idnits 2.17.1 draft-ietf-pim-igmp-mld-proxy-yang-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 168 has weird spacing: '...address ine...' == Line 175 has weird spacing: '...ce-name if:...' == Line 186 has weird spacing: '...address ine...' == Line 193 has weird spacing: '...ce-name if:...' == The document doesn't use any RFC 2119 keywords, yet has text resembling RFC 2119 boilerplate text. -- The document date (October 17, 2020) is 1287 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC2119' is mentioned on line 95, but not defined == Missing Reference: 'RFC6241' is mentioned on line 575, but not defined == Missing Reference: 'RFC8040' is mentioned on line 575, but not defined == Missing Reference: 'RFC7950' is mentioned on line 632, but not defined == Missing Reference: 'RFC6242' is mentioned on line 577, but not defined == Missing Reference: 'RFC5246' is mentioned on line 579, but not defined ** Obsolete undefined reference: RFC 5246 (Obsoleted by RFC 8446) == Missing Reference: 'RFC6536' is mentioned on line 581, but not defined ** Obsolete undefined reference: RFC 6536 (Obsoleted by RFC 8341) == Missing Reference: 'RFC3688' is mentioned on line 619, but not defined == Unused Reference: 'RFC2236' is defined on line 648, but no explicit reference was found in the text == Unused Reference: 'RFC2710' is defined on line 651, but no explicit reference was found in the text == Unused Reference: 'RFC3376' is defined on line 654, but no explicit reference was found in the text == Unused Reference: 'RFC3810' is defined on line 658, but no explicit reference was found in the text == Unused Reference: 'RFC4604' is defined on line 661, but no explicit reference was found in the text == Unused Reference: 'RFC4607' is defined on line 671, but no explicit reference was found in the text == Unused Reference: 'RFC6991' is defined on line 678, but no explicit reference was found in the text == Unused Reference: 'RFC8343' is defined on line 684, but no explicit reference was found in the text Summary: 2 errors (**), 0 flaws (~~), 22 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 PIM Working Group H. Zhao 2 Internet Draft Ericsson 3 Intended status: Standards Track X. Liu 4 Expires: April 16, 2021 Volta 5 Y. Liu 6 China Mobile 7 M. Panchanathan 8 Cisco 9 M. Sivakumar 10 Juniper 12 October 17, 2020 14 A Yang Data Model for IGMP/MLD Proxy 15 draft-ietf-pim-igmp-mld-proxy-yang-03.txt 17 Abstract 19 This document defines a YANG data model that can be used to 20 configure and manage Internet Group Management Protocol (IGMP) or 21 Multicast Listener Discovery (MLD) proxy devices. The YANG module in 22 this document conforms to Network Management Datastore Architecture 23 (NMDA). 25 Status of this Memo 27 This Internet-Draft is submitted in full conformance with the 28 provisions of BCP 78 and BCP 79. 30 Internet-Drafts are working documents of the Internet Engineering 31 Task Force (IETF), its areas, and its working groups. Note that 32 other groups may also distribute working documents as Internet- 33 Drafts. 35 Internet-Drafts are draft documents valid for a maximum of six months 36 and may be updated, replaced, or obsoleted by other documents at any 37 time. It is inappropriate to use Internet-Drafts as reference 38 material or to cite them other than as "work in progress." 40 The list of current Internet-Drafts can be accessed at 41 http://www.ietf.org/ietf/1id-abstracts.txt 42 The list of Internet-Draft Shadow Directories can be accessed at 43 http://www.ietf.org/shadow.html 45 This Internet-Draft will expire on April 16, 2021. 47 Copyright Notice 49 Copyright (c) 2020 IETF Trust and the persons identified as the 50 document authors. All rights reserved. 52 This document is subject to BCP 78 and the IETF Trust's Legal 53 Provisions Relating to IETF Documents 54 (http://trustee.ietf.org/license-info) in effect on the date of 55 publication of this document. Please review these documents 56 carefully, as they describe your rights and restrictions with respect 57 to this document. Code Components extracted from this document must 58 include Simplified BSD License text as described in Section 4.e of 59 the Trust Legal Provisions and are provided without warranty as 60 described in the Simplified BSD License. 62 Table of Contents 64 1. Introduction...................................................3 65 1.1. Terminology...............................................3 66 1.2. Tree Diagrams.............................................3 67 2. Design of Data Model...........................................3 68 2.1. Overview..................................................4 69 2.2. Augment /rt:routing/rt:control-plane-protocols/rt:control- 70 plane-protocol.................................................4 71 3. IGMP/MLD Proxy YANG Module.....................................5 72 4. Security Considerations.......................................13 73 5. IANA Considerations...........................................13 74 6. Normative References..........................................14 75 Authors' Addresses...............................................16 77 1. Introduction 79 This document defines a YANG [RFC6020] data model for the management of 80 Internet Group Management Protocol (IGMP) or Multicast Listener 81 Discovery (MLD) proxy devices. 83 The YANG module in this document conforms to the Network Management 84 Datastore Architecture defined in [RFC8342]. The "Network Management 85 Datastore Architecture" (NMDA) adds the ability to inspect the current 86 operational values for configuration, allowing clients to use identical 87 paths for retrieving the configured values and the operational values. 89 1.1. Terminology 91 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 92 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 93 "OPTIONAL" in this document are to be interpreted as described in BCP 14 94 [RFC2119]. 96 The terminology for describing YANG data models is found in [RFC6020]. 98 1.2. Tree Diagrams 100 A simplified graphical representation of the data model is used in this 101 document. The meaning of the symbols in these diagrams is as follows: 103 o Brackets "[" and "]" enclose list keys. 105 o Abbreviations before data node names: "rw" means configuration 106 (read-write), and "ro" means state data (read-only). 108 o Symbols after data node names: "?" means an optional node, "!" 109 means a presence container, and "*" denotes a list and leaf-list. 111 o Parentheses enclose choice and case nodes, and case nodes are also 112 marked with a colon (":"). 114 o Ellipsis ("...") stands for contents of subtrees that are not 115 shown. 117 2. Design of Data Model 119 The model covers Considerations for Internet Group Management Protocol 120 (IGMP) / Multicast Listener Discovery (MLD) - Based Multicast Forwarding 121 ("IGMP/MLD Proxying") [RFC4605]. 123 The goal of this document is to define a data model that provides a 124 common user interface to IGMP/MLD proxy. This document provides freedom 125 for vendors to adapt this data model to their product implementations. 127 2.1. Overview 129 The IGMP/MLD proxy YANG module defined in this document has all the 130 common building blocks for the IGMP/MLD proxy protocol. 132 The YANG module augments /rt:routing/rt:control-plane- 133 protocols/rt:control-plane-protocol to enable IGMP/MLD proxy and 134 configure other related parameters. 136 This YANG module follows the Guidelines for YANG Module Authors (NMDA) 137 [draft-dsdt-nmda-guidelines-01]. This NMDA ("Network Management 138 Datastore Architecture") architecture provides an architectural 139 framework for datastores as they are used by network management 140 protocols such as NETCONF [RFC6241], RESTCONF [RFC8040] and the YANG 141 [RFC7950] data modeling language. 143 2.2. Augment /rt:routing/rt:control-plane-protocols/rt:control-plane- 144 protocol 146 The YANG module augments /rt:routing/rt:control-plane- 147 protocols/rt:control-plane-protocol to configure IGMP/MLD proxy. The 148 interface list under igmp-proxy or mld-proxy contains upstream 149 interfaces for IGMP/MLD proxy. There is also a constraint to make sure 150 the upstream interface for IGMP/MLD proxy should not be configured PIM. 152 To configure a downstream interface for IGMP/MLD proxy, enable IGMP/MLD 153 on that interface. This is defined in the YANG Data Model for Internet 154 Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD). 155 In IGMP/MLD proxy model downstream-interface is read-only. 157 module: ietf-igmp-mld-proxy 158 augment /rt:routing/rt:control-plane-protocols 159 /rt:control-plane-protocol: 160 +--rw igmp-proxy {igmp-proxy}? 161 +--rw interfaces 162 +--rw interface* [interface-name] 163 +--rw interface-name if:interface-ref 164 +--rw igmp-version? uint8 165 +--rw enable? boolean 166 +--rw sender-source-address? inet:ipv4-address 167 +--ro group* [group-address] 168 +--ro group-address inet:ipv4-address 169 +--ro up-time? uint32 170 +--ro filter-mode? enumeration 171 +--ro source* [source-address] 172 +--ro source-address inet:ipv4-address 173 +--ro up-time? uint32 174 +--ro downstream-interface* [interface-name] 175 +--ro interface-name if:interface-ref 176 augment /rt:routing/rt:control-plane-protocols 177 /rt:control-plane-protocol: 178 +--rw mld-proxy {mld-proxy}? 179 +--rw interfaces 180 +--rw interface* [interface-name] 181 +--rw interface-name if:interface-ref 182 +--rw mld-version? uint8 183 +--rw enable? boolean 184 +--rw sender-source-address? inet:ipv6-address 185 +--ro group* [group-address] 186 +--ro group-address inet:ipv6-address 187 +--ro up-time? uint32 188 +--ro filter-mode? enumeration 189 +--ro source* [source-address] 190 +--ro source-address inet:ipv6-address 191 +--ro up-time? uint32 192 +--ro downstream-interface* [interface-name] 193 +--ro interface-name if:interface-ref 195 3. IGMP/MLD Proxy YANG Module 197 file ietf-igmp-mld-proxy@2020-09-19.yang 198 module ietf-igmp-mld-proxy { 199 yang-version 1.1; 200 namespace "urn:ietf:params:xml:ns:yang:ietf-igmp-mld-proxy"; 201 // replace with IANA namespace when assigned 202 prefix imp; 204 import ietf-inet-types { 205 prefix inet; 206 } 208 import ietf-interfaces { 209 prefix if; 210 } 212 import ietf-routing { 213 prefix rt; 214 } 216 import ietf-pim-base { 217 prefix pim-base; 218 } 220 organization 221 "IETF PIM Working Group"; 223 contact 224 "WG Web: 225 WG List: 227 Editors: Hongji Zhao 228 230 Xufeng Liu 231 233 Yisong Liu 234 236 Mani Panchanathan 237 239 Mahesh Sivakumar 240 242 "; 244 description 245 "The module defines a collection of YANG definitions common for 246 all Internet Group Management Protocol (IGMP) and Multicast 247 Listener Discovery (MLD) Proxy devices. 249 Copyright (c) 2020 IETF Trust and the persons identified as 250 authors of the code. All rights reserved. 252 Redistribution and use in source and binary forms, with or 253 without modification, is permitted pursuant to, and subject to 254 the license terms contained in, the Simplified BSD License set 255 forth in Section 4.c of the IETF Trust's Legal Provisions 256 Relating to IETF Documents 257 (http://trustee.ietf.org/license-info). 259 This version of this YANG module is part of RFC XXXX; see the 260 RFC itself for full legal notices."; 262 revision 2020-09-19 { 263 description 264 "Initial revision."; 265 reference 266 "RFC XXXX: A YANG Data Model for IGMP and MLD Proxy"; 267 } 269 /* 270 * Features 271 */ 273 feature igmp-proxy { 274 description 275 "Support IGMP Proxy protocol."; 276 reference 277 "RFC 4605"; 278 } 280 feature mld-proxy { 281 description 282 "Support MLD Proxy protocol."; 283 reference 284 "RFC 4605"; 285 } 287 /* 288 * Identities 289 */ 291 identity igmp-proxy { 292 base rt:control-plane-protocol; 293 description 294 "IGMP Proxy protocol"; 295 } 297 identity mld-proxy { 298 base rt:control-plane-protocol; 299 description 300 "MLD Proxy protocol"; 301 } 303 /* 304 * Typedefs 305 */ 307 /* 308 * Groupings 309 */ 311 grouping per-interface-config-attributes { 313 description "Config attributes under interface view"; 315 leaf enable { 316 type boolean; 317 default false; 318 description 319 "Set the value to true to enable IGMP/MLD proxy"; 321 } 322 } // per-interface-config-attributes 324 grouping state-group-attributes { 325 description 326 "State group attributes"; 328 leaf up-time { 329 type uint32; 330 units seconds; 331 description 332 "The elapsed time for (S,G) or (*,G)."; 333 } 335 leaf filter-mode { 336 type enumeration { 337 enum "include" { 338 description 339 "In include mode, reception of packets sent 340 to the specified multicast address is requested 341 only from those IP source addresses listed in the 342 source-list parameter"; 343 } 344 enum "exclude" { 345 description 346 "In exclude mode, reception of packets sent 347 to the given multicast address is requested 348 from all IP source addresses except those 349 listed in the source-list parameter."; 350 } 351 } 352 description 353 "Filter mode for a multicast group, 354 may be either include or exclude."; 355 } 356 } // state-group-attributes 358 /* augments */ 360 augment "/rt:routing/rt:control-plane-protocols"+ 361 "/rt:control-plane-protocol" { 363 description 364 "IGMP Proxy augmentation to routing control plane protocol 365 configuration and state."; 367 container igmp-proxy { 368 when 'derived-from-or-self(../rt:type, "imp:igmp-proxy")' { 369 description 370 "This container is only valid for IGMP Proxy protocol."; 372 } 373 if-feature igmp-proxy; 374 description "IGMP proxy"; 375 container interfaces { 376 description 377 "Containing a list of upstream interfaces."; 379 list interface { 380 key "interface-name"; 381 description 382 "List of upstream interfaces."; 384 leaf interface-name { 385 type if:interface-ref; 386 must "not( current() = /rt:routing"+ 387 "/rt:control-plane-protocols/pim-base:pim"+ 388 "/pim-base:interfaces/pim-base:interface"+ 389 "/pim-base:name )" { 391 description 392 "The upstream interface for IGMP proxy 393 should not be configured PIM."; 394 } 395 description "The upstream interface name."; 396 } 398 leaf igmp-version { 399 type uint8 { 400 range "1..3"; 401 } 402 default 2; 403 description "IGMP version."; 404 } 406 uses per-interface-config-attributes; 408 leaf sender-source-address { 409 type inet:ipv4-address; 410 description 411 "The sender source address of 412 IGMP memembership report or leave."; 413 } 415 list group { 416 key "group-address"; 417 config false; 418 description 419 "Multicast group membership information 420 that joined on the interface."; 422 leaf group-address { 423 type inet:ipv4-address; 424 description 425 "Multicast group address."; 426 } 428 uses state-group-attributes; 430 list source { 431 key "source-address"; 432 description 433 "List of multicast source information 434 of the multicast group."; 435 leaf source-address { 436 type inet:ipv4-address; 437 description 438 "Multicast source address"; 439 } 441 leaf up-time { 442 type uint32; 443 units seconds; 444 description 445 "The elapsed time for (S,G) or (*,G)."; 446 } 448 list downstream-interface { 449 key "interface-name"; 450 description "The downstream interfaces list."; 451 leaf interface-name { 452 type if:interface-ref; 453 description 454 "Downstream interfaces for each upstream-interface"; 455 } 456 } 457 } // list source 458 } // list group 459 } // interface 460 } // interfaces 461 } 462 } 464 augment "/rt:routing/rt:control-plane-protocols"+ 465 "/rt:control-plane-protocol" { 467 description 468 "MLD Proxy augmentation to routing control plane protocol 469 configuration and state."; 471 container mld-proxy { 472 when 'derived-from-or-self(../rt:type, "imp:mld-proxy")' { 473 description 474 "This container is only valid for MLD Proxy protocol."; 475 } 476 if-feature mld-proxy; 477 description "MLD proxy"; 478 container interfaces { 479 description 480 "Containing a list of upstream interfaces."; 482 list interface { 483 key "interface-name"; 484 description 485 "List of upstream interfaces."; 487 leaf interface-name { 488 type if:interface-ref; 489 must "not( current() = /rt:routing"+ 490 "/rt:control-plane-protocols/pim-base:pim"+ 491 "/pim-base:interfaces/pim-base:interface"+ 492 "/pim-base:name )" { 494 description 495 "The upstream interface for MLD proxy 496 should not be configured PIM."; 497 } 498 description "The upstream interface name."; 499 } 501 leaf mld-version { 502 type uint8 { 503 range "1..2"; 504 } 505 default 2; 506 description "MLD version."; 507 } 509 uses per-interface-config-attributes; 511 leaf sender-source-address { 512 type inet:ipv6-address; 513 description 514 "The sender source address of 515 MLD memembership report or leave."; 516 } 518 list group { 519 key "group-address"; 520 config false; 521 description 522 "Multicast group membership information 523 that joined on the interface."; 525 leaf group-address { 526 type inet:ipv6-address; 527 description 528 "Multicast group address."; 529 } 531 uses state-group-attributes; 533 list source { 534 key "source-address"; 535 description 536 "List of multicast source information 537 of the multicast group."; 538 leaf source-address { 539 type inet:ipv6-address; 540 description 541 "Multicast source address"; 542 } 544 leaf up-time { 545 type uint32; 546 units seconds; 547 description 548 "The elapsed time for (S,G) or (*,G)."; 549 } 551 list downstream-interface { 552 key "interface-name"; 553 description "The downstream interfaces list."; 554 leaf interface-name { 555 type if:interface-ref; 556 description 557 "Downstream interfaces for each upstream-interface"; 558 } 559 } 560 } // list source 561 } // list group 562 } // interface 563 } // interfaces 564 } 565 } 567 /* RPCs */ 569 } 570 571 4. Security Considerations 573 The YANG module specified in this document defines a schema for data 574 that is designed to be accessed via network management protocols such 575 as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer 576 is the secure transport layer, and the mandatory-to-implement secure 577 transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer 578 is HTTPS, and the mandatory-to-implement secure transport is TLS 579 [RFC5246]. 581 The NETCONF access control model [RFC6536] provides the means to 582 restrict access for particular NETCONF or RESTCONF users to a 583 preconfigured subset of all available NETCONF or RESTCONF protocol 584 operations and content. 586 There are a number of data nodes defined in this YANG module that are 587 writable/creatable/deletable (i.e., config true, which is the 588 default). These data nodes may be considered sensitive or vulnerable 589 in some network environments. Write operations (e.g., edit-config) to 590 these data nodes without proper protection can have a negative effect 591 on network operations. These are the subtrees and data nodes and 592 their sensitivity/vulnerability: 594 /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol 596 Unauthorized access to any data node of these subtrees can adversely 597 affect the IGMP/MLD proxy subsystem of both the local device and the 598 network. This may lead to network malfunctions, delivery of packets 599 to inappropriate destinations, and other problems. 601 Some of the readable data nodes in this YANG module may be considered 602 sensitive or vulnerable in some network environments. It is thus 603 important to control read access (e.g., via get, get-config, or 604 notification) to these data nodes. These are the subtrees and data 605 nodes and their sensitivity/vulnerability: 607 /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol 609 Unauthorized access to any data node of these subtrees can disclose 610 the operational state information of IGMP/MLD proxy on this device. 612 5. IANA Considerations 614 RFC Ed.: In this section, replace all occurrences of 'XXXX' with the 615 actual RFC number (and remove this note). 617 This document registers the following namespace URIs in the IETF XML 619 registry [RFC3688]: 621 -------------------------------------------------------------------- 623 URI: urn:ietf:params:xml:ns:yang:ietf-igmp-mld-proxy 625 Registrant Contact: The IESG. 627 XML: N/A, the requested URI is an XML namespace. 629 -------------------------------------------------------------------- 631 This document registers the following YANG modules in the YANG 632 Module Names registry [RFC7950]: 634 -------------------------------------------------------------------- 636 name: ietf-igmp-mld-proxy 638 namespace: urn:ietf:params:xml:ns:yang:ietf-igmp-mld-proxy 640 prefix: imp 642 reference: RFC XXXX 644 -------------------------------------------------------------------- 646 6. Normative References 648 [RFC2236] Fenner, W., "Internet Group Management Protocol, Version 649 2", RFC 2236, November 1997. 651 [RFC2710] Deering, S., Fenner, W., and B. Haberman, "Multicast 652 Listener Discovery (MLD) for IPv6", RFC 2710, October 1999. 654 [RFC3376] Cain, B., Deering, S., Kouvelas, I., Fenner, B., and A. 655 Thyagarajan, "Internet Group Management Protocol, Version 656 3", RFC 3376, October 2002. 658 [RFC3810] Vida, R. and L. Costa, "Multicast Listener Discovery 659 Version 2 (MLDv2) for IPv6", RFC 3810, June 2004. 661 [RFC4604] Holbrook, H., Cain, B., and B. Haberman, "Using Internet 662 Group Management Protocol Version 3 (IGMPv3) and Multicast 663 Listener Discovery Protocol Version 2 (MLDv2) for Source- 664 Specific Multicast", RFC 4604, August 2006. 666 [RFC4605] B. Fenner, H. He, B. Haberman and H. Sandick, "Internet 667 Group Management Protocol (IGMP) / Multicast Listener 668 Discovery (MLD) - Based Multicast Forwarding ("IGMP/MLD 669 Proxying")", RFC 4605, August 2006. 671 [RFC4607] Holbrook, H. and B. Cain, "Source-Specific Multicast for 672 IP", RFC 4607, August 2006. 674 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 675 the Network Configuration Protocol (NETCONF)", RFC 6020, 676 October 2010. 678 [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", RFC 6991, 679 July 2013. 681 [RFC8342] M. Bjorklund and J. Schoenwaelder, "Network Management 682 Datastore Architecture (NMDA)", RFC 8342, March 2018. 684 [RFC8343] M. Bjorklund, "A YANG Data Model for Interface Management", 685 RFC 8343, March 2018. 687 [draft-ietf-pim-igmp-mld-yang-06] X. Liu, F. Guo, M. Sivakumar, P. 688 McAllister, A. Peter, "A YANG data model for Internet Group 689 Management Protocol (IGMP) and Multicast Listener Discovery 690 (MLD)", draft-ietf-pim-igmp-mld-yang-06, Oct 20, 2017. 692 [draft-dsdt-nmda-guidelines-01] M. Bjorklund, J. Schoenwaelder, P. 693 Shafer, K. Watsen, R. Wilton, "Guidelines for YANG Module 694 Authors (NMDA)", draft-dsdt-nmda-guidelines-01, May 2017 696 [draft-ietf-netmod-revised-datastores-03] M. Bjorklund, J. 697 Schoenwaelder, P. Shafer, K. Watsen, R. Wilton, "Network 698 Management Datastore Architecture", draft-ietf-netmod- 699 revised-datastores-03, July 3, 2017 701 Authors' Addresses 703 Hongji Zhao 704 Ericsson (China) Communications Company Ltd. 705 Ericsson Tower, No. 5 Lize East Street, 706 Chaoyang District Beijing 100102, P.R. China 707 Email: hongji.zhao@ericsson.com 709 Xufeng Liu 710 Volta Networks 711 USA 712 EMail: Xufeng.liu.ietf@gmail.com 714 Yisong Liu 715 China Mobile 716 China 717 Email: liuyisong@chinamobile.com 719 Mani Panchanathan 720 Cisco 721 India 722 Email: mapancha@cisco.com 724 Mahesh Sivakumar 725 Juniper Networks 726 1133 Innovation Way 727 Sunnyvale, California 728 USA 729 EMail: sivakumar.mahesh@gmail.com