idnits 2.17.1 draft-ietf-lisp-yang-11.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 126 has weird spacing: '...et-name str...' == Line 245 has weird spacing: '...le-type lis...' == Line 251 has weird spacing: '...ance-id lca...' == Line 1558 has weird spacing: '...ance-id lca...' == The document doesn't use any RFC 2119 keywords, yet has text resembling RFC 2119 boilerplate text. -- The document date (March 6, 2019) is 1877 days in the past. Is this intentional? Checking references for intended status: Experimental ---------------------------------------------------------------------------- == Unused Reference: 'RFC6832' is defined on line 3570, but no explicit reference was found in the text == Unused Reference: 'RFC6836' is defined on line 3581, but no explicit reference was found in the text == Unused Reference: 'RFC8060' is defined on line 3595, but no explicit reference was found in the text == Unused Reference: 'RFC8111' is defined on line 3599, but no explicit reference was found in the text == Unused Reference: 'RFC8349' is defined on line 3617, but no explicit reference was found in the text ** Obsolete normative reference: RFC 6830 (Obsoleted by RFC 9300, RFC 9301) ** Obsolete normative reference: RFC 6833 (Obsoleted by RFC 9301) Summary: 2 errors (**), 0 flaws (~~), 11 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 LISP Working Group V. Ermagan 3 Internet-Draft Google 4 Intended status: Experimental A. Rodriguez-Natal 5 Expires: September 7, 2019 F. Coras 6 C. Moberg 7 R. Rahman 8 Cisco Systems 9 A. Cabellos-Aparicio 10 Technical University of Catalonia 11 F. Maino 12 Cisco Systems 13 March 6, 2019 15 LISP YANG Model 16 draft-ietf-lisp-yang-11 18 Abstract 20 This document describes a YANG data model to use with the Locator/ID 21 Separation Protocol (LISP). 23 The YANG modules in this document conform to the Network Management 24 Datastore Architecture (NMDA). 26 Status of This Memo 28 This Internet-Draft is submitted in full conformance with the 29 provisions of BCP 78 and BCP 79. 31 Internet-Drafts are working documents of the Internet Engineering 32 Task Force (IETF). Note that other groups may also distribute 33 working documents as Internet-Drafts. The list of current Internet- 34 Drafts is at https://datatracker.ietf.org/drafts/current/. 36 Internet-Drafts are draft documents valid for a maximum of six months 37 and may be updated, replaced, or obsoleted by other documents at any 38 time. It is inappropriate to use Internet-Drafts as reference 39 material or to cite them other than as "work in progress." 41 This Internet-Draft will expire on September 7, 2019. 43 Copyright Notice 45 Copyright (c) 2019 IETF Trust and the persons identified as the 46 document authors. All rights reserved. 48 This document is subject to BCP 78 and the IETF Trust's Legal 49 Provisions Relating to IETF Documents 50 (https://trustee.ietf.org/license-info) in effect on the date of 51 publication of this document. Please review these documents 52 carefully, as they describe your rights and restrictions with respect 53 to this document. Code Components extracted from this document must 54 include Simplified BSD License text as described in Section 4.e of 55 the Trust Legal Provisions and are provided without warranty as 56 described in the Simplified BSD License. 58 Table of Contents 60 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 61 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 62 1.2. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 3 63 2. LISP Module . . . . . . . . . . . . . . . . . . . . . . . . . 3 64 2.1. Module Structure . . . . . . . . . . . . . . . . . . . . 3 65 2.2. Module Definition . . . . . . . . . . . . . . . . . . . . 6 66 3. LISP-ITR Module . . . . . . . . . . . . . . . . . . . . . . . 16 67 3.1. Module Structure . . . . . . . . . . . . . . . . . . . . 17 68 3.2. Module Definition . . . . . . . . . . . . . . . . . . . . 22 69 4. LISP-ETR Module . . . . . . . . . . . . . . . . . . . . . . . 26 70 4.1. Module Structure . . . . . . . . . . . . . . . . . . . . 26 71 4.2. Module Definition . . . . . . . . . . . . . . . . . . . . 28 72 5. LISP-Map-Server Module . . . . . . . . . . . . . . . . . . . 32 73 5.1. Module Structure . . . . . . . . . . . . . . . . . . . . 33 74 5.2. Module Definition . . . . . . . . . . . . . . . . . . . . 41 75 6. LISP-Map-Resolver Module . . . . . . . . . . . . . . . . . . 47 76 6.1. Module Structure . . . . . . . . . . . . . . . . . . . . 47 77 6.2. Module Definition . . . . . . . . . . . . . . . . . . . . 48 78 7. LISP-Address-Types Module . . . . . . . . . . . . . . . . . . 50 79 7.1. Module Definition . . . . . . . . . . . . . . . . . . . . 50 80 7.2. Data Model examples . . . . . . . . . . . . . . . . . . . 64 81 7.2.1. LISP protocol instance . . . . . . . . . . . . . . . 64 82 7.2.2. LISP ITR . . . . . . . . . . . . . . . . . . . . . . 66 83 7.2.3. LISP ETR . . . . . . . . . . . . . . . . . . . . . . 66 84 7.2.4. LISP Map-Server . . . . . . . . . . . . . . . . . . . 69 85 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 70 86 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 70 87 10. Security Considerations . . . . . . . . . . . . . . . . . . . 72 88 11. Normative References . . . . . . . . . . . . . . . . . . . . 75 89 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 76 91 1. Introduction 93 The Locator/ID Separation Protocol (LISP) defines several network 94 elements subject to be configured. This document presents the YANG 95 data models required for basic configuration of all major LISP 97 [RFC6830] elements. The models also capture some essential 98 operational data elements as well. 100 1.1. Requirements Language 102 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 103 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 104 document are to be interpreted as described in BCP 14 [RFC2119] 105 [RFC8174] when, and only when, they appear in all capitals, as shown 106 here. 108 1.2. Tree Diagrams 110 This document uses the graphical representation of data models 111 defined in [RFC8340]. 113 2. LISP Module 115 This module is the base LISP module that is augmented in multiple 116 models to represent various LISP device roles. 118 2.1. Module Structure 120 module: ietf-lisp 121 augment /rt:routing/rt:control-plane-protocols 122 /rt:control-plane-protocol: 123 +--rw lisp 124 +--rw locator-sets 125 | +--rw locator-set* [locator-set-name] 126 | +--rw locator-set-name string 127 | +--rw (locator-type)? 128 | +--:(local-interface) 129 | | +--rw interface* [interface-ref] 130 | | +--rw interface-ref if:interface-ref 131 | | +--rw priority? uint8 132 | | +--rw weight? uint8 133 | | +--rw multicast-priority? uint8 134 | | +--rw multicast-weight? uint8 135 | +--:(general-locator) 136 | +--rw locator* [id] 137 | +--rw id string 138 | +--rw locator-address 139 | | +--rw address-type 140 | | | lisp-address-family-ref 141 | | +--rw (address)? 142 | | +--:(no-address) 143 | | | +--rw no-address? empty 144 | | +--:(ipv4) 145 | | | +--rw ipv4? 146 | | | inet:ipv4-address 147 | | +--:(ipv4-prefix) 148 | | | +--rw ipv4-prefix? 149 | | | inet:ipv4-prefix 150 | | +--:(ipv6) 151 | | | +--rw ipv6? 152 | | | inet:ipv6-address 153 | | +--:(ipv6-prefix) 154 | | | +--rw ipv6-prefix? 155 | | | inet:ipv6-prefix 156 | | +--:(mac) 157 | | | +--rw mac? 158 | | | yang:mac-address 159 | | +--:(distinguished-name) 160 | | | +--rw distinguished-name? 161 | | | distinguished-name-type 162 | | +--:(as-number) 163 | | | +--rw as-number? 164 | | | inet:as-number 165 | | +--:(null-address) 166 | | | +--rw null-address 167 | | | +--rw address? empty 168 | | +--:(afi-list) 169 | | | +--rw afi-list 170 | | | +--rw address-list* 171 | | | simple-address 172 | | +--:(instance-id) 173 | | | +--rw instance-id 174 | | | +--rw instance-id? 175 | | | | instance-id-type 176 | | | +--rw mask-length? uint8 177 | | | +--rw address? simple-address 178 | | +--:(as-number-lcaf) 179 | | | +--rw as-number-lcaf 180 | | | +--rw as? inet:as-number 181 | | | +--rw address? simple-address 182 | | +--:(application-data) 183 | | | +--rw application-data 184 | | | +--rw address? 185 | | | | simple-address 186 | | | +--rw protocol? uint8 187 | | | +--rw ip-tos? int32 188 | | | +--rw local-port-low? 189 | | | | inet:port-number 190 | | | +--rw local-port-high? 191 | | | | inet:port-number 192 | | | +--rw remote-port-low? 193 | | | | inet:port-number 194 | | | +--rw remote-port-high? 195 | | | inet:port-number 196 | | +--:(geo-coordinates) 197 | | | +--rw geo-coordinates 198 | | | +--rw latitude? bits 199 | | | +--rw latitude-degrees? uint8 200 | | | +--rw latitude-minutes? uint8 201 | | | +--rw latitude-seconds? uint8 202 | | | +--rw longitude? bits 203 | | | +--rw longitude-degrees? uint16 204 | | | +--rw longitude-minutes? uint8 205 | | | +--rw longitude-seconds? uint8 206 | | | +--rw altitude? int32 207 | | | +--rw address? 208 | | | simple-address 209 | | +--:(nat-traversal) 210 | | | +--rw nat-traversal 211 | | | +--rw ms-udp-port? uint16 212 | | | +--rw etr-udp-port? uint16 213 | | | +--rw global-etr-rloc? 214 | | | | simple-address 215 | | | +--rw ms-rloc? 216 | | | | simple-address 217 | | | +--rw private-etr-rloc? 218 | | | | simple-address 219 | | | +--rw rtr-rlocs* 220 | | | simple-address 221 | | +--:(explicit-locator-path) 222 | | | +--rw explicit-locator-path 223 | | | +--rw hop* [hop-id] 224 | | | +--rw hop-id string 225 | | | +--rw address? simple-address 226 | | | +--rw lrs-bits? bits 227 | | +--:(source-dest-key) 228 | | | +--rw source-dest-key 229 | | | +--rw source? simple-address 230 | | | +--rw dest? simple-address 231 | | +--:(key-value-address) 232 | | | +--rw key-value-address 233 | | | +--rw key? simple-address 234 | | | +--rw value? simple-address 235 | | +--:(service-path) 236 | | +--rw service-path 237 | | +--rw service-path-id? 238 | | | service-path-id-type 239 | | +--rw service-index? uint8 240 | +--rw priority? uint8 241 | +--rw weight? uint8 242 | +--rw multicast-priority? uint8 243 | +--rw multicast-weight? uint8 244 +--rw lisp-role* [lisp-role-type] 245 | +--rw lisp-role-type lisp-role-ref 246 +--rw lisp-router-id 247 | +--rw site-id? uint64 248 | +--rw xtr-id? lisp:xtr-id-type 249 +--rw vpns 250 +--rw vpn* [instance-id] 251 +--rw instance-id lcaf:instance-id-type 252 +--rw iid-name 253 -> /ni:network-instances/network-instance/name 255 2.2. Module Definition 257 file "ietf-lisp@2019-03-05.yang" 258 module ietf-lisp { 259 yang-version 1.1; 261 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp"; 263 prefix lisp; 265 import ietf-interfaces { 266 prefix if; 267 reference 268 "RFC 8343: A YANG Data Model for Interface Management"; 269 } 270 // RFC Ed.: replace occurences of XXXX with actual RFC number 271 // and remove this note 272 import ietf-lisp-address-types { 273 prefix lcaf; 274 reference "RFC XXXX: LISP YANG model"; 275 } 276 import ietf-yang-types { 277 prefix yang; 278 reference "RFC 6991: Common YANG Data Types"; 279 } 280 import ietf-routing { 281 prefix "rt"; 282 reference 283 "RFC 8349: A YANG Data Model for Routing Management 284 (NMDA version)"; 285 } 286 import ietf-network-instance { 287 prefix "ni"; 288 // RFC Ed.: replace occurences of YYYY with actual RFC number 289 // of draft-ietf-rtgwg-ni-model and remove this note 290 reference 291 "RFC YYYY: YANG Model for Network Instances"; 292 } 294 organization 295 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 296 contact 297 "WG Web: 298 WG List: 300 Editor: Vina Ermagan 301 303 Editor: Alberto Rodriguez-Natal 304 306 Editor: Reshad Rahman 307 "; 308 description 309 "This YANG module defines the generic parameters for LISP. 310 The module can be extended by vendors to define vendor-specific 311 LISP parameters and policies. 313 Copyright (c) 2018 IETF Trust and the persons identified as 314 authors of the code. All rights reserved. 316 Redistribution and use in source and binary forms, with or 317 without modification, is permitted pursuant to, and subject 318 to the license terms contained in, the Simplified BSD License 319 set forth in Section 4.c of the IETF Trust's Legal Provisions 320 Relating to IETF Documents 321 (http://trustee.ietf.org/license-info). 323 This version of this YANG module is part of RFC XXXX; see 324 the RFC itself for full legal notices. 325 "; 327 reference "RFC XXXX"; 329 revision 2019-03-05 { 330 description 331 "Initial revision."; 332 reference 333 "https://tools.ietf.org/html/rfc6830"; 334 } 335 /* 336 * Identity definitions 337 */ 338 identity lisp { 339 base "rt:control-plane-protocol"; 340 description "LISP protocol."; 341 reference 342 "RFC 6830: The Locator/ID Separation Protocol (LISP)."; 343 } 345 identity lisp-role { 346 description 347 "LISP router role."; 348 } 349 identity itr { 350 base lisp-role; 351 description 352 "LISP ITR."; 353 } 354 identity pitr { 355 base lisp-role; 356 description 357 "LISP PITR."; 358 } 359 identity etr { 360 base lisp-role; 361 description 362 "LISP ETR."; 363 } 364 identity petr { 365 base lisp-role; 366 description 367 "LISP PETR."; 368 } 369 identity mapping-system { 370 description 371 "Mapping System interface"; 372 } 373 identity single-node-mapping-system { 374 base mapping-system; 375 description 376 "logically singular Map Server"; 377 } 378 typedef mapping-system-ref { 379 type identityref { 380 base mapping-system; 381 } 382 description 383 "Mapping System reference"; 384 } 386 typedef lisp-role-ref { 387 type identityref { 388 base lisp-role; 389 } 390 description 391 "LISP role reference"; 392 } 393 typedef map-reply-action { 394 type enumeration { 395 enum no-action { 396 value 0; 397 description 398 "Mapping is kept alive and no encapsulation occurs."; 399 } 400 enum natively-forward { 401 value 1; 402 description 403 "Matching packets are not encapsulated or dropped but 404 natively forwarded."; 405 } 406 enum send-map-request { 407 value 2; 408 description 409 "Matching packets invoke Map-Requests."; 410 } 411 enum drop { 412 value 3; 413 description 414 "Matching packets are dropped."; 415 } 416 } 417 description 418 "Defines the lisp map-cache ACT type"; 419 reference "https://tools.ietf.org/html/rfc6830#section-6.1.4"; 420 } 421 typedef eid-id { 422 type string; 423 description 424 "Type encoding of lisp-addresses to be generally used in EID 425 keyed lists."; 426 } 427 typedef auth-algorithm-type { 428 type enumeration { 429 enum none { 430 value 0; 431 description 432 "No authentication."; 433 } 434 enum hmac-sha-1-96 { 435 value 1; 436 description 437 "HMAC-SHA-1-96 (RFC2404) authentication is used."; 438 } 439 enum hmac-sha-256-128 { 440 value 2; 441 description 442 "HMAC-SHA-256-128 (RFC4868) authentication is used."; 443 } 444 } 445 description 446 "Enumeration of the authentication mechanisms supported by 447 LISP."; 448 reference 449 "https://tools.ietf.org/html/rfc6830#section-6.1.6"; 450 } 451 typedef xtr-id-type { 452 type binary { 453 length "16"; 454 } 455 description 456 "128 bit xTR identifier."; 457 } 459 grouping locator-properties { 460 description 461 "Properties of a RLOC"; 462 leaf priority { 463 type uint8; 464 description 465 "Locator priority."; 466 } 467 leaf weight { 468 type uint8; 469 description 470 "Locator weight."; 471 } 472 leaf multicast-priority { 473 type uint8; 474 description 475 "Locator's multicast priority"; 476 } 477 leaf multicast-weight { 478 type uint8; 479 description 480 "Locator's multicast weight"; 481 } 482 } 484 grouping locators-grouping { 485 description 486 "Grouping that defines a list of LISP locators."; 487 list locator { 488 key "id"; 489 description 490 "List of routing locators"; 491 leaf id { 492 type string { 493 length "1..64"; 494 } 495 description 496 "Locator id"; 497 } 498 container locator-address { 499 uses lcaf:lisp-address; 500 description 501 "The locator address provided in LISP canonincal 502 address format."; 503 } 504 uses locator-properties; 505 } 507 } 509 grouping local-locators-grouping { 510 description 511 "Grouping that defines a list of LISP locators."; 512 list interface { 513 key "interface-ref"; 514 description 515 "The address type of the locator"; 516 leaf interface-ref { 517 type if:interface-ref; 518 description 519 "The name of the interface supporting the locator."; 520 } 521 uses locator-properties; 522 } 523 } 525 grouping mapping { 526 description 527 "Grouping that defines a LISP mapping."; 528 container eid { 529 uses lcaf:lisp-address; 530 description 531 "End-host Identifier (EID) to be mapped to a list of 532 locators"; 533 } 534 leaf time-to-live { 535 type uint32; 536 units minutes; 537 description 538 "Mapping validity period in minutes."; 539 } 540 leaf creation-time { 541 type yang:date-and-time; 542 config false; 543 description 544 "Time when the mapping was created."; 545 } 546 leaf authoritative { 547 type bits { 548 bit A { 549 description 550 "Authoritative bit."; 551 } 552 } 553 description 554 "Bit that indicates if mapping comes from an 555 authoritative source."; 556 } 557 leaf static { 558 type boolean; 559 default "false"; 560 description 561 "This leaf should be true if the mapping is static."; 562 } 563 choice locator-list { 564 description 565 "list of locartors are either negative, or positive."; 566 case negative-mapping { 567 leaf map-reply-action { 568 type map-reply-action; 569 description 570 "Forwarding action for a negative mapping."; 571 } 572 } 573 case positive-mapping { 574 container rlocs { 575 uses locators-grouping; 576 description 577 "List of locators for a positive mapping."; 578 } 579 } 580 } 581 } 583 grouping mappings { 584 description 585 "Grouping that defines a list of LISP mappings."; 586 list vpn { 587 key "instance-id"; 588 description 589 "VPN to which the mappings belong."; 590 leaf instance-id { 591 type leafref { 592 path "/rt:routing/rt:control-plane-protocols" 593 + "/rt:control-plane-protocol/lisp:lisp" 594 + "/lisp:vpns/lisp:vpn" 595 + "/lisp:instance-id"; 596 } 597 description 598 "VPN identifier."; 599 } 600 container mappings { 601 description 602 "Mappings within the VPN."; 603 list mapping { 604 key "id"; 605 description 606 "List of EID to RLOCs mappings."; 607 leaf id { 608 type eid-id; 609 description 610 "Id that uniquely identifies a mapping."; 611 } 612 uses mapping; 613 } 614 } 615 } 616 } 618 grouping auth-key { 619 description "Grouping that defines authentication keys."; 620 container authentication-keys { 621 description "Multiple authentication keys can be defined."; 622 list authentication-key { 623 key "auth-key-id"; 624 description 625 "Authentication key parameters."; 626 leaf auth-key-id { 627 type string; 628 description 629 "Identifier of the authentication key."; 630 } 631 leaf-list auth-algorithm-id { 632 type lisp:auth-algorithm-type; 633 description 634 "Authentication algorithm used with the key."; 635 } 636 leaf auth-key-value { 637 type string; 638 description 639 "Clear text authentication key."; 640 } 641 } 642 } 643 } 645 augment "/rt:routing/rt:control-plane-protocols" 646 + "/rt:control-plane-protocol" { 647 when "derived-from-or-self(rt:type, 'lisp:lisp')" { 648 description 649 "This augmentation is only valid for a control-plane protocol 650 instance of LISP."; 651 } 652 description "LISP protocol ietf-routing module 653 control-plane-protocol augmentation."; 655 container lisp { 656 description 657 "Parameters for the LISP subsystem."; 659 container locator-sets { 660 description 661 "Container that defines a named locator set which can be 662 referenced elsewhere."; 663 list locator-set { 664 key "locator-set-name"; 665 description 666 "Multiple locator sets can be defined."; 667 leaf locator-set-name { 668 type string { 669 length "1..64"; 670 } 671 description 672 "Locator set name"; 673 } 674 choice locator-type { 675 description 676 "Locator sets can be based on local interfaces, or 677 general locators."; 678 case local-interface { 679 uses local-locators-grouping; 680 description 681 "List of locators in this set based on local 682 interfaces."; 683 } 684 case general-locator { 685 uses locators-grouping; 686 description 687 "List of locators in this set based on lisp-address."; 688 } 689 } 690 } 691 } 693 list lisp-role { 694 key lisp-role-type; 695 description 696 "List of lisp device roles such as MS, MR, ITR, 697 PITR, ETR or PETR."; 698 leaf lisp-role-type { 699 type lisp-role-ref; 700 description 701 "The type of LISP device - identity derived from the 702 'lisp-device' base identity."; 703 } 704 } 706 container lisp-router-id { 707 when "../lisp-role/lisp-role-type = 'lisp:itr' or 708 ../lisp-role/lisp-role-type = 'lisp:pitr' or 709 ../lisp-role/lisp-role-type = 'lisp:etr' or 710 ../lisp-role/lisp-role-type = 'lisp:petr'" { 711 description "Only when ITR, PITR, ETR or PETR."; 712 } 713 description 714 "Site-ID and xTR-ID of the device."; 715 leaf site-id { 716 type uint64; 717 description "Site ID"; 718 } 719 leaf xtr-id { 720 type lisp:xtr-id-type; 721 description "xTR ID"; 722 } 723 } 725 container vpns { 726 when "../lisp-role/lisp-role-type = 'lisp:itr' or 727 ../lisp-role/lisp-role-type = 'lisp:pitr' or 728 ../lisp-role/lisp-role-type = 'lisp:etr' or 729 ../lisp-role/lisp-role-type = 'lisp:petr'" { 730 description "Only when ITR, PITR, ETR or PETR."; 731 } 732 description "VPNs"; 733 list vpn { 734 key instance-id; 735 unique "iid-name"; 736 description "List of VPNs"; 738 leaf instance-id { 739 type lcaf:instance-id-type; 740 description 741 "VPN identifier. The value 0 for instance-id must be used 742 for the default VRF."; 743 } 744 leaf iid-name { 745 type leafref { 746 path "/ni:network-instances/ni:network-instance/ni:name"; 747 } 748 mandatory true; 749 description 750 "Name of VPN (e.g. VRF) to which an instance-id is 751 bound. Each instance-id is bound to a different VPN"; 752 } 753 } 754 } 755 } 756 } 757 } 758 760 3. LISP-ITR Module 762 This module captures the configuration data model of a LISP ITR. The 763 model also captures some operational data elements. 765 3.1. Module Structure 767 module: ietf-lisp-itr 768 augment /rt:routing/rt:control-plane-protocols 769 /rt:control-plane-protocol/lisp:lisp: 770 +--rw itr! 771 +--rw rloc-probing! 772 | +--rw interval? uint16 773 | +--rw retries? uint8 774 | +--rw retries-interval? uint16 775 +--rw itr-rlocs? leafref 776 +--rw map-resolvers 777 | +--rw map-resolver* inet:ip-address 778 +--rw proxy-etrs 779 | +--rw proxy-etr-address* inet:ip-address 780 +--rw map-cache 781 +--ro size? uint32 782 +--ro limit? uint32 783 +--rw vpn* [instance-id] 784 +--rw instance-id 785 | -> /rt:routing/control-plane-protocols 786 | /control-plane-protocol/lisp:lisp/vpns 787 | /vpn/instance-id 788 +--rw mappings 789 +--rw mapping* [id] 790 +--rw id eid-id 791 +--rw eid 792 | +--rw address-type 793 | | lisp-address-family-ref 794 | +--rw (address)? 795 | +--:(no-address) 796 | | +--rw no-address? empty 797 | +--:(ipv4) 798 | | +--rw ipv4? 799 | | inet:ipv4-address 800 | +--:(ipv4-prefix) 801 | | +--rw ipv4-prefix? 802 | | inet:ipv4-prefix 803 | +--:(ipv6) 804 | | +--rw ipv6? 805 | | inet:ipv6-address 806 | +--:(ipv6-prefix) 807 | | +--rw ipv6-prefix? 808 | | inet:ipv6-prefix 809 | +--:(mac) 810 | | +--rw mac? 811 | | yang:mac-address 812 | +--:(distinguished-name) 813 | | +--rw distinguished-name? 814 | | distinguished-name-type 815 | +--:(as-number) 816 | | +--rw as-number? 817 | | inet:as-number 818 | +--:(null-address) 819 | | +--rw null-address 820 | | +--rw address? empty 821 | +--:(afi-list) 822 | | +--rw afi-list 823 | | +--rw address-list* simple-address 824 | +--:(instance-id) 825 | | +--rw instance-id 826 | | +--rw instance-id? instance-id-type 827 | | +--rw mask-length? uint8 828 | | +--rw address? simple-address 829 | +--:(as-number-lcaf) 830 | | +--rw as-number-lcaf 831 | | +--rw as? inet:as-number 832 | | +--rw address? simple-address 833 | +--:(application-data) 834 | | +--rw application-data 835 | | +--rw address? 836 | | | simple-address 837 | | +--rw protocol? uint8 838 | | +--rw ip-tos? int32 839 | | +--rw local-port-low? 840 | | | inet:port-number 841 | | +--rw local-port-high? 842 | | | inet:port-number 843 | | +--rw remote-port-low? 844 | | | inet:port-number 845 | | +--rw remote-port-high? 846 | | inet:port-number 847 | +--:(geo-coordinates) 848 | | +--rw geo-coordinates 849 | | +--rw latitude? bits 850 | | +--rw latitude-degrees? uint8 851 | | +--rw latitude-minutes? uint8 852 | | +--rw latitude-seconds? uint8 853 | | +--rw longitude? bits 854 | | +--rw longitude-degrees? uint16 855 | | +--rw longitude-minutes? uint8 856 | | +--rw longitude-seconds? uint8 857 | | +--rw altitude? int32 858 | | +--rw address? 859 | | simple-address 860 | +--:(nat-traversal) 861 | | +--rw nat-traversal 862 | | +--rw ms-udp-port? uint16 863 | | +--rw etr-udp-port? uint16 864 | | +--rw global-etr-rloc? 865 | | | simple-address 866 | | +--rw ms-rloc? 867 | | | simple-address 868 | | +--rw private-etr-rloc? 869 | | | simple-address 870 | | +--rw rtr-rlocs* 871 | | simple-address 872 | +--:(explicit-locator-path) 873 | | +--rw explicit-locator-path 874 | | +--rw hop* [hop-id] 875 | | +--rw hop-id string 876 | | +--rw address? simple-address 877 | | +--rw lrs-bits? bits 878 | +--:(source-dest-key) 879 | | +--rw source-dest-key 880 | | +--rw source? simple-address 881 | | +--rw dest? simple-address 882 | +--:(key-value-address) 883 | | +--rw key-value-address 884 | | +--rw key? simple-address 885 | | +--rw value? simple-address 886 | +--:(service-path) 887 | +--rw service-path 888 | +--rw service-path-id? 889 | | service-path-id-type 890 | +--rw service-index? uint8 891 +--rw time-to-live? uint32 892 +--ro creation-time? yang:date-and-time 893 +--rw authoritative? bits 894 +--rw static? boolean 895 +--rw (locator-list)? 896 +--:(negative-mapping) 897 | +--rw map-reply-action? map-reply-action 898 +--:(positive-mapping) 899 +--rw rlocs 900 +--rw locator* [id] 901 +--rw id string 902 +--rw locator-address 903 | +--rw address-type 904 | | lisp-address-family-ref 905 | +--rw (address)? 906 | +--:(no-address) 907 | | +--rw no-address? 908 | | empty 909 | +--:(ipv4) 910 | | +--rw ipv4? 911 | | inet:ipv4-address 912 | +--:(ipv4-prefix) 913 | | +--rw ipv4-prefix? 914 | | inet:ipv4-prefix 915 | +--:(ipv6) 916 | | +--rw ipv6? 917 | | inet:ipv6-address 918 | +--:(ipv6-prefix) 919 | | +--rw ipv6-prefix? 920 | | inet:ipv6-prefix 921 | +--:(mac) 922 | | +--rw mac? 923 | | yang:mac-address 924 | +--:(distinguished-name) 925 | | +--rw distinguished-name? 926 | | distinguished-name-type 927 | +--:(as-number) 928 | | +--rw as-number? 929 | | inet:as-number 930 | +--:(null-address) 931 | | +--rw null-address 932 | | +--rw address? empty 933 | +--:(afi-list) 934 | | +--rw afi-list 935 | | +--rw address-list* 936 | | simple-address 937 | +--:(instance-id) 938 | | +--rw instance-id 939 | | +--rw instance-id? 940 | | | instance-id-type 941 | | +--rw mask-length? uint8 942 | | +--rw address? 943 | | simple-address 944 | +--:(as-number-lcaf) 945 | | +--rw as-number-lcaf 946 | | +--rw as? 947 | | | inet:as-number 948 | | +--rw address? 949 | | simple-address 950 | +--:(application-data) 951 | | +--rw application-data 952 | | +--rw address? 953 | | | simple-address 954 | | +--rw protocol? 955 | | | uint8 956 | | +--rw ip-tos? 957 | | | int32 958 | | +--rw local-port-low? 959 | | | inet:port-number 960 | | +--rw local-port-high? 961 | | | inet:port-number 962 | | +--rw remote-port-low? 963 | | | inet:port-number 964 | | +--rw remote-port-high? 965 | | inet:port-number 966 | +--:(geo-coordinates) 967 | | +--rw geo-coordinates 968 | | +--rw latitude? 969 | | | bits 970 | | +--rw latitude-degrees? 971 | | | uint8 972 | | +--rw latitude-minutes? 973 | | | uint8 974 | | +--rw latitude-seconds? 975 | | | uint8 976 | | +--rw longitude? 977 | | | bits 978 | | +--rw longitude-degrees? 979 | | | uint16 980 | | +--rw longitude-minutes? 981 | | | uint8 982 | | +--rw longitude-seconds? 983 | | | uint8 984 | | +--rw altitude? 985 | | | int32 986 | | +--rw address? 987 | | simple-address 988 | +--:(nat-traversal) 989 | | +--rw nat-traversal 990 | | +--rw ms-udp-port? 991 | | | uint16 992 | | +--rw etr-udp-port? 993 | | | uint16 994 | | +--rw global-etr-rloc? 995 | | | simple-address 996 | | +--rw ms-rloc? 997 | | | simple-address 998 | | +--rw private-etr-rloc? 999 | | | simple-address 1000 | | +--rw rtr-rlocs* 1001 | | simple-address 1002 | +--:(explicit-locator-path) 1003 | | +--rw explicit-locator-path 1004 | | +--rw hop* [hop-id] 1005 | | +--rw hop-id 1006 | | | string 1007 | | +--rw address? 1008 | | | simple-address 1009 | | +--rw lrs-bits? bits 1010 | +--:(source-dest-key) 1011 | | +--rw source-dest-key 1012 | | +--rw source? 1013 | | | simple-address 1014 | | +--rw dest? 1015 | | simple-address 1016 | +--:(key-value-address) 1017 | | +--rw key-value-address 1018 | | +--rw key? 1019 | | | simple-address 1020 | | +--rw value? 1021 | | simple-address 1022 | +--:(service-path) 1023 | +--rw service-path 1024 | +--rw service-path-id? 1025 | | service-path-id-type 1026 | +--rw service-index? 1027 | uint8 1028 +--rw priority? uint8 1029 +--rw weight? uint8 1030 +--rw multicast-priority? uint8 1031 +--rw multicast-weight? uint8 1033 3.2. Module Definition 1035 file "ietf-lisp-itr@2019-02-23.yang" 1036 module ietf-lisp-itr { 1037 yang-version 1.1; 1039 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp-itr"; 1041 prefix lisp-itr; 1043 // RFC Ed.: replace occurences of XXXX with actual RFC number 1044 // and remove this note 1045 import ietf-lisp { 1046 prefix lisp; 1047 reference "RFC XXXX: LISP YANG model"; 1048 } 1049 import ietf-inet-types { 1050 prefix inet; 1051 reference "RFC 6991: Common YANG Data Types"; 1052 } 1053 import ietf-routing { 1054 prefix "rt"; 1055 reference 1056 "RFC 8349: A YANG Data Model for Routing Management 1057 (NMDA version)"; 1058 } 1060 organization 1061 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 1062 contact 1063 "WG Web: 1064 WG List: 1066 Editor: Vina Ermagan 1067 1069 Editor: Alberto Rodriguez-Natal 1070 1072 Editor: Reshad Rahman 1073 "; 1074 description 1075 "This YANG module defines the generic parameters for a LISP 1076 ITR. The module can be extended by vendors to define 1077 vendor-specific parameters and policies. 1079 Copyright (c) 2018 IETF Trust and the persons identified as 1080 authors of the code. All rights reserved. 1082 Redistribution and use in source and binary forms, with or 1083 without modification, is permitted pursuant to, and subject 1084 to the license terms contained in, the Simplified BSD License 1085 set forth in Section 4.c of the IETF Trust's Legal Provisions 1086 Relating to IETF Documents 1087 (http://trustee.ietf.org/license-info). 1089 This version of this YANG module is part of RFC XXXX; see 1090 the RFC itself for full legal notices. 1091 "; 1093 reference "RFC XXXX"; 1095 revision 2019-02-23 { 1096 description 1097 "Initial revision."; 1098 reference 1099 "https://tools.ietf.org/html/rfc6830"; 1100 } 1101 augment "/rt:routing/rt:control-plane-protocols" 1102 + "/rt:control-plane-protocol/lisp:lisp" { 1103 when "lisp:lisp-role/lisp:lisp-role-type = 'lisp:itr' or 1104 lisp:lisp-role/lisp:lisp-role-type = 'lisp:pitr'" { 1105 description 1106 "Augment is valid when LISP role type is ITR or PITR."; 1107 } 1108 description 1109 "This augments LISP devices list with (P)ITR specific 1110 parameters."; 1111 container itr { 1112 presence "LISP (P)ITR operation enabled"; 1113 description 1114 "ITR parameters"; 1115 container rloc-probing { 1116 presence "RLOC probing active"; 1117 description 1118 "RLOC-probing parameters"; 1119 leaf interval { 1120 type uint16; 1121 units "seconds"; 1122 description 1123 "Interval in seconds for resending the probes"; 1124 } 1125 leaf retries { 1126 type uint8; 1127 description 1128 "Number of retries for sending the probes"; 1129 } 1130 leaf retries-interval { 1131 type uint16; 1132 units "seconds"; 1133 description 1134 "Interval in seconds between retries when sending probes. 1135 The action taken if all retries fail to receive is 1136 impementation specific."; 1137 } 1138 } 1139 leaf itr-rlocs { 1140 type leafref { 1141 path "/rt:routing/rt:control-plane-protocols" 1142 + "/rt:control-plane-protocol/lisp:lisp" 1143 + "/lisp:locator-sets/lisp:locator-set" 1144 + "/lisp:locator-set-name"; 1145 } 1146 description 1147 "Reference to a locator set that the (P)ITR includes in 1148 Map-Requests"; 1150 } 1151 container map-resolvers { 1152 description 1153 "Map-Resolvers that the (P)ITR uses."; 1154 leaf-list map-resolver { 1155 type inet:ip-address; 1156 description 1157 "Each Map-Resolver within the list of Map-Resolvers."; 1158 } 1159 } 1160 container proxy-etrs { 1161 when "../../lisp:lisp-role/lisp:lisp-role-type = 'lisp:itr'" { 1162 description 1163 "Container exists only when LISP role type is ITR"; 1164 } 1165 description 1166 "Proxy ETRs that the ITR uses."; 1167 leaf-list proxy-etr-address{ 1168 type inet:ip-address; 1169 description 1170 "Proxy ETR RLOC address."; 1171 } 1172 } 1173 container map-cache { 1174 leaf size { 1175 type uint32; 1176 config false; 1177 description 1178 "Current number of entries in the EID-to-RLOC map-cache"; 1179 } 1180 leaf limit { 1181 type uint32; 1182 config false; 1183 description 1184 "Maximum permissible number of entries in the EID-to-RLOC 1185 map-cache"; 1186 } 1188 uses lisp:mappings; 1189 description 1190 "EID to RLOCs mappings cache."; 1191 } 1192 } 1193 } 1194 } 1195 1197 4. LISP-ETR Module 1199 This module captures the configuration data model of a LISP ETR. The 1200 model also captures some operational data elements. 1202 4.1. Module Structure 1204 module: ietf-lisp-etr 1205 augment /rt:routing/rt:control-plane-protocols 1206 /rt:control-plane-protocol/lisp:lisp: 1207 +--rw etr! 1208 +--rw map-servers 1209 | +--rw map-server* [ms-address] 1210 | +--rw ms-address inet:ip-address 1211 | +--rw authentication-keys 1212 | +--rw authentication-key* [auth-key-id] 1213 | +--rw auth-key-id string 1214 | +--rw auth-algorithm-id* lisp:auth-algorithm-type 1215 | +--rw auth-key-value? string 1216 +--rw local-eids 1217 +--rw vpn* [instance-id] 1218 +--rw instance-id 1219 | -> /rt:routing/control-plane-protocols 1220 | /control-plane-protocol/lisp:lisp/vpns 1221 | /vpn/instance-id 1222 +--rw eids 1223 +--rw local-eid* [id] 1224 +--rw id lisp:eid-id 1225 +--rw eid-address 1226 | +--rw address-type 1227 | | lisp-address-family-ref 1228 | +--rw (address)? 1229 | +--:(no-address) 1230 | | +--rw no-address? empty 1231 | +--:(ipv4) 1232 | | +--rw ipv4? 1233 | | inet:ipv4-address 1234 | +--:(ipv4-prefix) 1235 | | +--rw ipv4-prefix? 1236 | | inet:ipv4-prefix 1237 | +--:(ipv6) 1238 | | +--rw ipv6? 1239 | | inet:ipv6-address 1240 | +--:(ipv6-prefix) 1241 | | +--rw ipv6-prefix? 1242 | | inet:ipv6-prefix 1243 | +--:(mac) 1244 | | +--rw mac? 1245 | | yang:mac-address 1246 | +--:(distinguished-name) 1247 | | +--rw distinguished-name? 1248 | | distinguished-name-type 1249 | +--:(as-number) 1250 | | +--rw as-number? 1251 | | inet:as-number 1252 | +--:(null-address) 1253 | | +--rw null-address 1254 | | +--rw address? empty 1255 | +--:(afi-list) 1256 | | +--rw afi-list 1257 | | +--rw address-list* simple-address 1258 | +--:(instance-id) 1259 | | +--rw instance-id 1260 | | +--rw instance-id? instance-id-type 1261 | | +--rw mask-length? uint8 1262 | | +--rw address? simple-address 1263 | +--:(as-number-lcaf) 1264 | | +--rw as-number-lcaf 1265 | | +--rw as? inet:as-number 1266 | | +--rw address? simple-address 1267 | +--:(application-data) 1268 | | +--rw application-data 1269 | | +--rw address? 1270 | | | simple-address 1271 | | +--rw protocol? uint8 1272 | | +--rw ip-tos? int32 1273 | | +--rw local-port-low? 1274 | | | inet:port-number 1275 | | +--rw local-port-high? 1276 | | | inet:port-number 1277 | | +--rw remote-port-low? 1278 | | | inet:port-number 1279 | | +--rw remote-port-high? 1280 | | inet:port-number 1281 | +--:(geo-coordinates) 1282 | | +--rw geo-coordinates 1283 | | +--rw latitude? bits 1284 | | +--rw latitude-degrees? uint8 1285 | | +--rw latitude-minutes? uint8 1286 | | +--rw latitude-seconds? uint8 1287 | | +--rw longitude? bits 1288 | | +--rw longitude-degrees? uint16 1289 | | +--rw longitude-minutes? uint8 1290 | | +--rw longitude-seconds? uint8 1291 | | +--rw altitude? int32 1292 | | +--rw address? 1293 | | simple-address 1294 | +--:(nat-traversal) 1295 | | +--rw nat-traversal 1296 | | +--rw ms-udp-port? uint16 1297 | | +--rw etr-udp-port? uint16 1298 | | +--rw global-etr-rloc? 1299 | | | simple-address 1300 | | +--rw ms-rloc? 1301 | | | simple-address 1302 | | +--rw private-etr-rloc? 1303 | | | simple-address 1304 | | +--rw rtr-rlocs* 1305 | | simple-address 1306 | +--:(explicit-locator-path) 1307 | | +--rw explicit-locator-path 1308 | | +--rw hop* [hop-id] 1309 | | +--rw hop-id string 1310 | | +--rw address? simple-address 1311 | | +--rw lrs-bits? bits 1312 | +--:(source-dest-key) 1313 | | +--rw source-dest-key 1314 | | +--rw source? simple-address 1315 | | +--rw dest? simple-address 1316 | +--:(key-value-address) 1317 | | +--rw key-value-address 1318 | | +--rw key? simple-address 1319 | | +--rw value? simple-address 1320 | +--:(service-path) 1321 | +--rw service-path 1322 | +--rw service-path-id? 1323 | | service-path-id-type 1324 | +--rw service-index? uint8 1325 +--rw rlocs? leafref 1326 | -> /rt:routing/control-plane-protocols 1327 | /control-plane-protocol/lisp:lisp 1328 | /locator-sets 1329 | /locator-set/locator-set-name 1330 +--rw record-ttl? uint32 1331 +--rw want-map-notify? boolean 1332 +--rw proxy-reply? boolean 1333 +--rw registration-interval? uint16 1335 4.2. Module Definition 1337 file "ietf-lisp-etr@2019-02-23.yang" 1338 module ietf-lisp-etr { 1339 yang-version 1.1; 1340 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp-etr"; 1342 prefix lisp-etr; 1344 // RFC Ed.: replace occurences of XXXX with actual RFC number 1345 // and remove this note 1346 import ietf-lisp { 1347 prefix lisp; 1348 reference "RFC XXXX: LISP YANG model"; 1349 } 1350 import ietf-lisp-address-types { 1351 prefix lcaf; 1352 reference "RFC XXXX: LISP YANG model"; 1353 } 1354 import ietf-inet-types { 1355 prefix inet; 1356 reference "RFC 6991: Common YANG Data Types"; 1357 } 1358 import ietf-routing { 1359 prefix "rt"; 1360 reference 1361 "RFC 8349: A YANG Data Model for Routing Management 1362 (NMDA version)"; 1363 } 1365 organization 1366 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 1367 contact 1368 "WG Web: 1369 WG List: 1371 Editor: Vina Ermagan 1372 1374 Editor: Alberto Rodriguez-Natal 1375 1377 Editor: Reshad Rahman 1378 "; 1379 description 1380 "This YANG module defines the generic parameters for a LISP 1381 ETR. The module can be extended by vendors to define 1382 vendor-specific parameters and policies. 1384 Copyright (c) 2018 IETF Trust and the persons identified as 1385 authors of the code. All rights reserved. 1387 Redistribution and use in source and binary forms, with or 1388 without modification, is permitted pursuant to, and subject 1389 to the license terms contained in, the Simplified BSD License 1390 set forth in Section 4.c of the IETF Trust's Legal Provisions 1391 Relating to IETF Documents 1392 (http://trustee.ietf.org/license-info). 1394 This version of this YANG module is part of RFC XXXX; see 1395 the RFC itself for full legal notices. 1396 "; 1398 reference "RFC XXXX"; 1400 revision 2019-02-23 { 1401 description 1402 "Initial revision."; 1403 reference 1404 "https://tools.ietf.org/html/rfc6830"; 1405 } 1406 augment "/rt:routing/rt:control-plane-protocols" 1407 + "/rt:control-plane-protocol/lisp:lisp" { 1408 when "lisp:lisp-role/lisp:lisp-role-type = 'lisp:etr' or 1409 lisp:lisp-role/lisp:lisp-role-type = 'lisp:petr'" { 1410 description 1411 "Augment is valid when LISP device type is (P)ETR."; 1412 } 1413 description 1414 "This augments LISP devices list with (P)ETR specific 1415 parameters."; 1416 container etr { 1417 presence "LISP (P)ETR operation enabled"; 1418 description 1419 "(P)ETR parameters."; 1421 container map-servers { 1422 when "../../lisp:lisp-role/lisp:lisp-role-type = 'lisp:etr'" { 1423 description 1424 "Container exists only when LISP device type is ETR."; 1425 } 1426 description 1427 "Map-Servers that the ETR uses."; 1428 list map-server { 1429 key "ms-address"; 1430 description 1431 "Each Map-Server within the list of Map-Servers."; 1432 leaf ms-address { 1433 type inet:ip-address; 1434 description 1435 "Map-Server address."; 1437 } 1438 uses lisp:auth-key; 1439 } 1440 } 1442 container local-eids { 1443 when "../../lisp:lisp-role/lisp:lisp-role-type = 'lisp:etr'" { 1444 description 1445 "Container exists only when LISP device type is ETR."; 1446 } 1447 description 1448 "VPNs served by the ETR."; 1449 list vpn { 1450 key "instance-id"; 1451 description 1452 "VPN for local-EIDs."; 1453 leaf instance-id { 1454 type leafref { 1455 path "/rt:routing/rt:control-plane-protocols" 1456 + "/rt:control-plane-protocol/lisp:lisp" 1457 + "/lisp:vpns/lisp:vpn" 1458 + "/lisp:instance-id"; 1459 } 1460 description 1461 "VPN identifier."; 1462 } 1463 container eids { 1464 description 1465 "EIDs served by the ETR."; 1466 list local-eid { 1467 key "id"; 1468 description 1469 "List of local EIDs."; 1470 leaf id { 1471 type lisp:eid-id; 1472 description 1473 "Unique id of local EID."; 1474 } 1475 container eid-address { 1476 uses lcaf:lisp-address; 1477 description 1478 "EID address in generic LISP address format."; 1479 } 1480 leaf rlocs { 1481 type leafref { 1482 path "/rt:routing/rt:control-plane-protocols" 1483 + "/rt:control-plane-protocol/lisp:lisp" 1484 + "/lisp:locator-sets/lisp:locator-set" 1485 + "/lisp:locator-set-name"; 1486 } 1487 description 1488 "Locator set mapped to this local EID."; 1489 } 1490 leaf record-ttl { 1491 type uint32; 1492 units minutes; 1493 description 1494 "Validity period of the EID to RLOCs mapping provided 1495 in Map-Replies."; 1496 } 1497 leaf want-map-notify { 1498 type boolean; 1499 default "true"; 1500 description 1501 "Flag which if set in a Map-Register requests that a 1502 Map-Notify be sent in response."; 1503 } 1504 leaf proxy-reply { 1505 type boolean; 1506 default "false"; 1507 description 1508 "Flag which if set in a Map-Register requests that the 1509 Map-Server proxy Map-Replies for the ETR."; 1510 } 1511 leaf registration-interval { 1512 type uint16; 1513 units "seconds"; 1514 default "60"; 1515 description 1516 "Interval between consecutive Map-Register messages."; 1517 } 1518 } 1519 } 1520 } 1521 } 1522 } 1523 } 1524 } 1525 1527 5. LISP-Map-Server Module 1529 This module captures the configuration data model of a LISP Map 1530 Server [RFC6833]. The model also captures some operational data 1531 elements. 1533 5.1. Module Structure 1535 module: ietf-lisp-mapserver 1536 augment /rt:routing/rt:control-plane-protocols 1537 /rt:control-plane-protocol/lisp:lisp: 1538 +--rw map-server! 1539 +--rw sites 1540 | +--rw site* [site-id] 1541 | +--rw site-id uint64 1542 | +--rw authentication-keys 1543 | | +--rw authentication-key* [auth-key-id] 1544 | | +--rw auth-key-id string 1545 | | +--rw auth-algorithm-id* 1546 | | | lisp:auth-algorithm-type 1547 | | +--rw auth-key-value? string 1548 | +--rw xtr-ids* [xtr-id] 1549 | +--rw xtr-id uint64 1550 | +--rw authentication-keys 1551 | +--rw authentication-key* [auth-key-id] 1552 | +--rw auth-key-id string 1553 | +--rw auth-algorithm-id* 1554 | | lisp:auth-algorithm-type 1555 | +--rw auth-key-value? string 1556 +--rw vpns 1557 | +--rw vpn* [instance-id] 1558 | +--rw instance-id lcaf:instance-id-type 1559 | +--rw mappings 1560 | | +--rw mapping* [eid-id] 1561 | | +--rw eid-id lisp:eid-id 1562 | | +--rw eid-address 1563 | | | +--rw address-type 1564 | | | | lisp-address-family-ref 1565 | | | +--rw (address)? 1566 | | | +--:(no-address) 1567 | | | | +--rw no-address? empty 1568 | | | +--:(ipv4) 1569 | | | | +--rw ipv4? 1570 | | | | inet:ipv4-address 1571 | | | +--:(ipv4-prefix) 1572 | | | | +--rw ipv4-prefix? 1573 | | | | inet:ipv4-prefix 1574 | | | +--:(ipv6) 1575 | | | | +--rw ipv6? 1576 | | | | inet:ipv6-address 1577 | | | +--:(ipv6-prefix) 1578 | | | | +--rw ipv6-prefix? 1579 | | | | inet:ipv6-prefix 1580 | | | +--:(mac) 1581 | | | | +--rw mac? 1582 | | | | yang:mac-address 1583 | | | +--:(distinguished-name) 1584 | | | | +--rw distinguished-name? 1585 | | | | distinguished-name-type 1586 | | | +--:(as-number) 1587 | | | | +--rw as-number? 1588 | | | | inet:as-number 1589 | | | +--:(null-address) 1590 | | | | +--rw null-address 1591 | | | | +--rw address? empty 1592 | | | +--:(afi-list) 1593 | | | | +--rw afi-list 1594 | | | | +--rw address-list* simple-address 1595 | | | +--:(instance-id) 1596 | | | | +--rw instance-id 1597 | | | | +--rw instance-id? instance-id-type 1598 | | | | +--rw mask-length? uint8 1599 | | | | +--rw address? simple-address 1600 | | | +--:(as-number-lcaf) 1601 | | | | +--rw as-number-lcaf 1602 | | | | +--rw as? inet:as-number 1603 | | | | +--rw address? simple-address 1604 | | | +--:(application-data) 1605 | | | | +--rw application-data 1606 | | | | +--rw address? 1607 | | | | | simple-address 1608 | | | | +--rw protocol? uint8 1609 | | | | +--rw ip-tos? int32 1610 | | | | +--rw local-port-low? 1611 | | | | | inet:port-number 1612 | | | | +--rw local-port-high? 1613 | | | | | inet:port-number 1614 | | | | +--rw remote-port-low? 1615 | | | | | inet:port-number 1616 | | | | +--rw remote-port-high? 1617 | | | | inet:port-number 1618 | | | +--:(geo-coordinates) 1619 | | | | +--rw geo-coordinates 1620 | | | | +--rw latitude? bits 1621 | | | | +--rw latitude-degrees? uint8 1622 | | | | +--rw latitude-minutes? uint8 1623 | | | | +--rw latitude-seconds? uint8 1624 | | | | +--rw longitude? bits 1625 | | | | +--rw longitude-degrees? uint16 1626 | | | | +--rw longitude-minutes? uint8 1627 | | | | +--rw longitude-seconds? uint8 1628 | | | | +--rw altitude? int32 1629 | | | | +--rw address? 1630 | | | | simple-address 1631 | | | +--:(nat-traversal) 1632 | | | | +--rw nat-traversal 1633 | | | | +--rw ms-udp-port? uint16 1634 | | | | +--rw etr-udp-port? uint16 1635 | | | | +--rw global-etr-rloc? 1636 | | | | | simple-address 1637 | | | | +--rw ms-rloc? 1638 | | | | | simple-address 1639 | | | | +--rw private-etr-rloc? 1640 | | | | | simple-address 1641 | | | | +--rw rtr-rlocs* 1642 | | | | simple-address 1643 | | | +--:(explicit-locator-path) 1644 | | | | +--rw explicit-locator-path 1645 | | | | +--rw hop* [hop-id] 1646 | | | | +--rw hop-id string 1647 | | | | +--rw address? simple-address 1648 | | | | +--rw lrs-bits? bits 1649 | | | +--:(source-dest-key) 1650 | | | | +--rw source-dest-key 1651 | | | | +--rw source? simple-address 1652 | | | | +--rw dest? simple-address 1653 | | | +--:(key-value-address) 1654 | | | | +--rw key-value-address 1655 | | | | +--rw key? simple-address 1656 | | | | +--rw value? simple-address 1657 | | | +--:(service-path) 1658 | | | +--rw service-path 1659 | | | +--rw service-path-id? 1660 | | | | service-path-id-type 1661 | | | +--rw service-index? uint8 1662 | | +--rw site-id* uint64 1663 | | +--rw more-specifics-accepted? boolean 1664 | | +--rw mapping-expiration-timeout? int16 1665 | | +--ro first-registration-time? 1666 | | | yang:date-and-time 1667 | | +--ro last-registration-time? 1668 | | | yang:date-and-time 1669 | | +--rw mapping-records 1670 | | +--rw mapping-record* [xtr-id] 1671 | | +--rw xtr-id 1672 | | | lisp:xtr-id-type 1673 | | +--rw site-id? uint64 1674 | | +--rw eid 1675 | | | +--rw address-type 1676 | | | | lisp-address-family-ref 1677 | | | +--rw (address)? 1678 | | | +--:(no-address) 1679 | | | | +--rw no-address? 1680 | | | | empty 1681 | | | +--:(ipv4) 1682 | | | | +--rw ipv4? 1683 | | | | inet:ipv4-address 1684 | | | +--:(ipv4-prefix) 1685 | | | | +--rw ipv4-prefix? 1686 | | | | inet:ipv4-prefix 1687 | | | +--:(ipv6) 1688 | | | | +--rw ipv6? 1689 | | | | inet:ipv6-address 1690 | | | +--:(ipv6-prefix) 1691 | | | | +--rw ipv6-prefix? 1692 | | | | inet:ipv6-prefix 1693 | | | +--:(mac) 1694 | | | | +--rw mac? 1695 | | | | yang:mac-address 1696 | | | +--:(distinguished-name) 1697 | | | | +--rw distinguished-name? 1698 | | | | distinguished-name-type 1699 | | | +--:(as-number) 1700 | | | | +--rw as-number? 1701 | | | | inet:as-number 1702 | | | +--:(null-address) 1703 | | | | +--rw null-address 1704 | | | | +--rw address? empty 1705 | | | +--:(afi-list) 1706 | | | | +--rw afi-list 1707 | | | | +--rw address-list* 1708 | | | | simple-address 1709 | | | +--:(instance-id) 1710 | | | | +--rw instance-id 1711 | | | | +--rw instance-id? 1712 | | | | | instance-id-type 1713 | | | | +--rw mask-length? uint8 1714 | | | | +--rw address? 1715 | | | | simple-address 1716 | | | +--:(as-number-lcaf) 1717 | | | | +--rw as-number-lcaf 1718 | | | | +--rw as? inet:as-number 1719 | | | | +--rw address? simple-address 1720 | | | +--:(application-data) 1721 | | | | +--rw application-data 1722 | | | | +--rw address? 1723 | | | | | simple-address 1724 | | | | +--rw protocol? uint8 1725 | | | | +--rw ip-tos? int32 1726 | | | | +--rw local-port-low? 1727 | | | | | inet:port-number 1728 | | | | +--rw local-port-high? 1729 | | | | | inet:port-number 1730 | | | | +--rw remote-port-low? 1731 | | | | | inet:port-number 1732 | | | | +--rw remote-port-high? 1733 | | | | inet:port-number 1734 | | | +--:(geo-coordinates) 1735 | | | | +--rw geo-coordinates 1736 | | | | +--rw latitude? bits 1737 | | | | +--rw latitude-degrees? uint8 1738 | | | | +--rw latitude-minutes? uint8 1739 | | | | +--rw latitude-seconds? uint8 1740 | | | | +--rw longitude? bits 1741 | | | | +--rw longitude-degrees? 1742 | | | | | uint16 1743 | | | | +--rw longitude-minutes? uint8 1744 | | | | +--rw longitude-seconds? uint8 1745 | | | | +--rw altitude? int32 1746 | | | | +--rw address? 1747 | | | | simple-address 1748 | | | +--:(nat-traversal) 1749 | | | | +--rw nat-traversal 1750 | | | | +--rw ms-udp-port? uint16 1751 | | | | +--rw etr-udp-port? uint16 1752 | | | | +--rw global-etr-rloc? 1753 | | | | | simple-address 1754 | | | | +--rw ms-rloc? 1755 | | | | | simple-address 1756 | | | | +--rw private-etr-rloc? 1757 | | | | | simple-address 1758 | | | | +--rw rtr-rlocs* 1759 | | | | simple-address 1760 | | | +--:(explicit-locator-path) 1761 | | | | +--rw explicit-locator-path 1762 | | | | +--rw hop* [hop-id] 1763 | | | | +--rw hop-id string 1764 | | | | +--rw address? 1765 | | | | | simple-address 1766 | | | | +--rw lrs-bits? bits 1767 | | | +--:(source-dest-key) 1768 | | | | +--rw source-dest-key 1769 | | | | +--rw source? simple-address 1770 | | | | +--rw dest? simple-address 1771 | | | +--:(key-value-address) 1772 | | | | +--rw key-value-address 1773 | | | | +--rw key? simple-address 1774 | | | | +--rw value? simple-address 1775 | | | +--:(service-path) 1776 | | | +--rw service-path 1777 | | | +--rw service-path-id? 1778 | | | | service-path-id-type 1779 | | | +--rw service-index? uint8 1780 | | +--rw time-to-live? uint32 1781 | | +--ro creation-time? 1782 | | | yang:date-and-time 1783 | | +--rw authoritative? bits 1784 | | +--rw static? boolean 1785 | | +--rw (locator-list)? 1786 | | +--:(negative-mapping) 1787 | | | +--rw map-reply-action? 1788 | | | map-reply-action 1789 | | +--:(positive-mapping) 1790 | | +--rw rlocs 1791 | | +--rw locator* [id] 1792 | | +--rw id 1793 | | | string 1794 | | +--rw locator-address 1795 | | | +--rw address-type 1796 | | | | lisp-address-family-ref 1797 | | | +--rw (address)? 1798 | | | +--:(no-address) 1799 | | | | +--rw no-address? 1800 | | | | empty 1801 | | | +--:(ipv4) 1802 | | | | +--rw ipv4? 1803 | | | | inet:ipv4-address 1804 | | | +--:(ipv4-prefix) 1805 | | | | +--rw ipv4-prefix? 1806 | | | | inet:ipv4-prefix 1807 | | | +--:(ipv6) 1808 | | | | +--rw ipv6? 1809 | | | | inet:ipv6-address 1810 | | | +--:(ipv6-prefix) 1811 | | | | +--rw ipv6-prefix? 1812 | | | | inet:ipv6-prefix 1813 | | | +--:(mac) 1814 | | | | +--rw mac? 1815 | | | | yang:mac-address 1816 | | | +--:(distinguished-name) 1817 | | | | +--rw distinguished-name? 1818 | | | | distinguished-name-type 1819 | | | +--:(as-number) 1820 | | | | +--rw as-number? 1821 | | | | inet:as-number 1822 | | | +--:(null-address) 1823 | | | | +--rw null-address 1824 | | | | +--rw address? 1825 | | | | empty 1826 | | | +--:(afi-list) 1827 | | | | +--rw afi-list 1828 | | | | +--rw address-list* 1829 | | | | simple-address 1830 | | | +--:(instance-id) 1831 | | | | +--rw instance-id 1832 | | | | +--rw instance-id? 1833 | | | | | instance-id-type 1834 | | | | +--rw mask-length? 1835 | | | | | uint8 1836 | | | | +--rw address? 1837 | | | | simple-address 1838 | | | +--:(as-number-lcaf) 1839 | | | | +--rw as-number-lcaf 1840 | | | | +--rw as? 1841 | | | | | inet:as-number 1842 | | | | +--rw address? 1843 | | | | simple-address 1844 | | | +--:(application-data) 1845 | | | | +--rw application-data 1846 | | | | +--rw address? 1847 | | | | | simple-address 1848 | | | | +--rw protocol? 1849 | | | | | uint8 1850 | | | | +--rw ip-tos? 1851 | | | | | int32 1852 | | | | +--rw local-port-low? 1853 | | | | | inet:port-number 1854 | | | | +--rw local-port-high? 1855 | | | | | inet:port-number 1856 | | | | +--rw remote-port-low? 1857 | | | | | inet:port-number 1858 | | | | +--rw remote-port-high? 1859 | | | | inet:port-number 1860 | | | +--:(geo-coordinates) 1861 | | | | +--rw geo-coordinates 1862 | | | | +--rw latitude? 1863 | | | | | bits 1864 | | | | +--rw latitude-degrees? 1865 | | | | | uint8 1866 | | | | +--rw latitude-minutes? 1867 | | | | | uint8 1868 | | | | +--rw latitude-seconds? 1869 | | | | | uint8 1870 | | | | +--rw longitude? 1871 | | | | | bits 1872 | | | | +--rw longitude-degrees? 1873 | | | | | uint16 1874 | | | | +--rw longitude-minutes? 1875 | | | | | uint8 1876 | | | | +--rw longitude-seconds? 1877 | | | | | uint8 1878 | | | | +--rw altitude? 1879 | | | | | int32 1880 | | | | +--rw address? 1881 | | | | simple-address 1882 | | | +--:(nat-traversal) 1883 | | | | +--rw nat-traversal 1884 | | | | +--rw ms-udp-port? 1885 | | | | | uint16 1886 | | | | +--rw etr-udp-port? 1887 | | | | | uint16 1888 | | | | +--rw global-etr-rloc? 1889 | | | | | simple-address 1890 | | | | +--rw ms-rloc? 1891 | | | | | simple-address 1892 | | | | +--rw private-etr-rloc? 1893 | | | | | simple-address 1894 | | | | +--rw rtr-rlocs* 1895 | | | | simple-address 1896 | | | +--:(explicit-locator-path) 1897 | | | | +--rw explicit-locator-path 1898 | | | | +--rw hop* [hop-id] 1899 | | | | +--rw hop-id 1900 | | | | | string 1901 | | | | +--rw address? 1902 | | | | | simple-address 1903 | | | | +--rw lrs-bits? 1904 | | | | bits 1905 | | | +--:(source-dest-key) 1906 | | | | +--rw source-dest-key 1907 | | | | +--rw source? 1908 | | | | | simple-address 1909 | | | | +--rw dest? 1910 | | | | simple-address 1911 | | | +--:(key-value-address) 1912 | | | | +--rw key-value-address 1913 | | | | +--rw key? 1914 | | | | | simple-address 1915 | | | | +--rw value? 1916 | | | | simple-address 1917 | | | +--:(service-path) 1918 | | | +--rw service-path 1919 | | | +--rw service-path-id? 1920 | | | | service-path-id-type 1921 | | | +--rw service-index? 1922 | | | uint8 1923 | | +--rw priority? 1924 | | | uint8 1925 | | +--rw weight? 1926 | | | uint8 1927 | | +--rw multicast-priority? 1928 | | | uint8 1929 | | +--rw multicast-weight? 1930 | | uint8 1931 | +--ro counters 1932 | +--ro map-registers-in? yang:counter64 1933 | +--ro map-registers-in-auth-failed? yang:counter64 1934 | +--ro map-notify-records-out? yang:counter64 1935 | +--ro proxy-reply-records-out? yang:counter64 1936 | +--ro map-requests-forwarded-out? yang:counter64 1937 +--rw mapping-system-type? lisp:mapping-system-ref 1938 +--ro summary 1939 | +--ro number-configured-sites? uint32 1940 | +--ro number-registered-sites? uint32 1941 | +--ro af-datum 1942 | +--ro af-data* [address-type] 1943 | +--ro address-type 1944 | | lcaf:lisp-address-family-ref 1945 | +--ro number-configured-eids? uint32 1946 | +--ro number-registered-eids? uint32 1947 +--ro counters 1948 +--ro map-registers-in? yang:counter64 1949 +--ro map-registers-in-auth-failed? yang:counter64 1950 +--ro map-notify-records-out? yang:counter64 1951 +--ro proxy-reply-records-out? yang:counter64 1952 +--ro map-requests-forwarded-out? yang:counter64 1954 5.2. Module Definition 1956 file "ietf-lisp-mapserver@2019-03-05.yang" 1957 module ietf-lisp-mapserver { 1958 yang-version 1.1; 1960 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp-mapserver"; 1962 prefix lisp-ms; 1964 // RFC Ed.: replace occurences of XXXX with actual RFC number 1965 // and remove this note 1966 import ietf-lisp { 1967 prefix lisp; 1968 reference "RFC XXXX: LISP YANG model"; 1969 } 1970 import ietf-lisp-address-types { 1971 prefix lcaf; 1972 reference "RFC XXXX: LISP YANG model"; 1973 } 1974 import ietf-yang-types { 1975 prefix yang; 1976 reference "RFC 6991: Common YANG Data Types"; 1977 } 1978 import ietf-routing { 1979 prefix "rt"; 1980 reference 1981 "RFC 8349: A YANG Data Model for Routing Management 1982 (NMDA version)"; 1983 } 1985 organization 1986 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 1987 contact 1988 "WG Web: 1989 WG List: 1991 Editor: Vina Ermagan 1992 1994 Editor: Alberto Rodriguez-Natal 1995 1997 Editor: Reshad Rahman 1998 "; 1999 description 2000 "This YANG module defines the generic parameters for a LISP 2001 Map-Server. The module can be extended by vendors to define 2002 vendor-specific parameters and policies. 2004 Copyright (c) 2018 IETF Trust and the persons identified as 2005 authors of the code. All rights reserved. 2007 Redistribution and use in source and binary forms, with or 2008 without modification, is permitted pursuant to, and subject 2009 to the license terms contained in, the Simplified BSD License 2010 set forth in Section 4.c of the IETF Trust's Legal Provisions 2011 Relating to IETF Documents 2012 (http://trustee.ietf.org/license-info). 2013 This version of this YANG module is part of RFC XXXX; see 2014 the RFC itself for full legal notices. 2015 "; 2017 reference "RFC XXXX"; 2019 revision 2019-03-05 { 2020 description 2021 "Initial revision."; 2022 reference 2023 "https://tools.ietf.org/html/rfc6833"; 2024 } 2026 identity ms { 2027 base lisp:lisp-role; 2028 description 2029 "LISP Map-Server."; 2030 } 2032 grouping ms-counters { 2033 description "Grouping that defines map-server counters."; 2034 container counters { 2035 config false; 2036 description "Container for the counters"; 2038 leaf map-registers-in { 2039 type yang:counter64; 2040 description "Number of incoming Map-Register messages"; 2041 } 2043 leaf map-registers-in-auth-failed { 2044 type yang:counter64; 2045 description 2046 "Number of incoming Map-Register messages failed 2047 authentication"; 2048 } 2050 leaf map-notify-records-out { 2051 type yang:counter64; 2052 description 2053 "Number of outgoing Map-Notify records"; 2054 } 2056 leaf proxy-reply-records-out { 2057 type yang:counter64; 2058 description 2059 "Number of outgoing proxy Map-Reply records"; 2060 } 2061 leaf map-requests-forwarded-out { 2062 type yang:counter64; 2063 description 2064 "Number of outgoing Map-Requests forwarded to ETR"; 2065 } 2066 } 2067 } 2069 augment "/rt:routing/rt:control-plane-protocols" 2070 + "/rt:control-plane-protocol/lisp:lisp" { 2071 when "lisp:lisp-role/lisp:lisp-role-type = 'lisp-ms:ms'" { 2072 description 2073 "Augment is valid when LISP device type is Map-Server."; 2074 } 2075 description 2076 "This augments LISP devices list with Map-Server specific 2077 parameters."; 2078 container map-server { 2079 presence "LISP Map-Server operation enabled"; 2080 description 2081 "Map-Server parameters."; 2082 container sites{ 2083 description 2084 "Sites to accept registrations from."; 2085 list site { 2086 key site-id; 2087 description 2088 "Site that can send registrations."; 2089 leaf site-id { 2090 type uint64; 2091 description "Site ID"; 2092 } 2093 uses lisp:auth-key; 2094 list xtr-ids { 2095 key xtr-id; 2096 description "xTR-ID specific configuration."; 2097 leaf xtr-id { 2098 type uint64; 2099 description "xTR ID"; 2100 } 2101 uses lisp:auth-key; 2102 } 2103 } 2104 } 2105 container vpns { 2106 description 2107 "VPNs for which the Map-Server accepts registrations."; 2108 list vpn { 2109 key "instance-id"; 2110 description 2111 "VPN instances in the Map-Server."; 2112 leaf instance-id { 2113 type lcaf:instance-id-type; 2114 description 2115 "VPN identifier."; 2116 } 2117 container mappings { 2118 description 2119 "EIDs registered by device."; 2120 list mapping { 2121 key "eid-id"; 2122 description 2123 "List of EIDs registered by device."; 2124 leaf eid-id { 2125 type lisp:eid-id; 2126 description 2127 "Id of the EID registered."; 2128 } 2129 container eid-address { 2130 uses lcaf:lisp-address; 2131 description 2132 "EID in generic LISP address format registered 2133 with the Map-Server."; 2134 } 2135 leaf-list site-id { 2136 type uint64; 2137 description "Site ID"; 2138 } 2139 leaf more-specifics-accepted { 2140 type boolean; 2141 default "false"; 2142 description 2143 "Flag indicating if more specific prefixes 2144 can be registered."; 2145 } 2146 leaf mapping-expiration-timeout { 2147 type int16; 2148 units "seconds"; 2149 default "180"; //3 times the mapregister int 2150 description 2151 "Time before mapping is expired if no new 2152 registrations are received."; 2153 } 2154 leaf first-registration-time { 2155 type yang:date-and-time; 2156 config false; 2157 description 2158 "Time at which the first registration for this EID 2159 was received"; 2160 } 2161 leaf last-registration-time { 2162 type yang:date-and-time; 2163 config false; 2164 description 2165 "Time at which the last registration for this EID 2166 was received"; 2167 } 2168 container mapping-records { 2169 description 2170 "Datastore of registered mappings."; 2171 list mapping-record { 2172 key xtr-id; 2173 description 2174 "Registered mapping."; 2175 leaf xtr-id { 2176 type lisp:xtr-id-type; 2177 description "xTR ID"; 2178 } 2179 leaf site-id { 2180 type uint64; 2181 description "Site ID"; 2182 } 2183 uses lisp:mapping; 2184 } 2185 } 2186 } 2187 } 2188 uses ms-counters; 2189 } 2190 } 2191 leaf mapping-system-type { 2192 type lisp:mapping-system-ref; 2193 description 2194 "A reference to the mapping system"; 2195 } 2197 container summary { 2198 config false; 2199 description "Summary state information"; 2201 leaf number-configured-sites { 2202 type uint32; 2203 description "Number of configured LISP sites"; 2204 } 2205 leaf number-registered-sites { 2206 type uint32; 2207 description "Number of registered LISP sites"; 2208 } 2209 container af-datum { 2210 description "Number of configured EIDs per each AF"; 2212 list af-data { 2213 key "address-type"; 2214 description "Number of configured EIDs for this AF"; 2215 leaf address-type { 2216 type lcaf:lisp-address-family-ref; 2217 description "AF type"; 2218 } 2219 leaf number-configured-eids { 2220 type uint32; 2221 description "Number of configured EIDs for this AF"; 2222 } 2223 leaf number-registered-eids { 2224 type uint32; 2225 description "Number of registered EIDs for this AF"; 2226 } 2227 } 2228 } 2229 } 2230 uses ms-counters; 2231 } 2232 } 2233 } 2234 2236 6. LISP-Map-Resolver Module 2238 This module captures the configuration data model of a LISP Map 2239 Resolver [RFC6833]. The model also captures some operational data 2240 elements. 2242 6.1. Module Structure 2244 module: ietf-lisp-mapresolver 2245 augment /rt:routing/rt:control-plane-protocols 2246 /rt:control-plane-protocol/lisp:lisp: 2247 +--rw map-resolver! 2248 +--rw mapping-system-type? lisp:mapping-system-ref 2249 +--rw ms-address? inet:ip-address 2251 6.2. Module Definition 2253 file "ietf-lisp-mapresolver@2019-02-23.yang" 2254 module ietf-lisp-mapresolver { 2255 yang-version 1.1; 2257 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp-mapresolver"; 2259 prefix lisp-mr; 2261 // RFC Ed.: replace occurences of XXXX with actual RFC number 2262 // and remove this note 2263 import ietf-lisp { 2264 prefix lisp; 2265 reference "RFC XXXX: LISP YANG model"; 2266 } 2267 import ietf-inet-types { 2268 prefix inet; 2269 reference "RFC 6991: Common YANG Data Types"; 2270 } 2271 import ietf-routing { 2272 prefix "rt"; 2273 reference 2274 "RFC 8349: A YANG Data Model for Routing Management 2275 (NMDA version)"; 2276 } 2278 organization 2279 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 2280 contact 2281 "WG Web: 2282 WG List: 2284 Editor: Vina Ermagan 2285 2287 Editor: Alberto Rodriguez-Natal 2288 2290 Editor: Reshad Rahman 2291 "; 2292 description 2293 "This YANG module defines the generic parameters for a LISP 2294 Map-Resolver. The module can be extended by vendors to define 2295 vendor-specific parameters and policies. 2297 Copyright (c) 2018 IETF Trust and the persons identified as 2298 authors of the code. All rights reserved. 2300 Redistribution and use in source and binary forms, with or 2301 without modification, is permitted pursuant to, and subject 2302 to the license terms contained in, the Simplified BSD License 2303 set forth in Section 4.c of the IETF Trust's Legal Provisions 2304 Relating to IETF Documents 2305 (http://trustee.ietf.org/license-info). 2307 This version of this YANG module is part of RFC XXXX; see 2308 the RFC itself for full legal notices. 2309 "; 2311 reference "RFC XXXX"; 2313 revision 2019-02-23 { 2314 description 2315 "Initial revision."; 2316 reference 2317 "https://tools.ietf.org/html/rfc6833"; 2318 } 2319 identity mr { 2320 base lisp:lisp-role; 2321 description 2322 "LISP Map-Resolver."; 2323 } 2325 augment "/rt:routing/rt:control-plane-protocols" 2326 + "/rt:control-plane-protocol/lisp:lisp" { 2327 when "lisp:lisp-role/lisp:lisp-role-type = 'lisp-mr:mr'" { 2328 description 2329 "Augment is valid when LISP device type is Map-Resolver."; 2330 } 2331 description 2332 "This augments LISP devices list with Map-Resolver specific 2333 parameters."; 2334 container map-resolver { 2335 presence "LISP Map-Resolver operation enabled"; 2336 description 2337 "Map-Resolver parameters."; 2338 leaf mapping-system-type { 2339 type lisp:mapping-system-ref; 2340 description 2341 "A reference to the mapping system"; 2342 } 2343 leaf ms-address { 2344 when "../mapping-system-type='lisp:single-node-mapping-system'"; 2345 type inet:ip-address; 2346 description 2347 "address to reach the Map Server when " 2348 + "lisp-mr:single-node-mapping-system is being used."; 2349 } 2350 } 2351 } 2352 } 2353 2355 7. LISP-Address-Types Module 2357 This module captures the various LISP address types, and is an 2358 essential building block used in other LISP modules. 2360 7.1. Module Definition 2362 file "ietf-lisp-address-types@2019-02-23.yang" 2363 module ietf-lisp-address-types { 2364 yang-version 1.1; 2366 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp-address-types"; 2368 prefix laddr; 2370 import ietf-inet-types { 2371 prefix inet; 2372 reference "RFC 6991: Common YANG Data Types"; 2373 } 2374 import ietf-yang-types { 2375 prefix yang; 2376 reference "RFC 6991: Common YANG Data Types"; 2377 } 2379 organization 2380 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 2381 contact 2382 "WG Web: 2383 WG List: 2385 Editor: Vina Ermagan 2386 2388 Editor: Alberto Rodriguez-Natal 2389 2391 Editor: Reshad Rahman 2392 "; 2393 description 2394 "This YANG module defines the LISP Canonical Address Formats 2395 (LCAF) for LISP. The module can be extended by vendors to 2396 define vendor-specific parameters. 2398 Copyright (c) 2018 IETF Trust and the persons identified as 2399 authors of the code. All rights reserved. 2401 Redistribution and use in source and binary forms, with or 2402 without modification, is permitted pursuant to, and subject 2403 to the license terms contained in, the Simplified BSD License 2404 set forth in Section 4.c of the IETF Trust's Legal Provisions 2405 Relating to IETF Documents 2406 (http://trustee.ietf.org/license-info). 2408 This version of this YANG module is part of RFC XXXX; see 2409 the RFC itself for full legal notices. 2411 "; 2412 // RFC Ed.: replace XXXX with actual RFC number and remove 2413 // this note 2414 reference "RFC XXXX"; 2416 revision 2019-02-23 { 2417 description 2418 "Initial revision."; 2419 reference 2420 "RC8060: LISP Canonical Address Format (LCAF)"; 2421 } 2422 identity lisp-address-family { 2423 description 2424 "Base identity from which identities describing LISP address 2425 families are derived."; 2426 } 2427 identity no-address-afi { 2428 base lisp-address-family; 2429 description 2430 "IANA Reserved."; 2431 } 2432 identity ipv4-afi { 2433 base lisp-address-family; 2434 description 2435 "IANA IPv4 address family."; 2436 } 2437 identity ipv4-prefix-afi { 2438 base lisp-address-family; 2439 description 2440 "IANA IPv4 address family prefix."; 2441 } 2442 identity ipv6-afi { 2443 base lisp-address-family; 2444 description 2445 "IANA IPv6 address family."; 2446 } 2447 identity ipv6-prefix-afi { 2448 base lisp-address-family; 2449 description 2450 "IANA IPv6 address family prefix."; 2451 } 2452 identity mac-afi { 2453 base lisp-address-family; 2454 description 2455 "IANA MAC address family."; 2456 } 2457 identity distinguished-name-afi { 2458 base lisp-address-family; 2459 description 2460 "IANA Distinguished Name address family."; 2461 } 2462 identity as-number-afi { 2463 base lisp-address-family; 2464 description 2465 "IANA AS Number address family."; 2466 } 2467 identity lcaf { 2468 base lisp-address-family; 2469 description 2470 "IANA LISP Canonical Address Format address family."; 2471 } 2472 identity null-address-lcaf { 2473 base lcaf; 2474 description 2475 "Null body LCAF type."; 2476 } 2477 identity afi-list-lcaf { 2478 base lcaf; 2479 description 2480 "AFI-List LCAF type."; 2481 } 2482 identity instance-id-lcaf { 2483 base lcaf; 2484 description 2485 "Instance-ID LCAF type."; 2486 } 2487 identity as-number-lcaf { 2488 base lcaf; 2489 description 2490 "AS Number LCAF type."; 2491 } 2492 identity application-data-lcaf { 2493 base lcaf; 2494 description 2495 "Application Data LCAF type."; 2496 } 2497 identity geo-coordinates-lcaf { 2498 base lcaf; 2499 description 2500 "Geo-coordinates LCAF type."; 2501 } 2502 identity opaque-key-lcaf { 2503 base lcaf; 2504 description 2505 "Opaque Key LCAF type."; 2506 } 2507 identity nat-traversal-lcaf { 2508 base lcaf; 2509 description 2510 "NAT-Traversal LCAF type."; 2511 } 2512 identity nonce-locator-lcaf { 2513 base lcaf; 2514 description 2515 "Nonce-Locator LCAF type."; 2516 } 2517 identity multicast-info-lcaf { 2518 base lcaf; 2519 description 2520 "Multicast Info LCAF type."; 2521 } 2522 identity explicit-locator-path-lcaf { 2523 base lcaf; 2524 description 2525 "Explicit Locator Path LCAF type."; 2526 } 2527 identity security-key-lcaf { 2528 base lcaf; 2529 description 2530 "Security Key LCAF type."; 2531 } 2532 identity source-dest-key-lcaf { 2533 base lcaf; 2534 description 2535 "Source/Dest LCAF type."; 2536 } 2537 identity replication-list-lcaf { 2538 base lcaf; 2539 description 2540 "Replication-List LCAF type."; 2541 } 2542 identity json-data-model-lcaf { 2543 base lcaf; 2544 description 2545 "JSON Data Model LCAF type."; 2546 } 2547 identity key-value-address-lcaf { 2548 base lcaf; 2549 description 2550 "Key/Value Address LCAF type."; 2551 } 2552 identity encapsulation-format-lcaf { 2553 base lcaf; 2554 description 2555 "Encapsulation Format LCAF type."; 2556 } 2557 identity service-path-lcaf { 2558 base lcaf; 2559 description 2560 "Service Path LCAF type."; 2561 } 2562 typedef instance-id-type { 2563 type uint32 { 2564 range "0..16777215"; 2565 } 2566 description 2567 "Defines the range of values for an Instance ID."; 2568 } 2569 typedef service-path-id-type { 2570 type uint32 { 2571 range "0..16777215"; 2572 } 2573 description 2574 "Defines the range of values for a Service Path ID."; 2575 } 2576 typedef distinguished-name-type { 2577 type string; 2578 description 2579 "Distinguished Name address."; 2580 reference 2581 "http://www.iana.org/assignments/address-family-numbers/ 2582 address-family-numbers.xhtml"; 2583 } 2584 typedef simple-address { 2585 type union { 2586 type inet:ip-address; 2587 type inet:ip-prefix; 2588 type yang:mac-address; 2589 type distinguished-name-type; 2590 type inet:as-number; 2591 } 2592 description 2593 "Union of address types that can be part of LCAFs."; 2594 } 2596 typedef lisp-address-family-ref { 2597 type identityref { 2598 base lisp-address-family; 2599 } 2600 description 2601 "LISP address family reference."; 2602 } 2603 typedef lcaf-ref { 2604 type identityref { 2605 base lcaf; 2606 } 2607 description 2608 "LCAF types reference."; 2609 } 2611 grouping lisp-address { 2612 description 2613 "Generic LISP address."; 2614 leaf address-type { 2615 type lisp-address-family-ref; 2616 mandatory true; 2617 description 2618 "Type of the LISP address."; 2619 } 2620 choice address { 2621 description 2622 "Various LISP address types, including IP, MAC, and LCAF."; 2624 leaf no-address { 2625 when "../address-type = 'laddr:no-address-afi'" { 2626 description 2627 "When AFI is 0."; 2628 } 2629 type empty; 2630 description 2631 "No address."; 2632 } 2633 leaf ipv4 { 2634 when "../address-type = 'laddr:ipv4-afi'" { 2635 description 2636 "When AFI is IPv4."; 2637 } 2638 type inet:ipv4-address; 2639 description 2640 "IPv4 address."; 2641 } 2642 leaf ipv4-prefix { 2643 when "../address-type = 'laddr:ipv4-prefix-afi'" { 2644 description 2645 "When AFI is IPv4."; 2646 } 2647 type inet:ipv4-prefix; 2648 description 2649 "IPv4 prefix."; 2650 } 2651 leaf ipv6 { 2652 when "../address-type = 'laddr:ipv6-afi'" { 2653 description 2654 "When AFI is IPv6."; 2655 } 2656 type inet:ipv6-address; 2657 description 2658 "IPv6 address."; 2659 } 2660 leaf ipv6-prefix { 2661 when "../address-type = 'laddr:ipv6-prefix-afi'" { 2662 description 2663 "When AFI is IPv6."; 2664 } 2665 type inet:ipv6-prefix; 2666 description 2667 "IPv6 address."; 2668 } 2669 leaf mac { 2670 when "../address-type = 'laddr:mac-afi'" { 2671 description 2672 "When AFI is MAC."; 2673 } 2674 type yang:mac-address; 2675 description 2676 "MAC address."; 2677 } 2678 leaf distinguished-name { 2679 when "../address-type = 'laddr:distinguished-name-afi'" { 2680 description 2681 "When AFI is distinguished-name."; 2682 } 2683 type distinguished-name-type; 2684 description 2685 "Distinguished Name address."; 2686 } 2687 leaf as-number { 2688 when "../address-type = 'laddr:as-number-afi'" { 2689 description 2690 "When AFI is as-number."; 2691 } 2692 type inet:as-number; 2693 description 2694 "AS Number."; 2695 } 2696 container null-address { 2697 when "../address-type = 'laddr:null-address-lcaf'" { 2698 description 2699 "When LCAF type is null."; 2700 } 2701 description 2702 "Null body LCAF type"; 2703 leaf address { 2704 type empty; 2705 description 2706 "AFI address."; 2707 } 2708 } 2709 container afi-list { 2710 when "../address-type = 'laddr:afi-list-lcaf'" { 2711 description 2712 "When LCAF type is AFI-List."; 2713 } 2714 description 2715 "AFI-List LCAF type."; 2716 reference 2717 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2718 #section-4.16.1"; 2719 leaf-list address-list { 2720 type simple-address; 2721 description 2722 "List of AFI addresses."; 2723 } 2724 } 2725 container instance-id { 2726 when "../address-type = 'laddr:instance-id-lcaf'" { 2727 description 2728 "When LCAF type is Instance ID as per RFC8060."; 2729 } 2730 description 2731 "Instance ID LCAF type."; 2733 reference 2734 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2735 #section-4.2"; 2736 leaf instance-id { 2737 type instance-id-type; 2738 description 2739 "Instance ID value."; 2740 } 2741 leaf mask-length { 2742 type uint8; 2743 description 2744 "Mask length."; 2745 } 2746 leaf address { 2747 type simple-address; 2748 description 2749 "AFI address."; 2750 } 2751 } 2752 container as-number-lcaf { 2753 when "../address-type = 'laddr:as-number-lcaf'" { 2754 description 2755 "When LCAF type is AS-Number."; 2756 } 2757 description 2758 "AS Number LCAF type."; 2759 reference 2760 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2761 #section-4.3"; 2762 leaf as { 2763 type inet:as-number; 2764 description 2765 "AS number."; 2766 } 2767 leaf address { 2768 type simple-address; 2769 description 2770 "AFI address."; 2771 } 2772 } 2773 container application-data { 2774 when "../address-type = 'laddr:application-data-lcaf'" { 2775 description 2776 "When LCAF type is Application Data."; 2777 } 2778 description 2779 "Application Data LCAF type."; 2780 reference 2781 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2782 #section-4.4"; 2783 leaf address { 2784 type simple-address; 2785 description 2786 "AFI address."; 2787 } 2788 leaf protocol { 2789 type uint8; 2790 description 2791 "Protocol number."; 2792 } 2793 leaf ip-tos { 2794 type int32; 2795 description 2796 "Type of service field."; 2797 } 2798 leaf local-port-low { 2799 type inet:port-number; 2800 description 2801 "Low end of local port range."; 2802 } 2803 leaf local-port-high { 2804 type inet:port-number; 2805 description 2806 "High end of local port range."; 2807 } 2808 leaf remote-port-low { 2809 type inet:port-number; 2810 description 2811 "Low end of remote port range."; 2812 } 2813 leaf remote-port-high { 2814 type inet:port-number; 2815 description 2816 "High end of remote port range."; 2817 } 2818 } 2819 container geo-coordinates { 2820 when "../address-type = 'laddr:geo-coordinates-lcaf'" { 2821 description 2822 "When LCAF type is Geo-coordinates."; 2823 } 2824 description 2825 "Geo-coordinates LCAF type."; 2826 reference 2827 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2828 #section-4.5"; 2830 leaf latitude { 2831 type bits { 2832 bit N { 2833 description 2834 "Latitude bit."; 2835 } 2836 } 2837 description 2838 "Bit that selects between North and South latitude."; 2839 } 2840 leaf latitude-degrees { 2841 type uint8 { 2842 range "0 .. 90"; 2843 } 2844 description 2845 "Degrees of latitude."; 2846 } 2847 leaf latitude-minutes { 2848 type uint8 { 2849 range "0..59"; 2850 } 2851 description 2852 "Minutes of latitude."; 2853 } 2854 leaf latitude-seconds { 2855 type uint8 { 2856 range "0..59"; 2857 } 2858 description 2859 "Seconds of latitude."; 2860 } 2861 leaf longitude { 2862 type bits { 2863 bit E { 2864 description 2865 "Longitude bit."; 2866 } 2867 } 2868 description 2869 "Bit that selects between East and West longitude."; 2870 } 2871 leaf longitude-degrees { 2872 type uint16 { 2873 range "0 .. 180"; 2874 } 2875 description 2876 "Degrees of longitude."; 2877 } 2878 leaf longitude-minutes { 2879 type uint8 { 2880 range "0..59"; 2881 } 2882 description 2883 "Minutes of longitude."; 2884 } 2885 leaf longitude-seconds { 2886 type uint8 { 2887 range "0..59"; 2888 } 2889 description 2890 "Seconds of longitude."; 2891 } 2892 leaf altitude { 2893 type int32; 2894 description 2895 "Height relative to sea level in meters."; 2896 } 2897 leaf address { 2898 type simple-address; 2899 description 2900 "AFI address."; 2901 } 2902 } 2903 container nat-traversal { 2904 when "../address-type = 'laddr:nat-traversal-lcaf'" { 2905 description 2906 "When LCAF type is NAT-Traversal."; 2907 } 2908 description 2909 "NAT-Traversal LCAF type."; 2910 reference 2911 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2912 #section-4.6"; 2913 leaf ms-udp-port { 2914 type uint16; 2915 description 2916 "Map-Server UDP port (set to 4342)."; 2917 } 2918 leaf etr-udp-port { 2919 type uint16; 2920 description 2921 "ETR UDP port."; 2922 } 2923 leaf global-etr-rloc { 2924 type simple-address; 2925 description 2926 "Global ETR RLOC address."; 2927 } 2928 leaf ms-rloc { 2929 type simple-address; 2930 description 2931 "Map-Server RLOC address."; 2932 } 2933 leaf private-etr-rloc { 2934 type simple-address; 2935 description 2936 "Private ETR RLOC address."; 2937 } 2938 leaf-list rtr-rlocs { 2939 type simple-address; 2940 description 2941 "List of RTR RLOC addresses."; 2942 } 2943 } 2944 container explicit-locator-path { 2945 when "../address-type = 'laddr:explicit-locator-path-lcaf'" { 2946 description 2947 "When LCAF type type is Explicit Locator Path."; 2948 } 2949 description 2950 "Explicit Locator Path LCAF type."; 2951 reference 2952 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2953 #section-4.9"; 2954 list hop { 2955 key "hop-id"; 2956 ordered-by user; 2957 description 2958 "List of locator hops forming the explicit path."; 2959 leaf hop-id { 2960 type string { 2961 length "1..64"; 2962 } 2963 description 2964 "Unique identifier for the hop."; 2965 } 2966 leaf address { 2967 type simple-address; 2968 description 2969 "AFI address."; 2970 } 2971 leaf lrs-bits { 2972 type bits{ 2973 bit lookup { 2974 description 2975 "Lookup bit."; 2976 } 2977 bit rloc-probe { 2978 description 2979 "RLOC-probe bit."; 2980 } 2981 bit strict { 2982 description 2983 "Strict bit."; 2984 } 2985 } 2986 description 2987 "Flag bits per hop."; 2988 } 2989 } 2990 } 2991 container source-dest-key { 2992 when "../address-type = 'laddr:source-dest-key-lcaf'" { 2993 description 2994 "When LCAF type type is Source/Dest."; 2995 } 2996 description 2997 "Source/Dest LCAF type."; 2998 reference 2999 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 3000 #section-4.11"; 3001 leaf source { 3002 type simple-address; 3003 description 3004 "Source address."; 3005 } 3006 leaf dest { 3007 type simple-address; 3008 description 3009 "Destination address."; 3010 } 3011 } 3012 container key-value-address { 3013 when "../address-type = 'laddr:key-value-address-lcaf'" { 3014 description 3015 "When LCAF type type is Key/Value Address."; 3016 } 3017 description 3018 "Key/Value Address LCAF type."; 3019 reference 3020 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 3021 #section-4.11"; 3023 leaf key { 3024 type simple-address; 3025 description 3026 "Address as Key."; 3027 } 3028 leaf value { 3029 type simple-address; 3030 description 3031 "Address as Value."; 3032 } 3033 } 3034 container service-path { 3035 when "../address-type = 'laddr:service-path-lcaf'" { 3036 description 3037 "When LCAF type service path identifier."; 3038 } 3039 description 3040 "Service Path LCAF type."; 3041 reference 3042 "http://tools.ietf.org/html/draft-ermagan-lisp-nsh-00"; 3043 leaf service-path-id { 3044 type service-path-id-type; 3045 description 3046 "Service path identifier for the path for NSH header"; 3047 } 3048 leaf service-index { 3049 type uint8; 3050 description 3051 "Service path index for NSH header"; 3052 } 3053 } 3054 } 3055 } 3056 } 3057 3059 7.2. Data Model examples 3061 This section presents some simple and illustrative examples on how to 3062 configure LISP. 3064 7.2.1. LISP protocol instance 3066 The following is an example configuration for a LISP protocol 3067 instance with the name "LISP1". There are also 2 VNIs configured. 3069 3070 3071 3073 3074 VRF-BLUE 3075 3076 true 3077 3078 3079 VRF-RED 3080 3081 true 3082 3083 3084 3085 3086 3087 3088 lisp:lisp 3089 3090 LISP1 3091 3092 3093 etr 3094 3095 3096 itr 3097 3098 3099 3100 1000 3101 VRF-BLUE 3102 3103 3104 2000 3105 VRF-RED 3106 3107 3108 3109 3110 3111 3112 3114 7.2.2. LISP ITR 3116 The following is an example configuration for ITR functionality under 3117 "LISP1". There are 2 Map-Resolvers configured. 3119 3120 3121 3122 3123 3124 3125 lisp:lisp 3126 3127 LISP1 3128 3129 3130 itr 3131 3132 3133 3134 2001:db8:203:0:113::1 3135 2001:db8:204:0:113::1 3136 3137 3138 3139 3140 3141 3142 3144 7.2.3. LISP ETR 3146 The following is an example configuration for ETR functionality under 3147 "LISP1". There are 2 Map-Servers and 2 local EIDs configured. 3149 3150 3151 3153 3154 VRF-BLUE 3155 3156 true 3157 3158 3159 VRF-RED 3160 3161 true 3162 3163 3164 3165 3166 3167 3168 lisp:lisp 3169 3170 LISP1 3171 3172 3173 etr 3174 3175 3176 1 3177 3178 3179 3180 1000 3181 VRF-BLUE 3182 3183 3184 2000 3185 VRF-RED 3186 3187 3188 3189 3190 3191 2001:db8:203:0:113::1 3192 3193 3194 key1 3195 3196 hmac-sha-256-128 3197 3198 *Kye^$$1#gb91U04zpa 3199 3200 3201 3202 3203 2001:db8:204:0:113::1 3204 3205 3206 key1 3207 3208 hmac-sha-256-128 3209 3210 *Kye^$$1#gb91U04zpa 3211 3212 3213 3214 3215 3216 3217 1000 3218 3219 3220 2001:db8:400:0:100::0 3221 3222 3224 laddr:ipv6-prefix-afi 3225 3226 2001:db8:400:0:100::/80 3227 3228 3229 3230 3231 3232 2000 3233 3234 3235 2001:db8:800:0:200::0 3236 3237 3239 laddr:ipv6-prefix-afi 3240 3241 2001:db8:800:0:200::/80 3242 3243 3244 3245 3246 3247 3248 3249 3250 3251 3252 3253 7.2.4. LISP Map-Server 3255 The following is an example configuration for Map-Server 3256 functionality under "LISP1". There are 2 mappings configured. 3258 3259 3260 3261 3262 3263 lisp:lisp 3264 3265 LISP1 3266 3267 3268 3270 lisp-ms:ms 3271 3272 3273 3275 3276 3277 1 3278 3279 3280 key1 3281 3282 hmac-sha-256-128 3283 3284 *Kye^$$1#gb91U04zpa 3285 3286 3287 3288 3289 3290 3291 1000 3292 3293 3294 1 3295 3296 3298 laddr:ipv6-prefix-afi 3299 3301 2001:db8:400:0:100::/80 3302 3303 3304 3305 3306 3307 2000 3308 3309 3310 1 3311 3312 3314 laddr:ipv6-prefix-afi 3315 3316 2001:db8:800:0:200::/80 3317 3318 3319 3320 3321 3322 3323 3324 3325 3326 3327 3329 8. Acknowledgments 3331 The tree view and the YANG model shown in this document have been 3332 formated with the 'pyang' tool. 3334 9. IANA Considerations 3336 The IANA is requested to as assign a new namespace URI from the IETF 3337 XML registry. 3339 This document registers the following namesace URIs in the IETF XML 3340 registry [RFC3688]: 3342 -------------------------------------------------------------------- 3344 URI: urn:ietf:params:xml:ns:yang:ietf-lisp 3346 Registrant Contact: The IESG. 3348 XML: N/A, the requested URI is an XML namespace. 3350 -------------------------------------------------------------------- 3352 -------------------------------------------------------------------- 3354 URI: urn:ietf:params:xml:ns:yang:ietf-lisp-itr 3356 Registrant Contact: The IESG. 3358 XML: N/A, the requested URI is an XML namespace. 3360 -------------------------------------------------------------------- 3362 -------------------------------------------------------------------- 3364 URI: urn:ietf:params:xml:ns:yang:ietf-lisp-etr 3366 Registrant Contact: The IESG. 3368 XML: N/A, the requested URI is an XML namespace. 3370 -------------------------------------------------------------------- 3372 -------------------------------------------------------------------- 3374 URI: urn:ietf:params:xml:ns:yang:ietf-lisp-mapserver 3376 Registrant Contact: The IESG. 3378 XML: N/A, the requested URI is an XML namespace. 3380 -------------------------------------------------------------------- 3382 -------------------------------------------------------------------- 3384 URI: urn:ietf:params:xml:ns:yang:ietf-lisp-mapresolver 3386 Registrant Contact: The IESG. 3388 XML: N/A, the requested URI is an XML namespace. 3390 -------------------------------------------------------------------- 3392 -------------------------------------------------------------------- 3394 URI: urn:ietf:params:xml:ns:yang:ietf-lisp-address-types 3395 Registrant Contact: The IESG. 3397 XML: N/A, the requested URI is an XML namespace. 3399 -------------------------------------------------------------------- 3401 10. Security Considerations 3403 The YANG modules specified in this document define a schema for data 3404 that is designed to be accessed via network management protocols such 3405 as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer 3406 is the secure transport layer, and the mandatory-to-implement secure 3407 transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer 3408 is HTTPS, and the mandatory-to-implement secure transport is TLS 3409 [RFC8446]. 3411 The NETCONF access control model [RFC8341] provides the means to 3412 restrict access for particular NETCONF or RESTCONF users to a pre- 3413 configured subset of all available NETCONF or RESTCONF protocol 3414 operations and content. 3416 The security considerations of LISP control-plane [RFC6833] and LISP 3417 data-plane [RFC6830] as well as the LISP threat analysis [RFC7835] 3418 apply to this YANG model. 3420 There are a number of data nodes defined in this YANG module that are 3421 writable/creatable/deletable (i.e., config true, which is the 3422 default). These data nodes may be considered sensitive or vulnerable 3423 in some network environments. Write operations (e.g., edit-config) 3424 to these data nodes without proper protection can have a negative 3425 effect on network operations. These are the subtrees and data nodes 3426 and their sensitivity/vulnerability: 3428 /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol/ 3429 lisp:lisp/ 3431 Access to the locator-sets node may modify which interfaces are used 3432 for data and/or control traffic as well as affect the load balancing 3433 of data-plane traffic. Access to the lisp-role node may prevent the 3434 device from perform its intended data-plane and/or control-plane 3435 operation. Access to the router-id node allows to modify the unique 3436 identifier of the device, which may result in disruption of its LISP 3437 control-plane operation. Access to the vpn node may allow to 3438 redirect data-plane traffic to erroneous local or remote network 3439 instances. 3441 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3442 protocol/lisp:lisp/lisp:map-server 3443 Access to the sites node can prevent authorized devices from 3444 registering mappings in the Map-Server and/or allow unauthorized 3445 devices to so. Access to the vpn node can result in corrupted 3446 mapping sate that may propagate across the LISP network, potentially 3447 resulting in forwarding of data-plane traffic to arbitrary 3448 destinations and general disruption of the data-plane operation. 3449 Access to mapping-system-type and/or ddt-mapping-system nodes may 3450 prevent the device to connect to the Mapping System infrastructure 3451 and consequentially to attract Map-Request messages. 3453 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3454 protocol/lisp:lisp/lisp:map-resolver 3456 Access to mapping-system-type, ms-address and/or ddt-mapping-system 3457 nodes may prevent the device to connect to the Mapping System 3458 infrastructure and forward Map-Request messages. 3460 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3461 protocol/lisp:lisp/lisp:itr 3463 Access to the rloc-probing node can increase the control-plane 3464 overhead in the device or affect the capability of the device to 3465 detect failures on the underlay. Access to the itr-rlocs node may 3466 prevent the device from getting Map-Reply messages. Access to the 3467 map-resolvers node can prevent the device from sending its Map- 3468 Request messages to valid Map-Resolvers. Access to the proxy-etrs 3469 nodes can affect the capability of the device to send data-plane 3470 traffic towards non-LISP destinations. Access to the map-cache node 3471 can result in forwarding of data-plane traffic to arbitrary 3472 destinations and general disruption of data-plane operation. 3474 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3475 protocol/lisp:lisp/lisp:etr 3477 Access to the map-servers node can prevent the device from 3478 registering its local mappings into the Mapping System. Access to 3479 the local-eids node can disrupt data-plane operation on the device 3480 and/or result in the device registering corrupted mappings into the 3481 Mapping System. 3483 Some of the readable data nodes in this YANG module may be considered 3484 sensitive or vulnerable in some network environments. It is thus 3485 important to control read access (e.g., via get, get-config, or 3486 notification) to these data nodes. These are the subtrees and data 3487 nodes and their sensitivity/vulnerability: 3489 /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol/ 3490 lisp:lisp 3491 Access to the locator-sets node can expose the locators the device is 3492 using for its control and/or data operation. Access to the lisp-role 3493 node can disclose the LISP roles instantiated at the device which 3494 facilitates mounting attacks against the device. Access to the 3495 router-id node can expose the unique identifier of device which may 3496 allow a third party to track its control-plane operation and/or 3497 impersonate the device. Access to the vpn node can leak the local 3498 mapping between LISP Instance IDs and local network instances. 3500 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3501 protocol/lisp:lisp/lisp:map-server 3503 Access to the sites node can expose the credentials used to register 3504 mappings and allow unauthorized devices to do so. Access to the vpn 3505 node can expose the mappings currently registered in the device, 3506 which has privacy implications. Access to the mapping-system-type 3507 node may reveal the Mapping System in use which can be used to mount 3508 attacks against the device and/or the Mapping System. Access to the 3509 summary and counters nodes may expose operational statistics of the 3510 device. 3512 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3513 protocol/lisp:lisp/lisp:map-resolver 3515 Access to the mapping-system-type node may reveal the Mapping System 3516 in use which can be used to mount attacks against the device and/or 3517 the Mapping System. Access to the ms-address and/or ddt-mapping- 3518 system nodes can leak the information about the Mapping System 3519 infrastructure used by the device, which can be used to block 3520 communication and/or mount attacks against it. 3522 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3523 protocol/lisp:lisp/lisp:itr 3525 Access to the rloc-probing node can expose if and how the device is 3526 using control-plane signaling to probe underlay locators. Access to 3527 the itr-rlocs node may disclose the addresses the device is using to 3528 receive Map-Reply messages. Access to the map-resolvers node can 3529 expose the Map-Resolvers used by the device, which can be used to 3530 mount attacks against the device and/or the Mapping System. Access 3531 to the proxy-etrs node can disclose the PETRs used by the device, 3532 which can be used to mount attacks against the device and/or PETRs. 3533 Access to the map-cache node can expose the mappings currently cached 3534 in the device, which has privacy implications. 3536 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3537 protocol/lisp:lisp/lisp:etr 3538 Access to the map-servers node can expose the credentials used by the 3539 device to register mappings into the Mapping System allowing an 3540 unauthorized device to impersonate and register mappings on behalf 3541 the authorized device. Access to the local-eids node can expose the 3542 local EIDs currently being served by the device, which has privacy 3543 implications. 3545 11. Normative References 3547 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 3548 Requirement Levels", BCP 14, RFC 2119, 3549 DOI 10.17487/RFC2119, March 1997, 3550 . 3552 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 3553 DOI 10.17487/RFC3688, January 2004, 3554 . 3556 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 3557 and A. Bierman, Ed., "Network Configuration Protocol 3558 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 3559 . 3561 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 3562 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 3563 . 3565 [RFC6830] Farinacci, D., Fuller, V., Meyer, D., and D. Lewis, "The 3566 Locator/ID Separation Protocol (LISP)", RFC 6830, 3567 DOI 10.17487/RFC6830, January 2013, 3568 . 3570 [RFC6832] Lewis, D., Meyer, D., Farinacci, D., and V. Fuller, 3571 "Interworking between Locator/ID Separation Protocol 3572 (LISP) and Non-LISP Sites", RFC 6832, 3573 DOI 10.17487/RFC6832, January 2013, 3574 . 3576 [RFC6833] Fuller, V. and D. Farinacci, "Locator/ID Separation 3577 Protocol (LISP) Map-Server Interface", RFC 6833, 3578 DOI 10.17487/RFC6833, January 2013, 3579 . 3581 [RFC6836] Fuller, V., Farinacci, D., Meyer, D., and D. Lewis, 3582 "Locator/ID Separation Protocol Alternative Logical 3583 Topology (LISP+ALT)", RFC 6836, DOI 10.17487/RFC6836, 3584 January 2013, . 3586 [RFC7835] Saucez, D., Iannone, L., and O. Bonaventure, "Locator/ID 3587 Separation Protocol (LISP) Threat Analysis", RFC 7835, 3588 DOI 10.17487/RFC7835, April 2016, 3589 . 3591 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 3592 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 3593 . 3595 [RFC8060] Farinacci, D., Meyer, D., and J. Snijders, "LISP Canonical 3596 Address Format (LCAF)", RFC 8060, DOI 10.17487/RFC8060, 3597 February 2017, . 3599 [RFC8111] Fuller, V., Lewis, D., Ermagan, V., Jain, A., and A. 3600 Smirnov, "Locator/ID Separation Protocol Delegated 3601 Database Tree (LISP-DDT)", RFC 8111, DOI 10.17487/RFC8111, 3602 May 2017, . 3604 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 3605 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 3606 May 2017, . 3608 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 3609 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 3610 . 3612 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration 3613 Access Control Model", STD 91, RFC 8341, 3614 DOI 10.17487/RFC8341, March 2018, 3615 . 3617 [RFC8349] Lhotka, L., Lindem, A., and Y. Qu, "A YANG Data Model for 3618 Routing Management (NMDA Version)", RFC 8349, 3619 DOI 10.17487/RFC8349, March 2018, 3620 . 3622 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 3623 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 3624 . 3626 Authors' Addresses 3628 Vina Ermagan 3629 Google 3630 USA 3632 Email: ermagan@gmail.com 3633 Alberto Rodriguez-Natal 3634 Cisco Systems 3635 San Jose, CA 3636 USA 3638 Email: natal@cisco.com 3640 Florin Coras 3641 Cisco Systems 3642 San Jose, CA 3643 USA 3645 Email: fcoras@cisco.com 3647 Carl Moberg 3648 Cisco Systems 3649 San Jose, CA 3650 USA 3652 Email: camoberg@cisco.com 3654 Reshad Rahman 3655 Cisco Systems 3656 Canada 3658 Email: rrahman@cisco.com 3660 Albert Cabellos-Aparicio 3661 Technical University of Catalonia 3662 Barcelona 3663 Spain 3665 Email: acabello@ac.upc.edu 3667 Fabio Maino 3668 Cisco Systems 3669 San Jose, CA 3670 USA 3672 Email: fmaino@cisco.com