idnits 2.17.1 draft-ietf-bess-evpn-yang-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 345 has weird spacing: '...-target rt-...' == Line 360 has weird spacing: '...-target rt-...' == Line 379 has weird spacing: '...-target rt-...' == Line 394 has weird spacing: '...-target rt-...' == Line 408 has weird spacing: '...-target rt-...' == The document doesn't use any RFC 2119 keywords, yet seems to have RFC 2119 boilerplate text. -- The document date (March 13, 2017) is 2599 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Obsolete informational reference (is this intentional?): RFC 6536 (Obsoleted by RFC 8341) Summary: 0 errors (**), 0 flaws (~~), 7 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 BESS Working Group P. Brissette 3 A.Sajassi 4 Internet Draft Cisco System 5 Intended Status: Proposed Standard H. Shah 6 Expires: September 14, 2017 Ciena Corporation 7 Z. Li 8 Huawei Technologies 9 I. Chen 10 Jabil 11 K. Tiruveedhula 12 Juniper Networks 13 I. Hussain 14 Infinera Corporation 15 J. Rabadan 16 Nokia 18 March 13, 2017 20 Yang Data Model for EVPN 21 draft-ietf-bess-evpn-yang-02 23 Abstract 25 This document describes a YANG data model for Ethernet VPN services. 26 The model is agnostic of the underlay. It apply to MPLS as well as to 27 VxLAN encapsulation. The model is also agnostic of the services 28 including E-LAN, E-LINE and E-TREE services. Any "add-on" features 29 such as EVPN IRB, EVPN overlay, etc. are for future investigation. 30 This document mainly focuses on EVPN and Ethernet-Segment instance 31 framework. 33 Status of this Memo 35 This Internet-Draft is submitted to IETF in full conformance with the 36 provisions of BCP 78 and BCP 79. 38 Internet-Drafts are working documents of the Internet Engineering 39 Task Force (IETF), its areas, and its working groups. Note that 40 other groups may also distribute working documents as 41 Internet-Drafts. 43 Internet-Drafts are draft documents valid for a maximum of six months 44 and may be updated, replaced, or obsoleted by other documents at any 45 time. It is inappropriate to use Internet-Drafts as reference 46 material or to cite them other than as "work in progress." 47 The list of current Internet-Drafts can be accessed at 48 http://www.ietf.org/1id-abstracts.html 50 The list of Internet-Draft Shadow Directories can be accessed at 51 http://www.ietf.org/shadow.html 53 Copyright and License Notice 55 Copyright (c) 2017 IETF Trust and the persons identified as the 56 document authors. All rights reserved. 58 This document is subject to BCP 78 and the IETF Trust's Legal 59 Provisions Relating to IETF Documents 60 (http://trustee.ietf.org/license-info) in effect on the date of 61 publication of this document. Please review these documents 62 carefully, as they describe your rights and restrictions with respect 63 to this document. Code Components extracted from this document must 64 include Simplified BSD License text as described in Section 4.e of 65 the Trust Legal Provisions and are provided without warranty as 66 described in the Simplified BSD License. 68 Convention 70 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 71 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 72 document are to be interpreted as described in [RFC2119]. 74 Table of Contents 76 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 77 2. Specification of Requirements . . . . . . . . . . . . . . . . . 5 78 3. EVPN YANG Model . . . . . . . . . . . . . . . . . . . . . . . . 5 79 3.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . 5 80 3.2 Ethernet-Segment Model . . . . . . . . . . . . . . . . . . . 6 81 3.3 EVPN Model . . . . . . . . . . . . . . . . . . . . . . . . . 6 82 4. YANG Module . . . . . . . . . . . . . . . . . . . . . . . . . . 7 83 4.1 Ethernet Segment Yang Module . . . . . . . . . . . . . . . . 7 84 4.2 EVPN Yang Module . . . . . . . . . . . . . . . . . . . . . . 9 85 5. Security Considerations . . . . . . . . . . . . . . . . . . . . 11 86 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 11 87 7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . 11 88 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 12 89 8.1. Normative References . . . . . . . . . . . . . . . . . . . 12 90 8.2. Informative References . . . . . . . . . . . . . . . . . . 12 91 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 12 93 1. Introduction 95 The Network Configuration Protocol (NETCONF) [RFC6241] is a network 96 management protocol that defines mechanisms to manage network 97 devices. YANG [RFC6020] is a modular language that represents data 98 structures in an XML or JSON tree format, and is used as a data 99 modeling language for the NETCONF. 101 This document introduces a YANG data model for Ethernet VPN services 102 (EVPN) [RFC7432], Provider Backbone Bridging Combined with Ethernet 103 VPN (PBB-EVPN) [RFC7623] as well as other WG draft such as EVPN-VPWS, 104 etc. The EVPN services runs over MPLS and VxLAN underlay. 106 The Yang data model in this document defines Ethernet VPN based 107 services. The model will leverage the definitions used in other IETF 108 Yang draft such as L2VPN Yang. 110 The goal is to propose a data object model consisting of building 111 blocks that can be assembled in different order to realize different 112 EVPN-based services. The definition work is undertaken initially by a 113 smaller working group with members representing various vendors and 114 service providers. The EVPN basic framework consist of two modules: 115 EVPN and Ethernet-Segment. These models are completely orthogonal. 116 They usually work in pair but user can definitely use one or the 117 other for its own need. 119 The data model is defined for following constructs that are used for 120 managing the services: 122 o Configuration 124 o Operational State 126 o Executables (Actions) 128 o Notifications 130 The document is organized to first define the data model for the 131 configuration, operational state, actions and notifications of EVPN 132 and Ethernet-Segment. 134 The EVPN data object model defined in this document uses the instance 135 centric approach whereby EVPN service attributes are specified for a 136 given EVPN instance. 138 The Ethernet-Segment data object model defined in this document refer 139 to a specific interface. That interface can be a physical interface, 140 a bundle interface or virtual interface. The latter includes 141 pseudowires. The purpose of creating a separate module is due to the 142 fact that it can be used without having the need to have EVPN 143 configured as layer 2 service. For example, an access node can be 144 dual-homed to two service nodes servicing a VPLS core. The access 145 connectivity can be represented by an Ethernet-Segment where EVPN BGP 146 DF election is performed over both service nodes. The core remains 147 VPLS where no EVPN instance is required. 148 2. Specification of Requirements 150 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL 151 NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" 152 in this document are to be interpreted as described in [RFC2119]. 154 3. EVPN YANG Model 156 3.1. Overview 158 Two top level module, Ethernet-Segment and EVPN, are defined. The 159 Ethernet-Segment contains a list of interface to which any Ethernet- 160 Segment attributes are configured/applied. 162 The EVPN module has 2 main containers: common and instance. The 163 first one has common attributes to all VPNs where as the latter has 164 attributes specific to an EVI. This document state the scope of the 165 EVPN object models definition. The following documents are within the 166 scope. This is not an exhaustive list but a representation of 167 documents that are covered for this work: 169 o Requirements for EVPN: RFC 7209 170 o EVPN: RFC 7432 171 o PBB-EVPN: RFC 7623 173 The integration with L2VPN instance Yang model is being done as part 174 of the L2VPN Yang model. 175 Following documents will be covered at that time: 176 o VPWS support in EVPN: 177 draft-ietf-bess-evpn-vpws 178 o E-TREE Support in EVPN & PBB-EVPN: 179 draft-ietf-bess-evpn-etree 180 o (PBB-)EVPN Seamless Integration with (PBB-)VPLS: 181 draft-ietf-bess-evpn-vpls-seamless-integ 182 o EVPN Virtual Ethernet Segment: 183 draft-sajassi-bess-evpn-virtual-eth-segment 185 The VxLAN aspect and the work related to Layer 3 is also for future 186 definition. Following documents will be covered at that time: 188 o IP Prefix Advertisement in EVPN: 189 draft-ietf-bess-evpn-prefix-advertisement 190 o VXLAN DCI Using EVPN: 191 draft-boutros-l2vpn-vxlan-evpn 192 o A Network Virtualization Overlay Solution using EVPN: 193 draft-ietf-bess-evpn-overlay- 194 o Interconnect Solution for EVPN Overlay networks: 195 draft-ietf-bess-dci-evpn-overlay 196 o Integrated Routing and Bridging in EVPN: 197 draft-ietf-bess-evpn-inter-subnet-forwarding 199 3.2 Ethernet-Segment Model 201 The Ethernet-Segment data model has a list of ES where each refer to 202 an interface. All attributes are optional due to auto-sensing default 203 mode where all values are auto-derive from the network connectivity. 205 module: ietf-ethernet-segment 206 +--rw ethernet-segments 207 | +--rw ethernet-segment* [name] 208 | +--rw name string 209 | +--rw (ac-or-pw)? 210 | | +--:(ac) 211 | | | +--rw ac? string 212 | | +--:(pw) 213 | | +--rw pw? string 214 | +--rw ethernet-segment-identifier? uint32 215 | +--rw (active-mode) 216 | | +--:(single-active) 217 | | | +--rw single-active-mode? empty 218 | | +--:(all-active) 219 | | +--rw all-active-mode? empty 220 | +--rw pbb-parameters {ethernet-segment-pbb-params}? 221 | | +--rw backbone-src-mac? yang:mac-address 222 | +--rw bgp-parameters 223 | | +--rw common 224 | | +--rw rd-rt* [route-distinguisher] 225 | | {ethernet-segment-bgp-params}? 226 | | +--rw route-distinguisher 227 | | rt-types:route-distinguisher 228 | | +--rw vpn-target* [route-target] 229 | | +--rw route-target 230 | | rt-types:route-target 231 | | +--rw route-target-type 232 | | rt-types:route-target-type 233 | +--rw df-election 234 | | +--rw (df-election-method)? 235 | | | +--:(highest-random-weight) 236 | | | +--rw hrw? boolean 237 | | +--rw election-wait-time? uint32 238 | +--rw ead-evi-route? boolean 239 +--ro ethernet-segments-state 240 +--ro ethernet-segment-state* [name] 241 +--ro name string 242 +--ro service-type? string 243 +--ro status? status-type 244 +--ro (ac-or-pw)? 245 | +--:(ac) 246 | | +--ro ac? string 247 | +--:(pw) 248 | +--ro pw? string 249 +--ro interface-status? status-type 250 +--ro ethernet-segment-identifier? uint32 251 +--ro active-mode? string 252 +--ro pbb-parameters {ethernet-segment-pbb-params}? 253 | +--ro backbone-src-mac? yang:mac-address 254 +--ro bgp-parameters 255 | +--ro common 256 | +--ro rd-rt* [route-distinguisher] 257 | {ethernet-segment-bgp-params}? 258 | +--ro route-distinguisher 259 | rt-types:route-distinguisher 260 | +--ro vpn-target* [route-target] 261 | +--ro route-target 262 | rt-types:route-target 263 | +--ro route-target-type 264 | rt-types:route-target-type 265 +--ro df-election 266 | +--ro hrw-enabled? boolean 267 | +--ro election-wait-time? uint32 268 +--ro ead-evi-route-enabled? boolean 269 +--ro esi-label? string 270 +--ro member* 271 | +--ro ip-address? inet:ip-address 272 +--ro df* 273 +--ro service-identifier? uint32 274 +--ro vlan? uint32 275 +--ro ip-address? inet:ip-address 277 3.3 EVPN Model 279 The evpn-instances container contains a list of evpn-instance. 280 Each entry of the evpn-instance represents a different Ethernet VPN 281 and it is represented by a EVI. Again, mainly all attributes are 282 optional for the same reason as for the Ethernet-Segment module. 284 module: ietf-evpn 285 +--rw evpn 286 | +--rw common 287 | | +--rw (replication-type)? 288 | | +--:(ingress-replication) 289 | | | +--rw ingress-replication? boolean 290 | | +--:(p2mp-replication) 291 | | +--rw p2mp-replication? boolean 292 | +--rw evpn-instances 293 | +--rw evpn-instance* [name] 294 | +--rw name string 295 | +--rw evi? uint32 296 | +--rw pbb-parameters {evpn-pbb-params}? 297 | | +--rw source-bmac? yang:hex-string 298 | +--rw bgp-parameters 299 | | +--rw common 300 | | +--rw rd-rt* [route-distinguisher] 301 | | {evpn-bgp-params}? 302 | | +--rw route-distinguisher 303 | | rt-types:route-distinguisher 304 | | +--rw vpn-target* [route-target] 305 | | +--rw route-target 306 | | rt-types:route-target 307 | | +--rw route-target-type 308 | | rt-types:route-target-type 309 | +--rw arp-proxy? boolean 310 | +--rw arp-suppression? boolean 311 | +--rw nd-proxy? boolean 312 | +--rw nd-suppression? boolean 313 | +--rw underlay-multicast? boolean 314 | +--rw flood-unknown-unicast-supression? boolean 315 +--rw evpn-state 316 +--ro evpn-instances-state 317 +--ro evpn-instance* 318 +--ro name? string 319 +--ro evi? uint32 320 +--ro pbb-parameters {evpn-pbb-params}? 321 | +--ro source-bmac? yang:hex-string 322 +--ro bgp-parameters 323 | +--ro common 324 | +--ro rd-rt* [route-distinguisher] 325 | {evpn-bgp-params}? 326 | +--ro route-distinguisher 327 | rt-types:route-distinguisher 328 | +--ro vpn-target* [route-target] 329 | +--ro route-target rt-types:route-target 330 | +--ro route-target-type 331 | rt-types:route-target-type 332 +--ro advertise-mac-suppression-enabled? boolean 333 +--ro arp-proxy-enabled? boolean 334 +--ro arp-suppression-enabled? boolean 335 +--ro nd-proxy-enabled? boolean 336 +--ro nd-suppression-enabled? boolean 337 +--ro underlay-multicast-enabled? boolean 338 +--ro flood-unknown-unicast-suppression-enabled? boolean 339 +--ro routes 340 | +--ro ethernet-auto-discovery-route* 341 | | +--ro rd-rt* [route-distinguisher] 342 | | | +--ro route-distinguisher 343 | | | rt-types:route-distinguisher 344 | | | +--ro vpn-target* [route-target] 345 | | | +--ro route-target rt-types:route-target 346 | | +--ro ethernet-segment-identifier? uint32 347 | | +--ro ethernet-tag? uint32 348 | | +--ro path* 349 | | +--ro next-hop? inet:ip-address 350 | | +--ro label? rt-types:mpls-label 351 | | +--ro detail 352 | | +--ro attributes 353 | | | +--ro extended-community* string 354 | | +--ro bestpath? empty 355 | +--ro mac-ip-advertisement-route* 356 | | +--ro rd-rt* [route-distinguisher] 357 | | | +--ro route-distinguisher 358 | | | rt-types:route-distinguisher 359 | | | +--ro vpn-target* [route-target] 360 | | | +--ro route-target rt-types:route-target 361 | | +--ro ethernet-segment-identifier? uint32 362 | | +--ro ethernet-tag? uint32 363 | | +--ro mac-address? yang:hex-string 364 | | +--ro mac-address-length? uint8 365 | | +--ro ip-prefix? inet:ip-prefix 366 | | +--ro path* 367 | | +--ro next-hop? inet:ip-address 368 | | +--ro label? rt-types:mpls-label 369 | | +--ro label2? rt-types:mpls-label 370 | | +--ro detail 371 | | +--ro attributes 372 | | | +--ro extended-community* string 373 | | +--ro bestpath? empty 374 | +--ro inclusive-multicast-ethernet-tag-route* 375 | | +--ro rd-rt* [route-distinguisher] 376 | | | +--ro route-distinguisher 377 | | | rt-types:route-distinguisher 378 | | | +--ro vpn-target* [route-target] 379 | | | +--ro route-target rt-types:route-target 380 | | +--ro ethernet-segment-identifier? uint32 381 | | +--ro originator-ip-prefix? inet:ip-prefix 382 | | +--ro path* 383 | | +--ro next-hop? inet:ip-address 384 | | +--ro label? rt-types:mpls-label 385 | | +--ro detail 386 | | +--ro attributes 387 | | | +--ro extended-community* string 388 | | +--ro bestpath? empty 389 | +--ro ethernet-segment-route* 390 | | +--ro rd-rt* [route-distinguisher] 391 | | | +--ro route-distinguisher 392 | | | rt-types:route-distinguisher 393 | | | +--ro vpn-target* [route-target] 394 | | | +--ro route-target rt-types:route-target 395 | | +--ro ethernet-segment-identifier? uint32 396 | | +--ro originator-ip-prefix? inet:ip-prefix 397 | | +--ro path* 398 | | +--ro next-hop? inet:ip-address 399 | | +--ro detail 400 | | +--ro attributes 401 | | | +--ro extended-community* string 402 | | +--ro bestpath? empty 403 | +--ro ip-prefix-route* 404 | +--ro rd-rt* [route-distinguisher] 405 | | +--ro route-distinguisher 406 | | rt-types:route-distinguisher 407 | | +--ro vpn-target* [route-target] 408 | | +--ro route-target rt-types:route-target 409 | +--ro ethernet-segment-identifier? uint32 410 | +--ro ip-prefix? inet:ip-prefix 411 | +--ro path* 412 | +--ro next-hop? inet:ip-address 413 | +--ro label? rt-types:mpls-label 414 | +--ro detail 415 | +--ro attributes 416 | | +--ro extended-community* string 417 | +--ro bestpath? empty 418 +--ro statistics 419 +--ro tx-count? uint32 420 +--ro rx-count? uint32 421 +--ro detail 422 +--ro broadcast-tx-count? uint32 423 +--ro broadcast-rx-count? uint32 424 +--ro multicast-tx-count? uint32 425 +--ro multicast-rx-count? uint32 426 +--ro unicast-tx-count? uint32 427 +--ro unicast-rx-count? uint32 429 augment /l2vpn:l2vpn/l2vpn:l2vpn-instances/l2vpn:l2vpn-instance: 430 +--rw evpn-instance? evpn-instance-ref 431 augment /l2vpn:l2vpn-state/ 432 l2vpn:l2vpn-instances-state/l2vpn:l2vpn-instance: 433 +--ro evpn-instance? string 435 4. YANG Module 437 The EVPN configuration container is logically divided into 438 following high level config areas: 440 4.1 Ethernet Segment Yang Module 442 file "ietf-ethernet-segment@2017-03-13.yang" 443 module ietf-ethernet-segment { 444 namespace "urn:ietf:params:xml:ns:yang:ietf-ethernet-segment"; 445 prefix "es"; 447 import ietf-yang-types { 448 prefix "yang"; 449 } 451 import ietf-inet-types { 452 prefix "inet"; 453 } 455 import ietf-routing-types { 456 prefix "rt-types"; 457 } 459 organization "ietf"; 460 contact "ietf"; 461 description "ethernet segment"; 463 revision "2017-03-13" { 464 description " - Updated to use BGP parameters from " + 465 " ietf-routing-types.yang instead of from " + 466 " ietf-evpn.yang " + 467 ""; 468 reference ""; 469 } 471 revision "2016-07-08" { 472 description " - Added the configuration option to enable or " + 473 " disable per-EVI/EAD route " + 474 " - Added PBB parameter backbone-src-mac " + 475 " - Added operational state branch, initially " + 476 " to match the configuration branch" + 477 ""; 478 reference ""; 479 } 481 revision "2016-06-23" { 482 description "WG document adoption"; 483 reference ""; 484 } 486 revision "2015-10-15" { 487 description "Initial revision"; 488 reference ""; 489 } 491 /* Features */ 493 feature ethernet-segment-bgp-params { 494 description "Ethernet segment's BGP parameters"; 495 } 497 feature ethernet-segment-pbb-params { 498 description "Ethernet segment's PBB parameters"; 499 } 501 /* Typedefs */ 503 typedef status-type { 504 type enumeration { 505 enum up { 506 description "Status is up"; 507 } 508 enum down { 509 description "Status is down"; 510 } 511 } 512 description "status type"; 513 } 515 /* EVPN Ethernet Segment YANG Model */ 517 container ethernet-segments { 519 description "ethernet-segment"; 520 list ethernet-segment { 521 key "name"; 522 leaf name { 523 type string; 524 description "Name of the ethernet segment"; 526 } 527 choice ac-or-pw { 528 description "ac-or-pw"; 529 case ac { 530 leaf ac { 531 type string; 532 description "Eventual reference to standard " + 533 "attachment circuit definition"; 534 } 535 } 536 case pw { 537 leaf pw { 538 type string; 539 description "Eventual reference to standard " + 540 "pseudowire definition"; 541 } 542 } 543 } 544 leaf ethernet-segment-identifier { 545 type uint32; 546 description "Ethernet segment identifier (esi)"; 547 } 548 choice active-mode { 549 mandatory true; 550 description "Choice of active mode"; 551 case single-active { 552 leaf single-active-mode { 553 type empty; 554 description "single-active-mode"; 555 } 556 } 557 case all-active { 558 leaf all-active-mode { 559 type empty; 560 description "all-active-mode"; 561 } 562 } 563 } 564 container pbb-parameters { 565 if-feature ethernet-segment-pbb-params; 566 description "PBB configuration"; 567 leaf backbone-src-mac { 568 type yang:mac-address; 569 description "backbone-src-mac, only if this is a PBB"; 570 } 571 } 572 container bgp-parameters { 573 description "BGP parameters"; 574 container common { 575 description "BGP parameters common to all pseudowires"; 576 list rd-rt { 577 if-feature ethernet-segment-bgp-params; 578 key "route-distinguisher"; 579 leaf route-distinguisher { 580 type rt-types:route-distinguisher; 581 description "Route distinguisher"; 582 } 583 uses rt-types:vpn-route-targets; 584 description "A list of route distinguishers and " + 585 "corresponding VPN route targets"; 586 } 587 } 588 } 589 container df-election { 590 description "df-election"; 591 choice df-election-method { 592 description "Choice of df election method"; 593 case highest-random-weight { 594 leaf hrw { 595 type boolean; 596 description "Enable (TRUE) or disable (FALSE) " + 597 "highest random weight"; 598 } 599 } 600 } 601 leaf election-wait-time { 602 type uint32; 603 description "election-wait-time"; 604 } 605 } 606 leaf ead-evi-route { 607 type boolean; 608 default false; 609 description "Enable (true) or disable (false) ead-evi-route"; 610 } 611 description "An ethernet segment"; 612 } 613 } 615 container ethernet-segments-state { 616 config false; 617 description "Ethernet segmet operational state"; 618 list ethernet-segment-state { 619 key "name"; 620 leaf name { 621 type string; 622 description "Name of the ethernet segment"; 623 } 624 leaf service-type { 625 type string; 626 description "service-type"; 627 } 628 leaf status { 629 type status-type; 630 description "Ethernet segment status"; 631 } 632 choice ac-or-pw { 633 description "ac-or-pw"; 634 case ac { 635 leaf ac { 636 type string; 637 description "Name of attachment circuit"; 638 } 639 } 640 case pw { 641 leaf pw { 642 type string; 643 description "Name of pseudowire"; 644 } 645 } 646 } 647 leaf interface-status { 648 type status-type; 649 description "interface status"; 650 } 651 leaf ethernet-segment-identifier { 652 type uint32; 653 description "Ethernet segment identifier (esi)"; 654 } 655 leaf active-mode { 656 type string; 657 description "Single-active-mode/all-active-mode"; 658 } 659 container pbb-parameters { 660 if-feature "ethernet-segment-pbb-params"; 661 description "PBB configuration"; 662 leaf backbone-src-mac { 663 type yang:mac-address; 664 description "backbone-src-mac, only if this is a PBB"; 665 } 666 } 667 container bgp-parameters { 668 description "BGP parameters"; 669 container common { 670 description "BGP parameters common to all pseudowires"; 671 list rd-rt { 672 if-feature ethernet-segment-bgp-params; 673 key "route-distinguisher"; 674 leaf route-distinguisher { 675 type rt-types:route-distinguisher; 676 description "Route distinguisher"; 677 } 678 uses rt-types:vpn-route-targets; 679 description "A list of route distinghishers and " + 680 "corresponding route targets"; 681 } 682 } 683 } 684 container df-election { 685 description "df-election"; 686 leaf hrw-enabled { 687 type boolean; 688 description "hrw-enabled is enabled (TRUE) " + 689 "or disabled (FALSE)"; 690 } 691 leaf election-wait-time { 692 type uint32; 693 description "election-wait-time"; 694 } 695 } 696 leaf ead-evi-route-enabled { 697 type boolean; 698 description "ead-evi-route is enabled (TRUE) " + 699 "or disabled (FALSE)"; 700 } 701 leaf esi-label { 702 type string; 703 description "esi-label"; 704 } 705 list member { 706 leaf ip-address { 707 type inet:ip-address; 708 description "ip-address"; 709 } 710 description "member of the ethernet segment"; 711 } 712 list df { 713 leaf service-identifier { 714 type uint32; 715 description "service-identifier"; 716 } 717 leaf vlan { 718 type uint32; 719 description "vlan"; 720 } 721 leaf ip-address { 722 type inet:ip-address; 723 description "ip-address"; 724 } 725 description "df of an evpn instance's vlan"; 726 } 727 description "An ethernet segment"; 728 } 729 } 730 } 732 734 4.2 EVPN Yang Module 736 file "ietf-evpn@2017-03-13.yang" 737 module ietf-evpn { 738 namespace "urn:ietf:params:xml:ns:yang:ietf-evpn"; 739 prefix "evpn"; 741 import ietf-inet-types { 742 prefix "inet"; 743 } 745 import ietf-yang-types { 746 prefix "yang"; 747 } 749 import ietf-l2vpn { 750 prefix "l2vpn"; 751 } 753 import ietf-routing-types { 754 prefix "rt-types"; 755 } 757 organization "ietf"; 758 contact "ietf"; 759 description "evpn"; 761 revision "2017-03-13" { 762 description " - Added an augment to base L2VPN model to " + 763 " reference an EVPN instance " + 764 " - Reused ietf-routing-types.yang " + 765 " vpn-route-targets grouping instead of " + 766 " defining it in this module " + 767 ""; 768 reference ""; 769 } 771 revision "2016-07-08" { 772 description " - Added operational state" + 773 " - Added a configuration knob to enable/disable " + 774 " underlay-multicast " + 775 " - Added a configuration knob to enable/disable " + 776 " flooding of unknonw unicast " + 777 " - Added several configuration knobs " + 778 " to manage ARP and ND" + 779 ""; 780 reference ""; 781 } 783 revision "2016-06-23" { 784 description "WG document adoption"; 785 reference ""; 786 } 788 revision "2015-10-15" { 789 description "Initial revision"; 790 reference ""; 791 } 793 feature evpn-bgp-params { 794 description "EVPN's BGP parameters"; 795 } 797 feature evpn-pbb-params { 798 description "EVPN's PBB parameters"; 799 } 801 /* Typedefs */ 803 typedef evpn-instance-ref { 804 type leafref { 805 path "/evpn/evpn-instances/evpn-instance/name"; 806 } 807 description "A leafref type to an EVPN instance"; 808 } 810 /* Groupings */ 812 grouping route-rd-rt-grp { 813 description "A grouping for a route's route distinguishers " + 814 "and route targets"; 815 list rd-rt { 816 key "route-distinguisher"; 817 leaf route-distinguisher { 818 type rt-types:route-distinguisher; 819 description "Route distinguisher"; 820 } 821 list vpn-target { 822 key "route-target"; 823 leaf route-target { 824 type rt-types:route-target; 825 description "BGP route target"; 826 } 827 description "A list of route targets"; 828 } 829 description "A list of route distinguishers and " + 830 "corresponding VPN route targets"; 831 } 832 } 834 grouping next-hop-label-grp { 835 description "next-hop-label-grp"; 836 leaf next-hop { 837 type inet:ip-address; 838 description "next-hop"; 839 } 840 leaf label { 841 type rt-types:mpls-label; 842 description "label"; 843 } 844 } 846 grouping next-hop-label2-grp { 847 description "next-hop-label2-grp"; 848 leaf label2 { 849 type rt-types:mpls-label; 850 description "label2"; 851 } 852 } 854 grouping path-detail-grp { 855 description "path-detail-grp"; 856 container detail { 857 config false; 858 description "path details"; 859 container attributes { 860 leaf-list extended-community { 861 type string; 862 description "extended-community"; 863 } 864 description "attributes"; 865 } 866 leaf bestpath { 867 type empty; 868 description "Indicate this path is the best path"; 869 } 870 } 871 } 873 /* EVPN YANG Model */ 875 container evpn { 876 description "evpn"; 877 container common { 878 description "common epn attributes"; 879 choice replication-type { 880 description "A choice of replication type"; 881 case ingress-replication { 882 leaf ingress-replication { 883 type boolean; 884 description "ingress-replication"; 885 } 886 } 887 case p2mp-replication { 888 leaf p2mp-replication { 889 type boolean; 890 description "p2mp-replication"; 891 } 892 } 893 } 894 } 895 container evpn-instances { 896 description "evpn-instances"; 897 list evpn-instance { 898 key "name"; 899 description "An EVPN instance"; 900 leaf name { 901 type string; 902 description "Name of EVPN instance"; 903 } 904 leaf evi { 905 type uint32; 906 description "evi"; 907 } 908 container pbb-parameters { 909 if-feature "evpn-pbb-params"; 910 description "PBB parameters"; 911 leaf source-bmac { 912 type yang:hex-string; 913 description "source-bmac"; 914 } 915 } 916 container bgp-parameters { 917 description "BGP parameters"; 918 container common { 919 description "BGP parameters common to all pseudowires"; 920 list rd-rt { 921 if-feature evpn-bgp-params; 922 key "route-distinguisher"; 923 leaf route-distinguisher { 924 type rt-types:route-distinguisher; 925 description "Route distinguisher"; 926 } 927 uses rt-types:vpn-route-targets; 928 description "A list of route distinguishers and " + 929 "corresponding VPN route targets"; 930 } 931 } 932 } 933 leaf arp-proxy { 934 type boolean; 935 default false; 936 description "Enable (TRUE) or disable (FALSE) ARP proxy"; 937 } 938 leaf arp-suppression { 939 type boolean; 940 default false; 941 description "Enable (TRUE) or disable (FALSE) " + 942 "ARP suppression"; 943 } 944 leaf nd-proxy { 945 type boolean; 946 default false; 947 description "Enable (TRUE) or disable (FALSE) ND proxy"; 948 } 949 leaf nd-suppression { 950 type boolean; 951 default false; 952 description "Enable (TRUE) or disable (FALSE) " + 953 "ND suppression"; 954 } 955 leaf underlay-multicast { 956 type boolean; 957 default false; 958 description "Enable (TRUE) or disable (FALSE) " + 959 "underlay multicast"; 960 } 961 leaf flood-unknown-unicast-supression { 962 type boolean; 963 default false; 964 description "Enable (TRUE) or disable (FALSE) " + 965 "flood unknown unicast suppression"; 966 } 967 } 968 } 969 } 971 container evpn-state { 972 description "EVPN operational state"; 973 container evpn-instances-state { 974 config false; 975 description "evpn-instances-state"; 976 list evpn-instance { 977 description "The state of an EVPN instance"; 978 leaf name { 979 type string; 980 description "Name of EVPN instance"; 981 } 982 leaf evi { 983 type uint32; 984 description "evi"; 985 } 986 container pbb-parameters { 987 if-feature "evpn-pbb-params"; 988 description "PBB parameters"; 989 leaf source-bmac { 990 type yang:hex-string; 991 description "source-bmac"; 992 } 993 } 994 container bgp-parameters { 995 description "BGP parameters"; 996 container common { 997 description "BGP parameters common to all pseudowires"; 998 list rd-rt { 999 if-feature evpn-bgp-params; 1000 key "route-distinguisher"; 1001 leaf route-distinguisher { 1002 type rt-types:route-distinguisher; 1003 description "Route distinguisher"; 1004 } 1005 uses rt-types:vpn-route-targets; 1006 description "A list of route distinguishers and " + 1007 "corresponding VPN route targets"; 1008 } 1009 } 1010 } 1011 leaf advertise-mac-suppression-enabled { 1012 type boolean; 1013 description "advertise-mac-suppression " + 1014 "is enabled (TRUE) " + 1015 "or disabled (FALSE)"; 1016 } 1017 leaf arp-proxy-enabled { 1018 type boolean; 1019 description "arp-proxy is enabled (TRUE) " + 1020 "or disabled (FALSE)"; 1021 } 1022 leaf arp-suppression-enabled { 1023 type boolean; 1024 description "arp-suppression is enabled (TRUE) " + 1025 "or disabled (FALSE)"; 1026 } 1027 leaf nd-proxy-enabled { 1028 type boolean; 1029 description "nd-proxy is enabled (TRUE) " + 1030 "or disabled (FALSE)"; 1031 } 1032 leaf nd-suppression-enabled { 1033 type boolean; 1034 description "nd-suppression is enabled (TRUE) " + 1035 "or disabled (FALSE)"; 1036 } 1037 leaf underlay-multicast-enabled { 1038 type boolean; 1039 description "underlay-multicast is enabled (TRUE) " + 1040 "or disabled (FALSE)"; 1041 } 1042 leaf flood-unknown-unicast-suppression-enabled { 1043 type boolean; 1044 description "flood-unknown-unicast-suppression is " + 1045 "enabled (TRUE) or disabled (FALSE)"; 1046 } 1047 container routes { 1048 description "routes"; 1049 list ethernet-auto-discovery-route { 1050 uses route-rd-rt-grp; 1051 leaf ethernet-segment-identifier { 1052 type uint32; 1053 description "Ethernet segment identifier (esi)"; 1054 } 1055 leaf ethernet-tag { 1056 type uint32; 1057 description "An ethernet tag (etag) indentifying a " + 1058 "broadcast domain"; 1059 } 1060 list path { 1061 uses next-hop-label-grp; 1062 uses path-detail-grp; 1063 description "path"; 1064 } 1065 description "ethernet-auto-discovery-route"; 1066 } 1067 list mac-ip-advertisement-route { 1068 uses route-rd-rt-grp; 1069 leaf ethernet-segment-identifier { 1070 type uint32; 1071 description "Ethernet segment identifier (esi)"; 1072 } 1073 leaf ethernet-tag { 1074 type uint32; 1075 description "An ethernet tag (etag) indentifying a " + 1076 "broadcast domain"; 1077 } 1078 leaf mac-address { 1079 type yang:hex-string; 1080 description "Route mac address"; 1081 } 1082 leaf mac-address-length { 1083 type uint8 { 1084 range "0..48"; 1085 } 1086 description "mac address length"; 1087 } 1088 leaf ip-prefix { 1089 type inet:ip-prefix; 1090 description "ip-prefix"; 1091 } 1092 list path { 1093 uses next-hop-label-grp; 1094 uses next-hop-label2-grp; 1095 uses path-detail-grp; 1096 description "path"; 1097 } 1098 description "mac-ip-advertisement-route"; 1099 } 1100 list inclusive-multicast-ethernet-tag-route { 1101 uses route-rd-rt-grp; 1102 leaf ethernet-segment-identifier { 1103 type uint32; 1104 description "Ethernet segment identifier (esi)"; 1105 } 1106 leaf originator-ip-prefix { 1107 type inet:ip-prefix; 1108 description "originator-ip-prefix"; 1109 } 1110 list path { 1111 uses next-hop-label-grp; 1112 uses path-detail-grp; 1113 description "path"; 1114 } 1115 description "inclusive-multicast-ethernet-tag-route"; 1116 } 1117 list ethernet-segment-route { 1118 uses route-rd-rt-grp; 1119 leaf ethernet-segment-identifier { 1120 type uint32; 1121 description "Ethernet segment identifier (esi)"; 1122 } 1123 leaf originator-ip-prefix { 1124 type inet:ip-prefix; 1125 description "originator ip-prefix"; 1126 } 1127 list path { 1128 leaf next-hop { 1129 type inet:ip-address; 1130 description "next-hop"; 1131 } 1132 uses path-detail-grp; 1133 description "path"; 1134 } 1135 description "ethernet-segment-route"; 1136 } 1137 list ip-prefix-route { 1138 uses route-rd-rt-grp; 1139 leaf ethernet-segment-identifier { 1140 type uint32; 1141 description "Ethernet segment identifier (esi)"; 1142 } 1143 leaf ip-prefix { 1144 type inet:ip-prefix; 1145 description "ip-prefix"; 1146 } 1147 list path { 1148 uses next-hop-label-grp; 1149 uses path-detail-grp; 1150 description "path"; 1151 } 1152 description "ip-prefix route"; 1153 } 1154 } 1155 container statistics { 1156 description "Statistics"; 1157 leaf tx-count { 1158 type uint32; 1159 description "transmission count"; 1160 } 1161 leaf rx-count { 1162 type uint32; 1163 description "receive count"; 1164 } 1165 container detail { 1166 description "Detailed statistics"; 1167 leaf broadcast-tx-count { 1168 type uint32; 1169 description "broadcast transmission count"; 1170 } 1171 leaf broadcast-rx-count { 1172 type uint32; 1173 description "broadcast receive count"; 1174 } 1175 leaf multicast-tx-count { 1176 type uint32; 1177 description "multicast transmission count"; 1178 } 1179 leaf multicast-rx-count { 1180 type uint32; 1181 description "multicast receive count"; 1182 } 1183 leaf unicast-tx-count { 1184 type uint32; 1185 description "unicast transmission count"; 1186 } 1187 leaf unicast-rx-count { 1188 type uint32; 1189 description "unicast receive count"; 1190 } 1191 } 1192 } 1193 } 1194 } 1195 } 1196 /* augments */ 1197 augment "/l2vpn:l2vpn/l2vpn:l2vpn-instances" + 1198 "/l2vpn:l2vpn-instance" { 1199 description "Augment for an L2VPN instance and EVPN association"; 1200 leaf evpn-instance { 1201 type evpn-instance-ref; 1202 description "Reference to an EVPN instance"; 1203 } 1204 } 1206 augment "/l2vpn:l2vpn-state" { 1207 description "Augment for an L2VPN instance's operational " + 1208 "state of L2VPN and EVPN association"; 1209 leaf evpn-instance { 1210 type string; 1211 description "Name of the associated EVPN instance"; 1212 } 1213 } 1214 } 1216 1218 5. Security Considerations 1220 The configuration, state, action and notification data defined in 1221 this document are designed to be accessed via the NETCONF protocol 1222 [RFC6241]. The lowest NETCONF layer is the secure transport layer 1223 and the mandatory-to-implement secure transport is SSH [RFC6242]. The 1224 NETCONF access control model [RFC6536] provides means to restrict 1225 access for particular NETCONF users to a pre-configured subset of all 1226 available NETCONF protocol operations and content. 1228 The security concerns listed above are, however, no different than 1229 faced by other routing protocols. Hence, this draft does not change 1230 any underlying security issues inherent in [I-D.ietf-netmod-routing- 1231 cfg] 1233 6. IANA Considerations 1235 None. 1237 7. Acknowledgments 1239 The authors would like to acknowledge TBD for their useful 1240 comments. 1242 8. References 1243 8.1. Normative References 1245 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1246 Requirement Levels", BCP 14, RFC 2119, March 1997. 1248 8.2. Informative References 1249 [RFC6241] R.Enns et al., "Network Configuration 1250 Protocol (NETCONF)", 1251 RFC 6241, June 2011 1253 [RFC6020] M. Bjorklund, "YANG - A Data Modeling Language for 1254 the Network Configuration Protocol (NETCONF)", 1255 RFC 6020, October 2010. 1257 [RFC6242] M. Wasserman, "Using the NETCONF Protocol over 1258 Secure Shell (SSH)", 1259 RFC 6242, June 2011. 1261 [RFC6536] A. Bierman et al., "Network Configuration Protocol 1262 (NETCONF) Access Control Model" 1263 RFC 6536, March 2012. 1265 [RFC7432] Sajassi et al., "BGP MPLS-Based Ethernet VPN", 1266 RFC 7432, February 2015. 1268 [RFC7623] Sajassi et al., "Provider Backbone Bridging 1269 Combined with Ethernet VPN (PBB-EVPN)", 1270 RFC 7623, September 2015 1272 Authors' Addresses 1274 Patrice Brissette 1275 Cisco Systems, Inc. 1276 EMail: pbrisset@cisco.com 1278 Ali Sajassi 1279 Cisco Systems, Inc. 1280 EMail: sajassi@cisco.com 1282 Himanshu Shah 1283 Ciena Corporation 1284 EMail: hshah@ciena.com 1286 Zhenbin Li 1287 Huawei Technologies 1288 EMail: lizhenbin@huawei.com 1290 Helen Chen 1291 Jabil 1292 EMail: Ing-Wher_Chen@jabil.com 1294 Kishore Tiruveedhula 1295 Juniper Networks 1296 EMail: kishoret@juniper.net 1298 Iftekar Hussain 1299 Infinera Corporation 1300 EMail: ihussain@infinera.com 1302 Jorge Rabadan 1303 Nokia 1304 EMail: jorge.rabadan@nokia.com