idnits 2.17.1 draft-ietf-bess-mvpn-yang-04.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 1 instance of lines with private range IPv4 addresses in the document. If these are generic example addresses, they should be changed to use any of the ranges defined in RFC 6890 (or successor): 192.0.2.x, 198.51.100.x or 203.0.113.x. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 213 has weird spacing: '...cluding rout...' == Line 222 has weird spacing: '...private sour...' == Line 247 has weird spacing: '...t-value str...' == Line 297 has weird spacing: '...address ine...' == Line 373 has weird spacing: '...address ine...' == (3 more instances...) -- The document date (June 30, 2020) is 1396 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC7761' is mentioned on line 113, but not defined == Missing Reference: 'RFC4607' is mentioned on line 115, but not defined == Missing Reference: 'RFC5015' is mentioned on line 117, but not defined == Missing Reference: 'RFC6388' is mentioned on line 123, but not defined == Missing Reference: 'RFC4875' is mentioned on line 126, but not defined == Missing Reference: 'RFC8040' is mentioned on line 1521, but not defined == Missing Reference: 'RFC6242' is mentioned on line 1523, but not defined == Missing Reference: 'RFC8446' is mentioned on line 1525, but not defined == Missing Reference: 'RFC8341' is mentioned on line 1527, but not defined == Missing Reference: 'RFC3688' is mentioned on line 1611, but not defined ** Downref: Normative reference to an Historic RFC: RFC 6037 == Outdated reference: A later version (-05) exists of draft-ietf-bess-l3vpn-yang-04 Summary: 1 error (**), 0 flaws (~~), 19 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 BESS Working Group Y. Liu 2 Internet Draft China Mobile 3 Intended status: Standards Track F. Guo 4 Expires: Dec 30, 2020 Huawei 5 S. Litkowski 6 Cisco 7 X. Liu 8 Volta Networks 9 R. Kebler 10 M. Sivakumar 11 Juniper 12 June 30, 2020 14 Yang Data Model for Multicast in MPLS/BGP IP VPNs 15 draft-ietf-bess-mvpn-yang-04 17 Status of this Memo 19 This Internet-Draft is submitted in full conformance with the 20 provisions of BCP 78 and BCP 79. 22 Internet-Drafts are working documents of the Internet Engineering 23 Task Force (IETF), its areas, and its working groups. Note that 24 other groups may also distribute working documents as Internet- 25 Drafts. 27 Internet-Drafts are draft documents valid for a maximum of six 28 months and may be updated, replaced, or obsoleted by other documents 29 at any time. It is inappropriate to use Internet-Drafts as 30 reference material or to cite them other than as "work in progress." 32 The list of current Internet-Drafts can be accessed at 33 http://www.ietf.org/ietf/1id-abstracts.txt 35 The list of Internet-Draft Shadow Directories can be accessed at 36 http://www.ietf.org/shadow.html 38 This Internet-Draft will expire on December 30, 2020. 40 Copyright Notice 42 Copyright (c) 2020 IETF Trust and the persons identified as the 43 document authors. All rights reserved. 45 This document is subject to BCP 78 and the IETF Trust's Legal 46 Provisions Relating to IETF Documents 47 (http://trustee.ietf.org/license-info) in effect on the date of 48 publication of this document. Please review these documents 49 carefully, as they describe your rights and restrictions with 50 respect to this document. Code Components extracted from this 51 document must include Simplified BSD License text as described in 52 Section 4.e of the Trust Legal Provisions and are provided without 53 warranty as described in the Simplified BSD License. 55 Abstract 57 This document defines a YANG data model that can be used to 58 configure and manage multicast in MPLS/BGP IP VPNs. 60 Table of Contents 62 1. Introduction ................................................ 2 63 1.1. Terminology ............................................ 3 64 1.2. Tree Diagrams .......................................... 3 65 1.3. Prefixes in Data Node Names ............................ 4 66 2. Design of Data Model......................................... 4 67 2.1. Scope of Model ......................................... 4 68 2.2. Optional Capabilities .................................. 4 69 2.3. Position of Address Family in Hierarchy ................ 5 70 3. Module Structure ............................................ 5 71 4. MVPN YANG Modules .......................................... 13 72 5. Security Considerations .................................... 36 73 6. IANA Considerations ........................................ 38 74 7. References ................................................. 39 75 7.1. Normative References .................................. 39 76 7.2. Informative References ................................ 40 77 8. Acknowledgments ............................................ 40 78 Authors' Addresses ............................................ 41 80 1. Introduction 82 YANG [RFC6020] [RFC7950] is a data definition language that was 83 introduced to define the contents of a conceptual data store that 84 allows networked devices to be managed using NETCONF [RFC6241]. 85 YANG is proving relevant beyond its initial confines, as bindings to 86 other interfaces (e.g. REST) and encoding other than XML (e.g. JSON) 87 are being defined. Furthermore, YANG data models can be used as the 88 basis of implementation for other interface, such as CLI and 89 Programmatic APIs. 91 This document defines a YANG data model that can be used to 92 configure and manage Multicast in MPLS/BGP IP VPN (MVPN). It 93 includes Cisco systems' solution [RFC6037], BGP MVPN [RFC6513] 94 [RFC6514] etc. This model will support the core MVPN protocols, as 95 well as many other features mentioned in separate MVPN RFCs. In 96 addition, Non-core features described in MVPN standards other than 97 mentioned above RFC in separate documents. 99 1.1. Terminology 101 The terminology for describing YANG data models is found in 102 [RFC6020] & [RFC7950]. 104 The following abbreviations are used in this document and the 105 defined model: 107 MVPN: Multicast Virtual Private Network [RFC6513]. 109 PMSI: P-Multicast Service Interface [RFC6513]. 111 PIM: Protocol Independent Multicast [RFC7761]. 113 SM: Sparse Mode [RFC7761]. 115 SSM: Source Specific Multicast [RFC4607]. 117 BIDIR-PIM: Bidirectional Protocol Independent Multicast [RFC5015]. 119 MLDP P2MP: Multipoint Label Distribution Protocol for Point to 120 Multipoint [RFC6388]. 122 MLDP MP2MP: Multipoint Label Distribution Protocol for Multipoint to 123 Multipoint [RFC6388]. 125 RSVP TE P2MP: Resource Reservation Protocol - Traffic Engineering 126 for Point to Multipoint [RFC4875]. 128 BIER: Bit Index Explicit Replication [RFC8279]. 130 1.2. Tree Diagrams 132 Tree diagrams used in this document follow the notation defined in 133 [RFC8340]. 135 1.3. Prefixes in Data Node Names 137 In this document, names of data nodes, actions, and other data model 138 objects are often used without a prefix, as long as it is clear from 139 the context in which YANG module each name is defined. Otherwise, 140 names are prefixed using the standard prefix associated with the 141 corresponding YANG module, as shown in Table 1 143 +----------+---------------------------+----------------------------+ 144 | Prefix | YANG module | Reference | 145 +-----------+--------------------------+----------------------------+ 146 | ni | ietf-network-instance | [RFC8529] | 147 | l3vpn | ietf-bgp-l3vpn | [I-D.ietf-l3vpn-yang] | 148 | inet | ietf-inet-types | [RFC6991] | 149 | rt-types | ietf-routing-types | [RFC8294] | 150 | acl | ietf-access-control-list | [RFC8519] | 151 +-----------+--------------------------+----------------------------+ 152 Table 1: Prefixes and Corresponding YANG Modules 154 2. Design of Data Model 156 2.1. Scope of Model 158 The model covers Rosen MVPN [RFC6037], BGP MVPN [RFC6513] [RFC6514]. 159 The configuration of MVPN features, and the operational state fields 160 and RPC definitions are not all included in this document of the 161 data model. This model can be extended, though the structure of what 162 has been written may be taken as representative of the structure of 163 the whole model. 165 This model does not cover other MVPN related protocols such as MVPN 166 Extranet [RFC7900] or MVPN MLDP In-band signaling [RFC7246] etc., 167 these will be specified in separate documents. 169 2.2. Optional Capabilities 171 This model is designed to represent the capabilities of MVPN devices 172 with various specifications, including some with basic subsets of 173 the MVPN protocols. The main design goals of this document are that 174 any major now-existing implementation may be said to support the 175 basic model, and that the configuration of all implementations 176 meeting the specification is easy to express through some 177 combination of the features in the basic model and simple vendor 178 augmentations. 180 On the other hand, operational state parameters are not so widely 181 designated as features, as there are many cases where the defaulting 182 of an operational state parameter would not cause any harm to the 183 system, and it is much more likely that an implementation without 184 native support for a piece of operational state would be able to 185 derive a suitable value for a state variable that is not natively 186 supported. 188 For the same reason, wide constant ranges (for example, timer 189 maximum and minimum) will be used in the model. It is expected that 190 vendors will augment the model with any specific restrictions that 191 might be required. Vendors may also extend the features list with 192 proprietary extensions. 194 2.3. Position of Address Family in Hierarchy 196 The current draft contains MVPN IPv4 and IPv6 as separate schema 197 branches in the structure. The reason for this is to inherit l3vpn 198 yang model structure and make it easier for implementations which 199 may optionally choose to support specific address families. And the 200 names of some objects may be different between the IPv4 and IPv6 201 address families. 203 3. Module Structure 205 The MVPN YANG model follows the Guidelines for YANG Module Authors 206 (NMDA) [RFC8342]. The operational state data is combined with the 207 associated configuration data in the same hierarchy [RFC8407]. The 208 MVPN modules define for both IPv4 and IPv6 in a two-level hierarchy 209 as listed below: 211 Instance level: Only including configuration data nodes now. MVPN 212 configuration attributes for the entire routing instance, 213 including route-target, I-PMSI tunnel and S-PMSI number, common 214 timer etc. 216 PMSI tunnel level: MVPN configuration attributes applicable to the 217 I-PMSI and per S-PMSI tunnel configuration attributes, including 218 tunnel mode, tunnel specific parameters and threshold etc. MVPN 219 PMSI tunnel operational state attributes applicable to the I- 220 PMSI and per S-PMSI tunnel operational state attributes, 221 including tunnel mode, tunnel role, tunnel specific parameters 222 and referenced private source and group address etc. 224 Where fields are not genuinely essential to protocol operation, they 225 are marked as optional. Some fields will be essential but have a 226 default specified, so that they need not be configured explicitly. 228 This MVPN model augments "/ni:network-instances/ni:network- 229 instance/ni:ni-type/l3vpn:l3vpn/l3vpn:l3vpn/l3vpn:ipv4:" for IPv4 230 MVPN service and "/ni:network-instances/ni:network-instance/ni:ni- 231 type/l3vpn:l3vpn/l3vpn:l3vpn/l3vpn:ipv6" for IPv6 MVPN service 232 specified in [I-D.ietf-l3vpn-yang]. 234 augment /ni:network-instances/ni:network-instance/ni:ni-type 235 /l3vpn:l3vpn/l3vpn:l3vpn/l3vpn:ipv4: 236 +--rw multicast 237 +--rw signaling-mode? enumeration 238 +--rw auto-discovery-mode? enumeration 239 +--rw mvpn-type? enumeration 240 +--rw is-sender-site? boolean {mvpn-sender}? 241 +--rw rpt-spt-mode? enumeration 242 +--rw ecmp-load-balance-mode? 243 | enumeration {mvpn-ecmp-load-balance}? 244 +--rw mvpn-route-targets {mvpn-separate-rt}? 245 | +--rw mvpn-route-target* [mvpn-rt-type mvpn-rt-value] 246 | +--rw mvpn-rt-type enumeration 247 | +--rw mvpn-rt-value string 248 +--rw mvpn-ipmsi-tunnel-ipv4 249 | +--rw tunnel-type? p-tunnel 250 | +--rw (ipmsi-tunnel-attribute)? 251 | | +--:(rsvp-te-p2mp) 252 | | | +--rw rsvp-te-p2mp-template? string 253 | | +--:(mldp-p2mp) 254 | | +--:(pim-ssm) 255 | | | +--rw ssm-default-group-addr? 256 | | | rt-types:ip-multicast-group-address 257 | | +--:(pim-sm) 258 | | | +--rw sm-default-group-addr? 259 | | | rt-types:ip-multicast-group-address 260 | | +--:(bidir-pim) 261 | | | +--rw bidir-default-group-addr? 262 | | | rt-types:ip-multicast-group-address 263 | | +--:(ingress-replication) 264 | | +--:(mldp-mp2mp) 265 | | +--:(bier) 266 | | +--rw inclusive-sub-domain-id? uint8 267 | | +--rw inclusive-bitstring-length? uint16 268 | +--ro (pmsi-tunnel-state-attribute)? 269 | | +--:(rsvp-te-p2mp) 270 | | | +--ro p2mp-id? uint16 271 | | | +--ro tunnel-id? uint16 272 | | | +--ro extend-tunnel-id? uint16 273 | | +--:(mldp-p2mp) 274 | | | +--ro mldp-root-addr? inet:ip-address 275 | | | +--ro mldp-lsp-id? string 276 | | +--:(pim-ssm) 277 | | | +--ro ssm-group-addr? 278 | | | rt-types:ip-multicast-group-address 279 | | +--:(pim-sm) 280 | | | +--ro sm-group-addr? 281 | | | rt-types:ip-multicast-group-address 282 | | +--:(bidir-pim) 283 | | | +--ro bidir-group-addr? 284 | | | rt-types:ip-multicast-group-address 285 | | +--:(ingress-replication) 286 | | +--:(mldp-mp2mp) 287 | | +--:(bier) 288 | | +--ro sub-domain-id? uint8 289 | | +--ro bitstring-length? uint16 290 | | +--ro bfir-id? uint16 291 | +--ro tunnel-role? enumeration 292 | +--ro upstream-vpn-label? 293 | | rt-types:mpls-label {mvpn-aggregation-tunnel}? 294 | +--ro mvpn-pmsi-ipv4-ref-sg-entries 295 | +--ro mvpn-pmsi-ipv4-ref-sg-entries* 296 | [ipv4-source-address ipv4-group-address] 297 | +--ro ipv4-source-address inet:ipv4-address 298 | +--ro ipv4-group-address 299 | rt-types:ipv4-multicast-group-address 300 +--rw mvpn-spmsi-tunnels-ipv4 301 +--rw switch-delay-time? uint8 302 +--rw switch-back-holddown-time? uint16 303 +--rw tunnel-limit? uint16 304 +--rw mvpn-spmsi-tunnel-ipv4* [tunnel-type] 305 +--rw tunnel-type p-tunnel 306 +--rw (spmsi-tunnel-attribute)? 307 | +--:(rsvp-te-p2mp) 308 | | +--rw rsvp-te-p2mp-template? string 309 | +--:(p2mp-mldp) 310 | +--:(pim-ssm) 311 | | +--rw ssm-group-pool-addr? 312 | | | rt-types:ip-multicast-group-address 313 | | +--rw ssm-group-pool-masklength? uint8 314 | +--:(pim-sm) 315 | | +--rw sm-group-pool-addr? 316 | | | rt-types:ip-multicast-group-address 317 | | +--rw sm-group-pool-masklength? uint8 318 | +--:(bidir-pim) 319 | | +--rw bidir-group-pool-addr? 320 | | | rt-types:ip-multicast-group-address 321 | | +--rw bidir-group-pool-masklength? uint8 322 | +--:(ingress-replication) 323 | +--:(mldp-mp2mp) 324 | +--:(bier) 325 | +--rw selective-sub-domain-id? uint8 326 | +--rw selective-bitstring-length? uint16 327 +--rw switch-threshold? uint32 328 +--rw per-item-tunnel-limit? uint16 329 +--rw switch-wildcard-mode? 330 | enumeration {mvpn-switch-wildcard}? 331 +--rw explicit-tracking-mode? 332 | enumeration {mvpn-explicit-tracking}? 333 +--rw (address-mask-or-acl)? 334 | +--:(address-mask) 335 | | +--rw ipv4-group-addr? 336 | | | rt-types:ipv4-multicast-group-address 337 | | +--rw ipv4-group-masklength? uint8 338 | | +--rw ipv4-source-addr? 339 | | | inet:ipv4-address 340 | | +--rw ipv4-source-masklength? uint8 341 | +--:(acl-name) 342 | +--rw group-acl-ipv4? 343 | -> /acl:acls/acl/name 344 +--ro (pmsi-tunnel-state-attribute)? 345 | +--:(rsvp-te-p2mp) 346 | | +--ro p2mp-id? uint16 347 | | +--ro tunnel-id? uint16 348 | | +--ro extend-tunnel-id? uint16 349 | +--:(mldp-p2mp) 350 | | +--ro mldp-root-addr? inet:ip-address 351 | | +--ro mldp-lsp-id? string 352 | +--:(pim-ssm) 353 | | +--ro ssm-group-addr? 354 | | rt-types:ip-multicast-group-address 355 | +--:(pim-sm) 356 | | +--ro sm-group-addr? 357 | | rt-types:ip-multicast-group-address 358 | +--:(bidir-pim) 359 | | +--ro bidir-group-addr? 360 | | rt-types:ip-multicast-group-address 361 | +--:(ingress-replication) 362 | +--:(mldp-mp2mp) 363 | +--:(bier) 364 | +--ro sub-domain-id? uint8 365 | +--ro bitstring-length? uint16 366 | +--ro bfir-id? uint16 367 +--ro tunnel-role? enumeration 368 +--ro upstream-vpn-label? 369 | rt-types:mpls-label {mvpn-aggregation-tunnel}? 370 +--ro mvpn-pmsi-ipv4-ref-sg-entries 371 +--ro mvpn-pmsi-ipv4-ref-sg-entries* 372 [ipv4-source-address ipv4-group-address] 373 +--ro ipv4-source-address inet:ipv4-address 374 +--ro ipv4-group-address 375 rt-types:ipv4-multicast-group-address 376 augment /ni:network-instances/ni:network-instance/ni:ni-type 377 /l3vpn:l3vpn/l3vpn:l3vpn/l3vpn:ipv6: 378 +--rw multicast 379 +--rw signaling-mode? enumeration 380 +--rw auto-discovery-mode? enumeration 381 +--rw mvpn-type? enumeration 382 +--rw is-sender-site? boolean {mvpn-sender}? 383 +--rw rpt-spt-mode? enumeration 384 +--rw ecmp-load-balance-mode? 385 | enumeration {mvpn-ecmp-load-balance}? 386 +--rw mvpn-route-targets {mvpn-separate-rt}? 387 | +--rw mvpn-route-target* [mvpn-rt-type mvpn-rt-value] 388 | +--rw mvpn-rt-type enumeration 389 | +--rw mvpn-rt-value string 390 +--rw mvpn-ipmsi-tunnel-ipv6 391 | +--rw tunnel-type? p-tunnel 392 | +--rw (ipmsi-tunnel-attribute)? 393 | | +--:(rsvp-te-p2mp) 394 | | | +--rw rsvp-te-p2mp-template? string 395 | | +--:(mldp-p2mp) 396 | | +--:(pim-ssm) 397 | | | +--rw ssm-default-group-addr? 398 | | | rt-types:ip-multicast-group-address 399 | | +--:(pim-sm) 400 | | | +--rw sm-default-group-addr? 401 | | | rt-types:ip-multicast-group-address 402 | | +--:(bidir-pim) 403 | | | +--rw bidir-default-group-addr? 404 | | | rt-types:ip-multicast-group-address 405 | | +--:(ingress-replication) 406 | | +--:(mldp-mp2mp) 407 | | +--:(bier) 408 | | +--rw inclusive-sub-domain-id? uint8 409 | | +--rw inclusive-bitstring-length? uint16 410 | +--ro (pmsi-tunnel-state-attribute)? 411 | | +--:(rsvp-te-p2mp) 412 | | | +--ro p2mp-id? uint16 413 | | | +--ro tunnel-id? uint16 414 | | | +--ro extend-tunnel-id? uint16 415 | | +--:(mldp-p2mp) 416 | | | +--ro mldp-root-addr? inet:ip-address 417 | | | +--ro mldp-lsp-id? string 418 | | +--:(pim-ssm) 419 | | | +--ro ssm-group-addr? 420 | | | rt-types:ip-multicast-group-address 421 | | +--:(pim-sm) 422 | | | +--ro sm-group-addr? 423 | | | rt-types:ip-multicast-group-address 424 | | +--:(bidir-pim) 425 | | | +--ro bidir-group-addr? 426 | | | rt-types:ip-multicast-group-address 427 | | +--:(ingress-replication) 428 | | +--:(mldp-mp2mp) 429 | | +--:(bier) 430 | | +--ro sub-domain-id? uint8 431 | | +--ro bitstring-length? uint16 432 | | +--ro bfir-id? uint16 433 | +--ro tunnel-role? enumeration 434 | +--ro upstream-vpn-label? 435 | | rt-types:mpls-label {mvpn-aggregation-tunnel}? 436 | +--ro mvpn-pmsi-ipv6-ref-sg-entries 437 | +--ro mvpn-pmsi-ipv6-ref-sg-entries* 438 | [ipv6-source-address ipv6-group-address] 439 | +--ro ipv6-source-address inet:ipv6-address 440 | +--ro ipv6-group-address 441 | rt-types:ipv6-multicast-group-address 442 +--rw mvpn-spmsi-tunnels-ipv6 443 +--rw switch-delay-time? uint8 444 +--rw switch-back-holddown-time? uint16 445 +--rw tunnel-limit? uint16 446 +--rw mvpn-spmsi-tunnel-ipv6* [tunnel-type] 447 +--rw tunnel-type p-tunnel 448 +--rw (spmsi-tunnel-attribute)? 449 | +--:(rsvp-te-p2mp) 450 | | +--rw rsvp-te-p2mp-template? string 451 | +--:(p2mp-mldp) 452 | +--:(pim-ssm) 453 | | +--rw ssm-group-pool-addr? 454 | | rt-types:ip-multicast-group-address 455 | | +--rw ssm-group-pool-masklength? uint8 456 | +--:(pim-sm) 457 | | +--rw sm-group-pool-addr? 458 | | rt-types:ip-multicast-group-address 459 | | +--rw sm-group-pool-masklength? uint8 460 | +--:(bidir-pim) 461 | | +--rw bidir-group-pool-addr? 462 | | rt-types:ip-multicast-group-address 463 | | +--rw bidir-group-pool-masklength? uint8 464 | +--:(ingress-replication) 465 | +--:(mldp-mp2mp) 466 | +--:(bier) 467 | +--rw selective-sub-domain-id? uint8 468 | +--rw selective-bitstring-length? uint16 469 +--rw switch-threshold? uint32 470 +--rw per-item-tunnel-limit? uint16 471 +--rw switch-wildcard-mode? 472 | enumeration {mvpn-switch-wildcard}? 473 +--rw explicit-tracking-mode? 474 | enumeration {mvpn-explicit-tracking}? 475 +--rw (address-mask-or-acl)? 476 | +--:(address-mask) 477 | | +--rw ipv6-group-addr? 478 | | | rt-types:ipv6-multicast-group-address 479 | | +--rw ipv6-groupmasklength? uint8 480 | | +--rw ipv6-source-addr? 481 | | | inet:ipv6-address 482 | | +--rw ipv6-source-masklength? uint8 483 | +--:(acl-name) 484 | +--rw group-acl-ipv6? 485 | -> /acl:acls/acl/name 486 +--ro (pmsi-tunnel-state-attribute)? 487 | +--:(rsvp-te-p2mp) 488 | | +--ro p2mp-id? uint16 489 | | +--ro tunnel-id? uint16 490 | | +--ro extend-tunnel-id? uint16 491 | +--:(mldp-p2mp) 492 | | +--ro mldp-root-addr? inet:ip-address 493 | | +--ro mldp-lsp-id? string 494 | +--:(pim-ssm) 495 | | +--ro ssm-group-addr? 496 | | rt-types:ip-multicast-group-address 497 | +--:(pim-sm) 498 | | +--ro sm-group-addr? 499 | | rt-types:ip-multicast-group-address 500 | +--:(bidir-pim) 501 | | +--ro bidir-group-addr? 502 | | rt-types:ip-multicast-group-address 503 | +--:(ingress-replication) 504 | +--:(mldp-mp2mp) 505 | +--:(bier) 506 | +--ro sub-domain-id? uint8 507 | +--ro bitstring-length? uint16 508 | +--ro bfir-id? uint16 509 +--ro tunnel-role? enumeration 510 +--ro upstream-vpn-label? 511 | rt-types:mpls-label {mvpn-aggregation-tunnel}? 512 +--ro mvpn-pmsi-ipv6-ref-sg-entries 513 +--ro mvpn-pmsi-ipv6-ref-sg-entries* 514 [ipv6-source-address ipv6-group-address] 515 +--ro ipv6-source-address inet:ipv6-address 516 +--ro ipv6-group-address 517 rt-types:ipv6-multicast-group-address 519 4. MVPN YANG Modules 521 file ietf-mvpn@2019-12-02.yang 522 module ietf-mvpn { 523 yang-version 1.1; 524 namespace "urn:ietf:params:xml:ns:yang:ietf-mvpn"; 525 prefix mvpn; 527 import ietf-network-instance { 528 prefix ni; 529 } 531 import ietf-bgp-l3vpn { 532 prefix l3vpn; 533 } 535 import ietf-inet-types { 536 prefix inet; 537 } 539 import ietf-routing-types { 540 prefix rt-types; 541 } 543 import ietf-access-control-list { 544 prefix acl; 545 } 547 organization 548 "IETF BESS(BGP Enabled Services) Working Group"; 549 contact 550 " 551 Yisong Liu 552 553 Stephane Litkowski 554 555 Feng Guo 556 557 Xufeng Liu 558 559 Robert Kebler 560 561 Mahesh Sivakumar 562 "; 563 description 564 "This YANG module defines the generic configuration 565 and operational state data for mvpn, which is common across 566 all of the vendor implementations of the protocol. It is 567 intended that the module will be extended by vendors to 568 define vendor-specific mvpn parameters."; 570 revision 2019-12-02 { 571 description 572 "Update the contact information of co-authors."; 573 reference 574 "RFC XXXX: A YANG Data Model for MVPN"; 575 } 576 revision 2019-03-05 { 577 description 578 "Add bier as a type of P-Tunnel and Errata."; 579 reference 580 "RFC XXXX: A YANG Data Model for MVPN"; 581 } 582 revision 2018-11-08 { 583 description 584 "Update for leaf type and reference."; 585 reference 586 "RFC XXXX: A YANG Data Model for MVPN"; 587 } 588 revision 2018-05-10 { 589 description 590 "Update for Model structure and errata."; 591 reference 592 "RFC XXXX: A YANG Data Model for MVPN"; 593 } 594 revision 2017-09-15 { 595 description 596 "Update for NMDA version and errata."; 597 reference 598 "RFC XXXX: A YANG Data Model for MVPN"; 599 } 600 revision 2017-07-03 { 601 description 602 "Update S-PMSI configuration and errata."; 603 reference 604 "RFC XXXX: A YANG Data Model for MVPN"; 605 } 606 revision 2016-10-28 { 607 description 608 "Initial revision."; 609 reference 610 "RFC XXXX: A YANG Data Model for MVPN"; 611 } 612 /* Features */ 613 feature mvpn-sender { 614 description 615 "Support configuration to specify the current PE as the 616 sender PE"; 617 } 618 feature mvpn-separate-rt { 619 description 620 "Support route-targets configuration of MVPN when they are 621 different from the route-targets of unicast L3VPN."; 622 } 623 feature mvpn-switch-wildcard { 624 description 625 "Support configuration to use wildcard mode when multicast 626 packets switch from I-PMSI to S-PMSI."; 627 } 628 feature mvpn-explicit-tracking { 629 description 630 "Support configuration to use explicit tracking for leaf PEs 631 when multicast packets forward by I-PMSI or S-PMSI."; 632 } 633 feature mvpn-aggregation-tunnel { 634 description 635 "Support more than one VPN multicast service to use the same 636 p-tunnel."; 637 } 638 feature mvpn-ecmp-load-balance { 639 description 640 "Support multicast entries in the private network to be 641 distributed on the ECMP path of bier in the public 642 network."; 643 } 645 typedef p-tunnel { 646 type enumeration { 647 enum no-tunnel-present { 648 value 0; 649 description "No tunnel information present"; 650 } 651 enum rsvp-te-p2mp { 652 value 1; 653 description "RSVP TE P2MP tunnel"; 654 } 655 enum mldp-p2mp { 656 value 2; 657 description "MLDP P2MP tunnel"; 658 } 659 enum pim-ssm { 660 value 3; 661 description "PIM SSM tree in public net"; 662 } 663 enum pim-sm { 664 value 4; 665 description "PIM SM tree in public net"; 666 } 667 enum bidir-pim { 668 value 5; 669 description "BIDIR-PIM tree in public net"; 670 } 671 enum ingress-replication { 672 value 6; 673 description "Ingress Replication p2p tunnel."; 674 } 675 enum mldp-mp2mp { 676 value 7; 677 description "MLDP MP2MP tunnel"; 678 } 679 enum bier { 680 value 11; 681 description "bier underlay"; 682 } 684 } 685 description "Provider tunnel type definition."; 686 } 688 grouping mvpn-instance-config { 689 description "Mvpn basic configuration per instance."; 691 leaf signaling-mode { 692 type enumeration { 693 enum none { 694 value 0; 695 description "No signaling"; 696 } 697 enum bgp { 698 value 1; 699 description "bgp signaling"; 700 } 701 enum pim { 702 value 2; 703 description "pim signaling"; 704 } 705 enum mldp-in-band { 706 value 3; 707 description "mldp in-band signaling"; 708 } 709 } 710 default "none"; 711 description "Signaling mode for C-multicast route."; 712 } 713 leaf auto-discovery-mode { 714 type enumeration { 715 enum none { 716 value 0; 717 description "no auto-discovery signaling"; 718 } 719 enum pim { 720 value 1; 721 description "auto-discovery by PIM signaling"; 722 } 723 enum bgp { 724 value 2; 725 description "auto-discovery by BGP signaling"; 727 } 728 } 729 default "none"; 730 description "Auto discovery mode of MVPN PE members."; 731 } 732 leaf mvpn-type { 733 type enumeration { 734 enum rosen-mvpn { 735 value 0; 736 description "Rosen mvpn mode referenced RFC6037"; 737 } 738 enum ng-mvpn { 739 value 1; 740 description 741 "BGP/MPLS mvpn mode referenced RFC6513&RFC6514"; 742 } 743 } 744 default "ng-mvpn"; 745 description 746 "Mvpn type, which can be rosen mvpn mode or ng mvpn mode."; 747 } 748 leaf is-sender-site { 749 if-feature mvpn-sender; 750 type boolean; 751 default false; 752 description "Configure the current PE as a sender PE."; 753 } 754 leaf rpt-spt-mode { 755 type enumeration { 756 enum spt-only { 757 value 0; 758 description 759 "Only spt entries can cross the public net."; 760 } 761 enum rpt-spt { 762 value 1; 763 description 764 "Both rpt and spt entries can corss the public net."; 765 } 766 } 767 description 768 "ASM mode in multicast private network for crossing 769 public net."; 770 } 771 leaf ecmp-load-balance-mode { 772 if-feature mvpn-ecmp-load-balance; 773 type enumeration { 774 enum none { 775 value 0; 776 description 777 "No load balancing for multicast entries."; 778 } 779 enum source { 780 value 1; 781 description 782 "Load balancing based on multicast source address."; 783 } 784 enum group { 785 value 2; 786 description 787 "Load balancing based on multicast group address."; 788 } 789 enum source-group { 790 value 3; 791 description 792 "Load balancing based on multicast source and group 793 address."; 794 } 795 } 796 description 797 "Distribution mode of multicast entries in the private 798 network on the ECMP path of bier in the public network."; 799 } 800 }/* mvpn-instance-config */ 802 grouping mvpn-rts { 803 description 804 "May be different from l3vpn unicast route-targets."; 805 container mvpn-route-targets{ 806 if-feature mvpn-separate-rt; 807 description "Multicast vpn route-targets"; 808 list mvpn-route-target { 809 key "mvpn-rt-type mvpn-rt-value" ; 810 description 811 "List of multicast route-targets" ; 812 leaf mvpn-rt-type { 813 type enumeration { 814 enum export-extcommunity { 815 value 0; 816 description "export-extcommunity"; 817 } 818 enum import-extcommunity { 819 value 1; 820 description "import-extcommunity"; 821 } 822 } 823 description 824 "rt types are as follows: 825 export-extcommunity: specifies the value of 826 the extended community attribute of the 827 route from an outbound interface to the 828 destination vpn. 829 import-extcommunity: receives routes that 830 carry the specified extended community 831 attribute"; 832 } 833 leaf mvpn-rt-value { 834 type string { 835 length "3..21"; 836 } 837 description 838 "the available mvpn target formats are as 839 follows: 840 - 16-bit as number:32-bit user-defined 841 number, for example, 1:3. an as number 842 ranges from 0 to 65535, and a user-defined 843 number ranges from 0 to 4294967295. The as 844 number and user-defined number cannot be 845 both 0s. That is, a vpn target cannot be 0:0. 846 - 32-bit ip address:16-bit user-defined 847 number, for example, 192.168.122.15:1. 848 The ip address ranges from 0.0.0.0 to 849 255.255.255.255, and the user-defined 850 number ranges from 0 to 65535."; 851 } 852 } 854 } 855 } 857 grouping mvpn-ipmsi-tunnel-config { 858 description 859 "Configuration of default mdt for rosen mvpn 860 and I-PMSI for ng mvpn"; 861 leaf tunnel-type { 862 type p-tunnel; 863 description "I-PMSI tunnel type."; 864 } 865 choice ipmsi-tunnel-attribute { 866 description "I-PMSI tunnel attributes configuration"; 867 case rsvp-te-p2mp { 868 description "RSVP TE P2MP tunnel"; 869 leaf rsvp-te-p2mp-template { 870 type string { 871 length "1..31"; 872 } 873 description "RSVP TE P2MP tunnel template"; 874 } 875 } 876 case mldp-p2mp { 877 description "MLDP P2MP tunnel"; 878 } 879 case pim-ssm { 880 description "PIM SSM tree in the public net"; 881 leaf ssm-default-group-addr { 882 type rt-types:ip-multicast-group-address; 883 description 884 "Default mdt or I-PMSI group address for SSM mode."; 885 } 886 } 887 case pim-sm { 888 description "PIM SM tree in the public net"; 889 leaf sm-default-group-addr { 890 type rt-types:ip-multicast-group-address; 891 description 892 "Default mdt or I-PMSI group address for SM mode."; 893 } 894 } 895 case bidir-pim { 896 description "BIDIR PIM tree in the public net"; 897 leaf bidir-default-group-addr { 898 type rt-types:ip-multicast-group-address; 899 description 900 "Default mdt or I-PMSI group address for BIDIR mode."; 901 } 902 } 903 case ingress-replication { 904 description "Ingress replication p2p tunnel"; 905 } 906 case mldp-mp2mp { 907 description "MLDP MP2MP tunnel"; 908 } 909 case bier { 910 description "bier underlay"; 911 leaf inclusive-sub-domain-id { 912 type uint8; 913 description "Subdomain ID of bier."; 914 } 915 leaf inclusive-bitstring-length { 916 type uint16 { 917 range "64|128|256|512|1024|2048|4096"; 918 } 919 description "BitString length of bier underlay."; 920 } 921 } 922 } 923 }/* mvpn-ipmsi-tunnel-config */ 925 grouping mvpn-spmsi-tunnel-per-item-config { 926 description "S-PMSI tunnel basic configuration"; 927 leaf tunnel-type { 928 type p-tunnel; 929 description "S-PMSI tunnel type."; 930 } 931 choice spmsi-tunnel-attribute { 932 description "S-PMSI tunnel attributes configuration"; 933 case rsvp-te-p2mp { 934 description "RSVP TE P2MP tunnel"; 935 leaf rsvp-te-p2mp-template { 936 type string { 937 length "1..31"; 939 } 940 description "RSVP TE P2MP tunnel template"; 941 } 942 } 943 case p2mp-mldp { 944 description "MLDP P2MP tunnel"; 945 } 946 case pim-ssm { 947 description "PIM SSM tree in the public net"; 948 leaf ssm-group-pool-addr { 949 type rt-types:ip-multicast-group-address; 950 description 951 "Group pool address for data mdt or s-pmsi in SSM 952 mode"; 953 } 954 leaf ssm-group-pool-masklength { 955 type uint8 { 956 range "8..128"; 957 } 958 description 959 "Group pool mask length for data mdt or s-pmsi in 960 SSM mode"; 961 } 962 } 963 case pim-sm { 964 description "PIM SM tree in the public net"; 965 leaf sm-group-pool-addr { 966 type rt-types:ip-multicast-group-address; 967 description 968 "Group pool address for data mdt or s-pmsi in SM mode"; 969 } 970 leaf sm-group-pool-masklength { 971 type uint8 { 972 range "8..128"; 973 } 974 description 975 "Group pool mask length for data mdt or s-pmsi in 976 SM mode"; 977 } 978 } 979 case bidir-pim { 980 description "BIDIR PIM tree in the public net"; 981 leaf bidir-group-pool-addr { 982 type rt-types:ip-multicast-group-address; 983 description 984 "Group pool address for data mdt or s-pmsi in 985 BIDIR mode"; 986 } 987 leaf bidir-group-pool-masklength { 988 type uint8 { 989 range "8..128"; 990 } 991 description 992 "Group pool mask length for data mdt or s-pmsi in 993 BIDIR mode"; 994 } 995 } 996 case ingress-replication { 997 description "Ingress replication p2p tunnel"; 998 } 999 case mldp-mp2mp { 1000 description "MLDP MP2MP tunnel"; 1001 } 1002 case bier { 1003 description "bier underlay"; 1004 leaf selective-sub-domain-id { 1005 type uint8; 1006 description "Subdomain ID of bier."; 1007 } 1008 leaf selective-bitstring-length { 1009 type uint16 { 1010 range "64|128|256|512|1024|2048|4096"; 1011 } 1012 description "BitString length of bier underlay."; 1013 } 1014 } 1015 } 1016 leaf switch-threshold { 1017 type uint32 { 1018 range "0..4194304"; 1019 } 1020 units kbps; 1021 default 0; 1022 description 1023 "Multicast packet rate threshold for 1024 triggering the switching from the 1025 I-PMSI to the S-PMSI. The value is 1026 an integer ranging from 0 to 4194304, in 1027 kbps. The default value is 0."; 1028 } 1029 leaf per-item-tunnel-limit { 1030 type uint16 { 1031 range "1..1024"; 1032 } 1033 description 1034 "Maximum number of S-PMSI tunnels allowed 1035 per S-PMSI configuration item per mvpn instance."; 1036 } 1037 leaf switch-wildcard-mode { 1038 if-feature mvpn-switch-wildcard; 1039 type enumeration { 1040 enum source-group { 1041 value 0; 1042 description 1043 "Wildcard neither for source or group address."; 1044 } 1045 enum star-star { 1046 value 1; 1047 description 1048 "Wildcard for both source and group address."; 1049 } 1050 enum star-group { 1051 value 2; 1052 description 1053 "Wildcard only for source address."; 1054 } 1055 enum source-star { 1056 value 3; 1057 description 1058 "Wildcard only for group address."; 1059 } 1060 } 1061 description 1062 "I-PMSI switching to S-PMSI mode for private net 1063 wildcard mode, which including (*,*), (*,G), (S,*), 1064 (S,G) four modes."; 1066 } 1067 leaf explicit-tracking-mode { 1068 if-feature mvpn-explicit-tracking; 1069 type enumeration { 1070 enum no-leaf-info-required { 1071 value 0; 1072 description "No need to track leaf information."; 1073 } 1074 enum leaf-info-required { 1075 value 1; 1076 description "Need to track leaf information."; 1077 } 1078 enum leaf-info-required-per-flow { 1079 value 2; 1080 description 1081 "Need to track leaf information based on 1082 per multicast flow."; 1083 } 1084 } 1085 description "Tracking mode for leaf information."; 1086 } 1087 }/* mvpn-spmsi-tunnel-per-item-config */ 1089 grouping mvpn-spmsi-tunnel-common-config { 1090 description 1091 "Data mdt for rosen mvpn or S-PMSI for ng mvpn configuration 1092 attributes for both IPv4 and IPv6 private network"; 1093 leaf switch-delay-time { 1094 type uint8 { 1095 range "3..60"; 1096 } 1097 units seconds; 1098 default 5; 1099 description 1100 "Delay for switching from the I-PMSI to 1101 the S-PMSI. The value is an integer 1102 ranging from 3 to 60, in seconds. "; 1103 } 1104 leaf switch-back-holddown-time { 1105 type uint16 { 1106 range "0..512"; 1107 } 1108 units seconds; 1109 default 60; 1110 description 1111 "Delay for switching back from the S-PMSI 1112 to the I-PMSI. The value is an integer 1113 ranging from 0 to 512, in seconds. "; 1114 } 1115 leaf tunnel-limit { 1116 type uint16 { 1117 range "1..8192"; 1118 } 1119 description 1120 "Maximum number of s-pmsi tunnels allowed 1121 per mvpn instance."; 1122 } 1123 }/* mvpn-spmsi-tunnel-common-config */ 1125 grouping mvpn-pmsi-state { 1126 description "PMSI tunnel operational state information"; 1128 choice pmsi-tunnel-state-attribute { 1129 config false; 1130 description 1131 "PMSI tunnel operational state information for each type"; 1132 case rsvp-te-p2mp { 1133 description "RSVP TE P2MP tunnel"; 1134 leaf p2mp-id { 1135 type uint16 { 1136 range "0..65535"; 1137 } 1138 description "P2MP ID of the RSVP TE P2MP tunnel"; 1139 } 1140 leaf tunnel-id { 1141 type uint16 { 1142 range "1..65535"; 1143 } 1144 description "Tunnel ID of the RSVP TE P2MP tunnel"; 1145 } 1146 leaf extend-tunnel-id { 1147 type uint16 { 1148 range "1..65535"; 1149 } 1150 description 1151 "Extended tunnel ID of the RSVP TE P2MP Tunnel"; 1152 } 1153 } 1154 case mldp-p2mp { 1155 description "MLDP P2MP tunnel"; 1156 leaf mldp-root-addr { 1157 type inet:ip-address; 1158 description "IP address of the root of a MLDP P2MP lsp."; 1159 } 1160 leaf mldp-lsp-id { 1161 type string { 1162 length "1..256"; 1163 } 1164 description "MLDP P2MP lsp ID."; 1165 } 1166 } 1167 case pim-ssm { 1168 description "PIM SSM tree in the public net"; 1169 leaf ssm-group-addr { 1170 type rt-types:ip-multicast-group-address; 1171 description "Group address for pim ssm"; 1172 } 1173 } 1174 case pim-sm { 1175 description "PIM SM tree in the public net"; 1176 leaf sm-group-addr { 1177 type rt-types:ip-multicast-group-address; 1178 description "Group address for pim sm"; 1179 } 1180 } 1181 case bidir-pim { 1182 description "BIDIR PIM tree in the public net"; 1183 leaf bidir-group-addr { 1184 type rt-types:ip-multicast-group-address; 1185 description "Group address for bidir-pim"; 1186 } 1187 } 1188 case ingress-replication { 1189 description "Ingress replication p2p tunnel"; 1190 } 1191 case mldp-mp2mp { 1192 description "MLDP MP2MP tunnel"; 1193 } 1194 case bier { 1195 description "bier underlay"; 1196 leaf sub-domain-id { 1197 type uint8; 1198 description "Subdomain ID of bier."; 1199 } 1200 leaf bitstring-length { 1201 type uint16 { 1202 range "64|128|256|512|1024|2048|4096"; 1203 } 1204 description "BitString length of bier underlay."; 1205 } 1206 leaf bfir-id { 1207 type uint16; 1208 description "ID of BIER sender PE of MVPN."; 1209 } 1210 } 1211 } 1212 leaf tunnel-role { 1213 type enumeration { 1214 enum none { 1215 value 0; 1216 description "none"; 1217 } 1218 enum root { 1219 value 1; 1220 description "root"; 1221 } 1222 enum leaf { 1223 value 2; 1224 description "leaf"; 1225 } 1226 enum root-and-leaf { 1227 value 3; 1228 description "root-and-leaf"; 1229 } 1230 } 1231 config false; 1232 description "Role of a node for a p-tunnel."; 1233 } 1234 leaf upstream-vpn-label { 1235 if-feature mvpn-aggregation-tunnel; 1236 type rt-types:mpls-label; 1237 config false; 1238 description 1239 "VPN context label for the multicast data of the VPN instance 1240 in an aggregation P-tunnel."; 1241 } 1242 }/* mvpn-pmsi-state */ 1244 grouping mvpn-pmsi-ipv4-entry { 1245 description 1246 "Multicast entries in ipv4 mvpn referenced the pmsi tunnel"; 1247 container mvpn-pmsi-ipv4-ref-sg-entries { 1248 config false; 1249 description 1250 "Multicast entries in ipv4 mvpn referenced the pmsi 1251 tunnel"; 1252 list mvpn-pmsi-ipv4-ref-sg-entries { 1253 key "ipv4-source-address ipv4-group-address"; 1254 description 1255 "IPv4 source and group address of private network entry"; 1256 leaf ipv4-source-address { 1257 type inet:ipv4-address; 1258 description 1259 "IPv4 source address of private network entry 1260 in I-PMSI or S-PMSI."; 1261 } 1262 leaf ipv4-group-address { 1263 type rt-types:ipv4-multicast-group-address; 1264 description 1265 "IPv4 group address of private network entry 1266 in I-PMSI or S-PMSI."; 1267 } 1268 } 1269 } 1270 }/* mvpn-pmsi-ipv4-entry */ 1272 grouping mvpn-pmsi-ipv6-entry { 1273 description 1274 "Multicast entries in ipv6 mvpn referenced the pmsi tunnel"; 1276 container mvpn-pmsi-ipv6-ref-sg-entries { 1277 config false; 1278 description 1279 "Multicast entries in ipv6 mvpn referenced the pmsi 1280 tunnel"; 1281 list mvpn-pmsi-ipv6-ref-sg-entries { 1282 key "ipv6-source-address ipv6-group-address"; 1283 description 1284 "IPv6 source and group address of private network entry"; 1285 leaf ipv6-source-address { 1286 type inet:ipv6-address; 1287 description 1288 "IPv6 source address of private network entry 1289 in I-PMSI or S-PMSI."; 1290 } 1291 leaf ipv6-group-address { 1292 type rt-types:ipv6-multicast-group-address; 1293 description 1294 "IPv6 group address of private network entry 1295 in I-PMSI or S-PMSI."; 1296 } 1297 } 1298 } 1299 }/* mvpn-pmsi-ipv6-entry */ 1301 grouping mvpn-ipmsi-tunnel-info-ipv4 { 1302 description 1303 "Default mdt or I-PMSI configuration and 1304 operational state information"; 1305 container mvpn-ipmsi-tunnel-ipv4 { 1306 description 1307 "Default mdt or I-PMSI configuration and 1308 operational state information"; 1309 uses mvpn-ipmsi-tunnel-config; 1310 uses mvpn-pmsi-state; 1311 uses mvpn-pmsi-ipv4-entry; 1312 } 1313 } 1315 grouping mvpn-ipmsi-tunnel-info-ipv6 { 1316 description 1317 "Default mdt or I-PMSI configuration and 1318 operational state information"; 1319 container mvpn-ipmsi-tunnel-ipv6 { 1320 description 1321 "Default mdt or I-PMSI configuration and 1322 operational state information"; 1323 uses mvpn-ipmsi-tunnel-config; 1324 uses mvpn-pmsi-state; 1325 uses mvpn-pmsi-ipv6-entry; 1326 } 1327 } 1329 grouping mvpn-spmsi-tunnel-info-ipv4 { 1330 description 1331 "Data mdt for rosen mvpn or S-PMSI for ng mvpn in 1332 IPv4 private network"; 1334 container mvpn-spmsi-tunnels-ipv4 { 1335 description 1336 "S-PMSI tunnel configuration and 1337 operational state information."; 1338 uses mvpn-spmsi-tunnel-common-config; 1340 list mvpn-spmsi-tunnel-ipv4 { 1341 key "tunnel-type"; 1342 description 1343 "S-PMSI tunnel attributes configuration and 1344 operational state information."; 1346 uses mvpn-spmsi-tunnel-per-item-config; 1347 choice address-mask-or-acl { 1348 description 1349 "Type of definition of private network 1350 multicast address range"; 1351 case address-mask { 1352 description "Use the type of address and mask"; 1353 leaf ipv4-group-addr { 1354 type rt-types:ipv4-multicast-group-address; 1355 description 1356 "Start address of the IPv4 group 1357 address range in private net. "; 1358 } 1359 leaf ipv4-group-masklength { 1360 type uint8 { 1361 range "4..32"; 1362 } 1363 description 1364 "Group mask length for the IPv4 1365 group address range in private net."; 1366 } 1367 leaf ipv4-source-addr { 1368 type inet:ipv4-address; 1369 description 1370 "Start address of the IPv4 source 1371 address range in private net."; 1372 } 1373 leaf ipv4-source-masklength { 1374 type uint8 { 1375 range "0..32"; 1376 } 1377 description 1378 "Source mask length for the IPv4 1379 source address range in private net."; 1380 } 1381 } 1382 case acl-name { 1383 description "Use the type of acl"; 1384 leaf group-acl-ipv4 { 1385 type leafref { 1386 path "/acl:acls/acl:acl/acl:name"; 1387 } 1388 description 1389 "Specify the (s, g) entry on which the 1390 S-PMSI tunnel takes effect. 1391 The value is an integer ranging from 3000 1392 to 3999 or a string of 32 case-sensitive 1393 characters. If no value is specified, the 1394 switch-group address pool takes effect on 1395 all (s, g)."; 1396 } 1397 } 1398 } 1399 uses mvpn-pmsi-state; 1400 uses mvpn-pmsi-ipv4-entry; 1401 }/* list mvpn-spmsi-tunnel-ipv4 */ 1403 }/* container mvpn-spmsi-tunnels-ipv4 */ 1404 }/* grouping mvpn-spmsi-tunnel-info-ipv4 */ 1405 grouping mvpn-spmsi-tunnel-info-ipv6 { 1406 description 1407 "Data mdt for rosen mvpn or S-PMSI for ng mvpn in 1408 IPv6 private network"; 1410 container mvpn-spmsi-tunnels-ipv6 { 1411 description 1412 "S-PMSI tunnel configuration and 1413 operational state information."; 1414 uses mvpn-spmsi-tunnel-common-config; 1416 list mvpn-spmsi-tunnel-ipv6 { 1417 key "tunnel-type"; 1418 description 1419 "S-PMSI tunnel attributes configuration and 1420 operational state information."; 1421 uses mvpn-spmsi-tunnel-per-item-config; 1423 choice address-mask-or-acl { 1424 description 1425 "Type of definition of private network 1426 multicast address range"; 1427 case address-mask { 1428 description "Use the type of address and mask"; 1430 leaf ipv6-group-addr { 1431 type rt-types:ipv6-multicast-group-address; 1432 description 1433 "Start address of the IPv6 group 1434 address range in private net. "; 1435 } 1436 leaf ipv6-groupmasklength { 1437 type uint8 { 1438 range "8..128"; 1439 } 1440 description 1441 "Group mask length for the IPv6 1442 group address range in private net."; 1443 } 1444 leaf ipv6-source-addr { 1445 type inet:ipv6-address; 1446 description 1447 "Start address of the IPv6 source 1448 address range in private net."; 1449 } 1450 leaf ipv6-source-masklength { 1451 type uint8 { 1452 range "0..128"; 1453 } 1454 description 1455 "Source mask length for the IPv6 1456 source address range in private net."; 1457 } 1458 } 1459 case acl-name { 1460 description "Use the type of acl"; 1461 leaf group-acl-ipv6 { 1462 type leafref { 1463 path "/acl:acls/acl:acl/acl:name"; 1464 } 1465 description 1466 "Specify the (s, g) entry on which the 1467 S-PMSI tunnel takes effect. 1468 The value is an integer ranging from 3000 1469 to 3999 or a string of 32 case-sensitive 1470 characters. If no value is specified, the 1471 switch-group address pool takes effect on 1472 all (s, g)."; 1473 } 1474 } 1475 } 1476 uses mvpn-pmsi-state; 1477 uses mvpn-pmsi-ipv6-entry; 1478 }/* list mvpn-spmsi-tunnel-ipv6 */ 1479 }/* container mvpn-spmsi-tunnels-ipv6 */ 1480 }/* grouping mvpn-spmsi-tunnel-info-ipv6 */ 1482 augment "/ni:network-instances/ni:network-instance/ni:ni-type/" 1483 +"l3vpn:l3vpn/l3vpn:l3vpn/l3vpn:ipv4" { 1484 description 1485 "Augment l3vpn ipv4 container for per multicast VRF 1486 configuration and operational state."; 1488 container multicast { 1489 description 1490 "Configuration and operational state of multicast IPv4 vpn 1491 specific parameters"; 1492 uses mvpn-instance-config; 1493 uses mvpn-rts; 1494 uses mvpn-ipmsi-tunnel-info-ipv4; 1495 uses mvpn-spmsi-tunnel-info-ipv4; 1496 } 1497 } 1499 augment "/ni:network-instances/ni:network-instance/ni:ni-type/" 1500 +"l3vpn:l3vpn/l3vpn:l3vpn/l3vpn:ipv6" { 1501 description 1502 "Augment l3vpn ipv6 container for per multicast VRF 1503 configuration and operational state."; 1504 container multicast { 1505 description 1506 "Configuration and operational state of multicast IPv6 vpn 1507 specific parameters"; 1508 uses mvpn-instance-config; 1509 uses mvpn-rts; 1510 uses mvpn-ipmsi-tunnel-info-ipv6; 1511 uses mvpn-spmsi-tunnel-info-ipv6; 1512 } 1513 } 1514 } 1515 1517 5. Security Considerations 1519 The YANG module specified in this document defines a schema for data 1520 that is designed to be accessed via network management protocols 1521 such as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF 1522 layer is the secure transport layer, and the mandatory-to-implement 1523 secure transport is Secure Shell (SSH) [RFC6242]. The lowest 1524 RESTCONF layer is HTTPS, and the mandatory-to-implement secure 1525 transport is TLS [RFC8446]. 1527 The Network Configuration Access Control Model (NACM) [RFC8341] 1528 provides the means to restrict access for particular NETCONF or 1529 RESTCONF users to a preconfigured subset of all available NETCONF or 1530 RESTCONF protocol operations and content. 1532 There are a number of data nodes defined in this YANG module that 1533 are writable/creatable/deletable (i.e., config true, which is the 1534 default). These data nodes may be considered sensitive or 1535 vulnerable in some network environments. Write operations (e.g., 1536 edit-config) to these data nodes without proper protection can have 1537 a negative effect on network operations. These are the subtrees and 1538 data nodes and their sensitivity/vulnerability: 1540 Under /ni:network-instances/ni:network-instance/ni:ni- 1541 type/l3vpn:l3vpn/l3vpn:l3vpn/l3vpn:ipv4:, 1543 multicast: 1545 This subtree specifies the configuration for the IPv4 MVPN 1546 attributes at the instance level on a MVPN instance. Modifying the 1547 configuration can cause IPv4 MVPN PMSI tunnels to be deleted or 1548 reconstructed on the MVPN instance. 1550 multicast:mvpn-ipmsi-tunnel-ipv4 1552 This subtree specifies the configuration for the IPv4 MVPN I-PMSI 1553 tunnel attributes at the PMSI tunnel level on a MVPN instance. 1554 Modifying the configuration can cause IPv4 MVPN I-PMSI tunnel to be 1555 deleted or reconstructed on the MVPN instance. 1557 multicast:mvpn-spmsi-tunnels-ipv4 1559 This subtree specifies the configuration for the IPv4 MVPN S-PMSI 1560 attributes at the PMSI tunnel level on a MVPN instance. Modifying 1561 the configuration can cause IPv4 MVPN S-PMSI tunnels to be deleted 1562 or reconstructed on the MVPN instance. 1564 Under /ni:network-instances/ni:network-instance/ni:ni- 1565 type/l3vpn:l3vpn/l3vpn:l3vpn/l3vpn:ipv6:, 1567 multicast: 1569 This subtree specifies the configuration for the IPv6 MVPN 1570 attributes at the instance level on a MVPN instance. Modifying the 1571 configuration can cause IPv6 MVPN PMSI tunnels to be deleted or 1572 reconstructed on the MVPN instance. 1574 multicast:mvpn-ipmsi-tunnel-ipv6 1576 This subtree specifies the configuration for the IPv6 MVPN I-PMSI 1577 tunnel attributes at the PMSI tunnel level on a MVPN instance. 1578 Modifying the configuration can cause IPv6 MVPN I-PMSI tunnel to be 1579 deleted or reconstructed on the MVPN instance. 1581 multicast:mvpn-spmsi-tunnels-ipv6 1583 This subtree specifies the configuration for the IPv6 MVPN S-PMSI 1584 attributes at the PMSI tunnel level on a MVPN instance. Modifying 1585 the configuration can cause IPv6 MVPN S-PMSI tunnels to be deleted 1586 or reconstructed on the MVPN instance. 1588 Unauthorized access to any data node of these subtrees can adversely 1589 affect the PMSI tunnels of the MVPN instances on the local device. 1590 This may lead to network malfunctions, delivery of packets to 1591 inappropriate destinations, and other problems. 1593 Some of the readable data nodes in this YANG module may be 1594 considered sensitive or vulnerable in some network environments. It 1595 is thus important to control read access (e.g., via get, get-config, 1596 or notification) to these data nodes. These are the subtrees and 1597 data nodes and their sensitivity/vulnerability: 1599 /ni:network-instances/ni:network-instance/ni:ni- 1600 type/l3vpn:l3vpn/l3vpn:l3vpn/l3vpn:ipv4/multicast 1602 /ni:network-instances/ni:network-instance/ni:ni- 1603 type/l3vpn:l3vpn/l3vpn:l3vpn/l3vpn:ipv6/multicast 1605 Unauthorized access to any data node of the above subtree can 1606 disclose the operational state information of MVPN on this device. 1608 6. IANA Considerations 1610 This document registers the following namespace URIs in the IETF XML 1611 registry [RFC3688]: 1613 URI: urn:ietf:params:xml:ns:yang:ietf-mvpn 1615 Registrant Contact: The IESG. 1617 XML: N/A; the requested URI is an XML namespace. 1619 This document registers the following YANG modules in the YANG 1620 Module Names registry [RFC6020]: 1622 Name: ietf-mvpn 1624 Namespace: urn:ietf:params:xml:ns:yang:ietf-mvpn 1626 Prefix: mvpn 1628 Reference: RFCXXX 1630 7. References 1632 7.1. Normative References 1634 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 1635 the Network Configuration Protocol (NETCONF)", RFC 6020, 1636 October 2010 1638 [RFC6037] Rosen, E., Cai, Y., and IJ. Wijnands, "Cisco Systems' 1639 Solution for Multicast in BGP/MPLS IP VPNs", RFC 6037, 1640 October 2010. 1642 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 1643 and A. Bierman, Ed., "Network Configuration Protocol 1644 (NETCONF)", RFC 6241, June 2011 1646 [RFC6513] Rosen, E. and R. Aggarwal, "Multicast in MPLS/BGP IP 1647 VPNs", RFC 6513, February 2012. 1649 [RFC6514] Aggarwal, R., Rosen, E., Morin, T., and Y. Rekhter, "BGP 1650 Encodings and Procedures for Multicast in MPLS/BGP IP 1651 VPNs", RFC 6514, February 2012. 1653 [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", 1654 RFC 6991, July 2013 1656 [RFC7246] IJ. Wijnands, P. Hitchen, N. Leymann, W. Henderickx, A. 1657 Gulko and J. Tantsura, " Multipoint Label Distribution 1658 Protocol In-Band Signaling in a Virtual Routing and 1659 Forwarding (VRF) Table Context ", RFC 7246, June 2014. 1661 [RFC7900] Y. Rekhter, E. Rosen, R. Aggarwal, Arktan, Y. Cai and T. 1662 Morin, " Extranet Multicast in BGP/IP MPLS VPNs ", RFC 1663 7900, June 2016. 1665 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 1666 RFC 7950, August 2016 1668 [RFC8279] Wijnands, IJ., Ed., Rosen, E., Ed., Dolganow, A., 1669 Przygienda, T., and S. Aldrin, "Multicast Using Bit Index 1670 Explicit Replication (BIER)", RFC 8279, November 2017 1672 [RFC8294] Liu, X., Qu, Y., Lindem, A., Hopps, C., and L. Berger, 1673 "Common YANG Data Types for the Routing Area", RFC 8294, 1674 December 2017 1676 [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., 1677 and R. Wilton, "Network Management Datastore Architecture 1678 (NMDA)", RFC 8342, March 2018 1680 [RFC8519] M. Jethanandani, S. Agarwal, L. Huang and D. 1681 Blair, "Yang Data Model for Network Access Control Lists 1682 (ACL) ", RFC8519, March 2019 1684 [RFC8529] L. Berger, C. Hopps, A. Lindem, D. Bogdanovic and X. Liu, 1685 "YANG Data Model for Network Instances", RFC8529, March 1686 2019. 1688 [I-D.ietf-l3vpn-yang] D. Jain, K. Patel, P. Brissette, Z. Li, S. 1689 Zhuang, X. Liu, J. Haas, S. Esale and B. Wen, "Yang Data 1690 Model for BGP/MPLS L3 VPNs", draft-ietf-bess-l3vpn-yang- 1691 04(expired), October 2018. 1693 7.2. Informative References 1695 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 1696 BCP 215, RFC 8340, March 2018 1698 [RFC8407] Bierman, A., "Guidelines for Authors and Reviewers of YANG 1699 Data Model Documents", RFC8407, October 2018 1701 8. Acknowledgments 1703 The authors would like to thank the following for their valuable 1704 contributions of this document: 1706 TBD 1708 Authors' Addresses 1710 Yisong Liu 1711 China Mobile 1712 China 1713 Email: liuyisong@chinamobile.com 1715 Feng Guo 1716 Huawei Technologies 1717 China 1718 Email: guofeng@huawei.com 1720 Stephane Litkowski 1721 Cisco 1723 Email: slitkows@cisco.com 1725 Xufeng Liu 1726 Volta Networks 1728 Email: xufeng.liu.ietf@gmail.com 1730 Robert Kebler 1731 Juniper Networks 1732 USA 1733 Email: kebler@juniper.net 1735 Mahesh Sivakumar 1736 Juniper Networks 1737 USA 1738 Email: sivakumar.mahesh@gmail.com