idnits 2.17.1 draft-ietf-isis-sr-yang-10.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 365 has weird spacing: '...r-bound uin...' == Line 366 has weird spacing: '...r-bound uin...' == Line 377 has weird spacing: '...roup-id uin...' == The document doesn't use any RFC 2119 keywords, yet seems to have RFC 2119 boilerplate text. -- The document date (February 21, 2021) is 1152 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC6536' is defined on line 1350, but no explicit reference was found in the text == Outdated reference: A later version (-30) exists of draft-ietf-spring-sr-yang-15 ** Obsolete normative reference: RFC 6536 (Obsoleted by RFC 8341) Summary: 1 error (**), 0 flaws (~~), 7 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 IS-IS Working Group S. Litkowski 3 Internet-Draft Cisco Systems 4 Intended status: Standards Track Y. Qu 5 Expires: August 25, 2021 Futurewei 6 P. Sarkar 7 Individual 8 I. Chen 9 The MITRE Corporation 10 J. Tantsura 11 Apstra 12 February 21, 2021 14 YANG Data Model for IS-IS Segment Routing 15 draft-ietf-isis-sr-yang-10 17 Abstract 19 This document defines a YANG data module that can be used to 20 configure and manage IS-IS Segment Routing, as well as a YANG data 21 module for the management of Signaling Maximum SID Depth (MSD) Using 22 IS-IS. 24 Status of This Memo 26 This Internet-Draft is submitted in full conformance with the 27 provisions of BCP 78 and BCP 79. 29 Internet-Drafts are working documents of the Internet Engineering 30 Task Force (IETF). Note that other groups may also distribute 31 working documents as Internet-Drafts. The list of current Internet- 32 Drafts is at https://datatracker.ietf.org/drafts/current/. 34 Internet-Drafts are draft documents valid for a maximum of six months 35 and may be updated, replaced, or obsoleted by other documents at any 36 time. It is inappropriate to use Internet-Drafts as reference 37 material or to cite them other than as "work in progress." 39 This Internet-Draft will expire on August 25, 2021. 41 Copyright Notice 43 Copyright (c) 2021 IETF Trust and the persons identified as the 44 document authors. All rights reserved. 46 This document is subject to BCP 78 and the IETF Trust's Legal 47 Provisions Relating to IETF Documents 48 (https://trustee.ietf.org/license-info) in effect on the date of 49 publication of this document. Please review these documents 50 carefully, as they describe your rights and restrictions with respect 51 to this document. Code Components extracted from this document must 52 include Simplified BSD License text as described in Section 4.e of 53 the Trust Legal Provisions and are provided without warranty as 54 described in the Simplified BSD License. 56 Table of Contents 58 1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 2 59 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 60 1.2. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 3 61 2. IS-IS MSD . . . . . . . . . . . . . . . . . . . . . . . . . . 3 62 2.1. IS-IS MSD YANG Module . . . . . . . . . . . . . . . . . . 4 63 3. IS-IS Segment Routing . . . . . . . . . . . . . . . . . . . . 8 64 3.1. IS-IS Segment Routing configuration . . . . . . . . . . . 11 65 3.1.1. Segment Routing activation . . . . . . . . . . . . . 11 66 3.1.2. Advertising mapping server policy . . . . . . . . . . 11 67 3.1.3. IP Fast reroute . . . . . . . . . . . . . . . . . . . 11 68 3.2. IS-IS Segment Routing YANG Module . . . . . . . . . . . . 11 69 4. Security Considerations . . . . . . . . . . . . . . . . . . . 26 70 5. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 27 71 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 27 72 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 27 73 8. Normative References . . . . . . . . . . . . . . . . . . . . 28 74 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 30 76 1. Overview 78 YANG [RFC6020] [RFC7950] is a data definition language used to define 79 the contents of a conceptual data store that allows networked devices 80 to be managed using NETCONF [RFC6241]. YANG is proving relevant 81 beyond its initial confines, as bindings to other interfaces (e.g., 82 ReST) and encodings other than XML (e.g., JSON) are being defined. 83 Furthermore, YANG data models can be used as the basis for 84 implementation of other interfaces, such as CLI and programmatic 85 APIs. 87 This document defines a YANG data module that can be used to 88 configure and manage IS-IS Segment Routing [RFC8667] and it is an 89 augmentation to the IS-IS YANG data model. 91 This document also defines a YANG data module for the management of 92 Signaling Maximum SID Depth (MSD) Using IS-IS [RFC8491], which 93 augments the base IS-IS YANG data model. 95 The YANG modules in this document conform to the Network Management 96 Datastore Architecture (NMDA) [RFC8342]. 98 1.1. Requirements Language 100 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 101 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 102 "OPTIONAL" in this document are to be interpreted as described in BCP 103 14 [RFC2119] [RFC8174] when, and only when, they appear in all 104 capitals, as shown here. 106 1.2. Tree Diagrams 108 This document uses the graphical representation of data models 109 defined in [RFC8340]. 111 2. IS-IS MSD 113 This document defines a model for Signaling Maximum SID Depth (MSD) 114 Using IS-IS[RFC8667]. It is an augmentation of the IS-IS base model. 116 The figure below describes the overall structure of the isis-msd YANG 117 module: 119 module: ietf-isis-msd 120 augment /rt:routing/rt:control-plane-protocols 121 /rt:control-plane-protocol/isis:isis/isis:database 122 /isis:levels/isis:lsp/isis:router-capabilities: 123 +--ro node-msd-tlv 124 +--ro node-msds* [msd-type] 125 +--ro msd-type identityref 126 +--ro msd-value? uint8 127 augment /rt:routing/rt:control-plane-protocols 128 /rt:control-plane-protocol/isis:isis/isis:database 129 /isis:levels/isis:lsp/isis:extended-is-neighbor 130 /isis:neighbor: 131 +--ro link-msd-sub-tlv 132 +--ro link-msds* [msd-type] 133 +--ro msd-type identityref 134 +--ro msd-value? uint8 135 augment /rt:routing/rt:control-plane-protocols 136 /rt:control-plane-protocol/isis:isis/isis:database 137 /isis:levels/isis:lsp/isis:mt-is-neighbor/isis:neighbor: 138 +--ro link-msd-sub-tlv 139 +--ro link-msds* [msd-type] 140 +--ro msd-type identityref 141 +--ro msd-value? uint8 143 2.1. IS-IS MSD YANG Module 145 file "ietf-isis-msd@2021-02-21.yang" 146 module ietf-isis-msd { 147 yang-version 1.1; 148 namespace "urn:ietf:params:xml:ns:yang:ietf-isis-msd"; 149 prefix isis-msd; 151 import ietf-routing { 152 prefix rt; 153 reference "RFC 8349: A YANG Data Model for Routing 154 Management (NMDA Version)"; 155 } 157 import ietf-isis { 158 prefix isis; 159 } 161 organization 162 "IETF LSR - LSR Working Group"; 163 contact 164 "WG Web: 165 WG List: 167 Author: Yingzhen Qu 168 169 Author: Acee Lindem 170 171 Author: Stephane Litkowski 172 173 Author: Jeff Tantsura 174 176 "; 177 description 178 "The YANG module augments the base ISIS model to 179 manage different types of MSDs. 181 This YANG model conforms to the Network Management 182 Datastore Architecture (NMDA) as described in RFC 8342. 184 Copyright (c) 2021 IETF Trust and the persons identified as 185 authors of the code. All rights reserved. 187 Redistribution and use in source and binary forms, with or 188 without modification, is permitted pursuant to, and subject 189 to the license terms contained in, the Simplified BSD License 190 set forth in Section 4.c of the IETF Trust's Legal Provisions 191 Relating to IETF Documents 192 (https://trustee.ietf.org/license-info). 194 This version of this YANG module is part of RFC XXXX; 195 see the RFC itself for full legal notices. 197 The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL 198 NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', 199 'MAY', and 'OPTIONAL' in this document are to be interpreted as 200 described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, 201 they appear in all capitals, as shown here."; 203 reference "RFC XXXX: YANG Data Model for OSPF MSD."; 205 revision 2021-02-21 { 206 description 207 "Initial Version"; 208 reference "RFC XXXX: YANG Data Model for ISIS MSD."; 209 } 211 identity msd-base-type { 212 description 213 "Base identity for MSD Type"; 214 } 216 identity base-mpls-msd { 217 base msd-base-type; 218 description 219 "Base MPLS Imposition MSD."; 220 reference 221 "RFC 8491: Singling MSD using IS-IS."; 222 } 224 identity erld-msd { 225 base msd-base-type; 226 description 227 "ERLD-MSD is defined to advertise the ERLD."; 228 reference 229 "RFC 8662: Entropy Label for Source Packet Routing in 230 Networking (SPRING) Tunnels"; 231 } 233 grouping node-msd-tlv { 234 description 235 "Grouping for node MSD."; 236 container node-msd-tlv { 237 list node-msds { 238 key "msd-type"; 239 leaf msd-type { 240 type identityref { 241 base msd-base-type; 242 } 243 description 244 "MSD-Types"; 245 } 246 leaf msd-value { 247 type uint8; 248 description 249 "MSD value, in the range of 0-255."; 250 } 251 description 252 "Node MSD is the smallest link MSD supported by 253 the node."; 254 } 255 description 256 "Node MSD is the number of SIDs supported by a node."; 257 reference 258 "RFC 8476: Signaling Maximum SID Depth (MSD) Using OSPF"; 259 } 260 } 262 grouping link-msd-sub-tlv { 263 description 264 "Link Maximum SID Depth (MSD) grouping for an interface."; 265 container link-msd-sub-tlv { 266 list link-msds { 267 key "msd-type"; 268 leaf msd-type { 269 type identityref { 270 base msd-base-type; 271 } 272 description 273 "MSD-Types"; 274 } 275 leaf msd-value { 276 type uint8; 277 description 278 "MSD value, in the range of 0-255."; 279 } 280 description 281 "List of link MSDs"; 282 } 283 description 284 "Link MSD sub-tlvs."; 285 } 287 } 289 /* Node MSD TLV */ 290 augment "/rt:routing/" + 291 "rt:control-plane-protocols/rt:control-plane-protocol"+ 292 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 293 "/isis:router-capabilities" { 294 when "/rt:routing/rt:control-plane-protocols/"+ 295 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 296 description 297 "This augment ISIS routing protocol when used"; 298 } 299 description 300 "This augments ISIS protocol LSDB router capability."; 301 uses node-msd-tlv; 302 } 304 /* link MSD sub-tlv */ 305 augment "/rt:routing/" + 306 "rt:control-plane-protocols/rt:control-plane-protocol"+ 307 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 308 "/isis:extended-is-neighbor/isis:neighbor" { 309 when "/rt:routing/rt:control-plane-protocols/"+ 310 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 311 description 312 "This augment ISIS routing protocol when used"; 313 } 314 description 315 "This augments ISIS protocol LSDB neighbor with 316 Link MSD sub-TLV."; 318 uses link-msd-sub-tlv; 319 } 321 augment "/rt:routing/" + 322 "rt:control-plane-protocols/rt:control-plane-protocol"+ 323 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 324 "/isis:mt-is-neighbor/isis:neighbor" { 325 when "/rt:routing/rt:control-plane-protocols/"+ 326 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 327 description 328 "This augment ISIS routing protocol when used"; 329 } 330 description 331 "This augments ISIS protocol LSDB neighbor."; 333 uses link-msd-sub-tlv; 335 } 336 } 337 339 3. IS-IS Segment Routing 341 This document defines a model for IS-IS Segment Routing feature. It 342 is an augmentation of the IS-IS base model. 344 The IS-IS SR YANG module requires support for the base segment 345 routing module [I-D.ietf-spring-sr-yang], which defines the global 346 segment routing configuration independent of any specific routing 347 protocol configuration, and support of IS-IS base model 348 [I-D.ietf-isis-yang-isis-cfg] which defines basic IS-IS configuration 349 and state. 351 The figure below describes the overall structure of the isis-sr YANG 352 module: 354 module: ietf-isis-sr 355 augment /rt:routing/rt:control-plane-protocols 356 /rt:control-plane-protocol/isis:isis: 357 +--rw segment-routing 358 | +--rw enabled? boolean 359 | +--rw bindings 360 | +--rw advertise 361 | | +--rw policies* string 362 | +--rw receive? boolean 363 +--rw protocol-srgb {sr-mpls:protocol-srgb}? 364 +--rw srgb* [lower-bound upper-bound] 365 +--rw lower-bound uint32 366 +--rw upper-bound uint32 367 augment /rt:routing/rt:control-plane-protocols 368 /rt:control-plane-protocol/isis:isis/isis:interfaces 369 /isis:interface: 370 +--rw segment-routing 371 +--rw adjacency-sid 372 +--rw adj-sids* [value] 373 | +--rw value-type? enumeration 374 | +--rw value uint32 375 | +--rw protected? boolean 376 +--rw advertise-adj-group-sid* [group-id] 377 | +--rw group-id uint32 378 +--rw advertise-protection? enumeration 379 augment /rt:routing/rt:control-plane-protocols 380 /rt:control-plane-protocol/isis:isis/isis:interfaces 381 /isis:interface/isis:fast-reroute: 382 +--rw ti-lfa {ti-lfa}? 383 +--rw enable? boolean 384 augment /rt:routing/rt:control-plane-protocols 385 /rt:control-plane-protocol/isis:isis/isis:interfaces 386 /isis:interface/isis:fast-reroute/isis:lfa/isis:remote-lfa: 387 +--rw use-segment-routing-path? boolean {remote-lfa-sr}? 388 augment /rt:routing/rt:control-plane-protocols 389 /rt:control-plane-protocol/isis:isis/isis:interfaces 390 /isis:interface/isis:adjacencies/isis:adjacency: 391 +--ro adjacency-sid* [value] 392 +--ro af? iana-rt-types:address-family 393 +--ro value uint32 394 +--ro weight? uint8 395 +--ro protection-requested? boolean 396 augment /rt:routing/rt:control-plane-protocols 397 /rt:control-plane-protocol/isis:isis/isis:database 398 /isis:levels/isis:lsp/isis:router-capabilities: 399 +--ro sr-capability 400 | +--ro sr-capability 401 | | +--ro sr-capability-bits* identityref 402 | +--ro global-blocks 403 | +--ro global-block* [] 404 | +--ro range-size? uint32 405 | +--ro sid-sub-tlv 406 | +--ro sid? uint32 407 +--ro sr-algorithms 408 | +--ro sr-algorithm* uint8 409 +--ro local-blocks 410 | +--ro local-block* [] 411 | +--ro range-size? uint32 412 | +--ro sid-sub-tlv 413 | +--ro sid? uint32 414 +--ro srms-preference 415 +--ro preference? uint8 416 augment /rt:routing/rt:control-plane-protocols 417 /rt:control-plane-protocol/isis:isis/isis:database/isis:levels 418 /isis:lsp/isis:extended-is-neighbor/isis:neighbor: 419 +--ro sid-list* [value] 420 +--ro adj-sid-flags 421 | +--ro bits* identityref 422 +--ro weight? uint8 423 +--ro neighbor-id? isis:system-id 424 +--ro value uint32 425 augment /rt:routing/rt:control-plane-protocols 426 /rt:control-plane-protocol/isis:isis/isis:database 427 /isis:levels/isis:lsp/isis:mt-is-neighbor/isis:neighbor: 428 +--ro sid-list* [value] 429 +--ro adj-sid-flags 430 | +--ro bits* identityref 431 +--ro weight? uint8 432 +--ro neighbor-id? isis:system-id 433 +--ro value uint32 434 augment /rt:routing/rt:control-plane-protocols 435 /rt:control-plane-protocol/isis:isis/isis:database 436 /isis:levels/isis:lsp/isis:extended-ipv4-reachability 437 /isis:prefixes: 438 +--ro sid-list* [value] 439 +--ro perfix-sid-flags 440 | +--ro bits* identityref 441 +--ro algorithm? uint8 442 +--ro value uint32 443 augment /rt:routing/rt:control-plane-protocols 444 /rt:control-plane-protocol/isis:isis/isis:database 445 /isis:levels/isis:lsp/isis:mt-extended-ipv4-reachability 446 /isis:prefixes: 447 +--ro sid-list* [value] 448 +--ro perfix-sid-flags 449 | +--ro bits* identityref 450 +--ro algorithm? uint8 451 +--ro value uint32 452 augment /rt:routing/rt:control-plane-protocols 453 /rt:control-plane-protocol/isis:isis/isis:database 454 /isis:levels/isis:lsp/isis:ipv6-reachability/isis:prefixes: 455 +--ro sid-list* [value] 456 +--ro perfix-sid-flags 457 | +--ro bits* identityref 458 +--ro algorithm? uint8 459 +--ro value uint32 460 augment /rt:routing/rt:control-plane-protocols 461 /rt:control-plane-protocol/isis:isis/isis:database 462 /isis:levels/isis:lsp/isis:mt-ipv6-reachability/isis:prefixes: 463 +--ro sid-list* [value] 464 +--ro perfix-sid-flags 465 | +--ro bits* identityref 466 +--ro algorithm? uint8 467 +--ro value uint32 468 augment /rt:routing/rt:control-plane-protocols 469 /rt:control-plane-protocol/isis:isis/isis:database 470 /isis:levels/isis:lsp: 471 +--ro segment-routing-bindings* [fec range] 472 +--ro fec string 473 +--ro range uint16 474 +--ro sid-binding-flags 475 | +--ro bits* identityref 476 +--ro binding 477 +--ro prefix-sid 478 +--ro sid-list* [value] 479 +--ro perfix-sid-flags 480 | +--ro bits* identityref 481 +--ro algorithm? uint8 482 +--ro value uint32 484 3.1. IS-IS Segment Routing configuration 486 3.1.1. Segment Routing activation 488 Activation of segment-routing IS-IS is done by setting the "enable" 489 leaf to true. This triggers advertisement of segment-routing 490 extensions based on the configuration parameters that have been setup 491 using the base segment routing module. 493 3.1.2. Advertising mapping server policy 495 The base segment routing module defines mapping server policies. By 496 default, IS-IS will not advertise nor receive any mapping server 497 entry. The IS-IS segment-routing module allows to advertise one or 498 multiple mapping server policies through the "bindings/advertise/ 499 policies" leaf-list. The "bindings/receive" leaf allows to enable 500 the reception of mapping server entries. 502 3.1.3. IP Fast reroute 504 IS-IS SR model augments the fast-reroute container under interface. 505 It brings the ability to activate TI-LFA (topology independent LFA) 506 and also enhances remote LFA to use segment-routing tunneling instead 507 of LDP. 509 3.2. IS-IS Segment Routing YANG Module 511 file "ietf-isis-sr@2021-01-11.yang" 512 module ietf-isis-sr { 513 yang-version 1.1; 514 namespace "urn:ietf:params:xml:ns:" 515 + "yang:ietf-isis-sr"; 516 prefix isis-sr; 518 import ietf-routing { 519 prefix "rt"; 520 reference "RFC 8349 - A YANG Data Model for Routing 521 Management (NMDA Version)"; 522 } 524 import ietf-segment-routing-common { 525 prefix "sr-cmn"; 527 } 529 import ietf-segment-routing-mpls { 530 prefix "sr-mpls"; 531 } 533 import ietf-isis { 534 prefix "isis"; 535 } 537 import iana-routing-types { 538 prefix "iana-rt-types"; 539 reference "RFC 8294 - Common YANG Data Types for the 540 Routing Area"; 541 } 543 organization 544 "IETF LSR - LSR Working Group"; 546 contact 547 "WG List: 549 Editor: Stephane Litkowski 550 552 Author: Acee Lindem 553 554 Author: Yingzhen Qu 555 556 Author: Pushpasis Sarkar 557 558 Author: Ing-Wher Chen 559 560 Author: Jeff Tantsura 561 562 "; 564 description 565 "The YANG module defines a generic configuration model for 566 Segment routing ISIS extensions common across all of the vendor 567 implementations. 569 This YANG model conforms to the Network Management 570 Datastore Architecture (NMDA) as described in RFC 8242. 572 Copyright (c) 2021 IETF Trust and the persons identified as 573 authors of the code. All rights reserved. 575 Redistribution and use in source and binary forms, with or 576 without modification, is permitted pursuant to, and subject to 577 the license terms contained in, the Simplified BSD License set 578 forth in Section 4.c of the IETF Trust's Legal Provisions 579 Relating to IETF Documents 580 (https://trustee.ietf.org/license-info). 582 This version of this YANG module is part of RFC XXXX 583 (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself 584 for full legal notices. 586 The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL 587 NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', 588 'MAY', and 'OPTIONAL' in this document are to be interpreted as 589 described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, 590 they appear in all capitals, as shown here. 592 This version of this YANG module is part of RFC XXXX; 593 see the RFC itself for full legal notices."; 595 reference "RFC XXXX"; 597 revision 2021-01-11 { 598 description 599 "Initial revision."; 600 reference "RFC XXXX"; 601 } 603 /* Identities */ 604 identity sr-capability { 605 description 606 "Base identity for ISIS SR-Capabilities sub-TLV flgs"; 607 } 609 identity mpls-ipv4 { 610 base sr-capability; 611 description 612 "If set, then the router is capable of 613 processing SR MPLS encapsulated IPv4 packets 614 on all interfaces."; 615 } 617 identity mpls-ipv6 { 618 base sr-capability; 619 description 620 "If set, then the router is capable of 621 processing SR MPLS encapsulated IPv6 packets 622 on all interfaces."; 623 } 625 identity prefix-sid-bit { 626 description 627 "Base identity for prefix sid sub-tlv bits."; 628 } 630 identity r-bit { 631 base prefix-sid-bit; 632 description 633 "Re-advertisement Flag."; 634 } 636 identity n-bit { 637 base prefix-sid-bit; 638 description 639 "Node-SID Flag."; 640 } 642 identity p-bit { 643 base prefix-sid-bit; 644 description 645 "No-PHP (No Penultimate Hop-Popping) Flag."; 646 } 648 identity e-bit { 649 base prefix-sid-bit; 650 description 651 "Explicit NULL Flag."; 652 } 654 identity v-bit { 655 base prefix-sid-bit; 656 description 657 "Value Flag."; 658 } 660 identity l-bit { 661 base prefix-sid-bit; 662 description 663 "Local Flag."; 664 } 666 identity adj-sid-bit { 667 description 668 "Base identity for adj sid sub-tlv bits."; 669 } 670 identity f-bit { 671 base adj-sid-bit; 672 description 673 "Address-Family flag."; 674 } 676 identity b-bit { 677 base adj-sid-bit; 678 description 679 "Backup flag."; 680 } 682 identity vi-bit { 683 base adj-sid-bit; 684 description 685 "Value/Index flag."; 686 } 688 identity lo-bit { 689 base adj-sid-bit; 690 description 691 "Local flag."; 692 } 694 identity s-bit { 695 base adj-sid-bit; 696 description 697 "Group flag."; 698 } 700 identity pe-bit { 701 base adj-sid-bit; 702 description 703 "Persistent flag."; 704 } 706 identity sid-binding-bit { 707 description 708 "Base identity for sid binding tlv bits."; 709 } 711 identity af-bit { 712 base sid-binding-bit; 713 description 714 "Address-Family flag."; 715 } 717 identity m-bit { 718 base sid-binding-bit; 719 description 720 "Mirror Context flag."; 721 } 723 identity sf-bit { 724 base sid-binding-bit; 725 description 726 "S flag. If set, the binding label tlv should be flooded 727 across the entire routing domain."; 728 } 730 identity d-bit { 731 base sid-binding-bit; 732 description 733 "Leaking flag."; 734 } 736 identity a-bit { 737 base sid-binding-bit; 738 description 739 "Attached flag."; 740 } 742 /* Features */ 744 feature remote-lfa-sr { 745 description 746 "Enhance rLFA to use SR path."; 747 } 749 feature ti-lfa { 750 description 751 "Enhance IPFRR with ti-lfa 752 support"; 753 } 755 /* Groupings */ 757 grouping sid-sub-tlv { 758 description "SID/Label sub-TLV grouping."; 759 container sid-sub-tlv { 760 description 761 "Used to advertise the SID/Label associated with a 762 prefix or adjacency."; 763 leaf sid { 764 type uint32; 766 description 767 "Segment Identifier (SID) - A 20 bit label or 768 32 bit SID."; 769 } 770 } 771 } 773 grouping sr-capability { 774 description 775 "SR capability grouping."; 776 container sr-capability { 777 description 778 "Segment Routing capability."; 779 container sr-capability { 780 leaf-list sr-capability-bits { 781 type identityref { 782 base sr-capability; 783 } 784 description "SR Capbility sub-tlv flags list."; 785 } 786 description 787 "SR Capability Flags."; 788 } 789 container global-blocks { 790 description 791 "Segment Routing Global Blocks."; 792 list global-block { 793 description "Segment Routing Global Block."; 794 leaf range-size { 795 type uint32; 796 description "The SID range."; 797 } 798 uses sid-sub-tlv; 799 } 800 } 801 } 802 } 804 grouping sr-algorithm { 805 description 806 "SR algorithm grouping."; 807 container sr-algorithms { 808 description "All SR algorithms."; 809 leaf-list sr-algorithm { 810 type uint8; 811 description 812 "The Segment Routing (SR) algorithms that the router is 813 currently using."; 815 } 816 } 817 } 819 grouping srlb { 820 description 821 "SR Local Block grouping."; 822 container local-blocks { 823 description "List of SRLBs."; 824 list local-block { 825 description "Segment Routing Local Block."; 826 leaf range-size { 827 type uint32; 828 description "The SID range."; 829 } 830 uses sid-sub-tlv; 831 } 832 } 833 } 835 grouping srms-preference { 836 description "The SRMS preference TLV is used to advertise 837 a preference associated with the node that acts 838 as an SR Mapping Server."; 839 container srms-preference { 840 description "SRMS Preference TLV."; 841 leaf preference { 842 type uint8 { 843 range "0 .. 255"; 844 } 845 description "SRMS preference TLV, vlaue from 0 to 255."; 846 } 847 } 848 } 850 grouping adjacency-state { 851 description 852 "This group will extend adjacency state."; 853 list adjacency-sid { 854 key value; 855 config false; 856 leaf af { 857 type iana-rt-types:address-family; 858 description 859 "Address-family associated with the 860 segment ID"; 861 } 862 leaf value { 863 type uint32; 864 description 865 "Value of the Adj-SID."; 866 } 867 leaf weight { 868 type uint8; 869 description 870 "Weight associated with 871 the adjacency SID."; 872 } 873 leaf protection-requested { 874 type boolean; 875 description 876 "Describe if the adjacency SID 877 must be protected."; 878 } 879 description 880 "List of adjacency Segment IDs."; 881 } 882 } 884 grouping prefix-segment-id { 885 description 886 "This group defines segment routing extensions 887 for prefixes."; 889 list sid-list { 890 key value; 892 container perfix-sid-flags { 893 leaf-list bits { 894 type identityref { 895 base prefix-sid-bit; 896 } 897 description 898 "Prefix SID Sub-TLV flag bits list."; 899 } 900 description 901 "Describes flags associated with the 902 segment ID."; 903 } 905 leaf algorithm { 906 type uint8; 907 description 908 "Algorithm to be used for path computation."; 909 } 910 leaf value { 911 type uint32; 912 description 913 "Value of the prefix-SID."; 914 } 915 description 916 "List of segments."; 917 } 918 } 920 grouping adjacency-segment-id { 921 description 922 "This group defines segment routing extensions 923 for adjacencies."; 925 list sid-list { 926 key value; 928 container adj-sid-flags { 929 leaf-list bits { 930 type identityref { 931 base adj-sid-bit; 932 } 933 description "Adj sid sub-tlv flags list."; 934 } 935 description "Adj-sid sub-tlv flags."; 936 } 938 leaf weight { 939 type uint8; 940 description 941 "The value represents the weight of the Adj-SID 942 for the purpose of load balancing."; 943 } 944 leaf neighbor-id { 945 type isis:system-id; 946 description 947 "Describes the system ID of the neighbor 948 associated with the SID value. This is only 949 used on LAN adjacencies."; 950 } 951 leaf value { 952 type uint32; 953 description 954 "Value of the Adj-SID."; 955 } 956 description 957 "List of segments."; 958 } 960 } 962 grouping segment-routing-binding-tlv { 963 list segment-routing-bindings { 964 key "fec range"; 966 leaf fec { 967 type string; 968 description 969 "IP (v4 or v6) range to be bound to SIDs."; 970 } 972 leaf range { 973 type uint16; 974 description 975 "Describes number of elements to assign 976 a binding to."; 977 } 979 container sid-binding-flags { 980 leaf-list bits { 981 type identityref { 982 base sid-binding-bit; 983 } 984 description 985 "SID Binding TLV flag bits list."; 986 } 987 description 988 "Binding flags."; 989 } 991 container binding { 992 container prefix-sid { 993 uses prefix-segment-id; 994 description 995 "Binding prefix SID to the range."; 996 } 997 description 998 "Bindings associated with the range."; 999 } 1001 description 1002 "This container describes list of SID/Label bindings. 1003 ISIS reference is TLV 149."; 1004 } 1005 description 1006 "Defines binding TLV for database."; 1007 } 1008 /* Cfg */ 1010 augment "/rt:routing/" + 1011 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1012 "/isis:isis" { 1013 when "/rt:routing/rt:control-plane-protocols/"+ 1014 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1015 description 1016 "This augment ISIS routing protocol when used"; 1017 } 1018 description 1019 "This augments ISIS protocol configuration 1020 with segment routing."; 1022 uses sr-mpls:sr-control-plane; 1023 container protocol-srgb { 1024 if-feature sr-mpls:protocol-srgb; 1025 uses sr-cmn:srgb; 1026 description 1027 "Per-protocol SRGB."; 1028 } 1029 } 1031 augment "/rt:routing/" + 1032 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1033 "/isis:isis/isis:interfaces/isis:interface" { 1034 when "/rt:routing/rt:control-plane-protocols/"+ 1035 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1036 description 1037 "This augment ISIS routing protocol when used"; 1038 } 1039 description 1040 "This augments ISIS protocol configuration 1041 with segment routing."; 1043 uses sr-mpls:igp-interface; 1044 } 1046 augment "/rt:routing/" + 1047 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1048 "/isis:isis/isis:interfaces/isis:interface"+ 1049 "/isis:fast-reroute" { 1050 when "/rt:routing/rt:control-plane-protocols/"+ 1051 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1052 description 1053 "This augment ISIS routing protocol when used"; 1054 } 1055 description 1056 "This augments ISIS IP FRR with TILFA."; 1058 container ti-lfa { 1059 if-feature ti-lfa; 1060 leaf enable { 1061 type boolean; 1062 description 1063 "Enables TI-LFA computation."; 1064 } 1065 description 1066 "TILFA configuration."; 1067 } 1068 } 1070 augment "/rt:routing/" + 1071 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1072 "/isis:isis/isis:interfaces/isis:interface"+ 1073 "/isis:fast-reroute/isis:lfa/isis:remote-lfa" { 1074 when "/rt:routing/rt:control-plane-protocols/"+ 1075 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1076 description 1077 "This augment ISIS routing protocol when used"; 1078 } 1079 description 1080 "This augments ISIS remoteLFA config with 1081 use of segment-routing path."; 1083 leaf use-segment-routing-path { 1084 if-feature remote-lfa-sr; 1085 type boolean; 1086 description 1087 "force remote LFA to use segment routing 1088 path instead of LDP path."; 1089 } 1090 } 1092 /* Operational states */ 1094 augment "/rt:routing/" + 1095 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1096 "/isis:isis/isis:interfaces/isis:interface" + 1097 "/isis:adjacencies/isis:adjacency" { 1098 when "/rt:routing/rt:control-plane-protocols/"+ 1099 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1100 description 1101 "This augment ISIS routing protocol when used"; 1102 } 1103 description 1104 "This augments ISIS protocol configuration 1105 with segment routing."; 1107 uses adjacency-state; 1108 } 1110 augment "/rt:routing/" + 1111 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1112 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 1113 "/isis:router-capabilities" { 1114 when "/rt:routing/rt:control-plane-protocols/"+ 1115 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1116 description 1117 "This augment ISIS routing protocol when used"; 1118 } 1119 description 1120 "This augments ISIS protocol LSDB router capability."; 1122 uses sr-capability; 1123 uses sr-algorithm; 1124 uses srlb; 1125 uses srms-preference; 1126 } 1128 augment "/rt:routing/" + 1129 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1130 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 1131 "/isis:extended-is-neighbor/isis:neighbor" { 1132 when "/rt:routing/rt:control-plane-protocols/"+ 1133 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1134 description 1135 "This augment ISIS routing protocol when used"; 1136 } 1137 description 1138 "This augments ISIS protocol LSDB neighbor."; 1139 uses adjacency-segment-id; 1140 } 1142 augment "/rt:routing/" + 1143 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1144 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 1145 "/isis:mt-is-neighbor/isis:neighbor" { 1146 when "/rt:routing/rt:control-plane-protocols/"+ 1147 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1148 description 1149 "This augment ISIS routing protocol when used"; 1150 } 1151 description 1152 "This augments ISIS protocol LSDB neighbor."; 1153 uses adjacency-segment-id; 1154 } 1156 augment "/rt:routing/" + 1157 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1158 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 1159 "/isis:extended-ipv4-reachability/isis:prefixes" { 1160 when "/rt:routing/rt:control-plane-protocols/"+ 1161 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1162 description 1163 "This augment ISIS routing protocol when used"; 1164 } 1165 description 1166 "This augments ISIS protocol LSDB prefix."; 1167 uses prefix-segment-id; 1168 } 1170 augment "/rt:routing/" + 1171 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1172 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 1173 "/isis:mt-extended-ipv4-reachability/isis:prefixes" { 1174 when "/rt:routing/rt:control-plane-protocols/"+ 1175 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1176 description 1177 "This augment ISIS routing protocol when used"; 1178 } 1179 description 1180 "This augments ISIS protocol LSDB prefix."; 1181 uses prefix-segment-id; 1182 } 1184 augment "/rt:routing/" + 1185 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1186 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 1187 "/isis:ipv6-reachability/isis:prefixes" { 1188 when "/rt:routing/rt:control-plane-protocols/"+ 1189 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1190 description 1191 "This augment ISIS routing protocol when used"; 1192 } 1193 description 1194 "This augments ISIS protocol LSDB prefix."; 1195 uses prefix-segment-id; 1196 } 1198 augment "/rt:routing/" + 1199 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1200 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 1201 "/isis:mt-ipv6-reachability/isis:prefixes" { 1202 when "/rt:routing/rt:control-plane-protocols/"+ 1203 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1204 description 1205 "This augment ISIS routing protocol when used"; 1206 } 1207 description 1208 "This augments ISIS protocol LSDB prefix."; 1209 uses prefix-segment-id; 1210 } 1212 augment "/rt:routing/" + 1213 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1214 "/isis:isis/isis:database/isis:levels/isis:lsp" { 1215 when "/rt:routing/rt:control-plane-protocols/"+ 1216 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1217 description 1218 "This augment ISIS routing protocol when used"; 1219 } 1220 description 1221 "This augments ISIS protocol LSDB."; 1222 uses segment-routing-binding-tlv; 1223 } 1225 /* Notifications */ 1227 } 1228 1230 4. Security Considerations 1232 The YANG module specified in this document defines a schema for data 1233 that is designed to be accessed via network management protocols such 1234 as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer 1235 is the secure transport layer, and the mandatory-to-implement secure 1236 transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer 1237 is HTTPS, and the mandatory-to-implement secure transport is TLS 1238 [RFC8446]. 1240 The NETCONF Access Control Model (NACM) [RFC8341] provides the means 1241 to restrict access for particular NETCONF or RESTCONF users to a pre- 1242 configured subset of all available NETCONF or RESTCONF protocol 1243 operations and content. 1245 There are a number of data nodes defined in this YANG module that are 1246 writable/creatable/deletable (i.e., config true, which is the 1247 default). These data nodes may be considered sensitive or vulnerable 1248 in some network environments. Write operations (e.g., edit-config) 1249 to these data nodes without proper protection can have a negative 1250 effect on network operations. These are the subtrees and data nodes 1251 and their sensitivity/vulnerability: 1253 /isis:isis/segment-routing 1255 /isis:isis/protocol-srgb 1257 /isis:isis/isis:interfaces/isis:interface/segment-routing 1259 Some of the readable data nodes in the modules may be considered 1260 sensitive or vulnerable in some network environments. It is thus 1261 important to control read access (e.g., via get, get-config, or 1262 notification) to these data nodes. 1264 /isis:router-capabilities/sr-capability 1266 /isis:router-capabilities/sr-algorithms 1268 /isis:router-capabilities/local-blocks 1270 /isis:router-capabilities/srms-preference 1272 /isis:router-capabilities/node-msd-tlv 1274 And the augmentations to the ISIS link state database. 1276 Unauthorized access to any data node of these subtrees can disclose 1277 the operational state information of IS-IS protocol on this device. 1279 5. Contributors 1281 Authors would like to thank Derek Yeung, Acee Lindem, Yi Yang for 1282 their major contributions to the draft. 1284 6. Acknowledgements 1286 MITRE has approved this document for Public Release, Distribution 1287 Unlimited, with Public Release Case Number 19-3033. 1289 7. IANA Considerations 1291 The IANA is requested to assign two new URIs from the IETF XML 1292 registry ([RFC3688]). Authors are suggesting the following URI: 1294 URI: urn:ietf:params:xml:ns:yang:ietf-isis-sr 1295 Registrant Contact: The IESG. 1296 XML: N/A, the requested URI is an XML namespace 1298 URI: urn:ietf:params:xml:ns:yang:ietf-isis-msd 1299 Registrant Contact: The IESG. 1300 XML: N/A, the requested URI is an XML namespace 1302 This document also requests one new YANG module name in the YANG 1303 Module Names registry ([RFC6020]) with the following suggestion : 1305 name: ietf-isis-sr 1306 namespace: urn:ietf:params:xml:ns:yang:ietf-isis-sr 1307 prefix: isis-sr 1308 reference: RFC XXXX 1310 name: ietf-isis-msd 1311 namespace: urn:ietf:params:xml:ns:yang:ietf-isis-msd 1312 prefix: isis-msd 1313 reference: RFC XXXX 1315 8. Normative References 1317 [I-D.ietf-isis-yang-isis-cfg] 1318 Litkowski, S., Yeung, D., Lindem, A., Zhang, Z., and L. 1319 Lhotka, "YANG Data Model for IS-IS Protocol", draft-ietf- 1320 isis-yang-isis-cfg-42 (work in progress), October 2019. 1322 [I-D.ietf-spring-sr-yang] 1323 Litkowski, S., Qu, Y., Sarkar, P., and J. Tantsura, "YANG 1324 Data Model for Segment Routing", draft-ietf-spring-sr- 1325 yang-15 (work in progress), December 2017. 1327 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1328 Requirement Levels", BCP 14, RFC 2119, 1329 DOI 10.17487/RFC2119, March 1997, 1330 . 1332 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 1333 DOI 10.17487/RFC3688, January 2004, 1334 . 1336 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 1337 the Network Configuration Protocol (NETCONF)", RFC 6020, 1338 DOI 10.17487/RFC6020, October 2010, 1339 . 1341 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 1342 and A. Bierman, Ed., "Network Configuration Protocol 1343 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 1344 . 1346 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 1347 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 1348 . 1350 [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration 1351 Protocol (NETCONF) Access Control Model", RFC 6536, 1352 DOI 10.17487/RFC6536, March 2012, 1353 . 1355 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 1356 RFC 7950, DOI 10.17487/RFC7950, August 2016, 1357 . 1359 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 1360 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 1361 . 1363 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 1364 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 1365 May 2017, . 1367 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 1368 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 1369 . 1371 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration 1372 Access Control Model", STD 91, RFC 8341, 1373 DOI 10.17487/RFC8341, March 2018, 1374 . 1376 [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., 1377 and R. Wilton, "Network Management Datastore Architecture 1378 (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, 1379 . 1381 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 1382 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 1383 . 1385 [RFC8491] Tantsura, J., Chunduri, U., Aldrin, S., and L. Ginsberg, 1386 "Signaling Maximum SID Depth (MSD) Using IS-IS", RFC 8491, 1387 DOI 10.17487/RFC8491, November 2018, 1388 . 1390 [RFC8667] Previdi, S., Ed., Ginsberg, L., Ed., Filsfils, C., 1391 Bashandy, A., Gredler, H., and B. Decraene, "IS-IS 1392 Extensions for Segment Routing", RFC 8667, 1393 DOI 10.17487/RFC8667, December 2019, 1394 . 1396 Authors' Addresses 1398 Stephane Litkowski 1399 Cisco Systems 1401 Email: slitkows.ietf@gmail.com 1403 Yinghzen Qu 1404 Futurewei 1406 Email: yingzhen.qu@futurewei.com 1408 Pushpasis Sarkar 1409 Individual 1411 Email: pushpasis.ietf@gmail.com 1413 Ing-Wher Chen 1414 The MITRE Corporation 1416 Email: ingwherchen@mitre.org 1418 Jeff Tantsura 1419 Apstra 1421 Email: jefftant.ietf@gmail.com