idnits 2.17.1
draft-li-bess-l3vpn-yang-01.txt:
Checking boilerplate required by RFC 5378 and the IETF Trust (see
https://trustee.ietf.org/license-info):
----------------------------------------------------------------------------
No issues found here.
Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
----------------------------------------------------------------------------
No issues found here.
Checking nits according to https://www.ietf.org/id-info/checklist :
----------------------------------------------------------------------------
No issues found here.
Miscellaneous warnings:
----------------------------------------------------------------------------
== The copyright year in the IETF Trust and authors Copyright Line does not
match the current year
== Line 126 has weird spacing: '...t-value str...'
== Line 134 has weird spacing: '...t-value str...'
== Line 180 has weird spacing: '...t-value str...'
== Line 221 has weird spacing: '...t-value str...'
== Line 252 has weird spacing: '...t-value str...'
== The document doesn't use any RFC 2119 keywords, yet seems to have RFC
2119 boilerplate text.
-- The document date (December 21, 2015) is 3042 days in the past. Is this
intentional?
Checking references for intended status: Proposed Standard
----------------------------------------------------------------------------
(See RFCs 3967 and 4897 for information about using normative references
to lower-maturity documents in RFCs)
== Unused Reference: 'RFC4271' is defined on line 680, but no explicit
reference was found in the text
== Unused Reference: 'RFC4760' is defined on line 689, but no explicit
reference was found in the text
== Outdated reference: A later version (-17) exists of
draft-ietf-idr-bgp-model-00
== Outdated reference: A later version (-25) exists of
draft-ietf-netmod-routing-cfg-20
Summary: 0 errors (**), 0 flaws (~~), 11 warnings (==), 1 comment (--).
Run idnits with the --verbose option for more detailed information about
the items above.
--------------------------------------------------------------------------------
2 Network Working Group Z. Li
3 Internet-Draft S. Zhuang
4 Intended status: Standards Track Huawei Technologies
5 Expires: June 23, 2016 X. Liu
6 Ericsson
7 J. Haas
8 S. Esale
9 Juniper Networks
10 B. Wen
11 Comcast
12 December 21, 2015
14 Yang Data Model for BGP/MPLS IP VPN
15 draft-li-bess-l3vpn-yang-01
17 Abstract
19 This document defines a YANG data model that can be used to configure
20 and manage L3VPN (BGP/MPLS IP VPN).
22 Requirements Language
24 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
25 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
26 document are to be interpreted as described in RFC 2119 [RFC2119].
28 Status of This Memo
30 This Internet-Draft is submitted in full conformance with the
31 provisions of BCP 78 and BCP 79.
33 Internet-Drafts are working documents of the Internet Engineering
34 Task Force (IETF). Note that other groups may also distribute
35 working documents as Internet-Drafts. The list of current Internet-
36 Drafts is at http://datatracker.ietf.org/drafts/current/.
38 Internet-Drafts are draft documents valid for a maximum of six months
39 and may be updated, replaced, or obsoleted by other documents at any
40 time. It is inappropriate to use Internet-Drafts as reference
41 material or to cite them other than as "work in progress."
43 This Internet-Draft will expire on June 23, 2016.
45 Copyright Notice
47 Copyright (c) 2015 IETF Trust and the persons identified as the
48 document authors. All rights reserved.
50 This document is subject to BCP 78 and the IETF Trust's Legal
51 Provisions Relating to IETF Documents
52 (http://trustee.ietf.org/license-info) in effect on the date of
53 publication of this document. Please review these documents
54 carefully, as they describe your rights and restrictions with respect
55 to this document. Code Components extracted from this document must
56 include Simplified BSD License text as described in Section 4.e of
57 the Trust Legal Provisions and are provided without warranty as
58 described in the Simplified BSD License.
60 Table of Contents
62 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
63 2. Definitions and Acronyms . . . . . . . . . . . . . . . . . . 3
64 3. Design of the L3VPN Model . . . . . . . . . . . . . . . . . . 3
65 3.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . 3
66 3.2. VPN Instance Configuration . . . . . . . . . . . . . . . 4
67 3.2.1. Per-Instance Configuration . . . . . . . . . . . . . 4
68 3.2.2. Address Family Configuration of L3VPN Instance . . . 4
69 3.3. Yang Tree of L3VPN Yang Model . . . . . . . . . . . . . . 5
70 4. L3VPN YANG Model . . . . . . . . . . . . . . . . . . . . . . 7
71 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15
72 6. Security Considerations . . . . . . . . . . . . . . . . . . . 15
73 7. Normative References . . . . . . . . . . . . . . . . . . . . 15
74 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 16
76 1. Introduction
78 YANG [RFC6020] is a data definition language that was introduced to
79 define the contents of a conceptual data store that allows networked
80 devices to be managed using NETCONF [RFC6241]. YANG is proving
81 relevant beyond its initial confines, as bindings to other interfaces
82 (e.g. ReST) and encodings other than XML (e.g. JSON) are being
83 defined. Furthermore, YANG data models can be used as the basis of
84 implementation for other interfaces, such as CLI and programmatic
85 APIs.
87 This document defines a YANG data model that can be used to configure
88 and manage L3VPN (BGP/MPLS IP VPN) [RFC4364].
90 2. Definitions and Acronyms
92 AF: Address Family
94 BGP: Border Gateway Protocol
96 JSON: JavaScript Object Notation
98 L3VPN: Layer 3 VPN
100 NETCONF: Network Configuration Protocol
102 ReST: Representational State Transfer, a style of stateless interface
103 and protocol that is generally carried over HTTP
105 YANG: A data definition language for NETCONF
107 3. Design of the L3VPN Model
109 3.1. Overview
111 The L3VPN Yang module is to augment the routing instance Yang models
112 proposed by the draft [I-D.ietf-netmod-routing-cfg]. It introduced
113 the "l3vpn"container to define augmented parameters which can be
114 applied for VRF Routing Instance and support both the IPv4 and IPv6
115 address families. The overview of the "l3vpn" container is shown in
116 the following figure:
118 module: ietf-l3vpn
119 augment /rt:routing/rt:routing-instance:
120 +--rw l3vpn
121 +--rw ipv4-family
122 | +--rw bgp-parameters
123 | | +--rw common
124 | | +--rw route-distinguisher? string
125 | | +--rw vpn-targets* [rt-value]
126 | | +--rw rt-value string
127 | | +--rw rt-type bgp-rt-type
128 | ......
129 +--rw ipv6-family
130 +--rw bgp-parameters
131 | +--rw common
132 | +--rw route-distinguisher? string
133 | +--rw vpn-targets* [rt-value]
134 | +--rw rt-value string
135 | +--rw rt-type bgp-rt-type
136 ......
138 L3VPN inteface parameters can reuse those parameters defined by
139 [I-D.ietf-netmod-routing-cfg].
141 BGP Protocols parameters for L3VPN is defined by the draft
142 [I-D.ietf-idr-bgp-model]. The augment may be defined in the future
143 version if necessary.
145 3.2. VPN Instance Configuration
147 An instance is created to comprise the VPN forwarding information for
148 each VPN in a BGP/MPLS IP VPN. This instance is called a VPN
149 instance or a VPN routing and forwarding (VRF) table. It is also
150 called a per-site forwarding table in [RFC4364]. VPN instances must
151 be created in all BGP/MPLS IP VPN solutions. VPN instances support
152 both the IPv4 and IPv6 address families.
154 VPN instance configuration consists of the following components :
156 o Per-Instance Configuration : that contains the common writable
157 configuration objects for VPN instance IPv4 and IPv6 address family.
159 o Address Family Configuration of L3VPN Instance: that contains the
160 address family specific writable configuration objects.
162 3.2.1. Per-Instance Configuration
164 Per-instance parameters is defined by [I-D.ietf-netmod-routing-cfg]
165 including instance name, description, etc.
167 3.2.2. Address Family Configuration of L3VPN Instance
169 l3vpn container contains the address family specific writable
170 configuration objects, such as route-distinguisher, vpn-targets,
171 apply-label-mode, etc. The parameters should be consistent between
172 IPv4 family and IPv6 family.
174 +--rw l3vpn
175 +--rw ipv4-family
176 | +--rw bgp-parameters
177 | | +--rw common
178 | | +--rw route-distinguisher? string
179 | | +--rw vpn-targets* [rt-value]
180 | | +--rw rt-value string
181 | | +--rw rt-type bgp-rt-type
182 | +--rw apply-label-mode? apply-label-mode-def
183 | +--rw import-route-policy? string
184 | +--rw export-route-policy? string
185 | +--rw tunnel-policy? string
186 | +--rw prefix-limit
187 | | +--rw prefix-limit-number? uint32
188 | | +--rw (prefix-limit-action)?
189 | | +--:(enable-alert-percent)
190 | | | +--rw alert-percent-value? uint8
191 | | | +--rw route-unchanged? boolean
192 | | +--:(enable-simple-alert)
193 | | +--rw simple-alert? boolean
194 | +--rw routing-table-limit
195 | | +--rw routing-table-limit-number? uint32
196 | | +--rw (routing-table-limit-action)?
197 | | +--:(enable-alert-percent)
198 | | | +--rw alert-percent-value? uint8
199 | | +--:(enable-simple-alert)
200 | | +--rw simple-alert? boolean
201 | +--rw import-global-rib
202 | +--rw protocol? enumeration
203 | +--rw processId? uint32
204 | +--rw bgp-valid-route? boolean
205 | +--rw route-policy-name? string
206 +--rw ipv6-family
207 ......
209 3.3. Yang Tree of L3VPN Yang Model
211 The Yang tree of L3VPn Yang model is shown in the following figure:
213 module: ietf-l3vpn
214 augment /rt:routing/rt:routing-instance:
215 +--rw l3vpn
216 +--rw ipv4-family
217 | +--rw bgp-parameters
218 | | +--rw common
219 | | +--rw route-distinguisher? string
220 | | +--rw vpn-targets* [rt-value]
221 | | +--rw rt-value string
222 | | +--rw rt-type bgp-rt-type
223 | +--rw apply-label-mode? apply-label-mode-def
224 | +--rw import-route-policy? string
225 | +--rw export-route-policy? string
226 | +--rw tunnel-policy? string
227 | +--rw prefix-limit
228 | | +--rw prefix-limit-number? uint32
229 | | +--rw (prefix-limit-action)?
230 | | +--:(enable-alert-percent)
231 | | | +--rw alert-percent-value? uint8
232 | | | +--rw route-unchanged? boolean
233 | | +--:(enable-simple-alert)
234 | | +--rw simple-alert? boolean
235 | +--rw routing-table-limit
236 | | +--rw routing-table-limit-number? uint32
237 | | +--rw (routing-table-limit-action)?
238 | | +--:(enable-alert-percent)
239 | | | +--rw alert-percent-value? uint8
240 | | +--:(enable-simple-alert)
241 | | +--rw simple-alert? boolean
242 | +--rw import-global-rib
243 | +--rw protocol? enumeration
244 | +--rw processId? uint32
245 | +--rw bgp-valid-route? boolean
246 | +--rw route-policy-name? string
247 +--rw ipv6-family
248 +--rw bgp-parameters
249 | +--rw common
250 | +--rw route-distinguisher? string
251 | +--rw vpn-targets* [rt-value]
252 | +--rw rt-value string
253 | +--rw rt-type bgp-rt-type
254 +--rw apply-label-mode? apply-label-mode-def
255 +--rw import-route-policy? string
256 +--rw export-route-policy? string
257 +--rw tunnel-policy? string
258 +--rw prefix-limit
259 | +--rw prefix-limit-number? uint32
260 | +--rw (prefix-limit-action)?
261 | +--:(enable-alert-percent)
262 | | +--rw alert-percent-value? uint8
263 | | +--rw route-unchanged? boolean
264 | +--:(enable-simple-alert)
265 | +--rw simple-alert? boolean
266 +--rw routing-table-limit
267 | +--rw routing-table-limit-number? uint32
268 | +--rw (routing-table-limit-action)?
269 | +--:(enable-alert-percent)
270 | | +--rw alert-percent-value? uint8
271 | +--:(enable-simple-alert)
272 | +--rw simple-alert? boolean
273 +--rw import-global-rib
274 +--rw protocol? enumeration
275 +--rw processId? uint32
276 +--rw bgp-valid-route? boolean
277 +--rw route-policy-name? string
279 4. L3VPN YANG Model
281 //L3VPN YANG MODEL
282 file "ietf-l3vpn.yang"
283 module ietf-l3vpn {
284 namespace "urn:ietf:params:xml:ns:yang:ietf-l3vpn";
285 // replace with IANA namespace when assigned
286 prefix "l3vpn";
288 import ietf-routing {
289 prefix "rt";
290 //draft-ietf-netmod-routing-cfg-19
291 }
293 organization "IETF BGP Enabled Services WG";
294 contact "draft-li-bess-l3vpn-yang@tools.ietf.org";
295 description
296 "This YANG module defines the generic configuration data
297 for L3VPN service.
299 Terms and Acronyms
301 BGP (bgp): Border Gateway Protocol
302 IPv4 (ipv4):Internet Protocol Version 4
303 IPv6 (ipv6): Internet Protocol Version 6
305 ";
307 revision 2015-10-09 {
308 description
309 "Initial revision.";
310 reference "RFC4271, RFC4364, RFC4365, RFC4760.";
311 }
313 /* typedefs */
315 typedef bgp-rt-type {
316 type enumeration {
317 enum import {
318 description "For import";
319 }
320 enum export {
321 description "For export";
322 }
323 enum both {
324 description "For both import and export";
325 }
326 }
327 description "BGP route-target type. Import from BGP YANG.";
328 }
330 typedef apply-label-mode-def {
331 type enumeration {
332 enum "per-route" {
333 value 0;
334 description
335 "By default, the VPN instance IPv4 address family
336 assigns a unique label to each route to be sent
337 to the peer PE.";
338 }
339 enum "per-instance" {
340 value 1;
341 description
342 "The apply-label per-instance command enables the
343 one-label-per-VPN-instance mode.";
344 }
345 }
346 description "...";
347 }
349 typedef routing-instance-type-ref {
350 type leafref {
351 path "/rt:routing/rt:routing-instance/rt:type";
352 }
353 description
354 "This type is used for leafs that reference a routing
355 instance configuration.";
356 }
358 grouping bgp-parameters-grp {
359 description
360 "BGP parameters grouping.";
361 container bgp-parameters {
362 description
363 "Parameters for BGP.";
364 container common {
365 description
366 "Common BGP parameters.";
367 leaf route-distinguisher {
368 type string;
369 description "BGP RD.";
370 }
371 list vpn-targets {
372 key rt-value;
373 description
374 "Route Targets.";
375 leaf rt-value {
376 type string;
377 description
378 "Route-Target value.";
379 }
380 leaf rt-type {
381 type bgp-rt-type;
382 mandatory true;
383 description
384 "Type of RT.";
385 }
386 }
387 }
388 }
389 }
391 grouping vpn-af-config {
392 description
393 "A set of configuration parameters that is applicable to both
394 IPv4 and IPv6 address family for a VPN instance .";
396 leaf apply-label-mode {
397 type apply-label-mode-def;
398 default "per-route";
399 description ".";
400 }
402 leaf import-route-policy {
403 type string {
404 length "1..40";
405 }
406 description
407 "The import route-policy command associates a VPN instance
408 enabled with the IPv4 or IPv6 address family with an
409 import routing policy.
410 Only one import routing policy can be associated with a
411 VPN instance enabled with the IPv4 or IPv6 address family.
412 If the import route-policy command is run more than once,
413 the latest configuration overrides the previous ones.";
414 }
416 leaf export-route-policy {
417 type string {
418 length "1..40";
419 }
420 description
421 "The export route-policy command associates a VPN instance
422 enabled with the IPv4 or IPv6 address family with an
423 export routing policy.
424 Only one export routing policy can be associated with a
425 VPN instance enabled with the IPv4 or IPv6 address family.
426 If the export route-policy command is run more than once,
427 the latest configuration overrides the previous ones.";
428 }
430 leaf tunnel-policy {
431 type string;
432 description
433 "Tunnel policy name.";
434 }
436 container prefix-limit {
437 description
438 "The prefix limit command sets a limit on the maximum
439 number of prefixes supported in the existing VPN
440 instance, preventing the PE from importing excessive
441 VPN route prefixes.";
443 leaf prefix-limit-number {
444 type uint32 {
445 range "1..4294967295";
446 }
447 description
448 "Specifies the maximum number of prefixes supported in the
449 VPN instance IPv4 or IPv6 address family.";
450 }
452 choice prefix-limit-action {
453 description ".";
454 case enable-alert-percent {
455 leaf alert-percent-value {
456 type uint8 {
457 range "1..100";
458 }
459 description
460 "Specifies the proportion of the alarm threshold to the
461 maximum number of prefixes.";
462 }
463 leaf route-unchanged {
464 type boolean;
465 default "false";
466 description
467 "Indicates that the routing table remains unchanged.
468 By default, route-unchanged is not configured. When
469 the number of prefixes in the routing table is
470 greater than the value of the parameter number,
471 routes are processed as follows:
472 (1)If route-unchanged is configured, routes in the
473 routing table remain unchanged.
474 (2)If route-unchanged is not configured, all routes
475 in the routing table are deleted and then
476 re-added.";
477 }
478 }
479 case enable-simple-alert {
480 leaf simple-alert {
481 type boolean;
482 default "false";
483 description
484 "Indicates that when the number of VPN route prefixes
485 exceeds number, prefixes can still join the VPN
486 routing table and alarms are displayed.";
487 }
488 }
489 }
490 }
492 container routing-table-limit {
493 description
494 "The routing-table limit command sets a limit on the maximum
495 number of routes that the IPv4 or IPv6 address family of a
496 VPN instance can support.
497 By default, there is no limit on the maximum number of
498 routes that the IPv4 or IPv6 address family of a VPN
499 instance can support, but the total number of private
500 network and public network routes on a device cannot
501 exceed the allowed maximum number of unicast routes.";
503 leaf routing-table-limit-number {
504 type uint32 {
505 range "1..4294967295";
506 }
507 description
508 "Specifies the maximum number of routes supported by a
509 VPN instance. ";
510 }
512 choice routing-table-limit-action {
513 description ".";
514 case enable-alert-percent {
515 leaf alert-percent-value {
516 type uint8 {
517 range "1..100";
518 }
519 description
520 "Specifies the percentage of the maximum number of
521 routes. When the maximum number of routes that join
522 the VPN instance is up to the value
523 (number*alert-percent)/100, the system prompts
524 alarms. The VPN routes can be still added to the
525 routing table, but after the number of routes
526 reaches number, the subsequent routes are
527 dropped.";
528 }
529 }
530 case enable-simple-alert {
531 leaf simple-alert {
532 type boolean;
533 description
534 "Indicates that when VPN routes exceed number, routes
535 can still be added into the routing table, but the
536 system prompts alarms.
537 However, after the total number of VPN routes and
538 network public routes reaches the unicast route limit
539 specified in the License, the subsequent VPN routes
540 are dropped.";
541 }
542 }
543 }
544 }
546 container import-global-rib {
547 description
548 "Route Leaking from a Global Routing Table into a VRF.";
550 leaf protocol {
551 type enumeration {
552 enum ALL {
553 value "0";
554 description "ALL:";
555 }
556 enum Direct {
557 value "1";
558 description "Direct:";
559 }
560 enum OSPF {
561 value "2";
562 description "OSPF:";
563 }
564 enum ISIS {
565 value "3";
566 description "ISIS:";
567 }
568 enum Static {
569 value "4";
570 description "Static:";
571 }
572 enum RIP {
573 value "5";
574 description "RIP:";
575 }
576 enum BGP {
577 value "6";
578 description "BGP:";
579 }
580 enum OSPFV3 {
581 value "7";
582 description "OSPFV3:";
583 }
584 enum RIPNG {
585 value "8";
586 description "RIPNG:";
587 }
588 enum INVALID {
589 value "9";
590 description "INVALID:";
591 }
592 }
593 description
594 "Specifies the protocol from which routes are imported.
595 At present, In the IPv4 unicast address family view,
596 the protocol can be IS-IS,static, direct and BGP.";
597 }
599 leaf processId {
600 type uint32 {
601 range "0..4294967295";
602 }
603 default "0";
604 description
605 "Specifies the process ID if the protocol from routes
606 are imported is IS-IS.";
607 }
609 leaf bgp-valid-route {
610 type boolean;
611 description ".";
612 }
614 leaf route-policy-name {
615 type string;
616 description
617 "Policy Id for import routes";
618 }
620 }
621 }
623 augment "/rt:routing/rt:routing-instance" {
624 description ".";
625 container l3vpn {
626 when "routing-instance-type-ref = 'vrf-routing-instance'" {
627 description ".";
628 }
629 description ".";
630 container ipv4-family {
631 description
632 "The IPv4 address family is enabled for the VPN
633 instance.";
635 uses bgp-parameters-grp;
636 uses vpn-af-config;
637 }
639 container ipv6-family {
640 description
641 "The IPv6 address family is enabled for the VPN
642 instance.";
644 uses bgp-parameters-grp;
645 uses vpn-af-config;
646 }
647 } //End of case type
649 } //End of augment "/rt:routing/rt:routing-instance"
651 }
652
654 5. IANA Considerations
656 This document makes no request of IANA.
658 6. Security Considerations
660 This document does not introduce any new security risk.
662 7. Normative References
664 [I-D.ietf-idr-bgp-model]
665 Shaikh, A., Shakir, R., Patel, K., Hares, S., D'Souza, K.,
666 Bansal, D., Clemm, A., Alex, A., Jethanandani, M., and X.
667 Liu, "BGP Model for Service Provider Networks", draft-
668 ietf-idr-bgp-model-00 (work in progress), July 2015.
670 [I-D.ietf-netmod-routing-cfg]
671 Lhotka, L. and A. Lindem, "A YANG Data Model for Routing
672 Management", draft-ietf-netmod-routing-cfg-20 (work in
673 progress), October 2015.
675 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
676 Requirement Levels", BCP 14, RFC 2119,
677 DOI 10.17487/RFC2119, March 1997,
678 .
680 [RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A
681 Border Gateway Protocol 4 (BGP-4)", RFC 4271,
682 DOI 10.17487/RFC4271, January 2006,
683 .
685 [RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private
686 Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February
687 2006, .
689 [RFC4760] Bates, T., Chandra, R., Katz, D., and Y. Rekhter,
690 "Multiprotocol Extensions for BGP-4", RFC 4760,
691 DOI 10.17487/RFC4760, January 2007,
692 .
694 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for
695 the Network Configuration Protocol (NETCONF)", RFC 6020,
696 DOI 10.17487/RFC6020, October 2010,
697 .
699 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed.,
700 and A. Bierman, Ed., "Network Configuration Protocol
701 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011,
702 .
704 Authors' Addresses
706 Zhenbin Li
707 Huawei Technologies
708 Huawei Bld., No.156 Beiqing Rd.
709 Beijing 100095
710 China
712 Email: lizhenbin@huawei.com
714 Shunwan Zhuang
715 Huawei Technologies
716 Huawei Bld., No.156 Beiqing Rd.
717 Beijing 100095
718 China
720 Email: zhuangshunwan@huawei.com
722 Xufeng Liu
723 Ericsson
724 1595 Spring Hill Road, Suite 500
725 Vienna, VA 22182
726 USA
728 Email: xufeng.liu@ericsson.com
730 Jeffrey Haas
731 Juniper Networks
733 Email: jhaas@juniper.net
735 Santosh Esale
736 Juniper Networks
737 1194 N. Mathilda Ave.
738 Sunnyvale, CA 94089
739 US
741 Email: sesale@juniper.net
742 Bin Wen
743 Comcast
745 Email: Bin_Wen@cable.comcast.com