idnits 2.17.00 (12 Aug 2021) /tmp/idnits2773/draft-ietf-lisp-yang-09.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 18 instances of too long lines in the document, the longest one being 7 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 124 has weird spacing: '...et-name str...' == Line 245 has weird spacing: '...le-type lis...' == The document doesn't use any RFC 2119 keywords, yet has text resembling RFC 2119 boilerplate text. -- The document date (October 18, 2018) is 1310 days in the past. Is this intentional? Checking references for intended status: Experimental ---------------------------------------------------------------------------- == Unused Reference: 'RFC6832' is defined on line 3497, but no explicit reference was found in the text == Unused Reference: 'RFC6836' is defined on line 3508, but no explicit reference was found in the text == Unused Reference: 'RFC8060' is defined on line 3522, but no explicit reference was found in the text == Unused Reference: 'RFC8111' is defined on line 3526, but no explicit reference was found in the text == Unused Reference: 'RFC8349' is defined on line 3544, but no explicit reference was found in the text Summary: 1 error (**), 0 flaws (~~), 9 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 LISP Working Group V. Ermagan 3 Internet-Draft A. Rodriguez-Natal 4 Intended status: Experimental F. Coras 5 Expires: April 21, 2019 C. Moberg 6 R. Rahman 7 Cisco Systems 8 A. Cabellos-Aparicio 9 Technical University of Catalonia 10 F. Maino 11 Cisco Systems 12 October 18, 2018 14 LISP YANG Model 15 draft-ietf-lisp-yang-09 17 Abstract 19 This document describes a YANG data model to use with the Locator/ID 20 Separation Protocol (LISP). 22 The YANG modules in this document conform to the Network Management 23 Datastore Architecture (NMDA). 25 Status of This Memo 27 This Internet-Draft is submitted in full conformance with the 28 provisions of BCP 78 and BCP 79. 30 Internet-Drafts are working documents of the Internet Engineering 31 Task Force (IETF). Note that other groups may also distribute 32 working documents as Internet-Drafts. The list of current Internet- 33 Drafts is at https://datatracker.ietf.org/drafts/current/. 35 Internet-Drafts are draft documents valid for a maximum of six months 36 and may be updated, replaced, or obsoleted by other documents at any 37 time. It is inappropriate to use Internet-Drafts as reference 38 material or to cite them other than as "work in progress." 40 This Internet-Draft will expire on April 21, 2019. 42 Copyright Notice 44 Copyright (c) 2018 IETF Trust and the persons identified as the 45 document authors. All rights reserved. 47 This document is subject to BCP 78 and the IETF Trust's Legal 48 Provisions Relating to IETF Documents 49 (https://trustee.ietf.org/license-info) in effect on the date of 50 publication of this document. Please review these documents 51 carefully, as they describe your rights and restrictions with respect 52 to this document. Code Components extracted from this document must 53 include Simplified BSD License text as described in Section 4.e of 54 the Trust Legal Provisions and are provided without warranty as 55 described in the Simplified BSD License. 57 Table of Contents 59 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 60 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 61 1.2. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 3 62 2. LISP Module . . . . . . . . . . . . . . . . . . . . . . . . . 3 63 2.1. Module Structure . . . . . . . . . . . . . . . . . . . . 3 64 2.2. Module Definition . . . . . . . . . . . . . . . . . . . . 6 65 3. LISP-ITR Module . . . . . . . . . . . . . . . . . . . . . . . 16 66 3.1. Module Structure . . . . . . . . . . . . . . . . . . . . 16 67 3.2. Module Definition . . . . . . . . . . . . . . . . . . . . 21 68 4. LISP-ETR Module . . . . . . . . . . . . . . . . . . . . . . . 25 69 4.1. Module Structure . . . . . . . . . . . . . . . . . . . . 25 70 4.2. Module Definition . . . . . . . . . . . . . . . . . . . . 27 71 5. LISP-Map-Server Module . . . . . . . . . . . . . . . . . . . 32 72 5.1. Module Structure . . . . . . . . . . . . . . . . . . . . 32 73 5.2. Module Definition . . . . . . . . . . . . . . . . . . . . 40 74 6. LISP-Map-Resolver Module . . . . . . . . . . . . . . . . . . 46 75 6.1. Module Structure . . . . . . . . . . . . . . . . . . . . 47 76 6.2. Module Definition . . . . . . . . . . . . . . . . . . . . 47 77 7. LISP-Address-Types Module . . . . . . . . . . . . . . . . . . 49 78 7.1. Module Definition . . . . . . . . . . . . . . . . . . . . 49 79 7.2. Data Model examples . . . . . . . . . . . . . . . . . . . 64 80 7.2.1. LISP protocol instance . . . . . . . . . . . . . . . 64 81 7.2.2. LISP ITR . . . . . . . . . . . . . . . . . . . . . . 65 82 7.2.3. LISP ETR . . . . . . . . . . . . . . . . . . . . . . 66 83 7.2.4. LISP Map-Server . . . . . . . . . . . . . . . . . . . 68 84 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 69 85 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 69 86 10. Security Considerations . . . . . . . . . . . . . . . . . . . 71 87 11. Normative References . . . . . . . . . . . . . . . . . . . . 74 88 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 76 90 1. Introduction 92 The Locator/ID Separation Protocol (LISP) defines several network 93 elements subject to be configured. This document presents the YANG 94 data models required for basic configuration of all major LISP 95 [RFC6830] elements. The models also capture some essential 96 operational data elements as well. 98 1.1. Requirements Language 100 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 101 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 102 document are to be interpreted as described in BCP 14 [RFC2119] 103 [RFC8174] when, and only when, they appear in all capitals, as shown 104 here. 106 1.2. Tree Diagrams 108 This document uses the graphical representation of data models 109 defined in [RFC8340]. 111 2. LISP Module 113 This module is the base LISP module that is augmented in multiple 114 models to represent various LISP device roles. 116 2.1. Module Structure 118 module: ietf-lisp 119 augment /rt:routing/rt:control-plane-protocols 120 /rt:control-plane-protocol: 121 +--rw lisp 122 +--rw locator-sets 123 | +--rw locator-set* [locator-set-name] 124 | +--rw locator-set-name string 125 | +--rw (locator-type)? 126 | +--:(local-interface) 127 | | +--rw interface* [interface-ref] 128 | | +--rw interface-ref if:interface-ref 129 | | +--rw priority? uint8 130 | | +--rw weight? uint8 131 | | +--rw multicast-priority? uint8 132 | | +--rw multicast-weight? uint8 133 | +--:(general-locator) 134 | +--rw locator* [id] 135 | +--rw id string 136 | +--rw locator-address 137 | | +--rw address-type 138 | | | lisp-address-family-ref 139 | | +--rw virtual-network-id? 140 | | | instance-id-type 141 | | +--rw (address)? 142 | | +--:(no-address) 143 | | | +--rw no-address? empty 144 | | +--:(ipv4) 145 | | | +--rw ipv4? 146 | | | inet:ipv4-address 147 | | +--:(ipv4-prefix) 148 | | | +--rw ipv4-prefix? 149 | | | inet:ipv4-prefix 150 | | +--:(ipv6) 151 | | | +--rw ipv6? 152 | | | inet:ipv6-address 153 | | +--:(ipv6-prefix) 154 | | | +--rw ipv6-prefix? 155 | | | inet:ipv6-prefix 156 | | +--:(mac) 157 | | | +--rw mac? 158 | | | yang:mac-address 159 | | +--:(distinguished-name) 160 | | | +--rw distinguished-name? 161 | | | distinguished-name-type 162 | | +--:(as-number) 163 | | | +--rw as-number? 164 | | | inet:as-number 165 | | +--:(null-address) 166 | | | +--rw null-address 167 | | | +--rw address? empty 168 | | +--:(afi-list) 169 | | | +--rw afi-list 170 | | | +--rw address-list* 171 | | | simple-address 172 | | +--:(instance-id) 173 | | | +--rw instance-id 174 | | | +--rw iid? 175 | | | | instance-id-type 176 | | | +--rw mask-length? uint8 177 | | | +--rw address? simple-address 178 | | +--:(as-number-lcaf) 179 | | | +--rw as-number-lcaf 180 | | | +--rw as? inet:as-number 181 | | | +--rw address? simple-address 182 | | +--:(application-data) 183 | | | +--rw application-data 184 | | | +--rw address? 185 | | | | simple-address 186 | | | +--rw protocol? uint8 187 | | | +--rw ip-tos? int32 188 | | | +--rw local-port-low? 189 | | | | inet:port-number 190 | | | +--rw local-port-high? 191 | | | | inet:port-number 192 | | | +--rw remote-port-low? 193 | | | | inet:port-number 194 | | | +--rw remote-port-high? 195 | | | inet:port-number 196 | | +--:(geo-coordinates) 197 | | | +--rw geo-coordinates 198 | | | +--rw latitude? bits 199 | | | +--rw latitude-degrees? uint8 200 | | | +--rw latitude-minutes? uint8 201 | | | +--rw latitude-seconds? uint8 202 | | | +--rw longitude? bits 203 | | | +--rw longitude-degrees? uint16 204 | | | +--rw longitude-minutes? uint8 205 | | | +--rw longitude-seconds? uint8 206 | | | +--rw altitude? int32 207 | | | +--rw address? 208 | | | simple-address 209 | | +--:(nat-traversal) 210 | | | +--rw nat-traversal 211 | | | +--rw ms-udp-port? uint16 212 | | | +--rw etr-udp-port? uint16 213 | | | +--rw global-etr-rloc? 214 | | | | simple-address 215 | | | +--rw ms-rloc? 216 | | | | simple-address 217 | | | +--rw private-etr-rloc? 218 | | | | simple-address 219 | | | +--rw rtr-rlocs* 220 | | | simple-address 221 | | +--:(explicit-locator-path) 222 | | | +--rw explicit-locator-path 223 | | | +--rw hop* [hop-id] 224 | | | +--rw hop-id string 225 | | | +--rw address? simple-address 226 | | | +--rw lrs-bits? bits 227 | | +--:(source-dest-key) 228 | | | +--rw source-dest-key 229 | | | +--rw source? simple-address 230 | | | +--rw dest? simple-address 231 | | +--:(key-value-address) 232 | | | +--rw key-value-address 233 | | | +--rw key? simple-address 234 | | | +--rw value? simple-address 235 | | +--:(service-path) 236 | | +--rw service-path 237 | | +--rw service-path-id? 238 | | | service-path-id-type 239 | | +--rw service-index? uint8 240 | +--rw priority? uint8 241 | +--rw weight? uint8 242 | +--rw multicast-priority? uint8 243 | +--rw multicast-weight? uint8 244 +--rw lisp-role* [lisp-role-type] 245 | +--rw lisp-role-type lisp-role-ref 246 +--rw lisp-router-id 247 | +--rw site-id? uint64 248 | +--rw xtr-id? lisp:xtr-id-type 249 +--rw virtual-networks 250 +--rw virtual-network* [vni] 251 +--rw vni lcaf:instance-id-type 252 +--rw ni-name? 253 -> /ni:network-instances/network-instance/name 255 2.2. Module Definition 257 file "ietf-lisp@2018-06-29.yang" 258 module ietf-lisp { 259 yang-version 1.1; 261 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp"; 263 prefix lisp; 265 import ietf-interfaces { 266 prefix if; 267 reference 268 "RFC 8343: A YANG Data Model for Interface Management"; 269 } 270 // RFC Ed.: replace occurences of XXXX with actual RFC number 271 // and remove this note 272 import ietf-lisp-address-types { 273 prefix lcaf; 274 reference "RFC XXXX: LISP YANG model"; 275 } 276 import ietf-yang-types { 277 prefix yang; 278 reference "RFC 6991: Common YANG Data Types"; 279 } 280 import ietf-routing { 281 prefix "rt"; 282 reference 283 "RFC 8349: A YANG Data Model for Routing Management 284 (NMDA version)"; 285 } 286 import ietf-network-instance { 287 prefix "ni"; 288 // RFC Ed.: replace occurences of YYYY with actual RFC number 289 // of draft-ietf-rtgwg-ni-model and remove this note 290 reference 291 "RFC YYYY: YANG Model for Network Instances"; 292 } 294 organization 295 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 296 contact 297 "WG Web: 298 WG List: 300 Editor: Vina Ermagan 301 303 Editor: Alberto Rodriguez-Natal 304 306 Editor: Reshad Rahman 307 "; 308 description 309 "This YANG module defines the generic parameters for LISP. 310 The module can be extended by vendors to define vendor-specific 311 LISP parameters and policies. 313 Copyright (c) 2018 IETF Trust and the persons identified as 314 authors of the code. All rights reserved. 316 Redistribution and use in source and binary forms, with or 317 without modification, is permitted pursuant to, and subject 318 to the license terms contained in, the Simplified BSD License 319 set forth in Section 4.c of the IETF Trust's Legal Provisions 320 Relating to IETF Documents 321 (http://trustee.ietf.org/license-info). 323 This version of this YANG module is part of RFC XXXX; see 324 the RFC itself for full legal notices. 325 "; 327 reference "RFC XXXX"; 329 revision 2018-06-29 { 330 description 331 "Initial revision."; 332 reference 333 "https://tools.ietf.org/html/rfc6830"; 334 } 336 /* 337 * Identity definitions 338 */ 339 identity lisp { 340 base "rt:control-plane-protocol"; 341 description "LISP protocol."; 342 reference 343 "RFC 6830: The Locator/ID Separation Protocol (LISP)."; 344 } 346 identity lisp-role { 347 description 348 "LISP router role."; 349 } 350 identity itr { 351 base lisp-role; 352 description 353 "LISP ITR."; 354 } 355 identity pitr { 356 base lisp-role; 357 description 358 "LISP PITR."; 359 } 360 identity etr { 361 base lisp-role; 362 description 363 "LISP ETR."; 364 } 365 identity petr { 366 base lisp-role; 367 description 368 "LISP PETR."; 369 } 370 identity mapping-system { 371 description 372 "Mapping System interface"; 373 } 374 identity single-node-mapping-system { 375 base mapping-system; 376 description 377 "logically singular Map Server"; 378 } 379 typedef mapping-system-ref { 380 type identityref { 381 base mapping-system; 382 } 383 description 384 "Mapping System reference"; 385 } 386 typedef lisp-role-ref { 387 type identityref { 388 base lisp-role; 389 } 390 description 391 "LISP role reference"; 392 } 393 typedef map-reply-action { 394 type enumeration { 395 enum no-action { 396 value 0; 397 description 398 "Mapping is kept alive and no encapsulation occurs."; 399 } 400 enum natively-forward { 401 value 1; 402 description 403 "Matching packets are not encapsulated or dropped but 404 natively forwarded."; 405 } 406 enum send-map-request { 407 value 2; 408 description 409 "Matching packets invoke Map-Requests."; 410 } 411 enum drop { 412 value 3; 413 description 414 "Matching packets are dropped."; 415 } 416 } 417 description 418 "Defines the lisp map-cache ACT type"; 419 reference "https://tools.ietf.org/html/rfc6830#section-6.1.4"; 420 } 421 typedef eid-id { 422 type string; 423 description 424 "Type encoding of lisp-addresses to be generally used in EID 425 keyed lists."; 426 } 427 typedef auth-key-type { 428 type enumeration { 429 enum none { 430 value 0; 431 description 432 "No authentication."; 433 } 434 enum hmac-sha-1-96 { 435 value 1; 436 description 437 "HMAC-SHA-1-96 (RFC2404) authentication is used."; 438 } 439 enum hmac-sha-256-128 { 440 value 2; 441 description 442 "HMAC-SHA-256-128 (RFC4868) authentication is used."; 443 } 444 } 445 description 446 "Enumeration of the authentication mechanisms supported by 447 LISP."; 448 reference 449 "https://tools.ietf.org/html/rfc6830#section-6.1.6"; 450 } 451 typedef xtr-id-type { 452 type binary { 453 length "16"; 454 } 455 description 456 "128 bit xTR identifier."; 457 } 459 grouping locator-properties { 460 description 461 "Properties of a RLOC"; 462 leaf priority { 463 type uint8; 464 description 465 "Locator priority."; 466 } 467 leaf weight { 468 type uint8; 469 description 470 "Locator weight."; 471 } 472 leaf multicast-priority { 473 type uint8; 474 description 475 "Locator's multicast priority"; 476 } 477 leaf multicast-weight { 478 type uint8; 479 description 480 "Locator's multicast weight"; 481 } 483 } 485 grouping locators-grouping { 486 description 487 "Group that defines a list of LISP locators."; 488 list locator { 489 key "id"; 490 description 491 "List of routing locators"; 492 leaf id { 493 type string { 494 length "1..64"; 495 } 496 description 497 "Locator id"; 498 } 499 container locator-address { 500 uses lcaf:lisp-address; 501 description 502 "The locator address provided in LISP canonincal 503 address format."; 504 } 505 uses locator-properties; 506 } 508 } 510 grouping local-locators-grouping { 511 description 512 "Group that defines a list of LISP locators."; 513 list interface { 514 key "interface-ref"; 515 description 516 "The address type of the locator"; 517 leaf interface-ref { 518 type if:interface-ref; 519 description 520 "The name of the interface supporting the locator."; 521 } 522 uses locator-properties; 523 } 524 } 526 grouping mapping { 527 description 528 "Group that defines a LISP mapping."; 529 container eid { 530 uses lcaf:lisp-address; 531 description 532 "End-host Identifier (EID) to be mapped to a list of 533 locators"; 534 } 535 leaf time-to-live { 536 type uint32; 537 units minutes; 538 description 539 "Mapping validity period in minutes."; 540 } 541 leaf creation-time { 542 type yang:date-and-time; 543 config false; 544 description 545 "Time when the mapping was created."; 546 } 547 leaf authoritative { 548 type bits { 549 bit A { 550 description 551 "Authoritative bit."; 552 } 553 } 554 description 555 "Bit that indicates if mapping comes from an 556 authoritative source."; 557 } 558 leaf static { 559 type boolean; 560 default "false"; 561 description 562 "This leaf should be true if the mapping is static."; 563 } 564 choice locator-list { 565 description 566 "list of locartors are either negative, or positive."; 567 case negative-mapping { 568 leaf map-reply-action { 569 type map-reply-action; 570 description 571 "Forwarding action for a negative mapping."; 572 } 573 } 574 case positive-mapping { 575 container rlocs { 576 uses locators-grouping; 577 description 578 "List of locators for a positive mapping."; 580 } 581 } 582 } 583 } 585 grouping mappings { 586 description 587 "Group that defines a list of LISP mappings."; 588 list virtual-network { 589 key "vni"; 590 description 591 "Virtual network to which the mappings belong."; 592 leaf vni { 593 type lcaf:instance-id-type; 594 description 595 "Virtual network identifier."; 596 } 597 container mappings { 598 description 599 "Mappings within the virtual network."; 600 list mapping { 601 key "id"; 602 description 603 "List of EID to RLOCs mappings."; 604 leaf id { 605 type eid-id; 606 description 607 "Id that uniquely identifies a mapping."; 608 } 609 uses mapping; 610 } 611 } 612 } 613 } 615 augment "/rt:routing/rt:control-plane-protocols" 616 + "/rt:control-plane-protocol" { 617 when "derived-from-or-self(rt:type, 'lisp:lisp')" { 618 description 619 "This augmentation is only valid for a control-plane protocol 620 instance of LISP."; 621 } 622 description "LISP protocol ietf-routing module 623 control-plane-protocol augmentation."; 625 container lisp { 626 description 627 "Parameters for the LISP subsystem."; 629 container locator-sets { 630 description 631 "Container that defines a named locator set which can be 632 referenced elsewhere."; 633 list locator-set { 634 key "locator-set-name"; 635 description 636 "Multiple locator sets can be defined."; 637 leaf locator-set-name { 638 type string { 639 length "1..64"; 640 } 641 description 642 "Locator set name"; 643 } 644 choice locator-type { 645 description 646 "Locator sets can be based on local interfaces, or 647 general locators."; 648 case local-interface { 649 uses local-locators-grouping; 650 description 651 "List of locators in this set based on local 652 interfaces."; 653 } 654 case general-locator { 655 uses locators-grouping; 656 description 657 "List of locators in this set based on lisp-address."; 658 } 659 } 660 } 661 } 663 list lisp-role { 664 key lisp-role-type; 665 description 666 "List of lisp device roles such as MS, MR, ITR, 667 PITR, ETR or PETR."; 668 leaf lisp-role-type { 669 type lisp-role-ref; 670 description 671 "The type of LISP device - identity derived from the 672 'lisp-device' base identity."; 673 } 674 } 676 container lisp-router-id { 677 when "../lisp-role/lisp-role-type = 'itr' or 678 ../lisp-role/lisp-role-type = 'pitr' or 679 ../lisp-role/lisp-role-type = 'etr' or 680 ../lisp-role/lisp-role-type = 'petr'" { 681 description "Only when ITR, PITR, ETR or PETR."; 682 } 683 description 684 "Site-ID and xTR-ID of the device."; 685 leaf site-id { 686 type uint64; 687 description "Site ID"; 688 } 689 leaf xtr-id { 690 type lisp:xtr-id-type; 691 description "xTR ID"; 692 } 693 } 695 container virtual-networks { 696 when "../lisp-role/lisp-role-type = 'itr' or 697 ../lisp-role/lisp-role-type = 'pitr' or 698 ../lisp-role/lisp-role-type = 'etr' or 699 ../lisp-role/lisp-role-type = 'petr'" { 700 description "Only when ITR, PITR, ETR or PETR."; 701 } 702 description "Virtual networks"; 703 list virtual-network { 704 key vni; 705 description "List of virtual networks"; 707 leaf vni { 708 type lcaf:instance-id-type; 709 description 710 "Virtual network identifier"; 711 } 712 leaf ni-name { 713 type leafref { 714 path "/ni:network-instances/ni:network-instance/ni:name"; 715 } 716 description 717 "Name of Network Instance (e.g. VRF) to which a VNI is 718 bound. Each VNI is bound to a different Network 719 Instance"; 720 } 721 } 722 } 723 } 724 } 726 } 727 729 3. LISP-ITR Module 731 This module captures the configuration data model of a LISP ITR. The 732 model also captures some operational data elements. 734 3.1. Module Structure 736 module: ietf-lisp-itr 737 augment /rt:routing/rt:control-plane-protocols 738 /rt:control-plane-protocol/lisp:lisp: 739 +--rw itr! 740 +--rw rloc-probing! 741 | +--rw interval? uint16 742 | +--rw retries? uint8 743 | +--rw retries-interval? uint16 744 +--rw itr-rlocs? leafref 745 +--rw map-resolvers 746 | +--rw map-resolver* inet:ip-address 747 +--rw proxy-etrs 748 | +--rw proxy-etr-address* inet:ip-address 749 +--rw map-cache 750 +--ro size? uint32 751 +--ro limit? uint32 752 +--rw virtual-network* [vni] 753 +--rw vni lcaf:instance-id-type 754 +--rw mappings 755 +--rw mapping* [id] 756 +--rw id eid-id 757 +--rw eid 758 | +--rw address-type 759 | | lisp-address-family-ref 760 | +--rw virtual-network-id? 761 | | instance-id-type 762 | +--rw (address)? 763 | +--:(no-address) 764 | | +--rw no-address? empty 765 | +--:(ipv4) 766 | | +--rw ipv4? 767 | | inet:ipv4-address 768 | +--:(ipv4-prefix) 769 | | +--rw ipv4-prefix? 770 | | inet:ipv4-prefix 771 | +--:(ipv6) 772 | | +--rw ipv6? 773 | | inet:ipv6-address 774 | +--:(ipv6-prefix) 775 | | +--rw ipv6-prefix? 776 | | inet:ipv6-prefix 777 | +--:(mac) 778 | | +--rw mac? 779 | | yang:mac-address 780 | +--:(distinguished-name) 781 | | +--rw distinguished-name? 782 | | distinguished-name-type 783 | +--:(as-number) 784 | | +--rw as-number? 785 | | inet:as-number 786 | +--:(null-address) 787 | | +--rw null-address 788 | | +--rw address? empty 789 | +--:(afi-list) 790 | | +--rw afi-list 791 | | +--rw address-list* simple-address 792 | +--:(instance-id) 793 | | +--rw instance-id 794 | | +--rw iid? instance-id-type 795 | | +--rw mask-length? uint8 796 | | +--rw address? simple-address 797 | +--:(as-number-lcaf) 798 | | +--rw as-number-lcaf 799 | | +--rw as? inet:as-number 800 | | +--rw address? simple-address 801 | +--:(application-data) 802 | | +--rw application-data 803 | | +--rw address? 804 | | | simple-address 805 | | +--rw protocol? uint8 806 | | +--rw ip-tos? int32 807 | | +--rw local-port-low? 808 | | | inet:port-number 809 | | +--rw local-port-high? 810 | | | inet:port-number 811 | | +--rw remote-port-low? 812 | | | inet:port-number 813 | | +--rw remote-port-high? 814 | | inet:port-number 815 | +--:(geo-coordinates) 816 | | +--rw geo-coordinates 817 | | +--rw latitude? bits 818 | | +--rw latitude-degrees? uint8 819 | | +--rw latitude-minutes? uint8 820 | | +--rw latitude-seconds? uint8 821 | | +--rw longitude? bits 822 | | +--rw longitude-degrees? uint16 823 | | +--rw longitude-minutes? uint8 824 | | +--rw longitude-seconds? uint8 825 | | +--rw altitude? int32 826 | | +--rw address? 827 | | simple-address 828 | +--:(nat-traversal) 829 | | +--rw nat-traversal 830 | | +--rw ms-udp-port? uint16 831 | | +--rw etr-udp-port? uint16 832 | | +--rw global-etr-rloc? 833 | | | simple-address 834 | | +--rw ms-rloc? 835 | | | simple-address 836 | | +--rw private-etr-rloc? 837 | | | simple-address 838 | | +--rw rtr-rlocs* 839 | | simple-address 840 | +--:(explicit-locator-path) 841 | | +--rw explicit-locator-path 842 | | +--rw hop* [hop-id] 843 | | +--rw hop-id string 844 | | +--rw address? simple-address 845 | | +--rw lrs-bits? bits 846 | +--:(source-dest-key) 847 | | +--rw source-dest-key 848 | | +--rw source? simple-address 849 | | +--rw dest? simple-address 850 | +--:(key-value-address) 851 | | +--rw key-value-address 852 | | +--rw key? simple-address 853 | | +--rw value? simple-address 854 | +--:(service-path) 855 | +--rw service-path 856 | +--rw service-path-id? 857 | | service-path-id-type 858 | +--rw service-index? uint8 859 +--rw time-to-live? uint32 860 +--ro creation-time? yang:date-and-time 861 +--rw authoritative? bits 862 +--rw static? boolean 863 +--rw (locator-list)? 864 +--:(negative-mapping) 865 | +--rw map-reply-action? map-reply-action 866 +--:(positive-mapping) 867 +--rw rlocs 868 +--rw locator* [id] 869 +--rw id string 870 +--rw locator-address 871 | +--rw address-type 872 | | lisp-address-family-ref 873 | +--rw virtual-network-id? 874 | | instance-id-type 875 | +--rw (address)? 876 | +--:(no-address) 877 | | +--rw no-address? 878 | | empty 879 | +--:(ipv4) 880 | | +--rw ipv4? 881 | | inet:ipv4-address 882 | +--:(ipv4-prefix) 883 | | +--rw ipv4-prefix? 884 | | inet:ipv4-prefix 885 | +--:(ipv6) 886 | | +--rw ipv6? 887 | | inet:ipv6-address 888 | +--:(ipv6-prefix) 889 | | +--rw ipv6-prefix? 890 | | inet:ipv6-prefix 891 | +--:(mac) 892 | | +--rw mac? 893 | | yang:mac-address 894 | +--:(distinguished-name) 895 | | +--rw distinguished-name? 896 | | distinguished-name-type 897 | +--:(as-number) 898 | | +--rw as-number? 899 | | inet:as-number 900 | +--:(null-address) 901 | | +--rw null-address 902 | | +--rw address? empty 903 | +--:(afi-list) 904 | | +--rw afi-list 905 | | +--rw address-list* 906 | | simple-address 907 | +--:(instance-id) 908 | | +--rw instance-id 909 | | +--rw iid? 910 | | | instance-id-type 911 | | +--rw mask-length? uint8 912 | | +--rw address? 913 | | simple-address 914 | +--:(as-number-lcaf) 915 | | +--rw as-number-lcaf 916 | | +--rw as? 917 | | | inet:as-number 918 | | +--rw address? 919 | | simple-address 920 | +--:(application-data) 921 | | +--rw application-data 922 | | +--rw address? 923 | | | simple-address 924 | | +--rw protocol? 925 | | | uint8 926 | | +--rw ip-tos? 927 | | | int32 928 | | +--rw local-port-low? 929 | | | inet:port-number 930 | | +--rw local-port-high? 931 | | | inet:port-number 932 | | +--rw remote-port-low? 933 | | | inet:port-number 934 | | +--rw remote-port-high? 935 | | inet:port-number 936 | +--:(geo-coordinates) 937 | | +--rw geo-coordinates 938 | | +--rw latitude? 939 | | | bits 940 | | +--rw latitude-degrees? 941 | | | uint8 942 | | +--rw latitude-minutes? 943 | | | uint8 944 | | +--rw latitude-seconds? 945 | | | uint8 946 | | +--rw longitude? 947 | | | bits 948 | | +--rw longitude-degrees? 949 | | | uint16 950 | | +--rw longitude-minutes? 951 | | | uint8 952 | | +--rw longitude-seconds? 953 | | | uint8 954 | | +--rw altitude? 955 | | | int32 956 | | +--rw address? 957 | | simple-address 958 | +--:(nat-traversal) 959 | | +--rw nat-traversal 960 | | +--rw ms-udp-port? 961 | | | uint16 962 | | +--rw etr-udp-port? 963 | | | uint16 964 | | +--rw global-etr-rloc? 965 | | | simple-address 966 | | +--rw ms-rloc? 967 | | | simple-address 968 | | +--rw private-etr-rloc? 969 | | | simple-address 970 | | +--rw rtr-rlocs* 971 | | simple-address 972 | +--:(explicit-locator-path) 973 | | +--rw explicit-locator-path 974 | | +--rw hop* [hop-id] 975 | | +--rw hop-id 976 | | | string 977 | | +--rw address? 978 | | | simple-address 979 | | +--rw lrs-bits? bits 980 | +--:(source-dest-key) 981 | | +--rw source-dest-key 982 | | +--rw source? 983 | | | simple-address 984 | | +--rw dest? 985 | | simple-address 986 | +--:(key-value-address) 987 | | +--rw key-value-address 988 | | +--rw key? 989 | | | simple-address 990 | | +--rw value? 991 | | simple-address 992 | +--:(service-path) 993 | +--rw service-path 994 | +--rw service-path-id? 995 | | service-path-id-type 996 | +--rw service-index? 997 | uint8 998 +--rw priority? uint8 999 +--rw weight? uint8 1000 +--rw multicast-priority? uint8 1001 +--rw multicast-weight? uint8 1003 3.2. Module Definition 1005 file "ietf-lisp-itr@2018-06-29.yang" 1006 module ietf-lisp-itr { 1007 yang-version 1.1; 1009 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp-itr"; 1011 prefix lisp-itr; 1013 // RFC Ed.: replace occurences of XXXX with actual RFC number 1014 // and remove this note 1015 import ietf-lisp { 1016 prefix lisp; 1017 reference "RFC XXXX: LISP YANG model"; 1018 } 1019 import ietf-inet-types { 1020 prefix inet; 1021 reference "RFC 6991: Common YANG Data Types"; 1022 } 1023 import ietf-routing { 1024 prefix "rt"; 1025 reference 1026 "RFC 8349: A YANG Data Model for Routing Management 1027 (NMDA version)"; 1028 } 1030 organization 1031 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 1032 contact 1033 "WG Web: 1034 WG List: 1036 Editor: Vina Ermagan 1037 1039 Editor: Alberto Rodriguez-Natal 1040 1042 Editor: Reshad Rahman 1043 "; 1044 description 1045 "This YANG module defines the generic parameters for a LISP 1046 ITR. The module can be extended by vendors to define 1047 vendor-specific parameters and policies. 1049 Copyright (c) 2018 IETF Trust and the persons identified as 1050 authors of the code. All rights reserved. 1052 Redistribution and use in source and binary forms, with or 1053 without modification, is permitted pursuant to, and subject 1054 to the license terms contained in, the Simplified BSD License 1055 set forth in Section 4.c of the IETF Trust's Legal Provisions 1056 Relating to IETF Documents 1057 (http://trustee.ietf.org/license-info). 1059 This version of this YANG module is part of RFC XXXX; see 1060 the RFC itself for full legal notices. 1061 "; 1063 reference "RFC XXXX"; 1065 revision 2018-06-29 { 1066 description 1067 "Initial revision."; 1068 reference 1069 "https://tools.ietf.org/html/rfc6830"; 1070 } 1071 augment "/rt:routing/rt:control-plane-protocols" 1072 + "/rt:control-plane-protocol/lisp:lisp" { 1073 when "lisp:lisp-role/lisp:lisp-role-type = 'lisp:itr' or 1074 lisp:lisp-role/lisp:lisp-role-type = 'lisp:pitr'" { 1075 description 1076 "Augment is valid when LISP role type is ITR or PITR."; 1077 } 1078 description 1079 "This augments LISP devices list with (P)ITR specific 1080 parameters."; 1081 container itr { 1082 presence "LISP (P)ITR operation enabled"; 1083 description 1084 "ITR parameters"; 1085 container rloc-probing { 1086 presence "RLOC probing active"; 1087 description 1088 "RLOC-probing parameters"; 1089 leaf interval { 1090 type uint16; 1091 units "seconds"; 1092 description 1093 "Interval in seconds for resending the probes"; 1094 } 1095 leaf retries { 1096 type uint8; 1097 description 1098 "Number of retries for sending the probes"; 1099 } 1100 leaf retries-interval { 1101 type uint16; 1102 units "seconds"; 1103 description 1104 "Interval in seconds between retries when sending probes. 1105 The action taken if all retries fail to receive is 1106 impementation specific."; 1107 } 1108 } 1109 leaf itr-rlocs { 1110 type leafref { 1111 path "/rt:routing/rt:control-plane-protocols" 1112 + "/rt:control-plane-protocol/lisp:lisp" 1113 + "/lisp:locator-sets/lisp:locator-set" 1114 + "/lisp:locator-set-name"; 1115 } 1116 description 1117 "Reference to a locator set that the (P)ITR includes in 1118 Map-Requests"; 1119 } 1120 container map-resolvers { 1121 description 1122 "Map-Resolvers that the (P)ITR uses."; 1123 leaf-list map-resolver { 1124 type inet:ip-address; 1125 description 1126 "Each Map-Resolver within the list of Map-Resolvers."; 1127 } 1128 } 1129 container proxy-etrs { 1130 when "../../lisp:lisp-role/lisp:lisp-role-type = 'lisp:itr'" { 1131 description 1132 "Container exists only when LISP role type is ITR"; 1133 } 1134 description 1135 "Proxy ETRs that the ITR uses."; 1136 leaf-list proxy-etr-address{ 1137 type inet:ip-address; 1138 description 1139 "Proxy ETR RLOC address."; 1140 } 1141 } 1142 container map-cache { 1143 leaf size { 1144 type uint32; 1145 config false; 1146 description 1147 "Current number of entries in the EID-to-RLOC map-cache"; 1148 } 1149 leaf limit { 1150 type uint32; 1151 config false; 1152 description 1153 "Maximum permissible number of entries in the EID-to-RLOC 1154 map-cache"; 1155 } 1157 uses lisp:mappings; 1158 description 1159 "EID to RLOCs mappings cache."; 1160 } 1161 } 1162 } 1163 } 1164 1166 4. LISP-ETR Module 1168 This module captures the configuration data model of a LISP ETR. The 1169 model also captures some operational data elements. 1171 4.1. Module Structure 1173 module: ietf-lisp-etr 1174 augment /rt:routing/rt:control-plane-protocols 1175 /rt:control-plane-protocol/lisp:lisp: 1176 +--rw etr! 1177 +--rw map-servers 1178 | +--rw map-server* [ms-address] 1179 | +--rw ms-address inet:ip-address 1180 | +--rw auth-key? string 1181 | +--rw auth-key-type? lisp:auth-key-type 1182 +--rw local-eids 1183 +--rw virtual-network* [vni] 1184 +--rw vni lcaf:instance-id-type 1185 +--rw eids 1186 +--rw local-eid* [id] 1187 +--rw id lisp:eid-id 1188 +--rw eid-address 1189 | +--rw address-type 1190 | | lisp-address-family-ref 1191 | +--rw virtual-network-id? 1192 | | instance-id-type 1193 | +--rw (address)? 1194 | +--:(no-address) 1195 | | +--rw no-address? empty 1196 | +--:(ipv4) 1197 | | +--rw ipv4? 1198 | | inet:ipv4-address 1199 | +--:(ipv4-prefix) 1200 | | +--rw ipv4-prefix? 1201 | | inet:ipv4-prefix 1202 | +--:(ipv6) 1203 | | +--rw ipv6? 1204 | | inet:ipv6-address 1205 | +--:(ipv6-prefix) 1206 | | +--rw ipv6-prefix? 1207 | | inet:ipv6-prefix 1208 | +--:(mac) 1209 | | +--rw mac? 1210 | | yang:mac-address 1211 | +--:(distinguished-name) 1212 | | +--rw distinguished-name? 1213 | | distinguished-name-type 1214 | +--:(as-number) 1215 | | +--rw as-number? 1216 | | inet:as-number 1217 | +--:(null-address) 1218 | | +--rw null-address 1219 | | +--rw address? empty 1220 | +--:(afi-list) 1221 | | +--rw afi-list 1222 | | +--rw address-list* simple-address 1223 | +--:(instance-id) 1224 | | +--rw instance-id 1225 | | +--rw iid? instance-id-type 1226 | | +--rw mask-length? uint8 1227 | | +--rw address? simple-address 1228 | +--:(as-number-lcaf) 1229 | | +--rw as-number-lcaf 1230 | | +--rw as? inet:as-number 1231 | | +--rw address? simple-address 1232 | +--:(application-data) 1233 | | +--rw application-data 1234 | | +--rw address? 1235 | | | simple-address 1236 | | +--rw protocol? uint8 1237 | | +--rw ip-tos? int32 1238 | | +--rw local-port-low? 1239 | | | inet:port-number 1240 | | +--rw local-port-high? 1241 | | | inet:port-number 1242 | | +--rw remote-port-low? 1243 | | | inet:port-number 1244 | | +--rw remote-port-high? 1245 | | inet:port-number 1246 | +--:(geo-coordinates) 1247 | | +--rw geo-coordinates 1248 | | +--rw latitude? bits 1249 | | +--rw latitude-degrees? uint8 1250 | | +--rw latitude-minutes? uint8 1251 | | +--rw latitude-seconds? uint8 1252 | | +--rw longitude? bits 1253 | | +--rw longitude-degrees? uint16 1254 | | +--rw longitude-minutes? uint8 1255 | | +--rw longitude-seconds? uint8 1256 | | +--rw altitude? int32 1257 | | +--rw address? 1258 | | simple-address 1259 | +--:(nat-traversal) 1260 | | +--rw nat-traversal 1261 | | +--rw ms-udp-port? uint16 1262 | | +--rw etr-udp-port? uint16 1263 | | +--rw global-etr-rloc? 1264 | | | simple-address 1265 | | +--rw ms-rloc? 1266 | | | simple-address 1267 | | +--rw private-etr-rloc? 1268 | | | simple-address 1269 | | +--rw rtr-rlocs* 1270 | | simple-address 1271 | +--:(explicit-locator-path) 1272 | | +--rw explicit-locator-path 1273 | | +--rw hop* [hop-id] 1274 | | +--rw hop-id string 1275 | | +--rw address? simple-address 1276 | | +--rw lrs-bits? bits 1277 | +--:(source-dest-key) 1278 | | +--rw source-dest-key 1279 | | +--rw source? simple-address 1280 | | +--rw dest? simple-address 1281 | +--:(key-value-address) 1282 | | +--rw key-value-address 1283 | | +--rw key? simple-address 1284 | | +--rw value? simple-address 1285 | +--:(service-path) 1286 | +--rw service-path 1287 | +--rw service-path-id? 1288 | | service-path-id-type 1289 | +--rw service-index? uint8 1290 +--rw rlocs? leafref 1291 +--rw record-ttl? uint32 1292 +--rw want-map-notify? boolean 1293 +--rw proxy-reply? boolean 1294 +--rw registration-interval? uint16 1296 4.2. Module Definition 1298 file "ietf-lisp-etr@2018-06-29.yang" 1299 module ietf-lisp-etr { 1300 yang-version 1.1; 1302 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp-etr"; 1303 prefix lisp-etr; 1305 // RFC Ed.: replace occurences of XXXX with actual RFC number 1306 // and remove this note 1307 import ietf-lisp { 1308 prefix lisp; 1309 reference "RFC XXXX: LISP YANG model"; 1310 } 1311 import ietf-lisp-address-types { 1312 prefix lcaf; 1313 reference "RFC XXXX: LISP YANG model"; 1314 } 1315 import ietf-inet-types { 1316 prefix inet; 1317 reference "RFC 6991: Common YANG Data Types"; 1318 } 1319 import ietf-routing { 1320 prefix "rt"; 1321 reference 1322 "RFC 8349: A YANG Data Model for Routing Management 1323 (NMDA version)"; 1324 } 1326 organization 1327 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 1328 contact 1329 "WG Web: 1330 WG List: 1332 Editor: Vina Ermagan 1333 1335 Editor: Alberto Rodriguez-Natal 1336 1338 Editor: Reshad Rahman 1339 "; 1340 description 1341 "This YANG module defines the generic parameters for a LISP 1342 ETR. The module can be extended by vendors to define 1343 vendor-specific parameters and policies. 1345 Copyright (c) 2018 IETF Trust and the persons identified as 1346 authors of the code. All rights reserved. 1348 Redistribution and use in source and binary forms, with or 1349 without modification, is permitted pursuant to, and subject 1350 to the license terms contained in, the Simplified BSD License 1351 set forth in Section 4.c of the IETF Trust's Legal Provisions 1352 Relating to IETF Documents 1353 (http://trustee.ietf.org/license-info). 1355 This version of this YANG module is part of RFC XXXX; see 1356 the RFC itself for full legal notices. 1357 "; 1359 reference "RFC XXXX"; 1361 revision 2018-06-29 { 1362 description 1363 "Initial revision."; 1364 reference 1365 "https://tools.ietf.org/html/rfc6830"; 1366 } 1367 augment "/rt:routing/rt:control-plane-protocols" 1368 + "/rt:control-plane-protocol/lisp:lisp" { 1369 when "lisp:lisp-role/lisp:lisp-role-type = 'lisp:etr' or 1370 lisp:lisp-role/lisp:lisp-role-type = 'lisp:petr'" { 1371 description 1372 "Augment is valid when LISP device type is (P)ETR."; 1373 } 1374 description 1375 "This augments LISP devices list with (P)ETR specific 1376 parameters."; 1377 container etr { 1378 presence "LISP (P)ETR operation enabled"; 1379 description 1380 "(P)ETR parameters."; 1382 container map-servers { 1383 when "../../lisp:lisp-role/lisp:lisp-role-type = 'lisp:etr'" { 1384 description 1385 "Container exists only when LISP device type is ETR."; 1386 } 1387 description 1388 "Map-Servers that the ETR uses."; 1389 list map-server { 1390 key "ms-address"; 1391 description 1392 "Each Map-Server within the list of Map-Servers."; 1393 leaf ms-address { 1394 type inet:ip-address; 1395 description 1396 "Map-Server address."; 1397 } 1398 leaf auth-key { 1399 type string; 1400 description 1401 "Map-Server authentication key."; 1402 } 1403 leaf auth-key-type { 1404 type lisp:auth-key-type; 1405 description 1406 "Map-Server authentication type."; 1407 } 1408 } 1409 } 1411 container local-eids { 1412 when "../../lisp:lisp-role/lisp:lisp-role-type = 'lisp:etr'" { 1413 description 1414 "Container exists only when LISP device type is ETR."; 1415 } 1416 description 1417 "Virtual networks served by the ETR."; 1418 list virtual-network { 1419 key "vni"; 1420 description 1421 "Virtual network for local-EIDs."; 1422 leaf vni { 1423 type lcaf:instance-id-type; 1424 description 1425 "Virtual network identifier."; 1426 } 1427 container eids { 1428 description 1429 "EIDs served by the ETR."; 1430 list local-eid { 1431 key "id"; 1432 min-elements 1; 1433 description 1434 "List of local EIDs."; 1435 leaf id { 1436 type lisp:eid-id; 1437 description 1438 "Unique id of local EID."; 1439 } 1440 container eid-address { 1441 uses lcaf:lisp-address; 1442 description 1443 "EID address in generic LISP address format."; 1444 } 1445 leaf rlocs { 1446 type leafref { 1447 path "/rt:routing/rt:control-plane-protocols" 1448 + "/rt:control-plane-protocol/lisp:lisp" 1449 + "/lisp:locator-sets/lisp:locator-set" 1450 + "/lisp:locator-set-name"; 1451 } 1452 description 1453 "Locator set mapped to this local EID."; 1454 } 1455 leaf record-ttl { 1456 type uint32; 1457 units minutes; 1458 description 1459 "Validity period of the EID to RLOCs mapping provided 1460 in Map-Replies."; 1461 } 1462 leaf want-map-notify { 1463 type boolean; 1464 default "true"; 1465 description 1466 "Flag which if set in a Map-Register requests that a 1467 Map-Notify be sent in response."; 1468 } 1469 leaf proxy-reply { 1470 type boolean; 1471 default "false"; 1472 description 1473 "Flag which if set in a Map-Register requests that the 1474 Map-Server proxy Map-Replies for the ETR."; 1475 } 1476 leaf registration-interval { 1477 type uint16; 1478 units "seconds"; 1479 default "60"; 1480 description 1481 "Interval between consecutive Map-Register messages."; 1482 } 1483 } 1484 } 1485 } 1486 } 1487 } 1488 } 1489 } 1490 1491 5. LISP-Map-Server Module 1493 This module captures the configuration data model of a LISP Map 1494 Server [RFC6833]. The model also captures some operational data 1495 elements. 1497 5.1. Module Structure 1499 module: ietf-lisp-mapserver 1500 augment /rt:routing/rt:control-plane-protocols 1501 /rt:control-plane-protocol/lisp:lisp: 1502 +--rw map-server! 1503 +--rw sites 1504 | +--rw site* [site-id] 1505 | +--rw site-id uint64 1506 | +--rw auth-key 1507 | +--rw auth-key-value? string 1508 | +--rw auth-key-type* lisp:auth-key-type 1509 +--rw virtual-network-ids 1510 | +--rw virtual-network-identifier* [vni] 1511 | +--rw vni lcaf:instance-id-type 1512 | +--rw mappings 1513 | | +--rw mapping* [eid-id] 1514 | | +--rw eid-id lisp:eid-id 1515 | | +--rw eid-address 1516 | | | +--rw address-type 1517 | | | | lisp-address-family-ref 1518 | | | +--rw virtual-network-id? 1519 | | | | instance-id-type 1520 | | | +--rw (address)? 1521 | | | +--:(no-address) 1522 | | | | +--rw no-address? empty 1523 | | | +--:(ipv4) 1524 | | | | +--rw ipv4? 1525 | | | | inet:ipv4-address 1526 | | | +--:(ipv4-prefix) 1527 | | | | +--rw ipv4-prefix? 1528 | | | | inet:ipv4-prefix 1529 | | | +--:(ipv6) 1530 | | | | +--rw ipv6? 1531 | | | | inet:ipv6-address 1532 | | | +--:(ipv6-prefix) 1533 | | | | +--rw ipv6-prefix? 1534 | | | | inet:ipv6-prefix 1535 | | | +--:(mac) 1536 | | | | +--rw mac? 1537 | | | | yang:mac-address 1538 | | | +--:(distinguished-name) 1539 | | | | +--rw distinguished-name? 1540 | | | | distinguished-name-type 1541 | | | +--:(as-number) 1542 | | | | +--rw as-number? 1543 | | | | inet:as-number 1544 | | | +--:(null-address) 1545 | | | | +--rw null-address 1546 | | | | +--rw address? empty 1547 | | | +--:(afi-list) 1548 | | | | +--rw afi-list 1549 | | | | +--rw address-list* simple-address 1550 | | | +--:(instance-id) 1551 | | | | +--rw instance-id 1552 | | | | +--rw iid? instance-id-type 1553 | | | | +--rw mask-length? uint8 1554 | | | | +--rw address? simple-address 1555 | | | +--:(as-number-lcaf) 1556 | | | | +--rw as-number-lcaf 1557 | | | | +--rw as? inet:as-number 1558 | | | | +--rw address? simple-address 1559 | | | +--:(application-data) 1560 | | | | +--rw application-data 1561 | | | | +--rw address? 1562 | | | | | simple-address 1563 | | | | +--rw protocol? uint8 1564 | | | | +--rw ip-tos? int32 1565 | | | | +--rw local-port-low? 1566 | | | | | inet:port-number 1567 | | | | +--rw local-port-high? 1568 | | | | | inet:port-number 1569 | | | | +--rw remote-port-low? 1570 | | | | | inet:port-number 1571 | | | | +--rw remote-port-high? 1572 | | | | inet:port-number 1573 | | | +--:(geo-coordinates) 1574 | | | | +--rw geo-coordinates 1575 | | | | +--rw latitude? bits 1576 | | | | +--rw latitude-degrees? uint8 1577 | | | | +--rw latitude-minutes? uint8 1578 | | | | +--rw latitude-seconds? uint8 1579 | | | | +--rw longitude? bits 1580 | | | | +--rw longitude-degrees? uint16 1581 | | | | +--rw longitude-minutes? uint8 1582 | | | | +--rw longitude-seconds? uint8 1583 | | | | +--rw altitude? int32 1584 | | | | +--rw address? 1585 | | | | simple-address 1586 | | | +--:(nat-traversal) 1587 | | | | +--rw nat-traversal 1588 | | | | +--rw ms-udp-port? uint16 1589 | | | | +--rw etr-udp-port? uint16 1590 | | | | +--rw global-etr-rloc? 1591 | | | | | simple-address 1592 | | | | +--rw ms-rloc? 1593 | | | | | simple-address 1594 | | | | +--rw private-etr-rloc? 1595 | | | | | simple-address 1596 | | | | +--rw rtr-rlocs* 1597 | | | | simple-address 1598 | | | +--:(explicit-locator-path) 1599 | | | | +--rw explicit-locator-path 1600 | | | | +--rw hop* [hop-id] 1601 | | | | +--rw hop-id string 1602 | | | | +--rw address? simple-address 1603 | | | | +--rw lrs-bits? bits 1604 | | | +--:(source-dest-key) 1605 | | | | +--rw source-dest-key 1606 | | | | +--rw source? simple-address 1607 | | | | +--rw dest? simple-address 1608 | | | +--:(key-value-address) 1609 | | | | +--rw key-value-address 1610 | | | | +--rw key? simple-address 1611 | | | | +--rw value? simple-address 1612 | | | +--:(service-path) 1613 | | | +--rw service-path 1614 | | | +--rw service-path-id? 1615 | | | | service-path-id-type 1616 | | | +--rw service-index? uint8 1617 | | +--rw site-id* uint64 1618 | | +--rw more-specifics-accepted? boolean 1619 | | +--rw mapping-expiration-timeout? int16 1620 | | +--ro first-registration-time? 1621 | | | yang:date-and-time 1622 | | +--ro last-registration-time? 1623 | | | yang:date-and-time 1624 | | +--rw mapping-records 1625 | | +--rw mapping-record* [xtr-id] 1626 | | +--rw xtr-id 1627 | | | lisp:xtr-id-type 1628 | | +--rw site-id? uint64 1629 | | +--rw eid 1630 | | | +--rw address-type 1631 | | | | lisp-address-family-ref 1632 | | | +--rw virtual-network-id? 1633 | | | | instance-id-type 1634 | | | +--rw (address)? 1635 | | | +--:(no-address) 1636 | | | | +--rw no-address? 1637 | | | | empty 1638 | | | +--:(ipv4) 1639 | | | | +--rw ipv4? 1640 | | | | inet:ipv4-address 1641 | | | +--:(ipv4-prefix) 1642 | | | | +--rw ipv4-prefix? 1643 | | | | inet:ipv4-prefix 1644 | | | +--:(ipv6) 1645 | | | | +--rw ipv6? 1646 | | | | inet:ipv6-address 1647 | | | +--:(ipv6-prefix) 1648 | | | | +--rw ipv6-prefix? 1649 | | | | inet:ipv6-prefix 1650 | | | +--:(mac) 1651 | | | | +--rw mac? 1652 | | | | yang:mac-address 1653 | | | +--:(distinguished-name) 1654 | | | | +--rw distinguished-name? 1655 | | | | distinguished-name-type 1656 | | | +--:(as-number) 1657 | | | | +--rw as-number? 1658 | | | | inet:as-number 1659 | | | +--:(null-address) 1660 | | | | +--rw null-address 1661 | | | | +--rw address? empty 1662 | | | +--:(afi-list) 1663 | | | | +--rw afi-list 1664 | | | | +--rw address-list* 1665 | | | | simple-address 1666 | | | +--:(instance-id) 1667 | | | | +--rw instance-id 1668 | | | | +--rw iid? 1669 | | | | | instance-id-type 1670 | | | | +--rw mask-length? uint8 1671 | | | | +--rw address? 1672 | | | | simple-address 1673 | | | +--:(as-number-lcaf) 1674 | | | | +--rw as-number-lcaf 1675 | | | | +--rw as? inet:as-number 1676 | | | | +--rw address? simple-address 1677 | | | +--:(application-data) 1678 | | | | +--rw application-data 1679 | | | | +--rw address? 1680 | | | | | simple-address 1681 | | | | +--rw protocol? uint8 1682 | | | | +--rw ip-tos? int32 1683 | | | | +--rw local-port-low? 1684 | | | | | inet:port-number 1685 | | | | +--rw local-port-high? 1686 | | | | | inet:port-number 1687 | | | | +--rw remote-port-low? 1688 | | | | | inet:port-number 1689 | | | | +--rw remote-port-high? 1690 | | | | inet:port-number 1691 | | | +--:(geo-coordinates) 1692 | | | | +--rw geo-coordinates 1693 | | | | +--rw latitude? bits 1694 | | | | +--rw latitude-degrees? uint8 1695 | | | | +--rw latitude-minutes? uint8 1696 | | | | +--rw latitude-seconds? uint8 1697 | | | | +--rw longitude? bits 1698 | | | | +--rw longitude-degrees? 1699 | | | | | uint16 1700 | | | | +--rw longitude-minutes? uint8 1701 | | | | +--rw longitude-seconds? uint8 1702 | | | | +--rw altitude? int32 1703 | | | | +--rw address? 1704 | | | | simple-address 1705 | | | +--:(nat-traversal) 1706 | | | | +--rw nat-traversal 1707 | | | | +--rw ms-udp-port? uint16 1708 | | | | +--rw etr-udp-port? uint16 1709 | | | | +--rw global-etr-rloc? 1710 | | | | | simple-address 1711 | | | | +--rw ms-rloc? 1712 | | | | | simple-address 1713 | | | | +--rw private-etr-rloc? 1714 | | | | | simple-address 1715 | | | | +--rw rtr-rlocs* 1716 | | | | simple-address 1717 | | | +--:(explicit-locator-path) 1718 | | | | +--rw explicit-locator-path 1719 | | | | +--rw hop* [hop-id] 1720 | | | | +--rw hop-id string 1721 | | | | +--rw address? 1722 | | | | | simple-address 1723 | | | | +--rw lrs-bits? bits 1724 | | | +--:(source-dest-key) 1725 | | | | +--rw source-dest-key 1726 | | | | +--rw source? simple-address 1727 | | | | +--rw dest? simple-address 1728 | | | +--:(key-value-address) 1729 | | | | +--rw key-value-address 1730 | | | | +--rw key? simple-address 1731 | | | | +--rw value? simple-address 1732 | | | +--:(service-path) 1733 | | | +--rw service-path 1734 | | | +--rw service-path-id? 1735 | | | | service-path-id-type 1736 | | | +--rw service-index? uint8 1737 | | +--rw time-to-live? uint32 1738 | | +--ro creation-time? 1739 | | | yang:date-and-time 1740 | | +--rw authoritative? bits 1741 | | +--rw static? boolean 1742 | | +--rw (locator-list)? 1743 | | +--:(negative-mapping) 1744 | | | +--rw map-reply-action? 1745 | | | map-reply-action 1746 | | +--:(positive-mapping) 1747 | | +--rw rlocs 1748 | | +--rw locator* [id] 1749 | | +--rw id 1750 | | | string 1751 | | +--rw locator-address 1752 | | | +--rw address-type 1753 | | | | lisp-address-family-ref 1754 | | | +--rw virtual-network-id? 1755 | | | | instance-id-type 1756 | | | +--rw (address)? 1757 | | | +--:(no-address) 1758 | | | | +--rw no-address? 1759 | | | | empty 1760 | | | +--:(ipv4) 1761 | | | | +--rw ipv4? 1762 | | | | inet:ipv4-address 1763 | | | +--:(ipv4-prefix) 1764 | | | | +--rw ipv4-prefix? 1765 | | | | inet:ipv4-prefix 1766 | | | +--:(ipv6) 1767 | | | | +--rw ipv6? 1768 | | | | inet:ipv6-address 1769 | | | +--:(ipv6-prefix) 1770 | | | | +--rw ipv6-prefix? 1771 | | | | inet:ipv6-prefix 1772 | | | +--:(mac) 1773 | | | | +--rw mac? 1774 | | | | yang:mac-address 1775 | | | +--:(distinguished-name) 1776 | | | | +--rw distinguished-name? 1777 | | | | distinguished-name-type 1778 | | | +--:(as-number) 1779 | | | | +--rw as-number? 1780 | | | | inet:as-number 1781 | | | +--:(null-address) 1782 | | | | +--rw null-address 1783 | | | | +--rw address? 1784 | | | | empty 1785 | | | +--:(afi-list) 1786 | | | | +--rw afi-list 1787 | | | | +--rw address-list* 1788 | | | | simple-address 1789 | | | +--:(instance-id) 1790 | | | | +--rw instance-id 1791 | | | | +--rw iid? 1792 | | | | | instance-id-type 1793 | | | | +--rw mask-length? 1794 | | | | | uint8 1795 | | | | +--rw address? 1796 | | | | simple-address 1797 | | | +--:(as-number-lcaf) 1798 | | | | +--rw as-number-lcaf 1799 | | | | +--rw as? 1800 | | | | | inet:as-number 1801 | | | | +--rw address? 1802 | | | | simple-address 1803 | | | +--:(application-data) 1804 | | | | +--rw application-data 1805 | | | | +--rw address? 1806 | | | | | simple-address 1807 | | | | +--rw protocol? 1808 | | | | | uint8 1809 | | | | +--rw ip-tos? 1810 | | | | | int32 1811 | | | | +--rw local-port-low? 1812 | | | | | inet:port-number 1813 | | | | +--rw local-port-high? 1814 | | | | | inet:port-number 1815 | | | | +--rw remote-port-low? 1816 | | | | | inet:port-number 1817 | | | | +--rw remote-port-high? 1818 | | | | inet:port-number 1819 | | | +--:(geo-coordinates) 1820 | | | | +--rw geo-coordinates 1821 | | | | +--rw latitude? 1822 | | | | | bits 1823 | | | | +--rw latitude-degrees? 1824 | | | | | uint8 1825 | | | | +--rw latitude-minutes? 1826 | | | | | uint8 1827 | | | | +--rw latitude-seconds? 1828 | | | | | uint8 1829 | | | | +--rw longitude? 1830 | | | | | bits 1831 | | | | +--rw longitude-degrees? 1832 | | | | | uint16 1833 | | | | +--rw longitude-minutes? 1834 | | | | | uint8 1835 | | | | +--rw longitude-seconds? 1836 | | | | | uint8 1837 | | | | +--rw altitude? 1838 | | | | | int32 1839 | | | | +--rw address? 1840 | | | | simple-address 1841 | | | +--:(nat-traversal) 1842 | | | | +--rw nat-traversal 1843 | | | | +--rw ms-udp-port? 1844 | | | | | uint16 1845 | | | | +--rw etr-udp-port? 1846 | | | | | uint16 1847 | | | | +--rw global-etr-rloc? 1848 | | | | | simple-address 1849 | | | | +--rw ms-rloc? 1850 | | | | | simple-address 1851 | | | | +--rw private-etr-rloc? 1852 | | | | | simple-address 1853 | | | | +--rw rtr-rlocs* 1854 | | | | simple-address 1855 | | | +--:(explicit-locator-path) 1856 | | | | +--rw explicit-locator-path 1857 | | | | +--rw hop* [hop-id] 1858 | | | | +--rw hop-id 1859 | | | | | string 1860 | | | | +--rw address? 1861 | | | | | simple-address 1862 | | | | +--rw lrs-bits? 1863 | | | | bits 1864 | | | +--:(source-dest-key) 1865 | | | | +--rw source-dest-key 1866 | | | | +--rw source? 1867 | | | | | simple-address 1868 | | | | +--rw dest? 1869 | | | | simple-address 1870 | | | +--:(key-value-address) 1871 | | | | +--rw key-value-address 1872 | | | | +--rw key? 1873 | | | | | simple-address 1874 | | | | +--rw value? 1875 | | | | simple-address 1876 | | | +--:(service-path) 1877 | | | +--rw service-path 1878 | | | +--rw service-path-id? 1879 | | | | service-path-id-type 1880 | | | +--rw service-index? 1881 | | | uint8 1882 | | +--rw priority? 1883 | | | uint8 1884 | | +--rw weight? 1885 | | | uint8 1886 | | +--rw multicast-priority? 1887 | | | uint8 1888 | | +--rw multicast-weight? 1889 | | uint8 1890 | +--ro counters 1891 | +--ro map-registers-in? yang:counter64 1892 | +--ro map-registers-in-auth-failed? yang:counter64 1893 | +--ro map-notify-records-out? yang:counter64 1894 | +--ro proxy-reply-records-out? yang:counter64 1895 | +--ro map-requests-forwarded-out? yang:counter64 1896 +--rw mapping-system-type? lisp:mapping-system-ref 1897 +--ro summary 1898 | +--ro number-configured-sites? uint32 1899 | +--ro number-registered-sites? uint32 1900 | +--ro af-datum 1901 | +--ro af-data* [address-type] 1902 | +--ro address-type 1903 | | lcaf:lisp-address-family-ref 1904 | +--ro number-configured-eids? uint32 1905 | +--ro number-registered-eids? uint32 1906 +--ro counters 1907 +--ro map-registers-in? yang:counter64 1908 +--ro map-registers-in-auth-failed? yang:counter64 1909 +--ro map-notify-records-out? yang:counter64 1910 +--ro proxy-reply-records-out? yang:counter64 1911 +--ro map-requests-forwarded-out? yang:counter64 1913 5.2. Module Definition 1915 file "ietf-lisp-mapserver@2018-06-29.yang" 1916 module ietf-lisp-mapserver { 1917 yang-version 1.1; 1919 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp-mapserver"; 1921 prefix lisp-ms; 1922 // RFC Ed.: replace occurences of XXXX with actual RFC number 1923 // and remove this note 1924 import ietf-lisp { 1925 prefix lisp; 1926 reference "RFC XXXX: LISP YANG model"; 1927 } 1928 import ietf-lisp-address-types { 1929 prefix lcaf; 1930 reference "RFC XXXX: LISP YANG model"; 1931 } 1932 import ietf-yang-types { 1933 prefix yang; 1934 reference "RFC 6991: Common YANG Data Types"; 1935 } 1936 import ietf-routing { 1937 prefix "rt"; 1938 reference 1939 "RFC 8349: A YANG Data Model for Routing Management 1940 (NMDA version)"; 1941 } 1943 organization 1944 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 1945 contact 1946 "WG Web: 1947 WG List: 1949 Editor: Vina Ermagan 1950 1952 Editor: Alberto Rodriguez-Natal 1953 1955 Editor: Reshad Rahman 1956 "; 1957 description 1958 "This YANG module defines the generic parameters for a LISP 1959 Map-Server. The module can be extended by vendors to define 1960 vendor-specific parameters and policies. 1962 Copyright (c) 2018 IETF Trust and the persons identified as 1963 authors of the code. All rights reserved. 1965 Redistribution and use in source and binary forms, with or 1966 without modification, is permitted pursuant to, and subject 1967 to the license terms contained in, the Simplified BSD License 1968 set forth in Section 4.c of the IETF Trust's Legal Provisions 1969 Relating to IETF Documents 1970 (http://trustee.ietf.org/license-info). 1972 This version of this YANG module is part of RFC XXXX; see 1973 the RFC itself for full legal notices. 1974 "; 1976 reference "RFC XXXX"; 1978 revision 2018-06-29 { 1979 description 1980 "Initial revision."; 1981 reference 1982 "https://tools.ietf.org/html/rfc6833"; 1983 } 1985 identity ms { 1986 base lisp:lisp-role; 1987 description 1988 "LISP Map-Server."; 1989 } 1991 grouping ms-counters { 1992 description "Group that defines map-server counters."; 1993 container counters { 1994 config false; 1995 description "Container for the counters"; 1997 leaf map-registers-in { 1998 type yang:counter64; 1999 description "Number of incoming Map-Register messages"; 2000 } 2002 leaf map-registers-in-auth-failed { 2003 type yang:counter64; 2004 description 2005 "Number of incoming Map-Register messages failed 2006 authentication"; 2007 } 2009 leaf map-notify-records-out { 2010 type yang:counter64; 2011 description 2012 "Number of outgoing Map-Notify records"; 2013 } 2015 leaf proxy-reply-records-out { 2016 type yang:counter64; 2017 description 2018 "Number of outgoing proxy Map-Reply records"; 2019 } 2021 leaf map-requests-forwarded-out { 2022 type yang:counter64; 2023 description 2024 "Number of outgoing Map-Requests forwarded to ETR"; 2025 } 2026 } 2027 } 2029 augment "/rt:routing/rt:control-plane-protocols" 2030 + "/rt:control-plane-protocol/lisp:lisp" { 2031 when "lisp:lisp-role/lisp:lisp-role-type = 'lisp-ms:ms'" { 2032 description 2033 "Augment is valid when LISP device type is Map-Server."; 2034 } 2035 description 2036 "This augments LISP devices list with Map-Server specific 2037 parameters."; 2038 container map-server { 2039 presence "LISP Map-Server operation enabled"; 2040 description 2041 "Map-Server parameters."; 2042 container sites{ 2043 description 2044 "Sites to accept registrations from."; 2045 list site { 2046 key site-id; 2047 description 2048 "Site that can send registrations."; 2049 leaf site-id { 2050 type uint64; 2051 description "Site ID"; 2052 } 2053 container auth-key { 2054 description 2055 "Site authentication key."; 2056 leaf auth-key-value { 2057 type string; 2058 description 2059 "Clear text authentication key"; 2060 } 2061 leaf-list auth-key-type { 2062 type lisp:auth-key-type; 2063 description 2064 "Authentication key type."; 2065 } 2067 } 2068 } 2069 } 2070 container virtual-network-ids { 2071 description 2072 "Sites for which the Map-Server accepts registrations."; 2073 list virtual-network-identifier { 2074 key "vni"; 2075 description 2076 "Virtual network instances in the Map-Server."; 2077 leaf vni { 2078 type lcaf:instance-id-type; 2079 description 2080 "Virtual network identifier."; 2081 } 2082 container mappings { 2083 description 2084 "EIDs registered by device."; 2085 list mapping { 2086 key "eid-id"; 2087 description 2088 "List of EIDs registered by device."; 2089 leaf eid-id { 2090 type lisp:eid-id; 2091 description 2092 "Id of the EID registered."; 2093 } 2094 container eid-address { 2095 uses lcaf:lisp-address; 2096 description 2097 "EID in generic LISP address format registered 2098 with the Map-Server."; 2099 } 2100 leaf-list site-id { 2101 type uint64; 2102 description "Site ID"; 2103 } 2104 leaf more-specifics-accepted { 2105 type boolean; 2106 default "false"; 2107 description 2108 "Flag indicating if more specific prefixes 2109 can be registered."; 2110 } 2111 leaf mapping-expiration-timeout { 2112 type int16; 2113 units "seconds"; 2114 default "180"; //3 times the mapregister int 2115 description 2116 "Time before mapping is expired if no new 2117 registrations are received."; 2118 } 2119 leaf first-registration-time { 2120 type yang:date-and-time; 2121 config false; 2122 description 2123 "Time at which the first registration for this EID 2124 was received"; 2125 } 2126 leaf last-registration-time { 2127 type yang:date-and-time; 2128 config false; 2129 description 2130 "Time at which the last registration for this EID 2131 was received"; 2132 } 2133 container mapping-records { 2134 description 2135 "Datastore of registered mappings."; 2136 list mapping-record { 2137 key xtr-id; 2138 description 2139 "Registered mapping."; 2140 leaf xtr-id { 2141 type lisp:xtr-id-type; 2142 description "xTR ID"; 2143 } 2144 leaf site-id { 2145 type uint64; 2146 description "Site ID"; 2147 } 2148 uses lisp:mapping; 2149 } 2150 } 2151 } 2152 } 2153 uses ms-counters; 2154 } 2155 } 2156 leaf mapping-system-type { 2157 type lisp:mapping-system-ref; 2158 description 2159 "A reference to the mapping system"; 2160 } 2162 container summary { 2163 config false; 2164 description "Summary state information"; 2166 leaf number-configured-sites { 2167 type uint32; 2168 description "Number of configured LISP sites"; 2169 } 2170 leaf number-registered-sites { 2171 type uint32; 2172 description "Number of registered LISP sites"; 2173 } 2174 container af-datum { 2175 description "Number of configured EIDs per each AF"; 2177 list af-data { 2178 key "address-type"; 2179 description "Number of configured EIDs for this AF"; 2180 leaf address-type { 2181 type lcaf:lisp-address-family-ref; 2182 description "AF type"; 2183 } 2184 leaf number-configured-eids { 2185 type uint32; 2186 description "Number of configured EIDs for this AF"; 2187 } 2188 leaf number-registered-eids { 2189 type uint32; 2190 description "Number of registered EIDs for this AF"; 2191 } 2192 } 2193 } 2194 } 2195 uses ms-counters; 2196 } 2197 } 2198 } 2199 2201 6. LISP-Map-Resolver Module 2203 This module captures the configuration data model of a LISP Map 2204 Resolver [RFC6833]. The model also captures some operational data 2205 elements. 2207 6.1. Module Structure 2209 module: ietf-lisp-mapresolver 2210 augment /rt:routing/rt:control-plane-protocols 2211 /rt:control-plane-protocol/lisp:lisp: 2212 +--rw map-resolver! 2213 +--rw mapping-system-type? lisp:mapping-system-ref 2214 +--rw ms-address? inet:ip-address 2216 6.2. Module Definition 2218 file "ietf-lisp-mapresolver@2018-06-29.yang" 2219 module ietf-lisp-mapresolver { 2220 yang-version 1.1; 2222 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp-mapresolver"; 2224 prefix lisp-mr; 2226 // RFC Ed.: replace occurences of XXXX with actual RFC number 2227 // and remove this note 2228 import ietf-lisp { 2229 prefix lisp; 2230 reference "RFC XXXX: LISP YANG model"; 2231 } 2232 import ietf-inet-types { 2233 prefix inet; 2234 reference "RFC 6991: Common YANG Data Types"; 2235 } 2236 import ietf-routing { 2237 prefix "rt"; 2238 reference 2239 "RFC 8349: A YANG Data Model for Routing Management 2240 (NMDA version)"; 2241 } 2243 organization 2244 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 2245 contact 2246 "WG Web: 2247 WG List: 2249 Editor: Vina Ermagan 2250 2252 Editor: Alberto Rodriguez-Natal 2253 2255 Editor: Reshad Rahman 2256 "; 2257 description 2258 "This YANG module defines the generic parameters for a LISP 2259 Map-Resolver. The module can be extended by vendors to define 2260 vendor-specific parameters and policies. 2262 Copyright (c) 2018 IETF Trust and the persons identified as 2263 authors of the code. All rights reserved. 2265 Redistribution and use in source and binary forms, with or 2266 without modification, is permitted pursuant to, and subject 2267 to the license terms contained in, the Simplified BSD License 2268 set forth in Section 4.c of the IETF Trust's Legal Provisions 2269 Relating to IETF Documents 2270 (http://trustee.ietf.org/license-info). 2272 This version of this YANG module is part of RFC XXXX; see 2273 the RFC itself for full legal notices. 2274 "; 2276 reference "RFC XXXX"; 2278 revision 2018-06-29 { 2279 description 2280 "Initial revision."; 2281 reference 2282 "https://tools.ietf.org/html/rfc6833"; 2283 } 2284 identity mr { 2285 base lisp:lisp-role; 2286 description 2287 "LISP Map-Resolver."; 2288 } 2290 augment "/rt:routing/rt:control-plane-protocols" 2291 + "/rt:control-plane-protocol/lisp:lisp" { 2292 when "lisp:lisp-role/lisp:lisp-role-type = 'lisp-mr:mr'" { 2293 description 2294 "Augment is valid when LISP device type is Map-Resolver."; 2295 } 2296 description 2297 "This augments LISP devices list with Map-Resolver specific 2298 parameters."; 2299 container map-resolver { 2300 presence "LISP Map-Resolver operation enabled"; 2301 description 2302 "Map-Resolver parameters."; 2304 leaf mapping-system-type { 2305 type lisp:mapping-system-ref; 2306 description 2307 "A reference to the mapping system"; 2308 } 2309 leaf ms-address { 2310 when "../mapping-system-type='lisp:single-node-mapping-system'"; 2311 type inet:ip-address; 2312 description 2313 "address to reach the Map Server when " 2314 + "lisp-mr:single-node-mapping-system is being used."; 2315 } 2316 } 2317 } 2318 } 2319 2321 7. LISP-Address-Types Module 2323 This module captures the various LISP address types, and is an 2324 essential building block used in other LISP modules. 2326 7.1. Module Definition 2328 file "ietf-lisp-address-types@2018-06-29.yang" 2329 module ietf-lisp-address-types { 2330 yang-version 1.1; 2332 namespace "urn:ietf:params:xml:ns:yang:ietf-lisp-address-types"; 2334 prefix laddr; 2336 import ietf-inet-types { 2337 prefix inet; 2338 reference "RFC 6991: Common YANG Data Types"; 2339 } 2340 import ietf-yang-types { 2341 prefix yang; 2342 reference "RFC 6991: Common YANG Data Types"; 2343 } 2345 organization 2346 "IETF LISP (Locator/ID Separation Protocol) Working Group"; 2347 contact 2348 "WG Web: 2349 WG List: 2351 Editor: Vina Ermagan 2352 2354 Editor: Alberto Rodriguez-Natal 2355 2357 Editor: Reshad Rahman 2358 "; 2359 description 2360 "This YANG module defines the LISP Canonical Address Formats 2361 (LCAF) for LISP. The module can be extended by vendors to 2362 define vendor-specific parameters. 2364 Copyright (c) 2018 IETF Trust and the persons identified as 2365 authors of the code. All rights reserved. 2367 Redistribution and use in source and binary forms, with or 2368 without modification, is permitted pursuant to, and subject 2369 to the license terms contained in, the Simplified BSD License 2370 set forth in Section 4.c of the IETF Trust's Legal Provisions 2371 Relating to IETF Documents 2372 (http://trustee.ietf.org/license-info). 2374 This version of this YANG module is part of RFC XXXX; see 2375 the RFC itself for full legal notices. 2377 "; 2378 // RFC Ed.: replace XXXX with actual RFC number and remove 2379 // this note 2380 reference "RFC XXXX"; 2382 revision 2018-06-29 { 2383 description 2384 "Initial revision."; 2385 reference 2386 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10"; 2387 } 2388 identity lisp-address-family { 2389 description 2390 "Base identity from which identities describing LISP address 2391 families are derived."; 2392 } 2393 identity no-address-afi { 2394 base lisp-address-family; 2395 description 2396 "IANA Reserved."; 2397 } 2398 identity ipv4-afi { 2399 base lisp-address-family; 2400 description 2401 "IANA IPv4 address family."; 2402 } 2403 identity ipv4-prefix-afi { 2404 base lisp-address-family; 2405 description 2406 "IANA IPv4 address family prefix."; 2407 } 2408 identity ipv6-afi { 2409 base lisp-address-family; 2410 description 2411 "IANA IPv6 address family."; 2412 } 2413 identity ipv6-prefix-afi { 2414 base lisp-address-family; 2415 description 2416 "IANA IPv6 address family prefix."; 2417 } 2418 identity mac-afi { 2419 base lisp-address-family; 2420 description 2421 "IANA MAC address family."; 2422 } 2423 identity distinguished-name-afi { 2424 base lisp-address-family; 2425 description 2426 "IANA Distinguished Name address family."; 2427 } 2428 identity as-number-afi { 2429 base lisp-address-family; 2430 description 2431 "IANA AS Number address family."; 2432 } 2433 identity lcaf { 2434 base lisp-address-family; 2435 description 2436 "IANA LISP Canonical Address Format address family."; 2437 } 2438 identity null-address-lcaf { 2439 base lcaf; 2440 description 2441 "Null body LCAF type."; 2442 } 2443 identity afi-list-lcaf { 2444 base lcaf; 2445 description 2446 "AFI-List LCAF type."; 2447 } 2448 identity instance-id-lcaf { 2449 base lcaf; 2450 description 2451 "Instance-ID LCAF type."; 2452 } 2453 identity as-number-lcaf { 2454 base lcaf; 2455 description 2456 "AS Number LCAF type."; 2457 } 2458 identity application-data-lcaf { 2459 base lcaf; 2460 description 2461 "Application Data LCAF type."; 2462 } 2463 identity geo-coordinates-lcaf { 2464 base lcaf; 2465 description 2466 "Geo-coordinates LCAF type."; 2467 } 2468 identity opaque-key-lcaf { 2469 base lcaf; 2470 description 2471 "Opaque Key LCAF type."; 2472 } 2473 identity nat-traversal-lcaf { 2474 base lcaf; 2475 description 2476 "NAT-Traversal LCAF type."; 2477 } 2478 identity nonce-locator-lcaf { 2479 base lcaf; 2480 description 2481 "Nonce-Locator LCAF type."; 2482 } 2483 identity multicast-info-lcaf { 2484 base lcaf; 2485 description 2486 "Multicast Info LCAF type."; 2487 } 2488 identity explicit-locator-path-lcaf { 2489 base lcaf; 2490 description 2491 "Explicit Locator Path LCAF type."; 2492 } 2493 identity security-key-lcaf { 2494 base lcaf; 2495 description 2496 "Security Key LCAF type."; 2497 } 2498 identity source-dest-key-lcaf { 2499 base lcaf; 2500 description 2501 "Source/Dest LCAF type."; 2502 } 2503 identity replication-list-lcaf { 2504 base lcaf; 2505 description 2506 "Replication-List LCAF type."; 2507 } 2508 identity json-data-model-lcaf { 2509 base lcaf; 2510 description 2511 "JSON Data Model LCAF type."; 2512 } 2513 identity key-value-address-lcaf { 2514 base lcaf; 2515 description 2516 "Key/Value Address LCAF type."; 2517 } 2518 identity encapsulation-format-lcaf { 2519 base lcaf; 2520 description 2521 "Encapsulation Format LCAF type."; 2522 } 2523 identity service-path-lcaf { 2524 base lcaf; 2525 description 2526 "Service Path LCAF type."; 2527 } 2528 typedef instance-id-type { 2529 type uint32 { 2530 range "0..16777215"; 2531 } 2532 description 2533 "Defines the range of values for an Instance ID."; 2534 } 2535 typedef service-path-id-type { 2536 type uint32 { 2537 range "0..16777215"; 2538 } 2539 description 2540 "Defines the range of values for a Service Path ID."; 2541 } 2542 typedef distinguished-name-type { 2543 type string; 2544 description 2545 "Distinguished Name address."; 2546 reference 2547 "http://www.iana.org/assignments/address-family-numbers/ 2548 address-family-numbers.xhtml"; 2549 } 2550 typedef simple-address { 2551 type union { 2552 type inet:ip-address; 2553 type inet:ip-prefix; 2554 type yang:mac-address; 2555 type distinguished-name-type; 2556 type inet:as-number; 2557 } 2558 description 2559 "Union of address types that can be part of LCAFs."; 2560 } 2562 typedef lisp-address-family-ref { 2563 type identityref { 2564 base lisp-address-family; 2565 } 2566 description 2567 "LISP address family reference."; 2568 } 2569 typedef lcaf-ref { 2570 type identityref { 2571 base lcaf; 2572 } 2573 description 2574 "LCAF types reference."; 2575 } 2577 grouping lisp-address { 2578 description 2579 "Generic LISP address."; 2580 leaf address-type { 2581 type lisp-address-family-ref; 2582 mandatory true; 2583 description 2584 "Type of the LISP address."; 2585 } 2586 leaf virtual-network-id { 2587 type instance-id-type; 2588 description 2589 "Virtual Network Identifier (instance-id) of the address."; 2590 } 2591 choice address { 2592 description 2593 "Various LISP address types, including IP, MAC, and LCAF."; 2595 leaf no-address { 2596 when "../address-type = 'laddr:no-address-afi'" { 2597 description 2598 "When AFI is 0."; 2599 } 2600 type empty; 2601 description 2602 "No address."; 2603 } 2604 leaf ipv4 { 2605 when "../address-type = 'laddr:ipv4-afi'" { 2606 description 2607 "When AFI is IPv4."; 2608 } 2609 type inet:ipv4-address; 2610 description 2611 "IPv4 address."; 2612 } 2613 leaf ipv4-prefix { 2614 when "../address-type = 'laddr:ipv4-prefix-afi'" { 2615 description 2616 "When AFI is IPv4."; 2617 } 2618 type inet:ipv4-prefix; 2619 description 2620 "IPv4 prefix."; 2621 } 2622 leaf ipv6 { 2623 when "../address-type = 'laddr:ipv6-afi'" { 2624 description 2625 "When AFI is IPv6."; 2626 } 2627 type inet:ipv6-address; 2628 description 2629 "IPv6 address."; 2630 } 2631 leaf ipv6-prefix { 2632 when "../address-type = 'laddr:ipv6-prefix-afi'" { 2633 description 2634 "When AFI is IPv6."; 2635 } 2636 type inet:ipv6-prefix; 2637 description 2638 "IPv6 address."; 2639 } 2640 leaf mac { 2641 when "../address-type = 'laddr:mac-afi'" { 2642 description 2643 "When AFI is MAC."; 2644 } 2645 type yang:mac-address; 2646 description 2647 "MAC address."; 2648 } 2649 leaf distinguished-name { 2650 when "../address-type = 'laddr:distinguished-name-afi'" { 2651 description 2652 "When AFI is distinguished-name."; 2653 } 2654 type distinguished-name-type; 2655 description 2656 "Distinguished Name address."; 2657 } 2658 leaf as-number { 2659 when "../address-type = 'laddr:as-number-afi'" { 2660 description 2661 "When AFI is as-number."; 2662 } 2663 type inet:as-number; 2664 description 2665 "AS Number."; 2666 } 2667 container null-address { 2668 when "../address-type = 'laddr:null-address-lcaf'" { 2669 description 2670 "When LCAF type is null."; 2671 } 2672 description 2673 "Null body LCAF type"; 2674 leaf address { 2675 type empty; 2676 description 2677 "AFI address."; 2678 } 2679 } 2680 container afi-list { 2681 when "../address-type = 'laddr:afi-list-lcaf'" { 2682 description 2683 "When LCAF type is AFI-List."; 2684 } 2685 description 2686 "AFI-List LCAF type."; 2687 reference 2688 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2689 #section-4.16.1"; 2690 leaf-list address-list { 2691 type simple-address; 2692 description 2693 "List of AFI addresses."; 2694 } 2695 } 2696 container instance-id { 2697 when "../address-type = 'laddr:instance-id-lcaf'" { 2698 description 2699 "When LCAF type is Instance-ID"; 2700 } 2701 description 2702 "Instance ID LCAF type."; 2703 reference 2704 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2705 #section-4.2"; 2706 leaf iid { 2707 type instance-id-type; 2708 description 2709 "Instance ID value."; 2710 } 2711 leaf mask-length { 2712 type uint8; 2713 description 2714 "Mask length."; 2715 } 2716 leaf address { 2717 type simple-address; 2718 description 2719 "AFI address."; 2720 } 2721 } 2722 container as-number-lcaf { 2723 when "../address-type = 'laddr:as-number-lcaf'" { 2724 description 2725 "When LCAF type is AS-Number."; 2726 } 2727 description 2728 "AS Number LCAF type."; 2729 reference 2730 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2731 #section-4.3"; 2732 leaf as { 2733 type inet:as-number; 2734 description 2735 "AS number."; 2737 } 2738 leaf address { 2739 type simple-address; 2740 description 2741 "AFI address."; 2742 } 2743 } 2744 container application-data { 2745 when "../address-type = 'laddr:application-data-lcaf'" { 2746 description 2747 "When LCAF type is Application Data."; 2748 } 2749 description 2750 "Application Data LCAF type."; 2751 reference 2752 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2753 #section-4.4"; 2754 leaf address { 2755 type simple-address; 2756 description 2757 "AFI address."; 2758 } 2759 leaf protocol { 2760 type uint8; 2761 description 2762 "Protocol number."; 2763 } 2764 leaf ip-tos { 2765 type int32; 2766 description 2767 "Type of service field."; 2768 } 2769 leaf local-port-low { 2770 type inet:port-number; 2771 description 2772 "Low end of local port range."; 2773 } 2774 leaf local-port-high { 2775 type inet:port-number; 2776 description 2777 "High end of local port range."; 2778 } 2779 leaf remote-port-low { 2780 type inet:port-number; 2781 description 2782 "Low end of remote port range."; 2783 } 2784 leaf remote-port-high { 2785 type inet:port-number; 2786 description 2787 "High end of remote port range."; 2788 } 2789 } 2790 container geo-coordinates { 2791 when "../address-type = 'laddr:geo-coordinates-lcaf'" { 2792 description 2793 "When LCAF type is Geo-coordinates."; 2794 } 2795 description 2796 "Geo-coordinates LCAF type."; 2797 reference 2798 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2799 #section-4.5"; 2800 leaf latitude { 2801 type bits { 2802 bit N { 2803 description 2804 "Latitude bit."; 2805 } 2806 } 2807 description 2808 "Bit that selects between North and South latitude."; 2809 } 2810 leaf latitude-degrees { 2811 type uint8 { 2812 range "0 .. 90"; 2813 } 2814 description 2815 "Degrees of latitude."; 2816 } 2817 leaf latitude-minutes { 2818 type uint8 { 2819 range "0..59"; 2820 } 2821 description 2822 "Minutes of latitude."; 2823 } 2824 leaf latitude-seconds { 2825 type uint8 { 2826 range "0..59"; 2827 } 2828 description 2829 "Seconds of latitude."; 2830 } 2831 leaf longitude { 2832 type bits { 2833 bit E { 2834 description 2835 "Longitude bit."; 2836 } 2837 } 2838 description 2839 "Bit that selects between East and West longitude."; 2840 } 2841 leaf longitude-degrees { 2842 type uint16 { 2843 range "0 .. 180"; 2844 } 2845 description 2846 "Degrees of longitude."; 2847 } 2848 leaf longitude-minutes { 2849 type uint8 { 2850 range "0..59"; 2851 } 2852 description 2853 "Minutes of longitude."; 2854 } 2855 leaf longitude-seconds { 2856 type uint8 { 2857 range "0..59"; 2858 } 2859 description 2860 "Seconds of longitude."; 2861 } 2862 leaf altitude { 2863 type int32; 2864 description 2865 "Height relative to sea level in meters."; 2866 } 2867 leaf address { 2868 type simple-address; 2869 description 2870 "AFI address."; 2871 } 2872 } 2873 container nat-traversal { 2874 when "../address-type = 'laddr:nat-traversal-lcaf'" { 2875 description 2876 "When LCAF type is NAT-Traversal."; 2877 } 2878 description 2879 "NAT-Traversal LCAF type."; 2880 reference 2881 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2882 #section-4.6"; 2883 leaf ms-udp-port { 2884 type uint16; 2885 description 2886 "Map-Server UDP port (set to 4342)."; 2887 } 2888 leaf etr-udp-port { 2889 type uint16; 2890 description 2891 "ETR UDP port."; 2892 } 2893 leaf global-etr-rloc { 2894 type simple-address; 2895 description 2896 "Global ETR RLOC address."; 2897 } 2898 leaf ms-rloc { 2899 type simple-address; 2900 description 2901 "Map-Server RLOC address."; 2902 } 2903 leaf private-etr-rloc { 2904 type simple-address; 2905 description 2906 "Private ETR RLOC address."; 2907 } 2908 leaf-list rtr-rlocs { 2909 type simple-address; 2910 description 2911 "List of RTR RLOC addresses."; 2912 } 2913 } 2914 container explicit-locator-path { 2915 when "../address-type = 'laddr:explicit-locator-path-lcaf'" { 2916 description 2917 "When LCAF type type is Explicit Locator Path."; 2918 } 2919 description 2920 "Explicit Locator Path LCAF type."; 2921 reference 2922 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2923 #section-4.9"; 2924 list hop { 2925 key "hop-id"; 2926 ordered-by user; 2927 description 2928 "List of locator hops forming the explicit path."; 2930 leaf hop-id { 2931 type string { 2932 length "1..64"; 2933 } 2934 description 2935 "Unique identifier for the hop."; 2936 } 2937 leaf address { 2938 type simple-address; 2939 description 2940 "AFI address."; 2941 } 2942 leaf lrs-bits { 2943 type bits{ 2944 bit lookup { 2945 description 2946 "Lookup bit."; 2947 } 2948 bit rloc-probe { 2949 description 2950 "RLOC-probe bit."; 2951 } 2952 bit strict { 2953 description 2954 "Strict bit."; 2955 } 2956 } 2957 description 2958 "Flag bits per hop."; 2959 } 2960 } 2961 } 2962 container source-dest-key { 2963 when "../address-type = 'laddr:source-dest-key-lcaf'" { 2964 description 2965 "When LCAF type type is Source/Dest."; 2966 } 2967 description 2968 "Source/Dest LCAF type."; 2969 reference 2970 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2971 #section-4.11"; 2972 leaf source { 2973 type simple-address; 2974 description 2975 "Source address."; 2976 } 2977 leaf dest { 2978 type simple-address; 2979 description 2980 "Destination address."; 2981 } 2982 } 2983 container key-value-address { 2984 when "../address-type = 'laddr:key-value-address-lcaf'" { 2985 description 2986 "When LCAF type type is Key/Value Address."; 2987 } 2988 description 2989 "Key/Value Address LCAF type."; 2990 reference 2991 "http://tools.ietf.org/html/draft-ietf-lisp-lcaf-10 2992 #section-4.11"; 2993 leaf key { 2994 type simple-address; 2995 description 2996 "Address as Key."; 2997 } 2998 leaf value { 2999 type simple-address; 3000 description 3001 "Address as Value."; 3002 } 3003 } 3004 container service-path { 3005 when "../address-type = 'laddr:service-path-lcaf'" { 3006 description 3007 "When LCAF type service path identifier."; 3008 } 3009 description 3010 "Service Path LCAF type."; 3011 reference 3012 "http://tools.ietf.org/html/draft-ermagan-lisp-nsh-00"; 3013 leaf service-path-id { 3014 type service-path-id-type; 3015 description 3016 "Service path identifier for the path for NSH header"; 3017 } 3018 leaf service-index { 3019 type uint8; 3020 description 3021 "Service path index for NSH header"; 3022 } 3023 } 3024 } 3025 } 3027 } 3028 3030 7.2. Data Model examples 3032 This section presents some simple and illustrative examples on how to 3033 configure LISP. 3035 7.2.1. LISP protocol instance 3037 The following is an example configuration for a LISP protocol 3038 instance with the name "LISP1". There are also 2 VNIs configured. 3040 3041 3042 3043 3044 VRF-BLUE 3045 3046 true 3047 3048 3049 VRF-RED 3050 3051 true 3052 3053 3054 3055 3056 3057 3058 lisp:lisp 3059 3060 LISP1 3061 3062 3063 3064 1000 3065 VRF-BLUE 3066 3067 3068 2000 3069 VRF-RED 3070 3071 3072 3073 3074 3075 3076 3078 7.2.2. LISP ITR 3080 The following is an example configuration for ITR functionality under 3081 "LISP1". There are 2 Map-Resolvers configured. 3083 3084 3085 3086 3087 3088 3089 lisp:lisp 3090 3091 LISP1 3092 3093 3094 itr 3095 3096 3097 3098 2001:db8:203:0:113::1 3099 2001:db8:204:0:113::1 3100 3101 3102 3103 3104 3105 3106 3108 7.2.3. LISP ETR 3110 The following is an example configuration for ETR functionality under 3111 "LISP1". There are 2 Map-Servers and 2 local EIDs configured. 3113 3114 3115 3116 3117 3118 3119 lisp:lisp 3120 3121 LISP1 3122 3123 3124 etr 3125 3126 3127 1 3129 3130 3131 3132 3133 2001:db8:203:0:113::1 3134 *Kye^$$1#gb91U04zpa! 3135 hmac-sha-256-128 3136 3137 3138 2001:db8:204:0:113::1 3139 *Kye^$$1#gb91U04zpa! 3140 hmac-sha-256-128 3141 3142 3143 3144 3145 1000 3146 3147 3148 2001:db8:400:0:100::0 3149 3150 3152 laddr:ipv6-prefix-afi 3153 3154 2001:db8:400:0:100::/80 3155 3156 3157 3158 3159 3160 2000 3161 3162 3163 2001:db8:800:0:200::0 3164 3165 3167 laddr:ipv6-prefix-afi 3168 3169 2001:db8:800:0:200::/80 3170 3171 3172 3173 3174 3175 3176 3178 3179 3180 3181 3183 7.2.4. LISP Map-Server 3185 The following is an example configuration for Map-Server 3186 functionality under "LISP1". There are 2 mappings configured. 3188 3189 3190 3191 3192 3193 lisp:lisp 3194 3195 LISP1 3196 3197 3198 3200 lisp-ms:ms 3201 3202 3203 3204 3205 3206 1 3207 3208 *Kye^$$1#gb91U04zpa! 3209 hmac-sha-256-128 3210 3211 3212 3213 3214 3215 1000 3216 3217 3218 1 3219 3220 3222 laddr:ipv6-prefix-afi 3224 3225 2001:db8:400:0:100::/80 3226 3227 3228 3229 3230 3231 2000 3232 3233 3234 1 3235 3236 3238 laddr:ipv6-prefix-afi 3239 3240 2001:db8:800:0:200::/80 3241 3242 3243 3244 3245 3246 3247 3248 3249 3250 3251 3253 8. Acknowledgments 3255 The tree view and the YANG model shown in this document have been 3256 formated with the 'pyang' tool. 3258 9. IANA Considerations 3260 The IANA is requested to as assign a new namespace URI from the IETF 3261 XML registry. 3263 This document registers the following namesace URIs in the IETF XML 3264 registry [RFC3688]: 3266 -------------------------------------------------------------------- 3268 URI: urn:ietf:params:xml:ns:yang:ietf-lisp 3269 Registrant Contact: The IESG. 3271 XML: N/A, the requested URI is an XML namespace. 3273 -------------------------------------------------------------------- 3275 -------------------------------------------------------------------- 3277 URI: urn:ietf:params:xml:ns:yang:ietf-lisp-itr 3279 Registrant Contact: The IESG. 3281 XML: N/A, the requested URI is an XML namespace. 3283 -------------------------------------------------------------------- 3285 -------------------------------------------------------------------- 3287 URI: urn:ietf:params:xml:ns:yang:ietf-lisp-etr 3289 Registrant Contact: The IESG. 3291 XML: N/A, the requested URI is an XML namespace. 3293 -------------------------------------------------------------------- 3295 -------------------------------------------------------------------- 3297 URI: urn:ietf:params:xml:ns:yang:ietf-lisp-mapserver 3299 Registrant Contact: The IESG. 3301 XML: N/A, the requested URI is an XML namespace. 3303 -------------------------------------------------------------------- 3305 -------------------------------------------------------------------- 3307 URI: urn:ietf:params:xml:ns:yang:ietf-lisp-mapresolver 3309 Registrant Contact: The IESG. 3311 XML: N/A, the requested URI is an XML namespace. 3313 -------------------------------------------------------------------- 3315 -------------------------------------------------------------------- 3316 URI: urn:ietf:params:xml:ns:yang:ietf-lisp-address-types 3318 Registrant Contact: The IESG. 3320 XML: N/A, the requested URI is an XML namespace. 3322 -------------------------------------------------------------------- 3324 10. Security Considerations 3326 The YANG modules specified in this document define a schema for data 3327 that is designed to be accessed via network management protocols such 3328 as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer 3329 is the secure transport layer, and the mandatory-to-implement secure 3330 transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer 3331 is HTTPS, and the mandatory-to-implement secure transport is TLS 3332 [RFC8446]. 3334 The NETCONF access control model [RFC8341] provides the means to 3335 restrict access for particular NETCONF or RESTCONF users to a pre- 3336 configured subset of all available NETCONF or RESTCONF protocol 3337 operations and content. 3339 The security considerations of LISP control-plane [RFC6833] and LISP 3340 data-plane [RFC6830] as well as the LISP threat analysis [RFC7835] 3341 apply to this YANG model. 3343 There are a number of data nodes defined in this YANG module that are 3344 writable/creatable/deletable (i.e., config true, which is the 3345 default). These data nodes may be considered sensitive or vulnerable 3346 in some network environments. Write operations (e.g., edit-config) 3347 to these data nodes without proper protection can have a negative 3348 effect on network operations. These are the subtrees and data nodes 3349 and their sensitivity/vulnerability: 3351 /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol/ 3352 lisp:lisp/ 3354 Access to the locator-sets node may modify which interfaces are used 3355 for data and/or control traffic as well as affect the load balancing 3356 of data-plane traffic. Access to the lisp-role node may prevent the 3357 device from perform its intended data-plane and/or control-plane 3358 operation. Access to the router-id node allows to modify the unique 3359 identifier of the device, which may result in disruption of its LISP 3360 control-plane operation. Access to the virtual-networks node may 3361 allow to redirect data-plane traffic to erroneous local or remote 3362 network instances. 3364 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3365 protocol/lisp:lisp/lisp:map-server 3367 Access to the sites node can prevent authorized devices from 3368 registering mappings in the Map-Server and/or allow unauthorized 3369 devices to so. Access to the virtual-network-ids node can result in 3370 corrupted mapping sate that may propagate across the LISP network, 3371 potentially resulting in forwarding of data-plane traffic to 3372 arbitrary destinations and general disruption of the data-plane 3373 operation. Access to mapping-system-type and/or ddt-mapping-system 3374 nodes may prevent the device to connect to the Mapping System 3375 infrastructure and consequentially to attract Map-Request messages. 3377 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3378 protocol/lisp:lisp/lisp:map-resolver 3380 Access to mapping-system-type, ms-address and/or ddt-mapping-system 3381 nodes may prevent the device to connect to the Mapping System 3382 infrastructure and forward Map-Request messages. 3384 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3385 protocol/lisp:lisp/lisp:itr 3387 Access to the rloc-probing node can increase the control-plane 3388 overhead in the device or affect the capability of the device to 3389 detect failures on the underlay. Access to the itr-rlocs node may 3390 prevent the device from getting Map-Reply messages. Access to the 3391 map-resolvers node can prevent the device from sending its Map- 3392 Request messages to valid Map-Resolvers. Access to the proxy-etrs 3393 nodes can affect the capability of the device to send data-plane 3394 traffic towards non-LISP destinations. Access to the map-cache node 3395 can result in forwarding of data-plane traffic to arbitrary 3396 destinations and general disruption of data-plane operation. 3398 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3399 protocol/lisp:lisp/lisp:etr 3401 Access to the map-servers node can prevent the device from 3402 registering its local mappings into the Mapping System. Access to 3403 the local-eids node can disrupt data-plane operation on the device 3404 and/or result in the device registering corrupted mappings into the 3405 Mapping System. 3407 Some of the readable data nodes in this YANG module may be considered 3408 sensitive or vulnerable in some network environments. It is thus 3409 important to control read access (e.g., via get, get-config, or 3410 notification) to these data nodes. These are the subtrees and data 3411 nodes and their sensitivity/vulnerability: 3413 /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol/ 3414 lisp:lisp 3416 Access to the locator-sets node can expose the locators the device is 3417 using for its control and/or data operation. Access to the lisp-role 3418 node can disclose the LISP roles instantiated at the device which 3419 facilitates mounting attacks against the device. Access to the 3420 router-id node can expose the unique identifier of device which may 3421 allow a third party to track its control-plane operation and/or 3422 impersonate the device. Access to the virtual-networks node can leak 3423 the local mapping between LISP Instance IDs and local network 3424 instances. 3426 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3427 protocol/lisp:lisp/lisp:map-server 3429 Access to the sites node can expose the credentials used to register 3430 mappings and allow unauthorized devices to do so. Access to the 3431 virtual-network-ids node can expose the mappings currently registered 3432 in the device, which has privacy implications. Access to the 3433 mapping-system-type node may reveal the Mapping System in use which 3434 can be used to mount attacks against the device and/or the Mapping 3435 System. Access to the summary and counters nodes may expose 3436 operational statistics of the device. 3438 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3439 protocol/lisp:lisp/lisp:map-resolver 3441 Access to the mapping-system-type node may reveal the Mapping System 3442 in use which can be used to mount attacks against the device and/or 3443 the Mapping System. Access to the ms-address and/or ddt-mapping- 3444 system nodes can leak the information about the Mapping System 3445 infrastructure used by the device, which can be used to block 3446 communication and/or mount attacks against it. 3448 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3449 protocol/lisp:lisp/lisp:itr 3451 Access to the rloc-probing node can expose if and how the device is 3452 using control-plane signaling to probe underlay locators. Access to 3453 the itr-rlocs node may disclose the addresses the device is using to 3454 receive Map-Reply messages. Access to the map-resolvers node can 3455 expose the Map-Resolvers used by the device, which can be used to 3456 mount attacks against the device and/or the Mapping System. Access 3457 to the proxy-etrs node can disclose the PETRs used by the device, 3458 which can be used to mount attacks against the device and/or PETRs. 3459 Access to the map-cache node can expose the mappings currently cached 3460 in the device, which has privacy implications. 3462 /rt:routing/rt:control-plane-protocols/rt:control-plane- 3463 protocol/lisp:lisp/lisp:etr 3465 Access to the map-servers node can expose the credentials used by the 3466 device to register mappings into the Mapping System allowing an 3467 unauthorized device to impersonate and register mappings on behalf 3468 the authorized device. Access to the local-eids node can expose the 3469 local EIDs currently being served by the device, which has privacy 3470 implications. 3472 11. Normative References 3474 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 3475 Requirement Levels", BCP 14, RFC 2119, 3476 DOI 10.17487/RFC2119, March 1997, 3477 . 3479 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 3480 DOI 10.17487/RFC3688, January 2004, 3481 . 3483 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 3484 and A. Bierman, Ed., "Network Configuration Protocol 3485 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 3486 . 3488 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 3489 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 3490 . 3492 [RFC6830] Farinacci, D., Fuller, V., Meyer, D., and D. Lewis, "The 3493 Locator/ID Separation Protocol (LISP)", RFC 6830, 3494 DOI 10.17487/RFC6830, January 2013, 3495 . 3497 [RFC6832] Lewis, D., Meyer, D., Farinacci, D., and V. Fuller, 3498 "Interworking between Locator/ID Separation Protocol 3499 (LISP) and Non-LISP Sites", RFC 6832, 3500 DOI 10.17487/RFC6832, January 2013, 3501 . 3503 [RFC6833] Fuller, V. and D. Farinacci, "Locator/ID Separation 3504 Protocol (LISP) Map-Server Interface", RFC 6833, 3505 DOI 10.17487/RFC6833, January 2013, 3506 . 3508 [RFC6836] Fuller, V., Farinacci, D., Meyer, D., and D. Lewis, 3509 "Locator/ID Separation Protocol Alternative Logical 3510 Topology (LISP+ALT)", RFC 6836, DOI 10.17487/RFC6836, 3511 January 2013, . 3513 [RFC7835] Saucez, D., Iannone, L., and O. Bonaventure, "Locator/ID 3514 Separation Protocol (LISP) Threat Analysis", RFC 7835, 3515 DOI 10.17487/RFC7835, April 2016, 3516 . 3518 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 3519 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 3520 . 3522 [RFC8060] Farinacci, D., Meyer, D., and J. Snijders, "LISP Canonical 3523 Address Format (LCAF)", RFC 8060, DOI 10.17487/RFC8060, 3524 February 2017, . 3526 [RFC8111] Fuller, V., Lewis, D., Ermagan, V., Jain, A., and A. 3527 Smirnov, "Locator/ID Separation Protocol Delegated 3528 Database Tree (LISP-DDT)", RFC 8111, DOI 10.17487/RFC8111, 3529 May 2017, . 3531 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 3532 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 3533 May 2017, . 3535 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 3536 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 3537 . 3539 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration 3540 Access Control Model", STD 91, RFC 8341, 3541 DOI 10.17487/RFC8341, March 2018, 3542 . 3544 [RFC8349] Lhotka, L., Lindem, A., and Y. Qu, "A YANG Data Model for 3545 Routing Management (NMDA Version)", RFC 8349, 3546 DOI 10.17487/RFC8349, March 2018, 3547 . 3549 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 3550 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 3551 . 3553 Authors' Addresses 3555 Vina Ermagan 3556 Cisco Systems 3557 San Jose, CA 3558 USA 3560 Email: vermagan@cisco.com 3562 Alberto Rodriguez-Natal 3563 Cisco Systems 3564 San Jose, CA 3565 USA 3567 Email: natal@cisco.com 3569 Florin Coras 3570 Cisco Systems 3571 San Jose, CA 3572 USA 3574 Email: fcoras@cisco.com 3576 Carl Moberg 3577 Cisco Systems 3578 San Jose, CA 3579 USA 3581 Email: camoberg@cisco.com 3583 Reshad Rahman 3584 Cisco Systems 3585 Canada 3587 Email: rrahman@cisco.com 3589 Albert Cabellos-Aparicio 3590 Technical University of Catalonia 3591 Barcelona 3592 Spain 3594 Email: acabello@ac.upc.edu 3595 Fabio Maino 3596 Cisco Systems 3597 San Jose, CA 3598 USA 3600 Email: fmaino@cisco.com