idnits 2.17.1 draft-ietf-opsawg-vpn-common-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 270 has weird spacing: '...et-type rt-...' == Line 279 has weird spacing: '...et-type rt-...' -- The document date (September 16, 2020) is 1316 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC1701' is defined on line 1790, but no explicit reference was found in the text == Unused Reference: 'RFC1702' is defined on line 1795, but no explicit reference was found in the text == Unused Reference: 'RFC2205' is defined on line 1800, but no explicit reference was found in the text == Unused Reference: 'RFC3086' is defined on line 1805, but no explicit reference was found in the text == Unused Reference: 'RFC4364' is defined on line 1810, but no explicit reference was found in the text == Unused Reference: 'RFC4577' is defined on line 1814, but no explicit reference was found in the text == Unused Reference: 'RFC4664' is defined on line 1819, but no explicit reference was found in the text == Unused Reference: 'RFC4761' is defined on line 1824, but no explicit reference was found in the text == Unused Reference: 'RFC4762' is defined on line 1829, but no explicit reference was found in the text == Unused Reference: 'RFC5036' is defined on line 1834, but no explicit reference was found in the text == Unused Reference: 'RFC5880' is defined on line 1838, but no explicit reference was found in the text == Unused Reference: 'RFC6513' is defined on line 1842, but no explicit reference was found in the text == Unused Reference: 'RFC6624' is defined on line 1846, but no explicit reference was found in the text == Unused Reference: 'RFC7348' is defined on line 1851, but no explicit reference was found in the text == Unused Reference: 'RFC7432' is defined on line 1858, but no explicit reference was found in the text == Unused Reference: 'RFC7623' is defined on line 1863, but no explicit reference was found in the text == Unused Reference: 'RFC7676' is defined on line 1868, but no explicit reference was found in the text == Unused Reference: 'RFC8214' is defined on line 1873, but no explicit reference was found in the text == Unused Reference: 'RFC8277' is defined on line 1878, but no explicit reference was found in the text == Unused Reference: 'RFC8426' is defined on line 1891, but no explicit reference was found in the text == Unused Reference: 'RFC8660' is defined on line 1902, but no explicit reference was found in the text == Unused Reference: 'RFC8663' is defined on line 1908, but no explicit reference was found in the text == Unused Reference: 'RFC8754' is defined on line 1913, but no explicit reference was found in the text == Outdated reference: A later version (-19) exists of draft-ietf-opsawg-l2nm-00 == Outdated reference: A later version (-18) exists of draft-ietf-opsawg-l3sm-l3nm-03 Summary: 0 errors (**), 0 flaws (~~), 28 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 opsawg S. Barguil 3 Internet-Draft O. Gonzalez de Dios, Ed. 4 Intended status: Standards Track Telefonica 5 Expires: March 20, 2021 M. Boucadair, Ed. 6 Orange 7 Q. Wu 8 Huawei 9 September 16, 2020 11 A Layer 2/3 VPN Common YANG Model 12 draft-ietf-opsawg-vpn-common-01 14 Abstract 16 This document defines a common YANG module that is meant to be reused 17 by various VPN-related modules such as Layer 3 VPN and Layer 2 VPN 18 Network Models. 20 Editorial Note (To be removed by RFC Editor) 22 Please update these statements within the document with the RFC 23 number to be assigned to this document: 25 o "This version of this YANG module is part of RFC XXXX;" 27 o "RFC XXXX: A Layer 2/3 VPN Common YANG Model"; 29 o reference: RFC XXXX 31 Also, please update the "revision" date of the YANG module. 33 Status of This Memo 35 This Internet-Draft is submitted in full conformance with the 36 provisions of BCP 78 and BCP 79. 38 Internet-Drafts are working documents of the Internet Engineering 39 Task Force (IETF). Note that other groups may also distribute 40 working documents as Internet-Drafts. The list of current Internet- 41 Drafts is at https://datatracker.ietf.org/drafts/current/. 43 Internet-Drafts are draft documents valid for a maximum of six months 44 and may be updated, replaced, or obsoleted by other documents at any 45 time. It is inappropriate to use Internet-Drafts as reference 46 material or to cite them other than as "work in progress." 48 This Internet-Draft will expire on March 20, 2021. 50 Copyright Notice 52 Copyright (c) 2020 IETF Trust and the persons identified as the 53 document authors. All rights reserved. 55 This document is subject to BCP 78 and the IETF Trust's Legal 56 Provisions Relating to IETF Documents 57 (https://trustee.ietf.org/license-info) in effect on the date of 58 publication of this document. Please review these documents 59 carefully, as they describe your rights and restrictions with respect 60 to this document. Code Components extracted from this document must 61 include Simplified BSD License text as described in Section 4.e of 62 the Trust Legal Provisions and are provided without warranty as 63 described in the Simplified BSD License. 65 Table of Contents 67 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 68 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 69 3. Description of the VPN Common YANG Module . . . . . . . . . . 5 70 4. Layer 2/3 VPN Common Module . . . . . . . . . . . . . . . . . 7 71 5. Security Considerations . . . . . . . . . . . . . . . . . . . 36 72 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 36 73 7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 36 74 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 37 75 8.1. Normative References . . . . . . . . . . . . . . . . . . 37 76 8.2. Informative References . . . . . . . . . . . . . . . . . 38 77 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 41 79 1. Introduction 81 Various VPN-related YANG data modules were specified by the IETF 82 (e.g., Layer 3 VPN Service Model (L3SM) [RFC8299] or Layer 2 VPN 83 Service Model (L2SM) [RFC8466]). Others are also being specified 84 (e.g., Layer 3 VPN Network Model (L3NM) [I-D.ietf-opsawg-l3sm-l3nm] 85 or Layer 2 VPN Network Model (L2NM) [I-D.ietf-opsawg-l2nm]). These 86 modules have data nodes and structures that are present in almost all 87 these models or a subset of them. An example of such data nodes is 88 depicted in Figure 1. 90 module: ietf-l2vpn-ntw 91 +--rw vpn-services 92 +--rw vpn-service* [vpn-id] 93 +--rw vpn-id svc-id 94 +--rw vpn-svc-type? identityref 95 +--rw customer-name? string 96 +--rw svc-topo? identityref 97 +-rw service-status 98 | +-rw admin 99 | | +-rw status? operational-type 100 | | +-rw timestamp? yang:date-and-time 101 | +-ro ops 102 | +-ro status? operational-type 103 | +-ro timestamp? yang:date-and-time 104 | ... 106 module: ietf-l3vpn-ntw 107 +--rw vpn-services 108 +--rw vpn-service* [vpn-id] 109 +-rw service-status 110 | +-rw admin 111 | | +-rw status? operational-type 112 | | +-rw timestamp? yang:date-and-time 113 | +-ro ops 114 | +-ro status? operational-type 115 | +-ro timestamp? yang:date-and-time 116 +--rw vpn-id l3vpn-svc:svc-id 117 +--rw l3sm-vpn-id? l3vpn-svc:svc-id 118 +--rw customer-name? string 119 +--rw vpn-service-topology? identityref 120 +--rw description? string 121 | ... 123 Figure 1: Example of Common Data Nodes in Both L2NM/L3NM 125 In order to avoid data nodes duplication and to ease passing data 126 among layers (service layer to network layer and vice versa), early 127 versions of the L3NM reused many of the data nodes that are defined 128 in the L3SM [RFC8299]. Nevertheless, that approach was abandoned 129 because that design was interpreted as if the deployment of L3NM 130 depends on L3SM, while this is not required. For example, a Service 131 Provider may decide to use the L3NM to build its L3VPN services 132 without exposing the L3SM. 134 Likewise, early versions of the L2NM reused many of the data nodes 135 that are defined in both L2SM and L3NM. An example of L3NM groupings 136 reused in L3NM is shown in Figure 2. This data nodes reuse was 137 interpreted as if the deployment of L2NM requires both L3NM; which is 138 not required. 140 module ietf-l2vpn-ntw { 141 ... 142 import ietf-l3vpn-ntw { 143 prefix l3vpn-ntw; 144 reference 145 "RFC NNNN: A Layer 3 VPN Network YANG Model"; 146 } 147 ... 148 container l2vpn-ntw { 149 ... 150 container vpn-services { 151 list vpn-service { 152 ... 153 uses l3vpn-ntw:service-status; 154 uses l3vpn-ntw:svc-transport-encapsulation; 155 ... 156 } 157 } 158 ... 159 } 160 } 162 Figure 2: Excerpt from the L2NM YANG Module 164 To avoid the issues discussed above, this document defines a common 165 YANG module that is meant to be reused by various VPN-related modules 166 such as Layer 3 VPN Network Model (L3NM) [I-D.ietf-opsawg-l3sm-l3nm] 167 and Layer 2 VPN Network Model (L2NM) [I-D.ietf-opsawg-l2nm]: "ietf- 168 vpn-common" (Section 4). 170 The "ietf-vpn-common" module includes a set of identities, types, and 171 groupings that are meant to be reused by other VPN-related YANG 172 modules independently of their layer (e.g., Layer 2, Layer 3) and the 173 type of the module (e.g., network model, service model) including 174 future revisions (if any) of existing models (e.g., Layer 3 VPN 175 Service Model (L3SM) [RFC8299] or Layer 2 VPN Service Model (L2SM) 176 [RFC8466]). 178 2. Terminology 180 The terminology for describing YANG modules is defined in [RFC7950]. 182 The meaning of the symbols in tree diagrams is defined in [RFC8340]. 184 3. Description of the VPN Common YANG Module 186 The "ietf-vpn-common" module defines a set of common identities. It 187 also contains the following reusable groupings. 189 o vpn-description: 191 A YANG grouping that provides common administrative VPN 192 information such as a name, a textual description, and a 193 customer name. 195 o vpn-profile-cfg: 197 A YANG grouping that defines a set of profiles (encryption, 198 routing, forwarding) valid for any L2/L3 VPN. 200 o status-timestamp: 202 A YANG grouping that defines operational and administrative 203 updates of a component. 205 o service-status: 207 A YANG grouping that defines the administrative and operational 208 status of a component. The grouping can be applied to the 209 whole service or an endpoint. 211 o svc-transport-encapsulation: 213 A YANG grouping that defines the type of underlay transport for 214 a VPN service. 216 o rt-rd: 218 A YANG grouping that defines the set of route targets to match 219 for import and export routes to/from VRF. 221 o vpn-node-group: 223 A YANG grouping that is used to group VPN network accesses. 225 The tree diagram of the "ietf-vpn-common" module that depicts the 226 common groupings is provided in Figure 3. 228 module: ietf-vpn-common 230 grouping vpn-description 231 +-- vpn-id? vpn-common:vpn-id 232 +-- vpn-name? string 233 +-- vpn-description? string 234 +-- customer-name? string 235 grouping vpn-profile-cfg 236 +-- valid-provider-identifiers 237 +-- cloud-identifier* [id] {cloud-access}? 238 | +-- id? string 239 +-- encryption-profile-identifier* [id] 240 | +-- id? string 241 +-- qos-profile-identifier* [id] 242 | +-- id? string 243 +-- bfd-profile-identifier* [id] 244 | +-- id? string 245 +-- forwarding-profile-identifier* [id] 246 | +-- id? string 247 +-- routing-profile-identifier* [id] 248 +-- id? string 249 grouping status-timestamp 250 +-- status? identityref 251 +-- last-updated? yang:date-and-time 252 grouping service-status 253 +-- status 254 +-- admin-status 255 | +-- status? identityref 256 | +-- last-updated? yang:date-and-time 257 +--ro oper-status 258 +--ro status? identityref 259 +--ro last-updated? yang:date-and-time 260 grouping svc-transport-encapsulation 261 +-- underlay-transport 262 +-- type* identityref 263 grouping rt-rd 264 +-- rd? union 265 +-- vpn-targets 266 +-- vpn-target* [id] 267 | +-- id? int8 268 | +-- route-targets* [route-target] 269 | | +-- route-target? rt-types:route-target 270 | +-- route-target-type rt-types:route-target-type 271 +-- vpn-policies 272 +-- import-policy? string 273 +-- export-policy? string 274 grouping vpn-route-targets 275 +-- vpn-target* [id] 276 | +-- id? int8 277 | +-- route-targets* [route-target] 278 | | +-- route-target? rt-types:route-target 279 | +-- route-target-type rt-types:route-target-type 280 +-- vpn-policies 281 +-- import-policy? string 282 +-- export-policy? string 283 grouping vpn-node-group 284 +-- groups 285 +-- group* [group-id] 286 +-- group-id? string 288 Figure 3: VPN Common Tree 290 4. Layer 2/3 VPN Common Module 292 This module uses types defined in [RFC6991] and [RFC8294]. 294 Editor's Note: Check that RFCs cited in the reference statements 295 are included in the References Section. 297 file "ietf-vpn-common@2020-09-15.yang" 298 module ietf-vpn-common { 299 yang-version 1.1; 300 namespace "urn:ietf:params:xml:ns:yang:ietf-vpn-common"; 301 prefix vpn-common; 303 import ietf-netconf-acm { 304 prefix nacm; 305 reference 306 "RFC 8341: Network Configuration Access Control Model"; 307 } 308 import ietf-routing-types { 309 prefix rt-types; 310 reference 311 "RFC 8294: Common YANG Data Types for the Routing Area"; 312 } 313 import ietf-yang-types { 314 prefix yang; 315 reference 316 "Section 3 of RFC 6991"; 317 } 319 organization 320 "IETF OPSA (Operations and Management Area) Working Group"; 321 contact 322 "WG Web: 323 WG List: 325 Editor: Samier Barguil 326 328 Editor: Oscar Gonzalez de Dios 329 331 Editor: Mohamed Boucadair 332 334 Author: Qin Wu 335 "; 336 description 337 "This YANG module defines a common module that is meant 338 to be reused by various VPN-related modules (e.g., 339 Layer 3 VPN Service Model (L3SM), Layer 2 VPN Service 340 Model (L2SM), Layer 3 VPN Network Model (L3NM), Layer 2 341 VPN Network Model (L2NM)). 343 Copyright (c) 2020 IETF Trust and the persons identified as 344 authors of the code. All rights reserved. 346 Redistribution and use in source and binary forms, with or 347 without modification, is permitted pursuant to, and subject to 348 the license terms contained in, the Simplified BSD License set 349 forth in Section 4.c of the IETF Trust's Legal Provisions 350 Relating to IETF Documents 351 (https://trustee.ietf.org/license-info). 353 This version of this YANG module is part of RFC XXXX 354 (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself 355 for full legal notices."; 357 revision 2020-09-15 { 358 description 359 "Initial revision."; 360 reference 361 "RFC XXXX: A Layer 2/3 VPN Common YANG Model"; 362 } 364 /* Features */ 366 feature cloud-access { 367 description 368 "Indicates support of the VPN to connect to a Cloud 369 Service Provider (CSP)."; 370 } 372 feature lag-interface { 373 description 374 "Indicates the support of link aggregation between 375 VPN site network accesses."; 377 } 379 feature site-diversity { 380 description 381 "Indicates the support of site diversity constraints 382 in the customer premises. An example of these 383 constraints may be to avoid connecting 384 a site network access to the same Provider 385 Edge as a target site network access."; 386 } 388 feature dot1q { 389 description 390 "Indicates the support of the 'dot1q' 391 encapsulation."; 392 reference 393 "IEEE Std 802.1Q: Bridges and Bridged Networks"; 394 } 396 feature qinq { 397 description 398 "Indicates the support of the 'qinq' 399 encapsulation."; 400 reference 401 "IEEE Std 802.1ad: Provider Bridges"; 402 } 404 feature vxlan { 405 description 406 "Indicates the support of the 'vxlan' 407 encapsulation."; 408 reference 409 "RFC 7348: Virtual eXtensible Local Area Network (VXLAN): 410 A Framework for Overlaying Virtualized Layer 2 411 Networks over Layer 3 Networks"; 412 } 414 feature qinany { 415 description 416 "Indicates the support of the 'qinany' 417 encapsulation."; 418 } 420 feature multicast { 421 description 422 "Indicates multicast capabilities support in a VPN."; 423 reference 424 "RFC 6513: Multicast in MPLS/BGP IP VPNs"; 426 } 428 feature ipv4 { 429 description 430 "Indicates IPv4 support in a VPN."; 431 } 433 feature ipv6 { 434 description 435 "Indicates IPv6 support in a VPN."; 436 } 438 feature carrierscarrier { 439 description 440 "Indicates support of Carrier-of-Carrier VPNs."; 441 reference 442 "Section 9 of RFC 4364"; 443 } 445 feature extranet-vpn { 446 description 447 "Indicates support of extranet VPNs. That is, 448 the capability of a VPN to access a list of 449 other VPNs."; 450 } 452 feature fast-reroute { 453 description 454 "Indicates support of Fast Reroute (FRR)."; 455 } 457 feature qos { 458 description 459 "Indicates support of Classes of Services (CoSes)."; 460 } 462 feature encryption { 463 description 464 "Indicates support of encryption."; 465 } 467 feature rtg-ospf { 468 description 469 "Indicates support of the OSPF routing protocol."; 470 reference 471 "RFC 4577: OSPF as the Provider/Customer Edge Protocol 472 for BGP/MPLS IP Virtual Private Networks 473 (VPNs)"; 475 } 477 feature rtg-ospf-sham-link { 478 description 479 "This feature indicates the support of OSPF sham links."; 480 reference 481 "Section 4.2.7 of RFC 4577"; 482 } 484 feature rtg-bgp { 485 description 486 "Indicates support of BGP as the Provider/Customer 487 Edge protocol."; 488 } 490 feature rtg-rip { 491 description 492 "Indicates support of RIP as the Provider/Customer 493 Edge protocol."; 494 } 496 feature rtg-vrrp { 497 description 498 "Indicates support of the Virtual Router Redundancy 499 Protocol (VRRP) between a cutsomer LAN and the PE."; 500 } 502 feature rtg-isis { 503 description 504 "Indicates the support of IS-IS as the Provider/Customer 505 Edge protocol."; 506 } 508 feature bfd { 509 description 510 "Indicates support of Bidirectional Forwarding Detection 511 (BFD) between the CE and the PE."; 512 reference 513 "RFC 5880: Bidirectional Forwarding Detection (BFD)"; 514 } 516 feature bearer-reference { 517 description 518 "Indicates support of the bearer reference access 519 constraint. That is, the reuse of a network connection 520 that was already ordered to the SP apart from the IP VPN 521 site."; 522 } 523 feature input-bw { 524 description 525 "Indicates the support of the input bandwidth in a VPN."; 526 } 528 /* Typedef */ 530 typedef vpn-id { 531 type string; 532 description 533 "Defines an identifier that is used as 534 a service identifier, for example."; 535 } 537 typedef address-family { 538 type enumeration { 539 enum ipv4 { 540 description 541 "IPv4 address family."; 542 } 543 enum ipv6 { 544 description 545 "IPv6 address family."; 546 } 547 } 548 description 549 "Defines a type for the address family."; 550 } 552 //L2xMs 554 typedef ccm-priority-type { 555 type uint8 { 556 range "0..7"; 557 } 558 description 559 "A 3-bit priority value to be used in the VLAN tag, 560 if present in the transmitted frame."; 561 } 563 typedef control-mode { 564 type enumeration { 565 enum peer { 566 description 567 "'peer' mode, i.e., participate in the protocol towards 568 the CE. Peering is common for LACP and the Ethernet 569 Local Management Interface (E-LMI) and, occasionally, 570 for LLDP. For VPLSs and VPWSs, the subscriber can also 571 request that the SP peer enable spanning tree."; 572 } 573 enum tunnel { 574 description 575 "'tunnel' mode, i.e., pass to the egress or destination 576 site. For EPLs, the expectation is that L2CP frames are 577 tunneled."; 578 } 579 enum discard { 580 description 581 "'discard' mode, i.e., discard the frame."; 582 } 583 } 584 description 585 "Defines the type of control mode on L2CP protocols."; 586 } 588 typedef neg-mode { 589 type enumeration { 590 enum full-duplex { 591 description 592 "Defines full-duplex mode."; 593 } 594 enum auto-neg { 595 description 596 "Defines auto-negotiation mode."; 597 } 598 } 599 description 600 "Defines the type of negotiation mode."; 601 } 603 /* Identities */ 605 identity routing-protocol-type { 606 description 607 "Base identity for routing protocol type."; 608 } 610 identity ospf { 611 base routing-protocol-type; 612 description 613 "Identity for OSPF protocol type."; 614 } 616 identity bgp { 617 base routing-protocol-type; 618 description 619 "Identity for BGP protocol type."; 620 } 622 identity static { 623 base routing-protocol-type; 624 description 625 "Identity for static routing protocol type."; 626 } 628 identity rip { 629 base routing-protocol-type; 630 description 631 "Identity for RIP protocol type."; 632 } 634 identity isis { 635 base routing-protocol-type; 636 description 637 "Identity for IS-IS protocol type."; 638 } 640 identity vrrp { 641 base routing-protocol-type; 642 description 643 "Identity for VRRP protocol type. 645 This is to be used when LANs are directly connected 646 to PE routers."; 647 } 649 identity direct { 650 base routing-protocol-type; 651 description 652 "Identity for direct protocol type. 654 This is to be used when LANs are directly connected 655 to PE routers and and must be advertised in the VPN."; 656 } 658 identity bw-direction { 659 description 660 "Identity for the bandwidth direction."; 661 } 663 identity input-bw { 664 base bw-direction; 665 description 666 "Identity for the input bandwidth."; 668 } 670 identity output-bw { 671 base bw-direction; 672 description 673 "Identity for the output bandwidth."; 674 } 676 identity bw-type { 677 description 678 "Identity of the bandwidth type."; 679 } 681 identity bw-per-cos { 682 base bw-type; 683 description 684 "Bandwidth is per CoS."; 685 } 687 identity bw-per-port { 688 base bw-type; 689 description 690 "Bandwidth is per site network access."; 691 } 693 identity bw-per-site { 694 base bw-type; 695 description 696 "Bandwidth is per site. It is applicable to 697 all the site network accesses within a site."; 698 } 700 identity bw-per-svc { 701 base bw-type; 702 description 703 "Bandwidth is per VPN service."; 704 } 706 identity qos-profile-direction { 707 description 708 "Base identity for the QoS profile direction."; 709 } 711 identity site-to-wan { 712 base qos-profile-direction; 713 description 714 "Identity for Site-to-WAN direction."; 715 } 716 identity wan-to-site { 717 base qos-profile-direction; 718 description 719 "Identity for WAN-to-Site direction."; 720 } 722 identity both { 723 base qos-profile-direction; 724 description 725 "Identity for both WAN-to-Site and Site-to-WAN 726 directions."; 727 } 729 identity customer-application { 730 description 731 "Base identity for customer applications."; 732 } 734 identity web { 735 base customer-application; 736 description 737 "Identity for a aWeb application (e.g., HTTP, HTTPS)."; 738 } 740 identity mail { 741 base customer-application; 742 description 743 "Identity for a mail application."; 744 } 746 identity file-transfer { 747 base customer-application; 748 description 749 "Identity for a file transfer application 750 (e.g., FTP, SFTP)."; 751 } 753 identity database { 754 base customer-application; 755 description 756 "Identity for a database application."; 757 } 759 identity social { 760 base customer-application; 761 description 762 "Identity for a social-network application."; 763 } 764 identity games { 765 base customer-application; 766 description 767 "Identity for a gaming application."; 768 } 770 identity p2p { 771 base customer-application; 772 description 773 "Identity for a peer-to-peer application."; 774 } 776 identity network-management { 777 base customer-application; 778 description 779 "Identity for a management application 780 (e.g., Telnet, syslog, SNMP)."; 781 } 783 identity voice { 784 base customer-application; 785 description 786 "Identity for a voice application."; 787 } 789 identity video { 790 base customer-application; 791 description 792 "Identity for a video conference application."; 793 } 795 identity embb { 796 base customer-application; 797 description 798 "Identity for an enhanced Mobile Broadband (eMBB) 799 application. Note that an eMBB application demands 800 network performance with a wide variety of 801 characteristics, such as data rate, latency, 802 loss rate, reliability, and many other parameters."; 803 } 805 identity urllc { 806 base customer-application; 807 description 808 "Identity for an Ultra-Reliable and Low Latency 809 Communications (URLLC) application. Note that a 810 URLLC application demands network performance 811 with a wide variety of characteristics, such as latency, 812 reliability, and many other parameters."; 813 } 815 identity mmtc { 816 base customer-application; 817 description 818 "Identity for a massive Machine Type 819 Communications (mMTC) application. Note that an 820 mMTC application demands network performance 821 with a wide variety of characteristics, such as data 822 rate, latency, loss rate, reliability, and many 823 other parameters."; 824 } 826 identity ie-type { 827 description 828 "Defines Import-Export routing profiles. 829 Those profiles can be reused between VPN nodes."; 830 } 832 identity import { 833 base ie-type; 834 description 835 "Import a routing profile."; 836 } 838 identity export { 839 base ie-type; 840 description 841 "Export a routing profile."; 842 } 844 identity import-export { 845 base ie-type; 846 description 847 "Import/Export a routing profile."; 848 } 850 identity site-network-access-type { 851 description 852 "Base identity for site-network-access type."; 853 } 855 identity point-to-point { 856 base site-network-access-type; 857 description 858 "Identity for point-to-point connections."; 859 } 860 identity multipoint { 861 base site-network-access-type; 862 description 863 "Identity for multipoint connections. 864 Example: Ethernet broadcast segment."; 865 } 867 identity pseudowire { 868 base site-network-access-type; 869 description 870 "Identity for pseudowire connections."; 871 } 873 identity loopback { 874 base site-network-access-type; 875 description 876 "Identity for loopback connections."; 877 } 879 identity operational-status { 880 description 881 "Base identity for the operational status."; 882 } 884 identity operational-state-up { 885 base operational-status; 886 description 887 "Operational status is UP/Enabled."; 888 } 890 identity operational-state-down { 891 base operational-status; 892 description 893 "Operational status is DOWN/Disabled."; 894 } 896 identity operational-state-unknown { 897 base operational-status; 898 description 899 "Operational status is UNKNOWN."; 900 } 902 identity administrative-status { 903 description 904 "Base identity for administrative status."; 905 } 907 identity administrative-state-up { 908 base administrative-status; 909 description 910 "Administrative status is UP/Enabled."; 911 } 913 identity administrative-state-down { 914 base administrative-status; 915 description 916 "Administrative status is DOWN/Disabled."; 917 } 919 identity administrative-state-testing { 920 base administrative-status; 921 description 922 "Administrative status is up for testing purposes."; 923 } 925 identity administrative-state-pre-deployment { 926 base administrative-status; 927 description 928 "Administrative status is pre-deployment phase. 929 That is prior to the actual deployment of a service."; 930 } 932 identity encapsulation-type { 933 description 934 "Base identity for the encapsulation type."; 935 } 937 identity priority-tagged { 938 base encapsulation-type; 939 description 940 "Identity for the priority-tagged interface."; 941 } 943 identity dot1q { 944 base encapsulation-type; 945 description 946 "Identity for the support of the 'dot1q' 947 encapsulation."; 948 } 950 identity qinq { 951 base encapsulation-type; 952 description 953 "Identity for the support of the 'qinq' 954 encapsulation."; 955 } 956 identity qinany { 957 base encapsulation-type; 958 description 959 "Identity for the support of the 'qinany' 960 encapsulation."; 961 } 963 identity vxlan { 964 base encapsulation-type; 965 description 966 "Identity for the support of the 'vxlan' 967 encapsulation."; 968 } 970 identity ethernet-type { 971 base encapsulation-type; 972 description 973 "Identity of the Ethernet encapsulation type."; 974 } 976 identity vlan-type { 977 base encapsulation-type; 978 description 979 "Identity of the VLAN encapsulation."; 980 } 982 identity untagged-int { 983 base encapsulation-type; 984 description 985 "Identity of the untagged interface type."; 986 } 988 identity tagged-int { 989 base encapsulation-type; 990 description 991 "Identity of the tagged interface type."; 992 } 994 identity lag-int { 995 base encapsulation-type; 996 description 997 "Identity of the Link Aggregation Group (LAG) 998 interface type."; 999 reference 1000 "IEEE Std. 802.1AX: Link Aggregation"; 1001 } 1003 identity tag-type { 1004 description 1005 "Base identity of the tag types."; 1006 } 1008 identity c-vlan { 1009 base tag-type; 1010 description 1011 "A CVLAN tag, normally using the 0x8100 Ethertype."; 1012 } 1014 identity s-vlan { 1015 base tag-type; 1016 description 1017 "An SVLAN tag."; 1018 } 1020 identity c-s-vlan { 1021 base tag-type; 1022 description 1023 "Uses both a CVLAN tag and an SVLAN tag."; 1024 } 1026 identity protocol-type { 1027 description 1028 "Base identity for Protocol Type."; 1029 } 1031 identity gre { 1032 base protocol-type; 1033 description 1034 "GRE encapsulation."; 1035 reference 1036 "RFC 1701: Generic Routing Encapsulation (GRE) 1037 RFC 1702: Generic Routing Encapsulation over IPv4 networks 1038 RFC 7676: IPv6 Support for Generic Routing Encapsulation 1039 (GRE)"; 1040 } 1042 identity ldp { 1043 base protocol-type; 1044 description 1045 "Transport based on LDP."; 1046 reference 1047 "RFC 3086: LDP Specification"; 1048 } 1050 identity sr { 1051 base protocol-type; 1052 description 1053 "Transport based on SR."; 1054 reference 1055 "RFC 8660: Segment Routing with the MPLS Data Plane 1056 RFC 8663: MPLS Segment Routing over IP 1057 RFC 8754: IPv6 Segment Routing Header (SRH)"; 1058 } 1060 identity sr-te { 1061 base protocol-type; 1062 description 1063 "Transport based on SR-TE."; 1064 reference 1065 "RFC 8426: Recommendations for RSVP-TE and Segment Routing (SR) 1066 Label Switched Path (LSP) Coexistence"; 1067 } 1069 identity rsvp-te { 1070 base protocol-type; 1071 description 1072 "Transport based on RSVP-TE."; 1073 reference 1074 "RFC 2205: Resource ReSerVation Protocol (RSVP) -- 1075 Version 1 Functional Specification"; 1076 } 1078 identity bgp-lu { 1079 base protocol-type; 1080 description 1081 "Transport based on BGP-LU."; 1082 reference 1083 "RFC 8277: Using BGP to Bind MPLS Labels to Address 1084 Prefixes"; 1085 } 1087 identity unknown { 1088 base protocol-type; 1089 description 1090 "Not known protocol type."; 1091 } 1093 identity vpn-topology { 1094 description 1095 "Base identity of the VPN topology."; 1096 } 1098 identity any-to-any { 1099 base vpn-topology; 1100 description 1101 "Identity for any-to-any VPN topology."; 1102 } 1104 identity hub-spoke { 1105 base vpn-topology; 1106 description 1107 "Identity for Hub-and-Spoke VPN topology."; 1108 } 1110 identity hub-spoke-disjoint { 1111 base vpn-topology; 1112 description 1113 "Identity for Hub-and-Spoke VPN topology 1114 where Hubs cannot communicate with each other."; 1115 } 1117 identity custom { 1118 base vpn-topology; 1119 description 1120 "Identity of a custom VPN topology where Hubs 1121 can act as Spoke for certain parts of 1122 the network or Spokes as Hubs."; 1123 } 1125 identity role { 1126 description 1127 "Base identity of a site or a node role."; 1128 } 1130 identity any-to-any-role { 1131 base role; 1132 description 1133 "Identity of any-to-any IP VPN."; 1134 } 1136 identity spoke-role { 1137 base role; 1138 description 1139 "A node or a site is acting as a Spoke IP VPN."; 1140 } 1142 identity hub-role { 1143 base role; 1144 description 1145 "A node or a site isacting as a Hub IP VPN."; 1146 } 1147 identity custom-role { 1148 base role; 1149 description 1150 "A node or a site is custom role in the VPN."; 1151 } 1153 identity vpn-signaling-type { 1154 description 1155 "Identity of VPN signaling types"; 1156 } 1158 identity l2vpn-bgp { 1159 base vpn-signaling-type; 1160 description 1161 "Identity of Layer 2 VPNs using BGP"; 1162 reference 1163 "RFC 6624: Layer 2 Virtual Private Networks Using BGP for 1164 Auto-Discovery and Signaling"; 1165 } 1167 identity evpn-bgp { 1168 base vpn-signaling-type; 1169 description 1170 "Identity of BGP Ethernet VPNs."; 1171 reference 1172 "RFC 7432: BGP MPLS-Based Ethernet VPN"; 1173 } 1175 identity t-ldp { 1176 base vpn-signaling-type; 1177 description 1178 "Identity of Targeted Label Distribution Protocol."; 1179 reference 1180 "RFC 5036: LDP Specification"; 1181 } 1183 identity h-vpls { 1184 base vpn-signaling-type; 1185 description 1186 "Identity of hierarchical VPLS."; 1187 reference 1188 "RFC 4762: Virtual Private LAN Service (VPLS) Using 1189 Label Distribution Protocol (LDP) 1190 Signaling"; 1191 } 1193 identity l2tp { 1194 base vpn-signaling-type; 1195 description 1196 "Identity of l2tp."; 1197 } 1199 identity service-type { 1200 description 1201 "Identity of service type."; 1202 } 1204 identity l3vpn { 1205 base service-type; 1206 description 1207 "Identity of L3VPN service."; 1208 } 1210 identity vpws { 1211 base service-type; 1212 description 1213 "Identity of the Point-to-point Virtual Private 1214 Wire Service (VPWS) service type."; 1215 } 1217 identity pwe3 { 1218 base service-type; 1219 description 1220 "Identity of the Pseudowire Emulation Edge to Edge 1221 (PWE3) service type."; 1222 } 1224 identity ldp-l2tp-vpls { 1225 base service-type; 1226 description 1227 "Identity of the LDP-based or L2TP-based multipoint 1228 Virtual Private LAN Service (VPLS) service type. 1229 This VPLS uses LDP-signaled Pseudowires 1230 or L2TP-signaled Pseudowires."; 1231 } 1233 identity bgp-vpls { 1234 base service-type; 1235 description 1236 "Identity of the BGP-based multipoint VPLS service type. 1237 This VPLS uses a BGP control plane."; 1238 reference 1239 "RFC 4761: Virtual Private LAN Service (VPLS) Using 1240 BGP for Auto-Discovery and Signaling 1241 RFC 6624: Layer 2 Virtual Private Networks Using BGP for 1242 Auto-Discovery and Signaling"; 1244 } 1246 identity vpws-evpn { 1247 base service-type; 1248 description 1249 "Identity of the VPWS service type using EVPNs."; 1250 reference 1251 "RFC 8214: Virtual Private Wire Service Support 1252 in Ethernet VPN"; 1253 } 1255 identity pbb-evpn { 1256 base service-type; 1257 description 1258 "Identity of Provider Backbone Bridging (PBB) EVPNs."; 1259 reference 1260 "RFC 7623: Provider Backbone Bridging Combined 1261 with Ethernet VPN (PBB-EVPN)"; 1262 } 1264 identity vxlan-peer-mode { 1265 description 1266 "Base identity for the VXLAN peer mode."; 1267 } 1269 identity static-mode { 1270 base vxlan-peer-mode; 1271 description 1272 "Identity for VXLAN access in the static mode."; 1273 } 1275 identity bgp-mode { 1276 base vxlan-peer-mode; 1277 description 1278 "Identity for VXLAN access by BGP EVPN learning."; 1279 } 1281 identity multicast-gp-address-mapping { 1282 description 1283 "Identity for multicast group mapping type."; 1284 } 1286 identity static-mapping { 1287 base multicast-gp-address-mapping; 1288 description 1289 "Identity for static mapping, i.e., attach the interface 1290 to the multicast group as a static member."; 1291 } 1292 identity dynamic-mapping { 1293 base multicast-gp-address-mapping; 1294 description 1295 "Identity for dynamic mapping, i.e., an interface was added 1296 to the multicast group as a result of snooping."; 1297 } 1299 identity multicast-tree-type { 1300 description 1301 "Base identity for multicast tree type."; 1302 } 1304 identity ssm-tree-type { 1305 base multicast-tree-type; 1306 description 1307 "Identity for SSM tree type."; 1308 } 1310 identity asm-tree-type { 1311 base multicast-tree-type; 1312 description 1313 "Identity for ASM tree type."; 1314 } 1316 identity bidir-tree-type { 1317 base multicast-tree-type; 1318 description 1319 "Identity for bidirectional tree type."; 1320 } 1322 identity multicast-rp-discovery-type { 1323 description 1324 "Base identity for RP discovery type."; 1325 } 1327 identity auto-rp { 1328 base multicast-rp-discovery-type; 1329 description 1330 "Base identity for Auto-RP discovery type."; 1331 } 1333 identity static-rp { 1334 base multicast-rp-discovery-type; 1335 description 1336 "Base identity for static type."; 1337 } 1339 identity bsr-rp { 1340 base multicast-rp-discovery-type; 1341 description 1342 "Base identity for BSR discovery type."; 1343 } 1345 identity tf-type { 1346 description 1347 "Identity for the traffic type."; 1348 } 1350 identity multicast-traffic { 1351 base tf-type; 1352 description 1353 "Identity for multicast traffic."; 1354 } 1356 identity broadcast-traffic { 1357 base tf-type; 1358 description 1359 "Identity for broadcast traffic."; 1360 } 1362 identity unknown-unicast-traffic { 1363 base tf-type; 1364 description 1365 "Identity for unknown unicast traffic."; 1366 } 1368 identity bundling-type { 1369 description 1370 "The base identity for the bundling type. It supports 1371 multiple CE-VLANs associated with an L2VPN service or 1372 all CE-VLANs associated with an L2VPN service."; 1373 } 1375 identity multi-svc-bundling { 1376 base bundling-type; 1377 description 1378 "Identity for multi-service bundling, i.e., 1379 multiple CE-VLAN IDs can be associated with an 1380 L2VPN service at a site."; 1381 } 1383 identity one2one-bundling { 1384 base bundling-type; 1385 description 1386 "Identity for one-to-one service bundling, i.e., 1387 each L2VPN can be associated with only one CE-VLAN ID 1388 at a site."; 1389 } 1391 identity all2one-bundling { 1392 base bundling-type; 1393 description 1394 "Identity for all-to-one bundling, i.e., all CE-VLAN IDs 1395 are mapped to one L2VPN service."; 1396 } 1398 /* Grouping */ 1400 grouping vpn-description { 1401 leaf vpn-id { 1402 type vpn-common:vpn-id; 1403 description 1404 "VPN identifier. 1405 This identifier has a local meaning."; 1406 } 1407 leaf vpn-name { 1408 type string; 1409 description 1410 "A name used to refer to the VPN."; 1411 } 1412 leaf vpn-description { 1413 type string; 1414 description 1415 "Textual description of a VPN service."; 1416 } 1417 leaf customer-name { 1418 type string; 1419 description 1420 "Name of the customer that actually uses the VPN service."; 1421 } 1422 description 1423 "Provides common VPN information."; 1424 } 1426 grouping vpn-profile-cfg { 1427 container valid-provider-identifiers { 1428 list cloud-identifier { 1429 if-feature "cloud-access"; 1430 key "id"; 1431 leaf id { 1432 type string; 1433 description 1434 "Identification of cloud service. 1435 Local administration meaning."; 1437 } 1438 description 1439 "List for Cloud Identifiers."; 1440 } 1441 list encryption-profile-identifier { 1442 key "id"; 1443 leaf id { 1444 type string; 1445 description 1446 "Identification of the SP encryption profile 1447 to be used. Local administration meaning."; 1448 } 1449 description 1450 "List for encryption profile identifiers."; 1451 } 1452 list qos-profile-identifier { 1453 key "id"; 1454 leaf id { 1455 type string; 1456 description 1457 "Identification of the QoS Profile to be used. 1458 Local administration meaning."; 1459 } 1460 description 1461 "List for QoS Profile Identifiers."; 1462 } 1463 list bfd-profile-identifier { 1464 key "id"; 1465 leaf id { 1466 type string; 1467 description 1468 "Identification of the SP BFD Profile to be used. 1469 Local administration meaning."; 1470 } 1471 description 1472 "List for BFD Profile identifiers."; 1473 } 1474 list forwarding-profile-identifier { 1475 key "id"; 1476 leaf id { 1477 type string; 1478 description 1479 "Identification of the Forwrding Profile Filter to be used. 1480 Local administration meaning."; 1481 } 1482 description 1483 "List for Forwrding Profile identifiers."; 1484 } 1485 list routing-profile-identifier { 1486 key "id"; 1487 leaf id { 1488 type string; 1489 description 1490 "Identification of the routing Profile to be used 1491 by the routing-protocols within sites, vpn- 1492 network-accesses or vpn-nodes for refering 1493 vrf-import/export policies. 1494 This identifier has a local meaning."; 1495 } 1496 description 1497 "List for Routing Profile Identifiers."; 1498 } 1499 nacm:default-deny-write; 1500 description 1501 "Container for Valid Provider Identifies."; 1502 } 1503 description 1504 "Grouping for VPN Profile configuration."; 1505 } 1507 grouping status-timestamp { 1508 leaf status { 1509 type identityref { 1510 base operational-status; 1511 } 1512 description 1513 "Operations status"; 1514 } 1515 leaf last-updated { 1516 type yang:date-and-time; 1517 description 1518 "Indicates the actual date and time of the service 1519 status change."; 1520 } 1521 description 1522 "This grouping defines some operational 1523 parameters for the service."; 1524 } 1526 grouping service-status { 1527 container status { 1528 container admin-status { 1529 leaf status { 1530 type identityref { 1531 base administrative-status; 1532 } 1533 description 1534 "Administrative service status."; 1535 } 1536 leaf last-updated { 1537 type yang:date-and-time; 1538 description 1539 "Indicates the actual date and time of the service 1540 status change."; 1541 } 1542 description 1543 "Administrative service status."; 1544 } 1545 container oper-status { 1546 config false; 1547 uses status-timestamp; 1548 description 1549 "Operational service status."; 1550 } 1551 description 1552 "Service status."; 1553 } 1554 description 1555 "Service status grouping."; 1556 } 1558 grouping svc-transport-encapsulation { 1559 container underlay-transport { 1560 leaf-list type { 1561 type identityref { 1562 base protocol-type; 1563 } 1564 ordered-by user; 1565 description 1566 "Protocols used to deliver a VPN service."; 1567 } 1568 description 1569 "Container for the Transport underlay."; 1570 } 1571 description 1572 "This grouping defines the type of underlay transport 1573 for VPN service."; 1574 } 1576 grouping rt-rd { 1577 leaf rd { 1578 type union { 1579 type rt-types:route-distinguisher; 1580 type empty; 1582 } 1583 description 1584 "Route distinguisher value. If this leaf has not been 1585 configured, the server will auto-assign a route 1586 distinguisher value and use that value operationally. 1587 This calculated value is available in the operational 1588 state. 1590 Use the empty type to indicate RD has no value and 1591 is not to be aouto-assigned."; 1592 } 1593 container vpn-targets { 1594 description 1595 "Set of route-targets to match for import and export routes 1596 to/from VRF"; 1597 uses vpn-route-targets; 1598 } 1599 description 1600 "Grouping for RT and RD."; 1601 } 1603 grouping vpn-route-targets { 1604 description 1605 "A grouping that specifies Route Target import-export rules 1606 used in a BGP-enabled VPN."; 1607 list vpn-target { 1608 key "id"; 1609 leaf id { 1610 type int8; 1611 description 1612 "Identifies each VPN Target"; 1613 } 1614 list route-targets { 1615 key "route-target"; 1616 leaf route-target { 1617 type rt-types:route-target; 1618 description 1619 "Route Target value"; 1620 } 1621 description 1622 "List of Route Targets."; 1623 } 1624 leaf route-target-type { 1625 type rt-types:route-target-type; 1626 mandatory true; 1627 description 1628 "Import/export type of the Route Target."; 1629 } 1630 description 1631 "L3VPN route targets. AND/OR Operations are available 1632 based on the RTs assigment."; 1633 } 1634 reference 1635 "RFC 4364: BGP/MPLS IP Virtual Private Networks (VPNs) 1636 RFC 4664: Framework for Layer 2 Virtual Private Networks 1637 (L2VPNs)"; 1638 container vpn-policies { 1639 description 1640 "VPN policies"; 1641 leaf import-policy { 1642 type string; 1643 description 1644 "Defines the import policy."; 1645 } 1646 leaf export-policy { 1647 type string; 1648 description 1649 "Defines the export policy."; 1650 } 1651 } 1652 } 1654 grouping vpn-node-group { 1655 container groups { 1656 list group { 1657 key "group-id"; 1658 leaf group-id { 1659 type string; 1660 description 1661 "Group-id the vpn-node belongs to."; 1662 } 1663 description 1664 "List of group-ids."; 1665 } 1666 description 1667 "Groups the vpn node and network access belongs to."; 1668 } 1669 description 1670 "Grouping definition to assign 1671 group-ids to group or network access."; 1672 } 1673 } 1674 1676 5. Security Considerations 1678 The YANG modules specified in this document define schemas for data 1679 that is designed to be accessed via network management protocols such 1680 as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer 1681 is the secure transport layer, and the mandatory-to-implement secure 1682 transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer 1683 is HTTPS, and the mandatory-to-implement secure transport is TLS 1684 [RFC8446]. 1686 The Network Configuration Access Control Model (NACM) [RFC8341] 1687 provides the means to restrict access for particular NETCONF or 1688 RESTCONF users to a preconfigured subset of all available NETCONF or 1689 RESTCONF protocol operations and content. 1691 The "ietf-vpn-common" module defines a set of identities, types, and 1692 groupings. These nodes are intended to be reused by other YANG 1693 modules. As such, the module does not expose by itself any data 1694 nodes which are writable, contain read-only state, or RPCs. As such, 1695 there are no additional security issues to be considered relating to 1696 the "ietf-vpn-common" module. 1698 6. IANA Considerations 1700 This document requests IANA to register the following URI in the "ns" 1701 subregistry within the "IETF XML Registry" [RFC3688]: 1703 URI: urn:ietf:params:xml:ns:yang:ietf-vpn-common 1704 Registrant Contact: The IESG. 1705 XML: N/A; the requested URI is an XML namespace. 1707 This document requests IANA to register the following YANG module in 1708 the "YANG Module Names" subregistry [RFC6020] within the "YANG 1709 Parameters" registry. 1711 name: ietf-vpn-common 1712 namespace: urn:ietf:params:xml:ns:yang:ietf-vpn-common 1713 maintained by IANA: N 1714 prefix: vpn-common 1715 reference: RFC XXXX 1717 7. Contributors 1718 Italo Busi 1719 Huawei Technologies 1720 Email: Italo.Busi@huawei.com 1722 Luis Angel Munoz 1723 Vodafone 1724 Email: luis-angel.munoz@vodafone.com 1726 Victor Lopez Alvarez 1727 Telefonica 1728 Email: victor.lopezalvarez@telefonica.com 1730 8. References 1732 8.1. Normative References 1734 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 1735 DOI 10.17487/RFC3688, January 2004, 1736 . 1738 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 1739 the Network Configuration Protocol (NETCONF)", RFC 6020, 1740 DOI 10.17487/RFC6020, October 2010, 1741 . 1743 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 1744 and A. Bierman, Ed., "Network Configuration Protocol 1745 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 1746 . 1748 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 1749 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 1750 . 1752 [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", 1753 RFC 6991, DOI 10.17487/RFC6991, July 2013, 1754 . 1756 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 1757 RFC 7950, DOI 10.17487/RFC7950, August 2016, 1758 . 1760 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 1761 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 1762 . 1764 [RFC8294] Liu, X., Qu, Y., Lindem, A., Hopps, C., and L. Berger, 1765 "Common YANG Data Types for the Routing Area", RFC 8294, 1766 DOI 10.17487/RFC8294, December 2017, 1767 . 1769 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration 1770 Access Control Model", STD 91, RFC 8341, 1771 DOI 10.17487/RFC8341, March 2018, 1772 . 1774 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 1775 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 1776 . 1778 8.2. Informative References 1780 [I-D.ietf-opsawg-l2nm] 1781 barguil, s., Dios, O., Boucadair, M., Munoz, L., Jalil, 1782 L., and J. Ma, "A Layer 2 VPN Network YANG Model", draft- 1783 ietf-opsawg-l2nm-00 (work in progress), July 2020. 1785 [I-D.ietf-opsawg-l3sm-l3nm] 1786 barguil, s., Dios, O., Boucadair, M., Munoz, L., and A. 1787 Aguado, "A Layer 3 VPN Network YANG Model", draft-ietf- 1788 opsawg-l3sm-l3nm-03 (work in progress), April 2020. 1790 [RFC1701] Hanks, S., Li, T., Farinacci, D., and P. Traina, "Generic 1791 Routing Encapsulation (GRE)", RFC 1701, 1792 DOI 10.17487/RFC1701, October 1994, 1793 . 1795 [RFC1702] Hanks, S., Li, T., Farinacci, D., and P. Traina, "Generic 1796 Routing Encapsulation over IPv4 networks", RFC 1702, 1797 DOI 10.17487/RFC1702, October 1994, 1798 . 1800 [RFC2205] Braden, R., Ed., Zhang, L., Berson, S., Herzog, S., and S. 1801 Jamin, "Resource ReSerVation Protocol (RSVP) -- Version 1 1802 Functional Specification", RFC 2205, DOI 10.17487/RFC2205, 1803 September 1997, . 1805 [RFC3086] Nichols, K. and B. Carpenter, "Definition of 1806 Differentiated Services Per Domain Behaviors and Rules for 1807 their Specification", RFC 3086, DOI 10.17487/RFC3086, 1808 April 2001, . 1810 [RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private 1811 Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February 1812 2006, . 1814 [RFC4577] Rosen, E., Psenak, P., and P. Pillay-Esnault, "OSPF as the 1815 Provider/Customer Edge Protocol for BGP/MPLS IP Virtual 1816 Private Networks (VPNs)", RFC 4577, DOI 10.17487/RFC4577, 1817 June 2006, . 1819 [RFC4664] Andersson, L., Ed. and E. Rosen, Ed., "Framework for Layer 1820 2 Virtual Private Networks (L2VPNs)", RFC 4664, 1821 DOI 10.17487/RFC4664, September 2006, 1822 . 1824 [RFC4761] Kompella, K., Ed. and Y. Rekhter, Ed., "Virtual Private 1825 LAN Service (VPLS) Using BGP for Auto-Discovery and 1826 Signaling", RFC 4761, DOI 10.17487/RFC4761, January 2007, 1827 . 1829 [RFC4762] Lasserre, M., Ed. and V. Kompella, Ed., "Virtual Private 1830 LAN Service (VPLS) Using Label Distribution Protocol (LDP) 1831 Signaling", RFC 4762, DOI 10.17487/RFC4762, January 2007, 1832 . 1834 [RFC5036] Andersson, L., Ed., Minei, I., Ed., and B. Thomas, Ed., 1835 "LDP Specification", RFC 5036, DOI 10.17487/RFC5036, 1836 October 2007, . 1838 [RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection 1839 (BFD)", RFC 5880, DOI 10.17487/RFC5880, June 2010, 1840 . 1842 [RFC6513] Rosen, E., Ed. and R. Aggarwal, Ed., "Multicast in MPLS/ 1843 BGP IP VPNs", RFC 6513, DOI 10.17487/RFC6513, February 1844 2012, . 1846 [RFC6624] Kompella, K., Kothari, B., and R. Cherukuri, "Layer 2 1847 Virtual Private Networks Using BGP for Auto-Discovery and 1848 Signaling", RFC 6624, DOI 10.17487/RFC6624, May 2012, 1849 . 1851 [RFC7348] Mahalingam, M., Dutt, D., Duda, K., Agarwal, P., Kreeger, 1852 L., Sridhar, T., Bursell, M., and C. Wright, "Virtual 1853 eXtensible Local Area Network (VXLAN): A Framework for 1854 Overlaying Virtualized Layer 2 Networks over Layer 3 1855 Networks", RFC 7348, DOI 10.17487/RFC7348, August 2014, 1856 . 1858 [RFC7432] Sajassi, A., Ed., Aggarwal, R., Bitar, N., Isaac, A., 1859 Uttaro, J., Drake, J., and W. Henderickx, "BGP MPLS-Based 1860 Ethernet VPN", RFC 7432, DOI 10.17487/RFC7432, February 1861 2015, . 1863 [RFC7623] Sajassi, A., Ed., Salam, S., Bitar, N., Isaac, A., and W. 1864 Henderickx, "Provider Backbone Bridging Combined with 1865 Ethernet VPN (PBB-EVPN)", RFC 7623, DOI 10.17487/RFC7623, 1866 September 2015, . 1868 [RFC7676] Pignataro, C., Bonica, R., and S. Krishnan, "IPv6 Support 1869 for Generic Routing Encapsulation (GRE)", RFC 7676, 1870 DOI 10.17487/RFC7676, October 2015, 1871 . 1873 [RFC8214] Boutros, S., Sajassi, A., Salam, S., Drake, J., and J. 1874 Rabadan, "Virtual Private Wire Service Support in Ethernet 1875 VPN", RFC 8214, DOI 10.17487/RFC8214, August 2017, 1876 . 1878 [RFC8277] Rosen, E., "Using BGP to Bind MPLS Labels to Address 1879 Prefixes", RFC 8277, DOI 10.17487/RFC8277, October 2017, 1880 . 1882 [RFC8299] Wu, Q., Ed., Litkowski, S., Tomotaki, L., and K. Ogaki, 1883 "YANG Data Model for L3VPN Service Delivery", RFC 8299, 1884 DOI 10.17487/RFC8299, January 2018, 1885 . 1887 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 1888 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 1889 . 1891 [RFC8426] Sitaraman, H., Ed., Beeram, V., Minei, I., and S. 1892 Sivabalan, "Recommendations for RSVP-TE and Segment 1893 Routing (SR) Label Switched Path (LSP) Coexistence", 1894 RFC 8426, DOI 10.17487/RFC8426, July 2018, 1895 . 1897 [RFC8466] Wen, B., Fioccola, G., Ed., Xie, C., and L. Jalil, "A YANG 1898 Data Model for Layer 2 Virtual Private Network (L2VPN) 1899 Service Delivery", RFC 8466, DOI 10.17487/RFC8466, October 1900 2018, . 1902 [RFC8660] Bashandy, A., Ed., Filsfils, C., Ed., Previdi, S., 1903 Decraene, B., Litkowski, S., and R. Shakir, "Segment 1904 Routing with the MPLS Data Plane", RFC 8660, 1905 DOI 10.17487/RFC8660, December 2019, 1906 . 1908 [RFC8663] Xu, X., Bryant, S., Farrel, A., Hassan, S., Henderickx, 1909 W., and Z. Li, "MPLS Segment Routing over IP", RFC 8663, 1910 DOI 10.17487/RFC8663, December 2019, 1911 . 1913 [RFC8754] Filsfils, C., Ed., Dukes, D., Ed., Previdi, S., Leddy, J., 1914 Matsushima, S., and D. Voyer, "IPv6 Segment Routing Header 1915 (SRH)", RFC 8754, DOI 10.17487/RFC8754, March 2020, 1916 . 1918 Authors' Addresses 1920 Samier Barguil 1921 Telefonica 1922 Madrid 1923 ES 1925 Email: samier.barguilgiraldo.ext@telefonica.com 1927 Oscar Gonzalez de Dios (editor) 1928 Telefonica 1929 Madrid 1930 ES 1932 Email: oscar.gonzalezdedios@telefonica.com 1934 Mohamed Boucadair (editor) 1935 Orange 1936 France 1938 Email: mohamed.boucadair@orange.com 1940 Qin Wu 1941 Huawei 1942 101 Software Avenue, Yuhua District 1943 Nanjing, Jiangsu 210012 1944 China 1946 Email: bill.wu@huawei.com