idnits 2.17.1 draft-ietf-rtgwg-arp-yang-model-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 2 instances of lines with private range IPv4 addresses in the document. If these are generic example addresses, they should be changed to use any of the ranges defined in RFC 6890 (or successor): 192.0.2.x, 198.51.100.x or 203.0.113.x. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 228 has weird spacing: '...address yan...' == The document doesn't use any RFC 2119 keywords, yet seems to have RFC 2119 boilerplate text. -- The document date (August 24, 2018) is 2065 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'BCP 14' is mentioned on line 115, but not defined == Missing Reference: 'I-D.ietf-netmod-rfc7277bis' is mentioned on line 564, but not defined ** Obsolete undefined reference: RFC 7277 (Obsoleted by RFC 8344) ** Downref: Normative reference to an Unknown state RFC: RFC 1027 Summary: 2 errors (**), 0 flaws (~~), 6 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 RTGWG F. Zheng 3 Internet-Draft B. Wu 4 Intended status: Standards Track Huawei 5 Expires: February 25, 2019 R. Wilton 6 Cisco Systems 7 X. Ding 8 August 24, 2018 10 YANG Data Model for ARP 11 draft-ietf-rtgwg-arp-yang-model-01 13 Abstract 15 This document defines a YANG data model for the management of the 16 Address Resolution Protocol (ARP). It extends the basic ARP 17 functionality contained in the ietf-ip YANG data model, defined in 18 RFC 8344, to provide management of optional ARP features and 19 statistics. 21 The YANG data model in this document conforms to the Network 22 Management Datastore Architecture defined in RFC 8342. 24 Status of This Memo 26 This Internet-Draft is submitted in full conformance with the 27 provisions of BCP 78 and BCP 79. 29 Internet-Drafts are working documents of the Internet Engineering 30 Task Force (IETF). Note that other groups may also distribute 31 working documents as Internet-Drafts. The list of current Internet- 32 Drafts is at https://datatracker.ietf.org/drafts/current/. 34 Internet-Drafts are draft documents valid for a maximum of six months 35 and may be updated, replaced, or obsoleted by other documents at any 36 time. It is inappropriate to use Internet-Drafts as reference 37 material or to cite them other than as "work in progress." 39 This Internet-Draft will expire on February 25, 2019. 41 Copyright Notice 43 Copyright (c) 2018 IETF Trust and the persons identified as the 44 document authors. All rights reserved. 46 This document is subject to BCP 78 and the IETF Trust's Legal 47 Provisions Relating to IETF Documents 48 (https://trustee.ietf.org/license-info) in effect on the date of 49 publication of this document. Please review these documents 50 carefully, as they describe your rights and restrictions with respect 51 to this document. Code Components extracted from this document must 52 include Simplified BSD License text as described in Section 4.e of 53 the Trust Legal Provisions and are provided without warranty as 54 described in the Simplified BSD License. 56 Table of Contents 58 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 59 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 60 1.2. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 4 61 2. Problem Statement . . . . . . . . . . . . . . . . . . . . . . 4 62 3. Design of the Data Model . . . . . . . . . . . . . . . . . . 4 63 3.1. ARP dynamic learning . . . . . . . . . . . . . . . . . . 4 64 3.2. proxy ARP . . . . . . . . . . . . . . . . . . . . . . . . 5 65 3.3. gratuitous ARP . . . . . . . . . . . . . . . . . . . . . 5 66 3.4. ietf-arp Module . . . . . . . . . . . . . . . . . . . . . 5 67 4. ARP YANG Module . . . . . . . . . . . . . . . . . . . . . . . 6 68 5. Data Model Examples . . . . . . . . . . . . . . . . . . . . . 12 69 5.1. Static ARP Entries . . . . . . . . . . . . . . . . . . . 12 70 5.2. ARP Dynamic Learning . . . . . . . . . . . . . . . . . . 13 71 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 14 72 7. Security Considerations . . . . . . . . . . . . . . . . . . . 14 73 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 15 74 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 15 75 9.1. Normative References . . . . . . . . . . . . . . . . . . 15 76 9.2. Informative References . . . . . . . . . . . . . . . . . 16 77 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 16 79 1. Introduction 81 This document defines a YANG [RFC7950] data model for the Address 82 Resolution Protocol [RFC0826] implementation and identification of 83 some common properties within a device. Devices have common 84 properties that need to be configured and monitored in a standard 85 way. This document is intended to present universal ARP protocol 86 configuration and many vendors can implement it. 88 The data model convers configuration of system parameters of ARP, 89 such as static ARP entries, timeout for dynamic ARP entries, 90 interface ARP, proxy ARP, and so on. It also provides information 91 about running state of ARP implementations. 93 The YANG modules in this document conform to the Network Management 94 Datastore Architecture (NMDA) [RFC8342]. 96 Editorial Note: (To be removed by RFC Editor) 97 This draft contains many placeholder values that need to be replaced 98 with finalized values at the time of publication. Please apply the 99 following replacements 101 o "XXXX" --> the assigned RFC value for this draft both in this 102 draft and in the YANG models under the revision statement. 104 o Revision date in model, in the format 2018-08-01 needs to get 105 updated with the date the draft gets approved. The date also 106 needs to get reflected on the line with . 108 1.1. Terminology 110 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 111 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 112 "OPTIONAL" in this document are to be interpreted as described in 113 [BCP 14] [RFC2119] [RFC8174] when, and only when, they appear in all 114 capitals, as shown here. 116 The following terms are defined in [RFC8342] and are not redefined 117 here: 119 o client 121 o server 123 o configuration data 125 o system state 127 o state data 129 o intended configuration 131 o running configuration datastore 133 o operational state datastore 135 The following terms are defined in [RFC7950] and are not redefined 136 here: 138 o augment 140 o data model 142 o data node 143 The terminology for describing YANG data models is found in 144 [RFC7950]. 146 1.2. Tree Diagrams 148 Tree diagrams used in this document follow the notation defined in 149 [RFC8340] 151 2. Problem Statement 153 This document defines a YANG [RFC7950] configuration data model that 154 may be used to configure the ARP feature running on a system. Data 155 model "ietf-ip" [RFC8344] covers the address mapping functionality. 156 However, this functionality is strictly dependent on IPv4 networks, 157 and many ARP related functionalities are missing, e.g. device global 158 ARP entries and control, configuration related to dynamic ARP 159 learning, proxy ARP, gratuitous ARP, etc. 161 The data model makes use of the YANG "feature" construct which allows 162 implementations to support only those ARP features that lie within 163 their capabilities. It is intended this model be used by service 164 providers who manipulate devices from different vendors in a standard 165 way. 167 This model can be used to configure the ARP applications for 168 discovering the link layer address associated with a given Internet 169 layer address. 171 3. Design of the Data Model 173 This data model intends to describe the processing that a protocol 174 finds the hardware address, also known as Media Access Control (MAC) 175 address, of a host from its known IP address. These tasks include, 176 but are not limited to, adding a static entry in the ARP cache, 177 configuring dynamic ARP learning, proxy ARP, gratuitous ARP. There 178 are two kind of ARP configurations: global ARP configuration, which 179 is across all interfaces on the device, and per interface ARP 180 configuration. 182 3.1. ARP dynamic learning 184 ARP caching is the method of storing network addresses and the 185 associated data-link addresses in memory for a period of time as the 186 addresses are learned. This minimizes the use of valuable network 187 resources to broadcast for the same address each time a datagram is 188 sent. 190 There are static ARP cache entries and dynamic ARP cache entries. 191 Static entries are manually configured and kept in the cache table on 192 a permanent basis. Dynamic entries are added by vendor software, 193 kept for a period of time, and then removed. We can specify how long 194 an entry remains in the ARP cache. If we specify a timeout of 0 195 seconds, entries are never cleared from the ARP cache. 197 3.2. proxy ARP 199 Proxy ARP [RFC1027] can be configured to enable the switch to respond 200 to ARP queries for network addresses by offering its own Ethernet 201 media access control (MAC) address. With proxy ARP enabled, the 202 switch captures and routes traffic to the intended destination. 204 3.3. gratuitous ARP 206 Gratuitous ARP requests help detect duplicate IP addresses. A 207 gratuitous ARP is a broadcast request for a router's own IP address. 208 If a router or switch sends an ARP request for its own IP address and 209 no ARP replies are received, the router- or switch-assigned IP 210 address is not being used by other nodes. However, if a router or 211 switch sends an ARP request for its own IP address and an ARP reply 212 is received, the router- or switch-assigned IP address is already 213 being used by another node. 215 3.4. ietf-arp Module 217 This module has one top level container, ARP, which consists of two 218 second level containers, which are used for static entries 219 configuration and global parameters control. 221 module: ietf-arp 222 +--rw arp 223 +--rw dynamic-learning? boolean 224 +--rw proxy-arp? boolean 225 +--rw global-static-entries {global-static-entries}? 226 +--rw static-entry* [ip-address] 227 +--rw ip-address inet:ipv4-address-no-zone 228 +--rw mac-address yang:mac-address 230 augment /if:interfaces/if:interface: 231 +--rw arp 232 +--rw expiry-time? uint32 233 +--rw learn-disable? boolean 234 +--rw proxy 235 | +--rw mode? enumeration 236 +--rw probe 237 | +--rw interval? uint8 238 | +--rw times? uint8 239 | +--rw unicast? boolean 240 +--rw gratuitous 241 | +--rw enable? boolean 242 | +--rw interval? uint32 243 | +--rw drop? boolean 244 +--ro statistics 245 +--ro in-requests-pkts? yang:counter32 246 +--ro in-replies-pkts? yang:counter32 247 +--ro in-gratuitous-pkts? yang:counter32 248 +--ro out-requests-pkts? yang:counter32 249 +--ro out-replies-pkts? yang:counter32 250 +--ro out-gratuitous-pkts? yang:counter32 251 augment /if:interfaces/if:interface/ip:ipv4/ip:neighbor: 252 +--ro remaining-expiry-time? uint32 254 4. ARP YANG Module 256 This section presents the ARP YANG module defined in this document. 258 This module imports definitions from Common YANG Data Types 259 [RFC6991], A YANG Data Model for Interface Management [RFC8343], and 260 A YANG Data Model for IP Management [RFC8344]. 262 file "ietf-arp@2018-08-01.yang" 263 module ietf-arp { 264 yang-version 1.1; 265 namespace "urn:ietf:params:xml:ns:yang:ietf-arp"; 266 prefix arp; 268 import ietf-inet-types { 269 prefix inet; 270 reference "RFC 6991: Common YANG Data Types"; 271 } 272 import ietf-yang-types { 273 prefix yang; 274 reference "RFC 6991: Common YANG Data Types"; 275 } 276 import ietf-interfaces { 277 prefix if; 278 reference "RFC 8343: A Yang Data Model for Interface Management"; 279 } 280 import ietf-ip { 281 prefix ip; 282 reference "RFC 8344: A Yang Data Model for IP Management"; 283 } 285 organization 286 "IETF Routing Area Working Group (rtgwg)"; 287 contact 288 "WG Web: 289 WG List: 290 Editor: Xiaojian Ding 291 wjswsl@163.com 292 Editor: Feng Zheng 293 habby.zheng@huawei.com 294 Editor: Robert Wilton 295 rwilton@cisco.com"; 297 description 298 "Address Resolution Protocol (ARP) management, which includes 299 static ARP configuration, dynamic ARP learning, ARP entry query, 300 and packet statistics collection. 302 Copyright (c) 2016 IETF Trust and the persons identified as 303 authors of the code. All rights reserved. 305 Redistribution and use in source and binary forms, with or 306 without modification, is permitted pursuant to, and subject 307 to the license terms contained in, the Simplified BSD License 308 set forth in Section 4.c of the IETF Trust's Legal Provisions 309 Relating to IETF Documents 310 (http://trustee.ietf.org/license-info). 312 This version of this YANG module is part of RFC XXXX; see the RFC 313 itself for full legal notices."; 315 revision 2018-08-01 { 316 description 317 "Init revision"; 318 reference "RFC XXXX: A Yang Data Model for ARP"; 319 } 321 feature global-static-entries { 322 description 323 "This feature indicates that the device allows static entries 324 to be configured globally."; 325 } 327 container arp { 328 description 329 "Address Resolution Protocol (ARP) management, which includes 330 static ARP configuration, dynamic ARP learning, ARP entry 331 query, and packet statistics collection."; 332 leaf dynamic-learning { 333 type boolean; 334 default "true"; 335 description 336 "Controls the default dynamic ARP learning behavior on all 337 interfaces on the device: 338 true - dynamic learning is enabled on all interfaces by 339 default, 340 false - dynamic learning is disabled on all interfaces by 341 default"; 342 } 343 leaf proxy-arp { 344 type boolean; 345 default "true"; 346 description 347 "Controls the default proxy ARP behavior on all interfaces 348 on the device: 349 true - proxy ARP is enabled on interfaces by default, 350 false - proxy APR is disabled on interfaces by default"; 351 } 352 container global-static-entries { 353 if-feature "global-static-entries"; 354 description 355 "Set a global static ARP entry, which is independent of the 356 interface."; 357 list static-entry { 358 key "ip-address"; 359 description 360 "List of ARP static entries that can be configured 361 globally."; 362 leaf ip-address { 363 type inet:ipv4-address-no-zone; 364 description 365 "IP address, in dotted decimal notation."; 366 } 367 leaf mac-address { 368 type yang:mac-address; 369 mandatory true; 370 description 371 "MAC address in the format of H-H-H, in which H is a 372 hexadecimal number of 1 to 4 bits."; 373 } 374 } 375 } 376 } 377 augment "/if:interfaces/if:interface" { 378 description 379 "Augment interfaces with ARP configuration and state."; 380 container arp { 381 description 382 "Dynamic ARP related configuration and state"; 383 leaf expiry-time { 384 type uint32 { 385 range "60..86400"; 386 } 387 units "seconds"; 388 description 389 "Aging time of a dynamic ARP entry."; 390 } 391 leaf learn-disable { 392 type boolean; 393 default "false"; 394 description 395 "Whether dynamic ARP learning is disabled on an interface: 396 If the value is True, dynamic ARP learning is disabled. 397 If the value is False, dynamic ARP learning is enabled."; 398 } 399 container proxy { 400 description 401 "Configuration parameters for proxy ARP"; 402 leaf mode { 403 type enumeration { 404 enum DISABLE { 405 description 406 "The system should not respond to ARP requests that 407 do not specify an IP address configured on the local 408 subinterface as the target address."; 409 } 410 enum REMOTE_ONLY { 411 description 412 "The system responds to ARP requests only when the 413 sender and target IP addresses are in different 414 subnets."; 415 } 416 enum ALL { 417 description 418 "The system responds to ARP requests where the sender 419 and target IP addresses are in different subnets, as 420 well as those where they are in the same subnet."; 421 } 422 } 423 default "DISABLE"; 424 description 425 "When set to a value other than DISABLE, the local system 426 should respond to ARP requests that are for target 427 addresses other than those that are configured on the 428 local subinterface using its own MAC address as the 429 target hardware address. If the REMOTE_ONLY value is 430 specified, replies are only sent when the target address 431 falls outside the locally configured subnets on the 432 interface, whereas with the ALL value, all requests, 433 regardless of their target address are replied to."; 434 reference 435 "RFC1027: Using ARP to Implement Transparent Subnet 436 Gateways"; 437 } 438 } 439 container probe { 440 description 441 "Common configuration parameters for all ARP probe."; 442 leaf interval { 443 type uint8 { 444 range "1..5"; 445 } 446 units "second"; 447 description 448 "Interval for detecting dynamic ARP entries."; 449 } 450 leaf times { 451 type uint8 { 452 range "0..10"; 453 } 454 description 455 "Number of aging probe attempts for a dynamic ARP entry. 456 If a device does not receive an ARP reply message after 457 the number of aging probe attempts reaches a specified 458 number,thedynamic ARP entry is deleted."; 459 } 460 leaf unicast { 461 type boolean; 462 default "false"; 463 description 464 "Send unicast ARP aging probe messages for a dynamic ARP 465 entry."; 466 } 467 } 468 container gratuitous-arp { 469 description 470 "Configure gratuitous ARP."; 471 leaf enable { 472 type boolean; 473 default "false"; 474 description 475 "Enable or disable sending gratuitous ARP packet on 476 interface."; 477 } 478 leaf interval { 479 type uint32 { 480 range "1..86400"; 481 } 482 units "second"; 483 description 484 "The interval of sending gratuitous ARP packet on the 485 interface."; 486 } 487 leaf drop { 488 type boolean; 489 default "false"; 490 description 491 "Drop the receipt of gratuitous ARP packets on the 492 interface."; 493 } 494 } 495 container statistics { 496 config false; 497 description 498 "IP ARP Statistics information on interfaces"; 499 leaf in-requests-pkts { 500 type yang:counter32; 501 description 502 "Total ARP requests received"; 503 } 504 leaf in-replies-pkts { 505 type yang:counter32; 506 description 507 "Total ARP replies received"; 508 } 509 leaf in-gratuitous-pkts { 510 type yang:counter32; 511 description 512 "Total gratuitous ARP received"; 513 } 514 leaf out-requests-pkts { 515 type yang:counter32; 516 description 517 "Total ARP requests sent"; 518 } 519 leaf out-replies-pkts { 520 type yang:counter32; 521 description 522 "Total ARP replies sent"; 523 } 524 leaf out-gratuitous-pkts { 525 type yang:counter32; 526 description 527 "Total gratuitous ARP sent"; 528 } 529 } 530 } 531 } 532 augment "/if:interfaces/if:interface/ip:ipv4/ip:neighbor" { 533 description 534 "Augment neighbor list with parameters of ARP, eg., support for 535 remaining expiry time query on interfaces."; 536 leaf remaining-expiry-time { 537 type uint32; 538 config false; 539 description 540 "Remaining expiry time of a dynamic ARP entry. "; 541 } 542 } 543 } 545 5. Data Model Examples 547 This section presents a simple but complete example of configuring 548 static ARP entries and dynamic learning, based on the YANG modules 549 specified in Section 4. 551 5.1. Static ARP Entries 552 Requirement: 553 Enable static ARP entry global configuration (not rely on interface). 554 555 556 557 10.2.2.3 558 00e0-fc01-0000 559 560 562 Requirement: 563 Enable static ARP entry configuration on interface (defined in 564 draft [I-D.ietf-netmod-rfc7277bis]). 565 566 567 568 10.2.2.3 569 00e0-fc01-0000 570 GE1/0/1 571 572 574 5.2. ARP Dynamic Learning 576 Requirement: 577 Enable ARP dynamic learning configuration. 579 580 581 GE1/0/1 582 1200 583 false 584 false 585 586 5 587 3 588 false 589 590 591 false 592 60 593 false 594 595 597 6. IANA Considerations 599 This document registers a URI in theIETF XML registry [RFC3688]. 600 Following the format in [RFC3688], the following registration is 601 requested to be made: 603 URI: urn:ietf:params:xml:ns:yang:ietf-arp 604 Registrant Contact: The IESG. 605 XML: N/A, the requested URI is an XML namespace. 607 This document registers a YANG module in the YANG Module Names 608 registry [RFC7950]. 610 Name: ietf-arp 611 Namespace: urn:ietf:params:xml:ns:yang: ietf-arp 612 Prefix: arp 613 Reference: RFC XXXX 615 7. Security Considerations 617 The YANG module defined in this document is designed to be accessed 618 via YANG based management protocols, such as NETCONF [RFC6241] and 619 RESTCONF [RFC8040]. Both of these protocols have mandatory-to- 620 implement secure transport layers (e.g., SSH, TLS) with mutual 621 authentication. 623 The NETCONF access control model (NACM) [RFC8341] provides the means 624 to restrict access for particular users to a pre-configured subset of 625 all available protocol operations and content. 627 There are a number of data nodes defined in this YANG module that are 628 writable/creatable/deletable (i.e., config true, which is the 629 default). These data nodes may be considered sensitive or vulnerable 630 in some network environments. Write operations (e.g., edit-config) 631 to these data nodes without proper protection can have a negative 632 effect on network operations. 634 These are the subtrees and data nodes and their sensitivity/ 635 vulnerability: 637 arp/dynamic-learning: This leaf is used to enable ARP dynamic 638 learning on all interfaces.ARP dynamic learning could allow an 639 attacker to inject spoofed traffic into the network, e.g. denial- 640 of- service attack. 642 arp/proxy-arp and arp/proxy:These leaves are used to enable ARP 643 proxy on interface. They could allow traffic to be mis-configured 644 (denial-of- service attack). 646 arp/global-static-entries/static-entry: This list specifies ARP 647 static entries configured on the device. By modifying this 648 information, an attacker can cause a node to either ignore 649 messages destined to it or accept messages it would otherwise 650 ignore. 652 /arp/gratuitous-arp:This leaf is used to enable sending gratuitous 653 ARP packet on an interface.This configuration could allow an 654 attacker to inject spoofed traffic into the network, e.g. man-in- 655 the-middle attack. 657 8. Acknowledgments 659 The authors wish to thank Alex Campbell and Reshad Rahman, Qin Wu, 660 Tom Petch, many others for their helpful comments. 662 9. References 664 9.1. Normative References 666 [RFC0826] Plummer, D., "An Ethernet Address Resolution Protocol: Or 667 Converting Network Protocol Addresses to 48.bit Ethernet 668 Address for Transmission on Ethernet Hardware", STD 37, 669 RFC 826, DOI 10.17487/RFC0826, November 1982, 670 . 672 [RFC1027] Carl-Mitchell, S. and J. Quarterman, "Using ARP to 673 implement transparent subnet gateways", RFC 1027, 674 DOI 10.17487/RFC1027, October 1987, 675 . 677 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 678 Requirement Levels", BCP 14, RFC 2119, 679 DOI 10.17487/RFC2119, March 1997, 680 . 682 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 683 DOI 10.17487/RFC3688, January 2004, 684 . 686 [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", 687 RFC 6991, DOI 10.17487/RFC6991, July 2013, 688 . 690 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 691 RFC 7950, DOI 10.17487/RFC7950, August 2016, 692 . 694 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 695 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 696 May 2017, . 698 [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., 699 and R. Wilton, "Network Management Datastore Architecture 700 (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, 701 . 703 [RFC8343] Bjorklund, M., "A YANG Data Model for Interface 704 Management", RFC 8343, DOI 10.17487/RFC8343, March 2018, 705 . 707 [RFC8344] Bjorklund, M., "A YANG Data Model for IP Management", 708 RFC 8344, DOI 10.17487/RFC8344, March 2018, 709 . 711 9.2. Informative References 713 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 714 and A. Bierman, Ed., "Network Configuration Protocol 715 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 716 . 718 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 719 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 720 . 722 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 723 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 724 . 726 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration 727 Access Control Model", STD 91, RFC 8341, 728 DOI 10.17487/RFC8341, March 2018, 729 . 731 Authors' Addresses 733 Feng Zheng 734 Huawei 735 101 Software Avenue, Yuhua District 736 Nanjing, Jiangsu 210012 737 China 739 Email: habby.zheng@huawei.com 740 Bo Wu 741 Huawei 743 Email: lana.wubo@huawei.com 745 Robert Wilton 746 Cisco Systems 748 Email: rwilton@cisco.com 750 Xiaojian Ding 752 Email: wjswsl@163.com