220 type string; 3221 description 3222 "Distinguished names of certification authorities 3223 whose certificates are accepted to authorize remote 3224 endpoints."; 3225 reference 3226 "RFC 5280."; 3227 } 3229 leaf-list remote-subject-dn { 3230 type string; 3231 description 3232 "Distinguished names which are accepted in 3233 certificates to authorize remote endpoints."; 3234 reference 3235 "RFC 5280."; 3236 } 3238 leaf-list remote-subject-fqdn { 3239 type inet:domain-name; 3240 description 3241 "Fully qualified domain names that are accepted in 3242 certificates to authorize remote endpoints."; 3244 reference 3245 "RFC 5280."; 3246 } 3247 } 3249 grouping transport-session-state-parameters { 3250 description 3251 "State parameters of a Transport Session originating 3252 from an Exporting Process or terminating at a Collecting 3253 Process. Parameter names and semantics correspond to the 3254 managed objects in IPFIX-MIB."; 3255 reference 3256 "RFC 5101; RFC 6615, Section 8 3257 (ipfixTransportSessionEntry, 3258 ipfixTransportSessionStatsEntry)."; 3260 leaf ipfix-version { 3261 type uint16; 3262 description 3263 "Used for Exporting Processes, this parameter 3264 contains the version number of the IPFIX protocol that the 3265 Exporter uses to export its data in this Transport Session. 3267 Used for Collecting Processes, this parameter contains the 3268 version number of the IPFIX protocol it receives for 3269 this Transport Session. If IPFIX Messages of different 3270 IPFIX protocol versions are received, this parameter 3271 contains the maximum version number. 3273 Note that this parameter corresponds to 3274 ipfixTransportSessionIpfixVersion in the IPFIX MIB 3275 module."; 3276 reference 3277 "RFC 6615, Section 8 3278 (ipfixTransportSessionIpfixVersion)."; 3279 } 3281 leaf source-address { 3282 type inet:host; 3283 description 3284 "The source address of the Exporter of the 3285 IPFIX Transport Session. "; 3286 reference 3287 "RFC 6615, Section 8 3288 (ipfixTransportSessionSourceAddressType, 3289 ipfixTransportSessionSourceAddress); 3290 RFC 4960, Section 6.4."; 3291 } 3292 leaf destination-address { 3293 type inet:host; 3294 description 3295 "The destination address of the 3296 path that is selected by the Exporter to 3297 send IPFIX messages to the Collector. 3299 In the case of TCP, it is possible 3300 that if an FQDN address is configured it 3301 resolves into many addresses. 3303 Note that this parameter functionally corresponds to 3304 ipfixTransportSessionDestinationAddressType and 3305 ipfixTransportSessionDestinationAddress in the IPFIX MIB 3306 module."; 3307 reference 3308 "RFC 6615, Section 8 3309 (ipfixTransportSessionDestinationAddressType, 3310 ipfixTransportSessionDestinationAddress); 3311 RFC 4960, Section 6.4."; 3312 } 3314 leaf source-port { 3315 type inet:port-number; 3316 description 3317 "The transport-protocol port number of the 3318 Exporter of the IPFIX Transport Session. 3320 Note that this parameter corresponds to 3321 ipfixTransportSessionSourcePort in the IPFIX MIB module."; 3322 reference 3323 "RFC 6615, Section 8 3324 (ipfixTransportSessionSourcePort)."; 3325 } 3327 leaf destination-port { 3328 type inet:port-number; 3329 description 3330 "The transport-protocol port number of the 3331 Collector of the IPFIX Transport Session. 3333 Note that this parameter corresponds to 3334 ipfixTransportSessionDestinationPort in the IPFIX MIB 3335 module."; 3336 reference 3337 "RFC 6615, Section 8 3338 (ipfixTransportSessionDestinationPort)."; 3339 } 3340 leaf status { 3341 type transport-session-status; 3342 description 3343 "Status of the Transport Session. 3345 Note that this parameter corresponds to 3346 ipfixTransportSessionStatus in the IPFIX MIB module."; 3347 reference 3348 "RFC 6615, Section 8 (ipfixTransportSessionStatus)."; 3349 } 3351 leaf rate { 3352 type yang:gauge32; 3353 units "bytes per second"; 3354 description 3355 "The number of bytes per second transmitted by the 3356 Exporting Process or received by the Collecting Process. 3357 This parameter is updated every second. 3359 Note that this parameter corresponds to 3360 ipfixTransportSessionRate in the IPFIX MIB module."; 3361 reference 3362 "RFC 6615, Section 8 (ipfixTransportSessionRate)."; 3363 } 3365 leaf bytes { 3366 type yang:counter64; 3367 units "bytes"; 3368 description 3369 "The number of bytes transmitted by the 3370 Exporting Process or received by the Collecting Process. 3371 Discontinuities in the value of this counter can occur at 3372 re-initialization of the management system, and at other 3373 times as indicated by the value of 3374 transportSessionDiscontinuityTime. 3376 Note that this parameter corresponds to 3377 ipfixTransportSessionBytes in the IPFIX MIB module."; 3378 reference 3379 "RFC 6615, Section 8 (ipfixTransportSessionBytes)."; 3380 } 3382 leaf messages { 3383 type yang:counter64; 3384 units "IPFIX Messages"; 3385 description 3386 "The number of messages transmitted by the 3387 Exporting Process or received by the Collecting Process. 3389 Discontinuities in the value of this counter can occur at 3390 re-initialization of the management system, and at other 3391 times as indicated by the value of 3392 transportSessionDiscontinuityTime. 3394 Note that this parameter corresponds to 3395 ipfixTransportSessionMessages in the IPFIX MIB module."; 3396 reference 3397 "RFC 6615, Section 8 3398 (ipfixTransportSessionMessages)."; 3399 } 3401 leaf discarded-messages { 3402 type yang:counter64; 3403 units "IPFIX Messages"; 3404 description 3405 "Used for Exporting Processes, this parameter 3406 indicates the number of messages that could not be sent due 3407 to internal buffer overflows, network congestion, routing 3408 issues, etc. Used for Collecting Process, this parameter 3409 indicates the number of received IPFIX Message that are 3410 malformed, cannot be decoded, are received in the wrong 3411 order or are missing according to the sequence number. 3412 Discontinuities in the value of this counter can occur at 3413 re-initialization of the management system, and at other 3414 times as indicated by the value of 3415 transport-session-discontinuity-time. 3417 Note that this parameter corresponds to 3418 ipfixTransportSessionDiscardedMessages in the IPFIX MIB 3419 module."; 3420 reference 3421 "RFC 6615, Section 8 3422 (ipfixTransportSessionDiscardedMessages)."; 3423 } 3425 leaf records { 3426 type yang:counter64; 3427 units "Data Records"; 3428 description 3429 "The number of Data Records transmitted by the 3430 Exporting Process or received by the Collecting Process. 3431 Discontinuities in the value of this counter can occur at 3432 re-initialization of the management system, and at other 3433 times as indicated by the value of 3434 transportSessionDiscontinuityTime. 3436 Note that this parameter corresponds to 3437 ipfixTransportSessionRecords in the IPFIX MIB module."; 3438 reference 3439 "RFC 6615, Section 8 3440 (ipfixTransportSessionRecords)."; 3441 } 3443 leaf templates { 3444 type yang:counter32; 3445 units "Templates"; 3446 description 3447 "The number of Templates transmitted by the 3448 Exporting Process or received by the Collecting Process. 3449 Discontinuities in the value of this counter can occur at 3450 re-initialization of the management system, and at other 3451 times as indicated by the value of 3452 transportSessionDiscontinuityTime. 3454 Note that this parameter corresponds to 3455 ipfixTransportSessionTemplates in the IPFIX MIB module."; 3456 reference 3457 "RFC 6615, Section 8 3458 (ipfixTransportSessionTemplates)."; 3459 } 3461 leaf options-templates { 3462 type yang:counter32; 3463 units "Options Templates"; 3464 description 3465 "The number of Option Templates transmitted by the 3466 Exporting Process or received by the Collecting Process. 3467 Discontinuities in the value of this counter can occur at 3468 re-initialization of the management system, and at other 3469 times as indicated by the value of 3470 transportSessionDiscontinuityTime. 3472 Note that this parameter corresponds to 3473 ipfixTransportSessionOptionsTemplates in the IPFIX MIB 3474 module."; 3475 reference 3476 "RFC 6615, Section 8 3477 (ipfixTransportSessionOptionsTemplates)."; 3478 } 3480 leaf transport-session-start-time { 3481 type yang:date-and-time; 3482 description 3483 "Timestamp of the start of the given Transport 3484 Session. 3486 This state parameter does not correspond to any object in 3487 the IPFIX MIB module."; 3488 } 3490 leaf transport-session-discontinuity-time { 3491 type yang:date-and-time; 3492 description 3493 "Timestamp of the most recent occasion at which 3494 one or more of the Transport Session counters suffered a 3495 discontinuity. 3497 Note that this parameter functionally corresponds to 3498 ipfixTransportSessionDiscontinuityTime in the IPFIX MIB 3499 module. In contrast to 3500 ipfixTransportSessionDiscontinuityTime, the time is 3501 absolute and not relative to sysUpTime."; 3502 reference 3503 "RFC 6615, Section 8 3504 (ipfixTransportSessionDiscontinuityTime)."; 3505 } 3507 list template { 3508 description 3509 "This list contains the Templates and Options 3510 Templates that are transmitted by the Exporting Process 3511 or received by the Collecting Process. 3513 Withdrawn or invalidated (Options) Templates MUST be removed 3514 from this list."; 3516 uses template-parameters-state; 3517 } 3518 } 3520 grouping template-parameters-state { 3521 description 3522 "State parameters of a Template used by an Exporting 3523 Process or received by a Collecting Process in a specific 3524 Transport Session. Parameter names and semantics 3525 correspond to the managed objects in IPFIX-MIB"; 3526 reference 3527 "RFC 5101; RFC 6615, Section 8 (ipfixTemplateEntry, 3528 ipfixTemplateDefinitionEntry, ipfixTemplateStatsEntry)"; 3530 leaf observation-domain-id { 3531 type uint32; 3532 description 3533 "The ID of the Observation Domain for which this 3534 Template is defined. 3536 Note that this parameter corresponds to 3537 ipfixTemplateObservationDomainId in the IPFIX MIB module."; 3538 reference 3539 "RFC 6615, Section 8 3540 (ipfixTemplateObservationDomainId)."; 3541 } 3543 leaf template-id { 3544 type uint16 { 3545 range "256..65535"; 3546 } 3547 description 3548 "This number indicates the Template ID in the IPFIX 3549 message. 3550 Note that this parameter corresponds to ipfixTemplateId in 3551 the IPFIX MIB module."; 3552 reference 3553 "RFC 6615, Section 8 (ipfixTemplateId)."; 3554 } 3556 leaf set-id { 3557 type uint16; 3558 description 3559 "This number indicates the Set ID of the Template. 3560 Currently, there are two values defined. The value 2 3561 is used for Sets containing Template definitions. 3562 The value 3 is used for Sets containing Options 3563 Template definitions. Note that this parameter 3564 corresponds to ipfixTemplateSetId 3565 in the IPFIX MIB module."; 3566 reference 3567 "RFC 6615, Section 8 (ipfixTemplateSetId)."; 3568 } 3570 leaf access-time { 3571 type yang:date-and-time; 3572 description 3573 "Used for Exporting Processes, this parameter 3574 contains the time when this (Options) Template was last 3575 sent to the Collector(s) or written to the file. 3576 Used for Collecting Processes, this parameter contains the 3577 time when this (Options) Template was last received from the 3578 Exporter or read from the file. 3579 Note that this parameter corresponds to 3580 ipfixTemplateAccessTime in the IPFIX MIB module."; 3581 reference 3582 "RFC 6615, Section 8 ( 3583 ipfixTemplateAccessTime)."; 3584 } 3586 leaf template-data-records { 3587 type yang:counter64; 3588 description 3589 "The number of transmitted or received Data 3590 Records defined by this (Options) Template. 3591 Discontinuities in the value of this counter can occur at 3592 re-initialization of the management system, and at other 3593 times as indicated by the value of 3594 templateDiscontinuityTime. 3595 Note that this parameter corresponds to 3596 ipfixTemplateDataRecords in the IPFIX MIB module."; 3597 reference 3598 "RFC 6615, Section 8 (ipfixTemplateDataRecords)."; 3599 } 3601 leaf template-discontinuity-time { 3602 type yang:date-and-time; 3603 description 3604 "Timestamp of the most recent occasion at which 3605 the counter templateDataRecords suffered a discontinuity. 3606 Note that this parameter functionally corresponds to 3607 ipfixTemplateDiscontinuityTime in the IPFIX MIB module. 3608 In contrast to ipfixTemplateDiscontinuityTime, the time 3609 is absolute and not relative to sysUpTime."; 3610 reference 3611 "RFC 6615, Section 8 3612 (ipfixTemplateDiscontinuityTime)."; 3613 } 3615 list field { 3616 description 3617 "This list contains the (Options) Template 3618 fields of which the (Options) Template is defined. 3619 The order of the list corresponds to the order of the fields 3620 in the (Option) Template Record."; 3622 leaf ie-id { 3623 type ie-id-type; 3624 description 3625 "This parameter indicates the Information 3626 Element identifier of the field. 3628 Note that this parameter corresponds to 3629 ipfixTemplateDefinitionIeId in the IPFIX MIB module."; 3631 reference 3632 "RFC 5101; RFC 6615, Section 8 3633 (ipfixTemplateDefinitionIeId)."; 3634 } 3636 leaf ie-length { 3637 type uint16; 3638 units "octets"; 3639 description 3640 "This parameter indicates the length of the 3641 Information Element of the field. 3643 Note that this parameter corresponds to 3644 ipfixTemplateDefinitionIeLength in the IPFIX MIB 3645 module."; 3646 reference 3647 "RFC 5101; RFC 6615, Section 8 3648 (ipfixTemplateDefinitionIeLength)."; 3649 } 3651 leaf ie-enterprise-number { 3652 type uint32; 3653 description 3654 "This parameter indicates the IANA enterprise 3655 number of the authority defining the Information Element 3656 identifier. 3657 If the Information Element is not enterprise-specific, 3658 this state parameter is zero. 3660 Note that this parameter corresponds to 3661 ipfixTemplateDefinitionIeEnterpriseNumber in the IPFIX 3662 MIB module."; 3663 reference 3664 "RFC 6615, Section 8 3665 (ipfixTemplateDefinitionIeEnterpriseNumber); 3666 IANA registry for Private Enterprise Numbers, 3667 http://www.iana.org/assignments/enterprise-numbers."; 3668 } 3670 leaf is-flow-key { 3671 when "../../set-id = 2" { 3672 description 3673 "This parameter is available for non-Options 3674 Templates (Set ID is 2)."; 3675 } 3676 type empty; 3677 description 3678 "If present, this is a Flow Key field. 3680 Note that this corresponds to flowKey(1) being set in 3681 ipfixTemplateDefinitionFlags."; 3682 reference 3683 "RFC 6615, Section 8 3684 (ipfixTemplateDefinitionFlags)."; 3685 } 3687 leaf is-scope { 3688 when "../../set-id = 3" { 3689 description 3690 "This parameter is available for Options 3691 Templates (Set ID is 3)."; 3692 } 3693 type empty; 3694 description 3695 "If present, this is a scope field. 3697 Note that this corresponds to scope(0) being set in 3698 ipfixTemplateDefinitionFlags."; 3699 reference 3700 "RFC 6615, Section 8 3701 (ipfixTemplateDefinitionFlags)."; 3702 } 3703 } 3704 } 3706 grouping common-collector-parameters { 3707 description 3708 "Parameters of a Collecting Process that are 3709 common to all transport protocols."; 3711 leaf local-port { 3712 type inet:port-number; 3713 description 3714 "If not configured, the Monitoring Device uses the 3715 default port number for IPFIX, which is 4739 without 3716 TLS or DTLS and 4740 if TLS or DTLS is activated."; 3717 } 3719 container transport-layer-security { 3720 presence 3721 "The presence of this container indicates TLS is enabled."; 3722 description 3723 "TLS or DTLS configuration."; 3725 uses transport-layer-security-parameters; 3726 } 3728 } 3730 grouping file-reader-state-parameters { 3731 description 3732 "State Parameters for the File Reader."; 3734 container file-reader-state { 3735 config false; 3736 description 3737 "File Reader parameters."; 3739 leaf bytes { 3740 type yang:counter64; 3741 units octets; 3742 description 3743 "The number of bytes read by the File Reader. 3744 Discontinuities in the value of this counter can occur at 3745 re-initialization of the management system, and at other 3746 times as indicated by the value of 3747 fileReaderDiscontinuityTime."; 3748 } 3750 leaf messages { 3751 type yang:counter64; 3752 units "IPFIX Messages"; 3753 description 3754 "The number of IPFIX Messages read by the File Reader. 3755 Discontinuities in the value of this counter can occur at 3756 re-initialization of the management system, and at other 3757 times as indicated by the value of 3758 fileReaderDiscontinuityTime."; 3759 } 3761 leaf records { 3762 type yang:counter64; 3763 units "Data Records"; 3764 description 3765 "The number of Data Records read by the File Reader. 3766 Discontinuities in the value of this counter can occur at 3767 re-initialization of the management system, and at other 3768 times as indicated by the value of 3769 fileReaderDiscontinuityTime."; 3770 } 3772 leaf templates { 3773 type yang:counter32; 3774 units "Templates"; 3775 description 3776 "The number of Template Records (excluding 3777 Options Template Records) read by the File Reader. 3778 Discontinuities in the value of this counter can occur at 3779 re-initialization of the management system, and at other 3780 times as indicated by the value of 3781 fileReaderDiscontinuityTime."; 3782 } 3784 leaf options-templates { 3785 type yang:counter32; 3786 units "Options Templates"; 3787 description 3788 "The number of Options Template Records read by 3789 the File Reader. 3790 Discontinuities in the value of this counter can occur at 3791 re-initialization of the management system, and at other 3792 times as indicated by the value of 3793 fileReaderDiscontinuityTime."; 3794 } 3796 leaf file-reader-discontinuity-time { 3797 type yang:date-and-time; 3798 description 3799 "Timestamp of the most recent occasion at which 3800 one or more File Reader counters suffered a discontinuity. 3801 In contrast to discontinuity times in the IPFIX MIB 3802 module, the time is absolute and not relative to 3803 sysUpTime."; 3804 } 3806 list template { 3807 description 3808 "This list contains the Templates and Options 3809 Templates that have been read by the File Reader. 3810 Withdrawn or invalidated (Options) Template MUST be 3811 removed from this list."; 3813 uses template-parameters-state; 3814 } 3815 } 3816 } 3818 grouping tcp-collector-parameters { 3819 description 3820 "Parameters of a listening TCP socket at a 3821 Collecting Process."; 3823 uses common-collector-parameters; 3824 choice local-address-method { 3825 description 3826 "Method to configure the local address 3827 of the collecting process. Note that it is 3828 expected that other methods be available. Those 3829 method can augment this choice."; 3831 case local-address { 3832 leaf-list local-address { 3833 type inet:host; 3834 description 3835 "List of local addresses on which the Collecting 3836 Process listens for IPFIX Messages."; 3837 } 3838 } 3839 } 3840 } 3842 grouping udp-collector-parameters { 3843 description 3844 "Parameters of a listening UDP socket at a 3845 Collecting Process."; 3847 uses common-collector-parameters; 3849 choice local-address-method { 3850 description 3851 "Method to configure the local address 3852 of the collecting process. Note that it is 3853 expected that other methods be available. Those 3854 method can augment this choice."; 3856 case local-address { 3857 leaf-list local-address { 3858 type inet:host; 3859 description 3860 "List of local addresses on which the Collecting 3861 Process listens for IPFIX Messages."; 3862 } 3863 } 3864 } 3866 leaf template-life-time { 3867 type uint32; 3868 units seconds; 3869 default 1800; 3870 description 3871 "Sets the lifetime of Templates for all UDP 3872 Transport Sessions terminating at this UDP socket. 3873 Templates that are not received again within the configured 3874 lifetime become invalid at the Collecting Process. 3875 As specified in RFC 5101, the Template lifetime MUST be at 3876 least three times higher than the templateRefreshTimeout 3877 parameter value configured on the corresponding Exporting 3878 Processes. 3879 Note that this parameter corresponds to 3880 ipfixTransportSessionTemplateRefreshTimeout in the IPFIX 3881 MIB module."; 3882 reference 3883 "RFC 5101, Section 10.3.7; RFC 6615, Section 8 3884 (ipfixTransportSessionTemplateRefreshTimeout)."; 3885 } 3887 leaf options-template-life-time { 3888 type uint32; 3889 units seconds; 3890 default 1800; 3891 description 3892 "Sets the lifetime of Options Templates for all 3893 UDP Transport Sessions terminating at this UDP socket. 3894 Options Templates that are not received again within the 3895 configured lifetime become invalid at the Collecting 3896 Process. 3897 As specified in RFC 5101, the Options Template lifetime MUST 3898 be at least three times higher than the 3899 optionsTemplateRefreshTimeout parameter value configured on 3900 the corresponding Exporting Processes. 3901 Note that this parameter corresponds to 3902 ipfixTransportSessionOptionsTemplateRefreshTimeout in the 3903 IPFIX MIB module."; 3904 reference 3905 "RFC 5101, Section 10.3.7; RFC 6615, Section 8 3906 (ipfixTransportSessionOptionsTemplateRefreshTimeout)."; 3907 } 3909 leaf template-life-packet { 3910 type uint32; 3911 units "IPFIX Messages"; 3912 description 3913 "If this parameter is configured, Templates 3914 defined in a UDP Transport Session become invalid if they 3915 are neither included in a sequence of more than this number 3916 of IPFIX Messages nor received again within the period of 3917 time specified by templateLifeTime. 3918 Note that this parameter corresponds to 3919 ipfixTransportSessionTemplateRefreshPacket in the IPFIX 3920 MIB module."; 3921 reference 3922 "RFC 5101, Section 10.3.7; RFC 6615, Section 8 3923 (ipfixTransportSessionTemplateRefreshPacket)."; 3924 } 3926 leaf options-template-life-packet { 3927 type uint32; 3928 units "IPFIX Messages"; 3929 description 3930 "If this parameter is configured, Options 3931 Templates defined in a UDP Transport Session become 3932 invalid if they are neither included in a sequence of more 3933 than this number of IPFIX Messages nor received again 3934 within the period of time specified by 3935 optionsTemplateLifeTime. 3936 Note that this parameter corresponds to 3937 ipfixTransportSessionOptionsTemplateRefreshPacket in the 3938 IPFIX MIB module."; 3939 reference 3940 "RFC 5101, Section 10.3.7; RFC 6615, Section 8 3941 (ipfixTransportSessionOptionsTemplateRefreshPacket)."; 3942 } 3943 } 3945 grouping sctp-collector-parameters { 3946 description 3947 "Parameters of a listening SCTP socket at a 3948 Collecting Process."; 3950 uses common-collector-parameters; 3952 choice local-address-method { 3953 description 3954 "Method to configure the local address 3955 of the collecting process. Note that it is 3956 expected that other methods be available. Those 3957 method can augment this choice."; 3959 case local-address { 3960 leaf-list local-address { 3961 type inet:host; 3962 description 3963 "List of local addresses on which the Collecting 3964 Process listens for IPFIX Messages."; 3965 } 3966 } 3967 } 3969 } 3971 grouping collecting-process-parameters { 3972 description 3973 "Parameters of a Collecting Process."; 3975 list tcp-collector { 3976 if-feature tcp-transport; 3977 key "name"; 3978 description 3979 "List of TCP receivers (sockets) on which the 3980 Collecting Process receives IPFIX Messages."; 3982 leaf name { 3983 type name-type; 3984 description 3985 "Name of the TCP collector."; 3986 } 3988 uses tcp-collector-parameters; 3990 list transport-session { 3991 key name; 3992 config false; 3993 description 3994 "This list contains the currently established 3995 Transport Sessions terminating at the given socket."; 3997 leaf name { 3998 type name-type; 3999 description 4000 "The name of the transporter session."; 4001 } 4003 uses transport-session-state-parameters; 4004 } 4005 } 4007 list udp-collector { 4008 if-feature udp-transport; 4009 key "name"; 4010 description 4011 "List of UDP receivers (sockets) on which the 4012 Collecting Process receives IPFIX Messages."; 4014 leaf name { 4015 type name-type; 4016 description 4017 "Name of the UDP collector."; 4018 } 4020 uses udp-collector-parameters; 4022 list transport-session { 4023 key name; 4024 config false; 4025 description 4026 "This list contains the currently established 4027 Transport Sessions terminating at the given socket."; 4029 leaf name { 4030 type name-type; 4031 description 4032 "The name of the transporter session."; 4033 } 4035 uses transport-session-state-parameters; 4036 } 4037 } 4039 list sctp-collector { 4040 if-feature sctp-transport; 4041 key "name"; 4042 description 4043 "List of SCTP receivers on which the 4044 Collecting Process receives IPFIX Messages."; 4046 leaf name { 4047 type name-type; 4048 description 4049 "Name of the SCTP collector."; 4050 } 4052 uses sctp-collector-parameters; 4054 list transport-session { 4055 key name; 4056 config false; 4057 description 4058 "This list contains the currently established 4059 Transport Sessions terminating at the given socket."; 4061 leaf name { 4062 type name-type; 4063 description 4064 "The name of the transporter session."; 4066 } 4068 leaf sctp-association-id { 4069 type uint32; 4070 config false; 4071 description 4072 "The association ID used for the SCTP session 4073 between the Exporter and the Collector of the IPFIX 4074 Transport Session. It is equal to the sctpAssocId 4075 entry in the sctpAssocTable defined in the SCTP-MIB. 4076 This parameter is only available if the transport 4077 protocol is SCTP and if an SNMP agent on the same 4078 Monitoring Device enables access to the 4079 corresponding MIB objects in the sctpAssocTable. 4080 Note that this parameter corresponds to 4081 ipfixTransportSessionSctpAssocId in the IPFIX MIB 4082 module."; 4083 reference 4084 "RFC 6615, Section 8 4085 (ipfixTransportSessionSctpAssocId); 4086 RFC 3871"; 4087 } 4089 uses transport-session-state-parameters; 4090 } 4091 } 4093 list file-reader { 4094 if-feature file-reader; 4095 key "name"; 4096 description 4097 "List of File Readers from which the 4098 Collecting Process reads the IPFIX Messages."; 4100 leaf name { 4101 type name-type; 4102 description 4103 "Name of the File Reader."; 4104 } 4106 leaf file { 4107 type inet:uri; 4108 mandatory true; 4109 description 4110 "URI specifying the location of the file."; 4111 } 4113 uses file-reader-state-parameters; 4115 } 4116 } 4118 grouping exporting-process-parameters { 4119 description 4120 "Parameters of an Exporting Process."; 4122 leaf export-mode { 4123 type identityref { 4124 base export-mode; 4125 } 4126 default 'parallel'; 4127 description 4128 "This parameter determines to which configured 4129 destination(s) the incoming Data Records are exported."; 4130 } 4132 list destination { 4133 key "name"; 4134 min-elements 1; 4135 description 4136 "List of export destinations."; 4138 leaf name { 4139 type name-type; 4140 description 4141 "Export destination name."; 4142 } 4144 choice destination-parameters { 4145 mandatory true; 4146 description 4147 "Destination configuration."; 4149 container tcp-exporter { 4150 if-feature tcp-transport; 4151 description 4152 "TCP parameters."; 4154 uses tcp-exporter-parameters; 4156 container transport-session { 4157 config false; 4158 description 4159 "Transport session state data."; 4161 uses transport-session-state-parameters; 4162 } 4164 } 4166 container udp-exporter { 4167 if-feature udp-transport; 4168 description 4169 "UDP parameters."; 4171 uses udp-exporter-parameters; 4173 container transport-session { 4174 config false; 4175 description 4176 "Transport session state data."; 4178 uses transport-session-state-parameters; 4179 } 4180 } 4182 container sctp-exporter { 4183 if-feature sctp-transport; 4184 description 4185 "SCTP parameters."; 4187 uses sctp-exporter-parameters; 4189 container transport-session { 4190 config false; 4191 description 4192 "Transport session state data."; 4194 leaf sctp-association-id { 4195 type uint32; 4196 description 4197 "The association ID used for the SCTP session 4198 between the Exporter and the Collector of the IPFIX 4199 Transport Session. It is equal to the sctpAssocId 4200 entry in the sctpAssocTable defined in the SCTP-MIB. 4201 This parameter is only available if the transport 4202 protocol is SCTP and if an SNMP agent on the same 4203 Monitoring Device enables access to the 4204 corresponding MIB objects in the sctpAssocTable. 4205 Note that this parameter corresponds to 4206 ipfixTransportSessionSctpAssocId in the IPFIX MIB 4207 module."; 4208 reference 4209 "RFC 6615, Section 8 4210 (ipfixTransportSessionSctpAssocId); 4211 RFC 3871"; 4213 } 4215 uses transport-session-state-parameters; 4216 } 4217 } 4219 container file-writer { 4220 if-feature file-writer; 4221 description 4222 "File Writer parameters."; 4224 leaf ipfix-version { 4225 type uint16; 4226 default 10; 4227 description 4228 "IPFIX version number."; 4229 reference 4230 "RFC 5101."; 4231 } 4233 leaf file { 4234 type inet:uri; 4235 mandatory true; 4236 description 4237 "URI specifying the location of the file."; 4238 } 4240 uses file-writer-state-parameters; 4241 } 4242 } 4243 } 4245 list options { 4246 key "name"; 4247 description 4248 "List of options reported by the Exporting Process."; 4250 leaf name { 4251 type name-type; 4252 description 4253 "Name of the option."; 4254 } 4255 uses options-parameters; 4256 } 4257 } 4259 grouping common-exporter-parameters { 4260 description 4261 "Parameters of en export destination that are 4262 common to all transport protocols."; 4264 leaf ipfix-version { 4265 type uint16; 4266 default '10'; 4267 description 4268 "IPFIX version number."; 4269 reference 4270 "RFC 5101."; 4271 } 4273 leaf destination-port { 4274 type inet:port-number; 4275 description 4276 "If not configured by the user, the Monitoring 4277 Device uses the default port number for IPFIX, which is 4278 4739 without TLS or DTLS and 4740 if TLS or DTLS is 4279 activated."; 4280 } 4282 leaf send-buffer-size { 4283 type uint32; 4284 units "bytes"; 4285 description 4286 "Size of the socket send buffer. 4288 If not configured by the user, this parameter is set by 4289 the Monitoring Device."; 4290 } 4292 leaf rate-limit { 4293 type uint32; 4294 units "bytes per second"; 4295 description 4296 "Maximum number of bytes per second the Exporting 4297 Process may export to the given destination. The number of 4298 bytes is calculated from the lengths of the IPFIX Messages 4299 exported. If not configured, no rate limiting is 4300 performed."; 4301 reference 4302 "RFC 5476, Section 6.3."; 4303 } 4305 container transport-layer-security { 4306 presence 4307 "The presence of this container indicates TLS is enabled."; 4308 description 4309 "TLS or DTLS configuration."; 4311 uses transport-layer-security-parameters; 4312 } 4314 container source { 4315 description 4316 "Configuration corresponding to how exporter's source IP 4317 address is specified."; 4319 choice source-method { 4320 description 4321 "Method to configure the source address of the exporter 4322 or the interface to be used by the exporter. 4324 Note that it is expected that other methods be available. 4325 Those methods can augment this choice."; 4327 case source-address { 4328 leaf source-address { 4329 type inet:host; 4330 description 4331 "Select the source address used by the Exporting 4332 Process."; 4333 } 4334 } 4336 case interface-ref { 4337 leaf interface-ref { 4338 type if:interface-ref; 4339 description 4340 "The interface to be used by the Exporting Process."; 4341 } 4342 } 4344 case if-index { 4345 if-feature if-mib; 4346 leaf if-index { 4347 type uint32; 4348 description 4349 "Index of an interface as stored in the ifTable 4350 of IF-MIB."; 4351 reference 4352 "RFC 2863."; 4353 } 4354 } 4356 case if-name { 4357 if-feature if-mib; 4358 leaf if-name { 4359 type string; 4360 description 4361 "Name of an interface as stored in the ifTable 4362 of IF-MIB."; 4363 reference 4364 "RFC 2863."; 4365 } 4366 } 4367 } 4368 } 4370 container destination { 4371 description 4372 "Configuration corresponding to how exporter's destination IP 4373 address is specified."; 4375 choice destination-method { 4376 mandatory true; 4377 description 4378 "Method to configuring the destination address of the 4379 Collection Process to which IPFIX Messages are sent. 4381 Note it is expected that if other methods are available 4382 that they would augment from this statement."; 4384 case destination-address { 4385 leaf destination-address { 4386 type inet:host; 4387 description 4388 "Destination IP address or hostname. A hostname may 4389 resolve to one or more IP addresses."; 4390 } 4391 } 4392 } 4393 } 4394 } 4396 grouping tcp-exporter-parameters { 4397 description 4398 "Parameters of a TCP export destination."; 4400 uses common-exporter-parameters; 4401 } 4403 grouping udp-exporter-parameters { 4404 description 4405 "Parameters of a UDP export destination."; 4407 uses common-exporter-parameters; 4409 leaf maximum-packet-size { 4410 type uint16; 4411 units octets; 4412 description 4413 "This parameter specifies the maximum size of 4414 IP packets sent to the Collector. If set to zero, the 4415 Exporting Device MUST derive the maximum packet size 4416 from path MTU discovery mechanisms. 4417 If not configured by the user, this parameter is set by 4418 the Monitoring Device."; 4419 } 4421 leaf template-refresh-timeout { 4422 type uint32; 4423 units seconds; 4424 default 600; 4425 description 4426 "Sets time after which Templates are resent in the 4427 UDP Transport Session. 4428 Note that the configured lifetime MUST be adapted to the 4429 templateLifeTime parameter value at the receiving Collecting 4430 Process. 4431 Note that this parameter corresponds to 4432 ipfixTransportSessionTemplateRefreshTimeout in the IPFIX 4433 MIB module."; 4434 reference 4435 "RFC 5101, Section 10.3.6; RFC 6615, Section 8 4436 (ipfixTransportSessionTemplateRefreshTimeout)."; 4437 } 4439 leaf options-template-refresh-timeout { 4440 type uint32; 4441 units seconds; 4442 default 600; 4443 description 4444 "Sets time after which Options Templates are 4445 resent in the UDP Transport Session. 4446 Note that the configured lifetime MUST be adapted to the 4447 optionsTemplateLifeTime parameter value at the receiving 4448 Collecting Process. 4449 Note that this parameter corresponds to 4450 ipfixTransportSessionOptionsTemplateRefreshTimeout in the 4451 IPFIX MIB module."; 4452 reference 4453 "RFC 5101, Section 10.3.6; RFC 6615, Section 8 4454 (ipfixTransportSessionOptionsTemplateRefreshTimeout)."; 4455 } 4457 leaf template-refresh-packet { 4458 type uint32; 4459 units "IPFIX Messages"; 4460 description 4461 "Sets number of IPFIX Messages after which 4462 Templates are resent in the UDP Transport Session. 4463 Note that this parameter corresponds to 4464 ipfixTransportSessionTemplateRefreshPacket in the IPFIX 4465 MIB module. 4466 If omitted, Templates are only resent after timeout."; 4467 reference 4468 "RFC 5101, Section 10.3.6; RFC 6615, Section 8 4469 (ipfixTransportSessionTemplateRefreshPacket)."; 4470 } 4472 leaf options-template-refresh-packet { 4473 type uint32; 4474 units "IPFIX Messages"; 4475 description 4476 "Sets number of IPFIX Messages after which 4477 Options Templates are resent in the UDP Transport Session 4478 protocol. 4479 Note that this parameter corresponds to 4480 ipfixTransportSessionOptionsTemplateRefreshPacket in the 4481 IPFIX MIB module. 4482 If omitted, Templates are only resent after timeout."; 4483 reference 4484 "RFC 5101, Section 10.3.6; RFC 6615, Section 8 4485 (ipfixTransportSessionOptionsTemplateRefreshPacket)."; 4486 } 4487 } 4489 grouping sctp-exporter-parameters { 4490 description 4491 "Parameters of a SCTP export destination."; 4493 uses common-exporter-parameters; 4495 leaf timed-reliability { 4496 type uint32; 4497 units milliseconds; 4498 default 0; 4499 description 4500 "Lifetime in milliseconds until an IPFIX 4501 Message containing Data Sets only is 'abandoned' due to 4502 the timed reliability mechanism of PR-SCTP. 4503 If this parameter is set to zero, reliable SCTP 4504 transport is used for all Data Records. 4505 Regardless of the value of this parameter, the Exporting 4506 Process MAY use reliable SCTP transport for Data Sets 4507 associated with Options Templates."; 4508 reference 4509 "RFC 3758; RFC 4960."; 4510 } 4511 } 4513 grouping file-writer-state-parameters { 4514 description 4515 "State Parameters for the File Writer."; 4517 container file-writer-state { 4518 config false; 4519 description 4520 "File Writer parameters."; 4522 leaf bytes { 4523 type yang:counter64; 4524 units octets; 4525 description 4526 "The number of bytes written by the File Writer. 4527 Discontinuities in the value of this counter can occur at 4528 re-initialization of the management system, and at other 4529 times as indicated by the value of 4530 fileWriterDiscontinuityTime."; 4531 } 4533 leaf messages { 4534 type yang:counter64; 4535 units "IPFIX Messages"; 4536 description 4537 "The number of IPFIX Messages written by the File 4538 Writer. 4539 Discontinuities in the value of this counter can occur at 4540 re-initialization of the management system, and at other 4541 times as indicated by the value of 4542 fileWriterDiscontinuityTime."; 4543 } 4545 leaf discarded-messages { 4546 type yang:counter64; 4547 units "IPFIX Messages"; 4548 description 4549 "The number of IPFIX Messages that could not be 4550 written by the File Writer due to internal buffer 4551 overflows, limited storage capacity, etc. 4552 Discontinuities in the value of this counter can occur at 4553 re-initialization of the management system, and at other 4554 times as indicated by the value of 4555 fileWriterDiscontinuityTime."; 4556 } 4558 leaf records { 4559 type yang:counter64; 4560 units "Data Records"; 4561 description 4562 "The number of Data Records written by the File Writer. 4563 Discontinuities in the value of this counter can occur at 4564 re-initialization of the management system, and at other 4565 times as indicated by the value of 4566 fileWriterDiscontinuityTime."; 4567 } 4569 leaf templates { 4570 type yang:counter32; 4571 units "Templates"; 4572 description 4573 "The number of Template Records (excluding 4574 Options Template Records) written by the File Writer. 4575 Discontinuities in the value of this counter can occur at 4576 re-initialization of the management system, and at other 4577 times as indicated by the value of 4578 fileWriterDiscontinuityTime."; 4579 } 4581 leaf options-templates { 4582 type yang:counter32; 4583 units "Options Templates"; 4584 description 4585 "The number of Options Template Records written 4586 by the File Writer. 4587 Discontinuities in the value of this counter can occur at 4588 re-initialization of the management system, and at other 4589 times as indicated by the value of 4590 fileWriterDiscontinuityTime."; 4591 } 4593 leaf file-writer-discontinuity-time { 4594 type yang:date-and-time; 4595 description 4596 "Timestamp of the most recent occasion at which 4597 one or more File Writer counters suffered a discontinuity. 4598 In contrast to discontinuity times in the IPFIX MIB 4599 module, the time is absolute and not relative to 4600 sysUpTime."; 4601 } 4603 list template { 4604 description 4605 "This list contains the Templates and Options 4606 Templates that have been written by the File Reader. 4607 Withdrawn or invalidated (Options) Templates MUST be 4608 removed from this list."; 4609 uses template-parameters-state; 4610 } 4611 } 4612 } 4614 grouping options-parameters { 4615 description 4616 "Parameters specifying the data export using an 4617 Options Template."; 4619 leaf options-type { 4620 type identityref { 4621 base options-type; 4622 } 4623 mandatory true; 4624 description 4625 "Type of the exported options data."; 4626 } 4628 leaf options-timeout { 4629 type uint32; 4630 units "milliseconds"; 4631 description 4632 "Time interval for periodic export of the options 4633 data. If set to zero, the export is triggered when the 4634 options data has changed. 4636 If not configured by the user, this parameter is set by the 4637 Monitoring Device."; 4638 } 4639 } 4641 container ipfix { 4642 description 4643 "IPFIX Exporter and/or Collector data nodes."; 4645 list collecting-process { 4646 if-feature collector; 4647 key "name"; 4648 description 4649 "Collecting Process of the Monitoring Device."; 4651 leaf name { 4652 type name-type; 4653 description 4654 "Name of the collecting process."; 4655 } 4657 uses collecting-process-parameters; 4659 leaf-list exporting-process { 4660 if-feature exporter; 4661 type leafref { 4662 path "/ietf-ipfix:ipfix" 4663 + "/ietf-ipfix:exporting-process" 4664 + "/ietf-ipfix:name"; 4665 } 4666 description 4667 "Export of received records without any 4668 modifications. Records are processed by all Exporting 4669 Processes in the list."; 4670 } 4671 } 4673 list exporting-process { 4674 if-feature exporter; 4675 key "name"; 4676 description 4677 "List of Exporting Processes of the IPFIX Monitoring Device 4678 for which configuration will be applied."; 4680 leaf name { 4681 type name-type; 4682 description 4683 "Name of the exporting process."; 4684 } 4686 leaf enabled { 4687 type boolean; 4688 default "true"; 4689 description 4690 "If true, this exporting process is enabled for 4691 exporting."; 4692 } 4693 uses exporting-process-parameters; 4695 leaf exporting-process-id { 4696 type uint32; 4697 config false; 4698 description 4699 "The identifier of the Exporting Process. 4700 This parameter corresponds to the Information Element 4701 exportingProcessId. Its occurrence helps to associate 4702 Exporting Process parameters with Exporing Process 4703 statistics exported by the Monitoring Device using the 4704 Exporting Process Reliability Statistics Template as 4705 defined by the IPFIX protocol specification."; 4706 reference 4707 "RFC 5101, Section 4.3; IANA registry for IPFIX 4708 Entities, http://www.iana.org/assignments/ipfix."; 4709 } 4710 } 4711 } 4712 } 4714 4716 6.2. ietf-psamp 4718 6.2.1. ietf-psamp Module Structure 4720 This document defines the YANG module "ietf-psamp", which has the 4721 following structure: 4723 module: ietf-psamp 4724 augment /ietf-ipfix:ipfix: 4725 +--rw psamp 4726 +--rw observation-point* [name] 4727 | +--rw name ietf-ipfix:name-type 4728 | +--rw observation-domain-id uint32 4729 | +--rw interface-ref* if:interface-ref 4730 | +--rw if-name* if-name-type {if-mib}? 4731 | +--rw if-index* uint32 {if-mib}? 4732 | +--rw hardware-ref* hardware-ref 4733 | +--rw ent-physical-name* string {entity-mib}? 4734 | +--rw ent-physical-index* uint32 {entity-mib}? 4735 | +--rw direction? direction 4736 | +--rw selection-process* 4737 | | -> /ietf-ipfix:ipfix/psamp/selection-process/name 4738 | +--ro observation-point-id? uint32 4739 +--rw selection-process* [name] 4740 | +--rw name ietf-ipfix:name-type 4741 | +--rw selector* [name] 4742 | | ... 4743 | +--rw cache? 4744 | | -> /ietf-ipfix:ipfix/psamp/cache/name 4745 | +--ro selection-sequence* [] 4746 | ... 4747 +--rw cache* [name] 4748 +--rw name ietf-ipfix:name-type 4749 +--rw enabled? boolean 4750 +--rw (cache-type) 4751 | ... 4752 +--rw exporting-process* 4753 | -> /ietf-ipfix:ipfix/exporting-process/name 4754 | {ietf-ipfix:exporter}? 4755 +--ro metering-process-id? uint32 4756 +--ro data-records? yang:counter64 4757 +--ro cache-discontinuity-time? yang:date-and-time 4759 6.2.2. ietf-psamp YANG module 4761 This YANG Module imports typedefs from [RFC6991]. 4763 file "ietf-psamp@2018-10-22.yang" 4765 module ietf-psamp { 4766 yang-version 1.1; 4768 namespace "urn:ietf:params:xml:ns:yang:ietf-psamp"; 4770 prefix ietf-psamp; 4771 import ietf-yang-types { 4772 prefix yang; 4773 } 4775 import ietf-ipfix { 4776 prefix ietf-ipfix; 4777 } 4779 import ietf-interfaces { 4780 prefix if; 4781 } 4783 import ietf-hardware { 4784 prefix hw; 4785 } 4787 organization 4788 "IETF"; 4790 contact 4791 "Web: TBD 4792 List: TBD 4794 Editor: Joey Boyd 4795 4797 Editor: Marta Seda 4798 "; 4800 // RFC Ed.: replace XXXX with actual RFC numbers and 4801 // remove this note. 4803 description 4804 "This module contains a collection of YANG definitions for the 4805 management Packet Sampling (PSAMP) over IPFIX. 4807 This data model is designed for the Network Management Datastore 4808 Architecture defined in RFC 8342. 4810 Copyright (c) 2019 IETF Trust and the persons identified 4811 as authors of the code. All rights reserved. 4813 Redistribution and use in source and binary forms, with or 4814 without modification, is permitted pursuant to, and subject 4815 to the license terms contained in, the Simplified BSD License 4816 set forth in Section 4.c of the IETF Trust's Legal Provisions 4817 Relating to IETF Documents 4818 (http://trustee.ietf.org/license-info). 4820 This version of this YANG module is part of XXXX; see the RFC 4821 itself for full legal notices."; 4823 revision 2019-03-11 { 4824 description 4825 "Initial revision."; 4826 reference 4827 "RFC XXXX: YANG Data Models for the IP Flow Information Export 4828 (IPFIX) Protocol, Packet Sampling (PSAMP) Protocol, 4829 and Bulk Data Export"; 4830 } 4832 feature if-mib { 4833 description 4834 "This feature indicates that the device implements 4835 the IF-MIB."; 4836 reference 4837 "RFC 2863: The Interfaces Group MIB"; 4838 } 4840 feature entity-mib { 4841 description 4842 "This feature indicates that the device implements 4843 the ENTITY-MIB."; 4844 reference 4845 "RFC 6933: Entity MIB (Version 4)"; 4846 } 4848 feature psamp-samp-count-based { 4849 description 4850 "If supported, the Monitoring Device supports 4851 count-based Sampling. The Selector method sampCountBased can 4852 be configured."; 4853 } 4855 feature psamp-samp-time-based { 4856 description 4857 "If supported, the Monitoring Device supports 4858 time-based Sampling. The Selector method sampTimeBased can 4859 be configured."; 4860 } 4862 feature psamp-samp-rand-out-of-n { 4863 description 4864 "If supported, the Monitoring Device supports 4865 random n-out-of-N Sampling. The Selector method 4866 sampRandOutOfN can be configured."; 4867 } 4868 feature psamp-samp-uni-prob { 4869 description 4870 "If supported, the Monitoring Device supports 4871 uniform probabilistic Sampling. The Selector method 4872 sampUniProb can be configured."; 4873 } 4875 feature psamp-filter-match { 4876 description 4877 "If supported, the Monitoring Device supports 4878 property match Filtering. The Selector method filterMatch 4879 can be configured."; 4880 } 4882 feature psamp-filter-hash { 4883 description 4884 "If supported, the Monitoring Device supports 4885 hash-based Filtering. The Selector method filterHash can be 4886 configured."; 4887 } 4889 feature immediate-cache { 4890 description 4891 "If supported, the Monitoring Device supports 4892 Caches generating PSAMP Packet Reports by configuration with 4893 immediateCache."; 4894 } 4896 feature timeout-cache { 4897 description 4898 "If supported, the Monitoring Device supports 4899 Caches generating IPFIX Flow Records by configuration with 4900 timeoutCache."; 4901 } 4903 feature natural-cache { 4904 description 4905 "If supported, the Monitoring Device supports 4906 Caches generating IPFIX Flow Records by configuration with 4907 naturalCache."; 4908 } 4910 feature permanent-cache { 4911 description 4912 "If supported, the Monitoring Device supports 4913 Caches generating IPFIX Flow Records by configuration with 4914 permanentCache."; 4915 } 4916 identity bob { 4917 base hash-function; 4918 description 4919 "BOB hash function."; 4920 reference 4921 "RFC 5475, Section 6.2.4.1."; 4922 } 4924 identity ipsx { 4925 base hash-function; 4926 description 4927 "IPSX hash function."; 4928 reference 4929 "RFC 5475, Section 6.2.4.1."; 4930 } 4932 identity crc { 4933 base hash-function; 4934 description 4935 "CRC hash function."; 4936 reference 4937 "RFC 5475, Section 6.2.4.1."; 4938 } 4940 identity hash-function { 4941 description 4942 "Base identity for all hash functions used for 4943 hash-based packet Filtering."; 4944 } 4946 typedef hardware-ref { 4947 type leafref { 4948 path "/hw:hardware/hw:component/hw:name"; 4949 } 4950 description 4951 "This type is used to reference hardware components."; 4952 reference 4953 "RFC 8348."; 4954 } 4956 typedef if-name-type { 4957 type string { 4958 length "1..255"; 4959 } 4960 description 4961 "This corresponds to the DisplayString textual 4962 convention of SNMPv2-TC, which is used for ifName in the IF 4963 MIB module."; 4965 reference 4966 "RFC 2863 (ifName)."; 4967 } 4969 typedef direction { 4970 type enumeration { 4971 enum "ingress" { 4972 value 0; 4973 description 4974 "This value is used for monitoring incoming packets."; 4975 } 4976 enum "egress" { 4977 value 1; 4978 description 4979 "This value is used for monitoring outgoing packets."; 4980 } 4981 enum "both" { 4982 value 2; 4983 description 4984 "This value is used for monitoring incoming and 4985 outgoing packets."; 4986 } 4987 } 4988 description 4989 "Direction of packets going through an interface."; 4990 } 4992 grouping observation-point-parameters { 4993 description 4994 "Interface as input to Observation Point."; 4996 leaf observation-domain-id { 4997 type uint32; 4998 mandatory true; 4999 description 5000 "The Observation Domain ID associates the 5001 Observation Point to an Observation Domain. Observation 5002 Points with identical Observation Domain IDs belong to the 5003 same Observation Domain. 5005 Note that this parameter corresponds to 5006 ipfixObservationPointObservationDomainId in the IPFIX MIB 5007 module."; 5008 reference 5009 "RFC 5101; RFC 6615, Section 8 5010 (ipfixObservationPointObservationDomainId)."; 5011 } 5012 leaf-list interface-ref { 5013 type if:interface-ref; 5014 description 5015 "List of interfaces of the Monitoring Device. The 5016 Observation Point observes packets at the specified 5017 interfaces."; 5018 } 5020 leaf-list if-name { 5021 if-feature if-mib; 5022 type if-name-type; 5023 description 5024 "List of names identifying interfaces of the 5025 Monitoring Device. The Observation Point observes packets 5026 at the specified interfaces."; 5027 } 5029 leaf-list if-index { 5030 if-feature if-mib; 5031 type uint32; 5032 description 5033 "List of if-index values pointing to entries in the 5034 ifTable of the IF-MIB module maintained by the Monitoring 5035 Device. The Observation Point observes packets at the 5036 specified interfaces. 5037 This parameter SHOULD only be used if an SNMP agent enables 5038 access to the ifTable. 5039 Note that this parameter corresponds to 5040 ipfixObservationPointPhysicalInterface in the IPFIX MIB 5041 module."; 5042 reference 5043 "RFC 2863; RFC 6615, Section 8 5044 (ipfixObservationPointPhysicalInterface)."; 5045 } 5047 leaf-list hardware-ref { 5048 type hardware-ref; 5049 description 5050 "List of hardware components of the Monitoring Device. 5051 The Observation Points observes packets at the specified 5052 hardware components."; 5053 reference 5054 "RFC 8348."; 5055 } 5057 leaf-list ent-physical-name { 5058 if-feature entity-mib; 5059 type string; 5060 description 5061 "List of names identifying physical entities of the 5062 Monitoring Device. The Observation Point observes packets 5063 at the specified entities."; 5064 } 5066 leaf-list ent-physical-index { 5067 if-feature entity-mib; 5068 type uint32; 5069 description 5070 "List of ent-physical-index values pointing to 5071 entries in the entPhysicalTable of the ENTITY-MIB module 5072 maintained by the Monitoring Device. The Observation Point 5073 observes packets at the specified entities. 5074 This parameter SHOULD only be used if an SNMP agent enables 5075 access to the entPhysicalTable. 5076 Note that this parameter corresponds to 5077 ipfixObservationPointPhysicalEntity in the IPFIX MIB 5078 module."; 5079 reference 5080 "RFC 4133; RFC 6615, Section 8 5081 (ipfixObservationPointPhysicalInterface)."; 5082 } 5084 leaf direction { 5085 type direction; 5086 default "both"; 5087 description 5088 "Direction of packets. If not applicable (e.g., in 5089 the case of a sniffing interface in promiscuous mode), this 5090 parameter is ignored."; 5091 } 5092 } 5094 grouping samp-count-based-parameters { 5095 description 5096 "Configuration parameters of a Selector applying 5097 systematic count-based packet Sampling to the packet 5098 stream."; 5099 reference 5100 "RFC 5475, Section 5.1; RFC 5476, Section 6.5.2.1."; 5102 leaf packet-interval { 5103 type uint32; 5104 units "packets"; 5105 mandatory true; 5106 description 5107 "The number of packets that are consecutively 5108 sampled between gaps of length packetSpace. 5110 This parameter corresponds to the Information Element 5111 samplingPacketInterval and to psampSampCountBasedInterval 5112 in the PSAMP MIB module."; 5113 reference 5114 "RFC 5477, Section 8.2.2; RFC 6727, Section 6 5115 (psampSampCountBasedInterval)."; 5116 } 5118 leaf packet-space { 5119 type uint32; 5120 units "packets"; 5121 mandatory true; 5122 description 5123 "The number of unsampled packets between two 5124 Sampling intervals. 5126 This parameter corresponds to the Information Element 5127 samplingPacketSpace and to psampSampCountBasedSpace 5128 in the PSAMP MIB module."; 5129 reference 5130 "RFC 5477, Section 8.2.3; RFC 6727, Section 6 5131 (psampSampCountBasedSpace)."; 5132 } 5133 } 5135 grouping samp-time-based-parameters { 5136 description 5137 "Configuration parameters of a Selector applying 5138 systematic time-based packet Sampling to the packet 5139 stream."; 5140 reference 5141 "RFC 5475, Section 5.1; RFC 5476, Section 6.5.2.2."; 5143 leaf time-interval { 5144 type uint32; 5145 units "microseconds"; 5146 mandatory true; 5147 description 5148 "The time interval in microseconds during 5149 which all arriving packets are sampled between gaps 5150 of length timeSpace. 5152 This parameter corresponds to the Information Element 5153 samplingTimeInterval and to psampSampTimeBasedInterval 5154 in the PSAMP MIB module."; 5155 reference 5156 "RFC 5477, Section 8.2.4; RFC 6727, Section 6 5157 (psampSampTimeBasedInterval)."; 5158 } 5160 leaf time-space { 5161 type uint32; 5162 units "microseconds"; 5163 mandatory true; 5164 description 5165 "The time interval in microseconds during 5166 which no packets are sampled between two Sampling 5167 intervals specified by timeInterval. 5169 This parameter corresponds to the Information Element 5170 samplingTimeInterval and to psampSampTimeBasedSpace 5171 in the PSAMP MIB module."; 5172 reference 5173 "RFC 5477, Section 8.2.5; RFC 6727, Section 6 5174 (psampSampTimeBasedSpace)."; 5175 } 5176 } 5178 grouping samp-rand-out-of-n-parameters { 5179 description 5180 "Configuration parameters of a Selector applying 5181 n-out-of-N packet Sampling to the packet stream."; 5182 reference 5183 "RFC 5475, Section 5.2.1; RFC 5476, Section 6.5.2.3."; 5185 leaf size { 5186 type uint32; 5187 units "packets"; 5188 mandatory true; 5189 description 5190 "The number of elements taken from the parent 5191 population. 5193 This parameter corresponds to the Information Element 5194 samplingSize and to psampSampRandOutOfNSize in the PSAMP 5195 MIB module."; 5196 reference 5197 "RFC 5477, Section 8.2.6; RFC 6727, Section 6 5198 (psampSampRandOutOfNSize)."; 5199 } 5201 leaf population { 5202 type uint32; 5203 units "packets"; 5204 mandatory true; 5205 description 5206 "The number of elements in the parent 5207 population. 5209 This parameter corresponds to the Information Element 5210 samplingPopulation and to psampSampRandOutOfNPopulation 5211 in the PSAMP MIB module."; 5212 reference 5213 "RFC 5477, Section 8.2.7; RFC 6727, Section 6 5214 (psampSampRandOutOfNPopulation)."; 5215 } 5216 } 5218 grouping samp-uni-prob-parameters { 5219 description 5220 "Configuration parameters of a Selector applying 5221 uniform probabilistic packet Sampling (with equal 5222 probability per packet) to the packet stream."; 5223 reference 5224 "RFC 5475, Section 5.2.2.1; 5225 RFC 5476, Section 6.5.2.4."; 5227 leaf probability { 5228 type decimal64 { 5229 fraction-digits 18; 5230 range "0..1"; 5231 } 5232 mandatory true; 5233 description 5234 "Probability that a packet is sampled, 5235 expressed as a value between 0 and 1. The probability 5236 is equal for every packet. 5238 This parameter corresponds to the Information Element 5239 samplingProbability and to psampSampUniProbProbability 5240 in the PSAMP MIB module."; 5241 reference 5242 "RFC 5477, Section 8.2.8; RFC 6727, Section 6 5243 (psampSampUniProbProbability)."; 5244 } 5245 } 5247 grouping filter-match-parameters { 5248 description 5249 "Configuration parameters of a Selector applying 5250 property match Filtering to the packet stream. 5252 The field to be matched is specified as an Information 5253 Element."; 5254 reference 5255 "RFC 5475, Section 6.1; RFC 5476, Section 6.5.2.5."; 5257 choice information-element { 5258 mandatory true; 5259 description 5260 "The field to be matched is the Information 5261 Element."; 5263 leaf ie-name { 5264 type ietf-ipfix:ie-name-type; 5265 description 5266 "Name of the Information Element."; 5267 } 5269 leaf ie-id { 5270 type ietf-ipfix:ie-id-type; 5271 description 5272 "Identifier of the Information Element."; 5273 } 5274 } 5276 leaf ie-enterprise-number { 5277 type uint32; 5278 default '0'; 5279 description 5280 "If this parameter is zero, the Information 5281 Element is registered in the IANA registry of IPFIX 5282 Information Elements. 5284 If this parameter is configured with a non-zero private 5285 enterprise number, the Information Element is 5286 enterprise-specific."; 5287 reference 5288 "IANA registry for Private Enterprise Numbers, 5289 http://www.iana.org/assignments/enterprise-numbers; 5290 IANA registry for IPFIX Entities, 5291 http://www.iana.org/assignments/ipfix."; 5292 } 5294 leaf value { 5295 type string; 5296 mandatory true; 5297 description 5298 "Matching value of the Information Element."; 5299 } 5301 } 5303 grouping filter-hash-parameters { 5304 description 5305 "Configuration parameters of a Selector applying 5306 hash-based Filtering to the packet stream."; 5307 reference 5308 "RFC 5475, Section 6.2; RFC 5476, Section 6.5.2.6."; 5310 leaf hash-function { 5311 type identityref { 5312 base hash-function; 5313 } 5314 default 'bob'; 5315 description 5316 "Hash function to be applied. According to 5317 RFC 5475, Section 6.2.4.1, 'BOB' must be used in order to 5318 be compliant with PSAMP. 5320 This parameter functionally corresponds to 5321 psampFiltHashFunction in the PSAMP MIB module."; 5322 reference 5323 "RFC 6727, Section 6 (psampFiltHashFunction)"; 5324 } 5326 leaf initializer-value { 5327 type uint64; 5328 description 5329 "Initializer value to the hash function. 5330 If not configured by the user, the Monitoring Device 5331 arbitrarily chooses an initializer value. 5333 This parameter corresponds to the Information Element 5334 hashInitialiserValue and to psampFiltHashInitializerValue 5335 in the PSAMP MIB module."; 5336 reference 5337 "RFC 5477, Section 8.3.9; RFC 6727, Section 6 5338 (psampFiltHashInitializerValue)."; 5339 } 5341 leaf ip-payload-offset { 5342 type uint64; 5343 units "octets"; 5344 default '0'; 5345 description 5346 "IP payload offset indicating the position of 5347 the first payload byte considered as input to the hash 5348 function. 5350 Default value 0 corresponds to the minimum offset that 5351 must be configurable according to RFC 5476, Section 5352 6.5.2.6. 5354 This parameter corresponds to the Information Element 5355 hashIPPayloadOffset and to psampFiltHashIpPayloadOffset 5356 in the PSAMP MIB module."; 5357 reference 5358 "RFC 5477, Section 8.3.2; RFC 6727, Section 6 5359 (psampFiltHashIpPayloadOffset)."; 5360 } 5362 leaf ip-payload-size { 5363 type uint64; 5364 units "octets"; 5365 default '8'; 5366 description 5367 "Number of IP payload bytes used as input to 5368 the hash function, counted from the payload offset. 5369 If the IP payload is shorter than the payload range, 5370 all available payload octets are used as input. 5371 Default value 8 corresponds to the minimum IP payload 5372 size that must be configurable according to RFC 5476, 5373 Section 6.5.2.6. 5375 This parameter corresponds to the Information Element 5376 hashIPPayloadSize and to psampFiltHashIpPayloadSize 5377 in the PSAMP MIB module."; 5378 reference 5379 "RFC 5477, Section 8.3.3; RFC 6727, Section 6 5380 (psampFiltHashIpPayloadSize)."; 5381 } 5383 leaf digest-output { 5384 type boolean; 5385 default 'false'; 5386 description 5387 "If true, the output from this Selector is 5388 included in the Packet Report as a packet digest. 5389 Therefore, the configured Cache Layout needs to contain 5390 a digestHashValue field. 5392 This parameter corresponds to the Information Element 5393 hashDigestOutput."; 5394 reference 5395 "RFC 5477, Section 8.3.8."; 5396 } 5397 list selected-range { 5398 key "name"; 5399 min-elements 1; 5400 description 5401 "List of hash function return ranges for 5402 which packets are selected."; 5404 leaf name { 5405 type ietf-ipfix:name-type; 5406 description 5407 "Name of the selected range."; 5408 } 5410 leaf min { 5411 type uint64; 5412 description 5413 "Beginning of the hash function's selected 5414 range. 5416 This parameter corresponds to the Information Element 5417 hashSelectedRangeMin and to psampFiltHashSelectedRangeMin 5418 in the PSAMP MIB module."; 5419 reference 5420 "RFC 5477, Section 8.3.6; RFC 6727, Section 6 5421 (psampFiltHashSelectedRangeMin)."; 5422 } 5424 leaf max { 5425 type uint64; 5426 description 5427 "End of the hash function's selected range. 5429 This parameter corresponds to the Information Element 5430 hashSelectedRangeMax and to psampFiltHashSelectedRangeMax 5431 in the PSAMP MIB module."; 5432 reference 5433 "RFC 5477, Section 8.3.7; RFC 6727, Section 6 5434 (psampFiltHashSelectedRangeMax)."; 5435 } 5436 } 5437 } 5439 grouping filter-hash-parameters-state { 5440 description 5441 "Configuration parameters of a Selector applying 5442 hash-based Filtering to the packet stream."; 5443 reference 5444 "RFC 5475, Section 6.2; RFC 5476, Section 6.5.2.6."; 5446 leaf output-range-min { 5447 type uint64; 5448 config false; 5449 description 5450 "Beginning of the hash function's potential 5451 range. 5453 This parameter corresponds to the Information Element 5454 hashOutputRangeMin and to psampFiltHashOutputRangeMin 5455 in the PSAMP MIB module."; 5456 reference 5457 "RFC 5477, Section 8.3.4; RFC 6727, Section 6 5458 (psampFiltHashOutputRangeMin)."; 5459 } 5461 leaf output-range-max { 5462 type uint64; 5463 config false; 5464 description 5465 "End of the hash function's potential range. 5467 This parameter corresponds to the Information Element 5468 hashOutputRangeMax and to psampFiltHashOutputRangeMax 5469 in the PSAMP MIB module."; 5470 reference 5471 "RFC 5477, Section 8.3.5; RFC 6727, Section 6 5472 (psampFiltHashOutputRangeMax)."; 5473 } 5474 } 5476 grouping selector-parameters { 5477 description 5478 "Configuration and state parameters of a Selector."; 5480 choice method { 5481 mandatory true; 5482 description 5483 "Packet selection method applied by the Selector."; 5485 leaf select-all { 5486 type empty; 5487 description 5488 "Method that selects all packets."; 5489 } 5491 container samp-count-based { 5492 if-feature psamp-samp-count-based; 5493 description 5494 "Systematic count-based packet Sampling."; 5496 uses samp-count-based-parameters; 5497 } 5499 container samp-time-based { 5500 if-feature psamp-samp-time-based; 5501 description 5502 "Systematic time-based packet Sampling."; 5504 uses samp-time-based-parameters; 5505 } 5507 container samp-rand-out-of-n { 5508 if-feature psamp-samp-rand-out-of-n; 5509 description 5510 "n-out-of-N packet Sampling."; 5512 uses samp-rand-out-of-n-parameters; 5513 } 5515 container samp-uni-prob { 5516 if-feature psamp-samp-uni-prob; 5517 description 5518 "Uniform probabilistic packet Sampling."; 5520 uses samp-uni-prob-parameters; 5521 } 5523 container filter-match { 5524 if-feature psamp-filter-match; 5525 description 5526 "Property match Filtering."; 5528 uses filter-match-parameters; 5529 } 5531 container filter-hash { 5532 if-feature psamp-filter-hash; 5533 description 5534 "Hash-based Filtering."; 5536 uses filter-hash-parameters; 5537 uses filter-hash-parameters-state; 5538 } 5539 } 5540 } 5541 grouping selector-parameters-state { 5542 description 5543 "Configuration and state parameters of a Selector."; 5545 leaf packets-observed { 5546 type yang:counter64; 5547 config false; 5548 description 5549 "The number of packets observed at the input of 5550 the Selector. 5552 If this is the first Selector in the Selection Process, 5553 this counter corresponds to the total number of packets in 5554 all Observed Packet Streams at the input of the Selection 5555 Process. Otherwise, the counter corresponds to the total 5556 number of packets at the output of the preceding Selector. 5557 Discontinuities in the value of this counter can occur at 5558 re-initialization of the management system, and at other 5559 times as indicated by the value of 5560 selectorDiscontinuityTime. 5562 Note that this parameter corresponds to 5563 ipfixSelectorStatsPacketsObserved in the IPFIX MIB 5564 module."; 5565 reference 5566 "RFC 6615, Section 8 5567 (ipfixSelectorStatsPacketsObserved)."; 5568 } 5570 leaf packets-dropped { 5571 type yang:counter64; 5572 config false; 5573 description 5574 "The total number of packets discarded by the 5575 Selector. 5577 Discontinuities in the value of this counter can occur at 5578 re-initialization of the management system, and at other 5579 times as indicated by the value of 5580 selectorDiscontinuityTime. 5582 Note that this parameter corresponds to 5583 ipfixSelectorStatsPacketsDropped in the IPFIX MIB 5584 module."; 5585 reference 5586 "RFC 6615, Section 8 5587 (ipfixSelectorStatsPacketsDropped)."; 5588 } 5589 leaf selector-discontinuity-time { 5590 type yang:date-and-time; 5591 config false; 5592 description 5593 "Timestamp of the most recent occasion at which 5594 one or more of the Selector counters suffered a 5595 discontinuity. 5597 Note that this parameter functionally corresponds to 5598 ipfixSelectionProcessStatsDiscontinuityTime in the IPFIX 5599 MIB module. In contrast to 5600 ipfixSelectionProcessStatsDiscontinuityTime, the time is 5601 absolute and not relative to sysUpTime."; 5602 reference 5603 "RFC 6615, Section 8 5604 (ipfixSelectionProcessStatsDiscontinuityTime)."; 5605 } 5606 } 5608 grouping cache-layout-parameters { 5609 description 5610 "Cache Layout parameters used by immediateCache, 5611 timeoutCache, naturalCache, and permanentCache."; 5613 container cache-layout { 5614 description 5615 "Cache Layout parameters."; 5617 list cache-field { 5618 key "name"; 5619 min-elements 1; 5620 description 5621 "Superset of fields that are included in the 5622 Packet Reports or Flow Records generated by the Cache."; 5624 leaf name { 5625 type ietf-ipfix:name-type; 5626 description 5627 "Name of the cache field."; 5628 } 5630 choice information-element { 5631 mandatory true; 5632 description 5633 "Information Element."; 5634 reference 5635 "RFC 5102, Section 2; IANA registry for IPFIX 5636 Entities, http://www.iana.org/assignments/ipfix."; 5638 leaf ie-name { 5639 type ietf-ipfix:ie-name-type; 5640 description 5641 "Name of the Information Element."; 5642 } 5644 leaf ie-id { 5645 type ietf-ipfix:ie-id-type; 5646 description 5647 "Identifier of the Information Element."; 5648 } 5649 } 5651 leaf ie-length { 5652 type uint16; 5653 units "octets"; 5654 description 5655 "Length of the field in which the Information 5656 Element is encoded. A value of 65535 specifies a 5657 variable-length Information Element. For Information 5658 Elements of integer and float type, the field length 5659 MAY be set to a smaller value than the standard length 5660 of the abstract data type if the rules of reduced size 5661 encoding are fulfilled. 5663 If not configured by the user, this parameter is set by 5664 the Monitoring Device."; 5665 reference 5666 "RFC 5101, Section 6.2."; 5667 } 5669 leaf ie-enterprise-number { 5670 type uint32; 5671 default '0'; 5672 description 5673 "If this parameter is zero, the Information 5674 Element is registered in the IANA registry of IPFIX 5675 Information Elements. 5677 If this parameter is configured with a non-zero private 5678 enterprise number, the Information Element is 5679 enterprise-specific. 5681 If the enterprise number is set to 29305, this field 5682 contains a Reverse Information Element. In this case, 5683 the Cache MUST generate Data Records in accordance to 5684 RFC 5103."; 5685 reference 5686 "RFC 5101; RFC 5103; 5687 IANA registry for Private Enterprise Numbers, 5688 http://www.iana.org/assignments/enterprise-numbers; 5689 IANA registry for IPFIX Entities, 5690 http://www.iana.org/assignments/ipfix."; 5691 } 5693 leaf is-flow-key { 5694 when 5695 "(name(../../..) != 'immediate-cache') 5696 and 5697 ((count(../ie-enterprise-number) = 0) 5698 or 5699 (../ie-enterprise-number != 29305))" { 5700 description 5701 "This parameter is not available for 5702 Reverse Information Elements (which have enterprise 5703 number 29305). It is also not available for 5704 immediateCache."; 5705 } 5706 type empty; 5707 description 5708 "If present, this is a flow key."; 5709 } 5710 } 5711 } 5712 } 5714 grouping flow-cache-parameters { 5715 description 5716 "Configuration parameters of a Cache generating Flow 5717 Records."; 5719 leaf max-flows { 5720 type uint32; 5721 units "flows"; 5722 description 5723 "This parameter configures the maximum number of 5724 Flows in the Cache, which is the maximum number of Flows 5725 that can be measured simultaneously. 5727 The Monitoring Device MUST ensure that sufficient resources 5728 are available to store the configured maximum number of 5729 Flows. 5731 If the maximum number of Flows is measured, an additional 5732 Flow can be measured only if an existing entry is removed. 5733 However, traffic that pertains to existing Flows can 5734 continue to be measured."; 5735 } 5737 leaf active-timeout { 5738 when "(name(..) = 'timeout-cache') or 5739 (name(..) = 'natural-cache')" { 5740 description 5741 "This parameter is only available for 5742 timeoutCache and naturalCache."; 5743 } 5744 type uint32; 5745 units "seconds"; 5746 description 5747 "This parameter configures the time in 5748 seconds after which a Flow is expired even though packets 5749 matching this Flow are still received by the Cache. 5750 The parameter value zero indicates infinity, meaning that 5751 there is no active timeout. 5753 If not configured by the user, the Monitoring Device sets 5754 this parameter. 5756 Note that this parameter corresponds to 5757 ipfixMeteringProcessCacheActiveTimeout in the IPFIX 5758 MIB module."; 5759 reference 5760 "RFC 6615, Section 8 5761 (ipfixMeteringProcessCacheActiveTimeout)."; 5762 } 5764 leaf idle-timeout { 5765 when 5766 "(name(..) = 'timeout-cache') or 5767 (name(..) = 'natural-cache')" { 5768 description 5769 "This parameter is only available for 5770 timeoutCache and naturalCache."; 5771 } 5772 type uint32; 5773 units "seconds"; 5774 description 5775 "This parameter configures the time in 5776 seconds after which a Flow is expired if no more packets 5777 matching this Flow are received by the Cache. 5779 The parameter value zero indicates infinity, meaning that 5780 there is no idle timeout. 5782 If not configured by the user, the Monitoring Device sets 5783 this parameter. 5785 Note that this parameter corresponds to 5786 ipfixMeteringProcessCacheIdleTimeout in the IPFIX 5787 MIB module."; 5788 reference 5789 "RFC 6615, Section 8 5790 (ipfixMeteringProcessCacheIdleTimeout)."; 5791 } 5793 leaf export-interval { 5794 when "name(..) = 'permanent-cache'" { 5795 description 5796 "This parameter is only available for permanentCache."; 5797 } 5798 type uint32; 5799 units "seconds"; 5800 description 5801 "This parameter configures the interval (in 5802 seconds) for periodical export of Flow Records. 5803 If not configured by the user, the Monitoring Device sets 5804 this parameter."; 5805 } 5806 } 5808 grouping flow-cache-parameters-state { 5809 description 5810 "State parameters of a Cache generating Flow Records."; 5812 leaf active-flows { 5813 type yang:gauge32; 5814 units "flows"; 5815 config false; 5816 description 5817 "The number of Flows currently active in this Cache. 5819 Note that this parameter corresponds to 5820 ipfixMeteringProcessCacheActiveFlows in the IPFIX MIB 5821 module."; 5822 reference 5823 "RFC 6615, Section 8 5824 (ipfixMeteringProcessCacheActiveFlows)."; 5825 } 5827 leaf unused-cache-entries { 5828 type yang:gauge32; 5829 units "flows"; 5830 config false; 5831 description 5832 "The number of unused Cache entries in this 5833 Cache. 5835 Note that this parameter corresponds to 5836 ipfixMeteringProcessCacheUnusedCacheEntries in the IPFIX 5837 MIB module."; 5838 reference 5839 "RFC 6615, Section 8 5840 (ipfixMeteringProcessCacheUnusedCacheEntries)."; 5841 } 5842 } 5844 augment '/ietf-ipfix:ipfix' { 5845 description 5846 "Augment IPFIX to add PSAMP."; 5848 container psamp { 5849 description 5850 "Container for PSAMP nodes."; 5852 list observation-point { 5853 key "name"; 5854 description 5855 "Observation Point of the Monitoring Device."; 5857 leaf name { 5858 type ietf-ipfix:name-type; 5859 description "Name of the observation point."; 5860 } 5862 uses observation-point-parameters; 5864 leaf-list selection-process { 5865 type leafref { 5866 path "/ietf-ipfix:ipfix/psamp/selection-process/name"; 5867 } 5868 description 5869 "Selection Processes in this list process 5870 packets in parallel."; 5871 } 5873 leaf observation-point-id { 5874 type uint32; 5875 config false; 5876 description 5877 "Observation Point ID (i.e., the value of the 5878 Information Element observationPointId) assigned by the 5879 Monitoring Device."; 5880 reference 5881 "IANA registry for IPFIX Entities, 5882 http://www.iana.org/assignments/ipfix."; 5883 } 5884 } 5886 list selection-process { 5887 key "name"; 5888 description 5889 "Selection Process of the Monitoring Device."; 5891 leaf name { 5892 type ietf-ipfix:name-type; 5893 description 5894 "Name of the selection process."; 5895 } 5897 list selector { 5898 key "name"; 5899 min-elements 1; 5900 ordered-by user; 5901 description 5902 "List of Selectors that define the action of the 5903 Selection Process on a single packet. The Selectors 5904 are serially invoked in the same order as they appear 5905 in this list."; 5907 leaf name { 5908 type ietf-ipfix:name-type; 5909 description 5910 "Name of the selector."; 5911 } 5913 uses selector-parameters; 5915 uses selector-parameters-state; 5916 } 5918 leaf cache { 5919 type leafref { 5920 path "/ietf-ipfix:ipfix/psamp/cache/name"; 5921 } 5922 description 5923 "Cache that receives the output of the 5924 Selection Process."; 5925 } 5926 list selection-sequence { 5927 config false; 5928 description 5929 "This list contains the Selection Sequence IDs 5930 that are assigned by the Monitoring Device to 5931 distinguish different Selection Sequences passing 5932 through the Selection Process. 5934 As Selection Sequence IDs are unique per Observation 5935 Domain, the corresponding Observation Domain IDs are 5936 included as well. 5938 With this information, it is possible to associate 5939 Selection Sequence (Statistics) Report Interpretations 5940 exported according to the PSAMP protocol with a 5941 Selection Process in the configuration data."; 5942 reference 5943 "RFC 5476."; 5945 leaf observation-domain-id { 5946 type uint32; 5947 description 5948 "Observation Domain ID for which the 5949 Selection Sequence ID is assigned."; 5950 } 5952 leaf selection-sequence-id { 5953 type uint64; 5954 description 5955 "Selection Sequence ID used in the Selection 5956 Sequence (Statistics) Report Interpretation."; 5957 } 5958 } 5959 } 5961 list cache { 5962 key "name"; 5963 description 5964 "Cache of the Monitoring Device."; 5966 leaf name { 5967 type ietf-ipfix:name-type; 5968 description 5969 "Name of the cache."; 5970 } 5972 leaf enabled { 5973 type boolean; 5974 default "true"; 5975 description 5976 "If true, this cache is enabled and the specified 5977 data is able to be exported."; 5978 } 5980 choice cache-type { 5981 mandatory true; 5982 description 5983 "Type of Cache and specific parameters."; 5985 container immediate-cache { 5986 if-feature immediate-cache; 5987 description 5988 "Flow expiration after the first packet; 5989 generation of Packet Records."; 5991 uses cache-layout-parameters; 5992 } 5994 container timeout-cache { 5995 if-feature timeout-cache; 5996 description 5997 "Flow expiration after active and idle 5998 timeout; generation of Flow Records."; 6000 uses flow-cache-parameters; 6001 uses cache-layout-parameters; 6002 uses flow-cache-parameters-state; 6004 } 6006 container natural-cache { 6007 if-feature natural-cache; 6008 description 6009 "Flow expiration after active and idle 6010 timeout, or on natural termination (e.g., TCP FIN or 6011 TCP RST) of the Flow; generation of Flow Records."; 6012 uses flow-cache-parameters; 6013 uses cache-layout-parameters; 6014 uses flow-cache-parameters-state; 6015 } 6017 container permanent-cache { 6018 if-feature permanent-cache; 6019 description 6020 "No flow expiration, periodical export with 6021 time interval exportInterval; generation of Flow 6022 Records."; 6023 uses flow-cache-parameters; 6024 uses cache-layout-parameters; 6025 uses flow-cache-parameters-state; 6026 } 6027 } 6029 leaf-list exporting-process { 6030 if-feature ietf-ipfix:exporter; 6031 type leafref { 6032 path "/ietf-ipfix:ipfix" 6033 + "/ietf-ipfix:exporting-process" 6034 + "/ietf-ipfix:name"; 6035 } 6036 description 6037 "Records are exported by all Exporting Processes 6038 in the list."; 6039 } 6041 leaf metering-process-id { 6042 type uint32; 6043 config false; 6044 description 6045 "The identifier of the Metering Process this 6046 Cache belongs to. 6048 This parameter corresponds to the Information Element 6049 meteringProcessId. Its occurrence helps to associate 6050 Cache parameters with Metering Process statistics 6051 exported by the Monitoring Device using the Metering 6052 Process (Reliability) Statistics Template as 6053 defined by the IPFIX protocol specification."; 6054 reference 6055 "RFC 5101, Sections 4.1 and 4.2; 6056 IANA registry for IPFIX Entities, 6057 http://www.iana.org/assignments/ipfix."; 6058 } 6060 leaf data-records { 6061 type yang:counter64; 6062 units "Data Records"; 6063 config false; 6064 description 6065 "The number of Data Records generated by this 6066 Cache. 6068 Discontinuities in the value of this counter can occur 6069 at re-initialization of the management system, and at 6070 other times as indicated by the value of 6071 cacheDiscontinuityTime. 6073 Note that this parameter corresponds to 6074 ipfixMeteringProcessDataRecords in the IPFIX MIB 6075 module."; 6076 reference 6077 "RFC 6615, Section 8 6078 (ipfixMeteringProcessDataRecords)."; 6079 } 6081 leaf cache-discontinuity-time { 6082 type yang:date-and-time; 6083 config false; 6084 description 6085 "Timestamp of the most recent occasion at which 6086 the counter dataRecords suffered a discontinuity. 6088 Note that this parameter functionally corresponds to 6089 ipfixMeteringProcessDiscontinuityTime in the IPFIX MIB 6090 module. In contrast to 6091 ipfixMeteringProcessDiscontinuityTime, the time is 6092 absolute and not relative to sysUpTime."; 6093 reference 6094 "RFC 6615, Section 8 6095 (ipfixMeteringProcessDiscontinuityTime)."; 6096 } 6097 } 6098 } 6099 } 6100 } 6102 6104 6.3. ietf-bulk-data-export 6106 6.3.1. ietf-bulk-data-export Module Structure 6108 This document defines the YANG module "ietf-bulk-data-export", which 6109 has the following tentative structure: 6111 module: ietf-bulk-data-export 6112 augment /ietf-ipfix:ipfix: 6113 +--rw bulk-data-export 6114 +--rw template* [name] 6115 +--rw name ietf-ipfix:name-type 6116 +--rw enabled? boolean 6117 +--rw export-interval? uint32 6118 +--rw observation-domain-id? uint32 6119 +--rw field-layout 6120 | ... 6121 +--rw exporting-process* 6122 | -> /ietf-ipfix:ipfix/exporting-process/name 6123 | {ietf-ipfix:exporter}? 6124 +--rw resource* resource 6125 +--ro data-records? yang:counter64 6126 +--ro discontinuity-time? yang:date-and-time 6128 6.3.2. ietf-bulk-data-export YANG module 6130 This YANG Module imports typedefs from [RFC6991]. 6132 file "ietf-bulk-data-export@2018-11-15.yang" 6134 module ietf-bulk-data-export { 6135 yang-version 1.1; 6137 namespace "urn:ietf:params:xml:ns:yang:ietf-bulk-data-export"; 6139 prefix ietf-bde; 6141 import ietf-ipfix { 6142 prefix ietf-ipfix; 6143 } 6145 import ietf-yang-types { 6146 prefix yang; 6147 } 6149 organization 6150 "IETF"; 6152 contact 6153 "Web: TBD 6154 List: TBD 6156 Editor: Joey Boyd 6157 6159 Editor: Marta Seda 6160 "; 6162 // RFC Ed.: replace XXXX with actual RFC numbers and 6163 // remove this note. 6165 description 6166 "This module contains a collection of YANG definitions for the 6167 management exporting bulk data over IPFIX. 6169 This data model is designed for the Network Management Datastore 6170 Architecture defined in RFC 8342. 6172 Copyright (c) 2019 IETF Trust and the persons identified 6173 as authors of the code. All rights reserved. 6175 Redistribution and use in source and binary forms, with or 6176 without modification, is permitted pursuant to, and subject 6177 to the license terms contained in, the Simplified BSD License 6178 set forth in Section 4.c of the IETF Trust's Legal Provisions 6179 Relating to IETF Documents 6180 (http://trustee.ietf.org/license-info). 6182 This version of this YANG module is part of XXXX; see the RFC 6183 itself for full legal notices."; 6185 revision 2019-03-11 { 6186 description 6187 "Initial revision."; 6188 reference 6189 "RFC XXXX: YANG Data Models for the IP Flow Information Export 6190 (IPFIX) Protocol, Packet Sampling (PSAMP) Protocol, 6191 and Bulk Data Export"; 6192 } 6194 feature bulk-data { 6195 description 6196 "If supported, bulk data templates can be configured."; 6197 } 6199 typedef resource { 6200 type instance-identifier { 6201 require-instance false; 6202 } 6203 description 6204 "A resource from which bulk data will be exported."; 6205 } 6206 grouping bulk-data-template-parameters { 6207 description 6208 "Field Layout parameters."; 6210 leaf observation-domain-id { 6211 type uint32; 6212 default 0; 6213 description 6214 "An identifier of an Observation Domain that is locally 6215 unique to an Exporting Process (see RFC 7011 Section 3.1). 6217 Typically, this Information Element is for limiting the 6218 scope of other Information Elements. 6220 A value of 0 indicates that no specific Observation Domain 6221 is identified by this Information Element."; 6222 } 6224 container field-layout { 6225 description 6226 "Field Layout parameters."; 6228 list field { 6229 key name; 6230 min-elements 1; 6231 description 6232 "Superset of statistics field names or special 6233 field-names (e.g., timestamps, etc) for interpreting 6234 statistics that are included in the 6235 Packet Reports or Flow Records generated by the device."; 6237 leaf name { 6238 type ietf-ipfix:name-type; 6239 description 6240 "Name of the field."; 6241 } 6243 choice identifier { 6244 mandatory true; 6245 description 6246 "ID of the Information Element to use in Packet Reports 6247 or Flow Records."; 6249 leaf ie-id { 6250 type ietf-ipfix:ie-id-type; 6251 description 6252 "ID of the Information Element."; 6253 } 6255 } 6257 leaf ie-length { 6258 type uint16; 6259 units octets; 6260 description 6261 "Length of the field in which the Information 6262 Element is encoded. A value of 65535 specifies a 6263 variable-length Information Element. For Information 6264 Elements of integer and float type, the field length MAY 6265 be set to a smaller value than the standard length of 6266 the abstract data type if the rules of reduced size 6267 encoding are fulfilled. 6269 If not configured by the user, this parameter is set by 6270 the Monitoring Device."; 6271 reference 6272 "RFC 5101, Section 6.2."; 6273 } 6275 leaf ie-enterprise-number { 6276 type uint32; 6277 default 0; 6278 description 6279 "If this parameter is zero, the Information 6280 Element is registered in the IANA registry of IPFIX 6281 Information Elements or unspecified (if the 6282 Informational Element is not IANA registered). 6284 If this parameter is configured with a non-zero private 6285 enterprise number, the Information Element is 6286 enterprise-specific."; 6287 reference 6288 "RFC 5101; RFC 5103; 6289 IANA registry for Private Enterprise Numbers, 6290 http://www.iana.org/assignments/enterprise-numbers; 6291 IANA registry for IPFIX Entities, 6292 http://www.iana.org/assignments/ipfix."; 6293 } 6294 } 6295 } 6296 } 6298 augment "/ietf-ipfix:ipfix" { 6299 description 6300 "Augment IPFIX to add bulk data."; 6302 container bulk-data-export { 6303 description 6304 "Container for bulk data export nodes."; 6306 list template { 6307 key name; 6308 description 6309 "List of bulk data templates of the Monitoring Device."; 6311 leaf name { 6312 type ietf-ipfix:name-type; 6313 description 6314 "Name of the bulk data template."; 6315 } 6317 leaf enabled { 6318 type boolean; 6319 default "true"; 6320 description 6321 "If true, this template is enabled and the specified 6322 data is able to be exported."; 6323 } 6325 leaf export-interval { 6326 type uint32; 6327 units "seconds"; 6328 description 6329 "This parameter configures the interval (in 6330 seconds) for periodical export of Flow Records. 6332 If not configured by the user, the Monitoring Device 6333 sets this parameter."; 6334 } 6336 uses bulk-data-template-parameters; 6338 leaf-list exporting-process { 6339 if-feature ietf-ipfix:exporter; 6340 type leafref { 6341 path "/ietf-ipfix:ipfix" 6342 + "/ietf-ipfix:exporting-process" 6343 + "/ietf-ipfix:name"; 6344 } 6345 description 6346 "Records are exported by all Exporting Processes in the 6347 list."; 6348 } 6350 leaf-list resource { 6351 type resource; 6352 description 6353 "Records are sourced from all resources in this list."; 6354 } 6356 leaf data-records { 6357 type yang:counter64; 6358 units "Data Records"; 6359 config false; 6360 description 6361 "The number of Data Records generated for this 6362 sampling template. Discontinuities in the value of 6363 this counter can occur at re-initialization of the 6364 management system, and at other times as indicated by 6365 the value of Discontinuity Time."; 6366 } 6368 leaf discontinuity-time { 6369 type yang:date-and-time; 6370 config false; 6371 description 6372 "Timestamp of the most recent occasion at which 6373 the counter data records suffered a discontinuity."; 6374 } 6375 } 6376 } 6377 } 6378 } 6380 6382 7. IANA Considerations 6384 This document registers 3 URIs in the "IETF XML Registry". 6385 [RFC3688]. Following the format in RFC 3688, the following 6386 registrations have been made. 6388 URI: urn:ietf:params:xml:ns:yang:ietf-ipfix 6389 Registrant Contact: The IESG. 6390 XML: N/A, the requested URI is an XML namespace. 6392 URI: urn:ietf:params:xml:ns:yang:ietf-psamp 6393 Registrant Contact: The IESG. 6394 XML: N/A, the requested URI is an XML namespace. 6396 URI: urn:ietf:params:xml:ns:yang:ietf-bulk-data-export 6397 Registrant Contact: The IESG. 6398 XML: N/A, the requested URI is an XML namespace. 6400 This document registers 3 YANG modules in the "YANG Module Names" 6401 registry. Following the format in [RFC7950], the following have been 6402 registered. 6404 Name: ietf-ipfix 6405 Namespace: urn:ietf:params:xml:ns:yang:ietf-ipfix 6406 Prefix: ietf-ipfix 6407 Reference: TBD 6409 Name: ietf-psamp 6410 Namespace: urn:ietf:params:xml:ns:yang:ietf-psamp 6411 Prefix: ietf-psamp 6412 Reference: TBD 6414 Name: ietf-bulk-data-export 6415 Namespace: urn:ietf:params:xml:ns:yang:ietf-bulk-data-export 6416 Prefix: ietf-bde 6417 Reference: TBD 6419 8. Security Considerations 6421 The YANG module specified in this document defines a schema for data 6422 that is designed to be accessed via network management protocols such 6423 as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer 6424 is the secure transport layer, and the mandatory-to-implement secure 6425 transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer 6426 is HTTPS, and the mandatory-to-implement secure transport is TLS 6427 [RFC8446]. 6429 The NETCONF access control model [RFC8341] provides the means to 6430 restrict access for particular NETCONF or RESTCONF users to a 6431 preconfigured subset of all available NETCONF or RESTCONF protocol 6432 operations and content. 6434 There are a number of data nodes defined in this YANG module that are 6435 writable/creatable/deletable (i.e., config true, which is the 6436 default). These data nodes may be considered sensitive or vulnerable 6437 in some network environments. Write operations (e.g., edit-config) 6438 to these data nodes without proper protection can have a negative 6439 effect on network operations. These are the subtrees and data nodes 6440 and their sensitivity/vulnerability: 6442 o /ipfix/psamp/observation-point: The configuration parameters in 6443 this subtree specify where packets are observed and by which 6444 Selection Processes they will be processed. Write access to this 6445 subtree allows observing packets at arbitrary interfaces or 6446 linecards of the Monitoring Device and may thus lead to the export 6447 of sensitive traffic information. 6449 o /ipfix/psamp/selection-process: The configuration parameters in 6450 this subtree specify for which packets information will be 6451 reported in Packet Reports or Flow Records. Write access to this 6452 subtree allows changing the subset of packets for which 6453 information will be reported and may thus lead to the export of 6454 sensitive traffic information. 6456 o /ipfix/psamp/cache: The configuration parameters in this subtree 6457 specify the fields included in Packet Reports or Flow Records. 6458 Write access to this subtree allows adding fields which may 6459 contain sensitive traffic information, such as IP addresses or 6460 parts of the packet payload. 6462 o /ipfix/exporting-process: The configuration parameters in this 6463 subtree specify to which Collectors Packet Reports or Flow Records 6464 are exported. Write access to this subtree allows exporting 6465 potentially sensitive traffic information to illegitimate 6466 Collectors. Furthermore, TLS/DTLS parameters can be changed, 6467 which may affect the mutual authentication between Exporters and 6468 Collectors as well as the encrypted transport of the data. 6470 o /ipfix/collecting-process: The configuration parameters in this 6471 subtree may specify that collected Packet Reports and Flow Records 6472 are reexported to another Collector or written to a file. Write 6473 access to this subtree potentially allows reexporting or storing 6474 the sensitive traffic information. 6476 o /ipfix/bulk-data-export/template: The configuration parameters in 6477 this subtree specify the fields included in the bulk data export. 6478 Write access to this subtree allows adding fields which may cause 6479 export of sensitive configuration and/or statistics. 6481 Some of the readable data nodes in this YANG module may be considered 6482 sensitive or vulnerable in some network environments. It is thus 6483 important to control read access (e.g., via get, get-config, or 6484 notification) to these data nodes. These are the subtrees and data 6485 nodes and their sensitivity/vulnerability: 6487 o /ipfix/psamp/observation-point: Parameters in this subtree may be 6488 sensitive because they reveal information about the Monitoring 6489 Device itself and the network infrastructure. 6491 o /ipfix/psamp/selection-process: Parameters in this subtree may be 6492 sensitive because they reveal information about the Monitoring 6493 Device itself and the observed traffic. For example, the counters 6494 packetsObserved and packetsDropped inferring the number of 6495 observed packets. 6497 o /ipfix/psamp/cache: Parameters in this subtree may be sensitive 6498 because they reveal information about the Monitoring Device itself 6499 and the observed traffic. For example, the counters activeFlows 6500 and dataRecords allow inferring the number of measured Flows or 6501 packets. 6503 o /ipfix/exporting-process: Parameters in this subtree may be 6504 sensitive because they reveal information about the network 6505 infrastructure and the outgoing IPFIX Transport Sessions. For 6506 example, it discloses the IP addresses of Collectors as well as 6507 the deployed TLS/DTLS configuration, which may facilitate the 6508 interception of outgoing IPFIX Messages. 6510 o /ipfix/collecting-process: Parameters in this subtree may be 6511 sensitive because they reveal information about the network 6512 infrastructure and the incoming IPFIX Transport Sessions. For 6513 example, it discloses the IP addresses of Exporters as well as the 6514 deployed TLS/DTLS configuration, which may facilitate the 6515 interception of incoming IPFIX Messages. 6517 9. Acknowledgments 6519 The authors would like to thank Anand Arokiaraj and William Lupton 6520 for their contributions towards creation of this document and 6521 associated YANG data models. 6523 10. References 6525 10.1. Normative References 6527 [BBF.TR-352] 6528 Broadband Forum, "Multi-wavelength PON Inter-Channel- 6529 Termination Protocol (ICTP) Specification", May 2017, 6530 . 6533 [IANA-IPFIX] 6534 IANA, "IP Flow Information Export (IPFIX) Entities", 6535 . 6537 [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group 6538 MIB", RFC 2863, DOI 10.17487/RFC2863, June 2000, 6539 . 6541 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 6542 DOI 10.17487/RFC3688, January 2004, 6543 . 6545 [RFC3758] Stewart, R., Ramalho, M., Xie, Q., Tuexen, M., and P. 6546 Conrad, "Stream Control Transmission Protocol (SCTP) 6547 Partial Reliability Extension", RFC 3758, 6548 DOI 10.17487/RFC3758, May 2004, 6549 . 6551 [RFC4960] Stewart, R., Ed., "Stream Control Transmission Protocol", 6552 RFC 4960, DOI 10.17487/RFC4960, September 2007, 6553 . 6555 [RFC5103] Trammell, B. and E. Boschi, "Bidirectional Flow Export 6556 Using IP Flow Information Export (IPFIX)", RFC 5103, 6557 DOI 10.17487/RFC5103, January 2008, 6558 . 6560 [RFC5475] Zseby, T., Molina, M., Duffield, N., Niccolini, S., and F. 6561 Raspall, "Sampling and Filtering Techniques for IP Packet 6562 Selection", RFC 5475, DOI 10.17487/RFC5475, March 2009, 6563 . 6565 [RFC5476] Claise, B., Ed., Johnson, A., and J. Quittek, "Packet 6566 Sampling (PSAMP) Protocol Specifications", RFC 5476, 6567 DOI 10.17487/RFC5476, March 2009, 6568 . 6570 [RFC5477] Dietz, T., Claise, B., Aitken, P., Dressler, F., and G. 6571 Carle, "Information Model for Packet Sampling Exports", 6572 RFC 5477, DOI 10.17487/RFC5477, March 2009, 6573 . 6575 [RFC5610] Boschi, E., Trammell, B., Mark, L., and T. Zseby, 6576 "Exporting Type Information for IP Flow Information Export 6577 (IPFIX) Information Elements", RFC 5610, 6578 DOI 10.17487/RFC5610, July 2009, 6579 . 6581 [RFC5655] Trammell, B., Boschi, E., Mark, L., Zseby, T., and A. 6582 Wagner, "Specification of the IP Flow Information Export 6583 (IPFIX) File Format", RFC 5655, DOI 10.17487/RFC5655, 6584 October 2009, . 6586 [RFC6347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer 6587 Security Version 1.2", RFC 6347, DOI 10.17487/RFC6347, 6588 January 2012, . 6590 [RFC6526] Claise, B., Aitken, P., Johnson, A., and G. Muenz, "IP 6591 Flow Information Export (IPFIX) Per Stream Control 6592 Transmission Protocol (SCTP) Stream", RFC 6526, 6593 DOI 10.17487/RFC6526, March 2012, 6594 . 6596 [RFC6615] Dietz, T., Ed., Kobayashi, A., Claise, B., and G. Muenz, 6597 "Definitions of Managed Objects for IP Flow Information 6598 Export", RFC 6615, DOI 10.17487/RFC6615, June 2012, 6599 . 6601 [RFC6727] Dietz, T., Ed., Claise, B., and J. Quittek, "Definitions 6602 of Managed Objects for Packet Sampling", RFC 6727, 6603 DOI 10.17487/RFC6727, October 2012, 6604 . 6606 [RFC6728] Muenz, G., Claise, B., and P. Aitken, "Configuration Data 6607 Model for the IP Flow Information Export (IPFIX) and 6608 Packet Sampling (PSAMP) Protocols", RFC 6728, 6609 DOI 10.17487/RFC6728, October 2012, 6610 . 6612 [RFC6933] Bierman, A., Romascanu, D., Quittek, J., and M. 6613 Chandramouli, "Entity MIB (Version 4)", RFC 6933, 6614 DOI 10.17487/RFC6933, May 2013, 6615 . 6617 [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", 6618 RFC 6991, DOI 10.17487/RFC6991, July 2013, 6619 . 6621 [RFC7011] Claise, B., Ed., Trammell, B., Ed., and P. Aitken, 6622 "Specification of the IP Flow Information Export (IPFIX) 6623 Protocol for the Exchange of Flow Information", STD 77, 6624 RFC 7011, DOI 10.17487/RFC7011, September 2013, 6625 . 6627 [RFC7012] Claise, B., Ed. and B. Trammell, Ed., "Information Model 6628 for IP Flow Information Export (IPFIX)", RFC 7012, 6629 DOI 10.17487/RFC7012, September 2013, 6630 . 6632 [RFC7119] Claise, B., Kobayashi, A., and B. Trammell, "Operation of 6633 the IP Flow Information Export (IPFIX) Protocol on IPFIX 6634 Mediators", RFC 7119, DOI 10.17487/RFC7119, February 2014, 6635 . 6637 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 6638 RFC 7950, DOI 10.17487/RFC7950, August 2016, 6639 . 6641 [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., 6642 and R. Wilton, "Network Management Datastore Architecture 6643 (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, 6644 . 6646 [RFC8343] Bjorklund, M., "A YANG Data Model for Interface 6647 Management", RFC 8343, DOI 10.17487/RFC8343, March 2018, 6648 . 6650 [RFC8348] Bierman, A., Bjorklund, M., Dong, J., and D. Romascanu, "A 6651 YANG Data Model for Hardware Management", RFC 8348, 6652 DOI 10.17487/RFC8348, March 2018, 6653 . 6655 10.2. Informative References 6657 [IANA-ENTERPRISE-NUMBERS] 6658 IANA, "Private Enterprise Numbers", 6659 . 6661 [RFC1141] Mallory, T. and A. Kullberg, "Incremental updating of the 6662 Internet checksum", RFC 1141, DOI 10.17487/RFC1141, 6663 January 1990, . 6665 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 6666 Requirement Levels", BCP 14, RFC 2119, 6667 DOI 10.17487/RFC2119, March 1997, 6668 . 6670 [RFC3871] Jones, G., Ed., "Operational Security Requirements for 6671 Large Internet Service Provider (ISP) IP Network 6672 Infrastructure", RFC 3871, DOI 10.17487/RFC3871, September 6673 2004, . 6675 [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., 6676 Housley, R., and W. Polk, "Internet X.509 Public Key 6677 Infrastructure Certificate and Certificate Revocation List 6678 (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, 6679 . 6681 [RFC5473] Boschi, E., Mark, L., and B. Claise, "Reducing Redundancy 6682 in IP Flow Information Export (IPFIX) and Packet Sampling 6683 (PSAMP) Reports", RFC 5473, DOI 10.17487/RFC5473, March 6684 2009, . 6686 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 6687 and A. Bierman, Ed., "Network Configuration Protocol 6688 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 6689 . 6691 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 6692 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 6693 . 6695 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 6696 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 6697 . 6699 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 6700 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 6701 May 2017, . 6703 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 6704 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 6705 . 6707 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration 6708 Access Control Model", STD 91, RFC 8341, 6709 DOI 10.17487/RFC8341, March 2018, 6710 . 6712 [RFC8407] Bierman, A., "Guidelines for Authors and Reviewers of 6713 Documents Containing YANG Data Models", BCP 216, RFC 8407, 6714 DOI 10.17487/RFC8407, October 2018, 6715 . 6717 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 6718 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 6719 . 6721 Appendix A. Example: ietf-ipfix Usage 6723 This configuration example configures an IPFIX exporter for a BBF 6724 TR-352 ICTP Proxy. 6726 6727 6728 TR352-exporter 6729 true 6730 6731 ICTP-Proxy1-collector 6732 6733 6734 192.100.2.1 6735 6736 6737 proxy1.sys.com 6738 6739 6740 6741 6742 Options 1 6743 extended-type-information 6744 0 6745 6746 6747 6749 This configuration example configures an IPFIX mediator. 6751 6752 6753 OLT-collector 6754 6755 myolt-tcp-collector 6756 local-ip-address 6757 192.100.2.1 6758 6759 6760 OLT-exporter 6761 6762 6763 OLT-exporter 6764 true 6765 6766 big-collector 6767 6768 6769 192.100.2.1 6770 6771 6772 collect1.sys.com 6773 6774 6775 6776 6777 Options 1 6778 extended-type-information 6779 0 6780 6781 6782 6784 Appendix B. Example: ietf-psamp Usage 6786 This configuration example configures two Observation Points 6787 capturing ingress traffic at eth0 and all traffic at eth1. Both 6788 Observed Packet Streams enter two different Selection Processes. The 6789 first Selection Process implements a Composite Selector of a filter 6790 for UDP packets and a random sampler. The second Selection Process 6791 implements a Primitive Selector of an ICMP filter. The Selected 6792 Packet Streams of both Selection Processes enter the same Cache. The 6793 Cache generates a PSAMP Packet Report for every selected packet. 6795 The associated Exporting Process exports to a Collector using PR-SCTP 6796 and DTLS. The TLS/DTLS parameters specify that the collector must 6797 supply a certificate for the FQDN collector.example.net. Valid 6798 certificates from any certification authority will be accepted. As 6799 the destination transport port is omitted, the standard IPFIX-over- 6800 DTLS port 4740 is used. 6802 The parameters of the Selection Processes are reported as Selection 6803 Sequence Report Interpretations and Selector Report Interpretations 6804 [RFC5476]. There will be two Selection Sequence Report 6805 Interpretations per Selection Process, one for each Observation 6806 Point. Selection Sequence Statistics Report Interpretations are 6807 exported every 30 seconds (30000 milliseconds). 6809 6810 6811 6812 OP at eth0 (ingress) 6813 123 6814 eth0 6815 ingress 6816 Sampled UDP packets 6817 ICMP packets 6818 6820 6821 OP at eth1 6822 123 6823 eth1 6824 Sampled UDP packets 6825 ICMP packets 6826 6828 6829 Sampled UDP packets 6830 6831 UDP filter 6832 6833 4 6834 17 6835 6836 6837 6838 10-out-of-100 sampler 6839 6840 10 6841 100 6842 6843 6844 PSAMP cache 6845 6846 6847 ICMP packets 6848 6849 ICMP filter 6850 6851 4 6852 1 6853 6854 6855 PSAMP cache 6856 6858 6859 PSAMP cache 6860 6861 6862 6863 Field 1: ipHeaderPacketSection 6864 313 6865 64 6866 6867 6868 Field 2: observationTimeMilliseconds 6869 322 6870 6871 6872 6873 The only exporter 6874 6875 6877 6878 The only exporter 6879 true 6880 6881 PR-SCTP collector 6882 6883 192.0.2.1 6884 1000000 6885 500 6886 6887 coll-1.ex.net 6888 6889 6890 6891 6892 Options 1 6893 selection-sequence 6894 0 6895 6896 6897 Options 2 6898 selection-statistics 6899 30000 6900 6901 6903 6905 Appendix C. Example: ietf-bulk-data-export Usage 6907 The configuration example configures a field-layout template to 6908 export Ethernet statistics from eth0 and eth1.: 6910 6911 6914 6937 6938 6939 The only one 6940 true 6941 6942 Bulk data collector 6943 6944 192.0.2.2 6945 1000000 6946 6947 coll-2.ex.net 6948 6949 6950 6951 6952 6954 Appendix D. Tree diagrams 6956 D.1. ietf-ipfix 6958 The complete tree diagram for ietf-ipfix: 6960 module: ietf-ipfix 6961 +--rw ipfix 6962 +--rw collecting-process* [name] {collector}? 6963 | +--rw name name-type 6964 | +--rw tcp-collector* [name] {tcp-transport}? 6965 | | +--rw name name-type 6966 | | +--rw local-port? inet:port-number 6967 | | +--rw transport-layer-security! 6968 | | | +--rw local-certification-authority-dn* string 6969 | | | +--rw local-subject-dn* string 6970 | | | +--rw local-subject-fqdn* 6971 | | | | inet:domain-name 6972 | | | +--rw remote-certification-authority-dn* string 6973 | | | +--rw remote-subject-dn* string 6974 | | | +--rw remote-subject-fqdn* 6975 | | | inet:domain-name 6976 | | +--rw (local-address-method)? 6977 | | | +--:(local-address) 6978 | | | +--rw local-address* inet:host 6979 | | +--ro transport-session* [name] 6980 | | +--ro name name-type 6981 | | +--ro ipfix-version? uint16 6982 | | +--ro source-address? inet:host 6983 | | +--ro destination-address? inet:host 6984 | | +--ro source-port? 6985 | | | inet:port-number 6986 | | +--ro destination-port? 6987 | | | inet:port-number 6988 | | +--ro status? 6989 | | | transport-session-status 6990 | | +--ro rate? 6991 | | | yang:gauge32 6992 | | +--ro bytes? 6993 | | | yang:counter64 6994 | | +--ro messages? 6995 | | | yang:counter64 6996 | | +--ro discarded-messages? 6997 | | | yang:counter64 6998 | | +--ro records? 6999 | | | yang:counter64 7000 | | +--ro templates? 7001 | | | yang:counter32 7002 | | +--ro options-templates? 7003 | | | yang:counter32 7004 | | +--ro transport-session-start-time? 7005 | | | yang:date-and-time 7006 | | +--ro transport-session-discontinuity-time? 7007 | | | yang:date-and-time 7008 | | +--ro template* [] 7009 | | +--ro observation-domain-id? uint32 7010 | | +--ro template-id? uint16 7011 | | +--ro set-id? uint16 7012 | | +--ro access-time? 7013 | | | yang:date-and-time 7014 | | +--ro template-data-records? yang:counter64 7015 | | +--ro template-discontinuity-time? 7016 | | | yang:date-and-time 7017 | | +--ro field* [] 7018 | | +--ro ie-id? ie-id-type 7019 | | +--ro ie-length? uint16 7020 | | +--ro ie-enterprise-number? uint32 7021 | | +--ro is-flow-key? empty 7022 | | +--ro is-scope? empty 7023 | +--rw udp-collector* [name] {udp-transport}? 7024 | | +--rw name name-type 7025 | | +--rw local-port? inet:port-number 7026 | | +--rw transport-layer-security! 7027 | | | +--rw local-certification-authority-dn* string 7028 | | | +--rw local-subject-dn* string 7029 | | | +--rw local-subject-fqdn* 7030 | | | | inet:domain-name 7031 | | | +--rw remote-certification-authority-dn* string 7032 | | | +--rw remote-subject-dn* string 7033 | | | +--rw remote-subject-fqdn* 7034 | | | inet:domain-name 7035 | | +--rw (local-address-method)? 7036 | | | +--:(local-address) 7037 | | | +--rw local-address* inet:host 7038 | | +--rw template-life-time? uint32 7039 | | +--rw options-template-life-time? uint32 7040 | | +--rw template-life-packet? uint32 7041 | | +--rw options-template-life-packet? uint32 7042 | | +--ro transport-session* [name] 7043 | | +--ro name name-type 7044 | | +--ro ipfix-version? uint16 7045 | | +--ro source-address? inet:host 7046 | | +--ro destination-address? inet:host 7047 | | +--ro source-port? 7048 | | | inet:port-number 7049 | | +--ro destination-port? 7050 | | | inet:port-number 7051 | | +--ro status? 7052 | | | transport-session-status 7053 | | +--ro rate? 7054 | | | yang:gauge32 7055 | | +--ro bytes? 7056 | | | yang:counter64 7057 | | +--ro messages? 7058 | | | yang:counter64 7059 | | +--ro discarded-messages? 7060 | | | yang:counter64 7061 | | +--ro records? 7062 | | | yang:counter64 7063 | | +--ro templates? 7064 | | | yang:counter32 7065 | | +--ro options-templates? 7066 | | | yang:counter32 7067 | | +--ro transport-session-start-time? 7068 | | | yang:date-and-time 7069 | | +--ro transport-session-discontinuity-time? 7070 | | | yang:date-and-time 7071 | | +--ro template* [] 7072 | | +--ro observation-domain-id? uint32 7073 | | +--ro template-id? uint16 7074 | | +--ro set-id? uint16 7075 | | +--ro access-time? 7076 | | | yang:date-and-time 7077 | | +--ro template-data-records? yang:counter64 7078 | | +--ro template-discontinuity-time? 7079 | | | yang:date-and-time 7080 | | +--ro field* [] 7081 | | +--ro ie-id? ie-id-type 7082 | | +--ro ie-length? uint16 7083 | | +--ro ie-enterprise-number? uint32 7084 | | +--ro is-flow-key? empty 7085 | | +--ro is-scope? empty 7086 | +--rw sctp-collector* [name] {sctp-transport}? 7087 | | +--rw name name-type 7088 | | +--rw local-port? inet:port-number 7089 | | +--rw transport-layer-security! 7090 | | | +--rw local-certification-authority-dn* string 7091 | | | +--rw local-subject-dn* string 7092 | | | +--rw local-subject-fqdn* 7093 | | | | inet:domain-name 7094 | | | +--rw remote-certification-authority-dn* string 7095 | | | +--rw remote-subject-dn* string 7096 | | | +--rw remote-subject-fqdn* 7097 | | | inet:domain-name 7098 | | +--rw (local-address-method)? 7099 | | | +--:(local-address) 7100 | | | +--rw local-address* inet:host 7101 | | +--ro transport-session* [name] 7102 | | +--ro name name-type 7103 | | +--ro sctp-association-id? uint32 7104 | | +--ro ipfix-version? uint16 7105 | | +--ro source-address? inet:host 7106 | | +--ro destination-address? inet:host 7107 | | +--ro source-port? 7108 | | | inet:port-number 7109 | | +--ro destination-port? 7110 | | | inet:port-number 7111 | | +--ro status? 7112 | | | transport-session-status 7113 | | +--ro rate? 7114 | | | yang:gauge32 7115 | | +--ro bytes? 7116 | | | yang:counter64 7117 | | +--ro messages? 7118 | | | yang:counter64 7119 | | +--ro discarded-messages? 7120 | | | yang:counter64 7121 | | +--ro records? 7122 | | | yang:counter64 7123 | | +--ro templates? 7124 | | | yang:counter32 7125 | | +--ro options-templates? 7126 | | | yang:counter32 7127 | | +--ro transport-session-start-time? 7128 | | | yang:date-and-time 7129 | | +--ro transport-session-discontinuity-time? 7130 | | | yang:date-and-time 7131 | | +--ro template* [] 7132 | | +--ro observation-domain-id? uint32 7133 | | +--ro template-id? uint16 7134 | | +--ro set-id? uint16 7135 | | +--ro access-time? 7136 | | | yang:date-and-time 7137 | | +--ro template-data-records? yang:counter64 7138 | | +--ro template-discontinuity-time? 7139 | | | yang:date-and-time 7140 | | +--ro field* [] 7141 | | +--ro ie-id? ie-id-type 7142 | | +--ro ie-length? uint16 7143 | | +--ro ie-enterprise-number? uint32 7144 | | +--ro is-flow-key? empty 7145 | | +--ro is-scope? empty 7146 | +--rw file-reader* [name] {file-reader}? 7147 | | +--rw name name-type 7148 | | +--rw file inet:uri 7149 | | +--ro file-reader-state 7150 | | +--ro bytes? yang:counter64 7151 | | +--ro messages? yang:counter64 7152 | | +--ro records? yang:counter64 7153 | | +--ro templates? yang:counter32 7154 | | +--ro options-templates? yang:counter32 7155 | | +--ro file-reader-discontinuity-time? 7156 | | | yang:date-and-time 7157 | | +--ro template* [] 7158 | | +--ro observation-domain-id? uint32 7159 | | +--ro template-id? uint16 7160 | | +--ro set-id? uint16 7161 | | +--ro access-time? 7162 | | | yang:date-and-time 7163 | | +--ro template-data-records? yang:counter64 7164 | | +--ro template-discontinuity-time? 7165 | | | yang:date-and-time 7166 | | +--ro field* [] 7167 | | +--ro ie-id? ie-id-type 7168 | | +--ro ie-length? uint16 7169 | | +--ro ie-enterprise-number? uint32 7170 | | +--ro is-flow-key? empty 7171 | | +--ro is-scope? empty 7172 | +--rw exporting-process* -> /ipfix/exporting-process/name 7173 | {exporter}? 7174 +--rw exporting-process* [name] {exporter}? 7175 +--rw name name-type 7176 +--rw enabled? boolean 7177 +--rw export-mode? identityref 7178 +--rw destination* [name] 7179 | +--rw name name-type 7180 | +--rw (destination-parameters) 7181 | +--:(tcp-exporter) 7182 | | +--rw tcp-exporter {tcp-transport}? 7183 | | +--rw ipfix-version? uint16 7184 | | +--rw destination-port? 7185 | | | inet:port-number 7186 | | +--rw send-buffer-size? uint32 7187 | | +--rw rate-limit? uint32 7188 | | +--rw transport-layer-security! 7189 | | | +--rw local-certification-authority-dn* 7190 | | | | string 7191 | | | +--rw local-subject-dn* 7192 | | | | string 7193 | | | +--rw local-subject-fqdn* 7194 | | | | inet:domain-name 7195 | | | +--rw remote-certification-authority-dn* 7196 | | | | string 7197 | | | +--rw remote-subject-dn* 7198 | | | | string 7199 | | | +--rw remote-subject-fqdn* 7200 | | | inet:domain-name 7201 | | +--rw source 7202 | | | +--rw (source-method)? 7203 | | | +--:(source-address) 7204 | | | | +--rw source-address? inet:host 7205 | | | +--:(interface-ref) 7206 | | | | +--rw interface-ref? if:interface-ref 7207 | | | +--:(if-index) {if-mib}? 7208 | | | | +--rw if-index? uint32 7209 | | | +--:(if-name) {if-mib}? 7210 | | | +--rw if-name? string 7211 | | +--rw destination 7212 | | | +--rw (destination-method) 7213 | | | +--:(destination-address) 7214 | | | +--rw destination-address? inet:host 7215 | | +--ro transport-session 7216 | | +--ro ipfix-version? 7217 | | | uint16 7218 | | +--ro source-address? 7219 | | | inet:host 7220 | | +--ro destination-address? 7221 | | | inet:host 7222 | | +--ro source-port? 7223 | | | inet:port-number 7224 | | +--ro destination-port? 7225 | | | inet:port-number 7226 | | +--ro status? 7227 | | | transport-session-status 7228 | | +--ro rate? 7229 | | | yang:gauge32 7230 | | +--ro bytes? 7231 | | | yang:counter64 7232 | | +--ro messages? 7233 | | | yang:counter64 7234 | | +--ro discarded-messages? 7235 | | | yang:counter64 7236 | | +--ro records? 7237 | | | yang:counter64 7238 | | +--ro templates? 7239 | | | yang:counter32 7240 | | +--ro options-templates? 7241 | | | yang:counter32 7242 | | +--ro transport-session-start-time? 7243 | | | yang:date-and-time 7244 | | +--ro transport-session-discontinuity-time? 7245 | | | yang:date-and-time 7246 | | +--ro template* [] 7247 | | +--ro observation-domain-id? uint32 7248 | | +--ro template-id? uint16 7249 | | +--ro set-id? uint16 7250 | | +--ro access-time? 7251 | | | yang:date-and-time 7252 | | +--ro template-data-records? 7253 | | | yang:counter64 7254 | | +--ro template-discontinuity-time? 7255 | | | yang:date-and-time 7256 | | +--ro field* [] 7257 | | +--ro ie-id? ie-id-type 7258 | | +--ro ie-length? uint16 7259 | | +--ro ie-enterprise-number? uint32 7260 | | +--ro is-flow-key? empty 7261 | | +--ro is-scope? empty 7262 | +--:(udp-exporter) 7263 | | +--rw udp-exporter {udp-transport}? 7264 | | +--rw ipfix-version? uint16 7265 | | +--rw destination-port? 7266 | | | inet:port-number 7267 | | +--rw send-buffer-size? uint32 7268 | | +--rw rate-limit? uint32 7269 | | +--rw transport-layer-security! 7270 | | | +--rw local-certification-authority-dn* 7271 | | | | string 7272 | | | +--rw local-subject-dn* 7273 | | | | string 7274 | | | +--rw local-subject-fqdn* 7275 | | | | inet:domain-name 7276 | | | +--rw remote-certification-authority-dn* 7277 | | | | string 7278 | | | +--rw remote-subject-dn* 7279 | | | | string 7280 | | | +--rw remote-subject-fqdn* 7281 | | | inet:domain-name 7282 | | +--rw source 7283 | | | +--rw (source-method)? 7284 | | | +--:(source-address) 7285 | | | | +--rw source-address? inet:host 7286 | | | +--:(interface-ref) 7287 | | | | +--rw interface-ref? if:interface-ref 7288 | | | +--:(if-index) {if-mib}? 7289 | | | | +--rw if-index? uint32 7290 | | | +--:(if-name) {if-mib}? 7291 | | | +--rw if-name? string 7292 | | +--rw destination 7293 | | | +--rw (destination-method) 7294 | | | +--:(destination-address) 7295 | | | +--rw destination-address? inet:host 7296 | | +--rw maximum-packet-size? uint16 7297 | | +--rw template-refresh-timeout? uint32 7298 | | +--rw options-template-refresh-timeout? uint32 7299 | | +--rw template-refresh-packet? uint32 7300 | | +--rw options-template-refresh-packet? uint32 7301 | | +--ro transport-session 7302 | | +--ro ipfix-version? 7303 | | | uint16 7304 | | +--ro source-address? 7305 | | | inet:host 7306 | | +--ro destination-address? 7307 | | | inet:host 7308 | | +--ro source-port? 7309 | | | inet:port-number 7310 | | +--ro destination-port? 7311 | | | inet:port-number 7312 | | +--ro status? 7313 | | | transport-session-status 7314 | | +--ro rate? 7315 | | | yang:gauge32 7316 | | +--ro bytes? 7317 | | | yang:counter64 7318 | | +--ro messages? 7319 | | | yang:counter64 7320 | | +--ro discarded-messages? 7321 | | | yang:counter64 7322 | | +--ro records? 7323 | | | yang:counter64 7324 | | +--ro templates? 7325 | | | yang:counter32 7326 | | +--ro options-templates? 7327 | | | yang:counter32 7328 | | +--ro transport-session-start-time? 7329 | | | yang:date-and-time 7330 | | +--ro transport-session-discontinuity-time? 7331 | | | yang:date-and-time 7332 | | +--ro template* [] 7333 | | +--ro observation-domain-id? uint32 7334 | | +--ro template-id? uint16 7335 | | +--ro set-id? uint16 7336 | | +--ro access-time? 7337 | | | yang:date-and-time 7338 | | +--ro template-data-records? 7339 | | | yang:counter64 7340 | | +--ro template-discontinuity-time? 7341 | | | yang:date-and-time 7342 | | +--ro field* [] 7343 | | +--ro ie-id? ie-id-type 7344 | | +--ro ie-length? uint16 7345 | | +--ro ie-enterprise-number? uint32 7346 | | +--ro is-flow-key? empty 7347 | | +--ro is-scope? empty 7348 | +--:(sctp-exporter) 7349 | | +--rw sctp-exporter {sctp-transport}? 7350 | | +--rw ipfix-version? uint16 7351 | | +--rw destination-port? 7352 | | | inet:port-number 7353 | | +--rw send-buffer-size? uint32 7354 | | +--rw rate-limit? uint32 7355 | | +--rw transport-layer-security! 7356 | | | +--rw local-certification-authority-dn* 7357 | | | | string 7358 | | | +--rw local-subject-dn* 7359 | | | | string 7360 | | | +--rw local-subject-fqdn* 7361 | | | | inet:domain-name 7362 | | | +--rw remote-certification-authority-dn* 7363 | | | | string 7364 | | | +--rw remote-subject-dn* 7365 | | | | string 7366 | | | +--rw remote-subject-fqdn* 7367 | | | inet:domain-name 7368 | | +--rw source 7369 | | | +--rw (source-method)? 7370 | | | +--:(source-address) 7371 | | | | +--rw source-address? inet:host 7372 | | | +--:(interface-ref) 7373 | | | | +--rw interface-ref? if:interface-ref 7374 | | | +--:(if-index) {if-mib}? 7375 | | | | +--rw if-index? uint32 7376 | | | +--:(if-name) {if-mib}? 7377 | | | +--rw if-name? string 7378 | | +--rw destination 7379 | | | +--rw (destination-method) 7380 | | | +--:(destination-address) 7381 | | | +--rw destination-address? inet:host 7382 | | +--rw timed-reliability? uint32 7383 | | +--ro transport-session 7384 | | +--ro sctp-association-id? 7385 | | | uint32 7386 | | +--ro ipfix-version? 7387 | | | uint16 7388 | | +--ro source-address? 7389 | | | inet:host 7390 | | +--ro destination-address? 7391 | | | inet:host 7392 | | +--ro source-port? 7393 | | | inet:port-number 7394 | | +--ro destination-port? 7395 | | | inet:port-number 7396 | | +--ro status? 7397 | | | transport-session-status 7398 | | +--ro rate? 7399 | | | yang:gauge32 7400 | | +--ro bytes? 7401 | | | yang:counter64 7402 | | +--ro messages? 7403 | | | yang:counter64 7404 | | +--ro discarded-messages? 7405 | | | yang:counter64 7406 | | +--ro records? 7407 | | | yang:counter64 7408 | | +--ro templates? 7409 | | | yang:counter32 7410 | | +--ro options-templates? 7411 | | | yang:counter32 7412 | | +--ro transport-session-start-time? 7413 | | | yang:date-and-time 7414 | | +--ro transport-session-discontinuity-time? 7415 | | | yang:date-and-time 7416 | | +--ro template* [] 7417 | | +--ro observation-domain-id? uint32 7418 | | +--ro template-id? uint16 7419 | | +--ro set-id? uint16 7420 | | +--ro access-time? 7421 | | | yang:date-and-time 7422 | | +--ro template-data-records? 7423 | | | yang:counter64 7424 | | +--ro template-discontinuity-time? 7425 | | | yang:date-and-time 7426 | | +--ro field* [] 7427 | | +--ro ie-id? ie-id-type 7428 | | +--ro ie-length? uint16 7429 | | +--ro ie-enterprise-number? uint32 7430 | | +--ro is-flow-key? empty 7431 | | +--ro is-scope? empty 7432 | +--:(file-writer) 7433 | +--rw file-writer {file-writer}? 7434 | +--rw ipfix-version? uint16 7435 | +--rw file inet:uri 7436 | +--ro file-writer-state 7437 | +--ro bytes? 7438 | | yang:counter64 7439 | +--ro messages? 7440 | | yang:counter64 7441 | +--ro discarded-messages? 7442 | | yang:counter64 7443 | +--ro records? 7444 | | yang:counter64 7445 | +--ro templates? 7446 | | yang:counter32 7447 | +--ro options-templates? 7448 | | yang:counter32 7449 | +--ro file-writer-discontinuity-time? 7450 | | yang:date-and-time 7451 | +--ro template* [] 7452 | +--ro observation-domain-id? uint32 7453 | +--ro template-id? uint16 7454 | +--ro set-id? uint16 7455 | +--ro access-time? 7456 | | yang:date-and-time 7457 | +--ro template-data-records? 7458 | | yang:counter64 7459 | +--ro template-discontinuity-time? 7460 | | yang:date-and-time 7461 | +--ro field* [] 7462 | +--ro ie-id? ie-id-type 7463 | +--ro ie-length? uint16 7464 | +--ro ie-enterprise-number? uint32 7465 | +--ro is-flow-key? empty 7466 | +--ro is-scope? empty 7467 +--rw options* [name] 7468 | +--rw name name-type 7469 | +--rw options-type identityref 7470 | +--rw options-timeout? uint32 7471 +--ro exporting-process-id? uint32 7473 D.2. ietf-psamp 7475 The complete tree diagram for ietf-psamp: 7477 module: ietf-psamp 7478 augment /ietf-ipfix:ipfix: 7479 +--rw psamp 7480 +--rw observation-point* [name] 7481 | +--rw name ietf-ipfix:name-type 7482 | +--rw observation-domain-id uint32 7483 | +--rw interface-ref* if:interface-ref 7484 | +--rw if-name* if-name-type {if-mib}? 7485 | +--rw if-index* uint32 {if-mib}? 7486 | +--rw hardware-ref* hardware-ref 7487 | +--rw ent-physical-name* string {entity-mib}? 7488 | +--rw ent-physical-index* uint32 {entity-mib}? 7489 | +--rw direction? direction 7490 | +--rw selection-process* 7491 | | -> /ietf-ipfix:ipfix/psamp/selection-process/name 7492 | +--ro observation-point-id? uint32 7493 +--rw selection-process* [name] 7494 | +--rw name ietf-ipfix:name-type 7495 | +--rw selector* [name] 7496 | | +--rw name 7497 | | | ietf-ipfix:name-type 7498 | | +--rw (method) 7499 | | | +--:(select-all) 7500 | | | | +--rw select-all? empty 7501 | | | +--:(samp-count-based) 7502 | | | | +--rw samp-count-based {psamp-samp-count-based}? 7503 | | | | +--rw packet-interval uint32 7504 | | | | +--rw packet-space uint32 7505 | | | +--:(samp-time-based) 7506 | | | | +--rw samp-time-based {psamp-samp-time-based}? 7507 | | | | +--rw time-interval uint32 7508 | | | | +--rw time-space uint32 7509 | | | +--:(samp-rand-out-of-n) 7510 | | | | +--rw samp-rand-out-of-n 7511 | | | | {psamp-samp-rand-out-of-n}? 7512 | | | | +--rw size uint32 7513 | | | | +--rw population uint32 7514 | | | +--:(samp-uni-prob) 7515 | | | | +--rw samp-uni-prob {psamp-samp-uni-prob}? 7516 | | | | +--rw probability decimal64 7517 | | | +--:(filter-match) 7518 | | | | +--rw filter-match {psamp-filter-match}? 7519 | | | | +--rw (information-element) 7520 | | | | | +--:(ie-name) 7521 | | | | | | +--rw ie-name? 7522 | | | | | | ietf-ipfix:ie-name-type 7523 | | | | | +--:(ie-id) 7524 | | | | | +--rw ie-id? 7525 | | | | | ietf-ipfix:ie-id-type 7526 | | | | +--rw ie-enterprise-number? uint32 7527 | | | | +--rw value string 7528 | | | +--:(filter-hash) 7529 | | | +--rw filter-hash {psamp-filter-hash}? 7530 | | | +--rw hash-function? identityref 7531 | | | +--rw initializer-value? uint64 7532 | | | +--rw ip-payload-offset? uint64 7533 | | | +--rw ip-payload-size? uint64 7534 | | | +--rw digest-output? boolean 7535 | | | +--rw selected-range* [name] 7536 | | | | +--rw name ietf-ipfix:name-type 7537 | | | | +--rw min? uint64 7538 | | | | +--rw max? uint64 7539 | | | +--ro output-range-min? uint64 7540 | | | +--ro output-range-max? uint64 7541 | | +--ro packets-observed? yang:counter64 7542 | | +--ro packets-dropped? yang:counter64 7543 | | +--ro selector-discontinuity-time? yang:date-and-time 7544 | +--rw cache? 7545 | | -> /ietf-ipfix:ipfix/psamp/cache/name 7546 | +--ro selection-sequence* [] 7547 | +--ro observation-domain-id? uint32 7548 | +--ro selection-sequence-id? uint64 7549 +--rw cache* [name] 7550 +--rw name ietf-ipfix:name-type 7551 +--rw enabled? boolean 7552 +--rw (cache-type) 7553 | +--:(immediate-cache) 7554 | | +--rw immediate-cache {immediate-cache}? 7555 | | +--rw cache-layout 7556 | | +--rw cache-field* [name] 7557 | | +--rw name 7558 | | | ietf-ipfix:name-type 7559 | | +--rw (information-element) 7560 | | | +--:(ie-name) 7561 | | | | +--rw ie-name? 7562 | | | | ietf-ipfix:ie-name-type 7563 | | | +--:(ie-id) 7564 | | | +--rw ie-id? 7565 | | | ietf-ipfix:ie-id-type 7566 | | +--rw ie-length? uint16 7567 | | +--rw ie-enterprise-number? uint32 7568 | | +--rw is-flow-key? empty 7569 | +--:(timeout-cache) 7570 | | +--rw timeout-cache {timeout-cache}? 7571 | | +--rw max-flows? uint32 7572 | | +--rw active-timeout? uint32 7573 | | +--rw idle-timeout? uint32 7574 | | +--rw export-interval? uint32 7575 | | +--rw cache-layout 7576 | | | +--rw cache-field* [name] 7577 | | | +--rw name 7578 | | | | ietf-ipfix:name-type 7579 | | | +--rw (information-element) 7580 | | | | +--:(ie-name) 7581 | | | | | +--rw ie-name? 7582 | | | | | ietf-ipfix:ie-name-type 7583 | | | | +--:(ie-id) 7584 | | | | +--rw ie-id? 7585 | | | | ietf-ipfix:ie-id-type 7586 | | | +--rw ie-length? uint16 7587 | | | +--rw ie-enterprise-number? uint32 7588 | | | +--rw is-flow-key? empty 7589 | | +--ro active-flows? yang:gauge32 7590 | | +--ro unused-cache-entries? yang:gauge32 7591 | +--:(natural-cache) 7592 | | +--rw natural-cache {natural-cache}? 7593 | | +--rw max-flows? uint32 7594 | | +--rw active-timeout? uint32 7595 | | +--rw idle-timeout? uint32 7596 | | +--rw export-interval? uint32 7597 | | +--rw cache-layout 7598 | | | +--rw cache-field* [name] 7599 | | | +--rw name 7600 | | | | ietf-ipfix:name-type 7601 | | | +--rw (information-element) 7602 | | | | +--:(ie-name) 7603 | | | | | +--rw ie-name? 7604 | | | | | ietf-ipfix:ie-name-type 7605 | | | | +--:(ie-id) 7606 | | | | +--rw ie-id? 7607 | | | | ietf-ipfix:ie-id-type 7608 | | | +--rw ie-length? uint16 7609 | | | +--rw ie-enterprise-number? uint32 7610 | | | +--rw is-flow-key? empty 7611 | | +--ro active-flows? yang:gauge32 7612 | | +--ro unused-cache-entries? yang:gauge32 7613 | +--:(permanent-cache) 7614 | +--rw permanent-cache {permanent-cache}? 7615 | +--rw max-flows? uint32 7616 | +--rw active-timeout? uint32 7617 | +--rw idle-timeout? uint32 7618 | +--rw export-interval? uint32 7619 | +--rw cache-layout 7620 | | +--rw cache-field* [name] 7621 | | +--rw name 7622 | | | ietf-ipfix:name-type 7623 | | +--rw (information-element) 7624 | | | +--:(ie-name) 7625 | | | | +--rw ie-name? 7626 | | | | ietf-ipfix:ie-name-type 7627 | | | +--:(ie-id) 7628 | | | +--rw ie-id? 7629 | | | ietf-ipfix:ie-id-type 7630 | | +--rw ie-length? uint16 7631 | | +--rw ie-enterprise-number? uint32 7632 | | +--rw is-flow-key? empty 7633 | +--ro active-flows? yang:gauge32 7634 | +--ro unused-cache-entries? yang:gauge32 7635 +--rw exporting-process* 7636 | -> /ietf-ipfix:ipfix/exporting-process/name 7637 | {ietf-ipfix:exporter}? 7638 +--ro metering-process-id? uint32 7639 +--ro data-records? yang:counter64 7640 +--ro cache-discontinuity-time? yang:date-and-time 7642 D.3. ietf-bulk-data-export 7644 The complete tree diagram for ietf-bulk-data-export: 7646 module: ietf-bulk-data-export 7647 augment /ietf-ipfix:ipfix: 7648 +--rw bulk-data-export 7649 +--rw template* [name] 7650 +--rw name ietf-ipfix:name-type 7651 +--rw enabled? boolean 7652 +--rw export-interval? uint32 7653 +--rw observation-domain-id? uint32 7654 +--rw field-layout 7655 | +--rw field* [name] 7656 | +--rw name ietf-ipfix:name-type 7657 | +--rw (identifier) 7658 | | +--:(ie-id) 7659 | | +--rw ie-id? ietf-ipfix:ie-id-type 7660 | +--rw ie-length? uint16 7661 | +--rw ie-enterprise-number? uint32 7662 +--rw exporting-process* 7663 | -> /ietf-ipfix:ipfix/exporting-process/name 7664 | {ietf-ipfix:exporter}? 7665 +--rw resource* resource 7666 +--ro data-records? yang:counter64 7667 +--ro discontinuity-time? yang:date-and-time 7669 Authors' Addresses 7670 Joey Boyd 7671 ADTRAN 7673 Email: joey.boyd@adtran.com 7675 Marta Seda 7676 Calix 7678 Email: marta.seda@calix.com