idnits 2.17.1 draft-ietf-pim-igmp-mld-snooping-yang-13.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 381 has weird spacing: '...er-mode fil...' == Line 494 has weird spacing: '...er-mode fil...' == Line 559 has weird spacing: '... source rt-...' == Line 567 has weird spacing: '... source rt-...' -- The document date (June 18, 2020) is 1408 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Downref: Normative reference to an Informational RFC: RFC 4541 Summary: 1 error (**), 0 flaws (~~), 5 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 PIM Working Group H. Zhao 2 Internet Draft Ericsson 3 Intended status: Standards Track X. Liu 4 Expires: December 17, 2020 Volta Networks 5 Y. Liu 6 China Mobile 7 M. Sivakumar 8 Juniper 9 A. Peter 10 Individual 12 June 18, 2020 14 A Yang Data Model for IGMP and MLD Snooping 15 draft-ietf-pim-igmp-mld-snooping-yang-13.txt 17 Abstract 19 This document defines a YANG data model that can be used to configure 20 and manage Internet Group Management Protocol (IGMP) and Multicast 21 Listener Discovery (MLD) Snooping devices. The YANG module in this 22 document conforms to Network Management Datastore Architecture (NMDA). 24 Status of this Memo 26 This Internet-Draft is submitted in full conformance with the 27 provisions of BCP 78 and BCP 79. 29 Internet-Drafts are working documents of the Internet Engineering 30 Task Force (IETF), its areas, and its working groups. Note that 31 other groups may also distribute working documents as Internet- 32 Drafts. 34 Internet-Drafts are draft documents valid for a maximum of six months 35 and may be updated, replaced, or obsoleted by other documents at any 36 time. It is inappropriate to use Internet-Drafts as reference 37 material or to cite them other than as "work in progress." 39 The list of current Internet-Drafts can be accessed at 40 http://www.ietf.org/ietf/1id-abstracts.txt 42 The list of Internet-Draft Shadow Directories can be accessed at 43 http://www.ietf.org/shadow.html 45 This Internet-Draft will expire on December 17, 2020. 47 Copyright Notice 49 Copyright (c) 2020 IETF Trust and the persons identified as the 50 document authors. All rights reserved. 52 This document is subject to BCP 78 and the IETF Trust's Legal 53 Provisions Relating to IETF Documents 54 (http://trustee.ietf.org/license-info) in effect on the date of 55 publication of this document. Please review these documents 56 carefully, as they describe your rights and restrictions with respect 57 to this document. Code Components extracted from this document must 58 include Simplified BSD License text as described in Section 4.e of 59 the Trust Legal Provisions and are provided without warranty as 60 described in the Simplified BSD License. 62 Table of Contents 64 1. Introduction...................................................3 65 1.1. Terminology...............................................3 66 1.2. Tree Diagrams.............................................3 67 1.3. Prefixes in Data Node Names...............................4 68 2. Design of Data Model...........................................4 69 2.1. Overview..................................................5 70 2.2. Optional Capabilities.....................................5 71 2.3. Position of Address Family in Hierarchy...................6 72 3. Module Structure...............................................6 73 3.1. IGMP Snooping Instances...................................7 74 3.2. MLD Snooping Instances....................................9 75 3.3. Using IGMP and MLD Snooping Instances....................11 76 3.4. IGMP and MLD Snooping Actions............................12 77 4. IGMP and MLD Snooping YANG Module.............................12 78 5. Security Considerations.......................................34 79 6. IANA Considerations...........................................35 80 7. References....................................................36 81 7.1. Normative References.....................................36 82 7.2. Informative References...................................38 83 Appendix A. Data Tree Example...................................39 84 A.1 Bridge scenario...........................................39 85 A.2 L2VPN scenario............................................42 86 Authors' Addresses...............................................46 88 1. Introduction 90 This document defines a YANG [RFC6020] data model for the management of 91 Internet Group Management Protocol (IGMP) and Multicast Listener 92 Discovery (MLD) Snooping [RFC4541] devices. 94 The YANG module in this document conforms to the Network Management 95 Datastore Architecture defined in [RFC8342]. The "Network Management 96 Datastore Architecture" (NMDA) adds the ability to inspect the current 97 operational values for configuration, allowing clients to use identical 98 paths for retrieving the configured values and the operational values. 100 1.1. Terminology 102 The terminology for describing YANG data models is found in [RFC6020] 104 and [RFC7950], including: 106 * augment 108 * data model 110 * data node 112 * identity 114 * module 116 The following terminologies are used in this document: 118 * mrouter: multicast router, which means nodes attached to a switch 119 have multicast routing enabled [RFC4286]. 121 * mrouter interfaces: snooping switch ports where multicast routers 122 are attached [RFC4541]. 124 The following abbreviations are used in this document and defined model: 126 IGMP: Internet Group Management Protocol [RFC3376]. 128 MLD: Multicast Listener Discovery [RFC3810]. 130 AC: Attachment Circuit [RFC3916]. 132 PW: Pseudo Wire [RFC3916]. 134 1.2. Tree Diagrams 136 Tree diagrams used in this document follow the notation defined in 138 [RFC8340]. 140 1.3. Prefixes in Data Node Names 142 In this document, names of data nodes, actions, and other data model 143 objects are often used without a prefix, as long as it is clear from the 144 context in which YANG module each name is defined. Otherwise, names are 145 prefixed using the standard prefix associated with the corresponding 146 YANG module, as shown in Table 1. 148 +----------+-----------------------+---------------------------------+ 149 | Prefix | YANG module | Reference | 150 +==========+=======================+=================================+ 151 | inet | ietf-inet-types | [RFC6991] | 152 +----------+-----------------------+---------------------------------+ 153 | yang | ietf-yang-types | [RFC6991] | 154 +----------+-----------------------+---------------------------------+ 155 | if | ietf-interfaces | [RFC8343] | 156 +----------+-----------------------+---------------------------------+ 157 | rt | ietf-routing | [RFC8349] | 158 +----------+-----------------------+---------------------------------+ 159 | rt-types | ietf-routing-types | [RFC8294] | 160 +----------+-----------------------+---------------------------------+ 161 | ni | ietf-network-instance | [RFC8529] | 162 +----------+-----------------------+---------------------------------+ 163 | pw | ietf-pseudowires | [draft-ietf-bess-l2vpn-yang] | 164 +----------+-----------------------+---------------------------------+ 165 | l2vpn | ietf-l2vpn | [draft-ietf-bess-l2vpn-yang] | 166 +----------+-----------------------+---------------------------------+ 167 | dot1q | ieee802-dot1q-bridge | [dot1Qcp] | 168 +----------+-----------------------+---------------------------------+ 169 Table 1: Prefixes and Corresponding YANG Modules 171 2. Design of Data Model 173 An IGMP/MLD snooping switch [RFC4541] analyzes IGMP/MLD packets and sets 174 up forwarding tables for multicast traffic. If a switch does not run 175 IGMP/MLD snooping, multicast traffic will be flooded in the broadcast 176 domain. If a switch runs IGMP/MLD snooping, multicast traffic will be 177 forwarded based on the forwarding tables to avoid bandwidth waste. The 178 IGMP/MLD snooping switch does not need to run any of the IGMP/MLD 179 protocols. Because the IGMP/MLD snooping is independent of the IGMP/MLD 180 protocols, the data model defined in this document does not augment, or 181 even require, the IGMP/MLD data model defined in [RFC8652]. 182 The model covers considerations for Internet Group Management Protocol 183 (IGMP) and Multicast Listener Discovery (MLD) Snooping Switches 184 [RFC4541]. 186 IGMP and MLD snooping switches do not adhere to the conceptual model 187 that provides the strict separation of functionality between different 188 communications layers in the ISO model, and instead utilize information 189 in the upper level protocol headers as factors to be considered in 190 processing at the lower levels [RFC4541]. 192 IGMP Snooping switches utilize IGMP, and could support IGMPv1 [RFC1112], 193 IGMPv2 [RFC2236], and IGMPv3 [RFC3376]. MLD Snooping switches utilize 194 MLD, and could support MLDv1 [RFC2710] and MLDv2 [RFC3810]. The goal of 195 this document is to define a data model that provides a common user 196 interface to IGMP and MLD Snooping. 198 2.1. Overview 200 The IGMP and MLD Snooping YANG module defined in this document has all 201 the common building blocks for the IGMP and MLD Snooping switches. 203 The YANG module includes IGMP and MLD Snooping instance definition, 204 using instance in the scenario of BRIDGE [dot1Qcp] and L2VPN [draft- 205 ietf-bess-l2vpn-yang]. The module also includes the RPC methods for 206 clearing IGMP and MLD Snooping group tables. 208 This YANG module conforms to Network Management Datastore Architecture 209 (NMDA)[RFC8342]. This NMDA architecture provides an architectural 210 framework for datastores as they are used by network management 211 protocols such as NETCONF [RFC6241], RESTCONF [RFC8040] and the YANG 212 [RFC7950] data modeling language. 214 2.2. Optional Capabilities 216 This model is designed to represent the basic capability subsets of IGMP 217 and MLD Snooping. The main design goals of this document are that the 218 basic capabilities described in the model are supported by any major 219 now-existing implementation, and that the configuration of all 220 implementations meeting the specifications is easy to express through 221 some combination of the optional features in the model and simple vendor 222 augmentations. 224 There is also value in widely supported features being standardized, to 225 provide a standardized way to access these features, to save work for 226 individual vendors, and so that mapping between different vendors' 227 configuration is not needlessly complicated. Therefore, this model 228 declares a number of features representing capabilities that not all 229 deployed devices support. 231 The extensive use of feature declarations should also substantially 232 simplify the capability negotiation process for a vendor's IGMP and MLD 233 Snooping implementations. 235 On the other hand, operational state parameters are not so widely 236 designated as features, as there are many cases where the defaulting 237 of an operational state parameter would not cause any harm to the 238 system, and it is much more likely that an implementation without 239 native support for a piece of operational state would be able to derive 240 a suitable value for a state variable that is not natively supported. 242 2.3. Position of Address Family in Hierarchy 244 IGMP Snooping only supports IPv4, while MLD Snooping only supports IPv6. 245 The data model defined in this document can be used for both IPv4 and 246 IPv6 address families. 248 This document defines IGMP Snooping and MLD Snooping as separate schema 249 branches in the structure. The benefits are: 251 * The model can support IGMP Snooping (IPv4), MLD Snooping (IPv6), or 252 both optionally and independently. Such flexibility cannot be achieved 253 cleanly with a combined branch. 255 * The structure is consistent with other YANG data models such as 256 [RFC8652], which uses separate branches for IPv4 and IPv6. 258 * The separate branches for IGMP Snooping and MLD Snooping can 259 accommodate their differences better and cleaner. The two branches can 260 better support different features and node types. 262 3. Module Structure 264 This model augments the core routing data model specified in [RFC8349]. 266 +--rw routing 267 +--rw router-id? 268 +--rw control-plane-protocols 269 | +--rw control-plane-protocol* [type name] 270 | +--rw type 271 | +--rw name 272 | +--rw igmp-snooping-instance <= Augmented by this Model 273 ... 274 | +--rw mld-snooping-instance <= Augmented by this Model 275 ... 276 The "igmp-snooping-instance" container instantiates an IGMP Snooping 277 Instance. The "mld-snooping-instance" container instantiates an MLD 278 Snooping Instance. 280 The YANG data model defined in this document conforms to the Network 281 Management Datastore Architecture (NMDA) [RFC8342]. The operational 282 state data is combined with the associated configuration data in the 283 same hierarchy [RFC8407]. 285 A configuration data node is marked as mandatory only when its value 286 must be provided by the user. Where nodes are not essential to protocol 287 operation, they are marked as optional. Some other nodes are essential 288 but have a default specified, so that they are also optional and need 289 not be configured explicitly. 291 3.1. IGMP Snooping Instances 293 The YANG module defines igmp-snooping-instance which augments 294 /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol. 296 All the IGMP Snooping related attributes have been defined in the igmp- 297 snooping-instance. The read-write attribute represents configurable 298 data. The read-only attribute represents state data. 300 One igmp-snooping-instance could be used in one BRIDGE [dot1Qcp] 301 instance or L2VPN [draft-ietf-bess-l2vpn-yang] instance. One igmp- 302 snooping-instance corresponds to one BRIDGE instance or one L2VPN 303 instance. 305 The value of scenario in igmp-snooping-instance is bridge or l2vpn. When 306 it is bridge, igmp-snooping-instance will be used in the BRIDGE 307 scenario. When it is l2vpn, igmp-snooping-instance will be used in the 308 L2VPN scenario. 310 The value of bridge-mrouter-interface, l2vpn-mrouter-interface-ac, 311 l2vpn-mrouter-interface-pw are filled by the snooping device 312 dynamically. They are different from static-bridge-mrouter-interface, 313 static-l2vpn-mrouter-interface-ac, and static-l2vpn-mrouter-interface-pw 314 which are configured statically. 316 The attributes under the interfaces show the statistics of IGMP Snooping 317 related packets. 319 augment /rt:routing/rt:control-plane-protocols 320 /rt:control-plane-protocol: 321 +--rw igmp-snooping-instance {igmp-snooping}? 322 +--rw scenario? 323 | snooping-scenario-type 324 +--rw enable? boolean 325 +--rw forwarding-table-type? enumeration 326 +--rw explicit-tracking? boolean 327 | {explicit-tracking}? 328 +--rw exclude-lite? boolean 329 | {exclude-lite}? 330 +--rw send-query? boolean 331 +--rw immediate-leave? empty 332 | {immediate-leave}? 333 +--rw last-member-query-interval? uint16 334 +--rw query-interval? uint16 335 +--rw query-max-response-time? uint16 336 +--rw require-router-alert? boolean 337 | {require-router-alert}? 338 +--rw robustness-variable? uint8 339 +--rw static-bridge-mrouter-interface* if:interface-ref 340 | {static-mrouter-interface}? 341 +--rw static-l2vpn-mrouter-interface-ac* if:interface-ref 342 | {static-mrouter-interface}? 343 +--rw static-l2vpn-mrouter-interface-pw* pw:pseudowire-ref 344 | {static-mrouter-interface}? 345 +--rw igmp-version? uint8 346 +--rw querier-source? inet:ipv4-address 347 +--rw static-l2-multicast-group* [group source-addr] 348 | {static-l2-multicast-group}? 349 | +--rw group 350 | | rt-types:ipv4-multicast-group-address 351 | +--rw source-addr 352 | | rt-types:ipv4-multicast-source-address 353 | +--rw bridge-outgoing-interface* if:interface-ref 354 | +--rw l2vpn-outgoing-ac* if:interface-ref 355 | +--rw l2vpn-outgoing-pw* pw:pseudowire-ref 356 +--ro entries-count? uint32 357 +--ro bridge-mrouter-interface* if:interface-ref 358 +--ro l2vpn-mrouter-interface-ac* if:interface-ref 359 +--ro l2vpn-mrouter-interface-pw* pw:pseudowire-ref 360 +--ro group* [address] 361 | +--ro address 362 | | rt-types:ipv4-multicast-group-address 363 | +--ro mac-address? yang:phys-address 364 | +--ro expire? rt-types:timer-value-seconds16 365 | +--ro up-time uint32 366 | +--ro last-reporter? inet:ipv4-address 367 | +--ro source* [address] 368 | +--ro address 369 | | rt-types:ipv4-multicast-source-address 370 | +--ro bridge-outgoing-interface* if:interface-ref 371 | +--ro l2vpn-outgoing-ac* if:interface-ref 372 | +--ro l2vpn-outgoing-pw* pw:pseudowire-ref 373 | +--ro up-time uint32 374 | +--ro expire? 375 | | rt-types:timer-value-seconds16 376 | +--ro host-count? uint32 377 | | {explicit-tracking}? 378 | +--ro last-reporter? inet:ipv4-address 379 | +--ro host* [host-address] {explicit-tracking}? 380 | +--ro host-address inet:ipv4-address 381 | +--ro host-filter-mode filter-mode-type 382 +--ro interfaces 383 +--ro interface* [name] 384 +--ro name if:interface-ref 385 +--ro statistics 386 +--ro received 387 | +--ro num-query? yang:counter64 388 | +--ro num-membership-report-v1? yang:counter64 389 | +--ro num-membership-report-v2? yang:counter64 390 | +--ro num-membership-report-v3? yang:counter64 391 | +--ro num-leave? yang:counter64 392 | +--ro num-non-member-leave? yang:counter64 393 | +--ro num-pim-hello? yang:counter64 394 +--ro sent 395 +--ro num-query? yang:counter64 396 +--ro num-membership-report-v1? yang:counter64 397 +--ro num-membership-report-v2? yang:counter64 398 +--ro num-membership-report-v3? yang:counter64 399 +--ro num-leave? yang:counter64 400 +--ro num-non-member-leave? yang:counter64 401 +--ro num-pim-hello? yang:counter64 403 3.2. MLD Snooping Instances 405 The YANG module defines mld-snooping-instance which could be used in the 406 BRIDGE [dot1Qcp] or L2VPN [draft-ietf-bess-l2vpn-yang] scenario to 407 enable MLD Snooping. 409 All the MLD Snooping related attributes have been defined in the mld- 410 snooping-instance. The read-write attribute represents configurable 411 data. The read-only attribute represents state data. 413 The mld-snooping-instance is the same as IGMP snooping except changing 414 IPv4 addresses to IPv6 addresses. One mld-snooping-instance could be 415 used in one BRIDGE instance or L2VPN instance. One mld-snooping-instance 416 corresponds to one BRIDGE instance or L2VPN instance. 418 The value of scenario in mld-snooping-instance is bridge or l2vpn. When 419 it is bridge, mld-snooping-instance will be used in the BRIDGE scenario. 420 When it is l2vpn, mld-snooping-instance will be used in the L2VPN 421 scenario. 423 The value of bridge-mrouter-interface, l2vpn-mrouter-interface-ac, 424 l2vpn-mrouter-interface-pw are filled by the snooping device 425 dynamically. They are different from static-bridge-mrouter-interface, 426 static-l2vpn-mrouter-interface-ac, and static-l2vpn-mrouter-interface-pw 427 which are configured statically. 429 The attributes under the interfaces show the statistics of MLD Snooping 430 related packets. 432 augment /rt:routing/rt:control-plane-protocols 433 /rt:control-plane-protocol: 434 +--rw mld-snooping-instance {mld-snooping}? 435 +--rw scenario? 436 | snooping-scenario-type 437 +--rw enable? boolean 438 +--rw forwarding-table-type? enumeration 439 +--rw explicit-tracking? boolean 440 | {explicit-tracking}? 441 +--rw exclude-lite? boolean 442 | {exclude-lite}? 443 +--rw send-query? boolean 444 +--rw immediate-leave? empty 445 | {immediate-leave}? 446 +--rw last-member-query-interval? uint16 447 +--rw query-interval? uint16 448 +--rw query-max-response-time? uint16 449 +--rw require-router-alert? boolean 450 | {require-router-alert}? 451 +--rw robustness-variable? uint8 452 +--rw static-bridge-mrouter-interface* if:interface-ref 453 | {static-mrouter-interface}? 454 +--rw static-l2vpn-mrouter-interface-ac* if:interface-ref 455 | {static-mrouter-interface}? 456 +--rw static-l2vpn-mrouter-interface-pw* pw:pseudowire-ref 457 | {static-mrouter-interface}? 458 +--rw mld-version? uint8 459 +--rw querier-source? inet:ipv6-address 460 +--rw static-l2-multicast-group* [group source-addr] 461 | {static-l2-multicast-group}? 462 | +--rw group 463 | | rt-types:ipv6-multicast-group-address 464 | +--rw source-addr 465 | | rt-types:ipv6-multicast-source-address 466 | +--rw bridge-outgoing-interface* if:interface-ref 467 | +--rw l2vpn-outgoing-ac* if:interface-ref 468 | +--rw l2vpn-outgoing-pw* pw:pseudowire-ref 469 +--ro entries-count? uint32 470 +--ro bridge-mrouter-interface* if:interface-ref 471 +--ro l2vpn-mrouter-interface-ac* if:interface-ref 472 +--ro l2vpn-mrouter-interface-pw* pw:pseudowire-ref 473 +--ro group* [address] 474 | +--ro address 475 | | rt-types:ipv6-multicast-group-address 476 | +--ro mac-address? yang:phys-address 477 | +--ro expire? rt-types:timer-value-seconds16 478 | +--ro up-time uint32 479 | +--ro last-reporter? inet:ipv6-address 480 | +--ro source* [address] 481 | +--ro address 482 | | rt-types:ipv6-multicast-source-address 483 | +--ro bridge-outgoing-interface* if:interface-ref 484 | +--ro l2vpn-outgoing-ac* if:interface-ref 485 | +--ro l2vpn-outgoing-pw* pw:pseudowire-ref 486 | +--ro up-time uint32 487 | +--ro expire? 488 | | rt-types:timer-value-seconds16 489 | +--ro host-count? uint32 490 | | {explicit-tracking}? 491 | +--ro last-reporter? inet:ipv6-address 492 | +--ro host* [host-address] {explicit-tracking}? 493 | +--ro host-address inet:ipv6-address 494 | +--ro host-filter-mode filter-mode-type 495 +--ro interfaces 496 +--ro interface* [name] 497 +--ro name if:interface-ref 498 +--ro statistics 499 +--ro received 500 | +--ro num-query? yang:counter64 501 | +--ro num-report-v1? yang:counter64 502 | +--ro num-report-v2? yang:counter64 503 | +--ro num-done? yang:counter64 504 | +--ro num-pim-hello? yang:counter64 505 +--ro sent 506 +--ro num-query? yang:counter64 507 +--ro num-report-v1? yang:counter64 508 +--ro num-report-v2? yang:counter64 509 +--ro num-done? yang:counter64 510 +--ro num-pim-hello? yang:counter64 512 3.3. Using IGMP and MLD Snooping Instances 514 The igmp-snooping-instance could be used in the scenario of BRIDGE 515 [dot1Qcp] or L2VPN [draft-ietf-bess-l2vpn-yang] to configure the IGMP 516 Snooping. 518 For the BRIDGE scenario this model augments /dot1q:bridges/dot1q:bridge 519 to use igmp-snooping-instance. It means IGMP Snooping is enabled in the 520 whole bridge. 522 It also augments /dot1q:bridges/dot1q:bridge/dot1q:component/ 523 dot1q:bridge-vlan/dot1q:vlan to use igmp-snooping-instance. It means 524 IGMP Snooping is enabled in the specified VLAN on the bridge. 526 augment /dot1q:bridges/dot1q:bridge: 527 +--rw igmp-snooping-instance? igmp-mld-snooping-instance-ref 528 +--rw mld-snooping-instance? igmp-mld-snooping-instance-ref 530 augment /dot1q:bridges/dot1q:bridge/dot1q:component 531 /dot1q:bridge-vlan/dot1q:vlan: 532 +--rw igmp-snooping-instance? igmp-mld-snooping-instance-ref 533 +--rw mld-snooping-instance? igmp-mld-snooping-instance-ref 535 For the L2VPN scenario this model augments /ni:network-instances/ 536 ni:network-instance/ni:ni-type/l2vpn:l2vpn [RFC8529] to use igmp- 537 snooping-instance. It means IGMP Snooping is enabled in the specified 538 l2vpn instance. 540 augment /ni:network-instances/ni:network-instance/ni:ni-type 541 /l2vpn:l2vpn: 542 +--rw igmp-snooping-instance? igmp-mld-snooping-instance-ref 543 +--rw mld-snooping-instance? igmp-mld-snooping-instance-ref 545 The mld-snooping-instance could be used in concurrence with igmp- 546 snooping-instance to configure the MLD Snooping. 548 3.4. IGMP and MLD Snooping Actions 550 IGMP and MLD Snooping actions clear the specified IGMP and MLD Snooping 551 group tables. 553 augment /rt:routing/rt:control-plane-protocols 554 /rt:control-plane-protocol: 555 +--rw igmp-snooping-instance {igmp-snooping}? 556 +---x clear-igmp-snooping-groups {action-clear-groups}? 557 +---w input 558 +---w group union 559 +---w source rt-types:ipv4-multicast-source-address 561 augment /rt:routing/rt:control-plane-protocols 562 /rt:control-plane-protocol: 563 +--rw mld-snooping-instance {mld-snooping}? 564 +---x clear-mld-snooping-groups {action-clear-groups}? 565 +---w input 566 +---w group union 567 +---w source rt-types:ipv6-multicast-source-address 569 4. IGMP and MLD Snooping YANG Module 571 This module references [RFC3376],[RFC4541],[RFC5790],[RFC6636], 572 [RFC6991],[RFC8343],[RFC8529],[dot1Qcp],[draft-ietf-bess-l2vpn-yang]. 574 file ietf-igmp-mld-snooping@2020-06-16.yang 575 module ietf-igmp-mld-snooping { 576 yang-version 1.1; 577 namespace "urn:ietf:params:xml:ns:yang:ietf-igmp-mld-snooping"; 579 prefix ims; 581 import ietf-inet-types { 582 prefix "inet"; 583 reference 584 "RFC 6991: Common YANG Data Types"; 585 } 587 import ietf-yang-types { 588 prefix "yang"; 589 reference 590 "RFC 6991: Common YANG Data Types"; 591 } 593 import ietf-interfaces { 594 prefix "if"; 595 reference 596 "RFC 8343: A YANG Data Model for Interface Management"; 597 } 599 import ietf-routing { 600 prefix "rt"; 601 reference 602 "RFC 8349: A YANG Data Model for Routing Management (NMDA 603 Version)"; 604 } 606 import ietf-routing-types { 607 prefix "rt-types"; 608 reference 609 "RFC 8294: Common YANG Data Types for the Routing Area"; 610 } 612 import ietf-l2vpn { 613 prefix "l2vpn"; 614 reference 615 "draft-ietf-bess-l2vpn-yang: YANG Data Model for MPLS-based 616 L2VPN"; 617 } 619 import ietf-network-instance { 620 prefix "ni"; 621 reference 622 "RFC 8529: YANG Data Model for Network Instances"; 623 } 625 import ietf-pseudowires { 626 prefix "pw"; 627 reference 628 "draft-ietf-bess-l2vpn-yang: YANG Data Model for MPLS-based 629 L2VPN"; 630 } 632 import ieee802-dot1q-bridge { 633 prefix "dot1q"; 634 reference 635 "dot1Qcp: IEEE 802.1Qcp-2018 Bridges and Bridged Networks 636 - Amendment: YANG Data Model"; 637 } 639 organization 640 "IETF PIM Working Group"; 642 contact 643 "WG Web: 644 WG List: 646 Editors: Hongji Zhao 647 649 Xufeng Liu 650 652 Yisong Liu 653 655 Anish Peter 656 658 Mahesh Sivakumar 659 661 "; 663 description 664 "The module defines a collection of YANG definitions common for 665 all devices that implement Internet Group Management Protocol 666 (IGMP) and Multicast Listener Discovery (MLD) Snooping which is 667 described in RFC 4541. 669 Copyright (c) 2020 IETF Trust and the persons identified as 670 authors of the code. All rights reserved. 672 Redistribution and use in source and binary forms, with or 673 without modification, is permitted pursuant to, and subject to 674 the license terms contained in, the Simplified BSD License set 675 forth in Section 4.c of the IETF Trust's Legal Provisions 676 Relating to IETF Documents 677 (http://trustee.ietf.org/license-info). 679 This version of this YANG module is part of RFC XXXX; see the 680 RFC itself for full legal notices."; 682 revision 2020-06-16 { 683 description 684 "Initial revision."; 685 reference 686 "RFC XXXX: A YANG Data Model for IGMP and MLD Snooping"; 687 } 689 /* 690 * Features 691 */ 693 feature igmp-snooping { 694 description 695 "Support IGMP snooping."; 696 } 698 feature mld-snooping { 699 description 700 "Support MLD snooping."; 701 } 703 feature immediate-leave { 704 description 705 "Support configuration of immediate-leave."; 706 } 708 feature static-l2-multicast-group { 709 description 710 "Support configuration of L2 multicast static-group."; 711 } 713 feature static-mrouter-interface { 714 description 715 "Support configuration of mrouter interface."; 716 } 718 feature action-clear-groups { 719 description 720 "Support clearing statistics by action for IGMP & MLD snooping."; 721 } 723 feature require-router-alert { 724 description 725 "Support configuration of require-router-alert."; 726 reference 727 "RFC 3376, Section 5.2"; 728 } 730 feature exclude-lite { 731 description 732 "Support configuration of per instance exclude-lite."; 733 reference 734 "RFC 5790, Section 3"; 735 } 737 feature explicit-tracking { 738 description 739 "Support configuration of per instance explicit-tracking."; 740 reference 741 "RFC 6636, Section 3"; 742 } 743 /* identities */ 745 identity scenario-type { 746 description 747 "Base identity for scenario type in IGMP & MLD snooping"; 748 } 750 identity bridge { 751 base scenario-type; 752 description 753 "This identity represents BRIDGE scenario."; 754 } 756 identity l2vpn { 757 base scenario-type; 758 description 759 "This identity represents L2VPN scenario."; 760 } 762 identity filter-mode { 763 description 764 "Base identity for filter mode in IGMP & MLD snooping"; 765 } 767 identity include { 768 base filter-mode; 769 description 770 "This identity represents include mode."; 771 } 773 identity exclude { 774 base filter-mode; 775 description 776 "This identity represents exclude mode."; 777 } 779 identity igmp-snooping { 780 base rt:control-plane-protocol; 781 description 782 "IGMP snooping"; 783 } 785 identity mld-snooping { 786 base rt:control-plane-protocol; 787 description 788 "MLD snooping"; 789 } 791 /* 792 * Typedefs 793 */ 795 typedef snooping-scenario-type { 796 type identityref { 797 base "scenario-type"; 798 } 799 description "The IGMP & MLD snooping scenario type"; 800 } 802 typedef filter-mode-type { 803 type identityref { 804 base "filter-mode"; 805 } 806 description "The host filter mode"; 807 } 809 typedef igmp-mld-snooping-instance-ref { 810 type leafref { 811 path "/rt:routing/rt:control-plane-protocols"+ 812 "/rt:control-plane-protocol/rt:name"; 813 } 814 description 815 "This type is used by data models which need to 816 reference IGMP & MLD snooping instance."; 817 } 819 /* 820 * Groupings 821 */ 823 grouping instance-config-attributes-igmp-snooping { 824 description 825 "IGMP snooping configuration for each BRIDGE or L2VPN instance."; 827 uses instance-config-attributes-igmp-mld-snooping; 829 leaf igmp-version { 830 type uint8 { 831 range "1..3"; 832 } 833 default 2; 834 description "IGMP version."; 835 } 837 leaf querier-source { 838 type inet:ipv4-address; 839 description 840 "Use the IGMP snooping querier to support IGMP 841 snooping in a VLAN where PIM and IGMP are not configured. 842 The IPv4 address is used as source address in messages."; 843 } 845 list static-l2-multicast-group { 846 if-feature static-l2-multicast-group; 847 key "group source-addr"; 848 description 849 "A static multicast route, (*,G) or (S,G)."; 851 leaf group { 852 type rt-types:ipv4-multicast-group-address; 853 description 854 "Multicast group IPv4 address"; 855 } 857 leaf source-addr { 858 type rt-types:ipv4-multicast-source-address; 859 description 860 "Multicast source IPv4 address."; 861 } 863 leaf-list bridge-outgoing-interface { 864 when 'derived-from-or-self(../../scenario,"ims:bridge")'; 865 type if:interface-ref; 866 description "Outgoing interface in BRIDGE forwarding"; 867 } 869 leaf-list l2vpn-outgoing-ac { 870 when 'derived-from-or-self(../../scenario,"ims:l2vpn")'; 871 type if:interface-ref; 872 description "Outgoing Attachment Circuit (AC) in L2VPN 873 forwarding"; 874 } 876 leaf-list l2vpn-outgoing-pw { 877 when 'derived-from-or-self(../../scenario,"ims:l2vpn")'; 878 type pw:pseudowire-ref; 879 description "Outgoing Pseudo Wire (PW) in L2VPN forwarding"; 880 } 881 } // static-l2-multicast-group 882 } // instance-config-attributes-igmp-snooping 884 grouping instance-config-attributes-igmp-mld-snooping { 885 description 886 "IGMP and MLD snooping configuration of each VLAN."; 888 leaf enable { 889 type boolean; 890 default false; 891 description 892 "Set the value to true to enable IGMP & MLD snooping."; 893 } 895 leaf forwarding-table-type { 896 type enumeration { 897 enum "mac" { 898 description 899 "MAC-based lookup mode"; 900 } 901 enum "ip" { 902 description 903 "IP-based lookup mode"; 904 } 905 } 906 default "ip"; 907 description "The default forwarding table type is ip"; 908 } 910 leaf explicit-tracking { 911 if-feature explicit-tracking; 912 type boolean; 913 default false; 914 description 915 "Track the IGMPv3 and MLDv2 snooping membership reports 916 from individual hosts. It contributes to saving network 917 resources and shortening leave latency."; 918 } 920 leaf exclude-lite { 921 if-feature exclude-lite; 922 type boolean; 923 default false; 924 description 925 "Track the Lightweight IGMPv3 and MLDv2 protocol report"; 926 reference "RFC 5790"; 927 } 929 leaf send-query { 930 type boolean; 931 default false; 932 description 933 "Enable quick response for topology changes. 934 To support IGMP snooping in a VLAN where PIM and IGMP are 935 not configured. It cooperates with parameter querier-source."; 936 } 938 leaf immediate-leave { 939 if-feature immediate-leave; 940 type empty; 941 description 942 "When immediate leave is enabled, the IGMP software assumes 943 that no more than one host is present on each VLAN port."; 944 } 946 leaf last-member-query-interval { 947 type uint16 { 948 range "10..10230"; 949 } 950 units one-tenth-second; 951 default 10; 952 description 953 "Last Member Query Interval, which may be tuned to modify 954 the leave latency of the network. 955 It is represented in units of 1/10 second."; 956 reference "RFC 3376. Sec. 8.8."; 957 } 959 leaf query-interval { 960 type uint16; 961 units seconds; 962 default 125; 963 description 964 "The Query Interval is the interval between General Queries 965 sent by the Querier."; 966 reference "RFC 3376. Sec. 4.1.7, 8.2, 8.14.2."; 967 } 969 leaf query-max-response-time { 970 type uint16; 971 units one-tenth-second; 972 default 100; 973 description 974 "Query maximum response time specifies the maximum time 975 allowed before sending a responding report. 976 It is represented in units of 1/10 second."; 977 reference "RFC 3376. Sec. 4.1.1, 8.3, 8.14.3."; 978 } 980 leaf require-router-alert { 981 if-feature require-router-alert; 982 type boolean; 983 default false; 984 description 985 "When the value is true, router alert should exist 986 in the IP header of IGMP or MLD packet."; 987 } 989 leaf robustness-variable { 990 type uint8 { 991 range "1..7"; 992 } 993 default 2; 994 description 995 "Querier's Robustness Variable allows tuning for the 996 expected packet loss on a network."; 997 reference "RFC 3376. Sec. 4.1.6, 8.1, 8.14.1."; 998 } 1000 leaf-list static-bridge-mrouter-interface { 1001 when 'derived-from-or-self(../scenario,"ims:bridge")'; 1002 if-feature static-mrouter-interface; 1003 type if:interface-ref; 1004 description "static mrouter interface in BRIDGE forwarding"; 1005 } 1007 leaf-list static-l2vpn-mrouter-interface-ac { 1008 when 'derived-from-or-self(../scenario,"ims:l2vpn")'; 1009 if-feature static-mrouter-interface; 1010 type if:interface-ref; 1011 description 1012 "static mrouter interface whose type is interface 1013 in L2VPN forwarding"; 1014 } 1016 leaf-list static-l2vpn-mrouter-interface-pw { 1017 when 'derived-from-or-self(../scenario,"ims:l2vpn")'; 1018 if-feature static-mrouter-interface; 1019 type pw:pseudowire-ref; 1020 description 1021 "static mrouter interface whose type is PW 1022 in L2VPN forwarding"; 1023 } 1024 } // instance-config-attributes-igmp-mld-snooping 1026 grouping instance-config-attributes-mld-snooping { 1027 description "MLD snooping configuration of each VLAN."; 1029 uses instance-config-attributes-igmp-mld-snooping; 1031 leaf mld-version { 1032 type uint8 { 1033 range "1..2"; 1034 } 1035 default 2; 1036 description "MLD version."; 1037 } 1039 leaf querier-source { 1040 type inet:ipv6-address; 1041 description 1042 "Use the MLD snooping querier to support MLD snooping where 1043 PIM and MLD are not configured. The IPv6 address is used as 1044 the source address in messages."; 1045 } 1047 list static-l2-multicast-group { 1048 if-feature static-l2-multicast-group; 1049 key "group source-addr"; 1050 description 1051 "A static multicast route, (*,G) or (S,G)."; 1053 leaf group { 1054 type rt-types:ipv6-multicast-group-address; 1055 description 1056 "Multicast group IPv6 address"; 1057 } 1059 leaf source-addr { 1060 type rt-types:ipv6-multicast-source-address; 1061 description 1062 "Multicast source IPv6 address."; 1063 } 1065 leaf-list bridge-outgoing-interface { 1066 when 'derived-from-or-self(../../scenario,"ims:bridge")'; 1067 type if:interface-ref; 1068 description "Outgoing interface in BRIDGE forwarding"; 1069 } 1071 leaf-list l2vpn-outgoing-ac { 1072 when 'derived-from-or-self(../../scenario,"ims:l2vpn")'; 1073 type if:interface-ref; 1074 description "Outgoing Attachment Circuit (AC) in L2VPN 1075 forwarding"; 1076 } 1078 leaf-list l2vpn-outgoing-pw { 1079 when 'derived-from-or-self(../../scenario,"ims:l2vpn")'; 1080 type pw:pseudowire-ref; 1081 description "Outgoing Pseudo Wire (PW) in L2VPN forwarding"; 1082 } 1083 } // static-l2-multicast-group 1084 } // instance-config-attributes-mld-snooping 1086 grouping instance-state-group-attributes-igmp-mld-snooping { 1087 description 1088 "Attributes for both IGMP and MLD snooping groups."; 1090 leaf mac-address { 1091 type yang:phys-address; 1092 description "Destination MAC address for L2 multicast."; 1093 } 1095 leaf expire { 1096 type rt-types:timer-value-seconds16; 1097 units seconds; 1098 description 1099 "The time left before multicast group timeout."; 1100 } 1102 leaf up-time { 1103 type uint32; 1104 units seconds; 1105 mandatory true; 1106 description 1107 "The time elapsed since L2 multicast record created."; 1108 } 1109 } // instance-state-group-attributes-igmp-mld-snooping 1111 grouping instance-state-attributes-igmp-snooping { 1112 description 1113 "State attributes for IGMP snooping for each instance."; 1115 uses instance-state-attributes-igmp-mld-snooping; 1117 list group { 1119 key "address"; 1121 config false; 1123 description "IGMP snooping information"; 1125 leaf address { 1126 type rt-types:ipv4-multicast-group-address; 1127 description 1128 "Multicast group IPv4 address"; 1129 } 1131 uses instance-state-group-attributes-igmp-mld-snooping; 1133 leaf last-reporter { 1134 type inet:ipv4-address; 1135 description 1136 "Address of the last host which has sent report to join 1137 the multicast group."; 1138 } 1140 list source { 1141 key "address"; 1142 description "Source IPv4 address for multicast stream"; 1144 leaf address { 1145 type rt-types:ipv4-multicast-source-address; 1146 description "Source IPv4 address for multicast stream"; 1147 } 1149 uses instance-state-source-attributes-igmp-mld-snooping; 1151 leaf last-reporter { 1152 type inet:ipv4-address; 1153 description 1154 "Address of the last host which has sent report 1155 to join the multicast group."; 1156 } 1157 list host { 1158 if-feature explicit-tracking; 1159 key "host-address"; 1160 description 1161 "List of multicast membership hosts 1162 of the specific multicast source-group."; 1164 leaf host-address { 1165 type inet:ipv4-address; 1166 description 1167 "Multicast membership host address."; 1168 } 1169 leaf host-filter-mode { 1170 type filter-mode-type; 1171 mandatory true; 1172 description 1173 "Filter mode for a multicast membership 1174 host may be either include or exclude."; 1175 } 1176 }// list host 1178 } // list source 1179 } // list group 1180 } // instance-state-attributes-igmp-snooping 1182 grouping instance-state-attributes-igmp-mld-snooping { 1184 description 1185 "State attributes for IGMP & MLD snooping instance."; 1187 leaf entries-count { 1188 type uint32; 1189 config false; 1190 description 1191 "The number of L2 multicast entries in IGMP & MLD snooping"; 1192 } 1194 leaf-list bridge-mrouter-interface { 1195 when 'derived-from-or-self(../scenario,"ims:bridge")'; 1196 type if:interface-ref; 1197 config false; 1198 description "mrouter interface in BRIDGE forwarding"; 1199 } 1201 leaf-list l2vpn-mrouter-interface-ac { 1202 when 'derived-from-or-self(../scenario,"ims:l2vpn")'; 1203 type if:interface-ref; 1204 config false; 1205 description 1206 "mrouter interface whose type is interface 1207 in L2VPN forwarding"; 1209 } 1211 leaf-list l2vpn-mrouter-interface-pw { 1212 when 'derived-from-or-self(../scenario,"ims:l2vpn")'; 1213 type pw:pseudowire-ref; 1214 config false; 1215 description 1216 "mrouter interface whose type is PW in L2VPN forwarding"; 1217 } 1218 } // instance-config-attributes-igmp-mld-snooping 1220 grouping instance-state-attributes-mld-snooping { 1221 description 1222 "State attributes for MLD snooping of each VLAN."; 1224 uses instance-state-attributes-igmp-mld-snooping; 1226 list group { 1227 key "address"; 1228 config false; 1229 description "MLD snooping statistics information"; 1231 leaf address { 1232 type rt-types:ipv6-multicast-group-address; 1233 description 1234 "Multicast group IPv6 address"; 1235 } 1237 uses instance-state-group-attributes-igmp-mld-snooping; 1239 leaf last-reporter { 1240 type inet:ipv6-address; 1241 description 1242 "Address of the last host which has sent report 1243 to join the multicast group."; 1244 } 1246 list source { 1247 key "address"; 1248 description "Source IPv6 address for multicast stream"; 1250 leaf address { 1251 type rt-types:ipv6-multicast-source-address; 1252 description "Source IPv6 address for multicast stream"; 1253 } 1255 uses instance-state-source-attributes-igmp-mld-snooping; 1257 leaf last-reporter { 1258 type inet:ipv6-address; 1259 description 1260 "Address of the last host which has sent report 1261 to join the multicast group."; 1262 } 1264 list host { 1265 if-feature explicit-tracking; 1266 key "host-address"; 1267 description 1268 "List of multicast membership hosts 1269 of the specific multicast source-group."; 1271 leaf host-address { 1272 type inet:ipv6-address; 1273 description 1274 "Multicast membership host address."; 1275 } 1276 leaf host-filter-mode { 1277 type filter-mode-type; 1278 mandatory true; 1279 description 1280 "Filter mode for a multicast membership 1281 host may be either include or exclude."; 1282 } 1283 }// list host 1284 } // list source 1285 } // list group 1286 } // instance-state-attributes-mld-snooping 1288 grouping instance-state-source-attributes-igmp-mld-snooping { 1289 description 1290 "State attributes for IGMP & MLD snooping instance."; 1292 leaf-list bridge-outgoing-interface { 1293 when 'derived-from-or-self(../../../scenario,"ims:bridge")'; 1294 type if:interface-ref; 1295 description "Outgoing interface in BRIDGE forwarding"; 1296 } 1298 leaf-list l2vpn-outgoing-ac { 1299 when 'derived-from-or-self(../../../scenario,"ims:l2vpn")'; 1300 type if:interface-ref; 1301 description "Outgoing Attachment Circuit (AC) in L2VPN 1302 forwarding"; 1303 } 1305 leaf-list l2vpn-outgoing-pw { 1306 when 'derived-from-or-self(../../../scenario,"ims:l2vpn")'; 1307 type pw:pseudowire-ref; 1308 description "Outgoing Pseudo Wire (PW) in L2VPN forwarding"; 1309 } 1311 leaf up-time { 1312 type uint32; 1313 units seconds; 1314 mandatory true; 1315 description 1316 "The time elapsed since L2 multicast record created"; 1317 } 1319 leaf expire { 1320 type rt-types:timer-value-seconds16; 1321 units seconds; 1322 description 1323 "The time left before multicast group timeout."; 1324 } 1326 leaf host-count { 1327 if-feature explicit-tracking; 1328 type uint32; 1329 description 1330 "The number of host addresses."; 1331 } 1332 } // instance-state-source-attributes-igmp-mld-snooping 1334 grouping igmp-snooping-statistics { 1335 description 1336 "The statistics attributes for IGMP snooping."; 1338 leaf num-query { 1339 type yang:counter64; 1340 description 1341 "The number of query messages."; 1342 } 1343 leaf num-membership-report-v1 { 1344 type yang:counter64; 1345 description 1346 "The number of membership report v1 messages."; 1347 } 1348 leaf num-membership-report-v2 { 1349 type yang:counter64; 1350 description 1351 "The number of membership report v2 messages."; 1352 } 1353 leaf num-membership-report-v3 { 1354 type yang:counter64; 1355 description 1356 "The number of membership report v3 messages."; 1357 } 1358 leaf num-leave { 1359 type yang:counter64; 1360 description 1361 "The number of leave messages."; 1362 } 1363 leaf num-non-member-leave { 1364 type yang:counter64; 1365 description 1366 "The number of non member leave messages."; 1367 } 1368 leaf num-pim-hello { 1369 type yang:counter64; 1370 description 1371 "The number of PIM hello messages."; 1372 } 1373 } // igmp-snooping-statistics 1375 grouping mld-snooping-statistics { 1376 description 1377 "The statistics attributes for MLD snooping."; 1379 leaf num-query { 1380 type yang:counter64; 1381 description 1382 "The number of Multicast Listener Query messages."; 1383 } 1384 leaf num-report-v1 { 1385 type yang:counter64; 1386 description 1387 "The number of Version 1 Multicast Listener Report."; 1388 } 1389 leaf num-report-v2 { 1390 type yang:counter64; 1391 description 1392 "The number of Version 2 Multicast Listener Report."; 1393 } 1394 leaf num-done { 1395 type yang:counter64; 1396 description 1397 "The number of Version 1 Multicast Listener Done."; 1398 } 1399 leaf num-pim-hello { 1400 type yang:counter64; 1401 description 1402 "The number of PIM hello messages."; 1403 } 1404 } // mld-snooping-statistics 1406 grouping igmp-snooping-interface-statistics-attributes { 1408 description "Interface statistics attributes for IGMP snooping"; 1410 container interfaces { 1411 config false; 1413 description 1414 "Interfaces associated with the IGMP snooping instance"; 1416 list interface { 1417 key "name"; 1419 description 1420 "Interfaces associated with the IGMP snooping instance"; 1422 leaf name { 1423 type if:interface-ref; 1424 description 1425 "The name of interface"; 1427 } 1429 container statistics { 1430 description 1431 "The interface statistics for IGMP snooping"; 1433 container received { 1434 description 1435 "Statistics of received IGMP snooping packets."; 1437 uses igmp-snooping-statistics; 1438 } 1439 container sent { 1440 description 1441 "Statistics of sent IGMP snooping packets."; 1443 uses igmp-snooping-statistics; 1444 } 1445 } 1446 } 1447 } 1448 }//igmp-snooping-interface-statistics-attributes 1450 grouping mld-snooping-interface-statistics-attributes { 1452 description "Interface statistics attributes for MLD snooping"; 1454 container interfaces { 1455 config false; 1457 description 1458 "Interfaces associated with the MLD snooping instance"; 1460 list interface { 1461 key "name"; 1463 description 1464 "Interfaces associated with the MLD snooping instance"; 1466 leaf name { 1467 type if:interface-ref; 1468 description 1469 "The name of interface"; 1471 } 1473 container statistics { 1474 description 1475 "The interface statistics for MLD snooping"; 1477 container received { 1478 description 1479 "Statistics of received MLD snooping packets."; 1481 uses mld-snooping-statistics; 1482 } 1483 container sent { 1484 description 1485 "Statistics of sent MLD snooping packets."; 1487 uses mld-snooping-statistics; 1488 } 1489 } 1490 } 1491 } 1492 }//mld-snooping-interface-statistics-attributes 1494 augment "/rt:routing/rt:control-plane-protocols"+ 1495 "/rt:control-plane-protocol" { 1496 when 'derived-from-or-self(../rt:type, "ims:igmp-snooping")' { 1497 description 1498 "This container is only valid for IGMP snooping."; 1499 } 1500 description 1501 "IGMP snooping augmentation to control plane protocol 1502 configuration and state."; 1504 container igmp-snooping-instance { 1505 if-feature igmp-snooping; 1506 description 1507 "IGMP snooping instance to configure igmp-snooping."; 1509 leaf scenario { 1510 type snooping-scenario-type; 1511 default bridge; 1512 description 1513 "The scenario indicates BRIDGE or L2VPN."; 1514 } 1516 uses instance-config-attributes-igmp-snooping; 1518 uses instance-state-attributes-igmp-snooping; 1519 uses igmp-snooping-interface-statistics-attributes; 1521 action clear-igmp-snooping-groups { 1522 if-feature action-clear-groups; 1523 description 1524 "Clear IGMP snooping cache tables."; 1526 input { 1527 leaf group { 1528 type union { 1529 type enumeration { 1530 enum 'all-groups' { 1531 description 1532 "All multicast group addresses."; 1533 } 1534 } 1535 type rt-types:ipv4-multicast-group-address; 1536 } 1537 mandatory true; 1538 description 1539 "Multicast group IPv4 address. If value 'all-groups' is 1540 specified, all IGMP snooping group entries are cleared 1541 for specified source address."; 1542 } 1543 leaf source { 1544 type rt-types:ipv4-multicast-source-address; 1545 mandatory true; 1546 description 1547 "Multicast source IPv4 address. If value '*' is specified, 1548 all IGMP snooping source-group tables are cleared."; 1549 } 1550 } 1551 } // action clear-igmp-snooping-groups 1552 } // igmp-snooping-instance 1553 } // augment 1555 augment "/rt:routing/rt:control-plane-protocols"+ 1556 "/rt:control-plane-protocol" { 1557 when 'derived-from-or-self(../rt:type, "ims:mld-snooping")' { 1558 description 1559 "This container is only valid for MLD snooping."; 1560 } 1561 description 1562 "MLD snooping augmentation to control plane protocol 1563 configuration and state."; 1565 container mld-snooping-instance { 1566 if-feature mld-snooping; 1567 description 1568 "MLD snooping instance to configure mld-snooping."; 1570 leaf scenario { 1571 type snooping-scenario-type; 1572 default bridge; 1573 description 1574 "The scenario indicates BRIDGE or L2VPN."; 1575 } 1577 uses instance-config-attributes-mld-snooping; 1579 uses instance-state-attributes-mld-snooping; 1581 uses mld-snooping-interface-statistics-attributes; 1583 action clear-mld-snooping-groups { 1584 if-feature action-clear-groups; 1585 description 1586 "Clear MLD snooping cache tables."; 1588 input { 1589 leaf group { 1590 type union { 1591 type enumeration { 1592 enum 'all-groups' { 1593 description 1594 "All multicast group addresses."; 1595 } 1596 } 1597 type rt-types:ipv6-multicast-group-address; 1598 } 1599 mandatory true; 1600 description 1601 "Multicast group IPv6 address. If value 'all-groups' is 1602 specified, all MLD snooping group entries are cleared 1603 for specified source address."; 1604 } 1605 leaf source { 1606 type rt-types:ipv6-multicast-source-address; 1607 mandatory true; 1608 description 1609 "Multicast source IPv6 address. If value '*' is specified, 1610 all MLD snooping source-group tables are cleared."; 1611 } 1612 } 1613 } // action clear-mld-snooping-groups 1614 }// mld-snooping-instance 1615 } // augment 1617 augment "/dot1q:bridges/dot1q:bridge" { 1618 description 1619 "Use IGMP & MLD snooping instance in BRIDGE scenario"; 1621 leaf igmp-snooping-instance { 1622 type igmp-mld-snooping-instance-ref; 1624 description 1625 "Configure IGMP snooping instance under bridge view"; 1626 } 1627 leaf mld-snooping-instance { 1628 type igmp-mld-snooping-instance-ref; 1630 description 1631 "Configure MLD snooping instance under bridge view"; 1632 } 1633 } 1635 augment "/dot1q:bridges/dot1q:bridge"+ 1636 "/dot1q:component/dot1q:bridge-vlan/dot1q:vlan" { 1637 description 1638 "Use IGMP & MLD snooping instance in certain VLAN of BRIDGE"; 1640 leaf igmp-snooping-instance { 1641 type igmp-mld-snooping-instance-ref; 1643 description 1644 "Configure IGMP snooping instance under VLAN view"; 1645 } 1647 leaf mld-snooping-instance { 1648 type igmp-mld-snooping-instance-ref; 1650 description 1651 "Configure MLD snooping instance under VLAN view"; 1652 } 1653 } 1655 augment "/ni:network-instances/ni:network-instance"+ 1656 "/ni:ni-type/l2vpn:l2vpn" { 1658 description 1659 "Use IGMP & MLD snooping instance in L2VPN scenario"; 1661 leaf igmp-snooping-instance { 1662 type igmp-mld-snooping-instance-ref; 1664 description 1665 "Configure IGMP snooping instance in L2VPN scenario"; 1666 } 1667 leaf mld-snooping-instance { 1668 type igmp-mld-snooping-instance-ref; 1670 description 1671 "Configure MLD snooping instance in L2VPN scenario"; 1672 } 1673 } 1675 } 1676 1678 5. Security Considerations 1680 The YANG module specified in this document defines a schema for data 1681 that is designed to be accessed via network management protocols such as 1682 NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer is the 1683 secure transport layer, and the mandatory-to-implement secure transport 1684 is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer is HTTPS, and 1685 the mandatory-to-implement secure transport is TLS [RFC8446]. 1687 The Network Configuration Access Control Model (NACM) [RFC8341] provides 1688 the means to restrict access for particular NETCONF or RESTCONF users to 1689 a preconfigured subset of all available NETCONF or RESTCONF protocol 1690 operations and content. 1692 There are a number of data nodes defined in this YANG module that are 1693 writable/creatable/deletable (i.e., config true, which is the default). 1694 These data nodes may be considered sensitive or vulnerable in some 1695 network environments. Write operations (e.g., edit-config) to these data 1696 nodes without proper protection can have a negative effect on network 1697 operations. These are the subtrees and data nodes and their 1698 sensitivity/vulnerability: 1700 Under /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol:/ 1702 ims:igmp-snooping-instance 1704 ims:mld-snooping-instance 1706 The subtrees under /dot1q:bridges/dot1q:bridge 1708 ims:igmp-snooping-instance 1710 ims:mld-snooping-instance 1712 The subtrees under /dot1q:bridges/dot1q:bridge/dot1q:component 1713 /dot1q:bridge-vlan/dot1q:vlan 1715 ims:igmp-snooping-instance 1717 ims:mld-snooping-instance 1719 Unauthorized access to any data node of these subtrees can adversely 1720 affect the IGMP & MLD Snooping subsystem of both the local device and 1721 the network. This may lead to network malfunctions, delivery of packets 1722 to inappropriate destinations, and other problems. 1724 Some of the readable data nodes in this YANG module may be considered 1725 sensitive or vulnerable in some network environments. It is thus 1726 important to control read access (e.g., via get, get-config, or 1727 notification) to these data nodes. These are the subtrees and data nodes 1728 and their sensitivity/vulnerability: 1730 Under /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol:/ 1732 ims:igmp-snooping-instance 1734 ims:mld-snooping-instance 1736 Unauthorized access to any data node of these subtrees can disclose the 1737 operational state information of IGMP & MLD Snooping on this device. 1739 Some of the action operations in this YANG module may be considered 1740 sensitive or vulnerable in some network environments. It is thus 1741 important to control access to these operations. These are the 1742 operations and their sensitivity/vulnerability: 1744 Under /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol:/ 1746 ims:igmp-snooping-instance/ims:clear-igmp-snooping-groups 1748 ims:mld-snooping-instance/ims:clear-mld-snooping-groups 1750 The IGMP & MLD Snooping YANG module supports the "clear-igmp-snooping- 1751 groups" and "clear-mld-snooping-groups" actions. If it meets 1752 unauthorized action operation invocation, the IGMP and MLD Snooping 1753 group tables will be cleared unexpectedly. 1755 6. IANA Considerations 1757 RFC Ed.: In this section, replace all occurrences of 'XXXX' with the 1758 actual RFC number (and remove this note). 1760 This document registers the following namespace URIs in the IETF XML 1762 registry [RFC3688]: 1764 -------------------------------------------------------------------- 1765 URI: urn:ietf:params:xml:ns:yang:ietf-igmp-mld-snooping 1766 Registrant Contact: The IETF. 1767 XML: N/A, the requested URI is an XML namespace. 1768 -------------------------------------------------------------------- 1770 This document registers the following YANG modules in the YANG Module 1771 Names registry [RFC7950]: 1772 -------------------------------------------------------------------- 1773 name: ietf-igmp-mld-snooping 1774 namespace: urn:ietf:params:xml:ns:yang:ietf-igmp-mld-snooping 1775 prefix: ims 1776 reference: RFC XXXX 1777 -------------------------------------------------------------------- 1779 7. References 1781 7.1. Normative References 1783 [dot1Qcp] IEEE, "Standard for Local and metropolitan area networks-- 1784 Bridges and Bridged Networks--Amendment 30: YANG Data 1785 Model", IEEE Std 802.1Qcp-2018 (Revision of IEEE Std 1786 802.1Q-2014), September 2018, 1787 1789 [RFC1112] Deering, S., "Host extensions for IP multicasting", STD 5, 1790 RFC 1112, August 1989. 1792 [RFC2236] W. Fenner, "Internet Group Management Protocol, Version 2", 1793 RFC 2236, November 1997. 1795 [RFC2710] Deering, S., Fenner, W., and B. Haberman, "Multicast 1796 Listener Discovery (MLD) for IPv6", RFC 2710, October 1999. 1798 [RFC3376] Cain, B., Deering, S., Kouvelas, I., Fenner, B., and A. 1799 Thyagarajan, "Internet Group Management Protocol, Version 1800 3", RFC 3376, October 2002. 1802 [RFC3688] Mealling, M., "The IETF XML Registry", RFC 3688, January 1803 2004. 1805 [RFC3810] Vida, R. and L. Costa, "Multicast Listener Discovery 1806 Version 2 (MLDv2) for IPv6", RFC 3810, June 2004. 1808 [RFC4286] B. Haberman and J. Martin, "Multicast Router Discovery", 1809 RFC 4286, December 2005. 1811 [RFC4541] M. Christensen, K. Kimball, F. Solensky, "Considerations 1812 for Internet Group Management Protocol (IGMP) and Multicast 1813 Listener Discovery (MLD) Snooping Switches", RFC 4541, May 1814 2006. 1816 [RFC5790] H. Liu, W. Cao, H. Asaeda, "Lightweight Internet Group 1817 Management Protocol Version 3 (IGMPv3) and Multicast 1818 Listener Discovery Version 2 (MLDv2) Protocols", RFC 5790, 1819 February 2010. 1821 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 1822 the Network Configuration Protocol (NETCONF)", RFC 6020, 1823 October 2010. 1825 [RFC6241] R. Enns, Ed., M. Bjorklund, Ed., J. Schoenwaelder, Ed., A. 1826 Bierman, Ed., "Network Configuration Protocol (NETCONF)", 1827 RFC 6241, June 2011. 1829 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 1830 Shell (SSH)", RFC 6242, June 2011. 1832 [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", RFC 6991, 1833 July 2013. 1835 [RFC7950] M. Bjorklund, Ed., "The YANG 1.1 Data Modeling Language", 1836 RFC 7950, August 2016. 1838 [RFC8040] A. Bierman, M. Bjorklund, K. Watsen, "RESTCONF Protocol", 1839 RFC 8040, January 2017. 1841 [RFC8294] X. Liu, Y. Qu, A. Lindem, C. Hopps, L. Berger, "Common YANG 1842 Data Types for the Routing Area", RFC 8294, December 2017. 1844 [RFC8340] M. Bjorklund, and L. Berger, Ed., "YANG Tree Diagrams", RFC 1845 8340, March 2018. 1847 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration Access 1848 Control Model", RFC 8341, March 2018. 1850 [RFC8342] M. Bjorklund and J. Schoenwaelder, "Network Management 1851 Datastore Architecture (NMDA)", RFC 8342, March 2018. 1853 [RFC8343] M. Bjorklund, "A YANG Data Model for Interface Management", 1854 RFC 8343, March 2018. 1856 [RFC8349] L. Lhotka, A. Lindem, Y. Qu, "A YANG Data Model for Routing 1857 Management (NMDA Version)", RFC 8349, March 2018. 1859 [RFC8407] A. Bierman, "Guidelines for Authors and Reviewers of 1860 Documents Containing YANG Data Models", RFC 8407, October 1861 2018. 1863 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 1864 Version 1.3", RFC 8446, August 2018. 1866 [RFC8529] L. Berger, C. Hopps, A. Lindem, D. Bogdanovic, X. Liu, 1867 "YANG Data Model for Network Instances", RFC 8529, March 1868 2019. 1870 [RFC8652] X. Liu, F. Guo, M. Sivakumar, P. McAllister, A. Peter, "A 1871 YANG Data Model for the Internet Group Management Protocol 1872 (IGMP) and Multicast Listener Discovery (MLD)", RFC 8652, 1873 November 2019. 1875 [draft-ietf-bess-l2vpn-yang] Shah, H., Brissette, P., Chen, I., 1876 Hussain, I., Wen, B., and K. Tiruveedhula, "YANG Data Model 1877 for MPLS-basedL2VPN", draft-ietf-bess-l2vpn-yang-10 (work 1878 in progress), July 2019. 1880 7.2. Informative References 1882 [RFC3916] X. Xiao, Ed., D. McPherson, Ed., P. Pate, Ed., 1883 "Requirements for Pseudo-Wire Emulation Edge-to-Edge 1884 (PWE3)", RFC 3916, September 2004. 1886 [RFC6636] H. Asaeda, H. Liu, Q. Wu, "Tuning the Behavior of the 1887 Internet Group Management Protocol (IGMP) and Multicast 1888 Listener Discovery (MLD) for Routers in Mobile and Wireless 1889 Networks", RFC 6636, May 2012. 1891 [RFC7951] L. Lhotka, "JSON Encoding of Data Modeled with YANG", RFC 1892 7951, August 2016. 1894 Appendix A. Data Tree Example 1896 A.1 Bridge scenario 1898 This section contains an example for bridge scenario in the JSON 1899 encoding [RFC7951], containing both configuration and state data. 1901 +-----------+ 1902 + Source + 1903 +-----+-----+ 1904 | 1905 -----------------+---------------------------- 1906 |eth1/1 1907 +---+---+ 1908 + R1 + 1909 +-+---+-+ 1910 eth1/2 | \ eth1/3 1911 | \ 1912 | \ 1913 | \ 1914 | \ 1915 eth2/1 | \ eth3/1 1916 +---+---+ +--+---+ 1917 + R2 + + R3 + 1918 +---+---+ +--+---+ 1919 eth2/2 | | eth3/2 1920 | | 1921 ---------------+----------+------------------- 1922 | | 1923 | | 1924 +--------+--+ +---+--------+ 1925 + Receiver1 + + Receiver2 + 1926 +-----------+ +------------+ 1928 The configuration data for R1 in the above figure could be as follows: 1930 { 1931 "ietf-interfaces:interfaces":{ 1932 "interface":[ 1933 { 1934 "name":"eth1/1", 1935 "type":"iana-if-type:ethernetCsmacd" 1936 } 1937 ] 1938 }, 1939 "ietf-routing:routing":{ 1940 "control-plane-protocols":{ 1941 "control-plane-protocol":[ 1942 { 1943 "type":"ietf-igmp-mld-snooping:igmp-snooping", 1944 "name":"bis1", 1945 "ietf-igmp-mld-snooping:igmp-snooping-instance":{ 1946 "scenario":"ietf-igmp-mld-snooping:bridge", 1947 "enable":true 1948 } 1949 } 1950 ] 1951 } 1952 }, 1953 "ieee802-dot1q-bridge:bridges":{ 1954 "bridge":[ 1955 { 1956 "name":"isp1", 1957 "address":"00-23-ef-a5-77-12", 1958 "bridge-type":"ieee802-dot1q-bridge:customer-vlan-bridge", 1959 "component":[ 1960 { 1961 "name":"comp1", 1962 "type":"ieee802-dot1q-bridge:c-vlan-component", 1963 "bridge-vlan":{ 1964 "vlan":[ 1965 { 1966 "vid":101, 1967 "ietf-igmp-mld-snooping:igmp-snooping-instance":"bis1" 1968 } 1969 ] 1970 } 1971 } 1972 ] 1973 } 1974 ] 1975 } 1976 } 1978 The corresponding operational state data for R1 could be as follows: 1980 { 1981 "ietf-interfaces:interfaces": { 1982 "interface": [ 1983 { 1984 "name": "eth1/1", 1985 "type": "iana-if-type:ethernetCsmacd", 1986 "oper-status": "up", 1987 "statistics": { 1988 "discontinuity-time": "2018-05-23T12:34:56-05:00" 1989 } 1990 } 1991 ] 1992 }, 1993 "ietf-routing:routing": { 1994 "control-plane-protocols": { 1995 "control-plane-protocol": [ 1996 { 1997 "type": "ietf-igmp-mld-snooping:igmp-snooping", 1998 "name": "bis1", 1999 "ietf-igmp-mld-snooping:igmp-snooping-instance": { 2000 "scenario": "ietf-igmp-mld-snooping:bridge", 2001 "enable": true 2002 } 2003 } 2004 ] 2005 } 2006 }, 2007 "ieee802-dot1q-bridge:bridges": { 2008 "bridge": [ 2009 { 2010 "name": "isp1", 2011 "address": "00-23-ef-a5-77-12", 2012 "bridge-type": "ieee802-dot1q-bridge:customer-vlan-bridge", 2013 "component": [ 2014 { 2015 "name": "comp1", 2016 "type": "ieee802-dot1q-bridge:c-vlan-component", 2017 "bridge-vlan": { 2018 "vlan": [ 2019 { 2020 "vid": 101, 2021 "ietf-igmp-mld-snooping:igmp-snooping-instance": "bis1" 2022 } 2023 ] 2024 } 2025 } 2026 ] 2027 } 2028 ] 2029 } 2030 } 2031 A.2 L2VPN scenario 2033 This section contains an example for L2VPN scenario in the JSON encoding 2034 [RFC7951], containing both configuration and state data. 2036 +-----------+ 2037 + Source + 2038 +-----+-----+ 2039 | 2040 -----------------+---------------------------- 2041 |eth1/1 2042 +---+---+ 2043 + R1 + 2044 +-+---+-+ 2045 eth1/2 | \ eth1/3 2046 | \ 2047 | \ 2048 | \ 2049 | \ 2050 eth2/1 | \ eth3/1 2051 +---+---+ +-+---+ 2052 + R2 +----+ R3 + 2053 +---+---+ +-+---+ 2054 eth2/2 | | eth3/2 2055 | | 2056 ---------------+----------+------------------- 2057 | | 2058 | | 2059 +--------+--+ +---+--------+ 2060 + Receiver1 + + Receiver2 + 2061 +-----------+ +------------+ 2063 The configuration data for R1 in the above figure could be as follows: 2064 { 2065 "ietf-interfaces:interfaces":{ 2066 "interface":[ 2067 { 2068 "name":"eth1/1", 2069 "type":"iana-if-type:ethernetCsmacd" 2070 } 2071 ] 2072 }, 2073 "ietf-pseudowires:pseudowires": { 2074 "pseudowire": [ 2075 { 2076 "name": "pw2" 2077 }, 2078 { 2079 "name": "pw3" 2081 } 2082 ] 2083 }, 2084 "ietf-network-instance:network-instances": { 2085 "network-instance": [ 2086 { 2087 "name": "vpls1", 2088 "ietf-igmp-mld-snooping:igmp-snooping-instance": "vis1", 2089 "ietf-l2vpn:type": "ietf-l2vpn:vpls-instance-type", 2090 "ietf-l2vpn:signaling-type": "ietf-l2vpn:ldp-signaling", 2091 "ietf-l2vpn:endpoint": [ 2092 { 2093 "name": "acs", 2094 "ac": [ 2095 { 2096 "name": "eth1/1" 2097 } 2098 ] 2099 }, 2100 { 2101 "name": "pws", 2102 "pw": [ 2103 { 2104 "name": "pw2" 2105 }, 2106 { 2107 "name": "pw3" 2108 } 2109 ] 2110 } 2111 ] 2112 } 2113 ] 2114 }, 2115 "ietf-routing:routing": { 2116 "control-plane-protocols": { 2117 "control-plane-protocol": [ 2118 { 2119 "type": "ietf-igmp-mld-snooping:igmp-snooping", 2120 "name": "vis1", 2121 "ietf-igmp-mld-snooping:igmp-snooping-instance": { 2122 "scenario": "ietf-igmp-mld-snooping:l2vpn", 2123 "enable": true 2124 } 2125 } 2126 ] 2127 } 2128 } 2129 } 2130 The corresponding operational state data for R1 could be as follows: 2132 { 2133 "ietf-interfaces:interfaces":{ 2134 "interface":[ 2135 { 2136 "name":"eth1/1", 2137 "type":"iana-if-type:ethernetCsmacd", 2138 "oper-status": "up", 2139 "statistics": { 2140 "discontinuity-time": "2018-05-23T12:34:56-05:00" 2141 } 2142 } 2143 ] 2144 }, 2145 "ietf-pseudowires:pseudowires": { 2146 "pseudowire": [ 2147 { 2148 "name": "pw2" 2149 }, 2150 { 2151 "name": "pw3" 2152 } 2153 ] 2154 }, 2155 "ietf-network-instance:network-instances": { 2156 "network-instance": [ 2157 { 2158 "name": "vpls1", 2159 "ietf-igmp-mld-snooping:igmp-snooping-instance": "vis1", 2160 "ietf-l2vpn:type": "ietf-l2vpn:vpls-instance-type", 2161 "ietf-l2vpn:signaling-type": "ietf-l2vpn:ldp-signaling", 2162 "ietf-l2vpn:endpoint": [ 2163 { 2164 "name": "acs", 2165 "ac": [ 2166 { 2167 "name": "eth1/1" 2168 } 2169 ] 2170 }, 2171 { 2172 "name": "pws", 2173 "pw": [ 2174 { 2175 "name": "pw2" 2176 }, 2177 { 2178 "name": "pw3" 2179 } 2180 ] 2181 } 2183 ] 2184 } 2185 ] 2186 }, 2187 "ietf-routing:routing": { 2188 "control-plane-protocols": { 2189 "control-plane-protocol": [ 2190 { 2191 "type": "ietf-igmp-mld-snooping:igmp-snooping", 2192 "name": "vis1", 2193 "ietf-igmp-mld-snooping:igmp-snooping-instance": { 2194 "scenario": "ietf-igmp-mld-snooping:l2vpn", 2195 "enable": true 2196 } 2197 } 2198 ] 2199 } 2200 } 2201 } 2202 Authors' Addresses 2204 Hongji Zhao 2205 Ericsson (China) Communications Company Ltd. 2206 Ericsson Tower, No. 5 Lize East Street, 2207 Chaoyang District Beijing 100102, P.R. China 2209 Email: hongji.zhao@ericsson.com 2211 Xufeng Liu 2212 Volta Networks 2213 USA 2215 EMail: xufeng.liu.ietf@gmail.com 2217 Yisong Liu 2218 China Mobile 2219 China 2221 Email: liuyisong@chinamobile.com 2223 Anish Peter 2224 Individual 2226 EMail: anish.ietf@gmail.com 2228 Mahesh Sivakumar 2229 Juniper Networks 2230 1133 Innovation Way 2231 Sunnyvale, California 2232 USA 2234 EMail: sivakumar.mahesh@gmail.com