idnits 2.17.1 draft-ietf-rtgwg-yang-rip-10.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 183 has weird spacing: '...address ine...' == Line 285 has weird spacing: '...et-name pre...' == Line 364 has weird spacing: '...address ine...' -- The document date (February 4, 2018) is 2273 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 5246 (Obsoleted by RFC 8446) ** Obsolete normative reference: RFC 6536 (Obsoleted by RFC 8341) == Outdated reference: A later version (-17) exists of draft-ietf-bfd-yang-09 == Outdated reference: A later version (-42) exists of draft-ietf-isis-yang-isis-cfg-19 == Outdated reference: A later version (-29) exists of draft-ietf-ospf-yang-09 == Outdated reference: A later version (-26) exists of draft-ietf-netconf-subscribed-notifications-08 == Outdated reference: A later version (-25) exists of draft-ietf-netconf-yang-push-12 == Outdated reference: A later version (-20) exists of draft-ietf-netmod-rfc6087bis-16 == Outdated reference: A later version (-06) exists of draft-ietf-netmod-yang-tree-diagrams-05 Summary: 2 errors (**), 0 flaws (~~), 11 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group X. Liu 3 Internet-Draft Jabil 4 Intended status: Standards Track P. Sarda 5 Expires: August 8, 2018 Ericsson 6 V. Choudhary 7 Individual 8 February 4, 2018 10 A YANG Data Model for Routing Information Protocol (RIP) 11 draft-ietf-rtgwg-yang-rip-10 13 Abstract 15 This document describes a data model for the management of the 16 Routing Information Protocol (RIP). Both RIP version 2 and RIPng are 17 covered. The data model includes definitions for configuration, 18 operational state, and Remote Procedure Calls (RPCs). 20 The YANG model in this document conforms to the Network Management 21 Datastore Architecture (NMDA). 23 Status of This Memo 25 This Internet-Draft is submitted in full conformance with the 26 provisions of BCP 78 and BCP 79. 28 Internet-Drafts are working documents of the Internet Engineering 29 Task Force (IETF). Note that other groups may also distribute 30 working documents as Internet-Drafts. The list of current Internet- 31 Drafts is at http://datatracker.ietf.org/drafts/current/. 33 Internet-Drafts are draft documents valid for a maximum of six months 34 and may be updated, replaced, or obsoleted by other documents at any 35 time. It is inappropriate to use Internet-Drafts as reference 36 material or to cite them other than as "work in progress." 38 This Internet-Draft will expire on August 8, 2018. 40 Copyright Notice 42 Copyright (c) 2018 IETF Trust and the persons identified as the 43 document authors. All rights reserved. 45 This document is subject to BCP 78 and the IETF Trust's Legal 46 Provisions Relating to IETF Documents 47 (http://trustee.ietf.org/license-info) in effect on the date of 48 publication of this document. Please review these documents 49 carefully, as they describe your rights and restrictions with respect 50 to this document. Code Components extracted from this document must 51 include Simplified BSD License text as described in Section 4.e of 52 the Trust Legal Provisions and are provided without warranty as 53 described in the Simplified BSD License. 55 Table of Contents 57 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 58 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 2 59 1.2. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 3 60 1.3. Prefixes in Data Node Names . . . . . . . . . . . . . . . 3 61 2. Design of the Data Model . . . . . . . . . . . . . . . . . . 3 62 2.1. Scope of the Model . . . . . . . . . . . . . . . . . . . 3 63 2.2. Relation with Core Routing Framework . . . . . . . . . . 4 64 2.3. Protocol Configuration . . . . . . . . . . . . . . . . . 4 65 2.4. Protocol States . . . . . . . . . . . . . . . . . . . . . 5 66 2.5. RPC Operations . . . . . . . . . . . . . . . . . . . . . 6 67 2.6. Notifications . . . . . . . . . . . . . . . . . . . . . . 6 68 2.7. Optional Features . . . . . . . . . . . . . . . . . . . . 6 69 3. Tree Structure . . . . . . . . . . . . . . . . . . . . . . . 6 70 4. YANG Module . . . . . . . . . . . . . . . . . . . . . . . . . 10 71 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 34 72 6. Security Considerations . . . . . . . . . . . . . . . . . . . 34 73 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 35 74 7.1. Normative References . . . . . . . . . . . . . . . . . . 35 75 7.2. Informative References . . . . . . . . . . . . . . . . . 37 76 Appendix A. Data Tree Example . . . . . . . . . . . . . . . . . 39 77 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 43 79 1. Introduction 81 This document introduces a YANG [RFC7950] data model for the Routing 82 Information Protocol (RIP) [RFC2453][RFC2080]. RIP was designed to 83 work as an Interior Gateway Protocol (IGP) in moderate-size 84 Autonomous Systems (AS). 86 This YANG model supports both RIP version 2 and RIPng. RIP version 2 87 (defined in [RFC2453]) supports IPv4. RIPng (defined in [RFC2080]) 88 supports IPv6. 90 1.1. Terminology 92 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 93 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 94 document are to be interpreted as described in [RFC2119]. 96 The following terms are defined in [RFC7950] and are not redefined 97 here: 99 o augment 101 o data model 103 o data node 105 1.2. Tree Diagrams 107 A simplified graphical representation of the data model is used in 108 this document. The meaning of the symbols in these diagrams is 109 defined in [I-D.ietf-netmod-yang-tree-diagrams]. 111 1.3. Prefixes in Data Node Names 113 In this document, names of data nodes, actions, and other data model 114 objects are often used without a prefix, as long as it is clear from 115 the context in which YANG module each name is defined. Otherwise, 116 names are prefixed using the standard prefix associated with the 117 corresponding YANG module, as shown in Table 1. 119 +-----------+-----------------+-------------------------------+ 120 | Prefix | YANG module | Reference | 121 +-----------+-----------------+-------------------------------+ 122 | yang | ietf-yang-types | [RFC6991] | 123 | inet | ietf-inet-types | [RFC6991] | 124 | if | ietf-interfaces | [I-D.ietf-netmod-rfc7223bis] | 125 | ip | ietf-ip | [I-D.ietf-netmod-rfc7277bis] | 126 | rt | ietf-routing | [I-D.ietf-netmod-rfc8022bis] | 127 | bfd-types | ietf-bfd-types | [I-D.ietf-bfd-yang] | 128 | isis | ietf-isis | [I-D.ietf-isis-yang-isis-cfg] | 129 | key-chain | ietf-key-chain | [RFC8177] | 130 | ospf | ietf-ospf | [I-D.ietf-ospf-yang] | 131 +-----------+-----------------+-------------------------------+ 133 Table 1: Prefixes and Corresponding YANG Modules 135 2. Design of the Data Model 137 2.1. Scope of the Model 139 The model covers RIP version 2 [RFC2453] and RIPng [RFC2080] 140 protocols. The model is designed to be implemented on a device where 141 RIP version 2 or RIPng is implemented, and can be used to: 143 o Configure the RIP version 2 or RIPng protocol. 145 o Manage the protocol operational behaviors. 147 o Retrieve the protocol operational status. 149 The capabilities describe in [RFC1724] are covered. 151 2.2. Relation with Core Routing Framework 153 This model augments the core routing data model "ietf-routing" 154 specified in [I-D.ietf-netmod-rfc8022bis]. 156 +--rw routing 157 +--rw router-id? 158 +--rw control-plane-protocols 159 | +--rw control-plane-protocol* [type name] 160 | +--rw type 161 | +--rw name 162 | +--rw rip <= Augmented by this Model 163 ... 165 The "rip" container instantiates a RIP protocol entity that supports 166 RIP version 2 or RIPng. Depending on the implementation of "ietf- 167 routing", a RIP instance MAY belong to a logical router or network 168 instance. 170 2.3. Protocol Configuration 172 The model structure for the protocol configuration is as shown below: 174 augment /rt:routing/rt:control-plane-protocols/ 175 rt:control-plane-protocol: 176 +--rw rip 177 +--rw 178 +--rw interface* [interface] 179 +--rw interface if:interface-ref 180 +--rw 181 +--rw neighbors {explicit-neighbors}? 182 | +--rw neighbor* [address] 183 | +--rw address inet:ip-address 184 | +--rw 186 The model allows to configure the following protocol entities: 188 o Protocol instance (RIP version 2 or RIPng) 189 o Interface 191 o Neighbor 193 2.4. Protocol States 195 The model structure for the protocol states is as shown below: 197 augment /rt:routing/rt:control-plane-protocols/ 198 rt:control-plane-protocol: 199 +--rw rip 200 +--ro 201 +--rw interface* [interface] 202 | +--rw interface if:interface-ref 203 | +--ro 204 | +--ro statistics {interface-statistics}? 205 | +--ro 206 +--ro ipv4 207 | +--ro neighbors 208 | | +--ro neighbor* [ipv4-address] 209 | | +--ro 210 | +--ro routes 211 | +--ro route* [ipv4-prefix] 212 | +--ro 213 +--ro ipv6 214 | +--ro neighbors 215 | | +--ro neighbor* [ipv6-address] 216 | | +--ro 217 | +--ro routes 218 | +--ro route* [ipv6-prefix] 219 | +--ro ipv6-prefix inet:ipv6-prefix 220 | +--ro 221 +--ro statistics {global-statistics}? 222 +--ro 224 This model conforms to the Network Management Datastore Architecture 225 (NMDA) [I-D.ietf-netmod-revised-datastores]. The operational state 226 data is combined with the associated configuration data in the same 227 hierarchy [I-D.ietf-netmod-rfc6087bis]. When protocol states are 228 retrieved from the NMDA operational state datastore, the returned 229 states cover all "config true" (rw) and "config false" (ro) nodes 230 defined in the schema. 232 The model allows to retrieve protocol states at the following levels: 234 o Protocol instance (RIP version 2 or RIPng) 235 o Interface 237 o Neighbor 239 o Route 241 2.5. RPC Operations 243 This model defines one RPC "clear-rip-route" that can be used to 244 clear RIP routes from the routing table. 246 2.6. Notifications 248 This model does not define RIP specific notifications. To enable 249 notifications, the mechanism defined in 250 [I-D.ietf-netconf-subscribed-notifications] and 251 [I-D.ietf-netconf-yang-push] can be used. This mechanism currently 252 allows the user to: 254 o Subscribe notifications on a per client basis. 256 o Specify subtree filters or xpath filters so that only interested 257 contents will be sent. 259 o Specify either periodic or on-demand notifications. 261 2.7. Optional Features 263 This model defines several features are beyond the basic RIP 264 configuration and it is the responsibility of each vendor to decide 265 whether to support a given feature on a device. 267 3. Tree Structure 269 This document defines the YANG module "ietf-rip", which has the 270 following tree structure: 272 module: ietf-rip 273 augment /rt:routing/rt:control-plane-protocols 274 /rt:control-plane-protocol: 275 +--rw rip 276 +--rw originate-default-route 277 | +--rw enabled? boolean 278 | +--rw route-policy? route-policy-ref 279 +--rw default-metric? uint8 280 +--rw distance? uint8 281 +--rw triggered-update-threshold? uint8 282 +--rw maximum-paths? uint8 283 +--rw output-delay? uint8 284 +--rw distribute-list* [prefix-set-name direction] 285 | +--rw prefix-set-name prefix-set-ref 286 | +--rw direction enumeration 287 | +--rw if-name? if:interface-ref 288 +--rw redistribute 289 | +--rw bgp* [asn] 290 | | +--rw asn inet:as-number 291 | | +--rw metric? uint8 292 | | +--rw route-policy? route-policy-ref 293 | +--rw cg-nat! 294 | | +--rw metric? uint8 295 | | +--rw route-policy? route-policy-ref 296 | +--rw connected! 297 | | +--rw metric? uint8 298 | | +--rw route-policy? route-policy-ref 299 | +--rw ipsec! 300 | | +--rw metric? uint8 301 | | +--rw route-policy? route-policy-ref 302 | +--rw isis* [instance] 303 | | +--rw instance 304 | | | -> ../../../../../rt:control-plane-protocol/name 305 | | +--rw level? enumeration 306 | | +--rw metric? uint8 307 | | +--rw route-policy? route-policy-ref 308 | +--rw nat! 309 | | +--rw metric? uint8 310 | | +--rw route-policy? route-policy-ref 311 | +--rw ospfv2* [instance] 312 | | +--rw instance 313 | | | -> ../../../../../rt:control-plane-protocol/name 314 | | +--rw route-type? ospf:route-type 315 | | +--rw metric? uint8 316 | | +--rw route-policy? route-policy-ref 317 | +--rw ospfv3* [instance] 318 | | +--rw instance 319 | | | -> ../../../../../rt:control-plane-protocol/name 320 | | +--rw route-type? ospf:route-type 321 | | +--rw metric? uint8 322 | | +--rw route-policy? route-policy-ref 323 | +--rw ripv2* [instance] 324 | | +--rw instance 325 | | | -> ../../../../../rt:control-plane-protocol/name 326 | | +--rw metric? uint8 327 | | +--rw route-policy? route-policy-ref 328 | +--rw ripng* [instance] 329 | | +--rw instance 330 | | | -> ../../../../../rt:control-plane-protocol/name 331 | | +--rw metric? uint8 332 | | +--rw route-policy? route-policy-ref 333 | +--rw static! 334 | +--rw metric? uint8 335 | +--rw route-policy? route-policy-ref 336 +--rw timers 337 | +--rw update-interval? uint16 338 | +--rw invalid-interval? uint16 339 | +--rw holddown-interval? uint16 340 | +--rw flush-interval? uint16 341 +--rw interfaces 342 | +--rw interface* [interface] 343 | +--rw interface if:interface-ref 344 | +--rw authentication 345 | | +--rw (auth-type-selection)? 346 | | +--:(auth-key-chain) 347 | | | +--rw key-chain? 348 key-chain:key-chain-ref 349 | | +--:(auth-key) 350 | | +--rw key? string 351 | | +--rw crypto-algorithm? identityref 352 | +--rw bfd {bfd}? 353 | | +--rw enable? boolean 354 | | +--rw local-multiplier? multiplier 355 | | +--rw (interval-config-type)? 356 | | +--:(tx-rx-intervals) 357 | | | +--rw desired-min-tx-interval? uint32 358 | | | +--rw required-min-rx-interval? uint32 359 | | +--:(single-interval) 360 | | +--rw min-interval? uint32 361 | +--rw cost? uint8 362 | +--rw neighbors {explicit-neighbors}? 363 | | +--rw neighbor* [address] 364 | | +--rw address inet:ip-address 365 | +--rw no-listen? empty 366 | +--rw originate-default-route 367 | | +--rw enabled? boolean 368 | | +--rw route-policy? route-policy-ref 369 | +--rw passive? empty 370 | +--rw split-horizon? enumeration 371 | +--rw summary-address 372 | | +--rw address? inet:ip-prefix 373 | | +--rw metric? uint8 374 | +--rw timers 375 | | +--rw update-interval? uint16 376 | | +--rw invalid-interval? uint16 377 | | +--rw holddown-interval? uint16 378 | | +--rw flush-interval? uint16 379 | +--ro oper-status? enumeration 380 | +--ro next-full-update? uint32 381 | +--ro valid-address? boolean 382 | +--ro statistics {interface-statistics}? 383 | +--ro discontinuity-time? yang:date-and-time 384 | +--ro bad-packets-rcvd? yang:counter32 385 | +--ro bad-routes-rcvd? yang:counter32 386 | +--ro updates-sent? yang:counter32 387 +--ro next-triggered-update? uint32 388 +--ro num-of-routes? uint32 389 +--ro ipv4 390 | +--ro neighbors 391 | | +--ro neighbor* [ipv4-address] 392 | | +--ro ipv4-address inet:ipv4-address 393 | | +--ro last-update? yang:date-and-time 394 | | +--ro bad-packets-rcvd? yang:counter32 395 | | +--ro bad-routes-rcvd? yang:counter32 396 | +--ro routes 397 | +--ro route* [ipv4-prefix] 398 | +--ro ipv4-prefix 399 inet:ipv4-prefix 400 | +--ro next-hop? 401 inet:ipv4-address 402 | +--ro interface? 403 if:interface-ref 404 | +--ro redistributed? boolean 405 | +--ro route-type? enumeration 406 | +--ro metric? uint8 407 | +--ro expire-time? uint16 408 | +--ro deleted? boolean 409 | +--ro holddown? boolean 410 | +--ro need-triggered-update? boolean 411 | +--ro inactive? boolean 412 | +--ro flush-expire-before-holddown? boolean 413 +--ro ipv6 414 | +--ro neighbors 415 | | +--ro neighbor* [ipv6-address] 416 | | +--ro ipv6-address inet:ipv6-address 417 | | +--ro last-update? yang:date-and-time 418 | | +--ro bad-packets-rcvd? yang:counter32 419 | | +--ro bad-routes-rcvd? yang:counter32 420 | +--ro routes 421 | +--ro route* [ipv6-prefix] 422 | +--ro ipv6-prefix 423 inet:ipv6-prefix 424 | +--ro next-hop? 425 inet:ipv6-address 426 | +--ro interface? 428 if:interface-ref 429 | +--ro redistributed? boolean 430 | +--ro route-type? enumeration 431 | +--ro metric? uint8 432 | +--ro expire-time? uint16 433 | +--ro deleted? boolean 434 | +--ro holddown? boolean 435 | +--ro need-triggered-update? boolean 436 | +--ro inactive? boolean 437 | +--ro flush-expire-before-holddown? boolean 438 +--ro statistics {global-statistics}? 439 +--ro discontinuity-time? yang:date-and-time 440 +--ro requests-rcvd? yang:counter32 441 +--ro requests-sent? yang:counter32 442 +--ro responses-rcvd? yang:counter32 443 +--ro responses-sent? yang:counter32 445 rpcs: 446 +---x clear-rip-route 447 +---w input 448 +---w rip-instance? leafref 450 4. YANG Module 452 file "ietf-rip@2018-02-03.yang" 453 module ietf-rip { 454 yang-version 1.1; 455 namespace "urn:ietf:params:xml:ns:yang:ietf-rip"; 457 prefix rip; 459 import ietf-inet-types { 460 prefix "inet"; 461 } 463 import ietf-yang-types { 464 prefix "yang"; 465 } 467 import ietf-interfaces { 468 prefix "if"; 469 } 471 import ietf-ip { 472 prefix "ip"; 473 } 474 import ietf-routing { 475 prefix "rt"; 476 } 478 import ietf-key-chain { 479 prefix "key-chain"; 480 } 482 import ietf-bfd-types { 483 prefix "bfd-types"; 484 } 486 import ietf-ospf { 487 prefix "ospf"; 488 } 490 import ietf-isis { 491 prefix "isis"; 492 } 494 organization "IETF Routing Area Working Group (rtgwg)"; 496 contact 497 "WG Web: 498 WG List: 500 Editor: Xufeng Liu 501 503 Editor: Prateek Sarda 504 506 Editor: Vikram Choudhary 507 "; 509 description 510 "This YANG module defines a model for managing Routing 511 Information Protocol (RIP), including RIP version 2 and RIPng. 513 Copyright (c) 2018 IETF Trust and the persons identified as 514 authors of the code. All rights reserved. 516 Redistribution and use in source and binary forms, with or 517 without modification, is permitted pursuant to, and subject to 518 the license terms contained in, the Simplified BSD License set 519 forth in Section 4.c of the IETF Trust's Legal Provisions 520 Relating to IETF Documents 521 (http://trustee.ietf.org/license-info). 522 This version of this YANG module is part of RFC XXXX; see the 523 RFC itself for full legal notices."; 525 revision 2018-02-03 { 526 description 527 "Initial revision."; 528 reference 529 "RFC XXXX: A YANG Data Model for Routing Information Protocol 530 (RIP). 531 RFC 2453: RIP Version 2. 532 RFC 2080: RIPng for IPv6. 533 RFC 1724: RIP Version 2 MIB Extension."; 534 } 536 /* 537 * Features 538 */ 539 feature bfd { 540 description 541 "This feature indicates that the RIP implementation on the 542 system supports BFD (Bidirectional Forwarding Detection)."; 543 } 545 feature explicit-neighbors { 546 description 547 "This feature indicates that the system supports explicit 548 neighbor configuration on a RIP interface."; 549 } 551 feature global-statistics { 552 description 553 "This feature indicates that the system supports collecting 554 global statistic data related to RIP."; 555 } 557 feature interface-statistics { 558 description 559 "This feature indicates that the system supports collecting 560 per-interface statistic data related to RIP."; 561 } 563 /* 564 * Typedefs 565 */ 567 typedef prefix-set-ref { 568 type string; 569 description 570 "A type for a reference to a prefix set. 571 The string value is the name identifier for uniquely 572 identifying the referenced prefix set, which contains a list 573 of prefixes that a routing policy can applied. The definition 574 of such a prefix set is outside the scope of this document."; 575 } 577 typedef route-policy-ref { 578 type string; 579 description 580 "A type for a reference to a route policy. 581 The string value is the name identifier for uniquely 582 identifying the referenced routing policy, which contains one 583 or more policy rules that can be used for a routing decision. 584 The definition of such a routing policy is outside the scope 585 of this document."; 586 } 588 /* 589 * Identities 590 */ 592 identity rip { 593 base rt:routing-protocol; 594 description "Identity for the RIP routing protocol."; 595 } 597 identity ripv2 { 598 base rip:rip; 599 description "Identity for RIPv2 (RIP version 2)."; 600 } 602 identity ripng { 603 base rip:rip; 604 description "Identity for RIPng."; 605 } 607 /* 608 * Groupings 609 */ 611 grouping originate-default-route-container { 612 description 613 "Containing settings whether to originate the default route 614 in RIP routing instance."; 615 container originate-default-route { 616 description 617 "Injects the default route into the RIP (RIPv2 or RIPng) 618 routing instance."; 619 leaf enabled { 620 type boolean; 621 default false; 622 description 623 "'true' if originating default route is enabled."; 624 } 625 leaf route-policy { 626 type route-policy-ref; 627 description 628 "The conditions of the route policy are applied to the 629 default route."; 630 } 631 } 632 } 634 grouping redistribute-container { 635 description 636 "Container of redistribute attributes."; 638 container redistribute { 639 description 640 "Redistributes routes learned from other routing protocols 641 into the RIP routing instance."; 642 list bgp { 643 key "asn"; 644 description 645 "Redistributes routes from the specified BGP (Border 646 Gateway Protocol) autonomous system (AS) into the RIP 647 routing instance."; 648 leaf asn { 649 type inet:as-number; 650 description 651 "BGP autonomous system (AS) number."; 652 } 653 uses redistribute-route-policy-attributes; 654 } 655 container cg-nat { 656 presence 657 "Present if Carrier Grade Network Address Translation 658 (CGNAT) routes are redistributed."; 659 description 660 "Carrier Grade Network Address Translation (CGNAT) 661 routes."; 662 uses redistribute-route-policy-attributes; 663 } 664 container connected { 665 presence 666 "Present if directly attached network routes are 667 redistributed."; 668 description 669 "Redistributes directly attached networks into the RIP 670 routing instance."; 671 uses redistribute-route-policy-attributes; 672 } 673 container ipsec { 674 presence 675 "Present if IP security routing instance routes 676 are redistributed."; 677 description 678 "Redistributes routes from the IP security routing 679 instance into the RIP routing instance."; 680 uses redistribute-route-policy-attributes; 681 } 682 list isis { 683 key "instance"; 684 description 685 "Redistributes IS-IS routes."; 686 leaf instance { 687 type leafref { 688 path "../../../../../rt:control-plane-protocol/rt:name"; 689 } 690 must "derived-from-or-self(" 691 + "../../../../../rt:control-plane-protocol" 692 + "[rt:name = current()]/rt:type, 'isis:isis')" { 693 description 694 "The type of the routing protocol must be 'isis'"; 695 } 696 description 697 "Redistributes routes from the specified IS-IS routing 698 instance into the RIP routing instance."; 699 } 700 leaf level { 701 type enumeration { 702 enum 1 { 703 description "IS-IS level 1 routes."; 704 } 705 enum 2 { 706 description "IS-IS level 2 routes."; 707 } 708 enum 1-2 { 709 description "IS-IS level 1-2 routes."; 710 } 711 } 712 description 713 "IS-IS level."; 715 } 716 uses redistribute-route-policy-attributes; 717 } 718 container nat { 719 presence 720 "Present if Network Address Translation (NAT) routes 721 are redistributed."; 722 description 723 "Redistributes Network Address Translation (NAT) 724 routes into the RIP routing instance."; 725 uses redistribute-route-policy-attributes; 726 } 727 list ospfv2 { 728 when "derived-from-or-self(../../../rt:type, 'rip:ripv2')" { 729 description 730 "Applicable to RIPv2."; 731 } 732 key "instance"; 733 description 734 "Redistributes routes from the specified OSPFv2 routing 735 instance into the RIPv2 routing instance."; 736 leaf instance { 737 type leafref { 738 path "../../../../../rt:control-plane-protocol/rt:name"; 739 } 740 must "derived-from-or-self(" 741 + "../../../../../rt:control-plane-protocol" 742 + "[rt:name = current()]/rt:type, 'ospf:ospfv2')" { 743 description 744 "The type of the routing protocol must be 'ospfv2'"; 745 } 746 description 747 "OSPFv2 instance ID. Redistributes routes from the 748 specified OSPFv2 routing instance into the RIPv2 routing 749 instance. "; 750 } 751 leaf route-type { 752 type ospf:route-type; 753 description 754 "Redistributes only those OSPFv2 routes matching the 755 specified route type into the RIPv2 routing instance."; 756 } 757 uses redistribute-route-policy-attributes; 758 } 759 list ospfv3 { 760 when "derived-from-or-self(../../../rt:type, 'rip:ripng')" { 761 description 762 "Applicable to RIPng."; 764 } 765 key "instance"; 766 description 767 "Redistributes routes from the specified OSPFv3 routing 768 instance into the RIPng routing instance."; 769 leaf instance { 770 type leafref { 771 path "../../../../../rt:control-plane-protocol/rt:name"; 772 } 773 must "derived-from-or-self(" 774 + "../../../../../rt:control-plane-protocol" 775 + "[rt:name = current()]/rt:type, 'ospf:ospfv3')" { 776 description 777 "The type of the routing protocol must be 'ospfv3'"; 778 } 779 description 780 "OSPFv3 instance ID. Redistributes routes from the 781 specified OSPFv3 routing instance into the RIPng routing 782 instance. "; 783 } 784 leaf route-type { 785 type ospf:route-type; 786 description 787 "Redistributes only those OSPFv3 routes matching the 788 specified route type into the RIPng routing instance."; 789 } 790 uses redistribute-route-policy-attributes; 791 } 792 list ripv2 { 793 when "derived-from-or-self(../../../rt:type, 'rip:ripv2')" { 794 description 795 "Applicable to RIPv2."; 796 } 797 key "instance"; 798 description 799 "Redistributes routes from another RIPv2 routing instance 800 into the current RIPv2 routing instance."; 801 leaf instance { 802 type leafref { 803 path "../../../../../rt:control-plane-protocol/rt:name"; 804 } 805 must "derived-from-or-self(" 806 + "../../../../../rt:control-plane-protocol" 807 + "[rt:name = current()]/rt:type, 'rip:ripv2')" { 808 description 809 "The type of the routing protocol must be 'ripv2'"; 810 } 811 description 812 "Redistributes routes from the specified RIPv2 routing 813 instance into the RIPv2 routing instance."; 814 } 815 uses redistribute-route-policy-attributes; 816 } 817 list ripng { 818 when "derived-from-or-self(../../../rt:type, 'rip:ripng')" { 819 description 820 "Applicable to RIPng."; 821 } 822 key "instance"; 823 description 824 "Redistributes routes from another RIPng routing instance 825 into the current RIPng routing instance."; 826 leaf instance { 827 type leafref { 828 path "../../../../../rt:control-plane-protocol/rt:name"; 829 } 830 must "derived-from-or-self(" 831 + "../../../../../rt:control-plane-protocol" 832 + "[rt:name = current()]/rt:type, 'rip:ripng')" { 833 description 834 "The type of the routing protocol must be 'ripng'"; 835 } 836 description 837 "Redistributes routes from the specified RIPng routing 838 instance into the RIPng routing instance."; 839 } 840 uses redistribute-route-policy-attributes; 841 } 842 container static { 843 presence "Present if redistributing static routes."; 844 description 845 "Redistributes static routes into the RIP routing 846 instance."; 847 uses redistribute-route-policy-attributes; 848 } 849 } // redistribute 850 } // redistribute-container 852 grouping redistribute-route-policy-attributes { 853 description 854 "Attributes for redistributing a route policy."; 855 leaf metric { 856 type uint8 { 857 range 0..16; 858 } 859 description 860 "Metric used for the redistributed route. If a metric is 861 not specified, the metric configured with the 862 default-metric attribute in RIP router configuration is 863 used. If the default-metric attribute has not been 864 configured, the default metric for redistributed routes 865 is 1."; 866 } 867 leaf route-policy { 868 type route-policy-ref; 869 description 870 "Applies the conditions of the specified route policy to 871 routes that are redistributed into the RIP routing 872 instance."; 873 } 874 } // redistribute-route-policy-attributes 876 grouping timers-container { 877 description 878 "Container for settings of basic timers"; 879 container timers { 880 must "invalid-interval >= (update-interval * 3)" { 881 description 882 "invalid-interval must be at least three times the value 883 for the update-interval argument."; 884 } 885 must "flush-interval > invalid-interval" { 886 description 887 "flush-interval must be larger than the value for the 888 invalid-interval argument"; 889 } 890 description 891 "Timers for the specified RIPv2 or RIPng instance or 892 interface."; 893 leaf update-interval { 894 type uint16 { 895 range 1..32767; 896 } 897 units seconds; 898 default 30; 899 description 900 "Interval at which RIPv2 or RIPng updates are sent."; 901 } 902 leaf invalid-interval { 903 type uint16 { 904 range 1..32767; 905 } 906 units seconds; 907 default 180; 908 description 909 "Interval before a route is declared invalid after no 910 updates are received. This value is at least three times 911 the value for the update-interval argument."; 912 } 913 leaf holddown-interval { 914 type uint16 { 915 range 1..32767; 916 } 917 units seconds; 918 default 180; 919 description 920 "Interval before better routes are released."; 921 } 922 leaf flush-interval { 923 type uint16 { 924 range 1..32767; 925 } 926 units seconds; 927 default 240; 928 description 929 "Interval before a route is flushed from the routing 930 table. This value must be larger than the value for the 931 invalid-interval argument."; 932 } 933 } // timers 934 } 936 grouping global-attributes { 937 description 938 "Global configuration and state attributes."; 939 uses originate-default-route-container; 941 leaf default-metric { 942 type uint8 { 943 range 0..16; 944 } 945 default 1; 946 description 947 "Set the default metric."; 948 } 950 leaf distance { 951 type uint8 { 952 range 1..255; 953 } 954 default 120; 955 description 956 "The administrative distance of the RIPv2 or RIPng for the 957 current RIPv2 or RIPng instance."; 958 } 960 leaf triggered-update-threshold { 961 type uint8 { 962 range 1..30; 963 } 964 units seconds; 965 default 5; 966 description 967 "This attribute is used to suppress triggered updates. 968 When the arrival of a regularly scheduled update matches the 969 number of seconds or is less than the number seconds 970 configured with this attribute, the triggered update is 971 suppressed."; 972 } 974 leaf maximum-paths { 975 type uint8 { 976 range 1..16; 977 } 978 default 8; 979 description 980 "The number of multiple equal-cost RIPv2 or RIPng routes 981 that can be used as the best paths for balancing the load 982 of outgoing traffic packets."; 983 } 985 leaf output-delay { 986 type uint8 { 987 range 1..50; 988 } 989 units milliseconds; 990 description 991 "A delay time between packets sent in multipacket 992 RIPv2 or RIPng updates."; 993 } 994 } // global-attributes 996 grouping distribute-lists { 997 description 998 "Grouping for distribute lists."; 999 list distribute-list { 1000 key "prefix-set-name direction"; 1001 description 1002 "List of distribute-lists, which are used to filter in-coming 1003 or out-going routing updates."; 1005 leaf prefix-set-name { 1006 type prefix-set-ref; 1007 description 1008 "Reference to a prefix list to be applied to RIPv2 or 1009 RIPng packets."; 1010 } 1012 leaf direction { 1013 type enumeration { 1014 enum "in" { 1015 description 1016 "Apply the distribute-list to in-coming routes."; 1017 } 1018 enum "out" { 1019 description 1020 "Apply the distribute-list to out-going routes."; 1021 } 1022 } 1023 description 1024 "Direction of the routing updates."; 1025 } 1027 leaf if-name { 1028 type if:interface-ref; 1029 description 1030 "Reference to an interface to which the prefix list is 1031 applied."; 1032 } 1033 } 1034 } // distribute-lists 1036 grouping route-attributes { 1037 description 1038 "Grouping for route attributes."; 1039 leaf redistributed { 1040 type boolean; 1041 description 1042 "Redistributed routes"; 1043 } 1045 leaf route-type { 1046 type enumeration { 1047 enum connected { 1048 description "Connected route."; 1049 } 1050 enum external { 1051 description "External route."; 1052 } 1053 enum external-backup { 1054 description "External backup route."; 1055 } 1056 enum rip { 1057 description "RIP route."; 1058 } 1059 } 1060 description 1061 "Route type."; 1062 } 1063 leaf metric { 1064 type uint8 { 1065 range 0..16; 1066 } 1067 description "Route metric."; 1068 } 1069 leaf expire-time { 1070 type uint16; 1071 description "Expiration time."; 1072 } 1073 leaf deleted { 1074 type boolean; 1075 description "Deleted route."; 1076 } 1077 leaf holddown { 1078 type boolean; 1079 description "Holddown route."; 1080 } 1081 leaf need-triggered-update { 1082 type boolean; 1083 description "The route needs triggered update."; 1084 } 1085 leaf inactive { 1086 type boolean; 1087 description "The route is inactive."; 1088 } 1089 leaf flush-expire-before-holddown { 1090 type boolean; 1091 description 1092 "The flush timer expired before holddown time."; 1093 } 1094 } // route-attribute 1096 /* 1097 * Configuration data and operational state data nodes 1098 */ 1100 augment "/rt:routing/rt:control-plane-protocols/" 1101 + "rt:control-plane-protocol" { 1102 when "derived-from(rt:type, 'rip:rip')" { 1103 description 1104 "This augment is only valid for a routing protocol instance 1105 of RIP (type 'ripv2' or 'ripng')."; 1106 } 1107 description "RIP augmentation."; 1109 container rip { 1110 description 1111 "RIP data."; 1113 uses global-attributes; 1114 uses distribute-lists; 1115 uses redistribute-container; 1116 uses timers-container; 1118 container interfaces { 1119 description 1120 "Containing a list of RIP interfaces."; 1121 list interface { 1122 key "interface"; 1123 description 1124 "List of RIP interfaces."; 1125 leaf interface { 1126 type if:interface-ref; 1127 must "(derived-from-or-self(" 1128 + "../../../../rt:type, 'rip:ripv2') and " 1129 + "/if:interfaces/if:interface[if:name=current()]/" 1130 + "ip:ipv4) or " 1131 + "(derived-from-or-self(" 1132 + "../../../../rt:type, 'rip:ripng') and " 1133 + "/if:interfaces/if:interface[if:name=current()]/" 1134 + "ip:ipv6)" { 1135 error-message "Invalid interface type."; 1136 description 1137 "RIPv2 can be enabled on IPv4 interfae, and 1138 RIPng can be enabled on IPv6 interface."; 1139 } 1140 description 1141 "Enable RIP on this interface."; 1142 } 1144 container authentication { 1145 when "derived-from-or-self(" 1146 + "../../../../rt:type, 'rip:ripv2')" { 1147 description "Only applicable to RIPv2."; 1148 } 1149 description 1150 "Enables authentication and specifies the 1151 authentication scheme for the RIP interface"; 1152 choice auth-type-selection { 1153 description 1154 "Specify the authentication scheme."; 1155 reference 1156 "RFC8177: YANG Data Model for Key Chains."; 1157 case auth-key-chain { 1158 leaf key-chain { 1159 type key-chain:key-chain-ref; 1160 description 1161 "key-chain name."; 1162 } 1163 } 1164 case auth-key { 1165 leaf key { 1166 type string; 1167 description 1168 "Key string in ASCII format."; 1169 } 1170 leaf crypto-algorithm { 1171 type identityref { 1172 base key-chain:crypto-algorithm; 1173 } 1174 description 1175 "Cryptographic algorithm associated with key."; 1176 } 1177 } 1178 } 1179 } 1181 container bfd { 1182 if-feature bfd; 1183 description "BFD configuration."; 1184 uses bfd-types:client-cfg-parms; 1185 } 1187 leaf cost { 1188 type uint8 { 1189 range 1..16; 1190 } 1191 default 1; 1192 description 1193 "Interface cost."; 1194 } 1196 container neighbors { 1197 if-feature explicit-neighbors; 1198 description 1199 "Specifies the RIP neighbors. Useful for a 1200 non-broadcast multiple access (NBMA) network."; 1201 list neighbor { 1202 key "address"; 1203 description 1204 "Specify a RIP neighbor on a non-broadcast network."; 1205 leaf address { 1206 type inet:ip-address; 1207 description "Neighbor IP address."; 1208 } 1209 } 1210 } 1212 leaf no-listen { 1213 type empty; 1214 description 1215 "Disables listening to and processing of RIPv2 or RIPng 1216 packets on the specified interface."; 1217 } 1219 uses originate-default-route-container; 1221 leaf passive { 1222 type empty; 1223 description 1224 "Disables sending of RIPv2 or RIPng packets on the 1225 specified interface."; 1226 } 1228 leaf split-horizon { 1229 type enumeration { 1230 enum disabled { 1231 description 1232 "Disables split-horizon processing."; 1233 } 1234 enum simple { 1235 description 1236 "Enables simple split-horizon processing."; 1237 } 1238 enum poison-reverse { 1239 description 1240 "Enables split-horizon processing with poison 1241 reverse."; 1242 } 1243 } 1244 default simple; 1245 description 1246 "Controls RIPv2 or RIPng split-horizon processing on 1247 the specified interface."; 1248 } 1250 container summary-address { 1251 description 1252 "Summarizes information about RIPv2 or RIPng routes 1253 sent over the specified interface in RIPv2 or RIPng 1254 update packets."; 1255 leaf address { 1256 type inet:ip-prefix; 1257 description 1258 "Specifies the IP address and the prefix length that 1259 identify the routes to be summarized. The IP address 1260 can be specified in either IPv4 or IPv6 format, as 1261 specified in RFC6991."; 1262 } 1263 leaf metric { 1264 type uint8 { 1265 range 0..16; 1266 } 1267 description 1268 "Metric used for the route. If this attribute is not 1269 used, the value set through the default-metric 1270 attribute in RIPv2 or RIPng router configuration is 1271 used for the route. "; 1272 } 1273 } 1275 uses timers-container; 1277 /* Operational state */ 1278 leaf oper-status { 1279 type enumeration { 1280 enum up { 1281 description 1282 "RIPv2 or RIPng is operational on this interface."; 1283 } 1284 enum down { 1285 description 1286 "RIPv2 or RIPng is not operational on this 1287 interface."; 1288 } 1289 } 1290 config false; 1291 description 1292 "Operational state."; 1294 } 1295 leaf next-full-update { 1296 type uint32; 1297 config false; 1298 description 1299 "Next full update time."; 1300 } 1301 leaf valid-address { 1302 type boolean; 1303 config false; 1304 description 1305 "The interface has a valid address."; 1306 } 1308 container statistics { 1309 if-feature interface-statistics; 1310 config false; 1311 description 1312 "Interface statistic counters."; 1313 leaf discontinuity-time { 1314 type yang:date-and-time; 1315 description 1316 "The time on the most recent occasion at which any 1317 one or more of the statistic counters suffered a 1318 discontinuity. If no such discontinuities have 1319 occurred since the last re-initialization of the 1320 local management subsystem, then this node contains 1321 the time the local management subsystem 1322 re-initialized itself."; 1323 } 1324 leaf bad-packets-rcvd { 1325 type yang:counter32; 1326 description 1327 "The number of RIP invalid packets received by 1328 the RIP process which were subsequently discarded 1329 for any reason (e.g. a version 0 packet, or an 1330 unknown command type)."; 1331 } 1332 leaf bad-routes-rcvd { 1333 type yang:counter32; 1334 description 1335 "The number of routes, in valid RIP packets, 1336 which were ignored for any reason (e.g. unknown 1337 address family, or invalid metric)."; 1338 } 1339 leaf updates-sent { 1340 type yang:counter32; 1341 description 1342 "The number of triggered RIP updates actually 1343 sent on this interface. This explicitly does 1344 NOT include full updates sent containing new 1345 information."; 1346 } 1347 } 1348 } // interface 1349 } // interfaces 1351 /* Operational state */ 1352 leaf next-triggered-update { 1353 type uint32; 1354 config false; 1355 description 1356 "Next triggered update."; 1357 } 1358 leaf num-of-routes { 1359 type uint32; 1360 config false; 1361 description 1362 "The number of routes."; 1363 } 1365 container ipv4 { 1366 when "derived-from-or-self(../../rt:type, 'rip:ripv2')" { 1367 description 1368 "IPv4 address family is supported by RIPv2."; 1369 } 1370 config false; 1371 description 1372 "IPv4 address family information."; 1373 container neighbors { 1374 description 1375 "IPv4 neighbor information."; 1376 list neighbor { 1377 key "ipv4-address"; 1378 description 1379 "A RIPv2 neighbor."; 1381 leaf ipv4-address { 1382 type inet:ipv4-address; 1383 description 1384 "IP address that a RIP neighbor is using as its 1385 source address."; 1386 } 1387 leaf last-update { 1388 type yang:date-and-time; 1389 description 1390 "The time when the most recent RIP update was 1391 received from this neighbor."; 1392 } 1393 leaf bad-packets-rcvd { 1394 type yang:counter32; 1395 description 1396 "The number of RIP invalid packets received from 1397 this neighbor which were subsequently discarded 1398 for any reason (e.g. a version 0 packet, or an 1399 unknown command type)."; 1400 } 1401 leaf bad-routes-rcvd { 1402 type yang:counter32; 1403 description 1404 "The number of routes received from this neighbor, 1405 in valid RIP packets, which were ignored for any 1406 reason (e.g. unknown address family, or invalid 1407 metric)."; 1408 } 1409 } // neighbor 1410 } // neighbors 1411 container routes { 1412 description 1413 "IPv4 route information."; 1414 list route { 1415 key "ipv4-prefix"; 1416 description 1417 "A RIPv2 IPv4 route."; 1419 leaf ipv4-prefix { 1420 type inet:ipv4-prefix; 1421 description 1422 "IPv4 address and prefix length, in the format 1423 specified in RFC6991."; 1424 } 1425 leaf next-hop { 1426 type inet:ipv4-address; 1427 description 1428 "Next hop IPv4 address."; 1429 } 1430 leaf interface { 1431 type if:interface-ref; 1432 description 1433 "The interface that the route uses."; 1434 } 1435 uses route-attributes; 1436 } // route 1437 } // routes 1439 } // ipv4 1440 container ipv6 { 1441 when "derived-from-or-self(../../rt:type, 'rip:ripng')" { 1442 description 1443 "IPv6 address family is supported by RIPng."; 1444 } 1445 config false; 1446 description 1447 "IPv6 address family information."; 1448 container neighbors { 1449 description 1450 "IPv6 neighbor information."; 1451 list neighbor { 1452 key "ipv6-address"; 1453 description 1454 "A RIPng neighbor."; 1456 leaf ipv6-address { 1457 type inet:ipv6-address; 1458 description 1459 "IP address that a RIP neighbor is using as its 1460 source address."; 1461 } 1462 leaf last-update { 1463 type yang:date-and-time; 1464 description 1465 "The time when the most recent RIP update was 1466 received from this neighbor."; 1467 } 1468 leaf bad-packets-rcvd { 1469 type yang:counter32; 1470 description 1471 "The number of RIP invalid packets received from 1472 this neighbor which were subsequently discarded 1473 for any reason (e.g. a version 0 packet, or an 1474 unknown command type)."; 1475 } 1476 leaf bad-routes-rcvd { 1477 type yang:counter32; 1478 description 1479 "The number of routes received from this neighbor, 1480 in valid RIP packets, which were ignored for any 1481 reason (e.g. unknown address family, or invalid 1482 metric)."; 1483 } 1484 } // neighbor 1485 } // neighbors 1486 container routes { 1487 description 1488 "IPv6 route information."; 1489 list route { 1490 key "ipv6-prefix"; 1491 description 1492 "A RIPng IPv6 route."; 1494 leaf ipv6-prefix { 1495 type inet:ipv6-prefix; 1496 description 1497 "IPv6 address and prefix length, in the format 1498 specified in RFC6991."; 1499 } 1500 leaf next-hop { 1501 type inet:ipv6-address; 1502 description 1503 "Next hop IPv6 address."; 1504 } 1505 leaf interface { 1506 type if:interface-ref; 1507 description 1508 "The interface that the route uses."; 1509 } 1510 uses route-attributes; 1511 } // route 1512 } // routes 1513 } // ipv6 1515 container statistics { 1516 if-feature global-statistics; 1517 config false; 1518 description 1519 "Global statistic counters."; 1520 leaf discontinuity-time { 1521 type yang:date-and-time; 1522 description 1523 "The time on the most recent occasion at which any one 1524 or more of the statistic counters suffered a 1525 discontinuity. If no such discontinuities have occurred 1526 since the last re-initialization of the local 1527 management subsystem, then this node contains the time 1528 the local management subsystem re-initialized itself."; 1529 } 1530 leaf requests-rcvd { 1531 type yang:counter32; 1532 description 1533 "The number of requests received by RIP."; 1534 } 1535 leaf requests-sent { 1536 type yang:counter32; 1537 description 1538 "The number of requests sent by RIP."; 1539 } 1540 leaf responses-rcvd { 1541 type yang:counter32; 1542 description 1543 "The number of responses received by RIP."; 1544 } 1545 leaf responses-sent { 1546 type yang:counter32; 1547 description 1548 "The number of responses sent by RIP."; 1549 } 1550 } // statistics 1551 } // container rip 1552 } 1554 /* 1555 * RPCs 1556 */ 1558 rpc clear-rip-route { 1559 description 1560 "Clears RIP routes from the IP routing table and routes 1561 redistributed into the RIP protocol for the specified RIP 1562 instance or for all RIP instances in the current context."; 1564 input { 1565 leaf rip-instance { 1566 type leafref { 1567 path "/rt:routing/rt:control-plane-protocols/" 1568 + "rt:control-plane-protocol/rt:name"; 1569 } 1570 description 1571 "Instance name identifying a specific RIP instance. 1572 This leaf is optional for the rpc. 1573 If it is specified, the rpc will clear all routes in the 1574 specified RIP instance; 1575 if it is not specified, the rpc will clear all routes in 1576 all RIP instances."; 1577 } 1578 } 1579 } // rcp clear-rip-route 1580 } 1581 1583 5. IANA Considerations 1585 RFC Ed.: In this section, replace all occurrences of 'XXXX' with the 1586 actual RFC number (and remove this note). 1588 This document registers the following namespace URIs in the IETF XML 1589 registry [RFC3688]: 1591 -------------------------------------------------------------------- 1592 URI: urn:ietf:params:xml:ns:yang:ietf-rip 1593 Registrant Contact: The IESG. 1594 XML: N/A, the requested URI is an XML namespace. 1595 -------------------------------------------------------------------- 1597 This document registers the following YANG modules in the YANG Module 1598 Names registry [RFC7950]: 1600 -------------------------------------------------------------------- 1601 name: ietf-rip 1602 namespace: urn:ietf:params:xml:ns:yang:ietf-rip 1603 prefix: rip 1604 reference: RFC XXXX 1605 -------------------------------------------------------------------- 1607 6. Security Considerations 1609 The YANG module specified in this document defines a schema for data 1610 that is designed to be accessed via network management protocols such 1611 as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer 1612 is the secure transport layer, and the mandatory-to-implement secure 1613 transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer 1614 is HTTPS, and the mandatory-to-implement secure transport is TLS 1615 [RFC5246]. 1617 The NETCONF access control model [RFC6536] provides the means to 1618 restrict access for particular NETCONF or RESTCONF users to a 1619 preconfigured subset of all available NETCONF or RESTCONF protocol 1620 operations and content. 1622 There are a number of data nodes defined in this YANG module that are 1623 writable/creatable/deletable (i.e., config true, which is the 1624 default). These data nodes may be considered sensitive or vulnerable 1625 in some network environments. Write operations (e.g., edit-config) 1626 to these data nodes without proper protection can have a negative 1627 effect on network operations. These are the subtrees and data nodes 1628 and their sensitivity/vulnerability: 1630 /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol/ 1631 rip:rip 1633 Unauthorized access to any data node of these subtrees can adversely 1634 affect the routing subsystem of both the local device and the 1635 network. This may lead to network malfunctions, delivery of packets 1636 to inappropriate destinations, and other problems. 1638 Some of the readable data nodes in this YANG module may be considered 1639 sensitive or vulnerable in some network environments. It is thus 1640 important to control read access (e.g., via get, get-config, or 1641 notification) to these data nodes. These are the subtrees and data 1642 nodes and their sensitivity/vulnerability: 1644 /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol/ 1645 rip:rip 1647 Unauthorized access to any data node of these subtrees can disclose 1648 the operational state information of RIP on this device. 1650 Some of the RPC operations in this YANG module may be considered 1651 sensitive or vulnerable in some network environments. It is thus 1652 important to control access to these operations. These are the 1653 operations and their sensitivity/vulnerability: 1655 RPC clear-rip-route: 1657 Unauthorized access to the RPC above can adversely affect the routing 1658 subsystem of both the local device and the network. This may lead to 1659 network malfunctions, delivery of packets to inappropriate 1660 destinations, and other problems. 1662 7. References 1664 7.1. Normative References 1666 [RFC1724] Malkin, G. and F. Baker, "RIP Version 2 MIB Extension", 1667 RFC 1724, DOI 10.17487/RFC1724, November 1994, 1668 . 1670 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1671 Requirement Levels", BCP 14, RFC 2119, 1672 DOI 10.17487/RFC2119, March 1997, . 1675 [RFC2453] Malkin, G., "RIP Version 2", STD 56, RFC 2453, 1676 DOI 10.17487/RFC2453, November 1998, . 1679 [RFC2080] Malkin, G. and R. Minnear, "RIPng for IPv6", RFC 2080, 1680 DOI 10.17487/RFC2080, January 1997, . 1683 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 1684 DOI 10.17487/RFC3688, January 2004, . 1687 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security 1688 (TLS) Protocol Version 1.2", RFC 5246, 1689 DOI 10.17487/RFC5246, August 2008, . 1692 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 1693 and A. Bierman, Ed., "Network Configuration Protocol 1694 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 1695 . 1697 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 1698 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 1699 . 1701 [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration 1702 Protocol (NETCONF) Access Control Model", RFC 6536, 1703 DOI 10.17487/RFC6536, March 2012, . 1706 [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", 1707 RFC 6991, DOI 10.17487/RFC6991, July 2013, 1708 . 1710 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 1711 RFC 7950, DOI 10.17487/RFC7950, August 2016, 1712 . 1714 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 1715 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 1716 . 1718 [RFC8177] Lindem, A., Ed., Qu, Y., Yeung, D., Chen, I., and J. 1719 Zhang, "YANG Data Model for Key Chains", RFC 8177, 1720 DOI 10.17487/RFC8177, June 2017, . 1723 [I-D.ietf-netmod-rfc7223bis] 1724 Bjorklund, M., "A YANG Data Model for Interface 1725 Management", draft-ietf-netmod-rfc7223bis-03 (work in 1726 progress), January 2018. 1728 [I-D.ietf-netmod-rfc7277bis] 1729 Bjorklund, M., "A YANG Data Model for IP Management", 1730 draft-ietf-netmod-rfc7277bis-03 (work in progress), 1731 January 2018. 1733 [I-D.ietf-netmod-rfc8022bis] 1734 Lhotka, L., Lindem, A., and Y. Qu, "A YANG Data Model for 1735 Routing Management (NMDA Version)", draft-ietf-netmod- 1736 rfc8022bis-11 (work in progress), January 2018. 1738 [I-D.ietf-bfd-yang] 1739 Rahman, R., Zheng, L., Jethanandani, M., Networks, J., and 1740 G. Mirsky, "YANG Data Model for Bidirectional Forwarding 1741 Detection (BFD)", draft-ietf-bfd-yang-09 (work in 1742 progress), January 2018. 1744 [I-D.ietf-isis-yang-isis-cfg] 1745 Litkowski, S., Yeung, D., Lindem, A., Zhang, Z., and L. 1746 Lhotka, "YANG Data Model for IS-IS protocol", draft-ietf- 1747 isis-yang-isis-cfg-19 (work in progress), November 2017. 1749 [I-D.ietf-ospf-yang] 1750 Yeung, D., Qu, Y., Zhang, Z., Chen, I., and A. Lindem, 1751 "Yang Data Model for OSPF Protocol", draft-ietf-ospf- 1752 yang-09 (work in progress), October 2017. 1754 [I-D.ietf-netmod-revised-datastores] 1755 Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., 1756 and R. Wilton, "Network Management Datastore 1757 Architecture", draft-ietf-netmod-revised-datastores-10 1758 (work in progress), January 2018. 1760 7.2. Informative References 1762 [RFC7951] Lhotka, L., "JSON Encoding of Data Modeled with YANG", 1763 RFC 7951, DOI 10.17487/RFC7951, August 2016, 1764 . 1766 [I-D.ietf-netconf-subscribed-notifications] 1767 Voit, E., Clemm, A., Prieto, A., Nilsen-Nygaard, E., and 1768 A. Tripathy, "Custom Subscription to Event Streams", 1769 draft-ietf-netconf-subscribed-notifications-08 (work in 1770 progress), December 2017. 1772 [I-D.ietf-netconf-yang-push] 1773 Clemm, A., Voit, E., Prieto, A., Tripathy, A., Nilsen- 1774 Nygaard, E., Bierman, A., and B. Lengyel, "YANG Datastore 1775 Subscription", draft-ietf-netconf-yang-push-12 (work in 1776 progress), December 2017. 1778 [I-D.ietf-netmod-rfc6087bis] 1779 Bierman, A., "Guidelines for Authors and Reviewers of YANG 1780 Data Model Documents", draft-ietf-netmod-rfc6087bis-16 1781 (work in progress), January 2018. 1783 [I-D.ietf-netmod-yang-tree-diagrams] 1784 Bjorklund, M. and L. Berger, "YANG Tree Diagrams", draft- 1785 ietf-netmod-yang-tree-diagrams-05 (work in progress), 1786 January 2018. 1788 Appendix A. Data Tree Example 1790 This section contains an example of an instance data tree in the JSON 1791 encoding [RFC7951], containing both configuration and state data. 1793 +---------------------+ 1794 | | 1795 | Router 203.0.113.1 | 1796 | | 1797 +----------+----------+ 1798 |eth1 1799 |2001:db8:0:1::1/64 1800 | 1801 | 1802 |2001:db8:0:1::2/64 1803 +----------+----------+ 1804 | | | 1805 | Another Router +---------| 2001:db8:0:2::/64 1806 | | | 1807 +---------------------+ 1809 The configuration instance data tree for Router 203.0.113.1 in the 1810 above figure could be as follows: 1812 { 1813 "ietf-interfaces:interfaces": { 1814 "interface": [ 1815 { 1816 "name": "eth1", 1817 "description": "An interface with RIPng enabled.", 1818 "type": "iana-if-type:ethernetCsmacd", 1819 "ietf-ip:ipv6": { 1820 "address": [ 1821 { 1822 "ip": "2001:db8:0:1::1", 1823 "prefix-length": 64 1824 } 1825 ], 1826 "forwarding": true 1827 } 1828 } 1829 ] 1830 }, 1831 "ietf-routing:routing": { 1832 "router-id": "203.0.113.1", 1833 "control-plane-protocols": { 1834 "control-plane-protocol": [ 1835 { 1836 "type": "ietf-rip:ripng", 1837 "name": "ripng-1", 1838 "description": "RIPng instance ripng-1.", 1839 "ietf-rip:rip": { 1840 "redistribute": { 1841 "connected": { 1842 } 1843 } 1844 "interfaces": { 1845 "interface": [ 1846 { 1847 "interface": "eth1", 1848 "split-horizon": "poison-reverse" 1849 } 1850 ] 1851 } 1852 } 1853 } 1854 ] 1855 } 1856 } 1857 } 1858 The cooresponding operational state data for Router 203.0.113.1 could 1859 be as follows: 1861 { 1862 "ietf-interfaces:interfaces": { 1863 "interface": [ 1864 { 1865 "name": "eth1", 1866 "description": "An interface with RIPng enabled.", 1867 "type": "iana-if-type:ethernetCsmacd", 1868 "phys-address": "00:00:5e:00:53:01", 1869 "oper-status": "up", 1870 "statistics": { 1871 "discontinuity-time": "2016-10-24T17:11:27+02:00" 1872 }, 1873 "ietf-ip:ipv6": { 1874 "forwarding": true, 1875 "mtu": 1500, 1876 "address": [ 1877 { 1878 "ip": "2001:db8:0:1::1", 1879 "prefix-length": 64, 1880 "origin": "static", 1881 "status": "preferred" 1882 }, 1883 { 1884 "ip": "fe80::200:5eff:fe00:5301", 1885 "prefix-length": 64, 1886 "origin": "link-layer", 1887 "status": "preferred" 1888 } 1889 ], 1890 "neighbor": [ 1891 { 1892 "ip": "2001:db8:0:1::2", 1893 "link-layer-address": "00:00:5e:00:53:02", 1894 "origin": "dynamic", 1895 "is-router": [null], 1896 "state": "reachable" 1897 }, 1898 { 1899 "ip": "fe80::200:5eff:fe00:5302", 1900 "link-layer-address": "00:00:5e:00:53:02", 1901 "origin": "dynamic", 1902 "is-router": [null], 1903 "state": "reachable" 1904 } 1905 ] 1907 } 1908 } 1909 ] 1910 }, 1911 "ietf-routing:routing": { 1912 "router-id": "203.0.113.1", 1913 "interfaces": { 1914 "interface": [ 1915 "eth1" 1916 ] 1917 }, 1918 "control-plane-protocols": { 1919 "control-plane-protocol": [ 1920 { 1921 "type": "ietf-rip:ripng", 1922 "name": "ripng-1", 1923 "description": "RIPng instance ripng-1.", 1924 "ietf-rip:rip": { 1925 "default-metric": 1, 1926 "next-triggered-update": 5 1927 "interfaces": { 1928 "interface": [ 1929 { 1930 "interface": "eth1", 1931 "oper-status": "up", 1932 "cost": 1, 1933 "split-horizon": "poison-reverse", 1934 "valid-address": true 1935 } 1936 ] 1937 }, 1938 "ipv6" { 1939 "neighbors": { 1940 "neighbor": [ 1941 { 1942 "address": "fe80::200:5eff:fe00:5302", 1943 "last-update": "2017-01-02T10:34:55+02:00" 1944 } 1945 ] 1946 } 1947 "routes": { 1948 "route": [ 1949 { 1950 "ipv6-prefix": "2001:db8:0:1::/64", 1951 "interface": "eth1", 1952 "redistributed": true, 1953 "route-type": "connected", 1954 "metric": 1, 1955 "expire-time": 22 1956 }, 1957 { 1958 "ipv6-prefix": "2001:db8:0:2::/64", 1959 "next-hop": "fe80::200:5eff:fe00:5302", 1960 "interface": "eth1", 1961 "redistributed": false, 1962 "route-type": "rip", 1963 "metric": 2, 1964 "expire-time": 82 1965 } 1966 ] 1967 } 1968 }, 1969 "statistics": { 1970 "discontinuity-time": "2016-10-24T17:11:27+02:00", 1971 "requests-rcvd": 523, 1972 "requests-sent": 262, 1973 "responses-rcvd": 261, 1974 "responses-sent": 523 1975 } 1976 } 1977 } 1978 ] 1979 } 1980 } 1981 } 1983 Authors' Addresses 1985 Xufeng Liu 1986 Jabil 1987 8281 Greensboro Drive, Suite 200 1988 McLean VA 22102 1989 USA 1991 EMail: Xufeng_Liu@jabil.com 1993 Prateek Sarda 1994 Ericsson 1995 Fern Icon, Survey No 28 and 36/5, Doddanakundi Village 1996 Bangalore Karnataka 560037 1997 India 1999 EMail: prateek.sarda@ericsson.com 2000 Vikram Choudhary 2001 Individual 2002 Bangalore 560066 2003 India 2005 EMail: vikschw@gmail.com