idnits 2.17.1 draft-ietf-rtgwg-yang-rip-11.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 183 has weird spacing: '...address ine...' == Line 284 has weird spacing: '...et-name pre...' == Line 363 has weird spacing: '...address ine...' -- The document date (August 28, 2019) is 1702 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-42) exists of draft-ietf-isis-yang-isis-cfg-35 == Outdated reference: A later version (-29) exists of draft-ietf-ospf-yang-28 Summary: 0 errors (**), 0 flaws (~~), 6 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group X. Liu 3 Internet-Draft Volta Networks 4 Intended status: Standards Track P. Sarda 5 Expires: February 29, 2020 Ericsson 6 V. Choudhary 7 Individual 8 August 28, 2019 10 A YANG Data Model for Routing Information Protocol (RIP) 11 draft-ietf-rtgwg-yang-rip-11 13 Abstract 15 This document describes a data model for the management of the 16 Routing Information Protocol (RIP). Both RIP version 2 and RIPng are 17 covered. The data model includes definitions for configuration, 18 operational state, and Remote Procedure Calls (RPCs). 20 The YANG model in this document conforms to the Network Management 21 Datastore Architecture (NMDA). 23 Status of This Memo 25 This Internet-Draft is submitted in full conformance with the 26 provisions of BCP 78 and BCP 79. 28 Internet-Drafts are working documents of the Internet Engineering 29 Task Force (IETF). Note that other groups may also distribute 30 working documents as Internet-Drafts. The list of current Internet- 31 Drafts is at https://datatracker.ietf.org/drafts/current/. 33 Internet-Drafts are draft documents valid for a maximum of six months 34 and may be updated, replaced, or obsoleted by other documents at any 35 time. It is inappropriate to use Internet-Drafts as reference 36 material or to cite them other than as "work in progress." 38 This Internet-Draft will expire on February 29, 2020. 40 Copyright Notice 42 Copyright (c) 2019 IETF Trust and the persons identified as the 43 document authors. All rights reserved. 45 This document is subject to BCP 78 and the IETF Trust's Legal 46 Provisions Relating to IETF Documents 47 (https://trustee.ietf.org/license-info) in effect on the date of 48 publication of this document. Please review these documents 49 carefully, as they describe your rights and restrictions with respect 50 to this document. Code Components extracted from this document must 51 include Simplified BSD License text as described in Section 4.e of 52 the Trust Legal Provisions and are provided without warranty as 53 described in the Simplified BSD License. 55 Table of Contents 57 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 58 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 2 59 1.2. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 3 60 1.3. Prefixes in Data Node Names . . . . . . . . . . . . . . . 3 61 2. Design of the Data Model . . . . . . . . . . . . . . . . . . 3 62 2.1. Scope of the Model . . . . . . . . . . . . . . . . . . . 3 63 2.2. Relation with Core Routing Framework . . . . . . . . . . 4 64 2.3. Protocol Configuration . . . . . . . . . . . . . . . . . 4 65 2.4. Protocol States . . . . . . . . . . . . . . . . . . . . . 5 66 2.5. RPC Operations . . . . . . . . . . . . . . . . . . . . . 6 67 2.6. Notifications . . . . . . . . . . . . . . . . . . . . . . 6 68 2.7. Optional Features . . . . . . . . . . . . . . . . . . . . 6 69 3. Tree Structure . . . . . . . . . . . . . . . . . . . . . . . 6 70 4. YANG Module . . . . . . . . . . . . . . . . . . . . . . . . . 10 71 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 34 72 6. Security Considerations . . . . . . . . . . . . . . . . . . . 34 73 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 35 74 7.1. Normative References . . . . . . . . . . . . . . . . . . 35 75 7.2. Informative References . . . . . . . . . . . . . . . . . 37 76 Appendix A. Data Tree Example . . . . . . . . . . . . . . . . . 39 77 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 43 79 1. Introduction 81 This document introduces a YANG [RFC7950] data model for the Routing 82 Information Protocol (RIP) [RFC2453][RFC2080]. RIP was designed to 83 work as an Interior Gateway Protocol (IGP) in moderate-size 84 Autonomous Systems (AS). 86 This YANG model supports both RIP version 2 and RIPng. RIP version 2 87 (defined in [RFC2453]) supports IPv4. RIPng (defined in [RFC2080]) 88 supports IPv6. 90 1.1. Terminology 92 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 93 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 94 document are to be interpreted as described in [RFC2119]. 96 The following terms are defined in [RFC7950] and are not redefined 97 here: 99 o augment 101 o data model 103 o data node 105 1.2. Tree Diagrams 107 A simplified graphical representation of the data model is used in 108 this document. The meaning of the symbols in these diagrams is 109 defined in [RFC8340]. 111 1.3. Prefixes in Data Node Names 113 In this document, names of data nodes, actions, and other data model 114 objects are often used without a prefix, as long as it is clear from 115 the context in which YANG module each name is defined. Otherwise, 116 names are prefixed using the standard prefix associated with the 117 corresponding YANG module, as shown in Table 1. 119 +-----------+-----------------+-------------------------------+ 120 | Prefix | YANG module | Reference | 121 +-----------+-----------------+-------------------------------+ 122 | yang | ietf-yang-types | [RFC6991] | 123 | inet | ietf-inet-types | [RFC6991] | 124 | if | ietf-interfaces | [RFC8343] | 125 | ip | ietf-ip | [RFC8344] | 126 | rt | ietf-routing | [RFC8349] | 127 | bfd-types | ietf-bfd-types | [I-D.ietf-bfd-yang] | 128 | isis | ietf-isis | [I-D.ietf-isis-yang-isis-cfg] | 129 | key-chain | ietf-key-chain | [RFC8177] | 130 | ospf | ietf-ospf | [I-D.ietf-ospf-yang] | 131 +-----------+-----------------+-------------------------------+ 133 Table 1: Prefixes and Corresponding YANG Modules 135 2. Design of the Data Model 137 2.1. Scope of the Model 139 The model covers RIP version 2 [RFC2453] and RIPng [RFC2080] 140 protocols. The model is designed to be implemented on a device where 141 RIP version 2 or RIPng is implemented, and can be used to: 143 o Configure the RIP version 2 or RIPng protocol. 145 o Manage the protocol operational behaviors. 147 o Retrieve the protocol operational status. 149 The capabilities describe in [RFC1724] are covered. 151 2.2. Relation with Core Routing Framework 153 This model augments the core routing data model "ietf-routing" 154 specified in [RFC8349]. 156 +--rw routing 157 +--rw router-id? 158 +--rw control-plane-protocols 159 | +--rw control-plane-protocol* [type name] 160 | +--rw type 161 | +--rw name 162 | +--rw rip <= Augmented by this Model 163 ... 165 The "rip" container instantiates a RIP protocol entity that supports 166 RIP version 2 or RIPng. Depending on the implementation of "ietf- 167 routing", a RIP instance MAY belong to a logical router or network 168 instance. 170 2.3. Protocol Configuration 172 The model structure for the protocol configuration is as shown below: 174 augment /rt:routing/rt:control-plane-protocols/ 175 rt:control-plane-protocol: 176 +--rw rip 177 +--rw 178 +--rw interface* [interface] 179 +--rw interface if:interface-ref 180 +--rw 181 +--rw neighbors {explicit-neighbors}? 182 | +--rw neighbor* [address] 183 | +--rw address inet:ip-address 184 | +--rw 186 The model allows to configure the following protocol entities: 188 o Protocol instance (RIP version 2 or RIPng) 189 o Interface 191 o Neighbor 193 2.4. Protocol States 195 The model structure for the protocol states is as shown below: 197 augment /rt:routing/rt:control-plane-protocols/ 198 rt:control-plane-protocol: 199 +--rw rip 200 +--ro 201 +--rw interface* [interface] 202 | +--rw interface if:interface-ref 203 | +--ro 204 | +--ro statistics {interface-statistics}? 205 | +--ro 206 +--ro ipv4 207 | +--ro neighbors 208 | | +--ro neighbor* [ipv4-address] 209 | | +--ro 210 | +--ro routes 211 | +--ro route* [ipv4-prefix] 212 | +--ro 213 +--ro ipv6 214 | +--ro neighbors 215 | | +--ro neighbor* [ipv6-address] 216 | | +--ro 217 | +--ro routes 218 | +--ro route* [ipv6-prefix] 219 | +--ro ipv6-prefix inet:ipv6-prefix 220 | +--ro 221 +--ro statistics {global-statistics}? 222 +--ro 224 This model conforms to the Network Management Datastore Architecture 225 (NMDA) [RFC8342]. The operational state data is combined with the 226 associated configuration data in the same hierarchy [RFC8407]. When 227 protocol states are retrieved from the NMDA operational state 228 datastore, the returned states cover all "config true" (rw) and 229 "config false" (ro) nodes defined in the schema. 231 The model allows to retrieve protocol states at the following levels: 233 o Protocol instance (RIP version 2 or RIPng) 234 o Interface 236 o Neighbor 238 o Route 240 2.5. RPC Operations 242 This model defines one RPC "clear-rip-route" that can be used to 243 clear RIP routes from the routing table. 245 2.6. Notifications 247 This model does not define RIP specific notifications. To enable 248 notifications, the mechanism defined in 249 [I-D.ietf-netconf-subscribed-notifications] and 250 [I-D.ietf-netconf-yang-push] can be used. This mechanism currently 251 allows the user to: 253 o Subscribe notifications on a per client basis. 255 o Specify subtree filters or xpath filters so that only interested 256 contents will be sent. 258 o Specify either periodic or on-demand notifications. 260 2.7. Optional Features 262 This model defines several features are beyond the basic RIP 263 configuration and it is the responsibility of each vendor to decide 264 whether to support a given feature on a device. 266 3. Tree Structure 268 This document defines the YANG module "ietf-rip", which has the 269 following tree structure: 271 module: ietf-rip 272 augment /rt:routing/rt:control-plane-protocols 273 /rt:control-plane-protocol: 274 +--rw rip 275 +--rw originate-default-route 276 | +--rw enabled? boolean 277 | +--rw route-policy? route-policy-ref 278 +--rw default-metric? uint8 279 +--rw distance? uint8 280 +--rw triggered-update-threshold? uint8 281 +--rw maximum-paths? uint8 282 +--rw output-delay? uint8 283 +--rw distribute-list* [prefix-set-name direction] 284 | +--rw prefix-set-name prefix-set-ref 285 | +--rw direction enumeration 286 | +--rw if-name? if:interface-ref 287 +--rw redistribute 288 | +--rw bgp* [asn] 289 | | +--rw asn inet:as-number 290 | | +--rw metric? uint8 291 | | +--rw route-policy? route-policy-ref 292 | +--rw cg-nat! 293 | | +--rw metric? uint8 294 | | +--rw route-policy? route-policy-ref 295 | +--rw connected! 296 | | +--rw metric? uint8 297 | | +--rw route-policy? route-policy-ref 298 | +--rw ipsec! 299 | | +--rw metric? uint8 300 | | +--rw route-policy? route-policy-ref 301 | +--rw isis* [instance] 302 | | +--rw instance 303 | | | -> ../../../../../rt:control-plane-protocol/name 304 | | +--rw level? enumeration 305 | | +--rw metric? uint8 306 | | +--rw route-policy? route-policy-ref 307 | +--rw nat! 308 | | +--rw metric? uint8 309 | | +--rw route-policy? route-policy-ref 310 | +--rw ospfv2* [instance] 311 | | +--rw instance 312 | | | -> ../../../../../rt:control-plane-protocol/name 313 | | +--rw route-type? ospf:route-type 314 | | +--rw metric? uint8 315 | | +--rw route-policy? route-policy-ref 316 | +--rw ospfv3* [instance] 317 | | +--rw instance 318 | | | -> ../../../../../rt:control-plane-protocol/name 319 | | +--rw route-type? ospf:route-type 320 | | +--rw metric? uint8 321 | | +--rw route-policy? route-policy-ref 322 | +--rw ripv2* [instance] 323 | | +--rw instance 324 | | | -> ../../../../../rt:control-plane-protocol/name 325 | | +--rw metric? uint8 326 | | +--rw route-policy? route-policy-ref 327 | +--rw ripng* [instance] 328 | | +--rw instance 329 | | | -> ../../../../../rt:control-plane-protocol/name 330 | | +--rw metric? uint8 331 | | +--rw route-policy? route-policy-ref 332 | +--rw static! 333 | +--rw metric? uint8 334 | +--rw route-policy? route-policy-ref 335 +--rw timers 336 | +--rw update-interval? uint16 337 | +--rw invalid-interval? uint16 338 | +--rw holddown-interval? uint16 339 | +--rw flush-interval? uint16 340 +--rw interfaces 341 | +--rw interface* [interface] 342 | +--rw interface if:interface-ref 343 | +--rw authentication 344 | | +--rw (auth-type-selection)? 345 | | +--:(auth-key-chain) 346 | | | +--rw key-chain? 347 key-chain:key-chain-ref 348 | | +--:(auth-key) 349 | | +--rw key? string 350 | | +--rw crypto-algorithm? identityref 351 | +--rw bfd {bfd}? 352 | | +--rw enable? boolean 353 | | +--rw local-multiplier? multiplier 354 | | +--rw (interval-config-type)? 355 | | +--:(tx-rx-intervals) 356 | | | +--rw desired-min-tx-interval? uint32 357 | | | +--rw required-min-rx-interval? uint32 358 | | +--:(single-interval) 359 | | +--rw min-interval? uint32 360 | +--rw cost? uint8 361 | +--rw neighbors {explicit-neighbors}? 362 | | +--rw neighbor* [address] 363 | | +--rw address inet:ip-address 364 | +--rw no-listen? empty 365 | +--rw originate-default-route 366 | | +--rw enabled? boolean 367 | | +--rw route-policy? route-policy-ref 368 | +--rw passive? empty 369 | +--rw split-horizon? enumeration 370 | +--rw summary-address 371 | | +--rw address? inet:ip-prefix 372 | | +--rw metric? uint8 373 | +--rw timers 374 | | +--rw update-interval? uint16 375 | | +--rw invalid-interval? uint16 376 | | +--rw holddown-interval? uint16 377 | | +--rw flush-interval? uint16 378 | +--ro oper-status? enumeration 379 | +--ro next-full-update? uint32 380 | +--ro valid-address? boolean 381 | +--ro statistics {interface-statistics}? 382 | +--ro discontinuity-time? yang:date-and-time 383 | +--ro bad-packets-rcvd? yang:counter32 384 | +--ro bad-routes-rcvd? yang:counter32 385 | +--ro updates-sent? yang:counter32 386 +--ro next-triggered-update? uint32 387 +--ro num-of-routes? uint32 388 +--ro ipv4 389 | +--ro neighbors 390 | | +--ro neighbor* [ipv4-address] 391 | | +--ro ipv4-address inet:ipv4-address 392 | | +--ro last-update? yang:date-and-time 393 | | +--ro bad-packets-rcvd? yang:counter32 394 | | +--ro bad-routes-rcvd? yang:counter32 395 | +--ro routes 396 | +--ro route* [ipv4-prefix] 397 | +--ro ipv4-prefix 398 inet:ipv4-prefix 399 | +--ro next-hop? 400 inet:ipv4-address 401 | +--ro interface? 402 if:interface-ref 403 | +--ro redistributed? boolean 404 | +--ro route-type? enumeration 405 | +--ro metric? uint8 406 | +--ro expire-time? uint16 407 | +--ro deleted? boolean 408 | +--ro holddown? boolean 409 | +--ro need-triggered-update? boolean 410 | +--ro inactive? boolean 411 | +--ro flush-expire-before-holddown? boolean 412 +--ro ipv6 413 | +--ro neighbors 414 | | +--ro neighbor* [ipv6-address] 415 | | +--ro ipv6-address inet:ipv6-address 416 | | +--ro last-update? yang:date-and-time 417 | | +--ro bad-packets-rcvd? yang:counter32 418 | | +--ro bad-routes-rcvd? yang:counter32 419 | +--ro routes 420 | +--ro route* [ipv6-prefix] 421 | +--ro ipv6-prefix 422 inet:ipv6-prefix 423 | +--ro next-hop? 424 inet:ipv6-address 425 | +--ro interface? 427 if:interface-ref 428 | +--ro redistributed? boolean 429 | +--ro route-type? enumeration 430 | +--ro metric? uint8 431 | +--ro expire-time? uint16 432 | +--ro deleted? boolean 433 | +--ro holddown? boolean 434 | +--ro need-triggered-update? boolean 435 | +--ro inactive? boolean 436 | +--ro flush-expire-before-holddown? boolean 437 +--ro statistics {global-statistics}? 438 +--ro discontinuity-time? yang:date-and-time 439 +--ro requests-rcvd? yang:counter32 440 +--ro requests-sent? yang:counter32 441 +--ro responses-rcvd? yang:counter32 442 +--ro responses-sent? yang:counter32 444 rpcs: 445 +---x clear-rip-route 446 +---w input 447 +---w rip-instance? leafref 449 4. YANG Module 451 file "ietf-rip@2018-02-03.yang" 452 module ietf-rip { 453 yang-version 1.1; 454 namespace "urn:ietf:params:xml:ns:yang:ietf-rip"; 456 prefix rip; 458 import ietf-inet-types { 459 prefix "inet"; 460 } 462 import ietf-yang-types { 463 prefix "yang"; 464 } 466 import ietf-interfaces { 467 prefix "if"; 468 } 470 import ietf-ip { 471 prefix "ip"; 472 } 473 import ietf-routing { 474 prefix "rt"; 475 } 477 import ietf-key-chain { 478 prefix "key-chain"; 479 } 481 import ietf-bfd-types { 482 prefix "bfd-types"; 483 } 485 import ietf-ospf { 486 prefix "ospf"; 487 } 489 import ietf-isis { 490 prefix "isis"; 491 } 493 organization "IETF Routing Area Working Group (rtgwg)"; 495 contact 496 "WG Web: 497 WG List: 499 Editor: Xufeng Liu 500 502 Editor: Prateek Sarda 503 505 Editor: Vikram Choudhary 506 "; 508 description 509 "This YANG module defines a model for managing Routing 510 Information Protocol (RIP), including RIP version 2 and RIPng. 512 Copyright (c) 2018 IETF Trust and the persons identified as 513 authors of the code. All rights reserved. 515 Redistribution and use in source and binary forms, with or 516 without modification, is permitted pursuant to, and subject to 517 the license terms contained in, the Simplified BSD License set 518 forth in Section 4.c of the IETF Trust's Legal Provisions 519 Relating to IETF Documents 520 (http://trustee.ietf.org/license-info). 521 This version of this YANG module is part of RFC XXXX; see the 522 RFC itself for full legal notices."; 524 revision 2018-02-03 { 525 description 526 "Initial revision."; 527 reference 528 "RFC XXXX: A YANG Data Model for Routing Information Protocol 529 (RIP). 530 RFC 2453: RIP Version 2. 531 RFC 2080: RIPng for IPv6. 532 RFC 1724: RIP Version 2 MIB Extension."; 533 } 535 /* 536 * Features 537 */ 538 feature bfd { 539 description 540 "This feature indicates that the RIP implementation on the 541 system supports BFD (Bidirectional Forwarding Detection)."; 542 } 544 feature explicit-neighbors { 545 description 546 "This feature indicates that the system supports explicit 547 neighbor configuration on a RIP interface."; 548 } 550 feature global-statistics { 551 description 552 "This feature indicates that the system supports collecting 553 global statistic data related to RIP."; 554 } 556 feature interface-statistics { 557 description 558 "This feature indicates that the system supports collecting 559 per-interface statistic data related to RIP."; 560 } 562 /* 563 * Typedefs 564 */ 566 typedef prefix-set-ref { 567 type string; 568 description 569 "A type for a reference to a prefix set. 570 The string value is the name identifier for uniquely 571 identifying the referenced prefix set, which contains a list 572 of prefixes that a routing policy can applied. The definition 573 of such a prefix set is outside the scope of this document."; 574 } 576 typedef route-policy-ref { 577 type string; 578 description 579 "A type for a reference to a route policy. 580 The string value is the name identifier for uniquely 581 identifying the referenced routing policy, which contains one 582 or more policy rules that can be used for a routing decision. 583 The definition of such a routing policy is outside the scope 584 of this document."; 585 } 587 /* 588 * Identities 589 */ 591 identity rip { 592 base rt:routing-protocol; 593 description "Identity for the RIP routing protocol."; 594 } 596 identity ripv2 { 597 base rip:rip; 598 description "Identity for RIPv2 (RIP version 2)."; 599 } 601 identity ripng { 602 base rip:rip; 603 description "Identity for RIPng."; 604 } 606 /* 607 * Groupings 608 */ 610 grouping originate-default-route-container { 611 description 612 "Containing settings whether to originate the default route 613 in RIP routing instance."; 614 container originate-default-route { 615 description 616 "Injects the default route into the RIP (RIPv2 or RIPng) 617 routing instance."; 618 leaf enabled { 619 type boolean; 620 default false; 621 description 622 "'true' if originating default route is enabled."; 623 } 624 leaf route-policy { 625 type route-policy-ref; 626 description 627 "The conditions of the route policy are applied to the 628 default route."; 629 } 630 } 631 } 633 grouping redistribute-container { 634 description 635 "Container of redistribute attributes."; 637 container redistribute { 638 description 639 "Redistributes routes learned from other routing protocols 640 into the RIP routing instance."; 641 list bgp { 642 key "asn"; 643 description 644 "Redistributes routes from the specified BGP (Border 645 Gateway Protocol) autonomous system (AS) into the RIP 646 routing instance."; 647 leaf asn { 648 type inet:as-number; 649 description 650 "BGP autonomous system (AS) number."; 651 } 652 uses redistribute-route-policy-attributes; 653 } 654 container cg-nat { 655 presence 656 "Present if Carrier Grade Network Address Translation 657 (CGNAT) routes are redistributed."; 658 description 659 "Carrier Grade Network Address Translation (CGNAT) 660 routes."; 661 uses redistribute-route-policy-attributes; 662 } 663 container connected { 664 presence 665 "Present if directly attached network routes are 666 redistributed."; 667 description 668 "Redistributes directly attached networks into the RIP 669 routing instance."; 670 uses redistribute-route-policy-attributes; 671 } 672 container ipsec { 673 presence 674 "Present if IP security routing instance routes 675 are redistributed."; 676 description 677 "Redistributes routes from the IP security routing 678 instance into the RIP routing instance."; 679 uses redistribute-route-policy-attributes; 680 } 681 list isis { 682 key "instance"; 683 description 684 "Redistributes IS-IS routes."; 685 leaf instance { 686 type leafref { 687 path "../../../../../rt:control-plane-protocol/rt:name"; 688 } 689 must "derived-from-or-self(" 690 + "../../../../../rt:control-plane-protocol" 691 + "[rt:name = current()]/rt:type, 'isis:isis')" { 692 description 693 "The type of the routing protocol must be 'isis'"; 694 } 695 description 696 "Redistributes routes from the specified IS-IS routing 697 instance into the RIP routing instance."; 698 } 699 leaf level { 700 type enumeration { 701 enum 1 { 702 description "IS-IS level 1 routes."; 703 } 704 enum 2 { 705 description "IS-IS level 2 routes."; 706 } 707 enum 1-2 { 708 description "IS-IS level 1-2 routes."; 709 } 710 } 711 description 712 "IS-IS level."; 714 } 715 uses redistribute-route-policy-attributes; 716 } 717 container nat { 718 presence 719 "Present if Network Address Translation (NAT) routes 720 are redistributed."; 721 description 722 "Redistributes Network Address Translation (NAT) 723 routes into the RIP routing instance."; 724 uses redistribute-route-policy-attributes; 725 } 726 list ospfv2 { 727 when "derived-from-or-self(../../../rt:type, 'rip:ripv2')" { 728 description 729 "Applicable to RIPv2."; 730 } 731 key "instance"; 732 description 733 "Redistributes routes from the specified OSPFv2 routing 734 instance into the RIPv2 routing instance."; 735 leaf instance { 736 type leafref { 737 path "../../../../../rt:control-plane-protocol/rt:name"; 738 } 739 must "derived-from-or-self(" 740 + "../../../../../rt:control-plane-protocol" 741 + "[rt:name = current()]/rt:type, 'ospf:ospfv2')" { 742 description 743 "The type of the routing protocol must be 'ospfv2'"; 744 } 745 description 746 "OSPFv2 instance ID. Redistributes routes from the 747 specified OSPFv2 routing instance into the RIPv2 routing 748 instance. "; 749 } 750 leaf route-type { 751 type ospf:route-type; 752 description 753 "Redistributes only those OSPFv2 routes matching the 754 specified route type into the RIPv2 routing instance."; 755 } 756 uses redistribute-route-policy-attributes; 757 } 758 list ospfv3 { 759 when "derived-from-or-self(../../../rt:type, 'rip:ripng')" { 760 description 761 "Applicable to RIPng."; 763 } 764 key "instance"; 765 description 766 "Redistributes routes from the specified OSPFv3 routing 767 instance into the RIPng routing instance."; 768 leaf instance { 769 type leafref { 770 path "../../../../../rt:control-plane-protocol/rt:name"; 771 } 772 must "derived-from-or-self(" 773 + "../../../../../rt:control-plane-protocol" 774 + "[rt:name = current()]/rt:type, 'ospf:ospfv3')" { 775 description 776 "The type of the routing protocol must be 'ospfv3'"; 777 } 778 description 779 "OSPFv3 instance ID. Redistributes routes from the 780 specified OSPFv3 routing instance into the RIPng routing 781 instance. "; 782 } 783 leaf route-type { 784 type ospf:route-type; 785 description 786 "Redistributes only those OSPFv3 routes matching the 787 specified route type into the RIPng routing instance."; 788 } 789 uses redistribute-route-policy-attributes; 790 } 791 list ripv2 { 792 when "derived-from-or-self(../../../rt:type, 'rip:ripv2')" { 793 description 794 "Applicable to RIPv2."; 795 } 796 key "instance"; 797 description 798 "Redistributes routes from another RIPv2 routing instance 799 into the current RIPv2 routing instance."; 800 leaf instance { 801 type leafref { 802 path "../../../../../rt:control-plane-protocol/rt:name"; 803 } 804 must "derived-from-or-self(" 805 + "../../../../../rt:control-plane-protocol" 806 + "[rt:name = current()]/rt:type, 'rip:ripv2')" { 807 description 808 "The type of the routing protocol must be 'ripv2'"; 809 } 810 description 811 "Redistributes routes from the specified RIPv2 routing 812 instance into the RIPv2 routing instance."; 813 } 814 uses redistribute-route-policy-attributes; 815 } 816 list ripng { 817 when "derived-from-or-self(../../../rt:type, 'rip:ripng')" { 818 description 819 "Applicable to RIPng."; 820 } 821 key "instance"; 822 description 823 "Redistributes routes from another RIPng routing instance 824 into the current RIPng routing instance."; 825 leaf instance { 826 type leafref { 827 path "../../../../../rt:control-plane-protocol/rt:name"; 828 } 829 must "derived-from-or-self(" 830 + "../../../../../rt:control-plane-protocol" 831 + "[rt:name = current()]/rt:type, 'rip:ripng')" { 832 description 833 "The type of the routing protocol must be 'ripng'"; 834 } 835 description 836 "Redistributes routes from the specified RIPng routing 837 instance into the RIPng routing instance."; 838 } 839 uses redistribute-route-policy-attributes; 840 } 841 container static { 842 presence "Present if redistributing static routes."; 843 description 844 "Redistributes static routes into the RIP routing 845 instance."; 846 uses redistribute-route-policy-attributes; 847 } 848 } // redistribute 849 } // redistribute-container 851 grouping redistribute-route-policy-attributes { 852 description 853 "Attributes for redistributing a route policy."; 854 leaf metric { 855 type uint8 { 856 range 0..16; 857 } 858 description 859 "Metric used for the redistributed route. If a metric is 860 not specified, the metric configured with the 861 default-metric attribute in RIP router configuration is 862 used. If the default-metric attribute has not been 863 configured, the default metric for redistributed routes 864 is 1."; 865 } 866 leaf route-policy { 867 type route-policy-ref; 868 description 869 "Applies the conditions of the specified route policy to 870 routes that are redistributed into the RIP routing 871 instance."; 872 } 873 } // redistribute-route-policy-attributes 875 grouping timers-container { 876 description 877 "Container for settings of basic timers"; 878 container timers { 879 must "invalid-interval >= (update-interval * 3)" { 880 description 881 "invalid-interval must be at least three times the value 882 for the update-interval argument."; 883 } 884 must "flush-interval > invalid-interval" { 885 description 886 "flush-interval must be larger than the value for the 887 invalid-interval argument"; 888 } 889 description 890 "Timers for the specified RIPv2 or RIPng instance or 891 interface."; 892 leaf update-interval { 893 type uint16 { 894 range 1..32767; 895 } 896 units seconds; 897 default 30; 898 description 899 "Interval at which RIPv2 or RIPng updates are sent."; 900 } 901 leaf invalid-interval { 902 type uint16 { 903 range 1..32767; 904 } 905 units seconds; 906 default 180; 907 description 908 "Interval before a route is declared invalid after no 909 updates are received. This value is at least three times 910 the value for the update-interval argument."; 911 } 912 leaf holddown-interval { 913 type uint16 { 914 range 1..32767; 915 } 916 units seconds; 917 default 180; 918 description 919 "Interval before better routes are released."; 920 } 921 leaf flush-interval { 922 type uint16 { 923 range 1..32767; 924 } 925 units seconds; 926 default 240; 927 description 928 "Interval before a route is flushed from the routing 929 table. This value must be larger than the value for the 930 invalid-interval argument."; 931 } 932 } // timers 933 } 935 grouping global-attributes { 936 description 937 "Global configuration and state attributes."; 938 uses originate-default-route-container; 940 leaf default-metric { 941 type uint8 { 942 range 0..16; 943 } 944 default 1; 945 description 946 "Set the default metric."; 947 } 949 leaf distance { 950 type uint8 { 951 range 1..255; 952 } 953 default 120; 954 description 955 "The administrative distance of the RIPv2 or RIPng for the 956 current RIPv2 or RIPng instance."; 957 } 959 leaf triggered-update-threshold { 960 type uint8 { 961 range 1..30; 962 } 963 units seconds; 964 default 5; 965 description 966 "This attribute is used to suppress triggered updates. 967 When the arrival of a regularly scheduled update matches the 968 number of seconds or is less than the number seconds 969 configured with this attribute, the triggered update is 970 suppressed."; 971 } 973 leaf maximum-paths { 974 type uint8 { 975 range 1..16; 976 } 977 default 8; 978 description 979 "The number of multiple equal-cost RIPv2 or RIPng routes 980 that can be used as the best paths for balancing the load 981 of outgoing traffic packets."; 982 } 984 leaf output-delay { 985 type uint8 { 986 range 1..50; 987 } 988 units milliseconds; 989 description 990 "A delay time between packets sent in multipacket 991 RIPv2 or RIPng updates."; 992 } 993 } // global-attributes 995 grouping distribute-lists { 996 description 997 "Grouping for distribute lists."; 998 list distribute-list { 999 key "prefix-set-name direction"; 1000 description 1001 "List of distribute-lists, which are used to filter in-coming 1002 or out-going routing updates."; 1004 leaf prefix-set-name { 1005 type prefix-set-ref; 1006 description 1007 "Reference to a prefix list to be applied to RIPv2 or 1008 RIPng packets."; 1009 } 1011 leaf direction { 1012 type enumeration { 1013 enum "in" { 1014 description 1015 "Apply the distribute-list to in-coming routes."; 1016 } 1017 enum "out" { 1018 description 1019 "Apply the distribute-list to out-going routes."; 1020 } 1021 } 1022 description 1023 "Direction of the routing updates."; 1024 } 1026 leaf if-name { 1027 type if:interface-ref; 1028 description 1029 "Reference to an interface to which the prefix list is 1030 applied."; 1031 } 1032 } 1033 } // distribute-lists 1035 grouping route-attributes { 1036 description 1037 "Grouping for route attributes."; 1038 leaf redistributed { 1039 type boolean; 1040 description 1041 "Redistributed routes"; 1042 } 1044 leaf route-type { 1045 type enumeration { 1046 enum connected { 1047 description "Connected route."; 1048 } 1049 enum external { 1050 description "External route."; 1051 } 1052 enum external-backup { 1053 description "External backup route."; 1054 } 1055 enum rip { 1056 description "RIP route."; 1057 } 1058 } 1059 description 1060 "Route type."; 1061 } 1062 leaf metric { 1063 type uint8 { 1064 range 0..16; 1065 } 1066 description "Route metric."; 1067 } 1068 leaf expire-time { 1069 type uint16; 1070 description "Expiration time."; 1071 } 1072 leaf deleted { 1073 type boolean; 1074 description "Deleted route."; 1075 } 1076 leaf holddown { 1077 type boolean; 1078 description "Holddown route."; 1079 } 1080 leaf need-triggered-update { 1081 type boolean; 1082 description "The route needs triggered update."; 1083 } 1084 leaf inactive { 1085 type boolean; 1086 description "The route is inactive."; 1087 } 1088 leaf flush-expire-before-holddown { 1089 type boolean; 1090 description 1091 "The flush timer expired before holddown time."; 1092 } 1093 } // route-attribute 1095 /* 1096 * Configuration data and operational state data nodes 1097 */ 1099 augment "/rt:routing/rt:control-plane-protocols/" 1100 + "rt:control-plane-protocol" { 1101 when "derived-from(rt:type, 'rip:rip')" { 1102 description 1103 "This augment is only valid for a routing protocol instance 1104 of RIP (type 'ripv2' or 'ripng')."; 1105 } 1106 description "RIP augmentation."; 1108 container rip { 1109 description 1110 "RIP data."; 1112 uses global-attributes; 1113 uses distribute-lists; 1114 uses redistribute-container; 1115 uses timers-container; 1117 container interfaces { 1118 description 1119 "Containing a list of RIP interfaces."; 1120 list interface { 1121 key "interface"; 1122 description 1123 "List of RIP interfaces."; 1124 leaf interface { 1125 type if:interface-ref; 1126 must "(derived-from-or-self(" 1127 + "../../../../rt:type, 'rip:ripv2') and " 1128 + "/if:interfaces/if:interface[if:name=current()]/" 1129 + "ip:ipv4) or " 1130 + "(derived-from-or-self(" 1131 + "../../../../rt:type, 'rip:ripng') and " 1132 + "/if:interfaces/if:interface[if:name=current()]/" 1133 + "ip:ipv6)" { 1134 error-message "Invalid interface type."; 1135 description 1136 "RIPv2 can be enabled on IPv4 interfae, and 1137 RIPng can be enabled on IPv6 interface."; 1138 } 1139 description 1140 "Enable RIP on this interface."; 1141 } 1143 container authentication { 1144 when "derived-from-or-self(" 1145 + "../../../../rt:type, 'rip:ripv2')" { 1146 description "Only applicable to RIPv2."; 1147 } 1148 description 1149 "Enables authentication and specifies the 1150 authentication scheme for the RIP interface"; 1151 choice auth-type-selection { 1152 description 1153 "Specify the authentication scheme."; 1154 reference 1155 "RFC8177: YANG Data Model for Key Chains."; 1156 case auth-key-chain { 1157 leaf key-chain { 1158 type key-chain:key-chain-ref; 1159 description 1160 "key-chain name."; 1161 } 1162 } 1163 case auth-key { 1164 leaf key { 1165 type string; 1166 description 1167 "Key string in ASCII format."; 1168 } 1169 leaf crypto-algorithm { 1170 type identityref { 1171 base key-chain:crypto-algorithm; 1172 } 1173 description 1174 "Cryptographic algorithm associated with key."; 1175 } 1176 } 1177 } 1178 } 1180 container bfd { 1181 if-feature bfd; 1182 description "BFD configuration."; 1183 uses bfd-types:client-cfg-parms; 1184 } 1186 leaf cost { 1187 type uint8 { 1188 range 1..16; 1189 } 1190 default 1; 1191 description 1192 "Interface cost."; 1193 } 1195 container neighbors { 1196 if-feature explicit-neighbors; 1197 description 1198 "Specifies the RIP neighbors. Useful for a 1199 non-broadcast multiple access (NBMA) network."; 1200 list neighbor { 1201 key "address"; 1202 description 1203 "Specify a RIP neighbor on a non-broadcast network."; 1204 leaf address { 1205 type inet:ip-address; 1206 description "Neighbor IP address."; 1207 } 1208 } 1209 } 1211 leaf no-listen { 1212 type empty; 1213 description 1214 "Disables listening to and processing of RIPv2 or RIPng 1215 packets on the specified interface."; 1216 } 1218 uses originate-default-route-container; 1220 leaf passive { 1221 type empty; 1222 description 1223 "Disables sending of RIPv2 or RIPng packets on the 1224 specified interface."; 1225 } 1227 leaf split-horizon { 1228 type enumeration { 1229 enum disabled { 1230 description 1231 "Disables split-horizon processing."; 1232 } 1233 enum simple { 1234 description 1235 "Enables simple split-horizon processing."; 1236 } 1237 enum poison-reverse { 1238 description 1239 "Enables split-horizon processing with poison 1240 reverse."; 1241 } 1242 } 1243 default simple; 1244 description 1245 "Controls RIPv2 or RIPng split-horizon processing on 1246 the specified interface."; 1247 } 1249 container summary-address { 1250 description 1251 "Summarizes information about RIPv2 or RIPng routes 1252 sent over the specified interface in RIPv2 or RIPng 1253 update packets."; 1254 leaf address { 1255 type inet:ip-prefix; 1256 description 1257 "Specifies the IP address and the prefix length that 1258 identify the routes to be summarized. The IP address 1259 can be specified in either IPv4 or IPv6 format, as 1260 specified in RFC6991."; 1261 } 1262 leaf metric { 1263 type uint8 { 1264 range 0..16; 1265 } 1266 description 1267 "Metric used for the route. If this attribute is not 1268 used, the value set through the default-metric 1269 attribute in RIPv2 or RIPng router configuration is 1270 used for the route. "; 1271 } 1272 } 1274 uses timers-container; 1276 /* Operational state */ 1277 leaf oper-status { 1278 type enumeration { 1279 enum up { 1280 description 1281 "RIPv2 or RIPng is operational on this interface."; 1282 } 1283 enum down { 1284 description 1285 "RIPv2 or RIPng is not operational on this 1286 interface."; 1287 } 1288 } 1289 config false; 1290 description 1291 "Operational state."; 1293 } 1294 leaf next-full-update { 1295 type uint32; 1296 config false; 1297 description 1298 "Next full update time."; 1299 } 1300 leaf valid-address { 1301 type boolean; 1302 config false; 1303 description 1304 "The interface has a valid address."; 1305 } 1307 container statistics { 1308 if-feature interface-statistics; 1309 config false; 1310 description 1311 "Interface statistic counters."; 1312 leaf discontinuity-time { 1313 type yang:date-and-time; 1314 description 1315 "The time on the most recent occasion at which any 1316 one or more of the statistic counters suffered a 1317 discontinuity. If no such discontinuities have 1318 occurred since the last re-initialization of the 1319 local management subsystem, then this node contains 1320 the time the local management subsystem 1321 re-initialized itself."; 1322 } 1323 leaf bad-packets-rcvd { 1324 type yang:counter32; 1325 description 1326 "The number of RIP invalid packets received by 1327 the RIP process which were subsequently discarded 1328 for any reason (e.g. a version 0 packet, or an 1329 unknown command type)."; 1330 } 1331 leaf bad-routes-rcvd { 1332 type yang:counter32; 1333 description 1334 "The number of routes, in valid RIP packets, 1335 which were ignored for any reason (e.g. unknown 1336 address family, or invalid metric)."; 1337 } 1338 leaf updates-sent { 1339 type yang:counter32; 1340 description 1341 "The number of triggered RIP updates actually 1342 sent on this interface. This explicitly does 1343 NOT include full updates sent containing new 1344 information."; 1345 } 1346 } 1347 } // interface 1348 } // interfaces 1350 /* Operational state */ 1351 leaf next-triggered-update { 1352 type uint32; 1353 config false; 1354 description 1355 "Next triggered update."; 1356 } 1357 leaf num-of-routes { 1358 type uint32; 1359 config false; 1360 description 1361 "The number of routes."; 1362 } 1364 container ipv4 { 1365 when "derived-from-or-self(../../rt:type, 'rip:ripv2')" { 1366 description 1367 "IPv4 address family is supported by RIPv2."; 1368 } 1369 config false; 1370 description 1371 "IPv4 address family information."; 1372 container neighbors { 1373 description 1374 "IPv4 neighbor information."; 1375 list neighbor { 1376 key "ipv4-address"; 1377 description 1378 "A RIPv2 neighbor."; 1380 leaf ipv4-address { 1381 type inet:ipv4-address; 1382 description 1383 "IP address that a RIP neighbor is using as its 1384 source address."; 1385 } 1386 leaf last-update { 1387 type yang:date-and-time; 1388 description 1389 "The time when the most recent RIP update was 1390 received from this neighbor."; 1391 } 1392 leaf bad-packets-rcvd { 1393 type yang:counter32; 1394 description 1395 "The number of RIP invalid packets received from 1396 this neighbor which were subsequently discarded 1397 for any reason (e.g. a version 0 packet, or an 1398 unknown command type)."; 1399 } 1400 leaf bad-routes-rcvd { 1401 type yang:counter32; 1402 description 1403 "The number of routes received from this neighbor, 1404 in valid RIP packets, which were ignored for any 1405 reason (e.g. unknown address family, or invalid 1406 metric)."; 1407 } 1408 } // neighbor 1409 } // neighbors 1410 container routes { 1411 description 1412 "IPv4 route information."; 1413 list route { 1414 key "ipv4-prefix"; 1415 description 1416 "A RIPv2 IPv4 route."; 1418 leaf ipv4-prefix { 1419 type inet:ipv4-prefix; 1420 description 1421 "IPv4 address and prefix length, in the format 1422 specified in RFC6991."; 1423 } 1424 leaf next-hop { 1425 type inet:ipv4-address; 1426 description 1427 "Next hop IPv4 address."; 1428 } 1429 leaf interface { 1430 type if:interface-ref; 1431 description 1432 "The interface that the route uses."; 1433 } 1434 uses route-attributes; 1435 } // route 1436 } // routes 1438 } // ipv4 1439 container ipv6 { 1440 when "derived-from-or-self(../../rt:type, 'rip:ripng')" { 1441 description 1442 "IPv6 address family is supported by RIPng."; 1443 } 1444 config false; 1445 description 1446 "IPv6 address family information."; 1447 container neighbors { 1448 description 1449 "IPv6 neighbor information."; 1450 list neighbor { 1451 key "ipv6-address"; 1452 description 1453 "A RIPng neighbor."; 1455 leaf ipv6-address { 1456 type inet:ipv6-address; 1457 description 1458 "IP address that a RIP neighbor is using as its 1459 source address."; 1460 } 1461 leaf last-update { 1462 type yang:date-and-time; 1463 description 1464 "The time when the most recent RIP update was 1465 received from this neighbor."; 1466 } 1467 leaf bad-packets-rcvd { 1468 type yang:counter32; 1469 description 1470 "The number of RIP invalid packets received from 1471 this neighbor which were subsequently discarded 1472 for any reason (e.g. a version 0 packet, or an 1473 unknown command type)."; 1474 } 1475 leaf bad-routes-rcvd { 1476 type yang:counter32; 1477 description 1478 "The number of routes received from this neighbor, 1479 in valid RIP packets, which were ignored for any 1480 reason (e.g. unknown address family, or invalid 1481 metric)."; 1482 } 1483 } // neighbor 1484 } // neighbors 1485 container routes { 1486 description 1487 "IPv6 route information."; 1488 list route { 1489 key "ipv6-prefix"; 1490 description 1491 "A RIPng IPv6 route."; 1493 leaf ipv6-prefix { 1494 type inet:ipv6-prefix; 1495 description 1496 "IPv6 address and prefix length, in the format 1497 specified in RFC6991."; 1498 } 1499 leaf next-hop { 1500 type inet:ipv6-address; 1501 description 1502 "Next hop IPv6 address."; 1503 } 1504 leaf interface { 1505 type if:interface-ref; 1506 description 1507 "The interface that the route uses."; 1508 } 1509 uses route-attributes; 1510 } // route 1511 } // routes 1512 } // ipv6 1514 container statistics { 1515 if-feature global-statistics; 1516 config false; 1517 description 1518 "Global statistic counters."; 1519 leaf discontinuity-time { 1520 type yang:date-and-time; 1521 description 1522 "The time on the most recent occasion at which any one 1523 or more of the statistic counters suffered a 1524 discontinuity. If no such discontinuities have occurred 1525 since the last re-initialization of the local 1526 management subsystem, then this node contains the time 1527 the local management subsystem re-initialized itself."; 1528 } 1529 leaf requests-rcvd { 1530 type yang:counter32; 1531 description 1532 "The number of requests received by RIP."; 1533 } 1534 leaf requests-sent { 1535 type yang:counter32; 1536 description 1537 "The number of requests sent by RIP."; 1538 } 1539 leaf responses-rcvd { 1540 type yang:counter32; 1541 description 1542 "The number of responses received by RIP."; 1543 } 1544 leaf responses-sent { 1545 type yang:counter32; 1546 description 1547 "The number of responses sent by RIP."; 1548 } 1549 } // statistics 1550 } // container rip 1551 } 1553 /* 1554 * RPCs 1555 */ 1557 rpc clear-rip-route { 1558 description 1559 "Clears RIP routes from the IP routing table and routes 1560 redistributed into the RIP protocol for the specified RIP 1561 instance or for all RIP instances in the current context."; 1563 input { 1564 leaf rip-instance { 1565 type leafref { 1566 path "/rt:routing/rt:control-plane-protocols/" 1567 + "rt:control-plane-protocol/rt:name"; 1568 } 1569 description 1570 "Instance name identifying a specific RIP instance. 1571 This leaf is optional for the rpc. 1572 If it is specified, the rpc will clear all routes in the 1573 specified RIP instance; 1574 if it is not specified, the rpc will clear all routes in 1575 all RIP instances."; 1576 } 1577 } 1578 } // rcp clear-rip-route 1579 } 1580 1582 5. IANA Considerations 1584 RFC Ed.: In this section, replace all occurrences of 'XXXX' with the 1585 actual RFC number (and remove this note). 1587 This document registers the following namespace URIs in the IETF XML 1588 registry [RFC3688]: 1590 -------------------------------------------------------------------- 1591 URI: urn:ietf:params:xml:ns:yang:ietf-rip 1592 Registrant Contact: The IESG. 1593 XML: N/A, the requested URI is an XML namespace. 1594 -------------------------------------------------------------------- 1596 This document registers the following YANG modules in the YANG Module 1597 Names registry [RFC7950]: 1599 -------------------------------------------------------------------- 1600 name: ietf-rip 1601 namespace: urn:ietf:params:xml:ns:yang:ietf-rip 1602 prefix: rip 1603 reference: RFC XXXX 1604 -------------------------------------------------------------------- 1606 6. Security Considerations 1608 The YANG module specified in this document defines a schema for data 1609 that is designed to be accessed via network management protocols such 1610 as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer 1611 is the secure transport layer, and the mandatory-to-implement secure 1612 transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer 1613 is HTTPS, and the mandatory-to-implement secure transport is TLS 1614 [RFC8446]. 1616 The NETCONF access control model [RFC8341] provides the means to 1617 restrict access for particular NETCONF or RESTCONF users to a 1618 preconfigured subset of all available NETCONF or RESTCONF protocol 1619 operations and content. 1621 There are a number of data nodes defined in this YANG module that are 1622 writable/creatable/deletable (i.e., config true, which is the 1623 default). These data nodes may be considered sensitive or vulnerable 1624 in some network environments. Write operations (e.g., edit-config) 1625 to these data nodes without proper protection can have a negative 1626 effect on network operations. These are the subtrees and data nodes 1627 and their sensitivity/vulnerability: 1629 /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol/ 1630 rip:rip 1632 Unauthorized access to any data node of these subtrees can adversely 1633 affect the routing subsystem of both the local device and the 1634 network. This may lead to network malfunctions, delivery of packets 1635 to inappropriate destinations, and other problems. 1637 Some of the readable data nodes in this YANG module may be considered 1638 sensitive or vulnerable in some network environments. It is thus 1639 important to control read access (e.g., via get, get-config, or 1640 notification) to these data nodes. These are the subtrees and data 1641 nodes and their sensitivity/vulnerability: 1643 /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol/ 1644 rip:rip 1646 Unauthorized access to any data node of these subtrees can disclose 1647 the operational state information of RIP on this device. 1649 Some of the RPC operations in this YANG module may be considered 1650 sensitive or vulnerable in some network environments. It is thus 1651 important to control access to these operations. These are the 1652 operations and their sensitivity/vulnerability: 1654 RPC clear-rip-route: 1656 Unauthorized access to the RPC above can adversely affect the routing 1657 subsystem of both the local device and the network. This may lead to 1658 network malfunctions, delivery of packets to inappropriate 1659 destinations, and other problems. 1661 7. References 1663 7.1. Normative References 1665 [RFC1724] Malkin, G. and F. Baker, "RIP Version 2 MIB Extension", 1666 RFC 1724, DOI 10.17487/RFC1724, November 1994, 1667 . 1669 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1670 Requirement Levels", BCP 14, RFC 2119, 1671 DOI 10.17487/RFC2119, March 1997, 1672 . 1674 [RFC2453] Malkin, G., "RIP Version 2", STD 56, RFC 2453, 1675 DOI 10.17487/RFC2453, November 1998, 1676 . 1678 [RFC2080] Malkin, G. and R. Minnear, "RIPng for IPv6", RFC 2080, 1679 DOI 10.17487/RFC2080, January 1997, 1680 . 1682 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 1683 DOI 10.17487/RFC3688, January 2004, 1684 . 1686 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 1687 and A. Bierman, Ed., "Network Configuration Protocol 1688 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 1689 . 1691 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 1692 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 1693 . 1695 [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", 1696 RFC 6991, DOI 10.17487/RFC6991, July 2013, 1697 . 1699 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 1700 RFC 7950, DOI 10.17487/RFC7950, August 2016, 1701 . 1703 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 1704 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 1705 . 1707 [RFC8177] Lindem, A., Ed., Qu, Y., Yeung, D., Chen, I., and J. 1708 Zhang, "YANG Data Model for Key Chains", RFC 8177, 1709 DOI 10.17487/RFC8177, June 2017, 1710 . 1712 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration 1713 Access Control Model", STD 91, RFC 8341, 1714 DOI 10.17487/RFC8341, March 2018, 1715 . 1717 [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., 1718 and R. Wilton, "Network Management Datastore Architecture 1719 (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, 1720 . 1722 [RFC8343] Bjorklund, M., "A YANG Data Model for Interface 1723 Management", RFC 8343, DOI 10.17487/RFC8343, March 2018, 1724 . 1726 [RFC8344] Bjorklund, M., "A YANG Data Model for IP Management", 1727 RFC 8344, DOI 10.17487/RFC8344, March 2018, 1728 . 1730 [RFC8349] Lhotka, L., Lindem, A., and Y. Qu, "A YANG Data Model for 1731 Routing Management (NMDA Version)", RFC 8349, 1732 DOI 10.17487/RFC8349, March 2018, 1733 . 1735 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 1736 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 1737 . 1739 7.2. Informative References 1741 [RFC7951] Lhotka, L., "JSON Encoding of Data Modeled with YANG", 1742 RFC 7951, DOI 10.17487/RFC7951, August 2016, 1743 . 1745 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 1746 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 1747 . 1749 [RFC8407] Bierman, A., "Guidelines for Authors and Reviewers of 1750 Documents Containing YANG Data Models", BCP 216, RFC 8407, 1751 DOI 10.17487/RFC8407, October 2018, 1752 . 1754 [I-D.ietf-netconf-subscribed-notifications] 1755 Voit, E., Clemm, A., Prieto, A., Nilsen-Nygaard, E., and 1756 A. Tripathy, "Subscription to YANG Event Notifications", 1757 draft-ietf-netconf-subscribed-notifications-26 (work in 1758 progress), May 2019. 1760 [I-D.ietf-netconf-yang-push] 1761 Clemm, A. and E. Voit, "Subscription to YANG Datastores", 1762 draft-ietf-netconf-yang-push-25 (work in progress), May 1763 2019. 1765 [I-D.ietf-bfd-yang] 1766 Rahman, R., Zheng, L., Jethanandani, M., Networks, J., and 1767 G. Mirsky, "YANG Data Model for Bidirectional Forwarding 1768 Detection (BFD)", draft-ietf-bfd-yang-17 (work in 1769 progress), August 2018. 1771 [I-D.ietf-isis-yang-isis-cfg] 1772 Litkowski, S., Yeung, D., Lindem, A., Zhang, Z., and L. 1773 Lhotka, "YANG Data Model for IS-IS Protocol", draft-ietf- 1774 isis-yang-isis-cfg-35 (work in progress), March 2019. 1776 [I-D.ietf-ospf-yang] 1777 Yeung, D., Qu, Y., Zhang, Z., Chen, I., and A. Lindem, 1778 "YANG Data Model for OSPF Protocol", draft-ietf-ospf- 1779 yang-28 (work in progress), August 2019. 1781 Appendix A. Data Tree Example 1783 This section contains an example of an instance data tree in the JSON 1784 encoding [RFC7951], containing both configuration and state data. 1786 +---------------------+ 1787 | | 1788 | Router 203.0.113.1 | 1789 | | 1790 +----------+----------+ 1791 |eth1 1792 |2001:db8:0:1::1/64 1793 | 1794 | 1795 |2001:db8:0:1::2/64 1796 +----------+----------+ 1797 | | | 1798 | Another Router +---------| 2001:db8:0:2::/64 1799 | | | 1800 +---------------------+ 1802 The configuration instance data tree for Router 203.0.113.1 in the 1803 above figure could be as follows: 1805 { 1806 "ietf-interfaces:interfaces": { 1807 "interface": [ 1808 { 1809 "name": "eth1", 1810 "description": "An interface with RIPng enabled.", 1811 "type": "iana-if-type:ethernetCsmacd", 1812 "ietf-ip:ipv6": { 1813 "address": [ 1814 { 1815 "ip": "2001:db8:0:1::1", 1816 "prefix-length": 64 1817 } 1818 ], 1819 "forwarding": true 1820 } 1821 } 1822 ] 1823 }, 1824 "ietf-routing:routing": { 1825 "router-id": "203.0.113.1", 1826 "control-plane-protocols": { 1827 "control-plane-protocol": [ 1828 { 1829 "type": "ietf-rip:ripng", 1830 "name": "ripng-1", 1831 "description": "RIPng instance ripng-1.", 1832 "ietf-rip:rip": { 1833 "redistribute": { 1834 "connected": { 1835 } 1836 } 1837 "interfaces": { 1838 "interface": [ 1839 { 1840 "interface": "eth1", 1841 "split-horizon": "poison-reverse" 1842 } 1843 ] 1844 } 1845 } 1846 } 1847 ] 1848 } 1849 } 1850 } 1851 The cooresponding operational state data for Router 203.0.113.1 could 1852 be as follows: 1854 { 1855 "ietf-interfaces:interfaces": { 1856 "interface": [ 1857 { 1858 "name": "eth1", 1859 "description": "An interface with RIPng enabled.", 1860 "type": "iana-if-type:ethernetCsmacd", 1861 "phys-address": "00:00:5e:00:53:01", 1862 "oper-status": "up", 1863 "statistics": { 1864 "discontinuity-time": "2016-10-24T17:11:27+02:00" 1865 }, 1866 "ietf-ip:ipv6": { 1867 "forwarding": true, 1868 "mtu": 1500, 1869 "address": [ 1870 { 1871 "ip": "2001:db8:0:1::1", 1872 "prefix-length": 64, 1873 "origin": "static", 1874 "status": "preferred" 1875 }, 1876 { 1877 "ip": "fe80::200:5eff:fe00:5301", 1878 "prefix-length": 64, 1879 "origin": "link-layer", 1880 "status": "preferred" 1881 } 1882 ], 1883 "neighbor": [ 1884 { 1885 "ip": "2001:db8:0:1::2", 1886 "link-layer-address": "00:00:5e:00:53:02", 1887 "origin": "dynamic", 1888 "is-router": [null], 1889 "state": "reachable" 1890 }, 1891 { 1892 "ip": "fe80::200:5eff:fe00:5302", 1893 "link-layer-address": "00:00:5e:00:53:02", 1894 "origin": "dynamic", 1895 "is-router": [null], 1896 "state": "reachable" 1897 } 1898 ] 1900 } 1901 } 1902 ] 1903 }, 1904 "ietf-routing:routing": { 1905 "router-id": "203.0.113.1", 1906 "interfaces": { 1907 "interface": [ 1908 "eth1" 1909 ] 1910 }, 1911 "control-plane-protocols": { 1912 "control-plane-protocol": [ 1913 { 1914 "type": "ietf-rip:ripng", 1915 "name": "ripng-1", 1916 "description": "RIPng instance ripng-1.", 1917 "ietf-rip:rip": { 1918 "default-metric": 1, 1919 "next-triggered-update": 5 1920 "interfaces": { 1921 "interface": [ 1922 { 1923 "interface": "eth1", 1924 "oper-status": "up", 1925 "cost": 1, 1926 "split-horizon": "poison-reverse", 1927 "valid-address": true 1928 } 1929 ] 1930 }, 1931 "ipv6" { 1932 "neighbors": { 1933 "neighbor": [ 1934 { 1935 "address": "fe80::200:5eff:fe00:5302", 1936 "last-update": "2017-01-02T10:34:55+02:00" 1937 } 1938 ] 1939 } 1940 "routes": { 1941 "route": [ 1942 { 1943 "ipv6-prefix": "2001:db8:0:1::/64", 1944 "interface": "eth1", 1945 "redistributed": true, 1946 "route-type": "connected", 1947 "metric": 1, 1948 "expire-time": 22 1949 }, 1950 { 1951 "ipv6-prefix": "2001:db8:0:2::/64", 1952 "next-hop": "fe80::200:5eff:fe00:5302", 1953 "interface": "eth1", 1954 "redistributed": false, 1955 "route-type": "rip", 1956 "metric": 2, 1957 "expire-time": 82 1958 } 1959 ] 1960 } 1961 }, 1962 "statistics": { 1963 "discontinuity-time": "2016-10-24T17:11:27+02:00", 1964 "requests-rcvd": 523, 1965 "requests-sent": 262, 1966 "responses-rcvd": 261, 1967 "responses-sent": 523 1968 } 1969 } 1970 } 1971 ] 1972 } 1973 } 1974 } 1976 Authors' Addresses 1978 Xufeng Liu 1979 Volta Networks 1981 EMail: xufeng.liu.ietf@gmail.com 1983 Prateek Sarda 1984 Ericsson 1985 Fern Icon, Survey No 28 and 36/5, Doddanakundi Village 1986 Bangalore Karnataka 560037 1987 India 1989 EMail: prateek.sarda@ericsson.com 1990 Vikram Choudhary 1991 Individual 1992 Bangalore 560066 1993 India 1995 EMail: vikschw@gmail.com