idnits 2.17.1 draft-boydseda-ipfix-psamp-bulk-data-yang-model-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 1 instance of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 962 has weird spacing: '...main-id uin...' == Line 1158 has weird spacing: '...nterval uin...' == Line 1162 has weird spacing: '...nterval uin...' == Line 1168 has weird spacing: '...ulation uin...' == Line 1171 has weird spacing: '...ability dec...' == (9 more instances...) -- The document date (March 9, 2020) is 1509 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Downref: Normative reference to an Informational RFC: RFC 3871 ** Obsolete normative reference: RFC 4960 (Obsoleted by RFC 9260) ** Obsolete normative reference: RFC 6347 (Obsoleted by RFC 9147) Summary: 3 errors (**), 0 flaws (~~), 8 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group J. Boyd 3 Internet-Draft ADTRAN 4 Obsoletes: 6728 (if approved) M. Seda 5 Intended status: Standards Track Calix 6 Expires: September 10, 2020 March 9, 2020 8 YANG Data Models for the IP Flow Information Export (IPFIX) Protocol, 9 Packet Sampling (PSAMP) Protocol, and Bulk Data Export 10 draft-boydseda-ipfix-psamp-bulk-data-yang-model-03 12 Abstract 14 This document defines a flexible, modular YANG model for packet 15 sampling (PSAMP) and bulk data collection and export via the IPFIX 16 protocol. This new model replaces the model defined in RFC 6728, 17 "Configuration Data Model for the IP Flow Information Export (IPFIX) 18 and Packet Sampling (PSAMP) Protocols". All functionality modeled in 19 RFC 6728 has been carried over to this new model. 21 The YANG data models in this document conform to the Network 22 Management Datastore Architecture (NMDA) defined in RFC 8342. 24 This document obsoletes RFC 6728 (if approved). 26 Status of This Memo 28 This Internet-Draft is submitted in full conformance with the 29 provisions of BCP 78 and BCP 79. 31 Internet-Drafts are working documents of the Internet Engineering 32 Task Force (IETF). Note that other groups may also distribute 33 working documents as Internet-Drafts. The list of current Internet- 34 Drafts is at https://datatracker.ietf.org/drafts/current/. 36 Internet-Drafts are draft documents valid for a maximum of six months 37 and may be updated, replaced, or obsoleted by other documents at any 38 time. It is inappropriate to use Internet-Drafts as reference 39 material or to cite them other than as "work in progress." 41 This Internet-Draft will expire on September 10, 2020. 43 Copyright Notice 45 Copyright (c) 2020 IETF Trust and the persons identified as the 46 document authors. All rights reserved. 48 This document is subject to BCP 78 and the IETF Trust's Legal 49 Provisions Relating to IETF Documents 50 (https://trustee.ietf.org/license-info) in effect on the date of 51 publication of this document. Please review these documents 52 carefully, as they describe your rights and restrictions with respect 53 to this document. Code Components extracted from this document must 54 include Simplified BSD License text as described in Section 4.e of 55 the Trust Legal Provisions and are provided without warranty as 56 described in the Simplified BSD License. 58 Table of Contents 60 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 61 1.1. Historical Perspective . . . . . . . . . . . . . . . . . 4 62 1.2. Relationship to RFC 6728 . . . . . . . . . . . . . . . . 5 63 1.3. Terminology . . . . . . . . . . . . . . . . . . . . . . . 6 64 1.4. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 14 65 2. Objectives . . . . . . . . . . . . . . . . . . . . . . . . . 14 66 3. Structure of the Configuration Data Model . . . . . . . . . . 14 67 3.1. PSAMP-IPFIX Metered Model . . . . . . . . . . . . . . . . 16 68 3.1.1. Metering Process Decomposition in Selection Process 69 and Cache . . . . . . . . . . . . . . . . . . . . . . 16 70 3.1.2. Exporter Configuration . . . . . . . . . . . . . . . 17 71 3.2. Collector/Exporter Model . . . . . . . . . . . . . . . . 19 72 3.2.1. Collector/Exporter Decomposition . . . . . . . . . . 20 73 3.3. Bulk Data Exporter Model . . . . . . . . . . . . . . . . 20 74 3.3.1. Bulk Data Exporter Decomposition . . . . . . . . . . 20 75 4. Configuration and State Parameters . . . . . . . . . . . . . 21 76 4.1. Observation Point Class . . . . . . . . . . . . . . . . . 21 77 4.2. Selection Process Class . . . . . . . . . . . . . . . . . 23 78 4.2.1. Selection Process Class Method . . . . . . . . . . . 24 79 4.2.2. Selection Process Filter Classes . . . . . . . . . . 27 80 4.3. Cache Class . . . . . . . . . . . . . . . . . . . . . . . 30 81 4.3.1. Immediate Cache Type Class . . . . . . . . . . . . . 31 82 4.3.2. Timeout Cache, Natural Cache, and Permanent Cache 83 Type Class . . . . . . . . . . . . . . . . . . . . . 32 84 4.3.3. Cache Layout Class . . . . . . . . . . . . . . . . . 34 85 4.4. Exporting Process Class . . . . . . . . . . . . . . . . . 37 86 4.4.1. SCTP Exporter Class . . . . . . . . . . . . . . . . . 39 87 4.4.2. UDP Exporter Class . . . . . . . . . . . . . . . . . 42 88 4.4.3. TCP Exporter Class . . . . . . . . . . . . . . . . . 44 89 4.4.4. File Writer Class . . . . . . . . . . . . . . . . . . 44 90 4.4.5. Options Class . . . . . . . . . . . . . . . . . . . . 46 91 4.5. Collecting Process Class . . . . . . . . . . . . . . . . 47 92 4.5.1. SCTP Collector Class . . . . . . . . . . . . . . . . 48 93 4.5.2. UDP Collector Class . . . . . . . . . . . . . . . . . 49 94 4.5.3. TCP Collector Class . . . . . . . . . . . . . . . . . 50 95 4.5.4. File Reader Class . . . . . . . . . . . . . . . . . . 51 97 4.6. Transport Layer Security Class . . . . . . . . . . . . . 52 98 4.7. Transport Session Class . . . . . . . . . . . . . . . . . 55 99 4.8. Template Class . . . . . . . . . . . . . . . . . . . . . 58 100 4.9. Bulk Data Class . . . . . . . . . . . . . . . . . . . . . 60 101 5. Adaptation to Device Capabilities . . . . . . . . . . . . . . 62 102 6. YANG Modules . . . . . . . . . . . . . . . . . . . . . . . . 64 103 6.1. ietf-ipfix . . . . . . . . . . . . . . . . . . . . . . . 64 104 6.1.1. ietf-ipfix Module Structure . . . . . . . . . . . . . 64 105 6.1.2. ietf-ipfix YANG Module . . . . . . . . . . . . . . . 65 106 6.2. ietf-ipfix-packet-sampling . . . . . . . . . . . . . . . 112 107 6.2.1. ietf-ipfix-packet-sampling Module Structure . . . . . 112 108 6.2.2. ietf-ipfix-packet-sampling YANG module . . . . . . . 113 109 6.3. ietf-ipfix-bulk-data-export . . . . . . . . . . . . . . . 143 110 6.3.1. ietf-ipfix-bulk-data-export Module Structure . . . . 143 111 6.3.2. ietf-ipfix-bulk-data-export YANG module . . . . . . . 144 112 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 150 113 8. Security Considerations . . . . . . . . . . . . . . . . . . . 151 114 9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 153 115 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 153 116 10.1. Normative References . . . . . . . . . . . . . . . . . . 153 117 10.2. Informative References . . . . . . . . . . . . . . . . . 156 118 Appendix A. Example: ietf-ipfix Usage . . . . . . . . . . . . . 157 119 Appendix B. Example: ietf-ipfix-packet-sampling Usage . . . . . 159 120 Appendix C. Example: ietf-ipfix-bulk-data-export Usage . . . . . 162 121 Appendix D. Tree diagrams . . . . . . . . . . . . . . . . . . . 164 122 D.1. ietf-ipfix . . . . . . . . . . . . . . . . . . . . . . . 164 123 D.2. ietf-ipfix-packet-sampling . . . . . . . . . . . . . . . 175 124 D.3. ietf-ipfix-bulk-data-export . . . . . . . . . . . . . . . 178 125 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 179 127 1. Introduction 129 Bulk data collection is an automated collection of device data that 130 is packaged together and delivered to an IPFIX collector. The IPFIX 131 protocol may be used to transport bulk data such as: 133 o Sampled (metered) Packet SAMPling (PSAMP) data: [RFC5476] defines 134 PSAMP operations that a device may implement to sample packets 135 passing through a network element for reporting purposes. 137 o Statistics from interfaces and sessions: YANG models define 138 statistics that can be retrieved via protocols such as NETCONF 139 [RFC6241] or RESTCONF [RFC8040]. These statistics can be streamed 140 using an IPFIX transport to an IPFIX collector that supports 141 analytics tools. An operator may wish to take the bulk data and 142 analyze it for trend analysis purposes or other usages (e.g., 143 collect octet counts every 5 minutes for service level agreement 144 purposes or collect reported device temperature for network health 145 purposes). 147 IPFIX can also be used to meet the bulk transport requirements of 148 other protocols. For example: 150 o [BBF.TR-352] ICTP (Inter-Channel Transport Protocol): ICTP uses 151 IPFIX to transport dynamic data (e.g., lease information) across 152 participating NG-PON2 (Next-Generation Passive Optical Network 2) 153 systems. 155 The YANG data models in this document conform to the Network 156 Management Datastore Architecture (NMDA) defined in [RFC8342]. 158 1.1. Historical Perspective 160 Below is a historical timeline of IETF IPFIX and YANG RFCs: 162 o [RFC7011] (2013) defines the IPFIX protocol; it obsoleted RFC 5101 163 (2008). 165 o [RFC5476] (2009) defines the PSAMP operations of selection (random 166 selection, deterministic selection or hash-based selection) for 167 capturing or metering packets arriving on a device. 169 o RFC 6020 (2010) and [RFC7950] (2016) define v1.0 and v1.1 of the 170 YANG data modeling language (respectively), and [RFC8342] (2018) 171 updates RFC 7950 to define NMDA (Network Management Datastore 172 Architecture). 174 o [RFC6728] (2012) defined a Packet SAMPling (PSAMP) YANG model for 175 devices that use PSAMP for capturing (for metering purposes) a 176 subset of all packets traversing a device. 178 o [RFC8343] (2018) defines a YANG data model for interfaces; it 179 obsoleted RFC 7223 (2014). 181 o IETF, IEEE, Broadband Forum etc. (2015 to 2018) have incorporated 182 reporting of statistics into corresponding YANG models (G.fast, 183 PON, etc.). 185 [RFC6728] defines a single YANG module for the IP Flow Information 186 Export (IPFIX) and Packet Sampling (PSAMP) protocols. The PSAMP 187 collecting process and the IPFIX exporting process are tightly 188 coupled in this module. Moreover, the exporting process requires a 189 device to support SCTP. This coupling and transport requirement 190 makes it difficult for a device, which does not support SCTP, to use 191 the model for collecting and exporting non-PSAMP bulk data. 193 o [BBF.TR-352] supports only TCP and TLS as IPFIX transport 194 protocols. The [RFC6728] YANG model does not allow for explicit 195 non-support for SCTP, therefore requiring the need for YANG 196 deviations to announce non-support. 198 o The PSAMP meter does not need to be configured if the observation 199 point is already defined by other YANG models. One could attempt 200 to augment PSAMP YANG to reference where the observation point is 201 being configured (but then would have to express feature "non- 202 support" on features unlikely to be needed or required by 203 devices). 205 Rather than this approach, a new YANG model has been developed where 206 functionality is separated into different modules such that the 207 functions can be independently leveraged. 209 These are some of the other issues with the current model: 211 o The PSAMP YANG model defines the frequency of export in the PSAMP 212 cache. Bulk data needs the export frequency to be controlled by 213 the exporting process. 215 o The PSAMP YANG model supports IPFIX mediators. Devices may need 216 to support large IPFIX mediation functions. 218 o The PSAMP YANG model contains references which correlate to MIB 219 definitions. For example, interfaces are referenced via ifIndex. 220 For most NETCONF managed devices, interfaces are referenced by 221 name as defined in [RFC8343]. 223 1.2. Relationship to RFC 6728 225 This RFC adheres to all principles defined in [RFC6728], however, in 226 order to address the issues identified in the previous section, the 227 YANG model has changed as follows: 229 o The YANG model is divided into the following three modules: 231 * ietf-ipfix: Defines the IPFIX collector and exporter functions. 233 * ietf-ipfix-packet-sampling: Defines the PSAMP functions for 234 configuring a device to sample/meter a subset of packets from 235 the network. 237 * ietf-ipfix-bulk-data-export: Defines the bulk data IPFIX 238 templates used to export bulk data. 240 o SCTP data nodes are made optional via the 'sctp' feature for 241 applications not requiring to support SCTP. 243 o The YANG model adds support for [RFC8343] interface and [RFC8348] 244 hardware component references. 246 * The ability to reference via the interface list in ietf- 247 interfaces [RFC8343] is added alongside the ifName and ifIndex. 249 * The ability to reference via the hardware component list in 250 ietf-hardware [RFC8348] is added alongside the entPhysicalName 251 and entPhysicalIndex. 253 o IPFIX transport sessions allow transport session information to be 254 retrieved individually. 256 * The transport sessions are modeled such that they can be 257 retrieved individually in addition to retrieving the entire 258 list (which may be quite large for devices such as an NG-PON2 259 OLT). 261 o Source and destination address type choice statements are added to 262 improve extensibility of the model. 264 o This RFC conforms to the [RFC8407] YANG data model guidelines. 266 Applications that use this RFC are expected to only need to import 267 the applicable YANG modules. For example: 269 o PSAMP uses the ietf-ipfix and ietf-ipfix-packet-sampling modules. 271 o Bulk data export uses the ietf-ipfix and ietf-ipfix-bulk-data- 272 export modules. 274 o Mediators and file readers/writers use only the ietf-ipfix module. 276 1.3. Terminology 278 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 279 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 280 "OPTIONAL" in this document are to be interpreted as described in BCP 281 14 [RFC2119] [RFC8174] when, and only when, they appear in all 282 capitals, as shown here. 284 The following terms are used in this RFC: 286 Bulk Data 287 Bulk data is the collection of configuration and/or state data 288 from a device. 290 Cache 291 The Cache is a functional block in a Metering Process that 292 generates IPFIX Flow Records or PSAMP Packet Reports from a 293 Selected Packet Stream, in accordance with its configuration. If 294 Flow Records are generated, the Cache performs tasks like creating 295 new records, updating existing ones, computing Flow statistics, 296 deriving further Flow properties, detecting Flow expiration, 297 passing Flow Records to the Exporting Process, and deleting Flow 298 Records. If Packet Reports are generated, the Cache performs 299 tasks like extracting packet contents and derived packet 300 properties from the Selected Packet Stream, creating new records, 301 and passing them as Packet Reports to the Exporting Process. 303 Cache Layout 304 The Cache Layout defines the superset of fields that are included 305 in the Packet Reports or Flow Records maintained by the Cache. 306 The fields are specified by the corresponding Information 307 Elements. In general, the largest possible subset of the 308 specified fields is derived for every Packet Report or Flow 309 Record. More specific rules about which fields must be included 310 are given in Section 4.3.3. 312 Collector 313 A device that hosts one or more Collecting Processes is termed a 314 Collector. [RFC7011] 316 Collecting Process 317 A Collecting Process received IPFIX messages from one or more 318 Exporting Processes. The Collecting Process might process or 319 store received Flow Records received within these Messages, but 320 such actions are out of scope for this document. [RFC7011] 322 Composite Selector 323 A Composite Selector is an ordered composition of Selectors, in 324 which the output Packet Stream issuing from one Selector forms the 325 input Packet Stream to the succeeding Selector. [RFC5476] 327 Data Record 328 A Data Record is a record that contains values of the parameters 329 corresponding to a Template Record. [RFC7011] 331 Exporter 332 A device that hosts one or more Exporting Process is termed an 333 Exporter. [RFC7011] 335 Exporting Process 336 Depending on its deployment as part of an IPFIX Device or PSAMP 337 Device, the Exporting Process sends IPFIX Flow Records or PSAMP 338 Packet Reports to one or more Collecting Processes. The IPFIX 339 Flow Records or PSAMP Packet Reports are generated by one or more 340 Metering Processes. 342 Filtering 343 A filter is a Selector that selects a packet deterministically 344 based on the Packet Content, or its treatment, or functions of 345 these occurring in the Selection State. Two examples are: 347 * Property Match filtering: A packet is selected if the specific 348 field in the packet equals a predefined value. 350 * Hash-based Selection: A Hash Function is applied to the packet 351 content and the packet is selected if the result falls in a 352 specific range. [RFC5476] 354 Flow Key 355 Each of the fields that: 357 * belong to the packet header (e.g., destination IP address), or 359 * are a property of the packet itself (e.g., packet length), or 361 * are derived from Packet Treatment (e.g., Autonomous System (AS) 362 number), 364 and that are used to define a Flow (i.e., are the properties 365 common to all packets in the Flow) are termed Flow Keys. As an 366 example, the traditional '5-tuple' Flow Key of source and 367 destination IP address, source and destination transport port, and 368 transport protocol, groups together all packets belonging to a 369 single direction of communication on a single socket. [RFC7011] 371 Flow Record 372 A Flow Record contains information about a specific Flow that was 373 observed at an Observation Point. A Flow Record contains measured 374 properties of the Flow (e.g., the total number of bytes for all 375 the Flow's packets) and usually contains characteristic properties 376 of the Flow (e.g., source IP address). [RFC7011] 378 Information Element 379 An Information Element is a protocol and encoding independent 380 description of an attribute that may appear in an IPFIX record. 381 Information Elements are defined in the [IANA-IPFIX] Registry]. 382 The type associated with an Information Element indicates 383 constraints on what it may contain and also determines the valid 384 encoding mechanisms for use in IPFIX. [RFC7011] 386 IPFIX Device 387 An IPFIX Device hosts at least one Exporting Process. It may host 388 further Exporting Processes as well as arbitrary number of 389 Observation Points and Metering Processes. [RFC7011] 391 IPFIX File 392 An IPFIX File is a serialized stream of IPFIX Messages; this 393 stream may be stored in a filesystem or transported using some 394 technique customarily used for files. Any IPFIX Message stream 395 that would be considered valid when transported over one or more 396 of the specified IPFIX transports (Stream Control Transmission 397 Protocol (SCTP), TCP, or UDP) as defined in [RFC7011] is 398 considered an IPFIX File. [RFC5655] extends that definition with 399 recommendations on the construction of IPFIX Files. [RFC5655] 401 IPFIX File Writer 402 An IPFIX File Writer is a process that writes IPFIX Files to a 403 filesystem. An IPFIX File Writer operates as an IPFIX Exporting 404 Process as specified in [RFC7011] except as modified by [RFC5655]. 406 IPFIX Mediator 407 An IPFIX Mediator is an IPFIX Device that provides IPFIX Mediation 408 by receiving a record stream from some data sources, hosting one 409 or more Intermediate Processes to transform that stream, and 410 exporting the transformed record stream into IPFIX Messages via an 411 Exporting Process. In the common case, an IPFIX Mediator receives 412 a record stream from a Collecting Process, but it could also 413 receive a record stream from the data sources not encoded using 414 IPFIX, e.g., in the case of conversion from the Netflow V9 415 protocol [RFC3954] to IPFIX protocol. [RFC7119] 417 IPFIX Message 418 An IPFIX Message is a message that originates at the Exporting 419 Process and carries the IPFIX records of this Exporting Process 420 and whose destination is a Collecting Process. An IPFIX Message 421 is encapsulated at the transport layer. [RFC7011] 423 Metering Process 424 The Metering Process is split into two functional blocks: 426 * Selection Process: A Selection Process takes the Observed 427 Packet Stream as its input and selects a subset of that stream 428 as its output. 430 * Cache: The Cache is a functional block in a Metering Process 431 that generates IPFIX Flow Records or PSAMP Packet Reports from 432 a Selected Packet Stream, in accordance with its configuration. 434 The Metering Process generates IPFIX Flow Records or PSAMP Packet 435 Reports, depending on its deployment as part of an IPFIX Device or 436 PSAMP Device. If IPFIX Flow Records are generated, the Metering 437 Process MUST NOT aggregate packets observed at different 438 Observation Domains in the same Flow. 440 Monitoring Device 441 A Monitoring Device implements at least one of the functional 442 blocks specified in the context of IPFIX or PSAMP. In particular, 443 the term Monitoring Device encompasses Exporters, Collectors, 444 IPFIX Devices, and PSAMP Devices. 446 Observation Domain 447 An Observation Domain is the largest set of Observation Points for 448 which Flow Information can be aggregated by a Metering Process. 449 For example, a router line card may be an Observation Domain if it 450 is composed of several interfaces, each of which is an Observation 451 Point. If the IPFIX Message it generates, the Observation Domain 452 includes it Observation Domain ID, which is unique per Exporting 453 Process. That way, the Collecting Process can identify the 454 specific Observation Domain from the Exporter that sends the IPFIX 455 Messages. Every Observation Point is associated with an 456 Observation Domain. It is RECOMMENDED that Observation Domain IDs 457 also be unique per IPFIX Device. [RFC7011] 459 Observation Point 460 An Observation Point is a location in the network where packets 461 can be observed. Examples include a line to which a probe is 462 attached, a shared medium, such as an Ethernet based LAN, a single 463 port of a router, or a set of interfaces (physical or logical) of 464 a router. Note that every Observation Point is associated with an 465 Observation Domain and that one Observation Point may be a 466 superset of several other Observation Points. For example, on 467 Observation Point can be an entire line card. That would be a 468 subset of the individual Observation Points at the line card's 469 interfaces. [RFC7011] 471 Options Template Record 472 An Options Template Record is a Template Record that defines the 473 structure and interpretation of fields in a Data Record, including 474 defining how to scope the applicability of the Data Record. 475 [RFC7011] 477 Options Template/Options Template Set 478 An Options Template Set is a collection of one or more Options 479 Template Records that have been grouped together in an IPFIX 480 Message. [RFC7011] 482 Packet Report 483 Packet Reports comprise a configurable subset of a packet's input 484 to the Selection Process include the packet content, information 485 relating to its treatment (e.g., the output interface) and its 486 associated selection state (e.g., the hash of a packet content). 487 [RFC5476] 489 Primitive Selector 490 A Selector is primitive if it is not a Composite Selector. 491 [RFC5476] 493 PSAMP Device 494 A PSAMP device is a device hosting at least an Observation Point, 495 a Selection Process and an Exporting Process. Typically 496 corresponding Observation Point(s), Selection Process(es) and 497 Exporting Process(es) are co-located at this device, for example, 498 at a router. [RFC5476] 500 Reverse Information Element 501 An Information Element defined as corresponding to a normal (or 502 forward) Information Element, but associated with the reverse 503 direction of a Biflow. [RFC5103] 505 Sampling 506 A Selector that is not a filter is called a Sampling operation. 507 This reflects the intuitive notion that if the selection of a 508 packet cannot be determine from its content alone, there must be 509 some type of Sampling taking place. [RFC5476] 511 Selected Packet Stream 512 The Selected Packet Stream is the set of all packets selected by a 513 Selection Process. 515 Selection Process 516 A Selection Process takes the Observed Packet Stream as its input 517 and selects a subset of that stream as its output. [RFC5476] 519 Selection Sequence 520 From all the packets observed at an Observation Point, only a few 521 packets are selected by one or more Selectors. The Selection 522 Sequence is a unique value per Observation Domain describing the 523 Observation Point and the Selector IDs through the packets are 524 selected. [RFC5476] 526 Selection Sequence Report Interpretation 527 Each Packet Report contains a selectionSequenceId Information 528 Element that identifies the particular combination of Observation 529 Point and Selector(s) used for its selection. For every 530 selectionSequenceId Information Element in use, the PSAMP Device 531 MUST export a Selection Sequence Report Interpretation using an 532 Options Template. [RFC5476] 534 Selection Sequence Statistics Report Interpretation 535 A Selector MAY be used in multiple Selection Sequences. However, 536 each use of a Selector must be independent, so each separate 537 logical instance of a Selector MUST maintain its own individual 538 Selection State and statistics. The Selection Sequence Statistics 539 Report Interpretation MUST include the number of observed packets 540 (Population Size) and the number of packets selected (Sample Size) 541 by each instance of its Primitive Selectors. [RFC5476] 543 Selection State 544 A Selection Process may maintain state information for use by the 545 Selection Process. At a given time, the Selection State may 546 depend on packets observed at and before that time, and other 547 variables. Examples include: 549 * sequence numbers of packets at the input of Selectors 551 * a timestamp of observation of the packet at the Observation 552 Point 554 * iterators for pseudorandom number generators 556 * hash values calculated during selection 558 * indicators of whether the packet was selected by a given 559 Selector 561 Selection Processes may change portions of the Selection State as 562 a result of processing a packet. Selection state for a packet is 563 to reflect the state after processing the packet. [RFC5476] 565 Selector 566 A Selector defines the action of a Selection Process on a single 567 packet of its input. If selected, the packet becomes an element 568 of the output Packet Stream. The Selector can make use of the 569 following information in determining whether a packet is selected: 571 * the packet content 572 * information derived from the packet's treatment at the 573 Observation Point 575 * any selection state that may be maintained by the Selection 576 Process [RFC5476] 578 Selector Report Interpretation 579 An IPFIX Data Record, defined by an Options Template Record, MUST 580 be used to send the configuration details of every Selector in 581 use. The Options Template Record MUST contain: 583 * selectorId Information Element as the Scope field 585 * SelectorAlgorithm Information Element [RFC5476] 587 Template Record 588 A Template Record defines the structure and interpretation of 589 fields in a Data Record. [RFC7011] 591 Template/Template Set 592 A Template Set is a collection of one or more Template Records 593 that have been grouped together in an IPFIX Message. [RFC7011] 595 Traffic Flow or Flow 596 A Flow is defined as a set of packets or frames passing an 597 Observation Point in the network during a certain time interval. 598 All packets belonging to a particular Flow have a set of common 599 properties. Each property is defined as the result of applying a 600 function to the values of: 602 * one or more packet header fields (e.g., destination IP 603 address), transport header fields (e.g., destination port 604 number), or application header fields (e.g., RTP header fields) 606 * one or more characteristics of the packet itself (e.g., number 607 of MPLS labels, etc.) 609 * one or more of the fields derived from Packet Treatment (e.g., 610 next-hop IP address, the output interface, etc.) 612 A packet is defined as belonging to a Flow if it completely 613 satisfies all the defined properties of the Flow. Note that the 614 set of packets represented by a Flow may be empty; that is, a Flow 615 may represent zero or more packets. As sampling is a Packet 616 Treatment, this definition includes packets selected by a sampling 617 mechanism. [RFC7011] 619 1.4. Tree Diagrams 621 Tree diagrams used in this document follow the notation defined in 622 [RFC8340]. 624 2. Objectives 626 This document defines a YANG data model for the configuration and 627 state retrieval of basic IPFIX functionality as well as PSAMP and 628 bulk data export applications over IPFIX. The YANG modules in this 629 document conform to the Network Management Datastore Architecture 630 (NMDA) [RFC8342] and [RFC8407] YANG guidelines. 632 3. Structure of the Configuration Data Model 634 The reference model described in this RFC describes the following 635 models: 637 o A PSAMP/IPFIX metered model where a PSAMP/IPFIX device configures 638 a meter that samples packets passing through a device, applies an 639 IPFIX template to those packets, and exports IPFIX templates/data 640 records to an IPFIX collector. 642 o An IPFIX collector/exporter model where an IPFIX device can: 644 * terminate multiple IPFIX sessions to a collection process and 645 then export those IPFIX packets to an external IPFIX collector 646 or 648 * read an IPFIX formatted file into the collection process and 649 export that file to a destination location. 651 o A bulk data model where an IPFIX template is applied to configured 652 reference resource that can export bulk data (e.g., statistics, 653 [BBF.TR-352] ICTP IPFIX data). 655 Figure 1 illustrates the PSAMP metered UML model for a PSAMP/IPFIX 656 monitoring device. The metering process is contained in the ietf- 657 ipfix-packet-sampling module. The metering process comprises a 658 selection-process and cache that refers to an exporting-process. 659 Further explanations about the relationship between selection-process 660 and cache are given in Section 3.1.1. Section 4.4 describes the 661 exporting-process configuration. 663 +--------------------------------------------------------------+ 664 | +--------------------+ Metering Process | 665 | | Module: ietf-ipfix | | 666 | | -packet-sampling| | 667 | |--------------------|<------------------------+ | 668 | | |<--------+ 1 | | 669 | +--------------------+ | +-------------+-----------+ | 670 | ^ | | list: selection-process | | 671 | | | |-------------------------| | 672 | 1 | | | | | 673 | +--------+-------------+ | +-----------------+-------+ | 674 | | list: observation-pt | | ^ | | 675 | |----------------------| selection-process-ref | | | 676 | | +-------|---------------+ | | 677 | +----------------------+ | 0..* | | 678 | 1 | | | 679 | +-------+-------+ | | 680 | | list: cache | | | 681 | |---------------| 0..1 | | 682 | | |<----------+ | 683 | +---------------+ cache-ref | 684 +--------------------------------+-----------------------------+ 685 +--------------------+ | 686 | Module: ietf-ipfix | | 687 |--------------------| | 688 | | | 689 +--------------------+ | 690 ^ | exporting-process-ref 691 | | 692 1 | | 693 +---------+---------------+ | 694 | list: exporting-process | | 695 |-------------------------| | 696 | |<----+ 697 +-------------------------+ 0..* 699 Figure 1: PSAMP-IPFIX metered model 701 PSAMP/IPFIX monitoring device implementations usually maintain the 702 separation of various functional blocks, although they do not 703 necessarily implement all of them. The configuration data model 704 enables the setting of commonly available configuration parameters 705 for selection-processes and caches, and supports optional 706 configuration for features like the [RFC2863] IF-MIB and [RFC6933] 707 ENTITY-MIB. 709 3.1. PSAMP-IPFIX Metered Model 711 3.1.1. Metering Process Decomposition in Selection Process and Cache 713 In a monitoring device implementation, the functionality of the 714 metering process is split into the selection process and cache. 715 Figure 2 shows a metering process example. The selection-process 716 takes an observed packet stream as its input and selects a subset of 717 that stream as its output (selected packet stream). The action of 718 the selection-process on a single packet of its input is defined by 719 one selector (called a primitive selector) or an ordered composition 720 of multiple selectors (called a composite selector). The cache 721 generates flow records or packet reports from the selected packet 722 stream, depending on its configuration. 724 +------------------------------------+ 725 | Metering Process | 726 | +------------+ Selected | 727 Observed | | selection- | Packet +-------+ | Stream of 728 Packet -->| process |---------->| cache |--> Flow Records or 729 Stream | +------------+ Stream +-------+ | Packet Reports 730 +------------------------------------+ 732 Figure 2: Selection Process and Cache forming a Metering Process 734 A metering process must always have a selection-process. It is 735 possible to select all packets in the observed packet stream, and 736 pass them to the cache unfiltered by configuring the selector-method 737 to "select-all". 739 A metering process can be configured to support multiple selection 740 processes that receive packets from multiple observation points 741 within the same observation domain. In this case, the observed 742 packet streams of the observation points are processed in independent 743 selection sequences. As specified in [RFC5476], a distinct set of 744 selector instances needs to be maintained per selection sequence in 745 order to keep the selection states and statistics separate. 747 With the configuration data model, it is possible to configure a 748 metering process with multiple selection processes whose output is 749 processed by a single cache. This is illustrated in Figure 3. 751 +--------------------------------------+ 752 | Metering Process | 753 | +------------+ Selected | 754 Observed | | selection- | Packet | 755 Packet -->| process |----------+ +-------+ | 756 Stream | +------------+ Stream +->| | | Stream of 757 | ... | cache |--> Flow Records or 758 | +------------+ Selected +->| | | Packet Reports 759 Observed | | selection- | Packet | +-------+ | 760 Packet -->| process |----------+ | 761 Stream | +------------+ Stream | 762 +--------------------------------------+ 764 Figure 3: Metering Process with multiple Selection Processes 766 The observed packet streams at the input of a metering process may 767 originate from observation points belonging to different observation 768 domains. By definition of the observation domain (see [RFC7011]), a 769 cache must not aggregate packets observed at different observation 770 domains in the same flow. Hence, if the cache is configured to 771 generate flow records, it needs to distinguish packets according to 772 their observation domains. 774 3.1.2. Exporter Configuration 776 Figure 4 below shows the main classes of the configuration data model 777 that are involved in the configuration of an IPFIX or PSAMP Exporter. 778 The role of the classes can be briefly summarized as follows: 780 o The ObservationPoint class specifies an observation-point (e.g., 781 an interface or line card) of the Monitoring Device that captures 782 packets for traffic measurements. An observation-point may be 783 associated with one or more instances of the SelectionProcess 784 class when a device is capable of processing observed packets in 785 parallel. 787 * When an observation-point is configured without references to 788 the selection-process, the captured packets are not considered 789 part of the metering process. 791 o The SelectionProcess class contains the configuration and state 792 parameters of a selection-process. The selection-process may be 793 composed of a single selector or a sequence of selectors, defining 794 a primitive or composite Selector, respectively. The selection- 795 process selects packets from one or more observed packet streams, 796 each originating from a different observation-point. A selection- 797 process instance may be referred to from one or more observation- 798 point instances. 800 * A selection process may pass the selected packet stream to a 801 cache. Therefore, the selection-process class contains a 802 reference to an instance of the cache class. 804 * If a selection-process is configured without any reference to a 805 cache, the selected packets are not accounted in any packet 806 report or flow record. 808 o The Cache class contains configuration and state parameters of a 809 cache. A cache may receive the output of one or more selection 810 processes and maintains corresponding packet reports or flow 811 records. Therefore, an instance of the cache class may be 812 referred to from multiple selection process instances. 813 Configuration parameters of the cache class specify the size of 814 the cache, the cache layout, and expiration parameters if 815 applicable. The cache configuration also determines whether 816 packet reports or flow records are generated. 818 * A cache may pass its output to one or more exporting processes. 819 Therefore, the cache class enables references to one or more 820 instances of the exporting process class. 822 * If a cache instance does not specify any reference to an 823 exporting process instance, the cache output is dropped. 825 o The ExportingProcess class contains configuration and state 826 parameters of an exporting-process. It includes various 827 transport-protocol-specific parameters and the export 828 destinations. 830 * An instance of the exporting process class may be referred to 831 from multiple instances of the cache class. 833 +-------------------+ 834 | observation-point | 835 +---------+---------+ 836 0..* | 837 | 838 0..* v 839 +-------------------+ 840 | selection-process | 841 +---------+---------+ 842 0..* | 843 | 844 0..1 v 845 +-------------------+ 846 | cache | 847 +---------+---------+ 848 0..* | 849 | 850 0..* v 851 +-------------------+ 852 | exporting-process | 853 +-------------------+ 855 Figure 4: Class diagram of Exporter configuration 857 3.2. Collector/Exporter Model 859 +--------------------+ 860 | Module: ietf-ipfix | 861 |--------------------|<------------------+ 862 | | 1 | 863 +--------------------+ +-------------+------------+ 864 ^ | list: collecting-process | 865 | |--------------------------| 866 | +-------------+------------+ 867 | | 868 1 | | 869 +---------+---------------+ | 870 | list: exporting-process | | 871 |-------------------------| 0..* | 872 | |<-------------+ 873 +-------------------------+ exporting-process-ref 875 Figure 5: Collector/Exporter Model 877 3.2.1. Collector/Exporter Decomposition 879 Figure 5 shows the main classes of the configuration data model that 880 are involved in the configuration of a collector. An instance of the 881 CollectingProcess class specifies the local IP addresses, transport 882 protocols, and port numbers of a collecting-process. 884 A collecting-process MAY be configured as a File Reader according to 885 [RFC5655]. 887 A CollectingProcess class instance may refer to one or more 888 exporting-process instances configuring exporting processes that re- 889 export the received data. As an example, an exporting process can be 890 configured as a file-writer in order to save the received IPFIX 891 messages in a file. 893 3.3. Bulk Data Exporter Model 895 +------------------------------------+ 896 | module:ietf-ipfix-bulk-data-export | 897 |------------------------------------| 898 +------------------------------------+ 899 ^ 900 | 901 1 | 902 +------------+------------+ +---------------+ 903 | list:bulk-data-template | | list:resource | 904 |-------------------------|------------->+---------------| 905 +------------+------------+ 0..* +---------------+ 906 | 907 0..* | exporting-process-ref 908 v 909 +-------------------------+ 910 | list:exporting-process | 911 |-------------------------| 912 +-------------------------+ 914 Figure 6: Bulk Data Exporter Model 916 3.3.1. Bulk Data Exporter Decomposition 918 Figure 6 shows the main classes of the configuration model that are 919 involved in bulk data export. A device that has a resource instance 920 capable of reporting bulk data through IPFIX does not need an IPFIX 921 meter to be created. Instead a bulk-data template is created and 922 applied to that resource instance. 924 The ExportingProcess class contains configuration and state 925 parameters of an exporting-process. It includes various transport- 926 protocol-specific parameters and the export destinations. The bulk- 927 data-template may refer to multiple instances of the ExportingProcess 928 class. 930 4. Configuration and State Parameters 932 This section specifies the configuration and state parameters of the 933 configuration data model separately for each class. 935 4.1. Observation Point Class 937 Figure 7 shows the observation-point attributes of an IPFIX 938 monitoring device. As defined in [RFC7011], an observation point can 939 be any location where packets are observed. A IPFIX monitoring 940 device potentially has more than one such location. An instance of 941 observation-point defines which location is associated with a 942 specific observation point. For this purpose, interfaces (ietf- 943 interfaces module [RFC8343]) and hardware components (ietf-hardware 944 module [RFC8348]) are identified using their names. 946 o Alternatively, index values of the corresponding entries in the 947 ifTable (IF-MIB module [RFC2863]) or the entPhysicalTable (ENTITY- 948 MIB module [RFC6933]) can be used as identifiers. However, 949 indices should only be used as identifiers if an SNMP agent on the 950 same monitoring device enables access to the corresponding mib 951 tables. 953 By its definition in [RFC7011], an observation point may be 954 associated with a set of interfaces. Therefore, the configuration 955 data model allows configuring multiple interfaces and hardware 956 components for a single observation point. The observation-point-id 957 (i.e., the value of the information element observationPointId 958 [IANA-IPFIX]) is assigned by the monitoring device. 960 +--rw observation-point* [name] 961 +--rw name ietf-ipfix:name-type 962 +--rw observation-domain-id uint32 963 +--rw interface-ref* if:interface-ref 964 +--rw if-name* if-name-type {if-mib}? 965 +--rw if-index* uint32 {if-mib}? 966 +--rw hardware-ref* hardware-ref 967 +--rw ent-physical-name* string {entity-mib}? 968 +--rw ent-physical-index* uint32 {entity-mib}? 969 +--rw direction? direction 970 +--ro observation-point-id? uint32 971 +--rw selection-process* 972 -> /ietf-ipfix:ipfix/psamp/selection-process/name 974 Figure 7: Observation Point Attributes 976 The configuration parameters of the observation point are: 978 observation-domain-id 979 This parameter defines the identifier of the observation domain 980 that the observation point belongs to. Observation points that 981 are configured with the same observation domain ID belong to the 982 same observation domain. Note that this parameter corresponds to 983 ipfixObservationPointObservationDomainId in the IPFIX MIB module 984 [RFC6615]. 986 interface-ref 987 This parameter identifies the interface (via the interface 988 reference [RFC8343]) on the monitoring device that is associated 989 with the given observation point. 991 if-name 992 This parameter identifies the interface (via the ifName in the IF- 993 MIB [RFC2863]) on the monitoring device that is associated with 994 the given observation point. if-name should only be used if an 995 SNMP agent enables access to the ifTable. 997 if-index 998 This parameter identifies the interface (via the ifIndex value in 999 the IF-MIB [RFC2863]) on the monitoring device that is associated 1000 with the given observation point. if-index should only be used if 1001 an SNMP agent enables access to the ifTable. 1003 hardware-ref 1004 This parameter identifies a hardware component (via the hardware 1005 reference [RFC8348]) on the monitoring device that is associated 1006 with the given observation point. 1008 ent-physical-name 1009 This parameter identifies a physical entity (via the 1010 entPhysicalName in the ENTITY-MIB module [RFC6933]) on the 1011 monitoring device that is associated with the given observation 1012 point. ent-physical-name should only be used if an SNMP agent 1013 enables access to the entPhysicalTable. 1015 ent-physical-index 1016 This parameter identifies a physical entity (via the 1017 entPhysicalIndex in the ENTITY-MIB module [RFC6933]) on the 1018 monitoring device that is associated with the given observation 1019 point. ent-physical-name should only be used if an SNMP agent 1020 enables access to the entPhysicalTable. 1022 direction 1023 This parameter specifies if ingress traffic, egress traffic, or 1024 both ingress and egress traffic is captured, using the values 1025 "ingress", "egress", and "both", respectively. if not configured, 1026 ingress and egress traffic is captured (i.e., the default value is 1027 "both"). If not applicable (e.g., in the case of a sniffing 1028 interface in promiscuous mode), the value of this parameter is 1029 ignored. 1031 selection-process-reference 1032 An observation-point instance may refer to one or more selection- 1033 process instances that process the observed packets in parallel. 1035 4.2. Selection Process Class 1037 Figure 8 shows the selection-process attributes. The selection- 1038 process class contains the configuration and state parameters of a 1039 selection process that selects packets from one or more observed 1040 packet streams and generates a selected packet stream as its output. 1041 A non-empty ordered list defines a sequence of selectors. The 1042 actions defined by the selectors are applied to the stream of 1043 incoming packets in the specified order. 1045 If the selection process receives packets from multiple observation 1046 points, the observed packet streams need to be processed 1047 independently in separate selection sequences. Each selection 1048 sequence is identified by a selection sequence id that is unique 1049 within the observation domain the observation point belongs to (see 1050 [RFC5477]). Selection sequence ids are assigned by the monitoring 1051 device. 1053 As state parameters, the selection-process class contains a list of 1054 (observation-domain-id, selection-sequence-id) tuples specifying the 1055 assigned selection sequence ids and corresponding observation domain 1056 ids. With this information, it is possible to associate selection 1057 sequence (statistics) report interpretations exported according to 1058 the PSAMP protocol specification [RFC5476] with the corresponding 1059 selection-process instance. 1061 A selection-process instance may include a reference to a cache class 1062 instance to generate packet reports or flow records from the selected 1063 packet stream. 1065 +--rw selection-process* [name] 1066 +--rw name ietf-ipfix:name-type 1067 +--rw selector* [name] 1068 | +--rw name 1069 | | ietf-ipfix:name-type 1070 | +--rw (method) 1071 | | +--:(select-all) 1072 | | | +--rw select-all? empty 1073 | | +--:(samp-count-based) 1074 | | | ... 1075 | | +--:(samp-time-based) 1076 | | | ... 1077 | | +--:(samp-rand-out-of-n) 1078 | | | ... 1079 | | +--:(samp-uni-prob) 1080 | | | ... 1081 | | +--:(filter-match) 1082 | | | ... 1083 | | +--:(filter-hash) 1084 | | | ... 1085 | +--ro packets-observed? yang:counter64 1086 | +--ro packets-dropped? yang:counter64 1087 | +--ro selector-discontinuity-time? yang:date-and-time 1088 +--rw cache? 1089 | -> /ietf-ipfix:ipfix/psamp/cache/name 1090 +--ro selection-sequence* [] 1091 +--ro observation-domain-id? uint32 1092 +--ro selection-sequence-id? uint64 1094 Figure 8: Selection Process Attributes 1096 4.2.1. Selection Process Class Method 1098 Standardized PSAMP sampling and filtering methods are described in 1099 [RFC5475]; their configuration parameters are specified in the 1100 classes samp-count-based, samp-time-based, samp-rand-out-of-n, samp- 1101 uni-prob, filter-match, and filter-hash. In addition, the select-all 1102 class, which has no parameters, is used for a selector that selects 1103 all packets. The selector class includes exactly one of these 1104 sampler and filter classes, depending on the applied method. 1106 +--rw selection-process* [name] 1107 +--rw name ietf-ipfix:name-type 1108 +--rw selector* [name] 1109 | +--rw name 1110 | | ietf-ipfix:name-type 1111 | | ... 1112 | +--ro packets-observed? yang:counter64 1113 | +--ro packets-dropped? yang:counter64 1114 | +--ro selector-discontinuity-time? yang:date-and-time 1116 Figure 9: Selector Class Attributes 1118 The selector class, shown in Figure 9 contains the selector 1119 statistics packets-observed and packets-dropped as well as selector- 1120 discontinuity-time, which correspond to the IPFIX MIB module objects 1121 ipfixSelectionProcessStatsPacketsObserved, 1122 ipfixSelectionProcessStatsPacketsDropped, and 1123 ipfixSelectionProcessStatsDiscontinuityTime, respectively [RFC6615]: 1125 packets-observed 1126 The total number of packets observed at the input of the selector. 1127 If this is the first selector in the selection process, this 1128 counter corresponds to the total number of packets in all observed 1129 packet streams at the input of the selection process. Otherwise, 1130 the counter corresponds to the total number of packets at the 1131 output of the preceding selector. Discontinuities in the value of 1132 this counter can occur at re-initialization of the management 1133 system, and at other times as indicated by the value of selector- 1134 discontinuity-time. 1136 packets-dropped 1137 The total number of packets discarded by the selector. 1138 Discontinuities in the value of this counter can occur at re- 1139 initialization of the management system, and at other times as 1140 indicated by the value of selector-discontinuity-time. 1142 selector-discontinuity-time 1143 Timestamp of the most recent occasion at which one or more of the 1144 selector counters suffered a discontinuity. In contrast to 1145 ipfixSelectionProcessStatsDiscontinuityTime, the time is absolute 1146 and not relative to sys-uptime. 1148 Note that packets-observed and packets-dropped are aggregate 1149 statistics calculated over all selection sequences of the selection 1150 process. This is in contrast to the counter values in the selection 1151 sequence statistics report interpretation [RFC5476], which are 1152 related to a single selection sequence only. 1154 4.2.1.1. Selection Process Class Method: Sampler Methods 1156 | | +--:(samp-count-based) 1157 | | | +--rw samp-count-based {psamp-samp-count-based}? 1158 | | | +--rw packet-interval uint32 1159 | | | +--rw packet-space uint32 1160 | | +--:(samp-time-based) 1161 | | | +--rw samp-time-based {psamp-samp-time-based}? 1162 | | | +--rw time-interval uint32 1163 | | | +--rw time-space uint32 1164 | | +--:(samp-rand-out-of-n) 1165 | | | +--rw samp-rand-out-of-n 1166 | | | {psamp-samp-rand-out-of-n}? 1167 | | | +--rw size uint32 1168 | | | +--rw population uint32 1169 | | +--:(samp-uni-prob) 1170 | | | +--rw samp-uni-prob {psamp-samp-uni-prob}? 1171 | | | +--rw probability decimal64 1173 Figure 10: Sampler Method Attributes 1175 Figure 10 shows the following sampler methods: 1177 samp-count-based (Systematic Count-based Sampling): The following 1178 attributes are configurable: 1180 packet-interval 1181 The number of packets that are consecutively sampled between gaps 1182 of length packet-space. This parameter corresponds with the 1183 Information Element samplingPacketInterval and 1184 psampSampCountBasedInterval attribute [RFC5477]. 1186 packet-space: 1187 The number of unsampled packets between two sampling intervals. 1188 This parameter corresponds to the Information Element 1189 samplingPacketSpace and psampSampCountBasedSpace attribute 1190 [RFC6727]. 1192 Samp-Time-Based (Systematic Time-based Sampling): The following 1193 attributes are configurable: 1195 time-interval 1196 The time interval during which all arriving packets are sampled. 1197 The unit is microseconds. This parameter corresponds to 1198 corresponds to the Information Element samplingTimeInterval and to 1199 psampSampTimeBasedInterval attribute [RFC6727]. 1201 time-space 1202 The gap between two Sampling intervals, in microseconds. This 1203 parameter corresponds to Information Element samplingTimeSpace and 1204 to psampSampTimeBasedSpace attribute [RFC6727]. 1206 Samp-Rand-Out-of-N: The following attributes are configurable: 1208 size 1209 The number of elements taken from the parent population. This 1210 parameter corresponds to Information Element samplingSize and 1211 psampSampRandOutOfNSize attribute [RFC6727]. 1213 population 1214 The number of elements in the parent population. These parameters 1215 correspond to Information Element samplingPopulation and 1216 psampSampRandOutOfNPopulation attribute [RFC6727]. 1218 samp-uni-prob: The following attributes are configurable: 1220 probability 1221 The probability for uniform probabilistic sampling. The 1222 probability is expressed as a value between 0 and 1. This 1223 parameter corresponds to Information Element samplingProbability 1224 and psampSampUniProbProbability attribute [RFC6727]. 1226 4.2.2. Selection Process Filter Classes 1227 | | +--:(filter-match) 1228 | | | +--rw filter-match {psamp-filter-match}? 1229 | | | +--rw (information-element) 1230 | | | | +--:(ie-name) 1231 | | | | | +--rw ie-name? 1232 | | | | | ietf-ipfix:ie-name-type 1233 | | | | +--:(ie-id) 1234 | | | | +--rw ie-id? 1235 | | | | ietf-ipfix:ie-id-type 1236 | | | +--rw ie-enterprise-number? uint32 1237 | | | +--rw value string 1238 | | +--:(filter-hash) 1239 | | +--rw filter-hash {psamp-filter-hash}? 1240 | | +--rw hash-function? identityref 1241 | | +--rw initializer-value? uint64 1242 | | +--rw ip-payload-offset? uint64 1243 | | +--rw ip-payload-size? uint64 1244 | | +--rw digest-output? boolean 1245 | | +--rw selected-range* [name] 1246 | | | +--rw name ietf-ipfix:name-type 1247 | | | +--rw min? uint64 1248 | | | +--rw max? uint64 1249 | | +--ro output-range-min? uint64 1250 | | +--ro output-range-max? uint64 1252 Figure 11: Filter Method Attributes 1254 Figure 11 shows the following filter methods: 1256 Property-Match Filtering: The following attributes are configurable: 1258 Filtering based on ie-id, ie-name, ie-enterprise-number 1259 The property to be matched is specified by either ie-id or ie- 1260 name, specifying the identifier or name of the Information 1261 Element, respectively. If ie-enterprise-number is zero (which is 1262 the default), this Information Element is registered in the IANA 1263 registry of IPFIX Information Elements [IANA-IPFIX]. A non-zero 1264 value of ie-enterprise-number specifies an enterprise specific 1265 Information Element [IANA-ENTERPRISE-NUMBERS]. 1267 value 1268 The matching value. 1270 For hash-based filtering, the configuration and state attributes are: 1272 hash-function 1273 The following values are defined: 1275 * BOB: BOB Hash Function as specified in [RFC5475], Appendix A.2 1277 * IPSX: IP Shift-XOR (IPSX) Hash Function as specified in 1278 [RFC5475], Appendix A.1 1280 * CRC: CRC-32 function as specified in [RFC1141] Default value is 1281 "BOB". This parameter corresponds to the PSAMP MIB object 1282 psampFiltHashFunction [RFC6727]. 1284 initializer-value 1285 This parameter corresponds to the Information Element 1286 hashInitialiserValue [RFC5477], as well as to the PSAMP MIB object 1287 psampFiltHashInitializerValue [RFC6727]. If not configured by the 1288 user, the Monitoring Device arbitrarily chooses an initializer 1289 value. 1291 ip-payload-offset 1292 Configures the offset of the payload section used as input to the 1293 hash function. Default value is 0 (minimum configurable values 1294 according to [RFC5476], Section 6.5.2.6.). This parameter 1295 corresponds to the Information Element hashIPPayloadOffset 1296 [RFC5477] as well as to the PSAMP MIB object 1297 psampFiltHashIpPayloadOffset [RFC6727]. 1299 ip-payload-size 1300 Configures the size of the payload section used as input to the 1301 hash function. Default value is 8 (minimum configurable values 1302 according to [RFC5476], Section 6.5.2.6.). This parameter 1303 corresponds to the Information Element hashIPPayloadSize 1304 [RFC5477], as well as to the PSAMP MIB object 1305 psampFiltHashIpPayloadSize [RFC6727]. 1307 digest-output 1308 Enables or disables the inclusion of the packet digest in the 1309 resulting PSAMP Packet Report. This requires that the Cache 1310 Layout of the Cache generating the Packet Reports includes a 1311 digest-hash-value field. This parameter corresponds to the 1312 Information Element hashDigestOutput [RFC5477]. 1314 output-range-min 1315 Defines the beginning of the hash's function potential output 1316 range. This parameter correspond to the Information Element 1317 hashOutputRangeMin [RFC5477], as well as to the PSAMP MIB object 1318 psampFiltHashOutputRangeMin [RFC6727]. 1320 output-range-max 1321 Defines the end of the hash function's potential output range. 1322 This parameter correspond to the Information Element 1323 hashOutputRangeMax [RFC5477], as well as to the PSAMP MIB object 1324 psampFiltHashOutputRangeMax [RFC6727]. 1326 One or more ranges of matching hash values are defined by the min and 1327 max parameters of the selected-range subclass. These parameters 1328 correspond to the Information Elements hashSelectedRangeMin and 1329 hashSelectedRangeMax [RFC5477], as well as to the PSAMP MIB objects 1330 psampFiltHashSelectedRangeMin and psampFiltHashSelectedRangeMax 1331 [RFC6727]. 1333 4.3. Cache Class 1335 Figure 12 shows the cache class that contains the configuration and 1336 state parameters of a cache. Most of these parameters are specific 1337 to the type of the cache and therefore contained in the subclasses 1338 immediate-cache, timeout-cache, natural-cache, and permanent-cache, 1339 which are presented below in Section 4.3.1 and Section 4.3.2. 1341 +--rw cache* [name] 1342 +--rw name ietf-ipfix:name-type 1343 +--rw enabled boolean 1344 +--ro metering-process-id? uint32 1345 +--ro data-records? yang:counter64 1346 +--ro cache-discontinuity-time? yang:date-and-time 1347 +--rw (cache-type) 1348 | +--:(immediate-cache) 1349 | | ... 1350 | +--:(timeout-cache) 1351 | | ... 1352 | +--:(natural-cache) 1353 | | ... 1354 | +--:(permanent-cache) 1355 | | ... 1356 +--rw exporting-process* 1357 -> /ietf-ipfix:ipfix/exporting-process/name 1358 {ietf-ipfix:exporter}? 1360 Figure 12: Cache Attributes 1362 The following configuration and state parameters are common to all 1363 caches and therefore included in the cache class itself: 1365 enabled 1366 Enables the cache so that specified data may be exported. The 1367 default is "enabled". 1369 metering-process-id 1370 The identifier of the metering process that cache belongs to. 1371 This parameter corresponds to the information element 1372 meteringProcessId [IANA-IPFIX]. Its occurrence helps to associate 1373 metering process (reliability) statistics exported according to 1374 the IPFIX protocol specification [RFC7011] with the corresponding 1375 MeteringProcess class identifier. 1377 data-records 1378 The number of data records generated by this cache. 1380 discontinuities 1381 The value of this counter can occur at re-initialization of the 1382 management system, and at other times as indicated by the value of 1383 cache-discontinuity-time. Note that this parameter corresponds to 1384 ipfixMeteringProcessDataRecords in the IPFIX MIB module [RFC6615]. 1386 cache-discontinuity-time 1387 The timestamp of the most recent occasion at which datarecords 1388 suffered a discontinuity. The time is absolute and not relative 1389 to sysUpTime. Note that this parameter functionally corresponds 1390 to ipfixMeteringProcessDiscontinuityTime in the IPFIX MIB module 1391 [RFC6615]. 1393 A cache object may refer to one or more exporting-process instances. 1395 4.3.1. Immediate Cache Type Class 1397 The immediate-cache type class depicted in Figure 13 is used to 1398 configure a cache that generates a PSAMP Packet Report for each 1399 packet at its input. The fields contained in the generated data 1400 records are defined in an object of the cache-layout, which is 1401 defined below in Section 4.3.3. 1403 +--rw (cache-type) 1404 | +--:(immediate-cache) 1405 | | +--rw immediate-cache {immediate-cache}? 1406 | | +--rw cache-layout 1407 | | +--rw cache-field* [name] 1408 | | +--rw name 1409 | | | ietf-ipfix:name-type 1410 | | +--rw (information-element) 1411 | | | +--:(ie-name) 1412 | | | | +--rw ie-name? 1413 | | | | ietf-ipfix:ie-name-type 1414 | | | +--:(ie-id) 1415 | | | +--rw ie-id? 1416 | | | ietf-ipfix:ie-id-type 1417 | | +--rw ie-length? uint16 1418 | | +--rw ie-enterprise-number? uint32 1419 | | +--rw is-flow-key? empty 1421 Figure 13: Immediate Cache Attributes 1423 4.3.2. Timeout Cache, Natural Cache, and Permanent Cache Type Class 1425 Figure 14 shows the timeout-cache, natural-cache, and permanent-cache 1426 type classes. These classes are used to configure a cache that 1427 aggregates the packets at its input and generates IPFIX flow records. 1429 +--rw (cache-type) 1430 | +--:(timeout-cache) 1431 | | +--rw timeout-cache {timeout-cache}? 1432 | | +--rw max-flows? uint32 1433 | | +--rw active-timeout? uint32 1434 | | +--rw idle-timeout? uint32 1435 | | +--rw export-interval? uint32 1436 | | +--rw cache-layout 1437 | | | ... 1438 | | +--ro active-flows? yang:gauge32 1439 | | +--ro unused-cache-entries? yang:gauge32 1440 | +--:(natural-cache) 1441 | | +--rw natural-cache {natural-cache}? 1442 | | { same as timeout-cache } 1443 | +--:(permanent-cache) 1444 | +--rw permanent-cache {permanent-cache}? 1445 | { same as timeout-cache } 1447 Figure 14: Timeout, Natural and Permanent Cache Attributes 1449 The three classes differ in when flows expire: 1451 timeout-cache 1452 Flows expire after active or idle timeout. 1454 natural-cache 1455 Flows expire after active or idle timeout, or on natural 1456 termination (e.g., TCP FIN or TCP RST) of the flow. 1458 permanent-cache 1459 Flows never expire, but are periodically exported with the 1460 interval set by export-interval. 1462 The following configuration and state parameters are common to the 1463 three classes: 1465 max-flows 1466 This parameter configures the maximum number of entries in the 1467 cache, which is the maximum number of flows that can be measured 1468 simultaneously. If this parameter is configured, the monitoring 1469 device must ensure that sufficient resources are available to 1470 store the configured maximum number of flows. If the maximum 1471 number of cache entries is in use, no additional flows can be 1472 measured. However, traffic that pertains to existing flows can 1473 continue to be measured. 1475 active-flows 1476 This state parameter indicates the number of flows currently 1477 active in this cache (i.e., the number of cache entries currently 1478 in use). Note that this parameter corresponds to 1479 ipfixmeteringprocesscacheactiveflows in the IPFIX MIB module 1480 [RFC6615]. 1482 unused-cache-entries 1483 The number of unused cache entries. Note that the sum of active- 1484 flows and unused-cache-entries equals max-flows if max-flows is 1485 configured. Note that this parameter corresponds to 1486 ipfixMeteringProcessCacheUnusedCacheEntries in the IPFIX MIB 1487 module [RFC6615]. 1489 The following timeout parameters are only available in the timeout- 1490 cache and the natural-cache cache-types: 1492 active-timeout 1493 This parameter configures the time in seconds after which a flow 1494 is expired even though packets matching this flow are still 1495 received by the cache. The parameter value zero indicates 1496 infinity, meaning that there is no active timeout. If not 1497 configured by the user, the monitoring device sets this parameter. 1498 Note that this parameter corresponds to 1499 ipfixMeteringProcessCacheActiveTimeout in the IPFIX MIB module 1500 [RFC6615]. 1502 idle-timeout 1503 This parameter configures the time in seconds after which a flow 1504 is expired if no more packets matching this flow are received by 1505 the cache. The parameter value zero indicates infinity, meaning 1506 that there is no idle timeout. If not configured by the user, the 1507 monitoring device sets this parameter. Note that this parameter 1508 corresponds to ipfixMeteringProcessCacheIdleTimeout in the IPFIX 1509 MIB module [RFC6615]. 1511 The following interval parameter is only available in the permanent- 1512 cache class: 1514 export-interval 1515 This parameter configures the interval (in seconds) for periodical 1516 export of flow records. If not configured by the user, the 1517 monitoring device sets this parameter. 1519 Every generated flow record must be associated with a single 1520 observation domain. Hence, although a cache may be configured to 1521 process packets observed at multiple observation domains, the cache 1522 must not aggregate packets observed at different observation domains 1523 in the same flow. 1525 An object of the cache class contains an object of the cache-layout 1526 class that defines which fields are included in the flow records. 1528 4.3.3. Cache Layout Class 1530 A cache generates and maintains packet reports or flow records 1531 containing information that has been extracted from the incoming 1532 stream of packets. Using the cache-field class, the cache-layout 1533 class specifies the superset of fields that are included in the 1534 packet reports or flow records (see Figure 15). 1536 If packet reports are generated (i.e., if immediate-cache class is 1537 used to configure the cache), every field specified by the cache- 1538 layout must be included in the resulting packet report unless the 1539 corresponding information element is not applicable or cannot be 1540 derived from the content or treatment of the incoming packet. Any 1541 other field specified by the cache layout may only be included in the 1542 packet report if it is obvious from the field value itself or from 1543 the values of other fields in same packet report that the field value 1544 was not determined from the packet. 1546 For example, if a field is configured to contain the TCP source port 1547 (information element tcpSourcePort [IANA-IPFIX]), the field must be 1548 included in all packet reports that are related to TCP packets. 1549 Although the field value cannot be determined for non-TCP packets, 1550 the field may be included in the packet reports if another field 1551 contains the transport protocol identifier (information element 1552 protocolIdentifier [IANA-IPFIX]). 1554 If flow records are generated (i.e., if timeout-cache, natural-cache, 1555 or permanent-cache class is used to configure the cache), the cache 1556 layout differentiates between flow key fields and non-key fields. 1557 Every flow key field specified by the cache layout must be included 1558 as flow key in the resulting flow record unless the corresponding 1559 information element is not applicable or cannot be derived from the 1560 content or treatment of the incoming packet. Any other flow key 1561 field specified by the cache layout may only be included in the flow 1562 record if it is obvious from the field value itself or from the 1563 values of other flow key fields in the same flow record that the 1564 field value was not determined from the packet. Two packets are 1565 accounted by the same flow record if none of their flow key fields 1566 differ. If a flow key field can be determined for one packet but not 1567 for the other, the two packets are accounted in different flow 1568 records. 1570 Every non-key field specified by the cache layout must be included in 1571 the resulting flow record unless the corresponding information 1572 element is not applicable or cannot be derived for the given flow. 1573 Any other non-key field specified by the cache layout may only be 1574 included in the flow record if it is obvious from the field value 1575 itself or from the values of other fields in same flow record that 1576 the field value was not determined from the packet. Packets which 1577 are accounted by the same flow record may differ in their non-key 1578 fields, or one or more of the non-key fields can be undetermined for 1579 all or some of the packets. 1581 For example, if a non-key field specifies an information element 1582 whose value is determined by the first packet observed within a flow 1583 (which is the default rule according to [RFC7012] unless specified 1584 differently in the description of the information element), this 1585 field must be included in the resulting flow record if it can be 1586 determined from the first packet of the flow. 1588 | | +--rw cache-layout 1589 | | | +--rw cache-field* [name] 1590 | | | +--rw name 1591 | | | | ietf-ipfix:name-type 1592 | | | +--rw (information-element) 1593 | | | | +--:(ie-name) 1594 | | | | | +--rw ie-name? 1595 | | | | | ietf-ipfix:ie-name-type 1596 | | | | +--:(ie-id) 1597 | | | | +--rw ie-id? 1598 | | | | ietf-ipfix:ie-id-type 1599 | | | +--rw ie-length? uint16 1600 | | | +--rw ie-enterprise-number? uint32 1601 | | | +--rw is-flow-key? empty 1603 Figure 15: Cache Field Attributes 1605 The cache-layout class does not have any parameters. The 1606 configuration parameters of the cache-field class (see Figure 15) are 1607 as follows: 1609 ie-name 1610 Specifies the information element name to be used. Either ie-id 1611 or ie-name must be specified. 1613 ie-id 1614 Specifies the information element identifier to be used. Either 1615 ie-id or ie-name must be specified. 1617 ie-length 1618 This parameter specifies the length of the field in octets. A 1619 value of 65535 means that the field is encoded as a variable- 1620 length information element. For information elements of integer 1621 and float type, the field length may be set to a smaller value 1622 than the standard length of the abstract data type if the rules of 1623 reduced size encoding are fulfilled (see [RFC7011], section 6.2). 1624 If not configured by the user, the field length is set by the 1625 monitoring device. 1627 ie-enterprise-number 1628 Specifies the enterprise ID of the ie-id or ie-name. If the ie- 1629 enterprise-number is zero (which is the default), this information 1630 element is registered in the IANA registry of IPFIX information 1631 elements [IANA-IPFIX]. A non-zero value of ie-enterprise-number 1632 specifies an enterprise-specific information element 1633 [IANA-ENTERPRISE-NUMBERS]. If the enterprise number is set to 1634 29305, this field contains a reverse information element. In this 1635 case, the cache must generate data records in accordance to 1636 [RFC5103]. 1638 is-flow-key 1639 If present, this field is a flow key. If the field contains a 1640 reverse information element, it must not be configured as flow 1641 key. This parameter is not available if the cache is configured 1642 using the immediate-cache class since there is no distinction 1643 between flow key fields and non-key fields in packet reports. 1645 Note that the use of information elements can be restricted to 1646 certain cache types as well as to flow key or non-key fields. Such 1647 restrictions may result from information element definitions or from 1648 device-specific constraints. According to Section 5, the monitoring 1649 device must notify the user if a cache field cannot be configured 1650 with the given information element. 1652 4.4. Exporting Process Class 1654 The ExportingProcess class in Figure 16) specifies destinations to 1655 which the incoming packet reports and flow records are exported using 1656 objects of the destination class. The destination class includes a 1657 choice of type of exporter (sctp-exporter, udp-exporter, tcp- 1658 exporter, or file-writer) which contains further configuration 1659 parameters. Those exporter type classes are described in 1660 Section 4.4.1, Section 4.4.2, Section 4.4.3, and Section 4.4.4. 1662 The ExportingProcess class contains the identifier of the exporting 1663 process (exporting-process-id). This parameter corresponds to the 1664 information element exportingProcessId [IANA-IPFIX]. Its occurrence 1665 helps to associate exporting process reliability statistics exported 1666 according to the IPFIX protocol specification [RFC7011] with the 1667 corresponding object of the ExportingProcess class. 1669 The order in which destination instances appear has a specific 1670 meaning only if the export-mode parameter is set to "fallback". 1672 +--rw exporting-process* [name] {exporter}? 1673 +--rw name name-type 1674 +--rw enabled? boolean 1675 +--rw export-mode? identityref 1676 +--rw destination* [name] 1677 | +--rw name name-type 1678 | +--rw (destination-parameters) 1679 | +--:(tcp-exporter) 1680 | ... 1681 | +--:(udp-exporter) 1682 | ... 1683 | +--:(sctp-exporter) 1684 | ... 1685 | +--:(file-writer) 1686 | ... 1687 +--rw options* [name] 1688 | +--rw name name-type 1689 | +--rw options-type identityref 1690 | +--rw options-timeout? uint32 1691 +--ro exporting-process-id? uint32 1693 Figure 16: Exporting Process Class 1695 The Exporting Process parameters are defined as follows: 1697 enabled 1698 Enables the exporting process to begin exporting data. The 1699 default is "enabled". 1701 export-mode 1702 Determines to which configured destination(s) the incoming data 1703 records are exported. The following parameter values are 1704 specified by the configuration data model: 1706 * parallel: every data record is exported to all configured 1707 destinations in parallel 1709 * load-balancing: every data record is exported to exactly one 1710 configured destination according to a device-specific load- 1711 balancing policy 1713 * fallback: every data record is exported to exactly one 1714 configured destination according to the fallback policy 1715 described below 1717 If export-mode is set to "fallback", the first destination instance 1718 defines the primary destination, the second destination instance 1719 defines the secondary destination, and so on. If the exporting 1720 process fails to export data records to the primary destination, it 1721 tries to export them to the secondary one. If the secondary 1722 destination fails as well, it continues with the tertiary, etc. 1723 "parallel" is the default value if exportmode is not configured. 1725 Note that the export-mode parameter is related to the 1726 ipfixExportMemberType object in [RFC6615]. If export-mode is 1727 "parallel", the ipfixExportMemberType values of the corresponding 1728 entries in IpfixExportTable are set to parallel(3). If export-mode 1729 is "load-balancing", the ipfixExportMemberType values of the 1730 corresponding entries in IpfixExportTable are set to 1731 loadBalancing(4). If exportmode is "fallback", the 1732 ipfixExportMemberType value that refers to the primary destination is 1733 set to primary(1); the ipfixExportMemberType values that refer to the 1734 remaining destinations need to be set to secondary(2). The IPFIX mib 1735 module does not define any value for tertiary destination, etc. 1737 The reporting of information with options templates is defined with 1738 objects of the Options class. 1740 The exporting process may modify the packet reports and flow records 1741 to enable a more efficient transmission or storage under the 1742 condition that no information is changed or suppressed. For example, 1743 the exporting process may shorten the length of a field according to 1744 the rules of reduced size encoding [RFC7011]. The exporting process 1745 may also export certain fields in a separate data record as described 1746 in [RFC5476]. 1748 4.4.1. SCTP Exporter Class 1750 The SctpExporter class shown in Figure 17 contains the configuration 1751 parameters of an SCTP export destination. 1753 +--:(sctp-exporter) 1754 +--rw sctp-exporter {sctp-transport}? 1755 +--rw ipfix-version? uint16 1756 +--rw destination-port? 1757 | inet:port-number 1758 +--rw send-buffer-size? uint32 1759 +--rw rate-limit? uint32 1760 +--rw transport-layer-security! 1761 | ... 1762 +--rw source 1763 | +--rw (source-method)? 1764 | +--:(source-address) 1765 | | +--rw source-address? inet:host 1766 | +--:(interface-ref) 1767 | | +--rw interface-ref? if:interface-ref 1768 | +--:(if-index) {if-mib}? 1769 | | +--rw if-index? uint32 1770 | +--:(if-name) {if-mib}? 1771 | +--rw if-name? string 1772 +--rw destination 1773 | +--rw (destination-method) 1774 | +--:(destination-address) 1775 | +--rw destination-address? inet:host 1776 +--rw timed-reliability? uint32 1777 +--ro transport-session 1778 ... 1780 Figure 17: SCTP Exporter Class 1782 The configuration parameters are: 1784 ipfix-version 1785 Version number of the IPFIX protocol used. If omitted, the 1786 default value is 10 (=0x000a) as specified in [RFC7011]. 1788 source-address 1789 List of source IP addresses used by the exporting process. If 1790 configured, the specified addresses are eligible local IP 1791 addresses of the multihomed SCTP endpoint. If not configured, all 1792 locally assigned IP addresses are eligible local IP addresses. 1794 destination-address 1795 One or more IP addresses of the collecting process to which IPFIX 1796 Messages are sent. The user must ensure that all configured IP 1797 addresses belong to the same collecting process. The exporting 1798 process tries to establish an SCTP association to any of the 1799 configured destination IP addresses. 1801 destination-port 1802 Destination port number to be used. If not configured, standard 1803 port 4739 (IPFIX without TLS and DTLS) or 4740 (IPFIX over TLS or 1804 DTLS) is used. 1806 if-index 1807 The index of the interface used by the exporting process to export 1808 IPFIX Messages to the given destination MAY be specified according 1809 to corresponding objects in the IF-MIB [RFC2863]. If omitted, the 1810 Exporting Process selects the outgoing interface based on local 1811 routing decision and accepts return traffic, such as transport- 1812 layer acknowledgments, on all available interfaces. 1814 if-name 1815 The name of the interface used by the exporting process to export 1816 IPFIX Messages to the given destination MAY be specified according 1817 to corresponding objects in the IF-MIB [RFC2863]. If omitted, the 1818 Exporting Process selects the outgoing interface based on local 1819 routing decision and accepts return traffic, such as transport- 1820 layer acknowledgments, on all available interfaces. 1822 send-buffersize 1823 Size of the socket send buffer in bytes. If not configured by the 1824 user, the buffer size is set by the monitoring device. 1826 rate-limit 1827 Maximum number of bytes per second the exporting process may 1828 export to the given destination as required by [RFC5476]. The 1829 number of bytes is calculated from the lengths of the IPFIX 1830 Messages exported. If this parameter is not configured, no rate 1831 limiting is performed for this destination. 1833 timed-reliability 1834 Lifetime in milliseconds until an IPFIX message containing data 1835 sets only is "abandoned" due to the timed reliability mechanism of 1836 the partial reliability extension of SCTP (pr-SCTP) [RFC3758]. if 1837 this parameter is set to zero, reliable SCTP transport must be 1838 used for all data records. Regardless of the value of this 1839 parameter, the exporting process may use reliable SCTP transport 1840 for data sets associated with certain options templates, such as 1841 the data record reliability options template specified in 1842 [RFC6526]. 1844 Using the TransportLayerSecurity class described in Section 4.6, 1845 Datagram Transport Layer Security (DTLS) is enabled and configured 1846 for this export destination. 1848 The TransportSession class is discussed in Section 4.7. 1850 4.4.2. UDP Exporter Class 1852 The UdpExporter class shown in Figure 18 contains the configuration 1853 parameters of a UDP export destination. The parameters ipfix- 1854 version, destination-port, if-name, if-index, send-buffer-size, and 1855 rate-limit have the same meaning as in the SctpExporter class (see 1856 Section 4.4.1). 1858 +--:(udp-exporter) 1859 +--rw udp-exporter {udp-transport}? 1860 +--rw ipfix-version? uint16 1861 +--rw destination-port? 1862 | inet:port-number 1863 +--rw send-buffer-size? uint32 1864 +--rw rate-limit? uint32 1865 +--rw transport-layer-security! 1866 | ... 1867 +--rw source 1868 | +--rw (source-method)? 1869 | +--:(source-address) 1870 | | +--rw source-address? inet:host 1871 | +--:(interface-ref) 1872 | | +--rw interface-ref? if:interface-ref 1873 | +--:(if-index) {if-mib}? 1874 | | +--rw if-index? uint32 1875 | +--:(if-name) {if-mib}? 1876 | +--rw if-name? string 1877 +--rw destination 1878 | +--rw (destination-method) 1879 | +--:(destination-address) 1880 | +--rw destination-address? inet:host 1881 +--rw maximum-packet-size? uint16 1882 +--rw template-refresh-timeout? uint32 1883 +--rw options-template-refresh-timeout? uint32 1884 +--rw template-refresh-packet? uint32 1885 +--rw options-template-refresh-packet? uint32 1886 +--ro transport-session 1887 .... 1889 Figure 18: UDP Exporter Class 1891 The remaining configuration parameters are: 1893 source-address 1894 This parameter specifies the source IP address used by the 1895 exporting process. If this parameter is omitted, the IP address 1896 assigned to the outgoing interface is used as the source IP 1897 address. 1899 destination-address 1900 Destination IP address to which IPFIX messages are sent (i.e., the 1901 IP address of the collecting process). 1903 max-packet-size 1904 This parameter specifies the maximum size of IP packets sent to 1905 the collector. If set to zero, the exporting device must derive 1906 the maximum packet size from path mtu discovery mechanisms. If 1907 not configured by the user, this parameter is set by the 1908 monitoring device. 1910 template-refresh-timeout 1911 This parameter specifies when templates are refreshed by the 1912 exporting process. This timeout is specified in seconds between 1913 re-sending of templates. If omitted, the default value of 600 1914 seconds (10 minutes) is used [RFC7011]. This parameter 1915 corresponds to ipfixTransportSessionTemplateRefreshTimeout in the 1916 IPFIX MIB module [RFC6615]. 1918 options-template-refresh-timeout 1919 This parameter specifies when options templates are refreshed by 1920 the exporting process. This timeout is specified in seconds 1921 between re-sending of options templates. If omitted, the default 1922 value of 600 seconds (10 minutes) is used [RFC7011]. This 1923 parameter corresponds to 1924 ipfixTransportSessionOptionsTemplateRefreshTimeout in the IPFIX 1925 MIB module [RFC6615]. 1927 template-refresh-packet 1928 This parameter specifies the number of IPFIX messages after which 1929 templates are re-sent. If omitted, the templates are only resent 1930 after timeout. This parameter corresponds to 1931 ipfixTransportSessionTemplateRefreshTimeout in the IPFIX MIB 1932 module [RFC6615]. 1934 options-template-refresh-packet 1935 This parameter specifies the number of IPFIX messages after which 1936 options templates are re-sent. If omitted, the options templates 1937 are only resent after timeout. This parameter corresponds to 1938 ipfixTransportSessionOptionsTemplateRefreshTimeout in the IPFIX 1939 MIB module [RFC6615]. 1941 Note that the values configured for template-refresh-timeout and 1942 options-template-refresh-timeout must be adapted to the template- 1943 lifetime and options-template-lifetime parameter settings at the 1944 receiving collecting process (see Section 4.5.2). 1946 Using the TransportLayerSecurity class described in Section 4.6, DTLS 1947 is enabled and configured for this export destination. The 1948 TransportSession class is specified in Section 4.7. 1950 4.4.3. TCP Exporter Class 1952 The TcpExporter class shown in Figure 19 contains the configuration 1953 parameters of a TCP export destination. The parameters have the same 1954 meaning as in the UdpExporter class (see Section 4.4.2). 1956 Using the TransportLayerSecurity class described in Section 4.6, 1957 Transport Layer Security (TLS) is enabled and configured for this 1958 export destination. 1960 The TransportSession class is specified in Section 4.7. 1962 +--:(tcp-exporter) 1963 +--rw tcp-exporter {tcp-transport}? 1964 +--rw ipfix-version? uint16 1965 +--rw destination-port? 1966 | inet:port-number 1967 +--rw send-buffer-size? uint32 1968 +--rw rate-limit? uint32 1969 +--rw transport-layer-security! 1970 | ... 1971 +--rw source 1972 | +--rw (source-method)? 1973 | +--:(source-address) 1974 | | +--rw source-address? inet:host 1975 | +--:(interface-ref) 1976 | | +--rw interface-ref? if:interface-ref 1977 | +--:(if-index) {if-mib}? 1978 | | +--rw if-index? uint32 1979 | +--:(if-name) {if-mib}? 1980 | +--rw if-name? string 1981 +--rw destination 1982 | +--rw (destination-method) 1983 | +--:(destination-address) 1984 | +--rw destination-address? inet:host 1985 +--ro transport-session 1987 Figure 19: TCP Exporter Class 1989 4.4.4. File Writer Class 1991 If file-writer instance is included in an object of the destination 1992 class, IPFIX messages are written into a file as specified in 1993 [RFC5655]. 1995 +--:(file-writer) 1996 +--rw file-writer {file-writer}? 1997 +--rw ipfix-version? uint16 1998 +--rw file inet:uri 1999 +--ro file-writer-state 2000 +--ro bytes? 2001 | yang:counter64 2002 +--ro messages? 2003 | yang:counter64 2004 +--ro discarded-messages? 2005 | yang:counter64 2006 +--ro records? 2007 | yang:counter64 2008 +--ro templates? 2009 | yang:counter32 2010 +--ro options-templates? 2011 | yang:counter32 2012 +--ro file-writer-discontinuity-time? 2013 | yang:date-and-time 2014 +--ro template* [] 2015 +--ro observation-domain-id? uint32 2016 +--ro template-id? uint16 2017 +--ro set-id? uint16 2018 +--ro access-time? 2019 | yang:date-and-time 2020 +--ro template-data-records? 2021 | yang:counter64 2022 +--ro template-discontinuity-time? 2023 | yang:date-and-time 2024 +--ro field* [] 2025 +--ro ie-id? ie-id-type 2026 +--ro ie-length? uint16 2027 +--ro ie-enterprise-number? uint32 2028 +--ro is-flow-key? empty 2029 +--ro is-scope? empty 2031 Figure 20: File Writer Class 2033 The FileWriter class contains the following configuration parameters: 2035 ipfix-version 2036 Version number of the IPFIX protocol used. If omitted, the 2037 default value is 10 (=0x000a) as specified in [RFC7011]. 2039 file 2040 File name and location specified as URI. 2042 The state parameters of the FileWriter class are: 2044 bytes, messages, records, templates, options-templates 2045 The number of bytes, IPFIX messages, data records, template 2046 records, and options template records written by the file writer. 2047 Discontinuities in the values of these counters can occur at re- 2048 initialization of the management system, and at other times as 2049 indicated by the value of file-writer-discontinuity-time. 2051 discarded-messages 2052 The number of IPFIX messages that could not be written by the file 2053 writer due to internal buffer overflows, limited storage capacity, 2054 etc. Discontinuities in the value of this counter can occur at 2055 re-initialization of the management system, and at other times as 2056 indicated by the value of file-writer-discontinuity-time. 2058 file-writer-discontinuity-time 2059 Timestamp of the most recent occasion at which one or more file 2060 writer counters suffered a discontinuity. The time is absolute 2061 and not relative to sysUpTime. 2063 Each FileWriter class instance includes statistics about the 2064 templates written to the file. The Template class is specified in 2065 Section 4.8. 2067 4.4.5. Options Class 2069 The Options class in Figure 21 defines the type of specific 2070 information to be reported, such as statistics, flow keys, sampling 2071 and filtering parameters, etc. [RFC7011] and [RFC5476] specify 2072 several types of reporting information that may be exported. 2074 +--rw options* [name] 2075 +--rw name name-type 2076 +--rw options-type identityref 2077 +--rw options-timeout? uint32 2079 Figure 21: Options Class 2081 The following parameter values are specified by the configuration 2082 data model: 2084 metering-statistics 2085 Export of metering process statistics using the metering process 2086 statistics options template [RFC7011]. 2088 metering-reliability 2089 Export of metering process reliability statistics using the 2090 metering process reliability statistics options template 2091 [RFC7011]. 2093 exporting-reliability 2094 Export of exporting process reliability statistics using the 2095 exporting process reliability statistics options template 2096 [RFC7011]. 2098 flow-keys 2099 Export of the flow key specification using the flow keys options 2100 template [RFC7011]. 2102 selection-sequence 2103 Export of selection sequence report interpretation and selector 2104 report interpretation [RFC5476]. 2106 selection-statistics 2107 Export of selection sequence statistics report interpretation 2108 [RFC5476]. 2110 accuracy 2111 Export of accuracy report interpretation [RFC5476]. 2113 reducing-redundancy 2114 Enables the utilization of options templates to reduce redundancy 2115 in the exported data records according to [RFC5473]. The 2116 exporting process decides when to apply these options templates. 2118 extended-type-information 2119 Export of extended type information for enterprise-specific 2120 information elements used in the exported templates [RFC5610]. 2122 The exporting process must choose a template definition according to 2123 the options type and available options data. The options-timeout 2124 parameter specifies the reporting interval (in milliseconds) for 2125 periodic export of the option data. A parameter value of zero means 2126 that the export of the option data is not triggered periodically, but 2127 whenever the available option data has changed. this is the typical 2128 setting for options types flow-keys, selection-sequence, accuracy, 2129 and reducing-redundancy. If options-timeout is not configured by the 2130 user, it is set by the monitoring device. 2132 4.5. Collecting Process Class 2134 Figure 22 shows the CollectingProcess class that contains the 2135 configuration and state parameters of a collecting process. The 2136 sctp-collector, udp-collector, and TcpCollector classes specify how 2137 IPFIX messages are received from remote exporters. The collecting 2138 process can also be configured as a file reader using the FileReader 2139 class. These classes are described in Section 4.5.1, Section 4.5.2, 2140 Section 4.5.3, and Section 4.5.4. 2142 A collecting-process instance may refer to one or more exporting- 2143 process instances configuring exporting processes that export the 2144 received data without modifications to a file or to another remote 2145 collector. 2147 +--rw collecting-process* [name] {collector}? 2148 +--rw name name-type 2149 +--rw tcp-collector* [name] {tcp-transport}? 2150 ... 2151 +--rw udp-collector* [name] {udp-transport}? 2152 ... 2153 +--rw sctp-collector* [name] {sctp-transport}? 2154 ... 2155 +--rw file-reader* [name] {file-reader}? 2156 ... 2157 +--rw exporting-process* -> /ipfix/exporting-process/name 2158 {exporter}? 2160 Figure 22: Collecting Process Class 2162 4.5.1. SCTP Collector Class 2164 The SctpCollector class contains the configuration parameters of a 2165 listening SCTP socket at a collecting process. 2167 +--rw sctp-collector* [name] {sctp-transport}? 2168 +--rw name name-type 2169 +--rw local-port? inet:port-number 2170 | +--rw transport-layer-security! 2171 | | ... 2172 +--rw (local-address-method)? 2173 | +--:(local-address) 2174 | +--rw local-address* inet:host 2175 +--ro transport-session* [name] 2176 ... 2178 Figure 23: SCTP Collector Class 2180 The parameters are: 2182 local-ip-address 2183 List of local IP addresses on which the collecting process listens 2184 for IPFIX messages. The IP addresses are used as eligible local 2185 IP addresses of the multihomed SCTP endpoint [RFC4960]. IF 2186 omitted, the collecting process listens on all local IP addresses. 2188 local-port 2189 Local port number on which the collecting process listens for 2190 IPFIX messages. If omitted, standard port 4739 (IPFIX without TLS 2191 and DTLS) or 4740 (IPFIX over TLS or DTLS) is used. 2193 Using the TransportLayerSecurity class described in Section 4.6, DTLS 2194 is enabled and configured for this receiving socket. 2196 The TransportSession class is specified in Section 4.7. 2198 4.5.2. UDP Collector Class 2200 The UdpCollector class shown in Figure 24 contains the configuration 2201 parameters of a listening UDP socket at a collecting process. The 2202 parameter local-port has the same meaning as in the SctpCollector 2203 class (see Section 4.5.1). 2205 +--rw udp-collector* [name] {udp-transport}? 2206 +--rw name name-type 2207 +--rw local-port? inet:port-number 2208 +--rw transport-layer-security! 2209 | ... 2210 +--rw (local-address-method)? 2211 | +--:(local-address) 2212 | +--rw local-address* inet:host 2213 +--rw template-life-time? uint32 2214 +--rw options-template-life-time? uint32 2215 +--rw template-life-packet? uint32 2216 +--rw options-template-life-packet? uint32 2217 +--ro transport-session* [name] 2218 ... 2220 Figure 24: UDP Collector Class 2222 The remaining parameters are: 2224 local-ip-address 2225 List of local IP addresses on which the collecting process listens 2226 for IPFIX messages. If omitted, the collecting process listens on 2227 all local IP addresses. 2229 template-life-time, options-template-life-time 2230 (options) template lifetime in seconds for all UDP transport 2231 sessions terminating at this UDP socket. (options) templates that 2232 are not received again within the configured lifetime become 2233 invalid at the collecting process. As specified in [RFC7011], 2234 section 10.3.7, the lifetime of templates and options templates 2235 must be at least three times higher than the template-refresh- 2236 timeout and option-templates-refresh-timeout parameter values 2237 configured on the corresponding exporting processes. If not 2238 configured, the default value 1800 is used, which is three times 2239 the default (options) template refresh timeout (see Section 4.4.2) 2240 as specified in [RFC7011]. Note that these parameters correspond 2241 to ipfixTransportSessionTemplateRefreshTimeout and 2242 ipfixTransportSessionOptionsTemplateRefreshTimeout in the IPFIX 2243 MIB module [RFC6615]. 2245 template-life-packet, options-template-life-packet 2246 If template-life-packet is configured, templates defined in a UDP 2247 transport session become invalid if they are neither included in a 2248 sequence of more than this number of IPFIX messages nor received 2249 again within the period of time specified by template-lifetime. 2250 Similarly, if options-template-life-packet is configured, options 2251 templates become invalid if they are neither included in a 2252 sequence of more than this number of IPFIX messages nor received 2253 again within the period of time specified by options-template- 2254 lifetime. If not configured, templates and options templates only 2255 become invalid according to the lifetimes specified by template- 2256 lifetime and options-template-lifetime, respectively. Note that 2257 these parameters correspond to 2258 ipfixTransportSessionTemplateRefreshPacket and 2259 ipfixTransportSessionOptionsTemplateRefreshPacket in the IPFIX MIB 2260 module [RFC6615]. 2262 Using the TransportLayerSecurity class described in Section 4.6, DTLS 2263 is enabled and configured for this receiving socket. 2265 The TransportSession class is specified in Section 4.7. 2267 4.5.3. TCP Collector Class 2269 The TcpCollector class contains the configuration parameters of a 2270 listening TCP socket at a collecting process. The parameters have 2271 the same meaning as in the UdpCollector class (Section 4.5.2). 2273 Using the TransportLayerSecurity class described in Section 4.6, TLS 2274 is enabled and configured for this receiving socket. 2276 The TransportSession class is specified in Section 4.7. 2278 +--rw tcp-collector* [name] {tcp-transport}? 2279 +--rw name name-type 2280 +--rw local-port? inet:port-number 2281 +--rw transport-layer-security! 2282 | ... 2283 +--rw (local-address-method)? 2284 | +--:(local-address) 2285 | +--rw local-address* inet:host 2286 +--ro transport-session* [name] 2287 ... 2289 Figure 25: TCP Collector Class 2291 4.5.4. File Reader Class 2293 Figure 26 shows the FileReader class via which the collecting process 2294 may import IPFIX messages from a file as specified in [RFC5655]. 2296 +--rw file-reader* [name] {file-reader}? 2297 +--rw name name-type 2298 +--rw file inet:uri 2299 +--ro file-reader-state 2300 +--ro bytes? yang:counter64 2301 +--ro messages? yang:counter64 2302 +--ro records? yang:counter64 2303 +--ro templates? yang:counter32 2304 +--ro options-templates? yang:counter32 2305 +--ro file-reader-discontinuity-time? 2306 | yang:date-and-time 2307 +--ro template* [] 2308 ... 2310 Figure 26: File Reader Class 2312 The FileReader class defines the following configuration parameter: 2314 file 2315 File name and location specified as URI. 2317 The state parameters of the FileReader class are: 2319 bytes, messages, records, templates, options-templates 2320 The number of bytes, IPFIX messages, data records, template 2321 records, and options template records read by the file reader. 2322 Discontinuities in the values of these counters can occur at re- 2323 initialization of the management system, and at other times as 2324 indicated by the value of file-reader-discontinuity-time. 2326 file-reader-discontinuity-time 2327 Timestamp of the most recent occasion at which one or more file 2328 reader counters suffered a discontinuity. The time is absolute 2329 and not relative to sysUpTime. 2331 The FileReader class includes information about the Template class 2332 and statistics. The Template class is specified in Section 4.8. 2334 4.6. Transport Layer Security Class 2336 Figure 27 shows the TransportLayerSecurity class which is used in the 2337 exporting process's sctp-exporter, udp-exporter, and TcpExporter 2338 classes, and the collecting process's SctpCollector, UdpCollector, 2339 and TcpCollector classes to enable and configure TLS/DTLS for IPFIX. 2340 If TLS/DTLS is enabled, the endpoint must use DTLS [RFC6347] if the 2341 transport protocol is SCTP or UDP and TLS [RFC8446] if the transport 2342 protocol is TCP. 2344 [RFC7011] mandates strong mutual authentication of exporting 2345 processes and collecting process as follows. IPFIX exporting 2346 processes and IPFIX collecting processes are identified by the fully 2347 qualified domain name (FQDN) of the interface on which IPFIX messages 2348 are sent or received, for purposes of X.509 client and server 2349 certificates as in [RFC5280]. To prevent man-in-the-middle attacks 2350 from impostor exporting or collecting processes, the acceptance of 2351 data from an unauthorized exporting process, or the export of data to 2352 an unauthorized collecting process, strong mutual authentication via 2353 asymmetric keys must be used for both TLS and DTLS. Each of the 2354 IPFIX exporting and collecting processes must verify the identity of 2355 its peer against its authorized certificates, and must verify that 2356 the peer's certificate matches its fully qualified domain name, or, 2357 in the case of SCTP, the fully qualified domain name of one of its 2358 endpoints. 2360 The fully qualified domain name used to identify an IPFIX collecting 2361 process or exporting process may be stored either in a subjectaltname 2362 extension of type dnsname, or in the most specific common name field 2363 of the subject field of the x.509 certificate. If both are present, 2364 the subjectaltname extension is given preference. 2366 In order to use TLS/DTLS, appropriate certificates and keys have to 2367 be previously installed on the monitoring devices. For security 2368 reasons, the configuration data model does not offer the possibility 2369 to upload any certificates or keys on a monitoring device. If TLS/ 2370 DTLS is enabled on a monitoring device that does not dispose of 2371 appropriate certificates and keys, the configuration must be rejected 2372 with an error. 2374 The configuration data model allows restricting the authorization of 2375 remote endpoints to certificates issued by specific certification 2376 authorities or identifying specific fqdns for authorization. 2377 Furthermore, the configuration data model allows restricting the 2378 utilization of certificates identifying the local endpoint. This is 2379 useful if the monitoring device disposes of more than one certificate 2380 for the given local endpoint. 2382 +--rw transport-layer-security! 2383 +--rw local-certification-authority-dn* string 2384 +--rw local-subject-dn* string 2385 +--rw local-subject-fqdn* inet:domain-name 2386 +--rw remote-certification-authority-dn* string 2387 +--rw remote-subject-dn* string 2388 +--rw remote-subject-fqdn* inet:domain-name 2390 Figure 27: Transport Layer Security Class 2392 The configuration parameters are defined as follows: 2394 local-certification-authority-dn 2395 This parameter may appear one or more times to restrict the 2396 identification of the local endpoint during the tls/dtls handshake 2397 to certificates issued by the configured certification 2398 authorities. each occurrence of this parameter contains the 2399 distinguished name of one certification authority. To identify 2400 the local endpoint, the exporting process or collecting process 2401 must use a certificate issued by one of the configured 2402 certification authorities. Certificates issued by any other 2403 certification authority must not be sent to the remote peer during 2404 TLS/DTLS handshake. If none of the certificates installed on the 2405 monitoring device fulfills the specified restrictions, the 2406 configuration must be rejected with an error. If local- 2407 certification-authority-dn is not configured, the choice of 2408 certificates identifying the local endpoint is not restricted with 2409 respect to the issuing certification authority. 2411 local-subject-dn, local-subject-fqdn 2412 Each of these parameters may appear one or more times to restrict 2413 the identification of the local endpoint during the TLS/DTLS 2414 handshake to certificates issued for specific subjects or for 2415 specific FQDNs. Each occurrence of local-subject-dn contains a 2416 distinguished name identifying the local endpoint. Each 2417 occurrence of local-subject-fqdn contains a FQDN which is assigned 2418 to the local endpoint. To identify the local endpoint, the 2419 exporting process or collecting process must use a certificate 2420 that contains either one of the configured distinguished names in 2421 the subject field or at least one of the configured FQDNs in a 2422 dnsname component of the subject alternative extension field or in 2423 the most specific commonname component of the subject field. If 2424 none of the certificates installed on the monitoring device 2425 fulfills the specified restrictions, the configuration must be 2426 rejected with an error. If any of the parameters local-subject-dn 2427 and local-subject-fqdn is configured at the same time as the 2428 local-certification-authority-dn parameter, certificates must also 2429 fulfill the specified restrictions regarding the certification 2430 authority. If local-subject-dn and local-subject-fqdn are not 2431 configured, the choice of certificates identifying the local 2432 endpoint is not restricted with respect to the subject's 2433 distinguished name or FQDN. 2435 remote-certification-authority-dn 2436 This parameter may appear one or more times to restrict the 2437 authentication of remote endpoints during the TLS/DTLS handshake 2438 to certificates issued by the configured certification 2439 authorities. Each occurrence of this parameter contains the 2440 distinguished name of one certification authority. To 2441 authenticate the remote endpoint, the remote exporting process or 2442 collecting process must provide a certificate issued by one of the 2443 configured certification authorities. Certificates issued by any 2444 other certification authority must be rejected during TLS/DTLS 2445 handshake. If the monitoring device is not able to validate 2446 certificates issued by the configured certification authorities 2447 (e.g., because of missing public keys), the configuration must be 2448 rejected with an error. If remote-certification-authority-dn is 2449 not configured, the authorization of remote endpoints is not 2450 restricted with respect to the issuing certification authority of 2451 the delivered certificate. 2453 remote-subject-dn, remote-subject-fqdn 2454 Each of these parameters may appear one or more times to restrict 2455 the authentication of remote endpoints during the TLS/DTLS 2456 handshake to certificates issued for specific subjects or for 2457 specific FQDNs. Each occurrence of remote-subject-dn contains a 2458 distinguished name identifying a remote endpoint. Each occurrence 2459 of remote-subject-fqdn contains a FQDN that is assigned to a 2460 remote endpoint. To authenticate a remote endpoint, the remote 2461 exporting process or collecting process must provide a certificate 2462 that contains either one of the configured distinguished names in 2463 the subject field or at least one of the configured FQDNs in a 2464 dnsname component of the subject alternative extension field or in 2465 the most specific common name component of the subject field. 2466 Certificates not fulfilling this condition must be rejected during 2467 TLS/DTLS handshake. If any of the parameters remote-subject-dn 2468 and remote-subject-fqdn is configured at the same time as the 2469 remote-certification-authority-dn parameter, certificates must 2470 also fulfill the specified restrictions regarding the 2471 certification authority in order to be accepted. If remote- 2472 subject-dn and remote-subject-FQDN are not configured, the 2473 authorization of remote endpoints is not restricted with respect 2474 to the subject's distinguished name or FQDN of the delivered 2475 certificate. 2477 4.7. Transport Session Class 2479 The TransportSession class contains state data about transport 2480 sessions originating from an exporting process or terminating at a 2481 collecting process. If SCTP is the transport protocol, the exporter 2482 or collector may be multihomed SCTP endpoints (see [RFC4960], 2483 Section 6.4), in which case more than one IP address will be used. 2485 The following attributes are supported: 2487 ipfix-version 2488 Used for exporting processes, this parameter contains the version 2489 number of the IPFIX protocol that the exporter uses to export its 2490 data in this transport session. Hence, it is identical to the 2491 value of the configuration parameter ipfix-version of the sctp- 2492 exporter, udp-exporter, or tcp-exporter object. When used for 2493 collecting processes, this parameter contains the version-number 2494 of the IPFIX protocol it receives for this transport session. If 2495 IPFIX messages of different IPFIX protocol versions are received, 2496 this parameter contains the maximum version number. This state 2497 parameter is identical to ipfixTransportSessionIpfixVersion in the 2498 IPFIX MIB module [RFC6615]. 2500 source-address, destination-address 2501 If TCP or UDP is the transport protocol, source-address contains 2502 the IP address of the exporter, and destination-address contains 2503 the IP addresses of the collector. Hence, the two parameters have 2504 identical values as ipfixTransportSessionSourceAddress and 2505 ipfixTransportSessionDestinationAddress in the IPFIX MIB module 2506 [RFC6615]. if SCTP is the transport protocol, source-address 2507 contains one of the IP addresses of the exporter and destination- 2508 address one of the IP addresses of the collector. Preferably, the 2509 IP addresses of the path that is usually selected by the exporter 2510 to send IPFIX messages to the collector should be contained. 2512 source-port, destination-port 2513 These state parameters contain the transport-protocol port numbers 2514 of the exporter and the collector of the transport session and 2515 thus are identical to ipfixTransportSessionSourcePort and 2516 ipfixTransportSessionDestinationPort in the IPFIX MIB module 2517 [RFC6615]. 2519 sctp-assoc-id 2520 The association id used for the SCTP session between the exporter 2521 and the collector of the transport session. It is equal to the 2522 sctpassocid entry in the SctpAssocTable defined in the SCTP-MIB 2523 [RFC3871]. This parameter is only available if the transport 2524 protocol is SCTP and if an SNMP agent on the same monitoring 2525 device enables access to the corresponding MIB objects in the 2526 SctpAssocTable. This state parameter is identical to 2527 ipfixTransportSessionSctpAssocId in the IPFIX MIB module 2528 [RFC6615]. 2530 status 2531 Status of the transport session, which can be one of the 2532 following: 2534 * inactive: transport session is established, but no IPFIX 2535 messages are currently transferred (e.g., because this is a 2536 backup (secondary) session) 2538 * active: transport session is established and transfers IPFIX 2539 messages 2541 * unknown: transport session status cannot be determined; this 2542 state parameter is identical to ipfixTransportSessionStatus in 2543 the IPFIX MIB module [RFC6615] 2545 rate 2546 The number of bytes per second transmitted by the exporting 2547 process or received by the collecting process. This parameter is 2548 updated every second. This state parameter is identical to 2549 ipfixtransportsessionrate in the IPFIX MIB module [RFC6615]. 2551 bytes, messages, records, templates, options-templates 2552 The number of bytes, IPFIX messages, data records, template 2553 records, and options template records transmitted by the exporting 2554 process or received by the collecting process. Discontinuities in 2555 the values of these counters can occur at re-initialization of the 2556 management system, and at other times as indicated by the value of 2557 transport-session-discontinuity-time. 2559 discarded-messages 2560 Used for exporting processes, this parameter indicates the number 2561 of messages that could not be sent due to internal buffer 2562 overflows, network congestion, routing issues, etc. Used for 2563 collecting process, this parameter indicates the number of 2564 received IPFIX messages that are malformed, cannot be decoded, are 2565 received in the wrong order or are missing according to the 2566 sequence number. Discontinuities in the value of this counter can 2567 occur at re-initialization of the management system, and at other 2568 times as indicated by the value of transport-session- 2569 discontinuity-time. 2571 transport-session-start-time 2572 Timestamp of the start of the given transport session. 2574 transport-session-discontinuity-time 2575 Timestamp of the most recent occasion at which one or more of the 2576 transport session counters suffered a discontinuity. The time is 2577 absolute and not relative to sysUpTime. Note that, if used for 2578 exporting processes, the values of the state parameters 2579 destination-address and destination-port match the values of the 2580 configuration parameters destination-ip-address and destination- 2581 port of the sctp-exporter, tcp-exporter, and udp-exporter (in the 2582 case of sctp-exporter, one of the configured destination-ip- 2583 address values); if the transport protocol is UDP or SCTP and if 2584 the parameter source-ip-address is configured in the udp-exporter 2585 or sctp-exporter object, the value of source-address equals the 2586 configured value or one of the configured values. Used for 2587 collecting processes, the value of destination-address equals the 2588 value (or one of the values) of the parameter local-ip-address if 2589 this parameter is configured in the udp-collector, tcp-collector, 2590 or sctp-collector; destination-port equals the value of the 2591 configuration parameter local-port. 2593 The TransportSession class includes Template class information and 2594 statistics about the templates transmitted or received on the given 2595 transport session. The Template class is specified in Section 4.8. 2597 +--ro transport-session* [name] 2598 +--ro name name-type 2599 +--ro ipfix-version? uint16 2600 +--ro source-address? inet:host 2601 +--ro destination-address? inet:host 2602 +--ro source-port? 2603 | inet:port-number 2604 +--ro destination-port? 2605 | inet:port-number 2606 +--ro status? 2607 | transport-session-status 2608 +--ro rate? 2609 | yang:gauge32 2610 +--ro bytes? 2611 | yang:counter64 2612 +--ro messages? 2613 | yang:counter64 2614 +--ro discarded-messages? 2615 | yang:counter64 2616 +--ro records? 2617 | yang:counter64 2618 +--ro templates? 2619 | yang:counter32 2620 +--ro options-templates? 2621 | yang:counter32 2622 +--ro transport-session-start-time? 2623 | yang:date-and-time 2624 +--ro transport-session-discontinuity-time? 2625 | yang:date-and-time 2626 +--ro template* [] 2627 ... 2629 Figure 28: Transport Session Class 2631 4.8. Template Class 2633 Figure 29 shows the Template class which contains state data about 2634 templates used by an exporting process or received by a collecting 2635 process in a specific transport session. The field class defines one 2636 field of the template. 2638 +--ro template* [] 2639 +--ro observation-domain-id? uint32 2640 +--ro template-id? uint16 2641 +--ro set-id? uint16 2642 +--ro access-time? yang:date-and-time 2643 +--ro template-data-records? yang:counter64 2644 +--ro template-discontinuity-time? yang:date-and-time 2645 +--ro field* [] 2646 +--ro ie-id? ie-id-type 2647 +--ro ie-length? uint16 2648 +--ro ie-enterprise-number? uint32 2649 +--ro is-flow-key? empty 2650 +--ro is-scope? empty 2652 Figure 29: Template Class 2654 The names and semantics of the state parameters correspond to the 2655 managed objects in the ipfixTemplateTable, 2656 ipfixTemplateDefinitionTable, and ipfixTemplateStatsTable of the 2657 IPFIX MIB module [RFC6615]: 2659 observation-domain-id 2660 The identifier of the observation domain for which this template 2661 is defined. 2663 template-id 2664 This number indicates the template identifier in the IPFIX 2665 Message. 2667 set-id 2668 This number indicates the set identifier of this template. 2669 Currently, there are two values defined [RFC7011]. The value 2 is 2670 used for sets containing template definitions. The value 3 is 2671 used for sets containing options template definitions. 2673 access-time 2674 Used for exporting processes, this parameter contains the time 2675 when this (Options) Template was last sent to the Collector or 2676 written to the file. Used for Collecting Processes, this 2677 parameter contains the time when this (Options) Template was last 2678 received from the Exporter or read from the file. 2680 template-data-records 2681 The number of transmitted or received data records defined by this 2682 (options) template since the point in time indicated by template- 2683 definition-time. 2685 template-discontinuity-time 2686 Timestamp of the most recent occasion at which the counter 2687 template-data-records suffered a discontinuity. The time is 2688 absolute and not relative to sysUpTime. 2690 ie-id, ie-length, ie-enterprise-number 2691 Information Element identifier, length, and enterprise number of a 2692 field in the template. If this is not an enterprise-specific 2693 Information Element, ie-enterprise-number is zero. These state 2694 parameters are identical to ipfixTemplateDefinitionIeId, 2695 ipfixTemplateDefinitionIeLength, and 2696 ipfixTemplateDefinitionIeEnterpriseNumber in the IPFIX MIB module 2697 [RFC6615]. 2699 is-flow-key 2700 If this state parameter is present, this is a flow key field. 2701 This parameter is only available for non-Options Templates (i.e., 2702 if setId is 2). 2704 is-scope 2705 If this state parameter is present, this is a scope field. This 2706 parameter is only available for options templates (i.e., if setId 2707 is 3). 2709 4.9. Bulk Data Class 2711 The BulkDataProcess class in Figure 30 specifies the bulk data 2712 template to be applied to resource or set of resources and provides 2713 state information about the template records. 2715 +--rw bulk-data-export 2716 +--rw template* [name] 2717 +--rw name ietf-ipfix:name-type 2718 +--rw enabled? boolean 2719 +--rw export-interval? uint32 2720 +--rw observation-domain-id? uint32 2721 +--rw field-layout 2722 | +--rw field* [name] 2723 | +--rw name ietf-ipfix:name-type 2724 | +--rw (identifier) 2725 | | +--:(ie-id) 2726 | | +--rw ie-id? ietf-ipfix:ie-id-type 2727 | +--rw ie-length? uint16 2728 | +--rw ie-enterprise-number? uint32 2729 +--rw exporting-process* 2730 | -> /ietf-ipfix:ipfix/exporting-process/name 2731 | {ietf-ipfix:exporter}? 2732 +--rw resource* resource 2733 +--ro data-records? yang:counter64 2734 +--ro discontinuity-time? yang:date-and-time 2736 Figure 30: Bulk Data Class 2738 The following attributes are supported: 2740 enabled 2741 Enables the template so that specified data may be exported. The 2742 default is "enabled". 2744 export-interval 2745 The interval (in seconds) for periodical export of data records. 2747 observation-domain-id 2748 The Observation Domain that is locally unique to an Exporting 2749 Process 2751 field-layout 2752 The IPFIX template to be applied to the resource. The following 2753 attributes are configurable: 2755 * ie-id: Identifies the Information Element identifier. 2757 * ie-enterprise-id: Identifies the enterprise identifier of the 2758 Information Element. If 0, the enterprise ID is an IANA based 2759 Information Element. 2761 * ie-length: Identifies the length of the Information Element. 2763 A bulk data instance may refer to: 2765 o one or more exporting-process instances 2767 o one or more resource instances (e.g., different interface 2768 instances on a line card) 2770 The following state information is available; 2772 data-records 2773 Reports the number of data records generated for this bulk data 2774 template. 2776 discontinuity-time 2777 Timestamp of the most recent occasion at which the counter data 2778 records suffered a discontinuity. 2780 5. Adaptation to Device Capabilities 2782 The configuration data model standardizes a superset of common IPFIX 2783 and PSAMP configuration parameters. A typical monitoring device 2784 implementation will not support the entire range of possible 2785 configurations. Certain functions may not be supported, such as the 2786 collecting process that does not exist on a monitoring device that is 2787 conceived as exporter only. The configuration of other functions may 2788 be subject to resource limitations or functional restrictions. For 2789 example, the cache size is typically limited according to the 2790 available memory on the device. It is also possible that a 2791 monitoring device implementation requires the configuration of 2792 additional parameters that are not part of the configuration data 2793 model in order to function properly. 2795 The configuration data model for IPFIX and PSAMP covers the 2796 configuration of Exporters, Collectors, and devices that may act as 2797 both. As Exporters and Collectors implement different functions, the 2798 corresponding portions of the model are conditional on the following 2799 features: 2801 exporter 2802 If this feature is supported, Exporting Processes can be 2803 configured. 2805 collector 2806 If this feature is supported, Collecting Processes can be 2807 configured. 2809 Exporters do not necessarily implement any Selection Processes, 2810 Caches, or even Observation Points in particular cases. Therefore, 2811 the corresponding portions of the model are conditional on the 2812 following feature: 2814 Additional features refer to different PSAMP Sampling and Filtering 2815 methods as well as to the supported types of Caches: 2817 psamp-samp-count-based 2818 If this feature is supported, Sampling method samp-count-based can 2819 be configured. 2821 psamp-samp-time-based 2822 If this feature is supported, Sampling method samp-time-based can 2823 be configured. 2825 psamp-samp-rand-out-of-n 2826 If this feature is supported, Sampling method samp-rand-out-of-n 2827 can be configured. 2829 psamp-samp-uni-prob 2830 If this feature is supported, Sampling method samp-uni-prob can be 2831 configured. 2833 psampfilter-match 2834 If this feature is supported, Filtering method filter-match can be 2835 configured. 2837 psamp-filter-hash 2838 If this feature is supported, Filtering method filter-hash can be 2839 configured. 2841 immediate-cache 2842 If this feature is supported, a Cache generating PSAMP Packet 2843 Reports can be configured using the Immediate Cache class. 2845 timeout-cache 2846 If this feature is supported, a Cache generating IPFIX Flow 2847 Records can be configured using the Timeout Cache class. 2849 natural-cache 2850 If this feature is supported, a Cache generating IPFIX Flow 2851 Records can be configured using the Natural Cache class. 2853 permanent-cache 2854 If this feature is supported, a Cache generating IPFIX Flow 2855 Records can be configured using the Permanent Cache class. 2857 The following features concern the support of UDP and TCP as 2858 transport protocols and the support of File Readers and File Writers: 2860 sctp-transport 2861 If this feature is supported, SCTP can be used as transport 2862 protocol by Exporting Processes and Collecting Processes. 2864 udp-transport 2865 If this feature is supported, UDP can be used as transport 2866 protocol by Exporting Processes and Collecting Processes. 2868 tcp-transport 2869 If this feature is supported, TCP can be used as transport 2870 protocol by Exporting Processes and Collecting Processes. 2872 file-reader 2873 If this feature is supported, File Readers can be configured as 2874 part of Collecting Processes. 2876 file-writer 2877 If this feature is supported, File Writers can be configured as 2878 part of Exporting Processes. 2880 6. YANG Modules 2882 This document defines three YANG modules: 2884 ietf-ipfix 2885 Defines the IPFIX collector and exporter functions. 2887 ietf-ipfix-packet-sampling 2888 Defines the PSAMP functions for configuring a device to sample/ 2889 meter a subset of packets from the network. 2891 ietf-ipfix-bulk-data-export 2892 Defines the bulk data IPFIX templates used to export bulk data. 2894 6.1. ietf-ipfix 2896 6.1.1. ietf-ipfix Module Structure 2898 This document defines the YANG module "ietf-ipfix", which has the 2899 following structure: 2901 module: ietf-ipfix 2902 +--rw ipfix 2903 +--rw collecting-process* [name] {collector}? 2904 | +--rw name name-type 2905 | +--rw tcp-collector* [name] {tcp-transport}? 2906 | | ... 2907 | +--rw udp-collector* [name] {udp-transport}? 2908 | | ... 2909 | +--rw sctp-collector* [name] {sctp-transport}? 2910 | | ... 2911 | +--rw file-reader* [name] {file-reader}? 2912 | | ... 2913 | +--rw exporting-process* -> /ipfix/exporting-process/name 2914 | {exporter}? 2915 +--rw exporting-process* [name] {exporter}? 2916 +--rw name name-type 2917 +--rw enabled? boolean 2918 +--rw export-mode? identityref 2919 +--rw destination* [name] 2920 | ... 2921 +--rw options* [name] 2922 | ... 2923 +--ro exporting-process-id? uint32 2925 6.1.2. ietf-ipfix YANG Module 2927 This YANG Module imports typedefs from [RFC6991]. 2929 file "ietf-ipfix@2018-10-22.yang" 2931 module ietf-ipfix { 2932 yang-version 1.1; 2934 namespace "urn:ietf:params:xml:ns:yang:ietf-ipfix"; 2936 prefix ietf-ipfix; 2938 import ietf-inet-types { 2939 prefix inet; 2940 reference 2941 "RFC 6991: Common YANG Data Types"; 2942 } 2944 import ietf-yang-types { 2945 prefix yang; 2946 reference 2947 "RFC 6991: Common YANG Data Types"; 2948 } 2949 import ietf-interfaces { 2950 prefix if; 2951 reference 2952 "RFC 8343: A YANG Model for Interface Management"; 2953 } 2955 organization 2956 "IETF"; 2958 contact 2959 "Web: TBD 2960 List: TBD 2962 Editor: Joey Boyd 2963 2965 Editor: Marta Seda 2966 "; 2968 // RFC Ed.: replace XXXX with actual RFC numbers and 2969 // remove this note. 2971 description 2972 "This module contains a collection of YANG definitions for the 2973 management of IP Flow Information Export (IPFIX). 2975 This data model is designed for the Network Management Datastore 2976 Architecture defined in RFC 8342. 2978 The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL 2979 NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', 2980 'MAY', and 'OPTIONAL' in this document are to be interpreted as 2981 described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, 2982 they appear in all capitals, as shown here. 2984 Copyright (c) 2019 IETF Trust and the persons identified as 2985 authors of the code. All rights reserved. 2987 Redistribution and use in source and binary forms, with or 2988 without modification, is permitted pursuant to, and subject to 2989 the license terms contained in, the Simplified BSD License set 2990 forth in Section 4.c of the IETF Trust's Legal Provisions 2991 Relating to IETF Documents 2992 (https://trustee.ietf.org/license-info). 2994 This version of this YANG module is part of RFC XXXX 2995 (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself 2996 for full legal notices."; 2998 revision 2020-03-05 { 2999 description 3000 "Initial revision."; 3001 reference 3002 "RFC XXXX: YANG Data Models for the IP Flow Information Export 3003 (IPFIX) Protocol, Packet Sampling (PSAMP) Protocol, 3004 and Bulk Data Export"; 3005 } 3007 feature exporter { 3008 description 3009 "If supported, the Monitoring Device can be used as 3010 an Exporter. Exporting Processes can be configured."; 3011 } 3013 feature collector { 3014 description 3015 "If supported, the Monitoring Device can be used as 3016 a Collector. Collecting Processes can be configured."; 3017 } 3019 feature tcp-transport { 3020 description 3021 "If supported, the Monitoring Device supports TCP 3022 as the transport protocol."; 3023 } 3025 feature udp-transport { 3026 description 3027 "If supported, the Monitoring Device supports UDP 3028 as the transport protocol."; 3029 } 3031 feature sctp-transport { 3032 description 3033 "If supported, the Monitoring Device supports SCTP 3034 as the transport protocol."; 3035 } 3037 feature file-reader { 3038 description 3039 "If supported, the Monitoring Device supports the 3040 configuration of Collecting Processes as File Readers."; 3041 } 3043 feature file-writer { 3044 description 3045 "If supported, the Monitoring Device supports the 3046 configuration of Exporting Processes as File Writers."; 3047 } 3049 feature if-mib { 3050 description 3051 "This feature indicates that the device implements 3052 the IF-MIB."; 3053 reference 3054 "RFC 2863: The Interfaces Group MIB"; 3055 } 3057 identity export-mode { 3058 description 3059 "Base identity for different usages of export 3060 destinations configured for an Exporting Process."; 3061 reference 3062 "RFC 6615, Section 8 (ipfixExportMemberType)"; 3063 } 3065 identity parallel { 3066 base export-mode; 3067 description 3068 "Parallel export of Data Records to all destinations configured 3069 for the Exporting Process."; 3070 reference 3071 "RFC 6615, Section 8 (ipfixExportMemberType)"; 3072 } 3074 identity load-balancing { 3075 base export-mode; 3076 description 3077 "Load-balancing between the different destinations 3078 configured for the Exporting Process."; 3079 reference 3080 "RFC 6615, Section 8 (ipfixExportMemberType)"; 3081 } 3083 identity fallback { 3084 base export-mode; 3085 description 3086 "Export to the primary destination (i.e., the first 3087 destination configured for the Exporting Process). If the 3088 export to the primary destination fails, the Exporting Process 3089 tries to export to the secondary destination. If the 3090 secondary destination fails as well, it continues with the 3091 tertiary, etc."; 3092 reference 3093 "RFC 6615, Section 8 (ipfixExportMemberType)"; 3095 } 3097 identity options-type { 3098 description 3099 "Base identity for report types exported with 3100 options templates."; 3101 } 3103 identity metering-statistics { 3104 base options-type; 3105 description 3106 "Metering Process Statistics."; 3107 reference 3108 "RFC 7011, Section 4.1"; 3109 } 3111 identity metering-reliability { 3112 base options-type; 3113 description 3114 "Metering Process Reliability Statistics."; 3115 reference 3116 "RFC 7011, Section 4.2"; 3117 } 3119 identity exporting-reliability { 3120 base options-type; 3121 description 3122 "Exporting Process Reliability Statistics."; 3123 reference 3124 "RFC 7011, Section 4.3"; 3125 } 3127 identity flow-keys { 3128 base options-type; 3129 description 3130 "Flow Keys."; 3131 reference 3132 "RFC 7011, Section 4.4"; 3133 } 3135 identity selection-sequence { 3136 base options-type; 3137 description 3138 "Selection Sequence and Selector Reports."; 3139 reference 3140 "RFC 5476, Sections 6.5.1 and 6.5.2"; 3141 } 3142 identity selection-statistics { 3143 base options-type; 3144 description 3145 "Selection Sequence Statistics Report."; 3146 reference 3147 "RFC 5476, Sections 6.5.3"; 3148 } 3150 identity accuracy { 3151 base options-type; 3152 description 3153 "Accuracy Report."; 3154 reference 3155 "RFC 5476, Section 6.5.4"; 3156 } 3158 identity reducing-redundancy { 3159 base options-type; 3160 description 3161 "Enables the utilization of Options Templates to reduce 3162 redundancy in the exported Data Records."; 3163 reference 3164 "RFC 5473"; 3165 } 3167 identity extended-type-information { 3168 base options-type; 3169 description 3170 "Export of extended type information for enterprise-specific 3171 Information Elements used in the exported Templates."; 3172 reference 3173 "RFC 5610"; 3174 } 3176 typedef ie-name-type { 3177 type string { 3178 length "1..max"; 3179 pattern '\S+'; 3180 } 3181 description 3182 "Type for Information Element names. Whitespaces are not 3183 allowed."; 3184 } 3186 typedef name-type { 3187 type string { 3188 length "1..max"; 3189 pattern '\S(.*\S)?'; 3191 } 3192 description 3193 "Type for 'name' leafs, which are used to identify specific 3194 instances within lists, etc. 3196 Leading and trailing whitespaces are not allowed."; 3197 } 3199 typedef ie-id-type { 3200 type uint16 { 3201 range "1..32767"; 3202 } 3203 description 3204 "Type for Information Element identifiers."; 3205 } 3207 typedef transport-session-status { 3208 type enumeration { 3209 enum "inactive" { 3210 value 0; 3211 description 3212 "This value MUST be used for Transport Sessions that are 3213 specified in the system but currently not active. 3215 The value can be used for Transport Sessions that are 3216 backup (secondary) sessions."; 3217 } 3218 enum "active" { 3219 value 1; 3220 description 3221 "This value MUST be used for Transport Sessions that are 3222 currently active and transmitting or receiving data."; 3223 } 3224 enum "unknown" { 3225 value 2; 3226 description 3227 "This value MUST be used if the status of the Transport 3228 Sessions cannot be detected by the device. 3230 This value should be avoided as far as possible."; 3231 } 3232 } 3233 description 3234 "Status of a Transport Session."; 3235 reference 3236 "RFC 6615, Section 8 (ipfixTransportSessionStatus)"; 3237 } 3238 grouping transport-layer-security-parameters { 3239 description 3240 "TLS or DTLS parameters."; 3242 container transport-layer-security { 3243 presence 3244 "The presence of this container indicates TLS is enabled."; 3245 description 3246 "TLS or DTLS configuration."; 3248 leaf-list local-certification-authority-dn { 3249 type string; 3250 description 3251 "Distinguished names of certification authorities whose 3252 certificates may be used to identify the local endpoint."; 3253 reference 3254 "RFC 5280"; 3255 } 3257 leaf-list local-subject-dn { 3258 type string; 3259 description 3260 "Distinguished names that may be used in the certificates 3261 to identify the local endpoint."; 3262 reference 3263 "RFC 5280."; 3264 } 3266 leaf-list local-subject-fqdn { 3267 type inet:domain-name; 3268 description 3269 "Fully qualified domain names that may be used in the 3270 certificates to identify the local endpoint."; 3271 reference 3272 "RFC 5280"; 3273 } 3275 leaf-list remote-certification-authority-dn { 3276 type string; 3277 description 3278 "Distinguished names of certification authorities whose 3279 certificates are accepted to authorize remote endpoints."; 3280 reference 3281 "RFC 5280"; 3282 } 3284 leaf-list remote-subject-dn { 3285 type string; 3286 description 3287 "Distinguished names which are accepted in certificates to 3288 authorize remote endpoints."; 3289 reference 3290 "RFC 5280"; 3291 } 3293 leaf-list remote-subject-fqdn { 3294 type inet:domain-name; 3295 description 3296 "Fully qualified domain names that are accepted in 3297 certificates to authorize remote endpoints."; 3298 reference 3299 "RFC 5280"; 3300 } 3301 } 3302 } 3304 grouping transport-session-state-parameters { 3305 description 3306 "State parameters of a Transport Session originating from an 3307 Exporting Process or terminating at a Collecting Process. 3308 Parameter names and semantics correspond to the managed 3309 objects in IPFIX-MIB."; 3310 reference 3311 "RFC 7011; RFC 6615, Section 8 (ipfixTransportSessionEntry, 3312 ipfixTransportSessionStatsEntry)"; 3314 leaf ipfix-version { 3315 type uint16; 3316 description 3317 "Used for Exporting Processes, this parameter contains the 3318 version number of the IPFIX protocol that the Exporter uses 3319 to export its data in this Transport Session. 3321 Used for Collecting Processes, this parameter contains the 3322 version number of the IPFIX protocol it receives for this 3323 Transport Session. If IPFIX Messages of different IPFIX 3324 protocol versions are received, this parameter contains the 3325 maximum version number. 3327 Note that this parameter corresponds to 3328 ipfixTransportSessionIpfixVersion in the IPFIX MIB module."; 3329 reference 3330 "RFC 6615, Section 8 3331 (ipfixTransportSessionIpfixVersion)"; 3332 } 3333 leaf source-address { 3334 type inet:host; 3335 description 3336 "The source address of the Exporter of the IPFIX Transport 3337 Session."; 3338 reference 3339 "RFC 6615, Section 8 3340 (ipfixTransportSessionSourceAddressType, 3341 ipfixTransportSessionSourceAddress); 3342 RFC 4960, Section 6.4"; 3343 } 3345 leaf destination-address { 3346 type inet:host; 3347 description 3348 "The destination address of the path that is selected by the 3349 Exporter to send IPFIX messages to the Collector. 3351 In the case of TCP, it is possible that if an FQDN address 3352 is configured it resolves into many addresses. 3354 Note that this parameter functionally corresponds to 3355 ipfixTransportSessionDestinationAddressType and 3356 ipfixTransportSessionDestinationAddress in the IPFIX MIB 3357 module."; 3358 reference 3359 "RFC 6615, Section 8 3360 (ipfixTransportSessionDestinationAddressType, 3361 ipfixTransportSessionDestinationAddress); 3362 RFC 4960, Section 6.4"; 3363 } 3365 leaf source-port { 3366 type inet:port-number; 3367 description 3368 "The transport-protocol port number of the Exporter of the 3369 IPFIX Transport Session. 3371 Note that this parameter corresponds to 3372 ipfixTransportSessionSourcePort in the IPFIX MIB module."; 3373 reference 3374 "RFC 6615, Section 8 3375 (ipfixTransportSessionSourcePort)."; 3376 } 3378 leaf destination-port { 3379 type inet:port-number; 3380 description 3381 "The transport-protocol port number of the Collector of the 3382 IPFIX Transport Session. 3384 Note that this parameter corresponds to 3385 ipfixTransportSessionDestinationPort in the IPFIX MIB 3386 module."; 3387 reference 3388 "RFC 6615, Section 8 3389 (ipfixTransportSessionDestinationPort)"; 3390 } 3392 leaf status { 3393 type transport-session-status; 3394 description 3395 "Status of the Transport Session. 3397 Note that this parameter corresponds to 3398 ipfixTransportSessionStatus in the IPFIX MIB module."; 3399 reference 3400 "RFC 6615, Section 8 (ipfixTransportSessionStatus)"; 3401 } 3403 leaf rate { 3404 type yang:gauge32; 3405 units "bytes per second"; 3406 description 3407 "The number of bytes per second transmitted by the 3408 Exporting Process or received by the Collecting Process. 3409 This parameter is updated every second. 3411 Note that this parameter corresponds to 3412 ipfixTransportSessionRate in the IPFIX MIB module."; 3413 reference 3414 "RFC 6615, Section 8 (ipfixTransportSessionRate)"; 3415 } 3417 leaf bytes { 3418 type yang:counter64; 3419 units "bytes"; 3420 description 3421 "The number of bytes transmitted by the Exporting Process or 3422 received by the Collecting Process. 3424 Discontinuities in the value of this counter can occur at 3425 re-initialization of the management system, and at other 3426 times as indicated by the value of 3427 transport-session-discontinuity-time. 3429 Note that this parameter corresponds to 3430 ipfixTransportSessionBytes in the IPFIX MIB module."; 3431 reference 3432 "RFC 6615, Section 8 (ipfixTransportSessionBytes)"; 3433 } 3435 leaf messages { 3436 type yang:counter64; 3437 units "IPFIX Messages"; 3438 description 3439 "The number of messages transmitted by the Exporting Process 3440 or received by the Collecting Process. 3442 Discontinuities in the value of this counter can occur at 3443 re-initialization of the management system, and at other 3444 times as indicated by the value of 3445 transport-session-discontinuity-time. 3447 Note that this parameter corresponds to 3448 ipfixTransportSessionMessages in the IPFIX MIB module."; 3449 reference 3450 "RFC 6615, Section 8 3451 (ipfixTransportSessionMessages)"; 3452 } 3454 leaf discarded-messages { 3455 type yang:counter64; 3456 units "IPFIX Messages"; 3457 description 3458 "Used for Exporting Processes, this parameter indicates the 3459 number of messages that could not be sent due to internal 3460 buffer overflows, network congestion, routing issues, etc. 3461 Used for Collecting Process, this parameter indicates the 3462 number of received IPFIX Message that are malformed, cannot 3463 be decoded, are received in the wrong order or are missing 3464 according to the sequence number. 3466 Discontinuities in the value of this counter can occur at 3467 re-initialization of the management system, and at other 3468 times as indicated by the value of 3469 transport-session-discontinuity-time. 3471 Note that this parameter corresponds to 3472 ipfixTransportSessionDiscardedMessages in the IPFIX MIB 3473 module."; 3474 reference 3475 "RFC 6615, Section 8 3476 (ipfixTransportSessionDiscardedMessages)"; 3478 } 3480 leaf records { 3481 type yang:counter64; 3482 units "Data Records"; 3483 description 3484 "The number of Data Records transmitted by the Exporting 3485 Process or received by the Collecting Process. 3487 Discontinuities in the value of this counter can occur at 3488 re-initialization of the management system, and at other 3489 times as indicated by the value of 3490 transport-session-discontinuity-time. 3492 Note that this parameter corresponds to 3493 ipfixTransportSessionRecords in the IPFIX MIB module."; 3494 reference 3495 "RFC 6615, Section 8 3496 (ipfixTransportSessionRecords)"; 3497 } 3499 leaf templates { 3500 type yang:counter32; 3501 units "Templates"; 3502 description 3503 "The number of Templates transmitted by the Exporting Process 3504 or received by the Collecting Process. 3506 Discontinuities in the value of this counter can occur at 3507 re-initialization of the management system, and at other 3508 times as indicated by the value of 3509 transport-session-discontinuity-time. 3511 Note that this parameter corresponds to 3512 ipfixTransportSessionTemplates in the IPFIX MIB module."; 3513 reference 3514 "RFC 6615, Section 8 3515 (ipfixTransportSessionTemplates)"; 3516 } 3518 leaf options-templates { 3519 type yang:counter32; 3520 units "Options Templates"; 3521 description 3522 "The number of Option Templates transmitted by the Exporting 3523 Process or received by the Collecting Process. 3525 Discontinuities in the value of this counter can occur at 3526 re-initialization of the management system, and at other 3527 times as indicated by the value of 3528 transport-session-discontinuity-time. 3530 Note that this parameter corresponds to 3531 ipfixTransportSessionOptionsTemplates in the IPFIX MIB 3532 module."; 3533 reference 3534 "RFC 6615, Section 8 3535 (ipfixTransportSessionOptionsTemplates)"; 3536 } 3538 leaf transport-session-start-time { 3539 type yang:date-and-time; 3540 description 3541 "Timestamp of the start of the given Transport Session. 3543 This state parameter does not correspond to any object in 3544 the IPFIX MIB module."; 3545 } 3547 leaf transport-session-discontinuity-time { 3548 type yang:date-and-time; 3549 description 3550 "Timestamp of the most recent occasion at which one or more 3551 of the Transport Session counters suffered a discontinuity. 3553 Note that this parameter functionally corresponds to 3554 ipfixTransportSessionDiscontinuityTime in the IPFIX MIB 3555 module. In contrast to 3556 ipfixTransportSessionDiscontinuityTime, the time is 3557 absolute and not relative to sysUpTime."; 3558 reference 3559 "RFC 6615, Section 8 3560 (ipfixTransportSessionDiscontinuityTime)"; 3561 } 3562 } 3564 grouping collection-template-state-parameters { 3565 description 3566 "State parameters of a (Options) Template received by a 3567 Collecting Process in a specific Transport Session or read by 3568 the File Reader. 3570 Parameter names and semantics correspond to the 3571 managed objects in IPFIX-MIB"; 3572 reference 3573 "RFC 7011; RFC 6615, Section 8 (ipfixTemplateEntry, 3574 ipfixTemplateDefinitionEntry, ipfixTemplateStatsEntry)"; 3576 list template { 3577 key "name"; 3578 description 3579 "This list contains the Templates and Options Templates that 3580 are transmitted by the Exporting Process or received by the 3581 Collecting Process. 3583 Withdrawn or invalidated (Options) Templates MUST be removed 3584 from this list."; 3586 leaf name { 3587 type name-type; 3588 description 3589 "An arbitrary string which uniquely identifies the 3590 template."; 3591 } 3593 leaf observation-domain-id { 3594 type uint32; 3595 description 3596 "The ID of the Observation Domain for which this Template 3597 is defined. 3599 Note that this parameter corresponds to 3600 ipfixTemplateObservationDomainId in the IPFIX MIB 3601 module."; 3602 reference 3603 "RFC 6615, Section 8 3604 (ipfixTemplateObservationDomainId)"; 3605 } 3607 leaf template-id { 3608 type uint16 { 3609 range "256..65535"; 3610 } 3611 description 3612 "This number indicates the Template ID in the IPFIX 3613 message. 3615 Note that this parameter corresponds to ipfixTemplateId in 3616 the IPFIX MIB module."; 3617 reference 3618 "RFC 6615, Section 8 (ipfixTemplateId)"; 3619 } 3621 leaf set-id { 3622 type uint16 { 3623 range "2..3 | 256..65535"; 3624 } 3625 description 3626 "This number indicates the Set ID of the Template. 3627 A value of 2 is reserved for Template Sets. A value of 3 3628 is reserved for Options Template Sets. Values from 4 to 3629 255 are reserved for future use. Values 256 and above 3630 are used for Data Sets. The Set ID values of 0 and 1 are 3631 not used for historical reasons. 3633 Note that this parameter corresponds to ipfixTemplateSetId 3634 in the IPFIX MIB module."; 3635 reference 3636 "RFC 7011, Section 3.3.2; 3637 RFC 6615, Section 8 (ipfixTemplateSetId)"; 3638 } 3640 leaf access-time { 3641 type yang:date-and-time; 3642 description 3643 "This parameter contains the time when this (Options) 3644 Template was last received from the Exporter or read from 3645 the file. 3647 Note that this parameter corresponds to 3648 ipfixTemplateAccessTime in the IPFIX MIB module."; 3649 reference 3650 "RFC 6615, Section 8 ( 3651 ipfixTemplateAccessTime)"; 3652 } 3654 leaf template-data-records { 3655 type yang:counter64; 3656 description 3657 "The number of received Data Records defined by this 3658 (Options) Template. 3660 Discontinuities in the value of this counter can occur at 3661 re-initialization of the management system, and at other 3662 times as indicated by the value of 3663 template-discontinuity-time. 3665 Note that this parameter corresponds to 3666 ipfixTemplateDataRecords in the IPFIX MIB module."; 3667 reference 3668 "RFC 6615, Section 8 (ipfixTemplateDataRecords)"; 3669 } 3670 leaf template-discontinuity-time { 3671 type yang:date-and-time; 3672 description 3673 "Timestamp of the most recent occasion at which the counter 3674 template-data-records suffered a discontinuity. 3676 Note that this parameter functionally corresponds to 3677 ipfixTemplateDiscontinuityTime in the IPFIX MIB module. In 3678 contrast to ipfixTemplateDiscontinuityTime, the time is 3679 absolute and not relative to sysUpTime."; 3680 reference 3681 "RFC 6615, Section 8 3682 (ipfixTemplateDiscontinuityTime)"; 3683 } 3685 list field { 3686 key "name"; 3687 description 3688 "This list contains the (Options) Template fields of which 3689 the (Options) Template is defined. 3691 The order of the list corresponds to the order of the 3692 fields in the (Option) Template Record."; 3694 leaf name { 3695 type name-type; 3696 description 3697 "An arbitrary string which uniquely identifies the 3698 template field."; 3699 } 3701 leaf ie-id { 3702 type ie-id-type; 3703 description 3704 "This parameter indicates the Information Element 3705 identifier of the field. 3707 Note that this parameter corresponds to 3708 ipfixTemplateDefinitionIeId in the IPFIX MIB module."; 3709 reference 3710 "RFC 7011; RFC 6615, Section 8 3711 (ipfixTemplateDefinitionIeId)."; 3712 } 3714 leaf ie-length { 3715 type uint16; 3716 units "octets"; 3717 description 3718 "This parameter indicates the length of the Information 3719 Element of the field. 3721 Note that this parameter corresponds to 3722 ipfixTemplateDefinitionIeLength in the IPFIX MIB 3723 module."; 3724 reference 3725 "RFC 7011; RFC 6615, Section 8 3726 (ipfixTemplateDefinitionIeLength)"; 3727 } 3729 leaf ie-enterprise-number { 3730 type uint32; 3731 description 3732 "This parameter indicates the IANA enterprise number of 3733 the authority defining the Information Element 3734 identifier. 3736 If the Information Element is not enterprise-specific, 3737 this state parameter is zero. 3739 Note that this parameter corresponds to 3740 ipfixTemplateDefinitionIeEnterpriseNumber in the IPFIX 3741 MIB module."; 3742 reference 3743 "RFC 6615, Section 8 3744 (ipfixTemplateDefinitionIeEnterpriseNumber); 3745 IANA registry for Private Enterprise Numbers, 3746 http://www.iana.org/assignments/enterprise-numbers"; 3747 } 3749 leaf is-flow-key { 3750 when "../../set-id = 2" { 3751 description 3752 "This parameter is available for non-Options Templates 3753 (Set ID is 2)."; 3754 } 3755 type empty; 3756 description 3757 "If present, this is a Flow Key field. 3759 Note that this corresponds to flowKey(1) being set in 3760 ipfixTemplateDefinitionFlags."; 3761 reference 3762 "RFC 6615, Section 8 3763 (ipfixTemplateDefinitionFlags)"; 3764 } 3765 leaf is-scope { 3766 when "../../set-id = 3" { 3767 description 3768 "This parameter is available for Options 3769 Templates (Set ID is 3)."; 3770 } 3771 type empty; 3772 description 3773 "If present, this is a scope field. 3775 Note that this corresponds to scope(0) being set in 3776 ipfixTemplateDefinitionFlags."; 3777 reference 3778 "RFC 6615, Section 8 3779 (ipfixTemplateDefinitionFlags)"; 3780 } 3781 } 3782 } 3783 } 3785 grouping common-collector-parameters { 3786 description 3787 "Parameters of a Collecting Process that are common to all 3788 transport protocols."; 3790 choice local-address-method { 3791 description 3792 "Method to configure the local address of the collecting 3793 process. Note that it is expected that other methods be 3794 available. Those method can augment this choice."; 3796 case local-address { 3797 leaf-list local-address { 3798 type inet:host; 3799 description 3800 "List of local addresses on which the Collecting 3801 Process listens for IPFIX Messages."; 3802 } 3803 } 3804 } 3806 leaf local-port { 3807 type inet:port-number; 3808 description 3809 "If not configured, the Monitoring Device uses the default 3810 port number for IPFIX, which is 4739 without TLS or DTLS and 3811 4740 if TLS or DTLS is activated."; 3812 } 3814 } 3816 grouping tcp-collector-parameters { 3817 description 3818 "Parameters of a listening TCP socket at a Collecting 3819 Process."; 3821 uses common-collector-parameters; 3823 uses transport-layer-security-parameters; 3824 } 3826 grouping udp-collector-parameters { 3827 description 3828 "Parameters of a listening UDP socket at a Collecting 3829 Process."; 3831 uses common-collector-parameters; 3833 leaf template-life-time { 3834 type uint32; 3835 units seconds; 3836 default 1800; 3837 description 3838 "Sets the lifetime of Templates for all UDP Transport 3839 Sessions terminating at this UDP socket. Templates that are 3840 not received again within the configured lifetime become 3841 invalid at the Collecting Process. 3843 As specified in RFC 7011, the Template lifetime MUST be at 3844 least three times higher than the template-refresh-timeout 3845 parameter value configured on the corresponding Exporting 3846 Processes. 3848 Note that this parameter corresponds to 3849 ipfixTransportSessionTemplateRefreshTimeout in the IPFIX 3850 MIB module."; 3851 reference 3852 "RFC 7011, Section 10.3.7; RFC 6615, Section 8 3853 (ipfixTransportSessionTemplateRefreshTimeout)."; 3854 } 3856 leaf options-template-life-time { 3857 type uint32; 3858 units seconds; 3859 default 1800; 3860 description 3861 "Sets the lifetime of Options Templates for all UDP Transport 3862 Sessions terminating at this UDP socket. Options Templates 3863 that are not received again within the configured lifetime 3864 become invalid at the Collecting Process. 3866 As specified in RFC 7011, the Options Template lifetime MUST 3867 be at least three times higher than the 3868 options-template-refresh-timeout parameter value configured 3869 on the corresponding Exporting Processes. 3871 Note that this parameter corresponds to 3872 ipfixTransportSessionOptionsTemplateRefreshTimeout in the 3873 IPFIX MIB module."; 3874 reference 3875 "RFC 7011, Section 8.4; RFC 6615, Section 8 3876 (ipfixTransportSessionOptionsTemplateRefreshTimeout)."; 3877 } 3879 leaf template-life-packet { 3880 type uint32; 3881 units "IPFIX Messages"; 3882 description 3883 "If this parameter is configured, Templates defined in a UDP 3884 Transport Session become invalid if they are neither 3885 included in a sequence of more than this number of IPFIX 3886 Messages nor received again within the period of time 3887 specified by template-life-time. 3889 Note that this parameter corresponds to 3890 ipfixTransportSessionTemplateRefreshPacket in the IPFIX 3891 MIB module."; 3892 reference 3893 "RFC 7011, Section 8.4; RFC 6615, Section 8 3894 (ipfixTransportSessionTemplateRefreshPacket)."; 3895 } 3897 leaf options-template-life-packet { 3898 type uint32; 3899 units "IPFIX Messages"; 3900 description 3901 "If this parameter is configured, Options Templates defined 3902 in a UDP Transport Session become invalid if they are 3903 neither included in a sequence of more than this number of 3904 IPFIX Messages nor received again within the period of time 3905 specified by options-template-life-time. 3907 Note that this parameter corresponds to 3908 ipfixTransportSessionOptionsTemplateRefreshPacket in the 3909 IPFIX MIB module."; 3911 reference 3912 "RFC 7011, Section 8.4; RFC 6615, Section 8 3913 (ipfixTransportSessionOptionsTemplateRefreshPacket)."; 3914 } 3916 leaf maximum-reordering-delay { 3917 type uint32; 3918 units seconds; 3919 description 3920 "The maximum delay for the template to be received at the 3921 collector after the data record(s) has(have) been received. 3922 The collector is expected to buffer the data records till 3923 such a time."; 3924 reference 3925 "RFC 7011, Section 8.2"; 3926 } 3928 uses transport-layer-security-parameters; 3929 } 3931 grouping sctp-collector-parameters { 3932 description 3933 "Parameters of a listening SCTP socket at a Collecting 3934 Process."; 3936 uses common-collector-parameters; 3938 leaf maximum-reordering-delay { 3939 type uint32; 3940 units seconds; 3941 description 3942 "The maximum delay for the template to be received at the 3943 collector after the data record(s) has(have) been received. 3944 The collector is expected to buffer the data records till 3945 such a time."; 3946 reference 3947 "RFC 7011, Section 8.2"; 3948 } 3950 uses transport-layer-security-parameters; 3951 } 3953 grouping file-reader-state-parameters { 3954 description 3955 "State Parameters for the File Reader."; 3957 container file-reader-state { 3958 config false; 3959 description 3960 "File Reader parameters."; 3962 leaf bytes { 3963 type yang:counter64; 3964 units octets; 3965 description 3966 "The number of bytes read by the File Reader. 3968 Discontinuities in the value of this counter can occur at 3969 re-initialization of the management system, and at other 3970 times as indicated by the value of 3971 file-reader-discontinuity-time."; 3972 } 3974 leaf messages { 3975 type yang:counter64; 3976 units "IPFIX Messages"; 3977 description 3978 "The number of IPFIX Messages read by the File Reader. 3980 Discontinuities in the value of this counter can occur at 3981 re-initialization of the management system, and at other 3982 times as indicated by the value of 3983 file-reader-discontinuity-time."; 3984 } 3986 leaf records { 3987 type yang:counter64; 3988 units "Data Records"; 3989 description 3990 "The number of Data Records read by the File Reader. 3992 Discontinuities in the value of this counter can occur at 3993 re-initialization of the management system, and at other 3994 times as indicated by the value of 3995 file-reader-discontinuity-time."; 3996 } 3998 leaf templates { 3999 type yang:counter32; 4000 units "Templates"; 4001 description 4002 "The number of Template Records (excluding Options Template 4003 Records) read by the File Reader. 4005 Discontinuities in the value of this counter can occur at 4006 re-initialization of the management system, and at other 4007 times as indicated by the value of 4008 file-reader-discontinuity-time."; 4009 } 4011 leaf options-templates { 4012 type yang:counter32; 4013 units "Options Templates"; 4014 description 4015 "The number of Options Template Records read by the File 4016 Reader. 4018 Discontinuities in the value of this counter can occur at 4019 re-initialization of the management system, and at other 4020 times as indicated by the value of 4021 file-reader-discontinuity-time."; 4022 } 4024 leaf file-reader-discontinuity-time { 4025 type yang:date-and-time; 4026 description 4027 "Timestamp of the most recent occasion at which one or more 4028 File Reader counters suffered a discontinuity. 4030 In contrast to discontinuity times in the IPFIX MIB 4031 module, the time is absolute and not relative to 4032 sysUpTime."; 4033 } 4035 uses collection-template-state-parameters; 4036 } 4037 } 4039 grouping collecting-process-parameters { 4040 description 4041 "Parameters of a Collecting Process."; 4043 list tcp-collector { 4044 if-feature tcp-transport; 4045 key "name"; 4046 description 4047 "List of TCP receivers (sockets) on which the Collecting 4048 Process receives IPFIX Messages."; 4050 leaf name { 4051 type name-type; 4052 description 4053 "An arbitrary string which uniquely identifies the TCP 4054 collector."; 4056 } 4058 uses tcp-collector-parameters; 4060 list transport-session { 4061 key name; 4062 config false; 4063 description 4064 "This list contains the currently established Transport 4065 Sessions terminating at the given socket."; 4067 leaf name { 4068 type name-type; 4069 description 4070 "An arbitrary string which uniquely identifies the 4071 transport session."; 4072 } 4074 uses transport-session-state-parameters; 4075 uses collection-template-state-parameters; 4076 } 4077 } 4079 list udp-collector { 4080 if-feature udp-transport; 4081 key "name"; 4082 description 4083 "List of UDP receivers (sockets) on which the Collecting 4084 Process receives IPFIX Messages."; 4086 leaf name { 4087 type name-type; 4088 description 4089 "An arbitrary string which uniquely identifies the UDP 4090 Collector."; 4091 } 4093 uses udp-collector-parameters; 4095 list transport-session { 4096 key name; 4097 config false; 4098 description 4099 "This list contains the currently established Transport 4100 Sessions terminating at the given socket."; 4102 leaf name { 4103 type name-type; 4104 description 4105 "An arbitrary string which uniquely identifies the 4106 transport session."; 4107 } 4109 uses transport-session-state-parameters; 4110 uses collection-template-state-parameters; 4111 } 4112 } 4114 list sctp-collector { 4115 if-feature sctp-transport; 4116 key "name"; 4117 description 4118 "List of SCTP receivers on which the Collecting Process 4119 receives IPFIX Messages."; 4121 leaf name { 4122 type name-type; 4123 description 4124 "An arbitrary string which uniquely identifies the SCTP 4125 Collector."; 4126 } 4128 uses sctp-collector-parameters; 4130 list transport-session { 4131 key name; 4132 config false; 4133 description 4134 "This list contains the currently established Transport 4135 Sessions terminating at the given socket."; 4137 leaf name { 4138 type name-type; 4139 description 4140 "An arbitrary string which uniquely identifies the 4141 transport session."; 4142 } 4144 leaf sctp-association-id { 4145 type uint32; 4146 config false; 4147 description 4148 "The association ID used for the SCTP session between the 4149 Exporter and the Collector of the IPFIX Transport 4150 Session. It is equal to the sctpAssocId entry in the 4151 sctpAssocTable defined in the SCTP-MIB. 4153 This parameter is only available if the transport 4154 protocol is SCTP and if an SNMP agent on the same 4155 Monitoring Device enables access to the corresponding 4156 MIB objects in the sctpAssocTable. 4158 Note that this parameter corresponds to 4159 ipfixTransportSessionSctpAssocId in the IPFIX MIB 4160 module."; 4161 reference 4162 "RFC 6615, Section 8 4163 (ipfixTransportSessionSctpAssocId); 4164 RFC 3871"; 4165 } 4167 uses transport-session-state-parameters; 4168 uses collection-template-state-parameters; 4169 } 4170 } 4172 list file-reader { 4173 if-feature file-reader; 4174 key "name"; 4175 description 4176 "List of File Readers from which the Collecting Process reads 4177 the IPFIX Messages."; 4179 leaf name { 4180 type name-type; 4181 description 4182 "An arbitrary string which uniquely identifies the File 4183 Reader."; 4184 } 4186 leaf file { 4187 type inet:uri; 4188 mandatory true; 4189 description 4190 "URI specifying the location of the file."; 4191 } 4193 uses file-reader-state-parameters; 4194 } 4195 } 4197 grouping export-template-state-parameters { 4198 description 4199 "State parameters of a (Options) Template used by an Exporting 4200 Process in a specific Transport Session or by a File Writer. 4202 Parameter names and semantics correspond to the managed 4203 objects in IPFIX-MIB."; 4204 reference 4205 "RFC 7011; RFC 6615, Section 8 (ipfixTemplateEntry, 4206 ipfixTemplateDefinitionEntry, ipfixTemplateStatsEntry)"; 4208 list template { 4209 key "name"; 4210 description 4211 "This list contains the Templates and Options Templates that 4212 are transmitted by the Exporting Process or written by the 4213 File Writer. 4215 Withdrawn or invalidated (Options) Templates MUST be removed 4216 from this list."; 4218 leaf name { 4219 type name-type; 4220 description 4221 "An arbitrary string which uniquely identifies the 4222 template."; 4223 } 4225 leaf observation-domain-id { 4226 type uint32; 4227 description 4228 "The ID of the Observation Domain for which this Template 4229 is defined. 4231 Note that this parameter corresponds to 4232 ipfixTemplateObservationDomainId in the IPFIX MIB 4233 module."; 4234 reference 4235 "RFC 6615, Section 8 4236 (ipfixTemplateObservationDomainId)."; 4237 } 4239 leaf template-id { 4240 type uint16 { 4241 range "256..65535"; 4242 } 4243 description 4244 "This number indicates the Template ID in the IPFIX 4245 message. 4247 Note that this parameter corresponds to ipfixTemplateId in 4248 the IPFIX MIB module."; 4249 reference 4250 "RFC 6615, Section 8 (ipfixTemplateId)."; 4251 } 4253 leaf set-id { 4254 type uint16 { 4255 range "2..3 | 256..65535"; 4256 } 4257 description 4258 "This number indicates the Set ID of the Template. 4259 A value of 2 is reserved for Template Sets. A value of 3 4260 is reserved for Options Template Sets. Values from 4 to 4261 255 are reserved for future use. Values 256 and above 4262 are used for Data Sets. The Set ID values of 0 and 1 are 4263 not used for historical reasons. 4265 Note that this parameter corresponds to ipfixTemplateSetId 4266 in the IPFIX MIB module."; 4267 reference 4268 "RFC 7011, Section 3.3.2; 4269 RFC 6615, Section 8 (ipfixTemplateSetId)"; 4270 } 4272 leaf access-time { 4273 type yang:date-and-time; 4274 description 4275 "This parameter contains the time when this (Options) 4276 Template was last sent to the Collector(s) or written to 4277 the file. 4279 Note that this parameter corresponds to 4280 ipfixTemplateAccessTime in the IPFIX MIB module."; 4281 reference 4282 "RFC 6615, Section 8 ( 4283 ipfixTemplateAccessTime)."; 4284 } 4286 leaf template-data-records { 4287 type yang:counter64; 4288 description 4289 "The number of transmitted Data Records defined by this 4290 (Options) Template. 4292 Discontinuities in the value of this counter can occur at 4293 re-initialization of the management system, and at other 4294 times as indicated by the value of 4295 template-discontinuity-time. 4297 Note that this parameter corresponds to 4298 ipfixTemplateDataRecords in the IPFIX MIB module."; 4299 reference 4300 "RFC 6615, Section 8 (ipfixTemplateDataRecords)."; 4301 } 4303 leaf template-discontinuity-time { 4304 type yang:date-and-time; 4305 description 4306 "Timestamp of the most recent occasion at which the counter 4307 template-data-records suffered a discontinuity. 4309 Note that this parameter functionally 4310 corresponds to ipfixTemplateDiscontinuityTime in the IPFIX 4311 MIB module. In contrast to 4312 ipfixTemplateDiscontinuityTime, the time is absolute and 4313 not relative to sysUpTime."; 4314 reference 4315 "RFC 6615, Section 8 4316 (ipfixTemplateDiscontinuityTime)."; 4317 } 4319 list field { 4320 key "name"; 4321 description 4322 "This list contains the (Options) Template fields of which 4323 the (Options) Template is defined. 4325 The order of the list corresponds to the order 4326 of the fields in the (Option) Template Record."; 4328 leaf name { 4329 type name-type; 4330 description 4331 "An arbitrary string which uniquely identifies the 4332 template field."; 4333 } 4335 leaf ie-id { 4336 type ie-id-type; 4337 description 4338 "This parameter indicates the Information Element 4339 identifier of the field. 4341 Note that this parameter corresponds to 4342 ipfixTemplateDefinitionIeId in the IPFIX MIB module."; 4343 reference 4344 "RFC 7011; RFC 6615, Section 8 4345 (ipfixTemplateDefinitionIeId)."; 4347 } 4349 leaf ie-length { 4350 type uint16; 4351 units "octets"; 4352 description 4353 "This parameter indicates the length of the Information 4354 Element of the field. 4356 Note that this parameter corresponds to 4357 ipfixTemplateDefinitionIeLength in the IPFIX MIB 4358 module."; 4359 reference 4360 "RFC 7011; RFC 6615, Section 8 4361 (ipfixTemplateDefinitionIeLength)."; 4362 } 4364 leaf ie-enterprise-number { 4365 type uint32; 4366 description 4367 "This parameter indicates the IANA enterprise number of 4368 the authority defining the Information Element 4369 identifier. 4371 If the Information Element is not enterprise-specific, 4372 this state parameter is zero. 4374 Note that this parameter corresponds to 4375 ipfixTemplateDefinitionIeEnterpriseNumber in the IPFIX 4376 MIB module."; 4377 reference 4378 "RFC 6615, Section 8 4379 (ipfixTemplateDefinitionIeEnterpriseNumber); 4380 IANA registry for Private Enterprise Numbers, 4381 http://www.iana.org/assignments/enterprise-numbers."; 4382 } 4384 leaf is-flow-key { 4385 when "../../set-id = 2" { 4386 description 4387 "This parameter is available for non-Options Templates 4388 (Set ID is 2)."; 4389 } 4390 type empty; 4391 description 4392 "If present, this is a Flow Key field. 4394 Note that this corresponds to flowKey(1) being set in 4395 ipfixTemplateDefinitionFlags."; 4396 reference 4397 "RFC 6615, Section 8 4398 (ipfixTemplateDefinitionFlags)."; 4399 } 4401 leaf is-scope { 4402 when "../../set-id = 3" { 4403 description 4404 "This parameter is available for Options Templates 4405 (Set ID is 3)."; 4406 } 4407 type empty; 4408 description 4409 "If present, this is a scope field. 4411 Note that this corresponds to scope(0) being set in 4412 ipfixTemplateDefinitionFlags."; 4413 reference 4414 "RFC 6615, Section 8 4415 (ipfixTemplateDefinitionFlags)."; 4416 } 4417 } 4418 } 4419 } 4421 grouping common-exporter-parameters { 4422 description 4423 "Parameters of an export destination that are common to all 4424 transport protocols."; 4426 leaf ipfix-version { 4427 type uint16; 4428 default '10'; 4429 description 4430 "IPFIX version number."; 4431 reference 4432 "RFC 7011."; 4433 } 4435 container source { 4436 description 4437 "Configuration corresponding to how exporter's source IP 4438 address is specified."; 4440 choice source-method { 4441 description 4442 "Method to configure the source address of the exporter 4443 or the interface to be used by the exporter. 4445 Note that it is expected that other methods be available. 4446 Those methods can augment this choice."; 4448 case interface-ref { 4449 leaf interface-ref { 4450 type if:interface-ref; 4451 description 4452 "The interface to be used by the Exporting Process."; 4453 } 4454 } 4456 case if-index { 4457 if-feature if-mib; 4458 leaf if-index { 4459 type uint32; 4460 description 4461 "Index of an interface as stored in the ifTable 4462 of IF-MIB."; 4463 reference 4464 "RFC 2863."; 4465 } 4466 } 4468 case if-name { 4469 if-feature if-mib; 4470 leaf if-name { 4471 type string; 4472 description 4473 "Name of an interface as stored in the ifTable 4474 of IF-MIB."; 4475 reference 4476 "RFC 2863."; 4477 } 4478 } 4479 } 4480 } 4482 container destination { 4483 description 4484 "Configuration corresponding to how exporter's destination IP 4485 address is specified."; 4486 } 4488 leaf destination-port { 4489 type inet:port-number; 4490 description 4491 "If not configured by the user, the Monitoring Device uses 4492 the default port number for IPFIX, which is 4739 without TLS 4493 or DTLS and 4740 if TLS or DTLS is activated."; 4494 } 4496 leaf send-buffer-size { 4497 type uint32; 4498 units "bytes"; 4499 description 4500 "Size of the socket send buffer. 4502 If not configured by the user, this parameter is set by 4503 the Monitoring Device."; 4504 } 4506 leaf rate-limit { 4507 type uint32; 4508 units "bytes per second"; 4509 description 4510 "Maximum number of bytes per second the Exporting Process may 4511 export to the given destination. The number of bytes is 4512 calculated from the lengths of the IPFIX Messages exported. 4513 If not configured, no rate limiting is performed."; 4514 reference 4515 "RFC 5476, Section 6.3."; 4516 } 4517 } 4519 grouping tcp-exporter-parameters { 4520 description 4521 "Parameters of a TCP export destination."; 4523 uses common-exporter-parameters { 4524 augment "source/source-method" { 4525 description 4526 "Augment the source method to add the source IP address or 4527 hostname."; 4529 case source-address { 4530 leaf source-address { 4531 type inet:host; 4532 description 4533 "The source IP address or hostname used by the 4534 Exporting Process."; 4535 } 4536 } 4537 } 4538 augment "destination" { 4539 description 4540 "Augment the destination method to add the destination 4541 IP address or hostname."; 4543 choice destination-method { 4544 mandatory true; 4545 description 4546 "Method to configuring the destination address of the 4547 Collection Process to which IPFIX Messages are sent. 4549 Note it is expected that if other methods are available 4550 that they would augment from this statement."; 4552 case destination-address { 4553 leaf destination-address { 4554 type inet:host; 4555 description 4556 "The destination IP address or hostname of the 4557 Collecting Process to which IPFIX Messages are sent. 4558 A hostname may resolve to one or more IP 4559 addresses."; 4560 } 4561 } 4562 } 4563 } 4564 } 4566 leaf connection-timeout { 4567 type uint32; 4568 units seconds; 4569 description 4570 "Time after which the exporting process deems the TCP 4571 connection to have failed."; 4572 reference 4573 "RFC 7011, Sections 10.4.4 and 10.4.5."; 4574 } 4576 leaf retry-schedule { 4577 type uint32 { 4578 range "60..max"; 4579 } 4580 units seconds; 4581 description 4582 "Time after which the exporting process retries the TCP 4583 connection to a collector."; 4584 reference 4585 "RFC 7011, Section 10.4.4."; 4587 } 4589 uses transport-layer-security-parameters; 4590 } 4592 grouping udp-exporter-parameters { 4593 description 4594 "Parameters of a UDP export destination."; 4596 uses common-exporter-parameters { 4597 augment "source/source-method" { 4598 description 4599 "Augment the source method to add the source IP address or 4600 hostname."; 4602 case source-address { 4603 leaf source-address { 4604 type inet:host; 4605 description 4606 "The source IP address or hostname used by the 4607 Exporting Process."; 4608 } 4609 } 4610 } 4612 augment "destination" { 4613 description 4614 "Augment the destination method to add the destination 4615 IP address or hostname."; 4617 choice destination-method { 4618 mandatory true; 4619 description 4620 "Method to configuring the destination address of the 4621 Collection Process to which IPFIX Messages are sent. 4623 Note it is expected that if other methods are available 4624 that they would augment from this statement."; 4626 case destination-address { 4627 leaf destination-address { 4628 type inet:host; 4629 description 4630 "The destination IP address or hostname of the 4631 Collecting Process to which IPFIX Messages are sent. 4632 A hostname may resolve to one or more IP 4633 addresses."; 4634 } 4636 } 4637 } 4638 } 4639 } 4641 leaf maximum-packet-size { 4642 type uint16; 4643 units octets; 4644 description 4645 "This parameter specifies the maximum size of IP packets sent 4646 to the Collector. If set to zero, the Exporting Device MUST 4647 derive the maximum packet size from path MTU discovery 4648 mechanisms. 4650 If not configured by the user, this parameter is set by 4651 the Monitoring Device."; 4652 } 4654 leaf template-refresh-timeout { 4655 type uint32; 4656 units seconds; 4657 default 600; 4658 description 4659 "Sets time after which Templates are resent in the UDP 4660 Transport Session. 4662 Note that the configured lifetime MUST be adapted to the 4663 template-life-time parameter value at the receiving 4664 Collecting Process. 4666 Note that this parameter corresponds to 4667 ipfixTransportSessionTemplateRefreshTimeout in the IPFIX 4668 MIB module."; 4669 reference 4670 "RFC 7011, Section 8.4; RFC 6615, Section 8 4671 (ipfixTransportSessionTemplateRefreshTimeout)."; 4672 } 4674 leaf options-template-refresh-timeout { 4675 type uint32; 4676 units seconds; 4677 default 600; 4678 description 4679 "Sets time after which Options Templates are resent in the 4680 UDP Transport Session. 4682 Note that the configured lifetime MUST be adapted to the 4683 options-template-life-time parameter value at the receiving 4684 Collecting Process. 4686 Note that this parameter corresponds to 4687 ipfixTransportSessionOptionsTemplateRefreshTimeout in the 4688 IPFIX MIB module."; 4689 reference 4690 "RFC 7011, Section 8.4; RFC 6615, Section 8 4691 (ipfixTransportSessionOptionsTemplateRefreshTimeout)."; 4692 } 4694 leaf template-refresh-packet { 4695 type uint32; 4696 units "IPFIX Messages"; 4697 description 4698 "Sets number of IPFIX Messages after which Templates are 4699 resent in the UDP Transport Session. 4701 Note that this parameter corresponds to 4702 ipfixTransportSessionTemplateRefreshPacket in the IPFIX 4703 MIB module. 4705 If omitted, Templates are only resent after timeout."; 4706 reference 4707 "RFC 7011, Section 8.4; RFC 6615, Section 8 4708 (ipfixTransportSessionTemplateRefreshPacket)."; 4709 } 4711 leaf options-template-refresh-packet { 4712 type uint32; 4713 units "IPFIX Messages"; 4714 description 4715 "Sets number of IPFIX Messages after which Options Templates 4716 are resent in the UDP Transport Session protocol. 4718 Note that this parameter corresponds to 4719 ipfixTransportSessionOptionsTemplateRefreshPacket in the 4720 IPFIX MIB module. 4722 If omitted, Templates are only resent after timeout."; 4723 reference 4724 "RFC 7011, Section 8.4; RFC 6615, Section 8 4725 (ipfixTransportSessionOptionsTemplateRefreshPacket)."; 4726 } 4728 uses transport-layer-security-parameters; 4729 } 4731 grouping sctp-exporter-parameters { 4732 description 4733 "Parameters of a SCTP export destination."; 4735 uses common-exporter-parameters { 4736 augment "source/source-method" { 4737 description 4738 "Augment the source method to add the source IP address or 4739 hostname."; 4741 case source-address { 4742 leaf-list source-address { 4743 type inet:host; 4744 description 4745 "The source IP address(es) or hostname(s) used by the 4746 Exporting Process."; 4747 } 4748 } 4749 } 4751 augment "destination" { 4752 description 4753 "Augment the destination method to add the destination 4754 IP address or hostname."; 4756 choice destination-method { 4757 mandatory true; 4758 description 4759 "Method to configuring the destination address of the 4760 Collection Process to which IPFIX Messages are sent. 4762 Note it is expected that if other methods are available 4763 that they would augment from this statement."; 4765 case destination-address { 4766 leaf-list destination-address { 4767 type inet:host; 4768 description 4769 "List of destination IP addresses or hostnames. 4770 A hostname may resolve to one or more IP addresses. 4772 The user must ensure that all configured IP 4773 addresses belong to the same Collecting Process. 4775 The SCTP Exporting Processs tries to establish an 4776 SCTP association to any of the configured 4777 destination IP addresses."; 4778 } 4779 } 4781 } 4782 } 4783 } 4785 leaf timed-reliability { 4786 type uint32; 4787 units milliseconds; 4788 default 0; 4789 description 4790 "Lifetime in milliseconds until an IPFIX Message containing 4791 Data Sets only is 'abandoned' due to the timed reliability 4792 mechanism of PR-SCTP. 4794 If this parameter is set to zero, reliable SCTP transport is 4795 used for all Data Records. 4797 Regardless of the value of this parameter, the Exporting 4798 Process MAY use reliable SCTP transport for Data Sets 4799 associated with Options Templates."; 4800 reference 4801 "RFC 3758; RFC 4960."; 4802 } 4804 leaf association-timeout { 4805 type uint32; 4806 units seconds; 4807 description 4808 "Time after which the exporting process deems the SCTP 4809 association to have failed."; 4810 reference 4811 "RFC 7011, Sections 10.2.4 and 10.2.5."; 4812 } 4814 uses transport-layer-security-parameters; 4815 } 4817 grouping file-writer-state-parameters { 4818 description 4819 "State Parameters for the File Writer."; 4821 container file-writer-state { 4822 config false; 4823 description 4824 "File Writer parameters."; 4826 leaf bytes { 4827 type yang:counter64; 4828 units octets; 4829 description 4830 "The number of bytes written by the File Writer. 4832 Discontinuities in the value of this counter can occur at 4833 re-initialization of the management system, and at other 4834 times as indicated by the value of 4835 file-writer-discontinuity-time."; 4836 } 4838 leaf messages { 4839 type yang:counter64; 4840 units "IPFIX Messages"; 4841 description 4842 "The number of IPFIX Messages written by the File Writer. 4844 Discontinuities in the value of this counter can occur at 4845 re-initialization of the management system, and at other 4846 times as indicated by the value of 4847 file-writer-discontinuity-time."; 4848 } 4850 leaf discarded-messages { 4851 type yang:counter64; 4852 units "IPFIX Messages"; 4853 description 4854 "The number of IPFIX Messages that could not be written by 4855 the File Writer due to internal buffer overflows, limited 4856 storage capacity, etc. 4858 Discontinuities in the value of this counter can occur at 4859 re-initialization of the management system, and at other 4860 times as indicated by the value of 4861 file-writer-discontinuity-time."; 4862 } 4864 leaf records { 4865 type yang:counter64; 4866 units "Data Records"; 4867 description 4868 "The number of Data Records written by the File Writer. 4870 Discontinuities in the value of this counter can occur at 4871 re-initialization of the management system, and at other 4872 times as indicated by the value of 4873 file-writer-discontinuity-time."; 4874 } 4876 leaf templates { 4877 type yang:counter32; 4878 units "Templates"; 4879 description 4880 "The number of Template Records (excluding Options Template 4881 Records) written by the File Writer. 4883 Discontinuities in the value of this counter can occur at 4884 re-initialization of the management system, and at other 4885 times as indicated by the value of 4886 file-writer-discontinuity-time."; 4887 } 4889 leaf options-templates { 4890 type yang:counter32; 4891 units "Options Templates"; 4892 description 4893 "The number of Options Template Records written by the File 4894 Writer. 4896 Discontinuities in the value of this counter can occur at 4897 re-initialization of the management system, and at other 4898 times as indicated by the value of 4899 file-writer-discontinuity-time."; 4900 } 4902 leaf file-writer-discontinuity-time { 4903 type yang:date-and-time; 4904 description 4905 "Timestamp of the most recent occasion at which one or more 4906 File Writer counters suffered a discontinuity. 4908 In contrast to discontinuity times in the IPFIX MIB 4909 module, the time is absolute and not relative to 4910 sysUpTime."; 4911 } 4913 uses export-template-state-parameters; 4914 } 4915 } 4917 grouping exporting-process-parameters { 4918 description 4919 "Parameters of an Exporting Process."; 4921 leaf export-mode { 4922 type identityref { 4923 base export-mode; 4924 } 4925 default 'parallel'; 4926 description 4927 "This parameter determines to which configured destination(s) 4928 the incoming Data Records are exported."; 4929 } 4931 list destination { 4932 key "name"; 4933 min-elements 1; 4934 description 4935 "List of export destinations."; 4937 leaf name { 4938 type name-type; 4939 description 4940 "An arbitrary string which uniquely identifies the export 4941 destination."; 4942 } 4944 choice destination-parameters { 4945 mandatory true; 4946 description 4947 "Destination configuration."; 4949 case tcp-exporter { 4950 container tcp-exporter { 4951 if-feature tcp-transport; 4952 description 4953 "TCP parameters."; 4955 uses tcp-exporter-parameters; 4957 container transport-session { 4958 config false; 4959 description 4960 "Transport session state data."; 4962 uses transport-session-state-parameters; 4963 uses export-template-state-parameters; 4964 } 4965 } 4966 } 4968 case udp-exporter { 4969 container udp-exporter { 4970 if-feature udp-transport; 4971 description 4972 "UDP parameters."; 4974 uses udp-exporter-parameters; 4976 container transport-session { 4977 config false; 4978 description 4979 "Transport session state data."; 4981 uses transport-session-state-parameters; 4982 uses export-template-state-parameters; 4983 } 4984 } 4985 } 4987 case sctp-exporter { 4988 container sctp-exporter { 4989 if-feature sctp-transport; 4990 description 4991 "SCTP parameters."; 4993 uses sctp-exporter-parameters; 4995 container transport-session { 4996 config false; 4997 description 4998 "Transport session state data."; 5000 leaf sctp-association-id { 5001 type uint32; 5002 description 5003 "The association ID used for the SCTP session 5004 between the Exporter and the Collector of the 5005 IPFIX Transport Session. It is equal to the 5006 sctpAssocId entry in the sctpAssocTable defined in 5007 the SCTP-MIB. 5009 This parameter is only available if the transport 5010 protocol is SCTP and if an SNMP agent on the same 5011 Monitoring Device enables access to the 5012 corresponding MIB objects in the sctpAssocTable. 5014 Note that this parameter corresponds to 5015 ipfixTransportSessionSctpAssocId in the IPFIX MIB 5016 module."; 5017 reference 5018 "RFC 6615, Section 8 5019 (ipfixTransportSessionSctpAssocId); 5020 RFC 3871"; 5021 } 5022 uses transport-session-state-parameters; 5023 uses export-template-state-parameters; 5024 } 5025 } 5026 } 5028 case file-writer { 5029 container file-writer { 5030 if-feature file-writer; 5031 description 5032 "File Writer parameters."; 5034 leaf ipfix-version { 5035 type uint16; 5036 default 10; 5037 description 5038 "IPFIX version number."; 5039 reference 5040 "RFC 7011."; 5041 } 5043 leaf file { 5044 type inet:uri; 5045 mandatory true; 5046 description 5047 "URI specifying the location of the file."; 5048 } 5050 uses file-writer-state-parameters; 5051 } 5052 } 5053 } 5054 } 5056 list options { 5057 key "name"; 5058 description 5059 "List of options reported by the Exporting Process."; 5061 leaf name { 5062 type name-type; 5063 description 5064 "An arbitrary string which uniquely identifies the 5065 option."; 5066 } 5067 uses options-parameters; 5068 } 5069 } 5070 grouping options-parameters { 5071 description 5072 "Parameters specifying the data export using an Options 5073 Template."; 5075 leaf options-type { 5076 type identityref { 5077 base options-type; 5078 } 5079 mandatory true; 5080 description 5081 "Type of the exported options data."; 5082 } 5084 leaf options-timeout { 5085 type uint32; 5086 units "milliseconds"; 5087 description 5088 "Time interval for periodic export of the options data. If 5089 set to zero, the export is triggered when the options data 5090 has changed. 5092 If not configured by the user, this parameter is set by the 5093 Monitoring Device."; 5094 } 5095 } 5097 container ipfix { 5098 description 5099 "IPFIX Exporter and/or Collector data nodes."; 5101 list collecting-process { 5102 if-feature collector; 5103 key "name"; 5104 description 5105 "Collecting Process of the Monitoring Device."; 5107 leaf name { 5108 type name-type; 5109 description 5110 "An arbitrary string which uniquely identifies the 5111 Collecting Process."; 5112 } 5114 uses collecting-process-parameters; 5116 leaf-list exporting-process { 5117 if-feature exporter; 5118 type leafref { 5119 path "/ietf-ipfix:ipfix" 5120 + "/ietf-ipfix:exporting-process" 5121 + "/ietf-ipfix:name"; 5122 } 5123 description 5124 "Export of received records without any modifications. 5125 Records are processed by all Exporting Processes in the 5126 list."; 5127 } 5128 } 5130 list exporting-process { 5131 if-feature exporter; 5132 key "name"; 5133 description 5134 "List of Exporting Processes of the IPFIX Monitoring Device 5135 for which configuration will be applied."; 5137 leaf name { 5138 type name-type; 5139 description 5140 "An arbitrary string which uniquely identifies the 5141 Exporting Process."; 5142 } 5144 leaf enabled { 5145 type boolean; 5146 default "true"; 5147 description 5148 "If true, this Exporting Process is enabled for 5149 exporting."; 5150 } 5152 uses exporting-process-parameters; 5154 leaf exporting-process-id { 5155 type uint32; 5156 config false; 5157 description 5158 "The identifier of the Exporting Process. This parameter 5159 corresponds to the Information Element exportingProcessId. 5160 Its occurrence helps to associate Exporting Process 5161 parameters with Exporing Process statistics exported by 5162 the Monitoring Device using the Exporting Process 5163 Reliability Statistics Template as defined by the IPFIX 5164 protocol specification."; 5165 reference 5166 "RFC 7011, Section 4.3; IANA registry for IPFIX 5167 Entities, http://www.iana.org/assignments/ipfix."; 5168 } 5169 } 5170 } 5171 } 5173 5175 6.2. ietf-ipfix-packet-sampling 5177 6.2.1. ietf-ipfix-packet-sampling Module Structure 5179 This document defines the YANG module "ietf-ipfix-packet-sampling", 5180 which has the following structure: 5182 module: ietf-ipfix-packet-sampling 5183 augment /ipfix:ipfix: 5184 +--rw psamp 5185 +--rw observation-point* [name] 5186 | +--rw name ipfix:name-type 5187 | +--rw observation-domain-id uint32 5188 | +--rw interface-ref* if:interface-ref 5189 | +--rw if-name* if-name-type {if-mib}? 5190 | +--rw if-index* uint32 {if-mib}? 5191 | +--rw hardware-ref* hardware-ref 5192 | +--rw ent-physical-name* string {entity-mib}? 5193 | +--rw ent-physical-index* uint32 {entity-mib}? 5194 | +--rw direction? direction 5195 | +--rw selection-process* 5196 | | -> /ipfix:ipfix/psamp/selection-process/name 5197 | +--ro observation-point-id? uint32 5198 +--rw selection-process* [name] 5199 | +--rw name ipfix:name-type 5200 | +--rw selector* [name] 5201 | | ... 5202 | +--rw cache? 5203 | | -> /ipfix:ipfix/psamp/cache/name 5204 | +--ro selection-sequence* [] 5205 | ... 5206 +--rw cache* [name] 5207 +--rw name ipfix:name-type 5208 +--rw enabled? boolean 5209 +--rw (cache-type) 5210 | ... 5211 +--rw exporting-process* 5212 | -> /ipfix:ipfix/exporting-process/name 5213 | {ipfix:exporter}? 5214 +--ro metering-process-id? uint32 5215 +--ro data-records? yang:counter64 5216 +--ro cache-discontinuity-time? yang:date-and-time 5218 6.2.2. ietf-ipfix-packet-sampling YANG module 5220 This YANG Module imports typedefs from [RFC6991]. 5222 file "ietf-ipfix-packet-sampling@2018-10-22.yang" 5224 module ietf-ipfix-packet-sampling { 5225 yang-version 1.1; 5227 namespace "urn:ietf:params:xml:ns:yang:ietf-ipfix-packet-sampling"; 5229 prefix ips; 5230 import ietf-yang-types { 5231 prefix yang; 5232 reference 5233 "RFC 6991: Common YANG Data Types"; 5234 } 5236 import ietf-interfaces { 5237 prefix if; 5238 reference 5239 "RFC 8343: A YANG Model for Interface Management"; 5240 } 5242 import ietf-hardware { 5243 prefix hw; 5244 reference 5245 "RFC 8348: A YANG Data Model for Hardware Management"; 5246 } 5248 import ietf-ipfix { 5249 prefix ipfix; 5250 reference 5251 "RFC XXXX: YANG Data Models for the IP Flow Information Export 5252 (IPFIX) Protocol, Packet Sampling (PSAMP) Protocol, and Bulk 5253 Data Export"; 5254 } 5256 organization 5257 "IETF"; 5259 contact 5260 "Web: TBD 5261 List: TBD 5263 Editor: Joey Boyd 5264 5266 Editor: Marta Seda 5267 "; 5269 // RFC Ed.: replace XXXX with actual RFC numbers and 5270 // remove this note. 5272 description 5273 "This module contains a collection of YANG definitions for the 5274 management Packet Sampling (PSAMP) over IPFIX. 5276 This data model is designed for the Network Management Datastore 5277 Architecture defined in RFC 8342. 5279 The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL 5280 NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', 5281 'MAY', and 'OPTIONAL' in this document are to be interpreted as 5282 described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, 5283 they appear in all capitals, as shown here. 5285 Copyright (c) 2019 IETF Trust and the persons identified as 5286 authors of the code. All rights reserved. 5288 Redistribution and use in source and binary forms, with or 5289 without modification, is permitted pursuant to, and subject to 5290 the license terms contained in, the Simplified BSD License set 5291 forth in Section 4.c of the IETF Trust's Legal Provisions 5292 Relating to IETF Documents 5293 (https://trustee.ietf.org/license-info). 5295 This version of this YANG module is part of RFC XXXX 5296 (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself 5297 for full legal notices."; 5299 revision 2020-03-05 { 5300 description 5301 "Initial revision."; 5302 reference 5303 "RFC XXXX: YANG Data Models for the IP Flow Information Export 5304 (IPFIX) Protocol, Packet Sampling (PSAMP) Protocol, 5305 and Bulk Data Export"; 5306 } 5308 feature if-mib { 5309 description 5310 "This feature indicates that the device implements the 5311 IF-MIB."; 5312 reference 5313 "RFC 2863: The Interfaces Group MIB"; 5314 } 5316 feature entity-mib { 5317 description 5318 "This feature indicates that the device implements the 5319 ENTITY-MIB."; 5320 reference 5321 "RFC 6933: Entity MIB (Version 4)"; 5322 } 5324 feature psamp-samp-count-based { 5325 description 5326 "If supported, the Monitoring Device supports count-based 5327 sampling. The Selector method sampCountBased can be 5328 configured."; 5329 reference 5330 "RFC 5475, Section 5.1"; 5331 } 5333 feature psamp-samp-time-based { 5334 description 5335 "If supported, the Monitoring Device supports time-based 5336 sampling. The Selector method sampTimeBased can be 5337 configured."; 5338 reference 5339 "RFC 5475, Section 5.1"; 5340 } 5342 feature psamp-samp-rand-out-of-n { 5343 description 5344 "If supported, the Monitoring Device supports random n-out-of-N 5345 sampling. The Selector method sampRandOutOfN can be 5346 configured."; 5347 reference 5348 "RFC 5475, Section 5.2.1"; 5349 } 5351 feature psamp-samp-uni-prob { 5352 description 5353 "If supported, the Monitoring Device supports uniform 5354 probabilistic sampling. The Selector method sampUniProb can be 5355 configured."; 5356 reference 5357 "RFC 5475, Section 5.2.2"; 5358 } 5360 feature psamp-filter-match { 5361 description 5362 "If supported, the Monitoring Device supports property match 5363 filtering. The Selector method filterMatch can be 5364 configured."; 5365 reference 5366 "RFC 5475, Section 6.1"; 5367 } 5369 feature psamp-filter-hash { 5370 description 5371 "If supported, the Monitoring Device supports hash-based 5372 filtering. The Selector method filterHash can be configured."; 5373 reference 5374 "RFC 5475, Section 6.2"; 5376 } 5378 feature immediate-cache { 5379 description 5380 "If supported, the Monitoring Device supports 5381 Caches generating PSAMP Packet Reports by configuration with 5382 immediateCache."; 5383 } 5385 feature timeout-cache { 5386 description 5387 "If supported, the Monitoring Device supports 5388 Caches generating IPFIX Flow Records by configuration with 5389 timeoutCache."; 5390 } 5392 feature natural-cache { 5393 description 5394 "If supported, the Monitoring Device supports 5395 Caches generating IPFIX Flow Records by configuration with 5396 naturalCache."; 5397 } 5399 feature permanent-cache { 5400 description 5401 "If supported, the Monitoring Device supports 5402 Caches generating IPFIX Flow Records by configuration with 5403 permanentCache."; 5404 } 5406 identity hash-function { 5407 description 5408 "Base identity for all hash functions used for 5409 hash-based packet Filtering."; 5410 } 5412 identity bob { 5413 base hash-function; 5414 description 5415 "BOB hash function."; 5416 reference 5417 "RFC 5475, Section 6.2.4.1"; 5418 } 5420 identity ipsx { 5421 base hash-function; 5422 description 5423 "IPSX hash function."; 5425 reference 5426 "RFC 5475, Section 6.2.4.1"; 5427 } 5429 identity crc { 5430 base hash-function; 5431 description 5432 "CRC hash function."; 5433 reference 5434 "RFC 5475, Section 6.2.4.1"; 5435 } 5437 typedef hardware-ref { 5438 type leafref { 5439 path "/hw:hardware/hw:component/hw:name"; 5440 } 5441 description 5442 "This type is used to reference hardware components."; 5443 reference 5444 "RFC 8348"; 5445 } 5447 typedef if-name-type { 5448 type string { 5449 length "1..255"; 5450 } 5451 description 5452 "This corresponds to the DisplayString textual 5453 convention of SNMPv2-TC, which is used for ifName in the IF 5454 MIB module."; 5455 reference 5456 "RFC 2863 (ifName)"; 5457 } 5459 typedef direction { 5460 type enumeration { 5461 enum "ingress" { 5462 value 0; 5463 description 5464 "This value is used for monitoring incoming packets."; 5465 } 5466 enum "egress" { 5467 value 1; 5468 description 5469 "This value is used for monitoring outgoing packets."; 5470 } 5471 enum "both" { 5472 value 2; 5473 description 5474 "This value is used for monitoring incoming and outgoing 5475 packets."; 5476 } 5477 } 5478 description 5479 "Direction of packets going through an interface."; 5480 } 5482 grouping observation-point-parameters { 5483 description 5484 "Interface as input to Observation Point."; 5486 leaf observation-domain-id { 5487 type uint32; 5488 mandatory true; 5489 description 5490 "The Observation Domain ID associates the Observation Point 5491 to an Observation Domain. Observation Points with identical 5492 Observation Domain IDs belong to the same Observation 5493 Domain. 5495 Note that this parameter corresponds to 5496 ipfixObservationPointObservationDomainId in the IPFIX MIB 5497 module."; 5498 reference 5499 "RFC 7011; RFC 6615, Section 8 5500 (ipfixObservationPointObservationDomainId)"; 5501 } 5503 leaf-list interface-ref { 5504 type if:interface-ref; 5505 description 5506 "List of interfaces of the Monitoring Device. The 5507 Observation Point observes packets at the specified 5508 interfaces."; 5509 } 5511 leaf-list if-name { 5512 if-feature if-mib; 5513 type if-name-type; 5514 description 5515 "List of names identifying interfaces of the Monitoring 5516 Device. The Observation Point observes packets at the 5517 specified interfaces."; 5518 } 5520 leaf-list if-index { 5521 if-feature if-mib; 5522 type uint32; 5523 description 5524 "List of if-index values pointing to entries in the ifTable 5525 of the IF-MIB module maintained by the Monitoring 5526 Device. The Observation Point observes packets at the 5527 specified interfaces. 5529 This parameter SHOULD only be used if an SNMP agent enables 5530 access to the ifTable. 5532 Note that this parameter corresponds to 5533 ipfixObservationPointPhysicalInterface in the IPFIX MIB 5534 module."; 5535 reference 5536 "RFC 2863; RFC 6615, Section 8 5537 (ipfixObservationPointPhysicalInterface)"; 5538 } 5540 leaf-list hardware-ref { 5541 type hardware-ref; 5542 description 5543 "List of hardware components of the Monitoring Device. 5544 The Observation Points observes packets at the specified 5545 hardware components."; 5546 reference 5547 "RFC 8348"; 5548 } 5550 leaf-list ent-physical-name { 5551 if-feature entity-mib; 5552 type string; 5553 description 5554 "List of names identifying physical entities of the 5555 Monitoring Device. The Observation Point observes packets 5556 at the specified entities."; 5557 } 5559 leaf-list ent-physical-index { 5560 if-feature entity-mib; 5561 type uint32; 5562 description 5563 "List of ent-physical-index values pointing to entries in the 5564 entPhysicalTable of the ENTITY-MIB module maintained by the 5565 Monitoring Device. The Observation Point observes packets 5566 at the specified entities. 5568 This parameter SHOULD only be used if an SNMP agent enables 5569 access to the entPhysicalTable. 5571 Note that this parameter corresponds to 5572 ipfixObservationPointPhysicalEntity in the IPFIX MIB 5573 module."; 5574 reference 5575 "RFC 33; RFC 6615, Section 8 5576 (ipfixObservationPointPhysicalInterface)"; 5577 } 5579 leaf direction { 5580 type direction; 5581 default "both"; 5582 description 5583 "Direction of packets. If not applicable (e.g., in the case 5584 of a sniffing interface in promiscuous mode), this 5585 parameter is ignored."; 5586 } 5587 } 5589 grouping samp-count-based-parameters { 5590 description 5591 "Configuration parameters of a Selector applying systematic 5592 count-based packet Sampling to the packet stream."; 5593 reference 5594 "RFC 5475, Section 5.1; RFC 5476, Section 6.5.2.1."; 5596 leaf packet-interval { 5597 type uint32; 5598 units "packets"; 5599 mandatory true; 5600 description 5601 "The number of packets that are consecutively sampled between 5602 gaps of length packetSpace. 5604 This parameter corresponds to the Information Element 5605 samplingPacketInterval and to psampSampCountBasedInterval 5606 in the PSAMP MIB module."; 5607 reference 5608 "RFC 5477, Section 8.2.2; RFC 6727, Section 6 5609 (psampSampCountBasedInterval)"; 5610 } 5612 leaf packet-space { 5613 type uint32; 5614 units "packets"; 5615 mandatory true; 5616 description 5617 "The number of unsampled packets between two Sampling 5618 intervals. 5620 This parameter corresponds to the Information Element 5621 samplingPacketSpace and to psampSampCountBasedSpace 5622 in the PSAMP MIB module."; 5623 reference 5624 "RFC 5477, Section 8.2.3; RFC 6727, Section 6 5625 (psampSampCountBasedSpace)"; 5626 } 5627 } 5629 grouping samp-time-based-parameters { 5630 description 5631 "Configuration parameters of a Selector applying systematic 5632 time-based packet Sampling to the packet stream."; 5633 reference 5634 "RFC 5475, Section 5.1; RFC 5476, Section 6.5.2.2"; 5636 leaf time-interval { 5637 type uint32; 5638 units "microseconds"; 5639 mandatory true; 5640 description 5641 "The time interval in microseconds during which all arriving 5642 packets are sampled between gaps of length timeSpace. 5644 This parameter corresponds to the Information Element 5645 samplingTimeInterval and to psampSampTimeBasedInterval 5646 in the PSAMP MIB module."; 5647 reference 5648 "RFC 5477, Section 8.2.4; RFC 6727, Section 6 5649 (psampSampTimeBasedInterval)"; 5650 } 5652 leaf time-space { 5653 type uint32; 5654 units "microseconds"; 5655 mandatory true; 5656 description 5657 "The time interval in microseconds during which no packets 5658 are sampled between two Sampling intervals specified by 5659 timeInterval. 5661 This parameter corresponds to the Information Element 5662 samplingTimeInterval and to psampSampTimeBasedSpace 5663 in the PSAMP MIB module."; 5664 reference 5665 "RFC 5477, Section 8.2.5; RFC 6727, Section 6 5666 (psampSampTimeBasedSpace)"; 5667 } 5668 } 5670 grouping samp-rand-out-of-n-parameters { 5671 description 5672 "Configuration parameters of a Selector applying n-out-of-N 5673 packet Sampling to the packet stream."; 5674 reference 5675 "RFC 5475, Section 5.2.1; RFC 5476, Section 6.5.2.3."; 5677 leaf size { 5678 type uint32; 5679 units "packets"; 5680 mandatory true; 5681 description 5682 "The number of elements taken from the parent population. 5684 This parameter corresponds to the Information Element 5685 samplingSize and to psampSampRandOutOfNSize in the PSAMP 5686 MIB module."; 5687 reference 5688 "RFC 5477, Section 8.2.6; RFC 6727, Section 6 5689 (psampSampRandOutOfNSize)"; 5690 } 5692 leaf population { 5693 type uint32; 5694 units "packets"; 5695 mandatory true; 5696 description 5697 "The number of elements in the parent population. 5699 This parameter corresponds to the Information Element 5700 samplingPopulation and to psampSampRandOutOfNPopulation 5701 in the PSAMP MIB module."; 5702 reference 5703 "RFC 5477, Section 8.2.7; RFC 6727, Section 6 5704 (psampSampRandOutOfNPopulation)"; 5705 } 5706 } 5708 grouping samp-uni-prob-parameters { 5709 description 5710 "Configuration parameters of a Selector applying uniform 5711 probabilistic packet Sampling (with equal probability per 5712 packet) to the packet stream."; 5714 reference 5715 "RFC 5475, Section 5.2.2.1; 5716 RFC 5476, Section 6.5.2.4"; 5718 leaf probability { 5719 type decimal64 { 5720 fraction-digits 18; 5721 range "0..1"; 5722 } 5723 mandatory true; 5724 description 5725 "Probability that a packet is sampled, expressed as a value 5726 between 0 and 1. The probability is equal for every 5727 packet. 5729 This parameter corresponds to the Information Element 5730 samplingProbability and to psampSampUniProbProbability 5731 in the PSAMP MIB module."; 5732 reference 5733 "RFC 5477, Section 8.2.8; RFC 6727, Section 6 5734 (psampSampUniProbProbability)"; 5735 } 5736 } 5738 grouping filter-match-parameters { 5739 description 5740 "Configuration parameters of a Selector applying property match 5741 Filtering to the packet stream. 5743 The field to be matched is specified as an Information 5744 Element."; 5745 reference 5746 "RFC 5475, Section 6.1; RFC 5476, Section 6.5.2.5"; 5748 choice information-element { 5749 mandatory true; 5750 description 5751 "The Information Element field to be matched."; 5753 case ie-name { 5754 leaf ie-name { 5755 type ipfix:ie-name-type; 5756 description 5757 "Name of the Information Element."; 5758 } 5759 } 5761 case ie-id { 5762 leaf ie-id { 5763 type ipfix:ie-id-type; 5764 description 5765 "ID of the Information Element."; 5766 } 5767 } 5768 } 5770 leaf ie-enterprise-number { 5771 type uint32; 5772 default '0'; 5773 description 5774 "If this parameter is zero, the Information Element is 5775 registered in the IANA registry of IPFIX Information 5776 Elements. 5778 If this parameter is configured with a non-zero private 5779 enterprise number, the Information Element is 5780 enterprise-specific."; 5781 reference 5782 "IANA registry for Private Enterprise Numbers, 5783 http://www.iana.org/assignments/enterprise-numbers; 5784 IANA registry for IPFIX Entities, 5785 http://www.iana.org/assignments/ipfix."; 5786 } 5788 leaf value { 5789 type string; 5790 mandatory true; 5791 description 5792 "Matching value of the Information Element"; 5793 } 5794 } 5796 grouping filter-hash-parameters { 5797 description 5798 "Configuration parameters of a Selector applying hash-based 5799 Filtering to the packet stream."; 5800 reference 5801 "RFC 5475, Section 6.2; RFC 5476, Section 6.5.2.6"; 5803 leaf hash-function { 5804 type identityref { 5805 base hash-function; 5806 } 5807 default 'bob'; 5808 description 5809 "Hash function to be applied. According to RFC 5475, 5810 Section 6.2.4.1, 'BOB' must be used in order to be compliant 5811 with PSAMP. 5813 This parameter functionally corresponds to 5814 psampFiltHashFunction in the PSAMP MIB module."; 5815 reference 5816 "RFC 6727, Section 6 (psampFiltHashFunction)"; 5817 } 5819 leaf initializer-value { 5820 type uint64; 5821 description 5822 "Initializer value to the hash function. 5823 If not configured by the user, the Monitoring Device 5824 arbitrarily chooses an initializer value. 5826 This parameter corresponds to the Information Element 5827 hashInitialiserValue and to psampFiltHashInitializerValue 5828 in the PSAMP MIB module."; 5829 reference 5830 "RFC 5477, Section 8.3.9; RFC 6727, Section 6 5831 (psampFiltHashInitializerValue)"; 5832 } 5834 leaf ip-payload-offset { 5835 type uint64; 5836 units "octets"; 5837 default '0'; 5838 description 5839 "IP payload offset indicating the position of the first 5840 payload byte considered as input to the hash function. 5842 Default value 0 corresponds to the minimum offset that 5843 must be configurable according to RFC 5476, Section 5844 6.5.2.6. 5846 This parameter corresponds to the Information Element 5847 hashIPPayloadOffset and to psampFiltHashIpPayloadOffset 5848 in the PSAMP MIB module."; 5849 reference 5850 "RFC 5477, Section 8.3.2; RFC 6727, Section 6 5851 (psampFiltHashIpPayloadOffset)"; 5852 } 5854 leaf ip-payload-size { 5855 type uint64; 5856 units "octets"; 5857 default '8'; 5858 description 5859 "Number of IP payload bytes used as input to the hash 5860 function, counted from the payload offset. If the IP 5861 payload is shorter than the payload range, all available 5862 payload octets are used as input. 5864 Default value 8 corresponds to the minimum IP payload 5865 size that must be configurable according to RFC 5476, 5866 Section 6.5.2.6. 5868 This parameter corresponds to the Information Element 5869 hashIPPayloadSize and to psampFiltHashIpPayloadSize 5870 in the PSAMP MIB module."; 5871 reference 5872 "RFC 5477, Section 8.3.3; RFC 6727, Section 6 5873 (psampFiltHashIpPayloadSize)"; 5874 } 5876 leaf digest-output { 5877 type boolean; 5878 default 'false'; 5879 description 5880 "If true, the output from this Selector is included in the 5881 Packet Report as a packet digest. Therefore, the configured 5882 Cache Layout needs to contain a digestHashValue field. 5884 This parameter corresponds to the Information Element 5885 hashDigestOutput."; 5886 reference 5887 "RFC 5477, Section 8.3.8"; 5888 } 5890 list selected-range { 5891 key "name"; 5892 min-elements 1; 5893 description 5894 "List of hash function return ranges for which packets are 5895 selected."; 5897 leaf name { 5898 type ipfix:name-type; 5899 description 5900 "An arbitrary string which uniquely identifies the 5901 hash function's selected range."; 5902 } 5904 leaf min { 5905 type uint64; 5906 description 5907 "Beginning of the hash function's selected range. 5909 This parameter corresponds to the Information Element 5910 hashSelectedRangeMin and to psampFiltHashSelectedRangeMin 5911 in the PSAMP MIB module."; 5912 reference 5913 "RFC 5477, Section 8.3.6; RFC 6727, Section 6 5914 (psampFiltHashSelectedRangeMin)"; 5915 } 5917 leaf max { 5918 type uint64; 5919 description 5920 "End of the hash function's selected range. 5922 This parameter corresponds to the Information Element 5923 hashSelectedRangeMax and to psampFiltHashSelectedRangeMax 5924 in the PSAMP MIB module."; 5925 reference 5926 "RFC 5477, Section 8.3.7; RFC 6727, Section 6 5927 (psampFiltHashSelectedRangeMax)"; 5928 } 5929 } 5930 } 5932 grouping filter-hash-parameters-state { 5933 description 5934 "Configuration parameters of a Selector applying hash-based 5935 Filtering to the packet stream."; 5936 reference 5937 "RFC 5475, Section 6.2; RFC 5476, Section 6.5.2.6"; 5939 leaf output-range-min { 5940 type uint64; 5941 config false; 5942 description 5943 "Beginning of the hash function's potential range. 5945 This parameter corresponds to the Information Element 5946 hashOutputRangeMin and to psampFiltHashOutputRangeMin 5947 in the PSAMP MIB module."; 5948 reference 5949 "RFC 5477, Section 8.3.4; RFC 6727, Section 6 5950 (psampFiltHashOutputRangeMin)"; 5951 } 5953 leaf output-range-max { 5954 type uint64; 5955 config false; 5956 description 5957 "End of the hash function's potential range. 5959 This parameter corresponds to the Information Element 5960 hashOutputRangeMax and to psampFiltHashOutputRangeMax 5961 in the PSAMP MIB module."; 5962 reference 5963 "RFC 5477, Section 8.3.5; RFC 6727, Section 6 5964 (psampFiltHashOutputRangeMax)"; 5965 } 5966 } 5968 grouping selector-parameters { 5969 description 5970 "Configuration and state parameters of a Selector."; 5972 choice method { 5973 mandatory true; 5974 description 5975 "Packet selection method applied by the Selector."; 5977 case select-all { 5978 leaf select-all { 5979 type empty; 5980 description 5981 "Method that selects all packets."; 5982 } 5983 } 5985 case samp-count-based { 5986 container samp-count-based { 5987 if-feature psamp-samp-count-based; 5988 description 5989 "Systematic count-based packet Sampling."; 5991 uses samp-count-based-parameters; 5992 } 5993 } 5995 case samp-time-based { 5996 container samp-time-based { 5997 if-feature psamp-samp-time-based; 5998 description 5999 "Systematic time-based packet Sampling."; 6001 uses samp-time-based-parameters; 6003 } 6004 } 6006 case samp-rand-out-of-n { 6007 container samp-rand-out-of-n { 6008 if-feature psamp-samp-rand-out-of-n; 6009 description 6010 "n-out-of-N packet Sampling."; 6012 uses samp-rand-out-of-n-parameters; 6013 } 6014 } 6016 case samp-uni-prob { 6017 container samp-uni-prob { 6018 if-feature psamp-samp-uni-prob; 6019 description 6020 "Uniform probabilistic packet Sampling."; 6022 uses samp-uni-prob-parameters; 6023 } 6024 } 6026 case filter-match { 6027 container filter-match { 6028 if-feature psamp-filter-match; 6029 description 6030 "Property match Filtering."; 6032 uses filter-match-parameters; 6033 } 6034 } 6036 case filter-hash { 6037 container filter-hash { 6038 if-feature psamp-filter-hash; 6039 description 6040 "Hash-based Filtering."; 6042 uses filter-hash-parameters; 6043 uses filter-hash-parameters-state; 6044 } 6045 } 6046 } 6047 } 6049 grouping selector-parameters-state { 6050 description 6051 "Configuration and state parameters of a Selector."; 6053 leaf packets-observed { 6054 type yang:counter64; 6055 config false; 6056 description 6057 "The number of packets observed at the input of the 6058 Selector. 6060 If this is the first Selector in the Selection Process, 6061 this counter corresponds to the total number of packets in 6062 all Observed Packet Streams at the input of the Selection 6063 Process. Otherwise, the counter corresponds to the total 6064 number of packets at the output of the preceding Selector. 6066 Discontinuities in the value of this counter can occur at 6067 re-initialization of the management system, and at other 6068 times as indicated by the value of 6069 selectorDiscontinuityTime. 6071 Note that this parameter corresponds to 6072 ipfixSelectorStatsPacketsObserved in the IPFIX MIB 6073 module."; 6074 reference 6075 "RFC 6615, Section 8 6076 (ipfixSelectorStatsPacketsObserved)"; 6077 } 6079 leaf packets-dropped { 6080 type yang:counter64; 6081 config false; 6082 description 6083 "The total number of packets discarded by the Selector. 6085 Discontinuities in the value of this counter can occur at 6086 re-initialization of the management system, and at other 6087 times as indicated by the value of 6088 selectorDiscontinuityTime. 6090 Note that this parameter corresponds to 6091 ipfixSelectorStatsPacketsDropped in the IPFIX MIB 6092 module."; 6093 reference 6094 "RFC 6615, Section 8 6095 (ipfixSelectorStatsPacketsDropped)"; 6096 } 6098 leaf selector-discontinuity-time { 6099 type yang:date-and-time; 6100 config false; 6101 description 6102 "Timestamp of the most recent occasion at which one or more 6103 of the Selector counters suffered a discontinuity. 6105 Note that this parameter functionally corresponds to 6106 ipfixSelectionProcessStatsDiscontinuityTime in the IPFIX 6107 MIB module. In contrast to 6108 ipfixSelectionProcessStatsDiscontinuityTime, the time is 6109 absolute and not relative to sysUpTime."; 6110 reference 6111 "RFC 6615, Section 8 6112 (ipfixSelectionProcessStatsDiscontinuityTime)"; 6113 } 6114 } 6116 grouping cache-layout-parameters { 6117 description 6118 "Cache Layout parameters used by immediate cache, timeout 6119 cache, natural cache, and permanent cache."; 6121 container cache-layout { 6122 description 6123 "Cache Layout parameters."; 6125 list cache-field { 6126 key "name"; 6127 min-elements 1; 6128 description 6129 "Superset of fields that are included in the Packet Reports 6130 or Flow Records generated by the Cache."; 6132 leaf name { 6133 type ipfix:name-type; 6134 description 6135 "An arbitrary string which uniquely identifies the 6136 cache field."; 6137 } 6139 choice information-element { 6140 mandatory true; 6141 description 6142 "The Information Element to be added to the template."; 6143 reference 6144 "RFC 7012, Section 2; IANA registry for IPFIX 6145 Entities, http://www.iana.org/assignments/ipfix"; 6147 case ie-name { 6148 leaf ie-name { 6149 type ipfix:ie-name-type; 6150 description 6151 "Name of the Information Element."; 6152 } 6153 } 6155 case ie-id { 6156 leaf ie-id { 6157 type ipfix:ie-id-type; 6158 description 6159 "ID of the Information Element."; 6160 } 6161 } 6162 } 6164 leaf ie-length { 6165 type uint16; 6166 units "octets"; 6167 description 6168 "Length of the field in which the Information Element is 6169 encoded. A value of 65535 specifies a variable-length 6170 Information Element. For Information Elements of integer 6171 and float type, the field length MAY be set to a smaller 6172 value than the standard length of the abstract data type 6173 if the rules of reduced size encoding are fulfilled. 6175 If not configured by the user, this parameter is set by 6176 the Monitoring Device."; 6177 reference 6178 "RFC 7011, Section 6.2"; 6179 } 6181 leaf ie-enterprise-number { 6182 type uint32; 6183 default '0'; 6184 description 6185 "If this parameter is zero, the Information Element is 6186 registered in the IANA registry of IPFIX Information 6187 Elements. 6189 If this parameter is configured with a non-zero private 6190 enterprise number, the Information Element is 6191 enterprise-specific. 6193 If the enterprise number is set to 29305, this field 6194 contains a Reverse Information Element. In this case, 6195 the Cache MUST generate Data Records in accordance to 6196 RFC 5103."; 6197 reference 6198 "RFC 7011; RFC 5103; 6199 IANA registry for Private Enterprise Numbers, 6200 http://www.iana.org/assignments/enterprise-numbers; 6201 IANA registry for IPFIX Entities, 6202 http://www.iana.org/assignments/ipfix"; 6203 } 6204 } 6205 } 6206 } 6208 grouping flow-cache-base-parameters { 6209 description 6210 "Configuration parameters of a Cache generating Flow Records 6211 which are common to all Cache types."; 6213 leaf max-flows { 6214 type uint32; 6215 units "flows"; 6216 description 6217 "This parameter configures the maximum number of Flows in the 6218 Cache, which is the maximum number of Flows that can be 6219 measured simultaneously. 6221 The Monitoring Device MUST ensure that sufficient resources 6222 are available to store the configured maximum number of 6223 Flows. 6225 If the maximum number of Flows is measured, an additional 6226 Flow can be measured only if an existing entry is removed. 6227 However, traffic that pertains to existing Flows can 6228 continue to be measured."; 6229 } 6230 } 6232 grouping flow-permanent-cache-parameters { 6233 description 6234 "Configuration parameters of a Permanent Cache generating Flow 6235 Records."; 6237 uses flow-cache-base-parameters; 6239 leaf export-interval { 6240 type uint32; 6241 units "seconds"; 6242 description 6243 "This parameter configures the interval (in seconds) for 6244 periodical export of Flow Records. 6246 If not configured by the user, the Monitoring Device sets 6247 this parameter."; 6248 } 6249 } 6251 grouping flow-timeout-natural-cache-parameters { 6252 description 6253 "Configuration parameters of a Timeout or Natural Cache 6254 generating Flow Records."; 6256 uses flow-cache-base-parameters; 6258 leaf active-timeout { 6259 type uint32; 6260 units "seconds"; 6261 description 6262 "This parameter configures the time in seconds after which a 6263 Flow is expired even though packets matching this Flow are 6264 still received by the Cache. 6266 The parameter value zero indicates infinity, meaning that 6267 there is no active timeout. 6269 If not configured by the user, the Monitoring Device sets 6270 this parameter. 6272 Note that this parameter corresponds to 6273 ipfixMeteringProcessCacheActiveTimeout in the IPFIX 6274 MIB module."; 6275 reference 6276 "RFC 6615, Section 8 6277 (ipfixMeteringProcessCacheActiveTimeout)"; 6278 } 6280 leaf idle-timeout { 6281 type uint32; 6282 units "seconds"; 6283 description 6284 "This parameter configures the time in seconds after which a 6285 Flow is expired if no more packets matching this Flow are 6286 received by the Cache. 6288 The parameter value zero indicates infinity, meaning that 6289 there is no idle timeout. 6291 If not configured by the user, the Monitoring Device sets 6292 this parameter. 6294 Note that this parameter corresponds to 6295 ipfixMeteringProcessCacheIdleTimeout in the IPFIX 6296 MIB module."; 6297 reference 6298 "RFC 6615, Section 8 6299 (ipfixMeteringProcessCacheIdleTimeout)"; 6300 } 6301 } 6303 grouping flow-cache-parameters-state { 6304 description 6305 "State parameters of a Cache generating Flow Records."; 6307 leaf active-flows { 6308 type yang:gauge32; 6309 units "flows"; 6310 config false; 6311 description 6312 "The number of Flows currently active in this Cache. 6314 Note that this parameter corresponds to 6315 ipfixMeteringProcessCacheActiveFlows in the IPFIX MIB 6316 module."; 6317 reference 6318 "RFC 6615, Section 8 6319 (ipfixMeteringProcessCacheActiveFlows)"; 6320 } 6322 leaf unused-cache-entries { 6323 type yang:gauge32; 6324 units "flows"; 6325 config false; 6326 description 6327 "The number of unused Cache entries in this Cache. 6329 Note that this parameter corresponds to 6330 ipfixMeteringProcessCacheUnusedCacheEntries in the IPFIX 6331 MIB module."; 6332 reference 6333 "RFC 6615, Section 8 6334 (ipfixMeteringProcessCacheUnusedCacheEntries)"; 6335 } 6336 } 6338 augment '/ipfix:ipfix' { 6339 description 6340 "Augment IPFIX to add PSAMP."; 6342 container psamp { 6343 description 6344 "Container for PSAMP nodes."; 6346 list observation-point { 6347 key "name"; 6348 description 6349 "Observation Point of the Monitoring Device."; 6351 leaf name { 6352 type ipfix:name-type; 6353 description 6354 "An arbitrary string which uniquely identifies the 6355 Observation Point."; 6356 } 6358 uses observation-point-parameters; 6360 leaf-list selection-process { 6361 type leafref { 6362 path "/ipfix:ipfix/psamp/selection-process/name"; 6363 } 6364 description 6365 "Selection Processes in this list process packets in 6366 parallel."; 6367 } 6369 leaf observation-point-id { 6370 type uint32; 6371 config false; 6372 description 6373 "Observation Point ID (i.e., the value of the Information 6374 Element observationPointId) assigned by the Monitoring 6375 Device."; 6376 reference 6377 "IANA registry for IPFIX Entities, 6378 http://www.iana.org/assignments/ipfix"; 6379 } 6380 } 6382 list selection-process { 6383 key "name"; 6384 description 6385 "Selection Process of the Monitoring Device."; 6387 leaf name { 6388 type ipfix:name-type; 6389 description 6390 "An arbitrary string which uniquely identifies the 6391 Selectiong Process."; 6392 } 6394 list selector { 6395 key "name"; 6396 min-elements 1; 6397 ordered-by user; 6398 description 6399 "List of Selectors that define the action of the 6400 Selection Process on a single packet. The Selectors 6401 are serially invoked in the same order as they appear 6402 in this list."; 6404 leaf name { 6405 type ipfix:name-type; 6406 description 6407 "Name of the selector."; 6408 } 6410 uses selector-parameters; 6412 uses selector-parameters-state; 6413 } 6415 leaf cache { 6416 type leafref { 6417 path "/ipfix:ipfix/psamp/cache/name"; 6418 } 6419 description 6420 "Cache that receives the output of the Selection 6421 Process."; 6422 } 6424 list selection-sequence { 6425 config false; 6426 description 6427 "This list contains the Selection Sequence IDs that are 6428 assigned by the Monitoring Device to distinguish 6429 different Selection Sequences passing through the 6430 Selection Process. 6432 As Selection Sequence IDs are unique per Observation 6433 Domain, the corresponding Observation Domain IDs are 6434 included as well. 6436 With this information, it is possible to associate 6437 Selection Sequence (Statistics) Report Interpretations 6438 exported according to the PSAMP protocol with a 6439 Selection Process in the configuration data."; 6440 reference 6441 "RFC 5476"; 6443 leaf observation-domain-id { 6444 type uint32; 6445 description 6446 "Observation Domain ID for which the 6447 Selection Sequence ID is assigned."; 6448 } 6450 leaf selection-sequence-id { 6451 type uint64; 6452 description 6453 "Selection Sequence ID used in the Selection 6454 Sequence (Statistics) Report Interpretation."; 6455 } 6456 } 6457 } 6459 list cache { 6460 key "name"; 6461 description 6462 "Cache of the Monitoring Device."; 6464 leaf name { 6465 type ipfix:name-type; 6466 description 6467 "An arbitrary string which uniquely identifies the 6468 cache."; 6469 } 6471 leaf enabled { 6472 type boolean; 6473 default "true"; 6474 description 6475 "If true, this cache is enabled and the specified data is 6476 able to be exported."; 6477 } 6479 choice cache-type { 6480 mandatory true; 6481 description 6482 "Type of Cache and specific parameters."; 6484 case immediate-cache { 6485 container immediate-cache { 6486 if-feature immediate-cache; 6487 description 6488 "Flow expiration after the first packet; generation 6489 of Packet Records."; 6491 uses cache-layout-parameters; 6492 } 6493 } 6495 case timeout-cache { 6496 container timeout-cache { 6497 if-feature timeout-cache; 6498 description 6499 "Flow expiration after active and idle timeout; 6500 generation of Flow Records."; 6502 uses flow-timeout-natural-cache-parameters; 6503 uses cache-layout-parameters { 6504 augment "cache-layout/cache-field" { 6505 description 6506 "Augment the Cache layout with timeout cache 6507 specific configuration."; 6509 leaf is-flow-key { 6510 when 6511 "../ie-enterprise-number != 29305" { 6512 description 6513 "This parameter is not available for Reverse 6514 Information Elements (which have enterprise 6515 number 29305)."; 6516 } 6517 type empty; 6518 description 6519 "If present, this is a flow key."; 6520 } 6521 } 6522 } 6523 uses flow-cache-parameters-state; 6525 } 6526 } 6528 case natural-cache { 6529 container natural-cache { 6530 if-feature natural-cache; 6531 description 6532 "Flow expiration after active and idle timeout, or on 6533 natural termination (e.g., TCP FIN or TCP RST) of 6534 the Flow; generation of Flow Records."; 6536 uses flow-timeout-natural-cache-parameters; 6537 uses cache-layout-parameters { 6538 augment "cache-layout/cache-field" { 6539 description 6540 "Augment the Cache layout with timeout cache 6541 specific configuration."; 6543 leaf is-flow-key { 6544 when 6545 "../ie-enterprise-number != 29305" { 6546 description 6547 "This parameter is not available for Reverse 6548 Information Elements (which have enterprise 6549 number 29305)."; 6550 } 6551 type empty; 6552 description 6553 "If present, this is a flow key."; 6554 } 6555 } 6556 } 6557 uses flow-cache-parameters-state; 6558 } 6559 } 6561 case permanent-cache { 6562 container permanent-cache { 6563 if-feature permanent-cache; 6564 description 6565 "No flow expiration, periodical export with time 6566 interval exportInterval; generation of Flow 6567 Records."; 6568 uses flow-permanent-cache-parameters; 6569 uses cache-layout-parameters { 6570 augment "cache-layout/cache-field" { 6571 description 6572 "Augment the Cache layout with timeout cache 6573 specific configuration."; 6575 leaf is-flow-key { 6576 when 6577 "../ie-enterprise-number != 29305" { 6578 description 6579 "This parameter is not available for Reverse 6580 Information Elements (which have enterprise 6581 number 29305)."; 6582 } 6583 type empty; 6584 description 6585 "If present, this is a flow key."; 6586 } 6587 } 6588 } 6589 uses flow-cache-parameters-state; 6590 } 6591 } 6592 } 6594 leaf-list exporting-process { 6595 if-feature ipfix:exporter; 6596 type leafref { 6597 path "/ipfix:ipfix" 6598 + "/ipfix:exporting-process" 6599 + "/ipfix:name"; 6600 } 6601 description 6602 "Records are exported by all Exporting Processes in the 6603 list."; 6604 } 6606 leaf metering-process-id { 6607 type uint32; 6608 config false; 6609 description 6610 "The identifier of the Metering Process this Cache 6611 belongs to. 6613 This parameter corresponds to the Information Element 6614 meteringProcessId. Its occurrence helps to associate 6615 Cache parameters with Metering Process statistics 6616 exported by the Monitoring Device using the Metering 6617 Process (Reliability) Statistics Template as 6618 defined by the IPFIX protocol specification."; 6619 reference 6620 "RFC 7011, Sections 4.1 and 4.2; 6621 IANA registry for IPFIX Entities, 6622 http://www.iana.org/assignments/ipfix"; 6623 } 6625 leaf data-records { 6626 type yang:counter64; 6627 units "Data Records"; 6628 config false; 6629 description 6630 "The number of Data Records generated by this Cache. 6632 Discontinuities in the value of this counter can occur 6633 at re-initialization of the management system, and at 6634 other times as indicated by the value of 6635 cacheDiscontinuityTime. 6637 Note that this parameter corresponds to 6638 ipfixMeteringProcessDataRecords in the IPFIX MIB 6639 module."; 6640 reference 6641 "RFC 6615, Section 8 6642 (ipfixMeteringProcessDataRecords)"; 6643 } 6645 leaf cache-discontinuity-time { 6646 type yang:date-and-time; 6647 config false; 6648 description 6649 "Timestamp of the most recent occasion at which the 6650 counter dataRecords suffered a discontinuity. 6652 Note that this parameter functionally corresponds to 6653 ipfixMeteringProcessDiscontinuityTime in the IPFIX MIB 6654 module. In contrast to 6655 ipfixMeteringProcessDiscontinuityTime, the time is 6656 absolute and not relative to sysUpTime."; 6657 reference 6658 "RFC 6615, Section 8 6659 (ipfixMeteringProcessDiscontinuityTime)"; 6660 } 6661 } 6662 } 6663 } 6664 } 6666 6668 6.3. ietf-ipfix-bulk-data-export 6670 6.3.1. ietf-ipfix-bulk-data-export Module Structure 6672 This document defines the YANG module "ietf-ipfix-bulk-data-export", 6673 which has the following tentative structure: 6675 module: ietf-ipfix-bulk-data-export 6676 augment /ipfix:ipfix: 6677 +--rw bulk-data-export 6678 +--rw template* [name] 6679 +--rw name ipfix:name-type 6680 +--rw enabled? boolean 6681 +--rw export-interval? uint32 6682 +--rw observation-domain-id? uint32 6683 +--rw field-layout 6684 | ... 6685 +--rw exporting-process* 6686 | -> /ipfix:ipfix/exporting-process/name 6687 | {ipfix:exporter}? 6688 +--rw (resource-identifier)? 6689 | ... 6690 +--ro data-records? yang:counter64 6691 +--ro discontinuity-time? yang:date-and-time 6693 6.3.2. ietf-ipfix-bulk-data-export YANG module 6695 This YANG Module imports typedefs from [RFC6991]. 6697 file "ietf-ipfix-bulk-data-export@2018-11-15.yang" 6699 module ietf-ipfix-bulk-data-export { 6700 yang-version 1.1; 6702 namespace 6703 "urn:ietf:params:xml:ns:yang:ietf-ipfix-bulk-data-export"; 6705 prefix ibde; 6707 import ietf-yang-types { 6708 prefix yang; 6709 reference 6710 "RFC 6991: Common YANG Data Types"; 6711 } 6713 import ietf-ipfix { 6714 prefix ipfix; 6715 reference 6716 "RFC XXXX: YANG Data Models for the IP Flow Information Export 6717 (IPFIX) Protocol, Packet Sampling (PSAMP) Protocol, and Bulk 6718 Data Export"; 6719 } 6721 organization 6722 "IETF"; 6724 contact 6725 "Web: TBD 6726 List: TBD 6728 Editor: Joey Boyd 6729 6731 Editor: Marta Seda 6732 "; 6734 // RFC Ed.: replace XXXX with actual RFC numbers and 6735 // remove this note. 6737 description 6738 "This module contains a collection of YANG definitions for the 6739 management exporting bulk data over IPFIX. 6741 This data model is designed for the Network Management Datastore 6742 Architecture defined in RFC 8342. 6744 The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL 6745 NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', 6746 'MAY', and 'OPTIONAL' in this document are to be interpreted as 6747 described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, 6748 they appear in all capitals, as shown here. 6750 Copyright (c) 2019 IETF Trust and the persons identified as 6751 authors of the code. All rights reserved. 6753 Redistribution and use in source and binary forms, with or 6754 without modification, is permitted pursuant to, and subject to 6755 the license terms contained in, the Simplified BSD License set 6756 forth in Section 4.c of the IETF Trust's Legal Provisions 6757 Relating to IETF Documents 6758 (https://trustee.ietf.org/license-info). 6760 This version of this YANG module is part of RFC XXXX 6761 (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself 6762 for full legal notices."; 6764 revision 2020-03-05 { 6765 description 6766 "Initial revision."; 6767 reference 6768 "RFC XXXX: YANG Data Models for the IP Flow Information Export 6769 (IPFIX) Protocol, Packet Sampling (PSAMP) Protocol, 6770 and Bulk Data Export"; 6771 } 6772 feature bulk-data { 6773 description 6774 "If supported, bulk data templates can be configured."; 6775 } 6777 typedef resource { 6778 type instance-identifier { 6779 require-instance false; 6780 } 6781 description 6782 "A resource from which bulk data will be exported."; 6783 } 6785 grouping bulk-data-template-parameters { 6786 description 6787 "Field Layout parameters."; 6789 leaf observation-domain-id { 6790 type uint32; 6791 default 0; 6792 description 6793 "An identifier of an Observation Domain that is locally 6794 unique to an Exporting Process (see RFC 7011 Section 3.1). 6796 Typically, this Information Element is for limiting the 6797 scope of other Information Elements. 6799 A value of 0 indicates that no specific Observation Domain 6800 is identified by this Information Element."; 6801 } 6803 container field-layout { 6804 description 6805 "Field Layout parameters."; 6807 list field { 6808 key name; 6809 min-elements 1; 6810 description 6811 "Superset of statistics field names or special field-names 6812 (e.g., timestamps, etc) for interpreting statistics that 6813 are included in the Packet Reports or Flow Records 6814 generated by the device."; 6816 leaf name { 6817 type ipfix:name-type; 6818 description 6819 "An arbitrary string which uniquely identifies the 6820 field."; 6821 } 6823 choice identifier { 6824 mandatory true; 6825 description 6826 "The Information Element to be added to the template."; 6828 case ie-name { 6829 leaf ie-name { 6830 type ipfix:ie-name-type; 6831 description 6832 "Name of the Information Element."; 6833 } 6834 } 6836 case ie-id { 6837 leaf ie-id { 6838 type ipfix:ie-id-type; 6839 description 6840 "ID of the Information Element."; 6841 } 6842 } 6843 } 6845 leaf ie-length { 6846 type uint16; 6847 units octets; 6848 description 6849 "Length of the field in which the Information Element is 6850 encoded. A value of 65535 specifies a variable-length 6851 Information Element. For Information Elements of 6852 integer and float type, the field length MAY be set to a 6853 smaller value than the standard length of the abstract 6854 data type if the rules of reduced size encoding are 6855 fulfilled. 6857 If not configured by the user, this parameter is set by 6858 the Monitoring Device."; 6859 reference 6860 "RFC 7011, Section 6.2"; 6861 } 6863 leaf ie-enterprise-number { 6864 type uint32; 6865 default 0; 6866 description 6867 "If this parameter is zero, the Information Element is 6868 registered in the IANA registry of IPFIX Information 6869 Elements or unspecified (if the Informational Element is 6870 not IANA registered). 6872 If this parameter is configured with a non-zero private 6873 enterprise number, the Information Element is 6874 enterprise-specific."; 6875 reference 6876 "RFC 7011; RFC 5103; 6877 IANA registry for Private Enterprise Numbers, 6878 http://www.iana.org/assignments/enterprise-numbers; 6879 IANA registry for IPFIX Entities, 6880 http://www.iana.org/assignments/ipfix"; 6881 } 6882 } 6883 } 6884 } 6886 augment "/ipfix:ipfix" { 6887 description 6888 "Augment IPFIX to add bulk data."; 6890 container bulk-data-export { 6891 description 6892 "Container for bulk data export nodes."; 6894 list template { 6895 key name; 6896 description 6897 "List of bulk data templates of the Monitoring Device."; 6899 leaf name { 6900 type ipfix:name-type; 6901 description 6902 "An arbitrary string which uniquely identifies the 6903 bulk data template."; 6904 } 6906 leaf enabled { 6907 type boolean; 6908 default "true"; 6909 description 6910 "If true, this template is enabled and the specified 6911 data is able to be exported."; 6912 } 6914 leaf export-interval { 6915 type uint32; 6916 units "seconds"; 6917 description 6918 "This parameter configures the interval (in seconds) for 6919 periodical export of Flow Records. 6921 If not configured by the user, the Monitoring Device 6922 sets this parameter."; 6923 } 6925 uses bulk-data-template-parameters; 6927 leaf-list exporting-process { 6928 if-feature ipfix:exporter; 6929 type leafref { 6930 path "/ipfix:ipfix" 6931 + "/ipfix:exporting-process" 6932 + "/ipfix:name"; 6933 } 6934 description 6935 "Records are exported by all Exporting Processes in the 6936 list."; 6937 } 6939 choice resource-identifier { 6940 description 6941 "Method to select the resources from which the records 6942 are to be exported."; 6944 case resource-instance { 6945 leaf-list resource-instance { 6946 type resource; 6947 description 6948 "Records are sourced from all the resources in 6949 this list."; 6950 } 6951 } 6952 } 6954 leaf data-records { 6955 type yang:counter64; 6956 units "Data Records"; 6957 config false; 6958 description 6959 "The number of Data Records generated for this sampling 6960 template. 6962 Discontinuities in the value of this counter can occur 6963 at re-initialization of the management system, and at 6964 other times as indicated by the value of Discontinuity 6965 Time."; 6966 } 6968 leaf discontinuity-time { 6969 type yang:date-and-time; 6970 config false; 6971 description 6972 "Timestamp of the most recent occasion at which the 6973 counter data records suffered a discontinuity."; 6974 } 6975 } 6976 } 6977 } 6978 } 6980 6982 7. IANA Considerations 6984 This document registers 3 URIs in the "IETF XML Registry". 6985 [RFC3688]. Following the format in RFC 3688, the following 6986 registrations have been made. 6988 URI: urn:ietf:params:xml:ns:yang:ietf-ipfix 6989 Registrant Contact: The IESG. 6990 XML: N/A, the requested URI is an XML namespace. 6992 URI: urn:ietf:params:xml:ns:yang:ietf-ipfix-packet-sampling 6993 Registrant Contact: The IESG. 6994 XML: N/A, the requested URI is an XML namespace. 6996 URI: urn:ietf:params:xml:ns:yang:ietf-ipfix-bulk-data-export 6997 Registrant Contact: The IESG. 6998 XML: N/A, the requested URI is an XML namespace. 7000 This document registers 3 YANG modules in the "YANG Module Names" 7001 registry. Following the format in [RFC7950], the following have been 7002 registered. 7004 Name: ietf-ipfix 7005 Namespace: urn:ietf:params:xml:ns:yang:ietf-ipfix 7006 Prefix: ietf-ipfix 7007 Reference: RFC XXXX: YANG Data Models for the IP Flow Information 7008 Export (IPFIX) Protocol, Packet Sampling (PSAMP) Protocol, 7009 and Bulk Data Export 7011 Name: ietf-ipfix-packet-sampling 7012 Namespace: urn:ietf:params:xml:ns:yang:ietf-ipfix-packet-sampling 7013 Prefix: ietf-ipfix-packet-sampling 7014 Reference: RFC XXXX: YANG Data Models for the IP Flow Information 7015 Export (IPFIX) Protocol, Packet Sampling (PSAMP) Protocol, 7016 and Bulk Data Export 7018 Name: ietf-ipfix-bulk-data-export 7019 Namespace: urn:ietf:params:xml:ns:yang:ietf-ipfix-bulk-data-export 7020 Prefix: ietf-bde 7021 Reference: RFC XXXX: YANG Data Models for the IP Flow Information 7022 Export (IPFIX) Protocol, Packet Sampling (PSAMP) Protocol, 7023 and Bulk Data Export 7025 8. Security Considerations 7027 The YANG module specified in this document defines a schema for data 7028 that is designed to be accessed via network management protocols such 7029 as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer 7030 is the secure transport layer, and the mandatory-to-implement secure 7031 transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer 7032 is HTTPS, and the mandatory-to-implement secure transport is TLS 7033 [RFC8446]. 7035 The NETCONF access control model [RFC8341] provides the means to 7036 restrict access for particular NETCONF or RESTCONF users to a 7037 preconfigured subset of all available NETCONF or RESTCONF protocol 7038 operations and content. 7040 There are a number of data nodes defined in this YANG module that are 7041 writable/creatable/deletable (i.e., config true, which is the 7042 default). These data nodes may be considered sensitive or vulnerable 7043 in some network environments. Write operations (e.g., NETCONF edit- 7044 config) to these data nodes without proper protection can have a 7045 negative effect on network operations. These are the subtrees and 7046 data nodes and their sensitivity/vulnerability: 7048 o /ipfix/psamp/observation-point: The configuration parameters in 7049 this subtree specify where packets are observed and by which 7050 Selection Processes they will be processed. Write access to this 7051 subtree allows observing packets at arbitrary interfaces or 7052 linecards of the Monitoring Device and may thus lead to the export 7053 of sensitive traffic information. 7055 o /ipfix/psamp/selection-process: The configuration parameters in 7056 this subtree specify for which packets information will be 7057 reported in Packet Reports or Flow Records. Write access to this 7058 subtree allows changing the subset of packets for which 7059 information will be reported and may thus lead to the export of 7060 sensitive traffic information. 7062 o /ipfix/psamp/cache: The configuration parameters in this subtree 7063 specify the fields included in Packet Reports or Flow Records. 7064 Write access to this subtree allows adding fields which may 7065 contain sensitive traffic information, such as IP addresses or 7066 parts of the packet payload. 7068 o /ipfix/exporting-process: The configuration parameters in this 7069 subtree specify to which Collectors Packet Reports or Flow Records 7070 are exported. Write access to this subtree allows exporting 7071 potentially sensitive traffic information to illegitimate 7072 Collectors. Furthermore, TLS/DTLS parameters can be changed, 7073 which may affect the mutual authentication between Exporters and 7074 Collectors as well as the encrypted transport of the data. 7076 o /ipfix/collecting-process: The configuration parameters in this 7077 subtree may specify that collected Packet Reports and Flow Records 7078 are reexported to another Collector or written to a file. Write 7079 access to this subtree potentially allows reexporting or storing 7080 the sensitive traffic information. 7082 o /ipfix/bulk-data-export/template: The configuration parameters in 7083 this subtree specify the fields included in the bulk data export. 7084 Write access to this subtree allows adding fields which may cause 7085 export of sensitive configuration and/or statistics. 7087 Some of the readable data nodes in this YANG module may be considered 7088 sensitive or vulnerable in some network environments. It is thus 7089 important to control read access (e.g., via get, get-config, or 7090 notification) to these data nodes. These are the subtrees and data 7091 nodes and their sensitivity/vulnerability: 7093 o /ipfix/psamp/observation-point: Parameters in this subtree may be 7094 sensitive because they reveal information about the Monitoring 7095 Device itself and the network infrastructure. 7097 o /ipfix/psamp/selection-process: Parameters in this subtree may be 7098 sensitive because they reveal information about the Monitoring 7099 Device itself and the observed traffic. For example, the counters 7100 packetsObserved and packetsDropped inferring the number of 7101 observed packets. 7103 o /ipfix/psamp/cache: Parameters in this subtree may be sensitive 7104 because they reveal information about the Monitoring Device itself 7105 and the observed traffic. For example, the counters activeFlows 7106 and dataRecords allow inferring the number of measured Flows or 7107 packets. 7109 o /ipfix/exporting-process: Parameters in this subtree may be 7110 sensitive because they reveal information about the network 7111 infrastructure and the outgoing IPFIX Transport Sessions. For 7112 example, it discloses the IP addresses of Collectors as well as 7113 the deployed TLS/DTLS configuration, which may facilitate the 7114 interception of outgoing IPFIX Messages. 7116 o /ipfix/collecting-process: Parameters in this subtree may be 7117 sensitive because they reveal information about the network 7118 infrastructure and the incoming IPFIX Transport Sessions. For 7119 example, it discloses the IP addresses of Exporters as well as the 7120 deployed TLS/DTLS configuration, which may facilitate the 7121 interception of incoming IPFIX Messages. 7123 9. Acknowledgments 7125 The authors would like to thank Anand Arokiaraj and William Lupton 7126 for their contributions towards creation of this document and 7127 associated YANG data models. 7129 10. References 7131 10.1. Normative References 7133 [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group 7134 MIB", RFC 2863, DOI 10.17487/RFC2863, June 2000, 7135 . 7137 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 7138 DOI 10.17487/RFC3688, January 2004, 7139 . 7141 [RFC3758] Stewart, R., Ramalho, M., Xie, Q., Tuexen, M., and P. 7142 Conrad, "Stream Control Transmission Protocol (SCTP) 7143 Partial Reliability Extension", RFC 3758, 7144 DOI 10.17487/RFC3758, May 2004, 7145 . 7147 [RFC3871] Jones, G., Ed., "Operational Security Requirements for 7148 Large Internet Service Provider (ISP) IP Network 7149 Infrastructure", RFC 3871, DOI 10.17487/RFC3871, September 7150 2004, . 7152 [RFC4960] Stewart, R., Ed., "Stream Control Transmission Protocol", 7153 RFC 4960, DOI 10.17487/RFC4960, September 2007, 7154 . 7156 [RFC5103] Trammell, B. and E. Boschi, "Bidirectional Flow Export 7157 Using IP Flow Information Export (IPFIX)", RFC 5103, 7158 DOI 10.17487/RFC5103, January 2008, 7159 . 7161 [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., 7162 Housley, R., and W. Polk, "Internet X.509 Public Key 7163 Infrastructure Certificate and Certificate Revocation List 7164 (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, 7165 . 7167 [RFC5475] Zseby, T., Molina, M., Duffield, N., Niccolini, S., and F. 7168 Raspall, "Sampling and Filtering Techniques for IP Packet 7169 Selection", RFC 5475, DOI 10.17487/RFC5475, March 2009, 7170 . 7172 [RFC5476] Claise, B., Ed., Johnson, A., and J. Quittek, "Packet 7173 Sampling (PSAMP) Protocol Specifications", RFC 5476, 7174 DOI 10.17487/RFC5476, March 2009, 7175 . 7177 [RFC5477] Dietz, T., Claise, B., Aitken, P., Dressler, F., and G. 7178 Carle, "Information Model for Packet Sampling Exports", 7179 RFC 5477, DOI 10.17487/RFC5477, March 2009, 7180 . 7182 [RFC5610] Boschi, E., Trammell, B., Mark, L., and T. Zseby, 7183 "Exporting Type Information for IP Flow Information Export 7184 (IPFIX) Information Elements", RFC 5610, 7185 DOI 10.17487/RFC5610, July 2009, 7186 . 7188 [RFC5655] Trammell, B., Boschi, E., Mark, L., Zseby, T., and A. 7189 Wagner, "Specification of the IP Flow Information Export 7190 (IPFIX) File Format", RFC 5655, DOI 10.17487/RFC5655, 7191 October 2009, . 7193 [RFC6347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer 7194 Security Version 1.2", RFC 6347, DOI 10.17487/RFC6347, 7195 January 2012, . 7197 [RFC6526] Claise, B., Aitken, P., Johnson, A., and G. Muenz, "IP 7198 Flow Information Export (IPFIX) Per Stream Control 7199 Transmission Protocol (SCTP) Stream", RFC 6526, 7200 DOI 10.17487/RFC6526, March 2012, 7201 . 7203 [RFC6615] Dietz, T., Ed., Kobayashi, A., Claise, B., and G. Muenz, 7204 "Definitions of Managed Objects for IP Flow Information 7205 Export", RFC 6615, DOI 10.17487/RFC6615, June 2012, 7206 . 7208 [RFC6727] Dietz, T., Ed., Claise, B., and J. Quittek, "Definitions 7209 of Managed Objects for Packet Sampling", RFC 6727, 7210 DOI 10.17487/RFC6727, October 2012, 7211 . 7213 [RFC6933] Bierman, A., Romascanu, D., Quittek, J., and M. 7214 Chandramouli, "Entity MIB (Version 4)", RFC 6933, 7215 DOI 10.17487/RFC6933, May 2013, 7216 . 7218 [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", 7219 RFC 6991, DOI 10.17487/RFC6991, July 2013, 7220 . 7222 [RFC7011] Claise, B., Ed., Trammell, B., Ed., and P. Aitken, 7223 "Specification of the IP Flow Information Export (IPFIX) 7224 Protocol for the Exchange of Flow Information", STD 77, 7225 RFC 7011, DOI 10.17487/RFC7011, September 2013, 7226 . 7228 [RFC7012] Claise, B., Ed. and B. Trammell, Ed., "Information Model 7229 for IP Flow Information Export (IPFIX)", RFC 7012, 7230 DOI 10.17487/RFC7012, September 2013, 7231 . 7233 [RFC7119] Claise, B., Kobayashi, A., and B. Trammell, "Operation of 7234 the IP Flow Information Export (IPFIX) Protocol on IPFIX 7235 Mediators", RFC 7119, DOI 10.17487/RFC7119, February 2014, 7236 . 7238 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 7239 RFC 7950, DOI 10.17487/RFC7950, August 2016, 7240 . 7242 [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., 7243 and R. Wilton, "Network Management Datastore Architecture 7244 (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, 7245 . 7247 [RFC8343] Bjorklund, M., "A YANG Data Model for Interface 7248 Management", RFC 8343, DOI 10.17487/RFC8343, March 2018, 7249 . 7251 [RFC8348] Bierman, A., Bjorklund, M., Dong, J., and D. Romascanu, "A 7252 YANG Data Model for Hardware Management", RFC 8348, 7253 DOI 10.17487/RFC8348, March 2018, 7254 . 7256 10.2. Informative References 7258 [BBF.TR-352] 7259 Broadband Forum, "Multi-wavelength PON Inter-Channel- 7260 Termination Protocol (ICTP) Specification", May 2017, 7261 . 7264 [IANA-ENTERPRISE-NUMBERS] 7265 IANA, "Private Enterprise Numbers", 7266 . 7268 [IANA-IPFIX] 7269 IANA, "IP Flow Information Export (IPFIX) Entities", 7270 . 7272 [RFC1141] Mallory, T. and A. Kullberg, "Incremental updating of the 7273 Internet checksum", RFC 1141, DOI 10.17487/RFC1141, 7274 January 1990, . 7276 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 7277 Requirement Levels", BCP 14, RFC 2119, 7278 DOI 10.17487/RFC2119, March 1997, 7279 . 7281 [RFC3954] Claise, B., Ed., "Cisco Systems NetFlow Services Export 7282 Version 9", RFC 3954, DOI 10.17487/RFC3954, October 2004, 7283 . 7285 [RFC5473] Boschi, E., Mark, L., and B. Claise, "Reducing Redundancy 7286 in IP Flow Information Export (IPFIX) and Packet Sampling 7287 (PSAMP) Reports", RFC 5473, DOI 10.17487/RFC5473, March 7288 2009, . 7290 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 7291 and A. Bierman, Ed., "Network Configuration Protocol 7292 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 7293 . 7295 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 7296 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 7297 . 7299 [RFC6728] Muenz, G., Claise, B., and P. Aitken, "Configuration Data 7300 Model for the IP Flow Information Export (IPFIX) and 7301 Packet Sampling (PSAMP) Protocols", RFC 6728, 7302 DOI 10.17487/RFC6728, October 2012, 7303 . 7305 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 7306 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 7307 . 7309 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 7310 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 7311 May 2017, . 7313 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 7314 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 7315 . 7317 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration 7318 Access Control Model", STD 91, RFC 8341, 7319 DOI 10.17487/RFC8341, March 2018, 7320 . 7322 [RFC8407] Bierman, A., "Guidelines for Authors and Reviewers of 7323 Documents Containing YANG Data Models", BCP 216, RFC 8407, 7324 DOI 10.17487/RFC8407, October 2018, 7325 . 7327 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 7328 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 7329 . 7331 Appendix A. Example: ietf-ipfix Usage 7333 This configuration example configures an IPFIX exporter for a 7334 [BBF.TR-352] ICTP Proxy. 7336 7337 7338 TR352-exporter 7339 true 7340 7341 ICTP-Proxy1-collector 7342 7343 7344 192.100.2.1 7345 7346 7347 proxy1.sys.com 7348 7349 7350 7351 7352 Options 1 7353 extended-type-information 7354 0 7355 7356 7357 7359 This configuration example configures an IPFIX mediator. 7361 7362 7363 OLT-collector 7364 7365 myolt-tcp-collector 7366 192.100.2.1 7367 7368 OLT-exporter 7369 7370 7371 OLT-exporter 7372 true 7373 7374 big-collector 7375 7376 7377 192.100.2.1 7378 7379 7380 collect1.sys.com 7381 7382 7383 7384 7385 Options 1 7386 extended-type-information 7387 0 7388 7389 7390 7392 Appendix B. Example: ietf-ipfix-packet-sampling Usage 7394 This configuration example configures two Observation Points 7395 capturing ingress traffic at eth0 and all traffic at eth1. Both 7396 Observed Packet Streams enter two different Selection Processes. The 7397 first Selection Process implements a Composite Selector of a filter 7398 for UDP packets and a random sampler. The second Selection Process 7399 implements a Primitive Selector of an ICMP filter. The Selected 7400 Packet Streams of both Selection Processes enter the same Cache. The 7401 Cache generates a PSAMP Packet Report for every selected packet. 7403 The associated Exporting Process exports to a Collector using PR-SCTP 7404 and DTLS. The TLS/DTLS parameters specify that the collector must 7405 supply a certificate for the FQDN collector.example.net. Valid 7406 certificates from any certification authority will be accepted. As 7407 the destination transport port is omitted, the standard IPFIX-over- 7408 DTLS port 4740 is used. 7410 The parameters of the Selection Processes are reported as Selection 7411 Sequence Report Interpretations and Selector Report Interpretations 7412 [RFC5476]. There will be two Selection Sequence Report 7413 Interpretations per Selection Process, one for each Observation 7414 Point. Selection Sequence Statistics Report Interpretations are 7415 exported every 30 seconds (30000 milliseconds). 7417 7418 7420 7421 OP at eth0 (ingress) 7422 123 7423 eth0 7424 ingress 7425 Sampled UDP packets 7426 ICMP packets 7427 7429 7430 OP at eth1 7431 123 7432 eth1 7433 Sampled UDP packets 7434 ICMP packets 7435 7437 7438 Sampled UDP packets 7439 7440 UDP filter 7441 7442 4 7443 17 7444 7445 7446 7447 10-out-of-100 sampler 7448 7449 10 7450 100 7451 7452 7453 PSAMP cache 7454 7456 7457 ICMP packets 7458 7459 ICMP filter 7460 7461 4 7462 1 7463 7464 7465 PSAMP cache 7466 7468 7469 PSAMP cache 7470 7471 7472 7473 Field 1: ipHeaderPacketSection 7474 313 7475 64 7476 7477 7478 Field 2: observationTimeMilliseconds 7479 322 7480 7481 7482 7483 The only exporter 7484 7485 7487 7488 The only exporter 7489 true 7490 7491 PR-SCTP collector 7492 7493 7494 192.0.2.1 7495 7496 1000000 7497 500 7498 7499 coll-1.ex.net 7500 7501 7502 7503 7504 Options 1 7505 selection-sequence 7506 0 7507 7508 7509 Options 2 7510 selection-statistics 7511 30000 7512 7513 7515 7517 Appendix C. Example: ietf-ipfix-bulk-data-export Usage 7519 The configuration example configures a field-layout template to 7520 export Ethernet statistics from eth0 and eth1. 7522 7524 7527 7552 7553 7554 The only one 7555 true 7556 7557 Bulk data collector 7558 7559 7560 192.0.2.2 7561 7562 1000000 7563 7564 coll-2.ex.net 7565 7566 7567 7568 7569 7571 Appendix D. Tree diagrams 7573 D.1. ietf-ipfix 7575 The complete tree diagram for ietf-ipfix: 7577 module: ietf-ipfix 7578 +--rw ipfix 7579 +--rw collecting-process* [name] {collector}? 7580 | +--rw name name-type 7581 | +--rw tcp-collector* [name] {tcp-transport}? 7582 | | +--rw name name-type 7583 | | +--rw (local-address-method)? 7584 | | | +--:(local-address) 7585 | | | +--rw local-address* inet:host 7586 | | +--rw local-port? inet:port-number 7587 | | +--rw transport-layer-security! 7588 | | | +--rw local-certification-authority-dn* string 7589 | | | +--rw local-subject-dn* string 7590 | | | +--rw local-subject-fqdn* 7591 | | | | inet:domain-name 7592 | | | +--rw remote-certification-authority-dn* string 7593 | | | +--rw remote-subject-dn* string 7594 | | | +--rw remote-subject-fqdn* 7595 | | | inet:domain-name 7596 | | +--ro transport-session* [name] 7597 | | +--ro name name-type 7598 | | +--ro ipfix-version? uint16 7599 | | +--ro source-address? inet:host 7600 | | +--ro destination-address? inet:host 7601 | | +--ro source-port? 7602 | | | inet:port-number 7603 | | +--ro destination-port? 7604 | | | inet:port-number 7605 | | +--ro status? 7606 | | | transport-session-status 7607 | | +--ro rate? 7608 | | | yang:gauge32 7609 | | +--ro bytes? 7610 | | | yang:counter64 7611 | | +--ro messages? 7612 | | | yang:counter64 7613 | | +--ro discarded-messages? 7614 | | | yang:counter64 7615 | | +--ro records? 7616 | | | yang:counter64 7617 | | +--ro templates? 7618 | | | yang:counter32 7619 | | +--ro options-templates? 7620 | | | yang:counter32 7621 | | +--ro transport-session-start-time? 7622 | | | yang:date-and-time 7623 | | +--ro transport-session-discontinuity-time? 7624 | | | yang:date-and-time 7625 | | +--ro template* [name] 7626 | | +--ro name name-type 7627 | | +--ro observation-domain-id? uint32 7628 | | +--ro template-id? uint16 7629 | | +--ro set-id? uint16 7630 | | +--ro access-time? 7631 | | | yang:date-and-time 7632 | | +--ro template-data-records? yang:counter64 7633 | | +--ro template-discontinuity-time? 7634 | | | yang:date-and-time 7635 | | +--ro field* [name] 7636 | | +--ro name name-type 7637 | | +--ro ie-id? ie-id-type 7638 | | +--ro ie-length? uint16 7639 | | +--ro ie-enterprise-number? uint32 7640 | | +--ro is-flow-key? empty 7641 | | +--ro is-scope? empty 7642 | +--rw udp-collector* [name] {udp-transport}? 7643 | | +--rw name name-type 7644 | | +--rw (local-address-method)? 7645 | | | +--:(local-address) 7646 | | | +--rw local-address* inet:host 7647 | | +--rw local-port? inet:port-number 7648 | | +--rw template-life-time? uint32 7649 | | +--rw options-template-life-time? uint32 7650 | | +--rw template-life-packet? uint32 7651 | | +--rw options-template-life-packet? uint32 7652 | | +--rw maximum-reordering-delay? uint32 7653 | | +--rw transport-layer-security! 7654 | | | +--rw local-certification-authority-dn* string 7655 | | | +--rw local-subject-dn* string 7656 | | | +--rw local-subject-fqdn* 7657 | | | | inet:domain-name 7658 | | | +--rw remote-certification-authority-dn* string 7659 | | | +--rw remote-subject-dn* string 7660 | | | +--rw remote-subject-fqdn* 7661 | | | inet:domain-name 7662 | | +--ro transport-session* [name] 7663 | | +--ro name name-type 7664 | | +--ro ipfix-version? uint16 7665 | | +--ro source-address? inet:host 7666 | | +--ro destination-address? inet:host 7667 | | +--ro source-port? 7668 | | | inet:port-number 7669 | | +--ro destination-port? 7670 | | | inet:port-number 7671 | | +--ro status? 7672 | | | transport-session-status 7673 | | +--ro rate? 7674 | | | yang:gauge32 7675 | | +--ro bytes? 7676 | | | yang:counter64 7677 | | +--ro messages? 7678 | | | yang:counter64 7679 | | +--ro discarded-messages? 7680 | | | yang:counter64 7681 | | +--ro records? 7682 | | | yang:counter64 7683 | | +--ro templates? 7684 | | | yang:counter32 7685 | | +--ro options-templates? 7686 | | | yang:counter32 7687 | | +--ro transport-session-start-time? 7688 | | | yang:date-and-time 7689 | | +--ro transport-session-discontinuity-time? 7690 | | | yang:date-and-time 7691 | | +--ro template* [name] 7692 | | +--ro name name-type 7693 | | +--ro observation-domain-id? uint32 7694 | | +--ro template-id? uint16 7695 | | +--ro set-id? uint16 7696 | | +--ro access-time? 7697 | | | yang:date-and-time 7698 | | +--ro template-data-records? yang:counter64 7699 | | +--ro template-discontinuity-time? 7700 | | | yang:date-and-time 7701 | | +--ro field* [name] 7702 | | +--ro name name-type 7703 | | +--ro ie-id? ie-id-type 7704 | | +--ro ie-length? uint16 7705 | | +--ro ie-enterprise-number? uint32 7706 | | +--ro is-flow-key? empty 7707 | | +--ro is-scope? empty 7708 | +--rw sctp-collector* [name] {sctp-transport}? 7709 | | +--rw name name-type 7710 | | +--rw (local-address-method)? 7711 | | | +--:(local-address) 7712 | | | +--rw local-address* inet:host 7713 | | +--rw local-port? inet:port-number 7714 | | +--rw maximum-reordering-delay? uint32 7715 | | +--rw transport-layer-security! 7716 | | | +--rw local-certification-authority-dn* string 7717 | | | +--rw local-subject-dn* string 7718 | | | +--rw local-subject-fqdn* 7719 | | | | inet:domain-name 7720 | | | +--rw remote-certification-authority-dn* string 7721 | | | +--rw remote-subject-dn* string 7722 | | | +--rw remote-subject-fqdn* 7723 | | | inet:domain-name 7724 | | +--ro transport-session* [name] 7725 | | +--ro name name-type 7726 | | +--ro sctp-association-id? uint32 7727 | | +--ro ipfix-version? uint16 7728 | | +--ro source-address? inet:host 7729 | | +--ro destination-address? inet:host 7730 | | +--ro source-port? 7731 | | | inet:port-number 7732 | | +--ro destination-port? 7733 | | | inet:port-number 7734 | | +--ro status? 7735 | | | transport-session-status 7736 | | +--ro rate? 7737 | | | yang:gauge32 7738 | | +--ro bytes? 7739 | | | yang:counter64 7740 | | +--ro messages? 7741 | | | yang:counter64 7742 | | +--ro discarded-messages? 7743 | | | yang:counter64 7744 | | +--ro records? 7745 | | | yang:counter64 7746 | | +--ro templates? 7747 | | | yang:counter32 7748 | | +--ro options-templates? 7749 | | | yang:counter32 7750 | | +--ro transport-session-start-time? 7751 | | | yang:date-and-time 7752 | | +--ro transport-session-discontinuity-time? 7753 | | | yang:date-and-time 7754 | | +--ro template* [name] 7755 | | +--ro name name-type 7756 | | +--ro observation-domain-id? uint32 7757 | | +--ro template-id? uint16 7758 | | +--ro set-id? uint16 7759 | | +--ro access-time? 7760 | | | yang:date-and-time 7761 | | +--ro template-data-records? yang:counter64 7762 | | +--ro template-discontinuity-time? 7763 | | | yang:date-and-time 7764 | | +--ro field* [name] 7765 | | +--ro name name-type 7766 | | +--ro ie-id? ie-id-type 7767 | | +--ro ie-length? uint16 7768 | | +--ro ie-enterprise-number? uint32 7769 | | +--ro is-flow-key? empty 7770 | | +--ro is-scope? empty 7771 | +--rw file-reader* [name] {file-reader}? 7772 | | +--rw name name-type 7773 | | +--rw file inet:uri 7774 | | +--ro file-reader-state 7775 | | +--ro bytes? yang:counter64 7776 | | +--ro messages? yang:counter64 7777 | | +--ro records? yang:counter64 7778 | | +--ro templates? yang:counter32 7779 | | +--ro options-templates? yang:counter32 7780 | | +--ro file-reader-discontinuity-time? 7781 | | | yang:date-and-time 7782 | | +--ro template* [name] 7783 | | +--ro name name-type 7784 | | +--ro observation-domain-id? uint32 7785 | | +--ro template-id? uint16 7786 | | +--ro set-id? uint16 7787 | | +--ro access-time? 7788 | | | yang:date-and-time 7789 | | +--ro template-data-records? yang:counter64 7790 | | +--ro template-discontinuity-time? 7791 | | | yang:date-and-time 7792 | | +--ro field* [name] 7793 | | +--ro name name-type 7794 | | +--ro ie-id? ie-id-type 7795 | | +--ro ie-length? uint16 7796 | | +--ro ie-enterprise-number? uint32 7797 | | +--ro is-flow-key? empty 7798 | | +--ro is-scope? empty 7799 | +--rw exporting-process* -> /ipfix/exporting-process/name 7800 | {exporter}? 7801 +--rw exporting-process* [name] {exporter}? 7802 +--rw name name-type 7803 +--rw enabled? boolean 7804 +--rw export-mode? identityref 7805 +--rw destination* [name] 7806 | +--rw name name-type 7807 | +--rw (destination-parameters) 7808 | +--:(tcp-exporter) 7809 | | +--rw tcp-exporter {tcp-transport}? 7810 | | +--rw ipfix-version? uint16 7811 | | +--rw source 7812 | | | +--rw (source-method)? 7813 | | | +--:(interface-ref) 7814 | | | | +--rw interface-ref? if:interface-ref 7815 | | | +--:(if-index) {if-mib}? 7816 | | | | +--rw if-index? uint32 7817 | | | +--:(if-name) {if-mib}? 7818 | | | | +--rw if-name? string 7819 | | | +--:(source-address) 7820 | | | +--rw source-address? inet:host 7821 | | +--rw destination 7822 | | | +--rw (destination-method) 7823 | | | +--:(destination-address) 7824 | | | +--rw destination-address? inet:host 7825 | | +--rw destination-port? 7826 | | | inet:port-number 7827 | | +--rw send-buffer-size? uint32 7828 | | +--rw rate-limit? uint32 7829 | | +--rw connection-timeout? uint32 7830 | | +--rw retry-schedule? uint32 7831 | | +--rw transport-layer-security! 7832 | | | +--rw local-certification-authority-dn* 7833 | | | | string 7834 | | | +--rw local-subject-dn* 7835 | | | | string 7836 | | | +--rw local-subject-fqdn* 7837 | | | | inet:domain-name 7838 | | | +--rw remote-certification-authority-dn* 7839 | | | | string 7840 | | | +--rw remote-subject-dn* 7841 | | | | string 7842 | | | +--rw remote-subject-fqdn* 7843 | | | inet:domain-name 7844 | | +--ro transport-session 7845 | | +--ro ipfix-version? 7846 | | | uint16 7847 | | +--ro source-address? 7848 | | | inet:host 7849 | | +--ro destination-address? 7850 | | | inet:host 7851 | | +--ro source-port? 7852 | | | inet:port-number 7853 | | +--ro destination-port? 7854 | | | inet:port-number 7855 | | +--ro status? 7856 | | | transport-session-status 7857 | | +--ro rate? 7858 | | | yang:gauge32 7859 | | +--ro bytes? 7860 | | | yang:counter64 7861 | | +--ro messages? 7862 | | | yang:counter64 7863 | | +--ro discarded-messages? 7864 | | | yang:counter64 7865 | | +--ro records? 7866 | | | yang:counter64 7867 | | +--ro templates? 7868 | | | yang:counter32 7869 | | +--ro options-templates? 7870 | | | yang:counter32 7871 | | +--ro transport-session-start-time? 7872 | | | yang:date-and-time 7873 | | +--ro transport-session-discontinuity-time? 7874 | | | yang:date-and-time 7875 | | +--ro template* [name] 7876 | | +--ro name 7877 | | | name-type 7878 | | +--ro observation-domain-id? uint32 7879 | | +--ro template-id? uint16 7880 | | +--ro set-id? uint16 7881 | | +--ro access-time? 7882 | | | yang:date-and-time 7883 | | +--ro template-data-records? 7884 | | | yang:counter64 7885 | | +--ro template-discontinuity-time? 7886 | | | yang:date-and-time 7887 | | +--ro field* [name] 7888 | | +--ro name name-type 7889 | | +--ro ie-id? ie-id-type 7890 | | +--ro ie-length? uint16 7891 | | +--ro ie-enterprise-number? uint32 7892 | | +--ro is-flow-key? empty 7893 | | +--ro is-scope? empty 7894 | +--:(udp-exporter) 7895 | | +--rw udp-exporter {udp-transport}? 7896 | | +--rw ipfix-version? uint16 7897 | | +--rw source 7898 | | | +--rw (source-method)? 7899 | | | +--:(interface-ref) 7900 | | | | +--rw interface-ref? if:interface-ref 7901 | | | +--:(if-index) {if-mib}? 7902 | | | | +--rw if-index? uint32 7903 | | | +--:(if-name) {if-mib}? 7904 | | | | +--rw if-name? string 7905 | | | +--:(source-address) 7906 | | | +--rw source-address? inet:host 7907 | | +--rw destination 7908 | | | +--rw (destination-method) 7909 | | | +--:(destination-address) 7910 | | | +--rw destination-address? inet:host 7911 | | +--rw destination-port? 7912 | | | inet:port-number 7913 | | +--rw send-buffer-size? uint32 7914 | | +--rw rate-limit? uint32 7915 | | +--rw maximum-packet-size? uint16 7916 | | +--rw template-refresh-timeout? uint32 7917 | | +--rw options-template-refresh-timeout? uint32 7918 | | +--rw template-refresh-packet? uint32 7919 | | +--rw options-template-refresh-packet? uint32 7920 | | +--rw transport-layer-security! 7921 | | | +--rw local-certification-authority-dn* 7922 | | | | string 7923 | | | +--rw local-subject-dn* 7924 | | | | string 7925 | | | +--rw local-subject-fqdn* 7926 | | | | inet:domain-name 7927 | | | +--rw remote-certification-authority-dn* 7928 | | | | string 7929 | | | +--rw remote-subject-dn* 7930 | | | | string 7931 | | | +--rw remote-subject-fqdn* 7932 | | | inet:domain-name 7933 | | +--ro transport-session 7934 | | +--ro ipfix-version? 7935 | | | uint16 7936 | | +--ro source-address? 7937 | | | inet:host 7938 | | +--ro destination-address? 7939 | | | inet:host 7940 | | +--ro source-port? 7941 | | | inet:port-number 7942 | | +--ro destination-port? 7943 | | | inet:port-number 7944 | | +--ro status? 7945 | | | transport-session-status 7946 | | +--ro rate? 7947 | | | yang:gauge32 7948 | | +--ro bytes? 7949 | | | yang:counter64 7950 | | +--ro messages? 7951 | | | yang:counter64 7952 | | +--ro discarded-messages? 7953 | | | yang:counter64 7954 | | +--ro records? 7955 | | | yang:counter64 7956 | | +--ro templates? 7957 | | | yang:counter32 7958 | | +--ro options-templates? 7959 | | | yang:counter32 7960 | | +--ro transport-session-start-time? 7961 | | | yang:date-and-time 7962 | | +--ro transport-session-discontinuity-time? 7963 | | | yang:date-and-time 7964 | | +--ro template* [name] 7965 | | +--ro name 7966 | | | name-type 7967 | | +--ro observation-domain-id? uint32 7968 | | +--ro template-id? uint16 7969 | | +--ro set-id? uint16 7970 | | +--ro access-time? 7971 | | | yang:date-and-time 7972 | | +--ro template-data-records? 7973 | | | yang:counter64 7974 | | +--ro template-discontinuity-time? 7975 | | | yang:date-and-time 7976 | | +--ro field* [name] 7977 | | +--ro name name-type 7978 | | +--ro ie-id? ie-id-type 7979 | | +--ro ie-length? uint16 7980 | | +--ro ie-enterprise-number? uint32 7981 | | +--ro is-flow-key? empty 7982 | | +--ro is-scope? empty 7983 | +--:(sctp-exporter) 7984 | | +--rw sctp-exporter {sctp-transport}? 7985 | | +--rw ipfix-version? uint16 7986 | | +--rw source 7987 | | | +--rw (source-method)? 7988 | | | +--:(interface-ref) 7989 | | | | +--rw interface-ref? if:interface-ref 7990 | | | +--:(if-index) {if-mib}? 7991 | | | | +--rw if-index? uint32 7992 | | | +--:(if-name) {if-mib}? 7993 | | | | +--rw if-name? string 7994 | | | +--:(source-address) 7995 | | | +--rw source-address* inet:host 7996 | | +--rw destination 7997 | | | +--rw (destination-method) 7998 | | | +--:(destination-address) 7999 | | | +--rw destination-address* inet:host 8000 | | +--rw destination-port? 8001 | | | inet:port-number 8002 | | +--rw send-buffer-size? uint32 8003 | | +--rw rate-limit? uint32 8004 | | +--rw timed-reliability? uint32 8005 | | +--rw association-timeout? uint32 8006 | | +--rw transport-layer-security! 8007 | | | +--rw local-certification-authority-dn* 8008 | | | | string 8009 | | | +--rw local-subject-dn* 8010 | | | | string 8011 | | | +--rw local-subject-fqdn* 8012 | | | | inet:domain-name 8013 | | | +--rw remote-certification-authority-dn* 8014 | | | | string 8015 | | | +--rw remote-subject-dn* 8016 | | | | string 8017 | | | +--rw remote-subject-fqdn* 8018 | | | inet:domain-name 8019 | | +--ro transport-session 8020 | | +--ro sctp-association-id? 8021 | | | uint32 8022 | | +--ro ipfix-version? 8023 | | | uint16 8024 | | +--ro source-address? 8025 | | | inet:host 8026 | | +--ro destination-address? 8027 | | | inet:host 8028 | | +--ro source-port? 8029 | | | inet:port-number 8030 | | +--ro destination-port? 8031 | | | inet:port-number 8032 | | +--ro status? 8033 | | | transport-session-status 8034 | | +--ro rate? 8035 | | | yang:gauge32 8036 | | +--ro bytes? 8037 | | | yang:counter64 8038 | | +--ro messages? 8039 | | | yang:counter64 8040 | | +--ro discarded-messages? 8041 | | | yang:counter64 8042 | | +--ro records? 8043 | | | yang:counter64 8044 | | +--ro templates? 8045 | | | yang:counter32 8046 | | +--ro options-templates? 8047 | | | yang:counter32 8048 | | +--ro transport-session-start-time? 8049 | | | yang:date-and-time 8050 | | +--ro transport-session-discontinuity-time? 8051 | | | yang:date-and-time 8052 | | +--ro template* [name] 8053 | | +--ro name 8054 | | | name-type 8055 | | +--ro observation-domain-id? uint32 8056 | | +--ro template-id? uint16 8057 | | +--ro set-id? uint16 8058 | | +--ro access-time? 8059 | | | yang:date-and-time 8060 | | +--ro template-data-records? 8061 | | | yang:counter64 8062 | | +--ro template-discontinuity-time? 8063 | | | yang:date-and-time 8064 | | +--ro field* [name] 8065 | | +--ro name name-type 8066 | | +--ro ie-id? ie-id-type 8067 | | +--ro ie-length? uint16 8068 | | +--ro ie-enterprise-number? uint32 8069 | | +--ro is-flow-key? empty 8070 | | +--ro is-scope? empty 8071 | +--:(file-writer) 8072 | +--rw file-writer {file-writer}? 8073 | +--rw ipfix-version? uint16 8074 | +--rw file inet:uri 8075 | +--ro file-writer-state 8076 | +--ro bytes? 8077 | | yang:counter64 8078 | +--ro messages? 8079 | | yang:counter64 8080 | +--ro discarded-messages? 8081 | | yang:counter64 8082 | +--ro records? 8083 | | yang:counter64 8084 | +--ro templates? 8085 | | yang:counter32 8086 | +--ro options-templates? 8087 | | yang:counter32 8088 | +--ro file-writer-discontinuity-time? 8089 | | yang:date-and-time 8090 | +--ro template* [name] 8091 | +--ro name 8092 | | name-type 8093 | +--ro observation-domain-id? uint32 8094 | +--ro template-id? uint16 8095 | +--ro set-id? uint16 8096 | +--ro access-time? 8097 | | yang:date-and-time 8098 | +--ro template-data-records? 8099 | | yang:counter64 8100 | +--ro template-discontinuity-time? 8101 | | yang:date-and-time 8102 | +--ro field* [name] 8103 | +--ro name name-type 8104 | +--ro ie-id? ie-id-type 8105 | +--ro ie-length? uint16 8106 | +--ro ie-enterprise-number? uint32 8107 | +--ro is-flow-key? empty 8108 | +--ro is-scope? empty 8109 +--rw options* [name] 8110 | +--rw name name-type 8111 | +--rw options-type identityref 8112 | +--rw options-timeout? uint32 8113 +--ro exporting-process-id? uint32 8115 D.2. ietf-ipfix-packet-sampling 8117 The complete tree diagram for ietf-ipfix-packet-sampling: 8119 module: ietf-ipfix-packet-sampling 8120 augment /ipfix:ipfix: 8121 +--rw psamp 8122 +--rw observation-point* [name] 8123 | +--rw name ipfix:name-type 8124 | +--rw observation-domain-id uint32 8125 | +--rw interface-ref* if:interface-ref 8126 | +--rw if-name* if-name-type {if-mib}? 8127 | +--rw if-index* uint32 {if-mib}? 8128 | +--rw hardware-ref* hardware-ref 8129 | +--rw ent-physical-name* string {entity-mib}? 8130 | +--rw ent-physical-index* uint32 {entity-mib}? 8131 | +--rw direction? direction 8132 | +--rw selection-process* 8133 | | -> /ipfix:ipfix/psamp/selection-process/name 8134 | +--ro observation-point-id? uint32 8135 +--rw selection-process* [name] 8136 | +--rw name ipfix:name-type 8137 | +--rw selector* [name] 8138 | | +--rw name ipfix:name-type 8139 | | +--rw (method) 8140 | | | +--:(select-all) 8141 | | | | +--rw select-all? empty 8142 | | | +--:(samp-count-based) 8143 | | | | +--rw samp-count-based {psamp-samp-count-based}? 8144 | | | | +--rw packet-interval uint32 8145 | | | | +--rw packet-space uint32 8146 | | | +--:(samp-time-based) 8147 | | | | +--rw samp-time-based {psamp-samp-time-based}? 8148 | | | | +--rw time-interval uint32 8149 | | | | +--rw time-space uint32 8150 | | | +--:(samp-rand-out-of-n) 8151 | | | | +--rw samp-rand-out-of-n 8152 | | | | {psamp-samp-rand-out-of-n}? 8153 | | | | +--rw size uint32 8154 | | | | +--rw population uint32 8155 | | | +--:(samp-uni-prob) 8156 | | | | +--rw samp-uni-prob {psamp-samp-uni-prob}? 8157 | | | | +--rw probability decimal64 8158 | | | +--:(filter-match) 8159 | | | | +--rw filter-match {psamp-filter-match}? 8160 | | | | +--rw (information-element) 8161 | | | | | +--:(ie-name) 8162 | | | | | | +--rw ie-name? 8163 | | | | | | ipfix:ie-name-type 8164 | | | | | +--:(ie-id) 8165 | | | | | +--rw ie-id? ipfix:ie-id-type 8166 | | | | +--rw ie-enterprise-number? uint32 8167 | | | | +--rw value string 8168 | | | +--:(filter-hash) 8169 | | | +--rw filter-hash {psamp-filter-hash}? 8170 | | | +--rw hash-function? identityref 8171 | | | +--rw initializer-value? uint64 8172 | | | +--rw ip-payload-offset? uint64 8173 | | | +--rw ip-payload-size? uint64 8174 | | | +--rw digest-output? boolean 8175 | | | +--rw selected-range* [name] 8176 | | | | +--rw name ipfix:name-type 8177 | | | | +--rw min? uint64 8178 | | | | +--rw max? uint64 8179 | | | +--ro output-range-min? uint64 8180 | | | +--ro output-range-max? uint64 8181 | | +--ro packets-observed? yang:counter64 8182 | | +--ro packets-dropped? yang:counter64 8183 | | +--ro selector-discontinuity-time? yang:date-and-time 8184 | +--rw cache? 8185 | | -> /ipfix:ipfix/psamp/cache/name 8186 | +--ro selection-sequence* [] 8187 | +--ro observation-domain-id? uint32 8188 | +--ro selection-sequence-id? uint64 8189 +--rw cache* [name] 8190 +--rw name ipfix:name-type 8191 +--rw enabled? boolean 8192 +--rw (cache-type) 8193 | +--:(immediate-cache) 8194 | | +--rw immediate-cache {immediate-cache}? 8195 | | +--rw cache-layout 8196 | | +--rw cache-field* [name] 8197 | | +--rw name 8198 | | | ipfix:name-type 8199 | | +--rw (information-element) 8200 | | | +--:(ie-name) 8201 | | | | +--rw ie-name? 8202 | | | | ipfix:ie-name-type 8203 | | | +--:(ie-id) 8204 | | | +--rw ie-id? 8205 | | | ipfix:ie-id-type 8206 | | +--rw ie-length? uint16 8207 | | +--rw ie-enterprise-number? uint32 8208 | +--:(timeout-cache) 8209 | | +--rw timeout-cache {timeout-cache}? 8210 | | +--rw max-flows? uint32 8211 | | +--rw active-timeout? uint32 8212 | | +--rw idle-timeout? uint32 8213 | | +--rw cache-layout 8214 | | | +--rw cache-field* [name] 8215 | | | +--rw name 8216 | | | | ipfix:name-type 8217 | | | +--rw (information-element) 8218 | | | | +--:(ie-name) 8219 | | | | | +--rw ie-name? 8220 | | | | | ipfix:ie-name-type 8221 | | | | +--:(ie-id) 8222 | | | | +--rw ie-id? 8223 | | | | ipfix:ie-id-type 8224 | | | +--rw ie-length? uint16 8225 | | | +--rw ie-enterprise-number? uint32 8226 | | | +--rw is-flow-key? empty 8227 | | +--ro active-flows? yang:gauge32 8228 | | +--ro unused-cache-entries? yang:gauge32 8229 | +--:(natural-cache) 8230 | | +--rw natural-cache {natural-cache}? 8231 | | +--rw max-flows? uint32 8232 | | +--rw active-timeout? uint32 8233 | | +--rw idle-timeout? uint32 8234 | | +--rw cache-layout 8235 | | | +--rw cache-field* [name] 8236 | | | +--rw name 8237 | | | | ipfix:name-type 8238 | | | +--rw (information-element) 8239 | | | | +--:(ie-name) 8240 | | | | | +--rw ie-name? 8241 | | | | | ipfix:ie-name-type 8242 | | | | +--:(ie-id) 8243 | | | | +--rw ie-id? 8244 | | | | ipfix:ie-id-type 8245 | | | +--rw ie-length? uint16 8246 | | | +--rw ie-enterprise-number? uint32 8247 | | | +--rw is-flow-key? empty 8248 | | +--ro active-flows? yang:gauge32 8249 | | +--ro unused-cache-entries? yang:gauge32 8250 | +--:(permanent-cache) 8251 | +--rw permanent-cache {permanent-cache}? 8252 | +--rw max-flows? uint32 8253 | +--rw export-interval? uint32 8254 | +--rw cache-layout 8255 | | +--rw cache-field* [name] 8256 | | +--rw name 8257 | | | ipfix:name-type 8258 | | +--rw (information-element) 8259 | | | +--:(ie-name) 8260 | | | | +--rw ie-name? 8261 | | | | ipfix:ie-name-type 8262 | | | +--:(ie-id) 8263 | | | +--rw ie-id? 8264 | | | ipfix:ie-id-type 8265 | | +--rw ie-length? uint16 8266 | | +--rw ie-enterprise-number? uint32 8267 | | +--rw is-flow-key? empty 8268 | +--ro active-flows? yang:gauge32 8269 | +--ro unused-cache-entries? yang:gauge32 8270 +--rw exporting-process* 8271 | -> /ipfix:ipfix/exporting-process/name 8272 | {ipfix:exporter}? 8273 +--ro metering-process-id? uint32 8274 +--ro data-records? yang:counter64 8275 +--ro cache-discontinuity-time? yang:date-and-time 8277 D.3. ietf-ipfix-bulk-data-export 8279 The complete tree diagram for ietf-ipfix-bulk-data-export: 8281 module: ietf-ipfix-bulk-data-export 8282 augment /ipfix:ipfix: 8283 +--rw bulk-data-export 8284 +--rw template* [name] 8285 +--rw name ipfix:name-type 8286 +--rw enabled? boolean 8287 +--rw export-interval? uint32 8288 +--rw observation-domain-id? uint32 8289 +--rw field-layout 8290 | +--rw field* [name] 8291 | +--rw name ipfix:name-type 8292 | +--rw (identifier) 8293 | | +--:(ie-name) 8294 | | | +--rw ie-name? ipfix:ie-name-type 8295 | | +--:(ie-id) 8296 | | +--rw ie-id? ipfix:ie-id-type 8297 | +--rw ie-length? uint16 8298 | +--rw ie-enterprise-number? uint32 8299 +--rw exporting-process* 8300 | -> /ipfix:ipfix/exporting-process/name 8301 | {ipfix:exporter}? 8302 +--rw (resource-identifier)? 8303 | +--:(resource-instance) 8304 | +--rw resource-instance* resource 8305 +--ro data-records? yang:counter64 8306 +--ro discontinuity-time? yang:date-and-time 8308 Authors' Addresses 8310 Joey Boyd 8311 ADTRAN 8313 Email: joey.boyd@adtran.com 8315 Marta Seda 8316 Calix 8318 Email: marta.seda@calix.com