idnits 2.17.1 draft-nainar-mpls-lsp-ping-yang-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 1 instance of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 256 has weird spacing: '...terface if:...' == Line 263 has weird spacing: '...address ip-...' == Line 271 has weird spacing: '...eceived yan...' == Line 327 has weird spacing: '...terface if:...' == Line 334 has weird spacing: '...address ip-...' == (4 more instances...) == The document doesn't use any RFC 2119 keywords, yet seems to have RFC 2119 boilerplate text. -- The document date (28 January 2022) is 819 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC8532' is defined on line 1720, but no explicit reference was found in the text == Unused Reference: 'RFC8533' is defined on line 1727, but no explicit reference was found in the text Summary: 0 errors (**), 0 flaws (~~), 11 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 mpls N. Nainar 3 Internet-Draft C. Pignataro 4 Intended status: Standards Track M. Sankaranarayanan 5 Expires: 1 August 2022 Cisco Systems, Inc. 6 W. Zheng 7 Huawei 8 28 January 2022 10 YANG Data Model for MPLS LSP Ping 11 draft-nainar-mpls-lsp-ping-yang-02 13 Abstract 15 This document describes the YANG data model for Multi-Protocol Label 16 Switching (MPLS) LSP Ping. The model is based on YANG 1.1 as defined 17 in RFC 7950 and conforms to the Network Management Datastore 18 Architecture (NMDA) as described in RFC 8342. 20 Status of This Memo 22 This Internet-Draft is submitted in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF). Note that other groups may also distribute 27 working documents as Internet-Drafts. The list of current Internet- 28 Drafts is at https://datatracker.ietf.org/drafts/current/. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 This Internet-Draft will expire on 1 August 2022. 37 Copyright Notice 39 Copyright (c) 2022 IETF Trust and the persons identified as the 40 document authors. All rights reserved. 42 This document is subject to BCP 78 and the IETF Trust's Legal 43 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 44 license-info) in effect on the date of publication of this document. 45 Please review these documents carefully, as they describe your rights 46 and restrictions with respect to this document. Code Components 47 extracted from this document must include Revised BSD License text as 48 described in Section 4.e of the Trust Legal Provisions and are 49 provided without warranty as described in the Revised BSD License. 51 Table of Contents 53 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 54 1.1. Requirements notation . . . . . . . . . . . . . . . . . . 3 55 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 56 1.3. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 3 57 2. Design of Data Model . . . . . . . . . . . . . . . . . . . . 3 58 2.1. Scope of Model . . . . . . . . . . . . . . . . . . . . . 3 59 2.2. Module Hierarchy Organization . . . . . . . . . . . . . . 3 60 2.3. Optional Capabilities . . . . . . . . . . . . . . . . . . 4 61 2.4. RPC Operations . . . . . . . . . . . . . . . . . . . . . 4 62 2.5. Configuration and Notifications . . . . . . . . . . . . . 5 63 2.6. Augment Method . . . . . . . . . . . . . . . . . . . . . 5 64 2.7. The Complete Tree . . . . . . . . . . . . . . . . . . . . 5 65 3. LSP Ping YANG Module . . . . . . . . . . . . . . . . . . . . 10 66 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 34 67 5. Security Considerations . . . . . . . . . . . . . . . . . . . 34 68 6. Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . 35 69 7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 35 70 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 35 71 8.1. Normative References . . . . . . . . . . . . . . . . . . 35 72 8.2. Informative References . . . . . . . . . . . . . . . . . 36 73 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 37 75 1. Introduction 77 [RFC8029] describes the mechanism to detect any data-plane failures 78 in MPLS Label Switched Paths (LSPs). The MPLS echo request is 79 triggered from the head end node with different TLVs carrying control 80 plane information such as Target FEC Stack that are used by the 81 transit or the tail end node to validate the path and detect any 82 failures. 84 The Network Configuration Protocol (NETCONF) [RFC6241] is one of the 85 network management protocols that defines the mechanism to manage 86 network devices. YANG version 1 defined in [RFC6020] and version 1.1 87 defined in [RFC7950] is a modular data modeling language used to 88 represent the data structure of the configuration and operational 89 state of any device managed using NETCONF. 91 This document describes the YANG data model for Multi-Protocol Label 92 Switching (MPLS) LSP Ping. The model is based on YANG 1.1 as defined 93 in [RFC7950] and conforms to the Network Management Datastore 94 Architecture (NMDA) as described in [RFC8342]. 96 1.1. Requirements notation 98 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 99 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 100 "OPTIONAL" in this document are to be interpreted as described in BCP 101 14 [RFC2119] [RFC8174] when, and only when, they appear in all 102 capitals, as shown here. 104 1.2. Terminology 106 This document uses the terminologies defined in [RFC8029], [RFC7950], 107 and so the readers are expected to be familiar with the 108 terminologies. 110 1.3. Tree Diagrams 112 This document uses the graphical representation of the data models 113 defined in [RFC8340]. 115 2. Design of Data Model 117 2.1. Scope of Model 119 [RFC8029] describes the mechanism to detect any data-plane failures 120 in MPLS Label Switched Paths (LSPs). [RFC6425] extends the mechanism 121 further to P2MP MPLS LSPs. [RFC8287] extends the mechanism for 122 Segment Routing with MPLS data plane. 124 The goal of this document is to produce a data model that provides a 125 common user interface to the MPLS LSP Ping and allows the user to 126 either configure and schedule the testing or to activate on-demand. 128 2.2. Module Hierarchy Organization 130 The modules is currently defined in a way that can be used to 131 instruct the echo parameters information that the initiator node must 132 include in the payload and in the probe header. The modules is 133 defined to use RPC operations to execute LSP Ping and LSP Path 134 tracing with multipath awareness and retrieve the result information. 136 The future version of the module will be updated to include ways to 137 configure the testing parameters and schedule the testing on any node 138 for continuous monitoring and use notification to receive any change 139 in the monitoring status. 141 2.3. Optional Capabilities 143 This module includes the option to configure the MPLS OAM feature 144 that is required in some vendor software to enable the capability. 145 This is not a mandatory feature and so the module is compatible with 146 nodes that does not require any such configuration. The structure of 147 the configuration is as shown below: 149 module: ietf-mpls-lsp-ping 150 augment /rt:routing/mpls:mpls: 151 +--rw mpls-oam {mpls-oam}? 152 +--rw enable? boolean 154 2.4. RPC Operations 156 This module defines 3 different RPC operations as below: 158 * Continuity Check 160 * Single Path Discovery 162 * Multi Path Discovery 164 RPC "continuity-check" triggers LSP Ping from the initiator node to 165 validate the path for any specific FEC defined in the Target FEC 166 Stack and retrieve the response from the responder node as RPC 167 output. The probe count object is used to control the number of 168 probes sent. For each probe sent, a response is expected to be 169 retrieved. The global-flags object can be used to control the FEC 170 validation as defined in Section 6.2.3 of [RFC8029].. 172 RPC "single-path-discovery" triggers the LSP trace from the Initiator 173 node to trace the path for any specific FEC defined in the Target FEC 174 Stack and retrieve the response from each transit hops as RPC output. 175 While the input parameters are similar to RPC continuity-check, this 176 RPC will instruct the initiator node to send probes by sequentially 177 incrementing the TTL of the probe. 179 RPC "multi-path-discovery" is similar to "single-path-discovery" with 180 an additional ddmap-hash as an input parameter and retrieve the 181 response from each equal cost multipath (ECMP) transit hops as RPC 182 output. 184 2.5. Configuration and Notifications 186 To be Updated. 188 2.6. Augment Method 190 To be Updated. 192 2.7. The Complete Tree 194 Following is a complete tree representation of LSP Ping YANG module. 196 module: ietf-mpls-lsp-ping 197 augment /rt:routing/mpls:mpls: 198 +--rw mpls-oam {mpls-oam}? 199 +--rw enable? boolean 201 rpcs: 202 +---x continuity-check 203 | +---w input 204 | | +---w echo-header-parameters 205 | | | +---w source-address? ip-address 206 | | | +---w destination-address? ip-loopback-address 207 | | | +---w traffic-class? mpls-traffic-class 208 | | | +---w mpls-entropy-label? mpls-entropy-label 209 | | | +---w header-mpls-ttl? uint8 210 | | | +---w mpls-exp-label? boolean 211 | | +---w echo-payload-parameters 212 | | | +---w reply-tos-tlv? boolean 213 | | | +---w reply-tos-value 214 | | | | +---w reply-tos-value? uint8 215 | | | +---w probe-size? uint32 216 | | | +---w probe-sweep 217 | | | | +---w min-probe-sweep? uint16 218 | | | | +---w max-probe-sweep? uint16 219 | | | +---w target-fec-stack-type 220 | | | | +---w target-fec-stack-type identityref 221 | | | | +---w (target-fec-stack-value)? 222 | | | | +--:(ldp-ip-prefix) 223 | | | | | +---w ldp-ip-prefix? inet:ip-prefix 224 | | | | +--:(rsvp) 225 | | | | | +---w tunnel-id? uint32 226 | | | | +--:(vpn-ip-prefix) 227 | | | | | +---w vrf-id? uint32 228 | | | | | +---w vpn-ip-prefix? inet:ip-prefix 229 | | | | +--:(pw) 230 | | | | | +---w pw-id? uint32 231 | | | | | +---w remote-pe-addr? inet:ip-address 232 | | | | +--:(bgp-label-prefix) 233 | | | | | +---w bgp-label-prefix? inet:ip-prefix 234 | | | | +--:(generic-ip-prefix) 235 | | | | | +---w generic-ip-prefix? inet:ip-prefix 236 | | | | +--:(igp-ip-prefix) 237 | | | | +---w protocol? identityref 238 | | | | +---w igp-ip-prefix? inet:ip-prefix 239 | | | +---w target-fec-type target-fec-type 240 | | | +---w reply-mode? reply-mode 241 | | | +---w return-ttl-tlv? boolean 242 | | | +---w return-ttl-value 243 | | | | +---w return-ttl-value? uint8 244 | | | +---w global-flags 245 | | | +---w v-flag? boolean 246 | | | +---w t-flag? boolean 247 | | | +---w r-flag? boolean 248 | | +---w echo-scheduling-parameters 249 | | +---w probe-interval 250 | | | +---w min-probe-interval? identityref 251 | | | +---w max-probe-interval? identityref 252 | | +---w probe-count? uint32 253 | | +---w probe-timeout? identityref 254 | | +---w output-info 255 | | +---w output-intf* [interface] 256 | | | +---w interface if:interface-ref 257 | | +---w nexthop? inet:ip-address 258 | +--ro output 259 | +--ro response-list* [response-index] 260 | +--ro response-index uint32 261 | +--ro response-header-parameters 262 | | +--ro resp-source-address ip-address 263 | | +--ro resp-destination-address ip-address 264 | | +--ro resp-traffic-class uint8 265 | +--ro response-payload-parameters 266 | +--ro reply-mode reply-mode 267 | +--ro return-code return-code 268 | +--ro return-sub-code uint8 269 | +--ro seq-number uint32 270 | +--ro timestamp-sent yang:date-and-time 271 | +--ro timestamp-received yang:date-and-time 272 | +--ro target-fec-type target-fec-type 273 +---x single-path-discovery 274 | +---w input 275 | | +---w echo-header-parameters 276 | | | +---w source-address? ip-address 277 | | | +---w destination-address? ip-loopback-address 278 | | | +---w traffic-class? mpls-traffic-class 279 | | | +---w mpls-entropy-label? mpls-entropy-label 280 | | | +---w header-mpls-ttl? uint8 281 | | | +---w mpls-exp-label? boolean 282 | | +---w echo-payload-parameters 283 | | | +---w reply-tos-tlv? boolean 284 | | | +---w reply-tos-value 285 | | | | +---w reply-tos-value? uint8 286 | | | +---w probe-size? uint32 287 | | | +---w probe-sweep 288 | | | | +---w min-probe-sweep? uint16 289 | | | | +---w max-probe-sweep? uint16 290 | | | +---w target-fec-stack-type 291 | | | | +---w target-fec-stack-type identityref 292 | | | | +---w (target-fec-stack-value)? 293 | | | | +--:(ldp-ip-prefix) 294 | | | | | +---w ldp-ip-prefix? inet:ip-prefix 295 | | | | +--:(rsvp) 296 | | | | | +---w tunnel-id? uint32 297 | | | | +--:(vpn-ip-prefix) 298 | | | | | +---w vrf-id? uint32 299 | | | | | +---w vpn-ip-prefix? inet:ip-prefix 300 | | | | +--:(pw) 301 | | | | | +---w pw-id? uint32 302 | | | | | +---w remote-pe-addr? inet:ip-address 303 | | | | +--:(bgp-label-prefix) 304 | | | | | +---w bgp-label-prefix? inet:ip-prefix 305 | | | | +--:(generic-ip-prefix) 306 | | | | | +---w generic-ip-prefix? inet:ip-prefix 307 | | | | +--:(igp-ip-prefix) 308 | | | | +---w protocol? identityref 309 | | | | +---w igp-ip-prefix? inet:ip-prefix 310 | | | +---w target-fec-type target-fec-type 311 | | | +---w reply-mode? reply-mode 312 | | | +---w return-ttl-tlv? boolean 313 | | | +---w return-ttl-value 314 | | | | +---w return-ttl-value? uint8 315 | | | +---w global-flags 316 | | | +---w v-flag? boolean 317 | | | +---w t-flag? boolean 318 | | | +---w r-flag? boolean 319 | | +---w echo-scheduling-parameters 320 | | +---w probe-interval 321 | | | +---w min-probe-interval? identityref 322 | | | +---w max-probe-interval? identityref 323 | | +---w probe-count? uint32 324 | | +---w probe-timeout? identityref 325 | | +---w output-info 326 | | +---w output-intf* [interface] 327 | | | +---w interface if:interface-ref 328 | | +---w nexthop? inet:ip-address 329 | +--ro output 330 | +--ro response-list* [response-index] 331 | +--ro response-index uint32 332 | +--ro response-header-parameters 333 | | +--ro resp-source-address ip-address 334 | | +--ro resp-destination-address ip-address 335 | | +--ro resp-traffic-class uint8 336 | +--ro response-payload-parameters 337 | | +--ro reply-mode reply-mode 338 | | +--ro return-code return-code 339 | | +--ro return-sub-code uint8 340 | | +--ro seq-number uint32 341 | | +--ro timestamp-sent yang:date-and-time 342 | | +--ro timestamp-received yang:date-and-time 343 | | +--ro target-fec-type target-fec-type 344 | +--ro response-payload-optional-parameters 345 | +--ro ddmap 346 | +--ro ddmap-mtu? int16 347 | +--ro ddmap-downstream-address? ip-address 348 | +--ro ddmap-downstream-intf-index? int32 349 | +--ro ddmap-return-code? return-code 350 | +--ro ddmap-return-subcode? int16 351 | +--ro ddmap-label-stack* [label] 352 | +--ro label rt-types:mpls-label 353 | +--ro protocol? ddmap-protocol 354 +---x multi-path-discovery 355 +---w input 356 | +---w echo-header-parameters 357 | | +---w source-address? ip-address 358 | | +---w destination-address? ip-loopback-address 359 | | +---w traffic-class? mpls-traffic-class 360 | | +---w mpls-entropy-label? mpls-entropy-label 361 | | +---w header-mpls-ttl? uint8 362 | | +---w mpls-exp-label? boolean 363 | +---w echo-payload-parameters 364 | | +---w reply-tos-tlv? boolean 365 | | +---w reply-tos-value 366 | | | +---w reply-tos-value? uint8 367 | | +---w probe-size? uint32 368 | | +---w probe-sweep 369 | | | +---w min-probe-sweep? uint16 370 | | | +---w max-probe-sweep? uint16 371 | | +---w target-fec-stack-type 372 | | | +---w target-fec-stack-type identityref 373 | | | +---w (target-fec-stack-value)? 374 | | | +--:(ldp-ip-prefix) 375 | | | | +---w ldp-ip-prefix? inet:ip-prefix 376 | | | +--:(rsvp) 377 | | | | +---w tunnel-id? uint32 378 | | | +--:(vpn-ip-prefix) 379 | | | | +---w vrf-id? uint32 380 | | | | +---w vpn-ip-prefix? inet:ip-prefix 381 | | | +--:(pw) 382 | | | | +---w pw-id? uint32 383 | | | | +---w remote-pe-addr? inet:ip-address 384 | | | +--:(bgp-label-prefix) 385 | | | | +---w bgp-label-prefix? inet:ip-prefix 386 | | | +--:(generic-ip-prefix) 387 | | | | +---w generic-ip-prefix? inet:ip-prefix 388 | | | +--:(igp-ip-prefix) 389 | | | +---w protocol? identityref 390 | | | +---w igp-ip-prefix? inet:ip-prefix 391 | | +---w target-fec-type target-fec-type 392 | | +---w reply-mode? reply-mode 393 | | +---w return-ttl-tlv? boolean 394 | | +---w return-ttl-value 395 | | | +---w return-ttl-value? uint8 396 | | +---w global-flags 397 | | +---w v-flag? boolean 398 | | +---w t-flag? boolean 399 | | +---w r-flag? boolean 400 | +---w echo-scheduling-parameters 401 | | +---w probe-interval 402 | | | +---w min-probe-interval? identityref 403 | | | +---w max-probe-interval? identityref 404 | | +---w probe-count? uint32 405 | | +---w probe-timeout? identityref 406 | | +---w output-info 407 | | +---w output-intf* [interface] 408 | | | +---w interface if:interface-ref 409 | | +---w nexthop? inet:ip-address 410 | +---w ddmap-hash 411 | +---w ddmap-hash? multipath-hashtype 412 +--ro output 413 +--ro response-list* [response-index] 414 +--ro response-index uint32 415 +--ro response-header-parameters 416 | +--ro resp-source-address ip-address 417 | +--ro resp-destination-address ip-address 418 | +--ro resp-traffic-class uint8 419 +--ro response-payload-parameters 420 | +--ro reply-mode reply-mode 421 | +--ro return-code return-code 422 | +--ro return-sub-code uint8 423 | +--ro seq-number uint32 424 | +--ro timestamp-sent yang:date-and-time 425 | +--ro timestamp-received yang:date-and-time 426 | +--ro target-fec-type target-fec-type 427 +--ro response-payload-optional-parameters 428 +--ro ddmap 429 +--ro ddmap-mtu? int16 430 +--ro ddmap-downstream-address? ip-address 431 +--ro ddmap-downstream-intf-index? int32 432 +--ro ddmap-return-code? return-code 433 +--ro ddmap-return-subcode? int16 434 +--ro ddmap-label-stack* [label] 435 +--ro label rt-types:mpls-label 436 +--ro protocol? ddmap-protocol 438 3. LSP Ping YANG Module 440 file "ietf-mpls-lsp-ping@2020-06-09.yang" 441 module ietf-mpls-lsp-ping-rev1d { 442 yang-version 1.1; 443 namespace "urn:ietf:params:xml:ns:yang:ietf-mpls-lsp-ping-rev1d"; 444 prefix "lsp-ping"; 446 import ietf-inet-types { 447 prefix inet; 448 reference 449 "RFC 6991: Common YANG Types."; 450 } 452 import ietf-yang-types { 453 prefix yang; 454 reference 455 "RFC 6991: Common YANG Types."; 456 } 458 import ietf-interfaces { 459 prefix if; 460 reference 461 "RFC 8343: YANG Interface Management"; 462 } 464 import ietf-lime-time-types { 465 prefix lime; 466 } 467 import ietf-routing { 468 prefix rt; 469 reference 470 "RFC 8022: YANG Routing Management"; 471 } 473 import ietf-mpls { 474 prefix mpls; 475 reference 476 "to be updated"; 477 } 479 import ietf-routing-types { 480 prefix rt-types; 481 reference 482 "RFC 8294: Common YANG Data Types for the Routing Area."; 483 } 485 organization 486 "IETF MPLS Working Group"; 488 contact 489 "WG Web: 490 WG List: 492 Editor: Nagendra Kumar Nainar 493 494 Editor: Carlos Pignataro 495 "; 497 description 498 "This YANG module defines the configuration of MPLS LSP Ping. 499 Copyright (c) 2018 IETF Trust and the persons identified as 500 authors of the code. All rights reserved. 502 Redistribution and use in source and binary forms, with or 503 without modification, is permitted pursuant to, and subject to 504 the license terms contained in, the Simplified BSD License set 505 forth in Section 4.c of the IETF Trust's Legal Provisions 506 Relating to IETF Documents 507 (https://trustee.ietf.org/license-info). 509 This version of this YANG module is part of RFC XXXX 510 (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself 511 for full legal notices. 513 The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL 514 NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', 515 'MAY', and 'OPTIONAL' in this document are to be interpreted as 516 described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, 517 they appear in all capitals, as shown here. 519 This version of this YANG module is part of RFC XXXX; 520 see the RFC itself for full legal notices."; 522 revision 2020-06-09 { 523 description 524 "Initial revision."; 525 reference 526 "To be Updated"; 527 } 529 feature mpls-oam { 530 description 531 "MPLS OAM feature."; 532 } 534 typedef ipv4-loopback-address { 535 type inet:ipv4-address { 536 pattern '127.*'; 537 } 538 description 539 "This type represents an IPv4 Loopback address, 540 which is in the range of 127.0.0.0 to 127.255.255.255."; 541 reference 542 "RFC 1212: Requirements for Internet Hosts 543 -- Communication Layers."; 544 } 546 typedef ipv6-loopback-address { 547 type inet:ipv6-address { 548 pattern 'to-be-updated'; 549 } 550 description 551 "This type represents an IPv6 Loopback address, 552 which is ::1/128"; 553 reference 554 "RFC 4291: IP Version 6 Addressing Architecture."; 555 } 557 typedef ip-loopback-address { 558 type union { 559 type ipv4-loopback-address; 560 type ipv6-loopback-address; 561 } 562 description 563 "This type represents a version-neutral IP Loopback 564 address."; 565 } 567 typedef ip-address { 568 type union { 569 type inet:ipv4-address; 570 type inet:ipv6-address; 571 } 572 description 573 "Version neutral IP Address"; 574 } 576 typedef mpls-traffic-class { 577 type uint8 { 578 range 0..7; 579 } 580 description 581 "MPLS Traffic Class (EXP) value within range 0 to 7."; 582 } 584 typedef mpls-entropy-label { 585 type rt-types:mpls-label-general-use; 587 description 588 "This type represents the Entropy Label, 589 which is outside the reserved range."; 590 reference 591 "RFC 6790: The Use of Entropy Labels in MPLS Forwarding"; 592 } 594 typedef multipath-hashtype { 595 type enumeration { 596 enum mp-empty { 597 value "0"; 598 description 599 "No Multipath"; 600 } 601 enum mp-ip-addr { 602 value "2"; 603 description 604 "IP Address based Multipath 605 Information Encoding"; 606 } 607 enum mp-ip-range { 608 value "4"; 609 description 610 "IP Address range based Multipath 611 Information Encoding"; 612 } 613 enum mp-ip-bitmask { 614 value "8"; 615 description 616 "Bit masked IP Address set for Multipath 617 Information Encoding"; 618 } 619 enum mp-label-bitmask { 620 value "9"; 621 description 622 "Bit masked Label set for Multipath 623 Information Encoding"; 624 } 625 } 626 description 627 "This type represents the multipath Data type to be used in 628 the DDMAP for Multipath tracing."; 629 reference 630 "RFC 8029: Section 3.4.1.1."; 631 } 633 typedef reply-mode { 634 type enumeration { 635 enum do-not-reply { 636 value "1"; 637 description 638 "Do not Reply"; 639 reference 640 "RFC8029: Section 3"; 641 } 642 enum reply-udp { 643 value "2"; 644 description 645 "Reply via an IPv4/IPv6 UDP packet"; 646 reference 647 "RFC8029: Section 3"; 648 } 649 enum reply-udp-ra { 650 value "3"; 651 description 652 "Reply via an IPv4/IPv6 UDP packet with 653 Router Alert"; 654 reference 655 "RFC8029: Section 3"; 656 } 657 enum reply-app-cc { 658 value "4"; 659 description 660 "Reply via application-level control 661 channel"; 662 reference 663 "RFC8029: Section 3"; 664 } 665 enum reply-via-path { 666 value "5"; 667 description 668 "Reply via Specified Path"; 669 reference 670 "RFC7110: Section 4.1"; 671 } 672 } 673 description 674 "This type defines the Reply mode"; 675 } 677 typedef return-code { 678 type enumeration { 679 enum no-return { 680 value "0"; 681 description 682 "No Return Code"; 683 reference 684 "RFC 8029: Section 3.1"; 685 } 686 enum malformed-echo { 687 value "1"; 688 description 689 "Malformed Echo Request Received"; 690 reference 691 "RFC 8029: Section 3.1"; 692 } 693 enum unknown-tlvs { 694 value "2"; 695 description 696 "One or more of the TLVs was not 697 understood"; 698 reference 699 "RFC 8029: Section 3.1"; 700 } 701 enum egress-reply { 702 value "3"; 703 description 704 "Replying router is an egress for the 705 FEC at stack-depth "; 706 reference 707 "RFC 8029: Section 3.1"; 708 } 709 enum egress-nomap { 710 value "4"; 711 description 712 "Replying router has no mapping for the 713 FEC at stack-depth "; 714 reference 715 "RFC 8029: Section 3.1"; 716 } 717 enum dd-mismatch { 718 value "5"; 719 description 720 "Downstream Mapping Mismatch"; 721 reference 722 "RFC 8029: Section 3.1"; 723 } 724 enum unknown-upstream { 725 value "6"; 726 description 727 "Upstream Interface Index Unknown"; 728 reference 729 "RFC 8029: Section 3.1"; 730 } 731 enum reserved { 732 value "7"; 733 description 734 "Reserved"; 735 reference 736 "RFC 8029: Section 3.1"; 737 } 738 enum label-switched { 739 value "8"; 740 description 741 "Label switched at stack-depth "; 742 reference 743 "RFC 8029: Section 3.1"; 744 } 745 enum label-switched-no-mpls { 746 value "9"; 747 description 748 "Label switched but no MPLS forwarding 749 at stack-depth "; 750 reference 751 "RFC 8029: Section 3.1"; 752 } 753 enum FEC-map-mismatch { 754 value "10"; 755 description 756 "Mapping for this FEC is not the given 757 label at stack-depth "; 758 reference 759 "RFC 8029: Section 3.1"; 760 } 761 enum no-label { 762 value "11"; 763 description 764 "No label entry at stack-depth "; 765 reference 766 "RFC 8029: Section 3.1"; 767 } 768 enum protocol-mismatch { 769 value "12"; 770 description 771 "Protocol not associated with interface 772 at FEC stack-depth "; 773 reference 774 "RFC 8029: Section 3.1"; 775 } 776 enum premature-terminate { 777 value "13"; 778 description 779 "Premature termination of ping due to 780 label stack shrinking to a single label"; 781 reference 782 "RFC 8029: Section 3.1"; 783 } 784 enum ddmap-return-code { 785 value "14"; 786 description 787 "See DDMAP TLV for meaning of Return Code 788 and Return Subcode"; 789 reference 790 "RFC 8029: Section 3.1"; 791 } 792 enum label-switched-fec-change { 793 value "15"; 794 description 795 "Label switched with FEC change"; 796 reference 797 "RFC 8029: Section 3.1"; 798 } 799 } 800 description 801 "This defines the Return codes received in the 802 Echo Response."; 804 reference 805 "RFC 8029: Section 3.1"; 806 } 808 typedef ddmap-protocol { 809 type enumeration { 810 enum unknown { 811 value "0"; 812 description 813 "Unknown Signaling Protocol"; 814 } 815 enum static { 816 value "1"; 817 description 818 "Static Signaling Protocol"; 819 } 820 enum bgp { 821 value "2"; 822 description 823 "BGP Signaling Protocol"; 824 } 825 enum ldp { 826 value "3"; 827 description 828 "LDP Signaling Protocol"; 829 } 830 enum rsvp-te { 831 value "4"; 832 description 833 "RSVP-TE Signaling Protocol"; 834 } 835 } 836 description 837 "This defines the Signaling Protocol 838 received in the DDMAP."; 839 reference 840 "RFC 8029: Section 3.4.1.2"; 841 } 843 identity igp-proto { 844 description 845 "IGP Protocol."; 846 } 848 identity igp-any { 849 base igp-proto; 850 description 851 "Any IGP Protocol. The value is set to 852 0 in the TLV."; 853 reference 854 "RFC8287: Section 9.2"; 855 } 856 identity igp-ospfv2 { 857 base igp-proto; 858 description 859 "OSPFv2 IGP Protocol. The value is set to 860 1 in the TLV."; 861 reference 862 "RFC8287: Section 9.2"; 863 } 864 identity igp-ospfv3 { 865 base igp-proto; 866 description 867 "OSPFv3 IGP Protocol. The value is set to 868 3 in the TLV."; 869 reference 870 "RFC8287: Section 9.2"; 871 } 872 identity igp-isis { 873 base igp-proto; 874 description 875 "ISIS IGP Protocol. The value is set to 876 2 in the TLV."; 877 reference 878 "RFC8287: Section 9.2"; 879 } 881 identity target-fec-type { 882 description 883 "Target FEC Stack TLV Type"; 884 } 886 identity ldp-ip-prefix { 887 base target-fec-type; 888 description 889 "LDP IPv4/IPv6 Prefix."; 890 } 892 identity rsvp { 893 base target-fec-type; 894 description 895 "RSVP IPv4/IPv6 LSP."; 896 } 898 identity vpn-ip-prefix { 899 base target-fec-type; 900 description 901 "VPN IPv4/IPv6 Prefix."; 902 } 904 identity pw { 905 base target-fec-type; 906 description 907 "FEC 129 pseudowire IPv4/IPv6."; 908 } 910 identity bgp-label-prefix { 911 base target-fec-type; 912 description 913 "BGP labeled IPv4/IPv6 Prefix."; 914 } 916 identity generic-ip-prefix { 917 base target-fec-type; 918 description 919 "Generic IPv4/IPv6 Prefix."; 920 } 922 identity nil-fec { 923 base target-fec-type; 924 description 925 "Nil FEC TLV."; 926 } 928 identity igp-ip-prefix { 929 base target-fec-type; 930 description 931 "IGP IPv4/IPv6 Prefix Segment ID."; 932 } 934 identity igp-adj-prefix { 935 base target-fec-type; 936 description 937 "IGP Adjacency Segment ID."; 938 } 940 grouping global-flags { 941 container global-flags { 942 leaf v-flag { 943 type boolean; 944 default false; 945 description 946 "Section 3 of RFC8029 - The V (Validate 947 FEC Stack) flag is used if the 948 FEC stack should be validated"; 949 } 950 leaf t-flag { 951 type boolean; 952 default false; 953 description 954 "Section 3 of RFC8029 - The T flag 955 is set if the response is expected 956 only if TTL expires"; 957 } 958 leaf r-flag { 959 type boolean; 960 default false; 961 description 962 "Section 3 of RFC8029 - The R flag 963 is set if the responder should 964 return the reverse-path FEC information."; 965 } 966 } 967 } 969 grouping echo-header-parameters { 970 container echo-header-parameters { 971 leaf source-address { 972 type ip-address; 973 description 974 "Specifies the Source IP address in 975 the Echo Request header."; 976 } 977 leaf destination-address { 978 type ip-loopback-address; 979 description 980 "Specifies the Destination IP address 981 in the Echo Request header."; 982 } 983 leaf traffic-class { 984 type mpls-traffic-class; 985 description 986 "Specifies the MPLS traffic class 987 in the Echo Request header."; 988 } 989 leaf mpls-entropy-label { 990 type mpls-entropy-label; 991 description 992 "Specifies the Entropy Label to be 993 inserted along with the Label Stack 994 for the Echo Request header."; 995 } 996 leaf header-mpls-ttl { 997 type uint8; 998 default 255; 999 description 1000 "Specifies the TTL value for the 1001 MPLS Label in the Echo Request header."; 1002 } 1003 leaf mpls-exp-label { 1004 type boolean; 1005 description 1006 "This optional attribute is used to 1007 force the insertion of MPLS Explicit 1008 Null in the Label Stack for the Echo 1009 Request header."; 1010 } 1011 } 1012 } 1014 grouping echo-payload-parameters { 1015 container echo-payload-parameters { 1016 leaf reply-tos-tlv { 1017 type boolean; 1018 default false; 1019 description 1020 "This optional attribute is used to 1021 instruct the Initiator to include 1022 Reply-TOS TLV."; 1023 }//leaf reply-tos-tlv 1024 container reply-tos-value { 1025 when "../reply-tos-tlv = 'true'" { 1026 description 1027 "Reply TOS Value is set ONLY 1028 when Reply-TOS TLV is required 1029 in the Echo Request."; 1030 } 1031 leaf reply-tos-value { 1032 type uint8 { 1033 range "0..63"; 1034 } 1035 description 1036 "TOS value for the return packet."; 1037 }//leaf ddmap-hash 1038 }//container reply-tos-value 1039 leaf probe-size { 1040 type uint32 { 1041 range 1..15000; 1042 } 1043 }//leaf probe-size 1044 container probe-sweep { 1045 when "../probe-size = 'false'" { 1046 description 1047 "Probe sweep should be used only if a fixed 1048 probe size is not defined."; 1049 } 1050 leaf min-probe-sweep { 1051 type uint16 { 1052 range 72..18000; 1053 } 1054 description 1055 "This define the minimum size of 1056 the probe packet."; 1057 } 1058 leaf max-probe-sweep { 1059 type uint16 { 1060 range "72..18000"; 1061 } 1062 description 1063 "This defines the maximum size of 1064 the probe packet."; 1065 } 1066 description 1067 "This instructs the initiator to send 1068 a sweep of probe packets at varying size 1069 between the minimum and maximum value 1070 defined."; 1071 } 1072 container target-fec-stack-type { 1073 leaf target-fec-stack-type { 1074 type identityref { 1075 base target-fec-type; 1076 } 1077 mandatory true; 1078 description 1079 "Target FEC STack to define the FEC to 1080 be included in the Echo Request"; 1081 } 1083 choice target-fec-stack-value { 1084 description 1085 "Target FEC Stack Value"; 1086 case ldp-ip-prefix { 1087 leaf ldp-ip-prefix { 1088 type inet:ip-prefix; 1089 description 1090 "LDP IPv4/IPv6 Prefix."; 1091 } 1093 } 1094 case rsvp { 1095 leaf tunnel-id { 1096 type uint32; 1097 description 1098 "RSVP Tunnel ID."; 1099 } 1100 } 1101 case vpn-ip-prefix { 1102 leaf vrf-id { 1103 type uint32; 1104 description 1105 "VPN ID."; 1106 } 1107 leaf vpn-ip-prefix { 1108 type inet:ip-prefix; 1109 description 1110 "VPN IP Prefix"; 1111 } 1112 } 1113 case pw { 1114 leaf pw-id { 1115 type uint32; 1116 description 1117 "Pseudowire ID."; 1118 } 1119 leaf remote-pe-addr { 1120 type inet:ip-address; 1121 description 1122 "PW Remote PE Address."; 1123 } 1124 } 1125 case bgp-label-prefix { 1126 leaf bgp-label-prefix { 1127 type inet:ip-prefix; 1128 description 1129 "BGP IPv4/IPv6 Prefix."; 1130 } 1131 } 1132 case generic-ip-prefix { 1133 leaf generic-ip-prefix { 1134 type inet:ip-prefix; 1135 description 1136 "Generic IPv4/IPv6 Prefix."; 1137 } 1138 } 1139 case igp-ip-prefix { 1140 leaf protocol { 1141 type identityref { 1142 base igp-proto; 1143 } 1144 description 1145 "IGP Protocol ID."; 1146 } 1147 leaf igp-ip-prefix { 1148 type inet:ip-prefix; 1149 description 1150 "IGP IPv4/IPv6 Prefix."; 1151 } 1152 } 1153 } 1154 } 1155 leaf reply-mode { 1156 type reply-mode; 1157 description 1158 "XYZ"; 1159 reference 1160 "RFC 8029: Section 3."; 1161 } 1163 leaf return-ttl-tlv { 1164 type boolean; 1165 default "false"; 1166 description 1167 "'Time to Live' TLV to be included 1168 in the Echo Response."; 1169 reference 1170 "RFC 7394: Section 3."; 1171 } 1173 container return-ttl-value { 1174 when "../return-ttl-tlv = 'true'" { 1175 description 1176 "When TTL TLV is included in the 1177 Echo Request, the value mentioned 1178 in this field should be included in 1179 the value field of the TLV."; 1180 } 1181 leaf return-ttl-value { 1182 type uint8; 1183 description 1184 "Return TTL value"; 1185 }//leaf return-ttl-value 1186 }//container return-ttl-value 1188 uses global-flags; 1190 }//container echo-payload-parameters 1191 }//grouping echo-payload-parameters 1193 grouping echo-scheduling-parameters { 1194 container echo-scheduling-parameters { 1195 container probe-interval { 1196 leaf min-probe-interval { 1197 type identityref { 1198 base lime:time-unit-type; 1199 } 1200 default "lime:milliseconds"; 1201 description 1202 "This defines the minimum leaf interval."; 1203 } 1204 leaf max-probe-interval { 1205 type identityref { 1206 base lime:time-unit-type; 1207 } 1208 default "lime:milliseconds"; 1209 description 1210 "This defines the maximum leaf interval."; 1211 } 1212 description 1213 "To be Added."; 1214 }//container probe-interval 1216 leaf probe-count { 1217 type uint32; 1218 default "5"; 1219 description 1220 "This defines the number of probe counts."; 1221 } 1223 leaf probe-timeout { 1224 type identityref { 1225 base lime:time-unit-type; 1226 } 1227 default "lime:seconds"; 1228 //range "0..3600"; 1229 description 1230 "This defines the probe timeout 1231 interval in Seconds."; 1232 } 1234 container output-info { 1235 list output-intf { 1236 key "interface"; 1237 leaf interface { 1238 type if:interface-ref; 1239 description 1240 "Specifies the Egress interface to 1241 send the probe out."; 1242 } 1243 description 1244 "List of outgoing interfaces"; 1245 } 1247 leaf nexthop { 1248 type inet:ip-address; 1249 description 1250 "Specifies the next hop address to 1251 send the probe out."; 1252 } 1253 } 1254 }//container echo-scheduling-parameters 1255 }//grouping echo-scheduling-parameters 1257 grouping response-header-parameters { 1258 container response-header-parameters { 1259 leaf resp-source-address { 1260 type ip-address; 1261 mandatory true; 1262 description 1263 "Specifies the Source IP address in 1264 the Echo Response header."; 1265 } 1267 leaf resp-destination-address { 1268 type ip-address; 1269 mandatory true; 1270 description 1271 "Specifies the Destination IP address in 1272 the Echo Response header."; 1273 } 1275 leaf resp-traffic-class { 1276 type uint8 { 1277 range "0..63"; 1278 } 1279 mandatory true; 1280 description 1281 "Specifies the TOS/DSCP in the Echo 1282 Response header."; 1283 } 1285 }//container response-header 1287 }//grouping response-header 1289 grouping response-payload-parameters { 1290 container response-payload-parameters { 1291 leaf reply-mode { 1292 type reply-mode; 1293 mandatory true; 1294 description 1295 "XYZ"; 1296 reference 1297 "RFC 8029: Section 3."; 1298 } 1300 leaf return-code { 1301 type return-code; 1302 mandatory true; 1303 description 1304 "Return Code received in the Echo 1305 Reply Payload."; 1306 } 1308 leaf return-sub-code { 1309 type uint8; 1310 mandatory true; 1311 description 1312 "Return Sub Code received in the Echo 1313 Reply Payload."; 1314 } 1316 leaf seq-number { 1317 type uint32; 1318 mandatory true; 1319 description 1320 "Sequence Number received in the Echo 1321 Reply Payload."; 1322 } 1324 leaf timestamp-sent { 1325 type yang:date-and-time; 1326 mandatory true; 1327 description 1328 "Timestamp Sent is the time of day in 1329 64-bit NTP timestamp format 1330 when MPLS Echo Request is sent."; 1331 } 1333 leaf timestamp-received { 1334 type yang:date-and-time; 1335 mandatory true; 1336 description 1337 "Timestamp Received is the time of day in 1338 64-bit NTP timestamp format 1339 when MPLS Echo Response is sent."; 1340 } 1342 leaf target-fec-type { 1343 type target-fec-type; 1344 mandatory true; 1345 description 1346 "Target FEC Stack to define the FEC to be 1347 included in the Echo Request."; 1348 } 1349 }//container response-payload-parameters 1351 }//grouping response-payload-parameters 1353 grouping response-payload-optional-parameters { 1354 container response-payload-optional-parameters { 1355 container ddmap { 1356 leaf ddmap-mtu { 1357 type int16; 1358 description 1359 "This is used to carry the MTU from the DDMAP 1360 received in teh Echo Response Payload."; 1361 } 1363 leaf ddmap-downstream-address { 1364 type ip-address; 1365 description 1366 "This is used to carry the Downstream 1367 Address from the DDMAP received in the 1368 Echo Response Payload."; 1369 } 1371 leaf ddmap-downstream-intf-index { 1372 type int32 { 1373 range "1..2147483647"; 1374 } 1375 description 1376 "This is used to carry the Downstream 1377 Interface Address from the DDMAP 1378 received in the Echo Response Payload."; 1379 } 1381 leaf ddmap-return-code { 1382 type return-code; 1383 description 1384 "This is used to carry the Return Code 1385 from the DDMAP received in the Echo 1386 Response Payload."; 1387 } 1389 leaf ddmap-return-subcode { 1390 type int16; 1391 description 1392 "This is used to carry the Return Sub Code 1393 from the DDMAP received in the Echo 1394 Response Payload."; 1395 } 1397 list ddmap-label-stack { 1398 key "label"; 1399 description 1400 "This is used to carry the Label Stack 1401 from the DDMAP received in the Echo 1402 Response Payload."; 1403 leaf label { 1404 type rt-types:mpls-label; 1405 } 1407 leaf protocol { 1408 type ddmap-protocol; 1409 } 1410 } 1411 }//container ddmap 1412 } //response-payload-optional-parameters 1413 reference 1414 "RFC 8029: Section 3.4 -- DDMAP."; 1415 } //grouping resp-payload-optional-parameters 1417 /* Configuration */ 1419 augment "/rt:routing/mpls:mpls" { 1420 if-feature mpls-oam; 1421 description 1422 "RFC8029: MPLS OAM Feature Augmentation"; 1423 container mpls-oam { 1424 leaf enable { 1425 type boolean; 1426 description 1427 "Enable MPLS OAM"; 1428 } 1429 } 1430 } 1431 /* RPC */ 1433 rpc continuity-check { 1434 description 1435 "Triggers LSP Ping from the Initiator and return 1436 the response."; 1438 input { 1439 uses echo-header-parameters { 1440 description 1441 "This grouping defines the parameters 1442 to be set in the probe header."; 1443 } 1444 uses echo-payload-parameters { 1445 description 1446 "This grouping defines the parameters 1447 to be set in the probe payload."; 1448 } 1449 uses echo-scheduling-parameters { 1450 description 1451 "This grouping defines the scheduling 1452 parameters to be used by the initiator."; 1453 } 1454 } 1456 output { 1457 list response-list { 1458 key "response-index"; 1459 description 1460 "Continuity Check Response List."; 1461 leaf response-index { 1462 type uint32; 1463 mandatory true; 1464 } 1465 uses response-header-parameters { 1466 description 1467 "This grouping defines the parameters 1468 from the received echo response header."; 1469 } 1471 uses response-payload-parameters { 1472 description 1473 "This grouping defines the parameters 1474 from the received echo response payload."; 1475 } 1476 }//list response-list 1477 }//output 1478 }//rpc continuity-check 1479 rpc single-path-discovery { 1480 input { 1481 uses echo-header-parameters { 1482 description 1483 "This grouping defines the parameters to be 1484 set in the probe header."; 1485 } 1486 uses echo-payload-parameters { 1487 description 1488 "This grouping defines the parameters to be 1489 set in the probe payload."; 1490 } 1491 uses echo-scheduling-parameters { 1492 description 1493 "This grouping defines the scheduling 1494 parameters to be used by the initiator."; 1495 } 1496 } 1497 output { 1498 list response-list { 1499 key "response-index"; 1500 description 1501 "Continuity Check Response List."; 1502 leaf response-index { 1503 type uint32; 1504 mandatory true; 1505 } 1506 uses response-header-parameters { 1507 description 1508 "This grouping defines the parameters 1509 from the received echo response header."; 1510 } 1512 uses response-payload-parameters { 1513 description 1514 "This grouping defines the parameters 1515 from the received echo response payload."; 1516 } 1518 uses response-payload-optional-parameters { 1519 description 1520 "This grouping defines the optional 1521 parameters from the received Echo 1522 Response."; 1523 } 1525 }//list response-list 1526 }//output 1528 }//rpc single-path-discovery 1530 rpc multi-path-discovery { 1531 input { 1532 uses echo-header-parameters { 1533 description 1534 "This grouping defines the parameters to be 1535 set in the probe header."; 1536 } 1537 uses echo-payload-parameters { 1538 description 1539 "This grouping defines the parameters to be 1540 set in the probe payload."; 1541 } 1542 uses echo-scheduling-parameters { 1543 description 1544 "This grouping defines the scheduling 1545 parameters to be used by the initiator."; 1546 } 1547 container ddmap-hash { 1548 leaf ddmap-hash { 1549 type multipath-hashtype; 1550 description 1551 "Hashkey type for the DDMAP"; 1552 }//leaf ddmap-hash 1553 } 1554 } 1555 output { 1556 list response-list { 1557 key "response-index"; 1558 description 1559 "Continuity Check Response List."; 1560 leaf response-index { 1561 type uint32; 1562 mandatory true; 1563 } 1564 uses response-header-parameters { 1565 description 1566 "This grouping defines the parameters 1567 from the received echo response header."; 1568 } 1570 uses response-payload-parameters { 1571 description 1572 "This grouping defines the parameters 1573 from the received echo response payload."; 1574 } 1575 uses response-payload-optional-parameters { 1576 description 1577 "This grouping defines the optional 1578 parameters from the received Echo 1579 Response."; 1580 } 1582 }//list response-list 1583 }//output 1584 }//rpc multi-path-discovery 1585 } 1587 1589 4. IANA Considerations 1591 To be Updated. 1593 5. Security Considerations 1595 The YANG module specified in this document defines a schema for data 1596 that is designed to be accessed via network management protocols such 1597 as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer 1598 is the secure transport layer, and the mandatory-to-implement secure 1599 transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer 1600 is HTTPS, and the mandatory-to-implement secure transport is TLS 1601 [RFC8446]. 1603 The NETCONF Configuration Access Control Model (NACM) [RFC8341] 1604 [RFC8341] provides the means to restrict access for particular 1605 NETCONF or RESTCONF users to a preconfigured subset of all available 1606 NETCONF or RESTCONF protocol operations and content. 1608 This module defines RPC operations that may be considered sensitive 1609 or vulnerable in some network environments. It is therefore 1610 important to control the access to these operations. These are the 1611 operations and their sensitivity/vulnerability: 1613 * Continuity Check: Generates OAM probe for continuity check and 1614 retrieve the resulting data from the Initiator node. 1616 * Single Path Discovery: Generates OAM probe for single path tracing 1617 and retrieve the resulting data from various transit nodes. 1619 * Multi Path Discovery: Generates OAM probe for equal cost multipath 1620 tracing and retrieve the resulting data from various transit 1621 nodes. 1623 These operations are used to retrieve the data from the device that 1624 needs to execute the OAM command. Unauthorized source access to some 1625 sensitive information in the above data may be used for network 1626 reconnaissance or lead to denial-of-service attacks on both the local 1627 device and the network. 1629 6. Acknowledgement 1631 Some part of the YANG model was inspired by the previous model 1632 developed by Lianshu Zheng, Guangying Zheng, Greg Mirsky, Reshad 1633 Rahman, Faisal Iqbal and the authors would like to acknowledge them. 1635 The authors also would like to thank Loa Andersson for his help with 1636 forming this team and help organizing the work. 1638 7. Contributors 1640 The following are key contributors to this document: 1642 Reshad Rahman, Cisco Systems, Inc. 1644 Zafar Ali, Cisco Systems, Inc. 1646 8. References 1648 8.1. Normative References 1650 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1651 Requirement Levels", BCP 14, RFC 2119, 1652 DOI 10.17487/RFC2119, March 1997, 1653 . 1655 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 1656 the Network Configuration Protocol (NETCONF)", RFC 6020, 1657 DOI 10.17487/RFC6020, October 2010, 1658 . 1660 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 1661 and A. Bierman, Ed., "Network Configuration Protocol 1662 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 1663 . 1665 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 1666 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 1667 . 1669 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 1670 RFC 7950, DOI 10.17487/RFC7950, August 2016, 1671 . 1673 [RFC8029] Kompella, K., Swallow, G., Pignataro, C., Ed., Kumar, N., 1674 Aldrin, S., and M. Chen, "Detecting Multiprotocol Label 1675 Switched (MPLS) Data-Plane Failures", RFC 8029, 1676 DOI 10.17487/RFC8029, March 2017, 1677 . 1679 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 1680 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 1681 . 1683 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 1684 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 1685 May 2017, . 1687 [RFC8287] Kumar, N., Ed., Pignataro, C., Ed., Swallow, G., Akiya, 1688 N., Kini, S., and M. Chen, "Label Switched Path (LSP) 1689 Ping/Traceroute for Segment Routing (SR) IGP-Prefix and 1690 IGP-Adjacency Segment Identifiers (SIDs) with MPLS Data 1691 Planes", RFC 8287, DOI 10.17487/RFC8287, December 2017, 1692 . 1694 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 1695 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 1696 . 1698 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration 1699 Access Control Model", STD 91, RFC 8341, 1700 DOI 10.17487/RFC8341, March 2018, 1701 . 1703 [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., 1704 and R. Wilton, "Network Management Datastore Architecture 1705 (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, 1706 . 1708 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 1709 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 1710 . 1712 8.2. Informative References 1714 [RFC6425] Saxena, S., Ed., Swallow, G., Ali, Z., Farrel, A., 1715 Yasukawa, S., and T. Nadeau, "Detecting Data-Plane 1716 Failures in Point-to-Multipoint MPLS - Extensions to LSP 1717 Ping", RFC 6425, DOI 10.17487/RFC6425, November 2011, 1718 . 1720 [RFC8532] Kumar, D., Wang, Z., Wu, Q., Ed., Rahman, R., and S. 1721 Raghavan, "Generic YANG Data Model for the Management of 1722 Operations, Administration, and Maintenance (OAM) 1723 Protocols That Use Connectionless Communications", 1724 RFC 8532, DOI 10.17487/RFC8532, April 2019, 1725 . 1727 [RFC8533] Kumar, D., Wang, M., Wu, Q., Ed., Rahman, R., and S. 1728 Raghavan, "A YANG Data Model for Retrieval Methods for the 1729 Management of Operations, Administration, and Maintenance 1730 (OAM) Protocols That Use Connectionless Communications", 1731 RFC 8533, DOI 10.17487/RFC8533, April 2019, 1732 . 1734 Authors' Addresses 1736 Nagendra Kumar Nainar 1737 Cisco Systems, Inc. 1738 7200 Kit Creek Road 1739 Research Triangle Park, NC 27709 1740 United States of America 1742 Email: naikumar@cisco.com 1744 Carlos Pignataro 1745 Cisco Systems, Inc. 1746 7200 Kit Creek Road 1747 Research Triangle Park, NC 27709-4987 1748 United States of America 1750 Email: cpignata@cisco.com 1752 Madhan Sankaranarayanan 1753 Cisco Systems, Inc. 1754 Manjanam Sansel, Kurunji Nagar 1755 Chinnamanur 625515 1756 Tamil Nadu 1757 India 1759 Email: madsanka@cisco.com 1760 Walker Zheng 1761 Huawei 1762 101 Software Avenue, Yuhua District 1763 Nanjing 1764 Jiangsu, 210012 1765 China 1767 Email: zhengguangying@huawei.com