idnits 2.17.1 draft-ietf-lisp-yang-10.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 18 instances of too long lines in the document, the longest one being 7 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 124 has weird spacing: '...et-name str...' == Line 245 has weird spacing: '...le-type lis...' == The document doesn't use any RFC 2119 keywords, yet has text resembling RFC 2119 boilerplate text. -- The document date (November 4, 2018) is 1993 days in the past. Is this intentional? Checking references for intended status: Experimental ---------------------------------------------------------------------------- == Unused Reference: 'RFC6832' is defined on line 3516, but no explicit reference was found in the text == Unused Reference: 'RFC6836' is defined on line 3527, but no explicit reference was found in the text == Unused Reference: 'RFC8060' is defined on line 3541, but no explicit reference was found in the text == Unused Reference: 'RFC8111' is defined on line 3545, but no explicit reference was found in the text == Unused Reference: 'RFC8349' is defined on line 3563, but no explicit reference was found in the text ** Obsolete normative reference: RFC 6830 (Obsoleted by RFC 9300, RFC 9301) ** Obsolete normative reference: RFC 6833 (Obsoleted by RFC 9301) Summary: 3 errors (**), 0 flaws (~~), 9 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 LISP Working Group V. Ermagan 3 Internet-Draft A. Rodriguez-Natal 4 Intended status: Experimental F. Coras 5 Expires: May 8, 2019 C. Moberg 6 R. Rahman 7 Cisco Systems 8 A. Cabellos-Aparicio 9 Technical University of Catalonia 10 F. Maino 11 Cisco Systems 12 November 4, 2018 14 LISP YANG Model 15 draft-ietf-lisp-yang-10 17 Abstract 19 This document describes a YANG data model to use with the Locator/ID 20 Separation Protocol (LISP). 22 The YANG modules in this document conform to the Network Management 23 Datastore Architecture (NMDA). 25 Status of This Memo 27 This Internet-Draft is submitted in full conformance with the 28 provisions of BCP 78 and BCP 79. 30 Internet-Drafts are working documents of the Internet Engineering 31 Task Force (IETF). Note that other groups may also distribute 32 working documents as Internet-Drafts. The list of current Internet- 33 Drafts is at https://datatracker.ietf.org/drafts/current/. 35 Internet-Drafts are draft documents valid for a maximum of six months 36 and may be updated, replaced, or obsoleted by other documents at any 37 time. It is inappropriate to use Internet-Drafts as reference 38 material or to cite them other than as "work in progress." 40 This Internet-Draft will expire on May 8, 2019. 42 Copyright Notice 44 Copyright (c) 2018 IETF Trust and the persons identified as the 45 document authors. All rights reserved. 47 This document is subject to BCP 78 and the IETF Trust's Legal 48 Provisions Relating to IETF Documents 49 (https://trustee.ietf.org/license-info) in effect on the date of 50 publication of this document. Please review these documents 51 carefully, as they describe your rights and restrictions with respect 52 to this document. Code Components extracted from this document must 53 include Simplified BSD License text as described in Section 4.e of 54 the Trust Legal Provisions and are provided without warranty as 55 described in the Simplified BSD License. 57 Table of Contents 59 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 60 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 61 1.2. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 3 62 2. LISP Module . . . . . . . . . . . . . . . . . . . . . . . . . 3 63 2.1. Module Structure . . . . . . . . . . . . . . . . . . . . 3 64 2.2. Module Definition . . . . . . . . . . . . . . . . . . . . 6 65 3. LISP-ITR Module . . . . . . . . . . . . . . . . . . . . . . . 16 66 3.1. Module Structure . . . . . . . . . . . . . . . . . . . . 16 67 3.2. Module Definition . . . . . . . . . . . . . . . . . . . . 22 68 4. LISP-ETR Module . . . . . . . . . . . . . . . . . . . . . . . 25 69 4.1. Module Structure . . . . . . . . . . . . . . . . . . . . 25 70 4.2. Module Definition . . . . . . . . . . . . . . . . . . . . 28 71 5. LISP-Map-Server Module . . . . . . . . . . . . . . . . . . . 32 72 5.1. Module Structure . . . . . . . . . . . . . . . . . . . . 32 73 5.2. Module Definition . . . . . . . . . . . . . . . . . . . . 41 74 6. LISP-Map-Resolver Module . . . . . . . . . . . . . . . . . . 47 75 6.1. Module Structure . . . . . . . . . . . . . . . . . . . . 47 76 6.2. Module Definition . . . . . . . . . . . . . . . . . . . . 47 77 7. LISP-Address-Types Module . . . . . . . . . . . . . . . . . . 49 78 7.1. Module Definition . . . . . . . . . . . . . . . . . . . . 49 79 7.2. Data Model examples . . . . . . . . . . . . . . . . . . . 64 80 7.2.1. LISP protocol instance . . . . . . . . . . . . . . . 64 81 7.2.2. LISP ITR . . . . . . . . . . . . . . . . . . . . . . 65 82 7.2.3. LISP ETR . . . . . . . . . . . . . . . . . . . . . . 66 83 7.2.4. LISP Map-Server . . . . . . . . . . . . . . . . . . . 68 84 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 69 85 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 69 86 10. Security Considerations . . . . . . . . . . . . . . . . . . . 71 87 11. Normative References . . . . . . . . . . . . . . . . . . . . 74 88 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 76 90 1. Introduction 92 The Locator/ID Separation Protocol (LISP) defines several network 93 elements subject to be configured. This document presents the YANG 94 data models required for basic configuration of all major LISP 95 [RFC6830] elements. The models also capture some essential 96 operational data elements as well. 98 1.1. Requirements Language 100 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 101 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 102 document are to be interpreted as described in BCP 14 [RFC2119] 103 [RFC8174] when, and only when, they appear in all capitals, as shown 104 here. 106 1.2. Tree Diagrams 108 This document uses the graphical representation of data models 109 defined in [RFC8340]. 111 2. LISP Module 113 This module is the base LISP module that is augmented in multiple 114 models to represent various LISP device roles. 116 2.1. Module Structure 118 module: ietf-lisp 119 augment /rt:routing/rt:control-plane-protocols 120 /rt:control-plane-protocol: 121 +--rw lisp 122 +--rw locator-sets 123 | +--rw locator-set* [locator-set-name] 124 | +--rw locator-set-name string 125 | +--rw (locator-type)? 126 | +--:(local-interface) 127 | | +--rw interface* [interface-ref] 128 | | +--rw interface-ref if:interface-ref 129 | | +--rw priority? uint8 130 | | +--rw weight? uint8 131 | | +--rw multicast-priority? uint8 132 | | +--rw multicast-weight? uint8 133 | +--:(general-locator) 134 | +--rw locator* [id] 135 | +--rw id string 136 | +--rw locator-address 137 | | +--rw address-type 138 | | | lisp-address-family-ref 139 | | +--rw virtual-network-id? 140 | | | instance-id-type 141 | | +--rw (address)? 142 | | +--:(no-address) 143 | | | +--rw no-address? empty 144 | | +--:(ipv4) 145 | | | +--rw ipv4? 146 | | | inet:ipv4-address 147 | | +--:(ipv4-prefix) 148 | | | +--rw ipv4-prefix? 149 | | | inet:ipv4-prefix 150 | | +--:(ipv6) 151 | | | +--rw ipv6? 152 | | | inet:ipv6-address 153 | | +--:(ipv6-prefix) 154 | | | +--rw ipv6-prefix? 155 | | | inet:ipv6-prefix 156 | | +--:(mac) 157 | | | +--rw mac? 158 | | | yang:mac-address 159 | | +--:(distinguished-name) 160 | | | +--rw distinguished-name? 161 | | | distinguished-name-type 162 | | +--:(as-number) 163 | | | +--rw as-number? 164 | | | inet:as-number 165 | | +--:(null-address) 166 | | | +--rw null-address 167 | | | +--rw address? empty 168 | | +--:(afi-list) 169 | | | +--rw afi-list 170 | | | +--rw address-list* 171 | | | simple-address 172 | | +--:(instance-id) 173 | | | +--rw instance-id 174 | | | +--rw iid? 175 | | | | instance-id-type 176 | | | +--rw mask-length? uint8 177 | | | +--rw address? simple-address 178 | | +--:(as-number-lcaf) 179 | | | +--rw as-number-lcaf 180 | | | +--rw as? inet:as-number 181 | | | +--rw address? simple-address 182 | | +--:(application-data) 183 | | | +--rw application-data 184 | | | +--rw address? 185 | | | | simple-address 186 | | | +--rw protocol? uint8 187 | | | +--rw ip-tos? int32 188 | | | +--rw local-port-low? 189 | | | | inet:port-number 190 | | | +--rw local-port-high? 191 | | | | inet:port-number 192 | | | +--rw remote-port-low? 193 | | | | inet:port-number 194 | | | +--rw remote-port-high? 195 | | | inet:port-number 196 | | +--:(geo-coordinates) 197 | | | +--rw geo-coordinates 198 | | | +--rw latitude? bits 199 | | | +--rw latitude-degrees? uint8 200 | | | +--rw latitude-minutes? uint8 201 | | | +--rw latitude-seconds? uint8 202 | | | +--rw longitude? bits 203 | | | +--rw longitude-degrees? uint16 204 | | | +--rw longitude-minutes? uint8 205 | | | +--rw longitude-seconds? uint8 206 | | | +--rw altitude? int32 207 | | | +--rw address? 208 | | | simple-address 209 | | +--:(nat-traversal) 210 | | | +--rw nat-traversal 211 | | | +--rw ms-udp-port? uint16 212 | | | +--rw etr-udp-port? uint16 213 | | | +--rw global-etr-rloc? 214 | | | | simple-address 215 | | | +--rw ms-rloc? 216 | | | | simple-address 217 | | | +--rw private-etr-rloc? 218 | | | | simple-address 219 | | | +--rw rtr-rlocs* 220 | | | simple-address 221 | | +--:(explicit-locator-path) 222 | | | +--rw explicit-locator-path 223 | | | +--rw hop* [hop-id] 224 | | | +--rw hop-id string 225 | | | +--rw address? simple-address 226 | | | +--rw lrs-bits? bits 227 | | +--:(source-dest-key) 228 | | | +--rw source-dest-key 229 | | | +--rw source? simple-address 230 | | | +--rw dest? simple-address 231 | | +--:(key-value-address) 232 | | | +--rw key-value-address 233 | | | +--rw key? simple-address 234 | | | +--rw value? simple-address 235 | | +--:(service-path) 236 | | +--rw service-path 237 | | +--rw service-path-id? 238 | | | service-path-id-type 239 | | +--rw service-index? uint8 240 | +--rw priority? uint8 241 | +--rw weight? uint8 242 | +--rw multicast-priority? uint8 243 | +--rw multicast-weight? uint8 244 +--rw lisp-role* [lisp-role-type] 245 | +--rw lisp-role-type lisp-role-ref 246 +--rw lisp-router-id 247 | +--rw site-id? uint64 248 | +--rw xtr-id? lisp:xtr-id-type 249 +--rw virtual-networks 250 +--rw virtual-network* [vni] 251 +--rw vni lcaf:instance-id-type 252 +--rw ni-name? 253 -> /ni:network-instances/network-instance/name 255 2.2. Module Definition 257 file "ietf-lisp@2018-11-04.yang" 258 module ietf-lisp { 259 yang-version 1.1; 261 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp"; 263 prefix lisp; 265 import ietf-interfaces { 266 prefix if; 267 reference 268 "RFC 8343: A YANG Data Model for Interface Management"; 269 } 270 // RFC Ed.: replace occurences of XXXX with actual RFC number 271 // and remove this note 272 import ietf-lisp-address-types { 273 prefix lcaf; 274 reference "RFC XXXX: LISP YANG model"; 275 } 276 import ietf-yang-types { 277 prefix yang; 278 reference "RFC 6991: Common YANG Data Types"; 279 } 280 import ietf-routing { 281 prefix "rt"; 282 reference 283 "RFC 8349: A YANG Data Model for Routing Management 284 (NMDA version)"; 285 } 286 import ietf-network-instance { 287 prefix "ni"; 288 // RFC Ed.: replace occurences of YYYY with actual RFC number 289 // of draft-ietf-rtgwg-ni-model and remove this note 290 reference 291 "RFC YYYY: YANG Model for Network Instances"; 292 } 294 organization 295 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 296 contact 297 "WG Web: 298 WG List: 300 Editor: Vina Ermagan 301 303 Editor: Alberto Rodriguez-Natal 304 306 Editor: Reshad Rahman 307 "; 308 description 309 "This YANG module defines the generic parameters for LISP. 310 The module can be extended by vendors to define vendor-specific 311 LISP parameters and policies. 313 Copyright (c) 2018 IETF Trust and the persons identified as 314 authors of the code. All rights reserved. 316 Redistribution and use in source and binary forms, with or 317 without modification, is permitted pursuant to, and subject 318 to the license terms contained in, the Simplified BSD License 319 set forth in Section 4.c of the IETF Trust's Legal Provisions 320 Relating to IETF Documents 321 (http://trustee.ietf.org/license-info). 323 This version of this YANG module is part of RFC XXXX; see 324 the RFC itself for full legal notices. 325 "; 327 reference "RFC XXXX"; 329 revision 2018-11-04 { 330 description 331 "Initial revision."; 332 reference 333 "https://tools.ietf.org/html/rfc6830"; 334 } 336 /* 337 * Identity definitions 338 */ 339 identity lisp { 340 base "rt:control-plane-protocol"; 341 description "LISP protocol."; 342 reference 343 "RFC 6830: The Locator/ID Separation Protocol (LISP)."; 344 } 346 identity lisp-role { 347 description 348 "LISP router role."; 349 } 350 identity itr { 351 base lisp-role; 352 description 353 "LISP ITR."; 354 } 355 identity pitr { 356 base lisp-role; 357 description 358 "LISP PITR."; 359 } 360 identity etr { 361 base lisp-role; 362 description 363 "LISP ETR."; 364 } 365 identity petr { 366 base lisp-role; 367 description 368 "LISP PETR."; 369 } 370 identity mapping-system { 371 description 372 "Mapping System interface"; 373 } 374 identity single-node-mapping-system { 375 base mapping-system; 376 description 377 "logically singular Map Server"; 378 } 379 typedef mapping-system-ref { 380 type identityref { 381 base mapping-system; 382 } 383 description 384 "Mapping System reference"; 385 } 386 typedef lisp-role-ref { 387 type identityref { 388 base lisp-role; 389 } 390 description 391 "LISP role reference"; 392 } 393 typedef map-reply-action { 394 type enumeration { 395 enum no-action { 396 value 0; 397 description 398 "Mapping is kept alive and no encapsulation occurs."; 399 } 400 enum natively-forward { 401 value 1; 402 description 403 "Matching packets are not encapsulated or dropped but 404 natively forwarded."; 405 } 406 enum send-map-request { 407 value 2; 408 description 409 "Matching packets invoke Map-Requests."; 410 } 411 enum drop { 412 value 3; 413 description 414 "Matching packets are dropped."; 415 } 416 } 417 description 418 "Defines the lisp map-cache ACT type"; 419 reference "https://tools.ietf.org/html/rfc6830#section-6.1.4"; 420 } 421 typedef eid-id { 422 type string; 423 description 424 "Type encoding of lisp-addresses to be generally used in EID 425 keyed lists."; 426 } 427 typedef auth-key-type { 428 type enumeration { 429 enum none { 430 value 0; 431 description 432 "No authentication."; 433 } 434 enum hmac-sha-1-96 { 435 value 1; 436 description 437 "HMAC-SHA-1-96 (RFC2404) authentication is used."; 438 } 439 enum hmac-sha-256-128 { 440 value 2; 441 description 442 "HMAC-SHA-256-128 (RFC4868) authentication is used."; 443 } 444 } 445 description 446 "Enumeration of the authentication mechanisms supported by 447 LISP."; 448 reference 449 "https://tools.ietf.org/html/rfc6830#section-6.1.6"; 450 } 451 typedef xtr-id-type { 452 type binary { 453 length "16"; 454 } 455 description 456 "128 bit xTR identifier."; 457 } 459 grouping locator-properties { 460 description 461 "Properties of a RLOC"; 462 leaf priority { 463 type uint8; 464 description 465 "Locator priority."; 466 } 467 leaf weight { 468 type uint8; 469 description 470 "Locator weight."; 471 } 472 leaf multicast-priority { 473 type uint8; 474 description 475 "Locator's multicast priority"; 476 } 477 leaf multicast-weight { 478 type uint8; 479 description 480 "Locator's multicast weight"; 481 } 483 } 485 grouping locators-grouping { 486 description 487 "Group that defines a list of LISP locators."; 488 list locator { 489 key "id"; 490 description 491 "List of routing locators"; 492 leaf id { 493 type string { 494 length "1..64"; 495 } 496 description 497 "Locator id"; 498 } 499 container locator-address { 500 uses lcaf:lisp-address; 501 description 502 "The locator address provided in LISP canonincal 503 address format."; 504 } 505 uses locator-properties; 506 } 508 } 510 grouping local-locators-grouping { 511 description 512 "Group that defines a list of LISP locators."; 513 list interface { 514 key "interface-ref"; 515 description 516 "The address type of the locator"; 517 leaf interface-ref { 518 type if:interface-ref; 519 description 520 "The name of the interface supporting the locator."; 521 } 522 uses locator-properties; 523 } 524 } 526 grouping mapping { 527 description 528 "Group that defines a LISP mapping."; 529 container eid { 530 uses lcaf:lisp-address; 531 description 532 "End-host Identifier (EID) to be mapped to a list of 533 locators"; 534 } 535 leaf time-to-live { 536 type uint32; 537 units minutes; 538 description 539 "Mapping validity period in minutes."; 540 } 541 leaf creation-time { 542 type yang:date-and-time; 543 config false; 544 description 545 "Time when the mapping was created."; 546 } 547 leaf authoritative { 548 type bits { 549 bit A { 550 description 551 "Authoritative bit."; 552 } 553 } 554 description 555 "Bit that indicates if mapping comes from an 556 authoritative source."; 557 } 558 leaf static { 559 type boolean; 560 default "false"; 561 description 562 "This leaf should be true if the mapping is static."; 563 } 564 choice locator-list { 565 description 566 "list of locartors are either negative, or positive."; 567 case negative-mapping { 568 leaf map-reply-action { 569 type map-reply-action; 570 description 571 "Forwarding action for a negative mapping."; 572 } 573 } 574 case positive-mapping { 575 container rlocs { 576 uses locators-grouping; 577 description 578 "List of locators for a positive mapping."; 580 } 581 } 582 } 583 } 585 grouping mappings { 586 description 587 "Group that defines a list of LISP mappings."; 588 list virtual-network { 589 key "vni"; 590 description 591 "Virtual network to which the mappings belong."; 592 leaf vni { 593 type leafref { 594 path "/rt:routing/rt:control-plane-protocols" 595 + "/rt:control-plane-protocol/lisp:lisp" 596 + "/lisp:virtual-networks/lisp:virtual-network" 597 + "/lisp:vni"; 598 } 599 description 600 "Virtual network identifier."; 601 } 602 container mappings { 603 description 604 "Mappings within the virtual network."; 605 list mapping { 606 key "id"; 607 description 608 "List of EID to RLOCs mappings."; 609 leaf id { 610 type eid-id; 611 description 612 "Id that uniquely identifies a mapping."; 613 } 614 uses mapping; 615 } 616 } 617 } 618 } 620 augment "/rt:routing/rt:control-plane-protocols" 621 + "/rt:control-plane-protocol" { 622 when "derived-from-or-self(rt:type, 'lisp:lisp')" { 623 description 624 "This augmentation is only valid for a control-plane protocol 625 instance of LISP."; 626 } 627 description "LISP protocol ietf-routing module 628 control-plane-protocol augmentation."; 630 container lisp { 631 description 632 "Parameters for the LISP subsystem."; 634 container locator-sets { 635 description 636 "Container that defines a named locator set which can be 637 referenced elsewhere."; 638 list locator-set { 639 key "locator-set-name"; 640 description 641 "Multiple locator sets can be defined."; 642 leaf locator-set-name { 643 type string { 644 length "1..64"; 645 } 646 description 647 "Locator set name"; 648 } 649 choice locator-type { 650 description 651 "Locator sets can be based on local interfaces, or 652 general locators."; 653 case local-interface { 654 uses local-locators-grouping; 655 description 656 "List of locators in this set based on local 657 interfaces."; 658 } 659 case general-locator { 660 uses locators-grouping; 661 description 662 "List of locators in this set based on lisp-address."; 663 } 664 } 665 } 666 } 668 list lisp-role { 669 key lisp-role-type; 670 description 671 "List of lisp device roles such as MS, MR, ITR, 672 PITR, ETR or PETR."; 673 leaf lisp-role-type { 674 type lisp-role-ref; 675 description 676 "The type of LISP device - identity derived from the 677 'lisp-device' base identity."; 678 } 679 } 681 container lisp-router-id { 682 when "../lisp-role/lisp-role-type = 'itr' or 683 ../lisp-role/lisp-role-type = 'pitr' or 684 ../lisp-role/lisp-role-type = 'etr' or 685 ../lisp-role/lisp-role-type = 'petr'" { 686 description "Only when ITR, PITR, ETR or PETR."; 687 } 688 description 689 "Site-ID and xTR-ID of the device."; 690 leaf site-id { 691 type uint64; 692 description "Site ID"; 693 } 694 leaf xtr-id { 695 type lisp:xtr-id-type; 696 description "xTR ID"; 697 } 698 } 700 container virtual-networks { 701 when "../lisp-role/lisp-role-type = 'itr' or 702 ../lisp-role/lisp-role-type = 'pitr' or 703 ../lisp-role/lisp-role-type = 'etr' or 704 ../lisp-role/lisp-role-type = 'petr'" { 705 description "Only when ITR, PITR, ETR or PETR."; 706 } 707 description "Virtual networks"; 708 list virtual-network { 709 key vni; 710 unique "ni-name"; 711 description "List of virtual networks"; 713 leaf vni { 714 type lcaf:instance-id-type; 715 description 716 "Virtual network identifier"; 717 } 718 leaf ni-name { 719 type leafref { 720 path "/ni:network-instances/ni:network-instance/ni:name"; 721 } 722 mandatory true; 723 description 724 "Name of Network Instance (e.g. VRF) to which a VNI is 725 bound. Each VNI is bound to a different Network 726 Instance"; 727 } 728 } 729 } 730 } 731 } 732 } 733 735 3. LISP-ITR Module 737 This module captures the configuration data model of a LISP ITR. The 738 model also captures some operational data elements. 740 3.1. Module Structure 742 module: ietf-lisp-itr 743 augment /rt:routing/rt:control-plane-protocols 744 /rt:control-plane-protocol/lisp:lisp: 745 +--rw itr! 746 +--rw rloc-probing! 747 | +--rw interval? uint16 748 | +--rw retries? uint8 749 | +--rw retries-interval? uint16 750 +--rw itr-rlocs? leafref 751 +--rw map-resolvers 752 | +--rw map-resolver* inet:ip-address 753 +--rw proxy-etrs 754 | +--rw proxy-etr-address* inet:ip-address 755 +--rw map-cache 756 +--ro size? uint32 757 +--ro limit? uint32 758 +--rw virtual-network* [vni] 759 +--rw vni lcaf:instance-id-type 760 +--rw mappings 761 +--rw mapping* [id] 762 +--rw id eid-id 763 +--rw eid 764 | +--rw address-type 765 | | lisp-address-family-ref 766 | +--rw virtual-network-id? 767 | | instance-id-type 768 | +--rw (address)? 769 | +--:(no-address) 770 | | +--rw no-address? empty 771 | +--:(ipv4) 772 | | +--rw ipv4? 773 | | inet:ipv4-address 774 | +--:(ipv4-prefix) 775 | | +--rw ipv4-prefix? 776 | | inet:ipv4-prefix 777 | +--:(ipv6) 778 | | +--rw ipv6? 779 | | inet:ipv6-address 780 | +--:(ipv6-prefix) 781 | | +--rw ipv6-prefix? 782 | | inet:ipv6-prefix 783 | +--:(mac) 784 | | +--rw mac? 785 | | yang:mac-address 786 | +--:(distinguished-name) 787 | | +--rw distinguished-name? 788 | | distinguished-name-type 789 | +--:(as-number) 790 | | +--rw as-number? 791 | | inet:as-number 792 | +--:(null-address) 793 | | +--rw null-address 794 | | +--rw address? empty 795 | +--:(afi-list) 796 | | +--rw afi-list 797 | | +--rw address-list* simple-address 798 | +--:(instance-id) 799 | | +--rw instance-id 800 | | +--rw iid? instance-id-type 801 | | +--rw mask-length? uint8 802 | | +--rw address? simple-address 803 | +--:(as-number-lcaf) 804 | | +--rw as-number-lcaf 805 | | +--rw as? inet:as-number 806 | | +--rw address? simple-address 807 | +--:(application-data) 808 | | +--rw application-data 809 | | +--rw address? 810 | | | simple-address 811 | | +--rw protocol? uint8 812 | | +--rw ip-tos? int32 813 | | +--rw local-port-low? 814 | | | inet:port-number 815 | | +--rw local-port-high? 816 | | | inet:port-number 817 | | +--rw remote-port-low? 818 | | | inet:port-number 819 | | +--rw remote-port-high? 820 | | inet:port-number 821 | +--:(geo-coordinates) 822 | | +--rw geo-coordinates 823 | | +--rw latitude? bits 824 | | +--rw latitude-degrees? uint8 825 | | +--rw latitude-minutes? uint8 826 | | +--rw latitude-seconds? uint8 827 | | +--rw longitude? bits 828 | | +--rw longitude-degrees? uint16 829 | | +--rw longitude-minutes? uint8 830 | | +--rw longitude-seconds? uint8 831 | | +--rw altitude? int32 832 | | +--rw address? 833 | | simple-address 834 | +--:(nat-traversal) 835 | | +--rw nat-traversal 836 | | +--rw ms-udp-port? uint16 837 | | +--rw etr-udp-port? uint16 838 | | +--rw global-etr-rloc? 839 | | | simple-address 840 | | +--rw ms-rloc? 841 | | | simple-address 842 | | +--rw private-etr-rloc? 843 | | | simple-address 844 | | +--rw rtr-rlocs* 845 | | simple-address 846 | +--:(explicit-locator-path) 847 | | +--rw explicit-locator-path 848 | | +--rw hop* [hop-id] 849 | | +--rw hop-id string 850 | | +--rw address? simple-address 851 | | +--rw lrs-bits? bits 852 | +--:(source-dest-key) 853 | | +--rw source-dest-key 854 | | +--rw source? simple-address 855 | | +--rw dest? simple-address 856 | +--:(key-value-address) 857 | | +--rw key-value-address 858 | | +--rw key? simple-address 859 | | +--rw value? simple-address 860 | +--:(service-path) 861 | +--rw service-path 862 | +--rw service-path-id? 863 | | service-path-id-type 864 | +--rw service-index? uint8 865 +--rw time-to-live? uint32 866 +--ro creation-time? yang:date-and-time 867 +--rw authoritative? bits 868 +--rw static? boolean 869 +--rw (locator-list)? 870 +--:(negative-mapping) 871 | +--rw map-reply-action? map-reply-action 872 +--:(positive-mapping) 873 +--rw rlocs 874 +--rw locator* [id] 875 +--rw id string 876 +--rw locator-address 877 | +--rw address-type 878 | | lisp-address-family-ref 879 | +--rw virtual-network-id? 880 | | instance-id-type 881 | +--rw (address)? 882 | +--:(no-address) 883 | | +--rw no-address? 884 | | empty 885 | +--:(ipv4) 886 | | +--rw ipv4? 887 | | inet:ipv4-address 888 | +--:(ipv4-prefix) 889 | | +--rw ipv4-prefix? 890 | | inet:ipv4-prefix 891 | +--:(ipv6) 892 | | +--rw ipv6? 893 | | inet:ipv6-address 894 | +--:(ipv6-prefix) 895 | | +--rw ipv6-prefix? 896 | | inet:ipv6-prefix 897 | +--:(mac) 898 | | +--rw mac? 899 | | yang:mac-address 900 | +--:(distinguished-name) 901 | | +--rw distinguished-name? 902 | | distinguished-name-type 903 | +--:(as-number) 904 | | +--rw as-number? 905 | | inet:as-number 906 | +--:(null-address) 907 | | +--rw null-address 908 | | +--rw address? empty 909 | +--:(afi-list) 910 | | +--rw afi-list 911 | | +--rw address-list* 912 | | simple-address 913 | +--:(instance-id) 914 | | +--rw instance-id 915 | | +--rw iid? 916 | | | instance-id-type 917 | | +--rw mask-length? uint8 918 | | +--rw address? 919 | | simple-address 920 | +--:(as-number-lcaf) 921 | | +--rw as-number-lcaf 922 | | +--rw as? 923 | | | inet:as-number 924 | | +--rw address? 925 | | simple-address 926 | +--:(application-data) 927 | | +--rw application-data 928 | | +--rw address? 929 | | | simple-address 930 | | +--rw protocol? 931 | | | uint8 932 | | +--rw ip-tos? 933 | | | int32 934 | | +--rw local-port-low? 935 | | | inet:port-number 936 | | +--rw local-port-high? 937 | | | inet:port-number 938 | | +--rw remote-port-low? 939 | | | inet:port-number 940 | | +--rw remote-port-high? 941 | | inet:port-number 942 | +--:(geo-coordinates) 943 | | +--rw geo-coordinates 944 | | +--rw latitude? 945 | | | bits 946 | | +--rw latitude-degrees? 947 | | | uint8 948 | | +--rw latitude-minutes? 949 | | | uint8 950 | | +--rw latitude-seconds? 951 | | | uint8 952 | | +--rw longitude? 953 | | | bits 954 | | +--rw longitude-degrees? 955 | | | uint16 956 | | +--rw longitude-minutes? 957 | | | uint8 958 | | +--rw longitude-seconds? 959 | | | uint8 960 | | +--rw altitude? 961 | | | int32 962 | | +--rw address? 963 | | simple-address 964 | +--:(nat-traversal) 965 | | +--rw nat-traversal 966 | | +--rw ms-udp-port? 967 | | | uint16 968 | | +--rw etr-udp-port? 969 | | | uint16 970 | | +--rw global-etr-rloc? 971 | | | simple-address 972 | | +--rw ms-rloc? 973 | | | simple-address 974 | | +--rw private-etr-rloc? 975 | | | simple-address 976 | | +--rw rtr-rlocs* 977 | | simple-address 978 | +--:(explicit-locator-path) 979 | | +--rw explicit-locator-path 980 | | +--rw hop* [hop-id] 981 | | +--rw hop-id 982 | | | string 983 | | +--rw address? 984 | | | simple-address 985 | | +--rw lrs-bits? bits 986 | +--:(source-dest-key) 987 | | +--rw source-dest-key 988 | | +--rw source? 989 | | | simple-address 990 | | +--rw dest? 991 | | simple-address 992 | +--:(key-value-address) 993 | | +--rw key-value-address 994 | | +--rw key? 995 | | | simple-address 996 | | +--rw value? 997 | | simple-address 998 | +--:(service-path) 999 | +--rw service-path 1000 | +--rw service-path-id? 1001 | | service-path-id-type 1002 | +--rw service-index? 1003 | uint8 1004 +--rw priority? uint8 1005 +--rw weight? uint8 1006 +--rw multicast-priority? uint8 1007 +--rw multicast-weight? uint8 1009 3.2. Module Definition 1011 file "ietf-lisp-itr@2018-06-29.yang" 1012 module ietf-lisp-itr { 1013 yang-version 1.1; 1015 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp-itr"; 1017 prefix lisp-itr; 1019 // RFC Ed.: replace occurences of XXXX with actual RFC number 1020 // and remove this note 1021 import ietf-lisp { 1022 prefix lisp; 1023 reference "RFC XXXX: LISP YANG model"; 1024 } 1025 import ietf-inet-types { 1026 prefix inet; 1027 reference "RFC 6991: Common YANG Data Types"; 1028 } 1029 import ietf-routing { 1030 prefix "rt"; 1031 reference 1032 "RFC 8349: A YANG Data Model for Routing Management 1033 (NMDA version)"; 1034 } 1036 organization 1037 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 1038 contact 1039 "WG Web: 1040 WG List: 1042 Editor: Vina Ermagan 1043 1045 Editor: Alberto Rodriguez-Natal 1046 1048 Editor: Reshad Rahman 1049 "; 1050 description 1051 "This YANG module defines the generic parameters for a LISP 1052 ITR. The module can be extended by vendors to define 1053 vendor-specific parameters and policies. 1055 Copyright (c) 2018 IETF Trust and the persons identified as 1056 authors of the code. All rights reserved. 1058 Redistribution and use in source and binary forms, with or 1059 without modification, is permitted pursuant to, and subject 1060 to the license terms contained in, the Simplified BSD License 1061 set forth in Section 4.c of the IETF Trust's Legal Provisions 1062 Relating to IETF Documents 1063 (http://trustee.ietf.org/license-info). 1065 This version of this YANG module is part of RFC XXXX; see 1066 the RFC itself for full legal notices. 1067 "; 1069 reference "RFC XXXX"; 1071 revision 2018-06-29 { 1072 description 1073 "Initial revision."; 1074 reference 1075 "https://tools.ietf.org/html/rfc6830"; 1076 } 1077 augment "/rt:routing/rt:control-plane-protocols" 1078 + "/rt:control-plane-protocol/lisp:lisp" { 1079 when "lisp:lisp-role/lisp:lisp-role-type = 'lisp:itr' or 1080 lisp:lisp-role/lisp:lisp-role-type = 'lisp:pitr'" { 1081 description 1082 "Augment is valid when LISP role type is ITR or PITR."; 1083 } 1084 description 1085 "This augments LISP devices list with (P)ITR specific 1086 parameters."; 1087 container itr { 1088 presence "LISP (P)ITR operation enabled"; 1089 description 1090 "ITR parameters"; 1091 container rloc-probing { 1092 presence "RLOC probing active"; 1093 description 1094 "RLOC-probing parameters"; 1095 leaf interval { 1096 type uint16; 1097 units "seconds"; 1098 description 1099 "Interval in seconds for resending the probes"; 1100 } 1101 leaf retries { 1102 type uint8; 1103 description 1104 "Number of retries for sending the probes"; 1105 } 1106 leaf retries-interval { 1107 type uint16; 1108 units "seconds"; 1109 description 1110 "Interval in seconds between retries when sending probes. 1111 The action taken if all retries fail to receive is 1112 impementation specific."; 1113 } 1114 } 1115 leaf itr-rlocs { 1116 type leafref { 1117 path "/rt:routing/rt:control-plane-protocols" 1118 + "/rt:control-plane-protocol/lisp:lisp" 1119 + "/lisp:locator-sets/lisp:locator-set" 1120 + "/lisp:locator-set-name"; 1121 } 1122 description 1123 "Reference to a locator set that the (P)ITR includes in 1124 Map-Requests"; 1125 } 1126 container map-resolvers { 1127 description 1128 "Map-Resolvers that the (P)ITR uses."; 1129 leaf-list map-resolver { 1130 type inet:ip-address; 1131 description 1132 "Each Map-Resolver within the list of Map-Resolvers."; 1133 } 1134 } 1135 container proxy-etrs { 1136 when "../../lisp:lisp-role/lisp:lisp-role-type = 'lisp:itr'" { 1137 description 1138 "Container exists only when LISP role type is ITR"; 1139 } 1140 description 1141 "Proxy ETRs that the ITR uses."; 1142 leaf-list proxy-etr-address{ 1143 type inet:ip-address; 1144 description 1145 "Proxy ETR RLOC address."; 1146 } 1147 } 1148 container map-cache { 1149 leaf size { 1150 type uint32; 1151 config false; 1152 description 1153 "Current number of entries in the EID-to-RLOC map-cache"; 1155 } 1156 leaf limit { 1157 type uint32; 1158 config false; 1159 description 1160 "Maximum permissible number of entries in the EID-to-RLOC 1161 map-cache"; 1162 } 1164 uses lisp:mappings; 1165 description 1166 "EID to RLOCs mappings cache."; 1167 } 1168 } 1169 } 1170 } 1171 1173 4. LISP-ETR Module 1175 This module captures the configuration data model of a LISP ETR. The 1176 model also captures some operational data elements. 1178 4.1. Module Structure 1180 module: ietf-lisp-etr 1181 augment /rt:routing/rt:control-plane-protocols 1182 /rt:control-plane-protocol/lisp:lisp: 1183 +--rw etr! 1184 +--rw map-servers 1185 | +--rw map-server* [ms-address] 1186 | +--rw ms-address inet:ip-address 1187 | +--rw auth-key? string 1188 | +--rw auth-key-type? lisp:auth-key-type 1189 +--rw local-eids 1190 +--rw virtual-network* [vni] 1191 +--rw vni lcaf:instance-id-type 1192 +--rw eids 1193 +--rw local-eid* [id] 1194 +--rw id lisp:eid-id 1195 +--rw eid-address 1196 | +--rw address-type 1197 | | lisp-address-family-ref 1198 | +--rw virtual-network-id? 1199 | | instance-id-type 1200 | +--rw (address)? 1201 | +--:(no-address) 1202 | | +--rw no-address? empty 1203 | +--:(ipv4) 1204 | | +--rw ipv4? 1205 | | inet:ipv4-address 1206 | +--:(ipv4-prefix) 1207 | | +--rw ipv4-prefix? 1208 | | inet:ipv4-prefix 1209 | +--:(ipv6) 1210 | | +--rw ipv6? 1211 | | inet:ipv6-address 1212 | +--:(ipv6-prefix) 1213 | | +--rw ipv6-prefix? 1214 | | inet:ipv6-prefix 1215 | +--:(mac) 1216 | | +--rw mac? 1217 | | yang:mac-address 1218 | +--:(distinguished-name) 1219 | | +--rw distinguished-name? 1220 | | distinguished-name-type 1221 | +--:(as-number) 1222 | | +--rw as-number? 1223 | | inet:as-number 1224 | +--:(null-address) 1225 | | +--rw null-address 1226 | | +--rw address? empty 1227 | +--:(afi-list) 1228 | | +--rw afi-list 1229 | | +--rw address-list* simple-address 1230 | +--:(instance-id) 1231 | | +--rw instance-id 1232 | | +--rw iid? instance-id-type 1233 | | +--rw mask-length? uint8 1234 | | +--rw address? simple-address 1235 | +--:(as-number-lcaf) 1236 | | +--rw as-number-lcaf 1237 | | +--rw as? inet:as-number 1238 | | +--rw address? simple-address 1239 | +--:(application-data) 1240 | | +--rw application-data 1241 | | +--rw address? 1242 | | | simple-address 1243 | | +--rw protocol? uint8 1244 | | +--rw ip-tos? int32 1245 | | +--rw local-port-low? 1246 | | | inet:port-number 1247 | | +--rw local-port-high? 1248 | | | inet:port-number 1249 | | +--rw remote-port-low? 1250 | | | inet:port-number 1251 | | +--rw remote-port-high? 1252 | | inet:port-number 1253 | +--:(geo-coordinates) 1254 | | +--rw geo-coordinates 1255 | | +--rw latitude? bits 1256 | | +--rw latitude-degrees? uint8 1257 | | +--rw latitude-minutes? uint8 1258 | | +--rw latitude-seconds? uint8 1259 | | +--rw longitude? bits 1260 | | +--rw longitude-degrees? uint16 1261 | | +--rw longitude-minutes? uint8 1262 | | +--rw longitude-seconds? uint8 1263 | | +--rw altitude? int32 1264 | | +--rw address? 1265 | | simple-address 1266 | +--:(nat-traversal) 1267 | | +--rw nat-traversal 1268 | | +--rw ms-udp-port? uint16 1269 | | +--rw etr-udp-port? uint16 1270 | | +--rw global-etr-rloc? 1271 | | | simple-address 1272 | | +--rw ms-rloc? 1273 | | | simple-address 1274 | | +--rw private-etr-rloc? 1275 | | | simple-address 1276 | | +--rw rtr-rlocs* 1277 | | simple-address 1278 | +--:(explicit-locator-path) 1279 | | +--rw explicit-locator-path 1280 | | +--rw hop* [hop-id] 1281 | | +--rw hop-id string 1282 | | +--rw address? simple-address 1283 | | +--rw lrs-bits? bits 1284 | +--:(source-dest-key) 1285 | | +--rw source-dest-key 1286 | | +--rw source? simple-address 1287 | | +--rw dest? simple-address 1288 | +--:(key-value-address) 1289 | | +--rw key-value-address 1290 | | +--rw key? simple-address 1291 | | +--rw value? simple-address 1292 | +--:(service-path) 1293 | +--rw service-path 1294 | +--rw service-path-id? 1295 | | service-path-id-type 1296 | +--rw service-index? uint8 1297 +--rw rlocs? leafref 1298 +--rw record-ttl? uint32 1299 +--rw want-map-notify? boolean 1300 +--rw proxy-reply? boolean 1301 +--rw registration-interval? uint16 1303 4.2. Module Definition 1305 file "ietf-lisp-etr@2018-09-06.yang" 1306 module ietf-lisp-etr { 1307 yang-version 1.1; 1309 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp-etr"; 1311 prefix lisp-etr; 1313 // RFC Ed.: replace occurences of XXXX with actual RFC number 1314 // and remove this note 1315 import ietf-lisp { 1316 prefix lisp; 1317 reference "RFC XXXX: LISP YANG model"; 1318 } 1319 import ietf-lisp-address-types { 1320 prefix lcaf; 1321 reference "RFC XXXX: LISP YANG model"; 1322 } 1323 import ietf-inet-types { 1324 prefix inet; 1325 reference "RFC 6991: Common YANG Data Types"; 1326 } 1327 import ietf-routing { 1328 prefix "rt"; 1329 reference 1330 "RFC 8349: A YANG Data Model for Routing Management 1331 (NMDA version)"; 1332 } 1334 organization 1335 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 1336 contact 1337 "WG Web: 1338 WG List: 1340 Editor: Vina Ermagan 1341 1343 Editor: Alberto Rodriguez-Natal 1344 1346 Editor: Reshad Rahman 1347 "; 1348 description 1349 "This YANG module defines the generic parameters for a LISP 1350 ETR. The module can be extended by vendors to define 1351 vendor-specific parameters and policies. 1353 Copyright (c) 2018 IETF Trust and the persons identified as 1354 authors of the code. All rights reserved. 1356 Redistribution and use in source and binary forms, with or 1357 without modification, is permitted pursuant to, and subject 1358 to the license terms contained in, the Simplified BSD License 1359 set forth in Section 4.c of the IETF Trust's Legal Provisions 1360 Relating to IETF Documents 1361 (http://trustee.ietf.org/license-info). 1363 This version of this YANG module is part of RFC XXXX; see 1364 the RFC itself for full legal notices. 1365 "; 1367 reference "RFC XXXX"; 1369 revision 2018-09-06 { 1370 description 1371 "Initial revision."; 1372 reference 1373 "https://tools.ietf.org/html/rfc6830"; 1374 } 1375 augment "/rt:routing/rt:control-plane-protocols" 1376 + "/rt:control-plane-protocol/lisp:lisp" { 1377 when "lisp:lisp-role/lisp:lisp-role-type = 'lisp:etr' or 1378 lisp:lisp-role/lisp:lisp-role-type = 'lisp:petr'" { 1379 description 1380 "Augment is valid when LISP device type is (P)ETR."; 1381 } 1382 description 1383 "This augments LISP devices list with (P)ETR specific 1384 parameters."; 1385 container etr { 1386 presence "LISP (P)ETR operation enabled"; 1387 description 1388 "(P)ETR parameters."; 1390 container map-servers { 1391 when "../../lisp:lisp-role/lisp:lisp-role-type = 'lisp:etr'" { 1392 description 1393 "Container exists only when LISP device type is ETR."; 1394 } 1395 description 1396 "Map-Servers that the ETR uses."; 1397 list map-server { 1398 key "ms-address"; 1399 description 1400 "Each Map-Server within the list of Map-Servers."; 1401 leaf ms-address { 1402 type inet:ip-address; 1403 description 1404 "Map-Server address."; 1405 } 1406 leaf auth-key { 1407 type string; 1408 description 1409 "Map-Server authentication key."; 1410 } 1411 leaf auth-key-type { 1412 type lisp:auth-key-type; 1413 description 1414 "Map-Server authentication type."; 1415 } 1416 } 1417 } 1419 container local-eids { 1420 when "../../lisp:lisp-role/lisp:lisp-role-type = 'lisp:etr'" { 1421 description 1422 "Container exists only when LISP device type is ETR."; 1423 } 1424 description 1425 "Virtual networks served by the ETR."; 1426 list virtual-network { 1427 key "vni"; 1428 description 1429 "Virtual network for local-EIDs."; 1430 leaf vni { 1431 type leafref { 1432 path "/rt:routing/rt:control-plane-protocols" 1433 + "/rt:control-plane-protocol/lisp:lisp" 1434 + "/lisp:virtual-networks/lisp:virtual-network" 1435 + "/lisp:vni"; 1436 } 1437 description 1438 "Virtual network identifier."; 1439 } 1440 container eids { 1441 description 1442 "EIDs served by the ETR."; 1444 list local-eid { 1445 key "id"; 1446 description 1447 "List of local EIDs."; 1448 leaf id { 1449 type lisp:eid-id; 1450 description 1451 "Unique id of local EID."; 1452 } 1453 container eid-address { 1454 uses lcaf:lisp-address; 1455 description 1456 "EID address in generic LISP address format."; 1457 } 1458 leaf rlocs { 1459 type leafref { 1460 path "/rt:routing/rt:control-plane-protocols" 1461 + "/rt:control-plane-protocol/lisp:lisp" 1462 + "/lisp:locator-sets/lisp:locator-set" 1463 + "/lisp:locator-set-name"; 1464 } 1465 description 1466 "Locator set mapped to this local EID."; 1467 } 1468 leaf record-ttl { 1469 type uint32; 1470 units minutes; 1471 description 1472 "Validity period of the EID to RLOCs mapping provided 1473 in Map-Replies."; 1474 } 1475 leaf want-map-notify { 1476 type boolean; 1477 default "true"; 1478 description 1479 "Flag which if set in a Map-Register requests that a 1480 Map-Notify be sent in response."; 1481 } 1482 leaf proxy-reply { 1483 type boolean; 1484 default "false"; 1485 description 1486 "Flag which if set in a Map-Register requests that the 1487 Map-Server proxy Map-Replies for the ETR."; 1488 } 1489 leaf registration-interval { 1490 type uint16; 1491 units "seconds"; 1492 default "60"; 1493 description 1494 "Interval between consecutive Map-Register messages."; 1495 } 1496 } 1497 } 1498 } 1499 } 1500 } 1501 } 1502 } 1503 1505 5. LISP-Map-Server Module 1507 This module captures the configuration data model of a LISP Map 1508 Server [RFC6833]. The model also captures some operational data 1509 elements. 1511 5.1. Module Structure 1513 module: ietf-lisp-mapserver 1514 augment /rt:routing/rt:control-plane-protocols 1515 /rt:control-plane-protocol/lisp:lisp: 1516 +--rw map-server! 1517 +--rw sites 1518 | +--rw site* [site-id] 1519 | +--rw site-id uint64 1520 | +--rw auth-key 1521 | +--rw auth-key-value? string 1522 | +--rw auth-key-type* lisp:auth-key-type 1523 +--rw virtual-network-ids 1524 | +--rw virtual-network-identifier* [vni] 1525 | +--rw vni lcaf:instance-id-type 1526 | +--rw mappings 1527 | | +--rw mapping* [eid-id] 1528 | | +--rw eid-id lisp:eid-id 1529 | | +--rw eid-address 1530 | | | +--rw address-type 1531 | | | | lisp-address-family-ref 1532 | | | +--rw virtual-network-id? 1533 | | | | instance-id-type 1534 | | | +--rw (address)? 1535 | | | +--:(no-address) 1536 | | | | +--rw no-address? empty 1537 | | | +--:(ipv4) 1538 | | | | +--rw ipv4? 1539 | | | | inet:ipv4-address 1540 | | | +--:(ipv4-prefix) 1541 | | | | +--rw ipv4-prefix? 1542 | | | | inet:ipv4-prefix 1543 | | | +--:(ipv6) 1544 | | | | +--rw ipv6? 1545 | | | | inet:ipv6-address 1546 | | | +--:(ipv6-prefix) 1547 | | | | +--rw ipv6-prefix? 1548 | | | | inet:ipv6-prefix 1549 | | | +--:(mac) 1550 | | | | +--rw mac? 1551 | | | | yang:mac-address 1552 | | | +--:(distinguished-name) 1553 | | | | +--rw distinguished-name? 1554 | | | | distinguished-name-type 1555 | | | +--:(as-number) 1556 | | | | +--rw as-number? 1557 | | | | inet:as-number 1558 | | | +--:(null-address) 1559 | | | | +--rw null-address 1560 | | | | +--rw address? empty 1561 | | | +--:(afi-list) 1562 | | | | +--rw afi-list 1563 | | | | +--rw address-list* simple-address 1564 | | | +--:(instance-id) 1565 | | | | +--rw instance-id 1566 | | | | +--rw iid? instance-id-type 1567 | | | | +--rw mask-length? uint8 1568 | | | | +--rw address? simple-address 1569 | | | +--:(as-number-lcaf) 1570 | | | | +--rw as-number-lcaf 1571 | | | | +--rw as? inet:as-number 1572 | | | | +--rw address? simple-address 1573 | | | +--:(application-data) 1574 | | | | +--rw application-data 1575 | | | | +--rw address? 1576 | | | | | simple-address 1577 | | | | +--rw protocol? uint8 1578 | | | | +--rw ip-tos? int32 1579 | | | | +--rw local-port-low? 1580 | | | | | inet:port-number 1581 | | | | +--rw local-port-high? 1582 | | | | | inet:port-number 1583 | | | | +--rw remote-port-low? 1584 | | | | | inet:port-number 1585 | | | | +--rw remote-port-high? 1586 | | | | inet:port-number 1587 | | | +--:(geo-coordinates) 1588 | | | | +--rw geo-coordinates 1589 | | | | +--rw latitude? bits 1590 | | | | +--rw latitude-degrees? uint8 1591 | | | | +--rw latitude-minutes? uint8 1592 | | | | +--rw latitude-seconds? uint8 1593 | | | | +--rw longitude? bits 1594 | | | | +--rw longitude-degrees? uint16 1595 | | | | +--rw longitude-minutes? uint8 1596 | | | | +--rw longitude-seconds? uint8 1597 | | | | +--rw altitude? int32 1598 | | | | +--rw address? 1599 | | | | simple-address 1600 | | | +--:(nat-traversal) 1601 | | | | +--rw nat-traversal 1602 | | | | +--rw ms-udp-port? uint16 1603 | | | | +--rw etr-udp-port? uint16 1604 | | | | +--rw global-etr-rloc? 1605 | | | | | simple-address 1606 | | | | +--rw ms-rloc? 1607 | | | | | simple-address 1608 | | | | +--rw private-etr-rloc? 1609 | | | | | simple-address 1610 | | | | +--rw rtr-rlocs* 1611 | | | | simple-address 1612 | | | +--:(explicit-locator-path) 1613 | | | | +--rw explicit-locator-path 1614 | | | | +--rw hop* [hop-id] 1615 | | | | +--rw hop-id string 1616 | | | | +--rw address? simple-address 1617 | | | | +--rw lrs-bits? bits 1618 | | | +--:(source-dest-key) 1619 | | | | +--rw source-dest-key 1620 | | | | +--rw source? simple-address 1621 | | | | +--rw dest? simple-address 1622 | | | +--:(key-value-address) 1623 | | | | +--rw key-value-address 1624 | | | | +--rw key? simple-address 1625 | | | | +--rw value? simple-address 1626 | | | +--:(service-path) 1627 | | | +--rw service-path 1628 | | | +--rw service-path-id? 1629 | | | | service-path-id-type 1630 | | | +--rw service-index? uint8 1631 | | +--rw site-id* uint64 1632 | | +--rw more-specifics-accepted? boolean 1633 | | +--rw mapping-expiration-timeout? int16 1634 | | +--ro first-registration-time? 1635 | | | yang:date-and-time 1636 | | +--ro last-registration-time? 1637 | | | yang:date-and-time 1638 | | +--rw mapping-records 1639 | | +--rw mapping-record* [xtr-id] 1640 | | +--rw xtr-id 1641 | | | lisp:xtr-id-type 1642 | | +--rw site-id? uint64 1643 | | +--rw eid 1644 | | | +--rw address-type 1645 | | | | lisp-address-family-ref 1646 | | | +--rw virtual-network-id? 1647 | | | | instance-id-type 1648 | | | +--rw (address)? 1649 | | | +--:(no-address) 1650 | | | | +--rw no-address? 1651 | | | | empty 1652 | | | +--:(ipv4) 1653 | | | | +--rw ipv4? 1654 | | | | inet:ipv4-address 1655 | | | +--:(ipv4-prefix) 1656 | | | | +--rw ipv4-prefix? 1657 | | | | inet:ipv4-prefix 1658 | | | +--:(ipv6) 1659 | | | | +--rw ipv6? 1660 | | | | inet:ipv6-address 1661 | | | +--:(ipv6-prefix) 1662 | | | | +--rw ipv6-prefix? 1663 | | | | inet:ipv6-prefix 1664 | | | +--:(mac) 1665 | | | | +--rw mac? 1666 | | | | yang:mac-address 1667 | | | +--:(distinguished-name) 1668 | | | | +--rw distinguished-name? 1669 | | | | distinguished-name-type 1670 | | | +--:(as-number) 1671 | | | | +--rw as-number? 1672 | | | | inet:as-number 1673 | | | +--:(null-address) 1674 | | | | +--rw null-address 1675 | | | | +--rw address? empty 1676 | | | +--:(afi-list) 1677 | | | | +--rw afi-list 1678 | | | | +--rw address-list* 1679 | | | | simple-address 1680 | | | +--:(instance-id) 1681 | | | | +--rw instance-id 1682 | | | | +--rw iid? 1683 | | | | | instance-id-type 1684 | | | | +--rw mask-length? uint8 1685 | | | | +--rw address? 1686 | | | | simple-address 1687 | | | +--:(as-number-lcaf) 1688 | | | | +--rw as-number-lcaf 1689 | | | | +--rw as? inet:as-number 1690 | | | | +--rw address? simple-address 1691 | | | +--:(application-data) 1692 | | | | +--rw application-data 1693 | | | | +--rw address? 1694 | | | | | simple-address 1695 | | | | +--rw protocol? uint8 1696 | | | | +--rw ip-tos? int32 1697 | | | | +--rw local-port-low? 1698 | | | | | inet:port-number 1699 | | | | +--rw local-port-high? 1700 | | | | | inet:port-number 1701 | | | | +--rw remote-port-low? 1702 | | | | | inet:port-number 1703 | | | | +--rw remote-port-high? 1704 | | | | inet:port-number 1705 | | | +--:(geo-coordinates) 1706 | | | | +--rw geo-coordinates 1707 | | | | +--rw latitude? bits 1708 | | | | +--rw latitude-degrees? uint8 1709 | | | | +--rw latitude-minutes? uint8 1710 | | | | +--rw latitude-seconds? uint8 1711 | | | | +--rw longitude? bits 1712 | | | | +--rw longitude-degrees? 1713 | | | | | uint16 1714 | | | | +--rw longitude-minutes? uint8 1715 | | | | +--rw longitude-seconds? uint8 1716 | | | | +--rw altitude? int32 1717 | | | | +--rw address? 1718 | | | | simple-address 1719 | | | +--:(nat-traversal) 1720 | | | | +--rw nat-traversal 1721 | | | | +--rw ms-udp-port? uint16 1722 | | | | +--rw etr-udp-port? uint16 1723 | | | | +--rw global-etr-rloc? 1724 | | | | | simple-address 1725 | | | | +--rw ms-rloc? 1726 | | | | | simple-address 1727 | | | | +--rw private-etr-rloc? 1728 | | | | | simple-address 1729 | | | | +--rw rtr-rlocs* 1730 | | | | simple-address 1731 | | | +--:(explicit-locator-path) 1732 | | | | +--rw explicit-locator-path 1733 | | | | +--rw hop* [hop-id] 1734 | | | | +--rw hop-id string 1735 | | | | +--rw address? 1736 | | | | | simple-address 1737 | | | | +--rw lrs-bits? bits 1738 | | | +--:(source-dest-key) 1739 | | | | +--rw source-dest-key 1740 | | | | +--rw source? simple-address 1741 | | | | +--rw dest? simple-address 1742 | | | +--:(key-value-address) 1743 | | | | +--rw key-value-address 1744 | | | | +--rw key? simple-address 1745 | | | | +--rw value? simple-address 1746 | | | +--:(service-path) 1747 | | | +--rw service-path 1748 | | | +--rw service-path-id? 1749 | | | | service-path-id-type 1750 | | | +--rw service-index? uint8 1751 | | +--rw time-to-live? uint32 1752 | | +--ro creation-time? 1753 | | | yang:date-and-time 1754 | | +--rw authoritative? bits 1755 | | +--rw static? boolean 1756 | | +--rw (locator-list)? 1757 | | +--:(negative-mapping) 1758 | | | +--rw map-reply-action? 1759 | | | map-reply-action 1760 | | +--:(positive-mapping) 1761 | | +--rw rlocs 1762 | | +--rw locator* [id] 1763 | | +--rw id 1764 | | | string 1765 | | +--rw locator-address 1766 | | | +--rw address-type 1767 | | | | lisp-address-family-ref 1768 | | | +--rw virtual-network-id? 1769 | | | | instance-id-type 1770 | | | +--rw (address)? 1771 | | | +--:(no-address) 1772 | | | | +--rw no-address? 1773 | | | | empty 1774 | | | +--:(ipv4) 1775 | | | | +--rw ipv4? 1776 | | | | inet:ipv4-address 1777 | | | +--:(ipv4-prefix) 1778 | | | | +--rw ipv4-prefix? 1779 | | | | inet:ipv4-prefix 1780 | | | +--:(ipv6) 1781 | | | | +--rw ipv6? 1782 | | | | inet:ipv6-address 1783 | | | +--:(ipv6-prefix) 1784 | | | | +--rw ipv6-prefix? 1785 | | | | inet:ipv6-prefix 1786 | | | +--:(mac) 1787 | | | | +--rw mac? 1788 | | | | yang:mac-address 1789 | | | +--:(distinguished-name) 1790 | | | | +--rw distinguished-name? 1791 | | | | distinguished-name-type 1792 | | | +--:(as-number) 1793 | | | | +--rw as-number? 1794 | | | | inet:as-number 1795 | | | +--:(null-address) 1796 | | | | +--rw null-address 1797 | | | | +--rw address? 1798 | | | | empty 1799 | | | +--:(afi-list) 1800 | | | | +--rw afi-list 1801 | | | | +--rw address-list* 1802 | | | | simple-address 1803 | | | +--:(instance-id) 1804 | | | | +--rw instance-id 1805 | | | | +--rw iid? 1806 | | | | | instance-id-type 1807 | | | | +--rw mask-length? 1808 | | | | | uint8 1809 | | | | +--rw address? 1810 | | | | simple-address 1811 | | | +--:(as-number-lcaf) 1812 | | | | +--rw as-number-lcaf 1813 | | | | +--rw as? 1814 | | | | | inet:as-number 1815 | | | | +--rw address? 1816 | | | | simple-address 1817 | | | +--:(application-data) 1818 | | | | +--rw application-data 1819 | | | | +--rw address? 1820 | | | | | simple-address 1821 | | | | +--rw protocol? 1822 | | | | | uint8 1823 | | | | +--rw ip-tos? 1824 | | | | | int32 1825 | | | | +--rw local-port-low? 1826 | | | | | inet:port-number 1827 | | | | +--rw local-port-high? 1828 | | | | | inet:port-number 1829 | | | | +--rw remote-port-low? 1830 | | | | | inet:port-number 1831 | | | | +--rw remote-port-high? 1832 | | | | inet:port-number 1833 | | | +--:(geo-coordinates) 1834 | | | | +--rw geo-coordinates 1835 | | | | +--rw latitude? 1836 | | | | | bits 1837 | | | | +--rw latitude-degrees? 1838 | | | | | uint8 1839 | | | | +--rw latitude-minutes? 1840 | | | | | uint8 1841 | | | | +--rw latitude-seconds? 1842 | | | | | uint8 1843 | | | | +--rw longitude? 1844 | | | | | bits 1845 | | | | +--rw longitude-degrees? 1846 | | | | | uint16 1847 | | | | +--rw longitude-minutes? 1848 | | | | | uint8 1849 | | | | +--rw longitude-seconds? 1850 | | | | | uint8 1851 | | | | +--rw altitude? 1852 | | | | | int32 1853 | | | | +--rw address? 1854 | | | | simple-address 1855 | | | +--:(nat-traversal) 1856 | | | | +--rw nat-traversal 1857 | | | | +--rw ms-udp-port? 1858 | | | | | uint16 1859 | | | | +--rw etr-udp-port? 1860 | | | | | uint16 1861 | | | | +--rw global-etr-rloc? 1862 | | | | | simple-address 1863 | | | | +--rw ms-rloc? 1864 | | | | | simple-address 1865 | | | | +--rw private-etr-rloc? 1866 | | | | | simple-address 1867 | | | | +--rw rtr-rlocs* 1868 | | | | simple-address 1869 | | | +--:(explicit-locator-path) 1870 | | | | +--rw explicit-locator-path 1871 | | | | +--rw hop* [hop-id] 1872 | | | | +--rw hop-id 1873 | | | | | string 1874 | | | | +--rw address? 1875 | | | | | simple-address 1876 | | | | +--rw lrs-bits? 1877 | | | | bits 1878 | | | +--:(source-dest-key) 1879 | | | | +--rw source-dest-key 1880 | | | | +--rw source? 1881 | | | | | simple-address 1882 | | | | +--rw dest? 1883 | | | | simple-address 1884 | | | +--:(key-value-address) 1885 | | | | +--rw key-value-address 1886 | | | | +--rw key? 1887 | | | | | simple-address 1888 | | | | +--rw value? 1889 | | | | simple-address 1890 | | | +--:(service-path) 1891 | | | +--rw service-path 1892 | | | +--rw service-path-id? 1893 | | | | service-path-id-type 1894 | | | +--rw service-index? 1895 | | | uint8 1896 | | +--rw priority? 1897 | | | uint8 1898 | | +--rw weight? 1899 | | | uint8 1900 | | +--rw multicast-priority? 1901 | | | uint8 1902 | | +--rw multicast-weight? 1903 | | uint8 1904 | +--ro counters 1905 | +--ro map-registers-in? yang:counter64 1906 | +--ro map-registers-in-auth-failed? yang:counter64 1907 | +--ro map-notify-records-out? yang:counter64 1908 | +--ro proxy-reply-records-out? yang:counter64 1909 | +--ro map-requests-forwarded-out? yang:counter64 1910 +--rw mapping-system-type? lisp:mapping-system-ref 1911 +--ro summary 1912 | +--ro number-configured-sites? uint32 1913 | +--ro number-registered-sites? uint32 1914 | +--ro af-datum 1915 | +--ro af-data* [address-type] 1916 | +--ro address-type 1917 | | lcaf:lisp-address-family-ref 1918 | +--ro number-configured-eids? uint32 1919 | +--ro number-registered-eids? uint32 1920 +--ro counters 1921 +--ro map-registers-in? yang:counter64 1922 +--ro map-registers-in-auth-failed? yang:counter64 1923 +--ro map-notify-records-out? yang:counter64 1924 +--ro proxy-reply-records-out? yang:counter64 1925 +--ro map-requests-forwarded-out? yang:counter64 1927 5.2. Module Definition 1929 file "ietf-lisp-mapserver@2018-06-29.yang" 1930 module ietf-lisp-mapserver { 1931 yang-version 1.1; 1933 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp-mapserver"; 1935 prefix lisp-ms; 1937 // RFC Ed.: replace occurences of XXXX with actual RFC number 1938 // and remove this note 1939 import ietf-lisp { 1940 prefix lisp; 1941 reference "RFC XXXX: LISP YANG model"; 1942 } 1943 import ietf-lisp-address-types { 1944 prefix lcaf; 1945 reference "RFC XXXX: LISP YANG model"; 1946 } 1947 import ietf-yang-types { 1948 prefix yang; 1949 reference "RFC 6991: Common YANG Data Types"; 1950 } 1951 import ietf-routing { 1952 prefix "rt"; 1953 reference 1954 "RFC 8349: A YANG Data Model for Routing Management 1955 (NMDA version)"; 1956 } 1958 organization 1959 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 1960 contact 1961 "WG Web: 1962 WG List: 1964 Editor: Vina Ermagan 1965 1967 Editor: Alberto Rodriguez-Natal 1968 1970 Editor: Reshad Rahman 1971 "; 1973 description 1974 "This YANG module defines the generic parameters for a LISP 1975 Map-Server. The module can be extended by vendors to define 1976 vendor-specific parameters and policies. 1978 Copyright (c) 2018 IETF Trust and the persons identified as 1979 authors of the code. All rights reserved. 1981 Redistribution and use in source and binary forms, with or 1982 without modification, is permitted pursuant to, and subject 1983 to the license terms contained in, the Simplified BSD License 1984 set forth in Section 4.c of the IETF Trust's Legal Provisions 1985 Relating to IETF Documents 1986 (http://trustee.ietf.org/license-info). 1988 This version of this YANG module is part of RFC XXXX; see 1989 the RFC itself for full legal notices. 1990 "; 1992 reference "RFC XXXX"; 1994 revision 2018-06-29 { 1995 description 1996 "Initial revision."; 1997 reference 1998 "https://tools.ietf.org/html/rfc6833"; 1999 } 2001 identity ms { 2002 base lisp:lisp-role; 2003 description 2004 "LISP Map-Server."; 2005 } 2007 grouping ms-counters { 2008 description "Group that defines map-server counters."; 2009 container counters { 2010 config false; 2011 description "Container for the counters"; 2013 leaf map-registers-in { 2014 type yang:counter64; 2015 description "Number of incoming Map-Register messages"; 2016 } 2018 leaf map-registers-in-auth-failed { 2019 type yang:counter64; 2020 description 2021 "Number of incoming Map-Register messages failed 2022 authentication"; 2023 } 2025 leaf map-notify-records-out { 2026 type yang:counter64; 2027 description 2028 "Number of outgoing Map-Notify records"; 2029 } 2031 leaf proxy-reply-records-out { 2032 type yang:counter64; 2033 description 2034 "Number of outgoing proxy Map-Reply records"; 2035 } 2037 leaf map-requests-forwarded-out { 2038 type yang:counter64; 2039 description 2040 "Number of outgoing Map-Requests forwarded to ETR"; 2041 } 2042 } 2043 } 2045 augment "/rt:routing/rt:control-plane-protocols" 2046 + "/rt:control-plane-protocol/lisp:lisp" { 2047 when "lisp:lisp-role/lisp:lisp-role-type = 'lisp-ms:ms'" { 2048 description 2049 "Augment is valid when LISP device type is Map-Server."; 2050 } 2051 description 2052 "This augments LISP devices list with Map-Server specific 2053 parameters."; 2054 container map-server { 2055 presence "LISP Map-Server operation enabled"; 2056 description 2057 "Map-Server parameters."; 2058 container sites{ 2059 description 2060 "Sites to accept registrations from."; 2061 list site { 2062 key site-id; 2063 description 2064 "Site that can send registrations."; 2065 leaf site-id { 2066 type uint64; 2067 description "Site ID"; 2068 } 2069 container auth-key { 2070 description 2071 "Site authentication key."; 2072 leaf auth-key-value { 2073 type string; 2074 description 2075 "Clear text authentication key"; 2076 } 2077 leaf-list auth-key-type { 2078 type lisp:auth-key-type; 2079 description 2080 "Authentication key type."; 2081 } 2082 } 2083 } 2084 } 2085 container virtual-network-ids { 2086 description 2087 "Sites for which the Map-Server accepts registrations."; 2088 list virtual-network-identifier { 2089 key "vni"; 2090 description 2091 "Virtual network instances in the Map-Server."; 2092 leaf vni { 2093 type lcaf:instance-id-type; 2094 description 2095 "Virtual network identifier."; 2096 } 2097 container mappings { 2098 description 2099 "EIDs registered by device."; 2100 list mapping { 2101 key "eid-id"; 2102 description 2103 "List of EIDs registered by device."; 2104 leaf eid-id { 2105 type lisp:eid-id; 2106 description 2107 "Id of the EID registered."; 2108 } 2109 container eid-address { 2110 uses lcaf:lisp-address; 2111 description 2112 "EID in generic LISP address format registered 2113 with the Map-Server."; 2114 } 2115 leaf-list site-id { 2116 type uint64; 2117 description "Site ID"; 2118 } 2119 leaf more-specifics-accepted { 2120 type boolean; 2121 default "false"; 2122 description 2123 "Flag indicating if more specific prefixes 2124 can be registered."; 2125 } 2126 leaf mapping-expiration-timeout { 2127 type int16; 2128 units "seconds"; 2129 default "180"; //3 times the mapregister int 2130 description 2131 "Time before mapping is expired if no new 2132 registrations are received."; 2133 } 2134 leaf first-registration-time { 2135 type yang:date-and-time; 2136 config false; 2137 description 2138 "Time at which the first registration for this EID 2139 was received"; 2140 } 2141 leaf last-registration-time { 2142 type yang:date-and-time; 2143 config false; 2144 description 2145 "Time at which the last registration for this EID 2146 was received"; 2147 } 2148 container mapping-records { 2149 description 2150 "Datastore of registered mappings."; 2151 list mapping-record { 2152 key xtr-id; 2153 description 2154 "Registered mapping."; 2155 leaf xtr-id { 2156 type lisp:xtr-id-type; 2157 description "xTR ID"; 2158 } 2159 leaf site-id { 2160 type uint64; 2161 description "Site ID"; 2162 } 2163 uses lisp:mapping; 2164 } 2166 } 2167 } 2168 } 2169 uses ms-counters; 2170 } 2171 } 2172 leaf mapping-system-type { 2173 type lisp:mapping-system-ref; 2174 description 2175 "A reference to the mapping system"; 2176 } 2178 container summary { 2179 config false; 2180 description "Summary state information"; 2182 leaf number-configured-sites { 2183 type uint32; 2184 description "Number of configured LISP sites"; 2185 } 2186 leaf number-registered-sites { 2187 type uint32; 2188 description "Number of registered LISP sites"; 2189 } 2190 container af-datum { 2191 description "Number of configured EIDs per each AF"; 2193 list af-data { 2194 key "address-type"; 2195 description "Number of configured EIDs for this AF"; 2196 leaf address-type { 2197 type lcaf:lisp-address-family-ref; 2198 description "AF type"; 2199 } 2200 leaf number-configured-eids { 2201 type uint32; 2202 description "Number of configured EIDs for this AF"; 2203 } 2204 leaf number-registered-eids { 2205 type uint32; 2206 description "Number of registered EIDs for this AF"; 2207 } 2208 } 2209 } 2210 } 2211 uses ms-counters; 2212 } 2213 } 2215 } 2216 2218 6. LISP-Map-Resolver Module 2220 This module captures the configuration data model of a LISP Map 2221 Resolver [RFC6833]. The model also captures some operational data 2222 elements. 2224 6.1. Module Structure 2226 module: ietf-lisp-mapresolver 2227 augment /rt:routing/rt:control-plane-protocols 2228 /rt:control-plane-protocol/lisp:lisp: 2229 +--rw map-resolver! 2230 +--rw mapping-system-type? lisp:mapping-system-ref 2231 +--rw ms-address? inet:ip-address 2233 6.2. Module Definition 2235 file "ietf-lisp-mapresolver@2018-06-29.yang" 2236 module ietf-lisp-mapresolver { 2237 yang-version 1.1; 2239 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp-mapresolver"; 2241 prefix lisp-mr; 2243 // RFC Ed.: replace occurences of XXXX with actual RFC number 2244 // and remove this note 2245 import ietf-lisp { 2246 prefix lisp; 2247 reference "RFC XXXX: LISP YANG model"; 2248 } 2249 import ietf-inet-types { 2250 prefix inet; 2251 reference "RFC 6991: Common YANG Data Types"; 2252 } 2253 import ietf-routing { 2254 prefix "rt"; 2255 reference 2256 "RFC 8349: A YANG Data Model for Routing Management 2257 (NMDA version)"; 2258 } 2260 organization 2261 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 2262 contact 2263 "WG Web: 2264 WG List: 2266 Editor: Vina Ermagan 2267 2269 Editor: Alberto Rodriguez-Natal 2270 2272 Editor: Reshad Rahman 2273 "; 2274 description 2275 "This YANG module defines the generic parameters for a LISP 2276 Map-Resolver. The module can be extended by vendors to define 2277 vendor-specific parameters and policies. 2279 Copyright (c) 2018 IETF Trust and the persons identified as 2280 authors of the code. All rights reserved. 2282 Redistribution and use in source and binary forms, with or 2283 without modification, is permitted pursuant to, and subject 2284 to the license terms contained in, the Simplified BSD License 2285 set forth in Section 4.c of the IETF Trust's Legal Provisions 2286 Relating to IETF Documents 2287 (http://trustee.ietf.org/license-info). 2289 This version of this YANG module is part of RFC XXXX; see 2290 the RFC itself for full legal notices. 2291 "; 2293 reference "RFC XXXX"; 2295 revision 2018-06-29 { 2296 description 2297 "Initial revision."; 2298 reference 2299 "https://tools.ietf.org/html/rfc6833"; 2300 } 2301 identity mr { 2302 base lisp:lisp-role; 2303 description 2304 "LISP Map-Resolver."; 2305 } 2307 augment "/rt:routing/rt:control-plane-protocols" 2308 + "/rt:control-plane-protocol/lisp:lisp" { 2309 when "lisp:lisp-role/lisp:lisp-role-type = 'lisp-mr:mr'" { 2310 description 2311 "Augment is valid when LISP device type is Map-Resolver."; 2312 } 2313 description 2314 "This augments LISP devices list with Map-Resolver specific 2315 parameters."; 2316 container map-resolver { 2317 presence "LISP Map-Resolver operation enabled"; 2318 description 2319 "Map-Resolver parameters."; 2320 leaf mapping-system-type { 2321 type lisp:mapping-system-ref; 2322 description 2323 "A reference to the mapping system"; 2324 } 2325 leaf ms-address { 2326 when "../mapping-system-type='lisp:single-node-mapping-system'"; 2327 type inet:ip-address; 2328 description 2329 "address to reach the Map Server when " 2330 + "lisp-mr:single-node-mapping-system is being used."; 2331 } 2332 } 2333 } 2334 } 2335 2337 7. LISP-Address-Types Module 2339 This module captures the various LISP address types, and is an 2340 essential building block used in other LISP modules. 2342 7.1. Module Definition 2344 file "ietf-lisp-address-types@2018-06-29.yang" 2345 module ietf-lisp-address-types { 2346 yang-version 1.1; 2348 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp-address-types"; 2350 prefix laddr; 2352 import ietf-inet-types { 2353 prefix inet; 2354 reference "RFC 6991: Common YANG Data Types"; 2355 } 2356 import ietf-yang-types { 2357 prefix yang; 2358 reference "RFC 6991: Common YANG Data Types"; 2360 } 2362 organization 2363 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 2364 contact 2365 "WG Web: 2366 WG List: 2368 Editor: Vina Ermagan 2369 2371 Editor: Alberto Rodriguez-Natal 2372 2374 Editor: Reshad Rahman 2375 "; 2376 description 2377 "This YANG module defines the LISP Canonical Address Formats 2378 (LCAF) for LISP. The module can be extended by vendors to 2379 define vendor-specific parameters. 2381 Copyright (c) 2018 IETF Trust and the persons identified as 2382 authors of the code. All rights reserved. 2384 Redistribution and use in source and binary forms, with or 2385 without modification, is permitted pursuant to, and subject 2386 to the license terms contained in, the Simplified BSD License 2387 set forth in Section 4.c of the IETF Trust's Legal Provisions 2388 Relating to IETF Documents 2389 (http://trustee.ietf.org/license-info). 2391 This version of this YANG module is part of RFC XXXX; see 2392 the RFC itself for full legal notices. 2394 "; 2395 // RFC Ed.: replace XXXX with actual RFC number and remove 2396 // this note 2397 reference "RFC XXXX"; 2399 revision 2018-06-29 { 2400 description 2401 "Initial revision."; 2402 reference 2403 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10"; 2404 } 2405 identity lisp-address-family { 2406 description 2407 "Base identity from which identities describing LISP address 2408 families are derived."; 2409 } 2410 identity no-address-afi { 2411 base lisp-address-family; 2412 description 2413 "IANA Reserved."; 2414 } 2415 identity ipv4-afi { 2416 base lisp-address-family; 2417 description 2418 "IANA IPv4 address family."; 2419 } 2420 identity ipv4-prefix-afi { 2421 base lisp-address-family; 2422 description 2423 "IANA IPv4 address family prefix."; 2424 } 2425 identity ipv6-afi { 2426 base lisp-address-family; 2427 description 2428 "IANA IPv6 address family."; 2429 } 2430 identity ipv6-prefix-afi { 2431 base lisp-address-family; 2432 description 2433 "IANA IPv6 address family prefix."; 2434 } 2435 identity mac-afi { 2436 base lisp-address-family; 2437 description 2438 "IANA MAC address family."; 2439 } 2440 identity distinguished-name-afi { 2441 base lisp-address-family; 2442 description 2443 "IANA Distinguished Name address family."; 2444 } 2445 identity as-number-afi { 2446 base lisp-address-family; 2447 description 2448 "IANA AS Number address family."; 2449 } 2450 identity lcaf { 2451 base lisp-address-family; 2452 description 2453 "IANA LISP Canonical Address Format address family."; 2454 } 2455 identity null-address-lcaf { 2456 base lcaf; 2457 description 2458 "Null body LCAF type."; 2459 } 2460 identity afi-list-lcaf { 2461 base lcaf; 2462 description 2463 "AFI-List LCAF type."; 2464 } 2465 identity instance-id-lcaf { 2466 base lcaf; 2467 description 2468 "Instance-ID LCAF type."; 2469 } 2470 identity as-number-lcaf { 2471 base lcaf; 2472 description 2473 "AS Number LCAF type."; 2474 } 2475 identity application-data-lcaf { 2476 base lcaf; 2477 description 2478 "Application Data LCAF type."; 2479 } 2480 identity geo-coordinates-lcaf { 2481 base lcaf; 2482 description 2483 "Geo-coordinates LCAF type."; 2484 } 2485 identity opaque-key-lcaf { 2486 base lcaf; 2487 description 2488 "Opaque Key LCAF type."; 2489 } 2490 identity nat-traversal-lcaf { 2491 base lcaf; 2492 description 2493 "NAT-Traversal LCAF type."; 2494 } 2495 identity nonce-locator-lcaf { 2496 base lcaf; 2497 description 2498 "Nonce-Locator LCAF type."; 2499 } 2500 identity multicast-info-lcaf { 2501 base lcaf; 2502 description 2503 "Multicast Info LCAF type."; 2505 } 2506 identity explicit-locator-path-lcaf { 2507 base lcaf; 2508 description 2509 "Explicit Locator Path LCAF type."; 2510 } 2511 identity security-key-lcaf { 2512 base lcaf; 2513 description 2514 "Security Key LCAF type."; 2515 } 2516 identity source-dest-key-lcaf { 2517 base lcaf; 2518 description 2519 "Source/Dest LCAF type."; 2520 } 2521 identity replication-list-lcaf { 2522 base lcaf; 2523 description 2524 "Replication-List LCAF type."; 2525 } 2526 identity json-data-model-lcaf { 2527 base lcaf; 2528 description 2529 "JSON Data Model LCAF type."; 2530 } 2531 identity key-value-address-lcaf { 2532 base lcaf; 2533 description 2534 "Key/Value Address LCAF type."; 2535 } 2536 identity encapsulation-format-lcaf { 2537 base lcaf; 2538 description 2539 "Encapsulation Format LCAF type."; 2540 } 2541 identity service-path-lcaf { 2542 base lcaf; 2543 description 2544 "Service Path LCAF type."; 2545 } 2546 typedef instance-id-type { 2547 type uint32 { 2548 range "0..16777215"; 2549 } 2550 description 2551 "Defines the range of values for an Instance ID."; 2552 } 2553 typedef service-path-id-type { 2554 type uint32 { 2555 range "0..16777215"; 2556 } 2557 description 2558 "Defines the range of values for a Service Path ID."; 2559 } 2560 typedef distinguished-name-type { 2561 type string; 2562 description 2563 "Distinguished Name address."; 2564 reference 2565 "http://www.iana.org/assignments/address-family-numbers/ 2566 address-family-numbers.xhtml"; 2567 } 2568 typedef simple-address { 2569 type union { 2570 type inet:ip-address; 2571 type inet:ip-prefix; 2572 type yang:mac-address; 2573 type distinguished-name-type; 2574 type inet:as-number; 2575 } 2576 description 2577 "Union of address types that can be part of LCAFs."; 2578 } 2580 typedef lisp-address-family-ref { 2581 type identityref { 2582 base lisp-address-family; 2583 } 2584 description 2585 "LISP address family reference."; 2586 } 2587 typedef lcaf-ref { 2588 type identityref { 2589 base lcaf; 2590 } 2591 description 2592 "LCAF types reference."; 2593 } 2595 grouping lisp-address { 2596 description 2597 "Generic LISP address."; 2598 leaf address-type { 2599 type lisp-address-family-ref; 2600 mandatory true; 2601 description 2602 "Type of the LISP address."; 2603 } 2604 leaf virtual-network-id { 2605 type instance-id-type; 2606 description 2607 "Virtual Network Identifier (instance-id) of the address."; 2608 } 2609 choice address { 2610 description 2611 "Various LISP address types, including IP, MAC, and LCAF."; 2613 leaf no-address { 2614 when "../address-type = 'laddr:no-address-afi'" { 2615 description 2616 "When AFI is 0."; 2617 } 2618 type empty; 2619 description 2620 "No address."; 2621 } 2622 leaf ipv4 { 2623 when "../address-type = 'laddr:ipv4-afi'" { 2624 description 2625 "When AFI is IPv4."; 2626 } 2627 type inet:ipv4-address; 2628 description 2629 "IPv4 address."; 2630 } 2631 leaf ipv4-prefix { 2632 when "../address-type = 'laddr:ipv4-prefix-afi'" { 2633 description 2634 "When AFI is IPv4."; 2635 } 2636 type inet:ipv4-prefix; 2637 description 2638 "IPv4 prefix."; 2639 } 2640 leaf ipv6 { 2641 when "../address-type = 'laddr:ipv6-afi'" { 2642 description 2643 "When AFI is IPv6."; 2644 } 2645 type inet:ipv6-address; 2646 description 2647 "IPv6 address."; 2648 } 2649 leaf ipv6-prefix { 2650 when "../address-type = 'laddr:ipv6-prefix-afi'" { 2651 description 2652 "When AFI is IPv6."; 2653 } 2654 type inet:ipv6-prefix; 2655 description 2656 "IPv6 address."; 2657 } 2658 leaf mac { 2659 when "../address-type = 'laddr:mac-afi'" { 2660 description 2661 "When AFI is MAC."; 2662 } 2663 type yang:mac-address; 2664 description 2665 "MAC address."; 2666 } 2667 leaf distinguished-name { 2668 when "../address-type = 'laddr:distinguished-name-afi'" { 2669 description 2670 "When AFI is distinguished-name."; 2671 } 2672 type distinguished-name-type; 2673 description 2674 "Distinguished Name address."; 2675 } 2676 leaf as-number { 2677 when "../address-type = 'laddr:as-number-afi'" { 2678 description 2679 "When AFI is as-number."; 2680 } 2681 type inet:as-number; 2682 description 2683 "AS Number."; 2684 } 2685 container null-address { 2686 when "../address-type = 'laddr:null-address-lcaf'" { 2687 description 2688 "When LCAF type is null."; 2689 } 2690 description 2691 "Null body LCAF type"; 2692 leaf address { 2693 type empty; 2694 description 2695 "AFI address."; 2696 } 2698 } 2699 container afi-list { 2700 when "../address-type = 'laddr:afi-list-lcaf'" { 2701 description 2702 "When LCAF type is AFI-List."; 2703 } 2704 description 2705 "AFI-List LCAF type."; 2706 reference 2707 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2708 #section-4.16.1"; 2709 leaf-list address-list { 2710 type simple-address; 2711 description 2712 "List of AFI addresses."; 2713 } 2714 } 2715 container instance-id { 2716 when "../address-type = 'laddr:instance-id-lcaf'" { 2717 description 2718 "When LCAF type is Instance-ID"; 2719 } 2720 description 2721 "Instance ID LCAF type."; 2722 reference 2723 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2724 #section-4.2"; 2725 leaf iid { 2726 type instance-id-type; 2727 description 2728 "Instance ID value."; 2729 } 2730 leaf mask-length { 2731 type uint8; 2732 description 2733 "Mask length."; 2734 } 2735 leaf address { 2736 type simple-address; 2737 description 2738 "AFI address."; 2739 } 2740 } 2741 container as-number-lcaf { 2742 when "../address-type = 'laddr:as-number-lcaf'" { 2743 description 2744 "When LCAF type is AS-Number."; 2745 } 2746 description 2747 "AS Number LCAF type."; 2748 reference 2749 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2750 #section-4.3"; 2751 leaf as { 2752 type inet:as-number; 2753 description 2754 "AS number."; 2755 } 2756 leaf address { 2757 type simple-address; 2758 description 2759 "AFI address."; 2760 } 2761 } 2762 container application-data { 2763 when "../address-type = 'laddr:application-data-lcaf'" { 2764 description 2765 "When LCAF type is Application Data."; 2766 } 2767 description 2768 "Application Data LCAF type."; 2769 reference 2770 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2771 #section-4.4"; 2772 leaf address { 2773 type simple-address; 2774 description 2775 "AFI address."; 2776 } 2777 leaf protocol { 2778 type uint8; 2779 description 2780 "Protocol number."; 2781 } 2782 leaf ip-tos { 2783 type int32; 2784 description 2785 "Type of service field."; 2786 } 2787 leaf local-port-low { 2788 type inet:port-number; 2789 description 2790 "Low end of local port range."; 2791 } 2792 leaf local-port-high { 2793 type inet:port-number; 2794 description 2795 "High end of local port range."; 2796 } 2797 leaf remote-port-low { 2798 type inet:port-number; 2799 description 2800 "Low end of remote port range."; 2801 } 2802 leaf remote-port-high { 2803 type inet:port-number; 2804 description 2805 "High end of remote port range."; 2806 } 2807 } 2808 container geo-coordinates { 2809 when "../address-type = 'laddr:geo-coordinates-lcaf'" { 2810 description 2811 "When LCAF type is Geo-coordinates."; 2812 } 2813 description 2814 "Geo-coordinates LCAF type."; 2815 reference 2816 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2817 #section-4.5"; 2818 leaf latitude { 2819 type bits { 2820 bit N { 2821 description 2822 "Latitude bit."; 2823 } 2824 } 2825 description 2826 "Bit that selects between North and South latitude."; 2827 } 2828 leaf latitude-degrees { 2829 type uint8 { 2830 range "0 .. 90"; 2831 } 2832 description 2833 "Degrees of latitude."; 2834 } 2835 leaf latitude-minutes { 2836 type uint8 { 2837 range "0..59"; 2838 } 2839 description 2840 "Minutes of latitude."; 2841 } 2842 leaf latitude-seconds { 2843 type uint8 { 2844 range "0..59"; 2845 } 2846 description 2847 "Seconds of latitude."; 2848 } 2849 leaf longitude { 2850 type bits { 2851 bit E { 2852 description 2853 "Longitude bit."; 2854 } 2855 } 2856 description 2857 "Bit that selects between East and West longitude."; 2858 } 2859 leaf longitude-degrees { 2860 type uint16 { 2861 range "0 .. 180"; 2862 } 2863 description 2864 "Degrees of longitude."; 2865 } 2866 leaf longitude-minutes { 2867 type uint8 { 2868 range "0..59"; 2869 } 2870 description 2871 "Minutes of longitude."; 2872 } 2873 leaf longitude-seconds { 2874 type uint8 { 2875 range "0..59"; 2876 } 2877 description 2878 "Seconds of longitude."; 2879 } 2880 leaf altitude { 2881 type int32; 2882 description 2883 "Height relative to sea level in meters."; 2884 } 2885 leaf address { 2886 type simple-address; 2887 description 2888 "AFI address."; 2889 } 2891 } 2892 container nat-traversal { 2893 when "../address-type = 'laddr:nat-traversal-lcaf'" { 2894 description 2895 "When LCAF type is NAT-Traversal."; 2896 } 2897 description 2898 "NAT-Traversal LCAF type."; 2899 reference 2900 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2901 #section-4.6"; 2902 leaf ms-udp-port { 2903 type uint16; 2904 description 2905 "Map-Server UDP port (set to 4342)."; 2906 } 2907 leaf etr-udp-port { 2908 type uint16; 2909 description 2910 "ETR UDP port."; 2911 } 2912 leaf global-etr-rloc { 2913 type simple-address; 2914 description 2915 "Global ETR RLOC address."; 2916 } 2917 leaf ms-rloc { 2918 type simple-address; 2919 description 2920 "Map-Server RLOC address."; 2921 } 2922 leaf private-etr-rloc { 2923 type simple-address; 2924 description 2925 "Private ETR RLOC address."; 2926 } 2927 leaf-list rtr-rlocs { 2928 type simple-address; 2929 description 2930 "List of RTR RLOC addresses."; 2931 } 2932 } 2933 container explicit-locator-path { 2934 when "../address-type = 'laddr:explicit-locator-path-lcaf'" { 2935 description 2936 "When LCAF type type is Explicit Locator Path."; 2937 } 2938 description 2939 "Explicit Locator Path LCAF type."; 2940 reference 2941 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2942 #section-4.9"; 2943 list hop { 2944 key "hop-id"; 2945 ordered-by user; 2946 description 2947 "List of locator hops forming the explicit path."; 2948 leaf hop-id { 2949 type string { 2950 length "1..64"; 2951 } 2952 description 2953 "Unique identifier for the hop."; 2954 } 2955 leaf address { 2956 type simple-address; 2957 description 2958 "AFI address."; 2959 } 2960 leaf lrs-bits { 2961 type bits{ 2962 bit lookup { 2963 description 2964 "Lookup bit."; 2965 } 2966 bit rloc-probe { 2967 description 2968 "RLOC-probe bit."; 2969 } 2970 bit strict { 2971 description 2972 "Strict bit."; 2973 } 2974 } 2975 description 2976 "Flag bits per hop."; 2977 } 2978 } 2979 } 2980 container source-dest-key { 2981 when "../address-type = 'laddr:source-dest-key-lcaf'" { 2982 description 2983 "When LCAF type type is Source/Dest."; 2984 } 2985 description 2986 "Source/Dest LCAF type."; 2988 reference 2989 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2990 #section-4.11"; 2991 leaf source { 2992 type simple-address; 2993 description 2994 "Source address."; 2995 } 2996 leaf dest { 2997 type simple-address; 2998 description 2999 "Destination address."; 3000 } 3001 } 3002 container key-value-address { 3003 when "../address-type = 'laddr:key-value-address-lcaf'" { 3004 description 3005 "When LCAF type type is Key/Value Address."; 3006 } 3007 description 3008 "Key/Value Address LCAF type."; 3009 reference 3010 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 3011 #section-4.11"; 3012 leaf key { 3013 type simple-address; 3014 description 3015 "Address as Key."; 3016 } 3017 leaf value { 3018 type simple-address; 3019 description 3020 "Address as Value."; 3021 } 3022 } 3023 container service-path { 3024 when "../address-type = 'laddr:service-path-lcaf'" { 3025 description 3026 "When LCAF type service path identifier."; 3027 } 3028 description 3029 "Service Path LCAF type."; 3030 reference 3031 "http://tools.ietf.org/html/draft-ermagan-lisp-nsh-00"; 3032 leaf service-path-id { 3033 type service-path-id-type; 3034 description 3035 "Service path identifier for the path for NSH header"; 3037 } 3038 leaf service-index { 3039 type uint8; 3040 description 3041 "Service path index for NSH header"; 3042 } 3043 } 3044 } 3045 } 3046 } 3047 3049 7.2. Data Model examples 3051 This section presents some simple and illustrative examples on how to 3052 configure LISP. 3054 7.2.1. LISP protocol instance 3056 The following is an example configuration for a LISP protocol 3057 instance with the name "LISP1". There are also 2 VNIs configured. 3059 3060 3061 3062 3063 VRF-BLUE 3064 3065 true 3066 3067 3068 VRF-RED 3069 3070 true 3071 3072 3073 3074 3075 3076 3077 lisp:lisp 3078 3079 LISP1 3080 3081 3082 3083 1000 3084 VRF-BLUE 3085 3086 3087 2000 3088 VRF-RED 3089 3090 3091 3092 3093 3094 3095 3097 7.2.2. LISP ITR 3099 The following is an example configuration for ITR functionality under 3100 "LISP1". There are 2 Map-Resolvers configured. 3102 3103 3104 3105 3106 3107 3108 lisp:lisp 3109 3110 LISP1 3111 3112 3113 itr 3114 3115 3116 3117 2001:db8:203:0:113::1 3118 2001:db8:204:0:113::1 3119 3120 3121 3122 3123 3124 3125 3127 7.2.3. LISP ETR 3129 The following is an example configuration for ETR functionality under 3130 "LISP1". There are 2 Map-Servers and 2 local EIDs configured. 3132 3133 3134 3135 3136 3137 3138 lisp:lisp 3139 3140 LISP1 3141 3142 3143 etr 3144 3145 3146 1 3148 3149 3150 3151 3152 2001:db8:203:0:113::1 3153 *Kye^$$1#gb91U04zpa! 3154 hmac-sha-256-128 3155 3156 3157 2001:db8:204:0:113::1 3158 *Kye^$$1#gb91U04zpa! 3159 hmac-sha-256-128 3160 3161 3162 3163 3164 1000 3165 3166 3167 2001:db8:400:0:100::0 3168 3169 3171 laddr:ipv6-prefix-afi 3172 3173 2001:db8:400:0:100::/80 3174 3175 3176 3177 3178 3179 2000 3180 3181 3182 2001:db8:800:0:200::0 3183 3184 3186 laddr:ipv6-prefix-afi 3187 3188 2001:db8:800:0:200::/80 3189 3190 3191 3192 3193 3194 3195 3197 3198 3199 3200 3202 7.2.4. LISP Map-Server 3204 The following is an example configuration for Map-Server 3205 functionality under "LISP1". There are 2 mappings configured. 3207 3208 3209 3210 3211 3212 lisp:lisp 3213 3214 LISP1 3215 3216 3217 3219 lisp-ms:ms 3220 3221 3222 3223 3224 3225 1 3226 3227 *Kye^$$1#gb91U04zpa! 3228 hmac-sha-256-128 3229 3230 3231 3232 3233 3234 1000 3235 3236 3237 1 3238 3239 3241 laddr:ipv6-prefix-afi 3243 3244 2001:db8:400:0:100::/80 3245 3246 3247 3248 3249 3250 2000 3251 3252 3253 1 3254 3255 3257 laddr:ipv6-prefix-afi 3258 3259 2001:db8:800:0:200::/80 3260 3261 3262 3263 3264 3265 3266 3267 3268 3269 3270 3272 8. Acknowledgments 3274 The tree view and the YANG model shown in this document have been 3275 formated with the 'pyang' tool. 3277 9. IANA Considerations 3279 The IANA is requested to as assign a new namespace URI from the IETF 3280 XML registry. 3282 This document registers the following namesace URIs in the IETF XML 3283 registry [RFC3688]: 3285 -------------------------------------------------------------------- 3287 URI: urn:ietf:params:xml:ns:yang:ietf-lisp 3288 Registrant Contact: The IESG. 3290 XML: N/A, the requested URI is an XML namespace. 3292 -------------------------------------------------------------------- 3294 -------------------------------------------------------------------- 3296 URI: urn:ietf:params:xml:ns:yang:ietf-lisp-itr 3298 Registrant Contact: The IESG. 3300 XML: N/A, the requested URI is an XML namespace. 3302 -------------------------------------------------------------------- 3304 -------------------------------------------------------------------- 3306 URI: urn:ietf:params:xml:ns:yang:ietf-lisp-etr 3308 Registrant Contact: The IESG. 3310 XML: N/A, the requested URI is an XML namespace. 3312 -------------------------------------------------------------------- 3314 -------------------------------------------------------------------- 3316 URI: urn:ietf:params:xml:ns:yang:ietf-lisp-mapserver 3318 Registrant Contact: The IESG. 3320 XML: N/A, the requested URI is an XML namespace. 3322 -------------------------------------------------------------------- 3324 -------------------------------------------------------------------- 3326 URI: urn:ietf:params:xml:ns:yang:ietf-lisp-mapresolver 3328 Registrant Contact: The IESG. 3330 XML: N/A, the requested URI is an XML namespace. 3332 -------------------------------------------------------------------- 3334 -------------------------------------------------------------------- 3335 URI: urn:ietf:params:xml:ns:yang:ietf-lisp-address-types 3337 Registrant Contact: The IESG. 3339 XML: N/A, the requested URI is an XML namespace. 3341 -------------------------------------------------------------------- 3343 10. Security Considerations 3345 The YANG modules specified in this document define a schema for data 3346 that is designed to be accessed via network management protocols such 3347 as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer 3348 is the secure transport layer, and the mandatory-to-implement secure 3349 transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer 3350 is HTTPS, and the mandatory-to-implement secure transport is TLS 3351 [RFC8446]. 3353 The NETCONF access control model [RFC8341] provides the means to 3354 restrict access for particular NETCONF or RESTCONF users to a pre- 3355 configured subset of all available NETCONF or RESTCONF protocol 3356 operations and content. 3358 The security considerations of LISP control-plane [RFC6833] and LISP 3359 data-plane [RFC6830] as well as the LISP threat analysis [RFC7835] 3360 apply to this YANG model. 3362 There are a number of data nodes defined in this YANG module that are 3363 writable/creatable/deletable (i.e., config true, which is the 3364 default). These data nodes may be considered sensitive or vulnerable 3365 in some network environments. Write operations (e.g., edit-config) 3366 to these data nodes without proper protection can have a negative 3367 effect on network operations. These are the subtrees and data nodes 3368 and their sensitivity/vulnerability: 3370 /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol/ 3371 lisp:lisp/ 3373 Access to the locator-sets node may modify which interfaces are used 3374 for data and/or control traffic as well as affect the load balancing 3375 of data-plane traffic. Access to the lisp-role node may prevent the 3376 device from perform its intended data-plane and/or control-plane 3377 operation. Access to the router-id node allows to modify the unique 3378 identifier of the device, which may result in disruption of its LISP 3379 control-plane operation. Access to the virtual-networks node may 3380 allow to redirect data-plane traffic to erroneous local or remote 3381 network instances. 3383 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3384 protocol/lisp:lisp/lisp:map-server 3386 Access to the sites node can prevent authorized devices from 3387 registering mappings in the Map-Server and/or allow unauthorized 3388 devices to so. Access to the virtual-network-ids node can result in 3389 corrupted mapping sate that may propagate across the LISP network, 3390 potentially resulting in forwarding of data-plane traffic to 3391 arbitrary destinations and general disruption of the data-plane 3392 operation. Access to mapping-system-type and/or ddt-mapping-system 3393 nodes may prevent the device to connect to the Mapping System 3394 infrastructure and consequentially to attract Map-Request messages. 3396 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3397 protocol/lisp:lisp/lisp:map-resolver 3399 Access to mapping-system-type, ms-address and/or ddt-mapping-system 3400 nodes may prevent the device to connect to the Mapping System 3401 infrastructure and forward Map-Request messages. 3403 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3404 protocol/lisp:lisp/lisp:itr 3406 Access to the rloc-probing node can increase the control-plane 3407 overhead in the device or affect the capability of the device to 3408 detect failures on the underlay. Access to the itr-rlocs node may 3409 prevent the device from getting Map-Reply messages. Access to the 3410 map-resolvers node can prevent the device from sending its Map- 3411 Request messages to valid Map-Resolvers. Access to the proxy-etrs 3412 nodes can affect the capability of the device to send data-plane 3413 traffic towards non-LISP destinations. Access to the map-cache node 3414 can result in forwarding of data-plane traffic to arbitrary 3415 destinations and general disruption of data-plane operation. 3417 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3418 protocol/lisp:lisp/lisp:etr 3420 Access to the map-servers node can prevent the device from 3421 registering its local mappings into the Mapping System. Access to 3422 the local-eids node can disrupt data-plane operation on the device 3423 and/or result in the device registering corrupted mappings into the 3424 Mapping System. 3426 Some of the readable data nodes in this YANG module may be considered 3427 sensitive or vulnerable in some network environments. It is thus 3428 important to control read access (e.g., via get, get-config, or 3429 notification) to these data nodes. These are the subtrees and data 3430 nodes and their sensitivity/vulnerability: 3432 /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol/ 3433 lisp:lisp 3435 Access to the locator-sets node can expose the locators the device is 3436 using for its control and/or data operation. Access to the lisp-role 3437 node can disclose the LISP roles instantiated at the device which 3438 facilitates mounting attacks against the device. Access to the 3439 router-id node can expose the unique identifier of device which may 3440 allow a third party to track its control-plane operation and/or 3441 impersonate the device. Access to the virtual-networks node can leak 3442 the local mapping between LISP Instance IDs and local network 3443 instances. 3445 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3446 protocol/lisp:lisp/lisp:map-server 3448 Access to the sites node can expose the credentials used to register 3449 mappings and allow unauthorized devices to do so. Access to the 3450 virtual-network-ids node can expose the mappings currently registered 3451 in the device, which has privacy implications. Access to the 3452 mapping-system-type node may reveal the Mapping System in use which 3453 can be used to mount attacks against the device and/or the Mapping 3454 System. Access to the summary and counters nodes may expose 3455 operational statistics of the device. 3457 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3458 protocol/lisp:lisp/lisp:map-resolver 3460 Access to the mapping-system-type node may reveal the Mapping System 3461 in use which can be used to mount attacks against the device and/or 3462 the Mapping System. Access to the ms-address and/or ddt-mapping- 3463 system nodes can leak the information about the Mapping System 3464 infrastructure used by the device, which can be used to block 3465 communication and/or mount attacks against it. 3467 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3468 protocol/lisp:lisp/lisp:itr 3470 Access to the rloc-probing node can expose if and how the device is 3471 using control-plane signaling to probe underlay locators. Access to 3472 the itr-rlocs node may disclose the addresses the device is using to 3473 receive Map-Reply messages. Access to the map-resolvers node can 3474 expose the Map-Resolvers used by the device, which can be used to 3475 mount attacks against the device and/or the Mapping System. Access 3476 to the proxy-etrs node can disclose the PETRs used by the device, 3477 which can be used to mount attacks against the device and/or PETRs. 3478 Access to the map-cache node can expose the mappings currently cached 3479 in the device, which has privacy implications. 3481 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3482 protocol/lisp:lisp/lisp:etr 3484 Access to the map-servers node can expose the credentials used by the 3485 device to register mappings into the Mapping System allowing an 3486 unauthorized device to impersonate and register mappings on behalf 3487 the authorized device. Access to the local-eids node can expose the 3488 local EIDs currently being served by the device, which has privacy 3489 implications. 3491 11. Normative References 3493 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 3494 Requirement Levels", BCP 14, RFC 2119, 3495 DOI 10.17487/RFC2119, March 1997, 3496 . 3498 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 3499 DOI 10.17487/RFC3688, January 2004, 3500 . 3502 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 3503 and A. Bierman, Ed., "Network Configuration Protocol 3504 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 3505 . 3507 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 3508 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 3509 . 3511 [RFC6830] Farinacci, D., Fuller, V., Meyer, D., and D. Lewis, "The 3512 Locator/ID Separation Protocol (LISP)", RFC 6830, 3513 DOI 10.17487/RFC6830, January 2013, 3514 . 3516 [RFC6832] Lewis, D., Meyer, D., Farinacci, D., and V. Fuller, 3517 "Interworking between Locator/ID Separation Protocol 3518 (LISP) and Non-LISP Sites", RFC 6832, 3519 DOI 10.17487/RFC6832, January 2013, 3520 . 3522 [RFC6833] Fuller, V. and D. Farinacci, "Locator/ID Separation 3523 Protocol (LISP) Map-Server Interface", RFC 6833, 3524 DOI 10.17487/RFC6833, January 2013, 3525 . 3527 [RFC6836] Fuller, V., Farinacci, D., Meyer, D., and D. Lewis, 3528 "Locator/ID Separation Protocol Alternative Logical 3529 Topology (LISP+ALT)", RFC 6836, DOI 10.17487/RFC6836, 3530 January 2013, . 3532 [RFC7835] Saucez, D., Iannone, L., and O. Bonaventure, "Locator/ID 3533 Separation Protocol (LISP) Threat Analysis", RFC 7835, 3534 DOI 10.17487/RFC7835, April 2016, 3535 . 3537 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 3538 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 3539 . 3541 [RFC8060] Farinacci, D., Meyer, D., and J. Snijders, "LISP Canonical 3542 Address Format (LCAF)", RFC 8060, DOI 10.17487/RFC8060, 3543 February 2017, . 3545 [RFC8111] Fuller, V., Lewis, D., Ermagan, V., Jain, A., and A. 3546 Smirnov, "Locator/ID Separation Protocol Delegated 3547 Database Tree (LISP-DDT)", RFC 8111, DOI 10.17487/RFC8111, 3548 May 2017, . 3550 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 3551 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 3552 May 2017, . 3554 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 3555 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 3556 . 3558 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration 3559 Access Control Model", STD 91, RFC 8341, 3560 DOI 10.17487/RFC8341, March 2018, 3561 . 3563 [RFC8349] Lhotka, L., Lindem, A., and Y. Qu, "A YANG Data Model for 3564 Routing Management (NMDA Version)", RFC 8349, 3565 DOI 10.17487/RFC8349, March 2018, 3566 . 3568 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 3569 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 3570 . 3572 Authors' Addresses 3574 Vina Ermagan 3575 Cisco Systems 3576 San Jose, CA 3577 USA 3579 Email: vermagan@cisco.com 3581 Alberto Rodriguez-Natal 3582 Cisco Systems 3583 San Jose, CA 3584 USA 3586 Email: natal@cisco.com 3588 Florin Coras 3589 Cisco Systems 3590 San Jose, CA 3591 USA 3593 Email: fcoras@cisco.com 3595 Carl Moberg 3596 Cisco Systems 3597 San Jose, CA 3598 USA 3600 Email: camoberg@cisco.com 3602 Reshad Rahman 3603 Cisco Systems 3604 Canada 3606 Email: rrahman@cisco.com 3608 Albert Cabellos-Aparicio 3609 Technical University of Catalonia 3610 Barcelona 3611 Spain 3613 Email: acabello@ac.upc.edu 3614 Fabio Maino 3615 Cisco Systems 3616 San Jose, CA 3617 USA 3619 Email: fmaino@cisco.com