idnits 2.17.1 draft-ietf-pim-igmp-mld-snooping-yang-09.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 38 instances of too long lines in the document, the longest one being 14 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 225 has weird spacing: '...er-mode fil...' == Line 308 has weird spacing: '...er-mode fil...' == The document doesn't use any RFC 2119 keywords, yet has text resembling RFC 2119 boilerplate text. -- The document date (January 9, 2020) is 1541 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC2119' is mentioned on line 100, but not defined == Missing Reference: 'RFC6241' is mentioned on line 1495, but not defined == Missing Reference: 'RFC8040' is mentioned on line 1495, but not defined == Missing Reference: 'RFC7950' is mentioned on line 1584, but not defined == Missing Reference: 'RFC6242' is mentioned on line 1497, but not defined == Missing Reference: 'RFC5246' is mentioned on line 1498, but not defined ** Obsolete undefined reference: RFC 5246 (Obsoleted by RFC 8446) == Missing Reference: 'RFC6536' is mentioned on line 1500, but not defined ** Obsolete undefined reference: RFC 6536 (Obsoleted by RFC 8341) == Missing Reference: 'RFC3688' is mentioned on line 1572, but not defined == Missing Reference: 'RFC7951' is mentioned on line 1818, but not defined == Unused Reference: 'RFC2236' is defined on line 1604, but no explicit reference was found in the text == Unused Reference: 'RFC2710' is defined on line 1607, but no explicit reference was found in the text == Unused Reference: 'RFC3376' is defined on line 1610, but no explicit reference was found in the text == Unused Reference: 'RFC3810' is defined on line 1614, but no explicit reference was found in the text == Unused Reference: 'RFC4604' is defined on line 1622, but no explicit reference was found in the text == Unused Reference: 'RFC4607' is defined on line 1627, but no explicit reference was found in the text == Unused Reference: 'RFC6021' is defined on line 1634, but no explicit reference was found in the text == Unused Reference: 'RFC6991' is defined on line 1637, but no explicit reference was found in the text == Unused Reference: 'RFC8343' is defined on line 1643, but no explicit reference was found in the text ** Downref: Normative reference to an Informational RFC: RFC 4541 ** Obsolete normative reference: RFC 6021 (Obsoleted by RFC 6991) Summary: 5 errors (**), 0 flaws (~~), 22 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 PIM Working Group H. Zhao 2 Internet Draft Ericsson 3 Intended status: Standards Track X. Liu 4 Expires: July 08, 2020 Volta Networks 5 Y. Liu 6 China Mobile 7 M. Sivakumar 8 Juniper 9 A. Peter 10 Individual 12 January 9, 2020 14 A Yang Data Model for IGMP and MLD Snooping 15 draft-ietf-pim-igmp-mld-snooping-yang-09.txt 17 Abstract 19 This document defines a YANG data model that can be used to 20 configure and manage Internet Group Management Protocol (IGMP) and 21 Multicast Listener Discovery (MLD) Snooping devices. The YANG module in 22 this document conforms to Network Management Datastore Architecture 23 (NMDA). 25 Status of this Memo 27 This Internet-Draft is submitted in full conformance with the 28 provisions of BCP 78 and BCP 79. 30 Internet-Drafts are working documents of the Internet Engineering 31 Task Force (IETF), its areas, and its working groups. Note that 32 other groups may also distribute working documents as Internet- 33 Drafts. 35 Internet-Drafts are draft documents valid for a maximum of six months 36 and may be updated, replaced, or obsoleted by other documents at any 37 time. It is inappropriate to use Internet-Drafts as reference 38 material or to cite them other than as "work in progress." 40 The list of current Internet-Drafts can be accessed at 41 http://www.ietf.org/ietf/1id-abstracts.txt 43 The list of Internet-Draft Shadow Directories can be accessed at 44 http://www.ietf.org/shadow.html 45 This Internet-Draft will expire on July 08, 2020. 47 Copyright Notice 49 Copyright (c) 2020 IETF Trust and the persons identified as the 50 document authors. All rights reserved. 52 This document is subject to BCP 78 and the IETF Trust's Legal 53 Provisions Relating to IETF Documents 54 (http://trustee.ietf.org/license-info) in effect on the date of 55 publication of this document. Please review these documents 56 carefully, as they describe your rights and restrictions with respect 57 to this document. Code Components extracted from this document must 58 include Simplified BSD License text as described in Section 4.e of 59 the Trust Legal Provisions and are provided without warranty as 60 described in the Simplified BSD License. 62 Table of Contents 64 1. Introduction...................................................3 65 1.1. Terminology...............................................3 66 1.2. Tree Diagrams.............................................3 67 2. Design of Data Model...........................................3 68 2.1. Overview..................................................4 69 2.2. IGMP Snooping Instances...................................4 70 2.3. MLD Snooping Instances....................................6 71 2.4. IGMP and MLD Snooping Instances Reference.................8 72 2.5. IGMP and MLD Snooping RPC.................................8 73 3. IGMP and MLD Snooping YANG Module..............................9 74 4. Security Considerations.......................................31 75 5. IANA Considerations...........................................32 76 6. Normative References..........................................33 77 Appendix A. Data Tree Example...................................35 78 A.1 Bridge scenario...........................................35 79 A.2 L2VPN scenario............................................38 80 Authors' Addresses...............................................42 82 1. Introduction 84 This document defines a YANG [RFC6020] data model for the management of 85 Internet Group Management Protocol (IGMP) and Multicast Listener 86 Discovery (MLD) Snooping devices. 88 The YANG module in this document conforms to the Network Management 89 Datastore Architecture defined in [RFC8342]. The "Network Management 90 Datastore Architecture" (NMDA) adds the ability to inspect the current 91 operational values for configuration, allowing clients to use identical 92 paths for retrieving the configured values and the operational values. 94 1.1. Terminology 96 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 97 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 98 "OPTIONAL" in this document are to be interpreted as described in BCP 14 99 [RFC2119]. 101 The terminology for describing YANG data models is found in [RFC6020]. 103 1.2. Tree Diagrams 105 A simplified graphical representation of the data model is used in this 106 document. The meaning of the symbols in these diagrams is as follows: 108 o Brackets "[" and "]" enclose list keys. 110 o Abbreviations before data node names: "rw" means configuration 111 (read-write), and "ro" means state data (read-only). 113 o Symbols after data node names: "?" means an optional node, "!" 114 means a presence container, and "*" denotes a list and leaf-list. 116 o Parentheses enclose choice and case nodes, and case nodes are also 117 marked with a colon (":"). 119 o Ellipsis ("...") stands for contents of subtrees that are not 120 shown. 122 2. Design of Data Model 124 The model covers Considerations for Internet Group Management Protocol 125 (IGMP) and Multicast Listener Discovery (MLD) Snooping Switches 126 [RFC4541]. 128 The goal of this document is to define a data model that provides a 129 common user interface to IGMP and MLD Snooping. 131 2.1. Overview 133 The IGMP and MLD Snooping YANG module defined in this document has all 134 the common building blocks for the IGMP and MLD Snooping protocol. 136 The YANG module includes IGMP and MLD Snooping instance definition, 137 instance reference in the scenario of BRIDGE and L2VPN. The module also 138 includes the RPC methods for clearing IGMP and MLD Snooping group 139 tables. 141 This YANG module conforms to Network Management Datastore Architecture 142 (NMDA)[RFC8342]. This NMDA architecture provides an architectural 143 framework for datastores as they are used by network management 144 protocols such as NETCONF [RFC6241], RESTCONF [RFC8040] and the YANG 145 [RFC7950] data modeling language. 147 2.2. IGMP Snooping Instances 149 The YANG module defines igmp-snooping-instance which augments 150 /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol. 152 All the IGMP Snooping related attributes have been defined in the igmp- 153 snooping-instance. The read-write attribute means configurable data. The 154 read-only attribute means state data. 156 One igmp-snooping-instance could be referenced in one BRIDGE instance or 157 L2VPN instance. One igmp-snooping-instance corresponds to one BRIDGE 158 instance or L2VPN instance. 160 The value of scenario in igmp-snooping-instance is bridge or l2vpn. When 161 it is bridge, the igmp-snooping-instance will be referenced in the 162 BRIDGE scenario. When it is l2vpn, the igmp-snooping-instance will be 163 referenced in the L2VPN scenario. 165 The value of bridge-mrouter-interface, l2vpn-mrouter-interface-ac, 166 l2vpn-mrouter-interface-pw are filled by snooping device dynamically. 167 They are different from static-bridge-mrouter-interface, static-l2vpn- 168 mrouter-interface-ac, and static-l2vpn-mrouter-interface-pw which are 169 configured statically. 171 The attributes under the interfaces show the statistics of IGMP Snooping 172 related packets. 174 module: ietf-igmp-mld-snooping 175 augment /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol: 176 +--rw igmp-snooping-instance {feature-igmp-snooping}? 177 | +--rw scenario? snooping-scenario-type 178 | +--rw enable? boolean 179 | +--rw forwarding-mode? enumeration 180 | +--rw explicit-tracking? boolean {explicit-tracking}? 181 | +--rw exclude-lite? boolean {exclude-lite}? 182 | +--rw send-query? boolean 183 | +--rw immediate-leave? empty {immediate-leave}? 184 | +--rw last-member-query-interval? uint16 185 | +--rw query-interval? uint16 186 | +--rw query-max-response-time? uint16 187 | +--rw require-router-alert? boolean {require-router-alert}? 188 | +--rw robustness-variable? uint8 189 | +--rw static-bridge-mrouter-interface* if:interface-ref {static-mrouter- 190 interface}? 191 | +--rw static-l2vpn-mrouter-interface-ac* if:interface-ref {static-mrouter- 192 interface}? 193 | +--rw static-l2vpn-mrouter-interface-pw* pw:pseudowire-ref {static-mrouter- 194 interface}? 195 | +--rw version? uint8 196 | +--rw querier-source? inet:ipv4-address 197 | +--rw static-l2-multicast-group* [group source-addr] {static-l2-multicast- 198 group}? 199 | | +--rw group rt-types:ipv4-multicast-group-address 200 | | +--rw source-addr rt-types:ipv4-multicast-source-address 201 | | +--rw bridge-outgoing-interface* if:interface-ref 202 | | +--rw l2vpn-outgoing-ac* if:interface-ref 203 | | +--rw l2vpn-outgoing-pw* pw:pseudowire-ref 204 | +--ro entries-count? uint32 205 | +--ro bridge-mrouter-interface* if:interface-ref 206 | +--ro l2vpn-mrouter-interface-ac* if:interface-ref 207 | +--ro l2vpn-mrouter-interface-pw* pw:pseudowire-ref 208 | +--ro group* [address] 209 | | +--ro address rt-types:ipv4-multicast-group-address 210 | | +--ro mac-address? yang:phys-address 211 | | +--ro expire? rt-types:timer-value-seconds16 212 | | +--ro up-time uint32 213 | | +--ro last-reporter? inet:ipv4-address 214 | | +--ro source* [address] 215 | | +--ro address rt-types:ipv4-multicast-source-address 216 | | +--ro bridge-outgoing-interface* if:interface-ref 217 | | +--ro l2vpn-outgoing-ac* if:interface-ref 218 | | +--ro l2vpn-outgoing-pw* pw:pseudowire-ref 219 | | +--ro up-time uint32 220 | | +--ro expire? rt-types:timer-value-seconds16 221 | | +--ro host-count? uint32 {explicit-tracking}? 222 | | +--ro last-reporter? inet:ipv4-address 223 | | +--ro host* [host-address] {explicit-tracking}? 224 | | +--ro host-address inet:ipv4-address 225 | | +--ro host-filter-mode filter-mode-type 226 | +--ro interfaces 227 | +--ro interface* [name] 228 | +--ro name if:interface-ref 229 | +--ro statistics 230 | +--ro received 231 | | +--ro num-query? yang:counter64 232 | | +--ro num-membership-report-v1? yang:counter64 233 | | +--ro num-membership-report-v2? yang:counter64 234 | | +--ro num-membership-report-v3? yang:counter64 235 | | +--ro num-leave? yang:counter64 236 | | +--ro num-non-member-leave? yang:counter64 237 | | +--ro num-pim-hello? yang:counter64 238 | +--ro sent 239 | +--ro num-query? yang:counter64 240 | +--ro num-membership-report-v1? yang:counter64 241 | +--ro num-membership-report-v2? yang:counter64 242 | +--ro num-membership-report-v3? yang:counter64 243 | +--ro num-leave? yang:counter64 244 | +--ro num-non-member-leave? yang:counter64 245 | +--ro num-pim-hello? yang:counter64 247 2.3. MLD Snooping Instances 249 The YANG module defines mld-snooping-instance which could be referenced 250 in the BRIDGE or L2VPN scenario to enable MLD Snooping. 252 The mld-snooping-instance is the same as IGMP snooping except changing 253 IPv4 addresses to IPv6 addresses. 255 module: ietf-igmp-mld-snooping 256 augment /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol: 257 +--rw igmp-snooping-instance {feature-igmp-snooping}? 258 | ... 259 +--rw mld-snooping-instance {feature-mld-snooping}? 260 +--rw scenario? snooping-scenario-type 261 +--rw enable? boolean 262 +--rw forwarding-mode? enumeration 263 +--rw explicit-tracking? boolean {explicit-tracking}? 264 +--rw exclude-lite? boolean {exclude-lite}? 265 +--rw send-query? boolean 266 +--rw immediate-leave? empty {immediate-leave}? 267 +--rw last-member-query-interval? uint16 268 +--rw query-interval? uint16 269 +--rw query-max-response-time? uint16 270 +--rw require-router-alert? boolean {require-router-alert}? 271 +--rw robustness-variable? uint8 272 +--rw static-bridge-mrouter-interface* if:interface-ref {static-mrouter- 273 interface}? 274 +--rw static-l2vpn-mrouter-interface-ac* if:interface-ref {static-mrouter- 275 interface}? 276 +--rw static-l2vpn-mrouter-interface-pw* pw:pseudowire-ref {static-mrouter- 277 interface}? 278 +--rw version? uint8 279 +--rw querier-source? inet:ipv6-address 280 +--rw static-l2-multicast-group* [group source-addr] {static-l2-multicast- 281 group}? 282 | +--rw group rt-types:ipv6-multicast-group-address 283 | +--rw source-addr rt-types:ipv6-multicast-source-address 284 | +--rw bridge-outgoing-interface* if:interface-ref 285 | +--rw l2vpn-outgoing-ac* if:interface-ref 286 | +--rw l2vpn-outgoing-pw* pw:pseudowire-ref 287 +--ro entries-count? uint32 288 +--ro bridge-mrouter-interface* if:interface-ref 289 +--ro l2vpn-mrouter-interface-ac* if:interface-ref 290 +--ro l2vpn-mrouter-interface-pw* pw:pseudowire-ref 291 +--ro group* [address] 292 | +--ro address rt-types:ipv6-multicast-group-address 293 | +--ro mac-address? yang:phys-address 294 | +--ro expire? rt-types:timer-value-seconds16 295 | +--ro up-time uint32 296 | +--ro last-reporter? inet:ipv6-address 297 | +--ro source* [address] 298 | +--ro address rt-types:ipv6-multicast-source-address 299 | +--ro bridge-outgoing-interface* if:interface-ref 300 | +--ro l2vpn-outgoing-ac* if:interface-ref 301 | +--ro l2vpn-outgoing-pw* pw:pseudowire-ref 302 | +--ro up-time uint32 303 | +--ro expire? rt-types:timer-value-seconds16 304 | +--ro host-count? uint32 {explicit-tracking}? 305 | +--ro last-reporter? inet:ipv6-address 306 | +--ro host* [host-address] {explicit-tracking}? 307 | +--ro host-address inet:ipv6-address 308 | +--ro host-filter-mode filter-mode-type 309 +--ro interfaces 310 +--ro interface* [name] 311 +--ro name if:interface-ref 312 +--ro statistics 313 +--ro received 314 | +--ro num-query? yang:counter64 315 | +--ro num-report-v1? yang:counter64 316 | +--ro num-report-v2? yang:counter64 317 | +--ro num-done? yang:counter64 318 | +--ro num-pim-hello? yang:counter64 319 +--ro sent 320 +--ro num-query? yang:counter64 321 +--ro num-report-v1? yang:counter64 322 +--ro num-report-v2? yang:counter64 323 +--ro num-done? yang:counter64 324 +--ro num-pim-hello? yang:counter64 326 2.4. IGMP and MLD Snooping Instances Reference 328 The igmp-snooping-instance could be referenced in the scenario of BRIDGE 329 or L2VPN to configure the IGMP Snooping. 331 For the BRIDGE scenario this model augments /dot1q:bridges/dot1q:bridge 332 to reference igmp-snooping-instance. It means IGMP Snooping is enabled 333 in the whole bridge. 335 It also augments /dot1q:bridges/dot1q:bridge/dot1q:component/ 336 dot1q:bridge-vlan/dot1q:vlan to reference igmp-snooping-instance. It 337 means IGMP Snooping is enabled in the certain VLAN of the bridge. 339 augment /dot1q:bridges/dot1q:bridge: 340 +--rw igmp-snooping-instance? igmp-snooping-instance-ref 341 +--rw mld-snooping-instance? mld-snooping-instance-ref 343 augment /dot1q:bridges/dot1q:bridge/dot1q:component/dot1q:bridge-vlan/dot1q:vlan: 344 +--rw igmp-snooping-instance? igmp-snooping-instance-ref 345 +--rw mld-snooping-instance? mld-snooping-instance-ref 347 For the L2VPN scenario this model augments /ni:network-instances/ 348 ni:network-instance/ni:ni-type/l2vpn:l2vpn to reference igmp-snooping- 349 instance. It means IGMP Snooping is enabled in the specified l2vpn 350 instance. 352 augment /ni:network-instances/ni:network-instance/ni:ni-type/l2vpn:l2vpn: 353 +--rw igmp-snooping-instance? igmp-snooping-instance-ref 354 +--rw mld-snooping-instance? mld-snooping-instance-ref 356 The mld-snooping-instance could be referenced in concurrence with igmp- 357 snooping-instance to configure the MLD Snooping. 359 2.5. IGMP and MLD Snooping RPC 361 IGMP and MLD Snooping RPC clears the specified IGMP and MLD Snooping 362 group tables. 364 rpcs: 365 +---x clear-igmp-snooping-groups {rpc-clear-groups}? 366 | +---w input 367 | +---w name? igmp-mld-snooping-instance-ref 368 | | {feature-igmp-snooping}? 369 | +---w group? rt-types:ipv4-multicast-group-address 370 | +---w source? rt-types:ipv4-multicast-source-address 371 +---x clear-mld-snooping-groups {rpc-clear-groups}? 372 +---w input 373 +---w name? igmp-mld-snooping-instance-ref 374 | {feature-mld-snooping}? 375 +---w group? rt-types:ipv6-multicast-group-address 376 +---w source? rt-types:ipv6-multicast-source-address 378 3. IGMP and MLD Snooping YANG Module 380 file ietf-igmp-mld-snooping@2019-06-04.yang 381 module ietf-igmp-mld-snooping { 382 yang-version 1.1; 383 namespace "urn:ietf:params:xml:ns:yang:ietf-igmp-mld-snooping"; 385 prefix ims; 387 import ietf-inet-types { 388 prefix "inet"; 389 } 391 import ietf-yang-types { 392 prefix "yang"; 393 } 395 import ietf-interfaces { 396 prefix "if"; 397 } 399 import ietf-routing { 400 prefix "rt"; 401 } 403 import ietf-routing-types { 404 prefix "rt-types"; 405 } 407 import ietf-l2vpn { 408 prefix "l2vpn"; 409 } 411 import ietf-network-instance { 412 prefix "ni"; 413 } 414 import ietf-pseudowires { 415 prefix "pw"; 416 } 418 import ieee802-dot1q-bridge { 419 prefix "dot1q"; 420 } 422 organization 423 "IETF PIM Working Group"; 425 contact 426 "WG Web: 427 WG List: 429 Editors: Hongji Zhao 430 432 Xufeng Liu 433 435 Yisong Liu 436 438 Anish Peter 439 441 Mahesh Sivakumar 442 444 "; 446 description 447 "The module defines a collection of YANG definitions common for 448 all Internet Group Management Protocol (IGMP) and Multicast 449 Listener Discovery (MLD) Snooping devices. 451 Copyright (c) 2019 IETF Trust and the persons identified as 452 authors of the code. All rights reserved. 454 Redistribution and use in source and binary forms, with or 455 without modification, is permitted pursuant to, and subject to 456 the license terms contained in, the Simplified BSD License set 457 forth in Section 4.c of the IETF Trust's Legal Provisions 458 Relating to IETF Documents 459 (http://trustee.ietf.org/license-info). 461 This version of this YANG module is part of RFC XXXX; see the 462 RFC itself for full legal notices."; 464 revision 2019-06-04 { 465 description 466 "Initial revision."; 467 reference 468 "RFC XXXX: A YANG Data Model for IGMP and MLD Snooping"; 469 } 471 /* 472 * Features 473 */ 475 feature feature-igmp-snooping { 476 description 477 "Support IGMP snooping protocol."; 478 reference 479 "RFC 4541, Section 1"; 480 } 482 feature feature-mld-snooping { 483 description 484 "Support MLD snooping protocol."; 485 reference 486 "RFC 4541, Section 1"; 487 } 489 feature immediate-leave { 490 description 491 "Support configuration of immediate-leave."; 492 reference 493 "RFC 2236, Section 10"; 494 } 496 feature require-router-alert { 497 description 498 "Support configuration of require-router-alert."; 499 reference 500 "RFC 3376, Section 5.2"; 501 } 503 feature static-l2-multicast-group { 504 description 505 "Support configuration of L2 multicast static-group."; 506 reference 507 "RFC 4541, Section 2.1"; 508 } 510 feature static-mrouter-interface { 511 description 512 "Support configuration of mrouter interface."; 513 reference 514 "RFC 4541, Section 2.1"; 515 } 516 feature rpc-clear-groups { 517 description 518 "Support clearing statistics by RPC for IGMP & MLD snooping."; 519 reference 520 "RFC 4541, Section 2.1"; 521 } 523 feature explicit-tracking { 524 description 525 "Support configuration of per instance explicit-tracking."; 526 reference 527 "RFC 3376, Appendix B"; 528 } 530 feature exclude-lite { 531 description 532 "Support configuration of per instance exclude-lite."; 533 reference 534 "RFC 5790, Section 3"; 535 } 537 /* identities */ 539 identity scenario-type { 540 description 541 "Base identity for scenario type in IGMP & MLD snooping"; 542 } 544 identity bridge { 545 base scenario-type; 546 description 547 "This identity represents BRIDGE scenario."; 548 } 550 identity l2vpn { 551 base scenario-type; 552 description 553 "This identity represents L2VPN scenario."; 554 } 556 identity filter-mode { 557 description 558 "Base identity for filter mode in IGMP & MLD snooping"; 559 } 561 identity include { 562 base filter-mode; 563 description 564 "This identity represents include mode."; 565 } 567 identity exclude { 568 base filter-mode; 569 description 570 "This identity represents exclude mode."; 571 } 573 identity igmp-snooping { 574 base rt:control-plane-protocol; 575 description 576 "IGMP snooping protocol"; 577 } 579 identity mld-snooping { 580 base rt:control-plane-protocol; 581 description 582 "MLD snooping protocol"; 583 } 585 /* 586 * Typedefs 587 */ 589 typedef snooping-scenario-type { 590 type identityref { 591 base "scenario-type"; 592 } 593 description "The IGMP & MLD snooping scenario type"; 594 } 596 typedef filter-mode-type { 597 type identityref { 598 base "filter-mode"; 599 } 600 description "The host filter mode"; 601 } 603 typedef igmp-mld-snooping-instance-ref { 604 type leafref { 605 path "/rt:routing/rt:control-plane-protocols"+ 606 "/rt:control-plane-protocol/rt:name"; 607 } 608 description 609 "This type is used by data models which need to 610 reference IGMP & MLD snooping instance."; 611 } 613 /* 614 * Groupings 615 */ 617 grouping instance-config-attributes-igmp-snooping { 618 description 619 "IGMP snooping configuration for each BRIDGE or L2VPN instance."; 621 uses instance-config-attributes-igmp-mld-snooping; 623 leaf version { 624 type uint8 { 625 range "1..3"; 626 } 627 default 2; 628 description "IGMP snooping version."; 629 } 631 leaf querier-source { 632 type inet:ipv4-address; 633 description 634 "Use the IGMP snooping querier to support IGMP 635 snooping in a VLAN where PIM and IGMP are not configured. 636 The IPv4 address is used as source address in messages."; 637 } 639 list static-l2-multicast-group { 640 if-feature static-l2-multicast-group; 641 key "group source-addr"; 642 description 643 "A static multicast route, (*,G) or (S,G)."; 645 leaf group { 646 type rt-types:ipv4-multicast-group-address; 647 description 648 "Multicast group IPv4 address"; 649 } 651 leaf source-addr { 652 type rt-types:ipv4-multicast-source-address; 653 description 654 "Multicast source IPv4 address."; 655 } 657 leaf-list bridge-outgoing-interface { 658 when 'derived-from-or-self(../../scenario,"ims:bridge")'; 659 type if:interface-ref; 660 description "Outgoing interface in BRIDGE forwarding"; 661 } 663 leaf-list l2vpn-outgoing-ac { 664 when 'derived-from-or-self(../../scenario,"ims:l2vpn")'; 665 type if:interface-ref; 666 description "Outgoing AC in L2VPN forwarding"; 667 } 669 leaf-list l2vpn-outgoing-pw { 670 when 'derived-from-or-self(../../scenario,"ims:l2vpn")'; 671 type pw:pseudowire-ref; 672 description "Outgoing PW in L2VPN forwarding"; 673 } 674 } // static-l2-multicast-group 675 } // instance-config-attributes-igmp-snooping 677 grouping instance-config-attributes-igmp-mld-snooping { 678 description 679 "IGMP and MLD snooping configuration of each VLAN."; 681 leaf enable { 682 type boolean; 683 default false; 684 description 685 "Set the value to true to enable IGMP & MLD snooping."; 686 } 688 leaf forwarding-mode { 689 type enumeration { 690 enum "mac" { 691 description 692 "MAC-based lookup mode"; 693 } 694 enum "ip" { 695 description 696 "IP-based lookup mode"; 697 } 698 } 699 default "ip"; 700 description "The default forwarding mode is ip"; 701 } 703 leaf explicit-tracking { 704 if-feature explicit-tracking; 705 type boolean; 706 default false; 707 description 708 "Track the IGMP v3 & MLD v2 membership reports 709 from individual hosts. It contributes to saving network 710 resources and shortening leave latency."; 711 } 713 leaf exclude-lite { 714 if-feature exclude-lite; 715 type boolean; 716 default false; 717 description 718 "Track the Lightweight IGMPv3 and MLDv2 protocol report"; 719 reference "RFC5790"; 720 } 721 leaf send-query { 722 type boolean; 723 default false; 724 description 725 "Enable quick response for topology changes. 726 To support IGMP snooping in a VLAN where PIM and IGMP are 727 not configured. It cooperates with parameter querier-source."; 728 } 730 leaf immediate-leave { 731 if-feature immediate-leave; 732 type empty; 733 description 734 "When immediate leave is enabled, the IGMP software assumes 735 that no more than one host is present on each VLAN port."; 736 } 738 leaf last-member-query-interval { 739 type uint16 { 740 range "1..1023"; 741 } 742 units seconds; 743 default 1; 744 description 745 "Last Member Query Interval, which may be tuned to modify 746 the leave latency of the network."; 747 reference "RFC3376. Sec. 8.8."; 748 } 750 leaf query-interval { 751 type uint16; 752 units seconds; 753 default 125; 754 description 755 "The Query Interval is the interval between General Queries 756 sent by the Querier."; 757 reference "RFC3376. Sec. 4.1.7, 8.2, 8.14.2."; 758 } 760 leaf query-max-response-time { 761 type uint16; 762 units seconds; 763 default 10; 764 description 765 "Query maximum response time specifies the maximum time 766 allowed before sending a responding report."; 767 reference "RFC3376. Sec. 4.1.1, 8.3, 8.14.3."; 768 } 770 leaf require-router-alert { 771 if-feature require-router-alert; 772 type boolean; 773 default false; 774 description 775 "When the value is true, router alert should exist 776 in the IP head of IGMP or MLD packet."; 777 } 779 leaf robustness-variable { 780 type uint8 { 781 range "1..7"; 782 } 783 default 2; 784 description 785 "Querier's Robustness Variable allows tuning for the 786 expected packet loss on a network."; 787 reference "RFC3376. Sec. 4.1.6, 8.1, 8.14.1."; 788 } 790 leaf-list static-bridge-mrouter-interface { 791 when 'derived-from-or-self(../scenario,"ims:bridge")'; 792 if-feature static-mrouter-interface; 793 type if:interface-ref; 794 description "static mrouter interface in BRIDGE forwarding"; 795 } 797 leaf-list static-l2vpn-mrouter-interface-ac { 798 when 'derived-from-or-self(../scenario,"ims:l2vpn")'; 799 if-feature static-mrouter-interface; 800 type if:interface-ref; 801 description 802 "static mrouter interface whose type is interface 803 in L2VPN forwarding"; 804 } 806 leaf-list static-l2vpn-mrouter-interface-pw { 807 when 'derived-from-or-self(../scenario,"ims:l2vpn")'; 808 if-feature static-mrouter-interface; 809 type pw:pseudowire-ref; 810 description 811 "static mrouter interface whose type is PW 812 in L2VPN forwarding"; 813 } 814 } // instance-config-attributes-igmp-mld-snooping 816 grouping instance-config-attributes-mld-snooping { 817 description "MLD snooping configuration of each VLAN."; 819 uses instance-config-attributes-igmp-mld-snooping; 821 leaf version { 822 type uint8 { 823 range "1..2"; 824 } 825 default 2; 826 description "MLD snooping version."; 827 } 829 leaf querier-source { 830 type inet:ipv6-address; 831 description 832 "Use the MLD snooping querier to support MLD snooping where 833 PIM and MLD are not configured. The IPv6 address is used as 834 the source address in messages."; 835 } 837 list static-l2-multicast-group { 838 if-feature static-l2-multicast-group; 839 key "group source-addr"; 840 description 841 "A static multicast route, (*,G) or (S,G)."; 843 leaf group { 844 type rt-types:ipv6-multicast-group-address; 845 description 846 "Multicast group IPv6 address"; 847 } 849 leaf source-addr { 850 type rt-types:ipv6-multicast-source-address; 851 description 852 "Multicast source IPv6 address."; 853 } 855 leaf-list bridge-outgoing-interface { 856 when 'derived-from-or-self(../../scenario,"ims:bridge")'; 857 type if:interface-ref; 858 description "Outgoing interface in BRIDGE forwarding"; 859 } 861 leaf-list l2vpn-outgoing-ac { 862 when 'derived-from-or-self(../../scenario,"ims:l2vpn")'; 863 type if:interface-ref; 864 description "Outgoing AC in L2VPN forwarding"; 865 } 867 leaf-list l2vpn-outgoing-pw { 868 when 'derived-from-or-self(../../scenario,"ims:l2vpn")'; 869 type pw:pseudowire-ref; 870 description "Outgoing PW in L2VPN forwarding"; 871 } 872 } // static-l2-multicast-group 873 } // instance-config-attributes-mld-snooping 875 grouping instance-state-group-attributes-igmp-mld-snooping { 876 description 877 "Attributes for both IGMP and MLD snooping groups."; 879 leaf mac-address { 880 type yang:phys-address; 881 description "Destination MAC address for L2 multicast."; 882 } 884 leaf expire { 885 type rt-types:timer-value-seconds16; 886 units seconds; 887 description 888 "The time left before multicast group timeout."; 889 } 891 leaf up-time { 892 type uint32; 893 units seconds; 894 mandatory true; 895 description 896 "The time elapsed since L2 multicast record created."; 897 } 898 } // instance-state-group-attributes-igmp-mld-snooping 900 grouping instance-state-attributes-igmp-snooping { 901 description 902 "State attributes for IGMP snooping for each instance."; 904 uses instance-state-attributes-igmp-mld-snooping; 906 list group { 908 key "address"; 910 config false; 912 description "IGMP snooping information"; 914 leaf address { 915 type rt-types:ipv4-multicast-group-address; 916 description 917 "Multicast group IPv4 address"; 918 } 920 uses instance-state-group-attributes-igmp-mld-snooping; 922 leaf last-reporter { 923 type inet:ipv4-address; 924 description 925 "Address of the last host which has sent report to join 926 the multicast group."; 927 } 928 list source { 929 key "address"; 930 description "Source IPv4 address for multicast stream"; 932 leaf address { 933 type rt-types:ipv4-multicast-source-address; 934 description "Source IPv4 address for multicast stream"; 935 } 937 uses instance-state-source-attributes-igmp-mld-snooping; 939 leaf last-reporter { 940 type inet:ipv4-address; 941 description 942 "Address of the last host which has sent report 943 to join the multicast group."; 944 } 946 list host { 947 if-feature explicit-tracking; 948 key "host-address"; 949 description 950 "List of multicast membership hosts 951 of the specific multicast source-group."; 953 leaf host-address { 954 type inet:ipv4-address; 955 description 956 "Multicast membership host address."; 957 } 958 leaf host-filter-mode { 959 type filter-mode-type; 960 mandatory true; 961 description 962 "Filter mode for a multicast membership 963 host may be either include or exclude."; 964 } 965 }// list host 967 } // list source 968 } // list group 969 } // instance-state-attributes-igmp-snooping 971 grouping instance-state-attributes-igmp-mld-snooping { 973 description 974 "State attributes for IGMP & MLD snooping instance."; 976 leaf entries-count { 977 type uint32; 978 config false; 979 description 980 "The number of L2 multicast entries in IGMP & MLD snooping"; 981 } 983 leaf-list bridge-mrouter-interface { 984 when 'derived-from-or-self(../scenario,"ims:bridge")'; 985 type if:interface-ref; 986 config false; 987 description "mrouter interface in BRIDGE forwarding"; 988 } 990 leaf-list l2vpn-mrouter-interface-ac { 991 when 'derived-from-or-self(../scenario,"ims:l2vpn")'; 992 type if:interface-ref; 993 config false; 994 description 995 "mrouter interface whose type is interface 996 in L2VPN forwarding"; 998 } 1000 leaf-list l2vpn-mrouter-interface-pw { 1001 when 'derived-from-or-self(../scenario,"ims:l2vpn")'; 1002 type pw:pseudowire-ref; 1003 config false; 1004 description 1005 "mrouter interface whose type is PW in L2VPN forwarding"; 1006 } 1007 } // instance-config-attributes-igmp-mld-snooping 1009 grouping instance-state-attributes-mld-snooping { 1010 description 1011 "State attributes for MLD snooping of each VLAN."; 1013 uses instance-state-attributes-igmp-mld-snooping; 1015 list group { 1016 key "address"; 1017 config false; 1018 description "MLD snooping statistics information"; 1020 leaf address { 1021 type rt-types:ipv6-multicast-group-address; 1022 description 1023 "Multicast group IPv6 address"; 1024 } 1026 uses instance-state-group-attributes-igmp-mld-snooping; 1028 leaf last-reporter { 1029 type inet:ipv6-address; 1030 description 1031 "Address of the last host which has sent report 1032 to join the multicast group."; 1033 } 1035 list source { 1036 key "address"; 1037 description "Source IPv6 address for multicast stream"; 1039 leaf address { 1040 type rt-types:ipv6-multicast-source-address; 1041 description "Source IPv6 address for multicast stream"; 1042 } 1044 uses instance-state-source-attributes-igmp-mld-snooping; 1046 leaf last-reporter { 1047 type inet:ipv6-address; 1048 description 1049 "Address of the last host which has sent report 1050 to join the multicast group."; 1051 } 1053 list host { 1054 if-feature explicit-tracking; 1055 key "host-address"; 1056 description 1057 "List of multicast membership hosts 1058 of the specific multicast source-group."; 1060 leaf host-address { 1061 type inet:ipv6-address; 1062 description 1063 "Multicast membership host address."; 1064 } 1065 leaf host-filter-mode { 1066 type filter-mode-type; 1067 mandatory true; 1068 description 1069 "Filter mode for a multicast membership 1070 host may be either include or exclude."; 1071 } 1072 }// list host 1073 } // list source 1074 } // list group 1075 } // instance-state-attributes-mld-snooping 1077 grouping instance-state-source-attributes-igmp-mld-snooping { 1078 description 1079 "State attributes for IGMP & MLD snooping instance."; 1081 leaf-list bridge-outgoing-interface { 1082 when 'derived-from-or-self(../../../scenario,"ims:bridge")'; 1083 type if:interface-ref; 1084 description "Outgoing interface in BRIDGE forwarding"; 1085 } 1087 leaf-list l2vpn-outgoing-ac { 1088 when 'derived-from-or-self(../../../scenario,"ims:l2vpn")'; 1089 type if:interface-ref; 1090 description "Outgoing AC in L2VPN forwarding"; 1091 } 1093 leaf-list l2vpn-outgoing-pw { 1094 when 'derived-from-or-self(../../../scenario,"ims:l2vpn")'; 1095 type pw:pseudowire-ref; 1096 description "Outgoing PW in L2VPN forwarding"; 1097 } 1099 leaf up-time { 1100 type uint32; 1101 units seconds; 1102 mandatory true; 1103 description 1104 "The time elapsed since L2 multicast record created"; 1105 } 1107 leaf expire { 1108 type rt-types:timer-value-seconds16; 1109 units seconds; 1110 description 1111 "The time left before multicast group timeout."; 1112 } 1114 leaf host-count { 1115 if-feature explicit-tracking; 1116 type uint32; 1117 description 1118 "The number of host addresses."; 1119 } 1120 } // instance-state-source-attributes-igmp-mld-snooping 1122 grouping igmp-snooping-statistics { 1123 description 1124 "The statistics attributes for IGMP snooping."; 1126 leaf num-query { 1127 type yang:counter64; 1128 description 1129 "The number of query messages."; 1130 reference 1131 "RFC 2236, Section 2.1"; 1132 } 1133 leaf num-membership-report-v1 { 1134 type yang:counter64; 1135 description 1136 "The number of membership report v1 messages."; 1137 reference 1138 "RFC 3376, Section 4"; 1139 } 1140 leaf num-membership-report-v2 { 1141 type yang:counter64; 1142 description 1143 "The number of membership report v2 messages."; 1144 reference 1145 "RFC 3376, Section 4"; 1146 } 1147 leaf num-membership-report-v3 { 1148 type yang:counter64; 1149 description 1150 "The number of membership report v3 messages."; 1151 reference 1152 "RFC 3376, Section 4"; 1153 } 1154 leaf num-leave { 1155 type yang:counter64; 1156 description 1157 "The number of leave messages."; 1158 reference 1159 "RFC 3376, Section 4"; 1160 } 1161 leaf num-non-member-leave { 1162 type yang:counter64; 1163 description 1164 "The number of non member leave messages."; 1165 reference 1166 "RFC 3376, Section 4"; 1167 } 1168 leaf num-pim-hello { 1169 type yang:counter64; 1170 description 1171 "The number of PIM hello messages."; 1172 reference 1173 "RFC 7761, Section 4.9"; 1174 } 1175 } // igmp-snooping-statistics 1177 grouping mld-snooping-statistics { 1178 description 1179 "The statistics attributes for MLD snooping."; 1181 leaf num-query { 1182 type yang:counter64; 1183 description 1184 "The number of Multicast Listener Query messages."; 1185 reference 1186 "RFC 3810, Section 5"; 1188 } 1189 leaf num-report-v1 { 1190 type yang:counter64; 1191 description 1192 "The number of Version 1 Multicast Listener Report."; 1193 reference 1194 "RFC 3810, Section 5"; 1195 } 1196 leaf num-report-v2 { 1197 type yang:counter64; 1198 description 1199 "The number of Version 2 Multicast Listener Report."; 1200 reference 1201 "RFC 3810, Section 5"; 1202 } 1203 leaf num-done { 1204 type yang:counter64; 1205 description 1206 "The number of Version 1 Multicast Listener Done."; 1207 reference 1208 "RFC 3810, Section 5"; 1209 } 1210 leaf num-pim-hello { 1211 type yang:counter64; 1212 description 1213 "The number of PIM hello messages."; 1214 reference 1215 "RFC 7761, Section 4.9"; 1216 } 1217 } // mld-snooping-statistics 1219 grouping igmp-snooping-interface-statistics-attributes { 1221 description "Interface statistics attributes for IGMP snooping"; 1223 container interfaces { 1224 config false; 1226 description 1227 "Interfaces associated with the IGMP snooping instance"; 1229 list interface { 1230 key "name"; 1232 description 1233 "Interfaces associated with the IGMP snooping instance"; 1235 leaf name { 1236 type if:interface-ref; 1237 description 1238 "The name of interface"; 1240 } 1242 container statistics { 1243 description 1244 "The interface statistics for IGMP snooping"; 1246 container received { 1247 description 1248 "Statistics of received IGMP snooping packets."; 1250 uses igmp-snooping-statistics; 1251 } 1252 container sent { 1253 description 1254 "Statistics of sent IGMP snooping packets."; 1256 uses igmp-snooping-statistics; 1257 } 1258 } 1259 } 1260 } 1261 }//igmp-snooping-interface-statistics-attributes 1263 grouping mld-snooping-interface-statistics-attributes { 1265 description "Interface statistics attributes for MLD snooping"; 1267 container interfaces { 1268 config false; 1270 description 1271 "Interfaces associated with the MLD snooping instance"; 1273 list interface { 1274 key "name"; 1276 description 1277 "Interfaces associated with the MLD snooping instance"; 1279 leaf name { 1280 type if:interface-ref; 1281 description 1282 "The name of interface"; 1284 } 1286 container statistics { 1287 description 1288 "The interface statistics for MLD snooping"; 1290 container received { 1291 description 1292 "Statistics of received MLD snooping packets."; 1294 uses mld-snooping-statistics; 1295 } 1296 container sent { 1297 description 1298 "Statistics of sent MLD snooping packets."; 1300 uses mld-snooping-statistics; 1301 } 1302 } 1303 } 1304 } 1305 }//mld-snooping-interface-statistics-attributes 1307 augment "/rt:routing/rt:control-plane-protocols"+ 1308 "/rt:control-plane-protocol" { 1310 description 1311 "IGMP & MLD snooping augmentation to control plane protocol 1312 configuration and state."; 1314 /* 1315 * igmp-snooping-instance 1316 */ 1318 container igmp-snooping-instance { 1319 when 'derived-from-or-self(../rt:type, "ims:igmp-snooping")' { 1320 description 1321 "This container is only valid for IGMP snooping protocol."; 1322 } 1323 if-feature feature-igmp-snooping; 1324 description 1325 "IGMP snooping instance to configure the igmp-snooping."; 1327 leaf scenario { 1328 type snooping-scenario-type; 1329 default bridge; 1330 description 1331 "The scenario indicates BRIDGE or L2VPN."; 1332 } 1334 uses instance-config-attributes-igmp-snooping; 1336 uses instance-state-attributes-igmp-snooping; 1338 uses igmp-snooping-interface-statistics-attributes; 1340 } //igmp-snooping-instance 1342 /* 1343 * mld-snooping-instance 1344 */ 1346 container mld-snooping-instance { 1347 when 'derived-from-or-self(../rt:type, "ims:mld-snooping")' { 1348 description 1349 "This container is only valid for MLD snooping protocol."; 1350 } 1351 if-feature feature-mld-snooping; 1352 description 1353 "MLD snooping instance to configure the mld-snooping."; 1355 leaf scenario { 1356 type snooping-scenario-type; 1357 default bridge; 1358 description 1359 "The scenario indicates BRIDGE or L2VPN."; 1360 } 1362 uses instance-config-attributes-mld-snooping; 1364 uses instance-state-attributes-mld-snooping; 1366 uses mld-snooping-interface-statistics-attributes; 1368 }//mld-snooping-instance 1369 } 1371 augment "/dot1q:bridges/dot1q:bridge" { 1372 description 1373 "Reference IGMP & MLD snooping instance in BRIDGE scenario"; 1375 leaf igmp-snooping-instance { 1376 type igmp-mld-snooping-instance-ref; 1378 description 1379 "Configure IGMP snooping instance under bridge view"; 1380 } 1381 leaf mld-snooping-instance { 1382 type igmp-mld-snooping-instance-ref; 1384 description 1385 "Configure MLD snooping instance under bridge view"; 1386 } 1387 } 1389 augment "/dot1q:bridges/dot1q:bridge"+ 1390 "/dot1q:component/dot1q:bridge-vlan/dot1q:vlan" { 1391 description 1392 "Reference IGMP & MLD snooping instance in BRIDGE scenario"; 1394 leaf igmp-snooping-instance { 1395 type igmp-mld-snooping-instance-ref; 1397 description 1398 "Configure IGMP snooping instance under VLAN view"; 1399 } 1401 leaf mld-snooping-instance { 1402 type igmp-mld-snooping-instance-ref; 1404 description 1405 "Configure MLD snooping instance under VLAN view"; 1406 } 1407 } 1409 augment "/ni:network-instances/ni:network-instance"+ 1410 "/ni:ni-type/l2vpn:l2vpn" { 1412 description 1413 "Reference IGMP & MLD snooping instance in L2VPN scenario"; 1415 leaf igmp-snooping-instance { 1416 type igmp-mld-snooping-instance-ref; 1418 description 1419 "Configure IGMP snooping instance in L2VPN scenario"; 1420 } 1421 leaf mld-snooping-instance { 1422 type igmp-mld-snooping-instance-ref; 1424 description 1425 "Configure MLD snooping instance in L2VPN scenario"; 1426 } 1427 } 1429 /* RPCs */ 1431 rpc clear-igmp-snooping-groups { 1432 if-feature rpc-clear-groups; 1433 description 1434 "Clear the specified IGMP snooping cache tables."; 1436 input { 1438 leaf name { 1439 if-feature feature-igmp-snooping; 1440 type igmp-mld-snooping-instance-ref; 1441 description 1442 "Name of the igmp-snooping-instance"; 1443 } 1445 leaf group { 1446 type rt-types:ipv4-multicast-group-address; 1447 description 1448 "Multicast group IPv4 address. If it is not specified, 1449 all IGMP snooping group tables are cleared."; 1450 } 1452 leaf source { 1453 type rt-types:ipv4-multicast-source-address; 1454 description 1455 "Multicast source IPv4 address. If it is not specified, 1456 all IGMP snooping source-group tables are cleared."; 1457 } 1458 } 1459 } // rpc clear-igmp-snooping-groups 1461 rpc clear-mld-snooping-groups { 1462 if-feature rpc-clear-groups; 1463 description 1464 "Clear the specified MLD snooping cache tables."; 1466 input { 1467 leaf name { 1468 if-feature feature-mld-snooping; 1469 type igmp-mld-snooping-instance-ref; 1470 description 1471 "Name of the mld-snooping-instance"; 1472 } 1474 leaf group { 1475 type rt-types:ipv6-multicast-group-address; 1476 description 1477 "Multicast group IPv6 address. If it is not specified, 1478 all MLD snooping group tables are cleared."; 1479 } 1481 leaf source { 1482 type rt-types:ipv6-multicast-source-address; 1483 description 1484 "Multicast source IPv6 address. If it is not specified, 1485 all MLD snooping source-group tables are cleared."; 1486 } 1487 } 1488 } // rpc clear-mld-snooping-groups 1489 } 1490 1491 4. Security Considerations 1493 The YANG module specified in this document defines a schema for data 1494 that is designed to be accessed via network management protocols such as 1495 NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer is the 1496 secure transport layer, and the mandatory-to-implement secure transport 1497 is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer is HTTPS, and 1498 the mandatory-to-implement secure transport is TLS [RFC5246]. 1500 The NETCONF access control model [RFC6536] provides the means to 1501 restrict access for particular NETCONF or RESTCONF users to a 1502 preconfigured subset of all available NETCONF or RESTCONF protocol 1503 operations and content. 1505 There are a number of data nodes defined in this YANG module that are 1506 writable/creatable/deletable (i.e., config true, which is the default). 1507 These data nodes may be considered sensitive or vulnerable in some 1508 network environments. Write operations (e.g., edit-config) to these data 1509 nodes without proper protection can have a negative effect on network 1510 operations. These are the subtrees and data nodes and their 1511 sensitivity/vulnerability: 1513 /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol/ims:igmp-snooping- 1514 instance 1515 /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol/ims:mld-snooping- 1516 instance 1518 The subtrees under /dot1q:bridges/dot1q:bridge 1520 /dot1q:bridges/dot1q:bridge/ims:igmp-snooping-instance 1521 /dot1q:bridges/dot1q:bridge/ims:mld-snooping-instance 1523 The subtrees under 1524 /dot1q:bridges/dot1q:bridge/dot1q:component/dot1q:bridge-vlan/dot1q:vlan 1526 /dot1q:bridges/dot1q:bridge/dot1q:component/dot1q:bridge-vlan/dot1q:vlan/ims:igmp- 1527 snooping-instance 1528 /dot1q:bridges/dot1q:bridge/dot1q:component/dot1q:bridge-vlan/dot1q:vlan/ims:mld- 1529 snooping-instance 1531 The subtrees under /ni:network-instances/ni:network-instance/ni:ni- 1532 type/l2vpn:l2vpn 1534 /ni:network-instances/ni:network-instance/ni:ni-type/l2vpn:l2vpn/ims:igmp-snooping- 1535 instance 1536 /ni:network-instances/ni:network-instance/ni:ni-type/l2vpn:l2vpn/ims:mld-snooping- 1537 instance 1538 Unauthorized access to any data node of these subtrees can adversely 1539 affect the IGMP & MLD Snooping subsystem of both the local device and 1540 the network. This may lead to network malfunctions, delivery of packets 1541 to inappropriate destinations, and other problems. 1543 Some of the readable data nodes in this YANG module may be considered 1544 sensitive or vulnerable in some network environments. It is thus 1545 important to control read access (e.g., via get, get-config, or 1546 notification) to these data nodes. These are the subtrees and data nodes 1547 and their sensitivity/vulnerability: 1549 /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol/ims:igmp-snooping- 1550 instance 1551 /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol/ims:mld-snooping- 1552 instance 1554 Unauthorized access to any data node of these subtrees can disclose the 1555 operational state information of IGMP & MLD Snooping on this device. 1557 Some of the RPC operations in this YANG module may be considered 1558 sensitive or vulnerable in some network environments. It is thus 1559 important to control access to these operations. The IGMP & MLD Snooping 1560 Yang module support the "clear-igmp-snooping-groups" and " clear-mld- 1561 snooping-groups" RPCs. If it meets unauthorized RPC operation 1562 invocation, the IGMP and MLD Snooping group tables will be cleared 1563 unexpectedly. 1565 5. IANA Considerations 1567 RFC Ed.: In this section, replace all occurrences of 'XXXX' with the 1568 actual RFC number (and remove this note). 1570 This document registers the following namespace URIs in the IETF XML 1572 registry [RFC3688]: 1574 -------------------------------------------------------------------- 1576 URI: urn:ietf:params:xml:ns:yang:ietf-igmp-mld-snooping 1578 Registrant Contact: The IESG. 1580 XML: N/A, the requested URI is an XML namespace. 1582 -------------------------------------------------------------------- 1583 This document registers the following YANG modules in the YANG Module 1584 Names registry [RFC7950]: 1586 -------------------------------------------------------------------- 1588 name: ietf-igmp-mld-snooping 1590 namespace: urn:ietf:params:xml:ns:yang:ietf-igmp-mld-snooping 1592 prefix: ims 1594 reference: RFC XXXX 1596 -------------------------------------------------------------------- 1598 6. Normative References 1600 [P802.1Qcp/D2.2] IEEE Approved Draft Standard for Local and 1601 Metropolitan Area Networks, "Bridges and Bridged Networks Amendment: 1602 YANG Data Model", Mar 2018 1604 [RFC2236] Fenner, W., "Internet Group Management Protocol, Version 1605 2", RFC 2236, November 1997. 1607 [RFC2710] Deering, S., Fenner, W., and B. Haberman, "Multicast 1608 Listener Discovery (MLD) for IPv6", RFC 2710, October 1999. 1610 [RFC3376] Cain, B., Deering, S., Kouvelas, I., Fenner, B., and A. 1611 Thyagarajan, "Internet Group Management Protocol, Version 1612 3", RFC 3376, October 2002. 1614 [RFC3810] Vida, R. and L. Costa, "Multicast Listener Discovery 1615 Version 2 (MLDv2) for IPv6", RFC 3810, June 2004. 1617 [RFC4541] M. Christensen, K. Kimball, F. Solensky, "Considerations 1618 for Internet Group Management Protocol (IGMP) and Multicast 1619 Listener Discovery (MLD) Snooping Switches", RFC 4541, May 1620 2006. 1622 [RFC4604] Holbrook, H., Cain, B., and B. Haberman, "Using Internet 1623 Group Management Protocol Version 3 (IGMPv3) and Multicast 1624 Listener Discovery Protocol Version 2 (MLDv2) for Source- 1625 Specific Multicast", RFC 4604, August 2006. 1627 [RFC4607] Holbrook, H. and B. Cain, "Source-Specific Multicast for 1628 IP", RFC 4607, August 2006. 1630 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 1631 the Network Configuration Protocol (NETCONF)", RFC 6020, 1632 October 2010. 1634 [RFC6021] Schoenwaelder, J., Ed., "Common YANG Data Types", RFC 6021, 1635 October 2010. 1637 [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", RFC 6991, 1638 July 2013. 1640 [RFC8342] M. Bjorklund and J. Schoenwaelder, "Network Management 1641 Datastore Architecture (NMDA)", RFC 8342, March 2018. 1643 [RFC8343] M. Bjorklund, "A YANG Data Model for Interface Management", 1644 RFC 8343, March 2018. 1646 [draft-ietf-pim-igmp-mld-yang-06] X. Liu, F. Guo, M. Sivakumar, P. 1647 McAllister, A. Peter, "A YANG data model for Internet Group 1648 Management Protocol (IGMP) and Multicast Listener Discovery 1649 (MLD)", draft-ietf-pim-igmp-mld-yang-06, Oct 20, 2017. 1651 [draft-bjorklund-netmod-rfc7223bis-00] M. Bjorklund, "A YANG Data 1652 Model for Interface Management", draft-bjorklund-netmod- 1653 rfc7223bis-00, August 21, 2017 1655 [draft-bjorklund-netmod-rfc7277bis-00] M. Bjorklund, "A YANG Data 1656 Model for IP Management", draft-bjorklund-netmod- 1657 rfc7277bis-00, August 21, 2017 1659 [draft-ietf-netmod-revised-datastores-03] M. Bjorklund, J. 1660 Schoenwaelder, P. Shafer, K. Watsen, R. Wilton, "Network 1661 Management Datastore Architecture", draft-ietf-netmod- 1662 revised-datastores-03, July 3, 2017 1664 [draft-ietf-bess-evpn-yang-02] P.Brissette, A. Sajassi, H. Shah, Z. 1665 Li, H. Chen, K. Tiruveedhula, I. Hussain, J. Rabadan, "Yang 1666 Data Model for EVPN", draft-ietf-bess-evpn-yang-02, March 1667 13, 2017 1669 [draft-ietf-bess-l2vpn-yang-08] H. Shah, P. Brissette, I. Chen, I. 1670 Hussain, B. Wen, K. Tiruveedhula, "YANG Data Model for 1671 MPLS-based L2VPN", draft-ietf-bess-l2vpn-yang-06.txt, 1672 February 17, 2018 1674 [draft-ietf-rtgwg-ni-model-12] L. Berger, C. Hopps, A. Lindem, X. 1675 Liu, "YANG Model for Network Instances", draft-ietf-rtgwg- 1676 ni-model-12.txt, March 19, 2018 1678 Appendix A. Data Tree Example 1680 A.1 Bridge scenario 1682 This section contains an example for bridge scenario in the JSON 1683 encoding [RFC7951], containing both configuration and state data. 1685 +-----------+ 1686 + Source + 1687 +-----+-----+ 1688 | 1689 -----------------+---------------------------- 1690 |eth1/1 1691 +---+---+ 1692 + R1 + 1693 +-+---+-+ 1694 eth1/2 | \ eth1/3 1695 | \ 1696 | \ 1697 | \ 1698 | \ 1699 eth2/1 | \ eth3/1 1700 +---+---+ +--+---+ 1701 + R2 + + R3 + 1702 +---+---+ +--+---+ 1703 eth2/2 | | eth3/2 1704 | | 1705 ---------------+----------+------------------- 1706 | | 1707 | | 1708 +--------+--+ +---+--------+ 1709 + Receiver1 + + Receiver2 + 1710 +-----------+ +------------+ 1712 The configuration data for R1 in the above figure could be as follows: 1714 { 1715 "ietf-interfaces:interfaces":{ 1716 "interface":[ 1717 { 1718 "name":"eth1/1", 1719 "type":"iana-if-type:ethernetCsmacd" 1720 } 1721 ] 1722 }, 1723 "ietf-routing:routing":{ 1724 "control-plane-protocols":{ 1725 "control-plane-protocol":[ 1726 { 1727 "type":"ietf-igmp-mld-snooping:igmp-snooping", 1728 "name":"bis1", 1729 "ietf-igmp-mld-snooping:igmp-snooping-instance":{ 1730 "scenario":"ietf-igmp-mld-snooping:bridge", 1731 "enable":true 1732 } 1733 } 1734 ] 1735 } 1736 }, 1737 "ieee802-dot1q-bridge:bridges":{ 1738 "bridge":[ 1739 { 1740 "name":"isp1", 1741 "address":"00-23-ef-a5-77-12", 1742 "bridge-type":"ieee802-dot1q-bridge:customer-vlan-bridge", 1743 "component":[ 1744 { 1745 "name":"comp1", 1746 "type":"ieee802-dot1q-bridge:c-vlan-component", 1747 "bridge-vlan":{ 1748 "vlan":[ 1749 { 1750 "vid":101, 1751 "ietf-igmp-mld-snooping:igmp-snooping-instance":"bis1" 1752 } 1753 ] 1754 } 1755 } 1756 ] 1757 } 1758 ] 1759 } 1760 } 1762 The corresponding operational state data for R1 could be as follows: 1764 { 1765 "ietf-interfaces:interfaces": { 1766 "interface": [ 1767 { 1768 "name": "eth1/1", 1769 "type": "iana-if-type:ethernetCsmacd", 1770 "oper-status": "up", 1771 "statistics": { 1772 "discontinuity-time": "2018-05-23T12:34:56-05:00" 1773 } 1774 } 1775 ] 1776 }, 1777 "ietf-routing:routing": { 1778 "control-plane-protocols": { 1779 "control-plane-protocol": [ 1780 { 1781 "type": "ietf-igmp-mld-snooping:igmp-snooping", 1782 "name": "bis1", 1783 "ietf-igmp-mld-snooping:igmp-snooping-instance": { 1784 "scenario": "ietf-igmp-mld-snooping:bridge", 1785 "enable": true 1786 } 1787 } 1788 ] 1789 } 1790 }, 1791 "ieee802-dot1q-bridge:bridges": { 1792 "bridge": [ 1793 { 1794 "name": "isp1", 1795 "address": "00-23-ef-a5-77-12", 1796 "bridge-type": "ieee802-dot1q-bridge:customer-vlan-bridge", 1797 "component": [ 1798 { 1799 "name": "comp1", 1800 "type": "ieee802-dot1q-bridge:c-vlan-component", 1801 "bridge-vlan": { 1802 "vlan": [ 1803 { 1804 "vid": 101, 1805 "ietf-igmp-mld-snooping:igmp-snooping-instance": "bis1" 1806 } 1807 ] 1808 } 1809 } 1810 ] 1811 } 1812 ] 1813 } 1814 } 1815 A.2 L2VPN scenario 1817 This section contains an example for L2VPN scenario in the JSON encoding 1818 [RFC7951], containing both configuration and state data. 1820 +-----------+ 1821 + Source + 1822 +-----+-----+ 1823 | 1824 -----------------+---------------------------- 1825 |eth1/1 1826 +---+---+ 1827 + R1 + 1828 +-+---+-+ 1829 eth1/2 | \ eth1/3 1830 | \ 1831 | \ 1832 | \ 1833 | \ 1834 eth2/1 | \ eth3/1 1835 +---+---+ +-+---+ 1836 + R2 +---+ R3 + 1837 +---+---+ +-+---+ 1838 eth2/2 | | eth3/2 1839 | | 1840 ---------------+----------+------------------- 1841 | | 1842 | | 1843 +--------+--+ +---+--------+ 1844 + Receiver1 + + Receiver2 + 1845 +-----------+ +------------+ 1847 The configuration data for R1 in the above figure could be as follows: 1848 { 1849 "ietf-interfaces:interfaces":{ 1850 "interface":[ 1851 { 1852 "name":"eth1/1", 1853 "type":"iana-if-type:ethernetCsmacd" 1854 } 1855 ] 1856 }, 1857 "ietf-pseudowires:pseudowires": { 1858 "pseudowire": [ 1859 { 1860 "name": "pw2" 1861 }, 1862 { 1863 "name": "pw3" 1865 } 1866 ] 1867 }, 1868 "ietf-network-instance:network-instances": { 1869 "network-instance": [ 1870 { 1871 "name": "vpls1", 1872 "ietf-igmp-mld-snooping:igmp-snooping-instance": "vis1", 1873 "ietf-l2vpn:type": "ietf-l2vpn:vpls-instance-type", 1874 "ietf-l2vpn:signaling-type": "ietf-l2vpn:ldp-signaling", 1875 "ietf-l2vpn:endpoint": [ 1876 { 1877 "name": "acs", 1878 "ac": [ 1879 { 1880 "name": "eth1/1" 1881 } 1882 ] 1883 }, 1884 { 1885 "name": "pws", 1886 "pw": [ 1887 { 1888 "name": "pw2" 1889 }, 1890 { 1891 "name": "pw3" 1892 } 1893 ] 1894 } 1895 ] 1896 } 1897 ] 1898 }, 1899 "ietf-routing:routing": { 1900 "control-plane-protocols": { 1901 "control-plane-protocol": [ 1902 { 1903 "type": "ietf-igmp-mld-snooping:igmp-snooping", 1904 "name": "vis1", 1905 "ietf-igmp-mld-snooping:igmp-snooping-instance": { 1906 "scenario": "ietf-igmp-mld-snooping:l2vpn", 1907 "enable": true 1908 } 1909 } 1910 ] 1911 } 1912 } 1913 } 1914 The corresponding operational state data for R1 could be as follows: 1916 { 1917 "ietf-interfaces:interfaces":{ 1918 "interface":[ 1919 { 1920 "name":"eth1/1", 1921 "type":"iana-if-type:ethernetCsmacd", 1922 "oper-status": "up", 1923 "statistics": { 1924 "discontinuity-time": "2018-05-23T12:34:56-05:00" 1925 } 1926 } 1927 ] 1928 }, 1929 "ietf-pseudowires:pseudowires": { 1930 "pseudowire": [ 1931 { 1932 "name": "pw2" 1933 }, 1934 { 1935 "name": "pw3" 1936 } 1937 ] 1938 }, 1939 "ietf-network-instance:network-instances": { 1940 "network-instance": [ 1941 { 1942 "name": "vpls1", 1943 "ietf-igmp-mld-snooping:igmp-snooping-instance": "vis1", 1944 "ietf-l2vpn:type": "ietf-l2vpn:vpls-instance-type", 1945 "ietf-l2vpn:signaling-type": "ietf-l2vpn:ldp-signaling", 1946 "ietf-l2vpn:endpoint": [ 1947 { 1948 "name": "acs", 1949 "ac": [ 1950 { 1951 "name": "eth1/1" 1952 } 1953 ] 1954 }, 1955 { 1956 "name": "pws", 1957 "pw": [ 1958 { 1959 "name": "pw2" 1960 }, 1961 { 1962 "name": "pw3" 1963 } 1964 ] 1965 } 1967 ] 1968 } 1969 ] 1970 }, 1971 "ietf-routing:routing": { 1972 "control-plane-protocols": { 1973 "control-plane-protocol": [ 1974 { 1975 "type": "ietf-igmp-mld-snooping:igmp-snooping", 1976 "name": "vis1", 1977 "ietf-igmp-mld-snooping:igmp-snooping-instance": { 1978 "scenario": "ietf-igmp-mld-snooping:l2vpn", 1979 "enable": true 1980 } 1981 } 1982 ] 1983 } 1984 } 1985 } 1986 Authors' Addresses 1988 Hongji Zhao 1989 Ericsson (China) Communications Company Ltd. 1990 Ericsson Tower, No. 5 Lize East Street, 1991 Chaoyang District Beijing 100102, P.R. China 1993 Email: hongji.zhao@ericsson.com 1995 Xufeng Liu 1996 Volta Networks 1997 USA 1999 EMail: xufeng.liu.ietf@gmail.com 2001 Yisong Liu 2002 China Mobile 2003 China 2005 Email: liuyisong@chinamobile.com 2007 Anish Peter 2008 Individual 2010 EMail: anish.ietf@gmail.com 2012 Mahesh Sivakumar 2013 Juniper Networks 2014 1133 Innovation Way 2015 Sunnyvale, California 2016 USA 2018 EMail: sivakumar.mahesh@gmail.com