idnits 2.17.1 draft-ietf-i2rs-yang-l2-network-topology-04.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (March 5, 2018) is 2215 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC6991' is defined on line 878, but no explicit reference was found in the text -- Obsolete informational reference (is this intentional?): RFC 5246 (Obsoleted by RFC 8446) -- Obsolete informational reference (is this intentional?): RFC 6536 (Obsoleted by RFC 8341) Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group J. Dong 3 Internet-Draft X. Wei 4 Intended status: Standards Track Huawei Technologies 5 Expires: September 6, 2018 March 5, 2018 7 A YANG Data Model for Layer-2 Network Topologies 8 draft-ietf-i2rs-yang-l2-network-topology-04 10 Abstract 12 This document defines a YANG data model for Layer 2 network 13 topologies. 15 Requirements Language 17 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 18 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 19 document are to be interpreted as described in RFC 2119 [RFC2119]. 21 Status of This Memo 23 This Internet-Draft is submitted in full conformance with the 24 provisions of BCP 78 and BCP 79. 26 Internet-Drafts are working documents of the Internet Engineering 27 Task Force (IETF). Note that other groups may also distribute 28 working documents as Internet-Drafts. The list of current Internet- 29 Drafts is at https://datatracker.ietf.org/drafts/current/. 31 Internet-Drafts are draft documents valid for a maximum of six months 32 and may be updated, replaced, or obsoleted by other documents at any 33 time. It is inappropriate to use Internet-Drafts as reference 34 material or to cite them other than as "work in progress." 36 This Internet-Draft will expire on September 6, 2018. 38 Copyright Notice 40 Copyright (c) 2018 IETF Trust and the persons identified as the 41 document authors. All rights reserved. 43 This document is subject to BCP 78 and the IETF Trust's Legal 44 Provisions Relating to IETF Documents 45 (https://trustee.ietf.org/license-info) in effect on the date of 46 publication of this document. Please review these documents 47 carefully, as they describe your rights and restrictions with respect 48 to this document. Code Components extracted from this document must 49 include Simplified BSD License text as described in Section 4.e of 50 the Trust Legal Provisions and are provided without warranty as 51 described in the Simplified BSD License. 53 Table of Contents 55 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 56 2. Layer 2 Topology Model . . . . . . . . . . . . . . . . . . . 2 57 3. Layer 2 Topology Yang Module . . . . . . . . . . . . . . . . 5 58 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 17 59 5. Security Considerations . . . . . . . . . . . . . . . . . . . 17 60 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 18 61 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 19 62 7.1. Normative References . . . . . . . . . . . . . . . . . . 19 63 7.2. Informative References . . . . . . . . . . . . . . . . . 19 64 Appendix A. Companion YANG model for non-NMDA compliant 65 implementations . . . . . . . . . . . . . . . . . . 20 66 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 25 68 1. Introduction 70 [I-D.ietf-i2rs-yang-network-topo] defines the YANG [RFC6020] 71 [RFC7950] data models of the abstract (generic) network and network 72 topology. Such models can be augmented with technology-specific 73 details to build more specific topology models. 75 This document defines the YANG data model for Layer 2 network 76 topologies by augmenting the generic network and network topology 77 data models with L2 specific topology attributes. 79 2. Layer 2 Topology Model 81 The Layer 2 network topology model is designed to be generic and 82 applicable to Layer 2 networks built with different L2 technologies. 83 It can be used to describe both the physical and the logical 84 (virtual) L2 network topologies. 86 The Layer 2 topology model applies the generic network and network 87 topology models to Layer 2 network topologies, and augments the 88 generic models with information specific to Layer 2 networks. The 89 relationship between the Layer 2 topology model and the generic 90 network and network topology model is shown in the figure below: 92 +---------------------+ 93 | ietf-network | 94 +----------^----------+ 95 | 96 | 97 +---------------------+ 98 |ietf-network-topology| 99 +----------^----------+ 100 | 101 | 102 +----------^----------+ 103 | ietf-l2-topology | 104 +---------------------+ 105 Figure 1. L2-topology model structure 107 In order to represent a Layer 2 network topology, the generic network 108 and topology models are augmented with Layer-2 specific information, 109 such as the identifiers, descriptions, attributes and states of the 110 Layer-2 networks, nodes, links and termination points. Some of the 111 information may be collected via Link Layer Discovery Protocol (LLDP) 112 or other Layer-2 protocols, and some of them may be locally 113 configured. 115 The structure of "ietf-l2-topology" data model is depicted in the 116 following diagram. The notation syntax follows 117 [I-D.ietf-netmod-yang-tree-diagrams]. For purpose of brevity, 118 notifications are not depicted. 120 module: ietf-l2-topology 121 augment /nw:networks/nw:network/nw:network-types: 122 +--rw l2-network! 123 augment /nw:networks/nw:network: 124 +--rw l2-network-attributes 125 +--rw name? string 126 +--rw flag* flag-type 127 augment /nw:networks/nw:network/nw:node: 128 +--rw l2-node-attributes 129 +--rw name? string 130 +--rw description? string 131 +--rw management-address* inet:ip-address 132 +--rw sys-mac-address? yang:mac-address 133 +--rw management-vid? vlan {VLAN}? 134 +--rw nick-name* trill-nickname {TRILL}? 135 +--rw vn-id* vni {VXLAN}? 136 +--rw flag* flag-type 137 augment /nw:networks/nw:network/nt:link: 138 +--rw l2-link-attributes 139 +--rw name? string 140 +--rw flag* flag-type 141 +--rw rate? decimal64 142 +--rw delay? uint32 143 +--rw srlg* uint32 144 augment /nw:networks/nw:network/nw:node/nt:termination-point: 145 +--rw l2-termination-point-attributes 146 +--rw description? string 147 +--rw maximum-frame-size? uint32 148 +--rw (l2-termination-point-type)? 149 | +--:(ethernet) 150 | | +--rw mac-address? yang:mac-address 151 | | +--rw eth-encapsulation? identityref 152 | | +--rw port-vlan-id? vlan {VLAN}? 153 | | +--rw vlan-id-name* [vlan-id] {VLAN}? 154 | | +--rw vlan-id vlan 155 | | +--rw vlan-name? string 156 | +--:(legacy) 157 | +--rw layer-2-address? yang:phys-address 158 | +--rw encapsulation? identityref 159 +--ro tp-state? enumeration 160 notifications: 161 +---n l2-node-event 162 | +--ro event-type? 163 | +--ro node-ref? 164 | +--ro network-ref? 165 | +--ro l2-network! 166 | +--ro l2-node-attributes 167 +---n l2-link-event 168 | +--ro event-type? 169 | +--ro link-ref? 170 | +--ro network-ref? 171 | +--ro l2-network! 172 | +--ro l2-link-attributes 173 +---n l2-termination-point-event 174 +--ro event-type? 175 +--ro tp-ref? 176 +--ro node-ref? 177 +--ro network-ref? 178 +--ro l2-network! 179 +--ro l2-termination-point-attributes 181 The L2-topology module augments the generic ietf-network and ietf- 182 network-topology modules as follows: 184 o A new network type "l2-network-type" is introduced. This is 185 represented by a container object, and is inserted under the 186 "network-types" container of the generic ietf-network module in 187 [I-D.ietf-i2rs-yang-network-topo]. 189 o Additional network attributes are introduced in a grouping "l2- 190 network-attributes", which augments the "network" list of the 191 ietf-network module. The attributes include Layer-2 network name 192 and a set of flags. Each type of flag is represented by a 193 separate identity. 195 o Additional data objects for Layer-2 nodes are introduced by 196 augmenting the "node" list of the generic ietf-network module. 197 New objects include Layer-2 node identifier, description, 198 management address, and a set of flags. 200 o Additional data objects for Layer-2 termination points are 201 introduced by augmenting the "termination-point" list of the ietf- 202 network-topology module defined in 203 [I-D.ietf-i2rs-yang-network-topo]. New objects include Layer-2 204 termination point descriptions, Layer-2 termination point type 205 specific attributes and Layer-2 termination point states. 207 o Links in the ietf-network-topology module are augmented as well 208 with a set of Layer-2 parameters, allowing to associate a link 209 with a name, a set of Layer-2 link attributes and flags. 211 o The optional L2 technology specific attributes are introduced in 212 this module as Layer-2 features. 214 3. Layer 2 Topology Yang Module 216 file "ietf-l2-topology@2018-03-05.yang" 217 module ietf-l2-topology { 218 yang-version 1.1; 219 namespace "urn:ietf:params:xml:ns:yang:ietf-l2-topology"; 220 prefix "l2t"; 222 import ietf-network { 223 prefix "nw"; 224 } 226 import ietf-network-topology { 227 prefix "nt"; 228 } 230 import ietf-inet-types { 231 prefix "inet"; 232 reference "RFC 6991"; 233 } 235 import ietf-yang-types { 236 prefix "yang"; 237 reference "RFC 6991"; 238 } 240 organization 241 "IETF I2RS (Interface to the Routing System) Working Group"; 242 contact 243 "WG Web: 244 WG List: 245 Editor: Jie Dong 246 248 Editor: Xiugang Wei 249 "; 251 description 252 "This module defines a basic model for 253 the layer-2 topology of a network. 255 Copyright (c) 2018 IETF Trust and the persons identified as 256 authors of the code. All rights reserved. 258 Redistribution and use in source and binary forms, with or 259 without modification, is permitted pursuant to, and subject 260 to the license terms contained in, the Simplified BSD License 261 set forth in Section 4.c of the IETF Trust's Legal Provisions 262 Relating to IETF Documents 263 (http://trustee.ietf.org/license-info). 265 This version of this YANG module is part of 266 draft-ietf-i2rs-yang-l2-network-topo-04; 267 see the RFC itself for full legal notices."; 269 revision "2018-03-05" { 270 description "Initial revision"; 271 reference "draft-ietf-i2rs-l2-network-topology-04"; 272 } 274 /* 275 * Typedefs 276 */ 278 typedef vlan { 279 type uint16 { 280 range "0..4095"; 281 } 282 description "VLAN ID"; 283 } 284 typedef trill-nickname { 285 type uint16; 286 description "TRILL Nickname"; 287 } 289 typedef vni { 290 type uint32 { 291 range "1..16777215"; 292 } 293 description "VxLAN Network Identifier"; 294 } 296 typedef flag-type { 297 type identityref { 298 base "flag-identity"; 299 } 300 description "Base type for flags"; 301 } 303 typedef l2-network-event-type { 304 type enumeration { 305 enum "add" { 306 value 0; 307 description "An L2 node or link or termination-point 308 has been added"; 309 } 310 enum "remove" { 311 value 1; 312 description "An L2 node or link or termination-point 313 has been removed"; 314 } 315 enum "update" { 316 value 2; 317 description "An L2 node or link or termination-point 318 has been updated"; 319 } 320 } 321 description "l2 network event type for notifications"; 322 } // l2-topology-event-type 324 /* 325 * Features 326 */ 328 feature VLAN { 329 description 330 "Indicates that the system supports the 331 vlan functions"; 332 } 334 feature QinQ { 335 description 336 "Indicates that the system supports the 337 qinq functions"; 338 } 340 feature PBB { 341 description 342 "Indicates that the device supports the 343 provider-backbone-bridging functions"; 344 } 346 feature VPLS { 347 description 348 "Indicates that the device supports the 349 VPLS functions"; 350 reference "RFC 4761, RFC 4762"; 351 } 353 feature TRILL { 354 description 355 "Indicates that the device supports the 356 TRILL functions"; 357 reference "RFC 6325"; 358 } 360 feature VXLAN { 361 description 362 "Indicates that the device supports the 363 VXLAN functions"; 364 reference "RFC 7348"; 365 } 367 /* 368 * Identities 369 */ 371 identity flag-identity { 372 description "Base type for flags"; 373 } 375 identity encapsulation-type { 376 description 377 "Base identity from which specific encapsulation 378 types are derived."; 379 } 381 identity eth-encapsulation-type { 382 base encapsulation-type; 383 description 384 "Base identity from which specific ethernet 385 encapsulation types are derived."; 387 } 389 identity ethernet { 390 base eth-encapsulation-type; 391 description 392 "native ethernet encapsulation"; 393 } 395 identity vlan { 396 base eth-encapsulation-type; 397 description 398 "vlan encapsulation"; 399 } 401 identity qinq { 402 base eth-encapsulation-type; 403 description 404 "qinq encapsulation"; 405 } 407 identity pbb { 408 base eth-encapsulation-type; 409 description 410 "pbb encapsulation"; 411 } 413 identity trill { 414 base eth-encapsulation-type; 415 description 416 "trill encapsulation"; 417 } 419 identity vpls { 420 base eth-encapsulation-type; 421 description 422 "vpls encapsulation"; 423 } 424 identity vxlan { 425 base eth-encapsulation-type; 426 description 427 "vxlan encapsulation"; 428 } 430 identity frame-relay { 431 base encapsulation-type; 432 description 433 "Frame Relay encapsulation"; 434 } 436 identity ppp { 437 base encapsulation-type; 438 description 439 "PPP encapsulation"; 440 } 442 identity hdlc { 443 base encapsulation-type; 444 description 445 "HDLC encapsulation"; 446 } 448 identity atm { 449 base encapsulation-type; 450 description 451 "Base identity from which specific ATM 452 encapsulation types are derived."; 454 } 456 identity pwe3 { 457 base encapsulation-type; 458 description 459 "Base identity from which specific pw 460 encapsulation types are derived."; 461 } 463 /* 464 * Groupings 465 */ 467 grouping l2-network-type { 468 description "Identify the topology type to be L2."; 469 container l2-network { 470 presence "indicates L2 Network"; 471 description 472 "The presence of the container node indicates 473 L2 Topology"; 474 } 475 } 477 grouping l2-network-attributes { 478 description "L2 Topology scope attributes"; 479 container l2-network-attributes { 480 description "Containing L2 network attributes"; 481 leaf name { 482 type string; 483 description "Name of the L2 network"; 484 } 486 leaf-list flag { 487 type flag-type; 488 description "L2 network flags"; 489 } 490 } 491 } 493 grouping l2-node-attributes { 494 description "L2 node attributes"; 495 container l2-node-attributes { 496 description "Containing L2 node attributes"; 497 leaf name { 498 type string; 499 description "Node name"; 500 } 501 leaf description { 502 type string; 503 description "Node description"; 504 } 505 leaf-list management-address { 506 type inet:ip-address; 507 description "System management address"; 508 } 509 leaf sys-mac-address { 510 type yang:mac-address; 511 description "System MAC-address"; 512 } 513 leaf management-vid { 514 if-feature VLAN; 515 type vlan; 516 description "System management VID"; 517 } 518 leaf-list nick-name { 519 if-feature TRILL; 520 type trill-nickname; 521 description "Nickname of the RBridge"; 522 } 523 leaf-list vn-id { 524 if-feature VXLAN; 525 type vni; 526 description "VNI of the VxLAN"; 527 } 528 leaf-list flag { 529 type flag-type; 530 description "Node operational flags"; 531 } 532 } 533 } // grouping l2-node-attributes 535 grouping l2-link-attributes { 536 description "L2 link attributes"; 537 container l2-link-attributes { 538 description "Containing L2 link attributes"; 539 leaf name { 540 type string; 541 description "Link name"; 542 } 543 leaf-list flag { 544 type flag-type; 545 description "Link flags"; 546 } 547 leaf rate { 548 type decimal64 { 549 fraction-digits 2; 550 } 551 description "Link rate"; 553 } 554 leaf delay { 555 type uint32; 556 description "Link delay in microseconds"; 557 } 558 leaf-list srlg { 559 type uint32; 560 description 561 "List of Shared Risk Link Groups 562 this link belongs to."; 563 } 564 } 565 } // grouping l2-link-attributes 566 grouping l2-termination-point-attributes { 567 description "L2 termination point attributes"; 568 container l2-termination-point-attributes { 569 description "Containing L2 TP attributes"; 570 leaf description { 571 type string; 572 description "Port description"; 573 } 575 leaf maximum-frame-size { 576 type uint32; 577 description "Maximum frame size"; 578 } 580 choice l2-termination-point-type { 581 description 582 "Indicates termination-point type 583 specific attributes"; 584 case ethernet { 585 leaf mac-address { 586 type yang:mac-address; 587 description "Interface MAC address"; 588 } 590 leaf eth-encapsulation { 591 type identityref { 592 base eth-encapsulation-type; 593 } 594 description 595 "Encapsulation type of this 596 ternimation point."; 597 } 599 leaf port-vlan-id { 600 if-feature VLAN; 601 type vlan; 602 description "Port VLAN ID"; 603 } 605 list vlan-id-name { 606 if-feature VLAN; 607 key "vlan-id"; 608 description "Interface configured VLANs"; 609 leaf vlan-id { 610 type vlan; 611 description "VLAN ID"; 612 } 613 leaf vlan-name { 614 type string; 615 description "VLAN Name"; 616 } 617 } 618 } //case ethernet 620 case legacy { 621 leaf layer-2-address { 622 type yang:phys-address; 623 description "Interface Layer 2 address"; 624 } 626 leaf encapsulation { 627 type identityref { 628 base encapsulation-type; 629 } 630 description 631 "Encapsulation type of this termination point."; 632 } 633 } //case legacy 635 } //choice termination-point-type 637 leaf tp-state { 638 type enumeration { 639 enum in-use { 640 value 0; 641 description 642 "the termination point is in forwarding state"; 643 } 644 enum blocking { 645 value 1; 646 description 647 "the termination point is in blocking state"; 648 } 649 enum down { 650 value 2; 651 description 652 "the termination point is in down state"; 653 } 654 enum others { 655 value 3; 656 description 657 "the termination point is in other state"; 658 } 659 } 660 config false; 661 description "State of the termination point"; 663 } 664 } 665 } // grouping l2-termination-point-attributes 667 /* 668 * Data nodes 669 */ 671 augment "/nw:networks/nw:network/nw:network-types" { 672 description 673 "Introduce new network type for L2 topology"; 674 uses l2-network-type; 675 } 677 augment "/nw:networks/nw:network" { 678 when "/nw:networks/nw:network/nw:network-types/l2t:l2-network" { 679 description 680 "Augmentation parameters apply only for networks 681 with L2 topology"; 682 } 683 description 684 "Configuration parameters for the L2 network 685 as a whole"; 686 uses l2-network-attributes; 687 } 689 augment "/nw:networks/nw:network/nw:node" { 690 when "/nw:networks/nw:network/nw:network-types/l2t:l2-network" { 691 description 692 "Augmentation parameters apply only for networks 693 with L2 topology"; 694 } 695 description 696 "Configuration parameters for L2 at the node 697 level"; 698 uses l2-node-attributes; 699 } 701 augment "/nw:networks/nw:network/nt:link" { 702 when "/nw:networks/nw:network/nw:network-types/l2t:l2-network" { 703 description 704 "Augmentation parameters apply only for networks 705 with L2 topology"; 706 } 707 description "Augment L2 topology link information"; 708 uses l2-link-attributes; 709 } 710 augment "/nw:networks/nw:network/nw:node/nt:termination-point" { 711 when "/nw:networks/nw:network/nw:network-types/l2t:l2-network" { 712 description 713 "Augmentation parameters apply only for networks 714 with L2 topology"; 715 } 716 description 717 "Augment L2 topology termination point information"; 718 uses l2-termination-point-attributes; 719 } 721 /* 722 * Notifications 723 */ 725 notification l2-node-event { 726 description "Notification event for L2 node"; 727 leaf event-type { 728 type l2-network-event-type; 729 description "Event type"; 730 } 731 uses nw:node-ref; 732 uses l2-network-type; 733 uses l2-node-attributes; 734 } 736 notification l2-link-event { 737 description "Notification event for L2 link"; 738 leaf event-type { 739 type l2-network-event-type; 740 description "Event type"; 741 } 742 uses nt:link-ref; 743 uses l2-network-type; 744 uses l2-link-attributes; 745 } 747 notification l2-termination-point-event { 748 description "Notification event for L2 termination point"; 749 leaf event-type { 750 type l2-network-event-type; 751 description "Event type"; 752 } 753 uses nt:tp-ref; 754 uses l2-network-type; 755 uses l2-termination-point-attributes; 756 } 758 } // module l2-topology 759 761 4. IANA Considerations 763 This document registers the following namespace URIs in the "IETF XML 764 Registry" [RFC3688]: 766 URI: urn:ietf:params:xml:ns:yang:ietf-l2-topology 767 Registrant Contact: The IESG. 768 XML: N/A; the requested URI is an XML namespace. 770 URI: urn:ietf:params:xml:ns:yang:ietf-l2-topology-state 771 Registrant Contact: The IESG. 772 XML: N/A; the requested URI is an XML namespace. 774 This document registers the following YANG modules in the "YANG 775 Module Names" registry [RFC6020]: 777 Name: ietf-l2-topology 778 Namespace: urn:ietf:params:xml:ns:yang:ietf-l2-topology 779 Prefix: l2t 780 Reference: draft-ietf-i2rs-yang-l2-network-topology-04.txt (RFC form) 782 Name: ietf-l2-topology-state 783 Namespace: urn:ietf:params:xml:ns:yang:ietf-l2-topology-state 784 Prefix: l2t-s 785 Reference: draft-ietf-i2rs-yang-l2-network-topology-04.txt (RFC form) 787 5. Security Considerations 789 The YANG module defined in this document is designed to be accessed 790 via network management protocols such as NETCONF [RFC6241] or 791 RESTCONF [RFC8040] . The lowest NETCONF layer is the secure transport 792 layer, and the mandatory-to-implement secure transport is Secure 793 Shell (SSH) [RFC6242]. The lowest RESTCONF layer is HTTPS, and the 794 mandatory-to-implement secure transport is TLS [RFC5246]. 796 The NETCONF access control model [RFC6536] provides the means to 797 restrict access for particular NETCONF or RESTCONF users to a 798 preconfigured subset of all available NETCONF or RESTCONF protocol 799 operations and content. 801 In general, Layer 2 network topologies are system-controlled and 802 provide ephemeral topology information. In an NMDA-complient server, 803 they are only part of which provides read-only access 804 to clients, they are less vulnerable. That said, the YANG module 805 does in principle allow information to be configurable. 807 The Layer 2 topology module define information that can be 808 configurable in certain instances, for example in the case of virtual 809 topologies that can be created by client applications. In such 810 cases, a malicious client could introduce topologies that are 811 undesired. Specifically, a malicious client could attempt to remove 812 or add a node, a link, a termination point, by creating or deleting 813 corresponding elements in the node, link, and termination point 814 lists, respectively. In the case of a topology that is learned, the 815 server will automatically prohibit such misconfiguration attempts. 816 In the case of a topology that is configured, i.e. whose origin is 817 "intended", the undesired configuration could become effective and be 818 reflected in the operational state datastore, leading to disruption 819 of services provided via this topology might be disrupted. For those 820 reasons, it is important that the NETCONF access control model is 821 vigorously applied to prevent topology misconfiguration by 822 unauthorized clients. 824 There are a number of data nodes defined in this YANG module that are 825 writable/creatable/deletable (i.e., config true, which is the 826 default). These data nodes may be considered sensitive or vulnerable 827 in some network environments. Write operations (e.g., edit-config) 828 to these data nodes without proper protection can have a negative 829 effect on network operations. These are the subtrees and data nodes 830 and their sensitivity/vulnerability in the ietf-network module: 832 l2-network-attributes: A malicious client could attempt to sabotage 833 the configuration of any of the contained attributes, such as the 834 name or the flag data nodes. 836 l2-node-attributes: A malicious client could attempt to sabotage the 837 configuration of important node attributes, such as the name or the 838 management-address. 840 l2-link-attributes: A malicious client could attempt to sabotage the 841 configuration of important link attributes, such as the rate or the 842 delay data nodes. 844 l2-termination-point-attributes: A malicious client could attempt to 845 sabotage the configuration of important termination point attributes, 846 such as the maximum-frame-size. 848 6. Acknowledgements 850 The authors would like to acknowledge the comments and suggestions 851 received from Susan Hares, Alia Atlas, Juergen Schoenwaelder, Mach 852 Chen, Alexander Clemm and Sriganesh Kini. 854 7. References 856 7.1. Normative References 858 [I-D.ietf-i2rs-yang-network-topo] 859 Clemm, A., Medved, J., Varga, R., Bahadur, N., 860 Ananthakrishnan, H., and X. Liu, "A Data Model for Network 861 Topologies", draft-ietf-i2rs-yang-network-topo-20 (work in 862 progress), December 2017. 864 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 865 Requirement Levels", BCP 14, RFC 2119, 866 DOI 10.17487/RFC2119, March 1997, 867 . 869 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 870 DOI 10.17487/RFC3688, January 2004, 871 . 873 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 874 the Network Configuration Protocol (NETCONF)", RFC 6020, 875 DOI 10.17487/RFC6020, October 2010, 876 . 878 [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", 879 RFC 6991, DOI 10.17487/RFC6991, July 2013, 880 . 882 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 883 RFC 7950, DOI 10.17487/RFC7950, August 2016, 884 . 886 7.2. Informative References 888 [I-D.ietf-netmod-revised-datastores] 889 Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., 890 and R. Wilton, "Network Management Datastore 891 Architecture", draft-ietf-netmod-revised-datastores-10 892 (work in progress), January 2018. 894 [I-D.ietf-netmod-yang-tree-diagrams] 895 Bjorklund, M. and L. Berger, "YANG Tree Diagrams", draft- 896 ietf-netmod-yang-tree-diagrams-06 (work in progress), 897 February 2018. 899 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security 900 (TLS) Protocol Version 1.2", RFC 5246, 901 DOI 10.17487/RFC5246, August 2008, 902 . 904 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 905 and A. Bierman, Ed., "Network Configuration Protocol 906 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 907 . 909 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 910 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 911 . 913 [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration 914 Protocol (NETCONF) Access Control Model", RFC 6536, 915 DOI 10.17487/RFC6536, March 2012, 916 . 918 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 919 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 920 . 922 Appendix A. Companion YANG model for non-NMDA compliant implementations 924 The YANG module ietf-l2-topology defined in this document augments 925 two modules, ietf-network and ietf-network-topology, that are 926 designed to be used in conjunction with implementations that support 927 the Network Management Datastore Architecture (NMDA) defined in 928 [I-D.ietf-netmod-revised-datastores]. In order to allow 929 implementations to use the model even in cases when NMDA is not 930 supported, a set of companion modules have been defined that 931 represent a state model of networks and network topologies, ietf- 932 network-state and ietf-network-topology-state, respectively. 934 In order to be able to use the model for layer 2 topologies defined 935 in this document in conjunction with non-NMDA compliant 936 implementations, a corresponding companion module is defined that 937 represent the operational state of layer 2 network topologies. The 938 module ietf-l2-topology-state mirrors the module ietf-l2-topology 939 defined earlier in this document. However, it augments ietf-network- 940 state and ietf-network-topology-state (instead of ietf-network and 941 ietf-network-topology) and all its data nodes are non-configurable. 943 The companion module ietf-l2-topology SHOULD NOT be supported by 944 implementations that support NMDA. It is for this reason that this 945 module is defined in the Appendix. 947 As the structure of this modules mirrors that of its underlying 948 modules, the YANG tree is not depicted separately. 950 file "ietf-l2-topology-state@2018-03-05.yang" 951 module ietf-l2-topology-state { 952 yang-version 1.1; 953 namespace "urn:ietf:params:xml:ns:yang:ietf-l2-topology-state"; 954 prefix "l2t-s"; 956 import ietf-network-state { 957 prefix "nw-s"; 958 } 960 import ietf-network-topology-state { 961 prefix "nt-s"; 962 } 964 import ietf-l2-topology { 965 prefix "l2t"; 966 } 968 organization 969 "IETF I2RS (Interface to the Routing System) Working Group"; 970 contact 971 "WG Web: 972 WG List: 973 Editor: Jie Dong 974 975 Editor: Xiugang Wei 976 "; 978 description 979 "This module defines a basic model for 980 the layer-2 topology of a network. 982 Copyright (c) 2018 IETF Trust and the persons identified as 983 authors of the code. All rights reserved. 985 Redistribution and use in source and binary forms, with or 986 without modification, is permitted pursuant to, and subject 987 to the license terms contained in, the Simplified BSD License 988 set forth in Section 4.c of the IETF Trust's Legal Provisions 989 Relating to IETF Documents 990 (http://trustee.ietf.org/license-info). 992 This version of this YANG module is part of 993 draft-ietf-i2rs-yang-l2-network-topo-04; 994 see the RFC itself for full legal notices."; 996 revision "2018-03-05" { 997 description "Initial revision"; 998 reference "draft-ietf-i2rs-l2-network-topology-04"; 999 } 1001 /* 1002 * Features 1003 */ 1005 feature VLAN { 1006 description 1007 "Indicates that the system supports the 1008 vlan functions"; 1009 } 1011 feature QinQ { 1012 description 1013 "Indicates that the system supports the 1014 qinq functions"; 1015 } 1017 feature PBB { 1018 description 1019 "Indicates that the device supports the 1020 provider-backbone-bridging functions"; 1021 } 1023 feature VPLS { 1024 description 1025 "Indicates that the device supports the 1026 VPLS functions"; 1027 reference "RFC 4761, RFC 4762"; 1028 } 1030 feature TRILL { 1031 description 1032 "Indicates that the device supports the 1033 TRILL functions"; 1034 reference "RFC 6325"; 1035 } 1037 feature VXLAN { 1038 description 1039 "Indicates that the device supports the 1040 VXLAN functions"; 1041 reference "RFC 7348"; 1043 } 1045 /* 1046 * Data nodes 1047 */ 1049 augment "/nw-s:networks/nw-s:network/nw-s:network-types" { 1050 description 1051 "Introduce new network type for L2 topology"; 1052 uses l2t:l2-network-type; 1053 } 1055 augment "/nw-s:networks/nw-s:network" { 1056 when "/nw-s:networks/nw-s:network/nw-s:network-types/"+ 1057 "l2t-s:l2-network" { 1058 description 1059 "Augmentation parameters apply only for networks 1060 with L2 topology"; 1061 } 1062 description 1063 "Configuration parameters for the L2 network 1064 as a whole"; 1065 uses l2t:l2-network-attributes; 1066 } 1068 augment "/nw-s:networks/nw-s:network/nw-s:node" { 1069 when "/nw-s:networks/nw-s:network/nw-s:network-types/"+ 1070 "l2t-s:l2-network" { 1071 description 1072 "Augmentation parameters apply only for networks 1073 with L2 topology"; 1074 } 1075 description 1076 "Configuration parameters for L2 at the node 1077 level"; 1078 uses l2t:l2-node-attributes; 1079 } 1081 augment "/nw-s:networks/nw-s:network/nt-s:link" { 1082 when "/nw-s:networks/nw-s:network/nw-s:network-types/"+ 1083 "l2t-s:l2-network" { 1084 description 1085 "Augmentation parameters apply only for networks 1086 with L2 topology"; 1087 } 1088 description "Augment L2 topology link information"; 1089 uses l2t:l2-link-attributes; 1090 } 1092 augment "/nw-s:networks/nw-s:network/nw-s:node/"+ 1093 "nt-s:termination-point" { 1094 when "/nw-s:networks/nw-s:network/nw-s:network-types/"+ 1095 "l2t-s:l2-network" { 1096 description 1097 "Augmentation parameters apply only for networks 1098 with L2 topology"; 1099 } 1100 description 1101 "Augment L2 topology termination point information"; 1102 uses l2t:l2-termination-point-attributes; 1103 } 1105 /* 1106 * Notifications 1107 */ 1109 notification l2-node-event { 1110 description "Notification event for L2 node"; 1111 leaf event-type { 1112 type l2t:l2-network-event-type; 1113 description "Event type"; 1114 } 1115 uses nw-s:node-ref; 1116 uses l2t:l2-network-type; 1117 uses l2t:l2-node-attributes; 1118 } 1120 notification l2-link-event { 1121 description "Notification event for L2 link"; 1122 leaf event-type { 1123 type l2t:l2-network-event-type; 1124 description "Event type"; 1125 } 1126 uses nt-s:link-ref; 1127 uses l2t:l2-network-type; 1128 uses l2t:l2-link-attributes; 1129 } 1131 notification l2-termination-point-event { 1132 description "Notification event for L2 termination point"; 1133 leaf event-type { 1134 type l2t:l2-network-event-type; 1135 description "Event type"; 1137 } 1138 uses nt-s:tp-ref; 1139 uses l2t:l2-network-type; 1140 uses l2t:l2-termination-point-attributes; 1141 } 1143 } // module l2-topology-state 1144 1146 Authors' Addresses 1148 Jie Dong 1149 Huawei Technologies 1150 Huawei Campus, No. 156 Beiqing Rd. 1151 Beijing 100095 1152 China 1154 Email: jie.dong@huawei.com 1156 Xiugang Wei 1157 Huawei Technologies 1158 Huawei Campus, No. 156 Beiqing Rd. 1159 Beijing 100095 1160 China 1162 Email: weixiugang@huawei.com