idnits 2.17.1 draft-ietf-isis-sr-yang-12.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 337 has weird spacing: '...r-bound uin...' == Line 338 has weird spacing: '...r-bound uin...' == Line 349 has weird spacing: '...roup-id uin...' == The document doesn't use any RFC 2119 keywords, yet seems to have RFC 2119 boilerplate text. -- The document date (9 February 2022) is 806 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC6536' is defined on line 1328, but no explicit reference was found in the text == Outdated reference: A later version (-30) exists of draft-ietf-spring-sr-yang-15 ** Obsolete normative reference: RFC 6536 (Obsoleted by RFC 8341) Summary: 1 error (**), 0 flaws (~~), 7 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 LSR Working Group S. Litkowski 3 Internet-Draft Cisco Systems 4 Intended status: Standards Track Y. Qu 5 Expires: 13 August 2022 Futurewei 6 P. Sarkar 7 Individual 8 I. Chen 9 The MITRE Corporation 10 J. Tantsura 11 Microsoft 12 9 February 2022 14 YANG Data Model for IS-IS Segment Routing 15 draft-ietf-isis-sr-yang-12 17 Abstract 19 This document defines a YANG data module that can be used to 20 configure and manage IS-IS Segment Routing, as well as a YANG data 21 module for the management of Signaling Maximum SID Depth (MSD) using 22 IS-IS. 24 Status of This Memo 26 This Internet-Draft is submitted in full conformance with the 27 provisions of BCP 78 and BCP 79. 29 Internet-Drafts are working documents of the Internet Engineering 30 Task Force (IETF). Note that other groups may also distribute 31 working documents as Internet-Drafts. The list of current Internet- 32 Drafts is at https://datatracker.ietf.org/drafts/current/. 34 Internet-Drafts are draft documents valid for a maximum of six months 35 and may be updated, replaced, or obsoleted by other documents at any 36 time. It is inappropriate to use Internet-Drafts as reference 37 material or to cite them other than as "work in progress." 39 This Internet-Draft will expire on 13 August 2022. 41 Copyright Notice 43 Copyright (c) 2022 IETF Trust and the persons identified as the 44 document authors. All rights reserved. 46 This document is subject to BCP 78 and the IETF Trust's Legal 47 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 48 license-info) in effect on the date of publication of this document. 49 Please review these documents carefully, as they describe your rights 50 and restrictions with respect to this document. Code Components 51 extracted from this document must include Revised BSD License text as 52 described in Section 4.e of the Trust Legal Provisions and are 53 provided without warranty as described in the Revised BSD License. 55 Table of Contents 57 1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 2 58 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 59 1.2. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 3 60 2. IS-IS MSD . . . . . . . . . . . . . . . . . . . . . . . . . . 3 61 2.1. IS-IS MSD YANG Module . . . . . . . . . . . . . . . . . . 3 62 3. IS-IS Segment Routing . . . . . . . . . . . . . . . . . . . . 7 63 3.1. IS-IS Segment Routing configuration . . . . . . . . . . . 10 64 3.1.1. Segment Routing activation . . . . . . . . . . . . . 10 65 3.1.2. Advertising mapping server policy . . . . . . . . . . 10 66 3.1.3. IP Fast reroute . . . . . . . . . . . . . . . . . . . 11 67 3.2. IS-IS Segment Routing YANG Module . . . . . . . . . . . . 11 68 4. Security Considerations . . . . . . . . . . . . . . . . . . . 26 69 5. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 27 70 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 27 71 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 27 72 8. Normative References . . . . . . . . . . . . . . . . . . . . 27 73 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 29 75 1. Overview 77 YANG [RFC7950] is a data definition language used to define the 78 contents of a conceptual data store that allows networked devices to 79 be managed using NETCONF [RFC6241]. YANG is proving relevant beyond 80 its initial confines, as bindings to other interfaces (e.g., ReST) 81 and encodings other than XML (e.g., JSON) are being defined. 82 Furthermore, YANG data models can be used as the basis for 83 implementation of other interfaces, such as CLI and programmatic 84 APIs. 86 This document defines a YANG data module that can be used to 87 configure and manage IS-IS Segment Routing [RFC8667] and it is an 88 augmentation to the IS-IS YANG data model. 90 This document also defines a YANG data module for the management of 91 Signaling Maximum SID Depth (MSD) using IS-IS [RFC8491], which 92 augments the base IS-IS YANG data model. 94 The YANG modules in this document conform to the Network Management 95 Datastore Architecture (NMDA) [RFC8342]. 97 1.1. Requirements Language 99 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 100 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 101 "OPTIONAL" in this document are to be interpreted as described in BCP 102 14 [RFC2119] [RFC8174] when, and only when, they appear in all 103 capitals, as shown here. 105 1.2. Tree Diagrams 107 This document uses the graphical representation of data models 108 defined in [RFC8340]. 110 2. IS-IS MSD 112 This document defines a module for Signaling Maximum SID Depth (MSD) 113 using IS-IS[RFC8667]. It is an augmentation of the IS-IS base model. 115 The figure below describes the overall structure of the isis-msd YANG 116 module: 118 module: ietf-isis-msd 119 augment /rt:routing/rt:control-plane-protocols 120 /rt:control-plane-protocol/isis:isis/isis:database 121 /isis:levels/isis:lsp/isis:router-capabilities: 122 +--ro node-msd-tlv 123 +--ro node-msds* [msd-type] 124 +--ro msd-type identityref 125 +--ro msd-value? uint8 126 augment /rt:routing/rt:control-plane-protocols 127 /rt:control-plane-protocol/isis:isis/isis:database 128 /isis:levels/isis:lsp/isis:extended-is-neighbor 129 /isis:neighbor: 130 +--ro link-msd-sub-tlv 131 +--ro link-msds* [msd-type] 132 +--ro msd-type identityref 133 +--ro msd-value? uint8 134 augment /rt:routing/rt:control-plane-protocols 135 /rt:control-plane-protocol/isis:isis/isis:database 136 /isis:levels/isis:lsp/isis:mt-is-neighbor/isis:neighbor: 137 +--ro link-msd-sub-tlv 138 +--ro link-msds* [msd-type] 139 +--ro msd-type identityref 140 +--ro msd-value? uint8 142 2.1. IS-IS MSD YANG Module 143 file "ietf-isis-msd@2022-02-09.yang" 144 module ietf-isis-msd { 145 yang-version 1.1; 146 namespace "urn:ietf:params:xml:ns:yang:ietf-isis-msd"; 147 prefix isis-msd; 149 import ietf-routing { 150 prefix rt; 151 reference "RFC 8349: A YANG Data Model for Routing 152 Management (NMDA Version)"; 153 } 155 import ietf-isis { 156 prefix isis; 157 } 159 import ietf-mpls-msd { 160 prefix mpls-msd; 161 } 163 organization 164 "IETF LSR - LSR Working Group"; 165 contact 166 "WG Web: 167 WG List: 169 Author: Yingzhen Qu 170 171 Author: Acee Lindem 172 173 Author: Stephane Litkowski 174 175 Author: Jeff Tantsura 176 178 "; 179 description 180 "The YANG module augments the base ISIS model to 181 manage different types of MSDs. 183 This YANG model conforms to the Network Management 184 Datastore Architecture (NMDA) as described in RFC 8342. 186 Copyright (c) 2022 IETF Trust and the persons identified as 187 authors of the code. All rights reserved. 189 Redistribution and use in source and binary forms, with or 190 without modification, is permitted pursuant to, and subject 191 to the license terms contained in, the Simplified BSD License 192 set forth in Section 4.c of the IETF Trust's Legal Provisions 193 Relating to IETF Documents 194 (https://trustee.ietf.org/license-info). 196 This version of this YANG module is part of RFC XXXX; 197 see the RFC itself for full legal notices. 199 The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL 200 NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', 201 'MAY', and 'OPTIONAL' in this document are to be interpreted as 202 described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, 203 they appear in all capitals, as shown here."; 205 reference "RFC XXXX: YANG Data Model for OSPF MSD."; 207 revision 2022-02-09 { 208 description 209 "Initial Version"; 210 reference "RFC XXXX: YANG Data Model for ISIS MSD."; 211 } 213 grouping link-msd-sub-tlv { 214 description 215 "Link Maximum SID Depth (MSD) grouping for an interface."; 216 container link-msd-sub-tlv { 217 list link-msds { 218 key "msd-type"; 219 leaf msd-type { 220 type identityref { 221 base mpls-msd:msd-base-type; 222 } 223 description 224 "MSD-Types"; 225 } 226 leaf msd-value { 227 type uint8; 228 description 229 "MSD value, in the range of 0-255."; 230 } 231 description 232 "List of link MSDs"; 233 } 234 description 235 "Link MSD sub-tlvs."; 236 } 237 } 238 /* Node MSD TLV */ 239 augment "/rt:routing/" + 240 "rt:control-plane-protocols/rt:control-plane-protocol"+ 241 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 242 "/isis:router-capabilities" { 243 when "/rt:routing/rt:control-plane-protocols/"+ 244 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 245 description 246 "This augment ISIS routing protocol when used"; 247 } 248 description 249 "This augments ISIS protocol LSDB router capability."; 250 container node-msd-tlv { 251 list node-msds { 252 key "msd-type"; 253 leaf msd-type { 254 type identityref { 255 base mpls-msd:msd-base-type; 256 } 257 description 258 "MSD-Types"; 259 } 260 leaf msd-value { 261 type uint8; 262 description 263 "MSD value, in the range of 0-255."; 264 } 265 description 266 "Node MSD is the smallest link MSD supported by 267 the node."; 268 } 269 description 270 "Node MSD is the number of SIDs supported by a node."; 271 reference 272 "RFC 8476: Signaling Maximum SID Depth (MSD) Using OSPF"; 273 } 274 } 276 /* link MSD sub-tlv */ 277 augment "/rt:routing/" + 278 "rt:control-plane-protocols/rt:control-plane-protocol"+ 279 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 280 "/isis:extended-is-neighbor/isis:neighbor" { 281 when "/rt:routing/rt:control-plane-protocols/"+ 282 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 283 description 284 "This augment ISIS routing protocol when used"; 286 } 287 description 288 "This augments ISIS protocol LSDB neighbor with 289 Link MSD sub-TLV."; 291 uses link-msd-sub-tlv; 292 } 294 augment "/rt:routing/" + 295 "rt:control-plane-protocols/rt:control-plane-protocol"+ 296 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 297 "/isis:mt-is-neighbor/isis:neighbor" { 298 when "/rt:routing/rt:control-plane-protocols/"+ 299 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 300 description 301 "This augment ISIS routing protocol when used"; 302 } 303 description 304 "This augments ISIS protocol LSDB neighbor."; 306 uses link-msd-sub-tlv; 307 } 308 } 309 311 3. IS-IS Segment Routing 313 This document defines a model for IS-IS Segment Routing feature. It 314 is an augmentation of the IS-IS base model. 316 The IS-IS SR YANG module requires support for the base segment 317 routing module [I-D.ietf-spring-sr-yang], which defines the global 318 segment routing configuration independent of any specific routing 319 protocol configuration, and support of IS-IS base model 320 [I-D.ietf-isis-yang-isis-cfg] which defines basic IS-IS configuration 321 and state. 323 The figure below describes the overall structure of the isis-sr YANG 324 module: 326 module: ietf-isis-sr 327 augment /rt:routing/rt:control-plane-protocols 328 /rt:control-plane-protocol/isis:isis: 329 +--rw segment-routing 330 | +--rw enabled? boolean 331 | +--rw bindings 332 | +--rw advertise 333 | | +--rw policies* string 334 | +--rw receive? boolean 335 +--rw protocol-srgb {sr-mpls:protocol-srgb}? 336 +--rw srgb* [lower-bound upper-bound] 337 +--rw lower-bound uint32 338 +--rw upper-bound uint32 339 augment /rt:routing/rt:control-plane-protocols 340 /rt:control-plane-protocol/isis:isis/isis:interfaces 341 /isis:interface: 342 +--rw segment-routing 343 +--rw adjacency-sid 344 +--rw adj-sids* [value] 345 | +--rw value-type? enumeration 346 | +--rw value uint32 347 | +--rw protected? boolean 348 +--rw advertise-adj-group-sid* [group-id] 349 | +--rw group-id uint32 350 +--rw advertise-protection? enumeration 351 augment /rt:routing/rt:control-plane-protocols 352 /rt:control-plane-protocol/isis:isis/isis:interfaces 353 /isis:interface/isis:fast-reroute: 354 +--rw ti-lfa {ti-lfa}? 355 +--rw enable? boolean 356 augment /rt:routing/rt:control-plane-protocols 357 /rt:control-plane-protocol/isis:isis/isis:interfaces 358 /isis:interface/isis:fast-reroute/isis:lfa/isis:remote-lfa: 359 +--rw use-segment-routing-path? boolean {remote-lfa-sr}? 360 augment /rt:routing/rt:control-plane-protocols 361 /rt:control-plane-protocol/isis:isis/isis:interfaces 362 /isis:interface/isis:adjacencies/isis:adjacency: 363 +--ro adjacency-sid* [value] 364 +--ro af? iana-rt-types:address-family 365 +--ro value uint32 366 +--ro weight? uint8 367 +--ro protection-requested? boolean 368 augment /rt:routing/rt:control-plane-protocols 369 /rt:control-plane-protocol/isis:isis/isis:database 370 /isis:levels/isis:lsp/isis:router-capabilities: 371 +--ro sr-capability 372 | +--ro sr-capability 373 | | +--ro sr-capability-bits* identityref 374 | +--ro global-blocks 375 | +--ro global-block* [] 376 | +--ro range-size? uint32 377 | +--ro sid-sub-tlv 378 | +--ro sid? uint32 379 +--ro sr-algorithms 380 | +--ro sr-algorithm* uint8 381 +--ro local-blocks 382 | +--ro local-block* [] 383 | +--ro range-size? uint32 384 | +--ro sid-sub-tlv 385 | +--ro sid? uint32 386 +--ro srms-preference 387 +--ro preference? uint8 388 augment /rt:routing/rt:control-plane-protocols 389 /rt:control-plane-protocol/isis:isis/isis:database/isis:levels 390 /isis:lsp/isis:extended-is-neighbor/isis:neighbor: 391 +--ro sid-list* [value] 392 +--ro adj-sid-flags 393 | +--ro bits* identityref 394 +--ro weight? uint8 395 +--ro neighbor-id? isis:system-id 396 +--ro value uint32 397 augment /rt:routing/rt:control-plane-protocols 398 /rt:control-plane-protocol/isis:isis/isis:database 399 /isis:levels/isis:lsp/isis:mt-is-neighbor/isis:neighbor: 400 +--ro sid-list* [value] 401 +--ro adj-sid-flags 402 | +--ro bits* identityref 403 +--ro weight? uint8 404 +--ro neighbor-id? isis:system-id 405 +--ro value uint32 406 augment /rt:routing/rt:control-plane-protocols 407 /rt:control-plane-protocol/isis:isis/isis:database 408 /isis:levels/isis:lsp/isis:extended-ipv4-reachability 409 /isis:prefixes: 410 +--ro sid-list* [value] 411 +--ro perfix-sid-flags 412 | +--ro bits* identityref 413 +--ro algorithm? uint8 414 +--ro value uint32 415 augment /rt:routing/rt:control-plane-protocols 416 /rt:control-plane-protocol/isis:isis/isis:database 417 /isis:levels/isis:lsp/isis:mt-extended-ipv4-reachability 418 /isis:prefixes: 419 +--ro sid-list* [value] 420 +--ro perfix-sid-flags 421 | +--ro bits* identityref 422 +--ro algorithm? uint8 423 +--ro value uint32 424 augment /rt:routing/rt:control-plane-protocols 425 /rt:control-plane-protocol/isis:isis/isis:database 426 /isis:levels/isis:lsp/isis:ipv6-reachability/isis:prefixes: 427 +--ro sid-list* [value] 428 +--ro perfix-sid-flags 429 | +--ro bits* identityref 430 +--ro algorithm? uint8 431 +--ro value uint32 432 augment /rt:routing/rt:control-plane-protocols 433 /rt:control-plane-protocol/isis:isis/isis:database 434 /isis:levels/isis:lsp/isis:mt-ipv6-reachability/isis:prefixes: 435 +--ro sid-list* [value] 436 +--ro perfix-sid-flags 437 | +--ro bits* identityref 438 +--ro algorithm? uint8 439 +--ro value uint32 440 augment /rt:routing/rt:control-plane-protocols 441 /rt:control-plane-protocol/isis:isis/isis:database 442 /isis:levels/isis:lsp: 443 +--ro segment-routing-bindings* [fec range] 444 +--ro fec string 445 +--ro range uint16 446 +--ro sid-binding-flags 447 | +--ro bits* identityref 448 +--ro binding 449 +--ro prefix-sid 450 +--ro sid-list* [value] 451 +--ro perfix-sid-flags 452 | +--ro bits* identityref 453 +--ro algorithm? uint8 454 +--ro value uint32 456 3.1. IS-IS Segment Routing configuration 458 3.1.1. Segment Routing activation 460 Activation of segment-routing IS-IS is done by setting the "enable" 461 leaf to true. This triggers advertisement of segment-routing 462 extensions based on the configuration parameters that have been setup 463 using the base segment routing module. 465 3.1.2. Advertising mapping server policy 467 The base segment routing module defines mapping server policies. By 468 default, IS-IS will not advertise nor receive any mapping server 469 entry. The IS-IS segment-routing module allows to advertise one or 470 multiple mapping server policies through the "bindings/advertise/ 471 policies" leaf-list. The "bindings/receive" leaf allows to enable 472 the reception of mapping server entries. 474 3.1.3. IP Fast reroute 476 IS-IS SR model augments the fast-reroute container under interface. 477 It brings the ability to activate TI-LFA (topology independent LFA) 478 and also enhances remote LFA to use segment-routing tunneling instead 479 of LDP. 481 3.2. IS-IS Segment Routing YANG Module 483 file "ietf-isis-sr@2022-02-09.yang" 484 module ietf-isis-sr { 485 yang-version 1.1; 486 namespace "urn:ietf:params:xml:ns:" 487 + "yang:ietf-isis-sr"; 488 prefix isis-sr; 490 import ietf-routing { 491 prefix "rt"; 492 reference 493 "RFC 8349 - A YANG Data Model for Routing 494 Management (NMDA Version)"; 495 } 497 import ietf-segment-routing-common { 498 prefix "sr-cmn"; 499 reference 500 "RFC 9020 - YANG Data Model for Segment Routing"; 501 } 503 import ietf-segment-routing-mpls { 504 prefix "sr-mpls"; 505 reference 506 "RFC 9020 - YANG Data Model for Segment Routing"; 507 } 509 import ietf-isis { 510 prefix "isis"; 511 } 513 import iana-routing-types { 514 prefix "iana-rt-types"; 515 reference "RFC 8294 - Common YANG Data Types for the 516 Routing Area"; 517 } 519 organization 520 "IETF LSR - LSR Working Group"; 522 contact 523 "WG List: 525 Editor: Stephane Litkowski 526 528 Author: Acee Lindem 529 530 Author: Yingzhen Qu 531 532 Author: Pushpasis Sarkar 533 534 Author: Ing-Wher Chen 535 536 Author: Jeff Tantsura 537 538 "; 540 description 541 "The YANG module defines a generic configuration model for 542 Segment routing ISIS extensions common across all of the vendor 543 implementations. 545 This YANG model conforms to the Network Management 546 Datastore Architecture (NMDA) as described in RFC 8342. 548 Copyright (c) 2022 IETF Trust and the persons identified as 549 authors of the code. All rights reserved. 551 Redistribution and use in source and binary forms, with or 552 without modification, is permitted pursuant to, and subject to 553 the license terms contained in, the Simplified BSD License set 554 forth in Section 4.c of the IETF Trust's Legal Provisions 555 Relating to IETF Documents 556 (https://trustee.ietf.org/license-info). 558 This version of this YANG module is part of RFC XXXX 559 (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself 560 for full legal notices. 562 The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL 563 NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', 564 'MAY', and 'OPTIONAL' in this document are to be interpreted as 565 described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, 566 they appear in all capitals, as shown here. 568 This version of this YANG module is part of RFC XXXX; 569 see the RFC itself for full legal notices."; 571 reference "RFC XXXX"; 573 revision 2022-02-09 { 574 description 575 "Initial revision."; 576 reference "RFC XXXX"; 577 } 579 /* Identities */ 580 identity sr-capability { 581 description 582 "Base identity for ISIS SR-Capabilities sub-TLV flgs"; 583 } 585 identity mpls-ipv4 { 586 base sr-capability; 587 description 588 "If set, then the router is capable of 589 processing SR MPLS encapsulated IPv4 packets 590 on all interfaces."; 591 } 593 identity mpls-ipv6 { 594 base sr-capability; 595 description 596 "If set, then the router is capable of 597 processing SR MPLS encapsulated IPv6 packets 598 on all interfaces."; 599 } 601 identity prefix-sid-bit { 602 description 603 "Base identity for prefix sid sub-tlv bits."; 604 } 606 identity r-bit { 607 base prefix-sid-bit; 608 description 609 "Re-advertisement Flag."; 610 } 612 identity n-bit { 613 base prefix-sid-bit; 614 description 615 "Node-SID Flag."; 616 } 617 identity p-bit { 618 base prefix-sid-bit; 619 description 620 "No-PHP (No Penultimate Hop-Popping) Flag."; 621 } 623 identity e-bit { 624 base prefix-sid-bit; 625 description 626 "Explicit NULL Flag."; 627 } 629 identity v-bit { 630 base prefix-sid-bit; 631 description 632 "Value Flag."; 633 } 635 identity l-bit { 636 base prefix-sid-bit; 637 description 638 "Local Flag."; 639 } 641 identity adj-sid-bit { 642 description 643 "Base identity for adj sid sub-tlv bits."; 644 } 646 identity f-bit { 647 base adj-sid-bit; 648 description 649 "Address-Family flag."; 650 } 652 identity b-bit { 653 base adj-sid-bit; 654 description 655 "Backup flag."; 656 } 658 identity vi-bit { 659 base adj-sid-bit; 660 description 661 "Value/Index flag."; 662 } 664 identity lo-bit { 665 base adj-sid-bit; 666 description 667 "Local flag."; 668 } 670 identity s-bit { 671 base adj-sid-bit; 672 description 673 "Group flag."; 674 } 676 identity pe-bit { 677 base adj-sid-bit; 678 description 679 "Persistent flag."; 680 } 682 identity sid-binding-bit { 683 description 684 "Base identity for sid binding tlv bits."; 685 } 687 identity af-bit { 688 base sid-binding-bit; 689 description 690 "Address-Family flag."; 691 } 693 identity m-bit { 694 base sid-binding-bit; 695 description 696 "Mirror Context flag."; 697 } 699 identity sf-bit { 700 base sid-binding-bit; 701 description 702 "S flag. If set, the binding label tlv should be flooded 703 across the entire routing domain."; 704 } 706 identity d-bit { 707 base sid-binding-bit; 708 description 709 "Leaking flag."; 710 } 712 identity a-bit { 713 base sid-binding-bit; 714 description 715 "Attached flag."; 716 } 718 /* Features */ 720 feature remote-lfa-sr { 721 description 722 "Enhance rLFA to use SR path."; 723 } 725 feature ti-lfa { 726 description 727 "Enhance IPFRR with ti-lfa 728 support"; 729 } 731 /* Groupings */ 733 grouping sid-sub-tlv { 734 description "SID/Label sub-TLV grouping."; 735 container sid-sub-tlv { 736 description 737 "Used to advertise the SID/Label associated with a 738 prefix or adjacency."; 739 leaf sid { 740 type uint32; 741 description 742 "Segment Identifier (SID) - A 20 bit label or 743 32 bit SID."; 744 } 745 } 746 } 748 grouping sr-capability { 749 description 750 "SR capability grouping."; 751 container sr-capability { 752 description 753 "Segment Routing capability."; 754 container sr-capability { 755 leaf-list sr-capability-bits { 756 type identityref { 757 base sr-capability; 758 } 759 description "SR Capbility sub-tlv flags list."; 761 } 762 description 763 "SR Capability Flags."; 764 } 765 container global-blocks { 766 description 767 "Segment Routing Global Blocks."; 768 list global-block { 769 description "Segment Routing Global Block."; 770 leaf range-size { 771 type uint32; 772 description "The SID range."; 773 } 774 uses sid-sub-tlv; 775 } 776 } 777 } 778 } 780 grouping sr-algorithm { 781 description 782 "SR algorithm grouping."; 783 container sr-algorithms { 784 description "All SR algorithms."; 785 leaf-list sr-algorithm { 786 type uint8; 787 description 788 "The Segment Routing (SR) algorithms that the router is 789 currently using."; 790 } 791 } 792 } 794 grouping srlb { 795 description 796 "SR Local Block grouping."; 797 container local-blocks { 798 description "List of SRLBs."; 799 list local-block { 800 description "Segment Routing Local Block."; 801 leaf range-size { 802 type uint32; 803 description "The SID range."; 804 } 805 uses sid-sub-tlv; 806 } 807 } 808 } 809 grouping srms-preference { 810 description "The SRMS preference TLV is used to advertise 811 a preference associated with the node that acts 812 as an SR Mapping Server."; 813 container srms-preference { 814 description "SRMS Preference TLV."; 815 leaf preference { 816 type uint8 { 817 range "0 .. 255"; 818 } 819 description "SRMS preference TLV, vlaue from 0 to 255."; 820 } 821 } 822 } 824 grouping adjacency-state { 825 description 826 "This group will extend adjacency state."; 827 list adjacency-sid { 828 key value; 829 config false; 830 leaf af { 831 type iana-rt-types:address-family; 832 description 833 "Address-family associated with the 834 segment ID"; 835 } 836 leaf value { 837 type uint32; 838 description 839 "Value of the Adj-SID."; 840 } 841 leaf weight { 842 type uint8; 843 description 844 "Weight associated with 845 the adjacency SID."; 846 } 847 leaf protection-requested { 848 type boolean; 849 description 850 "Describe if the adjacency SID 851 must be protected."; 852 } 853 description 854 "List of adjacency Segment IDs."; 855 } 856 } 857 grouping prefix-segment-id { 858 description 859 "This group defines segment routing extensions 860 for prefixes."; 862 list sid-list { 863 key value; 865 container perfix-sid-flags { 866 leaf-list bits { 867 type identityref { 868 base prefix-sid-bit; 869 } 870 description 871 "Prefix SID Sub-TLV flag bits list."; 872 } 873 description 874 "Describes flags associated with the 875 segment ID."; 876 } 878 leaf algorithm { 879 type uint8; 880 description 881 "Algorithm to be used for path computation."; 882 } 883 leaf value { 884 type uint32; 885 description 886 "Value of the prefix-SID."; 887 } 888 description 889 "List of segments."; 890 } 891 } 893 grouping adjacency-segment-id { 894 description 895 "This group defines segment routing extensions 896 for adjacencies."; 898 list sid-list { 899 key value; 901 container adj-sid-flags { 902 leaf-list bits { 903 type identityref { 904 base adj-sid-bit; 906 } 907 description "Adj sid sub-tlv flags list."; 908 } 909 description "Adj-sid sub-tlv flags."; 910 } 912 leaf weight { 913 type uint8; 914 description 915 "The value represents the weight of the Adj-SID 916 for the purpose of load balancing."; 917 } 918 leaf neighbor-id { 919 type isis:system-id; 920 description 921 "Describes the system ID of the neighbor 922 associated with the SID value. This is only 923 used on LAN adjacencies."; 924 } 925 leaf value { 926 type uint32; 927 description 928 "Value of the Adj-SID."; 929 } 930 description 931 "List of segments."; 932 } 933 } 935 grouping segment-routing-binding-tlv { 936 list segment-routing-bindings { 937 key "fec range"; 939 leaf fec { 940 type string; 941 description 942 "IP (v4 or v6) range to be bound to SIDs."; 943 } 945 leaf range { 946 type uint16; 947 description 948 "Describes number of elements to assign 949 a binding to."; 950 } 952 container sid-binding-flags { 953 leaf-list bits { 954 type identityref { 955 base sid-binding-bit; 956 } 957 description 958 "SID Binding TLV flag bits list."; 959 } 960 description 961 "Binding flags."; 962 } 964 container binding { 965 container prefix-sid { 966 uses prefix-segment-id; 967 description 968 "Binding prefix SID to the range."; 969 } 970 description 971 "Bindings associated with the range."; 972 } 974 description 975 "This container describes list of SID/Label bindings. 976 ISIS reference is TLV 149."; 977 } 978 description 979 "Defines binding TLV for database."; 980 } 982 /* Cfg */ 984 augment "/rt:routing/" + 985 "rt:control-plane-protocols/rt:control-plane-protocol"+ 986 "/isis:isis" { 987 when "/rt:routing/rt:control-plane-protocols/"+ 988 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 989 description 990 "This augment ISIS routing protocol when used"; 991 } 992 description 993 "This augments ISIS protocol configuration 994 with segment routing."; 996 uses sr-mpls:sr-control-plane; 997 container protocol-srgb { 998 if-feature sr-mpls:protocol-srgb; 999 uses sr-cmn:srgb; 1000 description 1001 "Per-protocol SRGB."; 1003 } 1004 } 1006 augment "/rt:routing/" + 1007 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1008 "/isis:isis/isis:interfaces/isis:interface" { 1009 when "/rt:routing/rt:control-plane-protocols/"+ 1010 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1011 description 1012 "This augment ISIS routing protocol when used"; 1013 } 1014 description 1015 "This augments ISIS protocol configuration 1016 with segment routing."; 1018 uses sr-mpls:igp-interface; 1019 } 1021 augment "/rt:routing/" + 1022 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1023 "/isis:isis/isis:interfaces/isis:interface"+ 1024 "/isis:fast-reroute" { 1025 when "/rt:routing/rt:control-plane-protocols/"+ 1026 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1027 description 1028 "This augment ISIS routing protocol when used"; 1029 } 1030 description 1031 "This augments ISIS IP FRR with TILFA."; 1033 container ti-lfa { 1034 if-feature ti-lfa; 1035 leaf enable { 1036 type boolean; 1037 description 1038 "Enables TI-LFA computation."; 1039 } 1040 description 1041 "TILFA configuration."; 1042 } 1043 } 1045 augment "/rt:routing/" + 1046 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1047 "/isis:isis/isis:interfaces/isis:interface"+ 1048 "/isis:fast-reroute/isis:lfa/isis:remote-lfa" { 1049 when "/rt:routing/rt:control-plane-protocols/"+ 1050 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1052 description 1053 "This augment ISIS routing protocol when used"; 1054 } 1055 description 1056 "This augments ISIS remoteLFA config with 1057 use of segment-routing path."; 1059 leaf use-segment-routing-path { 1060 if-feature remote-lfa-sr; 1061 type boolean; 1062 description 1063 "force remote LFA to use segment routing 1064 path instead of LDP path."; 1065 } 1066 } 1068 /* Operational states */ 1070 augment "/rt:routing/" + 1071 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1072 "/isis:isis/isis:interfaces/isis:interface" + 1073 "/isis:adjacencies/isis:adjacency" { 1074 when "/rt:routing/rt:control-plane-protocols/"+ 1075 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1076 description 1077 "This augment ISIS routing protocol when used"; 1078 } 1079 description 1080 "This augments ISIS protocol configuration 1081 with segment routing."; 1083 uses adjacency-state; 1084 } 1086 augment "/rt:routing/" + 1087 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1088 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 1089 "/isis:router-capabilities" { 1090 when "/rt:routing/rt:control-plane-protocols/"+ 1091 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1092 description 1093 "This augment ISIS routing protocol when used"; 1094 } 1095 description 1096 "This augments ISIS protocol LSDB router capability."; 1098 uses sr-capability; 1099 uses sr-algorithm; 1100 uses srlb; 1101 uses srms-preference; 1102 } 1104 augment "/rt:routing/" + 1105 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1106 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 1107 "/isis:extended-is-neighbor/isis:neighbor" { 1108 when "/rt:routing/rt:control-plane-protocols/"+ 1109 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1110 description 1111 "This augment ISIS routing protocol when used"; 1112 } 1113 description 1114 "This augments ISIS protocol LSDB neighbor."; 1115 uses adjacency-segment-id; 1116 } 1118 augment "/rt:routing/" + 1119 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1120 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 1121 "/isis:mt-is-neighbor/isis:neighbor" { 1122 when "/rt:routing/rt:control-plane-protocols/"+ 1123 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1124 description 1125 "This augment ISIS routing protocol when used"; 1126 } 1127 description 1128 "This augments ISIS protocol LSDB neighbor."; 1129 uses adjacency-segment-id; 1130 } 1132 augment "/rt:routing/" + 1133 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1134 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 1135 "/isis:extended-ipv4-reachability/isis:prefixes" { 1136 when "/rt:routing/rt:control-plane-protocols/"+ 1137 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1138 description 1139 "This augment ISIS routing protocol when used"; 1140 } 1141 description 1142 "This augments ISIS protocol LSDB prefix."; 1143 uses prefix-segment-id; 1144 } 1146 augment "/rt:routing/" + 1147 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1148 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 1149 "/isis:mt-extended-ipv4-reachability/isis:prefixes" { 1150 when "/rt:routing/rt:control-plane-protocols/"+ 1151 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1152 description 1153 "This augment ISIS routing protocol when used"; 1154 } 1155 description 1156 "This augments ISIS protocol LSDB prefix."; 1157 uses prefix-segment-id; 1158 } 1160 augment "/rt:routing/" + 1161 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1162 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 1163 "/isis:ipv6-reachability/isis:prefixes" { 1164 when "/rt:routing/rt:control-plane-protocols/"+ 1165 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1166 description 1167 "This augment ISIS routing protocol when used"; 1168 } 1169 description 1170 "This augments ISIS protocol LSDB prefix."; 1171 uses prefix-segment-id; 1172 } 1174 augment "/rt:routing/" + 1175 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1176 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 1177 "/isis:mt-ipv6-reachability/isis:prefixes" { 1178 when "/rt:routing/rt:control-plane-protocols/"+ 1179 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1180 description 1181 "This augment ISIS routing protocol when used"; 1182 } 1183 description 1184 "This augments ISIS protocol LSDB prefix."; 1185 uses prefix-segment-id; 1186 } 1188 augment "/rt:routing/" + 1189 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1190 "/isis:isis/isis:database/isis:levels/isis:lsp" { 1191 when "/rt:routing/rt:control-plane-protocols/"+ 1192 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1193 description 1194 "This augment ISIS routing protocol when used"; 1195 } 1196 description 1197 "This augments ISIS protocol LSDB."; 1198 uses segment-routing-binding-tlv; 1199 } 1201 /* Notifications */ 1202 } 1203 1205 4. Security Considerations 1207 The YANG module specified in this document defines a schema for data 1208 that is designed to be accessed via network management protocols such 1209 as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer 1210 is the secure transport layer, and the mandatory-to-implement secure 1211 transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer 1212 is HTTPS, and the mandatory-to-implement secure transport is TLS 1213 [RFC8446]. 1215 The NETCONF Access Control Model (NACM) [RFC8341] provides the means 1216 to restrict access for particular NETCONF or RESTCONF users to a pre- 1217 configured subset of all available NETCONF or RESTCONF protocol 1218 operations and content. 1220 There are a number of data nodes defined in this YANG module that are 1221 writable/creatable/deletable (i.e., config true, which is the 1222 default). These data nodes may be considered sensitive or vulnerable 1223 in some network environments. Write operations (e.g., edit-config) 1224 to these data nodes without proper protection can have a negative 1225 effect on network operations. These are the subtrees and data nodes 1226 and their sensitivity/vulnerability: 1228 /isis:isis/segment-routing 1230 /isis:isis/protocol-srgb 1232 /isis:isis/isis:interfaces/isis:interface/segment-routing 1234 Some of the readable data nodes in the modules may be considered 1235 sensitive or vulnerable in some network environments. It is thus 1236 important to control read access (e.g., via get, get-config, or 1237 notification) to these data nodes. 1239 /isis:router-capabilities/sr-capability 1241 /isis:router-capabilities/sr-algorithms 1242 /isis:router-capabilities/local-blocks 1244 /isis:router-capabilities/srms-preference 1246 /isis:router-capabilities/node-msd-tlv 1248 And the augmentations to the ISIS link state database. 1250 Unauthorized access to any data node of these subtrees can disclose 1251 the operational state information of IS-IS protocol on this device. 1253 5. Contributors 1255 Authors would like to thank Derek Yeung, Acee Lindem, Yi Yang for 1256 their major contributions to the draft. 1258 6. Acknowledgements 1260 MITRE has approved this document for Public Release, Distribution 1261 Unlimited, with Public Release Case Number 19-3033. 1263 7. IANA Considerations 1265 The IANA is requested to assign two new URIs from the IETF XML 1266 registry ([RFC3688]). Authors are suggesting the following URI: 1268 URI: urn:ietf:params:xml:ns:yang:ietf-isis-sr 1269 Registrant Contact: The IESG. 1270 XML: N/A, the requested URI is an XML namespace 1272 URI: urn:ietf:params:xml:ns:yang:ietf-isis-msd 1273 Registrant Contact: The IESG. 1274 XML: N/A, the requested URI is an XML namespace 1276 This document also requests one new YANG module name in the YANG 1277 Module Names registry ([RFC6020]) with the following suggestion : 1279 name: ietf-isis-sr 1280 namespace: urn:ietf:params:xml:ns:yang:ietf-isis-sr 1281 prefix: isis-sr 1282 reference: RFC XXXX 1284 name: ietf-isis-msd 1285 namespace: urn:ietf:params:xml:ns:yang:ietf-isis-msd 1286 prefix: isis-msd 1287 reference: RFC XXXX 1289 8. Normative References 1291 [I-D.ietf-isis-yang-isis-cfg] 1292 Litkowski, S., Yeung, D., Lindem, A., Zhang, J., and L. 1293 Lhotka, "YANG Data Model for IS-IS Protocol", Work in 1294 Progress, Internet-Draft, draft-ietf-isis-yang-isis-cfg- 1295 42, 15 October 2019, . 1298 [I-D.ietf-spring-sr-yang] 1299 Litkowski, S., Qu, Y., Sarkar, P., and J. Tantsura, "YANG 1300 Data Model for Segment Routing", Work in Progress, 1301 Internet-Draft, draft-ietf-spring-sr-yang-15, 28 December 1302 2017, . 1305 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1306 Requirement Levels", BCP 14, RFC 2119, 1307 DOI 10.17487/RFC2119, March 1997, 1308 . 1310 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 1311 DOI 10.17487/RFC3688, January 2004, 1312 . 1314 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 1315 the Network Configuration Protocol (NETCONF)", RFC 6020, 1316 DOI 10.17487/RFC6020, October 2010, 1317 . 1319 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 1320 and A. Bierman, Ed., "Network Configuration Protocol 1321 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 1322 . 1324 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 1325 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 1326 . 1328 [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration 1329 Protocol (NETCONF) Access Control Model", RFC 6536, 1330 DOI 10.17487/RFC6536, March 2012, 1331 . 1333 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 1334 RFC 7950, DOI 10.17487/RFC7950, August 2016, 1335 . 1337 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 1338 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 1339 . 1341 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 1342 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 1343 May 2017, . 1345 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 1346 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 1347 . 1349 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration 1350 Access Control Model", STD 91, RFC 8341, 1351 DOI 10.17487/RFC8341, March 2018, 1352 . 1354 [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., 1355 and R. Wilton, "Network Management Datastore Architecture 1356 (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, 1357 . 1359 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 1360 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 1361 . 1363 [RFC8491] Tantsura, J., Chunduri, U., Aldrin, S., and L. Ginsberg, 1364 "Signaling Maximum SID Depth (MSD) Using IS-IS", RFC 8491, 1365 DOI 10.17487/RFC8491, November 2018, 1366 . 1368 [RFC8667] Previdi, S., Ed., Ginsberg, L., Ed., Filsfils, C., 1369 Bashandy, A., Gredler, H., and B. Decraene, "IS-IS 1370 Extensions for Segment Routing", RFC 8667, 1371 DOI 10.17487/RFC8667, December 2019, 1372 . 1374 Authors' Addresses 1376 Stephane Litkowski 1377 Cisco Systems 1379 Email: slitkows.ietf@gmail.com 1381 Yingzhen Qu 1382 Futurewei 1383 Email: yingzhen.qu@futurewei.com 1385 Pushpasis Sarkar 1386 Individual 1388 Email: pushpasis.ietf@gmail.com 1390 Ing-Wher Chen 1391 The MITRE Corporation 1393 Email: ingwherchen@mitre.org 1395 Jeff Tantsura 1396 Microsoft 1398 Email: jefftant.ietf@gmail.com