idnits 2.17.1 draft-ietf-babel-yang-model-04.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 4 instances of too long lines in the document, the longest one being 4 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (October 18, 2019) is 1652 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-20) exists of draft-ietf-babel-rfc6126bis-14 ** Obsolete normative reference: RFC 6347 (Obsoleted by RFC 9147) == Outdated reference: A later version (-14) exists of draft-ietf-babel-information-model-10 Summary: 2 errors (**), 0 flaws (~~), 3 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Babel Working Group M. Jethanandani 3 Internet-Draft VMware 4 Intended status: Standards Track B. Stark 5 Expires: April 20, 2020 AT&T 6 October 18, 2019 8 YANG Data Model for Babel 9 draft-ietf-babel-yang-model-04 11 Abstract 13 This document defines a data model for the Babel routing protocol. 14 The data model is defined using the YANG data modeling language. 16 Requirements Language 18 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 19 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 20 "OPTIONAL" in this document are to be interpreted as described in BCP 21 14 [RFC2119][RFC8174] when, and only when, they appear in all 22 capitals, as shown here. 24 Status of This Memo 26 This Internet-Draft is submitted in full conformance with the 27 provisions of BCP 78 and BCP 79. 29 Internet-Drafts are working documents of the Internet Engineering 30 Task Force (IETF). Note that other groups may also distribute 31 working documents as Internet-Drafts. The list of current Internet- 32 Drafts is at https://datatracker.ietf.org/drafts/current/. 34 Internet-Drafts are draft documents valid for a maximum of six months 35 and may be updated, replaced, or obsoleted by other documents at any 36 time. It is inappropriate to use Internet-Drafts as reference 37 material or to cite them other than as "work in progress." 39 This Internet-Draft will expire on April 20, 2020. 41 Copyright Notice 43 Copyright (c) 2019 IETF Trust and the persons identified as the 44 document authors. All rights reserved. 46 This document is subject to BCP 78 and the IETF Trust's Legal 47 Provisions Relating to IETF Documents 48 (https://trustee.ietf.org/license-info) in effect on the date of 49 publication of this document. Please review these documents 50 carefully, as they describe your rights and restrictions with respect 51 to this document. Code Components extracted from this document must 52 include Simplified BSD License text as described in Section 4.e of 53 the Trust Legal Provisions and are provided without warranty as 54 described in the Simplified BSD License. 56 Table of Contents 58 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 59 1.1. Note to RFC Editor . . . . . . . . . . . . . . . . . . . 2 60 1.2. Tree Diagram Annotations . . . . . . . . . . . . . . . . 3 61 2. Babel Module . . . . . . . . . . . . . . . . . . . . . . . . 3 62 2.1. Information Model . . . . . . . . . . . . . . . . . . . . 3 63 2.2. Tree Diagram . . . . . . . . . . . . . . . . . . . . . . 3 64 2.3. YANG Module . . . . . . . . . . . . . . . . . . . . . . . 5 65 3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 30 66 3.1. URI Registrations . . . . . . . . . . . . . . . . . . . . 30 67 3.2. YANG Module Name Registration . . . . . . . . . . . . . . 30 68 4. Security Considerations . . . . . . . . . . . . . . . . . . . 30 69 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 31 70 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 31 71 6.1. Normative References . . . . . . . . . . . . . . . . . . 31 72 6.2. Informative References . . . . . . . . . . . . . . . . . 32 73 Appendix A. An Appendix . . . . . . . . . . . . . . . . . . . . 33 74 A.1. Statistics Gathering Enabled . . . . . . . . . . . . . . 33 75 A.2. Automatic Detection of Properties . . . . . . . . . . . . 34 76 A.3. Override Default Properties . . . . . . . . . . . . . . . 35 77 A.4. Configuring other Properties . . . . . . . . . . . . . . 37 78 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 38 80 1. Introduction 82 This document defines a data model for the Babel routing protocol 83 [I-D.ietf-babel-rfc6126bis]. The data model is defined using YANG 84 1.1 [RFC7950] data modeling language and is Network Management 85 Datastore Architecture (NDMA) [RFC8342] compatible. It is based on 86 the Babel Information Model [I-D.ietf-babel-information-model]. 88 1.1. Note to RFC Editor 90 Artwork in this document contains shorthand references to drafts in 91 progress. Please apply the following replacements and remove this 92 note before publication. 94 o "XXXX" --> the assigned RFC value for this draft both in this 95 draft and in the YANG models under the revision statement. 97 o "ZZZZ" --> the assigned RFC value for Babel Information Model 98 [I-D.ietf-babel-information-model] 100 o Revision date in model, in the format 2019-10-18 needs to get 101 updated with the date the draft gets approved. The date also 102 needs to get reflected on the line with . 104 1.2. Tree Diagram Annotations 106 For a reference to the annotations used in tree diagrams included in 107 this draft, please see YANG Tree Diagrams [RFC8340]. 109 2. Babel Module 111 This document defines a YANG 1.1 [RFC7950] data model for the 112 configuration and management of Babel. The YANG module is based on 113 the Babel Information Model [I-D.ietf-babel-information-model]. 115 2.1. Information Model 117 There are a few things that should be noted between the Babel 118 Information Model and this data module. The information model 119 mandates the definition of some of the attributes, e.g. babel- 120 implementation-version or the babel-self-router-id. These attributes 121 are marked a read-only objects in the information module as well as 122 in this data module. However, there is no way in the data module to 123 mandate that a read-only attribute be present. It is up to the 124 implementation of this data module to make sure that the attributes 125 that are marked read-only and are mandatory are indeed present. 127 2.2. Tree Diagram 129 The following diagram illustrates a top level hierarchy of the model. 130 In addition to information like the version number implemented by 131 this device, the model contains subtrees on constants, interfaces, 132 routes and security. 134 module: ietf-babel 135 augment /rt:routing/rt:control-plane-protocols 136 /rt:control-plane-protocol: 137 +--rw babel! 138 +--ro version? string 139 +--rw enable boolean 140 +--ro router-id? binary 141 +--ro seqno? uint16 142 +--ro metric-comp-algorithms* identityref 143 +--ro security-supported* identityref 144 +--ro mac-algorithms* identityref 145 +--ro dtls-cert-types* identityref 146 +--rw stats-enable? boolean 147 +--rw constants 148 | ... 149 +--rw interfaces* [reference] 150 | ... 151 +--rw mac* [name] 152 | ... 153 +--rw dtls* [name] 154 | ... 155 +--ro routes* [prefix] 156 ... 158 The interfaces subtree describes attributes such as interface object 159 that is being referenced, the type of link as enumerated by metric- 160 algorithm and split-horizon and whether the interface is enabled or 161 not. 163 The constants subtree describes the UDP port used for sending and 164 receiving Babel messages, and the multicast group used to send and 165 receive announcements on IPv6. 167 The routes subtree describes objects such as the prefix for which the 168 route is advertised, a reference to the neighboring route, and next- 169 hop address. 171 Finally, for security two subtree are defined to contain MAC keys and 172 DTLS certificates. The mac subtree contains keys used with the MAC 173 security mechanism. The boolean flag default-apply indicates whether 174 the set of MAC keys is automatically applied to new interfaces. The 175 dtls subtree contains certificates used with DTLS security mechanism. 176 Similar to the MAC mechanism, the boolean flag default-apply 177 indicates whether the set of DTLS certificates is automatically 178 applied to new interfaces. 180 2.3. YANG Module 182 This YANG module augments the YANG Routing Management [RFC8349] 183 module to provide a common framework for all routing subsystems. By 184 augmenting the module it provides a common building block for routes, 185 and Routing Information Bases (RIBs). It also has a reference to an 186 interface defined by A YANG Data Model for Interface Management 187 [RFC8343]. 189 A router running Babel routing protocol can determine the parameters 190 it needs to use for an interface based on the interface name. For 191 example, it can detect that eth0 is a wired interface, and that wlan0 192 is a wireless interface. This is not true for a tunnel interface, 193 where the link parameters need to be configured explicitly. 195 For a wired interface, it will assume '2-out-of-3' 'metric- 196 algorithm', and 'split-horizon' set to true. On other hand, for a 197 wireless interface it will assume 'etx' 'metric-algorithm', and 198 'split-horizon' set to false. However, if the wired link is 199 connected to a wireless radio, the values can be overriden by setting 200 'metric-algorithm' to 'etx', and 'split-horizon' to false. 201 Similarly, an interface that is a metered 3G link, and used for 202 fallback connectivity needs much higher default time constants, e.g. 203 'mcast-hello-interval', and 'update-interval', in order to avoid 204 carrying control traffic as much as possible. 206 In addition to the modules used above, this module imports 207 definitions from Common YANG Data Types [RFC6991], and references 208 HMAC: Keyed-Hashing for Message Authentication [RFC2104], Using HMAC- 209 SHA-256, HMAC-SHA-384, and HMAC-SHA-512 [RFC4868], Datagram Transport 210 Layer Security Version 1.2 [RFC6347], The Blake2 Cryptographic Hash 211 and Message Authentication Code (MAC) [RFC7693], Babel Information 212 Model [I-D.ietf-babel-information-model], and The Babel Routing 213 Protocol [I-D.ietf-babel-rfc6126bis]. 215 file "ietf-babel@2019-10-18.yang" 217 module ietf-babel { 218 yang-version 1.1; 219 namespace "urn:ietf:params:xml:ns:yang:ietf-babel"; 220 prefix babel; 222 import ietf-yang-types { 223 prefix yt; 224 reference 225 "RFC 6991: Common YANG Data Types."; 226 } 227 import ietf-inet-types { 228 prefix inet; 229 reference 230 "RFC 6991: Common YANG Data Types."; 231 } 232 import ietf-interfaces { 233 prefix if; 234 reference 235 "RFC 8343: A YANG Data Model for Interface Management"; 236 } 237 import ietf-routing { 238 prefix "rt"; 239 reference 240 "RFC 8349: YANG Routing Management"; 241 } 243 organization 244 "IETF Babel routing protocol Working Group"; 246 contact 247 "WG Web: http://tools.ietf.org/wg/babel/ 248 WG List: babel@ietf.org 250 Editor: Mahesh Jethanandani 251 mjethanandani@gmail.com 252 Editor: Barbara Stark 253 bs7652@att.com"; 255 description 256 "This YANG module defines a model for the Babel routing 257 protocol. 259 The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL 260 NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', 261 'MAY', and 'OPTIONAL' in this document are to be interpreted as 262 described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, 263 they appear in all capitals, as shown here. 265 Copyright (c) 2019 IETF Trust and the persons identified as 266 authors of the code. All rights reserved. 268 Redistribution and use in source and binary forms, with or 269 without modification, is permitted pursuant to, and subject to 270 the license terms contained in, the Simplified BSD License set 271 forth in Section 4.c of the IETF Trust's Legal Provisions 272 Relating to IETF Documents 273 (https://trustee.ietf.org/license-info). 275 This version of this YANG module is part of RFC XXXX 276 (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself 277 for full legal notices."; 279 revision 2019-10-18 { 280 description 281 "Initial version."; 282 reference 283 "RFC XXXX: Babel YANG Data Model."; 284 } 286 /* 287 * Features 288 */ 289 feature two-out-of-three-supported { 290 description 291 "This implementation can support two-out-of-three metric 292 comp algorithm."; 293 } 295 feature etx-supported { 296 description 297 "This implementation can support Expected Transmission Count 298 (ETX) metric comp algorithm."; 299 } 301 /* 302 * Identities 303 */ 304 identity metric-comp-algorithms { 305 description 306 "Base identity from which all Babel metric comp algorithms 307 are derived."; 308 } 310 identity two-out-of-three { 311 base "metric-comp-algorithms"; 312 if-feature two-out-of-three-supported; 313 description 314 "2-out-of-3 algorithm."; 315 } 317 identity etx { 318 base "metric-comp-algorithms"; 319 if-feature etx-supported; 320 description 321 "Expected Transmission Count."; 322 } 323 /* 324 * Babel security type identities 325 */ 326 identity security-supported { 327 description 328 "Base identity from which all Babel security types are 329 derived."; 330 } 332 identity mac { 333 base security-supported; 334 description 335 "Keyed MAC supported."; 336 } 338 identity dtls { 339 base security-supported; 340 description 341 "Datagram Transport Layer Security (DTLS) supported."; 342 reference 343 "RFC 6347, Datagram Transport Layer Security Version 1.2."; 344 } 346 /* 347 * Babel MAC algorithms identities. 348 */ 349 identity mac-algorithms { 350 description 351 "Base identity for all Babel MAC algorithms."; 352 } 354 identity hmac-sha256 { 355 base mac-algorithms; 356 description 357 "HMAC-SHA256 algorithm supported."; 358 reference 359 "RFC 4868: Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 360 with IPsec."; 361 } 363 identity blake2s { 364 base mac-algorithms; 365 description 366 "BLAKE2s algorithm supported."; 367 reference 368 "RFC 7693: The BLAKE2 Cryptographic Hash and Message 369 Authentication Code (MAC)."; 370 } 371 /* 372 * Babel Cert Types 373 */ 374 identity dtls-cert-types { 375 description 376 "Base identity for Babel DTLS certificate types."; 377 } 379 identity x-509 { 380 base dtls-cert-types; 381 description 382 "X.509 certificate type."; 383 } 385 identity raw-public-key { 386 base dtls-cert-types; 387 description 388 "Raw Public Key type."; 389 } 391 /* 392 * Babel routing protocol identity. 393 */ 394 identity babel { 395 base "rt:routing-protocol"; 396 description 397 "Babel routing protocol"; 398 } 400 /* 401 * Groupings 402 */ 403 grouping routes { 404 list routes { 405 key "prefix"; 406 config false; 408 leaf prefix { 409 type inet:ip-prefix; 410 description 411 "Prefix (expressed in ip-address/prefix-length format) for 412 which this route is advertised."; 413 reference 414 "RFC ZZZZ: Babel Information Model, Section 3.6."; 415 } 417 leaf router-id { 418 type binary; 419 description 420 "router-id of the source router for which this route is 421 advertised."; 422 reference 423 "RFC ZZZZ: Babel Information Model, Section 3.6."; 424 } 426 leaf neighbor { 427 type leafref { 428 path "/rt:routing/rt:control-plane-protocols/" + 429 "rt:control-plane-protocol/babel/interfaces/" + 430 "neighbor-objects/neighbor-address"; 431 } 432 description 433 "Reference to the neighbor-objects entry for the neighbor 434 that advertised this route."; 435 reference 436 "RFC ZZZZ: Babel Information Model, Section 3.6."; 437 } 439 leaf received-metric { 440 type uint16; 441 description 442 "The metric with which this route was advertised by the 443 neighbor, or maximum value (infinity) to indicate the 444 route was recently retracted and is temporarily 445 unreachable. This metric will be 0 (zero) if the route 446 was not received from a neighbor but was generated 447 through other means. At least one of 448 calculated-metric or received-metric MUST be non-NULL."; 449 reference 450 "RFC ZZZZ: Babel Information Model, Section 3.6, 451 draft-ietf-babel-rfc6126bis: The Babel Routing Protocol, 452 Section 3.5.5."; 453 } 455 leaf calculated-metric { 456 type uint16; 457 description 458 "A calculated metric for this route. How the metric is 459 calculated is implementation-specific. Maximum value 460 (infinity) indicates the route was recently retracted 461 and is temporarily unreachable. At least one of 462 calculated-metric or received-metric MUST be non-NULL."; 463 reference 464 "RFC ZZZZ: Babel Information Model, Section 3.6, 465 draft-ietf-babel-rfc6126bis: The Babel Routing Protocol, 466 Section 3.5.5."; 468 } 470 leaf seqno { 471 type uint16; 472 description 473 "The sequence number with which this route was advertised."; 474 reference 475 "RFC ZZZZ: Babel Information Model, Section 3.6."; 476 } 478 leaf next-hop { 479 type inet:ip-address; 480 description 481 "The next-hop address of this route. This will be empty if 482 this route has no next-hop address."; 483 reference 484 "RFC ZZZZ: Babel Information Model, Section 3.6."; 485 } 487 leaf feasible { 488 type boolean; 489 description 490 "A boolean flag indicating whether this route is feasible."; 491 reference 492 "RFC ZZZZ: Babel Information Model, Section 3.6, 493 draft-ietf-babel-rfc6126bis, The Babel Routing Protocol, 494 Section 3.5.1."; 495 } 497 leaf selected { 498 type boolean; 499 description 500 "A boolean flag indicating whether this route is selected, 501 i.e., whether it is currently being used for forwarding and 502 is being advertised."; 503 reference 504 "RFC ZZZZ: Babel Information Model, Section 3.6."; 505 } 506 description 507 "A set of babel-route-obj objects. Includes received and 508 routes routes."; 509 reference 510 "RFC ZZZZ: Babel Information Model, Section 3.1."; 511 } 512 description 513 "Common grouping for routing used in RIB."; 514 } 515 /* 516 * Data model 517 */ 519 augment "/rt:routing/rt:control-plane-protocols/" + 520 "rt:control-plane-protocol" { 521 when "derived-from-or-self(rt:type, 'babel')" { 522 description 523 "Augmentation is valid only when the instance of routing type 524 is of type 'babel'."; 525 } 526 description 527 "Augment the routing module to support a common structure 528 between routing protocols."; 529 reference 530 "YANG Routing Management, RFC 8349, Lhotka & Lindem, March 531 2018."; 533 container babel { 534 presence "A Babel container."; 535 description 536 "Babel Information Objects."; 537 reference 538 "RFC ZZZZ: Babel Information Model, Section 3."; 540 leaf version { 541 type string; 542 config false; 543 description 544 "The name and version of this implementation of the Babel 545 protocol."; 546 reference 547 "RFC ZZZZ: Babel Information Model, Section 3.1."; 548 } 550 leaf enable { 551 type boolean; 552 mandatory true; 553 description 554 "When written, it configures whether the protocol should be 555 enabled. A read from the or datastore 556 therefore indicates the configured administrative value of 557 whether the protocol is enabled or not. 559 A read from the datastore indicates whether 560 the protocol is actually running or not, i.e. it indicates 561 the operational state of the protocol."; 562 reference 563 "RFC ZZZZ: Babel Information Model, Section 3.1."; 564 } 566 leaf router-id { 567 type binary; 568 config false; 569 description 570 "Every Babel speaker is assigned a router-id, which is an 571 arbitrary string of 8 octets that is assumed to be unique 572 across the routing domain"; 573 reference 574 "RFC ZZZZ: Babel Information Model, Section 3.1, 575 draft-ietf-babel-rfc6126bis: The Babel Routing Protocol, 576 Section 3."; 577 } 579 leaf seqno { 580 type uint16; 581 config false; 582 description 583 "Sequence number included in route updates for routes 584 originated by this node."; 585 reference 586 "RFC ZZZZ: Babel Information Model, Section 3.1."; 587 } 589 leaf-list metric-comp-algorithms { 590 type identityref { 591 base "metric-comp-algorithms"; 592 } 593 config false; 594 min-elements 1; 595 description 596 "List of cost compute algorithms supported by this 597 implementation of Babel."; 598 reference 599 "RFC ZZZZ: Babel Information Model, Section 3.1."; 600 } 602 leaf-list security-supported { 603 type identityref { 604 base "security-supported"; 605 } 606 config false; 607 min-elements 1; 608 description 609 "List of supported security mechanisms."; 610 reference 611 "RFC ZZZZ: Babel Information Model, Section 3.1."; 612 } 614 leaf-list mac-algorithms { 615 type identityref { 616 base mac-algorithms; 617 } 618 config false; 619 description 620 "List of supported MAC computation algorithms. Possible 621 values include 'HMAC-SHA256', 'BLAKE2s'."; 622 reference 623 "RFC ZZZZ: Babel Information Model, Section 3.1."; 624 } 626 leaf-list dtls-cert-types { 627 type identityref { 628 base dtls-cert-types; 629 } 630 config false; 631 description 632 "List of supported DTLS certificate types. Possible values 633 include 'X.509' and 'RawPublicKey'."; 634 reference 635 "RFC ZZZZ: Babel Information Model, Section 3.1."; 636 } 638 leaf stats-enable { 639 type boolean; 640 description 641 "Indicates whether statistics collection is enabled (true) 642 or disabled (false) on all interfaces."; 643 } 645 container constants { 646 description 647 "Babel Constants object."; 648 reference 649 "RFC ZZZZ: Babel Information Model, Section 3.1."; 651 leaf udp-port { 652 type inet:port-number; 653 default "6696"; 654 description 655 "UDP port for sending and receiving Babel messages. The 656 default port is 6696."; 657 reference 658 "RFC ZZZZ: Babel Information Model, Section 3.2."; 660 } 662 leaf mcast-group { 663 type inet:ip-address; 664 default "ff02::1:6"; 665 description 666 "Multicast group for sending and receiving multicast 667 announcements on IPv6."; 668 reference 669 "RFC ZZZZ: Babel Information Model, Section 3.2."; 670 } 671 } 673 list interfaces { 674 key "reference"; 676 description 677 "A set of Babel Interface objects."; 678 reference 679 "RFC ZZZZ: Babel Information Model, Section 3.3."; 681 leaf reference { 682 type if:interface-ref; 683 description 684 "References the name of the interface over which Babel 685 packets are sent and received."; 686 reference 687 "RFC ZZZZ: Babel Information Model, Section 3.3."; 688 } 690 leaf enable { 691 type boolean; 692 default "true"; 693 description 694 "If true, babel sends and receives messages on this 695 interface. If false, babel messages received on this 696 interface are ignored and none are sent."; 697 reference 698 "RFC ZZZZ: Babel Information Model, Section 3.3."; 699 } 701 leaf metric-algorithm { 702 type identityref { 703 base metric-comp-algorithms; 704 } 705 mandatory true; 706 description 707 "Indicates the metric computation algorithm used on this 708 interface. The value MUST be one of those identities 709 based on 'metric-comp-algorithms'."; 710 reference 711 "RFC ZZZZ: Babel Information Model, Section 3.X."; 712 } 714 leaf split-horizon { 715 type boolean; 716 description 717 "Indicates whether or not the split horizon optimization 718 is used when calculating metrics on this interface. 719 A value of true indicates split horizon optimization 720 is used."; 721 reference 722 "RFC ZZZZ: Babel Information Model, Section 3.X."; 723 } 725 leaf mcast-hello-seqno { 726 type uint16; 727 config false; 728 description 729 "The current sequence number in use for multicast hellos 730 sent on this interface."; 731 reference 732 "RFC ZZZZ: Babel Information Model, Section 3.3."; 733 } 735 leaf mcast-hello-interval { 736 type uint16; 737 units centiseconds; 738 description 739 "The current multicast hello interval in use for hellos 740 sent on this interface."; 741 reference 742 "RFC ZZZZ: Babel Information Model, Section 3.3."; 743 } 745 leaf update-interval { 746 type uint16; 747 units centiseconds; 748 description 749 "The current update interval in use for this interface. 750 Units are centiseconds."; 751 reference 752 "RFC ZZZZ: Babel Information Model, Section 3.3."; 753 } 755 leaf mac-enable { 756 type boolean; 757 description 758 "Indicates whether the MAC security mechanism is enabled 759 (true) or disabled (false)."; 760 reference 761 "RFC ZZZZ: Babel Information Model, Section 3.3."; 762 } 764 leaf-list mac-key-sets { 765 type leafref { 766 path "../../mac/name"; 767 } 768 description 769 "List of references to the mac entries that apply 770 to this interface. When an interface instance is 771 created, all mac instances with default-apply 'true' 772 will be included in this list."; 773 reference 774 "RFC ZZZZ: Babel Information Model, Section 3.3."; 775 } 777 leaf mac-verify { 778 type boolean; 779 description 780 "A Boolean flag indicating whether MAC hashes in 781 incoming Babel packets are required to be present and 782 are verified. If this parameter is 'true', incoming 783 packets are required to have a valid MAC hash."; 784 reference 785 "RFC ZZZZ: Babel Information Model, Section 3.3."; 786 } 788 leaf dtls-enable { 789 type boolean; 790 description 791 "Indicates whether the DTLS security mechanism is enabled 792 (true) or disabled (false)."; 793 reference 794 "RFC ZZZZ: Babel Information Model, Section 3.3."; 795 } 797 leaf-list dtls-certs { 798 type leafref { 799 path "../../dtls/name"; 800 } 801 description 802 "List of references to the dtls entries that apply to 803 this interface. When an interface instance 804 is created, all dtls instances with default-apply 805 'true' will be included in this list."; 806 reference 807 "RFC ZZZZ: Babel Information Model, Section 3.3."; 808 } 810 leaf dtls-cached-info { 811 type boolean; 812 description 813 "Indicates whether the cached_info extension is included 814 in ClientHello and ServerHello packets. The extension 815 is included if the value is 'true'."; 816 reference 817 "RFC ZZZZ: Babel Information Model, Section 3.3."; 818 } 820 leaf-list dtls-cert-prefer { 821 type leafref { 822 path "../../dtls/certs/type"; 823 } 824 ordered-by user; 825 description 826 "List of supported certificate types, in order of 827 preference. The values MUST be among those listed in 828 dtls-cert-types. This list is used to populate the 829 server_certificate_type extension in a Client Hello. 830 Values that are present in at least one instance in the 831 certs object under dtls of a referenced dtls instance 832 and that have a non-empty private-key will be used to 833 populate the client_certificate_type extension in a 834 Client Hello."; 835 reference 836 "RFC ZZZZ: Babel Information Model, Section 3.3."; 837 } 839 leaf packet-log-enable { 840 type boolean; 841 description 842 "If true, logging of babel packets received on this 843 interface is enabled; if false, babel packets are not 844 logged."; 845 reference 846 "RFC ZZZZ: Babel Information Model, Section 3.3."; 847 } 849 leaf packet-log { 850 type inet:uri; 851 config false; 852 description 853 "A reference or url link to a file that contains a 854 timestamped log of packets received and sent on 855 udp-port on this interface. The [libpcap] file 856 format with .pcap file extension SHOULD be supported for 857 packet log files. Logging is enabled / disabled by 858 packet-log-enable."; 859 reference 860 "RFC ZZZZ: Babel Information Model, Section 3.3."; 861 } 863 container stats { 864 config false; 866 description 867 "Statistics collection object for this interface."; 868 reference 869 "RFC ZZZZ: Babel Information Model, Section 3.3."; 871 leaf sent-mcast-hello { 872 type yt:counter32; 873 description 874 "A count of the number of multicast Hello packets sent 875 on this interface."; 876 reference 877 "RFC ZZZZ: Babel Information Model, Section 3.4."; 878 } 880 leaf sent-mcast-update { 881 type yt:counter32; 882 description 883 "A count of the number of multicast update packets sent 884 on this interface."; 885 reference 886 "RFC ZZZZ: Babel Information Model, Section 3.4."; 887 } 889 leaf sent-ucast-hello { 890 type yt:counter32; 891 description 892 "A count of the number of unicast Hello packets sent 893 to this neighbor."; 894 reference 895 "RFC ZZZZ: Babel Information Model, Section 3.6."; 896 } 898 leaf sent-ucast-update { 899 type yt:counter32; 900 description 901 "A count of the number of unicast update packets sent 902 to this neighbor."; 903 reference 904 "RFC ZZZZ: Babel Information Model, Section 3.6."; 905 } 907 leaf sent-ihu { 908 type yt:counter32; 909 description 910 "A count of the number of IHU packets sent to this 911 neighbor."; 912 reference 913 "RFC ZZZZ: Babel Information Model, Section 3.6."; 914 } 916 leaf received-packets { 917 type yt:counter32; 918 description 919 "A count of the number of Babel packets received on 920 this interface."; 921 reference 922 "RFC ZZZZ: Babel Information Model, Section 3.4."; 923 } 924 action reset { 925 description 926 "The information model [RFC ZZZZ] defines reset 927 action as a system-wide reset of Babel statistics. 928 In YANG the reset action is associated with the 929 container where the action is defined. In this case 930 the action is associated with the stats container 931 inside an interface. The action will therefore 932 reset statistics at an interface level. 934 Implementations that want to support a system-wide 935 reset of Babel statistics need to call this action 936 for every instance of the interface."; 938 input { 939 leaf reset-at { 940 type yt:date-and-time; 941 description 942 "The time when the reset was issued."; 943 } 944 } 945 output { 946 leaf reset-finished-at { 947 type yt:date-and-time; 948 description 949 "The time when the reset finished."; 950 } 951 } 952 } 953 } 955 list neighbor-objects { 956 key "neighbor-address"; 957 config false; 959 description 960 "A set of Babel Neighbor Object."; 961 reference 962 "RFC ZZZZ: Babel Information Model, Section 3.5."; 964 leaf neighbor-address { 965 type inet:ip-address; 966 description 967 "IPv4 or v6 address the neighbor sends packets from."; 968 reference 969 "RFC ZZZZ: Babel Information Model, Section 3.5."; 970 } 972 leaf hello-mcast-history { 973 type string; 974 description 975 "The multicast Hello history of whether or not the 976 multicast Hello packets prior to exp-mcast- 977 hello-seqno were received, with a '1' for the most 978 recent Hello placed in the most significant bit and 979 prior Hellos shifted right (with '0' bits placed 980 between prior Hellos and most recent Hello for any 981 not-received Hellos); represented as a string using 982 utf-8 encoded hex digits where a '1' bit = Hello 983 received and a '0' bit = Hello not received."; 984 reference 985 "RFC ZZZZ: Babel Information Model, Section 3.5."; 986 } 988 leaf hello-ucast-history { 989 type string; 990 description 991 "The unicast Hello history of whether or not the 992 unicast Hello packets prior to exp-ucast-hello-seqno 993 were received, with a '1' for the most 994 recent Hello placed in the most significant bit and 995 prior Hellos shifted right (with '0' bits placed 996 between prior Hellos and most recent Hello for any 997 not-received Hellos); represented as a string using 998 utf-8 encoded hex digits where a '1' bit = Hello 999 received and a '0' bit = Hello not received."; 1000 reference 1001 "RFC ZZZZ: Babel Information Model, Section 3.5."; 1002 } 1004 leaf txcost { 1005 type int32; 1006 default "0"; 1007 description 1008 "Transmission cost value from the last IHU packet 1009 received from this neighbor, or maximum value 1010 (infinity) to indicate the IHU hold timer for this 1011 neighbor has expired description."; 1012 reference 1013 "RFC ZZZZ: Babel Information Model, Section 3.5."; 1014 } 1016 leaf exp-mcast-hello-seqno { 1017 type uint16; 1018 default "0"; 1019 description 1020 "Expected multicast Hello sequence number of next Hello 1021 to be received from this neighbor; if multicast Hello 1022 packets are not expected, or processing of multicast 1023 packets is not enabled, this MUST be NULL."; 1024 reference 1025 "RFC ZZZZ: Babel Information Model, Section 3.5."; 1026 } 1028 leaf exp-ucast-hello-seqno { 1029 type uint16; 1030 default "0"; 1031 description 1032 "Expected unicast Hello sequence number of next Hello to 1033 be received from this neighbor; if unicast Hello 1034 packets are not expected, or processing of unicast 1035 packets is not enabled, this MUST be NULL."; 1036 reference 1037 "RFC ZZZZ: Babel Information Model, Section 3.5."; 1038 } 1040 leaf ucast-hello-seqno { 1041 type uint16; 1042 description 1043 "Expected unicast Hello sequence number of next Hello 1044 to be received from this neighbor. If unicast Hello 1045 packets are not expected, or processing of unicast 1046 packets is not enabled, this MUST be 0."; 1047 reference 1048 "RFC ZZZZ: Babel Information Model, Section 3.5."; 1049 } 1051 leaf ucast-hello-interval { 1052 type uint16; 1053 units centiseconds; 1054 description 1055 "The current interval in use for unicast hellos sent to 1056 this neighbor. Units are centiseconds."; 1057 reference 1058 "RFC ZZZZ: Babel Information Model, Section 3.5."; 1059 } 1061 leaf rxcost { 1062 type int32; 1063 description 1064 "Reception cost calculated for this neighbor. This value 1065 is usually derived from the Hello history, which may be 1066 combined with other data, such as statistics maintained 1067 by the link layer. The rxcost is sent to a neighbor in 1068 each IHU."; 1069 reference 1070 "RFC ZZZZ: Babel Information Model, Section 3.5."; 1071 } 1073 leaf cost { 1074 type int32; 1075 description 1076 "Link cost is computed from the values maintained in 1077 the neighbor table. The statistics kept in the neighbor 1078 table about the reception of Hellos, and the txcost 1079 computed from received IHU packets."; 1080 reference 1081 "RFC ZZZZ: Babel Information Model, Section 3.5."; 1082 } 1083 } 1084 } 1086 list mac { 1087 key "name"; 1089 description 1090 "A mac object. If this object is implemented, it 1091 provides access to parameters related to the MAC security 1092 mechanism."; 1093 reference 1094 "RFC ZZZZ: Babel Information Model, Section 3.7."; 1096 leaf name { 1097 type string; 1098 description 1099 "A string that uniquely identifies the mac object."; 1100 } 1102 leaf default-apply { 1103 type boolean; 1104 description 1105 "A Boolean flag indicating whether this mac 1106 instance is applied to all new interfaces, by default. 1107 If 'true', this instance is applied to new 1108 interfaces instances at the time they are created, 1109 by including it in the mac-key-sets list under 1110 interfaces. If 'false', this instance is not applied 1111 to new interfaces instances when they are created."; 1112 reference 1113 "RFC ZZZZ: Babel Information Model, Section 3.7."; 1114 } 1116 list keys { 1117 key "name"; 1118 min-elements "1"; 1120 description 1121 "A set of keys objects."; 1122 reference 1123 "RFC ZZZZ: Babel Information Model, Section 3.8."; 1125 leaf name { 1126 type string; 1127 mandatory true; 1128 description 1129 "A unique name for this MAC key that can be used to 1130 identify the key in this object instance, since the key 1131 value is not allowed to be read. This value can only be 1132 provided when this instance is created, and is not 1133 subsequently writable."; 1134 reference 1135 "RFC ZZZZ: Babel Information Model, Section 3.8."; 1136 } 1138 leaf use-sign { 1139 type boolean; 1140 mandatory true; 1141 description 1142 "Indicates whether this key value is used to sign sent 1143 Babel packets. Sent packets are signed using this key 1144 if the value is 'true'. If the value is 'false', this 1145 key is not used to sign sent Babel packets."; 1146 reference 1147 "RFC ZZZZ: Babel Information Model, Section 3.8."; 1148 } 1150 leaf use-verify { 1151 type boolean; 1152 mandatory true; 1153 description 1154 "Indicates whether this key value is used to verify 1155 incoming Babel packets. This key is used to verify 1156 incoming packets if the value is 'true'. If the value 1157 is 'false', no MAC is computed from this key for 1158 comparing an incoming packet."; 1159 reference 1160 "RFC ZZZZ: Babel Information Model, Section 3.8."; 1161 } 1163 leaf value { 1164 type binary; 1165 mandatory true; 1166 description 1167 "The value of the MAC key. An implementation MUST NOT 1168 allow this parameter to be read. This can be done by 1169 always providing an empty string, or through 1170 permissions, or other means. This value MUST be 1171 provided when this instance is created, and is not 1172 subsequently writable. 1174 This value is of a length suitable for the associated 1175 algorithm. If the algorithm is based on 1176 the HMAC construction [RFC2104], the length MUST be 1177 between 0 and the block size of the underlying hash 1178 inclusive (where 'HMAC-SHA256' block size is 64 1179 bytes as described in [RFC4868]). If the algorithm 1180 is 'BLAKE2s', the length MUST be between 0 and 32 1181 bytes inclusive, as described in [RFC7693]."; 1182 reference 1183 "RFC ZZZZ: Babel Information Model, Section 3.8, 1184 RFC 2104: HMAC: Keyed-Hashing for Message 1185 Authentication 1186 RFC 4868: Using HMAC-SHA-256, HMAC-SHA-384, and 1187 HMAC-SHA-512 with IPsec, 1189 RFC 7693: The BLAKE2 Cryptographic Hash and Message 1190 Authentication Code (MAC)."; 1191 } 1193 leaf algorithm { 1194 type identityref { 1195 base mac-algorithms; 1196 } 1197 description 1198 "The name of the MAC algorithm used with this key. The 1199 value MUST be the same as one of the enumerations 1200 listed in the mac-algorithms parameter."; 1201 reference 1202 "RFC ZZZZ: Babel Information Model, Section 3.8."; 1203 } 1205 action test { 1206 description 1207 "An operation that allows the MAC key and hash 1208 algorithm to be tested to see if they produce an 1209 expected outcome. Input to this operation is a 1210 binary string. The implementation is expected to 1211 create a hash of this string using the value and 1212 the algorithm. The output of this operation is 1213 the resulting hash, as a binary string."; 1214 reference 1215 "RFC ZZZZ: Babel Information Model, Section 3.8."; 1217 input { 1218 leaf test-string { 1219 type binary; 1220 mandatory true; 1221 description 1222 "Input to this operation is a binary string. 1223 The implementation is expected to create 1224 a hash of this string using the value and 1225 the algorithm."; 1226 reference 1227 "RFC ZZZZ: Babel Information Model, Section 3.8."; 1228 } 1229 } 1230 output { 1231 leaf resulting-hash { 1232 type binary; 1233 mandatory true; 1234 description 1235 "The output of this operation is 1236 the resulting hash, as a binary string."; 1238 reference 1239 "RFC ZZZZ: Babel Information Model, Section 3.8."; 1240 } 1241 } 1242 } 1243 } 1244 } 1246 list dtls { 1247 key "name"; 1249 description 1250 "A dtls object. If this object is implemented, 1251 it provides access to parameters related to the DTLS 1252 security mechanism."; 1253 reference 1254 "RFC ZZZZ: Babel Information Model, Section 3.9"; 1256 leaf name { 1257 type string; 1258 description 1259 "A string that uniquely identifies a dtls object."; 1260 } 1262 leaf default-apply { 1263 type boolean; 1264 mandatory true; 1265 description 1266 "A Boolean flag indicating whether this dtls 1267 instance is applied to all new interfaces, by default. If 1268 'true', this instance is applied to new interfaces 1269 instances at the time they are created, by including it 1270 in the dtls-certs list under interfaces. If 'false', 1271 this instance is not applied to new interfaces 1272 instances when they are created."; 1273 reference 1274 "RFC ZZZZ: Babel Information Model, Section 3.9."; 1275 } 1277 list certs { 1278 key "name"; 1279 min-elements "1"; 1281 description 1282 "A set of cert objects. This contains 1283 both certificates for this implementation to present 1284 for authentication, and to accept from others. 1285 Certificates with a non-empty private-key 1286 can be presented by this implementation for 1287 authentication."; 1288 reference 1289 "RFC ZZZZ: Babel Information Model, Section 3.10."; 1291 leaf name { 1292 type string; 1293 description 1294 "A unique name for this DTLS certificate that can be 1295 used to identify the certificate in this object 1296 instance, since the value is too long to be useful 1297 for identification. This value MUST NOT be empty 1298 and can only be provided when this instance is created 1299 (i.e., it is not subsequently writable)."; 1300 reference 1301 "RFC ZZZZ: Babel Information Model, Section 3.10."; 1302 } 1304 leaf value { 1305 type string; 1306 mandatory true; 1307 description 1308 "The DTLS certificate in PEM format [RFC7468]. This 1309 value can only be provided when this instance is 1310 created, and is not subsequently writable."; 1311 reference 1312 "RFC ZZZZ: Babel Information Model, Section 3.10."; 1313 } 1315 leaf type { 1316 type identityref { 1317 base dtls-cert-types; 1318 } 1319 mandatory true; 1320 description 1321 "The name of the certificate type of this object 1322 instance. The value MUST be the same as one of the 1323 enumerations listed in the dtls-cert-types 1324 parameter. This value can only be provided when this 1325 instance is created, and is not subsequently writable."; 1326 reference 1327 "RFC ZZZZ: Babel Information Model, Section 3.10."; 1328 } 1330 leaf private-key { 1331 type binary; 1332 mandatory true; 1333 description 1334 "The value of the private key. If this is non-empty, 1335 this certificate can be used by this implementation to 1336 provide a certificate during DTLS handshaking. An 1337 implementation MUST NOT allow this parameter to be 1338 read. This can be done by always providing an empty 1339 string, or through permissions, or other means. This 1340 value can only be provided when this instance is 1341 created, and is not subsequently writable."; 1342 reference 1343 "RFC ZZZZ: Babel Information Model, Section 3.10."; 1344 } 1346 action test { 1347 input { 1348 leaf test-string { 1349 type binary; 1350 mandatory true; 1351 description 1352 "The test string on which this test has to be 1353 performed."; 1354 } 1355 } 1356 output { 1357 leaf resulting-hash { 1358 type binary; 1359 mandatory true; 1360 description 1361 "The output of this operation is a binary string, 1362 and is the resulting hash computed using the 1363 certificate public key, and the SHA-256 1364 hash algorithm."; 1365 } 1366 } 1367 } 1368 } 1369 } 1371 uses routes; 1372 } 1373 } 1374 } 1376 1378 3. IANA Considerations 1380 This document registers one URIs and one YANG module. 1382 3.1. URI Registrations 1384 URI: urn:ietf:params:xml:ns:yang:ietf-babel 1386 3.2. YANG Module Name Registration 1388 This document registers one YANG module in the YANG Module Names 1389 registry YANG [RFC6020]. 1391 Name:ietf-babel 1392 Namespace: urn:ietf:params:xml:ns:yang:ietf-babel 1393 prefix: babel 1394 reference: RFC XXXX 1396 4. Security Considerations 1398 The YANG module specified in this document defines a schema for data 1399 that is designed to be accessed via network management protocol such 1400 as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer 1401 is the secure transport layer and the mandatory-to-implement secure 1402 transport is SSH [RFC6242]. The lowest RESTCONF layer is HTTPS, and 1403 the mandatory-to-implement secure transport is TLS [RFC8446]. 1405 The NETCONF Access Control Model (NACM [RFC8341]) provides the means 1406 to restrict access for particular NETCONF users to a pre-configured 1407 subset of all available NETCONF protocol operations and content. 1409 There are a number of data nodes defined in the YANG module which are 1410 writable/created/deleted (i.e., config true, which is the default). 1411 These data nodes may be considered sensitive or vulnerable in some 1412 network environments. Write operations (e.g., ) to 1413 these data nodes without proper protection can have a negative effect 1414 on network operations.These are the subtrees and data nodes and their 1415 sensitivity/vulnerability from a config true perspective: 1417 babel: This container includes an "enable" parameter that can be used 1418 to enable or disable use of Babel on a router 1420 babel/constants: This container includes configuration parameters 1421 that can prevent reachability if misconfigured. 1423 babel/interfaces: This leaf-list has configuration parameters that 1424 can enable/disable security mechanisms and change performance 1425 characteristics of the Babel protocol. 1427 babel/hmac and babel/dtls: These contain security credentials that 1428 influence whether packets are trusted. 1430 Some of the readable data or config false nodes in this YANG module 1431 may be considered sensitive or vulnerable in some network 1432 environments. It is thus important to control read access (e.g., via 1433 get, get-config, or notification) to these data nodes. These are the 1434 subtrees and data nodes and their sensitivity/vulnerability from a 1435 config false perpective: 1437 babel: Access to the information in the various nodes can disclose 1438 the network topology. Additionally, the routes used by a network 1439 device may be used to mount a subsequent attack on traffic traversing 1440 the network device. 1442 babel/hmac and babel/dtls: These contain security credentials, 1443 include private credentials of the router. 1445 Some of the RPC operations in this YANG module may be considered 1446 sensitive or vulnerable in some network environments. It is thus 1447 important to control access to these operations. These are the 1448 operations and their sensitivity/vulnerability from a RPC operation 1449 perspective: 1451 babel/hmac/hmac/keys/test and babel/dtls/certs/test: These can be 1452 used in a brute force attack to identify the credentials being used 1453 to secure the Babel protocol. 1455 5. Acknowledgements 1457 Juliusz Chroboczek provided most of the example configurations for 1458 babel that are shown in the Appendix. 1460 6. References 1462 6.1. Normative References 1464 [I-D.ietf-babel-rfc6126bis] 1465 Chroboczek, J. and D. Schinazi, "The Babel Routing 1466 Protocol", draft-ietf-babel-rfc6126bis-14 (work in 1467 progress), August 2019. 1469 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1470 Requirement Levels", BCP 14, RFC 2119, 1471 DOI 10.17487/RFC2119, March 1997, 1472 . 1474 [RFC4868] Kelly, S. and S. Frankel, "Using HMAC-SHA-256, HMAC-SHA- 1475 384, and HMAC-SHA-512 with IPsec", RFC 4868, 1476 DOI 10.17487/RFC4868, May 2007, 1477 . 1479 [RFC6347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer 1480 Security Version 1.2", RFC 6347, DOI 10.17487/RFC6347, 1481 January 2012, . 1483 [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", 1484 RFC 6991, DOI 10.17487/RFC6991, July 2013, 1485 . 1487 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 1488 RFC 7950, DOI 10.17487/RFC7950, August 2016, 1489 . 1491 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 1492 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 1493 May 2017, . 1495 [RFC8343] Bjorklund, M., "A YANG Data Model for Interface 1496 Management", RFC 8343, DOI 10.17487/RFC8343, March 2018, 1497 . 1499 [RFC8349] Lhotka, L., Lindem, A., and Y. Qu, "A YANG Data Model for 1500 Routing Management (NMDA Version)", RFC 8349, 1501 DOI 10.17487/RFC8349, March 2018, 1502 . 1504 6.2. Informative References 1506 [I-D.ietf-babel-information-model] 1507 Stark, B. and M. Jethanandani, "Babel Information Model", 1508 draft-ietf-babel-information-model-10 (work in progress), 1509 October 2019. 1511 [RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed- 1512 Hashing for Message Authentication", RFC 2104, 1513 DOI 10.17487/RFC2104, February 1997, 1514 . 1516 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 1517 the Network Configuration Protocol (NETCONF)", RFC 6020, 1518 DOI 10.17487/RFC6020, October 2010, 1519 . 1521 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 1522 and A. Bierman, Ed., "Network Configuration Protocol 1523 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 1524 . 1526 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 1527 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 1528 . 1530 [RFC7693] Saarinen, M-J., Ed. and J-P. Aumasson, "The BLAKE2 1531 Cryptographic Hash and Message Authentication Code (MAC)", 1532 RFC 7693, DOI 10.17487/RFC7693, November 2015, 1533 . 1535 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 1536 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 1537 . 1539 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 1540 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 1541 . 1543 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration 1544 Access Control Model", STD 91, RFC 8341, 1545 DOI 10.17487/RFC8341, March 2018, 1546 . 1548 [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., 1549 and R. Wilton, "Network Management Datastore Architecture 1550 (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, 1551 . 1553 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 1554 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 1555 . 1557 Appendix A. An Appendix 1559 This section is devoted to examples that demonstrate how Babel can be 1560 configured. 1562 A.1. Statistics Gathering Enabled 1564 In this example, interface eth0 is being configured for routing 1565 protocol Babel, and statistics gathering is enabled. 1567 1568 1569 1571 1572 eth0 1573 ianaift:ethernetCsmacd 1574 true 1575 1576 1577 1579 1580 1581 babel:babel 1583 1584 name:babel 1585 1587 true 1588 1589 eth0 1590 two-out-of-three 1591 true 1592 1593 true 1594 1595 1596 1597 1598 1600 A.2. Automatic Detection of Properties 1602 1612 1613 1614 1616 1617 eth0 1618 ianaift:ethernetCsmacd 1619 true 1620 1621 1622 wlan0 1623 ianaift:ieee80211 1624 true 1625 1626 1627 1629 1630 1631 babel:babel 1633 1634 name:babel 1635 1637 true 1638 1639 eth0 1640 true 1641 two-out-of-three 1642 true 1643 1644 1645 wlan0 1646 true 1647 etx 1648 false 1649 1650 1651 1652 1653 1654 1656 A.3. Override Default Properties 1658 1675 1676 1677 1679 1680 eth0 1681 ianaift:ethernetCsmacd 1682 true 1683 1684 1685 eth1 1686 ianaift:ethernetCsmacd 1687 true 1688 1689 1690 tun0 1691 ianaift:tunnel 1692 true 1693 1694 1695 1697 1698 1699 babel:babel 1701 1702 name:babel 1703 1705 true 1706 1707 eth0 1708 true 1709 two-out-of-three 1710 true 1712 1713 1714 eth1 1715 true 1716 etx 1717 false 1718 1719 1720 tun0 1721 true 1722 two-out-of-three 1723 true 1724 1725 1726 1727 1728 1729 1731 A.4. Configuring other Properties 1733 1743 1744 1745 1747 1748 eth0 1749 ianaift:ethernetCsmacd 1750 true 1751 1752 1753 ppp0 1754 ianaift:ppp 1755 true 1756 1757 1758 1761 1762 1763 babel:babel 1765 1766 name:babel 1767 1769 true 1770 1771 eth0 1772 true 1773 two-out-of-three 1774 true 1775 1776 1777 ppp0 1778 true 1779 30 1780 120 1781 two-out-of-three 1782 1783 1784 1785 1786 1787 1789 Authors' Addresses 1791 Mahesh Jethanandani 1792 VMware 1793 California 1794 USA 1796 Email: mjethanandani@gmail.com 1798 Barbara Stark 1799 AT&T 1800 Atlanta, GA 1801 USA 1803 Email: barbara.stark@att.com