idnits 2.17.1 draft-ietf-bess-evpn-yang-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 285 has weird spacing: '...-target rt-...' == Line 319 has weird spacing: '...-target rt-...' == Line 334 has weird spacing: '...-target rt-...' == Line 348 has weird spacing: '...-target rt-...' == The document doesn't use any RFC 2119 keywords, yet seems to have RFC 2119 boilerplate text. -- The document date (October 21, 2017) is 2378 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Obsolete informational reference (is this intentional?): RFC 6536 (Obsoleted by RFC 8341) Summary: 0 errors (**), 0 flaws (~~), 6 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 BESS Working Group P. Brissette 3 A.Sajassi 4 Internet Draft Cisco System 5 Intended Status: Proposed Standard H. Shah 6 Expires: April 24, 2018 Ciena Corporation 7 Z. Li 8 Huawei Technologies 9 I. Chen 10 Jabil 11 K. Tiruveedhula 12 Juniper Networks 13 I. Hussain 14 Infinera Corporation 15 J. Rabadan 16 Nokia 18 October 21, 2017 20 Yang Data Model for EVPN 21 draft-ietf-bess-evpn-yang-03 23 Abstract 25 This document describes a YANG data model for Ethernet VPN services. 26 The model is agnostic of the underlay. It apply to MPLS as well as to 27 VxLAN encapsulation. The model is also agnostic of the services 28 including E-LAN, E-LINE and E-TREE services. This document mainly 29 focuses on EVPN and Ethernet-Segment instance framework. 31 Status of this Memo 33 This Internet-Draft is submitted to IETF in full conformance with the 34 provisions of BCP 78 and BCP 79. 36 Internet-Drafts are working documents of the Internet Engineering 37 Task Force (IETF), its areas, and its working groups. Note that 38 other groups may also distribute working documents as 39 Internet-Drafts. 41 Internet-Drafts are draft documents valid for a maximum of six months 42 and may be updated, replaced, or obsoleted by other documents at any 43 time. It is inappropriate to use Internet-Drafts as reference 44 material or to cite them other than as "work in progress." 46 The list of current Internet-Drafts can be accessed at 47 http://www.ietf.org/1id-abstracts.html 49 The list of Internet-Draft Shadow Directories can be accessed at 50 http://www.ietf.org/shadow.html 52 Copyright and License Notice 54 Copyright (c) 2017 IETF Trust and the persons identified as the 55 document authors. All rights reserved. 57 This document is subject to BCP 78 and the IETF Trust's Legal 58 Provisions Relating to IETF Documents 59 (http://trustee.ietf.org/license-info) in effect on the date of 60 publication of this document. Please review these documents 61 carefully, as they describe your rights and restrictions with respect 62 to this document. Code Components extracted from this document must 63 include Simplified BSD License text as described in Section 4.e of 64 the Trust Legal Provisions and are provided without warranty as 65 described in the Simplified BSD License. 67 Convention 69 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 70 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 71 document are to be interpreted as described in [RFC2119]. 73 Table of Contents 75 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 76 2. Specification of Requirements . . . . . . . . . . . . . . . . . 5 77 3. EVPN YANG Model . . . . . . . . . . . . . . . . . . . . . . . . 5 78 3.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . 5 79 3.2 Ethernet-Segment Model . . . . . . . . . . . . . . . . . . . 6 80 3.3 EVPN Model . . . . . . . . . . . . . . . . . . . . . . . . . 6 81 4. YANG Module . . . . . . . . . . . . . . . . . . . . . . . . . . 7 82 4.1 Ethernet Segment Yang Module . . . . . . . . . . . . . . . . 7 83 4.2 EVPN Yang Module . . . . . . . . . . . . . . . . . . . . . . 9 84 5. Security Considerations . . . . . . . . . . . . . . . . . . . . 11 85 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 11 86 7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . 11 87 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 12 88 8.1. Normative References . . . . . . . . . . . . . . . . . . . 12 89 8.2. Informative References . . . . . . . . . . . . . . . . . . 12 90 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 12 92 1. Introduction 94 The Network Configuration Protocol (NETCONF) [RFC6241] is a network 95 management protocol that defines mechanisms to manage network 96 devices. YANG [RFC6020] is a modular language that represents data 97 structures in an XML or JSON tree format, and is used as a data 98 modeling language for the NETCONF. 100 This document introduces a YANG data model for Ethernet VPN services 101 (EVPN) [RFC7432], Provider Backbone Bridging Combined with Ethernet 102 VPN (PBB-EVPN) [RFC7623] as well as other WG draft such as EVPN-VPWS, 103 etc. The EVPN services runs over MPLS and VxLAN underlay. 105 The Yang data model in this document defines Ethernet VPN based 106 services. The model leverages the definitions used in other IETF 107 Yang draft such as L2VPN Yang. 109 The goal is to propose a data object model consisting of building 110 blocks that can be assembled in different order to realize different 111 EVPN-based services. The definition work is undertaken initially by a 112 smaller working group with members representing various vendors and 113 service providers. The EVPN basic framework consist of two modules: 114 EVPN and Ethernet-Segment. These models are completely orthogonal. 115 They usually work in pair but user can definitely use one or the 116 other for its own need. 118 The data model is defined for following constructs that are used for 119 managing the services: 121 o Configuration 123 o Operational State 125 o Notifications 127 The document is organized to first define the data model for the 128 configuration, operational state and notifications of EVPN and 129 Ethernet-Segment. 131 The EVPN data object model defined in this document uses the instance 132 centric approach whereby EVPN service attributes are specified for a 133 given EVPN instance. 135 The Ethernet-Segment data object model defined in this document refer 136 to a specific interface. That interface can be a physical interface, 137 a bundle interface or virtual interface. The latter includes 138 attachment-circuit and pseudowire. The purpose of creating a separate 139 module is due to the fact that it can be used without having the need 140 to have EVPN configured as layer 2 service. For example, an access 141 node can be dual-homed to two service nodes servicing a VPLS core. 142 The access connectivity can be represented by an Ethernet-Segment 143 where EVPN BGP DF election is performed over both service nodes. The 144 core remains VPLS where no EVPN instance is required. 145 2. Specification of Requirements 147 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL 148 NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" 149 in this document are to be interpreted as described in [RFC2119]. 151 3. EVPN YANG Model 153 3.1. Overview 155 Two top level module, Ethernet-Segment and EVPN, are defined. The 156 Ethernet-Segment contains a list of interface to which any Ethernet- 157 Segment attributes are configured/applied. 159 The EVPN module has 2 main containers: common and instance. The 160 first one has common attributes to all VPNs where as the latter has 161 attributes specific to an EVI. This document state the scope of the 162 EVPN object models definition. The following documents are within the 163 scope. This is not an exhaustive list but a representation of 164 documents that are covered for this work: 166 o Requirements for EVPN: RFC 7209 167 o EVPN: RFC 7432 168 o PBB-EVPN: RFC 7623 169 o EVPN-VPWS: RFC 8214 171 The integration with L2VPN instance Yang model is being done as part 172 of the L2VPN Yang model. 173 Following documents will be covered at that time: 174 o E-TREE Support in EVPN & PBB-EVPN: 175 draft-ietf-bess-evpn-etree 176 o (PBB-)EVPN Seamless Integration with (PBB-)VPLS: 177 draft-ietf-bess-evpn-vpls-seamless-integ 178 o EVPN Virtual Ethernet Segment: 179 draft-sajassi-bess-evpn-virtual-eth-segment 180 o IP Prefix Advertisement in EVPN: 181 draft-ietf-bess-evpn-prefix-advertisement 182 o VXLAN DCI Using EVPN: 183 draft-boutros-l2vpn-vxlan-evpn 184 o A Network Virtualization Overlay Solution using EVPN: 185 draft-ietf-bess-evpn-overlay 186 o Interconnect Solution for EVPN Overlay networks: 188 o Integrated Routing and Bridging in EVPN: 189 draft-ietf-bess-evpn-inter-subnet-forwarding 191 3.2 Ethernet-Segment Model 193 The Ethernet-Segment data model has a list of ES where each refer to 194 an interface. All attributes are optional due to auto-sensing default 195 mode where all values are auto-derive from the network connectivity. 197 module: ietf-ethernet-segment 198 +--rw ethernet-segments 199 +--rw ethernet-segment* [name] 200 +--rw name string 201 +--ro service-type? string 202 +--ro status? status-type 203 +--rw (ac-or-pw)? 204 | +--:(ac) 205 | | +--rw ac* string 206 | +--:(pw) 207 | +--rw pw* pw:pseudowire-ref 208 +--ro interface-status? status-type 209 +--rw ethernet-segment-identifier? uint32 210 +--rw (active-mode) 211 | +--:(single-active) 212 | | +--rw single-active-mode? empty 213 | +--:(all-active) 214 | +--rw all-active-mode? empty 215 +--rw pbb-parameters {ethernet-segment-pbb-params}? 216 | +--rw backbone-src-mac? yang:mac-address 217 +--rw bgp-parameters 218 | +--rw common 219 | +--rw rd-rt* [route-distinguisher] 220 {ethernet-segment-bgp-params}? 221 | +--rw route-distinguisher 222 rt-types:route-distinguisher 223 | +--rw vpn-target* [route-target] 224 | +--rw route-target rt-types:route-target 225 | +--rw route-target-type 226 rt-types:route-target-type 227 +--rw df-election 228 | +--rw df-election-method? df-election-method-type 229 | +--rw preference? uint16 230 | +--rw revertive? boolean 231 | +--rw election-wait-time? uint32 232 +--rw ead-evi-route? boolean 233 +--ro esi-label? string 234 +--ro member* 235 | +--ro ip-address? inet:ip-address 236 +--ro df* 237 +--ro service-identifier? uint32 238 +--ro vlan? uint32 239 +--ro ip-address? inet:ip-address 241 3.3 EVPN Model 243 The evpn-instances container contains a list of evpn-instance. Each 244 entry of the evpn-instance represents a different Ethernet VPN and it 245 is represented by a EVI. Again, mainly all attributes are optional 246 for the same reason as for the Ethernet-Segment module. 248 module: ietf-evpn 249 +--rw evpn 250 +--rw common 251 | +--rw (replication-type)? 252 | +--:(ingress-replication) 253 | | +--rw ingress-replication? boolean 254 | +--:(p2mp-replication) 255 | +--rw p2mp-replication? boolean 256 +--rw evpn-instances 257 +--rw evpn-instance* [name] 258 +--rw name string 259 +--rw evi? uint32 260 +--rw pbb-parameters {evpn-pbb-params}? 261 | +--rw source-bmac? yang:hex-string 262 +--rw bgp-parameters 263 | +--rw common 264 | +--rw rd-rt* [route-distinguisher] 265 {evpn-bgp-params}? 266 | +--rw route-distinguisher 267 rt-types:route-distinguisher 268 | +--rw vpn-target* [route-target] 269 | +--rw route-target rt-types:route-target 270 | +--rw route-target-type 271 rt-types:route-target-type 272 +--rw arp-proxy? boolean 273 +--rw arp-suppression? boolean 274 +--rw nd-proxy? boolean 275 +--rw nd-suppression? boolean 276 +--rw underlay-multicast? boolean 277 +--rw flood-unknown-unicast-supression? boolean 278 +--rw vpws-vlan-aware? boolean 279 +--ro routes 280 | +--ro ethernet-auto-discovery-route* 281 | | +--ro rd-rt* [route-distinguisher] 282 | | | +--ro route-distinguisher 283 rt-types:route-distinguisher 284 | | | +--ro vpn-target* [route-target] 285 | | | +--ro route-target rt-types:route-target 286 | | +--ro ethernet-segment-identifier? uint32 287 | | +--ro ethernet-tag? uint32 288 | | +--ro path* 289 | | +--ro next-hop? inet:ip-address 290 | | +--ro label? rt-types:mpls-label 291 | | +--ro detail 292 | | +--ro attributes 293 | | | +--ro extended-community* string 294 | | +--ro bestpath? empty 295 | +--ro mac-ip-advertisement-route* 296 | | +--ro rd-rt* [route-distinguisher] 297 | | | +--ro route-distinguisher 298 rt-types:route-distinguisher 299 | | | +--ro vpn-target* [route-target] 300 | | | +--ro route-target rt-types:route-target 301 | | +--ro ethernet-segment-identifier? uint32 302 | | +--ro ethernet-tag? uint32 303 | | +--ro mac-address? yang:hex-string 304 | | +--ro mac-address-length? uint8 305 | | +--ro ip-prefix? inet:ip-prefix 306 | | +--ro path* 307 | | +--ro next-hop? inet:ip-address 308 | | +--ro label? rt-types:mpls-label 309 | | +--ro label2? rt-types:mpls-label 310 | | +--ro detail 311 | | +--ro attributes 312 | | | +--ro extended-community* string 313 | | +--ro bestpath? empty 314 | +--ro inclusive-multicast-ethernet-tag-route* 315 | | +--ro rd-rt* [route-distinguisher] 316 | | | +--ro route-distinguisher 317 rt-types:route-distinguisher 318 | | | +--ro vpn-target* [route-target] 319 | | | +--ro route-target rt-types:route-target 320 | | +--ro ethernet-segment-identifier? uint32 321 | | +--ro originator-ip-prefix? inet:ip-prefix 322 | | +--ro path* 323 | | +--ro next-hop? inet:ip-address 324 | | +--ro label? rt-types:mpls-label 325 | | +--ro detail 326 | | +--ro attributes 327 | | | +--ro extended-community* string 328 | | +--ro bestpath? empty 329 | +--ro ethernet-segment-route* 330 | | +--ro rd-rt* [route-distinguisher] 331 | | | +--ro route-distinguisher 332 rt-types:route-distinguisher 333 | | | +--ro vpn-target* [route-target] 334 | | | +--ro route-target rt-types:route-target 335 | | +--ro ethernet-segment-identifier? uint32 336 | | +--ro originator-ip-prefix? inet:ip-prefix 337 | | +--ro path* 338 | | +--ro next-hop? inet:ip-address 339 | | +--ro detail 340 | | +--ro attributes 341 | | | +--ro extended-community* string 342 | | +--ro bestpath? empty 343 | +--ro ip-prefix-route* 344 | +--ro rd-rt* [route-distinguisher] 345 | | +--ro route-distinguisher 346 rt-types:route-distinguisher 347 | | +--ro vpn-target* [route-target] 348 | | +--ro route-target rt-types:route-target 349 | +--ro ethernet-segment-identifier? uint32 350 | +--ro ip-prefix? inet:ip-prefix 351 | +--ro path* 352 | +--ro next-hop? inet:ip-address 353 | +--ro label? rt-types:mpls-label 354 | +--ro detail 355 | +--ro attributes 356 | | +--ro extended-community* string 357 | +--ro bestpath? empty 358 +--ro statistics 359 +--ro tx-count? uint32 360 +--ro rx-count? uint32 361 +--ro detail 362 +--ro broadcast-tx-count? uint32 363 +--ro broadcast-rx-count? uint32 364 +--ro multicast-tx-count? uint32 365 +--ro multicast-rx-count? uint32 366 +--ro unknown-unicast-tx-count? uint32 367 +--ro unknown-unicast-rx-count? uint32 368 augment /pw:pseudowires/pw:pseudowire/pw:pw-type: 369 +--:(evpn-pw) 370 +--rw evpn-pw 371 +--rw remote-id? uint32 372 +--rw local-id? uint32 373 augment /l2vpn:l2vpn/l2vpn:instances/l2vpn:instance: 374 +--rw evpn-instance? evpn-instance-ref 375 augment /l2vpn:l2vpn/l2vpn:instances/l2vpn:instance: 376 +--rw vpls-contstraints 378 notifications: 380 +---n evpn-state-change-notification 381 +--ro evpn-instance? evpn-instance-ref 382 +--ro state? identityref 384 4. YANG Module 386 The EVPN configuration container is logically divided into 387 following high level config areas: 389 4.1 Ethernet Segment Yang Module 391 file "ietf-ethernet-segment@2017-10-21.yang" 392 module ietf-ethernet-segment { 393 module ietf-ethernet-segment { 394 namespace "urn:ietf:params:xml:ns:yang:ietf-ethernet-segment"; 395 prefix "es"; 397 import ietf-yang-types { 398 prefix "yang"; 399 } 401 import ietf-inet-types { 402 prefix "inet"; 403 } 405 import ietf-routing-types { 406 prefix "rt-types"; 407 } 409 import ietf-pseudowires { 410 prefix "pw"; 411 } 413 organization "ietf"; 414 contact "ietf"; 415 description "ethernet segment"; 417 revision "2017-10-21" { 418 description " - Updated ethernet segment's AC/PW members to " + 419 " accommodate more than one AC or more than one " + 420 " PW " + 421 " - Added the new preference based DF election " + 422 " method " + 423 " - Referenced pseudowires in the new " + 424 " ietf-pseudowires.yang model " + 425 " - Moved model to NMDA style specified in " + 426 " draft-dsdt-nmda-guidelines-01.txt " + 427 ""; 428 reference ""; 429 } 431 revision "2017-03-08" { 432 description " - Updated to use BGP parameters from " + 433 " ietf-routing-types.yang instead of from " + 434 " ietf-evpn.yang " + 435 " - Updated ethernet segment's AC/PW members to " + 436 " accommodate more than one AC or more than one " + 437 " PW " + 438 " - Added the new preference based DF election " + 439 " method " + 440 ""; 441 reference ""; 442 } 444 revision "2016-07-08" { 445 description " - Added the configuration option to enable or " + 446 " disable per-EVI/EAD route " + 447 " - Added PBB parameter backbone-src-mac " + 448 " - Added operational state branch, initially " + 449 " to match the configuration branch" + 450 ""; 451 reference ""; 452 } 454 revision "2016-06-23" { 455 description "WG document adoption"; 456 reference ""; 457 } 459 revision "2015-10-15" { 460 description "Initial revision"; 461 reference ""; 462 } 464 /* Features */ 466 feature ethernet-segment-bgp-params { 467 description "Ethernet segment's BGP parameters"; 468 } 470 feature ethernet-segment-pbb-params { 471 description "Ethernet segment's PBB parameters"; 472 } 474 /* Typedefs */ 475 typedef status-type { 476 type enumeration { 477 enum up { 478 description "Status is up"; 479 } 480 enum down { 481 description "Status is down"; 482 } 483 } 484 description "status type"; 485 } 487 typedef df-election-method-type { 488 type enumeration { 489 enum default { 490 value 0; 491 description "The default DF election method"; 492 } 493 enum highest-random-weight { 494 value 1; 495 description "The highest random weight (HRW) method"; 496 reference "draft-mohanty-bess-evpn-df-election"; 497 } 498 enum preference { 499 value 2; 500 description "The preference based method"; 501 reference "draft-rabadan-bess-evpn-pref-df"; 502 } 503 } 504 description "The DF election method type"; 505 } 507 /* EVPN Ethernet Segment YANG Model */ 509 container ethernet-segments { 510 description "ethernet-segment"; 511 list ethernet-segment { 512 key "name"; 513 leaf name { 514 type string; 515 description "Name of the ethernet segment"; 516 } 517 leaf service-type { 518 type string; 519 config false; 520 description "service-type"; 521 } 522 leaf status { 523 type status-type; 524 config false; 525 description "Ethernet segment status"; 526 } 527 choice ac-or-pw { 528 description "ac-or-pw"; 529 case ac { 530 leaf-list ac { 531 type string; 532 description "Eventual reference to standard " + 533 "attachment circuit definition"; 534 } 535 } 536 case pw { 537 leaf-list pw { 538 type pw:pseudowire-ref; 539 description "Reference to a pseudowire"; 540 } 541 } 542 } 543 leaf interface-status { 544 type status-type; 545 config false; 546 description "interface status"; 547 } 548 leaf ethernet-segment-identifier { 549 type uint32; 550 description "Ethernet segment identifier (esi)"; 551 } 552 choice active-mode { 553 mandatory true; 554 description "Choice of active mode"; 555 case single-active { 556 leaf single-active-mode { 557 type empty; 558 description "single-active-mode"; 559 } 560 } 561 case all-active { 562 leaf all-active-mode { 563 type empty; 564 description "all-active-mode"; 565 } 566 } 567 } 568 container pbb-parameters { 569 if-feature ethernet-segment-pbb-params; 570 description "PBB configuration"; 571 leaf backbone-src-mac { 572 type yang:mac-address; 573 description "backbone-src-mac, only if this is a PBB"; 574 } 575 } 576 container bgp-parameters { 577 description "BGP parameters"; 578 container common { 579 description "BGP parameters common to all pseudowires"; 580 list rd-rt { 581 if-feature ethernet-segment-bgp-params; 582 key "route-distinguisher"; 583 leaf route-distinguisher { 584 type rt-types:route-distinguisher; 585 description "Route distinguisher"; 586 } 587 uses rt-types:vpn-route-targets; 588 description "A list of route distinguishers and " + 589 "corresponding VPN route targets"; 590 } 591 } 592 } 593 container df-election { 594 description "df-election"; 595 leaf df-election-method { 596 type df-election-method-type; 597 description "The DF election method"; 598 } 599 leaf preference { 600 when "../df-election-method = 'preference'" { 601 description "The preference value is only applicable " + 602 "to the preference based method"; 603 } 604 type uint16; 605 description "The DF preference"; 606 } 607 leaf revertive { 608 when "../df-election-method = 'preference'" { 609 description "The revertive value is only applicable " + 610 "to the preference method"; 611 } 612 type boolean; 613 default true; 614 description "The 'preempt' or 'revertive' behavior"; 615 } 616 leaf election-wait-time { 617 type uint32; 618 description "election-wait-time"; 620 } 621 } 622 leaf ead-evi-route { 623 type boolean; 624 default false; 625 description "Enable (true) or disable (false) ead-evi-route"; 626 } 627 leaf esi-label { 628 type string; 629 config false; 630 description "esi-label"; 631 } 632 list member { 633 config false; 634 leaf ip-address { 635 type inet:ip-address; 636 description "ip-address"; 637 } 638 description "member of the ethernet segment"; 639 } 640 list df { 641 config false; 642 leaf service-identifier { 643 type uint32; 644 description "service-identifier"; 645 } 646 leaf vlan { 647 type uint32; 648 description "vlan"; 649 } 650 leaf ip-address { 651 type inet:ip-address; 652 description "ip-address"; 653 } 654 description "df of an evpn instance's vlan"; 655 } 656 description "An ethernet segment"; 657 } 658 } 659 } 660 662 4.2 EVPN Yang Module 664 file "ietf-evpn@2017-10-21.yang" 665 module ietf-evpn { 666 namespace "urn:ietf:params:xml:ns:yang:ietf-evpn"; 667 prefix "evpn"; 669 import ietf-inet-types { 670 prefix "inet"; 671 } 673 import ietf-yang-types { 674 prefix "yang"; 675 } 677 import ietf-l2vpn { 678 prefix "l2vpn"; 679 } 681 import ietf-routing-types { 682 prefix "rt-types"; 683 } 685 import ietf-pseudowires { 686 prefix "pw"; 687 } 689 organization "ietf"; 690 contact "ietf"; 691 description "evpn"; 693 revision "2017-10-21" { 694 description " - Modified the operational state augment " + 695 " - Renamed evpn-instances-state to evpn-instances" + 696 " - Added vpws-vlan-aware to an EVPN instance " + 697 " - Added a new augment to L2VPN to add EPVN " + 698 " - pseudowire for the case of EVPN VPWS " + 699 " - Added state change notification " + 700 ""; 701 reference ""; 702 } 704 revision "2017-03-13" { 705 description " - Added an augment to base L2VPN model to " + 706 " reference an EVPN instance " + 707 " - Reused ietf-routing-types.yang " + 708 " vpn-route-targets grouping instead of " + 709 " defining it in this module " + 710 ""; 711 reference ""; 712 } 714 revision "2016-07-08" { 715 description " - Added operational state" + 716 " - Added a configuration knob to enable/disable " + 717 " underlay-multicast " + 718 " - Added a configuration knob to enable/disable " + 719 " flooding of unknonw unicast " + 720 " - Added several configuration knobs " + 721 " to manage ARP and ND" + 722 ""; 723 reference ""; 724 } 726 revision "2016-06-23" { 727 description "WG document adoption"; 728 reference ""; 729 } 731 revision "2015-10-15" { 732 description "Initial revision"; 733 reference ""; 734 } 736 feature evpn-bgp-params { 737 description "EVPN's BGP parameters"; 738 } 740 feature evpn-pbb-params { 741 description "EVPN's PBB parameters"; 742 } 744 /* Identities */ 746 identity evpn-notification-state { 747 description "The base identity on which EVPN notification " + 748 "states are based"; 749 } 751 identity MAC-duplication-detected { 752 base "evpn-notification-state"; 753 description "MAC duplication is detected"; 754 } 756 identity mass-withdraw-received { 757 base "evpn-notification-state"; 758 description "Mass withdraw received"; 759 } 761 identity static-MAC-move-detected { 762 base "evpn-notification-state"; 763 description "Static MAC move is detected"; 764 } 766 /* Typedefs */ 768 typedef evpn-instance-ref { 769 type leafref { 770 path "/evpn/evpn-instances/evpn-instance/name"; 771 } 772 description "A leafref type to an EVPN instance"; 773 } 775 /* Groupings */ 777 grouping route-rd-rt-grp { 778 description "A grouping for a route's route distinguishers " + 779 "and route targets"; 780 list rd-rt { 781 key "route-distinguisher"; 782 leaf route-distinguisher { 783 type rt-types:route-distinguisher; 784 description "Route distinguisher"; 785 } 786 list vpn-target { 787 key "route-target"; 788 leaf route-target { 789 type rt-types:route-target; 790 description "BGP route target"; 791 } 792 description "A list of route targets"; 793 } 794 description "A list of route distinguishers and " + 795 "corresponding VPN route targets"; 796 } 797 } 799 grouping next-hop-label-grp { 800 description "next-hop-label-grp"; 801 leaf next-hop { 802 type inet:ip-address; 803 description "next-hop"; 804 } 805 leaf label { 806 type rt-types:mpls-label; 807 description "label"; 808 } 809 } 810 grouping next-hop-label2-grp { 811 description "next-hop-label2-grp"; 812 leaf label2 { 813 type rt-types:mpls-label; 814 description "label2"; 815 } 816 } 818 grouping path-detail-grp { 819 description "path-detail-grp"; 820 container detail { 821 config false; 822 description "path details"; 823 container attributes { 824 leaf-list extended-community { 825 type string; 826 description "extended-community"; 827 } 828 description "attributes"; 829 } 830 leaf bestpath { 831 type empty; 832 description "Indicate this path is the best path"; 833 } 834 } 835 } 837 /* EVPN YANG Model */ 839 container evpn { 840 description "evpn"; 841 container common { 842 description "common epn attributes"; 843 choice replication-type { 844 description "A choice of replication type"; 845 case ingress-replication { 846 leaf ingress-replication { 847 type boolean; 848 description "ingress-replication"; 849 } 850 } 851 case p2mp-replication { 852 leaf p2mp-replication { 853 type boolean; 854 description "p2mp-replication"; 855 } 856 } 857 } 859 } 860 container evpn-instances { 861 description "evpn-instances"; 862 list evpn-instance { 863 key "name"; 864 description "An EVPN instance"; 865 leaf name { 866 type string; 867 description "Name of EVPN instance"; 868 } 869 leaf evi { 870 type uint32; 871 description "evi"; 872 } 873 container pbb-parameters { 874 if-feature "evpn-pbb-params"; 875 description "PBB parameters"; 876 leaf source-bmac { 877 type yang:hex-string; 878 description "source-bmac"; 879 } 880 } 881 container bgp-parameters { 882 description "BGP parameters"; 883 container common { 884 description "BGP parameters common to all pseudowires"; 885 list rd-rt { 886 if-feature evpn-bgp-params; 887 key "route-distinguisher"; 888 leaf route-distinguisher { 889 type rt-types:route-distinguisher; 890 description "Route distinguisher"; 891 } 892 uses rt-types:vpn-route-targets; 893 description "A list of route distinguishers and " + 894 "corresponding VPN route targets"; 895 } 896 } 897 } 898 leaf arp-proxy { 899 type boolean; 900 default false; 901 description "Enable (TRUE) or disable (FALSE) ARP proxy"; 902 } 903 leaf arp-suppression { 904 type boolean; 905 default false; 906 description "Enable (TRUE) or disable (FALSE) " + 907 "ARP suppression"; 908 } 909 leaf nd-proxy { 910 type boolean; 911 default false; 912 description "Enable (TRUE) or disable (FALSE) ND proxy"; 913 } 914 leaf nd-suppression { 915 type boolean; 916 default false; 917 description "Enable (TRUE) or disable (FALSE) " + 918 "ND suppression"; 919 } 920 leaf underlay-multicast { 921 type boolean; 922 default false; 923 description "Enable (TRUE) or disable (FALSE) " + 924 "underlay multicast"; 925 } 926 leaf flood-unknown-unicast-supression { 927 type boolean; 928 default false; 929 description "Enable (TRUE) or disable (FALSE) " + 930 "flood unknown unicast suppression"; 931 } 932 leaf vpws-vlan-aware { 933 type boolean; 934 default false; 935 description "Enable (TRUE) or disable (FALSE) " + 936 "VPWS VLAN aware"; 937 } 938 container routes { 939 config false; 940 description "routes"; 941 list ethernet-auto-discovery-route { 942 uses route-rd-rt-grp; 943 leaf ethernet-segment-identifier { 944 type uint32; 945 description "Ethernet segment identifier (esi)"; 946 } 947 leaf ethernet-tag { 948 type uint32; 949 description "An ethernet tag (etag) indentifying a " + 950 "broadcast domain"; 951 } 952 list path { 953 uses next-hop-label-grp; 954 uses path-detail-grp; 955 description "path"; 956 } 957 description "ethernet-auto-discovery-route"; 958 } 959 list mac-ip-advertisement-route { 960 uses route-rd-rt-grp; 961 leaf ethernet-segment-identifier { 962 type uint32; 963 description "Ethernet segment identifier (esi)"; 964 } 965 leaf ethernet-tag { 966 type uint32; 967 description "An ethernet tag (etag) indentifying a " + 968 "broadcast domain"; 969 } 970 leaf mac-address { 971 type yang:hex-string; 972 description "Route mac address"; 973 } 974 leaf mac-address-length { 975 type uint8 { 976 range "0..48"; 977 } 978 description "mac address length"; 979 } 980 leaf ip-prefix { 981 type inet:ip-prefix; 982 description "ip-prefix"; 983 } 984 list path { 985 uses next-hop-label-grp; 986 uses next-hop-label2-grp; 987 uses path-detail-grp; 988 description "path"; 989 } 990 description "mac-ip-advertisement-route"; 991 } 992 list inclusive-multicast-ethernet-tag-route { 993 uses route-rd-rt-grp; 994 leaf ethernet-segment-identifier { 995 type uint32; 996 description "Ethernet segment identifier (esi)"; 997 } 998 leaf originator-ip-prefix { 999 type inet:ip-prefix; 1000 description "originator-ip-prefix"; 1001 } 1002 list path { 1003 uses next-hop-label-grp; 1004 uses path-detail-grp; 1005 description "path"; 1006 } 1007 description "inclusive-multicast-ethernet-tag-route"; 1008 } 1009 list ethernet-segment-route { 1010 uses route-rd-rt-grp; 1011 leaf ethernet-segment-identifier { 1012 type uint32; 1013 description "Ethernet segment identifier (esi)"; 1014 } 1015 leaf originator-ip-prefix { 1016 type inet:ip-prefix; 1017 description "originator ip-prefix"; 1018 } 1019 list path { 1020 leaf next-hop { 1021 type inet:ip-address; 1022 description "next-hop"; 1023 } 1024 uses path-detail-grp; 1025 description "path"; 1026 } 1027 description "ethernet-segment-route"; 1028 } 1029 list ip-prefix-route { 1030 uses route-rd-rt-grp; 1031 leaf ethernet-segment-identifier { 1032 type uint32; 1033 description "Ethernet segment identifier (esi)"; 1034 } 1035 leaf ip-prefix { 1036 type inet:ip-prefix; 1037 description "ip-prefix"; 1038 } 1039 list path { 1040 uses next-hop-label-grp; 1041 uses path-detail-grp; 1042 description "path"; 1043 } 1044 description "ip-prefix route"; 1045 } 1046 } 1047 container statistics { 1048 config false; 1049 description "Statistics"; 1050 leaf tx-count { 1051 type uint32; 1052 description "transmission count"; 1053 } 1054 leaf rx-count { 1055 type uint32; 1056 description "receive count"; 1057 } 1058 container detail { 1059 description "Detailed statistics"; 1060 leaf broadcast-tx-count { 1061 type uint32; 1062 description "broadcast transmission count"; 1063 } 1064 leaf broadcast-rx-count { 1065 type uint32; 1066 description "broadcast receive count"; 1067 } 1068 leaf multicast-tx-count { 1069 type uint32; 1070 description "multicast transmission count"; 1071 } 1072 leaf multicast-rx-count { 1073 type uint32; 1074 description "multicast receive count"; 1075 } 1076 leaf unknown-unicast-tx-count { 1077 type uint32; 1078 description "unknown unicast transmission count"; 1079 } 1080 leaf unknown-unicast-rx-count { 1081 type uint32; 1082 description "unknown-unicast receive count"; 1083 } 1084 } 1085 } 1086 } 1087 } 1088 } 1090 /* augments */ 1092 augment "/pw:pseudowires/pw:pseudowire/pw:pw-type" { 1093 description "Augment for an L2VPN instance to add EVPN VPWS " + 1094 "pseudowire"; 1095 case evpn-pw { 1096 container evpn-pw { 1097 description "EVPN pseudowire"; 1098 leaf remote-id { 1099 type uint32; 1100 description "Remote pseudowire ID"; 1101 } 1102 leaf local-id { 1103 type uint32; 1104 description "Local pseudowire ID"; 1105 } 1106 } 1107 } 1108 } 1110 augment "/l2vpn:l2vpn/l2vpn:instances/l2vpn:instance" { 1111 description "Augment for an L2VPN instance and EVPN association"; 1112 leaf evpn-instance { 1113 type evpn-instance-ref; 1114 description "Reference to an EVPN instance"; 1115 } 1116 } 1118 augment "/l2vpn:l2vpn/l2vpn:instances/l2vpn:instance" { 1119 when "l2vpn:type = 'l2vpn:vpls-instance-type'" { 1120 description "Constraints only for VPLS pseudowires"; 1121 } 1122 description "Augment for VPLS instance"; 1123 container vpls-contstraints { 1124 must "not(boolean(/pw:pseudowires/pw:pseudowire" + 1125 " [pw:name = current()/../l2vpn:endpoint" + 1126 " /l2vpn:pw/l2vpn:name]" + 1127 " /evpn-pw/remote-id)) and " + 1128 "not(boolean(/pw:pseudowires/pw:pseudowire" + 1129 " [pw:name = current()/../l2vpn:endpoint" + 1130 " /l2vpn:pw/l2vpn:name]" + 1131 " /evpn-pw/local-id)) and " + 1132 "not(boolean(/pw:pseudowires/pw:pseudowire" + 1133 " [pw:name = current()/../l2vpn:endpoint" + 1134 " /l2vpn:primary-pw/l2vpn:name]" + 1135 " /evpn-pw/remote-id)) and " + 1136 "not(boolean(/pw:pseudowires/pw:pseudowire" + 1137 " [pw:name = current()/../l2vpn:endpoint" + 1138 " /l2vpn:primary-pw/l2vpn:name]" + 1139 " /evpn-pw/local-id)) and " + 1140 "not(boolean(/pw:pseudowires/pw:pseudowire" + 1141 " [pw:name = current()/../l2vpn:endpoint" + 1142 " /l2vpn:backup-pw/l2vpn:name]" + 1143 " /evpn-pw/remote-id)) and " + 1144 "not(boolean(/pw:pseudowires/pw:pseudowire" + 1145 " [pw:name = current()/../l2vpn:endpoint" + 1146 " /l2vpn:backup-pw/l2vpn:name]" + 1147 " /evpn-pw/local-id))" { 1148 description "A VPLS pseudowire must not be EVPN PW"; 1149 } 1150 description "VPLS constraints"; 1151 } 1152 } 1154 /* Notifications */ 1156 notification evpn-state-change-notification { 1157 description "EVPN state change notification"; 1158 leaf evpn-instance { 1159 type evpn-instance-ref; 1160 description "Related EVPN instance"; 1161 } 1162 leaf state { 1163 type identityref { 1164 base evpn-notification-state; 1165 } 1166 description "State change notification"; 1167 } 1168 } 1169 } 1170 1172 5. Security Considerations 1174 The configuration, state, action and notification data defined in 1175 this document are designed to be accessed via the NETCONF protocol 1176 [RFC6241]. The lowest NETCONF layer is the secure transport layer 1177 and the mandatory-to-implement secure transport is SSH [RFC6242]. The 1178 NETCONF access control model [RFC6536] provides means to restrict 1179 access for particular NETCONF users to a pre-configured subset of all 1180 available NETCONF protocol operations and content. 1182 The security concerns listed above are, however, no different than 1183 faced by other routing protocols. Hence, this draft does not change 1184 any underlying security issues inherent in [I-D.ietf-netmod-routing- 1185 cfg] 1187 6. IANA Considerations 1189 None. 1191 7. References 1193 7.1. Normative References 1195 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1196 Requirement Levels", BCP 14, RFC 2119, March 1997. 1198 7.2. Informative References 1199 [RFC6241] R.Enns et al., "Network Configuration 1200 Protocol (NETCONF)", 1201 RFC 6241, June 2011 1203 [RFC6020] M. Bjorklund, "YANG - A Data Modeling Language for 1204 the Network Configuration Protocol (NETCONF)", 1205 RFC 6020, October 2010. 1207 [RFC6242] M. Wasserman, "Using the NETCONF Protocol over 1208 Secure Shell (SSH)", 1209 RFC 6242, June 2011. 1211 [RFC6536] A. Bierman et al., "Network Configuration Protocol 1212 (NETCONF) Access Control Model" 1213 RFC 6536, March 2012. 1215 [RFC7432] Sajassi et al., "BGP MPLS-Based Ethernet VPN", 1216 RFC 7432, February 2015. 1218 [RFC7623] Sajassi et al., "Provider Backbone Bridging 1219 Combined with Ethernet VPN (PBB-EVPN)", 1220 RFC 7623, September 2015 1222 Authors' Addresses 1224 Patrice Brissette 1225 Cisco Systems, Inc. 1226 EMail: pbrisset@cisco.com 1228 Ali Sajassi 1229 Cisco Systems, Inc. 1230 EMail: sajassi@cisco.com 1232 Himanshu Shah 1233 Ciena Corporation 1234 EMail: hshah@ciena.com 1236 Zhenbin Li 1237 Huawei Technologies 1238 EMail: lizhenbin@huawei.com 1239 Helen Chen 1240 Jabil 1241 EMail: Ing-Wher_Chen@jabil.com 1243 Kishore Tiruveedhula 1244 Juniper Networks 1245 EMail: kishoret@juniper.net 1247 Iftekar Hussain 1248 Infinera Corporation 1249 EMail: ihussain@infinera.com 1251 Jorge Rabadan 1252 Nokia 1253 EMail: jorge.rabadan@nokia.com