idnits 2.17.00 (12 Aug 2021) /tmp/idnits56278/draft-ietf-rtgwg-yang-vrrp-09.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- -- The document has examples using IPv4 documentation addresses according to RFC6890, but does not use any IPv6 documentation addresses. Maybe there should be IPv6 examples, too? Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 210 has weird spacing: '...address ine...' == Line 228 has weird spacing: '...address ine...' == Line 273 has weird spacing: '...address ine...' == Line 314 has weird spacing: '...address ine...' == Line 366 has weird spacing: '...address ine...' == (13 more instances...) -- The document date (January 9, 2018) is 1593 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 5246 (Obsoleted by RFC 8446) ** Obsolete normative reference: RFC 6536 (Obsoleted by RFC 8341) == Outdated reference: draft-ietf-netmod-rfc7223bis has been published as RFC 8343 == Outdated reference: draft-ietf-netmod-rfc7277bis has been published as RFC 8344 == Outdated reference: draft-ietf-netmod-revised-datastores has been published as RFC 8342 -- Obsolete informational reference (is this intentional?): RFC 3768 (Obsoleted by RFC 5798) == Outdated reference: draft-ietf-netconf-subscribed-notifications has been published as RFC 8639 == Outdated reference: draft-ietf-netconf-yang-push has been published as RFC 8641 == Outdated reference: draft-ietf-netmod-rfc6087bis has been published as RFC 8407 == Outdated reference: draft-ietf-netmod-yang-tree-diagrams has been published as RFC 8340 Summary: 2 errors (**), 0 flaws (~~), 14 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group X. Liu, Ed. 3 Internet-Draft A. Kyparlis 4 Intended status: Standards Track Jabil 5 Expires: July 13, 2018 R. Parikh 6 VMware 7 A. Lindem 8 Cisco Systems 9 M. Zhang 10 Huawei Technologies 11 January 9, 2018 13 A YANG Data Model for Virtual Router Redundancy Protocol (VRRP) 14 draft-ietf-rtgwg-yang-vrrp-09 16 Abstract 18 This document describes a data model for Virtual Router Redundancy 19 Protocol (VRRP). Both version 2 and version 3 of VRRP are covered. 21 Status of This Memo 23 This Internet-Draft is submitted in full conformance with the 24 provisions of BCP 78 and BCP 79. 26 Internet-Drafts are working documents of the Internet Engineering 27 Task Force (IETF). Note that other groups may also distribute 28 working documents as Internet-Drafts. The list of current Internet- 29 Drafts is at http://datatracker.ietf.org/drafts/current/. 31 Internet-Drafts are draft documents valid for a maximum of six months 32 and may be updated, replaced, or obsoleted by other documents at any 33 time. It is inappropriate to use Internet-Drafts as reference 34 material or to cite them other than as "work in progress." 36 This Internet-Draft will expire on July 13, 2018. 38 Copyright Notice 40 Copyright (c) 2018 IETF Trust and the persons identified as the 41 document authors. All rights reserved. 43 This document is subject to BCP 78 and the IETF Trust's Legal 44 Provisions Relating to IETF Documents 45 (http://trustee.ietf.org/license-info) in effect on the date of 46 publication of this document. Please review these documents 47 carefully, as they describe your rights and restrictions with respect 48 to this document. Code Components extracted from this document must 49 include Simplified BSD License text as described in Section 4.e of 50 the Trust Legal Provisions and are provided without warranty as 51 described in the Simplified BSD License. 53 Table of Contents 55 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 56 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 2 57 1.2. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 3 58 1.3. Prefixes in Data Node Names . . . . . . . . . . . . . . . 3 59 2. Design of the Data Model . . . . . . . . . . . . . . . . . . 3 60 2.1. Scope of the Model . . . . . . . . . . . . . . . . . . . 3 61 2.2. Relations with Interface Model and IP Model . . . . . . . 4 62 2.3. Protocol Configuration . . . . . . . . . . . . . . . . . 5 63 2.4. Protocol States . . . . . . . . . . . . . . . . . . . . . 6 64 2.5. Notifications . . . . . . . . . . . . . . . . . . . . . . 8 65 3. YANG Module . . . . . . . . . . . . . . . . . . . . . . . . . 10 66 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 32 67 5. Security Considerations . . . . . . . . . . . . . . . . . . . 32 68 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 33 69 6.1. Normative References . . . . . . . . . . . . . . . . . . 33 70 6.2. Informative References . . . . . . . . . . . . . . . . . 35 71 Appendix A. Complete Model Tree Structure . . . . . . . . . . . 36 72 Appendix B. Data Tree Example . . . . . . . . . . . . . . . . . 38 73 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 42 75 1. Introduction 77 This document introduces a YANG [RFC6020][RFC7950] data model for 78 Virtual Router Redundancy Protocol (VRRP) [RFC3768] [RFC5798]. VRRP 79 provides higher resiliency by specifying an election protocol that 80 dynamically assigns responsibility for a virtual router to one of the 81 VRRP routers on a LAN. 83 This YANG model supports both version 2 and version 3 of VRRP. VRRP 84 version 2 defined in [RFC3768] supports IPv4. VRRP version 3 defined 85 in [RFC5798] supports both IPv4 and IPv6. 87 1.1. Terminology 89 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 90 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 91 document are to be interpreted as described in [RFC2119]. 93 The following terms are defined in [RFC7950] and are not redefined 94 here: 96 o augment 97 o data model 99 o data node 101 1.2. Tree Diagrams 103 A simplified graphical representation of the data model is used in 104 this document. The meaning of the symbols in these diagrams is 105 defined in [I-D.ietf-netmod-yang-tree-diagrams]. 107 1.3. Prefixes in Data Node Names 109 In this document, names of data nodes, actions, and other data model 110 objects are often used without a prefix, as long as it is clear from 111 the context in which YANG module each name is defined. Otherwise, 112 names are prefixed using the standard prefix associated with the 113 corresponding YANG module, as shown in Table 1. 115 +--------+-----------------+------------------------------+ 116 | Prefix | YANG module | Reference | 117 +--------+-----------------+------------------------------+ 118 | yang | ietf-yang-types | [RFC6991] | 119 | inet | ietf-inet-types | [RFC6991] | 120 | if | ietf-interfaces | [I-D.ietf-netmod-rfc7223bis] | 121 | ip | ietf-ip | [I-D.ietf-netmod-rfc7277bis] | 122 +--------+-----------------+------------------------------+ 124 Table 1: Prefixes and Corresponding YANG Modules 126 2. Design of the Data Model 128 2.1. Scope of the Model 130 The model covers VRRP version 2 [RFC3768] and VRRP version 3 131 [RFC5798] protocols. The model is designed to be implemented on a 132 device where VRRP version 2 or version 3 is implemented. With the 133 help of a proper management protocol, the defined model can be used 134 to: 136 o Configure the VRRP version 2 or version 3 protocol. 138 o Manage the protocol operational behavior. 140 o Retrieve the protocol operational status. 142 o Receive the protocol notifications. 144 2.2. Relations with Interface Model and IP Model 146 This model augments the interface data model "ietf-interfaces" 147 [I-D.ietf-netmod-rfc7223bis] and the IP management model "ietf-ip" 148 [I-D.ietf-netmod-rfc7277bis]. The augmentation relations are shown 149 as follows: 151 module: ietf-interfaces 152 +--rw interfaces 153 +--rw interface* [name] 154 ... 155 +--rw ip:ipv4! 156 | +--rw ip:address* [ip] 157 ... 158 | +--rw vrrp:vrrp 159 | +--rw vrrp:vrrp-instance* [vrid] 160 | +--rw vrrp:vrid uint8 161 | +--rw vrrp:virtual-ipv4-addresses 162 ... 163 +--rw ip:ipv6! 164 +--rw ip:address* [ip] 165 ... 166 +--rw vrrp:vrrp 167 +--rw vrrp:vrrp-instance* [vrid] 168 +--rw vrrp:vrid uint8 169 +--rw vrrp:virtual-ipv6-addresses 170 ... 172 In the above figure, a tree node without a prefix is from the model 173 "ietf-interfaces". A tree node with prefix "ip:" is from the model 174 "ietf-ip". A tree node with prefix "vrrp:" is from the VRRP model 175 specified in this document. 177 The "vrrp" container contains a list of vrrp-instance nodes, which 178 are instantiated under an interface for a specified address family 179 (IPv4 or IPv6). 181 Each vrrp-instance node represents a VRRP router state machine 182 described in Section 6.4 of [RFC5798], providing the configuration 183 and state information for the election process of a virtual router. 184 The IP addresses on the augmented interface are the real addresses 185 through which the VRRP router operates. The IPv4 or IPv6 address(es) 186 associated with a virtual router (described in Section 1 of 187 [RFC5798]) are modeled as a list of IPv4 or IPv6 addresses under the 188 vrrp-instance. 190 2.3. Protocol Configuration 192 The model structure for the protocol configuration is as shown below: 194 augment /if:interfaces/if:interface/ip:ipv4: 195 +--rw vrrp 196 +--rw vrrp-instance* [vrid] 197 +--rw vrid uint8 198 | ... 199 +--rw track 200 | +--rw interfaces 201 | | +--rw interface* [interface] 202 | | +--rw interface if:interface-ref 203 | | ... 204 | +--rw networks 205 | +--rw network* [prefix] 206 | +--rw prefix inet:ipv4-prefix 207 | ... 208 +--rw virtual-ipv4-addresses 209 +--rw virtual-ipv4-address* [ipv4-address] 210 +--rw ipv4-address inet:ipv4-address 212 augment /if:interfaces/if:interface/ip:ipv6: 213 +--rw vrrp 214 +--rw vrrp-instance* [vrid] 215 +--rw vrid uint8 216 | ... 217 +--rw track 218 | +--rw interfaces 219 | | +--rw interface* [interface] 220 | | +--rw interface if:interface-ref 221 | | ... 222 | +--rw networks 223 | +--rw network* [prefix] 224 | +--rw prefix inet:ipv6-prefix 225 | ... 226 +--rw virtual-ipv6-addresses 227 +--rw virtual-ipv6-address* [ipv6-address] 228 +--rw ipv6-address inet:ipv6-address 230 The model allows to configure the following protocol entities: 232 o VRRP instance (version 2 or version 3), representing a VRRP 233 router. 235 o Virtual IPv4 or IPv6 address associated with a virtual router. 237 o Tracking interface, to detect interface connectivity failures. 239 o Tracking network, to detect interface connectivity failures. 241 2.4. Protocol States 243 The model structure for the protocol states is as shown below: 245 module: ietf-vrrp 246 +--ro vrrp 247 | // global operational states 248 +--ro virtual-routers? uint32 249 +--ro interfaces? uint32 250 +--ro statistics // global statistics 251 +--ro discontinuity-datetime? yang:date-and-time 252 +--ro checksum-errors? yang:counter64 253 +--ro version-errors? yang:counter64 254 +--ro vrid-errors? yang:counter64 255 +--ro ip-ttl-errors? yang:counter64 257 augment /if:interfaces/if:interface/ip:ipv4: 258 +--rw vrrp 259 +--rw vrrp-instance* [vrid] 260 +--rw vrid uint8 261 | ... 262 +--rw track 263 | +--rw interfaces 264 | | +--rw interface* [interface] 265 | | +--rw interface if:interface-ref 266 | | ... 267 | +--rw networks 268 | +--rw network* [prefix] 269 | +--rw prefix inet:ipv4-prefix 270 | ... 271 +--rw virtual-ipv4-addresses 272 | +--rw virtual-ipv4-address* [ipv4-address] 273 | +--rw ipv4-address inet:ipv4-address 274 | 275 | // per instance operational states 276 +--ro state? identityref 277 +--ro is-owner? boolean 278 +--ro last-adv-source? inet:ip-address 279 +--ro up-datetime? yang:date-and-time 280 +--ro master-down-interval? uint32 281 +--ro skew-time? uint32 282 +--ro last-event? identityref 283 +--ro new-master-reason? new-master-reason-type 284 +--ro statistics // per instance statistics 285 +--ro discontinuity-datetime? yang:date-and-time 286 +--ro master-transitions? yang:counter32 287 +--ro advertisement-recv? yang:counter64 288 +--ro advertisement-sent? yang:counter64 289 +--ro interval-errors? yang:counter64 290 | {validate-interval-errors}? 291 +--ro priority-zero-pkts-rcvd? yang:counter64 292 +--ro priority-zero-pkts-sent? yang:counter64 293 +--ro invalid-type-pkts-rcvd? yang:counter64 294 +--ro address-list-errors? yang:counter64 295 | {validate-address-list-errors}? 296 +--ro packet-length-errors? yang:counter64 298 augment /if:interfaces/if:interface/ip:ipv6: 299 +--rw vrrp 300 +--rw vrrp-instance* [vrid] 301 +--rw vrid uint8 302 + ... 303 +--rw track 304 | +--rw interfaces 305 | | +--rw interface* [interface] 306 | | +--rw interface if:interface-ref 307 | | ... 308 | +--rw networks 309 | +--rw network* [prefix] 310 | +--rw prefix inet:ipv6-prefix 311 | ... 312 +--rw virtual-ipv6-addresses 313 | +--rw virtual-ipv6-address* [ipv6-address] 314 | +--rw ipv6-address inet:ipv6-address 315 | 316 | // per instance operational states 317 +--ro state? identityref 318 +--ro is-owner? boolean 319 +--ro last-adv-source? inet:ip-address 320 +--ro up-datetime? yang:date-and-time 321 +--ro master-down-interval? uint32 322 +--ro skew-time? uint32 323 +--ro last-event? identityref 324 +--ro new-master-reason? new-master-reason-type 325 +--ro statistics // per instance statistics 326 +--ro discontinuity-datetime? yang:date-and-time 327 +--ro master-transitions? yang:counter32 328 +--ro advertisement-recv? yang:counter64 329 +--ro advertisement-sent? yang:counter64 330 +--ro interval-errors? yang:counter64 331 | {validate-interval-errors}? 332 +--ro priority-zero-pkts-rcvd? yang:counter64 333 +--ro priority-zero-pkts-sent? yang:counter64 334 +--ro invalid-type-pkts-rcvd? yang:counter64 335 +--ro address-list-errors? yang:counter64 336 | {validate-address-list-errors}? 337 +--ro packet-length-errors? yang:counter64 339 This model conforms to the Network Management Datastore Architecture 340 (NMDA) [I-D.ietf-netmod-revised-datastores]. The operational state 341 data is combined with the associated configuration data in the same 342 hierarchy [I-D.ietf-netmod-rfc6087bis]. When protocol states are 343 retrieved from the NMDA operational state datastore, the returned 344 states cover all "config true" (rw) and "config false" (ro) nodes 345 defined in the schema. 347 The model allows to retrieve protocol states at the following levels: 349 o VRRP instance (version 2 or version 3), representing a VRRP 350 router. 352 o Virtual IPv4 or IPv6 address associated with a virtual router. 354 o Tracking interface, to detect interface connectivity failures. 356 o Tracking network, to detect interface connectivity failures. 358 o Global states and statistics summarizing all instances. 360 2.5. Notifications 362 This model defines the following VRRP specific notifications: 364 notifications: 365 +---n vrrp-new-master-event 366 | +--ro master-ip-address inet:ip-address 367 | +--ro new-master-reason new-master-reason-type 368 +---n vrrp-protocol-error-event 369 | +--ro protocol-error-reason identityref 370 +---n vrrp-virtual-router-error-event 371 +--ro interface if:interface-ref 372 +--ro (ip-version) 373 | +--:(ipv4) 374 | | +--ro ipv4 375 | | +--ro vrid leafref 376 | +--:(ipv6) 377 | +--ro ipv6 378 | +--ro vrid leafref 379 +--ro virtual-router-error-reason identityref 381 Each notification type is used to indicate a type of VRRP state 382 changes or error occurances: 384 vrrp-new-master-event 385 VRRP new master event, indicating that a new master has been 386 elected. 388 vrrp-protocol-error-event 389 VRRP protocol error event for a message that fails to reach a VRRP 390 instance to be processed. 392 vrrp-virtual-router-error-event 393 VRRP virtual router error event for a message processed on a VRRP 394 instance. 396 In addition to the notifications specified above, the mechanism 397 defined in [I-D.ietf-netconf-subscribed-notifications] and 398 [I-D.ietf-netconf-yang-push] can be used for other general 399 notifications. This mechanism currently allows the user to: 401 o Subscribe notifications on a per client basis. 403 o Specify subtree filters or xpath filters so that only interested 404 contents will be sent. 406 o Specify either periodic or on-demand notifications. 408 3. YANG Module 410 file "ietf-vrrp@2018-01-09.yang" 411 module ietf-vrrp { 412 yang-version 1.1; 413 namespace "urn:ietf:params:xml:ns:yang:ietf-vrrp"; 414 prefix "vrrp"; 416 import ietf-inet-types { 417 prefix "inet"; 418 } 420 import ietf-yang-types { 421 prefix "yang"; 422 } 424 import ietf-interfaces { 425 prefix "if"; 426 } 428 import ietf-ip { 429 prefix "ip"; 430 } 432 organization 433 "IETF Routing Area Working Group (RTGWG)"; 434 contact 435 "WG Web: 436 WG List: 438 Editor: Xufeng Liu 439 441 Editor: Athanasios Kyparlis 442 444 Editor: Ravi Parikh 445 447 Editor: Acee Lindem 448 450 Editor: Mingui Zhang 451 "; 453 description 454 "This YANG module defines a model for managing Virtual Router 455 Redundancy Protocol (VRRP) version 2 and version 3. 457 Copyright (c) 2018 IETF Trust and the persons identified as 458 authors of the code. All rights reserved. 460 Redistribution and use in source and binary forms, with or 461 without modification, is permitted pursuant to, and subject to 462 the license terms contained in, the Simplified BSD License set 463 forth in Section 4.c of the IETF Trust's Legal Provisions 464 Relating to IETF Documents 465 (http://trustee.ietf.org/license-info). 467 This version of this YANG module is part of RFC XXXX; see the 468 RFC itself for full legal notices."; 470 revision 2018-01-09 { 471 description "Initial revision"; 472 reference 473 "RFC XXXX: A YANG Data Model for Virtual Router Redundancy 474 Protocol (VRRP). 475 RFC 2787: Definitions of Managed Objects for the Virtual 476 Router Redundancy Protocol. 477 RFC 3768: Virtual Router Redundancy Protocol (VRRP). 478 RFC 5798: Virtual Router Redundancy Protocol (VRRP) Version 3. 479 RFC 6527: Definitions of Managed Objects for the Virtual 480 Router Redundancy Protocol Version 3 (VRRPv3)."; 481 } 483 /* 484 * Features 485 */ 487 feature validate-interval-errors { 488 description 489 "This feature indicates that the system validates that 490 the advertisement interval from advertisement packets 491 received is the same as the one configured for the local 492 VRRP router."; 493 } 495 feature validate-address-list-errors { 496 description 497 "This feature indicates that the system validates that 498 the address list from received packets matches the 499 locally configured list for the VRRP router."; 500 } 502 /* 503 * Typedefs 504 */ 506 typedef new-master-reason-type { 507 type enumeration { 508 enum not-master { 509 description 510 "The virtual router has never transitioned to master 511 state,"; 512 } 513 enum priority { 514 description "Priority was higher."; 515 } 516 enum preempted { 517 description "The master was preempted."; 518 } 519 enum no-response { 520 description "Previous master did not respond."; 521 } 522 } 523 description 524 "The reason for the virtual router to transition to master 525 state."; 526 } // new-master-reason-type 528 /* 529 * Identities 530 */ 532 /* vrrp-event-type identity and its derivatives. */ 533 identity vrrp-event-type { 534 description 535 "The type to indicate the type of a VRRP protocol event."; 536 } 537 identity vrrp-event-none { 538 base vrrp-event-type; 539 description 540 "Indicates a non-meaningful event."; 541 } 542 identity vrrp-event-startup { 543 base vrrp-event-type; 544 description 545 "Indicates that a VRRP router has initiated the protocol."; 546 } 547 identity vrrp-event-shutdown { 548 base vrrp-event-type; 549 description 550 "Indicates that a VRRP router has closed down the protocol."; 552 } 553 identity vrrp-event-higher-priority-backup { 554 base vrrp-event-type; 555 description 556 "Indicates that a backup router has a higher priority than 557 the current master."; 558 } 559 identity vrrp-event-master-timeout { 560 base vrrp-event-type; 561 description 562 "Indicates that the current master has not sent an 563 advertisement within the limit of master-down-interval."; 564 } 565 identity vrrp-event-interface-up { 566 base vrrp-event-type; 567 description 568 "Indicates that the VRRP enabled interface has become 569 operational up."; 570 } 571 identity vrrp-event-interface-down { 572 base vrrp-event-type; 573 description 574 "Indicates that the VRRP enabled interface has become 575 operational down."; 576 } 577 identity vrrp-event-no-primary-ip-address { 578 base vrrp-event-type; 579 description 580 "Indicates that the primary IP address on the VRRP enabled 581 interface has become unavailable."; 582 } 583 identity vrrp-event-primary-ip-address { 584 base vrrp-event-type; 585 description 586 "Indicates that the primary IP address on the VRRP enabled 587 interface has become available."; 588 } 589 identity vrrp-event-no-virtual-ip-addresses { 590 base vrrp-event-type; 591 description 592 "Indicates that there are no virtual IP addresses on the 593 virtual router."; 594 } 595 identity vrrp-event-virtual-ip-addresses { 596 base vrrp-event-type; 597 description 598 "Indicates that there are virtual IP addresses on the 599 virtual router."; 601 } 602 identity vrrp-event-preempt-hold-timeout { 603 base vrrp-event-type; 604 description 605 "Indicates that the configured preemption hold time has 606 passed."; 607 } 608 identity vrrp-event-lower-priority-master { 609 base vrrp-event-type; 610 description 611 "Indicates that there is a lower priority VRRP master."; 612 } 613 identity vrrp-event-owner-preempt { 614 base vrrp-event-type; 615 description 616 "Indicates that the owner has preempted another router to 617 become the master."; 618 } 620 /* vrrp-error-global identity and its derivatives. */ 621 identity vrrp-error-global { 622 description 623 "The type to indicate the type of a VRRP error that occurs 624 for a packet before it reaches a VRRP router."; 625 } 626 identity checksum-error { 627 base vrrp-error-global; 628 description 629 "A packet has been received with an invalid VRRP checksum 630 value."; 631 } 632 identity ip-ttl-error { 633 base vrrp-error-global; 634 description 635 "A packet has been received with IP TTL (Time-To-Live) 636 not equal to 255."; 637 } 638 identity version-error { 639 base vrrp-error-global; 640 description 641 "A packet has been received with an unknown or unsupported 642 version number."; 643 } 644 identity vrid-error { 645 base vrrp-error-global; 646 description 647 "A packet has been received with a VRID that is not valid 648 for any virtual router on this router."; 650 } 652 /* vrrp-error-virtual-router identity and its derivatives. */ 653 identity vrrp-error-virtual-router { 654 description 655 "The type to indicate the type of a VRRP error that occurs 656 after a packet reaches a VRRP router."; 657 } 658 identity address-list-error { 659 base vrrp-error-virtual-router; 660 description 661 "A packet has been received with an address list that 662 does not match the locally configured address list for 663 the virtual router."; 664 } 665 identity interval-error { 666 base vrrp-error-virtual-router; 667 description 668 "A packet has been received with an advertisement 669 interval different than the one configured for the local 670 virtual router"; 671 } 672 identity packet-length-error { 673 base vrrp-error-virtual-router; 674 description 675 "A packet has been received with a packet length less 676 than the length of the VRRP header."; 677 } 679 /* vrrp-state-type identity and its derivatives. */ 680 identity vrrp-state-type { 681 description 682 "The type to indicate the state of a virtual router."; 683 } 684 identity initialize { 685 base vrrp-state-type; 686 description 687 "Indicates that the virtual router is waiting 688 for a startup event."; 689 } 690 identity backup { 691 base vrrp-state-type; 692 description 693 "Indicates that the virtual router is monitoring the 694 availability of the master router."; 695 } 696 identity master { 697 base vrrp-state-type; 698 description 699 "Indicates that the virtual router is forwarding 700 packets for IP addresses that are associated with 701 this virtual router."; 702 } 704 /* vrrp-version identity and its derivatives. */ 705 identity vrrp-version { 706 description 707 "The version of the VRRP protocol."; 708 } 709 identity vrrp-v2 { 710 base vrrp-version; 711 description 712 "Indicates version 2 of the VRRP protocol."; 713 } 714 identity vrrp-v3 { 715 base vrrp-version; 716 description 717 "Indicates version 3 of the VRRP protocol."; 718 } 720 /* 721 * Groupings 722 */ 724 grouping vrrp-common-attributes { 725 description 726 "Group of VRRP attributes common to version 2 and version 3"; 728 leaf vrid { 729 type uint8 { 730 range 1..255; 731 } 732 description "Virtual router ID."; 733 } 735 leaf version { 736 type identityref { 737 base vrrp:vrrp-version; 738 } 739 mandatory true; 740 description "Version 2 or version 3 of VRRP."; 741 } 743 leaf log-state-change { 744 type boolean; 745 default "false"; 746 description 747 "Generates VRRP state change messages each time the VRRP 748 instance changes state (from up to down or down to up)."; 749 } 751 container preempt { 752 description 753 "Enables a higher priority Virtual Router Redundancy 754 Protocol (VRRP) backup router to preempt a lower priority 755 VRRP master."; 756 leaf enabled { 757 type boolean; 758 default "true"; 759 description 760 "'true' if preemption is enabled."; 761 } 762 leaf hold-time { 763 type uint16; 764 units seconds; 765 default 0; 766 description 767 "Hold time, in seconds, for which a higher priority VRRP 768 backup router must wait before preempting a lower priority 769 VRRP master."; 770 } 771 } 773 leaf priority { 774 type uint8 { 775 range 1..254; 776 } 777 default 100; 778 description 779 "Configures the Virtual Router Redundancy Protocol (VRRP) 780 election priority for the backup virtual router."; 781 } 783 leaf accept-mode { 784 when "derived-from-or-self(current()/../version, 'vrrp-v3')" { 785 description "Applicable only to version 3."; 786 } 787 type boolean; 788 default "false"; 789 description 790 "Controls whether a virtual router in Master state will 791 accept packets addressed to the address owner's IPvX address 792 as its own if it is not the IPvX address owner. The default 793 is false. Deployments that rely on, for example, pinging the 794 address owner's IPvX address may wish to configure 795 accept-mode to true. 797 Note: IPv6 Neighbor Solicitations and Neighbor 798 Advertisements MUST NOT be dropped when accept-mode is 799 false."; 800 } 801 } // vrrp-common-attributes 803 grouping vrrp-ipv4-attributes { 804 description 805 "Group of VRRP attributes for IPv4."; 807 uses vrrp-common-attributes; 809 choice advertise-interval-choice { 810 description 811 "The options for the advertisement interval at which VRRPv2 812 or VRRPv3 advertisements are sent from the specified 813 interface."; 815 case v2 { 816 when "derived-from-or-self(version, 'vrrp-v2')" { 817 description "Applicable only to version 2."; 818 } 819 leaf advertise-interval-sec { 820 type uint8 { 821 range 1..254; 822 } 823 units seconds; 824 default 1; 825 description 826 "Configures the interval that Virtual Router 827 Redundancy Protocol Version 2 (VRRPv2) advertisements 828 are sent from the specified interface."; 829 } 830 } 832 case v3 { 833 when "derived-from-or-self(version, 'vrrp-v3')" { 834 description "Applicable only to version 3."; 835 } 836 leaf advertise-interval-centi-sec { 837 type uint16 { 838 range 1..4095; 839 } 840 units centiseconds; 841 default 100; 842 description 843 "Configures the interval that Virtual Router 844 Redundancy Protocol version 3 (VRRPv3) advertisements 845 are sent from the specified interface."; 846 } 847 } 848 } // advertise-interval-choice 850 container track { 851 description 852 "Enables the specified VRRP instance to track interfaces 853 or networks."; 854 container interfaces { 855 description 856 "Enables the specified Virtual Router Redundancy Protocol 857 version 2 (VRRP) or version 3 (VRRPv3) instance to track 858 interfaces. 859 Interface tracking prevents traffic loss by detecting the 860 availability of interfaces. The operational states of 861 other interfaces are associated with the priority of a 862 VRRP router. When a tracked interface becomes unavailable 863 (or operational down), the priority of the backup router 864 decrements. When an unavailable interface becomes 865 available again, the priority of the backup VRRP router is 866 incremented by the same amount."; 868 list interface { 869 key "interface"; 870 description 871 "Interface to track."; 873 leaf interface { 874 type if:interface-ref; 875 must "/if:interfaces/if:interface[if:name=current()]/" 876 + "ip:ipv4" { 877 description "Interface is IPv4."; 878 } 879 description 880 "Interface to track."; 881 } 883 leaf priority-decrement { 884 type uint8 { 885 range 1..254; 886 } 887 default 10; 888 description 889 "Specifies how much to decrement the priority of the 890 VRRP instance if the interface goes down."; 891 } 892 } // interface 893 } // interfaces 895 container networks { 896 description 897 "Enables the backup Virtual Router Redundancy Protocol 898 version 2 (VRRP) or version 3 (VRRPv3) router to track 899 specified networks through the IP network prefixes of 900 these networks. 901 Network tracking prevents traffic loss by detecting 902 network connectivity failure. The states of connectivity 903 to some networks are associated with the priority of a 904 VRRP router. When connectivity to a tracked network 905 represented by its prefix is lost, the priority of the 906 backup VRRP router decrements. When an unavailable network 907 is again reachable, the priority of the backup VRRP router 908 is incremented by the same amount."; 909 list network { 910 key "prefix"; 911 description 912 "Enables the specified Virtual Router Redundancy 913 Protocol version 2 (VRRP) or version 3 (VRRPv3) 914 instance to track an IP network, by specifying the 915 prefix of the IP network."; 917 leaf prefix { 918 type inet:ipv4-prefix; 919 description 920 "The prefix of the network to track."; 921 } 923 leaf priority-decrement { 924 type uint8 { 925 range 1..254; 926 } 927 default 10; 928 description 929 "Specifies how much to decrement the priority of the 930 backup VRRP router if there is a failure in the IP 931 network."; 932 } 933 } // track-network 934 } // track-networks 935 } // track 937 container virtual-ipv4-addresses { 938 description 939 "Configures the virtual IP address for the Virtual Router 940 Redundancy Protocol (VRRP) interface."; 942 list virtual-ipv4-address { 943 key "ipv4-address"; 944 max-elements 16; 945 description 946 "Virtual IP addresses for a single VRRP instance. For a 947 VRRP owner router, the virtual address must match one 948 of the IP addresses configured on the interface 949 corresponding to the virtual router."; 951 leaf ipv4-address { 952 type inet:ipv4-address; 953 description 954 "An IPv4 address associated with a virtual router."; 955 reference 956 "RFC 5798: Virtual Router Redundancy Protocol (VRRP) 957 Version 3. Section 1.2."; 958 } 959 } // virtual-ipv4-address 960 } // virtual-ipv4-addresses 961 } // grouping vrrp-ipv4-attributes 963 grouping vrrp-ipv6-attributes { 964 description 965 "Group of VRRP attributes for IPv6."; 967 uses vrrp-common-attributes; 969 leaf advertise-interval-centi-sec { 970 type uint16 { 971 range 1..4095; 972 } 973 units centiseconds; 974 default 100; 975 description 976 "Configures the interval that Virtual Router 977 Redundancy Protocol version 3 (VRRPv3) advertisements 978 are sent from the specified interface."; 979 } 981 container track { 982 description 983 "Enables the specified VRRP instance to track interfaces 984 or networks."; 985 container interfaces { 986 description 987 "Enables the specified Virtual Router Redundancy Protocol 988 version 2 (VRRP) or version 3 (VRRPv3) instance to track 989 interfaces. 990 Interface tracking prevents traffic loss by detecting the 991 availability of interfaces. The operational states of 992 other interfaces are associated with the priority of a 993 VRRP router. When a tracked interface becomes unavailable 994 (or operational down), the priority of the backup router 995 decrements. When an unavailable interface becomes 996 available again, the priority of the backup VRRP router is 997 incremented by the same amount."; 998 list interface { 999 key "interface"; 1000 description 1001 "Interface to track."; 1003 leaf interface { 1004 type if:interface-ref; 1005 must "/if:interfaces/if:interface[if:name=current()]/" 1006 + "ip:ipv6" { 1007 description "Interface is IPv6."; 1008 } 1009 description 1010 "Interface to track."; 1011 } 1013 leaf priority-decrement { 1014 type uint8 { 1015 range 1..254; 1016 } 1017 default 10; 1018 description 1019 "Specifies how much to decrement the priority of the 1020 VRRP instance if the interface goes down."; 1021 } 1022 } // interface 1023 } // interfaces 1025 container networks { 1026 description 1027 "Enables the backup Virtual Router Redundancy Protocol 1028 version 2 (VRRP) or version 3 (VRRPv3) router to track 1029 specified networks through the IP network prefixes of 1030 these networks. 1031 Network tracking prevents traffic loss by detecting 1032 network connectivity failure. The states of connectivity 1033 to some networks are associated with the priority of a 1034 VRRP router. When connectivity to a tracked network 1035 represented by its prefix is lost, the priority of the 1036 backup VRRP router decrements. When an unavailable network 1037 is again reachable, the priority of the backup VRRP router 1038 is incremented by the same amount."; 1039 list network { 1040 key "prefix"; 1041 description 1042 "Enables the specified Virtual Router Redundancy 1043 Protocol version 2 (VRRP) or version 3 (VRRPv3) 1044 instance to track an IP network, by specifying the 1045 prefix of the IP network."; 1047 leaf prefix { 1048 type inet:ipv6-prefix; 1049 description 1050 "The prefix of the network to track."; 1051 } 1053 leaf priority-decrement { 1054 type uint8 { 1055 range 1..254; 1056 } 1057 default 10; 1058 description 1059 "Specifies how much to decrement the priority of the 1060 backup VRRP router if there is a failure in the IP 1061 network."; 1062 } 1063 } // track-network 1064 } // track-networks 1065 } // track 1067 container virtual-ipv6-addresses { 1068 description 1069 "Configures the virtual IP address for the Virtual Router 1070 Redundancy Protocol (VRRP) interface."; 1071 list virtual-ipv6-address { 1072 key "ipv6-address"; 1073 max-elements 2; 1074 description 1075 "Two IPv6 addresses are allowed. The first one must be 1076 a link-local address and the second one can be a 1077 link-local or global address."; 1079 leaf ipv6-address { 1080 type inet:ipv6-address; 1081 description 1082 "An IPv6 address associated with a virtual router."; 1083 reference 1084 "RFC 5798: Virtual Router Redundancy Protocol (VRRP) 1085 Version 3. Section 1.3."; 1086 } 1087 } // virtual-ipv6-address 1088 } // virtual-ipv6-addresses 1089 } // grouping vrrp-ipv6-attributes 1091 grouping vrrp-state-attributes { 1092 description 1093 "Group of VRRP state attributes."; 1095 leaf state { 1096 type identityref { 1097 base vrrp:vrrp-state-type; 1098 } 1099 config false; 1100 description 1101 "Operational state."; 1102 } 1104 leaf is-owner { 1105 type boolean; 1106 config false; 1107 description 1108 "Set to true if this virtual router is owner."; 1109 } 1111 leaf last-adv-source { 1112 type inet:ip-address; 1113 config false; 1114 description 1115 "Last advertised IPv4/IPv6 source address"; 1116 } 1118 leaf up-datetime { 1119 type yang:date-and-time; 1120 config false; 1121 description 1122 "The date and time when this virtual router 1123 transitioned out of init state."; 1124 } 1126 leaf master-down-interval { 1127 type uint32; 1128 units centiseconds; 1129 config false; 1130 description 1131 "Time interval for backup virtual router to declare 1132 Master down."; 1133 } 1135 leaf skew-time { 1136 type uint32; 1137 units microseconds; 1138 config false; 1139 description 1140 "Calculated based on the priority and advertisement 1141 interval configuration command parameters. See RFC 3768."; 1142 } 1144 leaf last-event { 1145 type identityref { 1146 base vrrp:vrrp-event-type; 1147 } 1148 config false; 1149 description 1150 "Last reported event."; 1151 } 1153 leaf new-master-reason { 1154 type new-master-reason-type; 1155 config false; 1156 description 1157 "Indicates the reason for the virtual router to transition 1158 to master state."; 1159 } 1161 container statistics { 1162 config false; 1163 description 1164 "VRRP statistics."; 1166 leaf discontinuity-datetime { 1167 type yang:date-and-time; 1168 description 1169 "The time on the most recent occasion at which any one or 1170 more of the VRRP statistic counters suffered a 1171 discontinuity. If no such discontinuities have occurred 1172 since the last re-initialization of the local management 1173 subsystem, then this node contains the time that the 1174 local management subsystem re-initialized itself."; 1175 } 1177 leaf master-transitions { 1178 type yang:counter32; 1179 description 1180 "The total number of times that this virtual router's 1181 state has transitioned to master"; 1182 } 1184 leaf advertisement-recv { 1185 type yang:counter64; 1186 description 1187 "The total number of VRRP advertisements received by 1188 this virtual router."; 1189 } 1191 leaf advertisement-sent { 1192 type yang:counter64; 1193 description 1194 "The total number of VRRP advertisements sent by 1195 this virtual router."; 1196 } 1198 leaf interval-errors { 1199 if-feature validate-interval-errors; 1200 type yang:counter64; 1201 description 1202 "The total number of VRRP advertisement packets 1203 received with an advertisement interval 1204 different than the one configured for the local 1205 virtual router"; 1206 } 1208 leaf priority-zero-pkts-rcvd { 1209 type yang:counter64; 1210 description 1211 "The total number of VRRP packets received by the 1212 virtual router with a priority of 0."; 1213 } 1215 leaf priority-zero-pkts-sent { 1216 type yang:counter64; 1217 description 1218 "The total number of VRRP packets sent by the 1219 virtual router with a priority of 0."; 1220 } 1222 leaf invalid-type-pkts-rcvd { 1223 type yang:counter64; 1224 description 1225 "The number of VRRP packets received by the virtual 1226 router with an invalid value in the 'type' field."; 1227 } 1229 leaf address-list-errors { 1230 if-feature validate-address-list-errors; 1231 type yang:counter64; 1232 description 1233 "The total number of packets received with an 1234 address list that does not match the locally 1235 configured address list for the virtual router."; 1236 } 1238 leaf packet-length-errors { 1239 type yang:counter64; 1240 description 1241 "The total number of packets received with a packet 1242 length less than the length of the VRRP header."; 1243 } 1244 } // container statistics 1245 } // grouping vrrp-state-attributes 1247 grouping vrrp-global-state-attributes { 1248 description 1249 "Group of VRRP global state attributes."; 1251 leaf virtual-routers { 1252 type uint32; 1253 description "Number of configured virtual routers."; 1254 } 1256 leaf interfaces { 1257 type uint32; 1258 description "Number of interface with VRRP configured."; 1259 } 1261 container statistics { 1262 description 1263 "VRRP global statistics."; 1265 leaf discontinuity-datetime { 1266 type yang:date-and-time; 1267 description 1268 "The time on the most recent occasion at which one of 1269 checksum-errors, version-errors, vrid-errors, and 1270 ip-ttl-errors suffered a discontinuity. 1272 If no such discontinuities have occurred since the last 1273 re-initialization of the local management subsystem, 1274 then this node contains the time that the local management 1275 subsystem re-initialized itself."; 1276 } 1278 leaf checksum-errors { 1279 type yang:counter64; 1280 description 1281 "The total number of VRRP packets received with an invalid 1282 VRRP checksum value."; 1283 reference "RFC 5798, Section 5.2.8"; 1284 } 1286 leaf version-errors { 1287 type yang:counter64; 1288 description 1289 "The total number of VRRP packets received with an unknown 1290 or unsupported version number."; 1291 reference "RFC 5798, Section 5.2.1"; 1292 } 1294 leaf vrid-errors { 1295 type yang:counter64; 1296 description 1297 "The total number of VRRP packets received with a VRID that 1298 is not valid for any virtual router on this router."; 1299 reference "RFC 5798, Section 5.2.3"; 1300 } 1302 leaf ip-ttl-errors { 1303 type yang:counter64; 1304 description 1305 "The total number of VRRP packets received by the 1306 virtual router with IP TTL (Time-To-Live) not equal 1307 to 255."; 1308 reference "RFC 5798, Sections 5.1.1.3 and 5.1.2.3."; 1309 } 1310 } // statistics 1311 } // vrrp-global-state-attributes 1313 /* 1314 * Configuration data and operational state data nodes 1315 */ 1317 augment "/if:interfaces/if:interface/ip:ipv4" { 1318 description "Augment IPv4 interface."; 1320 container vrrp { 1321 description 1322 "Configures the Virtual Router Redundancy Protocol (VRRP) 1323 version 2 or version 3 for IPv4."; 1325 list vrrp-instance { 1326 key "vrid"; 1327 description 1328 "Defines a virtual router, identified by a virtual router 1329 identifier (VRID), within IPv4 address space."; 1331 uses vrrp-ipv4-attributes; 1332 uses vrrp-state-attributes; 1333 } 1334 } 1335 } // augment ipv4 1337 augment "/if:interfaces/if:interface/ip:ipv6" { 1338 description "Augment IPv6 interface."; 1340 container vrrp { 1341 description 1342 "Configures the Virtual Router Redundancy Protocol (VRRP) 1343 version 3 for IPv6."; 1345 list vrrp-instance { 1346 must "derived-from-or-self(version, 'vrrp-v3')" { 1347 description 1348 "IPv6 is only supported by version 3."; 1349 } 1350 key "vrid"; 1351 description 1352 "Defines a virtual router, identified by a virtual router 1353 identifier (VRID), within IPv6 address space."; 1355 uses vrrp-ipv6-attributes; 1356 uses vrrp-state-attributes; 1357 } // list vrrp-instance 1358 } // container vrrp 1359 } // augment ipv6 1361 container vrrp { 1362 config false; 1363 description "VRRP data at the global level."; 1365 uses vrrp-global-state-attributes; 1366 } 1368 /* 1369 * Notifications 1370 */ 1372 notification vrrp-new-master-event { 1373 description 1374 "Notification event for a change of VRRP new master."; 1375 leaf master-ip-address { 1376 type inet:ip-address; 1377 mandatory true; 1378 description 1379 "IPv4 or IPv6 address of the new master."; 1380 } 1381 leaf new-master-reason { 1382 type new-master-reason-type; 1383 mandatory true; 1384 description 1385 "Indicates the reason for the virtual router to transition 1386 to master state."; 1387 } 1388 } 1390 notification vrrp-protocol-error-event { 1391 description 1392 "Notification event for a VRRP protocol error."; 1393 leaf protocol-error-reason { 1394 type identityref { 1395 base vrrp:vrrp-error-global; 1396 } 1397 mandatory true; 1398 description 1399 "Indicates the reason for the protocol error."; 1400 } 1401 } 1403 notification vrrp-virtual-router-error-event { 1404 description 1405 "Notification event for an error happened on a virtual 1406 router."; 1407 leaf interface { 1408 type if:interface-ref; 1409 mandatory true; 1410 description 1411 "Indicates the interface for which statistics area 1412 to be cleared."; 1413 } 1415 choice ip-version { 1416 mandatory true; 1417 description 1418 "The error may have happened on either an IPv4 virtual 1419 router or an IPv6 virtual router. The information 1420 related to a specific IP version is provided by one of 1421 the following cases."; 1422 case ipv4 { 1423 description "IPv4"; 1424 container ipv4 { 1425 description 1426 "Error information for IPv4."; 1427 leaf vrid { 1428 type leafref { 1429 path "/if:interfaces/if:interface" 1430 + "[if:name = current()/../../vrrp:interface]/" 1431 + "ip:ipv4/vrrp:vrrp/vrrp:vrrp-instance/vrrp:vrid"; 1432 } 1433 mandatory true; 1434 description 1435 "Indicates the virtual router on which the event has 1436 occurred."; 1437 } 1438 } 1439 } 1440 case ipv6 { 1441 description "IPv6"; 1442 container ipv6 { 1443 description 1444 "Error information for IPv6."; 1445 leaf vrid { 1446 type leafref { 1447 path "/if:interfaces/if:interface" 1448 + "[if:name = current()/../../vrrp:interface]/" 1449 + "ip:ipv6/vrrp:vrrp/vrrp:vrrp-instance/vrrp:vrid"; 1450 } 1451 mandatory true; 1452 description 1453 "Indicates the virtual router on which the event has 1454 occurred."; 1455 } 1456 } 1457 } 1458 } 1460 leaf virtual-router-error-reason { 1461 type identityref { 1462 base vrrp:vrrp-error-virtual-router; 1463 } 1464 mandatory true; 1465 description 1466 "Indicates the reason for the virtual router error."; 1467 } 1468 } 1469 } 1470 1472 4. IANA Considerations 1474 RFC Ed.: In this section, replace all occurrences of 'XXXX' with the 1475 actual RFC number (and remove this note). 1477 This document registers the following namespace URIs in the IETF XML 1478 registry [RFC3688]: 1480 -------------------------------------------------------------------- 1481 URI: urn:ietf:params:xml:ns:yang:ietf-vrrp 1482 Registrant Contact: The IESG. 1483 XML: N/A, the requested URI is an XML namespace. 1484 -------------------------------------------------------------------- 1486 This document registers the following YANG modules in the YANG Module 1487 Names registry [RFC7950]: 1489 -------------------------------------------------------------------- 1490 name: ietf-vrrp 1491 namespace: urn:ietf:params:xml:ns:yang:ietf-vrrp 1492 prefix: vrrp 1493 reference: RFC XXXX 1494 -------------------------------------------------------------------- 1496 5. Security Considerations 1498 The YANG module specified in this document defines a schema for data 1499 that is designed to be accessed via network management protocols such 1500 as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer 1501 is the secure transport layer, and the mandatory-to-implement secure 1502 transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer 1503 is HTTPS, and the mandatory-to-implement secure transport is TLS 1504 [RFC5246]. 1506 The NETCONF access control model [RFC6536] provides the means to 1507 restrict access for particular NETCONF or RESTCONF users to a 1508 preconfigured subset of all available NETCONF or RESTCONF protocol 1509 operations and content. 1511 There are a number of data nodes defined in this YANG module that are 1512 writable/creatable/deletable (i.e., config true, which is the 1513 default). These data nodes may be considered sensitive or vulnerable 1514 in some network environments. Write operations (e.g., edit-config) 1515 to these data nodes without proper protection can have a negative 1516 effect on network operations. These are the subtrees and data nodes 1517 and their sensitivity/vulnerability: 1519 /if:interfaces/if:interface/ip:ipv4/vrrp:vrrp/vrrp:vrrp-instance 1521 /if:interfaces/if:interface/ip:ipv6/vrrp:vrrp/vrrp:vrrp-instance 1523 Unauthorized access to any data node of these subtrees can adversely 1524 affect the routing subsystem of both the local device and the 1525 network. This may lead to network malfunctions, delivery of packets 1526 to inappropriate destinations, and other problems. 1528 Some of the readable data nodes in this YANG module may be considered 1529 sensitive or vulnerable in some network environments. It is thus 1530 important to control read access (e.g., via get, get-config, or 1531 notification) to these data nodes. These are the subtrees and data 1532 nodes and their sensitivity/vulnerability: 1534 /ietf-vrrp:vrrp 1536 /if:interfaces/if:interface/ip:ipv4/vrrp:vrrp/vrrp:vrrp-instance 1538 /if:interfaces/if:interface/ip:ipv6/vrrp:vrrp/vrrp:vrrp-instance 1540 Unauthorized access to any data node of these subtrees can disclose 1541 the operational state information of VRRP on this device. 1543 6. References 1545 6.1. Normative References 1547 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1548 Requirement Levels", BCP 14, RFC 2119, 1549 DOI 10.17487/RFC2119, March 1997, . 1552 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 1553 DOI 10.17487/RFC3688, January 2004, . 1556 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security 1557 (TLS) Protocol Version 1.2", RFC 5246, 1558 DOI 10.17487/RFC5246, August 2008, . 1561 [RFC5798] Nadas, S., Ed., "Virtual Router Redundancy Protocol (VRRP) 1562 Version 3 for IPv4 and IPv6", RFC 5798, 1563 DOI 10.17487/RFC5798, March 2010, . 1566 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 1567 the Network Configuration Protocol (NETCONF)", RFC 6020, 1568 DOI 10.17487/RFC6020, October 2010, . 1571 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 1572 and A. Bierman, Ed., "Network Configuration Protocol 1573 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 1574 . 1576 [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure 1577 Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, 1578 . 1580 [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration 1581 Protocol (NETCONF) Access Control Model", RFC 6536, 1582 DOI 10.17487/RFC6536, March 2012, . 1585 [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", 1586 RFC 6991, DOI 10.17487/RFC6991, July 2013, 1587 . 1589 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 1590 RFC 7950, DOI 10.17487/RFC7950, August 2016, 1591 . 1593 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 1594 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 1595 . 1597 [I-D.ietf-netmod-rfc7223bis] 1598 Bjorklund, M., "A YANG Data Model for Interface 1599 Management", draft-ietf-netmod-rfc7223bis-02 (work in 1600 progress), January 2018. 1602 [I-D.ietf-netmod-rfc7277bis] 1603 Bjorklund, M., "A YANG Data Model for IP Management", 1604 draft-ietf-netmod-rfc7277bis-02 (work in progress), 1605 January 2018. 1607 [I-D.ietf-netmod-revised-datastores] 1608 Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., 1609 and R. Wilton, "Network Management Datastore 1610 Architecture", draft-ietf-netmod-revised-datastores-09 1611 (work in progress), December 2017. 1613 6.2. Informative References 1615 [RFC3768] Hinden, R., Ed., "Virtual Router Redundancy Protocol 1616 (VRRP)", RFC 3768, DOI 10.17487/RFC3768, April 2004, 1617 . 1619 [RFC7951] Lhotka, L., "JSON Encoding of Data Modeled with YANG", 1620 RFC 7951, DOI 10.17487/RFC7951, August 2016, 1621 . 1623 [I-D.ietf-netconf-subscribed-notifications] 1624 Voit, E., Clemm, A., Prieto, A., Nilsen-Nygaard, E., and 1625 A. Tripathy, "Custom Subscription to Event Streams", 1626 draft-ietf-netconf-subscribed-notifications-08 (work in 1627 progress), December 2017. 1629 [I-D.ietf-netconf-yang-push] 1630 Clemm, A., Voit, E., Prieto, A., Tripathy, A., Nilsen- 1631 Nygaard, E., Bierman, A., and B. Lengyel, "YANG Datastore 1632 Subscription", draft-ietf-netconf-yang-push-12 (work in 1633 progress), December 2017. 1635 [I-D.ietf-netmod-rfc6087bis] 1636 Bierman, A., "Guidelines for Authors and Reviewers of YANG 1637 Data Model Documents", draft-ietf-netmod-rfc6087bis-15 1638 (work in progress), December 2017. 1640 [I-D.ietf-netmod-yang-tree-diagrams] 1641 Bjorklund, M. and L. Berger, "YANG Tree Diagrams", draft- 1642 ietf-netmod-yang-tree-diagrams-04 (work in progress), 1643 December 2017. 1645 Appendix A. Complete Model Tree Structure 1647 The VRRP YANG data model defined in this document has the following 1648 tree structure: 1650 module: ietf-vrrp 1651 +--ro vrrp 1652 +--ro virtual-routers? uint32 1653 +--ro interfaces? uint32 1654 +--ro statistics 1655 +--ro discontinuity-datetime? yang:date-and-time 1656 +--ro checksum-errors? yang:counter64 1657 +--ro version-errors? yang:counter64 1658 +--ro vrid-errors? yang:counter64 1659 +--ro ip-ttl-errors? yang:counter64 1660 augment /if:interfaces/if:interface/ip:ipv4: 1661 +--rw vrrp 1662 +--rw vrrp-instance* [vrid] 1663 +--rw vrid uint8 1664 +--rw version identityref 1665 +--rw log-state-change? boolean 1666 +--rw preempt 1667 | +--rw enabled? boolean 1668 | +--rw hold-time? uint16 1669 +--rw priority? uint8 1670 +--rw accept-mode? boolean 1671 +--rw (advertise-interval-choice)? 1672 | +--:(v2) 1673 | | +--rw advertise-interval-sec? uint8 1674 | +--:(v3) 1675 | +--rw advertise-interval-centi-sec? uint16 1676 +--rw track 1677 | +--rw interfaces 1678 | | +--rw interface* [interface] 1679 | | +--rw interface if:interface-ref 1680 | | +--rw priority-decrement? uint8 1681 | +--rw networks 1682 | +--rw network* [prefix] 1683 | +--rw prefix inet:ipv4-prefix 1684 | +--rw priority-decrement? uint8 1685 +--rw virtual-ipv4-addresses 1686 | +--rw virtual-ipv4-address* [ipv4-address] 1687 | +--rw ipv4-address inet:ipv4-address 1688 +--ro state? identityref 1689 +--ro is-owner? boolean 1690 +--ro last-adv-source? inet:ip-address 1691 +--ro up-datetime? yang:date-and-time 1692 +--ro master-down-interval? uint32 1693 +--ro skew-time? uint32 1694 +--ro last-event? identityref 1695 +--ro new-master-reason? 1696 new-master-reason-type 1697 +--ro statistics 1698 +--ro discontinuity-datetime? yang:date-and-time 1699 +--ro master-transitions? yang:counter32 1700 +--ro advertisement-recv? yang:counter64 1701 +--ro advertisement-sent? yang:counter64 1702 +--ro interval-errors? yang:counter64 1703 | {validate-interval-errors}? 1704 +--ro priority-zero-pkts-rcvd? yang:counter64 1705 +--ro priority-zero-pkts-sent? yang:counter64 1706 +--ro invalid-type-pkts-rcvd? yang:counter64 1707 +--ro address-list-errors? yang:counter64 1708 | {validate-address-list-errors}? 1709 +--ro packet-length-errors? yang:counter64 1710 augment /if:interfaces/if:interface/ip:ipv6: 1711 +--rw vrrp 1712 +--rw vrrp-instance* [vrid] 1713 +--rw vrid uint8 1714 +--rw version identityref 1715 +--rw log-state-change? boolean 1716 +--rw preempt 1717 | +--rw enabled? boolean 1718 | +--rw hold-time? uint16 1719 +--rw priority? uint8 1720 +--rw accept-mode? boolean 1721 +--rw advertise-interval-centi-sec? uint16 1722 +--rw track 1723 | +--rw interfaces 1724 | | +--rw interface* [interface] 1725 | | +--rw interface if:interface-ref 1726 | | +--rw priority-decrement? uint8 1727 | +--rw networks 1728 | +--rw network* [prefix] 1729 | +--rw prefix inet:ipv6-prefix 1730 | +--rw priority-decrement? uint8 1731 +--rw virtual-ipv6-addresses 1732 | +--rw virtual-ipv6-address* [ipv6-address] 1733 | +--rw ipv6-address inet:ipv6-address 1734 +--ro state? identityref 1735 +--ro is-owner? boolean 1736 +--ro last-adv-source? inet:ip-address 1737 +--ro up-datetime? yang:date-and-time 1738 +--ro master-down-interval? uint32 1739 +--ro skew-time? uint32 1740 +--ro last-event? identityref 1741 +--ro new-master-reason? 1742 new-master-reason-type 1743 +--ro statistics 1744 +--ro discontinuity-datetime? yang:date-and-time 1745 +--ro master-transitions? yang:counter32 1746 +--ro advertisement-recv? yang:counter64 1747 +--ro advertisement-sent? yang:counter64 1748 +--ro interval-errors? yang:counter64 1749 | {validate-interval-errors}? 1750 +--ro priority-zero-pkts-rcvd? yang:counter64 1751 +--ro priority-zero-pkts-sent? yang:counter64 1752 +--ro invalid-type-pkts-rcvd? yang:counter64 1753 +--ro address-list-errors? yang:counter64 1754 | {validate-address-list-errors}? 1755 +--ro packet-length-errors? yang:counter64 1757 notifications: 1758 +---n vrrp-new-master-event 1759 | +--ro master-ip-address inet:ip-address 1760 | +--ro new-master-reason new-master-reason-type 1761 +---n vrrp-protocol-error-event 1762 | +--ro protocol-error-reason identityref 1763 +---n vrrp-virtual-router-error-event 1764 +--ro interface if:interface-ref 1765 +--ro (ip-version) 1766 | +--:(ipv4) 1767 | | +--ro ipv4 1768 | | +--ro vrid leafref 1769 | +--:(ipv6) 1770 | +--ro ipv6 1771 | +--ro vrid leafref 1772 +--ro virtual-router-error-reason identityref 1774 Appendix B. Data Tree Example 1776 This section contains an example of an instance data tree in the JSON 1777 encoding [RFC7951], containing both configuration and state data. 1779 Virtual router IP address: 192.0.2.1 1780 +-----------------+ +-----------------+ 1781 | | | | 1782 | Router 1 | | Router 2 | 1783 | | | | 1784 +--------+--------+ +--------+--------+ 1785 |eth1 |eth1 1786 |192.0.2.11 |192.0.2.12 1787 -------+--------------------------+------- 1788 | | 1789 |192.0.2.51 |192.0.2.52 1790 +--------+--------+ +--------+--------+ 1791 | Host 1 | | Host 2 | 1792 | Default gateway:| | Default gateway:| 1793 | 192.0.2.1 | | 192.0.2.1 | 1794 +-----------------+ +-----------------+ 1796 The configuration instance data for Router 1 in the above figure 1797 could be as follows: 1799 { 1800 "ietf-interfaces:interfaces": { 1801 "interface": [ 1802 { 1803 "name": "eth1", 1804 "type": "iana-if-type:ethernetCsmacd", 1805 "description": "An interface with VRRP enabled.", 1806 "ietf-ip:ipv4": { 1807 "address": [ 1808 { 1809 "ip": "192.0.2.11", 1810 "prefix-length": 24 1811 } 1812 ], 1813 "forwarding": true, 1814 "ietf-vrrp:vrrp": { 1815 "vrrp-instance": [ 1816 { 1817 "vrid": 1, 1818 "version": "vrrp-v3", 1819 "priority": 200, 1820 "advertise-interval-centi-sec": 50, 1821 "virtual-ipv4-addresses": { 1822 "virtual-ipv4-address": [ 1823 "ipv4-address": "192.0.2.1" 1824 ] 1825 } 1826 } 1827 ] 1828 } 1829 } 1830 } 1831 ] 1832 } 1833 } 1835 The cooresponding operational state data for Router 1 could be as 1836 follows: 1838 { 1839 "ietf-interfaces:interfaces": { 1840 "interface": [ 1841 { 1842 "name": "eth1", 1843 "type": "iana-if-type:ethernetCsmacd", 1844 "phys-address": "00:0C:42:E5:B1:E9", 1845 "oper-status": "up", 1846 "statistics": { 1847 "discontinuity-time": "2016-10-24T17:11:27+02:00" 1848 }, 1849 "ietf-ip:ipv4": { 1850 "forwarding": true, 1851 "mtu": 1500, 1852 "address": [ 1853 { 1854 "ip": "192.0.2.11", 1855 "prefix-length": 24 1856 } 1857 ] 1858 "ietf-vrrp:vrrp": { 1859 "vrrp-instance": [ 1860 { 1861 "vrid": 1, 1862 "version": "vrrp-v3", 1863 "log-state-change": false, 1864 "preempt": { 1865 "enabled": true, 1866 "hold-time": 0 1867 } 1868 "priority": 200, 1869 "accept-mode": false, 1870 "advertise-interval-centi-sec": 50, 1871 "virtual-ipv4-addresses": { 1872 "virtual-ipv4-address": [ 1873 "ipv4-address": "192.0.2.1" 1874 ] 1875 }, 1876 "state": "master", 1877 "is-owner": false, 1878 "last-adv-source": "192.0.2.11", 1879 "up-datetime": "2016-10-24T17:11:27+02:00", 1880 "master-down-interval": 161, 1881 "skew-time": 11, 1882 "last-event": "vrrp-event-interface-up", 1883 "new-master-reason": "priority", 1884 "statistics": { 1885 "discontinuity-datetime": 1886 "2016-10-24T17:11:27+02:00", 1887 "master-transitions": 2, 1888 "advertisement-recv": 20, 1889 "advertisement-sent": 12, 1890 "interval-errors": 0, 1891 "priority-zero-pkts-rcvd": 0, 1892 "priority-zero-pkts-sent": 0, 1893 "invalid-type-pkts-rcvd": 0, 1894 "address-list-errors": 0, 1895 "packet-length-errors": 1 1896 } 1897 } 1898 ] 1899 } 1900 } 1901 } 1902 ] 1903 } 1904 } 1906 { 1907 "ietf-vrrp:vrrp": { 1908 "virtual-routers": 3, 1909 "interfaces": 2, 1910 "statistics": { 1911 "discontinuity-datetime": "2016-10-24T17:11:27+02:00", 1912 "checksum-errors": 2, 1913 "version-errors": 0, 1914 "vrid-errors": 0, 1915 "ip-ttl-errors": 1 1916 } 1917 } 1918 } 1920 Authors' Addresses 1922 Xufeng Liu (editor) 1923 Jabil 1924 8281 Greensboro Drive, Suite 200 1925 McLean VA 22102 1926 USA 1928 EMail: Xufeng_Liu@jabil.com 1930 Athanasios Kyparlis 1931 Jabil 1932 8281 Greensboro Drive, Suite 200 1933 McLean VA 22102 1934 USA 1936 EMail: Athanasios_Kyparlis@jabil.com 1937 Ravi Parikh 1938 VMware 1939 3425 Hillview Avenue 1940 Palo Alto CA 94304 1941 USA 1943 EMail: parikhr@vmware.com 1945 Acee Lindem 1946 Cisco Systems 1947 301 Midenhall Way 1948 Cary NC 27513 1949 USA 1951 EMail: acee@cisco.com 1953 Mingui Zhang 1954 Huawei Technologies 1955 No. 156 Beiqing Rd. Haidian District 1956 Beijing 100095 1957 P.R. China 1959 EMail: zhangmingui@huawei.com