idnits 2.17.1 draft-cptb-grow-bmp-yang-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 125 has weird spacing: '...address ine...' == The document doesn't use any RFC 2119 keywords, yet seems to have RFC 2119 boilerplate text. -- The document date (21 March 2022) is 765 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'I-D.ietf-idr-bgp-model' is defined on line 632, but no explicit reference was found in the text == Unused Reference: 'RFC6991' is defined on line 662, but no explicit reference was found in the text == Unused Reference: 'RFC8349' is defined on line 684, but no explicit reference was found in the text == Outdated reference: A later version (-17) exists of draft-ietf-idr-bgp-model-13 Summary: 0 errors (**), 0 flaws (~~), 7 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 GROW C. Cardona 3 Internet-Draft P. Lucente 4 Intended status: Standards Track NTT 5 Expires: 22 September 2022 T. Graf 6 Swisscom 7 B. Claise 8 Huawei 9 21 March 2022 11 BMP YANG Module 12 draft-cptb-grow-bmp-yang-02 14 Abstract 16 This document proposes a YANG module for BMP (BGP Monitoring 17 Protocol) configuration and monitoring. A complementary RPC triggers 18 a refresh of the session of a BMP station. 20 Status of This Memo 22 This Internet-Draft is submitted in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF). Note that other groups may also distribute 27 working documents as Internet-Drafts. The list of current Internet- 28 Drafts is at https://datatracker.ietf.org/drafts/current/. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 This Internet-Draft will expire on 22 September 2022. 37 Copyright Notice 39 Copyright (c) 2022 IETF Trust and the persons identified as the 40 document authors. All rights reserved. 42 This document is subject to BCP 78 and the IETF Trust's Legal 43 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 44 license-info) in effect on the date of publication of this document. 45 Please review these documents carefully, as they describe your rights 46 and restrictions with respect to this document. Code Components 47 extracted from this document must include Revised BSD License text as 48 described in Section 4.e of the Trust Legal Provisions and are 49 provided without warranty as described in the Revised BSD License. 51 Table of Contents 53 1. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 2 54 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 55 3. Model summary . . . . . . . . . . . . . . . . . . . . . . . . 3 56 4. Base ietf-bmp YANG module . . . . . . . . . . . . . . . . . . 3 57 4.1. Tree View . . . . . . . . . . . . . . . . . . . . . . . . 3 58 4.2. YANG Module . . . . . . . . . . . . . . . . . . . . . . . 5 59 5. Security Considerations . . . . . . . . . . . . . . . . . . . 13 60 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13 61 6.1. The IETF XML Registry . . . . . . . . . . . . . . . . . . 13 62 6.2. The YANG Module Name Registration . . . . . . . . . . . . 14 63 7. Open Issues . . . . . . . . . . . . . . . . . . . . . . . . . 14 64 8. Normative References . . . . . . . . . . . . . . . . . . . . 14 65 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 15 66 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 15 68 1. Terminology 70 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 71 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 72 "OPTIONAL" in this document are to be interpreted as described in BCP 73 14 [RFC2119] [RFC8174] when, and only when, they appear in all 74 capitals, as shown here. 76 Routing Information Bases, peers, monitoring stations are defined in 77 [RFC7854]. 79 2. Introduction 81 This document specifies a YANG module for configuring and monitoring 82 the BGP Monitoring Protocol (BMP) [RFC7854]. The model provides 83 parameters for defining BMP monitoring stations, the selection of the 84 BGP Routing Information Bases (RIBs), provides operational metrics 85 and enables to reset BMP monitoring sessions. 87 3. Model summary 89 The BMP YANG model provides the methods for managing BMP monitoring 90 stations. It includes: 92 * Connectivity parameters, including station IP address and 93 destination port. 95 * BMP session parameters, such as defining the BMP initiation 96 message or the interval for statistics messages. 98 * BGP Data sources. The model requires the explicit configuration 99 of the RIBs and address family to send to each monitoring station. 100 For Adj-RIB-in and Adj-RIB-out, both post and pre policy, the 101 model also requires the peers from which to originate data. In 102 those RIBs, the value "all_peers" can be used if the operators 103 desires to receive data of all peers. 105 * Per BMP station status and statistics, such as established status, 106 number of route-monitoring messages, number of route-mirroring 107 messages, number of peer-down and peer-up messages, number of 108 initiation messages. 110 * BMP session reset RPC action. 112 4. Base ietf-bmp YANG module 114 4.1. Tree View 116 The following tree diagram provides an overview of the ietf-bmp.yang 117 data model. 119 module: ietf-bmp 120 +--rw bmp 121 +--rw stations 122 | +--rw station* [id] 123 | +--rw id string 124 | +--rw connection 125 | | +--rw destination-address inet:ip-address 126 | | +--rw local-address? inet:ip-address 127 | | +--rw destination-port? inet:port-number 128 | +--rw bmp_session 129 | | +--rw initiation-message? string 130 | | +--rw statistics-interval? uint32 131 | +--rw bmp_sources 132 | | +--rw adj-rib-in-pre 133 | | | +--rw enabled? boolean 134 | | | +--rw address-families 135 | | | +--rw address-family* [name] 136 | | | +--rw name leafref 137 | | | +--rw peers* union 138 | | +--rw adj-rib-in-post 139 | | | +--rw enabled? boolean 140 | | | +--rw address-families 141 | | | +--rw address-family* [name] 142 | | | +--rw name leafref 143 | | | +--rw peers* union 144 | | +--rw local-rib 145 | | | +--rw enabled? boolean 146 | | | +--rw address-families* identityref 147 | | +--rw adj-rib-out-pre 148 | | | +--rw enabled? boolean 149 | | | +--rw address-families 150 | | | +--rw address-family* [name] 151 | | | +--rw name leafref 152 | | | +--rw peers* union 153 | | +--rw adj-rib-out-post 154 | | +--rw enabled? boolean 155 | | +--rw address-families 156 | | +--rw address-family* [name] 157 | | +--rw name leafref 158 | | +--rw peers* union 159 | +--rw session-stats 160 | +--rw discontinuity-time 161 | | yang:date-and-time 162 | +--ro established-session? boolean 163 | +--ro total-route-monitoring-messages? uint64 164 | +--ro total-statistics-messages? uint64 165 | +--ro total-peer-down-messages? uint64 166 | +--ro total-peer-up-messages? uint64 167 | +--ro total-initiation-messages? uint64 168 | +--ro total-route-mirroring-messages? uint64 169 +--rw actions 170 +---x session-reset 171 +---w input 172 | +---w station? -> /bmp/stations/station/id 173 +--ro output 174 +--ro (outcome)? 175 +--:(success) 176 | +--ro success? empty 177 +--:(failure) 178 +--ro failure? string 180 4.2. YANG Module 182 file "ietf-bmp@2022-01-27.yang" 184 module ietf-bmp { 185 yang-version 1.1; 186 namespace "urn:ietf:params:xml:ns:yang:ietf-bmp"; 187 prefix bmp; 189 import ietf-yang-types { 190 prefix yang; 191 } 193 import ietf-inet-types { 194 prefix inet; 195 reference 196 "RFC 6991: Common YANG Data Types"; 197 } 198 import ietf-routing { 199 prefix rt; 200 reference 201 "RFC 8349, A YANG Data Model for Routing Management 202 (NMDA Version)."; 203 } 205 import ietf-bgp-types { 206 prefix bt; 207 reference 208 "RFC XXXX: BGP YANG module for Service Provider Network. 209 RFC-EDITOR: please update XXX with the RFC ID assigned 210 to I-D.ietf-idr-bgp-model"; 211 } 213 import ietf-bgp { 214 prefix bgp; 215 reference 216 "RFC XXXX: BGP YANG module for Service Provider Network. 217 RFC-EDITOR: please update XXX with the RFC ID assigned 218 to I-D.ietf-idr-bgp-model"; 219 } 221 import ietf-netconf-acm { 222 prefix nacm; 223 reference 224 "RFC 8341: Network Configuration Access Control Model"; 225 } 227 organization 228 "IETF GROW Working Group"; 229 contact 230 "WG Web: 231 WG List: 233 Author: Camilo Cardona 234 236 Author: Paolo Lucente 237 239 Author: Thomas Graf 240 242 Author: Benoit Claise 243 "; 244 description 245 "This module specifies a structure for BMP 246 (BGP Monitoring Protocol) configuration and monitoring. 248 The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 249 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 250 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document 251 are to be interpreted as described in BCP 14 (RFC 2119) 252 (RFC 8174) when, and only when, they appear in all 253 capitals, as shown here. 255 Copyright (c) 2022 IETF Trust and the persons identified as 256 authors of the code. All rights reserved. 258 Redistribution and use in source and binary forms, with or 259 without modification, is permitted pursuant to, and subject to 260 the license terms contained in, the Revised BSD License set 261 forth in Section 4.c of the IETF Trust's Legal Provisions 262 Relating to IETF Documents 263 (https://trustee.ietf.org/license-info). 265 This version of this YANG module is part of RFC 9196 266 (https://www.rfc-editor.org/info/rfc9196); see the RFC itself 267 for full legal notices."; 269 revision 2022-01-27 { 270 description 271 "initial version"; 272 reference 273 "RFC YYYY: BMP YANG Module 274 RFC-EDITOR: please update YYYY with this RFC ID"; 275 } 276 typedef bmp-peer-types { 277 type enumeration { 278 enum all-peers { 279 value 10; 280 description 281 "Selects all peers."; 282 } 283 } 284 description 285 "Enum values for peer selection specific for BMP. The 286 all-peers value is an explicit way of defining that the device 287 should send the updates from all peers to the station for 288 a particular RIB/AFI. The module also allows the selection 289 of individual peers (through its remote-address), or use the 290 bgp:peer-type to select the type of peers."; 291 } 293 grouping bmp-ip-connection { 294 description 295 "common elements for defining connectivity 296 to a bmp station"; 297 leaf destination-address { 298 type inet:ip-address; 299 mandatory true; 300 description 301 "Destination IP address of station"; 302 } 303 leaf local-address { 304 type inet:ip-address; 305 description 306 "Local IP address to source connections"; 307 } 308 leaf destination-port { 309 type inet:port-number; 310 description 311 "Destination port for connections"; 312 } 313 } 315 grouping bmp-peer-ribs-filter { 316 description 317 "Leaves for configuring RIBs where 318 origin/destination peers are well defined."; 319 leaf enabled { 320 type boolean; 321 description 322 "Enables the specified RIB"; 323 } 324 container address-families { 325 description 326 "container for lists of address-families"; 327 list address-family { 328 key "name"; 329 description 330 "List of address families. 331 The name of the address family, as defined 332 in the BGP model is used for keying."; 333 leaf name { 334 type leafref { 335 path "/rt:routing/rt:control-plane-protocols/" 336 + "rt:control-plane-protocol/bgp:bgp/" 337 + "bgp:global/bgp:afi-safis/bgp:afi-safi/bgp:name"; 338 } 339 description 340 "Name of the address family"; 341 } 342 leaf-list peers { 343 type union { 344 type leafref { 345 path "/rt:routing/rt:control-plane-protocols/" 346 + "rt:control-plane-protocol/bgp:bgp/" 347 + "bgp:neighbors/bgp:neighbor/bgp:remote-address"; 348 } 349 type bt:peer-type; 350 type bmp-peer-types; 351 } 352 description 353 "Peers can be identified by a remote-address, 354 or by an enum value corresponding to groups of peers. 355 This way an operator can select all external peers, 356 all internal peers, or all peers."; 357 } 358 } 359 } 360 } 362 grouping bmp-route-monitoring-sources { 363 description 364 ""; 365 container adj-rib-in-pre { 366 description 367 "Configuration for the adj-rib-in pre-policy"; 368 reference 369 "RFC7854: BGP Monitoring Protocol (BMP), Section 2."; 370 uses bmp-peer-ribs-filter; 371 } 372 container adj-rib-in-post { 373 description 374 "Configuration for the adj-rib-in post-policy"; 375 reference 376 "RFC7854: BGP Monitoring Protocol (BMP), Section 2."; 377 uses bmp-peer-ribs-filter; 378 } 379 container local-rib { 380 description 381 "Configuration for the local-rib"; 382 reference 383 "RFC9069: Support for Local RIB in the BGP Monitoring 384 Protocol (BMP), Section 3."; 385 leaf enabled { 386 type boolean; 387 description 388 "Enables the specified RIB"; 389 } 390 leaf-list address-families { 391 type identityref { 392 base bt:afi-safi-type; 393 } 394 description 395 "List of address families to enable for 396 local-rib."; 397 } 398 } 399 container adj-rib-out-pre { 400 description 401 "Configuration for the adj-rib-out pre-policy"; 402 uses bmp-peer-ribs-filter; 403 reference 404 "RFC8671: Support for Adj-RIB-Out in the BGP Monitoring 405 Protocol (BMP) , Section 3."; 406 } 407 container adj-rib-out-post { 408 description 409 "Configuration for the adj-rib-out post-policy"; 410 uses bmp-peer-ribs-filter; 411 reference 412 "RFC8671: Support for Adj-RIB-Out in the BGP Monitoring 413 Protocol (BMP) , Section 3."; 414 } 415 } 417 grouping bmp-session-options { 418 description 419 "leaves for configuration of the bmp session"; 421 leaf initiation-message { 422 type string; 423 description 424 "User defined message to append to the 425 initiation message"; 426 } 427 leaf statistics-interval { 428 type uint32; 429 description 430 "Default Interval for statistic message."; 431 } 432 } 434 container bmp { 435 description 436 "Main level for BMP configuration "; 437 container stations { 438 description 439 "Container for the list of BMP stations"; 440 list station { 441 key "id"; 442 description 443 "Configuration for BMP stations."; 444 leaf id { 445 type string; 446 description 447 "Identification string for the station"; 448 } 449 // Connection, missing tcp tuning params 450 // like keep-alives, segment sizes, etc. 451 container connection { 452 description 453 "Connection details for the station"; 454 uses bmp-ip-connection; 455 } 456 container bmp_session { 457 description 458 "BMP session options for the station"; 459 uses bmp-session-options; 460 } 461 container bmp_sources { 462 description 463 "Configuration of the data sources for the station"; 464 uses bmp-route-monitoring-sources; 465 } 466 container session-stats { 467 description 468 "stats and operational values for the station"; 470 leaf discontinuity-time { 471 type yang:date-and-time; 472 mandatory true; 473 description 474 "The time on the most recent occasion at which any one 475 or more of this station's counters suffered a 476 discontinuity. If no such discontinuities have 477 occurred since the last re-initialization of the local 478 management subsystem, then this node contains the time 479 the local management subsystem re-initialized 480 itself."; 481 } 483 leaf established-session { 484 type boolean; 485 config false; 486 description 487 "Value indicating if the session is currently 488 established"; 489 } 490 leaf total-route-monitoring-messages { 491 type uint64; 492 config false; 493 description 494 "Number of route-monitoring messages sent since last 495 successful connection"; 496 } 497 leaf total-statistics-messages { 498 type uint64; 499 config false; 500 description 501 "Number of statistics messages sent since last 502 successful connection"; 503 } 504 leaf total-peer-down-messages { 505 type uint64; 506 config false; 507 description 508 "Number of peer-down messages sent since last 509 successful connection"; 510 } 511 leaf total-peer-up-messages { 512 type uint64; 513 config false; 514 description 515 "Number of peer-up messages sent since last successful 516 connection"; 517 } 518 leaf total-initiation-messages { 519 type uint64; 520 config false; 521 description 522 "Number of initiation messages sent since last 523 successful connection"; 524 } 525 leaf total-route-mirroring-messages { 526 type uint64; 527 config false; 528 description 529 "Number of route-mirroring messages sent since last 530 successful connection"; 531 } 532 } 533 } 534 } 536 container actions { 537 nacm:default-deny-all; 538 description 539 "Container with the actions for the BMP operation"; 540 action session-reset { 541 description 542 "Resets the session for a station."; 543 input { 544 leaf station { 545 type leafref { 546 path "/bmp/stations/station/id"; 547 } 548 description 549 "Identifies the station to reset"; 550 } 551 } 552 output { 553 choice outcome { 554 description 555 "Output of the reset operation. Either a success or 556 failure. For the latter, the reason for the 557 error is provided."; 558 leaf success { 559 type empty; 560 description 561 "Reset successful"; 562 } 563 leaf failure { 564 type string; 565 description 566 "Reset could not be performed. 567 Reason is included in the field"; 568 } 569 } 570 } 571 } 572 } 573 } 574 } 576 578 5. Security Considerations 580 The YANG module specified in this document defines a schema for data 581 that is designed to be accessed via network management protocols such 582 as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer 583 is the secure transport layer, and the mandatory-to-implement secure 584 transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer 585 is HTTPS, and the mandatory-to-implement secure transport is TLS 586 [RFC8446]. The NETCONF Access Control Model (NACM) [RFC8341] 587 provides the means to restrict access for particular NETCONF or 588 RESTCONF users to a preconfigured subset of all available NETCONF or 589 RESTCONF protocol operations and content. 591 BGP data is sensible for security considerations. The model 592 described in this document could be used to send BGP information to 593 malicious BMP stations. Write access to this model should therefore 594 be properly protected. 596 The session-reset action can demand considerable amount of resources 597 from network elements. It should thus be protected from illegal 598 access. 600 6. IANA Considerations 602 6.1. The IETF XML Registry 604 This document registers a URIs in the IETF XML registry [RFC3688]. 605 Following the format in [RFC3688], the following registrations are 606 requested: 608 URI: urn:ietf:params:xml:ns:yang:ietf-bmp 609 Registrant Contact: The IESG. 610 XML: N/A, the requested URI is an XML namespace. 612 6.2. The YANG Module Name Registration 614 This document registers the following YANG module in the " YANG 615 Module Names" registry registry [RFC6020]: 617 Name: ietf-bmp 618 Namespace: urn:ietf:params:xml:ns:yang:ietf-bmp 619 Prefix: bmp 620 Reference: [This RFC-to-be] 622 7. Open Issues 624 Shall we copy the TCP tuning and security parameters from the BGP 625 specifications? 627 The security considerations section will have to be aligned with 628 https://trac.ietf.org/trac/ops/wiki/yang-security-guidelines 630 8. Normative References 632 [I-D.ietf-idr-bgp-model] 633 Jethanandani, M., Patel, K., Hares, S., and J. Haas, "BGP 634 YANG Model for Service Provider Networks", Work in 635 Progress, Internet-Draft, draft-ietf-idr-bgp-model-13, 6 636 March 2022, . 639 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 640 Requirement Levels", BCP 14, RFC 2119, 641 DOI 10.17487/RFC2119, March 1997, 642 . 644 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 645 DOI 10.17487/RFC3688, January 2004, 646 . 648 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 649 the Network Configuration Protocol (NETCONF)", RFC 6020, 650 DOI 10.17487/RFC6020, October 2010, 651 . 653 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 654 and A. Bierman, Ed., "Network Configuration Protocol 655 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 656 . 658 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 659 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 660 . 662 [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", 663 RFC 6991, DOI 10.17487/RFC6991, July 2013, 664 . 666 [RFC7854] Scudder, J., Ed., Fernando, R., and S. Stuart, "BGP 667 Monitoring Protocol (BMP)", RFC 7854, 668 DOI 10.17487/RFC7854, June 2016, 669 . 671 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 672 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 673 . 675 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 676 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 677 May 2017, . 679 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration 680 Access Control Model", STD 91, RFC 8341, 681 DOI 10.17487/RFC8341, March 2018, 682 . 684 [RFC8349] Lhotka, L., Lindem, A., and Y. Qu, "A YANG Data Model for 685 Routing Management (NMDA Version)", RFC 8349, 686 DOI 10.17487/RFC8349, March 2018, 687 . 689 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 690 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 691 . 693 Acknowledgements 695 The authors would like to thank Pierre Vander Vorst and Tom Petch for 696 their review and feedback. 698 Authors' Addresses 700 Camilo Cardona 701 NTT 702 164-168, Carrer de Numancia 703 08029 Barcelona 704 Spain 705 Email: camilo@ntt.net 706 Paolo Lucente 707 NTT 708 Siriusdreef 70-72 709 2132 Hoofddorp 710 Netherlands 711 Email: paolo@ntt.net 713 Thomas Graf 714 Swisscom 715 Binzring 17 716 CH- Zurich 8045 717 Switzerland 718 Email: thomas.graf@swisscom.com 720 Benoit Claise 721 Huawei 722 Email: benoit.claise@huawei.com