idnits 2.17.1 draft-ietf-i2rs-yang-l2-network-topology-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (June 29, 2018) is 2127 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC6991' is defined on line 874, but no explicit reference was found in the text -- Obsolete informational reference (is this intentional?): RFC 5246 (Obsoleted by RFC 8446) -- Obsolete informational reference (is this intentional?): RFC 6536 (Obsoleted by RFC 8341) Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group J. Dong 3 Internet-Draft X. Wei 4 Intended status: Standards Track Huawei Technologies 5 Expires: December 31, 2018 June 29, 2018 7 A YANG Data Model for Layer-2 Network Topologies 8 draft-ietf-i2rs-yang-l2-network-topology-05 10 Abstract 12 This document defines a YANG data model for Layer 2 network 13 topologies. 15 Requirements Language 17 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 18 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 19 document are to be interpreted as described in RFC 2119 [RFC2119]. 21 Status of This Memo 23 This Internet-Draft is submitted in full conformance with the 24 provisions of BCP 78 and BCP 79. 26 Internet-Drafts are working documents of the Internet Engineering 27 Task Force (IETF). Note that other groups may also distribute 28 working documents as Internet-Drafts. The list of current Internet- 29 Drafts is at https://datatracker.ietf.org/drafts/current/. 31 Internet-Drafts are draft documents valid for a maximum of six months 32 and may be updated, replaced, or obsoleted by other documents at any 33 time. It is inappropriate to use Internet-Drafts as reference 34 material or to cite them other than as "work in progress." 36 This Internet-Draft will expire on December 31, 2018. 38 Copyright Notice 40 Copyright (c) 2018 IETF Trust and the persons identified as the 41 document authors. All rights reserved. 43 This document is subject to BCP 78 and the IETF Trust's Legal 44 Provisions Relating to IETF Documents 45 (https://trustee.ietf.org/license-info) in effect on the date of 46 publication of this document. Please review these documents 47 carefully, as they describe your rights and restrictions with respect 48 to this document. Code Components extracted from this document must 49 include Simplified BSD License text as described in Section 4.e of 50 the Trust Legal Provisions and are provided without warranty as 51 described in the Simplified BSD License. 53 Table of Contents 55 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 56 2. Layer 2 Topology Model . . . . . . . . . . . . . . . . . . . 2 57 3. Layer 2 Topology Yang Module . . . . . . . . . . . . . . . . 5 58 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 17 59 5. Security Considerations . . . . . . . . . . . . . . . . . . . 17 60 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 18 61 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 19 62 7.1. Normative References . . . . . . . . . . . . . . . . . . 19 63 7.2. Informative References . . . . . . . . . . . . . . . . . 19 64 Appendix A. Companion YANG model for non-NMDA compliant 65 implementations . . . . . . . . . . . . . . . . . . 20 66 Appendix B. An Example . . . . . . . . . . . . . . . . . . . . . 24 67 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 28 69 1. Introduction 71 [RFC8345] defines the YANG [RFC6020] [RFC7950] data models of the 72 abstract (generic) network and network topology. Such models can be 73 augmented with technology-specific details to build more specific 74 topology models. 76 This document defines the YANG data model for Layer 2 network 77 topologies by augmenting the generic network and network topology 78 data models with L2 specific topology attributes. 80 2. Layer 2 Topology Model 82 The Layer 2 network topology model is designed to be generic and 83 applicable to Layer 2 networks built with different L2 technologies. 84 It can be used to describe both the physical and the logical 85 (virtual) L2 network topologies. 87 The Layer 2 topology model applies the generic network and network 88 topology models to Layer 2 network topologies, and augments the 89 generic models with information specific to Layer 2 networks. The 90 relationship between the Layer 2 topology model and the generic 91 network and network topology model is shown in the figure below: 93 +---------------------+ 94 | ietf-network | 95 +----------^----------+ 96 | 97 | 98 +---------------------+ 99 |ietf-network-topology| 100 +----------^----------+ 101 | 102 | 103 +----------^----------+ 104 | ietf-l2-topology | 105 +---------------------+ 106 Figure 1. L2-topology model structure 108 In order to represent a Layer 2 network topology, the generic network 109 and topology models are augmented with Layer-2 specific information, 110 such as the identifiers, descriptions, attributes and states of the 111 Layer-2 networks, nodes, links and termination points. Some of the 112 information may be collected via Link Layer Discovery Protocol (LLDP) 113 or other Layer-2 protocols, and some of them may be locally 114 configured. 116 The structure of "ietf-l2-topology" data model is depicted in the 117 following diagram. The notation syntax follows [RFC8340]. For 118 purpose of brevity, notifications are not depicted. 120 module: ietf-l2-topology 121 augment /nw:networks/nw:network/nw:network-types: 122 +--rw l2-network! 123 augment /nw:networks/nw:network: 124 +--rw l2-network-attributes 125 +--rw name? string 126 +--rw flag* l2-flag-type 127 augment /nw:networks/nw:network/nw:node: 128 +--rw l2-node-attributes 129 +--rw name? string 130 +--rw description? string 131 +--rw management-address* inet:ip-address 132 +--rw sys-mac-address? yang:mac-address 133 +--rw management-vid? vlan {VLAN}? 134 +--rw nick-name* trill-nickname {TRILL}? 135 +--rw vn-id* vni {VXLAN}? 136 +--rw flag* l2-flag-type 137 augment /nw:networks/nw:network/nt:link: 138 +--rw l2-link-attributes 139 +--rw name? string 140 +--rw flag* l2-flag-type 141 +--rw rate? decimal64 142 +--rw delay? uint32 143 +--rw srlg* uint32 144 augment /nw:networks/nw:network/nw:node/nt:termination-point: 145 +--rw l2-termination-point-attributes 146 +--rw description? string 147 +--rw maximum-frame-size? uint32 148 +--rw (l2-termination-point-type)? 149 | +--:(ethernet) 150 | | +--rw mac-address? yang:mac-address 151 | | +--rw eth-encapsulation? identityref 152 | | +--rw port-vlan-id? vlan {VLAN}? 153 | | +--rw vlan-id-name* [vlan-id] {VLAN}? 154 | | +--rw vlan-id vlan 155 | | +--rw vlan-name? string 156 | +--:(legacy) 157 | +--rw layer-2-address? yang:phys-address 158 | +--rw encapsulation? identityref 159 +--ro tp-state? enumeration 160 notifications: 161 +---n l2-node-event 162 | +--ro event-type? 163 | +--ro node-ref? 164 | +--ro network-ref? 165 | +--ro l2-network! 166 | +--ro l2-node-attributes 167 +---n l2-link-event 168 | +--ro event-type? 169 | +--ro link-ref? 170 | +--ro network-ref? 171 | +--ro l2-network! 172 | +--ro l2-link-attributes 173 +---n l2-termination-point-event 174 +--ro event-type? 175 +--ro tp-ref? 176 +--ro node-ref? 177 +--ro network-ref? 178 +--ro l2-network! 179 +--ro l2-termination-point-attributes 181 The L2-topology module augments the generic ietf-network and ietf- 182 network-topology modules as follows: 184 o A new network type "l2-network-type" is introduced. This is 185 represented by a container object, and is inserted under the 186 "network-types" container of the generic ietf-network module in 187 [RFC8345]. 189 o Additional network attributes are introduced in a grouping "l2- 190 network-attributes", which augments the "network" list of the 191 ietf-network module. The attributes include Layer-2 network name 192 and a set of flags. Each type of flag is represented by a 193 separate identity. 195 o Additional data objects for Layer-2 nodes are introduced by 196 augmenting the "node" list of the generic ietf-network module. 197 New objects include Layer-2 node identifier, description, 198 management address, and a set of flags. 200 o Additional data objects for Layer-2 termination points are 201 introduced by augmenting the "termination-point" list of the ietf- 202 network-topology module defined in [RFC8345]. New objects include 203 Layer-2 termination point descriptions, Layer-2 termination point 204 type specific attributes and Layer-2 termination point states. 206 o Links in the ietf-network-topology module are augmented as well 207 with a set of Layer-2 parameters, allowing to associate a link 208 with a name, a set of Layer-2 link attributes and flags. 210 o The optional L2 technology specific attributes are introduced in 211 this module as Layer-2 features. 213 3. Layer 2 Topology Yang Module 215 file "ietf-l2-topology@2018-06-29.yang" 216 module ietf-l2-topology { 217 yang-version 1.1; 218 namespace "urn:ietf:params:xml:ns:yang:ietf-l2-topology"; 219 prefix "l2t"; 221 import ietf-network { 222 prefix "nw"; 223 } 225 import ietf-network-topology { 226 prefix "nt"; 227 } 229 import ietf-inet-types { 230 prefix "inet"; 231 reference "RFC 6991"; 232 } 234 import ietf-yang-types { 235 prefix "yang"; 236 reference "RFC 6991"; 238 } 240 organization 241 "IETF I2RS (Interface to the Routing System) Working Group"; 242 contact 243 "WG Web: 244 WG List: 245 Editor: Jie Dong 246 248 Editor: Xiugang Wei 249 "; 251 description 252 "This module defines a basic model for 253 the layer-2 topology of a network. 255 Copyright (c) 2018 IETF Trust and the persons identified as 256 authors of the code. All rights reserved. 258 Redistribution and use in source and binary forms, with or 259 without modification, is permitted pursuant to, and subject 260 to the license terms contained in, the Simplified BSD License 261 set forth in Section 4.c of the IETF Trust's Legal Provisions 262 Relating to IETF Documents 263 (http://trustee.ietf.org/license-info). 265 This version of this YANG module is part of 266 draft-ietf-i2rs-yang-l2-network-topo-04; 267 see the RFC itself for full legal notices."; 269 revision "2018-06-29" { 270 description "Initial revision"; 271 reference "draft-ietf-i2rs-l2-network-topology-05"; 272 } 274 /* 275 * Typedefs 276 */ 278 typedef vlan { 279 type uint16 { 280 range "0..4095"; 281 } 282 description "VLAN ID"; 283 } 285 typedef trill-nickname { 286 type uint16; 287 description "TRILL Nickname"; 288 } 290 typedef vni { 291 type uint32 { 292 range "1..16777215"; 293 } 294 description "VxLAN Network Identifier"; 295 } 297 typedef l2-flag-type { 298 type identityref { 299 base "flag-identity"; 300 } 301 description "Base type for l2 flags"; 302 } 304 typedef l2-network-event-type { 305 type enumeration { 306 enum "add" { 307 value 0; 308 description "An L2 node or link or termination-point 309 has been added"; 310 } 311 enum "remove" { 312 value 1; 313 description "An L2 node or link or termination-point 314 has been removed"; 315 } 316 enum "update" { 317 value 2; 318 description "An L2 node or link or termination-point 319 has been updated"; 320 } 321 } 322 description "l2 network event type for notifications"; 323 } // l2-topology-event-type 325 /* 326 * Features 327 */ 329 feature VLAN { 330 description 331 "Indicates that the system supports the 332 vlan functions"; 333 } 335 feature QinQ { 336 description 337 "Indicates that the system supports the 338 qinq functions"; 339 } 341 feature PBB { 342 description 343 "Indicates that the device supports the 344 provider-backbone-bridging functions"; 345 } 347 feature VPLS { 348 description 349 "Indicates that the device supports the 350 VPLS functions"; 351 reference "RFC 4761, RFC 4762"; 352 } 354 feature TRILL { 355 description 356 "Indicates that the device supports the 357 TRILL functions"; 358 reference "RFC 6325"; 359 } 361 feature VXLAN { 362 description 363 "Indicates that the device supports the 364 VXLAN functions"; 365 reference "RFC 7348"; 366 } 368 /* 369 * Identities 370 */ 372 identity flag-identity { 373 description "Base type for flags"; 374 } 376 identity encapsulation-type { 377 description 378 "Base identity from which specific encapsulation 379 types are derived."; 380 } 382 identity eth-encapsulation-type { 383 base encapsulation-type; 384 description 385 "Base identity from which specific ethernet 386 encapsulation types are derived."; 388 } 390 identity ethernet { 391 base eth-encapsulation-type; 392 description 393 "native ethernet encapsulation"; 394 } 396 identity vlan { 397 base eth-encapsulation-type; 398 description 399 "vlan encapsulation"; 400 } 402 identity qinq { 403 base eth-encapsulation-type; 404 description 405 "qinq encapsulation"; 406 } 408 identity pbb { 409 base eth-encapsulation-type; 410 description 411 "pbb encapsulation"; 412 } 414 identity trill { 415 base eth-encapsulation-type; 416 description 417 "trill encapsulation"; 418 } 420 identity vpls { 421 base eth-encapsulation-type; 422 description 423 "vpls encapsulation"; 424 } 426 identity vxlan { 427 base eth-encapsulation-type; 428 description 429 "vxlan encapsulation"; 430 } 432 identity frame-relay { 433 base encapsulation-type; 434 description 435 "Frame Relay encapsulation"; 436 } 438 identity ppp { 439 base encapsulation-type; 440 description 441 "PPP encapsulation"; 442 } 444 identity hdlc { 445 base encapsulation-type; 446 description 447 "HDLC encapsulation"; 448 } 450 identity atm { 451 base encapsulation-type; 452 description 453 "Base identity from which specific ATM 454 encapsulation types are derived."; 456 } 458 identity pwe3 { 459 base encapsulation-type; 460 description 461 "Base identity from which specific pw 462 encapsulation types are derived."; 463 } 465 /* 466 * Groupings 467 */ 469 grouping l2-network-type { 470 description "Identify the topology type to be L2."; 471 container l2-network { 472 presence "indicates L2 Network"; 473 description 474 "The presence of the container node indicates 475 L2 Topology"; 476 } 477 } 479 grouping l2-network-attributes { 480 description "L2 Topology scope attributes"; 481 container l2-network-attributes { 482 description "Containing L2 network attributes"; 483 leaf name { 484 type string; 485 description "Name of the L2 network"; 486 } 488 leaf-list flag { 489 type l2-flag-type; 490 description "L2 network flags"; 491 } 492 } 493 } 495 grouping l2-node-attributes { 496 description "L2 node attributes"; 497 container l2-node-attributes { 498 description "Containing L2 node attributes"; 499 leaf name { 500 type string; 501 description "Node name"; 502 } 503 leaf description { 504 type string; 505 description "Node description"; 506 } 507 leaf-list management-address { 508 type inet:ip-address; 509 description "System management address"; 510 } 511 leaf sys-mac-address { 512 type yang:mac-address; 513 description "System MAC-address"; 514 } 515 leaf management-vid { 516 if-feature VLAN; 517 type vlan; 518 description "System management VID"; 519 } 520 leaf-list nick-name { 521 if-feature TRILL; 522 type trill-nickname; 523 description "Nickname of the RBridge"; 524 } 525 leaf-list vn-id { 526 if-feature VXLAN; 527 type vni; 528 description "VNI of the VxLAN"; 529 } 530 leaf-list flag { 531 type l2-flag-type; 532 description "Node operational flags"; 533 } 534 } 535 } // grouping l2-node-attributes 537 grouping l2-link-attributes { 538 description "L2 link attributes"; 539 container l2-link-attributes { 540 description "Containing L2 link attributes"; 541 leaf name { 542 type string; 543 description "Link name"; 544 } 545 leaf-list flag { 546 type l2-flag-type; 547 description "Link flags"; 548 } 549 leaf rate { 550 type decimal64 { 551 fraction-digits 2; 552 } 553 description "Link rate"; 555 } 556 leaf delay { 557 type uint32; 558 description "Link delay in microseconds"; 559 } 560 leaf-list srlg { 561 type uint32; 562 description 563 "List of Shared Risk Link Groups 564 this link belongs to."; 565 } 566 } 567 } // grouping l2-link-attributes 568 grouping l2-termination-point-attributes { 569 description "L2 termination point attributes"; 570 container l2-termination-point-attributes { 571 description "Containing L2 TP attributes"; 572 leaf description { 573 type string; 574 description "Port description"; 575 } 577 leaf maximum-frame-size { 578 type uint32; 579 description "Maximum frame size"; 580 } 582 choice l2-termination-point-type { 583 description 584 "Indicates termination-point type 585 specific attributes"; 586 case ethernet { 587 leaf mac-address { 588 type yang:mac-address; 589 description "Interface MAC address"; 590 } 592 leaf eth-encapsulation { 593 type identityref { 594 base eth-encapsulation-type; 595 } 596 description 597 "Encapsulation type of this 598 ternimation point."; 599 } 601 leaf port-vlan-id { 602 if-feature VLAN; 603 type vlan; 604 description "Port VLAN ID"; 605 } 607 list vlan-id-name { 608 if-feature VLAN; 609 key "vlan-id"; 610 description "Interface configured VLANs"; 611 leaf vlan-id { 612 type vlan; 613 description "VLAN ID"; 614 } 615 leaf vlan-name { 616 type string; 617 description "VLAN name"; 618 } 619 } 620 } //case ethernet 622 case legacy { 623 leaf layer-2-address { 624 type yang:phys-address; 625 description "Interface Layer 2 address"; 626 } 628 leaf encapsulation { 629 type identityref { 630 base encapsulation-type; 631 } 632 description 633 "Encapsulation type of this termination point."; 634 } 635 } //case legacy 637 } //choice termination-point-type 639 leaf tp-state { 640 type enumeration { 641 enum in-use { 642 value 0; 643 description 644 "the termination point is in forwarding state"; 645 } 646 enum blocking { 647 value 1; 648 description 649 "the termination point is in blocking state"; 650 } 651 enum down { 652 value 2; 653 description 654 "the termination point is in down state"; 655 } 656 enum others { 657 value 3; 658 description 659 "the termination point is in other state"; 660 } 661 } 662 config false; 663 description "State of the termination point"; 665 } 666 } 667 } // grouping l2-termination-point-attributes 669 /* 670 * Data nodes 671 */ 673 augment "/nw:networks/nw:network/nw:network-types" { 674 description 675 "Introduce new network type for L2 topology"; 676 uses l2-network-type; 677 } 679 augment "/nw:networks/nw:network" { 680 when "/nw:networks/nw:network/nw:network-types/l2t:l2-network" { 681 description 682 "Augmentation parameters apply only for networks 683 with L2 topology"; 684 } 685 description 686 "Configuration parameters for the L2 network 687 as a whole"; 688 uses l2-network-attributes; 689 } 691 augment "/nw:networks/nw:network/nw:node" { 692 when "/nw:networks/nw:network/nw:network-types/l2t:l2-network" { 693 description 694 "Augmentation parameters apply only for networks 695 with L2 topology"; 696 } 697 description 698 "Configuration parameters for L2 at the node 699 level"; 700 uses l2-node-attributes; 701 } 703 augment "/nw:networks/nw:network/nt:link" { 704 when "/nw:networks/nw:network/nw:network-types/l2t:l2-network" { 705 description 706 "Augmentation parameters apply only for networks 707 with L2 topology"; 708 } 709 description "Augment L2 topology link information"; 710 uses l2-link-attributes; 711 } 712 augment "/nw:networks/nw:network/nw:node/nt:termination-point" { 713 when "/nw:networks/nw:network/nw:network-types/l2t:l2-network" { 714 description 715 "Augmentation parameters apply only for networks 716 with L2 topology"; 717 } 718 description 719 "Augment L2 topology termination point information"; 720 uses l2-termination-point-attributes; 721 } 723 /* 724 * Notifications 725 */ 727 notification l2-node-event { 728 description "Notification event for L2 node"; 729 leaf event-type { 730 type l2-network-event-type; 731 description "Event type"; 732 } 733 uses nw:node-ref; 734 uses l2-network-type; 735 uses l2-node-attributes; 736 } 738 notification l2-link-event { 739 description "Notification event for L2 link"; 740 leaf event-type { 741 type l2-network-event-type; 742 description "Event type"; 743 } 744 uses nt:link-ref; 745 uses l2-network-type; 746 uses l2-link-attributes; 747 } 749 notification l2-termination-point-event { 750 description "Notification event for L2 termination point"; 751 leaf event-type { 752 type l2-network-event-type; 753 description "Event type"; 754 } 755 uses nt:tp-ref; 756 uses l2-network-type; 757 uses l2-termination-point-attributes; 758 } 760 } // module l2-topology 761 763 4. IANA Considerations 765 This document registers the following namespace URIs in the "IETF XML 766 Registry" [RFC3688]: 768 URI: urn:ietf:params:xml:ns:yang:ietf-l2-topology 769 Registrant Contact: The IESG. 770 XML: N/A; the requested URI is an XML namespace. 772 URI: urn:ietf:params:xml:ns:yang:ietf-l2-topology-state 773 Registrant Contact: The IESG. 774 XML: N/A; the requested URI is an XML namespace. 776 This document registers the following YANG modules in the "YANG 777 Module Names" registry [RFC6020]: 779 Name: ietf-l2-topology 780 Namespace: urn:ietf:params:xml:ns:yang:ietf-l2-topology 781 Prefix: l2t 782 Reference: draft-ietf-i2rs-yang-l2-network-topology-05.txt (RFC form) 784 Name: ietf-l2-topology-state 785 Namespace: urn:ietf:params:xml:ns:yang:ietf-l2-topology-state 786 Prefix: l2t-s 787 Reference: draft-ietf-i2rs-yang-l2-network-topology-05.txt (RFC form) 789 5. Security Considerations 791 The YANG module defined in this document is designed to be accessed 792 via network management protocols such as NETCONF [RFC6241] or 793 RESTCONF [RFC8040] . The lowest NETCONF layer is the secure transport 794 layer, and the mandatory-to-implement secure transport is Secure 795 Shell (SSH) [RFC6242]. The lowest RESTCONF layer is HTTPS, and the 796 mandatory-to-implement secure transport is TLS [RFC5246]. 798 The NETCONF access control model [RFC6536] provides the means to 799 restrict access for particular NETCONF or RESTCONF users to a 800 preconfigured subset of all available NETCONF or RESTCONF protocol 801 operations and content. 803 In general, Layer 2 network topologies are system-controlled and 804 provide ephemeral topology information. In an NMDA-complient server, 805 they are only part of which provides read-only access 806 to clients, they are less vulnerable. That said, the YANG module 807 does in principle allow information to be configurable. 809 The Layer 2 topology module define information that can be 810 configurable in certain instances, for example in the case of virtual 811 topologies that can be created by client applications. In such 812 cases, a malicious client could introduce topologies that are 813 undesired. Specifically, a malicious client could attempt to remove 814 or add a node, a link, a termination point, by creating or deleting 815 corresponding elements in the node, link, and termination point 816 lists, respectively. In the case of a topology that is learned, the 817 server will automatically prohibit such misconfiguration attempts. 818 In the case of a topology that is configured, i.e. whose origin is 819 "intended", the undesired configuration could become effective and be 820 reflected in the operational state datastore, leading to disruption 821 of services provided via this topology might be disrupted. For those 822 reasons, it is important that the NETCONF access control model is 823 vigorously applied to prevent topology misconfiguration by 824 unauthorized clients. 826 There are a number of data nodes defined in this YANG module that are 827 writable/creatable/deletable (i.e., config true, which is the 828 default). These data nodes may be considered sensitive or vulnerable 829 in some network environments. Write operations (e.g., edit-config) 830 to these data nodes without proper protection can have a negative 831 effect on network operations. These are the subtrees and data nodes 832 and their sensitivity/vulnerability in the ietf-network module: 834 l2-network-attributes: A malicious client could attempt to sabotage 835 the configuration of any of the contained attributes, such as the 836 name or the flag data nodes. 838 l2-node-attributes: A malicious client could attempt to sabotage the 839 configuration of important node attributes, such as the name or the 840 management-address. 842 l2-link-attributes: A malicious client could attempt to sabotage the 843 configuration of important link attributes, such as the rate or the 844 delay data nodes. 846 l2-termination-point-attributes: A malicious client could attempt to 847 sabotage the configuration of important termination point attributes, 848 such as the maximum-frame-size. 850 6. Acknowledgements 852 The authors would like to acknowledge the comments and suggestions 853 received from Susan Hares, Alia Atlas, Juergen Schoenwaelder, Mach 854 Chen, Alexander Clemm and Sriganesh Kini. 856 7. References 858 7.1. Normative References 860 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 861 Requirement Levels", BCP 14, RFC 2119, 862 DOI 10.17487/RFC2119, March 1997, 863 . 865 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 866 DOI 10.17487/RFC3688, January 2004, 867 . 869 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 870 the Network Configuration Protocol (NETCONF)", RFC 6020, 871 DOI 10.17487/RFC6020, October 2010, 872 . 874 [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", 875 RFC 6991, DOI 10.17487/RFC6991, July 2013, 876 . 878 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 879 RFC 7950, DOI 10.17487/RFC7950, August 2016, 880 . 882 [RFC7951] Lhotka, L., "JSON Encoding of Data Modeled with YANG", 883 RFC 7951, DOI 10.17487/RFC7951, August 2016, 884 . 886 [RFC8345] Clemm, A., Medved, J., Varga, R., Bahadur, N., 887 Ananthakrishnan, H., and X. Liu, "A YANG Data Model for 888 Network Topologies", RFC 8345, DOI 10.17487/RFC8345, March 889 2018, . 891 7.2. Informative References 893 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security 894 (TLS) Protocol Version 1.2", RFC 5246, 895 DOI 10.17487/RFC5246, August 2008, 896 . 898 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 899 and A. Bierman, Ed., "Network Configuration Protocol 900 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 901 . 903 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 904 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 905 . 907 [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration 908 Protocol (NETCONF) Access Control Model", RFC 6536, 909 DOI 10.17487/RFC6536, March 2012, 910 . 912 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 913 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 914 . 916 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 917 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 918 . 920 [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., 921 and R. Wilton, "Network Management Datastore Architecture 922 (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, 923 . 925 Appendix A. Companion YANG model for non-NMDA compliant implementations 927 The YANG module ietf-l2-topology defined in this document augments 928 two modules, ietf-network and ietf-network-topology, that are 929 designed to be used in conjunction with implementations that support 930 the Network Management Datastore Architecture (NMDA) defined in 931 [RFC8342]. In order to allow implementations to use the model even 932 in cases when NMDA is not supported, a set of companion modules have 933 been defined that represent a state model of networks and network 934 topologies, ietf- network-state and ietf-network-topology-state, 935 respectively. 937 In order to be able to use the model for layer 2 topologies defined 938 in this document in conjunction with non-NMDA compliant 939 implementations, a corresponding companion module is defined that 940 represent the operational state of layer 2 network topologies. The 941 module ietf-l2-topology-state mirrors the module ietf-l2-topology 942 defined earlier in this document. However, it augments ietf-network- 943 state and ietf-network-topology-state (instead of ietf-network and 944 ietf-network-topology) and all its data nodes are non-configurable. 946 The companion module ietf-l2-topology SHOULD NOT be supported by 947 implementations that support NMDA. It is for this reason that this 948 module is defined in the Appendix. 950 As the structure of this modules mirrors that of its underlying 951 modules, the YANG tree is not depicted separately. 953 file "ietf-l2-topology-state@2018-06-29.yang" 954 module ietf-l2-topology-state { 955 yang-version 1.1; 956 namespace "urn:ietf:params:xml:ns:yang:ietf-l2-topology-state"; 957 prefix "l2t-s"; 959 import ietf-network-state { 960 prefix "nw-s"; 961 } 963 import ietf-network-topology-state { 964 prefix "nt-s"; 965 } 967 import ietf-l2-topology { 968 prefix "l2t"; 969 } 971 organization 972 "IETF I2RS (Interface to the Routing System) Working Group"; 973 contact 974 "WG Web: 975 WG List: 976 Editor: Jie Dong 977 978 Editor: Xiugang Wei 979 "; 981 description 982 "This module defines a basic model for 983 the layer-2 topology of a network. 985 Copyright (c) 2018 IETF Trust and the persons identified as 986 authors of the code. All rights reserved. 988 Redistribution and use in source and binary forms, with or 989 without modification, is permitted pursuant to, and subject 990 to the license terms contained in, the Simplified BSD License 991 set forth in Section 4.c of the IETF Trust's Legal Provisions 992 Relating to IETF Documents 993 (http://trustee.ietf.org/license-info). 995 This version of this YANG module is part of 996 draft-ietf-i2rs-yang-l2-network-topo-05; 997 see the RFC itself for full legal notices."; 999 revision "2018-06-29" { 1000 description "Initial revision"; 1001 reference "draft-ietf-i2rs-l2-network-topology-05"; 1002 } 1004 /* 1005 * Data nodes 1006 */ 1008 augment "/nw-s:networks/nw-s:network/nw-s:network-types" { 1009 description 1010 "Introduce new network type for L2 topology"; 1011 uses l2t:l2-network-type; 1012 } 1014 augment "/nw-s:networks/nw-s:network" { 1015 when "/nw-s:networks/nw-s:network/nw-s:network-types/"+ 1016 "l2t-s:l2-network" { 1017 description 1018 "Augmentation parameters apply only for networks 1019 with L2 topology"; 1020 } 1021 description 1022 "Configuration parameters for the L2 network 1023 as a whole"; 1024 uses l2t:l2-network-attributes; 1025 } 1027 augment "/nw-s:networks/nw-s:network/nw-s:node" { 1028 when "/nw-s:networks/nw-s:network/nw-s:network-types/"+ 1029 "l2t-s:l2-network" { 1030 description 1031 "Augmentation parameters apply only for networks 1032 with L2 topology"; 1033 } 1034 description 1035 "Configuration parameters for L2 at the node 1036 level"; 1037 uses l2t:l2-node-attributes; 1038 } 1040 augment "/nw-s:networks/nw-s:network/nt-s:link" { 1041 when "/nw-s:networks/nw-s:network/nw-s:network-types/"+ 1042 "l2t-s:l2-network" { 1043 description 1044 "Augmentation parameters apply only for networks 1045 with L2 topology"; 1046 } 1047 description "Augment L2 topology link information"; 1048 uses l2t:l2-link-attributes; 1049 } 1051 augment "/nw-s:networks/nw-s:network/nw-s:node/"+ 1052 "nt-s:termination-point" { 1053 when "/nw-s:networks/nw-s:network/nw-s:network-types/"+ 1054 "l2t-s:l2-network" { 1055 description 1056 "Augmentation parameters apply only for networks 1057 with L2 topology"; 1058 } 1059 description 1060 "Augment L2 topology termination point information"; 1061 uses l2t:l2-termination-point-attributes; 1062 } 1064 /* 1065 * Notifications 1066 */ 1068 notification l2-node-event { 1069 description "Notification event for L2 node"; 1070 leaf event-type { 1071 type l2t:l2-network-event-type; 1072 description "Event type"; 1073 } 1074 uses nw-s:node-ref; 1075 uses l2t:l2-network-type; 1076 uses l2t:l2-node-attributes; 1077 } 1079 notification l2-link-event { 1080 description "Notification event for L2 link"; 1081 leaf event-type { 1082 type l2t:l2-network-event-type; 1083 description "Event type"; 1084 } 1085 uses nt-s:link-ref; 1086 uses l2t:l2-network-type; 1087 uses l2t:l2-link-attributes; 1088 } 1090 notification l2-termination-point-event { 1091 description "Notification event for L2 termination point"; 1092 leaf event-type { 1093 type l2t:l2-network-event-type; 1094 description "Event type"; 1095 } 1096 uses nt-s:tp-ref; 1097 uses l2t:l2-network-type; 1098 uses l2t:l2-termination-point-attributes; 1099 } 1101 } // module l2-topology-state 1102 1104 Appendix B. An Example 1106 This section contains an example of an instance data tree in JSON 1107 encoding [RFC7951]. The example instantiates "ietf-l2- topology" for 1108 the topology that is depicted in the following diagram. There are 1109 three nodes: D1, D2, and D3. D1 has three termination points: 1-0-1, 1110 1-2-1, and 1-3-1. D2 has three termination points as well: 2-1-1, 1111 2-0-1, and 2-3-1. D3 has two termination points: 3-1-1 and 3-2-1. 1112 In addition, there are six links, two between each pair of nodes, 1113 with one going in each direction. 1115 +------------+ +------------+ 1116 | D1 | | D2 | 1117 /-\ /-\ /-\ /-\ 1118 | | 1-0-1 | |---------------->| | 2-1-1 | | 1119 | | 1-2-1 | |<----------------| | 2-0-1 | | 1120 \-/ 1-3-1 \-/ \-/ 2-3-1 \-/ 1121 | /----\ | | /----\ | 1122 +---| |---+ +---| |---+ 1123 \----/ \----/ 1124 A | A | 1125 | | | | 1126 | | | | 1127 | | +------------+ | | 1128 | | | D3 | | | 1129 | | /-\ /-\ | | 1130 | +----->| | 3-1-1 | |-------+ | 1131 +---------| | 3-2-1 | |<---------+ 1132 \-/ \-/ 1133 | | 1134 +------------+ 1136 Figure 2. A Network Topology Example 1138 The corresponding instance data tree is depicted as below. Note that 1139 some lines have been wrapped to adhere to the 72-character line 1140 limitation of RFCs. 1142 { 1143 "ietf-network:networks": { 1144 "network": [ 1145 { 1146 "network-types": { 1147 "ietf-l2-topology:l2-network": {} 1148 }, 1149 "network-id": "l2-topo-example", 1150 "node": [ 1151 { 1152 "node-id": "D1", 1153 "termination-point": [ 1154 { 1155 "tp-id": "1-0-1", 1156 "ietf-l2-topology: 1157 l2-termination-point-attributes": { 1158 "mac-address": "A1:B2:C3:D4:E5:F0" 1159 } 1160 }, 1161 { 1162 "tp-id": "1-2-1", 1163 "ietf-l2-topology: 1164 l2-termination-point-attributes": { 1165 "mac-address": "A1:B2:C3:D4:E5:F1" 1166 } 1167 }, 1168 { 1169 "tp-id": "1-3-1", 1170 "ietf-l2-topology: 1171 l2-termination-point-attributes": { 1172 "mac-address": "A1:B2:C3:D4:E5:F2" 1173 } 1174 } 1175 ], 1176 "ietf-l2-topology:l2-node-attributes": { 1177 "management-address": ["10.1.1.1"] 1178 } 1179 }, 1180 { 1181 "node-id": "D2", 1182 "termination-point": [ 1183 { 1184 "tp-id": "2-0-1", 1185 "ietf-l2-topology: 1187 l2-termination-point-attributes": { 1188 "mac-address": "A2:B2:C3:D4:E5:F0" 1189 } 1190 }, 1191 { 1192 "tp-id": "2-1-1", 1193 "ietf-l2-topology: 1194 l2-termination-point-attributes": { 1195 "mac-address": "A2:B2:C3:D4:E5:F2" 1196 } 1197 }, 1198 { 1199 "tp-id": "2-3-1", 1200 "ietf-l2-topology: 1201 l2-termination-point-attributes": { 1202 "mac-address": "A2:B2:C3:D4:E5:F3" 1203 } 1204 } 1205 ], 1206 "ietf-l2-topology:l2-node-attributes": { 1207 "management-address": ["10.1.1.2"] 1208 } 1209 }, 1210 { 1211 "node-id": "D3", 1212 "termination-point": [ 1213 { 1214 "tp-id": "3-1-1", 1215 "ietf-l2-topology: 1216 l2-termination-point-attributes": { 1217 "mac-address": "A3:B2:C3:D4:E5:F0" 1218 } 1219 }, 1220 { 1221 "tp-id": "3-2-1", 1222 "ietf-l2-topology: 1223 l2-termination-point-attributes": { 1224 "mac-address": "A3:B2:C3:D4:E5:F1" 1225 } 1226 } 1227 ], 1228 "ietf-l3-unicast-topology:l3-node-attributes": { 1229 "management-address": ["10.1.1.3"] 1230 } 1231 } 1232 ], 1233 "ietf-network-topology:link": [ 1234 { 1235 "link-id": "D1,1-2-1,D2,2-1-1", 1236 "source": { 1237 "source-node": "D1", 1238 "source-tp": "1-2-1" 1239 } 1240 "destination": { 1241 "dest-node": "D2", 1242 "dest-tp": "2-1-1" 1243 }, 1244 "ietf-l2-topology:l2-link-attributes": { 1245 "rate": "1000" 1246 } 1247 }, 1248 { 1249 "link-id": "D2,2-1-1,D1,1-2-1", 1250 "source": { 1251 "source-node": "D2", 1252 "source-tp": "2-1-1" 1253 } 1254 "destination": { 1255 "dest-node": "D1", 1256 "dest-tp": "1-2-1" 1257 }, 1258 "ietf-l2-topology:l2-link-attributes": { 1259 "rate": "1000" 1260 } 1261 }, 1262 { 1263 "link-id": "D1,1-3-1,D3,3-1-1", 1264 "source": { 1265 "source-node": "D1", 1266 "source-tp": "1-3-1" 1267 } 1268 "destination": { 1269 "dest-node": "D3", 1270 "dest-tp": "3-1-1" 1271 }, 1272 "ietf-l2-topology:l2-link-attributes": { 1273 "rate": "1000" 1274 } 1275 }, 1276 { 1277 "link-id": "D3,3-1-1,D1,1-3-1", 1278 "source": { 1279 "source-node": "D3", 1280 "source-tp": "3-1-1" 1281 } 1282 "destination": { 1283 "dest-node": "D1", 1284 "dest-tp": "1-3-1" 1285 }, 1286 "ietf-l2-topology:l2-link-attributes": { 1287 "rate": "1000" 1288 } 1289 }, 1290 { 1291 "link-id": "D2,2-3-1,D3,3-2-1", 1292 "source": { 1293 "source-node": "D2", 1294 "source-tp": "2-3-1" 1295 } 1296 "destination": { 1297 "dest-node": "D3", 1298 "dest-tp": "3-2-1" 1299 }, 1300 "ietf-l2-topology:l2-link-attributes": { 1301 "rate": "1000" 1302 } 1303 }, 1304 { 1305 "link-id": "D3,3-2-1,D2,2-3-1", 1306 "source": { 1307 "source-node": "D3", 1308 "source-tp": "3-2-1" 1309 } 1310 "destination": { 1311 "dest-node": "D2", 1312 "dest-tp": "2-3-1" 1313 }, 1314 "ietf-l2-topology:l2-link-attributes": { 1315 "rate": "1000" 1316 } 1317 } 1318 ] 1319 } 1320 ] 1321 } 1322 } 1324 Authors' Addresses 1325 Jie Dong 1326 Huawei Technologies 1327 Huawei Campus, No. 156 Beiqing Rd. 1328 Beijing 100095 1329 China 1331 Email: jie.dong@huawei.com 1333 Xiugang Wei 1334 Huawei Technologies 1335 Huawei Campus, No. 156 Beiqing Rd. 1336 Beijing 100095 1337 China 1339 Email: weixiugang@huawei.com