draft-ietf-isis-yang-isis-cfg-39.txt   draft-ietf-isis-yang-isis-cfg-40.txt 
IS-IS Working Group S. Litkowski IS-IS Working Group S. Litkowski
Internet-Draft Cisco Systems Internet-Draft Cisco Systems
Intended status: Standards Track D. Yeung Intended status: Standards Track D. Yeung
Expires: March 29, 2020 Arrcus, Inc Expires: March 31, 2020 Arrcus, Inc
A. Lindem A. Lindem
Cisco Systems Cisco Systems
J. Zhang J. Zhang
Juniper Networks Juniper Networks
L. Lhotka L. Lhotka
CZ.NIC CZ.NIC
September 26, 2019 September 28, 2019
YANG Data Model for IS-IS Protocol YANG Data Model for IS-IS Protocol
draft-ietf-isis-yang-isis-cfg-39 draft-ietf-isis-yang-isis-cfg-40
Abstract Abstract
This document defines a YANG data model that can be used to configure This document defines a YANG data model that can be used to configure
and manage the IS-IS protocol on network elements. and manage the IS-IS protocol on network elements.
Requirements Language Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
skipping to change at page 1, line 46 skipping to change at page 1, line 46
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 29, 2020. This Internet-Draft will expire on March 31, 2020.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 11, line 32 skipping to change at page 11, line 32
} }
container level-2 { container level-2 {
uses isis:overload-global-cfg; uses isis:overload-global-cfg;
description description
"Level 2 configuration."; "Level 2 configuration.";
} }
} }
If an implementation does not support per-level configuration for a If an implementation does not support per-level configuration for a
parameter modeled with per-level configuration, the implementation parameter modeled with per-level configuration, the implementation
SHOULD advertise a deviation to announce the non-support of the should advertise a deviation to announce the non-support of the
level-1 and level-2 containers. level-1 and level-2 containers.
Finally, if an implementation supports per-level configuration but Finally, if an implementation supports per-level configuration but
does not support the level-1-2 configuration, it SHOULD also does not support the level-1-2 configuration, it should also
advertise a deviation. advertise a deviation.
2.4. Per-Interface Parameters 2.4. Per-Interface Parameters
The per-interface section of the IS-IS instance describes the The per-interface section of the IS-IS instance describes the
interface-specific parameters. interface-specific parameters.
The interface is modeled as a reference to an existing interface The interface is modeled as a reference to an existing interface
defined in the "ietf-interfaces" YANG model ([RFC8343]. defined in the "ietf-interfaces" YANG model ([RFC8343].
skipping to change at page 40, line 5 skipping to change at page 40, line 5
"Unknown alternate type."; "Unknown alternate type.";
} }
} }
description description
"Type of alternate."; "Type of alternate.";
} }
leaf best { leaf best {
type boolean; type boolean;
description description
"Is set when the alternate is the preferred one, "Is set when the alternate is the preferred one,
is unset otherwise."; is clear otherwise.";
} }
leaf non-best-reason { leaf non-best-reason {
type string { type string {
length "1..255"; length "1..255";
} }
description description
"Information field to describe why the alternate "Information field to describe why the alternate
is not best. The length should be limited to 255 is not best. The length should be limited to 255
unicode characters. The expected format is a single unicode characters. The expected format is a single
line text."; line text.";
skipping to change at page 106, line 36 skipping to change at page 106, line 36
Denial-of-Service (DoS) attack. For example, adding IS-IS on any Denial-of-Service (DoS) attack. For example, adding IS-IS on any
unprotected interface could allow an IS-IS adjacency to be formed unprotected interface could allow an IS-IS adjacency to be formed
with an unauthorized and malicious neighbor. Once an adjacency is with an unauthorized and malicious neighbor. Once an adjacency is
formed, traffic could be hijacked. As a simpler example, a Denial- formed, traffic could be hijacked. As a simpler example, a Denial-
of-Service attack could be mounted by changing the cost of an IS-IS of-Service attack could be mounted by changing the cost of an IS-IS
interface to be asymmetric such that a hard routing loop ensues. In interface to be asymmetric such that a hard routing loop ensues. In
general, unauthorized modification of most IS-IS features will pose general, unauthorized modification of most IS-IS features will pose
their own set of security risks and the "Security Considerations" in their own set of security risks and the "Security Considerations" in
the respective reference RFCs should be consulted. the respective reference RFCs should be consulted.
Some of the readable data nodes in the ietf-isi.yang module may be Some of the readable data nodes in the ietf-isis.yang module may be
considered sensitive or vulnerable in some network environments. It considered sensitive or vulnerable in some network environments. It
is thus important to control read access (e.g., via get, get-config, is thus important to control read access (e.g., via get, get-config,
or notification) to these data nodes. The exposure of the Link State or notification) to these data nodes. The exposure of the Link State
Database (LSDB) will expose the detailed topology of the network. Database (LSDB) will expose the detailed topology of the network.
The Link State Database (LSDB) is represented by the following schema The Link State Database (LSDB) is represented by the following schema
node: node:
/isis/database /isis/database
Exposure of the Link State Database includes information beyond the Exposure of the Link State Database includes information beyond the
 End of changes. 8 change blocks. 
8 lines changed or deleted 8 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/