idnits 2.17.1 draft-ietf-lisp-yang-14.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 4 instances of too long lines in the document, the longest one being 1 character in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 126 has weird spacing: '...et-name str...' == Line 245 has weird spacing: '...le-type lis...' == Line 251 has weird spacing: '...ance-id lca...' == Line 830 has weird spacing: '...ance-id lea...' == Line 1261 has weird spacing: '...ance-id lea...' == (1 more instance...) == The document doesn't use any RFC 2119 keywords, yet has text resembling RFC 2119 boilerplate text. -- The document date (September 8, 2020) is 1325 days in the past. Is this intentional? Checking references for intended status: Experimental ---------------------------------------------------------------------------- == Unused Reference: 'RFC6832' is defined on line 3625, but no explicit reference was found in the text == Unused Reference: 'RFC6836' is defined on line 3636, but no explicit reference was found in the text == Unused Reference: 'RFC8060' is defined on line 3650, but no explicit reference was found in the text == Unused Reference: 'RFC8111' is defined on line 3654, but no explicit reference was found in the text == Unused Reference: 'RFC8349' is defined on line 3672, but no explicit reference was found in the text ** Obsolete normative reference: RFC 6830 (Obsoleted by RFC 9300, RFC 9301) ** Obsolete normative reference: RFC 6833 (Obsoleted by RFC 9301) Summary: 3 errors (**), 0 flaws (~~), 13 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 LISP Working Group V. Ermagan 3 Internet-Draft Google 4 Intended status: Experimental A. Rodriguez-Natal 5 Expires: March 12, 2021 F. Coras 6 C. Moberg 7 R. Rahman 8 Cisco Systems 9 A. Cabellos-Aparicio 10 Technical University of Catalonia 11 F. Maino 12 Cisco Systems 13 September 8, 2020 15 LISP YANG Model 16 draft-ietf-lisp-yang-14 18 Abstract 20 This document describes a YANG data model to use with the Locator/ID 21 Separation Protocol (LISP). 23 The YANG modules in this document conform to the Network Management 24 Datastore Architecture (NMDA). 26 Status of This Memo 28 This Internet-Draft is submitted in full conformance with the 29 provisions of BCP 78 and BCP 79. 31 Internet-Drafts are working documents of the Internet Engineering 32 Task Force (IETF). Note that other groups may also distribute 33 working documents as Internet-Drafts. The list of current Internet- 34 Drafts is at https://datatracker.ietf.org/drafts/current/. 36 Internet-Drafts are draft documents valid for a maximum of six months 37 and may be updated, replaced, or obsoleted by other documents at any 38 time. It is inappropriate to use Internet-Drafts as reference 39 material or to cite them other than as "work in progress." 41 This Internet-Draft will expire on March 12, 2021. 43 Copyright Notice 45 Copyright (c) 2020 IETF Trust and the persons identified as the 46 document authors. All rights reserved. 48 This document is subject to BCP 78 and the IETF Trust's Legal 49 Provisions Relating to IETF Documents 50 (https://trustee.ietf.org/license-info) in effect on the date of 51 publication of this document. Please review these documents 52 carefully, as they describe your rights and restrictions with respect 53 to this document. Code Components extracted from this document must 54 include Simplified BSD License text as described in Section 4.e of 55 the Trust Legal Provisions and are provided without warranty as 56 described in the Simplified BSD License. 58 Table of Contents 60 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 61 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 62 1.2. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 3 63 2. LISP Module . . . . . . . . . . . . . . . . . . . . . . . . . 3 64 2.1. Module Structure . . . . . . . . . . . . . . . . . . . . 3 65 2.2. Module Definition . . . . . . . . . . . . . . . . . . . . 6 66 3. LISP-ITR Module . . . . . . . . . . . . . . . . . . . . . . . 17 67 3.1. Module Structure . . . . . . . . . . . . . . . . . . . . 17 68 3.2. Module Definition . . . . . . . . . . . . . . . . . . . . 23 69 4. LISP-ETR Module . . . . . . . . . . . . . . . . . . . . . . . 26 70 4.1. Module Structure . . . . . . . . . . . . . . . . . . . . 26 71 4.2. Module Definition . . . . . . . . . . . . . . . . . . . . 29 72 5. LISP-Map-Server Module . . . . . . . . . . . . . . . . . . . 33 73 5.1. Module Structure . . . . . . . . . . . . . . . . . . . . 33 74 5.2. Module Definition . . . . . . . . . . . . . . . . . . . . 42 75 6. LISP-Map-Resolver Module . . . . . . . . . . . . . . . . . . 48 76 6.1. Module Structure . . . . . . . . . . . . . . . . . . . . 48 77 6.2. Module Definition . . . . . . . . . . . . . . . . . . . . 48 78 7. LISP-Address-Types Module . . . . . . . . . . . . . . . . . . 51 79 7.1. Module Definition . . . . . . . . . . . . . . . . . . . . 51 80 7.2. Data Model examples . . . . . . . . . . . . . . . . . . . 65 81 7.2.1. LISP protocol instance . . . . . . . . . . . . . . . 65 82 7.2.2. LISP ITR . . . . . . . . . . . . . . . . . . . . . . 67 83 7.2.3. LISP ETR . . . . . . . . . . . . . . . . . . . . . . 67 84 7.2.4. LISP Map-Server . . . . . . . . . . . . . . . . . . . 70 85 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 71 86 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 71 87 10. Security Considerations . . . . . . . . . . . . . . . . . . . 73 88 11. Normative References . . . . . . . . . . . . . . . . . . . . 76 89 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 78 91 1. Introduction 93 The Locator/ID Separation Protocol (LISP) defines several network 94 elements subject to be configured. This document presents the YANG 95 data models required for basic configuration of all major LISP 97 [RFC6830] elements. The models also capture some essential 98 operational data elements as well. 100 1.1. Requirements Language 102 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 103 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 104 document are to be interpreted as described in BCP 14 [RFC2119] 105 [RFC8174] when, and only when, they appear in all capitals, as shown 106 here. 108 1.2. Tree Diagrams 110 This document uses the graphical representation of data models 111 defined in [RFC8340]. 113 2. LISP Module 115 This is the base LISP module. It is further augmented by the LISP 116 device role specific modules defined elsewhere in this document. 118 2.1. Module Structure 120 module: ietf-lisp 121 augment /rt:routing/rt:control-plane-protocols 122 /rt:control-plane-protocol: 123 +--rw lisp 124 +--rw locator-sets 125 | +--rw locator-set* [locator-set-name] 126 | +--rw locator-set-name string 127 | +--rw (locator-type)? 128 | +--:(local-interface) 129 | | +--rw interface* [interface-ref] 130 | | +--rw interface-ref if:interface-ref 131 | | +--rw priority? uint8 132 | | +--rw weight? uint8 133 | | +--rw multicast-priority? uint8 134 | | +--rw multicast-weight? uint8 135 | +--:(general-locator) 136 | +--rw locator* [locator-id] 137 | +--rw locator-id string 138 | +--rw locator-address 139 | | +--rw address-type 140 | | | lisp-address-family-ref 141 | | +--rw (address)? 142 | | +--:(no-address) 143 | | | +--rw no-address? empty 144 | | +--:(ipv4) 145 | | | +--rw ipv4? 146 | | | inet:ipv4-address 147 | | +--:(ipv4-prefix) 148 | | | +--rw ipv4-prefix? 149 | | | inet:ipv4-prefix 150 | | +--:(ipv6) 151 | | | +--rw ipv6? 152 | | | inet:ipv6-address 153 | | +--:(ipv6-prefix) 154 | | | +--rw ipv6-prefix? 155 | | | inet:ipv6-prefix 156 | | +--:(mac) 157 | | | +--rw mac? 158 | | | yang:mac-address 159 | | +--:(distinguished-name) 160 | | | +--rw distinguished-name? 161 | | | distinguished-name-type 162 | | +--:(as-number) 163 | | | +--rw as-number? 164 | | | inet:as-number 165 | | +--:(null-address) 166 | | | +--rw null-address 167 | | | +--rw address? empty 168 | | +--:(afi-list) 169 | | | +--rw afi-list 170 | | | +--rw address-list* 171 | | | simple-address 172 | | +--:(instance-id) 173 | | | +--rw instance-id 174 | | | +--rw instance-id? 175 | | | | instance-id-type 176 | | | +--rw mask-length? uint8 177 | | | +--rw address? simple-address 178 | | +--:(as-number-lcaf) 179 | | | +--rw as-number-lcaf 180 | | | +--rw as? inet:as-number 181 | | | +--rw address? simple-address 182 | | +--:(application-data) 183 | | | +--rw application-data 184 | | | +--rw address? 185 | | | | simple-address 186 | | | +--rw protocol? uint8 187 | | | +--rw ip-tos? int32 188 | | | +--rw local-port-low? 189 | | | | inet:port-number 190 | | | +--rw local-port-high? 191 | | | | inet:port-number 192 | | | +--rw remote-port-low? 193 | | | | inet:port-number 194 | | | +--rw remote-port-high? 195 | | | inet:port-number 196 | | +--:(geo-coordinates) 197 | | | +--rw geo-coordinates 198 | | | +--rw latitude? bits 199 | | | +--rw latitude-degrees? uint8 200 | | | +--rw latitude-minutes? uint8 201 | | | +--rw latitude-seconds? uint8 202 | | | +--rw longitude? bits 203 | | | +--rw longitude-degrees? uint16 204 | | | +--rw longitude-minutes? uint8 205 | | | +--rw longitude-seconds? uint8 206 | | | +--rw altitude? int32 207 | | | +--rw address? 208 | | | simple-address 209 | | +--:(nat-traversal) 210 | | | +--rw nat-traversal 211 | | | +--rw ms-udp-port? uint16 212 | | | +--rw etr-udp-port? uint16 213 | | | +--rw global-etr-rloc? 214 | | | | simple-address 215 | | | +--rw ms-rloc? 216 | | | | simple-address 217 | | | +--rw private-etr-rloc? 218 | | | | simple-address 219 | | | +--rw rtr-rlocs* 220 | | | simple-address 221 | | +--:(explicit-locator-path) 222 | | | +--rw explicit-locator-path 223 | | | +--rw hop* [hop-id] 224 | | | +--rw hop-id string 225 | | | +--rw address? simple-address 226 | | | +--rw lrs-bits? bits 227 | | +--:(source-dest-key) 228 | | | +--rw source-dest-key 229 | | | +--rw source? simple-address 230 | | | +--rw dest? simple-address 231 | | +--:(key-value-address) 232 | | | +--rw key-value-address 233 | | | +--rw key? simple-address 234 | | | +--rw value? simple-address 235 | | +--:(service-path) 236 | | +--rw service-path 237 | | +--rw service-path-id? 238 | | | service-path-id-type 239 | | +--rw service-index? uint8 240 | +--rw priority? uint8 241 | +--rw weight? uint8 242 | +--rw multicast-priority? uint8 243 | +--rw multicast-weight? uint8 244 +--rw lisp-role* [lisp-role-type] 245 | +--rw lisp-role-type lisp-role-ref 246 +--rw lisp-router-id 247 | +--rw site-id? uint64 248 | +--rw xtr-id? lisp:xtr-id-type 249 +--rw vpns 250 +--rw vpn* [instance-id] 251 +--rw instance-id lcaf:instance-id-type 252 +--rw iid-name 253 -> /ni:network-instances/network-instance/name 255 2.2. Module Definition 257 file "ietf-lisp@2019-09-07.yang" 258 module ietf-lisp { 259 yang-version 1.1; 261 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp"; 263 prefix lisp; 265 import ietf-interfaces { 266 prefix if; 267 reference 268 "RFC 8343: A YANG Data Model for Interface Management"; 269 } 270 // RFC Ed.: replace occurrences of XXXX with actual RFC number 271 // and remove this note 272 import ietf-lisp-address-types { 273 prefix lcaf; 274 reference "RFC XXXX: LISP YANG model"; 275 } 276 import ietf-yang-types { 277 prefix yang; 278 reference "RFC 6991: Common YANG Data Types"; 279 } 280 import ietf-routing { 281 prefix "rt"; 282 reference 283 "RFC 8349: A YANG Data Model for Routing Management 284 (NMDA version)"; 285 } 286 import ietf-network-instance { 287 prefix "ni"; 288 // RFC Ed.: replace occurrences of YYYY with actual RFC number 289 // of draft-ietf-rtgwg-ni-model and remove this note 290 reference 291 "RFC YYYY: YANG Model for Network Instances"; 292 } 294 organization 295 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 296 contact 297 "WG Web: 298 WG List: 300 Editor: Vina Ermagan 301 303 Editor: Alberto Rodriguez-Natal 304 306 Editor: Reshad Rahman 307 "; 308 description 309 "This YANG module defines the generic parameters for LISP. 310 The module can be extended by vendors to define vendor-specific 311 LISP parameters and policies. 313 Copyright (c) 2018 IETF Trust and the persons identified as 314 authors of the code. All rights reserved. 316 Redistribution and use in source and binary forms, with or 317 without modification, is permitted pursuant to, and subject 318 to the license terms contained in, the Simplified BSD License 319 set forth in Section 4.c of the IETF Trust's Legal Provisions 320 Relating to IETF Documents 321 (http://trustee.ietf.org/license-info). 323 This version of this YANG module is part of RFC XXXX; see 324 the RFC itself for full legal notices. 325 "; 327 reference "RFC XXXX"; 329 revision 2019-09-07 { 330 description 331 "Initial revision."; 332 reference 333 "https://tools.ietf.org/html/rfc6830"; 334 } 335 /* 336 * Identity definitions 337 */ 338 identity lisp { 339 base "rt:control-plane-protocol"; 340 description "LISP protocol."; 341 reference 342 "RFC 6830: The Locator/ID Separation Protocol (LISP)."; 343 } 345 identity lisp-role { 346 description 347 "LISP router role."; 348 } 349 identity itr { 350 base lisp-role; 351 description 352 "LISP ITR."; 353 } 354 identity pitr { 355 base lisp-role; 356 description 357 "LISP PITR."; 358 } 359 identity etr { 360 base lisp-role; 361 description 362 "LISP ETR."; 363 } 364 identity petr { 365 base lisp-role; 366 description 367 "LISP PETR."; 368 } 370 identity mapping-system { 371 description 372 "Mapping System interface"; 373 } 374 identity single-node-mapping-system { 375 base mapping-system; 376 description 377 "logically singular Map Server"; 378 } 380 identity map-reply-act { 381 description 382 "Defines the lisp map-cache ACT type"; 384 reference 385 "https://www.iana.org/assignments/lisp-parameters" 386 + "/lisp-parameters.xhtml#lisp-act-value"; 387 } 388 identity no-action { 389 base map-reply-act; 390 description 391 "Mapping is kept alive and no encapsulation 392 occurs."; 393 } 394 identity natively-forward { 395 base map-reply-act; 396 description 397 "Matching packets are not encapsulated or 398 dropped but natively forwarded."; 399 } 400 identity send-map-request { 401 base map-reply-act; 402 description 403 "Matching packets invoke Map-Requests."; 404 } 405 identity drop-no-reason { 406 base map-reply-act; 407 description 408 "Matching packets are dropped."; 409 } 410 identity drop-policy-denied { 411 base map-reply-act; 412 description 413 "Matching packets are dropped (due to policy)."; 414 } 415 identity drop-auth-failure { 416 base map-reply-act; 417 description 418 "Matching packets are dropped (due to authentication 419 failure)."; 420 } 422 identity auth-algorithm { 423 description 424 "Base identity for the authentication mechanisms supported by 425 LISP."; 426 reference 427 "https://www.iana.org/assignments/lisp-parameters" 428 + "/lisp-parameters.xhtml#lisp-key-id-numbers"; 429 } 430 identity no-auth-algorithm { 431 base auth-algorithm; 432 description 433 "No authentication."; 434 } 435 identity hmac-sha-1-96-none { 436 base auth-algorithm; 437 description 438 "MAC = HMAC-SHA-1-96 (RFC2404), KDF = none"; 439 } 440 identity hmac-sha-256-128-none { 441 base auth-algorithm; 442 description 443 "MAC = HMAC-SHA-256-128 (RFC4868), KDF = none"; 444 } 445 identity hmac-sha-256-128-HKDF-SHA2562 { 446 base auth-algorithm; 447 description 448 "MAC = HMAC-SHA-256-128, KDF = HKDF-SHA2562 (RFC4868)"; 449 } 451 typedef mapping-system-ref { 452 type identityref { 453 base mapping-system; 454 } 455 description 456 "Mapping System reference"; 457 } 459 typedef lisp-role-ref { 460 type identityref { 461 base lisp-role; 462 } 463 description 464 "LISP role reference"; 465 } 466 typedef map-reply-action { 467 type identityref { 468 base map-reply-act; 469 } 470 description 471 "Map-Reply action reference"; 472 } 473 typedef eid-id { 474 type string { 475 pattern '[a-zA-Z0-9\-_.:]*'; 476 } 477 description 478 "Type encoding of lisp-addresses to be generally used in EID 479 keyed lists."; 481 } 482 typedef auth-algorithm-type { 483 type identityref { 484 base auth-algorithm; 485 } 486 description 487 "Authentication algorithm reference"; 488 } 489 typedef xtr-id-type { 490 type binary { 491 length "16"; 492 } 493 description 494 "128-bit xTR identifier."; 495 } 497 grouping locator-properties { 498 description 499 "Properties of a RLOC"; 500 leaf priority { 501 type uint8; 502 description 503 "Locator priority."; 504 } 505 leaf weight { 506 type uint8; 507 description 508 "Locator weight."; 509 } 510 leaf multicast-priority { 511 type uint8; 512 description 513 "Locator's multicast priority"; 514 } 515 leaf multicast-weight { 516 type uint8; 517 description 518 "Locator's multicast weight"; 519 } 520 } 522 grouping locators-grouping { 523 description 524 "Grouping that defines a list of LISP locators."; 525 list locator { 526 key "locator-id"; 527 description 528 "List of routing locators"; 530 leaf locator-id { 531 type string { 532 length "1..64"; 533 pattern '[a-zA-Z0-9\-_.:]*'; 534 } 535 description 536 "Locator id"; 537 } 538 container locator-address { 539 uses lcaf:lisp-address; 540 description 541 "The locator address provided in LISP canonincal 542 address format."; 543 } 544 uses locator-properties; 545 } 547 } 549 grouping local-locators-grouping { 550 description 551 "Grouping that defines a list of LISP locators."; 552 list interface { 553 key "interface-ref"; 554 description 555 "The address type of the locator"; 556 leaf interface-ref { 557 type if:interface-ref; 558 description 559 "The name of the interface supporting the locator."; 560 } 561 uses locator-properties; 562 } 563 } 565 grouping mapping { 566 description 567 "Grouping that defines a LISP mapping."; 568 container eid { 569 uses lcaf:lisp-address; 570 description 571 "End-host Identifier (EID) to be mapped to a list of 572 locators"; 573 } 574 leaf time-to-live { 575 type uint32; 576 units minutes; 577 description 578 "Mapping validity period in minutes (as per RF6830)."; 579 } 580 leaf creation-time { 581 type yang:date-and-time; 582 config false; 583 description 584 "Time when the mapping was created."; 585 } 586 leaf authoritative { 587 type bits { 588 bit A { 589 description 590 "Authoritative bit."; 591 } 592 } 593 description 594 "Bit that indicates if mapping comes from an 595 authoritative source."; 596 } 597 leaf static { 598 type boolean; 599 default "false"; 600 description 601 "This leaf should be true if the mapping is static."; 602 } 603 choice locator-list { 604 description 605 "list of locartors are either negative, or positive."; 606 case negative-mapping { 607 leaf map-reply-action { 608 type map-reply-action; 609 description 610 "Forwarding action for a negative mapping."; 611 } 612 } 613 case positive-mapping { 614 container rlocs { 615 uses locators-grouping; 616 description 617 "List of locators for a positive mapping."; 618 } 619 } 620 } 621 } 623 grouping mappings { 624 description 625 "Grouping that defines a list of LISP mappings."; 627 list vpn { 628 key "instance-id"; 629 description 630 "VPN to which the mappings belong."; 631 leaf instance-id { 632 type leafref { 633 path "/rt:routing/rt:control-plane-protocols" 634 + "/rt:control-plane-protocol/lisp:lisp" 635 + "/lisp:vpns/lisp:vpn" 636 + "/lisp:instance-id"; 637 } 638 description 639 "VPN identifier."; 640 } 641 container mappings { 642 description 643 "Mappings within the VPN."; 644 list mapping { 645 key "eid-id"; 646 description 647 "List of EID to RLOCs mappings."; 648 leaf eid-id { 649 type eid-id; 650 description 651 "Id that uniquely identifies a mapping."; 652 } 653 uses mapping; 654 } 655 } 656 } 657 } 659 grouping auth-key { 660 description "Grouping that defines authentication keys."; 661 container authentication-keys { 662 description "Multiple authentication keys can be defined."; 663 list authentication-key { 664 key "auth-key-id"; 665 description 666 "Authentication key parameters."; 667 leaf auth-key-id { 668 type string { 669 pattern '[a-zA-Z0-9\-_.:]*'; 670 } 671 description 672 "Identifier of the authentication key."; 673 } 674 leaf-list auth-algorithm-id { 675 type lisp:auth-algorithm-type; 676 description 677 "Authentication algorithm used with the key."; 678 } 679 leaf auth-key-value { 680 type string; 681 description 682 "Clear text authentication key."; 683 } 684 } 685 } 686 } 688 augment "/rt:routing/rt:control-plane-protocols" 689 + "/rt:control-plane-protocol" { 690 when "derived-from-or-self(rt:type, 'lisp:lisp')" { 691 description 692 "This augmentation is only valid for a control-plane protocol 693 instance of LISP."; 694 } 695 description "LISP protocol ietf-routing module 696 control-plane-protocol augmentation."; 698 container lisp { 699 description 700 "Parameters for the LISP subsystem."; 702 container locator-sets { 703 description 704 "Container that defines a named locator set which can be 705 referenced elsewhere."; 706 list locator-set { 707 key "locator-set-name"; 708 description 709 "Multiple locator sets can be defined."; 710 leaf locator-set-name { 711 type string { 712 length "1..64"; 713 pattern '[a-zA-Z0-9\-_.:]*'; 714 } 715 description 716 "Locator set name"; 717 } 718 choice locator-type { 719 description 720 "Locator sets can be based on local interfaces, or 721 general locators."; 722 case local-interface { 723 uses local-locators-grouping; 724 description 725 "List of locators in this set based on local 726 interfaces."; 727 } 728 case general-locator { 729 uses locators-grouping; 730 description 731 "List of locators in this set based on 732 lisp-address."; 733 } 734 } 735 } 736 } 738 list lisp-role { 739 key lisp-role-type; 740 description 741 "List of lisp device roles such as MS, MR, ITR, 742 PITR, ETR or PETR."; 743 leaf lisp-role-type { 744 type lisp-role-ref; 745 description 746 "The type of LISP device - identity derived from the 747 'lisp-device' base identity."; 748 } 749 } 751 container lisp-router-id { 752 when "../lisp-role/lisp-role-type = 'lisp:itr' or 753 ../lisp-role/lisp-role-type = 'lisp:pitr' or 754 ../lisp-role/lisp-role-type = 'lisp:etr' or 755 ../lisp-role/lisp-role-type = 'lisp:petr'" { 756 description "Only when ITR, PITR, ETR or PETR."; 757 } 758 description 759 "Site-ID and xTR-ID of the device."; 760 leaf site-id { 761 type uint64; 762 description "Site ID"; 763 } 764 leaf xtr-id { 765 type lisp:xtr-id-type; 766 description "xTR ID"; 767 } 768 } 770 container vpns { 771 when "../lisp-role/lisp-role-type = 'lisp:itr' or 772 ../lisp-role/lisp-role-type = 'lisp:pitr' or 773 ../lisp-role/lisp-role-type = 'lisp:etr' or 774 ../lisp-role/lisp-role-type = 'lisp:petr'" { 775 description "Only when ITR, PITR, ETR or PETR."; 776 } 777 description "VPNs"; 778 list vpn { 779 key instance-id; 780 unique "iid-name"; 781 description "List of VPNs"; 783 leaf instance-id { 784 type lcaf:instance-id-type; 785 description 786 "VPN identifier. The value 0 for instance-id must be 787 used for the default VRF."; 788 } 789 leaf iid-name { 790 type leafref { 791 path "/ni:network-instances/ni:network-instance" 792 + "/ni:name"; 793 } 794 mandatory true; 795 description 796 "Name of VPN (e.g. VRF) to which an instance-id is 797 bound. Each instance-id is bound to a different VPN"; 798 } 799 } 800 } 801 } 802 } 803 } 804 806 3. LISP-ITR Module 808 This module captures the configuration data model of a LISP ITR. The 809 model also captures some operational data elements. 811 3.1. Module Structure 813 module: ietf-lisp-itr 814 augment /rt:routing/rt:control-plane-protocols 815 /rt:control-plane-protocol/lisp:lisp: 816 +--rw itr! 817 +--rw rloc-probing! 818 | +--rw interval? uint16 819 | +--rw retries? uint8 820 | +--rw retries-interval? uint16 821 +--rw itr-rlocs? leafref 822 +--rw map-resolvers 823 | +--rw map-resolver* inet:ip-address 824 +--rw proxy-etrs 825 | +--rw proxy-etr-address* inet:ip-address 826 +--rw map-cache 827 +--ro size? uint32 828 +--ro limit? uint32 829 +--rw vpn* [instance-id] 830 +--rw instance-id leafref 831 +--rw mappings 832 +--rw mapping* [eid-id] 833 +--rw eid-id eid-id 834 +--rw eid 835 | +--rw address-type 836 | | lisp-address-family-ref 837 | +--rw (address)? 838 | +--:(no-address) 839 | | +--rw no-address? empty 840 | +--:(ipv4) 841 | | +--rw ipv4? 842 | | inet:ipv4-address 843 | +--:(ipv4-prefix) 844 | | +--rw ipv4-prefix? 845 | | inet:ipv4-prefix 846 | +--:(ipv6) 847 | | +--rw ipv6? 848 | | inet:ipv6-address 849 | +--:(ipv6-prefix) 850 | | +--rw ipv6-prefix? 851 | | inet:ipv6-prefix 852 | +--:(mac) 853 | | +--rw mac? 854 | | yang:mac-address 855 | +--:(distinguished-name) 856 | | +--rw distinguished-name? 857 | | distinguished-name-type 858 | +--:(as-number) 859 | | +--rw as-number? 860 | | inet:as-number 861 | +--:(null-address) 862 | | +--rw null-address 863 | | +--rw address? empty 864 | +--:(afi-list) 865 | | +--rw afi-list 866 | | +--rw address-list* simple-address 867 | +--:(instance-id) 868 | | +--rw instance-id 869 | | +--rw instance-id? instance-id-type 870 | | +--rw mask-length? uint8 871 | | +--rw address? simple-address 872 | +--:(as-number-lcaf) 873 | | +--rw as-number-lcaf 874 | | +--rw as? inet:as-number 875 | | +--rw address? simple-address 876 | +--:(application-data) 877 | | +--rw application-data 878 | | +--rw address? 879 | | | simple-address 880 | | +--rw protocol? uint8 881 | | +--rw ip-tos? int32 882 | | +--rw local-port-low? 883 | | | inet:port-number 884 | | +--rw local-port-high? 885 | | | inet:port-number 886 | | +--rw remote-port-low? 887 | | | inet:port-number 888 | | +--rw remote-port-high? 889 | | inet:port-number 890 | +--:(geo-coordinates) 891 | | +--rw geo-coordinates 892 | | +--rw latitude? bits 893 | | +--rw latitude-degrees? uint8 894 | | +--rw latitude-minutes? uint8 895 | | +--rw latitude-seconds? uint8 896 | | +--rw longitude? bits 897 | | +--rw longitude-degrees? uint16 898 | | +--rw longitude-minutes? uint8 899 | | +--rw longitude-seconds? uint8 900 | | +--rw altitude? int32 901 | | +--rw address? 902 | | simple-address 903 | +--:(nat-traversal) 904 | | +--rw nat-traversal 905 | | +--rw ms-udp-port? uint16 906 | | +--rw etr-udp-port? uint16 907 | | +--rw global-etr-rloc? 908 | | | simple-address 909 | | +--rw ms-rloc? 910 | | | simple-address 911 | | +--rw private-etr-rloc? 912 | | | simple-address 913 | | +--rw rtr-rlocs* 914 | | simple-address 915 | +--:(explicit-locator-path) 916 | | +--rw explicit-locator-path 917 | | +--rw hop* [hop-id] 918 | | +--rw hop-id string 919 | | +--rw address? simple-address 920 | | +--rw lrs-bits? bits 921 | +--:(source-dest-key) 922 | | +--rw source-dest-key 923 | | +--rw source? simple-address 924 | | +--rw dest? simple-address 925 | +--:(key-value-address) 926 | | +--rw key-value-address 927 | | +--rw key? simple-address 928 | | +--rw value? simple-address 929 | +--:(service-path) 930 | +--rw service-path 931 | +--rw service-path-id? 932 | | service-path-id-type 933 | +--rw service-index? uint8 934 +--rw time-to-live? uint32 935 +--ro creation-time? yang:date-and-time 936 +--rw authoritative? bits 937 +--rw static? boolean 938 +--rw (locator-list)? 939 +--:(negative-mapping) 940 | +--rw map-reply-action? map-reply-action 941 +--:(positive-mapping) 942 +--rw rlocs 943 +--rw locator* [locator-id] 944 +--rw locator-id string 945 +--rw locator-address 946 | +--rw address-type 947 | | lisp-address-family-ref 948 | +--rw (address)? 949 | +--:(no-address) 950 | | +--rw no-address? 951 | | empty 952 | +--:(ipv4) 953 | | +--rw ipv4? 954 | | inet:ipv4-address 955 | +--:(ipv4-prefix) 956 | | +--rw ipv4-prefix? 957 | | inet:ipv4-prefix 958 | +--:(ipv6) 959 | | +--rw ipv6? 960 | | inet:ipv6-address 961 | +--:(ipv6-prefix) 962 | | +--rw ipv6-prefix? 963 | | inet:ipv6-prefix 964 | +--:(mac) 965 | | +--rw mac? 966 | | yang:mac-address 967 | +--:(distinguished-name) 968 | | +--rw distinguished-name? 969 | | distinguished-name-type 970 | +--:(as-number) 971 | | +--rw as-number? 972 | | inet:as-number 973 | +--:(null-address) 974 | | +--rw null-address 975 | | +--rw address? empty 976 | +--:(afi-list) 977 | | +--rw afi-list 978 | | +--rw address-list* 979 | | simple-address 980 | +--:(instance-id) 981 | | +--rw instance-id 982 | | +--rw instance-id? 983 | | | instance-id-type 984 | | +--rw mask-length? uint8 985 | | +--rw address? 986 | | simple-address 987 | +--:(as-number-lcaf) 988 | | +--rw as-number-lcaf 989 | | +--rw as? 990 | | | inet:as-number 991 | | +--rw address? 992 | | simple-address 993 | +--:(application-data) 994 | | +--rw application-data 995 | | +--rw address? 996 | | | simple-address 997 | | +--rw protocol? 998 | | | uint8 999 | | +--rw ip-tos? 1000 | | | int32 1001 | | +--rw local-port-low? 1002 | | | inet:port-number 1003 | | +--rw local-port-high? 1004 | | | inet:port-number 1005 | | +--rw remote-port-low? 1006 | | | inet:port-number 1007 | | +--rw remote-port-high? 1008 | | inet:port-number 1009 | +--:(geo-coordinates) 1010 | | +--rw geo-coordinates 1011 | | +--rw latitude? 1012 | | | bits 1013 | | +--rw latitude-degrees? 1014 | | | uint8 1015 | | +--rw latitude-minutes? 1016 | | | uint8 1017 | | +--rw latitude-seconds? 1018 | | | uint8 1019 | | +--rw longitude? 1020 | | | bits 1021 | | +--rw longitude-degrees? 1022 | | | uint16 1023 | | +--rw longitude-minutes? 1024 | | | uint8 1025 | | +--rw longitude-seconds? 1026 | | | uint8 1027 | | +--rw altitude? 1028 | | | int32 1029 | | +--rw address? 1030 | | simple-address 1031 | +--:(nat-traversal) 1032 | | +--rw nat-traversal 1033 | | +--rw ms-udp-port? 1034 | | | uint16 1035 | | +--rw etr-udp-port? 1036 | | | uint16 1037 | | +--rw global-etr-rloc? 1038 | | | simple-address 1039 | | +--rw ms-rloc? 1040 | | | simple-address 1041 | | +--rw private-etr-rloc? 1042 | | | simple-address 1043 | | +--rw rtr-rlocs* 1044 | | simple-address 1045 | +--:(explicit-locator-path) 1046 | | +--rw explicit-locator-path 1047 | | +--rw hop* [hop-id] 1048 | | +--rw hop-id 1049 | | | string 1050 | | +--rw address? 1051 | | | simple-address 1052 | | +--rw lrs-bits? bits 1053 | +--:(source-dest-key) 1054 | | +--rw source-dest-key 1055 | | +--rw source? 1056 | | | simple-address 1057 | | +--rw dest? 1058 | | simple-address 1059 | +--:(key-value-address) 1060 | | +--rw key-value-address 1061 | | +--rw key? 1062 | | | simple-address 1063 | | +--rw value? 1064 | | simple-address 1065 | +--:(service-path) 1066 | +--rw service-path 1067 | +--rw service-path-id? 1068 | | service-path-id-type 1069 | +--rw service-index? 1070 | uint8 1071 +--rw priority? uint8 1072 +--rw weight? uint8 1073 +--rw multicast-priority? uint8 1074 +--rw multicast-weight? uint8 1076 3.2. Module Definition 1078 file "ietf-lisp-itr@2019-02-23.yang" 1079 module ietf-lisp-itr { 1080 yang-version 1.1; 1082 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp-itr"; 1084 prefix lisp-itr; 1086 // RFC Ed.: replace occurrences of XXXX with actual RFC number 1087 // and remove this note 1088 import ietf-lisp { 1089 prefix lisp; 1090 reference "RFC XXXX: LISP YANG model"; 1091 } 1092 import ietf-inet-types { 1093 prefix inet; 1094 reference "RFC 6991: Common YANG Data Types"; 1095 } 1096 import ietf-routing { 1097 prefix "rt"; 1098 reference 1099 "RFC 8349: A YANG Data Model for Routing Management 1100 (NMDA version)"; 1101 } 1103 organization 1104 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 1105 contact 1106 "WG Web: 1107 WG List: 1109 Editor: Vina Ermagan 1110 1112 Editor: Alberto Rodriguez-Natal 1113 1115 Editor: Reshad Rahman 1116 "; 1117 description 1118 "This YANG module defines the generic parameters for a LISP 1119 ITR. The module can be extended by vendors to define 1120 vendor-specific parameters and policies. 1122 Copyright (c) 2018 IETF Trust and the persons identified as 1123 authors of the code. All rights reserved. 1125 Redistribution and use in source and binary forms, with or 1126 without modification, is permitted pursuant to, and subject 1127 to the license terms contained in, the Simplified BSD License 1128 set forth in Section 4.c of the IETF Trust's Legal Provisions 1129 Relating to IETF Documents 1130 (http://trustee.ietf.org/license-info). 1132 This version of this YANG module is part of RFC XXXX; see 1133 the RFC itself for full legal notices. 1134 "; 1136 reference "RFC XXXX"; 1138 revision 2019-02-23 { 1139 description 1140 "Initial revision."; 1141 reference 1142 "https://tools.ietf.org/html/rfc6830"; 1143 } 1144 augment "/rt:routing/rt:control-plane-protocols" 1145 + "/rt:control-plane-protocol/lisp:lisp" { 1146 when "lisp:lisp-role/lisp:lisp-role-type = 'lisp:itr' or 1147 lisp:lisp-role/lisp:lisp-role-type = 'lisp:pitr'" { 1148 description 1149 "Augment is valid when LISP role type is ITR or PITR."; 1150 } 1151 description 1152 "This augments the LISP devices list with (P)ITR specific 1153 parameters."; 1154 container itr { 1155 presence "LISP (P)ITR operation enabled"; 1156 description 1157 "ITR parameters"; 1158 container rloc-probing { 1159 presence "RLOC probing active"; 1160 description 1161 "RLOC-probing parameters"; 1162 leaf interval { 1163 type uint16; 1164 units "seconds"; 1165 description 1166 "Interval in seconds for resending the probes"; 1167 } 1168 leaf retries { 1169 type uint8; 1170 description 1171 "Number of retries for sending the probes"; 1172 } 1173 leaf retries-interval { 1174 type uint16; 1175 units "seconds"; 1176 description 1177 "Interval in seconds between retries when sending probes. 1178 The action taken if all retries fail to receive is 1179 implementation specific."; 1180 } 1181 } 1182 leaf itr-rlocs { 1183 type leafref { 1184 path "/rt:routing/rt:control-plane-protocols" 1185 + "/rt:control-plane-protocol/lisp:lisp" 1186 + "/lisp:locator-sets/lisp:locator-set" 1187 + "/lisp:locator-set-name"; 1188 } 1189 description 1190 "Reference to a locator set that the (P)ITR includes in 1191 Map-Requests"; 1192 } 1193 container map-resolvers { 1194 description 1195 "Map-Resolvers that the (P)ITR uses."; 1196 leaf-list map-resolver { 1197 type inet:ip-address; 1198 description 1199 "Each Map-Resolver within the list of Map-Resolvers."; 1200 } 1201 } 1202 container proxy-etrs { 1203 when "../../lisp:lisp-role/lisp:lisp-role-type='lisp:itr'" { 1204 description 1205 "Container exists only when LISP role type is ITR"; 1206 } 1207 description 1208 "Proxy ETRs that the ITR uses."; 1209 leaf-list proxy-etr-address{ 1210 type inet:ip-address; 1211 description 1212 "Proxy ETR RLOC address."; 1213 } 1214 } 1215 container map-cache { 1216 leaf size { 1217 type uint32; 1218 config false; 1219 description 1220 "Current number of entries in the EID-to-RLOC map-cache"; 1221 } 1222 leaf limit { 1223 type uint32; 1224 config false; 1225 description 1226 "Maximum permissible number of entries in the EID-to-RLOC 1227 map-cache"; 1228 } 1230 uses lisp:mappings; 1231 description 1232 "EID to RLOCs mappings cache."; 1233 } 1234 } 1235 } 1236 } 1237 1239 4. LISP-ETR Module 1241 This module captures the configuration data model of a LISP ETR. The 1242 model also captures some operational data elements. 1244 4.1. Module Structure 1246 module: ietf-lisp-etr 1247 augment /rt:routing/rt:control-plane-protocols 1248 /rt:control-plane-protocol/lisp:lisp: 1249 +--rw etr! 1250 +--rw map-servers 1251 | +--rw map-server* [ms-address] 1252 | +--rw ms-address inet:ip-address 1253 | +--rw authentication-keys 1254 | +--rw authentication-key* [auth-key-id] 1255 | +--rw auth-key-id string 1256 | +--rw auth-algorithm-id* 1257 | | lisp:auth-algorithm-type 1258 | +--rw auth-key-value? string 1259 +--rw local-eids 1260 +--rw vpn* [instance-id] 1261 +--rw instance-id leafref 1262 +--rw eids 1263 +--rw local-eid* [eid-id] 1264 +--rw eid-id lisp:eid-id 1265 +--rw eid-address 1266 | +--rw address-type 1267 | | lisp-address-family-ref 1268 | +--rw (address)? 1269 | +--:(no-address) 1270 | | +--rw no-address? empty 1271 | +--:(ipv4) 1272 | | +--rw ipv4? 1273 | | inet:ipv4-address 1274 | +--:(ipv4-prefix) 1275 | | +--rw ipv4-prefix? 1276 | | inet:ipv4-prefix 1277 | +--:(ipv6) 1278 | | +--rw ipv6? 1279 | | inet:ipv6-address 1280 | +--:(ipv6-prefix) 1281 | | +--rw ipv6-prefix? 1282 | | inet:ipv6-prefix 1283 | +--:(mac) 1284 | | +--rw mac? 1285 | | yang:mac-address 1286 | +--:(distinguished-name) 1287 | | +--rw distinguished-name? 1288 | | distinguished-name-type 1289 | +--:(as-number) 1290 | | +--rw as-number? 1291 | | inet:as-number 1292 | +--:(null-address) 1293 | | +--rw null-address 1294 | | +--rw address? empty 1295 | +--:(afi-list) 1296 | | +--rw afi-list 1297 | | +--rw address-list* simple-address 1298 | +--:(instance-id) 1299 | | +--rw instance-id 1300 | | +--rw instance-id? instance-id-type 1301 | | +--rw mask-length? uint8 1302 | | +--rw address? simple-address 1303 | +--:(as-number-lcaf) 1304 | | +--rw as-number-lcaf 1305 | | +--rw as? inet:as-number 1306 | | +--rw address? simple-address 1307 | +--:(application-data) 1308 | | +--rw application-data 1309 | | +--rw address? 1310 | | | simple-address 1311 | | +--rw protocol? uint8 1312 | | +--rw ip-tos? int32 1313 | | +--rw local-port-low? 1314 | | | inet:port-number 1315 | | +--rw local-port-high? 1316 | | | inet:port-number 1317 | | +--rw remote-port-low? 1318 | | | inet:port-number 1319 | | +--rw remote-port-high? 1320 | | inet:port-number 1321 | +--:(geo-coordinates) 1322 | | +--rw geo-coordinates 1323 | | +--rw latitude? bits 1324 | | +--rw latitude-degrees? uint8 1325 | | +--rw latitude-minutes? uint8 1326 | | +--rw latitude-seconds? uint8 1327 | | +--rw longitude? bits 1328 | | +--rw longitude-degrees? uint16 1329 | | +--rw longitude-minutes? uint8 1330 | | +--rw longitude-seconds? uint8 1331 | | +--rw altitude? int32 1332 | | +--rw address? 1333 | | simple-address 1334 | +--:(nat-traversal) 1335 | | +--rw nat-traversal 1336 | | +--rw ms-udp-port? uint16 1337 | | +--rw etr-udp-port? uint16 1338 | | +--rw global-etr-rloc? 1339 | | | simple-address 1340 | | +--rw ms-rloc? 1341 | | | simple-address 1342 | | +--rw private-etr-rloc? 1343 | | | simple-address 1344 | | +--rw rtr-rlocs* 1345 | | simple-address 1346 | +--:(explicit-locator-path) 1347 | | +--rw explicit-locator-path 1348 | | +--rw hop* [hop-id] 1349 | | +--rw hop-id string 1350 | | +--rw address? simple-address 1351 | | +--rw lrs-bits? bits 1352 | +--:(source-dest-key) 1353 | | +--rw source-dest-key 1354 | | +--rw source? simple-address 1355 | | +--rw dest? simple-address 1356 | +--:(key-value-address) 1357 | | +--rw key-value-address 1358 | | +--rw key? simple-address 1359 | | +--rw value? simple-address 1360 | +--:(service-path) 1361 | +--rw service-path 1362 | +--rw service-path-id? 1363 | | service-path-id-type 1364 | +--rw service-index? uint8 1365 +--rw rlocs? leafref 1366 +--rw record-ttl? uint32 1367 +--rw want-map-notify? boolean 1368 +--rw proxy-reply? boolean 1369 +--rw registration-interval? uint16 1371 4.2. Module Definition 1373 file "ietf-lisp-etr@2019-09-07.yang" 1374 module ietf-lisp-etr { 1375 yang-version 1.1; 1377 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp-etr"; 1379 prefix lisp-etr; 1381 // RFC Ed.: replace occurrences of XXXX with actual RFC number 1382 // and remove this note 1383 import ietf-lisp { 1384 prefix lisp; 1385 reference "RFC XXXX: LISP YANG model"; 1386 } 1387 import ietf-lisp-address-types { 1388 prefix lcaf; 1389 reference "RFC XXXX: LISP YANG model"; 1390 } 1391 import ietf-inet-types { 1392 prefix inet; 1393 reference "RFC 6991: Common YANG Data Types"; 1394 } 1395 import ietf-routing { 1396 prefix "rt"; 1397 reference 1398 "RFC 8349: A YANG Data Model for Routing Management 1399 (NMDA version)"; 1400 } 1402 organization 1403 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 1404 contact 1405 "WG Web: 1406 WG List: 1408 Editor: Vina Ermagan 1409 1411 Editor: Alberto Rodriguez-Natal 1412 1414 Editor: Reshad Rahman 1415 "; 1416 description 1417 "This YANG module defines the generic parameters for a LISP 1418 ETR. The module can be extended by vendors to define 1419 vendor-specific parameters and policies. 1421 Copyright (c) 2018 IETF Trust and the persons identified as 1422 authors of the code. All rights reserved. 1424 Redistribution and use in source and binary forms, with or 1425 without modification, is permitted pursuant to, and subject 1426 to the license terms contained in, the Simplified BSD License 1427 set forth in Section 4.c of the IETF Trust's Legal Provisions 1428 Relating to IETF Documents 1429 (http://trustee.ietf.org/license-info). 1431 This version of this YANG module is part of RFC XXXX; see 1432 the RFC itself for full legal notices. 1433 "; 1435 reference "RFC XXXX"; 1437 revision 2019-09-07 { 1438 description 1439 "Initial revision."; 1440 reference 1441 "https://tools.ietf.org/html/rfc6830"; 1442 } 1443 augment "/rt:routing/rt:control-plane-protocols" 1444 + "/rt:control-plane-protocol/lisp:lisp" { 1445 when "lisp:lisp-role/lisp:lisp-role-type = 'lisp:etr' or 1446 lisp:lisp-role/lisp:lisp-role-type = 'lisp:petr'" { 1447 description 1448 "Augment is valid when LISP device type is (P)ETR."; 1449 } 1450 description 1451 "This augments the LISP devices list with (P)ETR specific 1452 parameters."; 1453 container etr { 1454 presence "LISP (P)ETR operation enabled"; 1455 description 1456 "(P)ETR parameters."; 1458 container map-servers { 1459 when "../../lisp:lisp-role/lisp:lisp-role-type='lisp:etr'" { 1460 description 1461 "Container exists only when LISP device type is ETR."; 1462 } 1463 description 1464 "Map-Servers that the ETR uses."; 1465 list map-server { 1466 key "ms-address"; 1467 description 1468 "Each Map-Server within the list of Map-Servers."; 1469 leaf ms-address { 1470 type inet:ip-address; 1471 description 1472 "Map-Server address."; 1473 } 1474 uses lisp:auth-key; 1475 } 1476 } 1478 container local-eids { 1479 when "../../lisp:lisp-role/lisp:lisp-role-type='lisp:etr'" { 1480 description 1481 "Container exists only when LISP device type is ETR."; 1482 } 1483 description 1484 "VPNs served by the ETR."; 1485 list vpn { 1486 key "instance-id"; 1487 description 1488 "VPN for local-EIDs."; 1489 leaf instance-id { 1490 type leafref { 1491 path "/rt:routing/rt:control-plane-protocols" 1492 + "/rt:control-plane-protocol/lisp:lisp" 1493 + "/lisp:vpns/lisp:vpn" 1494 + "/lisp:instance-id"; 1495 } 1496 description 1497 "VPN identifier."; 1498 } 1499 container eids { 1500 description 1501 "EIDs served by the ETR."; 1502 list local-eid { 1503 key "eid-id"; 1504 description 1505 "List of local EIDs."; 1506 leaf eid-id { 1507 type lisp:eid-id; 1508 description 1509 "Unique id of local EID."; 1510 } 1511 container eid-address { 1512 uses lcaf:lisp-address; 1513 description 1514 "EID address in generic LISP address format."; 1515 } 1516 leaf rlocs { 1517 type leafref { 1518 path "/rt:routing/rt:control-plane-protocols" 1519 + "/rt:control-plane-protocol/lisp:lisp" 1520 + "/lisp:locator-sets/lisp:locator-set" 1521 + "/lisp:locator-set-name"; 1522 } 1523 description 1524 "Locator set mapped to this local EID."; 1525 } 1526 leaf record-ttl { 1527 type uint32; 1528 units minutes; 1529 description 1530 "Validity period of the EID to RLOCs mapping 1531 provided in Map-Replies."; 1532 } 1533 leaf want-map-notify { 1534 type boolean; 1535 default "true"; 1536 description 1537 "Flag which if set in a Map-Register requests that 1538 a Map-Notify be sent in response."; 1540 } 1541 leaf proxy-reply { 1542 type boolean; 1543 default "false"; 1544 description 1545 "Flag which if set in a Map-Register requests that 1546 the Map-Server proxy Map-Replies for the ETR."; 1547 } 1548 leaf registration-interval { 1549 type uint16; 1550 units "seconds"; 1551 default "60"; 1552 description 1553 "Interval between consecutive Map-Registers."; 1554 } 1555 } 1556 } 1557 } 1558 } 1559 } 1560 } 1561 } 1562 1564 5. LISP-Map-Server Module 1566 This module captures the configuration data model of a LISP Map 1567 Server [RFC6833]. The model also captures some operational data 1568 elements. 1570 5.1. Module Structure 1572 module: ietf-lisp-mapserver 1573 augment /rt:routing/rt:control-plane-protocols 1574 /rt:control-plane-protocol/lisp:lisp: 1575 +--rw map-server! 1576 +--rw sites 1577 | +--rw site* [site-id] 1578 | +--rw site-id uint64 1579 | +--rw authentication-keys 1580 | | +--rw authentication-key* [auth-key-id] 1581 | | +--rw auth-key-id string 1582 | | +--rw auth-algorithm-id* 1583 | | | lisp:auth-algorithm-type 1584 | | +--rw auth-key-value? string 1585 | +--rw xtr-ids* [xtr-id] 1586 | +--rw xtr-id uint64 1587 | +--rw authentication-keys 1588 | +--rw authentication-key* [auth-key-id] 1589 | +--rw auth-key-id string 1590 | +--rw auth-algorithm-id* 1591 | | lisp:auth-algorithm-type 1592 | +--rw auth-key-value? string 1593 +--rw vpns 1594 | +--rw vpn* [instance-id] 1595 | +--rw instance-id lcaf:instance-id-type 1596 | +--rw mappings 1597 | | +--rw mapping* [eid-id] 1598 | | +--rw eid-id lisp:eid-id 1599 | | +--rw eid-address 1600 | | | +--rw address-type 1601 | | | | lisp-address-family-ref 1602 | | | +--rw (address)? 1603 | | | +--:(no-address) 1604 | | | | +--rw no-address? empty 1605 | | | +--:(ipv4) 1606 | | | | +--rw ipv4? 1607 | | | | inet:ipv4-address 1608 | | | +--:(ipv4-prefix) 1609 | | | | +--rw ipv4-prefix? 1610 | | | | inet:ipv4-prefix 1611 | | | +--:(ipv6) 1612 | | | | +--rw ipv6? 1613 | | | | inet:ipv6-address 1614 | | | +--:(ipv6-prefix) 1615 | | | | +--rw ipv6-prefix? 1616 | | | | inet:ipv6-prefix 1617 | | | +--:(mac) 1618 | | | | +--rw mac? 1619 | | | | yang:mac-address 1620 | | | +--:(distinguished-name) 1621 | | | | +--rw distinguished-name? 1622 | | | | distinguished-name-type 1623 | | | +--:(as-number) 1624 | | | | +--rw as-number? 1625 | | | | inet:as-number 1626 | | | +--:(null-address) 1627 | | | | +--rw null-address 1628 | | | | +--rw address? empty 1629 | | | +--:(afi-list) 1630 | | | | +--rw afi-list 1631 | | | | +--rw address-list* simple-address 1632 | | | +--:(instance-id) 1633 | | | | +--rw instance-id 1634 | | | | +--rw instance-id? instance-id-type 1635 | | | | +--rw mask-length? uint8 1636 | | | | +--rw address? simple-address 1637 | | | +--:(as-number-lcaf) 1638 | | | | +--rw as-number-lcaf 1639 | | | | +--rw as? inet:as-number 1640 | | | | +--rw address? simple-address 1641 | | | +--:(application-data) 1642 | | | | +--rw application-data 1643 | | | | +--rw address? 1644 | | | | | simple-address 1645 | | | | +--rw protocol? uint8 1646 | | | | +--rw ip-tos? int32 1647 | | | | +--rw local-port-low? 1648 | | | | | inet:port-number 1649 | | | | +--rw local-port-high? 1650 | | | | | inet:port-number 1651 | | | | +--rw remote-port-low? 1652 | | | | | inet:port-number 1653 | | | | +--rw remote-port-high? 1654 | | | | inet:port-number 1655 | | | +--:(geo-coordinates) 1656 | | | | +--rw geo-coordinates 1657 | | | | +--rw latitude? bits 1658 | | | | +--rw latitude-degrees? uint8 1659 | | | | +--rw latitude-minutes? uint8 1660 | | | | +--rw latitude-seconds? uint8 1661 | | | | +--rw longitude? bits 1662 | | | | +--rw longitude-degrees? uint16 1663 | | | | +--rw longitude-minutes? uint8 1664 | | | | +--rw longitude-seconds? uint8 1665 | | | | +--rw altitude? int32 1666 | | | | +--rw address? 1667 | | | | simple-address 1668 | | | +--:(nat-traversal) 1669 | | | | +--rw nat-traversal 1670 | | | | +--rw ms-udp-port? uint16 1671 | | | | +--rw etr-udp-port? uint16 1672 | | | | +--rw global-etr-rloc? 1673 | | | | | simple-address 1674 | | | | +--rw ms-rloc? 1675 | | | | | simple-address 1676 | | | | +--rw private-etr-rloc? 1677 | | | | | simple-address 1678 | | | | +--rw rtr-rlocs* 1679 | | | | simple-address 1680 | | | +--:(explicit-locator-path) 1681 | | | | +--rw explicit-locator-path 1682 | | | | +--rw hop* [hop-id] 1683 | | | | +--rw hop-id string 1684 | | | | +--rw address? simple-address 1685 | | | | +--rw lrs-bits? bits 1686 | | | +--:(source-dest-key) 1687 | | | | +--rw source-dest-key 1688 | | | | +--rw source? simple-address 1689 | | | | +--rw dest? simple-address 1690 | | | +--:(key-value-address) 1691 | | | | +--rw key-value-address 1692 | | | | +--rw key? simple-address 1693 | | | | +--rw value? simple-address 1694 | | | +--:(service-path) 1695 | | | +--rw service-path 1696 | | | +--rw service-path-id? 1697 | | | | service-path-id-type 1698 | | | +--rw service-index? uint8 1699 | | +--rw site-id* uint64 1700 | | +--rw more-specifics-accepted? boolean 1701 | | +--rw mapping-expiration-timeout? int16 1702 | | +--ro first-registration-time? 1703 | | | yang:date-and-time 1704 | | +--ro last-registration-time? 1705 | | | yang:date-and-time 1706 | | +--rw mapping-records 1707 | | +--rw mapping-record* [xtr-id] 1708 | | +--rw xtr-id 1709 | | | lisp:xtr-id-type 1710 | | +--rw site-id? uint64 1711 | | +--rw eid 1712 | | | +--rw address-type 1713 | | | | lisp-address-family-ref 1714 | | | +--rw (address)? 1715 | | | +--:(no-address) 1716 | | | | +--rw no-address? 1717 | | | | empty 1718 | | | +--:(ipv4) 1719 | | | | +--rw ipv4? 1720 | | | | inet:ipv4-address 1721 | | | +--:(ipv4-prefix) 1722 | | | | +--rw ipv4-prefix? 1723 | | | | inet:ipv4-prefix 1724 | | | +--:(ipv6) 1725 | | | | +--rw ipv6? 1726 | | | | inet:ipv6-address 1727 | | | +--:(ipv6-prefix) 1728 | | | | +--rw ipv6-prefix? 1729 | | | | inet:ipv6-prefix 1730 | | | +--:(mac) 1731 | | | | +--rw mac? 1732 | | | | yang:mac-address 1733 | | | +--:(distinguished-name) 1734 | | | | +--rw distinguished-name? 1735 | | | | distinguished-name-type 1736 | | | +--:(as-number) 1737 | | | | +--rw as-number? 1738 | | | | inet:as-number 1739 | | | +--:(null-address) 1740 | | | | +--rw null-address 1741 | | | | +--rw address? empty 1742 | | | +--:(afi-list) 1743 | | | | +--rw afi-list 1744 | | | | +--rw address-list* 1745 | | | | simple-address 1746 | | | +--:(instance-id) 1747 | | | | +--rw instance-id 1748 | | | | +--rw instance-id? 1749 | | | | | instance-id-type 1750 | | | | +--rw mask-length? uint8 1751 | | | | +--rw address? 1752 | | | | simple-address 1753 | | | +--:(as-number-lcaf) 1754 | | | | +--rw as-number-lcaf 1755 | | | | +--rw as? inet:as-number 1756 | | | | +--rw address? simple-address 1757 | | | +--:(application-data) 1758 | | | | +--rw application-data 1759 | | | | +--rw address? 1760 | | | | | simple-address 1761 | | | | +--rw protocol? uint8 1762 | | | | +--rw ip-tos? int32 1763 | | | | +--rw local-port-low? 1764 | | | | | inet:port-number 1765 | | | | +--rw local-port-high? 1766 | | | | | inet:port-number 1767 | | | | +--rw remote-port-low? 1768 | | | | | inet:port-number 1769 | | | | +--rw remote-port-high? 1770 | | | | inet:port-number 1771 | | | +--:(geo-coordinates) 1772 | | | | +--rw geo-coordinates 1773 | | | | +--rw latitude? bits 1774 | | | | +--rw latitude-degrees? 1775 | | | | | uint8 1776 | | | | +--rw latitude-minutes? 1777 | | | | | uint8 1778 | | | | +--rw latitude-seconds? 1779 | | | | | uint8 1780 | | | | +--rw longitude? bits 1781 | | | | +--rw longitude-degrees? 1782 | | | | | uint16 1783 | | | | +--rw longitude-minutes? 1784 | | | | | uint8 1785 | | | | +--rw longitude-seconds? 1786 | | | | | uint8 1787 | | | | +--rw altitude? 1788 | | | | | int32 1789 | | | | +--rw address? 1790 | | | | simple-address 1791 | | | +--:(nat-traversal) 1792 | | | | +--rw nat-traversal 1793 | | | | +--rw ms-udp-port? 1794 | | | | | uint16 1795 | | | | +--rw etr-udp-port? 1796 | | | | | uint16 1797 | | | | +--rw global-etr-rloc? 1798 | | | | | simple-address 1799 | | | | +--rw ms-rloc? 1800 | | | | | simple-address 1801 | | | | +--rw private-etr-rloc? 1802 | | | | | simple-address 1803 | | | | +--rw rtr-rlocs* 1804 | | | | simple-address 1805 | | | +--:(explicit-locator-path) 1806 | | | | +--rw explicit-locator-path 1807 | | | | +--rw hop* [hop-id] 1808 | | | | +--rw hop-id string 1809 | | | | +--rw address? 1810 | | | | | simple-address 1811 | | | | +--rw lrs-bits? bits 1812 | | | +--:(source-dest-key) 1813 | | | | +--rw source-dest-key 1814 | | | | +--rw source? simple-address 1815 | | | | +--rw dest? simple-address 1816 | | | +--:(key-value-address) 1817 | | | | +--rw key-value-address 1818 | | | | +--rw key? simple-address 1819 | | | | +--rw value? simple-address 1820 | | | +--:(service-path) 1821 | | | +--rw service-path 1822 | | | +--rw service-path-id? 1823 | | | | service-path-id-type 1824 | | | +--rw service-index? uint8 1825 | | +--rw time-to-live? uint32 1826 | | +--ro creation-time? 1827 | | | yang:date-and-time 1828 | | +--rw authoritative? bits 1829 | | +--rw static? boolean 1830 | | +--rw (locator-list)? 1831 | | +--:(negative-mapping) 1832 | | | +--rw map-reply-action? 1833 | | | map-reply-action 1834 | | +--:(positive-mapping) 1835 | | +--rw rlocs 1836 | | +--rw locator* [locator-id] 1837 | | +--rw locator-id 1838 | | | string 1839 | | +--rw locator-address 1840 | | | +--rw address-type 1841 | | | | lisp-address-family-ref 1842 | | | +--rw (address)? 1843 | | | +--:(no-address) 1844 | | | | +--rw no-address? 1845 | | | | empty 1846 | | | +--:(ipv4) 1847 | | | | +--rw ipv4? 1848 | | | | inet:ipv4-address 1849 | | | +--:(ipv4-prefix) 1850 | | | | +--rw ipv4-prefix? 1851 | | | | inet:ipv4-prefix 1852 | | | +--:(ipv6) 1853 | | | | +--rw ipv6? 1854 | | | | inet:ipv6-address 1855 | | | +--:(ipv6-prefix) 1856 | | | | +--rw ipv6-prefix? 1857 | | | | inet:ipv6-prefix 1858 | | | +--:(mac) 1859 | | | | +--rw mac? 1860 | | | | yang:mac-address 1861 | | | +--:(distinguished-name) 1862 | | | | +--rw distinguished-name? 1863 | | | | distinguished-name-type 1864 | | | +--:(as-number) 1865 | | | | +--rw as-number? 1866 | | | | inet:as-number 1867 | | | +--:(null-address) 1868 | | | | +--rw null-address 1869 | | | | +--rw address? 1870 | | | | empty 1871 | | | +--:(afi-list) 1872 | | | | +--rw afi-list 1873 | | | | +--rw address-list* 1874 | | | | simple-address 1875 | | | +--:(instance-id) 1876 | | | | +--rw instance-id 1877 | | | | +--rw instance-id? 1878 | | | | | instance-id-type 1879 | | | | +--rw mask-length? 1880 | | | | | uint8 1881 | | | | +--rw address? 1882 | | | | simple-address 1883 | | | +--:(as-number-lcaf) 1884 | | | | +--rw as-number-lcaf 1885 | | | | +--rw as? 1886 | | | | | inet:as-number 1887 | | | | +--rw address? 1888 | | | | simple-address 1889 | | | +--:(application-data) 1890 | | | | +--rw application-data 1891 | | | | +--rw address? 1892 | | | | | simple-address 1893 | | | | +--rw protocol? 1894 | | | | | uint8 1895 | | | | +--rw ip-tos? 1896 | | | | | int32 1897 | | | | +--rw local-port-low? 1898 | | | | | inet:port-number 1899 | | | | +--rw local-port-high? 1900 | | | | | inet:port-number 1901 | | | | +--rw remote-port-low? 1902 | | | | | inet:port-number 1903 | | | | +--rw remote-port-high? 1904 | | | | inet:port-number 1905 | | | +--:(geo-coordinates) 1906 | | | | +--rw geo-coordinates 1907 | | | | +--rw latitude? 1908 | | | | | bits 1909 | | | | +--rw latitude-degrees? 1910 | | | | | uint8 1911 | | | | +--rw latitude-minutes? 1912 | | | | | uint8 1913 | | | | +--rw latitude-seconds? 1914 | | | | | uint8 1915 | | | | +--rw longitude? 1916 | | | | | bits 1917 | | | | +--rw longitude-degrees? 1918 | | | | | uint16 1919 | | | | +--rw longitude-minutes? 1920 | | | | | uint8 1921 | | | | +--rw longitude-seconds? 1922 | | | | | uint8 1923 | | | | +--rw altitude? 1924 | | | | | int32 1925 | | | | +--rw address? 1926 | | | | simple-address 1927 | | | +--:(nat-traversal) 1928 | | | | +--rw nat-traversal 1929 | | | | +--rw ms-udp-port? 1930 | | | | | uint16 1931 | | | | +--rw etr-udp-port? 1932 | | | | | uint16 1933 | | | | +--rw global-etr-rloc? 1934 | | | | | simple-address 1935 | | | | +--rw ms-rloc? 1936 | | | | | simple-address 1937 | | | | +--rw private-etr-rloc? 1938 | | | | | simple-address 1939 | | | | +--rw rtr-rlocs* 1940 | | | | simple-address 1941 | | | +--:(explicit-locator-path) 1942 | | | | +--rw explicit-locator-path 1943 | | | | +--rw hop* [hop-id] 1944 | | | | +--rw hop-id 1945 | | | | | string 1946 | | | | +--rw address? 1947 | | | | | simple-address 1948 | | | | +--rw lrs-bits? 1949 | | | | bits 1950 | | | +--:(source-dest-key) 1951 | | | | +--rw source-dest-key 1952 | | | | +--rw source? 1953 | | | | | simple-address 1954 | | | | +--rw dest? 1955 | | | | simple-address 1956 | | | +--:(key-value-address) 1957 | | | | +--rw key-value-address 1958 | | | | +--rw key? 1959 | | | | | simple-address 1960 | | | | +--rw value? 1961 | | | | simple-address 1962 | | | +--:(service-path) 1963 | | | +--rw service-path 1964 | | | +--rw service-path-id? 1965 | | | | service-path-id-type 1966 | | | +--rw service-index? 1967 | | | uint8 1968 | | +--rw priority? 1969 | | | uint8 1970 | | +--rw weight? 1971 | | | uint8 1972 | | +--rw multicast-priority? 1973 | | | uint8 1974 | | +--rw multicast-weight? 1975 | | uint8 1976 | +--ro counters 1977 | +--ro map-registers-in? yang:counter64 1978 | +--ro map-registers-in-auth-failed? yang:counter64 1979 | +--ro map-notify-records-out? yang:counter64 1980 | +--ro proxy-reply-records-out? yang:counter64 1981 | +--ro map-requests-forwarded-out? yang:counter64 1982 +--rw mapping-system-type? lisp:mapping-system-ref 1983 +--ro summary 1984 | +--ro number-configured-sites? uint32 1985 | +--ro number-registered-sites? uint32 1986 | +--ro af-datum 1987 | +--ro af-data* [address-type] 1988 | +--ro address-type 1989 | | lcaf:lisp-address-family-ref 1990 | +--ro number-configured-eids? uint32 1991 | +--ro number-registered-eids? uint32 1992 +--ro counters 1993 +--ro map-registers-in? yang:counter64 1994 +--ro map-registers-in-auth-failed? yang:counter64 1995 +--ro map-notify-records-out? yang:counter64 1996 +--ro proxy-reply-records-out? yang:counter64 1997 +--ro map-requests-forwarded-out? yang:counter64 1999 5.2. Module Definition 2001 file "ietf-lisp-mapserver@2019-03-05.yang" 2002 module ietf-lisp-mapserver { 2003 yang-version 1.1; 2005 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp-mapserver"; 2007 prefix lisp-ms; 2009 // RFC Ed.: replace occurrences of XXXX with actual RFC number 2010 // and remove this note 2011 import ietf-lisp { 2012 prefix lisp; 2013 reference "RFC XXXX: LISP YANG model"; 2014 } 2015 import ietf-lisp-address-types { 2016 prefix lcaf; 2017 reference "RFC XXXX: LISP YANG model"; 2018 } 2019 import ietf-yang-types { 2020 prefix yang; 2021 reference "RFC 6991: Common YANG Data Types"; 2022 } 2023 import ietf-routing { 2024 prefix "rt"; 2025 reference 2026 "RFC 8349: A YANG Data Model for Routing Management 2027 (NMDA version)"; 2028 } 2030 organization 2031 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 2032 contact 2033 "WG Web: 2034 WG List: 2036 Editor: Vina Ermagan 2037 2039 Editor: Alberto Rodriguez-Natal 2040 2042 Editor: Reshad Rahman 2043 "; 2044 description 2045 "This YANG module defines the generic parameters for a LISP 2046 Map-Server. The module can be extended by vendors to define 2047 vendor-specific parameters and policies. 2049 Copyright (c) 2018 IETF Trust and the persons identified as 2050 authors of the code. All rights reserved. 2052 Redistribution and use in source and binary forms, with or 2053 without modification, is permitted pursuant to, and subject 2054 to the license terms contained in, the Simplified BSD License 2055 set forth in Section 4.c of the IETF Trust's Legal Provisions 2056 Relating to IETF Documents 2057 (http://trustee.ietf.org/license-info). 2059 This version of this YANG module is part of RFC XXXX; see 2060 the RFC itself for full legal notices. 2061 "; 2063 reference "RFC XXXX"; 2065 revision 2019-03-05 { 2066 description 2067 "Initial revision."; 2069 reference 2070 "https://tools.ietf.org/html/rfc6833"; 2071 } 2073 identity ms { 2074 base lisp:lisp-role; 2075 description 2076 "LISP Map-Server."; 2077 } 2079 grouping ms-counters { 2080 description "Grouping that defines map-server counters."; 2081 container counters { 2082 config false; 2083 description "Container for the counters"; 2085 leaf map-registers-in { 2086 type yang:counter64; 2087 description "Number of incoming Map-Register messages"; 2088 } 2090 leaf map-registers-in-auth-failed { 2091 type yang:counter64; 2092 description 2093 "Number of incoming Map-Register messages failed 2094 authentication"; 2095 } 2097 leaf map-notify-records-out { 2098 type yang:counter64; 2099 description 2100 "Number of outgoing Map-Notify records"; 2101 } 2103 leaf proxy-reply-records-out { 2104 type yang:counter64; 2105 description 2106 "Number of outgoing proxy Map-Reply records"; 2107 } 2109 leaf map-requests-forwarded-out { 2110 type yang:counter64; 2111 description 2112 "Number of outgoing Map-Requests forwarded to ETR"; 2113 } 2114 } 2115 } 2117 augment "/rt:routing/rt:control-plane-protocols" 2118 + "/rt:control-plane-protocol/lisp:lisp" { 2119 when "lisp:lisp-role/lisp:lisp-role-type = 'lisp-ms:ms'" { 2120 description 2121 "Augment is valid when LISP device type is Map-Server."; 2122 } 2123 description 2124 "This augments the LISP devices list with Map-Server 2125 specific parameters."; 2126 container map-server { 2127 presence "LISP Map-Server operation enabled"; 2128 description 2129 "Map-Server parameters."; 2130 container sites{ 2131 description 2132 "Sites to accept registrations from."; 2133 list site { 2134 key site-id; 2135 description 2136 "Site that can send registrations."; 2137 leaf site-id { 2138 type uint64; 2139 description "Site ID"; 2140 } 2141 uses lisp:auth-key; 2142 list xtr-ids { 2143 key xtr-id; 2144 description "xTR-ID specific configuration."; 2145 leaf xtr-id { 2146 type uint64; 2147 description "xTR ID"; 2148 } 2149 uses lisp:auth-key; 2150 } 2151 } 2152 } 2153 container vpns { 2154 description 2155 "VPNs for which the Map-Server accepts registrations."; 2156 list vpn { 2157 key "instance-id"; 2158 description 2159 "VPN instances in the Map-Server."; 2160 leaf instance-id { 2161 type lcaf:instance-id-type; 2162 description 2163 "VPN identifier."; 2164 } 2165 container mappings { 2166 description 2167 "EIDs registered by device."; 2168 list mapping { 2169 key "eid-id"; 2170 description 2171 "List of EIDs registered by device."; 2172 leaf eid-id { 2173 type lisp:eid-id; 2174 description 2175 "Id of the EID registered."; 2176 } 2177 container eid-address { 2178 uses lcaf:lisp-address; 2179 description 2180 "EID in generic LISP address format registered 2181 with the Map-Server."; 2182 } 2183 leaf-list site-id { 2184 type uint64; 2185 description "Site ID"; 2186 } 2187 leaf more-specifics-accepted { 2188 type boolean; 2189 default "false"; 2190 description 2191 "Flag indicating if more specific prefixes 2192 can be registered."; 2193 } 2194 leaf mapping-expiration-timeout { 2195 type int16; 2196 units "seconds"; 2197 default "180"; //3 times the mapregister int 2198 description 2199 "Time before mapping is expired if no new 2200 registrations are received."; 2201 } 2202 leaf first-registration-time { 2203 type yang:date-and-time; 2204 config false; 2205 description 2206 "Time at which the first registration for this 2207 EID was received"; 2208 } 2209 leaf last-registration-time { 2210 type yang:date-and-time; 2211 config false; 2212 description 2213 "Time at which the last registration for this EID 2214 was received"; 2215 } 2216 container mapping-records { 2217 description 2218 "Datastore of registered mappings."; 2219 list mapping-record { 2220 key xtr-id; 2221 description 2222 "Registered mapping."; 2223 leaf xtr-id { 2224 type lisp:xtr-id-type; 2225 description "xTR ID"; 2226 } 2227 leaf site-id { 2228 type uint64; 2229 description "Site ID"; 2230 } 2231 uses lisp:mapping; 2232 } 2233 } 2234 } 2235 } 2236 uses ms-counters; 2237 } 2238 } 2239 leaf mapping-system-type { 2240 type lisp:mapping-system-ref; 2241 description 2242 "A reference to the mapping system"; 2243 } 2245 container summary { 2246 config false; 2247 description "Summary state information"; 2249 leaf number-configured-sites { 2250 type uint32; 2251 description "Number of configured LISP sites"; 2252 } 2253 leaf number-registered-sites { 2254 type uint32; 2255 description "Number of registered LISP sites"; 2256 } 2257 container af-datum { 2258 description "Number of configured EIDs per each AF"; 2260 list af-data { 2261 key "address-type"; 2262 description "Number of configured EIDs for this AF"; 2263 leaf address-type { 2264 type lcaf:lisp-address-family-ref; 2265 description "AF type"; 2266 } 2267 leaf number-configured-eids { 2268 type uint32; 2269 description "Number of configured EIDs for this AF"; 2270 } 2271 leaf number-registered-eids { 2272 type uint32; 2273 description "Number of registered EIDs for this AF"; 2274 } 2275 } 2276 } 2277 } 2278 uses ms-counters; 2279 } 2280 } 2281 } 2282 2284 6. LISP-Map-Resolver Module 2286 This module captures the configuration data model of a LISP Map 2287 Resolver [RFC6833]. The model also captures some operational data 2288 elements. 2290 6.1. Module Structure 2292 module: ietf-lisp-mapresolver 2293 augment /rt:routing/rt:control-plane-protocols 2294 /rt:control-plane-protocol/lisp:lisp: 2295 +--rw map-resolver! 2296 +--rw mapping-system-type? lisp:mapping-system-ref 2297 +--rw ms-address? inet:ip-address 2299 6.2. Module Definition 2301 file "ietf-lisp-mapresolver@2019-02-23.yang" 2302 module ietf-lisp-mapresolver { 2303 yang-version 1.1; 2305 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp-mapresolver"; 2307 prefix lisp-mr; 2308 // RFC Ed.: replace occurrences of XXXX with actual RFC number 2309 // and remove this note 2310 import ietf-lisp { 2311 prefix lisp; 2312 reference "RFC XXXX: LISP YANG model"; 2313 } 2314 import ietf-inet-types { 2315 prefix inet; 2316 reference "RFC 6991: Common YANG Data Types"; 2317 } 2318 import ietf-routing { 2319 prefix "rt"; 2320 reference 2321 "RFC 8349: A YANG Data Model for Routing Management 2322 (NMDA version)"; 2323 } 2325 organization 2326 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 2327 contact 2328 "WG Web: 2329 WG List: 2331 Editor: Vina Ermagan 2332 2334 Editor: Alberto Rodriguez-Natal 2335 2337 Editor: Reshad Rahman 2338 "; 2339 description 2340 "This YANG module defines the generic parameters for a LISP 2341 Map-Resolver. The module can be extended by vendors to define 2342 vendor-specific parameters and policies. 2344 Copyright (c) 2018 IETF Trust and the persons identified as 2345 authors of the code. All rights reserved. 2347 Redistribution and use in source and binary forms, with or 2348 without modification, is permitted pursuant to, and subject 2349 to the license terms contained in, the Simplified BSD License 2350 set forth in Section 4.c of the IETF Trust's Legal Provisions 2351 Relating to IETF Documents 2352 (http://trustee.ietf.org/license-info). 2354 This version of this YANG module is part of RFC XXXX; see 2355 the RFC itself for full legal notices. 2357 "; 2359 reference "RFC XXXX"; 2361 revision 2019-02-23 { 2362 description 2363 "Initial revision."; 2364 reference 2365 "https://tools.ietf.org/html/rfc6833"; 2366 } 2367 identity mr { 2368 base lisp:lisp-role; 2369 description 2370 "LISP Map-Resolver."; 2371 } 2373 augment "/rt:routing/rt:control-plane-protocols" 2374 + "/rt:control-plane-protocol/lisp:lisp" { 2375 when "lisp:lisp-role/lisp:lisp-role-type = 'lisp-mr:mr'" { 2376 description 2377 "Augment is valid when LISP device type is Map-Resolver."; 2378 } 2379 description 2380 "This augments the LISP devices list with Map-Resolver 2381 specific parameters."; 2382 container map-resolver { 2383 presence "LISP Map-Resolver operation enabled"; 2384 description 2385 "Map-Resolver parameters."; 2386 leaf mapping-system-type { 2387 type lisp:mapping-system-ref; 2388 description 2389 "A reference to the mapping system"; 2390 } 2391 leaf ms-address { 2392 when "../mapping-system-type=" 2393 + "'lisp:single-node-mapping-system'"; 2394 type inet:ip-address; 2395 description 2396 "address to reach the Map Server when " 2397 + "lisp-mr:single-node-mapping-system is being used."; 2398 } 2399 } 2400 } 2401 } 2402 2404 7. LISP-Address-Types Module 2406 This module captures the various LISP address types, and is an 2407 essential building block used in other LISP modules. 2409 7.1. Module Definition 2411 file "ietf-lisp-address-types@2019-09-07.yang" 2412 module ietf-lisp-address-types { 2413 yang-version 1.1; 2415 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp-address-types"; 2417 prefix laddr; 2419 import ietf-inet-types { 2420 prefix inet; 2421 reference "RFC 6991: Common YANG Data Types"; 2422 } 2423 import ietf-yang-types { 2424 prefix yang; 2425 reference "RFC 6991: Common YANG Data Types"; 2426 } 2428 organization 2429 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 2430 contact 2431 "WG Web: 2432 WG List: 2434 Editor: Vina Ermagan 2435 2437 Editor: Alberto Rodriguez-Natal 2438 2440 Editor: Reshad Rahman 2441 "; 2442 description 2443 "This YANG module defines the LISP Canonical Address Formats 2444 (LCAF) for LISP. The module can be extended by vendors to 2445 define vendor-specific parameters. 2447 Copyright (c) 2018 IETF Trust and the persons identified as 2448 authors of the code. All rights reserved. 2450 Redistribution and use in source and binary forms, with or 2451 without modification, is permitted pursuant to, and subject 2452 to the license terms contained in, the Simplified BSD License 2453 set forth in Section 4.c of the IETF Trust's Legal Provisions 2454 Relating to IETF Documents 2455 (http://trustee.ietf.org/license-info). 2457 This version of this YANG module is part of RFC XXXX; see 2458 the RFC itself for full legal notices. 2460 "; 2461 // RFC Ed.: replace XXXX with actual RFC number and remove 2462 // this note 2463 reference "RFC XXXX"; 2465 revision 2019-09-07 { 2466 description 2467 "Initial revision."; 2468 reference 2469 "RC8060: LISP Canonical Address Format (LCAF)"; 2470 } 2471 identity lisp-address-family { 2472 description 2473 "Base identity from which identities describing LISP address 2474 families are derived."; 2475 } 2476 identity no-address-afi { 2477 base lisp-address-family; 2478 description 2479 "IANA Reserved."; 2480 } 2481 identity ipv4-afi { 2482 base lisp-address-family; 2483 description 2484 "IANA IPv4 address family."; 2485 } 2486 identity ipv4-prefix-afi { 2487 base lisp-address-family; 2488 description 2489 "IANA IPv4 address family prefix."; 2490 } 2491 identity ipv6-afi { 2492 base lisp-address-family; 2493 description 2494 "IANA IPv6 address family."; 2495 } 2496 identity ipv6-prefix-afi { 2497 base lisp-address-family; 2498 description 2499 "IANA IPv6 address family prefix."; 2501 } 2502 identity mac-afi { 2503 base lisp-address-family; 2504 description 2505 "IANA MAC address family."; 2506 } 2507 identity distinguished-name-afi { 2508 base lisp-address-family; 2509 description 2510 "IANA Distinguished Name address family."; 2511 } 2512 identity as-number-afi { 2513 base lisp-address-family; 2514 description 2515 "IANA AS Number address family."; 2516 } 2517 identity lcaf { 2518 base lisp-address-family; 2519 description 2520 "IANA LISP Canonical Address Format address family."; 2521 } 2522 identity null-address-lcaf { 2523 base lcaf; 2524 description 2525 "Null body LCAF type."; 2526 } 2527 identity afi-list-lcaf { 2528 base lcaf; 2529 description 2530 "AFI-List LCAF type."; 2531 } 2532 identity instance-id-lcaf { 2533 base lcaf; 2534 description 2535 "Instance-ID LCAF type."; 2536 } 2537 identity as-number-lcaf { 2538 base lcaf; 2539 description 2540 "AS Number LCAF type."; 2541 } 2542 identity application-data-lcaf { 2543 base lcaf; 2544 description 2545 "Application Data LCAF type."; 2546 } 2547 identity geo-coordinates-lcaf { 2548 base lcaf; 2549 description 2550 "Geo-coordinates LCAF type."; 2551 } 2552 identity opaque-key-lcaf { 2553 base lcaf; 2554 description 2555 "Opaque Key LCAF type."; 2556 } 2557 identity nat-traversal-lcaf { 2558 base lcaf; 2559 description 2560 "NAT-Traversal LCAF type."; 2561 } 2562 identity nonce-locator-lcaf { 2563 base lcaf; 2564 description 2565 "Nonce-Locator LCAF type."; 2566 } 2567 identity multicast-info-lcaf { 2568 base lcaf; 2569 description 2570 "Multicast Info LCAF type."; 2571 } 2572 identity explicit-locator-path-lcaf { 2573 base lcaf; 2574 description 2575 "Explicit Locator Path LCAF type."; 2576 } 2577 identity security-key-lcaf { 2578 base lcaf; 2579 description 2580 "Security Key LCAF type."; 2581 } 2582 identity source-dest-key-lcaf { 2583 base lcaf; 2584 description 2585 "Source/Dest LCAF type."; 2586 } 2587 identity replication-list-lcaf { 2588 base lcaf; 2589 description 2590 "Replication-List LCAF type."; 2591 } 2592 identity json-data-model-lcaf { 2593 base lcaf; 2594 description 2595 "JSON Data Model LCAF type."; 2596 } 2597 identity key-value-address-lcaf { 2598 base lcaf; 2599 description 2600 "Key/Value Address LCAF type."; 2601 } 2602 identity encapsulation-format-lcaf { 2603 base lcaf; 2604 description 2605 "Encapsulation Format LCAF type."; 2606 } 2607 identity service-path-lcaf { 2608 base lcaf; 2609 description 2610 "Service Path LCAF type."; 2611 } 2612 typedef instance-id-type { 2613 type uint32 { 2614 range "0..16777215"; 2615 } 2616 description 2617 "Defines the range of values for an Instance ID."; 2618 } 2619 typedef service-path-id-type { 2620 type uint32 { 2621 range "0..16777215"; 2622 } 2623 description 2624 "Defines the range of values for a Service Path ID."; 2625 } 2626 typedef distinguished-name-type { 2627 type string; 2628 description 2629 "Distinguished Name address."; 2630 reference 2631 "http://www.iana.org/assignments/address-family-numbers/ 2632 address-family-numbers.xhtml"; 2633 } 2634 typedef simple-address { 2635 type union { 2636 type inet:ip-address; 2637 type inet:ip-prefix; 2638 type yang:mac-address; 2639 type distinguished-name-type; 2640 type inet:as-number; 2641 } 2642 description 2643 "Union of address types that can be part of LCAFs."; 2644 } 2645 typedef lisp-address-family-ref { 2646 type identityref { 2647 base lisp-address-family; 2648 } 2649 description 2650 "LISP address family reference."; 2651 } 2652 typedef lcaf-ref { 2653 type identityref { 2654 base lcaf; 2655 } 2656 description 2657 "LCAF types reference."; 2658 } 2660 grouping lisp-address { 2661 description 2662 "Generic LISP address."; 2663 leaf address-type { 2664 type lisp-address-family-ref; 2665 mandatory true; 2666 description 2667 "Type of the LISP address."; 2668 } 2669 choice address { 2670 description 2671 "Various LISP address types, including IP, MAC, and LCAF."; 2673 leaf no-address { 2674 when "../address-type = 'laddr:no-address-afi'" { 2675 description 2676 "When AFI is 0."; 2677 } 2678 type empty; 2679 description 2680 "No address."; 2681 } 2682 leaf ipv4 { 2683 when "../address-type = 'laddr:ipv4-afi'" { 2684 description 2685 "When AFI is IPv4."; 2686 } 2687 type inet:ipv4-address; 2688 description 2689 "IPv4 address."; 2690 } 2691 leaf ipv4-prefix { 2692 when "../address-type = 'laddr:ipv4-prefix-afi'" { 2693 description 2694 "When AFI is IPv4."; 2695 } 2696 type inet:ipv4-prefix; 2697 description 2698 "IPv4 prefix."; 2699 } 2700 leaf ipv6 { 2701 when "../address-type = 'laddr:ipv6-afi'" { 2702 description 2703 "When AFI is IPv6."; 2704 } 2705 type inet:ipv6-address; 2706 description 2707 "IPv6 address."; 2708 } 2709 leaf ipv6-prefix { 2710 when "../address-type = 'laddr:ipv6-prefix-afi'" { 2711 description 2712 "When AFI is IPv6."; 2713 } 2714 type inet:ipv6-prefix; 2715 description 2716 "IPv6 address."; 2717 } 2718 leaf mac { 2719 when "../address-type = 'laddr:mac-afi'" { 2720 description 2721 "When AFI is MAC."; 2722 } 2723 type yang:mac-address; 2724 description 2725 "MAC address."; 2726 } 2727 leaf distinguished-name { 2728 when "../address-type = 'laddr:distinguished-name-afi'" { 2729 description 2730 "When AFI is distinguished-name."; 2731 } 2732 type distinguished-name-type; 2733 description 2734 "Distinguished Name address."; 2735 } 2736 leaf as-number { 2737 when "../address-type = 'laddr:as-number-afi'" { 2738 description 2739 "When AFI is as-number."; 2740 } 2741 type inet:as-number; 2742 description 2743 "AS Number."; 2744 } 2745 container null-address { 2746 when "../address-type = 'laddr:null-address-lcaf'" { 2747 description 2748 "When LCAF type is null."; 2749 } 2750 description 2751 "Null body LCAF type"; 2752 leaf address { 2753 type empty; 2754 description 2755 "AFI address."; 2756 } 2757 } 2758 container afi-list { 2759 when "../address-type = 'laddr:afi-list-lcaf'" { 2760 description 2761 "When LCAF type is AFI-List."; 2762 } 2763 description 2764 "AFI-List LCAF type."; 2765 reference 2766 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2767 #section-4.16.1"; 2768 leaf-list address-list { 2769 type simple-address; 2770 description 2771 "List of AFI addresses."; 2772 } 2773 } 2774 container instance-id { 2775 when "../address-type = 'laddr:instance-id-lcaf'" { 2776 description 2777 "When LCAF type is Instance ID as per RFC8060."; 2778 } 2779 description 2780 "Instance ID LCAF type."; 2781 reference 2782 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2783 #section-4.2"; 2784 leaf instance-id { 2785 type instance-id-type; 2786 description 2787 "Instance ID value."; 2788 } 2789 leaf mask-length { 2790 type uint8; 2791 description 2792 "Mask length."; 2793 } 2794 leaf address { 2795 type simple-address; 2796 description 2797 "AFI address."; 2798 } 2799 } 2800 container as-number-lcaf { 2801 when "../address-type = 'laddr:as-number-lcaf'" { 2802 description 2803 "When LCAF type is AS-Number."; 2804 } 2805 description 2806 "AS Number LCAF type."; 2807 reference 2808 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2809 #section-4.3"; 2810 leaf as { 2811 type inet:as-number; 2812 description 2813 "AS number."; 2814 } 2815 leaf address { 2816 type simple-address; 2817 description 2818 "AFI address."; 2819 } 2820 } 2821 container application-data { 2822 when "../address-type = 'laddr:application-data-lcaf'" { 2823 description 2824 "When LCAF type is Application Data."; 2825 } 2826 description 2827 "Application Data LCAF type."; 2828 reference 2829 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2830 #section-4.4"; 2831 leaf address { 2832 type simple-address; 2833 description 2834 "AFI address."; 2835 } 2836 leaf protocol { 2837 type uint8; 2838 description 2839 "Protocol number."; 2840 } 2841 leaf ip-tos { 2842 type int32; 2843 description 2844 "Type of service field."; 2845 } 2846 leaf local-port-low { 2847 type inet:port-number; 2848 description 2849 "Low end of local port range."; 2850 } 2851 leaf local-port-high { 2852 type inet:port-number; 2853 description 2854 "High end of local port range."; 2855 } 2856 leaf remote-port-low { 2857 type inet:port-number; 2858 description 2859 "Low end of remote port range."; 2860 } 2861 leaf remote-port-high { 2862 type inet:port-number; 2863 description 2864 "High end of remote port range."; 2865 } 2866 } 2867 container geo-coordinates { 2868 when "../address-type = 'laddr:geo-coordinates-lcaf'" { 2869 description 2870 "When LCAF type is Geo-coordinates."; 2871 } 2872 description 2873 "Geo-coordinates LCAF type. Coordinates are specified 2874 using the WGS 84 (World Geodetic System 1984) reference 2875 coordinate system"; 2876 reference 2877 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2878 #section-4.5"; 2879 leaf latitude { 2880 type bits { 2881 bit N { 2882 description 2883 "Latitude bit."; 2884 } 2886 } 2887 description 2888 "Bit that selects between North and South latitude."; 2889 } 2890 leaf latitude-degrees { 2891 type uint8 { 2892 range "0 .. 90"; 2893 } 2894 description 2895 "Degrees of latitude."; 2896 } 2897 leaf latitude-minutes { 2898 type uint8 { 2899 range "0..59"; 2900 } 2901 description 2902 "Minutes of latitude."; 2903 } 2904 leaf latitude-seconds { 2905 type uint8 { 2906 range "0..59"; 2907 } 2908 description 2909 "Seconds of latitude."; 2910 } 2911 leaf longitude { 2912 type bits { 2913 bit E { 2914 description 2915 "Longitude bit."; 2916 } 2917 } 2918 description 2919 "Bit that selects between East and West longitude."; 2920 } 2921 leaf longitude-degrees { 2922 type uint16 { 2923 range "0 .. 180"; 2924 } 2925 description 2926 "Degrees of longitude."; 2927 } 2928 leaf longitude-minutes { 2929 type uint8 { 2930 range "0..59"; 2931 } 2932 description 2933 "Minutes of longitude."; 2935 } 2936 leaf longitude-seconds { 2937 type uint8 { 2938 range "0..59"; 2939 } 2940 description 2941 "Seconds of longitude."; 2942 } 2943 leaf altitude { 2944 type int32; 2945 description 2946 "Height relative to sea level in meters."; 2947 } 2948 leaf address { 2949 type simple-address; 2950 description 2951 "AFI address."; 2952 } 2953 } 2954 container nat-traversal { 2955 when "../address-type = 'laddr:nat-traversal-lcaf'" { 2956 description 2957 "When LCAF type is NAT-Traversal."; 2958 } 2959 description 2960 "NAT-Traversal LCAF type."; 2961 reference 2962 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2963 #section-4.6"; 2964 leaf ms-udp-port { 2965 type uint16; 2966 description 2967 "Map-Server UDP port (set to 4342)."; 2968 } 2969 leaf etr-udp-port { 2970 type uint16; 2971 description 2972 "ETR UDP port."; 2973 } 2974 leaf global-etr-rloc { 2975 type simple-address; 2976 description 2977 "Global ETR RLOC address."; 2978 } 2979 leaf ms-rloc { 2980 type simple-address; 2981 description 2982 "Map-Server RLOC address."; 2984 } 2985 leaf private-etr-rloc { 2986 type simple-address; 2987 description 2988 "Private ETR RLOC address."; 2989 } 2990 leaf-list rtr-rlocs { 2991 type simple-address; 2992 description 2993 "List of RTR RLOC addresses."; 2994 } 2995 } 2996 container explicit-locator-path { 2997 when "../address-type = 'laddr:explicit-locator-path-lcaf'" { 2998 description 2999 "When LCAF type type is Explicit Locator Path."; 3000 } 3001 description 3002 "Explicit Locator Path LCAF type."; 3003 reference 3004 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 3005 #section-4.9"; 3006 list hop { 3007 key "hop-id"; 3008 ordered-by user; 3009 description 3010 "List of locator hops forming the explicit path."; 3011 leaf hop-id { 3012 type string { 3013 length "1..64"; 3014 pattern '[a-zA-Z0-9\-_.:]*'; 3015 } 3016 description 3017 "Unique identifier for the hop."; 3018 } 3019 leaf address { 3020 type simple-address; 3021 description 3022 "AFI address."; 3023 } 3024 leaf lrs-bits { 3025 type bits{ 3026 bit lookup { 3027 description 3028 "Lookup bit."; 3029 } 3030 bit rloc-probe { 3031 description 3032 "RLOC-probe bit."; 3033 } 3034 bit strict { 3035 description 3036 "Strict bit."; 3037 } 3038 } 3039 description 3040 "Flag bits per hop."; 3041 } 3042 } 3043 } 3044 container source-dest-key { 3045 when "../address-type = 'laddr:source-dest-key-lcaf'" { 3046 description 3047 "When LCAF type type is Source/Dest."; 3048 } 3049 description 3050 "Source/Dest LCAF type."; 3051 reference 3052 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 3053 #section-4.11"; 3054 leaf source { 3055 type simple-address; 3056 description 3057 "Source address."; 3058 } 3059 leaf dest { 3060 type simple-address; 3061 description 3062 "Destination address."; 3063 } 3064 } 3065 container key-value-address { 3066 when "../address-type = 'laddr:key-value-address-lcaf'" { 3067 description 3068 "When LCAF type type is Key/Value Address."; 3069 } 3070 description 3071 "Key/Value Address LCAF type."; 3072 reference 3073 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 3074 #section-4.11"; 3075 leaf key { 3076 type simple-address; 3077 description 3078 "Address as Key."; 3079 } 3080 leaf value { 3081 type simple-address; 3082 description 3083 "Address as Value."; 3084 } 3085 } 3086 container service-path { 3087 when "../address-type = 'laddr:service-path-lcaf'" { 3088 description 3089 "When LCAF type service path identifier."; 3090 } 3091 description 3092 "Service Path LCAF type."; 3093 reference 3094 "http://tools.ietf.org/html/draft-ermagan-lisp-nsh-00"; 3095 leaf service-path-id { 3096 type service-path-id-type; 3097 description 3098 "Service path identifier for the path for NSH header"; 3099 } 3100 leaf service-index { 3101 type uint8; 3102 description 3103 "Service path index for NSH header"; 3104 } 3105 } 3106 } 3107 } 3108 } 3109 3111 7.2. Data Model examples 3113 This section presents some simple and illustrative examples on how to 3114 configure LISP. 3116 7.2.1. LISP protocol instance 3118 The following is an example configuration for a LISP protocol 3119 instance with the name "LISP1". There are also 2 VNIs configured. 3121 3122 3123 3125 3126 VRF-BLUE 3127 3128 true 3129 3130 3131 VRF-RED 3132 3133 true 3134 3135 3136 3137 3138 3139 3140 lisp:lisp 3141 3142 LISP1 3143 3144 3145 etr 3146 3147 3148 itr 3149 3150 3151 3152 1000 3153 VRF-BLUE 3154 3155 3156 2000 3157 VRF-RED 3158 3159 3160 3161 3162 3163 3164 3166 7.2.2. LISP ITR 3168 The following is an example configuration for ITR functionality under 3169 "LISP1". There are 2 Map-Resolvers configured. 3171 3172 3173 3174 3175 3176 3177 lisp:lisp 3178 3179 LISP1 3180 3181 3182 itr 3183 3184 3185 3186 2001:db8:203:0:113::1 3187 2001:db8:204:0:113::1 3188 3189 3190 3191 3192 3193 3194 3196 7.2.3. LISP ETR 3198 The following is an example configuration for ETR functionality under 3199 "LISP1". There are 2 Map-Servers and 2 local EIDs configured. 3201 3202 3203 3205 3206 VRF-BLUE 3207 3208 true 3209 3210 3211 VRF-RED 3212 3213 true 3214 3215 3216 3217 3218 3219 3220 lisp:lisp 3221 3222 LISP1 3223 3224 3225 etr 3226 3227 3228 1 3229 3230 3231 3232 1000 3233 VRF-BLUE 3234 3235 3236 2000 3237 VRF-RED 3238 3239 3240 3241 3242 3243 2001:db8:203:0:113::1 3244 3245 3246 key1 3247 3248 hmac-sha-256-128 3249 3250 *Kye^$$1#gb91U04zpa 3251 3252 3253 3254 3255 2001:db8:204:0:113::1 3256 3257 3258 key1 3259 3260 hmac-sha-256-128 3261 3262 *Kye^$$1#gb91U04zpa 3263 3264 3265 3266 3267 3268 3269 1000 3270 3271 3272 2001:db8:400:0:100::0 3273 3274 3276 laddr:ipv6-prefix-afi 3277 3278 2001:db8:400:0:100::/80 3279 3280 3281 3282 3283 3284 2000 3285 3286 3287 2001:db8:800:0:200::0 3288 3289 3291 laddr:ipv6-prefix-afi 3292 3293 2001:db8:800:0:200::/80 3294 3295 3296 3297 3298 3299 3300 3301 3302 3303 3304 3305 7.2.4. LISP Map-Server 3307 The following is an example configuration for Map-Server 3308 functionality under "LISP1". There are 2 mappings configured. 3310 3311 3312 3313 3314 3315 3316 lisp:lisp 3317 3318 LISP1 3319 3320 3321 3323 lisp-ms:ms 3324 3325 3326 3328 3329 3330 1 3331 3332 3333 key1 3334 3335 hmac-sha-256-128 3336 3337 *Kye^$$1#gb91U04zpa 3338 3339 3340 3341 3342 3343 3344 1000 3345 3346 3347 1 3348 3349 3351 laddr:ipv6-prefix-afi 3353 3354 2001:db8:400:0:100::/80 3355 3356 3357 3358 3359 3360 2000 3361 3362 3363 1 3364 3365 3367 laddr:ipv6-prefix-afi 3368 3369 2001:db8:800:0:200::/80 3370 3371 3372 3373 3374 3375 3376 3377 3378 3379 3380 3382 8. Acknowledgments 3384 The tree view and the YANG model shown in this document have been 3385 formated with the 'pyang' tool. 3387 9. IANA Considerations 3389 The IANA is requested to as assign a new namespace URI from the IETF 3390 XML registry. 3392 This document registers the following namesace URIs in the IETF XML 3393 registry [RFC3688]: 3395 -------------------------------------------------------------------- 3397 URI: urn:ietf:params:xml:ns:yang:ietf-lisp 3398 Registrant Contact: The IESG. 3400 XML: N/A, the requested URI is an XML namespace. 3402 -------------------------------------------------------------------- 3404 -------------------------------------------------------------------- 3406 URI: urn:ietf:params:xml:ns:yang:ietf-lisp-itr 3408 Registrant Contact: The IESG. 3410 XML: N/A, the requested URI is an XML namespace. 3412 -------------------------------------------------------------------- 3414 -------------------------------------------------------------------- 3416 URI: urn:ietf:params:xml:ns:yang:ietf-lisp-etr 3418 Registrant Contact: The IESG. 3420 XML: N/A, the requested URI is an XML namespace. 3422 -------------------------------------------------------------------- 3424 -------------------------------------------------------------------- 3426 URI: urn:ietf:params:xml:ns:yang:ietf-lisp-mapserver 3428 Registrant Contact: The IESG. 3430 XML: N/A, the requested URI is an XML namespace. 3432 -------------------------------------------------------------------- 3434 -------------------------------------------------------------------- 3436 URI: urn:ietf:params:xml:ns:yang:ietf-lisp-mapresolver 3438 Registrant Contact: The IESG. 3440 XML: N/A, the requested URI is an XML namespace. 3442 -------------------------------------------------------------------- 3444 -------------------------------------------------------------------- 3445 URI: urn:ietf:params:xml:ns:yang:ietf-lisp-address-types 3447 Registrant Contact: The IESG. 3449 XML: N/A, the requested URI is an XML namespace. 3451 -------------------------------------------------------------------- 3453 10. Security Considerations 3455 The YANG modules specified in this document define a schema for data 3456 that is designed to be accessed via network management protocols such 3457 as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer 3458 is the secure transport layer, and the mandatory-to-implement secure 3459 transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer 3460 is HTTPS, and the mandatory-to-implement secure transport is TLS 3461 [RFC8446]. 3463 The NETCONF access control model [RFC8341] provides the means to 3464 restrict access for particular NETCONF or RESTCONF users to a pre- 3465 configured subset of all available NETCONF or RESTCONF protocol 3466 operations and content. 3468 The security considerations of LISP control-plane [RFC6833] and LISP 3469 data-plane [RFC6830] as well as the LISP threat analysis [RFC7835] 3470 apply to this YANG model. 3472 There are a number of data nodes defined in this YANG module that are 3473 writable/creatable/deletable (i.e., config true, which is the 3474 default). These data nodes may be considered sensitive or vulnerable 3475 in some network environments. Write operations (e.g., edit-config) 3476 to these data nodes without proper protection can have a negative 3477 effect on network operations. These are the subtrees and data nodes 3478 and their sensitivity/vulnerability: 3480 /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol/ 3481 lisp:lisp/ 3483 Access to the locator-sets node may modify which interfaces are used 3484 for data and/or control traffic as well as affect the load balancing 3485 of data-plane traffic. Access to the lisp-role node may prevent the 3486 device from perform its intended data-plane and/or control-plane 3487 operation. Access to the router-id node allows to modify the unique 3488 identifier of the device, which may result in disruption of its LISP 3489 control-plane operation. Access to the vpn node may allow to 3490 redirect data-plane traffic to erroneous local or remote network 3491 instances. 3493 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3494 protocol/lisp:lisp/lisp:map-server 3496 Access to the sites node can prevent authorized devices from 3497 registering mappings in the Map-Server and/or allow unauthorized 3498 devices to so. Access to the vpn node can result in corrupted 3499 mapping sate that may propagate across the LISP network, potentially 3500 resulting in forwarding of data-plane traffic to arbitrary 3501 destinations and general disruption of the data-plane operation. 3502 Access to mapping-system-type and/or ddt-mapping-system nodes may 3503 prevent the device to connect to the Mapping System infrastructure 3504 and consequentially to attract Map-Request messages. 3506 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3507 protocol/lisp:lisp/lisp:map-resolver 3509 Access to mapping-system-type, ms-address and/or ddt-mapping-system 3510 nodes may prevent the device to connect to the Mapping System 3511 infrastructure and forward Map-Request messages. 3513 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3514 protocol/lisp:lisp/lisp:itr 3516 Access to the rloc-probing node can increase the control-plane 3517 overhead in the device or affect the capability of the device to 3518 detect failures on the underlay. Access to the itr-rlocs node may 3519 prevent the device from getting Map-Reply messages. Access to the 3520 map-resolvers node can prevent the device from sending its Map- 3521 Request messages to valid Map-Resolvers. Access to the proxy-etrs 3522 nodes can affect the capability of the device to send data-plane 3523 traffic towards non-LISP destinations. Access to the map-cache node 3524 can result in forwarding of data-plane traffic to arbitrary 3525 destinations and general disruption of data-plane operation. 3527 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3528 protocol/lisp:lisp/lisp:etr 3530 Access to the map-servers node can prevent the device from 3531 registering its local mappings into the Mapping System. Access to 3532 the local-eids node can disrupt data-plane operation on the device 3533 and/or result in the device registering corrupted mappings into the 3534 Mapping System. 3536 Some of the readable data nodes in this YANG module may be considered 3537 sensitive or vulnerable in some network environments. It is thus 3538 important to control read access (e.g., via get, get-config, or 3539 notification) to these data nodes. These are the subtrees and data 3540 nodes and their sensitivity/vulnerability: 3542 /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol/ 3543 lisp:lisp 3545 Access to the locator-sets node can expose the locators the device is 3546 using for its control and/or data operation. Access to the lisp-role 3547 node can disclose the LISP roles instantiated at the device which 3548 facilitates mounting attacks against the device. Access to the 3549 router-id node can expose the unique identifier of device which may 3550 allow a third party to track its control-plane operation and/or 3551 impersonate the device. Access to the vpn node can leak the local 3552 mapping between LISP Instance IDs and local network instances. 3554 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3555 protocol/lisp:lisp/lisp:map-server 3557 Access to the sites node can expose the credentials used to register 3558 mappings and allow unauthorized devices to do so. Access to the vpn 3559 node can expose the mappings currently registered in the device, 3560 which has privacy implications. Access to the mapping-system-type 3561 node may reveal the Mapping System in use which can be used to mount 3562 attacks against the device and/or the Mapping System. Access to the 3563 summary and counters nodes may expose operational statistics of the 3564 device. 3566 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3567 protocol/lisp:lisp/lisp:map-resolver 3569 Access to the mapping-system-type node may reveal the Mapping System 3570 in use which can be used to mount attacks against the device and/or 3571 the Mapping System. Access to the ms-address and/or ddt-mapping- 3572 system nodes can leak the information about the Mapping System 3573 infrastructure used by the device, which can be used to block 3574 communication and/or mount attacks against it. 3576 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3577 protocol/lisp:lisp/lisp:itr 3579 Access to the rloc-probing node can expose if and how the device is 3580 using control-plane signaling to probe underlay locators. Access to 3581 the itr-rlocs node may disclose the addresses the device is using to 3582 receive Map-Reply messages. Access to the map-resolvers node can 3583 expose the Map-Resolvers used by the device, which can be used to 3584 mount attacks against the device and/or the Mapping System. Access 3585 to the proxy-etrs node can disclose the PETRs used by the device, 3586 which can be used to mount attacks against the device and/or PETRs. 3587 Access to the map-cache node can expose the mappings currently cached 3588 in the device, which has privacy implications. 3590 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3591 protocol/lisp:lisp/lisp:etr 3593 Access to the map-servers node can expose the credentials used by the 3594 device to register mappings into the Mapping System allowing an 3595 unauthorized device to impersonate and register mappings on behalf 3596 the authorized device. Access to the local-eids node can expose the 3597 local EIDs currently being served by the device, which has privacy 3598 implications. 3600 11. Normative References 3602 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 3603 Requirement Levels", BCP 14, RFC 2119, 3604 DOI 10.17487/RFC2119, March 1997, 3605 . 3607 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 3608 DOI 10.17487/RFC3688, January 2004, 3609 . 3611 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 3612 and A. Bierman, Ed., "Network Configuration Protocol 3613 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 3614 . 3616 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 3617 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 3618 . 3620 [RFC6830] Farinacci, D., Fuller, V., Meyer, D., and D. Lewis, "The 3621 Locator/ID Separation Protocol (LISP)", RFC 6830, 3622 DOI 10.17487/RFC6830, January 2013, 3623 . 3625 [RFC6832] Lewis, D., Meyer, D., Farinacci, D., and V. Fuller, 3626 "Interworking between Locator/ID Separation Protocol 3627 (LISP) and Non-LISP Sites", RFC 6832, 3628 DOI 10.17487/RFC6832, January 2013, 3629 . 3631 [RFC6833] Fuller, V. and D. Farinacci, "Locator/ID Separation 3632 Protocol (LISP) Map-Server Interface", RFC 6833, 3633 DOI 10.17487/RFC6833, January 2013, 3634 . 3636 [RFC6836] Fuller, V., Farinacci, D., Meyer, D., and D. Lewis, 3637 "Locator/ID Separation Protocol Alternative Logical 3638 Topology (LISP+ALT)", RFC 6836, DOI 10.17487/RFC6836, 3639 January 2013, . 3641 [RFC7835] Saucez, D., Iannone, L., and O. Bonaventure, "Locator/ID 3642 Separation Protocol (LISP) Threat Analysis", RFC 7835, 3643 DOI 10.17487/RFC7835, April 2016, 3644 . 3646 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 3647 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 3648 . 3650 [RFC8060] Farinacci, D., Meyer, D., and J. Snijders, "LISP Canonical 3651 Address Format (LCAF)", RFC 8060, DOI 10.17487/RFC8060, 3652 February 2017, . 3654 [RFC8111] Fuller, V., Lewis, D., Ermagan, V., Jain, A., and A. 3655 Smirnov, "Locator/ID Separation Protocol Delegated 3656 Database Tree (LISP-DDT)", RFC 8111, DOI 10.17487/RFC8111, 3657 May 2017, . 3659 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 3660 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 3661 May 2017, . 3663 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 3664 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 3665 . 3667 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration 3668 Access Control Model", STD 91, RFC 8341, 3669 DOI 10.17487/RFC8341, March 2018, 3670 . 3672 [RFC8349] Lhotka, L., Lindem, A., and Y. Qu, "A YANG Data Model for 3673 Routing Management (NMDA Version)", RFC 8349, 3674 DOI 10.17487/RFC8349, March 2018, 3675 . 3677 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 3678 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 3679 . 3681 Authors' Addresses 3683 Vina Ermagan 3684 Google 3685 USA 3687 Email: ermagan@gmail.com 3689 Alberto Rodriguez-Natal 3690 Cisco Systems 3691 San Jose, CA 3692 USA 3694 Email: natal@cisco.com 3696 Florin Coras 3697 Cisco Systems 3698 San Jose, CA 3699 USA 3701 Email: fcoras@cisco.com 3703 Carl Moberg 3704 Cisco Systems 3705 San Jose, CA 3706 USA 3708 Email: camoberg@cisco.com 3710 Reshad Rahman 3711 Cisco Systems 3712 Canada 3714 Email: rrahman@cisco.com 3716 Albert Cabellos-Aparicio 3717 Technical University of Catalonia 3718 Barcelona 3719 Spain 3721 Email: acabello@ac.upc.edu 3722 Fabio Maino 3723 Cisco Systems 3724 San Jose, CA 3725 USA 3727 Email: fmaino@cisco.com