idnits 2.17.1 draft-ietf-mpls-base-yang-16.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (October 19, 2020) is 1256 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) No issues found here. Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 MPLS Working Group T. Saad 3 Internet-Draft Juniper Networks 4 Intended status: Standards Track K. Raza 5 Expires: April 22, 2021 R. Gandhi 6 Cisco Systems Inc 7 X. Liu 8 Volta Networks 9 V. Beeram 10 Juniper Networks 11 October 19, 2020 13 A YANG Data Model for MPLS Base 14 draft-ietf-mpls-base-yang-16 16 Abstract 18 This document contains a specification of the MPLS base YANG data 19 model. The MPLS base YANG data model serves as a base framework for 20 configuring and managing an MPLS switching subsystem on an MPLS- 21 enabled router. It is expected that other MPLS YANG data models 22 (e.g. MPLS Label Switched Path (LSP) Static, LDP or RSVP-TE YANG 23 models) will augment the MPLS base YANG data model. 25 Status of This Memo 27 This Internet-Draft is submitted in full conformance with the 28 provisions of BCP 78 and BCP 79. 30 Internet-Drafts are working documents of the Internet Engineering 31 Task Force (IETF). Note that other groups may also distribute 32 working documents as Internet-Drafts. The list of current Internet- 33 Drafts is at https://datatracker.ietf.org/drafts/current/. 35 Internet-Drafts are draft documents valid for a maximum of six months 36 and may be updated, replaced, or obsoleted by other documents at any 37 time. It is inappropriate to use Internet-Drafts as reference 38 material or to cite them other than as "work in progress." 40 This Internet-Draft will expire on April 22, 2021. 42 Copyright Notice 44 Copyright (c) 2020 IETF Trust and the persons identified as the 45 document authors. All rights reserved. 47 This document is subject to BCP 78 and the IETF Trust's Legal 48 Provisions Relating to IETF Documents 49 (https://trustee.ietf.org/license-info) in effect on the date of 50 publication of this document. Please review these documents 51 carefully, as they describe your rights and restrictions with respect 52 to this document. Code Components extracted from this document must 53 include Simplified BSD License text as described in Section 4.e of 54 the Trust Legal Provisions and are provided without warranty as 55 described in the Simplified BSD License. 57 Table of Contents 59 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 60 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 61 1.2. Acronyms and Abbreviations . . . . . . . . . . . . . . . 3 62 2. MPLS Base Model . . . . . . . . . . . . . . . . . . . . . . . 4 63 2.1. Model Overview . . . . . . . . . . . . . . . . . . . . . 4 64 2.2. Model Organization . . . . . . . . . . . . . . . . . . . 4 65 2.3. Model Design . . . . . . . . . . . . . . . . . . . . . . 6 66 2.4. Model Tree Diagram . . . . . . . . . . . . . . . . . . . 8 67 2.5. Model YANG Module . . . . . . . . . . . . . . . . . . . . 9 68 3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 19 69 4. Security Considerations . . . . . . . . . . . . . . . . . . . 20 70 5. Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . 21 71 6. Appendix A. Data Tree Instance Example . . . . . . . . . . . 21 72 7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 27 73 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 27 74 8.1. Normative References . . . . . . . . . . . . . . . . . . 27 75 8.2. Informative References . . . . . . . . . . . . . . . . . 28 76 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 29 78 1. Introduction 80 A core routing YANG data model is defined in [RFC8349], and it 81 provides a basis for the development of routing data models for 82 specific Address Families (AFs). Specifically, [RFC8349] defines a 83 model for a generic Routing Information Base (RIB) that is Address- 84 Family (AF) agnostic. [RFC8349] also defines two instances of RIBs 85 based on the generic RIB model for IPv4 and IPv6 AFs. 87 The MPLS base model that is defined in this document augments the 88 generic RIB model defined in [RFC8349] with additional data that 89 enables MPLS forwarding for the specific destination prefix(es) 90 present in the AF RIB(s) as described in the MPLS architecture 91 document [RFC3031]. 93 The MPLS base model also defines a new instance of the generic RIB 94 YANG data model as defined in [RFC8349] to store native MPLS routes. 95 The native MPLS RIB instance stores route(s) that are not associated 96 with other AF instance RIBs (such as IPv4, or IPv6 instance RIB(s)), 97 but are enabled for MPLS forwarding. Examples of such native MPLS 98 routes are routes programmed by RSVP on transit MPLS router(s) along 99 the path of a Label Switched Path (LSP). Other example(s) are MPLS 100 routes that cross-connect to specific Layer-2 adjacencies, such as 101 Layer-2 Attachment Circuit(s) (ACs)), or Layer-3 adjacencies, such as 102 Segment-Routing (SR) Adjacency Segments (Adj-SIDs) described in 103 [RFC8402]. 105 The MPLS base YANG data model serves as a basis for future 106 development of MPLS YANG data models covering more-sophisticated MPLS 107 feature(s) and sub-system(s). The main purpose is to provide 108 essential building blocks for other YANG data models involving 109 different control-plane protocols, and MPLS functions. 111 To this end, it is expected that the MPLS base data model will be 112 augmented by a number of other YANG modules developed at IETF (e.g. 113 by TEAS and MPLS working groups). 115 The YANG module in this document conforms to the Network Management 116 Datastore Architecture (NMDA) [RFC8342]. 118 1.1. Terminology 120 The terminology for describing YANG data models is found in 121 [RFC7950]. 123 1.2. Acronyms and Abbreviations 125 MPLS: Multiprotocol Label Switching 127 RIB: Routing Information Base 129 LSP: Label Switched Path 131 LSR: Label Switching Router 133 LER: Label Edge Router 135 FEC: Forwarding Equivalence Class 137 NHLFE: Next Hop Label Forwarding Entry 139 ILM: Incoming Label Map 141 2. MPLS Base Model 143 This document describes the 'ietf-mpls' YANG module that provides 144 base components of the MPLS data model. It is expected that other 145 MPLS YANG modules will augment 'ietf-mpls' YANG module for other MPLS 146 extension to provision Label Switched Paths (LSPs) (e.g. MPLS 147 Static, MPLS LDP or MPLS RSVP-TE LSP(s)). 149 2.1. Model Overview 151 This document models MPLS labeled routes as an augmentation of the 152 generic routing RIB data model as defined in [RFC8349]. For example, 153 IP prefix routes (e.g. routes stored in IPv4 or IPv6 RIBs) are 154 augmented to carry additional data to enable it for MPLS forwarding. 156 This document also defines a new instance of the generic RIB defined 157 in [RFC8349] to store native MPLS route(s) (described further in 158 Section 2.3) by extending the identity 'address-family' defined in 159 [RFC8349] with a new "mpls" identity as suggested in Section 3 of 160 [RFC8349]. 162 2.2. Model Organization 164 Routing +---------------+ v: import 165 YANG module | ietf-routing | o: augment 166 +---------------+ 167 o 168 | 169 v 170 MPLS base +-----------+ v: import 171 YANG module | ietf-mpls | o: augment 172 +-----------+ 173 o o------+ 174 | \ 175 v v 176 +-------------------+ +---------------------+ 177 MPLS Static | ietf-mpls-static@ | | ietf-mpls-ldp.yang@ | . . 178 LSP YANG +-------------------+ +---------------------+ 179 module 180 @: not in this document, shown for illustration only 182 Figure 1: Relationship between MPLS modules 184 The 'ietf-mpls' YANG module defines the following identities: 186 mpls: 188 This identity extends the 'address-family' identity for RIB 189 instance(s) identity as defined in [RFC8349] to represent the 190 native MPLS RIB instance. 192 label-block-alloc-mode: 194 A base YANG identity for supported label block allocation mode(s). 196 The 'ietf-mpls' YANG module contains the following high-level types 197 and groupings: 199 mpls-operations-type: 201 An enumeration type that represents support for possible MPLS 202 operation types (impose-and-forward, pop-and-forward, pop-impose- 203 and-forward, and pop-and-lookup) 205 nhlfe-role: 207 An enumeration type that represents the role of the NHLFE entry. 209 nhlfe-single-contents: 211 A YANG grouping that describes single Next Hop Label Forwarding 212 Entry (NHLFE) and its associated parameters as described in the 213 MPLS architecture document [RFC3031]. This grouping is specific 214 to the case when a single next-hop is associated with the route. 216 The NHLFE is used when forwarding labeled packet. It contains the 217 following information: 219 1. the packet's next hop. For 'nhlfe-single-contents' only a single 220 next hop is expected, while for 'nhlfe-multiple-contents' 221 multiple next hops are possible. 223 2. the operation to perform on the packet's label stack; this can be 224 one of the following operations: a) replace the label at the top 225 of the label stack with one or more specified new label b) pop 226 the label stack c) replace the label at the top of the label 227 stack with a specified new label, and then push one or more 228 specified new labels onto the label stack. d) push one or more 229 label(s) on an unlabeled packet 231 It may also contain: 233 d) the data link encapsulation to use when transmitting the packet 235 e) the way to encode the label stack when transmitting the packet 237 f) any other information needed in order to properly dispose of 238 the packet. 240 nhlfe-multiple-contents: 242 A YANG grouping that describes a set of NHLFE(s) and their 243 associated parameters as described in the MPLS architecture 244 document [RFC3031]. This grouping is used when multiple next-hops 245 are associated with the route. 247 interfaces-mpls: 249 A YANG grouping that describes the list of MPLS enabled interfaces 250 on a device. 252 label-blocks: 254 A YANG grouping that describes the list of assigned MPLS label 255 blocks and their properties. 257 rib-mpls-properties: 259 A YANG grouping for the augmentation of the generic RIB with MPLS 260 label forwarding data as defined in [RFC3031]. 262 rib-active-route-mpls-input: 264 A YANG grouping for the augmentation to the 'active-route' RPC 265 that is specific to the MPLS RIB instance. 267 2.3. Model Design 269 The MPLS routing model is based on the core routing data model 270 defined in [RFC8349]. Figure 2 shows the extensions introduced by 271 the MPLS base model on defined RIB(s). 273 +-----------------+ 274 | MPLS base model | 275 +-----------------+ 276 ____/ | |_____ |________ 277 / | \ \ 278 / | \ \ 279 o o o + 280 +---------+ +---------+ +--------+ +-----------+ 281 | RIB(v4) | | RIB(v6) | | RIB(x) | | RIB(mpls) | 282 +---------+ +---------+ +--------+ +-----------+ 284 +: created by the MPLS base model 285 o: augmented by the MPLS base model 287 Figure 2: Relationship between MPLS model and RIB instances 289 As shown in Figure 2, the MPLS base YANG data model augments defined 290 instance(s) of AF RIB(s) with additional data that enables MPLS 291 forwarding for destination prefix(es) store in such RIB(s). For 292 example, an IPv4 prefix stored in RIB(v4) is augmented to carry a 293 MPLS local label and per next-hop remote label(s) to enable MPLS 294 forwarding for such prefix. 296 The MPLS base model also creates a separate instance of the generic 297 RIB model defined in [RFC8349] to store MPLS native route(s) that are 298 enabled for MPLS forwarding, but not stored in other AF RIB(s). 300 Some examples of such native MPLS routes are: 302 o routes programmed by RSVP on Label Switched Router(s) (LSRs) along 303 the path of a Label Switched Path (LSP), 305 o routes that cross-connect an MPLS local label to a Layer-2, or 306 Layer-3 VRF, 308 o routes that cross-connect an MPLS local label to a specific 309 Layer-2 adjacency or interface, such as Layer-2 Attachment 310 Circuit(s) (ACs), or 312 o routes that cross-connect an MPLS local label to a Layer-3 313 adjacency or interface - such as MPLS Segment-Routing (SR) 314 Adjacency Segments (Adj-SIDs), SR MPLS Binding SIDs, etc. as 315 defined in [RFC8402]. 317 2.4. Model Tree Diagram 319 The MPLS base tree diagram that follows the notation defined in 320 [RFC8340] is shown in Figure 3. 322 module: ietf-mpls 323 augment /rt:routing: 324 +--rw mpls 325 +--rw ttl-propagate? boolean 326 +--rw mpls-label-blocks 327 | +--rw mpls-label-block* [index] 328 | +--rw index string 329 | +--rw start-label? rt-types:mpls-label 330 | +--rw end-label? rt-types:mpls-label 331 | +--rw block-allocation-mode? identityref 332 | +--ro inuse-labels-count? yang:gauge32 333 +--rw interfaces 334 +--rw interface* [name] 335 +--rw name if:interface-ref 336 +--rw mpls-enabled? boolean 337 +--rw maximum-labeled-packet? uint32 338 augment /rt:routing/rt:ribs/rt:rib/rt:routes/rt:route: 339 +--ro mpls-enabled? boolean 340 +--ro mpls-local-label? rt-types:mpls-label 341 +--ro destination-prefix? -> ../mpls-local-label 342 +--ro route-context? string 343 augment /rt:routing/rt:ribs/rt:rib/rt:routes/rt:route/rt:next-hop 344 /rt:next-hop-options/rt:simple-next-hop: 345 +--ro mpls-label-stack 346 +--ro entry* [id] 347 +--ro id uint8 348 +--ro label? rt-types:mpls-label 349 +--ro ttl? uint8 350 +--ro traffic-class? uint8 351 augment /rt:routing/rt:ribs/rt:rib/rt:routes/rt:route/rt:next-hop 352 /rt:next-hop-options/rt:next-hop-list/rt:next-hop-list 353 /rt:next-hop: 354 +--ro index? string 355 +--ro backup-index? string 356 +--ro loadshare? uint16 357 +--ro role? nhlfe-role 358 +--ro mpls-label-stack 359 +--ro entry* [id] 360 +--ro id uint8 361 +--ro label? rt-types:mpls-label 362 +--ro ttl? uint8 363 +--ro traffic-class? uint8 364 augment /rt:routing/rt:ribs/rt:rib/rt:active-route/rt:input: 366 +---w destination-address? -> ../mpls-local-label 367 +---w mpls-local-label? rt-types:mpls-label 368 augment /rt:routing/rt:ribs/rt:rib/rt:active-route/rt:output 369 /rt:route/rt:next-hop/rt:next-hop-options 370 /rt:simple-next-hop: 371 +-- mpls-label-stack 372 +-- entry* [id] 373 +-- id uint8 374 +-- label? rt-types:mpls-label 375 +-- ttl? uint8 376 +-- traffic-class? uint8 377 augment /rt:routing/rt:ribs/rt:rib/rt:active-route/rt:output 378 /rt:route/rt:next-hop/rt:next-hop-options 379 /rt:next-hop-list/rt:next-hop-list/rt:next-hop: 380 +-- index? string 381 +-- backup-index? string 382 +-- loadshare? uint16 383 +-- role? nhlfe-role 384 +-- mpls-label-stack 385 +-- entry* [id] 386 +-- id uint8 387 +-- label? rt-types:mpls-label 388 +-- ttl? uint8 389 +-- traffic-class? uint8 391 Figure 3: MPLS Base tree diagram 393 2.5. Model YANG Module 395 This section describes the 'ietf-mpls' YANG module that provides base 396 components of the MPLS data model. Other YANG module(s) may import 397 and augment the base MPLS module to add feature specific data. 399 The ietf-mpls YANG module imports the following YANG modules: 401 o ietf-routing defined in [RFC8349] 403 o ietf-routing-types defined in [RFC8294] 405 o ietf-interfaces defined in [RFC8343] 407 This YANG module also references the following RFCs in defining the 408 types and YANG grouping of the YANG module: [RFC3032], [RFC3031], and 409 [RFC7424]. 411 file "ietf-mpls@2020-10-15.yang" 412 module ietf-mpls { 413 yang-version 1.1; 414 namespace "urn:ietf:params:xml:ns:yang:ietf-mpls"; 416 /* Replace with IANA when assigned */ 418 prefix mpls; 420 import ietf-routing { 421 prefix rt; 422 reference 423 "RFC8349: A YANG Data Model for Routing Management"; 424 } 425 import ietf-routing-types { 426 prefix rt-types; 427 reference 428 "RFC8294:Common YANG Data Types for the Routing Area"; 429 } 430 import ietf-yang-types { 431 prefix yang; 432 reference 433 "RFC6991: Common YANG Data Types"; 434 } 435 import ietf-interfaces { 436 prefix if; 437 reference 438 "RFC8343: A YANG Data Model for Interface Management"; 439 } 441 organization 442 "IETF MPLS Working Group"; 443 contact 444 "WG Web: 446 WG List: 448 Editor: Tarek Saad 449 451 Editor: Kamran Raza 452 454 Editor: Rakesh Gandhi 455 457 Editor: Xufeng Liu 458 460 Editor: Vishnu Pavan Beeram 461 "; 463 description 464 "This YANG module defines the essential components for the 465 management of the MPLS subsystem. The model fully conforms 466 to the Network Management Datastore Architecture (NMDA). 468 Copyright (c) 2018 IETF Trust and the persons 469 identified as authors of the code. All rights reserved. 471 Redistribution and use in source and binary forms, with or 472 without modification, is permitted pursuant to, and subject 473 to the license terms contained in, the Simplified BSD License 474 set forth in Section 4.c of the IETF Trust's Legal Provisions 475 Relating to IETF Documents 476 (https://trustee.ietf.org/license-info). 477 This version of this YANG module is part of RFC XXXX; see 478 the RFC itself for full legal notices."; 480 // RFC Ed.: replace XXXX with actual RFC number and remove this 481 // note. 482 // RFC Ed.: update the date below with the date of RFC publication 483 // and remove this note. 485 revision 2020-10-15 { 486 description 487 "Initial revision."; 488 reference 489 "RFC XXXX: A YANG Data Model for base MPLS"; 490 } 492 /* Identities */ 494 identity mpls { 495 base rt:address-family; 496 description 497 "This identity represents the MPLS address family."; 498 } 500 identity mpls-unicast { 501 base mpls:mpls; 502 description 503 "This identity represents the MPLS unicast address family."; 504 } 506 identity label-block-alloc-mode { 507 description 508 "Base identity for label-block allocation mode."; 509 } 510 identity label-block-alloc-mode-manager { 511 base label-block-alloc-mode; 512 description 513 "Label block allocation on reserved block 514 is managed by label manager."; 515 } 517 identity label-block-alloc-mode-application { 518 base label-block-alloc-mode; 519 description 520 "Label block allocation on reserved block 521 is managed by application."; 522 } 524 /** 525 * Typedefs 526 */ 528 typedef mpls-operations-type { 529 type enumeration { 530 enum impose-and-forward { 531 description 532 "Operation impose outgoing label(s) and forward to 533 next-hop."; 534 } 535 enum pop-and-forward { 536 description 537 "Operation pop incoming label and forward to next-hop."; 538 } 539 enum pop-impose-and-forward { 540 description 541 "Operation pop incoming label, impose one or more 542 outgoing label(s) and forward to next-hop."; 543 } 544 enum swap-and-forward { 545 description 546 "Operation swap incoming label, with outgoing label and 547 forward to next-hop."; 548 } 549 enum pop-and-lookup { 550 description 551 "Operation pop incoming label and perform a lookup."; 552 } 553 } 554 description 555 "MPLS operations types."; 556 } 557 typedef nhlfe-role { 558 type enumeration { 559 enum primary { 560 description 561 "Next-hop acts as primary for carrying traffic."; 562 } 563 enum backup { 564 description 565 "Next-hop acts as backup."; 566 } 567 enum primary-and-backup { 568 description 569 "Next-hop acts as primary and backup simultaneously 570 for carry traffic."; 571 } 572 } 573 description 574 "The next-hop role."; 575 } 577 grouping nhlfe-single-contents { 578 description 579 "A grouping that describes single Next Hop Label Forwarding 580 Entry (NHLFE) and its associated parameters as described in 581 the MPLS architecture. This grouping is specific to the case 582 when a single next-hop is associated with the route."; 583 uses rt-types:mpls-label-stack; 584 } 586 grouping nhlfe-multiple-contents { 587 description 588 "A grouping that describes a set of NHLFE(s) and their 589 associated parameters as described in the MPLS architecture. 590 This grouping is used when multiple next-hops are associated 591 with the route."; 592 leaf index { 593 type string; 594 description 595 "A user-specified identifier utilised to uniquely 596 reference the next-hop entry in the next-hop list. 597 The value of this index has no semantic meaning 598 other than for referencing the entry."; 599 } 600 leaf backup-index { 601 type string; 602 description 603 "A user-specified identifier utilised to uniquely 604 reference the backup next-hop entry in the NHLFE list. 606 The value of this index has no semantic meaning 607 other than for referencing the entry."; 608 reference 609 "RFC4090 and RFC5714"; 610 } 611 leaf loadshare { 612 type uint16; 613 default "1"; 614 description 615 "This value is used to compute a loadshare to perform un-equal 616 load balancing when multiple outgoing next-hop(s) are 617 specified. A share is computed as a ratio of this number to the 618 total under all next-hops(s)."; 619 reference 620 "RFC7424, section 5.4, 621 RFC3031, section 3.11 and 3.12."; 622 } 623 leaf role { 624 type nhlfe-role; 625 description 626 "NHLFE role."; 627 } 628 uses nhlfe-single-contents; 629 } 631 grouping interfaces-mpls { 632 description 633 "List of MPLS interfaces."; 634 container interfaces { 635 description 636 "List of MPLS enabled interaces."; 637 list interface { 638 key "name"; 639 description 640 "MPLS enabled interface entry."; 641 leaf name { 642 type if:interface-ref; 643 description 644 "A reference to the name of a interface in the system that 645 is to be enabled for MPLS."; 646 } 647 leaf mpls-enabled { 648 type boolean; 649 default "false"; 650 description 651 "'true' if mpls encapsulation is enabled on the interface. 652 'false' if mpls encapsulation is disabled on the 653 interface."; 655 } 656 leaf maximum-labeled-packet { 657 type uint32; 658 units "octets"; 659 description 660 "Maximum labeled packet size."; 661 reference 662 "RFC3032, section 3.2."; 663 } 664 } 665 } 666 } 668 grouping globals { 669 description 670 "MPLS global configuration grouping."; 671 leaf ttl-propagate { 672 type boolean; 673 default "true"; 674 description 675 "Propagate TTL between IP and MPLS."; 676 } 677 } 679 grouping label-blocks { 680 description 681 "Label-block allocation grouping."; 682 container mpls-label-blocks { 683 description 684 "Label-block allocation container."; 685 list mpls-label-block { 686 key "index"; 687 unique "start-label end-label"; 688 description 689 "List of MPLS label-blocks."; 690 leaf index { 691 type string; 692 description 693 "A user-specified identifier utilised to uniquely 694 reference an MPLS label block."; 695 } 696 leaf start-label { 697 type rt-types:mpls-label; 698 must '. <= ../end-label' { 699 error-message 700 "The start-label must be less than or equal " 701 + "to end-label"; 702 } 703 description 704 "Label-block start."; 705 } 706 leaf end-label { 707 type rt-types:mpls-label; 708 must '. >= ../start-label' { 709 error-message 710 "The end-label must be greater than or equal " 711 + "to start-label"; 712 } 713 description 714 "Label-block end."; 715 } 716 leaf block-allocation-mode { 717 type identityref { 718 base label-block-alloc-mode; 719 } 720 description 721 "Label-block allocation mode."; 722 } 723 leaf inuse-labels-count { 724 when "derived-from-or-self(../block-allocation-mode, " 725 + "'mpls:label-block-alloc-mode-manager')"; 726 type yang:gauge32; 727 config false; 728 description 729 "Label-block inuse labels count."; 730 } 731 } 732 } 733 } 735 grouping rib-mpls-properties { 736 description 737 "A grouping of native MPLS RIB properties."; 738 leaf destination-prefix { 739 type leafref { 740 path "../mpls-local-label"; 741 } 742 description 743 "MPLS destination prefix."; 744 } 745 leaf route-context { 746 type string; 747 description 748 "A context associated with the native MPLS route."; 749 } 750 } 751 grouping rib-active-route-mpls-input { 752 description 753 "A grouping applicable to native MPLS RIB 'active-route' 754 RPC input augmentation."; 755 leaf destination-address { 756 type leafref { 757 path "../mpls-local-label"; 758 } 759 description 760 "MPLS native active route destination."; 761 } 762 leaf mpls-local-label { 763 type rt-types:mpls-label; 764 description 765 "MPLS local label."; 766 } 767 } 769 augment "/rt:routing" { 770 description 771 "MPLS augmentation."; 772 container mpls { 773 description 774 "MPLS container, to be used as an augmentation target node 775 other MPLS sub-features config, e.g. MPLS static LSP, MPLS 776 LDP LSPs, and Trafic Engineering MPLS LSP Tunnels, etc."; 777 uses globals; 778 uses label-blocks; 779 uses interfaces-mpls; 780 } 781 } 783 /* MPLS routes augmentation */ 785 augment "/rt:routing/rt:ribs/rt:rib/rt:routes/rt:route" { 786 description 787 "This augmentation is applicable to all MPLS routes."; 788 leaf mpls-enabled { 789 type boolean; 790 default "false"; 791 description 792 "Indicates whether MPLS is enabled for this route."; 793 } 794 leaf mpls-local-label { 795 when "../mpls-enabled = 'true'"; 796 type rt-types:mpls-label; 797 description 798 "MPLS local label associated with the route."; 800 } 801 uses rib-mpls-properties { 802 /* MPLS AF augmentation to native MPLS RIB */ 803 when "derived-from-or-self(../../rt:address-family, " 804 + "'mpls:mpls')" { 805 description 806 "This augment is valid only for routes of native MPLS 807 RIB."; 808 } 809 } 810 } 812 /* MPLS simple-next-hop augmentation */ 814 augment "/rt:routing/rt:ribs/rt:rib/rt:routes/rt:route/" 815 + "rt:next-hop/rt:next-hop-options/rt:simple-next-hop" { 816 description 817 "Augment 'simple-next-hop' case in IP unicast routes."; 818 uses nhlfe-single-contents { 819 when "/rt:routing/rt:ribs/rt:rib/rt:routes/rt:route" 820 + "/mpls:mpls-enabled = 'true'"; 821 } 822 } 824 /* MPLS next-hop-list augmentation */ 826 augment "/rt:routing/rt:ribs/rt:rib/rt:routes/rt:route/" 827 + "rt:next-hop/rt:next-hop-options/rt:next-hop-list/" 828 + "rt:next-hop-list/rt:next-hop" { 829 description 830 "This leaf augments the 'next-hop-list' case of IP unicast 831 routes."; 832 uses nhlfe-multiple-contents { 833 when "/rt:routing/rt:ribs/rt:rib/rt:routes/rt:route" 834 + "/mpls:mpls-enabled = 'true'"; 835 } 836 } 838 /* MPLS RPC input augmentation */ 840 augment "/rt:routing/rt:ribs/rt:rib/rt:active-route/rt:input" { 841 description 842 "Input MPLS augmentation for the 'active-route' action 843 statement."; 844 uses rib-active-route-mpls-input { 845 /* MPLS AF augmentation to native MPLS RIB */ 846 when "derived-from-or-self(../rt:address-family, " 847 + "'mpls:mpls')" { 849 description 850 "This augment is valid only for routes of native MPLS 851 RIB."; 852 } 853 } 854 } 856 /* MPLS RPC output augmentation */ 858 augment "/rt:routing/rt:ribs/rt:rib/rt:active-route/" 859 + "rt:output/rt:route/" 860 + "rt:next-hop/rt:next-hop-options/rt:simple-next-hop" { 861 description 862 "Output MPLS augmentation for the 'active-route' action 863 statement."; 864 uses nhlfe-single-contents; 865 } 867 augment "/rt:routing/rt:ribs/rt:rib/rt:active-route/" 868 + "rt:output/rt:route/" 869 + "rt:next-hop/rt:next-hop-options/rt:next-hop-list/" 870 + "rt:next-hop-list/rt:next-hop" { 871 description 872 "Output MPLS augmentation for the 'active-route' action 873 statement."; 874 uses nhlfe-multiple-contents; 875 } 876 } 877 879 Figure 4: MPLS base YANG module. 881 3. IANA Considerations 883 This document registers the following URIs in the 'ns' sub-registry 884 of the IETF XML registry [RFC3688]. Following the format in 885 [RFC3688], the following registration is requested to be made. 887 URI: urn:ietf:params:xml:ns:yang:ietf-mpls 888 Registrant Contact: The MPLS WG of the IETF. 889 XML: N/A, the requested URI is an XML namespace. 891 This document registers a YANG module in the YANG Module Names 892 registry [RFC6020]. 894 name: ietf-mpls 895 namespace: urn:ietf:params:xml:ns:yang:ietf-mpls 896 prefix: mpls 897 // RFC Ed.: replace XXXX with RFC number and remove this note 898 reference: RFCXXXX 900 4. Security Considerations 902 The YANG module specified in this document define a schema for data 903 that is designed to be accessed via network management protocols such 904 as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer 905 is the secure transport layer, and the mandatory-to-implement secure 906 transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer 907 is HTTPS, and the mandatory-to-implement secure transport is TLS 908 [RFC8446]. 910 The NETCONF access control model [RFC8341] provides the means to 911 restrict access for particular NETCONF or RESTCONF users to a 912 preconfigured subset of all available NETCONF or RESTCONF protocol 913 operations and content. 915 There are a number of data nodes defined in this YANG module that are 916 writable/creatable/deletable (i.e., config true, which is the 917 default). These data nodes may be considered sensitive or vulnerable 918 in some network environments. Write operations (e.g., edit-config) 919 to these data nodes without proper protection can have a negative 920 effect on network operations. These are the subtrees and data nodes 921 and their sensitivity/vulnerability: 923 "/rt:routing/mpls:mpls/mpls:label-blocks": there are data nodes under 924 this path that are writeable such as 'start-label' and 'end-label'. 925 Write operations to those data npdes may cause disruptive action to 926 existing traffic. 928 Some of the readable data nodes in these YANG module may be 929 considered sensitive or vulnerable in some network environments. It 930 is thus important to control read access (e.g., via get, get-config, 931 or notification) to these data nodes. These are the subtrees and 932 data nodes and their sensitivity/vulnerability: 934 "/rt:routing/rt:ribs/rt:rib/rt:routes/rt:route/rt:next-hop/rt:next- 935 hop-options/rt:next-hop-list/rt:next-hop-list/rt:next-hop" and 936 "/rt:routing/rt:ribs/rt:rib/rt:active-route/rt:output/rt:route/ 937 rt:next-hop/rt:next-hop-options/rt:simple-next-hop": these two paths 938 are augmented by additional MPLS leaf(s) defined in this model. 939 Access to this information may disclose the next-hop or path per 940 prefix and/or other information. 942 Some of the RPC operations in this YANG module may be considered 943 sensitive or vulnerable in some network environments. It is thus 944 important to control access to these operations. These are the 945 operations and their sensitivity/vulnerability: 947 "/rt:routing/rt:ribs/rt:rib/rt:active-route/rt:input" and 948 "/rt:routing/rt:ribs/rt:rib/rt:active-route/rt:output/rt:route": 949 these two paths are augmented by additional MPLS data node(s) that 950 are defined in this model. Access to those path(s) may may disclose 951 information about per prefix route and/or other information and that 952 may be further used for further attack(s). 954 The security considerations spelled out in [RFC3031] and [RFC3032] 955 apply for this document as well. 957 5. Acknowledgement 959 The authors would like to thank Xia Chen for her contributions to the 960 early revisions of this document. 962 6. Appendix A. Data Tree Instance Example 964 A simple network setup is shown in Figure 5. R1 run ISIS routinig 965 protcol, and learns reachability about IPv4 prefixes: 966 P1:198.51.100.1/32 and P2: 198.51.100.1/32, and IPv6 prefixes P3: 967 2001:db8:0:10::1/64 and P4: 2001:db8:0:10::1/64. We also assume that 968 R1 learns about local and remote MPLS label bindings for each prefix 969 using ISIS (e.g. using Segment-Routing (SR) extensions). 971 State on R1: 972 ============ 973 IPv4 Prefix MPLS Label 974 P1: 198.51.100.1/32 16001 975 P2: 198.51.100.2/32 16002 977 IPv6 Prefix MPLS Label 978 P3: 2001:db8:0:10::1/64 16003 979 P4: 2001:db8:0:10::2/64 16004 981 RSVP MPLS LSPv4-Tunnel: 982 Source: 198.51.100.3 983 Destination: 198.51.100.4 984 Tunnel-ID: 10 985 LSP-ID: 1 986 192.0.2.5/30 987 2001:db8:0:1::1/64 988 eth0 989 +--- 990 / 991 +-----+ 992 | R1 | 993 +-----+ 994 \ 995 +--- 996 eth1 997 192.0.2.13/30 998 2001:db8:0:2::1/64 1000 Figure 5: Example of network configuration. 1002 The instance data tree could then be as follows: 1004 { 1005 "routing":{ 1006 "ribs":{ 1007 "rib":{ 1008 "RIB-V4":{ 1009 "name":"RIB-V4", 1010 "address-family":"v4ur:ipv4-unicast", 1011 "routes":{ 1012 "route":{ 1013 "a64dcc40-0e68-11eb-af2e-acde48001122":{ 1014 "next-hop":{ 1015 "outgoing-interface":"eth0", 1016 "mpls-label-stack":{ 1017 "entry":{ 1018 "1":{ 1019 "id":1, 1020 "label":16001, 1021 "ttl":255 1022 } 1023 } 1024 }, 1025 "next-hop-address":"192.0.2.5" 1026 }, 1027 "source-protocol":"isis:isis", 1028 "mpls-enabled":true, 1029 "mpls-local-label":16001, 1030 "destination-prefix":"198.51.100.1/32", 1031 "route-context":"SID-IDX:1" 1032 }, 1033 "a6506522-0e68-11eb-af2e-acde48001122":{ 1034 "next-hop":{ 1035 "next-hop-list":{ 1036 "next-hop":{ 1037 "a65116de-0e68-11eb-af2e-acde48001122":{ 1038 "outgoing-interface":"eth0", 1039 "index":"1", 1040 "backup-index":"2", 1041 "role":"primary-and-backup", 1042 "mpls-label-stack":{ 1043 "entry":{ 1044 "1":{ 1045 "id":1, 1046 "label":16002, 1047 "ttl":255 1048 } 1049 } 1050 }, 1051 "address":"192.0.2.5" 1052 }, 1053 "a653df72-0e68-11eb-af2e-acde48001122":{ 1054 "outgoing-interface":"eth1", 1055 "index":"2", 1056 "backup-index":"1", 1057 "role":"primary-and-backup", 1058 "mpls-label-stack":{ 1059 "entry":{ 1060 "1":{ 1061 "id":1, 1062 "label":16002, 1063 "ttl":255 1064 } 1065 } 1067 }, 1068 "address":"192.0.2.13" 1069 } 1070 } 1071 } 1072 }, 1073 "source-protocol":"isis:isis", 1074 "mpls-enabled":true, 1075 "mpls-local-label":16002, 1076 "destination-prefix":"198.51.100.2/32", 1077 "route-context":"SID-IDX:2" 1078 } 1079 } 1080 } 1081 }, 1082 "RIB-V6":{ 1083 "name":"RIB-V6", 1084 "address-family":"v6ur:ipv6-unicast", 1085 "routes":{ 1086 "route":{ 1087 "a64dcc40-0e68-11eb-af2e-acde48001124":{ 1088 "next-hop":{ 1089 "outgoing-interface":"eth0", 1090 "mpls-label-stack":{ 1091 "entry":{ 1092 "1":{ 1093 "id":1, 1094 "label":16003, 1095 "ttl":255 1096 } 1097 } 1098 }, 1099 "next-hop-address":"2001:db8:0:1::1" 1100 }, 1101 "source-protocol":"isis:isis", 1102 "mpls-enabled":true, 1103 "mpls-local-label":16003, 1104 "destination-prefix":"2001:db8:0:10::1/64", 1105 "route-context":"SID-IDX:1" 1106 }, 1107 "a6506522-0e68-11eb-af2e-acde48001124":{ 1108 "next-hop":{ 1109 "next-hop-list":{ 1110 "next-hop":{ 1111 "a65116de-0e68-11eb-af2e-acde48001123":{ 1112 "outgoing-interface":"eth0", 1113 "index":"1", 1114 "backup-index":"2", 1115 "role":"primary-and-backup", 1116 "mpls-label-stack":{ 1117 "entry":{ 1118 "1":{ 1119 "id":1, 1120 "label":16004, 1121 "ttl":255 1122 } 1123 } 1124 }, 1125 "address":"2001:db8:0:1::1" 1126 }, 1127 "a653df72-0e68-11eb-af2e-acde48001123":{ 1128 "outgoing-interface":"eth1", 1129 "index":"2", 1130 "backup-index":"1", 1131 "role":"primary-and-backup", 1132 "mpls-label-stack":{ 1133 "entry":{ 1134 "1":{ 1135 "id":1, 1136 "label":16004, 1137 "ttl":255 1138 } 1139 } 1140 }, 1141 "address":"2001:db8:0:2::1" 1142 } 1143 } 1144 } 1145 }, 1146 "source-protocol":"isis:isis", 1147 "mpls-enabled":true, 1148 "mpls-local-label":16004, 1149 "destination-prefix":"2001:db8:0:10::2/64", 1150 "route-context":"SID-IDX:2" 1151 } 1152 } 1153 } 1154 }, 1155 "RIB-MPLS":{ 1156 "name":"RIB-MPLS", 1157 "address-family":"mpls:mpls-unicast", 1158 "routes":{ 1159 "route":{ 1160 "8dd8bc00-0e5a-11eb-946a-acde48001122":{ 1161 "next-hop":{ 1162 "outgoing-interface":"eth0", 1163 "mpls-label-stack":{ 1164 "entry":{ 1165 "1":{ 1166 "id":1, 1167 "label":24002, 1168 "ttl":255 1169 } 1170 } 1171 } 1172 }, 1173 "source-protocol":"rsvp:rsvp", 1174 "mpls-enabled":true, 1175 "mpls-local-label":24001, 1176 "destination-prefix":"24001", 1177 "route-context":"RSVP Src:198.51.100.3,Dst:198.51.100.4,T:10,L:1" 1178 } 1179 } 1180 } 1181 } 1182 } 1183 }, 1184 "mpls":{ 1185 "mpls-label-blocks":{ 1186 "mpls-label-block":{ 1187 "mpls-srgb-label-block":{ 1188 "index":"mpls-srgb-label-block", 1189 "start-label":16000, 1190 "end-label":16500, 1191 "block-allocation-mode":"mpls:label-block-alloc-mode-manager" 1192 } 1193 } 1194 }, 1195 "interfaces":{ 1196 "interface":{ 1197 "eth0":{ 1198 "name":"eth0", 1199 "mpls-enabled":true, 1200 "maximum-labeled-packet":1488 1201 }, 1202 "eth1":{ 1203 "name":"eth1", 1204 "mpls-enabled":true, 1205 "maximum-labeled-packet":1488 1206 } 1207 } 1208 } 1209 } 1210 } 1212 } 1214 Figure 6: Foo bar. 1216 7. Contributors 1218 Igor Bryskin 1219 Huawei Technologies 1220 email: i_bryskin@yahoo.com 1222 Himanshu Shah 1223 Ciena 1224 email: hshah@ciena.com 1226 8. References 1228 8.1. Normative References 1230 [RFC3032] Rosen, E., Tappan, D., Fedorkow, G., Rekhter, Y., 1231 Farinacci, D., Li, T., and A. Conta, "MPLS Label Stack 1232 Encoding", RFC 3032, DOI 10.17487/RFC3032, January 2001, 1233 . 1235 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 1236 DOI 10.17487/RFC3688, January 2004, 1237 . 1239 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 1240 the Network Configuration Protocol (NETCONF)", RFC 6020, 1241 DOI 10.17487/RFC6020, October 2010, 1242 . 1244 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 1245 and A. Bierman, Ed., "Network Configuration Protocol 1246 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 1247 . 1249 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 1250 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 1251 . 1253 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 1254 RFC 7950, DOI 10.17487/RFC7950, August 2016, 1255 . 1257 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 1258 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 1259 . 1261 [RFC8294] Liu, X., Qu, Y., Lindem, A., Hopps, C., and L. Berger, 1262 "Common YANG Data Types for the Routing Area", RFC 8294, 1263 DOI 10.17487/RFC8294, December 2017, 1264 . 1266 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 1267 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 1268 . 1270 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration 1271 Access Control Model", STD 91, RFC 8341, 1272 DOI 10.17487/RFC8341, March 2018, 1273 . 1275 [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., 1276 and R. Wilton, "Network Management Datastore Architecture 1277 (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, 1278 . 1280 [RFC8343] Bjorklund, M., "A YANG Data Model for Interface 1281 Management", RFC 8343, DOI 10.17487/RFC8343, March 2018, 1282 . 1284 [RFC8349] Lhotka, L., Lindem, A., and Y. Qu, "A YANG Data Model for 1285 Routing Management (NMDA Version)", RFC 8349, 1286 DOI 10.17487/RFC8349, March 2018, 1287 . 1289 [RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L., 1290 Decraene, B., Litkowski, S., and R. Shakir, "Segment 1291 Routing Architecture", RFC 8402, DOI 10.17487/RFC8402, 1292 July 2018, . 1294 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 1295 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 1296 . 1298 8.2. Informative References 1300 [RFC3031] Rosen, E., Viswanathan, A., and R. Callon, "Multiprotocol 1301 Label Switching Architecture", RFC 3031, 1302 DOI 10.17487/RFC3031, January 2001, 1303 . 1305 [RFC7424] Krishnan, R., Yong, L., Ghanwani, A., So, N., and B. 1306 Khasnabish, "Mechanisms for Optimizing Link Aggregation 1307 Group (LAG) and Equal-Cost Multipath (ECMP) Component Link 1308 Utilization in Networks", RFC 7424, DOI 10.17487/RFC7424, 1309 January 2015, . 1311 Authors' Addresses 1313 Tarek Saad 1314 Juniper Networks 1316 Email: tsaad@juniper.net 1318 Kamran Raza 1319 Cisco Systems Inc 1321 Email: skraza@cisco.com 1323 Rakesh Gandhi 1324 Cisco Systems Inc 1326 Email: rgandhi@cisco.com 1328 Xufeng Liu 1329 Volta Networks 1331 Email: xufeng.liu.ietf@gmail.com 1333 Vishnu Pavan Beeram 1334 Juniper Networks 1336 Email: vbeeram@juniper.net