draft-ietf-babel-information-model-04.txt   draft-ietf-babel-information-model-05.txt 
Babel routing protocol B. Stark Babel routing protocol B. Stark
Internet-Draft AT&T Internet-Draft AT&T
Intended status: Informational October 22, 2018 Intended status: Informational M. Jethanandani
Expires: April 25, 2019 Expires: September 6, 2019 VMware
March 5, 2019
Babel Information Model Babel Information Model
draft-ietf-babel-information-model-04 draft-ietf-babel-information-model-05
Abstract Abstract
This Babel Information Model can be used to create data models under This Babel Information Model can be used to create data models under
various data modeling regimes (e.g., YANG). It allows a Babel various data modeling regimes. It allows a Babel implementation (via
implementation (via a management protocol such as NETCONF) to report a management protocol or interface) to report on its current state
on its current state and may allow some limited configuration of and may allow some limited configuration of protocol constants.
protocol constants.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on April 25, 2019. This Internet-Draft will expire on September 6, 2019.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3
1.2. Notation . . . . . . . . . . . . . . . . . . . . . . . . 3 1.2. Notation . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 4 2. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. The Information Model . . . . . . . . . . . . . . . . . . . . 5 3. The Information Model . . . . . . . . . . . . . . . . . . . . 7
3.1. Definition of babel-information-obj . . . . . . . . . . . 5 3.1. Definition of babel-information-obj . . . . . . . . . . . 7
3.2. Definition of babel-constants-obj . . . . . . . . . . . . 6 3.2. Definition of babel-constants-obj . . . . . . . . . . . . 9
3.3. Definition of babel-interfaces-obj . . . . . . . . . . . 7 3.3. Definition of babel-interfaces-obj . . . . . . . . . . . 9
3.4. Definition of babel-neighbors-obj . . . . . . . . . . . . 8 3.4. Definition of babel-if-stats-obj . . . . . . . . . . . . 11
3.5. Definition of babel-security-obj . . . . . . . . . . . . 10 3.5. Definition of babel-neighbors-obj . . . . . . . . . . . . 11
3.6. Definition of babel-routes-obj . . . . . . . . . . . . . 11 3.6. Definition of babel-nbr-stats-obj . . . . . . . . . . . . 13
4. Common Objects . . . . . . . . . . . . . . . . . . . . . . . 12 3.7. Definition of babel-routes-obj . . . . . . . . . . . . . 13
4.1. Definition of babel-credential-obj . . . . . . . . . . . 12 3.8. Definition of babel-hmac-obj . . . . . . . . . . . . . . 14
4.2. Definition of babel-log-obj . . . . . . . . . . . . . . . 13 3.9. Definition of babel-hmac-keys-obj . . . . . . . . . . . . 15
5. Extending the Information Model . . . . . . . . . . . . . . . 13 3.10. Definition of babel-dtls-obj . . . . . . . . . . . . . . 16
6. Security Considerations . . . . . . . . . . . . . . . . . . . 13 3.11. Definition of babel-dtls-certs-obj . . . . . . . . . . . 17
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 14 4. Extending the Information Model . . . . . . . . . . . . . . . 18
8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 15 5. Security Considerations . . . . . . . . . . . . . . . . . . . 18
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 15 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 19
9.1. Normative References . . . . . . . . . . . . . . . . . . 15 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 20
9.2. Informative References . . . . . . . . . . . . . . . . . 15 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 20
Appendix A. Open Issues . . . . . . . . . . . . . . . . . . . . 17 8.1. Normative References . . . . . . . . . . . . . . . . . . 20
Appendix B. Change Log . . . . . . . . . . . . . . . . . . . . . 19 8.2. Informative References . . . . . . . . . . . . . . . . . 20
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 21 Appendix A. Open Issues . . . . . . . . . . . . . . . . . . . . 22
Appendix B. Change Log . . . . . . . . . . . . . . . . . . . . . 24
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 28
1. Introduction 1. Introduction
Babel is a loop-avoiding distance-vector routing protocol defined in Babel is a loop-avoiding distance-vector routing protocol defined in
[I-D.ietf-babel-rfc6126bis]. [I-D.ietf-babel-hmac] defines a [I-D.ietf-babel-rfc6126bis]. [I-D.ietf-babel-hmac] defines a
security mechanism that allows Babel messages to be cryptographically security mechanism that allows Babel packets to be cryptographically
authenticated, and [I-D.ietf-babel-dtls] defines a security mechanism authenticated, and [I-D.ietf-babel-dtls] defines a security mechanism
that allows Babel messages to be encrypted. This document describes that allows Babel packets to be encrypted. This document describes
an information model for Babel (including implementations using one an information model for Babel (including implementations using one
of these security mechanisms) that can be used to create management of these security mechanisms) that can be used to create management
protocol data models (such as a NETCONF [RFC6241] YANG [RFC7950] data protocol data models (such as a NETCONF [RFC6241] YANG [RFC7950] data
model). model).
Due to the simplicity of the Babel protocol, most of the information Due to the simplicity of the Babel protocol, most of the information
model is focused on reporting Babel protocol operational state, and model is focused on reporting Babel protocol operational state, and
very little of that is considered mandatory to implement (contingent very little of that is considered mandatory to implement (contingent
on a management protocol with Babel support being implemented). Some on a management protocol with Babel support being implemented). Some
parameters may be configurable. However, it is up to the Babel parameters may be configurable. However, it is up to the Babel
skipping to change at page 3, line 36 skipping to change at page 3, line 38
parameter or object is read-only. "rw" means it is read-write. For parameter or object is read-only. "rw" means it is read-write. For
an object, read-write means instances of the object can be created or an object, read-write means instances of the object can be created or
deleted. If an implementation is allowed to choose to implement a deleted. If an implementation is allowed to choose to implement a
"rw" parameter as read-only, this is noted in the parameter "rw" parameter as read-only, this is noted in the parameter
description. description.
The object definitions use base types that are defined as follows: The object definitions use base types that are defined as follows:
binary A binary string (sequence of octets). binary A binary string (sequence of octets).
boolean A type representing a boolean value. boolean A type representing a Boolean value.
counter A non-negative integer that monotonically increases. counter A non-negative integer that monotonically increases.
Counters may have discontinuities and they are not Counters may have discontinuities and they are not
expected to persist across restarts. expected to persist across restarts.
credentials An opaque type representing credentials needed by a
cryptographic mechanism to secure communication. Data
models must expand this opaque type as needed and
required by the security protocols utilized.
datetime A type representing a date and time using the Gregorian datetime A type representing a date and time using the Gregorian
calendar. The datetime format MUST conform to RFC 3339 calendar. The datetime format MUST conform to RFC 3339
[RFC3339]. [RFC3339].
int A type representing signed or unsigned integer numbers.
This information model does not define a precision nor
does it make a distinction between signed and unsigned
number ranges.
ip-address A type representing an IP address. This type supports ip-address A type representing an IP address. This type supports
both IPv4 and IPv6 addresses. both IPv4 and IPv6 addresses.
operation A type representing a remote procedure call or other
action that can be used to manipulate data elements or
system behaviors.
reference A type representing a reference to another information or
data model element or to some other device resource.
string A type representing a human-readable string consisting of string A type representing a human-readable string consisting of
a (possibly restricted) subset of Unicode and ISO/IEC a (possibly restricted) subset of Unicode and ISO/IEC
10646 [ISO.10646] characters. 10646 [ISO.10646] characters.
uri A type representing a Uniform Resource Identifier as uint A type representing an unsigned integer number. This
defined in STD 66 [RFC3986]. information model does not define a precision.
2. Overview 2. Overview
The Information Model is hierarchically structured as follows: The Information Model is hierarchically structured as follows:
information object +-- babel-information
includes implementation version, router id, this node seqno, +-- babel-implementation-version
enable flag parameters, supported security mechanisms +-- babel-enable
constants object (exactly one per information object) +-- router-id
includes UDP port and optional multicast group +-- babel-supported-link-types
parameters +-- self-seqno
interfaces object +-- babel-metric-comp-algorithms
includes interface reference, Hello seqno and intervals, +-- babel-security-supported
update interval, link type, metric computation parameters +-- babel-hmac-enable
neighbors object +-- babel-hmac-algorithms
includes neighbor IP address, Hello history, cost +-- babel-dtls-enable
parameters +-- babel-dtls-cert-types
security object (per interface) +-- babel-stats-enable
includes enable flag, self credentials (credential +-- babel-stats-reset
object), trusted credentials (credential object) +-- babel-constants
security object (common to all interfaces) | +-- babel-udp-port
includes enable flag, self credentials (credential | +-- babel-mcast-group
object), trusted credentials (credential object) +-- babel-interfaces
routes object | +-- babel-interface-reference
includes route prefix, source router, reference to | +-- babel-interface-enable
advertising neighbor, metric, sequence number, whether | +-- babel-link-type
route is feasible, whether route is selected | +-- babel-interface-metric-algorithm
| +-- babel-mcast-hello-seqno
| +-- babel-mcast-hello-interval
| +-- babel-update-interval
| +-- babel-packet-log-enable
| +-- babel-packet-log
| +-- babel-if-stats
| | +-- babel-sent-mcast-hello
| | +-- babel-sent-mcast-update
| | +-- babel-received-packets
| +-- babel-neighbors
| | +-- babel-neighbor-address
| | +-- babel-hello-mcast-history
| | +-- babel-hello-ucast-history
| | +-- babel-txcost
| | +-- babel-exp-mcast-hello-seqno
| | +-- babel-exp-ucast-hello-seqno
| | +-- babel-ucast-hello-seqno
| | +-- babel-ucast-hello-interval
| | +-- babel-rxcost
| | +-- babel-cost
| | +-- babel-nbr-stats
| | | +-- babel-sent-ucast-hello
| | | +-- babel-sent-ucast-update
| | | +-- babel-sent-IHU
| | | +-- babel-received-hello
| | | +-- babel-received-update
| | | +-- babel-received-IHU
+-- babel-routes
| +-- babel-route-prefix
| +-- babel-route-prefix-length
| +-- babel-route-router-id
| +-- babel-route-neighbor
| +-- babel-route-received-metric
| +-- babel-route-calculated-metric
| +-- babel-route-seqno
| +-- babel-route-next-hop
| +-- babel-route-feasible
| +-- babel-route-selected
+-- babel-hmac
| +-- babel-hmac-algorithm
| +-- babel-hmac-verify
| +-- babel-hmac-interfaces
| | +-- babel-hmac-key-name
| | +-- babel-hmac-key-use-sign
| | +-- babel-hmac-key-use-verify
| | +-- babel-hmac-key-value
+-- babel-dtls
| +-- babel-dtls-interfaces
| +-- babel-dtls-cached-info
| +-- babel-dtls-cert-prefer
| | +-- babel-cert-value
| | +-- babel-cert-type
| | +-- babel-cert-private-key
| | +-- babel-cert-test
Most parameters are read-only. Following is a list of the parameters Most parameters are read-only. Following is a descriptive list of
that are not required to be read-only: the parameters that are not required to be read-only:
o enable/disable Babel o enable/disable Babel
o babel-hmac objects
o babel-dtls objects
o enable/disable statistics collection
o Constant: UDP port o Constant: UDP port
o Constant: IPv6 multicast group o Constant: IPv6 multicast group
o Interface: Link type o Interface: Link type
o Interface: External cost (must be configurable if implemented, but o Interface: External cost (must be configurable if implemented, but
implementation is optional) implementation is optional)
o Interface: enable/disable Babel on this interface o Interface: enable/disable Babel on this interface
o Interface: enable/disable message log o Interface: enable/disable packet log
o Security: enable/disable this security mechanism o HMAC: algorithm
o Security: self credentials o HMAC: verify received packets
o Security: trusted credentials o HMAC: interfaces
o Security: enable/disable security log o HMAC-keys: create new entries
o HMAC-keys: use to sign packets
o HMAC-keys: use to verify packets
o DTLS: interfaces
o DTLS: use cached info extensions
o DTLS: preferred order of certificate types
o DTLS-certs: create new entries
The following parameters are required to return no value when read:
o HMAC key values
o DTLS certificate values
Note that this overview is intended simply to be informative and is Note that this overview is intended simply to be informative and is
not normative. If there is any discrepancy between this overview and not normative. If there is any discrepancy between this overview and
the detailed information model definitions in subsequent sections, the detailed information model definitions in subsequent sections,
the error is in this overview. the error is in this overview.
3. The Information Model 3. The Information Model
3.1. Definition of babel-information-obj 3.1. Definition of babel-information-obj
object { object {
string ro babel-implementation-version; string ro babel-implementation-version;
boolean rw babel-enable; boolean rw babel-enable;
binary ro babel-self-router-id; binary ro babel-self-router-id;
string ro babel-supported-link-types<1..*>; string ro babel-supported-link-types<1..*>;
[int ro babel-self-seqno;] [uint ro babel-self-seqno;]
string ro babel-metric-comp-algorithms<1..*>; string ro babel-metric-comp-algorithms<1..*>;
string ro babel-security-supported<0..*>; string ro babel-security-supported<0..*>;
[boolean ro babel-hmac-enable;]
[string ro babel-hmac-algorithms<1..*>;]
[boolean ro babel-dtls-enable;]
[string ro babel-dtls-cert-types<1..*>;]
[boolean rw babel-stats-enable;]
[operation babel-stats-reset;]
babel-constants-obj ro babel-constants; babel-constants-obj ro babel-constants;
babel-interfaces-obj ro babel-interfaces<0..*>; babel-interfaces-obj ro babel-interfaces<0..*>;
babel-routes-obj ro babel-routes<0..*>; babel-routes-obj ro babel-routes<0..*>;
babel-security-obj ro babel-security<0..*>; [babel-hmac-obj rw babel-hmac<0..*>;]
[babel-dtls-obj rw babel-dtls<0..*>;]
} babel-information-obj; } babel-information-obj;
babel-implementation-version: The name and version of this babel-implementation-version: The name and version of this
implementation of the Babel protocol. implementation of the Babel protocol.
babel-enable: When written, it configures whether the protocol shoud babel-enable: When written, it configures whether the protocol
be enabled (true) or disabled (false). A read from the running or should be enabled (true) or disabled (false). A read from the
intended datastore indicates the configured administrative value running or intended datastore indicates the configured
of whether the protocol is enabled (true) or not (false). A read administrative value of whether the protocol is enabled (true) or
from the operational datastore indicates whether the protocol is not (false). A read from the operational datastore indicates
actually running (true) or not (i.e., it indicates the operational whether the protocol is actually running (true) or not (i.e., it
state of the protocol). A data model that does not replicate indicates the operational state of the protocol). A data model
parameters for running and operational datastores can implement that does not replicate parameters for running and operational
this as two separate parameters. An implementation MAY choose to datastores can implement this as two separate parameters. An
expose this parameter as read-only ("ro"). implementation MAY choose to expose this parameter as read-only
("ro").
babel-self-router-id: The router-id used by this instance of the babel-self-router-id: The router-id used by this instance of the
Babel protocol to identify itself. [I-D.ietf-babel-rfc6126bis] Babel protocol to identify itself. [I-D.ietf-babel-rfc6126bis]
describes this as an arbitrary string of 8 octets. describes this as an arbitrary string of 8 octets.
babel-supported-link-types: Lists the set of link types supported by babel-supported-link-types: Lists the set of link types supported by
this instance of Babel. Valid enumeration values are defined in this instance of Babel. Valid enumeration values are defined in
the Babel Link Types registry (see Section 7). the Babel Link Types registry (see Section 6).
babel-self-seqno: The current sequence number included in route babel-self-seqno: The current sequence number included in route
updates for routes originated by this node. updates for routes originated by this node. This is a 16-bit
unsigned integer.
babel-metric-comp-algorithms: List of supported cost computation babel-metric-comp-algorithms: List of supported cost computation
algorithms. Possible values include "k-out-of-j", and "ETX". algorithms. Possible values include "k-out-of-j", and "ETX".
babel-security-supported: List of supported security mechanisms. As babel-security-supported: List of supported security mechanisms.
Babel security mechanisms are defined, they will need to indicate Possible values include "HMAC" and "DTLS".
what enumeration value is to be used to represent them in this
parameter. babel-hmac-enable: Indicates whether the HMAC security mechanism is
enabled (true) or disabled (false). An implementation MAY choose
to expose this parameter as read-only ("ro").
babel-hmac-algorithms: List of supported HMAC computation
algorithms. Possible values include "HMAC-SHA256", "BLAKE2s".
babel-dtls-enable: Indicates whether the DTLS security mechanism is
enabled (true) or disabled (false). An implementation MAY choose
to expose this parameter as read-only ("ro").
babel-dtls-cert-types: List of supported DTLS certificate types.
Possible values include "X.509" and "RawPublicKey".
babel-stats-enable: Indicates whether statistics collection is
enabled (true) or disabled (false) on all interfaces, including
neighbor-specific statistics (babel-nbr-stats).
babel-stats-reset: An operation that resets all babel-if-stats and
babel-nbr-stats parameters to zero. This operation has no input
or output parameters.
babel-constants: A babel-constants-obj object. babel-constants: A babel-constants-obj object.
babel-interfaces: A set of babel-interface-obj objects. babel-interfaces: A set of babel-interface-obj objects.
babel-security: A babel-security-obj object that applies to all
interfaces. If this object is implemented, it allows a security
mechanism to be enabled or disabled in a manner that applies to
all Babel messages on all interfaces.
babel-routes: A set of babel-route-obj objects. Contains the routes babel-routes: A set of babel-route-obj objects. Contains the routes
known to this node. known to this node.
babel-hmac: A babel-hmac-obj object. If this object is implemented,
it provides access to parameters related to the HMAC security
mechanism. An implementation MAY choose to expose this object as
read-only ("ro").
babel-dtls: A babel-dtls-obj object. If this object is implemented,
it provides access to parameters related to the DTLS security
mechanism. An implementation MAY choose to expose this object as
read-only ("ro").
3.2. Definition of babel-constants-obj 3.2. Definition of babel-constants-obj
object { object {
int rw babel-udp-port; uint rw babel-udp-port;
[ip-address rw babel-mcast-group;] [ip-address rw babel-mcast-group;]
} babel-constants-obj; } babel-constants-obj;
babel-udp-port: UDP port for sending and listening for Babel babel-udp-port: UDP port for sending and listening for Babel
messages. Default is 6696. An implementation MAY choose to packets. Default is 6696. An implementation MAY choose to expose
expose this parameter as read-only ("ro"). this parameter as read-only ("ro"). This is a 16-bit unsigned
integer.
babel-mcast-group: Multicast group for sending and listening to babel-mcast-group: Multicast group for sending and listening to
multicast announcements on IPv6. Default is ff02:0:0:0:0:0:1:6. multicast announcements on IPv6. Default is ff02:0:0:0:0:0:1:6.
An implementation MAY choose to expose this parameter as read-only An implementation MAY choose to expose this parameter as read-only
("ro"). ("ro").
3.3. Definition of babel-interfaces-obj 3.3. Definition of babel-interfaces-obj
object { object {
string ro babel-interface-reference; reference ro babel-interface-reference;
[boolean rw babel-interface-enable;] [boolean rw babel-interface-enable;]
int rw babel-link-type; string rw babel-link-type;
string ro babel-interface-metric-algorithm; string ro babel-interface-metric-algorithm;
[int ro babel-mcast-hello-seqno;] [uint ro babel-mcast-hello-seqno;]
[int ro babel-mcast-hello-interval;] [uint ro babel-mcast-hello-interval;]
[int ro babel-update-interval;] [uint ro babel-update-interval;]
[boolean rw babel-message-log-enable;] [boolean rw babel-packet-log-enable;]
[babel-log-obj ro babel-message-log<0..*>;] [reference ro babel-packet-log;]
[babel-if-stats-obj ro babel-if-stats;]
babel-neighbors-obj ro babel-neighbors<0..*>; babel-neighbors-obj ro babel-neighbors<0..*>;
[babel-security-obj ro babel-interface-security<0..*>;]
} babel-interfaces-obj; } babel-interfaces-obj;
babel-interface-reference: Reference to an interface object as babel-interface-reference: Reference to an interface object as
defined by the data model (e.g., YANG [RFC7950], BBF [TR-181]). defined by the data model (e.g., YANG [RFC7950], BBF [TR-181]).
Data model is assumed to allow for referencing of interface Data model is assumed to allow for referencing of interface
objects which may be at any layer (physical, Ethernet MAC, IP, objects which may be at any layer (physical, Ethernet MAC, IP,
tunneled IP, etc.). referencing syntax will be specific to the tunneled IP, etc.). Referencing syntax will be specific to the
data model. If there is no set of interface objects available, data model. If there is no set of interface objects available,
this should be a string that indicates the interface name used by this should be a string that indicates the interface name used by
the underlying operating system. the underlying operating system.
babel-interface-enable: When written, it configures whether the babel-interface-enable: When written, it configures whether the
protocol should be enabled (true) or disabled (false) on this protocol should be enabled (true) or disabled (false) on this
interface. A read from the running or intended datastore interface. A read from the running or intended datastore
indicates the configured administrative value of whether the indicates the configured administrative value of whether the
protocol is enabled (true) or not (false). A read from the protocol is enabled (true) or not (false). A read from the
operational datastore indicates whether the protocol is actually operational datastore indicates whether the protocol is actually
running (true) or not (i.e., it indicates the operational state of running (true) or not (i.e., it indicates the operational state of
the protocol). A data model that does not replicate parameters the protocol). A data model that does not replicate parameters
for running and operational datastores can implement this as two for running and operational datastores can implement this as two
separate parameters. An implementation MAY choose to expose this separate parameters. An implementation MAY choose to expose this
parameter as read-only ("ro"). parameter as read-only ("ro").
babel-link-type: Indicates the type of link. Valid enumeration babel-link-type: Indicates the type of link. The value MUST be one
values are identified in Babel Link Types registry. An of those listed in the babel-supported-link-types parameter.
implementation MAY choose to expose this parameter as read-only Valid enumeration values are identified in Babel Link Types
("ro"). registry. An implementation MAY choose to expose this parameter
as read-only ("ro").
babel-interface-metric-algorithm: Indicates the metric computation babel-interface-metric-algorithm: Indicates the metric computation
algorithm used on this interface. The value MUST be one of those algorithm used on this interface. The value MUST be one of those
listed in the babel-information-obj babel-metric-comp-algorithms listed in the babel-information-obj babel-metric-comp-algorithms
parameter. parameter.
babel-mcast-hello-seqno: The current sequence number in use for babel-mcast-hello-seqno: The current sequence number in use for
multicast hellos sent on this interface. multicast Hellos sent on this interface. This is a 16-bit
unsigned integer.
babel-mcast-hello-interval: The current interval in use for babel-mcast-hello-interval: The current interval in use for
multicast hellos sent on this interface. multicast Hellos sent on this interface. Units are centiseconds.
This is a 16-bit unsigned integer.
babel-update-interval: The current interval in use for all updates babel-update-interval: The current interval in use for all updates
(multicast and unicast) sent on this interface. (multicast and unicast) sent on this interface. Units are
centiseconds. This is a 16-bit unsigned integer.
babel-message-log-enable: When written, it configures whether babel-packet-log-enable: Indicates whether packet logging is enabled
logging should be enabled (true) or disabled (false). A read from (true) or disabled (false) on this interface.
the running or intended datastore indicates the configured
administrative value of whether logging is enabled (true) or not
(false). A read from the operational datastore indicates whether
logging is actually running (true) or not (i.e., it indicates the
operational state). A data model that does not replicate
parameters for running and operational datastores can implement
this as two separate parameters. An implementation MAY choose to
expose this parameter as read-only ("ro").
babel-message-log: Log entries that have timestamp of a received babel-packet-log: A reference or url link to a file that contains a
Babel message and the entire received Babel message (including timestamped log of packets received and sent on babel-udp-port on
Ethernet frame and IP headers, if possible). An implementation this interface. The [libpcap] file format with .pcap file
must restrict the size of this log, but how and what size is extension SHOULD be supported for packet log files. Logging is
implementation-specific. If this log is implemented, a mechanism enabled / disabled by babel-packet-log-enable.
to clear it SHOULD be provided.
babel-if-stats: Statistics collection object for this interface.
babel-neighbors: A set of babel-neighbors-obj objects. babel-neighbors: A set of babel-neighbors-obj objects.
babel-interface-security: A babel-security-obj object that applies 3.4. Definition of babel-if-stats-obj
to this interface. If implemented, this allows security to be
enabled only on specific interfaces or allows different security
mechanisms to be enabled on different interfaces.
3.4. Definition of babel-neighbors-obj
object { object {
ip-address ro babel-neighbor-address; uint ro babel-sent-mcast-hello;
[binary ro babel-hello-mcast-history;] uint ro babel-sent-mcast-update;
[binary ro babel-hello-ucast-history;] uint ro babel-received-packets;
int ro babel-txcost; } babel-if-stats-obj;
int ro babel-exp-mcast-hello-seqno;
int ro babel-exp-ucast-hello-seqno; babel-sent-mcast-hello: A count of the number of multicast Hello
[int ro babel-ucast-hello-seqno;] packets sent on this interface.
[int ro babel-ucast-hello-interval;]
[int ro babel-rxcost] babel-sent-mcast-update: A count of the number of multicast update
[int ro babel-cost] packets sent on this interface.
babel-received-packets: A count of the number of Babel packets
received on this interface.
3.5. Definition of babel-neighbors-obj
object {
ip-address ro babel-neighbor-address;
[binary ro babel-hello-mcast-history;]
[binary ro babel-hello-ucast-history;]
uint ro babel-txcost;
uint ro babel-exp-mcast-hello-seqno;
uint ro babel-exp-ucast-hello-seqno;
[uint ro babel-ucast-hello-seqno;]
[uint ro babel-ucast-hello-interval;]
[uint ro babel-rxcost;]
[uint ro babel-cost;]
[babel-nbr-stats-obj ro babel-nbr-stats;]
} babel-neighbors-obj; } babel-neighbors-obj;
babel-neighbor-address: IPv4 or IPv6 address the neighbor sends babel-neighbor-address: IPv4 or IPv6 address the neighbor sends
messages from packets from.
babel-hello-mcast-history: The multicast Hello history of whether or babel-hello-mcast-history: The multicast Hello history of whether or
not the multicast Hello messages prior to babel-exp-mcast-hello- not the multicast Hello packets prior to babel-exp-mcast-hello-
seqno were received. A binary sequence where the most recently seqno were received. A binary sequence where the most recently
received Hello is expressed as a "1" placed in the left-most bit, received Hello is expressed as a "1" placed in the left-most bit,
with prior bits shifted right (and "0" bits placed between prior with prior bits shifted right (and "0" bits placed between prior
Hello bits and most recent Hello for any not-received Hellos). Hello bits and most recent Hello for any not-received Hellos).
This value should be displayed using hex digits ([0-9a-fA-F]). This value should be displayed using hex digits ([0-9a-fA-F]).
See [I-D.ietf-babel-rfc6126bis], section A.1. See [I-D.ietf-babel-rfc6126bis], section A.1.
babel-hello-ucast-history: The unicast Hello history of whether or babel-hello-ucast-history: The unicast Hello history of whether or
not the unicast Hello messages prior to babel-exp-ucast-hello- not the unicast Hello packets prior to babel-exp-ucast-hello-seqno
seqno were received. A binary sequence where the most recently were received. A binary sequence where the most recently received
received Hello is expressed as a "1" placed in the left-most bit, Hello is expressed as a "1" placed in the left-most bit, with
with prior bits shifted right (and "0" bits placed between prior prior bits shifted right (and "0" bits placed between prior Hello
Hello bits and most recent Hello for any not-received Hellos). bits and most recent Hello for any not-received Hellos). This
This value should be displayed using hex digits ([0-9a-fA-F]). value should be displayed using hex digits ([0-9a-fA-F]). See
See [I-D.ietf-babel-rfc6126bis], section A.1. [I-D.ietf-babel-rfc6126bis], section A.1.
babel-txcost: Transmission cost value from the last IHU packet babel-txcost: Transmission cost value from the last IHU packet
received from this neighbor, or maximum value (infinity) to received from this neighbor, or maximum value to indicate the IHU
indicate the IHU hold timer for this neighbor has expired. See hold timer for this neighbor has expired. See
[I-D.ietf-babel-rfc6126bis], section 3.4.2. [I-D.ietf-babel-rfc6126bis], section 3.4.2. This is a 16-bit
unsigned integer.
babel-exp-mcast-hello-seqno: Expected multicast Hello sequence babel-exp-mcast-hello-seqno: Expected multicast Hello sequence
number of next Hello to be received from this neighbor. If number of next Hello to be received from this neighbor. If
multicast Hello messages are not expected, or processing of multicast Hello packets are not expected, or processing of
multicast messages is not enabled, this MUST be 0. multicast packets is not enabled, this MUST be 0. This is a
16-bit unsigned integer.
babel-exp-ucast-hello-seqno: Expected unicast Hello sequence number babel-exp-ucast-hello-seqno: Expected unicast Hello sequence number
of next Hello to be received from this neighbor. If unicast Hello of next Hello to be received from this neighbor. If unicast Hello
messages are not expected, or processing of unicast messages is packets are not expected, or processing of unicast packets is not
not enabled, this MUST be 0. enabled, this MUST be 0. This is a 16-bit unsigned integer.
babel-ucast-hello-seqno: The current sequence number in use for babel-ucast-hello-seqno: The current sequence number in use for
unicast hellos sent to this neighbor. unicast hellos sent to this neighbor. This is a 16-bit unsigned
integer.
babel-ucast-hello-interval: The current interval in use for unicast babel-ucast-hello-interval: The current interval in use for unicast
hellos sent to this neighbor. hellos sent to this neighbor. Units are centiseconds. This is a
16-bit unsigned integer.
babel-rxcost: Reception cost calculated for this neighbor. This babel-rxcost: Reception cost calculated for this neighbor. This
value is usually derived from the Hello history, which may be value is usually derived from the Hello history, which may be
combined with other data, such as statistics maintained by the combined with other data, such as statistics maintained by the
link layer. The rxcost is sent to a neighbor in each IHU. See link layer. The rxcost is sent to a neighbor in each IHU. See
[I-D.ietf-babel-rfc6126bis], section 3.4.3. [I-D.ietf-babel-rfc6126bis], section 3.4.3. This is a 16-bit
unsigned integer.
babel-cost: Link cost is computed from the values maintained in the babel-cost: Link cost is computed from the values maintained in the
neighbor table: the statistics kept in the neighbor table about neighbor table: the statistics kept in the neighbor table about
the reception of Hellos, and the txcost computed from received IHU the reception of Hellos, and the txcost computed from received IHU
packets. packets. This is a 16-bit unsigned integer.
3.5. Definition of babel-security-obj babel-nbr-stats: Statistics collection object for this neighbor.
3.6. Definition of babel-nbr-stats-obj
object { object {
string ro babel-security-mechanism uint ro babel-sent-ucast-hello;
boolean rw babel-security-enable; uint ro babel-sent-ucast-update;
babel-credential-obj ro babel-security-self-cred<0..*>; uint ro babel-sent-IHU;
babel-credential-obj ro babel-security-trust<0..*>; uint ro babel-received-hello;
[boolean rw babel-credvalid-log-enable;] uint ro babel-received-update;
[babel-log-obj ro babel-credvalid-log<0..*>;] uint ro babel-received-IHU;
} babel-security-obj; } babel-nbr-stats-obj;
babel-security-mechanism: The name of the security mechanism this babel-sent-ucast-hello: A count of the number of unicast Hello
object instance is about. The value MUST be the same as one of packets sent to this neighbor.
the enumerations listed in the babel-security-supported parameter.
babel-security-enable: When written, it configures whether this babel-sent-ucast-update: A count of the number of unicast update
security mechanism should be enabled (true) or disabled (false). packets sent to this neighbor.
A read from the running or intended datastore indicates the
configured administrative value of whether this security mechanism
is enabled (true) or not (false). A read from the operational
datastore indicates whether this security mechanism is actually
running (true) or not (i.e., it indicates the operational state).
A data model that does not replicate parameters for running and
operational datastores can implement this as two separate
parameters. An implementation MAY choose to expose this parameter
as read-only ("ro").
babel-security-self-cred: Credentials this router presents to babel-sent-IHU: A count of the number of IHU packets sent to this
participate in the enabled security mechanism. Any private key neighbor.
component of a credential MUST NOT be readable. Adding and
deleting credentials MAY be allowed.
babel-security-trust: A set of babel-credential-obj objects that babel-received-hello: A count of the number of Hello packets
identify the credentials of routers whose Babel messages may be received from this neighbor.
trusted or of a certificate authority (CA) whose signing of a
router's credentials implies the router credentials can be
trusted, in the context of this security mechanism. How a
security mechanism interacts with this list is determined by the
mechanism. A security algorithm may do additional validation of
credentials, such as checking validity dates or revocation lists,
so presence in this list may not be sufficient to determine trust.
Adding and deleting credentials MAY be allowed.
babel-credvalid-log-enable: When written, it configures whether babel-received-update: A count of the number of update packets
logging should be enabled (true) or disabled (false). A read from received from this neighbor.
the running or intended datastore indicates the configured
administrative value of whether logging is enabled (true) or not
(false). A read from the operational datastore indicates whether
logging is actually running (true) or not (i.e., it indicates the
operational state). A data model that does not replicate
parameters for running and operational datastores can implement
this as two separate parameters. An implementation MAY choose to
expose this parameter as read-only ("ro").
babel-credvalid-log: Log entries that have the timestamp a message babel-received-IHU: A count of the number of IHU packets received
containing credentials used for peer authentication (e.g., DTLS from this neighbor.
Server Hello) was received on a Babel port, and the entire
received message (including Ethernet frame and IP headers, if
possible). An implementation must restrict the size of this log,
but how and what size is implementation-specific. If this log is
implemented, a mechanism to clear it SHOULD be provided.
3.6. Definition of babel-routes-obj 3.7. Definition of babel-routes-obj
object { object {
ip-address ro babel-route-prefix; ip-address ro babel-route-prefix;
int ro babel-route-prefix-length; uint ro babel-route-prefix-length;
binary ro babel-route-router-id; binary ro babel-route-router-id;
string ro babel-route-neighbor; string ro babel-route-neighbor;
[int ro babel-route-received-metric;] [uint ro babel-route-received-metric;]
[int ro babel-route-calculated-metric;] [uint ro babel-route-calculated-metric;]
int ro babel-route-seqno; uint ro babel-route-seqno;
ip-address ro babel-route-next-hop; ip-address ro babel-route-next-hop;
boolean ro babel-route-feasible; boolean ro babel-route-feasible;
boolean ro babel-route-selected; boolean ro babel-route-selected;
} babel-routes-obj; } babel-routes-obj;
babel-route-prefix: Prefix (expressed in IP address format) for babel-route-prefix: Prefix (expressed in IP address format) for
which this route is advertised. which this route is advertised.
babel-route-prefix-length: Length of the prefix for which this route babel-route-prefix-length: Length of the prefix for which this route
is advertised babel-route-router-id: router-id of the source is advertised.
router for which this route is advertised.
babel-route-router-id: router-id of the source router for which this
route is advertised.
babel-route-neighbor: Reference to the babel-neighbors entry for the babel-route-neighbor: Reference to the babel-neighbors entry for the
neighbor that advertised this route. neighbor that advertised this route.
babel-route-received-metric: The metric with which this route was babel-route-received-metric: The metric with which this route was
advertised by the neighbor, or maximum value (infinity) to advertised by the neighbor, or maximum value to indicate the route
indicate the route was recently retracted and is temporarily was recently retracted and is temporarily unreachable (see
unreachable (see Section 3.5.5 of [I-D.ietf-babel-rfc6126bis]). Section 3.5.5 of [I-D.ietf-babel-rfc6126bis]). This metric will
This metric will be 0 (zero) if the route was not received from a be 0 (zero) if the route was not received from a neighbor but was
neighbor but was generated through other means. Either babel- generated through other means. Either babel-route-calculated-
route-calculated-metric or babel-route-received-metric MUST be metric or babel-route-received-metric MUST be provided. This is a
provided. 16-bit unsigned integer.
babel-route-calculated-metric: A calculated metric for this route. babel-route-calculated-metric: A calculated metric for this route.
How the metric is calculated is implementation-specific. Maximum How the metric is calculated is implementation-specific. Maximum
value (infinity) indicates the route was recently retracted and is value indicates the route was recently retracted and is
temporarily unreachable (see Section 3.5.5 of temporarily unreachable (see Section 3.5.5 of
[I-D.ietf-babel-rfc6126bis]). Either babel-route-calculated- [I-D.ietf-babel-rfc6126bis]). Either babel-route-calculated-
metric or babel-route-received-metric MUST be provided. metric or babel-route-received-metric MUST be provided. This is a
16-bit unsigned integer.
babel-route-seqno: The sequence number with which this route was babel-route-seqno: The sequence number with which this route was
advertised. advertised. This is a 16-bit unsigned integer.
babel-route-next-hop: The next-hop address of this route. This will babel-route-next-hop: The next-hop address of this route. This will
be empty if this route has no next-hop address. be empty if this route has no next-hop address.
babel-route-feasible: A boolean flag indicating whether this route babel-route-feasible: A Boolean flag indicating whether this route
is feasible, as defined in Section 3.5.1 of is feasible, as defined in Section 3.5.1 of
[I-D.ietf-babel-rfc6126bis]). [I-D.ietf-babel-rfc6126bis]).
babel-route-selected: A boolean flag indicating whether this route babel-route-selected: A Boolean flag indicating whether this route
is selected (i.e., whether it is currently being used for is selected (i.e., whether it is currently being used for
forwarding and is being advertised). forwarding and is being advertised).
4. Common Objects 3.8. Definition of babel-hmac-obj
object {
string rw babel-hmac-algorithm;
boolean rw babel-hmac-verify;
boolean rw babel-hmac-apply-all;
reference rw babel-hmac-interfaces<0..*>;
babel-hmac-keys-obj rw babel-hmac-keys<0..*>;
} babel-hmac-obj;
4.1. Definition of babel-credential-obj babel-hmac-algorithm The name of the HMAC algorithm this object
instance uses. The value MUST be the same as one of the
enumerations listed in the babel-hmac-algorithms parameter. An
implementation MAY choose to expose this parameter as read-only
("ro").
object { babel-hmac-verify A Boolean flag indicating whether HMAC hashes in
credentials ro babel-cred; incoming Babel packets are required to be present and are
} babel-credential-obj; verified. If this parameter is "true", incoming packets are
required to have a valid HMAC hash. An implementation MAY choose
to expose this parameter as read-only ("ro").
babel-cred: A credential, such as an X.509 certificate, a public babel-hmac-apply-all: A Boolean flag indicating whether this babel-
key, etc. used for signing and/or encrypting Babel messages. hmac instance is to be used for all interfaces. If "true", this
instance applies to all interfaces and the babel-hmac-interfaces
parameter is ignored. If babel-hmac-apply-all is "true", there
MUST NOT be other instances of the babel-hmac object. If "false",
the babel-hmac-interfaces parameter determines which interfaces
this instance applies to. An implementation MAY choose to expose
this parameter as read-only ("ro").
4.2. Definition of babel-log-obj babel-hmac-interfaces: List of references to the babel-interfaces
entries this babel-hmac entry applies to. This parameter is
ignored if babel-hmac-apply-all is "true". An interface MUST NOT
be listed in multiple instances of the babel-hmac object. An
implementation MAY choose to expose this parameter as read-only
("ro").
object { babel-hmac-keys: A set of babel-hmac-keys-obj objects.
datetime ro babel-log-time;
string ro babel-log-entry;
} babel-log-obj;
babel-log-time: The date and time (according to the device internal 3.9. Definition of babel-hmac-keys-obj
clock setting, which may be a time relative to boot time, acquired
from NTP, configured by the user, etc.) when this log entry was
created.
babel-log-entry: The logged message, as a string of utf-8 encoded object {
hex characters. string ro babel-hmac-key-name;
boolean rw babel-hmac-key-use-sign;
boolean rw babel-hmac-key-use-verify;
binary -- babel-hmac-key-value;
[operation babel-hmac-key-test;]
} babel-hmac-keys-obj;
5. Extending the Information Model babel-hmac-key-name: A unique name for this HMAC key that can be
used to identify the key in this object instance, since the key
value is not allowed to be read. This value can only be provided
when this instance is created, and is not subsequently writable.
babel-key-use-sign: Indicates whether this key value is used to sign
sent Babel packets. Sent packets are signed using this key if the
value is "true". If the value is "false", this key is not used to
sign sent Babel packets. An implementation MAY choose to expose
this parameter as read-only ("ro").
babel-key-use-verify: Indicates whether this key value is used to
verify incoming Babel packets. This key is used to verify
incoming packets if the value is "true". If the value is "false",
no HMAC is computed from this key for comparing an incoming
packet. An implementation MAY choose to expose this parameter as
read-only ("ro").
babel-key-value: The value of the HMAC key. An implementation MUST
NOT allow this parameter to be read. This can be done by always
providing an empty string, or through permissions, or other means.
This value can only be provided when this instance is created, and
is not subsequently writable.
babel-hmac-test: An operation that allows the HMAC key and hash
algorithm to be tested to see if they produce an expected outcome.
Input to this operation is a binary string. The implementation is
expected to create a hash of this string using the babel-hmac-key-
value and the babel-hmac-algorithm. The output of this operation
is the resulting hash, as a binary string.
3.10. Definition of babel-dtls-obj
object {
boolean rw babel-dtls-apply-all;
reference rw babel-dtls-interfaces<0..*>;
[boolean rw babel-dtls-cached-info;]
[string rw babel-dtls-cert-prefer<0..*>;]
babel-dtls-certs-obj rw babel-dtls-certs<0..*>;
} babel-dtls-obj;
babel-dtls-apply-all: A Boolean flag indicating whether this babel-
dtls instance is to be used for all interfaces. If "true", this
instance applies to all interfaces and the babel-dtls-interfaces
parameter is ignored. If babel-dtls-apply-all is "true", there
MUST NOT be other instances of the babel-dtls object. If "false",
the babel-dtls-interfaces parameter determines which interfaces
this instance applies to. An implementation MAY choose to expose
this parameter as read-only ("ro").
babel-dtls-interfaces: List of references to the babel-interfaces
entries this babel-dtls entry applies to. This parameter is
ignored if babel-dtls-apply-all is "true". An interface MUST NOT
be listed in multiple instances of the babel-dtls object. If this
list is empty, then it applies to all interfaces. An
implementation MAY choose to expose this parameter as read-only
("ro").
babel-dtls-cached-info: Indicates whether the cached_info extension
is included in ClientHello and ServerHello packets. The extension
is included if the value is "true". An implementation MAY choose
to expose this parameter as read-only ("ro").
babel-dtls-cert-prefer: List of supported certificate types, in
order of preference. The values MUST be among those listed in the
babel-dtls-cert-types parameter. This list is used to populate
the server_certificate_type extension in a Client Hello. Values
that are present in at least one instance in the babel-dtls-certs
object with a non-empty babel-cert-private-key will be used to
populate the client_certificate_type extension in a Client Hello.
babel-dtls-certs: A set of babel-dtls-keys-obj objects. This
contains both certificates for this implementation to present for
authentication, and to accept from others. Certificates with a
non-empty babel-cert-private-key can be presented by this
implementation for authentication.
3.11. Definition of babel-dtls-certs-obj
object {
string ro babel-cert-value;
string ro babel-cert-type;
binary -- babel-cert-private-key;
[operation babel-cert-test;]
} babel-dtls-certs-obj;
babel-cert-value: The DTLS certificate in PEM format [RFC7468].
This value can only be provided when this instance is created, and
is not subsequently writable.
babel-cert-type: The name of the certificate type of this object
instance. The value MUST be the same as one of the enumerations
listed in the babel-dtls-cert-types parameter. This value can
only be provided when this instance is created, and is not
subsequently writable.
babel-cert-private-key: The value of the private key. If this is
non-empty, this certificate can be used by this implementation to
provide a certificate during DTLS handshaking. An implementation
MUST NOT allow this parameter to be read. This can be done by
always providing an empty string, or through permissions, or other
means. This value can only be provided when this instance is
created, and is not subsequently writable.
babel-cert-test: An operation that allows a hash of the provided
input string to be created using the certificate public key and
the SHA-256 hash algorithm. Input to this operation is a binary
string. The output of this operation is the resulting hash, as a
binary string.
4. Extending the Information Model
Implementations MAY extend this information model with other Implementations MAY extend this information model with other
parameters or objects. For example, an implementation MAY choose to parameters or objects. For example, an implementation MAY choose to
expose Babel route filtering rules by adding a route filtering object expose Babel route filtering rules by adding a route filtering object
with parameters appropriate to how route filtering is done in that with parameters appropriate to how route filtering is done in that
implementation. The precise means used to extend the information implementation. The precise means used to extend the information
model would be specific to the data model the implementation uses to model would be specific to the data model the implementation uses to
expose this information. expose this information.
6. Security Considerations 5. Security Considerations
This document defines a set of information model objects and This document defines a set of information model objects and
parameters that may be exposed to be visible from other devices, and parameters that may be exposed to be visible from other devices, and
some of which may be configured. Securing access to and ensuring the some of which may be configured. Securing access to and ensuring the
integrity of this data is in scope of and the responsibility of any integrity of this data is in scope of and the responsibility of any
data model derived from this information model. Specifically, any data model derived from this information model. Specifically, any
YANG [RFC7950] data model is expected to define security exposure of YANG [RFC7950] data model is expected to define security exposure of
the various parameters, and a [TR-181] data model will be secured by the various parameters, and a [TR-181] data model will be secured by
the mechanisms defined for the management protocol used to transport the mechanisms defined for the management protocol used to transport
it. it.
This information model defines objects that can allow credentials This information model defines objects that can allow credentials
(for this device, for trusted devices, and for trusted certificate (for this device, for trusted devices, and for trusted certificate
authorities) to be added and deleted. Public keys and shared secrets authorities) to be added and deleted. Public keys and shared secrets
may be exposed through this model. This model requires that private may be exposed through this model. This model requires that private
keys never be exposed. The Babel security mechanisms that make use keys never be exposed. The Babel security mechanisms that make use
of these credentials (e.g., [I-D.ietf-babel-dtls], of these credentials (e.g., [I-D.ietf-babel-dtls],
[I-D.ietf-babel-hmac]) are expected to define what credentials can be [I-D.ietf-babel-hmac]) are expected to define what credentials can be
used with those mechanisms. used with those mechanisms.
7. IANA Considerations 6. IANA Considerations
This document defines a Babel Link Type registry for the values of This document defines a Babel Link Type registry for the values of
the babel-link-type and babel-supported-link-types parameters to be the babel-link-type and babel-supported-link-types parameters to be
listed under the Babel Routing Protocol registry. listed under the Babel Routing Protocol registry.
Valid Babel Link Type names are normatively defined as Valid Babel Link Type names are normatively defined as
o MUST be at least 1 character and no more than 20 characters long o MUST be at least 1 character and no more than 20 characters long
o MUST contain only US-ASCII [RFC0020] letters 'A' - 'Z' and 'a' - o MUST contain only US-ASCII [RFC0020] letters 'A' - 'Z' and 'a' -
skipping to change at page 15, line 5 skipping to change at page 20, line 5
| other | to be used when no link type information | (this | | other | to be used when no link type information | (this |
| | available | document) | | | available | document) |
| tunnel | to be used for a tunneled interface over | (this | | tunnel | to be used for a tunneled interface over | (this |
| | unknown physical link | document) | | | unknown physical link | document) |
| wireless | [IEEE-802.11-2016] | (this | | wireless | [IEEE-802.11-2016] | (this |
| | | document) | | | | document) |
| exp-* | Reserved for Experimental Use | (this | | exp-* | Reserved for Experimental Use | (this |
| | | document) | | | | document) |
+----------+-------------------------------------------+------------+ +----------+-------------------------------------------+------------+
8. Acknowledgements 7. Acknowledgements
Juliusz Chroboczek, Toke Hoeiland-Joergensen, David Schinazi, Mahesh Juliusz Chroboczek, Toke Hoeiland-Joergensen, David Schinazi, Acee
Jethanandani, Acee Lindem, and Carsten Bormann have been very helpful Lindem, and Carsten Bormann have been very helpful in refining this
in refining this information model. information model.
The language in the Notation section was mostly taken from [RFC8193]. The language in the Notation section was mostly taken from [RFC8193].
9. References 8. References
9.1. Normative References 8.1. Normative References
[I-D.ietf-babel-rfc6126bis] [I-D.ietf-babel-rfc6126bis]
Chroboczek, J. and D. Schinazi, "The Babel Routing Chroboczek, J. and D. Schinazi, "The Babel Routing
Protocol", draft-ietf-babel-rfc6126bis-05 (work in Protocol", draft-ietf-babel-rfc6126bis-07 (work in
progress), May 2018. progress), November 2018.
[libpcap] Wireshark, "Libpcap File Format", 2015,
<https://wiki.wireshark.org/Development/
LibpcapFileFormat>.
[RFC0020] Cerf, V., "ASCII format for network interchange", STD 80, [RFC0020] Cerf, V., "ASCII format for network interchange", STD 80,
RFC 20, DOI 10.17487/RFC0020, October 1969, RFC 20, DOI 10.17487/RFC0020, October 1969,
<https://www.rfc-editor.org/info/rfc20>. <https://www.rfc-editor.org/info/rfc20>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC7468] Josefsson, S. and S. Leonard, "Textual Encodings of PKIX,
PKCS, and CMS Structures", RFC 7468, DOI 10.17487/RFC7468,
April 2015, <https://www.rfc-editor.org/info/rfc7468>.
[RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for
Writing an IANA Considerations Section in RFCs", BCP 26, Writing an IANA Considerations Section in RFCs", BCP 26,
RFC 8126, DOI 10.17487/RFC8126, June 2017, RFC 8126, DOI 10.17487/RFC8126, June 2017,
<https://www.rfc-editor.org/info/rfc8126>. <https://www.rfc-editor.org/info/rfc8126>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>. May 2017, <https://www.rfc-editor.org/info/rfc8174>.
9.2. Informative References 8.2. Informative References
[I-D.ietf-babel-dtls] [I-D.ietf-babel-dtls]
Decimo, A., Schinazi, D., and J. Chroboczek, "Babel Decimo, A., Schinazi, D., and J. Chroboczek, "Babel
Routing Protocol over Datagram Transport Layer Security", Routing Protocol over Datagram Transport Layer Security",
draft-ietf-babel-dtls-01 (work in progress), October 2018. draft-ietf-babel-dtls-04 (work in progress), February
2019.
[I-D.ietf-babel-hmac] [I-D.ietf-babel-hmac]
Do, C., Kolodziejak, W., and J. Chroboczek, "Babel Do, C., Kolodziejak, W., and J. Chroboczek, "HMAC
Cryptographic Authentification", draft-ietf-babel-hmac-00 authentication for the Babel routing protocol", draft-
(work in progress), August 2018. ietf-babel-hmac-03 (work in progress), December 2018.
[IEEE-802.11-2016] [IEEE-802.11-2016]
"IEEE Standard 802.11-2016 - IEEE Standard for Information "IEEE Standard 802.11-2016 - IEEE Standard for Information
Technology - Telecommunications and information exchange Technology - Telecommunications and information exchange
between systems Local and metropolitan area networks - between systems Local and metropolitan area networks -
Specific requirements - Part 11: Wireless LAN Medium Specific requirements - Part 11: Wireless LAN Medium
Access Control (MAC) and Physical Layer (PHY) Access Control (MAC) and Physical Layer (PHY)
Specifications.". Specifications.".
[IEEE-802.3-2018] [IEEE-802.3-2018]
skipping to change at page 17, line 7 skipping to change at page 22, line 20
Schoenwaelder, "Information Model for Large-Scale Schoenwaelder, "Information Model for Large-Scale
Measurement Platforms (LMAPs)", RFC 8193, Measurement Platforms (LMAPs)", RFC 8193,
DOI 10.17487/RFC8193, August 2017, DOI 10.17487/RFC8193, August 2017,
<https://www.rfc-editor.org/info/rfc8193>. <https://www.rfc-editor.org/info/rfc8193>.
[TR-181] Broadband Forum, "Device Data Model", [TR-181] Broadband Forum, "Device Data Model",
<http://cwmp-data-models.broadband-forum.org/>. <http://cwmp-data-models.broadband-forum.org/>.
Appendix A. Open Issues Appendix A. Open Issues
1. I want to get rid of the security log, because all Babel messages All open issues have been closed.
(which should be defined as all messages to/from the udp-port)
are be logged by message-log. I don't like message log as it is.
I think if logging is enabled it should just write to a text
file. This will mean there also needs to be a means of
downloading/reading the log file.
2. Consider the following statistics: under interface object: sent Closed Issues:
multicast Hello, sent updates, received Babel messages; under
neighbor object: sent unicast Hello, sent updates, sent IHU,
received Hello, received updates, received IHUs. Would also need
to enable/disable stats and clear stats.
3. Security section needs furter review 1. HMAC spec adds other parameters to neighbor table. Check these
to see if any need to be readable or writable. / None were
identified.
4. Commands to add and delete credentials, and parameters that allow 2. Actions to add and delete HMAC and DTLS credentials, and
credential to be identified without allowing access to private parameters that allow credential to be identified without
credential info allowing access to private credential info. Will have separate
sub-tables for HMAC and DTLS credentials. / Instead, there is a
normative statement that the parameter values must never be
supplied when read.
5. Check description of enable parameters to make sure ok for YANG 3. Consider the following statistics: under interface object: sent
and TR-181. Closed by updating description to be useful for YANG multicast Hello, sent updates, received Babel messages; under
and TR-181, using language consistent with YANG descriptions. neighbor object: sent unicast Hello, sent updates, sent IHU,
received Hello, received updates, received IHUs. Would also
need to enable/disable stats and clear stats.
6. Distinguish signed and unsigned integers? 4. Message log (optional to implement) is still in. Support for
the libpcap file format is "SHOULD".
7. Review new IANA Considerations section. Should ABNF be 5. Single security table with (optional) reference to interfaces
normative? that security mechanism applies to. / This actually became
separate objects for DTLS and HMAC.
Closed Issues: 6. Should ABNF be normative in IANA Considerations section?
Decision was to leave it as is.
1. Datatype of the router-id: Closed by introducing binary datatype 7. I want to get rid of the security log, because all Babel
messages (which should be defined as all messages to/from the
udp-port) are be logged by message-log. I don't like message
log as it is. I think if logging is enabled it should just
write to a text file. This will mean there also needs to be a
means of downloading/reading the log file. Closed by having
single log for all messages to/from udp port and log is
represented by a string that can be reference to filename or
some other part of the overall data model (depends on data
model).
8. Check description of enable parameters to make sure ok for YANG
and TR-181. Closed by updating description to be useful for
YANG and TR-181, using language consistent with YANG
descriptions. Done.
9. Distinguish signed and unsigned integers? All integers are
unsigned and size is mentioned in description of each uint
parameter.
10. Datatype of the router-id: Closed by introducing binary datatype
and using that for router-id and using that for router-id
2. babel-neighbor-address as IPv6-only: Closed by leaving as is 11. babel-neighbor-address as IPv6-only: Closed by leaving as is
(IPv4 and IPv6) (IPv4 and IPv6)
3. babel-implementation-version includes the name of the 12. babel-implementation-version includes the name of the
implementation: Closed by adding "name" to description implementation: Closed by adding "name" to description
4. Delete external-cost?: Closed by deleting. 13. Delete external-cost?: Closed by deleting.
5. Would it be useful to define some parameters for reporting 14. Would it be useful to define some parameters for reporting
statistics or logs? [2 logs are now included. If others are statistics or logs? [2 logs are now included. If others are
needed they need to be proposed. See Open Issues for additional needed they need to be proposed. See Open Issues for additional
thoughts on logs and statistics.] thoughts on logs and statistics.]
6. Closed by defining base64 type and using it for all router IDs: 15. Closed by defining base64 type and using it for all router IDs:
"babel-self-router-id: Should this be an opaque 64-bit value "babel-self-router-id: Should this be an opaque 64-bit value
instead of int?" instead of int?"
7. Closed as "No": Do we need a registry for the supported security 16. Closed as "No": Do we need a registry for the supported security
mechanisms? [Given the current limited set, and unlikelihood of mechanisms? [Given the current limited set, and unlikelihood of
massive expansion, I don't think so. But we can if someone massive expansion, I don't think so. But we can if someone
wants it.] wants it.]
8. This draft must be reviewed against draft-ietf-babel-rfc6126bis. 17. This draft must be reviewed against draft-ietf-babel-rfc6126bis.
[I feel like this has been adequately done, but I could be [I feel like this has been adequately done, but I could be
wrong.] wrong.]
9. babel-interfaces-obj: Juliusz:"This needs further discussion, I 18. babel-interfaces-obj: Juliusz:"This needs further discussion, I
fear some of these are implementation details." [In the absence fear some of these are implementation details." [In the absence
of discussion, the current model stands. Note that all but of discussion, the current model stands. Note that all but
link-type and the neighbors sub-object are optional. If an link-type and the neighbors sub-object are optional. If an
implementation does not have any of the optional elements then implementation does not have any of the optional elements then
it simply doesn't have them and that's fine.] it simply doesn't have them and that's fine.]
10. Would it be useful to define some parameters specifically for 19. Would it be useful to define some parameters specifically for
security anomalies? [The 2 logs should be useful in identifying security anomalies? [The 2 logs should be useful in identifying
security anomalies. If more is needed, someone needs to security anomalies. If more is needed, someone needs to
propose.] propose.]
11. I created a basic security model. It's useful for single (or 20. I created a basic security model. It's useful for single (or
no) active security mechanism (e.g., just HMAC, just DTLS, or no) active security mechanism (e.g., just HMAC, just DTLS, or
neither); but not multiple active (both HMAC and DTLS -- which neither); but not multiple active (both HMAC and DTLS -- which
is not the same as HMAC of DTLS and would just mean that HMAC is not the same as HMAC of DTLS and would just mean that HMAC
would be used on all unencrypted messages -- but right now the would be used on all unencrypted messages -- but right now the
model doesn't allow for configuring HMAC of unencrypted messages model doesn't allow for configuring HMAC of unencrypted messages
for routers without DTLS, while DTLS is used if possible). OK? for routers without DTLS, while DTLS is used if possible). OK?
[No-one said otherwise.] [No-one said otherwise.]
12. babel-external-cost may need more work. [if no comment, it will 21. babel-external-cost may need more work. [if no comment, it will
be left as is] be left as is]
13. babel-hello-[mu]cast-history: the Hello history is formated as 22. babel-hello-[mu]cast-history: the Hello history is formated as
16 bits, per A.1 of 6126bis. Is that a too implementation 16 bits, per A.1 of 6126bis. Is that a too implementation
specific? [We also now have an optional-to-implement log of specific? [We also now have an optional-to-implement log of
received messages, and I made these optional. So maybe this is received messages, and I made these optional. So maybe this is
ok?] ok?]
14. rxcost, txcost, cost: is it ok to model as integers, since 23. rxcost, txcost, cost: is it ok to model as integers, since
6126bis 2.1 says costs and metrics need not be integers. [I 6126bis 2.1 says costs and metrics need not be integers. [I
have them as integers unless someone insists on something else.] have them as integers unless someone insists on something else.]
15. For the security log, should it also log whether the credentials 24. For the security log, should it also log whether the credentials
were considered ok? [Right now it doesn't and I think that's ok were considered ok? [Right now it doesn't and I think that's ok
because if you log Hellos it was ok and if you don't it wasn't.] because if you log Hellos it was ok and if you don't it wasn't.]
16. Should Babel link types have an IANA registry? [Agreed to do 25. Should Babel link types have an IANA registry? [Agreed to do
this at IETF 102.] this at IETF 102.]
Appendix B. Change Log Appendix B. Change Log
Individual Drafts: Individual Drafts:
v00 2016-07-07 EBD: Initial individual draft version v00 2016-07-07 EBD: Initial individual draft version
v01 2017-03-13: Addressed comments received in 2016-07-15 email from v01 2017-03-13: Addressed comments received in 2016-07-15 email from
J. Chroboczek J. Chroboczek
Working group drafts: Working group drafts:
v00 2017-07-03: Addressed points noted with "oops" in v00 2017-07-03: Addressed points noted with "oops" in
https://www.ietf.org/proceedings/98/slides/slides-98-babel-babel- https://www.ietf.org/proceedings/98/slides/slides-98-babel-babel-
information-model-00.pdf information-model-00.pdf
v01 2018-01-02: Removed item from issue list that was agreed (in v01 2018-01-02: Removed item from issue list that was agreed (in
skipping to change at page 21, line 43 skipping to change at page 27, line 28
* in log descriptions, included statement that there SHOULD be * in log descriptions, included statement that there SHOULD be
ability to clear logs ability to clear logs
* added IANA registry for link types * added IANA registry for link types
* added "ro" and "rw" to tables for read-write and read-only * added "ro" and "rw" to tables for read-write and read-only
* added metric computation parameter to interface * added metric computation parameter to interface
Author's Address v05 2019-01-15:
* security modeled with single table under information-obj and
references to interfaces that instance applies to
* changed int to uint because all integers in model were
unsigned; added size of integer to description of each uint
parameter
* deleted log object and made single message log that points to
file or other data model object used to maintain logs
* deleted babel-credentials; there are no more "common" objects;
hmac keys and DTLS certificates are more explicitly modeled
* changed definition of babel-security-supported
* added parameters for HMAC and DTLS
* added statistics
* changed all instances of "message" to "packet"
Authors' Addresses
Barbara Stark Barbara Stark
AT&T AT&T
Atlanta, GA Atlanta, GA
US US
Email: barbara.stark@att.com Email: barbara.stark@att.com
Mahesh Jethanandani
VMware
California
US
Email: mjethanandani@gmail.com
 End of changes. 122 change blocks. 
312 lines changed or deleted 597 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/