idnits 2.17.00 (12 Aug 2021) /tmp/idnits35846/draft-ietf-isis-sr-yang-11.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 340 has weird spacing: '...r-bound uin...' == Line 341 has weird spacing: '...r-bound uin...' == Line 352 has weird spacing: '...roup-id uin...' == The document doesn't use any RFC 2119 keywords, yet seems to have RFC 2119 boilerplate text. -- The document date (August 16, 2021) is 278 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC6536' is defined on line 1327, but no explicit reference was found in the text == Outdated reference: draft-ietf-spring-sr-yang has been published as RFC 9020 ** Obsolete normative reference: RFC 6536 (Obsoleted by RFC 8341) Summary: 1 error (**), 0 flaws (~~), 7 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 IS-IS Working Group S. Litkowski 3 Internet-Draft Cisco Systems 4 Intended status: Standards Track Y. Qu 5 Expires: February 17, 2022 Futurewei 6 P. Sarkar 7 Individual 8 I. Chen 9 The MITRE Corporation 10 J. Tantsura 11 Microsoft 12 August 16, 2021 14 YANG Data Model for IS-IS Segment Routing 15 draft-ietf-isis-sr-yang-11 17 Abstract 19 This document defines a YANG data module that can be used to 20 configure and manage IS-IS Segment Routing, as well as a YANG data 21 module for the management of Signaling Maximum SID Depth (MSD) Using 22 IS-IS. 24 Status of This Memo 26 This Internet-Draft is submitted in full conformance with the 27 provisions of BCP 78 and BCP 79. 29 Internet-Drafts are working documents of the Internet Engineering 30 Task Force (IETF). Note that other groups may also distribute 31 working documents as Internet-Drafts. The list of current Internet- 32 Drafts is at https://datatracker.ietf.org/drafts/current/. 34 Internet-Drafts are draft documents valid for a maximum of six months 35 and may be updated, replaced, or obsoleted by other documents at any 36 time. It is inappropriate to use Internet-Drafts as reference 37 material or to cite them other than as "work in progress." 39 This Internet-Draft will expire on February 17, 2022. 41 Copyright Notice 43 Copyright (c) 2021 IETF Trust and the persons identified as the 44 document authors. All rights reserved. 46 This document is subject to BCP 78 and the IETF Trust's Legal 47 Provisions Relating to IETF Documents 48 (https://trustee.ietf.org/license-info) in effect on the date of 49 publication of this document. Please review these documents 50 carefully, as they describe your rights and restrictions with respect 51 to this document. Code Components extracted from this document must 52 include Simplified BSD License text as described in Section 4.e of 53 the Trust Legal Provisions and are provided without warranty as 54 described in the Simplified BSD License. 56 Table of Contents 58 1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 2 59 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 60 1.2. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 3 61 2. IS-IS MSD . . . . . . . . . . . . . . . . . . . . . . . . . . 3 62 2.1. IS-IS MSD YANG Module . . . . . . . . . . . . . . . . . . 4 63 3. IS-IS Segment Routing . . . . . . . . . . . . . . . . . . . . 7 64 3.1. IS-IS Segment Routing configuration . . . . . . . . . . . 10 65 3.1.1. Segment Routing activation . . . . . . . . . . . . . 10 66 3.1.2. Advertising mapping server policy . . . . . . . . . . 10 67 3.1.3. IP Fast reroute . . . . . . . . . . . . . . . . . . . 11 68 3.2. IS-IS Segment Routing YANG Module . . . . . . . . . . . . 11 69 4. Security Considerations . . . . . . . . . . . . . . . . . . . 26 70 5. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 27 71 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 27 72 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 27 73 8. Normative References . . . . . . . . . . . . . . . . . . . . 28 74 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 29 76 1. Overview 78 YANG [RFC6020] [RFC7950] is a data definition language used to define 79 the contents of a conceptual data store that allows networked devices 80 to be managed using NETCONF [RFC6241]. YANG is proving relevant 81 beyond its initial confines, as bindings to other interfaces (e.g., 82 ReST) and encodings other than XML (e.g., JSON) are being defined. 83 Furthermore, YANG data models can be used as the basis for 84 implementation of other interfaces, such as CLI and programmatic 85 APIs. 87 This document defines a YANG data module that can be used to 88 configure and manage IS-IS Segment Routing [RFC8667] and it is an 89 augmentation to the IS-IS YANG data model. 91 This document also defines a YANG data module for the management of 92 Signaling Maximum SID Depth (MSD) Using IS-IS [RFC8491], which 93 augments the base IS-IS YANG data model. 95 The YANG modules in this document conform to the Network Management 96 Datastore Architecture (NMDA) [RFC8342]. 98 1.1. Requirements Language 100 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 101 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 102 "OPTIONAL" in this document are to be interpreted as described in BCP 103 14 [RFC2119] [RFC8174] when, and only when, they appear in all 104 capitals, as shown here. 106 1.2. Tree Diagrams 108 This document uses the graphical representation of data models 109 defined in [RFC8340]. 111 2. IS-IS MSD 113 This document defines a model for Signaling Maximum SID Depth (MSD) 114 Using IS-IS[RFC8667]. It is an augmentation of the IS-IS base model. 116 The figure below describes the overall structure of the isis-msd YANG 117 module: 119 module: ietf-isis-msd 120 augment /rt:routing/rt:control-plane-protocols 121 /rt:control-plane-protocol/isis:isis/isis:database 122 /isis:levels/isis:lsp/isis:router-capabilities: 123 +--ro node-msd-tlv 124 +--ro node-msds* [msd-type] 125 +--ro msd-type identityref 126 +--ro msd-value? uint8 127 augment /rt:routing/rt:control-plane-protocols 128 /rt:control-plane-protocol/isis:isis/isis:database 129 /isis:levels/isis:lsp/isis:extended-is-neighbor 130 /isis:neighbor: 131 +--ro link-msd-sub-tlv 132 +--ro link-msds* [msd-type] 133 +--ro msd-type identityref 134 +--ro msd-value? uint8 135 augment /rt:routing/rt:control-plane-protocols 136 /rt:control-plane-protocol/isis:isis/isis:database 137 /isis:levels/isis:lsp/isis:mt-is-neighbor/isis:neighbor: 138 +--ro link-msd-sub-tlv 139 +--ro link-msds* [msd-type] 140 +--ro msd-type identityref 141 +--ro msd-value? uint8 143 2.1. IS-IS MSD YANG Module 145 file "ietf-isis-msd@2021-08-15.yang" 146 module ietf-isis-msd { 147 yang-version 1.1; 148 namespace "urn:ietf:params:xml:ns:yang:ietf-isis-msd"; 149 prefix isis-msd; 151 import ietf-routing { 152 prefix rt; 153 reference "RFC 8349: A YANG Data Model for Routing 154 Management (NMDA Version)"; 155 } 157 import ietf-isis { 158 prefix isis; 159 } 161 import ietf-mpls-msd { 162 prefix mpls-msd; 163 } 165 organization 166 "IETF LSR - LSR Working Group"; 167 contact 168 "WG Web: 169 WG List: 171 Author: Yingzhen Qu 172 173 Author: Acee Lindem 174 175 Author: Stephane Litkowski 176 177 Author: Jeff Tantsura 178 180 "; 181 description 182 "The YANG module augments the base ISIS model to 183 manage different types of MSDs. 185 This YANG model conforms to the Network Management 186 Datastore Architecture (NMDA) as described in RFC 8342. 188 Copyright (c) 2021 IETF Trust and the persons identified as 189 authors of the code. All rights reserved. 191 Redistribution and use in source and binary forms, with or 192 without modification, is permitted pursuant to, and subject 193 to the license terms contained in, the Simplified BSD License 194 set forth in Section 4.c of the IETF Trust's Legal Provisions 195 Relating to IETF Documents 196 (https://trustee.ietf.org/license-info). 198 This version of this YANG module is part of RFC XXXX; 199 see the RFC itself for full legal notices. 201 The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL 202 NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', 203 'MAY', and 'OPTIONAL' in this document are to be interpreted as 204 described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, 205 they appear in all capitals, as shown here."; 207 reference "RFC XXXX: YANG Data Model for OSPF MSD."; 209 revision 2021-08-15 { 210 description 211 "Initial Version"; 212 reference "RFC XXXX: YANG Data Model for ISIS MSD."; 213 } 215 grouping link-msd-sub-tlv { 216 description 217 "Link Maximum SID Depth (MSD) grouping for an interface."; 218 container link-msd-sub-tlv { 219 list link-msds { 220 key "msd-type"; 221 leaf msd-type { 222 type identityref { 223 base mpls-msd:msd-base-type; 224 } 225 description 226 "MSD-Types"; 227 } 228 leaf msd-value { 229 type uint8; 230 description 231 "MSD value, in the range of 0-255."; 232 } 233 description 234 "List of link MSDs"; 235 } 236 description 237 "Link MSD sub-tlvs."; 239 } 240 } 242 /* Node MSD TLV */ 243 augment "/rt:routing/" + 244 "rt:control-plane-protocols/rt:control-plane-protocol"+ 245 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 246 "/isis:router-capabilities" { 247 when "/rt:routing/rt:control-plane-protocols/"+ 248 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 249 description 250 "This augment ISIS routing protocol when used"; 251 } 252 description 253 "This augments ISIS protocol LSDB router capability."; 254 container node-msd-tlv { 255 list node-msds { 256 key "msd-type"; 257 leaf msd-type { 258 type identityref { 259 base mpls-msd:msd-base-type; 260 } 261 description 262 "MSD-Types"; 263 } 264 leaf msd-value { 265 type uint8; 266 description 267 "MSD value, in the range of 0-255."; 268 } 269 description 270 "Node MSD is the smallest link MSD supported by 271 the node."; 272 } 273 description 274 "Node MSD is the number of SIDs supported by a node."; 275 reference 276 "RFC 8476: Signaling Maximum SID Depth (MSD) Using OSPF"; 277 } 278 } 280 /* link MSD sub-tlv */ 281 augment "/rt:routing/" + 282 "rt:control-plane-protocols/rt:control-plane-protocol"+ 283 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 284 "/isis:extended-is-neighbor/isis:neighbor" { 285 when "/rt:routing/rt:control-plane-protocols/"+ 286 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 287 description 288 "This augment ISIS routing protocol when used"; 289 } 290 description 291 "This augments ISIS protocol LSDB neighbor with 292 Link MSD sub-TLV."; 294 uses link-msd-sub-tlv; 295 } 297 augment "/rt:routing/" + 298 "rt:control-plane-protocols/rt:control-plane-protocol"+ 299 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 300 "/isis:mt-is-neighbor/isis:neighbor" { 301 when "/rt:routing/rt:control-plane-protocols/"+ 302 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 303 description 304 "This augment ISIS routing protocol when used"; 305 } 306 description 307 "This augments ISIS protocol LSDB neighbor."; 309 uses link-msd-sub-tlv; 310 } 311 } 312 314 3. IS-IS Segment Routing 316 This document defines a model for IS-IS Segment Routing feature. It 317 is an augmentation of the IS-IS base model. 319 The IS-IS SR YANG module requires support for the base segment 320 routing module [I-D.ietf-spring-sr-yang], which defines the global 321 segment routing configuration independent of any specific routing 322 protocol configuration, and support of IS-IS base model 323 [I-D.ietf-isis-yang-isis-cfg] which defines basic IS-IS configuration 324 and state. 326 The figure below describes the overall structure of the isis-sr YANG 327 module: 329 module: ietf-isis-sr 330 augment /rt:routing/rt:control-plane-protocols 331 /rt:control-plane-protocol/isis:isis: 332 +--rw segment-routing 333 | +--rw enabled? boolean 334 | +--rw bindings 335 | +--rw advertise 336 | | +--rw policies* string 337 | +--rw receive? boolean 338 +--rw protocol-srgb {sr-mpls:protocol-srgb}? 339 +--rw srgb* [lower-bound upper-bound] 340 +--rw lower-bound uint32 341 +--rw upper-bound uint32 342 augment /rt:routing/rt:control-plane-protocols 343 /rt:control-plane-protocol/isis:isis/isis:interfaces 344 /isis:interface: 345 +--rw segment-routing 346 +--rw adjacency-sid 347 +--rw adj-sids* [value] 348 | +--rw value-type? enumeration 349 | +--rw value uint32 350 | +--rw protected? boolean 351 +--rw advertise-adj-group-sid* [group-id] 352 | +--rw group-id uint32 353 +--rw advertise-protection? enumeration 354 augment /rt:routing/rt:control-plane-protocols 355 /rt:control-plane-protocol/isis:isis/isis:interfaces 356 /isis:interface/isis:fast-reroute: 357 +--rw ti-lfa {ti-lfa}? 358 +--rw enable? boolean 359 augment /rt:routing/rt:control-plane-protocols 360 /rt:control-plane-protocol/isis:isis/isis:interfaces 361 /isis:interface/isis:fast-reroute/isis:lfa/isis:remote-lfa: 362 +--rw use-segment-routing-path? boolean {remote-lfa-sr}? 363 augment /rt:routing/rt:control-plane-protocols 364 /rt:control-plane-protocol/isis:isis/isis:interfaces 365 /isis:interface/isis:adjacencies/isis:adjacency: 366 +--ro adjacency-sid* [value] 367 +--ro af? iana-rt-types:address-family 368 +--ro value uint32 369 +--ro weight? uint8 370 +--ro protection-requested? boolean 371 augment /rt:routing/rt:control-plane-protocols 372 /rt:control-plane-protocol/isis:isis/isis:database 373 /isis:levels/isis:lsp/isis:router-capabilities: 374 +--ro sr-capability 375 | +--ro sr-capability 376 | | +--ro sr-capability-bits* identityref 377 | +--ro global-blocks 378 | +--ro global-block* [] 379 | +--ro range-size? uint32 380 | +--ro sid-sub-tlv 381 | +--ro sid? uint32 382 +--ro sr-algorithms 383 | +--ro sr-algorithm* uint8 384 +--ro local-blocks 385 | +--ro local-block* [] 386 | +--ro range-size? uint32 387 | +--ro sid-sub-tlv 388 | +--ro sid? uint32 389 +--ro srms-preference 390 +--ro preference? uint8 391 augment /rt:routing/rt:control-plane-protocols 392 /rt:control-plane-protocol/isis:isis/isis:database/isis:levels 393 /isis:lsp/isis:extended-is-neighbor/isis:neighbor: 394 +--ro sid-list* [value] 395 +--ro adj-sid-flags 396 | +--ro bits* identityref 397 +--ro weight? uint8 398 +--ro neighbor-id? isis:system-id 399 +--ro value uint32 400 augment /rt:routing/rt:control-plane-protocols 401 /rt:control-plane-protocol/isis:isis/isis:database 402 /isis:levels/isis:lsp/isis:mt-is-neighbor/isis:neighbor: 403 +--ro sid-list* [value] 404 +--ro adj-sid-flags 405 | +--ro bits* identityref 406 +--ro weight? uint8 407 +--ro neighbor-id? isis:system-id 408 +--ro value uint32 409 augment /rt:routing/rt:control-plane-protocols 410 /rt:control-plane-protocol/isis:isis/isis:database 411 /isis:levels/isis:lsp/isis:extended-ipv4-reachability 412 /isis:prefixes: 413 +--ro sid-list* [value] 414 +--ro perfix-sid-flags 415 | +--ro bits* identityref 416 +--ro algorithm? uint8 417 +--ro value uint32 418 augment /rt:routing/rt:control-plane-protocols 419 /rt:control-plane-protocol/isis:isis/isis:database 420 /isis:levels/isis:lsp/isis:mt-extended-ipv4-reachability 421 /isis:prefixes: 422 +--ro sid-list* [value] 423 +--ro perfix-sid-flags 424 | +--ro bits* identityref 425 +--ro algorithm? uint8 426 +--ro value uint32 427 augment /rt:routing/rt:control-plane-protocols 428 /rt:control-plane-protocol/isis:isis/isis:database 429 /isis:levels/isis:lsp/isis:ipv6-reachability/isis:prefixes: 431 +--ro sid-list* [value] 432 +--ro perfix-sid-flags 433 | +--ro bits* identityref 434 +--ro algorithm? uint8 435 +--ro value uint32 436 augment /rt:routing/rt:control-plane-protocols 437 /rt:control-plane-protocol/isis:isis/isis:database 438 /isis:levels/isis:lsp/isis:mt-ipv6-reachability/isis:prefixes: 439 +--ro sid-list* [value] 440 +--ro perfix-sid-flags 441 | +--ro bits* identityref 442 +--ro algorithm? uint8 443 +--ro value uint32 444 augment /rt:routing/rt:control-plane-protocols 445 /rt:control-plane-protocol/isis:isis/isis:database 446 /isis:levels/isis:lsp: 447 +--ro segment-routing-bindings* [fec range] 448 +--ro fec string 449 +--ro range uint16 450 +--ro sid-binding-flags 451 | +--ro bits* identityref 452 +--ro binding 453 +--ro prefix-sid 454 +--ro sid-list* [value] 455 +--ro perfix-sid-flags 456 | +--ro bits* identityref 457 +--ro algorithm? uint8 458 +--ro value uint32 460 3.1. IS-IS Segment Routing configuration 462 3.1.1. Segment Routing activation 464 Activation of segment-routing IS-IS is done by setting the "enable" 465 leaf to true. This triggers advertisement of segment-routing 466 extensions based on the configuration parameters that have been setup 467 using the base segment routing module. 469 3.1.2. Advertising mapping server policy 471 The base segment routing module defines mapping server policies. By 472 default, IS-IS will not advertise nor receive any mapping server 473 entry. The IS-IS segment-routing module allows to advertise one or 474 multiple mapping server policies through the "bindings/advertise/ 475 policies" leaf-list. The "bindings/receive" leaf allows to enable 476 the reception of mapping server entries. 478 3.1.3. IP Fast reroute 480 IS-IS SR model augments the fast-reroute container under interface. 481 It brings the ability to activate TI-LFA (topology independent LFA) 482 and also enhances remote LFA to use segment-routing tunneling instead 483 of LDP. 485 3.2. IS-IS Segment Routing YANG Module 487 file "ietf-isis-sr@2021-01-11.yang" 488 module ietf-isis-sr { 489 yang-version 1.1; 490 namespace "urn:ietf:params:xml:ns:" 491 + "yang:ietf-isis-sr"; 492 prefix isis-sr; 494 import ietf-routing { 495 prefix "rt"; 496 reference "RFC 8349 - A YANG Data Model for Routing 497 Management (NMDA Version)"; 498 } 500 import ietf-segment-routing-common { 501 prefix "sr-cmn"; 502 } 504 import ietf-segment-routing-mpls { 505 prefix "sr-mpls"; 506 } 508 import ietf-isis { 509 prefix "isis"; 510 } 512 import iana-routing-types { 513 prefix "iana-rt-types"; 514 reference "RFC 8294 - Common YANG Data Types for the 515 Routing Area"; 516 } 518 organization 519 "IETF LSR - LSR Working Group"; 521 contact 522 "WG List: 524 Editor: Stephane Litkowski 525 527 Author: Acee Lindem 528 529 Author: Yingzhen Qu 530 531 Author: Pushpasis Sarkar 532 533 Author: Ing-Wher Chen 534 535 Author: Jeff Tantsura 536 537 "; 539 description 540 "The YANG module defines a generic configuration model for 541 Segment routing ISIS extensions common across all of the vendor 542 implementations. 544 This YANG model conforms to the Network Management 545 Datastore Architecture (NMDA) as described in RFC 8242. 547 Copyright (c) 2021 IETF Trust and the persons identified as 548 authors of the code. All rights reserved. 550 Redistribution and use in source and binary forms, with or 551 without modification, is permitted pursuant to, and subject to 552 the license terms contained in, the Simplified BSD License set 553 forth in Section 4.c of the IETF Trust's Legal Provisions 554 Relating to IETF Documents 555 (https://trustee.ietf.org/license-info). 557 This version of this YANG module is part of RFC XXXX 558 (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself 559 for full legal notices. 561 The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL 562 NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', 563 'MAY', and 'OPTIONAL' in this document are to be interpreted as 564 described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, 565 they appear in all capitals, as shown here. 567 This version of this YANG module is part of RFC XXXX; 568 see the RFC itself for full legal notices."; 570 reference "RFC XXXX"; 572 revision 2021-01-11 { 573 description 574 "Initial revision."; 575 reference "RFC XXXX"; 576 } 578 /* Identities */ 579 identity sr-capability { 580 description 581 "Base identity for ISIS SR-Capabilities sub-TLV flgs"; 582 } 584 identity mpls-ipv4 { 585 base sr-capability; 586 description 587 "If set, then the router is capable of 588 processing SR MPLS encapsulated IPv4 packets 589 on all interfaces."; 590 } 592 identity mpls-ipv6 { 593 base sr-capability; 594 description 595 "If set, then the router is capable of 596 processing SR MPLS encapsulated IPv6 packets 597 on all interfaces."; 598 } 600 identity prefix-sid-bit { 601 description 602 "Base identity for prefix sid sub-tlv bits."; 603 } 605 identity r-bit { 606 base prefix-sid-bit; 607 description 608 "Re-advertisement Flag."; 609 } 611 identity n-bit { 612 base prefix-sid-bit; 613 description 614 "Node-SID Flag."; 615 } 617 identity p-bit { 618 base prefix-sid-bit; 619 description 620 "No-PHP (No Penultimate Hop-Popping) Flag."; 621 } 623 identity e-bit { 624 base prefix-sid-bit; 625 description 626 "Explicit NULL Flag."; 627 } 629 identity v-bit { 630 base prefix-sid-bit; 631 description 632 "Value Flag."; 633 } 635 identity l-bit { 636 base prefix-sid-bit; 637 description 638 "Local Flag."; 639 } 641 identity adj-sid-bit { 642 description 643 "Base identity for adj sid sub-tlv bits."; 644 } 646 identity f-bit { 647 base adj-sid-bit; 648 description 649 "Address-Family flag."; 650 } 652 identity b-bit { 653 base adj-sid-bit; 654 description 655 "Backup flag."; 656 } 658 identity vi-bit { 659 base adj-sid-bit; 660 description 661 "Value/Index flag."; 662 } 664 identity lo-bit { 665 base adj-sid-bit; 666 description 667 "Local flag."; 669 } 671 identity s-bit { 672 base adj-sid-bit; 673 description 674 "Group flag."; 675 } 677 identity pe-bit { 678 base adj-sid-bit; 679 description 680 "Persistent flag."; 681 } 683 identity sid-binding-bit { 684 description 685 "Base identity for sid binding tlv bits."; 686 } 688 identity af-bit { 689 base sid-binding-bit; 690 description 691 "Address-Family flag."; 692 } 694 identity m-bit { 695 base sid-binding-bit; 696 description 697 "Mirror Context flag."; 698 } 700 identity sf-bit { 701 base sid-binding-bit; 702 description 703 "S flag. If set, the binding label tlv should be flooded 704 across the entire routing domain."; 705 } 707 identity d-bit { 708 base sid-binding-bit; 709 description 710 "Leaking flag."; 711 } 713 identity a-bit { 714 base sid-binding-bit; 715 description 716 "Attached flag."; 718 } 720 /* Features */ 722 feature remote-lfa-sr { 723 description 724 "Enhance rLFA to use SR path."; 725 } 727 feature ti-lfa { 728 description 729 "Enhance IPFRR with ti-lfa 730 support"; 731 } 733 /* Groupings */ 735 grouping sid-sub-tlv { 736 description "SID/Label sub-TLV grouping."; 737 container sid-sub-tlv { 738 description 739 "Used to advertise the SID/Label associated with a 740 prefix or adjacency."; 741 leaf sid { 742 type uint32; 743 description 744 "Segment Identifier (SID) - A 20 bit label or 745 32 bit SID."; 746 } 747 } 748 } 750 grouping sr-capability { 751 description 752 "SR capability grouping."; 753 container sr-capability { 754 description 755 "Segment Routing capability."; 756 container sr-capability { 757 leaf-list sr-capability-bits { 758 type identityref { 759 base sr-capability; 760 } 761 description "SR Capbility sub-tlv flags list."; 762 } 763 description 764 "SR Capability Flags."; 766 } 767 container global-blocks { 768 description 769 "Segment Routing Global Blocks."; 770 list global-block { 771 description "Segment Routing Global Block."; 772 leaf range-size { 773 type uint32; 774 description "The SID range."; 775 } 776 uses sid-sub-tlv; 777 } 778 } 779 } 780 } 782 grouping sr-algorithm { 783 description 784 "SR algorithm grouping."; 785 container sr-algorithms { 786 description "All SR algorithms."; 787 leaf-list sr-algorithm { 788 type uint8; 789 description 790 "The Segment Routing (SR) algorithms that the router is 791 currently using."; 792 } 793 } 794 } 796 grouping srlb { 797 description 798 "SR Local Block grouping."; 799 container local-blocks { 800 description "List of SRLBs."; 801 list local-block { 802 description "Segment Routing Local Block."; 803 leaf range-size { 804 type uint32; 805 description "The SID range."; 806 } 807 uses sid-sub-tlv; 808 } 809 } 810 } 812 grouping srms-preference { 813 description "The SRMS preference TLV is used to advertise 814 a preference associated with the node that acts 815 as an SR Mapping Server."; 816 container srms-preference { 817 description "SRMS Preference TLV."; 818 leaf preference { 819 type uint8 { 820 range "0 .. 255"; 821 } 822 description "SRMS preference TLV, vlaue from 0 to 255."; 823 } 824 } 825 } 827 grouping adjacency-state { 828 description 829 "This group will extend adjacency state."; 830 list adjacency-sid { 831 key value; 832 config false; 833 leaf af { 834 type iana-rt-types:address-family; 835 description 836 "Address-family associated with the 837 segment ID"; 838 } 839 leaf value { 840 type uint32; 841 description 842 "Value of the Adj-SID."; 843 } 844 leaf weight { 845 type uint8; 846 description 847 "Weight associated with 848 the adjacency SID."; 849 } 850 leaf protection-requested { 851 type boolean; 852 description 853 "Describe if the adjacency SID 854 must be protected."; 855 } 856 description 857 "List of adjacency Segment IDs."; 858 } 859 } 861 grouping prefix-segment-id { 862 description 863 "This group defines segment routing extensions 864 for prefixes."; 866 list sid-list { 867 key value; 869 container perfix-sid-flags { 870 leaf-list bits { 871 type identityref { 872 base prefix-sid-bit; 873 } 874 description 875 "Prefix SID Sub-TLV flag bits list."; 876 } 877 description 878 "Describes flags associated with the 879 segment ID."; 880 } 882 leaf algorithm { 883 type uint8; 884 description 885 "Algorithm to be used for path computation."; 886 } 887 leaf value { 888 type uint32; 889 description 890 "Value of the prefix-SID."; 891 } 892 description 893 "List of segments."; 894 } 895 } 897 grouping adjacency-segment-id { 898 description 899 "This group defines segment routing extensions 900 for adjacencies."; 902 list sid-list { 903 key value; 905 container adj-sid-flags { 906 leaf-list bits { 907 type identityref { 908 base adj-sid-bit; 909 } 910 description "Adj sid sub-tlv flags list."; 911 } 912 description "Adj-sid sub-tlv flags."; 913 } 915 leaf weight { 916 type uint8; 917 description 918 "The value represents the weight of the Adj-SID 919 for the purpose of load balancing."; 920 } 921 leaf neighbor-id { 922 type isis:system-id; 923 description 924 "Describes the system ID of the neighbor 925 associated with the SID value. This is only 926 used on LAN adjacencies."; 927 } 928 leaf value { 929 type uint32; 930 description 931 "Value of the Adj-SID."; 932 } 933 description 934 "List of segments."; 935 } 936 } 938 grouping segment-routing-binding-tlv { 939 list segment-routing-bindings { 940 key "fec range"; 942 leaf fec { 943 type string; 944 description 945 "IP (v4 or v6) range to be bound to SIDs."; 946 } 948 leaf range { 949 type uint16; 950 description 951 "Describes number of elements to assign 952 a binding to."; 953 } 955 container sid-binding-flags { 956 leaf-list bits { 957 type identityref { 958 base sid-binding-bit; 959 } 960 description 961 "SID Binding TLV flag bits list."; 962 } 963 description 964 "Binding flags."; 965 } 967 container binding { 968 container prefix-sid { 969 uses prefix-segment-id; 970 description 971 "Binding prefix SID to the range."; 972 } 973 description 974 "Bindings associated with the range."; 975 } 977 description 978 "This container describes list of SID/Label bindings. 979 ISIS reference is TLV 149."; 980 } 981 description 982 "Defines binding TLV for database."; 983 } 985 /* Cfg */ 987 augment "/rt:routing/" + 988 "rt:control-plane-protocols/rt:control-plane-protocol"+ 989 "/isis:isis" { 990 when "/rt:routing/rt:control-plane-protocols/"+ 991 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 992 description 993 "This augment ISIS routing protocol when used"; 994 } 995 description 996 "This augments ISIS protocol configuration 997 with segment routing."; 999 uses sr-mpls:sr-control-plane; 1000 container protocol-srgb { 1001 if-feature sr-mpls:protocol-srgb; 1002 uses sr-cmn:srgb; 1003 description 1004 "Per-protocol SRGB."; 1005 } 1007 } 1009 augment "/rt:routing/" + 1010 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1011 "/isis:isis/isis:interfaces/isis:interface" { 1012 when "/rt:routing/rt:control-plane-protocols/"+ 1013 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1014 description 1015 "This augment ISIS routing protocol when used"; 1016 } 1017 description 1018 "This augments ISIS protocol configuration 1019 with segment routing."; 1021 uses sr-mpls:igp-interface; 1022 } 1024 augment "/rt:routing/" + 1025 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1026 "/isis:isis/isis:interfaces/isis:interface"+ 1027 "/isis:fast-reroute" { 1028 when "/rt:routing/rt:control-plane-protocols/"+ 1029 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1030 description 1031 "This augment ISIS routing protocol when used"; 1032 } 1033 description 1034 "This augments ISIS IP FRR with TILFA."; 1036 container ti-lfa { 1037 if-feature ti-lfa; 1038 leaf enable { 1039 type boolean; 1040 description 1041 "Enables TI-LFA computation."; 1042 } 1043 description 1044 "TILFA configuration."; 1045 } 1046 } 1048 augment "/rt:routing/" + 1049 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1050 "/isis:isis/isis:interfaces/isis:interface"+ 1051 "/isis:fast-reroute/isis:lfa/isis:remote-lfa" { 1052 when "/rt:routing/rt:control-plane-protocols/"+ 1053 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1054 description 1055 "This augment ISIS routing protocol when used"; 1056 } 1057 description 1058 "This augments ISIS remoteLFA config with 1059 use of segment-routing path."; 1061 leaf use-segment-routing-path { 1062 if-feature remote-lfa-sr; 1063 type boolean; 1064 description 1065 "force remote LFA to use segment routing 1066 path instead of LDP path."; 1067 } 1068 } 1070 /* Operational states */ 1072 augment "/rt:routing/" + 1073 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1074 "/isis:isis/isis:interfaces/isis:interface" + 1075 "/isis:adjacencies/isis:adjacency" { 1076 when "/rt:routing/rt:control-plane-protocols/"+ 1077 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1078 description 1079 "This augment ISIS routing protocol when used"; 1080 } 1081 description 1082 "This augments ISIS protocol configuration 1083 with segment routing."; 1085 uses adjacency-state; 1086 } 1088 augment "/rt:routing/" + 1089 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1090 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 1091 "/isis:router-capabilities" { 1092 when "/rt:routing/rt:control-plane-protocols/"+ 1093 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1094 description 1095 "This augment ISIS routing protocol when used"; 1096 } 1097 description 1098 "This augments ISIS protocol LSDB router capability."; 1100 uses sr-capability; 1101 uses sr-algorithm; 1102 uses srlb; 1103 uses srms-preference; 1104 } 1106 augment "/rt:routing/" + 1107 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1108 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 1109 "/isis:extended-is-neighbor/isis:neighbor" { 1110 when "/rt:routing/rt:control-plane-protocols/"+ 1111 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1112 description 1113 "This augment ISIS routing protocol when used"; 1114 } 1115 description 1116 "This augments ISIS protocol LSDB neighbor."; 1117 uses adjacency-segment-id; 1118 } 1120 augment "/rt:routing/" + 1121 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1122 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 1123 "/isis:mt-is-neighbor/isis:neighbor" { 1124 when "/rt:routing/rt:control-plane-protocols/"+ 1125 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1126 description 1127 "This augment ISIS routing protocol when used"; 1128 } 1129 description 1130 "This augments ISIS protocol LSDB neighbor."; 1131 uses adjacency-segment-id; 1132 } 1134 augment "/rt:routing/" + 1135 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1136 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 1137 "/isis:extended-ipv4-reachability/isis:prefixes" { 1138 when "/rt:routing/rt:control-plane-protocols/"+ 1139 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1140 description 1141 "This augment ISIS routing protocol when used"; 1142 } 1143 description 1144 "This augments ISIS protocol LSDB prefix."; 1145 uses prefix-segment-id; 1146 } 1148 augment "/rt:routing/" + 1149 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1150 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 1151 "/isis:mt-extended-ipv4-reachability/isis:prefixes" { 1152 when "/rt:routing/rt:control-plane-protocols/"+ 1153 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1154 description 1155 "This augment ISIS routing protocol when used"; 1156 } 1157 description 1158 "This augments ISIS protocol LSDB prefix."; 1159 uses prefix-segment-id; 1160 } 1162 augment "/rt:routing/" + 1163 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1164 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 1165 "/isis:ipv6-reachability/isis:prefixes" { 1166 when "/rt:routing/rt:control-plane-protocols/"+ 1167 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1168 description 1169 "This augment ISIS routing protocol when used"; 1170 } 1171 description 1172 "This augments ISIS protocol LSDB prefix."; 1173 uses prefix-segment-id; 1174 } 1176 augment "/rt:routing/" + 1177 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1178 "/isis:isis/isis:database/isis:levels/isis:lsp"+ 1179 "/isis:mt-ipv6-reachability/isis:prefixes" { 1180 when "/rt:routing/rt:control-plane-protocols/"+ 1181 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1182 description 1183 "This augment ISIS routing protocol when used"; 1184 } 1185 description 1186 "This augments ISIS protocol LSDB prefix."; 1187 uses prefix-segment-id; 1188 } 1190 augment "/rt:routing/" + 1191 "rt:control-plane-protocols/rt:control-plane-protocol"+ 1192 "/isis:isis/isis:database/isis:levels/isis:lsp" { 1193 when "/rt:routing/rt:control-plane-protocols/"+ 1194 "rt:control-plane-protocol/rt:type = 'isis:isis'" { 1195 description 1196 "This augment ISIS routing protocol when used"; 1197 } 1198 description 1199 "This augments ISIS protocol LSDB."; 1200 uses segment-routing-binding-tlv; 1201 } 1203 /* Notifications */ 1205 } 1206 1208 4. Security Considerations 1210 The YANG module specified in this document defines a schema for data 1211 that is designed to be accessed via network management protocols such 1212 as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer 1213 is the secure transport layer, and the mandatory-to-implement secure 1214 transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer 1215 is HTTPS, and the mandatory-to-implement secure transport is TLS 1216 [RFC8446]. 1218 The NETCONF Access Control Model (NACM) [RFC8341] provides the means 1219 to restrict access for particular NETCONF or RESTCONF users to a pre- 1220 configured subset of all available NETCONF or RESTCONF protocol 1221 operations and content. 1223 There are a number of data nodes defined in this YANG module that are 1224 writable/creatable/deletable (i.e., config true, which is the 1225 default). These data nodes may be considered sensitive or vulnerable 1226 in some network environments. Write operations (e.g., edit-config) 1227 to these data nodes without proper protection can have a negative 1228 effect on network operations. These are the subtrees and data nodes 1229 and their sensitivity/vulnerability: 1231 /isis:isis/segment-routing 1233 /isis:isis/protocol-srgb 1235 /isis:isis/isis:interfaces/isis:interface/segment-routing 1237 Some of the readable data nodes in the modules may be considered 1238 sensitive or vulnerable in some network environments. It is thus 1239 important to control read access (e.g., via get, get-config, or 1240 notification) to these data nodes. 1242 /isis:router-capabilities/sr-capability 1244 /isis:router-capabilities/sr-algorithms 1245 /isis:router-capabilities/local-blocks 1247 /isis:router-capabilities/srms-preference 1249 /isis:router-capabilities/node-msd-tlv 1251 And the augmentations to the ISIS link state database. 1253 Unauthorized access to any data node of these subtrees can disclose 1254 the operational state information of IS-IS protocol on this device. 1256 5. Contributors 1258 Authors would like to thank Derek Yeung, Acee Lindem, Yi Yang for 1259 their major contributions to the draft. 1261 6. Acknowledgements 1263 MITRE has approved this document for Public Release, Distribution 1264 Unlimited, with Public Release Case Number 19-3033. 1266 7. IANA Considerations 1268 The IANA is requested to assign two new URIs from the IETF XML 1269 registry ([RFC3688]). Authors are suggesting the following URI: 1271 URI: urn:ietf:params:xml:ns:yang:ietf-isis-sr 1272 Registrant Contact: The IESG. 1273 XML: N/A, the requested URI is an XML namespace 1275 URI: urn:ietf:params:xml:ns:yang:ietf-isis-msd 1276 Registrant Contact: The IESG. 1277 XML: N/A, the requested URI is an XML namespace 1279 This document also requests one new YANG module name in the YANG 1280 Module Names registry ([RFC6020]) with the following suggestion : 1282 name: ietf-isis-sr 1283 namespace: urn:ietf:params:xml:ns:yang:ietf-isis-sr 1284 prefix: isis-sr 1285 reference: RFC XXXX 1287 name: ietf-isis-msd 1288 namespace: urn:ietf:params:xml:ns:yang:ietf-isis-msd 1289 prefix: isis-msd 1290 reference: RFC XXXX 1292 8. Normative References 1294 [I-D.ietf-isis-yang-isis-cfg] 1295 Litkowski, S., Yeung, D., Lindem, A., Zhang, J., and L. 1296 Lhotka, "YANG Data Model for IS-IS Protocol", draft-ietf- 1297 isis-yang-isis-cfg-42 (work in progress), October 2019. 1299 [I-D.ietf-spring-sr-yang] 1300 Litkowski, S., Qu, Y., Sarkar, P., and J. Tantsura, "YANG 1301 Data Model for Segment Routing", draft-ietf-spring-sr- 1302 yang-15 (work in progress), December 2017. 1304 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1305 Requirement Levels", BCP 14, RFC 2119, 1306 DOI 10.17487/RFC2119, March 1997, 1307 . 1309 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 1310 DOI 10.17487/RFC3688, January 2004, 1311 . 1313 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 1314 the Network Configuration Protocol (NETCONF)", RFC 6020, 1315 DOI 10.17487/RFC6020, October 2010, 1316 . 1318 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 1319 and A. Bierman, Ed., "Network Configuration Protocol 1320 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 1321 . 1323 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 1324 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 1325 . 1327 [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration 1328 Protocol (NETCONF) Access Control Model", RFC 6536, 1329 DOI 10.17487/RFC6536, March 2012, 1330 . 1332 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 1333 RFC 7950, DOI 10.17487/RFC7950, August 2016, 1334 . 1336 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 1337 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 1338 . 1340 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 1341 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 1342 May 2017, . 1344 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 1345 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 1346 . 1348 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration 1349 Access Control Model", STD 91, RFC 8341, 1350 DOI 10.17487/RFC8341, March 2018, 1351 . 1353 [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., 1354 and R. Wilton, "Network Management Datastore Architecture 1355 (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, 1356 . 1358 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 1359 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 1360 . 1362 [RFC8491] Tantsura, J., Chunduri, U., Aldrin, S., and L. Ginsberg, 1363 "Signaling Maximum SID Depth (MSD) Using IS-IS", RFC 8491, 1364 DOI 10.17487/RFC8491, November 2018, 1365 . 1367 [RFC8667] Previdi, S., Ed., Ginsberg, L., Ed., Filsfils, C., 1368 Bashandy, A., Gredler, H., and B. Decraene, "IS-IS 1369 Extensions for Segment Routing", RFC 8667, 1370 DOI 10.17487/RFC8667, December 2019, 1371 . 1373 Authors' Addresses 1375 Stephane Litkowski 1376 Cisco Systems 1378 Email: slitkows.ietf@gmail.com 1380 Yinghzen Qu 1381 Futurewei 1383 Email: yingzhen.qu@futurewei.com 1384 Pushpasis Sarkar 1385 Individual 1387 Email: pushpasis.ietf@gmail.com 1389 Ing-Wher Chen 1390 The MITRE Corporation 1392 Email: ingwherchen@mitre.org 1394 Jeff Tantsura 1395 Microsoft 1397 Email: jefftant.ietf@gmail.com