idnits 2.17.1 draft-ietf-pim-msdp-yang-04.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 8 instances of too long lines in the document, the longest one being 33 characters in excess of 72. ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 568: '... SHOULD be set to 30 s...' Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 99 has weird spacing: '...-policy str...' -- The document date (August 15, 2018) is 2081 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'I-D.ietf-netmod-rfc6087bis' is defined on line 1016, but no explicit reference was found in the text == Unused Reference: 'RFC4624' is defined on line 1030, but no explicit reference was found in the text == Unused Reference: 'RFC6087' is defined on line 1044, but no explicit reference was found in the text == Unused Reference: 'RFC6991' is defined on line 1062, but no explicit reference was found in the text == Unused Reference: 'RFC7223' is defined on line 1066, but no explicit reference was found in the text == Unused Reference: 'RFC7277' is defined on line 1070, but no explicit reference was found in the text == Unused Reference: 'RFC8022' is defined on line 1074, but no explicit reference was found in the text == Unused Reference: 'RFC8177' is defined on line 1082, but no explicit reference was found in the text ** Downref: Normative reference to an Experimental RFC: RFC 3618 ** Downref: Normative reference to an Experimental RFC: RFC 4624 ** Obsolete normative reference: RFC 5246 (Obsoleted by RFC 8446) ** Obsolete normative reference: RFC 6087 (Obsoleted by RFC 8407) ** Obsolete normative reference: RFC 6536 (Obsoleted by RFC 8341) ** Obsolete normative reference: RFC 7223 (Obsoleted by RFC 8343) ** Obsolete normative reference: RFC 7277 (Obsoleted by RFC 8344) ** Obsolete normative reference: RFC 8022 (Obsoleted by RFC 8349) Summary: 10 errors (**), 0 flaws (~~), 10 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 PIM WG Xufeng. Liu 3 Internet-Draft Volta Networks 4 Intended status: Standards Track Zheng. Zhang 5 Expires: February 16, 2019 ZTE Corporation 6 Anish. Peter 7 Individual contributor 8 Mahesh. Sivakumar 9 Juniper networks 10 Feng. Guo 11 Huawei Technologies 12 Pete. McAllister 13 Metaswitch Networks 14 August 15, 2018 16 A YANG Data Model for Multicast Source Discovery Protocol (MSDP) 17 draft-ietf-pim-msdp-yang-04 19 Abstract 21 This document defines a YANG data model for the configuration and 22 management of Multicast Source Discovery Protocol (MSDP) Protocol. 24 Status of This Memo 26 This Internet-Draft is submitted in full conformance with the 27 provisions of BCP 78 and BCP 79. 29 Internet-Drafts are working documents of the Internet Engineering 30 Task Force (IETF). Note that other groups may also distribute 31 working documents as Internet-Drafts. The list of current Internet- 32 Drafts is at https://datatracker.ietf.org/drafts/current/. 34 Internet-Drafts are draft documents valid for a maximum of six months 35 and may be updated, replaced, or obsoleted by other documents at any 36 time. It is inappropriate to use Internet-Drafts as reference 37 material or to cite them other than as "work in progress." 39 This Internet-Draft will expire on February 16, 2019. 41 Copyright Notice 43 Copyright (c) 2018 IETF Trust and the persons identified as the 44 document authors. All rights reserved. 46 This document is subject to BCP 78 and the IETF Trust's Legal 47 Provisions Relating to IETF Documents 48 (https://trustee.ietf.org/license-info) in effect on the date of 49 publication of this document. Please review these documents 50 carefully, as they describe your rights and restrictions with respect 51 to this document. Code Components extracted from this document must 52 include Simplified BSD License text as described in Section 4.e of 53 the Trust Legal Provisions and are provided without warranty as 54 described in the Simplified BSD License. 56 Table of Contents 58 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 59 2. Design of the Data Model . . . . . . . . . . . . . . . . . . 2 60 3. MSDP configuration . . . . . . . . . . . . . . . . . . . . . 4 61 4. MSDP State . . . . . . . . . . . . . . . . . . . . . . . . . 5 62 5. MSDP RPC . . . . . . . . . . . . . . . . . . . . . . . . . . 5 63 6. Notifications . . . . . . . . . . . . . . . . . . . . . . . . 5 64 7. MSDP YANG model . . . . . . . . . . . . . . . . . . . . . . . 5 65 8. Security Considerations . . . . . . . . . . . . . . . . . . . 20 66 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 21 67 10. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 21 68 11. Normative References . . . . . . . . . . . . . . . . . . . . 22 69 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 23 71 1. Introduction 73 [RFC3618] introduces the protocol definition of MSDP. This document 74 defines a YANG data model that can be used to configure and manage 75 the MSDP protocol. The operational state data and statistics can 76 also be retrieved by this model. 78 This model is designed to be used along with other multicast YANG 79 models such as PIM, which are not covered in this document. 81 2. Design of the Data Model 83 This model imports and augments ietf-routing YANG model defined in 84 [RFC8349]. Both configuration data nodes and state data nodes of 85 [RFC8349] are augmented. The configuration data nodes cover global 86 configuration attributes and per peer configuration attributes. The 87 state data nodes include global, per peer, and source-active 88 information. The container "msdp" is the top level container in this 89 data model. The presence of this container is expected to enable 90 MSDP protocol functionality. 92 module: ietf-msdp 93 augment /rt:routing/rt:control-plane-protocols: 94 +--rw msdp! 95 +--rw global 96 | +--rw tcp-connection-source? if:interface-ref 97 | +--rw default-peer* [peer-addr prefix-policy] {global-default-peer,global-default-peer-policy}? 98 | | +--rw peer-addr -> ../../../peers/peer/address 99 | | +--rw prefix-policy string 100 | +--rw originating-rp 101 | | +--rw interface? if:interface-ref 102 | +--rw sa-filter 103 | | +--rw in? string 104 | | +--rw out? string 105 | +--rw sa-limit? uint32 {global-sa-limit}? 106 | +--rw ttl-threshold? uint8 107 +--rw peers 108 | +--rw peer* [address] 109 | +--rw address inet:ipv4-address 110 | +--rw authentication 111 | | +--rw (authentication-type)? 112 | | +--:(key-chain) {peer-key-chain}? 113 | | | +--rw key-chain? key-chain:key-chain-ref 114 | | +--:(password) 115 | | +--rw key? string 116 | | +--rw crypto-algorithm? identityref 117 | +--rw enable? boolean {peer-admin-enable}? 118 | +--rw tcp-connection-source? if:interface-ref 119 | +--rw description? string {peer-description}? 120 | +--rw mesh-group? string 121 | +--rw peer-as? inet:as-number {peer-as}? 122 | +--rw sa-filter 123 | | +--rw in? string 124 | | +--rw out? string 125 | +--rw sa-limit? uint32 {peer-sa-limit}? 126 | +--rw timer 127 | | +--rw connect-retry-interval? uint16 128 | | +--rw holdtime-interval? uint16 129 | | +--rw keepalive-interval? uint16 130 | +--rw ttl-threshold? uint8 131 | +--ro session-state? enumeration 132 | +--ro elapsed-time? uint32 133 | +--ro connect-retry-expire? uint32 134 | +--ro hold-expire? uint16 135 | +--ro is-default-peer? boolean 136 | +--ro keepalive-expire? uint16 137 | +--ro reset-count? uint32 138 | +--ro statistics 139 | +--ro discontinuity-time? yang:date-and-time 140 | +--ro error 141 | | +--ro rpf-failure? uint32 142 | +--ro queue 143 | | +--ro size-in? uint32 144 | | +--ro size-out? uint32 145 | +--ro received 146 | | +--ro keepalive? yang:counter64 147 | | +--ro notification? yang:counter64 148 | | +--ro sa-message? yang:counter64 149 | | +--ro sa-response? yang:counter64 150 | | +--ro sa-request? yang:counter64 151 | | +--ro total? yang:counter64 152 | +--ro sent 153 | +--ro keepalive? yang:counter64 154 | +--ro notification? yang:counter64 155 | +--ro sa-message? yang:counter64 156 | +--ro sa-response? yang:counter64 157 | +--ro sa-request? yang:counter64 158 | +--ro total? yang:counter64 159 +--ro sa-cache 160 +--ro entry* [group source-addr] 161 +--ro group inet:ipv4-address 162 +--ro source-addr union 163 +--ro origin-rp* [rp-address] 164 | +--ro rp-address inet:ip-address 165 | +--ro is-local-rp? boolean 166 | +--ro sa-adv-expire? uint32 167 +--ro state-attributes 168 +--ro up-time? uint32 169 +--ro expire? uint32 170 +--ro holddown-interval? uint32 171 +--ro peer-learned-from? inet:ipv4-address 172 +--ro rpf-peer? inet:ipv4-address 174 rpcs: 175 +---x clear-peer 176 | +---w input 177 | +---w peer-address? inet:ipv4-address 178 +---x clear-sa-cache {rpc-clear-sa-cache}? 179 +---w input 180 +---w entry! 181 | +---w group rt-types:ipv4-multicast-group-address 182 | +---w source-addr? rt-types:ipv4-multicast-source-address 183 +---w peer-address? inet:ipv4-address 184 +---w peer-as? inet:as-number 186 3. MSDP configuration 188 MSDP configurations require peer configurations. Several peers may 189 be configured in a mesh-group. The Source-Active information may be 190 filtered by peers. 192 The configuration modeling branch is composed of MSDP global and peer 193 configurations. The two parts are the most important parts of MSDP. 195 Besides the fundamental features of MSDP protocol, several optional 196 features are included in the model. These features help the control 197 of MSDP protocol. The peer features and SA features make the 198 deployment and control easier. The connection parameters can be used 199 to control the TCP connection because MSDP protocol is based on TCP. 200 The authentication features make the protocol more secure. The 201 filter features allow operators to avoid some SA information be 202 forwarded to some peers. 204 4. MSDP State 206 MSDP states are composed of MSDP global state, MSDP peer state, 207 statistics information and SA cache information. The statistics 208 information and SA cache information helps the operator to retrieve 209 the protocol condition. 211 5. MSDP RPC 213 The part is used to define some useful and ordinary operations of 214 protocol management. Network manager can delete all the information 215 from a given peer by using the clear-peer rpc. And network manager 216 can delete a given SA cache information by clear-sa-cache rpc. 218 6. Notifications 220 No notification is defined in this model. 222 7. MSDP YANG model 224 file "ietf-msdp.yang" 225 module ietf-msdp { 227 yang-version 1.1; 229 namespace "urn:ietf:params:xml:ns:yang:ietf-msdp"; 230 prefix msdp; 232 import ietf-yang-types { 233 prefix "yang"; 234 reference "RFC6991"; 235 } 237 import ietf-inet-types { 238 prefix "inet"; 239 reference "RFC6991"; 241 } 243 import ietf-routing { 244 prefix "rt"; 245 reference "RFC8022"; 246 } 248 import ietf-interfaces { 249 prefix "if"; 250 reference "RFC7223"; 251 } 253 import ietf-ip { 254 prefix "ip"; 255 reference "RFC7277"; 256 } 258 import ietf-key-chain { 259 prefix "key-chain"; 260 reference "RFC8177"; 261 } 263 import ietf-routing-types { 264 prefix "rt-types"; 265 reference "RFC8294"; 266 } 268 organization 269 "IETF PIM(Protocols for IP Multicast) Working Group"; 271 contact 272 "WG Web: 273 WG List: 275 Editor: Xufeng Liu 276 278 Editor: Zheng Zhang 279 281 Editor: Anish Peter 282 284 Editor: Mahesh Sivakumar 285 287 Editor: Feng Guo 288 290 Editor: Pete McAllister 291 "; 293 description 294 "The module defines the YANG definitions for MSDP. 296 Copyright (c) 2018 IETF Trust and the persons 297 identified as authors of the code. All rights reserved. 299 Redistribution and use in source and binary forms, with or 300 without modification, is permitted pursuant to, and 301 subject to the license terms contained in, the Simplified 302 BSD License set forth in Section 4.c of the IETF Trust's 303 Legal Provisions Relating to IETF Documents 304 (http://trustee.ietf.org/license-info). 305 This version of this YANG module is part of RFC 3618; see 306 the RFC itself for full legal notices."; 308 revision 2018-08-12 { 309 description 310 "Initial revision."; 311 reference 312 "RFC XXXX: A YANG Data Model for MSDP. 313 RFC 3618: Multicast Source Discovery Protocol (MSDP). 314 RFC 4624: Multicast Source Discovery Protocol (MSDP) MIB"; 315 } 317 /* 318 * Features 319 */ 320 feature global-tcp-connect-source { 321 description 322 "Support configuration of global tcp connect source."; 323 } 325 feature global-default-peer { 326 description 327 "Support configuration of global default peer."; 328 } 330 feature global-default-peer-policy { 331 description 332 "Support policy configuration of global default peer."; 333 } 335 feature global-sa-filter { 336 description 337 "Support configuration of global SA filter."; 339 } 341 feature global-sa-limit { 342 description 343 "Support configuration of global limit on SA entries."; 344 } 346 feature global-ttl-threshold { 347 description 348 "Support configuration of global TTL threshold."; 349 } 351 feature rpc-clear-sa-cache { 352 description 353 "Support the RPC to clear SA cache."; 354 } 356 feature peer-admin-enable { 357 description 358 "Support configuration of peer administrative enabling."; 359 } 361 feature peer-as { 362 description 363 "Support configuration of peer AS number."; 364 } 366 feature peer-tcp-connect-source { 367 description 368 "Support configuration of peer tcp connect source."; 369 } 371 feature peer-description { 372 description 373 "Support configuration of peer description."; 374 } 376 feature peer-key-chain { 377 description 378 "Support configuration of peer key-chain."; 379 } 381 feature peer-password { 382 description 383 "Support configuration of peer password."; 384 } 386 feature peer-sa-limit { 387 description 388 "Support configuration of per peer limit on SA entries."; 389 } 391 /* 392 * Groupings 393 */ 394 grouping authentication-container { 395 description 396 "Authentication attributes."; 397 container authentication { 398 description 399 "A container defining authentication attributes."; 400 choice authentication-type { 401 case key-chain { 402 if-feature peer-key-chain; 403 leaf key-chain { 404 type key-chain:key-chain-ref; 405 description 406 "Reference to a key-chain."; 407 } 408 } 409 case password { 410 leaf key { 411 type string; 412 description 413 "This leaf describes the authentication key."; 414 } 415 leaf crypto-algorithm { 416 type identityref { 417 base key-chain:crypto-algorithm; 418 } 419 description 420 "Cryptographic algorithm associated with key."; 421 } 422 } 423 description 424 "Choice of authentication."; 425 } 426 } 427 } // authentication-container 429 grouping tcp-connect-source { 430 description 431 "Attribute to configure peer TCP connection source."; 432 leaf tcp-connection-source { 433 type if:interface-ref; 434 must "/if:interfaces/if:interface[if:name = current()]/" 435 + "ip:ipv4" { 436 description 437 "The interface must have IPv4 enabled."; 438 } 439 description 440 "The interface is to be the source for the TCP 441 connection. It is a reference to an entry in the global 442 interface list."; 443 } 444 } // tcp-connection-source 446 grouping global-config-attributes { 447 description "Global MSDP configuration."; 449 uses tcp-connect-source { 450 if-feature global-tcp-connect-source; 451 } 452 list default-peer { 453 if-feature global-default-peer; 454 if-feature global-default-peer-policy; 455 key "peer-addr prefix-policy"; 457 description 458 "The default peer accepts all MSDP SA messages. 459 A default peer is needed in topologies where MSDP peers 460 do not coexist with BGP peers. The reverse path 461 forwarding (RPF) check on SA messages can fail, and no 462 SA messages are accepted. In these cases, you can configure 463 the peer as a default peer and bypass RPF checks."; 465 leaf peer-addr { 466 type leafref { 467 path "../../../peers/peer/address"; 468 } 469 mandatory true; 470 description 471 "Reference to a peer that is in the peer list."; 472 } 473 leaf prefix-policy { 474 type string; 475 description 476 "If specified, only those SA entries whose RP is 477 permitted in the prefix list are allowed; 478 if not specified, all SA messages from the default 479 peer are accepted."; 480 } 481 } // default-peer 482 container originating-rp { 483 description 484 "The container of Originating RP."; 485 leaf interface { 486 type if:interface-ref; 487 must "/if:interfaces/if:interface[if:name = current()]/" 488 + "ip:ipv4" { 489 description 490 "The interface must have IPv4 enabled."; 491 } 492 description 493 "Reference to an entry in the global interface 494 list. 495 IP address of the interface is used in the RP field of 496 an SA message entry. When Anycast RPs are used, all 497 RPs use the same IP address. This parameter can be 498 used to define a unique IP address for the RP of each 499 MSDP peer. 500 By default, the software uses the RP address of the 501 local system."; 502 } 503 } // originating-rp 505 uses sa-filter-container { 506 if-feature global-sa-filter; 507 } 508 leaf sa-limit { 509 if-feature global-sa-limit; 510 type uint32; 511 description 512 "A limit on the number of SA entries accepted. 513 By default, there is no limit."; 514 } 515 uses ttl-threshold { 516 if-feature global-ttl-threshold; 517 } 518 } // global-config-attributes 520 grouping peer-config-attributes { 521 description "Per peer configuration for MSDP."; 523 uses authentication-container; 524 leaf enable { 525 if-feature peer-admin-enable; 526 type boolean; 527 description 528 "'true' if peer is enabled; 529 'false' if peer is disabled."; 531 } 532 uses tcp-connect-source { 533 if-feature peer-tcp-connect-source; 534 } 535 leaf description { 536 if-feature peer-description; 537 type string; 538 description 539 "The peer description."; 540 } 541 leaf mesh-group { 542 type string; 543 description 544 "Configure this peer to be a member of a mesh group"; 545 } 546 leaf peer-as { 547 if-feature peer-as; 548 type inet:as-number; 549 description 550 "Peer's autonomous system number (ASN). Using peer-as to 551 do verification can provide more controlled ability."; 552 } 553 uses sa-filter-container; 554 leaf sa-limit { 555 if-feature peer-sa-limit; 556 type uint32; 557 description 558 "A limit on the number of SA entries accepted from this 559 peer. By default, there is no limit."; 560 } 561 container timer { 562 description "Timer attributes."; 563 leaf connect-retry-interval { 564 type uint16; 565 units seconds; 566 default 30; 567 description "Peer timer for connect-retry, 568 SHOULD be set to 30 seconds."; 569 } 570 leaf holdtime-interval { 571 type uint16 { 572 range "3..65535"; 573 } 574 units seconds; 575 must "(../keepalive-interval and . > ../keepalive-interval) or " 576 +"(not(../keepalive-interval) and . > 60)" { 577 error-message "The keep alive interval must be " 578 + "smaller than the hold time interval"; 580 } 581 default 75; 582 description "The SA hold down period of this MSDP peer."; 583 } 584 leaf keepalive-interval { 585 type uint16 { 586 range "1..65535"; 587 } 588 units seconds; 589 must "(../holdtime-interval and . < ../holdtime-interval) or " 590 +"(not(../holdtime-interval) and . < 75)" { 591 error-message "The keep alive interval must be " 592 + "smaller than the hold time interval"; 593 } 594 default 60; 595 description "The keepalive timer of this MSDP peer."; 596 } 597 } // timer 598 uses ttl-threshold; 599 } // peer-config-attributes 601 grouping peer-state-attributes { 602 description "Per peer state attributes for MSDP."; 604 leaf session-state { 605 type enumeration { 606 enum disabled { 607 description "Disabled."; 608 } 609 enum inactive { 610 description "Inactive."; 611 } 612 enum listen { 613 description "Listen."; 614 } 615 enum connecting { 616 description "Connecting."; 617 } 618 enum established { 619 description "Established."; 620 } 621 } 622 config false; 623 description 624 "Peer session state."; 625 reference 626 "RFC3618: Multicast Source Discovery Protocol (MSDP)."; 627 } 628 leaf elapsed-time { 629 type uint32; 630 units seconds; 631 config false; 632 description "Elapsed time for being in a state."; 633 } 634 leaf connect-retry-expire { 635 type uint32; 636 units seconds; 637 config false; 638 description "Connect retry expire time of peer connection."; 639 } 640 leaf hold-expire { 641 type uint16; 642 units seconds; 643 config false; 644 description "Hold expire time of peer connection."; 645 } 646 leaf is-default-peer { 647 type boolean; 648 config false; 649 description "If this peer is default peer."; 650 } 651 leaf keepalive-expire { 652 type uint16; 653 units seconds; 654 config false; 655 description "Keepalive expire time of this peer."; 656 } 657 leaf reset-count { 658 type uint32; 659 config false; 660 description "The reset count of this peer."; 661 } 663 container statistics { 664 config false; 665 description 666 "A container defining statistics attributes."; 668 leaf discontinuity-time { 669 type yang:date-and-time; 670 description 671 "The time on the most recent occasion at which any one 672 or more of the statistic counters suffered a 673 discontinuity. If no such discontinuities have occurred 674 since the last re-initialization of the local 675 management subsystem, then this node contains the time 676 the local management subsystem re-initialized itself."; 677 } 679 container error { 680 description 681 "A grouping defining error statistics attributes."; 682 leaf rpf-failure { 683 type uint32; 684 description "Number of RPF failures."; 685 } 686 } // statistics-error 688 container queue { 689 description 690 "A container includes queue statistics attributes."; 691 leaf size-in { 692 type uint32; 693 description 694 "The size of the input queue."; 695 } 696 leaf size-out { 697 type uint32; 698 description 699 "The size of the output queue."; 700 } 701 } // statistics-queue 703 container received { 704 description "Received message counters."; 705 uses statistics-sent-received; 706 } 707 container sent { 708 description "Sent message counters."; 709 uses statistics-sent-received; 710 } 711 } // statistics-container 712 } // peer-state-attributes 714 grouping sa-filter-container { 715 description "A container defining SA filters."; 716 container sa-filter { 717 description 718 "Specifies an access control list (ACL) to filter source 719 active (SA) messages coming in to or going out of the 720 peer."; 721 leaf in { 722 type string; 723 description 724 "Filters incoming SA messages only."; 725 } 726 leaf out { 727 type string; 728 description 729 "Filters outgoing SA messages only."; 730 } 731 } // sa-filter 732 } // sa-filter-container 734 grouping ttl-threshold { 735 description "Attribute to configure TTL threshold."; 736 leaf ttl-threshold { 737 type uint8 { 738 range 1..255; 739 } 740 description "Maximum number of hops data packets can 741 traverse before being dropped."; 742 } 743 } // sa-ttl-threshold 745 grouping statistics-sent-received { 746 description 747 "A grouping defining sent and received statistics attributes."; 748 leaf keepalive { 749 type yang:counter64; 750 description 751 "The number of keepalive messages."; 752 } 753 leaf notification { 754 type yang:counter64; 755 description 756 "The number of notification messages."; 757 } 758 leaf sa-message { 759 type yang:counter64; 760 description 761 "The number of SA messages."; 762 } 763 leaf sa-response { 764 type yang:counter64; 765 description 766 "The number of SA response messages."; 767 } 768 leaf sa-request { 769 type yang:counter64; 770 description 771 "The number of SA request messages."; 773 } 774 leaf total { 775 type yang:counter64; 776 description 777 "The number of total messages."; 778 } 779 } // statistics-sent-received 781 /* 782 * Data nodes 783 */ 784 augment "/rt:routing/rt:control-plane-protocols" { 785 description 786 "MSDP augmentation to routing instance. This augmentation 787 is only valid for a routing protocol instance of MSDP."; 789 container msdp { 790 presence "Container for MSDP protocol."; 791 description 792 "MSDP configuration data."; 794 container global { 795 description 796 "Global attributes."; 797 uses global-config-attributes; 798 } 800 container peers { 801 description 802 "Containing a list of peers."; 803 list peer { 804 key "address"; 805 description 806 "List of MSDP peers."; 807 leaf address { 808 type inet:ipv4-address; 809 description 810 "The address of peer"; 811 } 812 uses peer-config-attributes; 813 uses peer-state-attributes; 814 } // peer 815 } // peers 817 container sa-cache { 818 config false; 819 description 820 "The SA cache information."; 822 list entry { 823 key "group source-addr"; 824 description "A list of SA cache entries."; 825 leaf group { 826 type inet:ipv4-address; 827 description "The group address of this SA cache."; 828 } 829 leaf source-addr { 830 type union { 831 type enumeration { 832 enum '*' { 833 description "Any source address."; 834 } 835 } 836 type inet:ipv4-address; 837 } 838 description "Source IPv4 address."; 839 } 840 list origin-rp { 841 key "rp-address"; 842 description "Origin RP address."; 843 leaf rp-address { 844 type inet:ip-address; 845 description "The RP address."; 846 } 847 leaf is-local-rp { 848 type boolean; 849 description "The RP is local."; 850 } 851 leaf sa-adv-expire { 852 type uint32; 853 units seconds; 854 description 855 "The remaining time duration before expiration 856 of the periodic SA advertisement timer on a local RP."; 857 } 858 } 860 container state-attributes { 861 description "SA cache state attributes for MSDP."; 863 leaf up-time { 864 type uint32; 865 units seconds; 866 description "The duration time of receiving this SA cache."; 867 } 868 leaf expire { 869 type uint32; 870 units seconds; 871 description "The duration time since this SA cache expires."; 872 } 873 leaf holddown-interval { 874 type uint32; 875 units seconds; 876 description "Hold-down timer value for SA forwarding."; 877 } 878 leaf peer-learned-from { 879 type inet:ipv4-address; 880 description 881 "The address of the peer that we learned this SA from."; 882 } 883 leaf rpf-peer { 884 type inet:ipv4-address; 885 description 886 "The address is used to find the SA's originating RP."; 887 } 888 } // sa-cache-state-attributes 889 } // entry 890 } // sa-cache 891 } // msdp 892 } // augment 894 /* 895 * RPCs 896 */ 897 rpc clear-peer { 898 description 899 "Clears the TCP connection to the peer."; 900 input { 901 leaf peer-address { 902 type inet:ipv4-address; 903 description 904 "Address of peer to be cleared. If this is not provided 905 then all peers are cleared."; 906 } 907 } 908 } 910 rpc clear-sa-cache { 911 if-feature rpc-clear-sa-cache; 912 description 913 "Clears MSDP source active (SA) cache entries."; 914 input { 915 container entry { 916 presence "If a particular entry is cleared."; 917 description 918 "The SA cache (S,G) or (*,G) entry to be cleared. If 919 this is not provided, all entries are cleared."; 920 leaf group { 921 type rt-types:ipv4-multicast-group-address; 922 mandatory true; 923 description "The group address"; 924 } 925 leaf source-addr { 926 type rt-types:ipv4-multicast-source-address; 927 description 928 "Address of multicast source to be cleared. If this 929 is not provided then all entries related to the 930 given group are cleared."; 931 } 932 } // s-g 933 leaf peer-address { 934 type inet:ipv4-address; 935 description 936 "Peer IP address from which MSDP SA cache entries have 937 been learned. If this is not provided, entries learned 938 from all peers are cleared."; 939 } 940 leaf peer-as { 941 type inet:as-number; 942 description 943 "ASN from which MSDP SA cache entries have been learned. 944 If this is not provided, entries learned from all AS's 945 are cleared."; 946 } 947 } 948 } 949 } 950 952 8. Security Considerations 954 The YANG module specified in this document defines a schema for data 955 that is designed to be accessed via network management protocols such 956 as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer 957 is the secure transport layer, and the mandatory-to-implement secure 958 transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer 959 is HTTPS, and the mandatory-to-implement secure transport is TLS 960 [RFC5246]. 962 The NETCONF access control model [RFC6536] provides the means to 963 restrict access for particular NETCONF or RESTCONF users to a 964 preconfigured subset of all available NETCONF or RESTCONF protocol 965 operations and content. 967 There are a number of data nodes defined in this YANG module that are 968 writable/creatable/deletable (i.e., config true, which is the 969 default). These data nodes may be considered sensitive or vulnerable 970 in some network environments. Write operations (e.g., edit-config) 971 to these data nodes without proper protection can have a negative 972 effect on network operations. For MSDP, the ability to modify MSDP 973 configuration will allow the unexpected MSDP peer establishment and 974 unexpected SA information learning and advertisement. The "password" 975 field is also a sensitive readable configuration, the unauthorized 976 reading function may lead to the password leaking. The security 977 considerations of MSDP [RFC3618] are applicable. 979 The RPC operations in this YANG module may be considered sensitive or 980 vulnerable in some network environments. It is thus important to 981 control access to these operations. The MSDP Yang module supports 982 the "clear-peer" and "clear-sa-cache" RPCs. If access to either of 983 these is compromised, they can result in unexpected MSDP peer 984 breakdown and unexpected SA information deletion. 986 9. IANA Considerations 988 The IANA is requested to assign two new URIs from the IETF XML 989 registry ([RFC3688]). Authors are suggesting the following URI: 991 URI: urn:ietf:params:xml:ns:yang:ietf-msdp 993 Registrant Contact: PIM WG 995 XML: N/A, the requested URI is an XML namespace 997 This document also requests one new YANG module name in the YANG 998 Module Names registry ([RFC6020]) with the following suggestion: 1000 name: ietf-msdp 1002 namespace: urn:ietf:params:xml:ns:yang:ietf-msdp 1004 prefix: msdp 1006 reference: RFC XXXX 1008 10. Contributors 1010 The authors would like to thank Yisong Liu (liuyisong@huawei.com), 1011 Benchong Xu (xu.benchong@zte.com.cn), Tanmoy Kundu 1012 (tanmoy.kundu@alcatel-lucent.com) for their valuable contributions. 1014 11. Normative References 1016 [I-D.ietf-netmod-rfc6087bis] 1017 Bierman, A., "Guidelines for Authors and Reviewers of YANG 1018 Data Model Documents", draft-ietf-netmod-rfc6087bis-20 1019 (work in progress), March 2018. 1021 [RFC3618] Fenner, B., Ed. and D. Meyer, Ed., "Multicast Source 1022 Discovery Protocol (MSDP)", RFC 3618, 1023 DOI 10.17487/RFC3618, October 2003, 1024 . 1026 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 1027 DOI 10.17487/RFC3688, January 2004, 1028 . 1030 [RFC4624] Fenner, B. and D. Thaler, "Multicast Source Discovery 1031 Protocol (MSDP) MIB", RFC 4624, DOI 10.17487/RFC4624, 1032 October 2006, . 1034 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security 1035 (TLS) Protocol Version 1.2", RFC 5246, 1036 DOI 10.17487/RFC5246, August 2008, 1037 . 1039 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 1040 the Network Configuration Protocol (NETCONF)", RFC 6020, 1041 DOI 10.17487/RFC6020, October 2010, 1042 . 1044 [RFC6087] Bierman, A., "Guidelines for Authors and Reviewers of YANG 1045 Data Model Documents", RFC 6087, DOI 10.17487/RFC6087, 1046 January 2011, . 1048 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 1049 and A. Bierman, Ed., "Network Configuration Protocol 1050 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 1051 . 1053 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 1054 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 1055 . 1057 [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration 1058 Protocol (NETCONF) Access Control Model", RFC 6536, 1059 DOI 10.17487/RFC6536, March 2012, 1060 . 1062 [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", 1063 RFC 6991, DOI 10.17487/RFC6991, July 2013, 1064 . 1066 [RFC7223] Bjorklund, M., "A YANG Data Model for Interface 1067 Management", RFC 7223, DOI 10.17487/RFC7223, May 2014, 1068 . 1070 [RFC7277] Bjorklund, M., "A YANG Data Model for IP Management", 1071 RFC 7277, DOI 10.17487/RFC7277, June 2014, 1072 . 1074 [RFC8022] Lhotka, L. and A. Lindem, "A YANG Data Model for Routing 1075 Management", RFC 8022, DOI 10.17487/RFC8022, November 1076 2016, . 1078 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 1079 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 1080 . 1082 [RFC8177] Lindem, A., Ed., Qu, Y., Yeung, D., Chen, I., and J. 1083 Zhang, "YANG Data Model for Key Chains", RFC 8177, 1084 DOI 10.17487/RFC8177, June 2017, 1085 . 1087 [RFC8349] Lhotka, L., Lindem, A., and Y. Qu, "A YANG Data Model for 1088 Routing Management (NMDA Version)", RFC 8349, 1089 DOI 10.17487/RFC8349, March 2018, 1090 . 1092 Authors' Addresses 1094 Xufeng Liu 1095 Volta Networks 1097 Email: xufeng.liu.ietf@gmail.com 1099 Zheng Zhang 1100 ZTE Corporation 1101 No. 50 Software Ave, Yuhuatai Distinct 1102 Nanjing 1103 China 1105 Email: zzhang_ietf@hotmail.com 1106 Anish Peter 1107 Individual contributor 1109 Email: anish.ietf@gmail.com 1111 Mahesh Sivakumar 1112 Juniper networks 1113 1133 Innovation Way 1114 Sunnyvale, CALIFORNIA 94089 1115 USA 1117 Email: sivakumar.mahesh@gmail.com 1119 Feng Guo 1120 Huawei Technologies 1121 Huawei Bld., No.156 Beiqing Rd. 1122 Beijing 100095 1123 China 1125 Email: guofeng@huawei.com 1127 Pete McAllister 1128 Metaswitch Networks 1129 100 Church Street 1130 Enfield EN2 6BQ 1131 UK 1133 Email: pete.mcallister@metaswitch.com