idnits 2.17.1 draft-ietf-bess-evpn-yang-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 284 has weird spacing: '...-target rt-...' == Line 350 has weird spacing: '...-target rt-...' == The document doesn't use any RFC 2119 keywords, yet seems to have RFC 2119 boilerplate text. -- The document date (February 21, 2018) is 2254 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC8214' is mentioned on line 166, but not defined -- Obsolete informational reference (is this intentional?): RFC 6536 (Obsoleted by RFC 8341) Summary: 0 errors (**), 0 flaws (~~), 5 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 BESS Working Group P. Brissette Ed. 3 Internet Draft Cisco System 4 Intended Status: Proposed Standard H. Shah Ed. 5 Expires: August 25, 2018 Ciena Corporation 6 I. Chen Ed. 7 Jabil 8 I. Hussain Ed. 9 Infinera Corporation 10 K. Tiruveedhula Ed. 11 Juniper Networks 12 J. Rabadan Ed. 13 Nokia 15 February 21, 2018 17 Yang Data Model for EVPN 18 draft-ietf-bess-evpn-yang-05 20 Abstract 22 This document describes a YANG data model for Ethernet VPN services. 23 The model is agnostic of the underlay. It apply to MPLS as well as to 24 VxLAN encapsulation. The model is also agnostic of the services 25 including E-LAN, E-LINE and E-TREE services. This document mainly 26 focuses on EVPN and Ethernet-Segment instance framework. 28 Status of this Memo 30 This Internet-Draft is submitted to IETF in full conformance with the 31 provisions of BCP 78 and BCP 79. 33 Internet-Drafts are working documents of the Internet Engineering 34 Task Force (IETF), its areas, and its working groups. Note that 35 other groups may also distribute working documents as 36 Internet-Drafts. 38 Internet-Drafts are draft documents valid for a maximum of six months 39 and may be updated, replaced, or obsoleted by other documents at any 40 time. It is inappropriate to use Internet-Drafts as reference 41 material or to cite them other than as "work in progress." 43 The list of current Internet-Drafts can be accessed at 44 http://www.ietf.org/1id-abstracts.html 46 The list of Internet-Draft Shadow Directories can be accessed at 47 http://www.ietf.org/shadow.html 49 Copyright and License Notice 51 Copyright (c) 2018 IETF Trust and the persons identified as the 52 document authors. All rights reserved. 54 This document is subject to BCP 78 and the IETF Trust's Legal 55 Provisions Relating to IETF Documents 56 (http://trustee.ietf.org/license-info) in effect on the date of 57 publication of this document. Please review these documents 58 carefully, as they describe your rights and restrictions with respect 59 to this document. Code Components extracted from this document must 60 include Simplified BSD License text as described in Section 4.e of 61 the Trust Legal Provisions and are provided without warranty as 62 described in the Simplified BSD License. 64 Convention 66 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 67 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 68 document are to be interpreted as described in [RFC2119]. 70 Table of Contents 72 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 73 2. Specification of Requirements . . . . . . . . . . . . . . . . . 3 74 3. EVPN YANG Model . . . . . . . . . . . . . . . . . . . . . . . . 4 75 3.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . 4 76 3.2 Ethernet-Segment Model . . . . . . . . . . . . . . . . . . . 4 77 3.3 EVPN Model . . . . . . . . . . . . . . . . . . . . . . . . . 5 78 4. YANG Module . . . . . . . . . . . . . . . . . . . . . . . . . . 9 79 4.1 Ethernet Segment Yang Module . . . . . . . . . . . . . . . . 9 80 4.2 EVPN Yang Module . . . . . . . . . . . . . . . . . . . . . . 14 81 5. Security Considerations . . . . . . . . . . . . . . . . . . . . 25 82 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 26 83 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 26 84 7.1. Normative Reference . . . . . . . . . . . . . . . . . . . . 26 85 7.2. Informative References . . . . . . . . . . . . . . . . . . 26 86 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 27 88 1. Introduction 90 The Network Configuration Protocol (NETCONF) [RFC6241] is a network 91 management protocol that defines mechanisms to manage network 92 devices. YANG [RFC6020] is a modular language that represents data 93 structures in an XML or JSON tree format, and is used as a data 94 modeling language for the NETCONF. 96 This document introduces a YANG data model for Ethernet VPN services 97 (EVPN) [RFC7432], Provider Backbone Bridging Combined with Ethernet 98 VPN (PBB-EVPN) [RFC7623] as well as other WG draft such as EVPN-VPWS, 99 etc. The EVPN services runs over MPLS and VxLAN underlay. 101 The Yang data model in this document defines Ethernet VPN based 102 services. The model leverages the definitions used in other IETF 103 Yang draft such as L2VPN Yang. 105 The goal is to propose a data object model consisting of building 106 blocks that can be assembled in different order to realize different 107 EVPN-based services. The definition work is undertaken initially by a 108 smaller working group with members representing various vendors and 109 service providers. The EVPN basic framework consist of two modules: 110 EVPN and Ethernet-Segment. These models are completely orthogonal. 111 They usually work in pair but user can definitely use one or the 112 other for its own need. 114 The data model is defined for following constructs that are used for 115 managing the services: 117 o Configuration 119 o Operational State 121 o Notifications 123 The document is organized to first define the data model for the 124 configuration, operational state and notifications of EVPN and 125 Ethernet-Segment. 127 The EVPN data object model defined in this document uses the instance 128 centric approach whereby EVPN service attributes are specified for a 129 given EVPN instance. 131 The Ethernet-Segment data object model defined in this document refer 132 to a specific interface. That interface can be a physical interface, 133 a bundle interface or virtual interface. The latter includes 134 attachment-circuit and pseudowire. The purpose of creating a separate 135 module is due to the fact that it can be used without having the need 136 to have EVPN configured as layer 2/3 service. For example, an access 137 node can be dual-homed to two service nodes servicing a VPLS or an 138 IPVPN core. The access connectivity can be represented by an 139 Ethernet-Segment where EVPN BGP DF election is performed over both 140 service nodes. 141 2. Specification of Requirements 143 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL 145 NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" 146 in this document are to be interpreted as described in [RFC2119]. 148 3. EVPN YANG Model 150 3.1. Overview 152 Two top level module, Ethernet-Segment and EVPN, are defined. The 153 Ethernet-Segment contains a list of interface to which any Ethernet- 154 Segment attributes are configured/applied. 156 The EVPN module has two main containers: common and instance. The 157 first one has common attributes to all VPNs where as the latter has 158 attributes specific to an EVI (EVPN instance). This document state 159 the scope of the EVPN object models definition. The following 160 documents are within the scope. This is not an exhaustive list but a 161 representation of documents that are covered for this work: 163 o Requirements for EVPN: [RFC7209] 164 o EVPN: [RFC7432] 165 o PBB-EVPN: [RFC7623] 166 o EVPN-VPWS: [RFC8214] 168 The integration with L2VPN instance Yang model is being done as part 169 of the L2VPN Yang model. 170 Following documents will be covered at that time: 171 o E-TREE Support in EVPN & PBB-EVPN: 172 draft-ietf-bess-evpn-etree 173 o (PBB-)EVPN Seamless Integration with (PBB-)VPLS: 174 draft-ietf-bess-evpn-vpls-seamless-integ 175 o EVPN Virtual Ethernet Segment: 176 draft-sajassi-bess-evpn-virtual-eth-segment 177 o IP Prefix Advertisement in EVPN: 178 draft-ietf-bess-evpn-prefix-advertisement 179 o VXLAN DCI Using EVPN: 180 draft-boutros-l2vpn-vxlan-evpn 181 o A Network Virtualization Overlay Solution using EVPN: 182 draft-ietf-bess-evpn-overlay 183 o Interconnect Solution for EVPN Overlay networks: 184 draft-ietf-bess-dci-evpn-overlay 185 o Integrated Routing and Bridging in EVPN: 186 draft-ietf-bess-evpn-inter-subnet-forwarding 188 3.2 Ethernet-Segment Model 190 The Ethernet-Segment data model has a list of ES where each refer to 191 an interface. All attributes are optional due to auto-sensing default 192 mode where all values are auto-derive from the network connectivity. 194 module: ietf-ethernet-segment 195 +--rw ethernet-segments 196 +--rw ethernet-segment* [name] 197 +--rw name string 198 +--ro service-type? string 199 +--ro status? status-type 200 +--rw (ac-or-pw)? 201 | +--:(ac) 202 | | +--rw ac* if:interface-ref 203 | +--:(pw) 204 | +--rw pw* pw:pseudowire-ref 205 +--ro interface-status? status-type 206 +--rw ethernet-segment-identifier? uint32 207 +--rw (active-mode) 208 | +--:(single-active) 209 | | +--rw single-active-mode? empty 210 | +--:(all-active) 211 | +--rw all-active-mode? empty 212 +--rw pbb-parameters {ethernet-segment-pbb-params}? 213 | +--rw backbone-src-mac? yang:mac-address 214 +--rw bgp-parameters 215 | +--rw common 216 | +--rw rd-rt* [route-distinguisher] 217 | {ethernet-segment-bgp-params}? 218 | +--rw route-distinguisher 219 | rt-types:route-distinguisher 220 | +--rw vpn-target* [route-target] 221 | +--rw route-target 222 | rt-types:route-target 223 | +--rw route-target-type 224 | rt-types:route-target-type 225 +--rw df-election 226 | +--rw df-election-method? df-election-method-type 227 | +--rw preference? uint16 228 | +--rw revertive? boolean 229 | +--rw election-wait-time? uint32 230 +--rw ead-evi-route? boolean 231 +--ro esi-label? string 232 +--ro member* 233 | +--ro ip-address? inet:ip-address 234 +--ro df* 235 +--ro service-identifier? uint32 236 +--ro vlan? uint32 237 +--ro ip-address? inet:ip-address 239 3.3 EVPN Model 241 The evpn-instances container contains a list of evpn-instance. Each 242 entry of the evpn-instance represents a different Ethernet VPN and it 243 is represented by a EVI. Again, mainly all attributes are optional 244 for the same reason as for the Ethernet-Segment module. 246 module: ietf-evpn 247 +--rw evpn 248 +--rw common 249 | +--rw (replication-type)? 250 | +--:(ingress-replication) 251 | | +--rw ingress-replication? boolean 252 | +--:(p2mp-replication) 253 | +--rw p2mp-replication? boolean 254 +--rw evpn-instances 255 +--rw evpn-instance* [name] 256 +--rw name string 257 +--rw evi? uint32 258 +--rw pbb-parameters {evpn-pbb-params}? 259 | +--rw source-bmac? yang:hex-string 260 +--rw bgp-parameters 261 | +--rw common 262 | +--rw rd-rt* [route-distinguisher] 263 | {evpn-bgp-params}? 264 | +--rw route-distinguisher 265 | | rt-types:route-distinguisher 266 | +--rw vpn-target* [route-target] 267 | +--rw route-target 268 | rt-types:route-target 269 | +--rw route-target-type 270 rt-types:route-target-type 271 +--rw arp-proxy? boolean 272 +--rw arp-suppression? boolean 273 +--rw nd-proxy? boolean 274 +--rw nd-suppression? boolean 275 +--rw underlay-multicast? boolean 276 +--rw flood-unknown-unicast-supression? boolean 277 +--rw vpws-vlan-aware? boolean 278 +--ro routes 279 | +--ro ethernet-auto-discovery-route* 280 | | +--ro rd-rt* [route-distinguisher] 281 | | | +--ro route-distinguisher 282 | | | rt-types:route-distinguisher 283 | | | +--ro vpn-target* [route-target] 284 | | | +--ro route-target rt-types:route-target 285 | | +--ro ethernet-segment-identifier? uint32 286 | | +--ro ethernet-tag? uint32 287 | | +--ro path* 288 | | +--ro next-hop? inet:ip-address 289 | | +--ro label? rt-types:mpls-label 290 | | +--ro detail 291 | | +--ro attributes 292 | | | +--ro extended-community* string 293 | | +--ro bestpath? empty 294 | +--ro mac-ip-advertisement-route* 295 | | +--ro rd-rt* [route-distinguisher] 296 | | | +--ro route-distinguisher 297 | | | rt-types:route-distinguisher 298 | | | +--ro vpn-target* [route-target] 299 | | | +--ro route-target 300 | | | rt-types:route-target 301 | | +--ro ethernet-segment-identifier? uint32 302 | | +--ro ethernet-tag? uint32 303 | | +--ro mac-address? yang:hex-string 304 | | +--ro mac-address-length? uint8 305 | | +--ro ip-prefix? inet:ip-prefix 306 | | +--ro path* 307 | | +--ro next-hop? inet:ip-address 308 | | +--ro label? rt-types:mpls-label 309 | | +--ro label2? rt-types:mpls-label 310 | | +--ro detail 311 | | +--ro attributes 312 | | | +--ro extended-community* string 313 | | +--ro bestpath? empty 314 | +--ro inclusive-multicast-ethernet-tag-route* 315 | | +--ro rd-rt* [route-distinguisher] 316 | | | +--ro route-distinguisher 317 | | | rt-types:route-distinguisher 318 | | | +--ro vpn-target* [route-target] 319 | | | +--ro route-target 320 | | | rt-types:route-target 321 | | +--ro ethernet-segment-identifier? uint32 322 | | +--ro originator-ip-prefix? inet:ip-prefix 323 | | +--ro path* 324 | | +--ro next-hop? inet:ip-address 325 | | +--ro label? rt-types:mpls-label 326 | | +--ro detail 327 | | +--ro attributes 328 | | | +--ro extended-community* string 329 | | +--ro bestpath? empty 330 | +--ro ethernet-segment-route* 331 | | +--ro rd-rt* [route-distinguisher] 332 | | | +--ro route-distinguisher 333 | | | rt-types:route-distinguisher 334 | | | +--ro vpn-target* [route-target] 335 | | | +--ro route-target 336 | | | rt-types:route-target 337 | | +--ro ethernet-segment-identifier? uint32 338 | | +--ro originator-ip-prefix? inet:ip-prefix 339 | | +--ro path* 340 | | +--ro next-hop? inet:ip-address 341 | | +--ro detail 342 | | +--ro attributes 343 | | | +--ro extended-community* string 344 | | +--ro bestpath? empty 345 | +--ro ip-prefix-route* 346 | +--ro rd-rt* [route-distinguisher] 347 | | +--ro route-distinguisher 348 | | rt-types:route-distinguisher 349 | | +--ro vpn-target* [route-target] 350 | | +--ro route-target rt-types:route-target 351 | +--ro ethernet-segment-identifier? uint32 352 | +--ro ip-prefix? inet:ip-prefix 353 | +--ro path* 354 | +--ro next-hop? inet:ip-address 355 | +--ro label? rt-types:mpls-label 356 | +--ro detail 357 | +--ro attributes 358 | | +--ro extended-community* string 359 | +--ro bestpath? empty 360 +--ro statistics 361 +--ro tx-count? uint32 362 +--ro rx-count? uint32 363 +--ro detail 364 +--ro broadcast-tx-count? uint32 365 +--ro broadcast-rx-count? uint32 366 +--ro multicast-tx-count? uint32 367 +--ro multicast-rx-count? uint32 368 +--ro unknown-unicast-tx-count? uint32 369 +--ro unknown-unicast-rx-count? uint32 370 augment /pw:pseudowires/pw:pseudowire/pw:pw-type: 371 +--:(evpn-pw) 372 +--rw evpn-pw 373 +--rw remote-id? uint32 374 +--rw local-id? uint32 375 augment 376 /ni:network-instances/ni:network-instance/ni:ni-type/l2vpn:l2vpn: 377 +--rw evpn-instance? evpn-instance-ref 378 augment 379 /ni:network-instances/ni:network-instance/ni:ni-type/l2vpn:l2vpn: 380 +--rw vpls-contstraints 382 notifications: 383 +---n evpn-state-change-notification 384 +--ro evpn-instance? evpn-instance-ref 385 +--ro state? identityref 387 4. YANG Module 389 The EVPN configuration container is logically divided into 390 following high level configuration areas: 392 4.1 Ethernet Segment Yang Module 394 file "ietf-ethernet-segment@2018-02-20.yang" 395 module ietf-ethernet-segment { 396 namespace "urn:ietf:params:xml:ns:yang:ietf-ethernet-segment"; 397 prefix "es"; 399 import ietf-yang-types { 400 prefix "yang"; 401 } 403 import ietf-inet-types { 404 prefix "inet"; 405 } 407 import ietf-routing-types { 408 prefix "rt-types"; 409 } 411 import ietf-interfaces { 412 prefix "if"; 413 } 415 import ietf-pseudowires { 416 prefix "pw"; 417 } 419 organization "ietf"; 420 contact "ietf"; 421 description "ethernet segment"; 423 revision "2018-02-20" { 424 description " - Change the type of attachment circuit to " + 425 " if:interface-ref " + 426 ""; 427 reference ""; 428 } 430 revision "2017-10-21" { 431 description " - Updated ethernet segment's AC/PW members to " + 432 " accommodate more than one AC or more than one " + 433 " PW " + 434 " - Added the new preference based DF election " + 435 " method " + 436 " - Referenced pseudowires in the new " + 437 " ietf-pseudowires.yang model " + 438 " - Moved model to NMDA style specified in " + 439 " draft-dsdt-nmda-guidelines-01.txt " + 440 ""; 441 reference ""; 442 } 444 revision "2017-03-08" { 445 description " - Updated to use BGP parameters from " + 446 " ietf-routing-types.yang instead of from " + 447 " ietf-evpn.yang " + 448 " - Updated ethernet segment's AC/PW members to " + 449 " accommodate more than one AC or more than one " + 450 " PW " + 451 " - Added the new preference based DF election " + 452 " method " + 453 ""; 454 reference ""; 455 } 457 revision "2016-07-08" { 458 description " - Added the configuration option to enable or " + 459 " disable per-EVI/EAD route " + 460 " - Added PBB parameter backbone-src-mac " + 461 " - Added operational state branch, initially " + 462 " to match the configuration branch" + 463 ""; 464 reference ""; 465 } 467 revision "2016-06-23" { 468 description "WG document adoption"; 469 reference ""; 470 } 472 revision "2015-10-15" { 473 description "Initial revision"; 474 reference ""; 475 } 477 /* Features */ 479 feature ethernet-segment-bgp-params { 480 description "Ethernet segment's BGP parameters"; 481 } 482 feature ethernet-segment-pbb-params { 483 description "Ethernet segment's PBB parameters"; 484 } 486 /* Typedefs */ 487 typedef status-type { 488 type enumeration { 489 enum up { 490 description "Status is up"; 491 } 492 enum down { 493 description "Status is down"; 494 } 495 } 496 description "status type"; 497 } 499 typedef df-election-method-type { 500 type enumeration { 501 enum default { 502 value 0; 503 description "The default DF election method"; 504 } 505 enum highest-random-weight { 506 value 1; 507 description "The highest random weight (HRW) method"; 508 reference "draft-mohanty-bess-evpn-df-election"; 509 } 510 enum preference { 511 value 2; 512 description "The preference based method"; 513 reference "draft-rabadan-bess-evpn-pref-df"; 514 } 515 } 516 description "The DF election method type"; 517 } 519 /* EVPN Ethernet Segment YANG Model */ 521 container ethernet-segments { 522 description "ethernet-segment"; 523 list ethernet-segment { 524 key "name"; 525 leaf name { 526 type string; 527 description "Name of the ethernet segment"; 528 } 529 leaf service-type { 530 type string; 531 config false; 532 description "service-type"; 533 } 534 leaf status { 535 type status-type; 536 config false; 537 description "Ethernet segment status"; 538 } 539 choice ac-or-pw { 540 description "ac-or-pw"; 541 case ac { 542 leaf-list ac { 543 type if:interface-ref; 544 description "Name of attachment circuit"; 545 } 546 } 547 case pw { 548 leaf-list pw { 549 type pw:pseudowire-ref; 550 description "Reference to a pseudowire"; 551 } 552 } 553 } 554 leaf interface-status { 555 type status-type; 556 config false; 557 description "interface status"; 558 } 559 leaf ethernet-segment-identifier { 560 type uint32; 561 description "Ethernet segment identifier (esi)"; 562 } 563 choice active-mode { 564 mandatory true; 565 description "Choice of active mode"; 566 case single-active { 567 leaf single-active-mode { 568 type empty; 569 description "single-active-mode"; 570 } 571 } 572 case all-active { 573 leaf all-active-mode { 574 type empty; 575 description "all-active-mode"; 576 } 577 } 579 } 580 container pbb-parameters { 581 if-feature ethernet-segment-pbb-params; 582 description "PBB configuration"; 583 leaf backbone-src-mac { 584 type yang:mac-address; 585 description "backbone-src-mac, only if this is a PBB"; 586 } 587 } 588 container bgp-parameters { 589 description "BGP parameters"; 590 container common { 591 description "BGP parameters common to all pseudowires"; 592 list rd-rt { 593 if-feature ethernet-segment-bgp-params; 594 key "route-distinguisher"; 595 leaf route-distinguisher { 596 type rt-types:route-distinguisher; 597 description "Route distinguisher"; 598 } 599 uses rt-types:vpn-route-targets; 600 description "A list of route distinguishers and " + 601 "corresponding VPN route targets"; 602 } 603 } 604 } 605 container df-election { 606 description "df-election"; 607 leaf df-election-method { 608 type df-election-method-type; 609 description "The DF election method"; 610 } 611 leaf preference { 612 when "../df-election-method = 'preference'" { 613 description "The preference value is only applicable " + 614 "to the preference based method"; 615 } 616 type uint16; 617 description "The DF preference"; 618 } 619 leaf revertive { 620 when "../df-election-method = 'preference'" { 621 description "The revertive value is only applicable " + 622 "to the preference method"; 623 } 624 type boolean; 625 default true; 626 description "The 'preempt' or 'revertive' behavior"; 628 } 629 leaf election-wait-time { 630 type uint32; 631 description "election-wait-time"; 632 } 633 } 634 leaf ead-evi-route { 635 type boolean; 636 default false; 637 description "Enable (true) or disable (false) ead-evi-route"; 638 } 639 leaf esi-label { 640 type string; 641 config false; 642 description "esi-label"; 643 } 644 list member { 645 config false; 646 leaf ip-address { 647 type inet:ip-address; 648 description "ip-address"; 649 } 650 description "member of the ethernet segment"; 651 } 652 list df { 653 config false; 654 leaf service-identifier { 655 type uint32; 656 description "service-identifier"; 657 } 658 leaf vlan { 659 type uint32; 660 description "vlan"; 661 } 662 leaf ip-address { 663 type inet:ip-address; 664 description "ip-address"; 665 } 666 description "df of an evpn instance's vlan"; 667 } 668 description "An ethernet segment"; 669 } 670 } 671 } 672 674 4.2 EVPN Yang Module 675 file "ietf-evpn@2018-02-20.yang" 676 module ietf-evpn { 677 namespace "urn:ietf:params:xml:ns:yang:ietf-evpn"; 678 prefix "evpn"; 680 import ietf-inet-types { 681 prefix "inet"; 682 } 684 import ietf-yang-types { 685 prefix "yang"; 686 } 688 import ietf-routing-types { 689 prefix "rt-types"; 690 } 692 import ietf-network-instance { 693 prefix "ni"; 694 } 696 import ietf-l2vpn { 697 prefix "l2vpn"; 698 } 700 import ietf-pseudowires { 701 prefix "pw"; 702 } 704 organization "ietf"; 705 contact "ietf"; 706 description "evpn"; 708 revision "2018-02-20" { 709 description " - Incorporated ietf-network-instance model" + 710 " on which ietf-l2vpn is now based " + 711 ""; 712 reference ""; 713 } 715 revision "2017-10-21" { 716 description " - Modified the operational state augment " + 717 " - Renamed evpn-instances-state to evpn-instances" + 718 " - Added vpws-vlan-aware to an EVPN instance " + 719 " - Added a new augment to L2VPN to add EPVN " + 720 " - pseudowire for the case of EVPN VPWS " + 721 " - Added state change notification " + 722 ""; 724 reference ""; 725 } 727 revision "2017-03-13" { 728 description " - Added an augment to base L2VPN model to " + 729 " reference an EVPN instance " + 730 " - Reused ietf-routing-types.yang " + 731 " vpn-route-targets grouping instead of " + 732 " defining it in this module " + 733 ""; 734 reference ""; 735 } 737 revision "2016-07-08" { 738 description " - Added operational state" + 739 " - Added a configuration knob to enable/disable " + 740 " underlay-multicast " + 741 " - Added a configuration knob to enable/disable " + 742 " flooding of unknonw unicast " + 743 " - Added several configuration knobs " + 744 " to manage ARP and ND" + 745 ""; 746 reference ""; 747 } 749 revision "2016-06-23" { 750 description "WG document adoption"; 751 reference ""; 752 } 754 revision "2015-10-15" { 755 description "Initial revision"; 756 reference ""; 757 } 759 feature evpn-bgp-params { 760 description "EVPN's BGP parameters"; 761 } 763 feature evpn-pbb-params { 764 description "EVPN's PBB parameters"; 765 } 767 /* Identities */ 769 identity evpn-notification-state { 770 description "The base identity on which EVPN notification " + 771 "states are based"; 773 } 775 identity MAC-duplication-detected { 776 base "evpn-notification-state"; 777 description "MAC duplication is detected"; 778 } 780 identity mass-withdraw-received { 781 base "evpn-notification-state"; 782 description "Mass withdraw received"; 783 } 785 identity static-MAC-move-detected { 786 base "evpn-notification-state"; 787 description "Static MAC move is detected"; 788 } 790 /* Typedefs */ 792 typedef evpn-instance-ref { 793 type leafref { 794 path "/evpn/evpn-instances/evpn-instance/name"; 795 } 796 description "A leafref type to an EVPN instance"; 797 } 799 /* Groupings */ 801 grouping route-rd-rt-grp { 802 description "A grouping for a route's route distinguishers " + 803 "and route targets"; 804 list rd-rt { 805 key "route-distinguisher"; 806 leaf route-distinguisher { 807 type rt-types:route-distinguisher; 808 description "Route distinguisher"; 809 } 810 list vpn-target { 811 key "route-target"; 812 leaf route-target { 813 type rt-types:route-target; 814 description "BGP route target"; 815 } 816 description "A list of route targets"; 817 } 818 description "A list of route distinguishers and " + 819 "corresponding VPN route targets"; 820 } 822 } 824 grouping next-hop-label-grp { 825 description "next-hop-label-grp"; 826 leaf next-hop { 827 type inet:ip-address; 828 description "next-hop"; 829 } 830 leaf label { 831 type rt-types:mpls-label; 832 description "label"; 833 } 834 } 836 grouping next-hop-label2-grp { 837 description "next-hop-label2-grp"; 838 leaf label2 { 839 type rt-types:mpls-label; 840 description "label2"; 841 } 842 } 844 grouping path-detail-grp { 845 description "path-detail-grp"; 846 container detail { 847 config false; 848 description "path details"; 849 container attributes { 850 leaf-list extended-community { 851 type string; 852 description "extended-community"; 853 } 854 description "attributes"; 855 } 856 leaf bestpath { 857 type empty; 858 description "Indicate this path is the best path"; 859 } 860 } 861 } 863 /* EVPN YANG Model */ 865 container evpn { 866 description "evpn"; 867 container common { 868 description "common epn attributes"; 869 choice replication-type { 870 description "A choice of replication type"; 871 case ingress-replication { 872 leaf ingress-replication { 873 type boolean; 874 description "ingress-replication"; 875 } 876 } 877 case p2mp-replication { 878 leaf p2mp-replication { 879 type boolean; 880 description "p2mp-replication"; 881 } 882 } 883 } 884 } 885 container evpn-instances { 886 description "evpn-instances"; 887 list evpn-instance { 888 key "name"; 889 description "An EVPN instance"; 890 leaf name { 891 type string; 892 description "Name of EVPN instance"; 893 } 894 leaf evi { 895 type uint32; 896 description "evi"; 897 } 898 container pbb-parameters { 899 if-feature "evpn-pbb-params"; 900 description "PBB parameters"; 901 leaf source-bmac { 902 type yang:hex-string; 903 description "source-bmac"; 904 } 905 } 906 container bgp-parameters { 907 description "BGP parameters"; 908 container common { 909 description "BGP parameters common to all pseudowires"; 910 list rd-rt { 911 if-feature evpn-bgp-params; 912 key "route-distinguisher"; 913 leaf route-distinguisher { 914 type rt-types:route-distinguisher; 915 description "Route distinguisher"; 916 } 917 uses rt-types:vpn-route-targets; 918 description "A list of route distinguishers and " + 919 "corresponding VPN route targets"; 920 } 921 } 922 } 923 leaf arp-proxy { 924 type boolean; 925 default false; 926 description "Enable (TRUE) or disable (FALSE) ARP proxy"; 927 } 928 leaf arp-suppression { 929 type boolean; 930 default false; 931 description "Enable (TRUE) or disable (FALSE) " + 932 "ARP suppression"; 933 } 934 leaf nd-proxy { 935 type boolean; 936 default false; 937 description "Enable (TRUE) or disable (FALSE) ND proxy"; 938 } 939 leaf nd-suppression { 940 type boolean; 941 default false; 942 description "Enable (TRUE) or disable (FALSE) " + 943 "ND suppression"; 944 } 945 leaf underlay-multicast { 946 type boolean; 947 default false; 948 description "Enable (TRUE) or disable (FALSE) " + 949 "underlay multicast"; 950 } 951 leaf flood-unknown-unicast-supression { 952 type boolean; 953 default false; 954 description "Enable (TRUE) or disable (FALSE) " + 955 "flood unknown unicast suppression"; 956 } 957 leaf vpws-vlan-aware { 958 type boolean; 959 default false; 960 description "Enable (TRUE) or disable (FALSE) " + 961 "VPWS VLAN aware"; 962 } 963 container routes { 964 config false; 965 description "routes"; 966 list ethernet-auto-discovery-route { 967 uses route-rd-rt-grp; 968 leaf ethernet-segment-identifier { 969 type uint32; 970 description "Ethernet segment identifier (esi)"; 971 } 972 leaf ethernet-tag { 973 type uint32; 974 description "An ethernet tag (etag) indentifying a " + 975 "broadcast domain"; 976 } 977 list path { 978 uses next-hop-label-grp; 979 uses path-detail-grp; 980 description "path"; 981 } 982 description "ethernet-auto-discovery-route"; 983 } 984 list mac-ip-advertisement-route { 985 uses route-rd-rt-grp; 986 leaf ethernet-segment-identifier { 987 type uint32; 988 description "Ethernet segment identifier (esi)"; 989 } 990 leaf ethernet-tag { 991 type uint32; 992 description "An ethernet tag (etag) indentifying a " + 993 "broadcast domain"; 994 } 995 leaf mac-address { 996 type yang:hex-string; 997 description "Route mac address"; 998 } 999 leaf mac-address-length { 1000 type uint8 { 1001 range "0..48"; 1002 } 1003 description "mac address length"; 1004 } 1005 leaf ip-prefix { 1006 type inet:ip-prefix; 1007 description "ip-prefix"; 1008 } 1009 list path { 1010 uses next-hop-label-grp; 1011 uses next-hop-label2-grp; 1012 uses path-detail-grp; 1013 description "path"; 1015 } 1016 description "mac-ip-advertisement-route"; 1017 } 1018 list inclusive-multicast-ethernet-tag-route { 1019 uses route-rd-rt-grp; 1020 leaf ethernet-segment-identifier { 1021 type uint32; 1022 description "Ethernet segment identifier (esi)"; 1023 } 1024 leaf originator-ip-prefix { 1025 type inet:ip-prefix; 1026 description "originator-ip-prefix"; 1027 } 1028 list path { 1029 uses next-hop-label-grp; 1030 uses path-detail-grp; 1031 description "path"; 1032 } 1033 description "inclusive-multicast-ethernet-tag-route"; 1034 } 1035 list ethernet-segment-route { 1036 uses route-rd-rt-grp; 1037 leaf ethernet-segment-identifier { 1038 type uint32; 1039 description "Ethernet segment identifier (esi)"; 1040 } 1041 leaf originator-ip-prefix { 1042 type inet:ip-prefix; 1043 description "originator ip-prefix"; 1044 } 1045 list path { 1046 leaf next-hop { 1047 type inet:ip-address; 1048 description "next-hop"; 1049 } 1050 uses path-detail-grp; 1051 description "path"; 1052 } 1053 description "ethernet-segment-route"; 1054 } 1055 list ip-prefix-route { 1056 uses route-rd-rt-grp; 1057 leaf ethernet-segment-identifier { 1058 type uint32; 1059 description "Ethernet segment identifier (esi)"; 1060 } 1061 leaf ip-prefix { 1062 type inet:ip-prefix; 1063 description "ip-prefix"; 1064 } 1065 list path { 1066 uses next-hop-label-grp; 1067 uses path-detail-grp; 1068 description "path"; 1069 } 1070 description "ip-prefix route"; 1071 } 1072 } 1073 container statistics { 1074 config false; 1075 description "Statistics"; 1076 leaf tx-count { 1077 type uint32; 1078 description "transmission count"; 1079 } 1080 leaf rx-count { 1081 type uint32; 1082 description "receive count"; 1083 } 1084 container detail { 1085 description "Detailed statistics"; 1086 leaf broadcast-tx-count { 1087 type uint32; 1088 description "broadcast transmission count"; 1089 } 1090 leaf broadcast-rx-count { 1091 type uint32; 1092 description "broadcast receive count"; 1093 } 1094 leaf multicast-tx-count { 1095 type uint32; 1096 description "multicast transmission count"; 1097 } 1098 leaf multicast-rx-count { 1099 type uint32; 1100 description "multicast receive count"; 1101 } 1102 leaf unknown-unicast-tx-count { 1103 type uint32; 1104 description "unknown unicast transmission count"; 1105 } 1106 leaf unknown-unicast-rx-count { 1107 type uint32; 1108 description "unknown-unicast receive count"; 1109 } 1110 } 1112 } 1113 } 1114 } 1115 } 1117 /* augments */ 1119 augment "/pw:pseudowires/pw:pseudowire/pw:pw-type" { 1120 description "Augment for an L2VPN instance to add EVPN VPWS " + 1121 "pseudowire"; 1122 case evpn-pw { 1123 container evpn-pw { 1124 description "EVPN pseudowire"; 1125 leaf remote-id { 1126 type uint32; 1127 description "Remote pseudowire ID"; 1128 } 1129 leaf local-id { 1130 type uint32; 1131 description "Local pseudowire ID"; 1132 } 1133 } 1134 } 1135 } 1137 augment "/ni:network-instances/ni:network-instance/ni:ni-type" + 1138 "/l2vpn:l2vpn" { 1139 description "Augment for an L2VPN instance and EVPN association"; 1140 leaf evpn-instance { 1141 type evpn-instance-ref; 1142 description "Reference to an EVPN instance"; 1143 } 1144 } 1146 augment "/ni:network-instances/ni:network-instance/ni:ni-type" + 1147 "/l2vpn:l2vpn" { 1148 when "l2vpn:type = 'l2vpn:vpls-instance-type'" { 1149 description "Constraints only for VPLS pseudowires"; 1150 } 1151 description "Augment for VPLS instance"; 1152 container vpls-contstraints { 1153 must "not(boolean(/pw:pseudowires/pw:pseudowire" + 1154 " [pw:name = current()/../l2vpn:endpoint" + 1155 " /l2vpn:pw/l2vpn:name]" + 1156 " /evpn-pw/remote-id)) and " + 1157 "not(boolean(/pw:pseudowires/pw:pseudowire" + 1158 " [pw:name = current()/../l2vpn:endpoint" + 1159 " /l2vpn:pw/l2vpn:name]" + 1160 " /evpn-pw/local-id)) and " + 1161 "not(boolean(/pw:pseudowires/pw:pseudowire" + 1162 " [pw:name = current()/../l2vpn:endpoint" + 1163 " /l2vpn:primary-pw/l2vpn:name]" + 1164 " /evpn-pw/remote-id)) and " + 1165 "not(boolean(/pw:pseudowires/pw:pseudowire" + 1166 " [pw:name = current()/../l2vpn:endpoint" + 1167 " /l2vpn:primary-pw/l2vpn:name]" + 1168 " /evpn-pw/local-id)) and " + 1169 "not(boolean(/pw:pseudowires/pw:pseudowire" + 1170 " [pw:name = current()/../l2vpn:endpoint" + 1171 " /l2vpn:backup-pw/l2vpn:name]" + 1172 " /evpn-pw/remote-id)) and " + 1173 "not(boolean(/pw:pseudowires/pw:pseudowire" + 1174 " [pw:name = current()/../l2vpn:endpoint" + 1175 " /l2vpn:backup-pw/l2vpn:name]" + 1176 " /evpn-pw/local-id))" { 1177 description "A VPLS pseudowire must not be EVPN PW"; 1178 } 1179 description "VPLS constraints"; 1180 } 1181 } 1183 /* Notifications */ 1185 notification evpn-state-change-notification { 1186 description "EVPN state change notification"; 1187 leaf evpn-instance { 1188 type evpn-instance-ref; 1189 description "Related EVPN instance"; 1190 } 1191 leaf state { 1192 type identityref { 1193 base evpn-notification-state; 1194 } 1195 description "State change notification"; 1196 } 1197 } 1198 } 1199 1201 5. Security Considerations 1203 The configuration, state, action and notification data defined in 1204 this document are designed to be accessed via the NETCONF protocol 1205 [RFC6241]. The lowest NETCONF layer is the secure transport layer 1206 and the mandatory-to-implement secure transport is SSH [RFC6242]. The 1207 NETCONF access control model [RFC6536] provides means to restrict 1208 access for particular NETCONF users to a pre-configured subset of all 1209 available NETCONF protocol operations and content. 1211 The security concerns listed above are, however, no different than 1212 faced by other routing protocols. Hence, this draft does not change 1213 any underlying security issues inherent in [I-D.ietf-netmod-routing- 1214 cfg] 1216 6. IANA Considerations 1218 None. 1220 7. References 1222 7.1. Normative Reference 1224 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1225 Requirement Levels", BCP 14, RFC 2119, DOI 1226 10.17487/RFC2119, March 1997, . 1229 7.2. Informative References 1231 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 1232 and A. Bierman, Ed., "Network Configuration Protocol 1233 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 1234 . 1236 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 1237 the Network Configuration Protocol (NETCONF)", RFC 6020, 1238 DOI 10.17487/RFC6020, October 2010, . 1241 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 1242 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 1243 . 1245 [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration 1246 Protocol (NETCONF) Access Control Model", RFC 6536, DOI 1247 10.17487/RFC6536, March 2012, . 1250 [RFC7209] Sajassi, A., Aggarwal, R., Uttaro, J., Bitar, N., 1251 Henderickx, W., and A. Isaac, "Requirements for Ethernet 1252 VPN (EVPN)", RFC 7209, DOI 10.17487/RFC7209, May 2014, 1253 . 1255 [RFC7432] Sajassi, A., Ed., Aggarwal, R., Bitar, N., Isaac, A., 1256 Uttaro, J., Drake, J., and W. Henderickx, "BGP MPLS-Based 1257 Ethernet VPN", RFC 7432, DOI 10.17487/RFC7432, February 1258 2015, . 1260 [RFC7623] Sajassi, A., Ed., Salam, S., Bitar, N., Isaac, A., and W. 1261 Henderickx, "Provider Backbone Bridging Combined with 1262 Ethernet VPN (PBB-EVPN)", RFC 7623, DOI 10.17487/RFC7623, 1263 September 2015, . 1265 Authors' Addresses 1267 Patrice Brissette 1268 Cisco Systems, Inc. 1269 EMail: pbrisset@cisco.com 1271 Himanshu Shah 1272 Ciena Corporation 1273 EMail: hshah@ciena.com 1275 Helen Chen 1276 Jabil 1277 EMail: Ing-Wher_Chen@jabil.com 1279 Iftekar Hussain 1280 Infinera Corporation 1281 EMail: ihussain@infinera.com 1283 Kishore Tiruveedhula 1284 Juniper Networks 1285 EMail: kishoret@juniper.net 1287 Jorge Rabadan 1288 Nokia 1289 EMail: jorge.rabadan@nokia.com 1291 Ali Sajassi 1292 Cisco Systems, Inc. 1293 EMail: sajassi@cisco.com 1295 Zhenbin Li 1296 Huawei Technologies 1297 EMail: lizhenbin@huawei.com