draft-ietf-bess-mvpn-yang-02.txt   draft-ietf-bess-mvpn-yang-03.txt 
BESS Working Group Y. Liu BESS Working Group Y. Liu
Internet Draft Individual Internet Draft China Mobile
Intended status: Standards Track F. Guo Intended status: Standards Track F. Guo
Expires: June 2, 2020 Huawei Expires: Dec 31, 2020 Huawei
S. Litkowski S. Litkowski
Cisco Cisco
X. Liu X. Liu
Volta Networks Volta Networks
R. Kebler R. Kebler
M. Sivakumar M. Sivakumar
Juniper Juniper
Dec 2, 2019 June 30, 2020
Yang Data Model for Multicast in MPLS/BGP IP VPNs Yang Data Model for Multicast in MPLS/BGP IP VPNs
draft-ietf-bess-mvpn-yang-02 draft-ietf-bess-mvpn-yang-03
Status of this Memo Status of this Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
skipping to change at page 1, line 39 skipping to change at page 1, line 39
months and may be updated, replaced, or obsoleted by other documents months and may be updated, replaced, or obsoleted by other documents
at any time. It is inappropriate to use Internet-Drafts as at any time. It is inappropriate to use Internet-Drafts as
reference material or to cite them other than as "work in progress." reference material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html http://www.ietf.org/shadow.html
This Internet-Draft will expire on June 2, 2020. This Internet-Draft will expire on June 30, 2020.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 33 skipping to change at page 2, line 33
1.1. Terminology ............................................ 3 1.1. Terminology ............................................ 3
1.2. Tree Diagrams .......................................... 3 1.2. Tree Diagrams .......................................... 3
1.3. Prefixes in Data Node Names ............................ 4 1.3. Prefixes in Data Node Names ............................ 4
2. Design of Data Model......................................... 4 2. Design of Data Model......................................... 4
2.1. Scope of Model ......................................... 4 2.1. Scope of Model ......................................... 4
2.2. Optional Capabilities .................................. 4 2.2. Optional Capabilities .................................. 4
2.3. Position of Address Family in Hierarchy ................ 5 2.3. Position of Address Family in Hierarchy ................ 5
3. Module Structure ............................................ 5 3. Module Structure ............................................ 5
4. MVPN YANG Modules .......................................... 13 4. MVPN YANG Modules .......................................... 13
5. Security Considerations .................................... 36 5. Security Considerations .................................... 36
6. IANA Considerations ........................................ 36 6. IANA Considerations ........................................ 38
7. References ................................................. 37 7. References ................................................. 39
7.1. Normative References .................................. 37 7.1. Normative References .................................. 39
7.2. Informative References ................................ 38 7.2. Informative References ................................ 40
8. Acknowledgments ............................................ 38 8. Acknowledgments ............................................ 40
Authors' Addresses ............................................ 39 Authors' Addresses ............................................ 41
1. Introduction 1. Introduction
YANG [RFC6020] [RFC7950] is a data definition language that was YANG [RFC6020] [RFC7950] is a data definition language that was
introduced to define the contents of a conceptual data store that introduced to define the contents of a conceptual data store that
allows networked devices to be managed using NETCONF [RFC6241]. allows networked devices to be managed using NETCONF [RFC6241].
YANG is proving relevant beyond its initial confines, as bindings to YANG is proving relevant beyond its initial confines, as bindings to
other interfaces (e.g. REST) and encoding other than XML (e.g. JSON) other interfaces (e.g. REST) and encoding other than XML (e.g. JSON)
are being defined. Furthermore, YANG data models can be used as the are being defined. Furthermore, YANG data models can be used as the
basis of implementation for other interface, such as CLI and basis of implementation for other interface, such as CLI and
skipping to change at page 3, line 15 skipping to change at page 3, line 15
This document defines a YANG data model that can be used to This document defines a YANG data model that can be used to
configure and manage Multicast in MPLS/BGP IP VPN (MVPN). It configure and manage Multicast in MPLS/BGP IP VPN (MVPN). It
includes Cisco systems' solution [RFC6037], BGP MVPN [RFC6513] includes Cisco systems' solution [RFC6037], BGP MVPN [RFC6513]
[RFC6514] etc. This model will support the core MVPN protocols, as [RFC6514] etc. This model will support the core MVPN protocols, as
well as many other features mentioned in separate MVPN RFCs. In well as many other features mentioned in separate MVPN RFCs. In
addition, Non-core features described in MVPN standards other than addition, Non-core features described in MVPN standards other than
mentioned above RFC in separate documents. mentioned above RFC in separate documents.
1.1. Terminology 1.1. Terminology
The terminology for describing YANG data models is found in The terminology for describing YANG data models is found in
[RFC6020] & [RFC7950]. [RFC6020] & [RFC7950].
The following abbreviations are used in this document and the The following abbreviations are used in this document and the
defined model: defined model:
MVPN: Multicast Virtual Private Network [RFC6513]. MVPN: Multicast Virtual Private Network [RFC6513].
PMSI: P-Multicast Service Interface [RFC6513]. PMSI: P-Multicast Service Interface [RFC6513].
PIM: Protocol Independent Multicast [RFC7761]. PIM: Protocol Independent Multicast [RFC7761].
skipping to change at page 4, line 16 skipping to change at page 4, line 16
In this document, names of data nodes, actions, and other data model In this document, names of data nodes, actions, and other data model
objects are often used without a prefix, as long as it is clear from objects are often used without a prefix, as long as it is clear from
the context in which YANG module each name is defined. Otherwise, the context in which YANG module each name is defined. Otherwise,
names are prefixed using the standard prefix associated with the names are prefixed using the standard prefix associated with the
corresponding YANG module, as shown in Table 1 corresponding YANG module, as shown in Table 1
+----------+---------------------------+----------------------------+ +----------+---------------------------+----------------------------+
| Prefix | YANG module | Reference | | Prefix | YANG module | Reference |
+-----------+--------------------------+----------------------------+ +-----------+--------------------------+----------------------------+
| ni | ietf-network-instance | [RFC8529] | | ni | ietf-network-instance | [RFC8529] |
| l3vpn | ietf-bgp-l3vpn | [I-D.ietf-l3vpn-yang] | | l3vpn | ietf-bgp-l3vpn | [I-D.ietf-l3vpn-yang] |
| inet | ietf-inet-types | [RFC6991] | | inet | ietf-inet-types | [RFC6991] |
| rt-types | ietf-routing-types | [RFC8294] | | rt-types | ietf-routing-types | [RFC8294] |
| acl | ietf-access-control-list | [RFC8519] | | acl | ietf-access-control-list | [RFC8519] |
+-----------+--------------------------+----------------------------+ +-----------+--------------------------+----------------------------+
Table 1: Prefixes and Corresponding YANG Modules Table 1: Prefixes and Corresponding YANG Modules
2. Design of Data Model 2. Design of Data Model
2.1. Scope of Model 2.1. Scope of Model
The model covers Rosen MVPN [RFC6037], BGP MVPN [RFC6513] [RFC6514]. The model covers Rosen MVPN [RFC6037], BGP MVPN [RFC6513] [RFC6514].
The configuration of MVPN features, and the operational state fields The configuration of MVPN features, and the operational state fields
and RPC definitions are not all included in this document of the and RPC definitions are not all included in this document of the
skipping to change at page 9, line 4 skipping to change at page 9, line 4
| | +--rw ipv4-source-masklength? uint8 | | +--rw ipv4-source-masklength? uint8
| +--:(acl-name) | +--:(acl-name)
| +--rw group-acl-ipv4? | +--rw group-acl-ipv4?
| -> /acl:acls/acl/name | -> /acl:acls/acl/name
+--ro (pmsi-tunnel-state-attribute)? +--ro (pmsi-tunnel-state-attribute)?
| +--:(rsvp-te-p2mp) | +--:(rsvp-te-p2mp)
| | +--ro p2mp-id? uint16 | | +--ro p2mp-id? uint16
| | +--ro tunnel-id? uint16 | | +--ro tunnel-id? uint16
| | +--ro extend-tunnel-id? uint16 | | +--ro extend-tunnel-id? uint16
| +--:(mldp-p2mp) | +--:(mldp-p2mp)
| | +--ro mldp-root-addr? inet:ip-address | | +--ro mldp-root-addr? inet:ip-
address
| | +--ro mldp-lsp-id? string | | +--ro mldp-lsp-id? string
| +--:(pim-ssm) | +--:(pim-ssm)
| | +--ro ssm-group-addr? | | +--ro ssm-group-addr?
| | rt-types:ip-multicast-group-address | | rt-types:ip-multicast-group-address
| +--:(pim-sm) | +--:(pim-sm)
| | +--ro sm-group-addr? | | +--ro sm-group-addr?
| | rt-types:ip-multicast-group-address | | rt-types:ip-multicast-group-address
| +--:(bidir-pim) | +--:(bidir-pim)
| | +--ro bidir-group-addr? | | +--ro bidir-group-addr?
| | rt-types:ip-multicast-group-address | | rt-types:ip-multicast-group-address
skipping to change at page 12, line 21 skipping to change at page 12, line 21
| | +--rw ipv6-source-masklength? uint8 | | +--rw ipv6-source-masklength? uint8
| +--:(acl-name) | +--:(acl-name)
| +--rw group-acl-ipv6? | +--rw group-acl-ipv6?
| -> /acl:acls/acl/name | -> /acl:acls/acl/name
+--ro (pmsi-tunnel-state-attribute)? +--ro (pmsi-tunnel-state-attribute)?
| +--:(rsvp-te-p2mp) | +--:(rsvp-te-p2mp)
| | +--ro p2mp-id? uint16 | | +--ro p2mp-id? uint16
| | +--ro tunnel-id? uint16 | | +--ro tunnel-id? uint16
| | +--ro extend-tunnel-id? uint16 | | +--ro extend-tunnel-id? uint16
| +--:(mldp-p2mp) | +--:(mldp-p2mp)
| | +--ro mldp-root-addr? inet:ip-address | | +--ro mldp-root-addr? inet:ip-
address
| | +--ro mldp-lsp-id? string | | +--ro mldp-lsp-id? string
| +--:(pim-ssm) | +--:(pim-ssm)
| | +--ro ssm-group-addr? | | +--ro ssm-group-addr?
| | rt-types:ip-multicast-group-address | | rt-types:ip-multicast-group-address
| +--:(pim-sm) | +--:(pim-sm)
| | +--ro sm-group-addr? | | +--ro sm-group-addr?
| | rt-types:ip-multicast-group-address | | rt-types:ip-multicast-group-address
| +--:(bidir-pim) | +--:(bidir-pim)
| | +--ro bidir-group-addr? | | +--ro bidir-group-addr?
| | rt-types:ip-multicast-group-address | | rt-types:ip-multicast-group-address
skipping to change at page 36, line 36 skipping to change at page 36, line 36
uses mvpn-rts; uses mvpn-rts;
uses mvpn-ipmsi-tunnel-info-ipv6; uses mvpn-ipmsi-tunnel-info-ipv6;
uses mvpn-spmsi-tunnel-info-ipv6; uses mvpn-spmsi-tunnel-info-ipv6;
} }
} }
} }
<CODE ENDS> <CODE ENDS>
5. Security Considerations 5. Security Considerations
TBD The YANG module specified in this document defines a schema for data
that is designed to be accessed via network management protocols
such as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF
layer is the secure transport layer, and the mandatory-to-implement
secure transport is Secure Shell (SSH) [RFC6242]. The lowest
RESTCONF layer is HTTPS, and the mandatory-to-implement secure
transport is TLS [RFC8446].
The Network Configuration Access Control Model (NACM) [RFC8341]
provides the means to restrict access for particular NETCONF or
RESTCONF users to a preconfigured subset of all available NETCONF or
RESTCONF protocol operations and content.
There are a number of data nodes defined in this YANG module that
are writable/creatable/deletable (i.e., config true, which is the
default). These data nodes may be considered sensitive or
vulnerable in some network environments. Write operations (e.g.,
edit-config) to these data nodes without proper protection can have
a negative effect on network operations. These are the subtrees and
data nodes and their sensitivity/vulnerability:
Under /ni:network-instances/ni:network-instance/ni:ni-
type/l3vpn:l3vpn/l3vpn:l3vpn/l3vpn:ipv4:,
multicast:
This subtree specifies the configuration for the IPv4 MVPN
attributes at the instance level on a MVPN instance. Modifying the
configuration can cause IPv4 MVPN PMSI tunnels to be deleted or
reconstructed on the MVPN instance.
multicast:mvpn-ipmsi-tunnel-ipv4
This subtree specifies the configuration for the IPv4 MVPN I-PMSI
tunnel attributes at the PMSI tunnel level on a MVPN instance.
Modifying the configuration can cause IPv4 MVPN I-PMSI tunnel to be
deleted or reconstructed on the MVPN instance.
multicast:mvpn-spmsi-tunnels-ipv4
This subtree specifies the configuration for the IPv4 MVPN S-PMSI
attributes at the PMSI tunnel level on a MVPN instance. Modifying
the configuration can cause IPv4 MVPN S-PMSI tunnels to be deleted
or reconstructed on the MVPN instance.
Under /ni:network-instances/ni:network-instance/ni:ni-
type/l3vpn:l3vpn/l3vpn:l3vpn/l3vpn:ipv6:,
multicast:
This subtree specifies the configuration for the IPv6 MVPN
attributes at the instance level on a MVPN instance. Modifying the
configuration can cause IPv6 MVPN PMSI tunnels to be deleted or
reconstructed on the MVPN instance.
multicast:mvpn-ipmsi-tunnel-ipv6
This subtree specifies the configuration for the IPv6 MVPN I-PMSI
tunnel attributes at the PMSI tunnel level on a MVPN instance.
Modifying the configuration can cause IPv6 MVPN I-PMSI tunnel to be
deleted or reconstructed on the MVPN instance.
multicast:mvpn-spmsi-tunnels-ipv6
This subtree specifies the configuration for the IPv6 MVPN S-PMSI
attributes at the PMSI tunnel level on a MVPN instance. Modifying
the configuration can cause IPv6 MVPN S-PMSI tunnels to be deleted
or reconstructed on the MVPN instance.
Unauthorized access to any data node of these subtrees can adversely
affect the PMSI tunnels of the MVPN instances on the local device.
This may lead to network malfunctions, delivery of packets to
inappropriate destinations, and other problems.
Some of the readable data nodes in this YANG module may be
considered sensitive or vulnerable in some network environments. It
is thus important to control read access (e.g., via get, get-config,
or notification) to these data nodes. These are the subtrees and
data nodes and their sensitivity/vulnerability:
/ni:network-instances/ni:network-instance/ni:ni-
type/l3vpn:l3vpn/l3vpn:l3vpn/l3vpn:ipv4/multicast
/ni:network-instances/ni:network-instance/ni:ni-
type/l3vpn:l3vpn/l3vpn:l3vpn/l3vpn:ipv6/multicast
Unauthorized access to any data node of the above subtree can
disclose the operational state information of MVPN on this device.
6. IANA Considerations 6. IANA Considerations
TBD This document registers the following namespace URIs in the IETF XML
registry [RFC3688]:
URI: urn:ietf:params:xml:ns:yang:ietf-mvpn
Registrant Contact: The IESG.
XML: N/A; the requested URI is an XML namespace.
This document registers the following YANG modules in the YANG
Module Names registry [RFC6020]:
Name: ietf-mvpn
Namespace: urn:ietf:params:xml:ns:yang:ietf-mvpn
Prefix: mvpn
Reference: RFCXXX
7. References 7. References
7.1. Normative References 7.1. Normative References
[RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for
the Network Configuration Protocol (NETCONF)", RFC 6020, the Network Configuration Protocol (NETCONF)", RFC 6020,
October 2010 October 2010
[RFC6037] Rosen, E., Cai, Y., and IJ. Wijnands, "Cisco Systems' [RFC6037] Rosen, E., Cai, Y., and IJ. Wijnands, "Cisco Systems'
skipping to change at page 39, line 8 skipping to change at page 41, line 8
8. Acknowledgments 8. Acknowledgments
The authors would like to thank the following for their valuable The authors would like to thank the following for their valuable
contributions of this document: contributions of this document:
TBD TBD
Authors' Addresses Authors' Addresses
Yisong Liu Yisong Liu
Individual China Mobile
China China
Email: liuyisong.ietf@gmail.com Email: liuyisong@chinamobile.com
Feng Guo Feng Guo
Huawei Technologies Huawei Technologies
China China
Email: guofeng@huawei.com Email: guofeng@huawei.com
Stephane Litkowski Stephane Litkowski
Cisco Cisco
Email: slitkows@cisco.com Email: slitkows@cisco.com
 End of changes. 15 change blocks. 
20 lines changed or deleted 127 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/