Babel Working Group                                      M. Jethanandani
Internet-Draft                                                    VMware
Intended status: Standards Track                                B. Stark
Expires: June 21, September 6, 2019                                          AT&T
                                                       December 18, 2018
                                                           March 5, 2019

                       YANG Data Model for Babel
                     draft-ietf-babel-yang-model-00
                     draft-ietf-babel-yang-model-01

Abstract

   This document defines a data model for the Babel routing protocol.
   The data model is defined using the YANG data modeling language.

Requirements Language

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in BCP 14
   [RFC2119][RFC8174] when, and only when, they appear in all capitals,
   as shown here..

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on June 21, September 6, 2019.

Copyright Notice

   Copyright (c) 2018 2019 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
     1.1.  Note to RFC Editor  . . . . . . . . . . . . . . . . . . .   2
     1.2.  Definitions and Acronyms  . . . . . . . . . . . . . . . .   2
     1.2.   3
     1.3.  Tree Diagram  . . . . . . . . . . . . . . . . . . . . . .   3
   2.  Babel Module  . . . . . . . . . . . . . . . . . . . . . . . .   3
     2.1.  Information Model . . . . . . . . . . . . . . . . . . . .   3
     2.2.  YANG Module . . . . . . . . . . . . . . . . . . . . . . .   3   5
   3.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .  21  33
     3.1.  URI Registrations . . . . . . . . . . . . . . . . . . . .  21  33
     3.2.  YANG Module Name Registration . . . . . . . . . . . . . .  21  33
   4.  Security Considerations . . . . . . . . . . . . . . . . . . .  22  33
   5.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .  22  34
   6.  References  . . . . . . . . . . . . . . . . . . . . . . . . .  22  34
     6.1.  Normative References  . . . . . . . . . . . . . . . . . .  22  34
     6.2.  Informative References  . . . . . . . . . . . . . . . . .  23  34
   Appendix A.  An Appendix  . . . . . . . . . . . . . . . . . . . .  24  35
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  24  35

1.  Introduction

   This document defines a data model for the Babel routing protocol
   [I-D.ietf-babel-rfc6126bis].  The data model is defined using the YANG
   1.1 [RFC7950] data modeling language. language and is Network Management
   Datastore Architecture (NDMA) [RFC8342] compatible.  It is based on
   the Babel Information Model [I-D.ietf-babel-information-model].

1.1.  Note to RFC Editor

   Artwork in this document contains shorthand references to drafts in
   progress.  Please apply the following replacements and remove this
   note before publication.

   o  "XXXX" --> the assigned RFC value for this draft both in this
      draft and in the YANG models under the revision statement.

   o  "ZZZZ" --> the assigned RFC value for Babel Information Model
      [I-D.ietf-babel-information-model]

   o  Revision date in model, in the format 2018-04-27 2019-03-07 needs to get
      updated with the date the draft gets approved.  The date also
      needs to get reflected on the line with <CODE BEGINS>.

1.1.

1.2.  Definitions and Acronyms

   o

1.2.

1.3.  Tree Diagram

   For a reference to the annotations used in tree diagrams included in
   this draft, please see YANG Tree Diagrams [RFC8340].

2.  Babel Module

   This document defines a YANG 1.1 [RFC7950] data model for the
   configuration and management of Babel.  The YANG module is based on
   the Babel Information Model [I-D.ietf-babel-information-model].

2.1.  Information Model

2.2.  YANG Module

   This module imports definitions from Common YANG Data Types
   [RFC6991].

   The following diagram illustrates a top level hierarchy of the model.
   In addition to information like the version number implemented by
   this device, the model contains subtrees on constants, interfaces,
   routes and security.

   module: ietf-babel
     augment /rt:routing/rt:control-plane-protocols
               /rt:control-plane-protocol:
       +--rw babel!
        +--rw
          +--ro version?                  string
          +--rw enable?                   boolean
        +--rw
          +--ro router-id                 binary
          +--rw link-type*                identityref
          +--ro sequence-number?          yang:counter32          uint16
          +--rw cost-compute-algorithm* metric-comp-algorithms*   identityref
          +--rw security-supported*       identityref
          +--rw transport
        |  +--rw udp-port?      inet:port-number
        |  +--rw mcast-group?   inet:ip-address
        +--rw interfaces* [reference]
        |  +--rw reference               if:interface-ref
        |  +--rw enable? hmac-enable?              boolean
        |
          +--rw link-type? hmac-algorithms*          identityref
        |  +--ro mcast-hello-seqno?      int16
        |  +--ro ucast-hello-seqno?      int16
        |  +--ro mcast-hello-interval?   int16
        |  +--ro ucast-hello-interval?   int16
        |  +--rw update-interval?        uint32
        |
          +--rw external-cost?          uint32
        |  +--rw message-log-enable? dtls-enable?              boolean
        |  +--rw message-log* [log-time]
        |  |  +--rw log-time     yang:timestamp
        |  |  +--rw log-entry?   string
        |  +--rw neighbor-objects* [neighbor-address]
        |  |  +--rw neighbor-address         inet:ip-address
        |  |  +--rw hello-mcast-history?     string
        |  |  +--rw hello-ucast-history?     string
        |  |  +--rw txcost?                  int32
        |  |  +--rw exp-mcast-hello-seqno?   int32
        |  |  +--rw exp-ucast-hello-seqno?   int32
        |  |  +--rw neighbor-ihu-interval?   int32
        |  |  +--rw rxcost?                  int32
        |  |
          +--rw cost?                    int32
        |  +--rw security* [mechanism]
        |     +--rw mechanism               string
        | dtls-cert-types*          identityref
          +--rw enable? stats-enable?             boolean
        |     +--rw self-cred* [id]
        |     |  +--rw id      string
        |     |  +--rw cred?   binary
        |     +--rw trust* [id]
        |     |  +--rw id      string
        |     |  +--rw cred?   binary
        |
          +--rw credvalid-log-enable?   boolean constants
          |     ...
          +--rw credvalid-log* [log-time] interfaces* [reference]
          |     ...
          +--rw log-time     yang:timestamp hmac* [algorithm]
          |     ...
          +--rw log-entry?   string
        +--rw dtls* [name]
                ...
     augment /rt:routing/rt:ribs/rt:rib/rt:routes/rt:route:
       +--ro routes* [prefix]
        |  +--rw
          +--ro prefix                    inet:ip-address
        |  +--rw prefix-length?                     inet:ip-prefix
        |  +--rw
          +--ro router-id?                 binary
        |  +--rw
          +--ro neighbor?
        |  |       -> ../../interfaces/neighbor-objects/neighbor-address
        |  +--rw                  leafref
          +--ro (metric)
          |  |  +--:(received-metric)
        |  |  |  +--rw received-metric?    int32
        |  |  +--:(calcuated-metric)
        |  |     +--rw calcuated-metric?   int32
        |  +--rw     ...
          +--ro seqno?                    int32
        |  +--rw                     uint16
          +--ro next-hop?                  inet:ip-address
        |  +--rw
          +--ro feasible?                  boolean
        |  +--rw
          +--ro selected?                  boolean
        +--rw security* [mechanism]
           +--rw

   The interfaces subtree describes attributes such as interface object
   that is being referenced, the type of link as enumerated by Babel
   Link Types, and whether the interface is enabled or not.

   The constants subtree describes the UDP port used for sending and
   receiving Babel messages, and the multicast group used to send and
   receive announcements on IPv6.

   The routes subtree describes objects such as the prefix for which the
   route is advertised, a reference to the neighboring route, and next-
   hop address.

   Finally, for security two subtree are defined.  The hmac subtree
   which refers to parameters related to HMAC security mechanism.  The
   boolean flag apply-all indicates whether HMAC mechanism is applicable
   for all interfaces or just for interfaces listed in the leaf-list
   'interfaces'.  The dtls subtree refers to parameters related to DTLS
   security mechanism.  Similar to the HMAC mechanism, the boolean flag
   apply-all indicates whether DTLS mechanism is applicable for all
   interfaces or just for interfaces listed in the leaf-list
   'interfaces'.

2.2.  YANG Module

   This module augments A YANG Data Model for Interface Management
   [RFC8343], YANG Routing Management [RFC8349], and imports definitions
   from Common YANG Data Types [RFC6991].

   module: ietf-babel
     augment /rt:routing/rt:control-plane-protocols
               /rt:control-plane-protocol:
       +--rw babel!
          +--ro version?                  string
          +--rw enable?                   boolean
          +--ro router-id                 binary
          +--rw link-type*                identityref
          +--ro sequence-number?          uint16
          +--rw metric-comp-algorithms*   identityref
          +--rw security-supported*       identityref
          +--rw hmac-enable?              boolean
          +--rw hmac-algorithms*          identityref
          +--rw dtls-enable?              boolean
          +--rw dtls-cert-types*          identityref
          +--rw stats-enable?             boolean
          +--rw self-cred* [id] constants
          |  +--rw id      string udp-port?      inet:port-number
          |  +--rw cred?   binary mcast-group?   inet:ip-address
          +--rw trust* [id] interfaces* [reference]
          |  +--rw id      string reference               if:interface-ref
          |  +--rw cred?   binary enable?                 boolean
          |  +--rw link-type?              identityref
          |  +--rw metric-algorithm?       identityref
          |  +--ro mcast-hello-seqno?      uint16
          |  +--ro mcast-hello-interval?   uint16
          |  +--rw update-interval?        uint16
          |  +--rw credvalid-log-enable? packet-log-enable?      boolean
          |  +--rw packet-log?             inet:uri
          |  +--ro stats
          |  |  +--ro sent-mcast-hello?    yt:counter32
          |  |  +--ro sent-mcast-update?   yt:counter32
          |  |  +--ro received-packets?    yt:counter32
          |  |  +---x reset
          |  |     +---w input
          |  |     |  +---w reset-at?   yt:date-and-time
          |  |     +--ro output
          |  |        +--ro reset-finished-at?   yt:date-and-time
          |  +--rw credvalid-log* [log-time] neighbor-objects* [neighbor-address]
          |     +--rw log-time     yang:timestamp neighbor-address         inet:ip-address
          |     +--rw log-entry? hello-mcast-history?     string

  <CODE BEGINS> file "ietf-babel@2018-12-18.yang"

  module ietf-babel {
    yang-version
          |     +--rw hello-ucast-history?     string
          |     +--rw txcost?                  int32
          |     +--rw exp-mcast-hello-seqno?   uint16
          |     +--rw exp-ucast-hello-seqno?   uint16
          |     +--rw ucast-hello-seqno?       uint16
          |     +--rw ucast-hello-interval?    uint16
          |     +--rw rxcost?                  int32
          |     +--rw cost?                    int32
          |     +--ro stats
          |        +--ro sent-ucast-hello?    yt:counter32
          |        +--ro sent-ucast-update?   yt:counter32
          |        +--ro sent-ihu?            yt:counter32
          |        +--ro received-hello?      yt:counter32
          |        +--ro received-update?     yt:counter32
          |        +--ro received-ihu?        yt:counter32
          |        +---x reset
          |           +---w input
          |           |  +---w reset-at?   yt:date-and-time
          |           +--ro output
          |              +--ro reset-finished-at?   yt:date-and-time
          +--rw hmac* [algorithm]
          |  +--rw algorithm     identityref
          |  +--rw verify        boolean
          |  +--rw apply-all     boolean
          |  +--rw interfaces*   if:interface-ref
          |  +--rw hmac-keys* [name]
          |     +--rw name          string
          |     +--rw use-sign      boolean
          |     +--rw use-verify    boolean
          |     +--rw value         binary
          |     +---x test
          |        +---w input
          |        |  +---w test-string    binary
          |        +--ro output
          |           +--ro resulting-hash    binary
          +--rw dtls* [name]
             +--rw name           string
             +--rw apply-all      boolean
             +--rw interfaces*    if:interface-ref
             +--rw cached-info?   boolean
             +--rw cert-prefer*   identityref
             +--rw certs* [name]
                +--rw name           string
                +--rw value          string
                +--rw type           identityref
                +--rw private-key    binary
                +---x test
                   +---w input
                   |  +---w test-string    binary
                   +--ro output
                      +--ro resulting-hash    binary
     augment /rt:routing/rt:ribs/rt:rib/rt:routes/rt:route:
       +--ro routes* [prefix]
          +--ro prefix                     inet:ip-prefix
          +--ro router-id?                 binary
          +--ro neighbor?                  leafref
          +--ro (metric)
          |  +--:(received-metric)
          |  |  +--ro received-metric?     uint16
          |  +--:(calculated-metric)
          |     +--ro calculated-metric?   uint16
          +--ro seqno?                     uint16
          +--ro next-hop?                  inet:ip-address
          +--ro feasible?                  boolean
          +--ro selected?                  boolean

<CODE BEGINS> file "ietf-babel@2019-03-07.yang"

module ietf-babel {
  yang-version 1.1;
  namespace "urn:ietf:params:xml:ns:yang:ietf-babel";
  prefix babel;

  import ietf-yang-types {
    prefix yang; yt;
    reference
      "RFC 6991 - Common YANG Data Types.";
  }
  import ietf-inet-types {
    prefix inet;
    reference
      "RFC 6991 - Common YANG Data Types.";
  }
  import ietf-interfaces {
    prefix if;
    reference
      "RFC 8343 - A YANG Data Model for Interface Management";
  }
  import ietf-routing {
    prefix "rt";
    reference
      "RFC 8349 - YANG Routing Management";
  }

  organization
    "IETF Babel routing protocl protocol Working Group";

  contact
    "WG Web: http://tools.ietf.org/wg/babel/
     WG List: babel@ietf.org

     Editor: Mahesh Jethanandani
             mjethanandani@gmail.com
     Editor: Barbara Stark
             bs7652@att.com";

  description
    "This YANG module defines a model for the Babel routing
     protocol.

     Copyright (c) 2018 IETF Trust and the persons identified as
     the document authors.  All rights reserved.
     Redistribution and use in source and binary forms, with or
     without modification, is permitted pursuant to, and subject
     to the license terms contained in, the Simplified BSD
     License set forth in Section 4.c of the IETF Trust's Legal
     Provisions Relating to IETF Documents
     (http://trustee.ietf.org/license-info).

     This version of this YANG module is part of RFC XXXX; see
     the RFC itself for full legal notices.";

  revision 2018-12-18 2019-03-07 {
    description
      "Initial version.";
    reference
      "RFC XXX: Babel YANG Data Model.";
  }

  /*
   * Identities
   */
  identity babel-link-type link-type {
    description
      "Base identity from which all Babel Link Types are derived.";
  }

  identity ethernet {
    base "babel-link-type"; "link-type";
    description
      "Ethernet link type for Babel Routing Protocol.";
  }
  identity other {
    base "babel-link-type"; "link-type";
    description
      "Other link type for Babel Routing Protocol.";
  }
    identity tunnel
  identity tunnel {
    base "link-type";
    description
      "Tunnel link type for Babel Routing Protocol.";
  }
  identity wireless {
    base "link-type";
    description
      "Wireless link type for Babel Routing Protocol.";
  }
  identity moca {
    base "link-type";
    description
      "Multimedia over Coax Alliance.";
  }
  identity g-hn-over-coax {
    base "link-type";
    description
      "G.hn over coax.";
    reference
      "G.9960: Unified high-speed wireline-base home networking
       transceivers.";
  }
  identity g-hn-over-powerline {
    base "link-type";
    description
      "G.hn over powerline.";
    reference
      "G.9960: Unified high-speed wireline-base home networking
       transceivers.";
  }
  identity home-plug {
    base "link-type";
    description
      "HomePlug Power Alliance.";

    reference
      "IEEE 1901: HD-PC";
  }
  identity ieee-802-15 {
    base "link-type";
    description
      "Wireless Personal Area Networks (WPAN).";
    reference
      "IEEE 802.15: Wireless Personal Area Networks (WPAN).";
  }

  identity metric-comp-algorithms {
    description
      "Base identity from which all Babel metric comp algorithms
       are derived.";
  }
  identity k-out-of-j {
    base "metric-comp-algorithms";
    description
      "k-out-of-j algorithm.";
  }
  identity etx {
    base "metric-comp-algorithms";
    description
      "Expected Transmission Count.";
  }

  /*
   * Babel security type identities
   */
  identity security-supported {
    description
      "Base identity from which all Babel security types are
       derived.";
  }

  identity hmac {
    base security-supported;
    description
      "HMAC supported.";
  }

  identity dtls {
    base security-supported;
    description
      "Datagram Transport Layer Security (DTLS) supported.";
    reference
      "RFC 6347, Datagram Transport Layer Security Version 1.2.";

  }

  /*
   * Babel HMAC algorithms identities.
   */
  identity hmac-algorithms {
    description
      "Base identity for all Babel HMAC algorithms.";
  }

  identity hmac-sha256 {
    base hmac-algorithms;
    description
      "HMAC-SHA256 algorithm supported.";
  }

  identity blake2s {
    base hmac-algorithms;
    description
      "BLAKE2s algorithm supported.";
    reference
      "RFC 7693, The BLAKE2 Cryptographic Hash and Message
       Authentication Code (MAC).";
  }

  /*
   * Babel Cert Types
   */
  identity dtls-cert-types {
    description
      "Base identity for Babel DTLS certificate types.";
  }

  identity x-509 {
    base dtls-cert-types;
    description
      "X.509 certificate type.";
  }

  identity raw-public-key {
    base dtls-cert-types;
    description
      "Raw Public Key type.";
  }

  /*
   * Babel routing protocol identity.
   */

  identity babel {
    base "rt:control-plane-protocol";
    description
      "Babel routing protocol";
  }

  /*
   * Features
   */

  /*
   * Features supported
   */

  /*
   * Typedefs
   */

  /*
   * Groupings
   */
  grouping routes {
    list routes {
      key "prefix";

      leaf prefix {
        type inet:ip-prefix;
        description
          "Prefix (expressed in ip-address/prefix-length format) for
           which this route is advertised.";
        reference
          "RFC ZZZZ, Babel Information Model, Section 3.6.";
      }

      leaf router-id {
        type binary;
        description
          "router-id of the source router for which this route is
           advertised.";
        reference
          "RFC ZZZZ, Babel Information Model, Section 3.6.";
      }

      leaf neighbor {
        type leafref {
          path "/rt:routing/rt:control-plane-protocols/" +
               "rt:control-plane-protocol/babel/interfaces/" +
               "neighbor-objects/neighbor-address";

        }
        description
          "Reference to the babel-neighbors entry for the neighbor
           that advertised this route.";
        reference
          "RFC ZZZZ, Babel Information Model, Section 3.6.";
      }

      choice metric {
        mandatory "true";
        leaf received-metric {
          type uint16;
          description
            "The metric with which this route was advertised by the
             neighbor, or maximum value (infinity) to indicate a the
             route was recently retracted and is temporarily
             unreachable. this metric will be 0 (zero) if the route
             was not received from a neighbor but was generated
             through other means. Either babel-route-calculated-metric
             or babel-route-received-metric MUST be provided.";
          reference
            "RFC ZZZZ, Babel Information Model, Section 3.6,
             draft-ietf-babel-rfc6126bis, The Babel Routing Protocol,
             Section 3.5.5.";
        }

        leaf calculated-metric {
          type uint16;
          description
            "A calculated metric for this route. How the metric is
             calculated is implementation-specific. Maximum value
             (infinity) indicates the route was recently retracted
             and is temporarily unreachable. Either
             babel-route-calculated-metric or
             babel-route-received-metric MUST be provided.";
          reference
            "RFC ZZZZ, Babel Information Model, Section 3.6,
             draft-ietf-babel-rfc6126bis, The Babel Routing Protocol,
             Section 3.5.5.";
        }
        description
          "Either babel-route-calculated-metric or
           babel-route-received-metric MUST be provided.";
        reference
          "RFC ZZZZ, Babel Information Model, Section 3.6,
           draft-ietf-babel-rfc6126bis, The Babel Routing Protocol,
           Section 3.5.5.";
      }
      leaf seqno {
        type uint16;
        description
          "The sequence number with which this route was advertised.";
        reference
          "RFC ZZZZ, Babel Information Model, Section 3.6.";
      }

      leaf next-hop {
        type inet:ip-address;
        description
          "The next-hop address of this route. This will be empty if
           this route has no next-hop address.";
        reference
          "RFC ZZZZ, Babel Information Model, Section 3.6.";
      }

      leaf feasible {
        type boolean;
        description
          "A boolean flag indicating whether this route is feasible.";
        reference
          "RFC ZZZZ, Babel Information Model, Section 3.6,
           draft-ietf-babel-rfc6126bis, The Babel Routing Protocol,
           Section 3.5.1.";
      }

      leaf selected {
        type boolean;
        description
          "A boolean flag indicating whether this route is selected,
           i.e., whether it is currently being used for forwarding and
           is being advertised.";
        reference
          "RFC ZZZZ, Babel Information Model, Section 3.6.";
      }
      description
        "A set of babel-route-obj objects. Includes received and
         routes routes.";
      reference
        "RFC ZZZZ, Babel Information Model, Section 3.1.";
    }
    description
      "Common grouping for routing used in RIB augmentation.";
  }

  /*
   * Data model
   */

  augment "/rt:routing/rt:control-plane-protocols/" +
    "rt:control-plane-protocol" {
    when "derived-from-or-self(rt:type, 'babel')" {
      description
        "Augmentation is valid only when the instance of routing type
         is of type 'babel'.";
    }
    description
      "Augment the routing module to support features such as VRF.";
    reference
      "YANG Routing Management, RFC 8349, Lhotka & Lindem, March
       2018.";

    container babel {
      presence "A Babel container.";

      leaf version {
        type string;
        config false;
        description
          "The name and version of this implementation of the Babel
           protocol.";
        reference
          "RFC ZZZZ, Babel Information Model, Section 3.1.";
      }

      leaf enable {
        type boolean;
        default false;
        description
          "When written, it configures whether the protocol should be
           enabled. A read from the <running> or <intended> datastore
           therefore indicates the configured administrative value of
           whether the protocol is enabled or not.

           A read from the <operational> datastore indicates whether
           the protocol is actually running or not, i.e. it indicates
           the operational state of the protocol.";
        reference
          "RFC ZZZZ, Babel Information Model, Section 3.1.";
      }

      leaf router-id {
      base "babel-link-type";
      description
        "Tunnel link
        type for binary;
        config false;
        mandatory "true";
        description
          "Every Babel speaker is assigned a router-id, which is an
           arbitrary string of 8 octets that is assumed to be unique
           across the routing domain";
        reference
          "RFC ZZZZ, Babel Information Model, Section 3.1,
           rfc6126bis, The Babel Routing Protocol."; Protocol. Section 3.";
      }
    identity wireless

      leaf-list link-type {
      base "babel-link-type";
      description
        "Wireless link
        type for Babel Routing Protocol.";
    }
    identity moca identityref {
          base "babel-link-type";
      description
        "Multimedia over Coax Alliance."; "link-type";
        }
    identity g-hn-over-coax {
      base "babel-link-type";
        description
        "G.hn over coax.";
          "Link types supported by this implementation of Babel.";
        reference
        "G.9960: Unified high-speed wireline-base home networking
         transceivers.";
          "RFC ZZZZ, Babel Information Model, Section 3.1.";
      }
    identity g-hn-over-powerline

      leaf sequence-number {
      base "babel-link-type";
        type uint16;
        config false;
        description
        "G.hn over powerline.";
          "Sequence number included in route updates for routes
         originated by this node.";
        reference
        "G.9960: Unified high-speed wireline-base home networking
         transceivers.";
          "RFC ZZZZ, Babel Information Model, Section 3.1.";
      }
    identity home-plug

      leaf-list metric-comp-algorithms {
      base "babel-link-type";
      description
        "HomePlug Power Alliance.";
      reference
        "IEEE 1901: HD-PC";
    }
    identity ieee-802-15
        type identityref {
          base "babel-link-type";
      description
        "Wireless Personal Area Networks (WPAN).";
      reference
        "IEEE 802.15: Wireless Personal Area Networks (WPAN)."; "metric-comp-algorithms";
        }

    identity babel-cost-compute-algorithm {
        description
        "Base identity from which all Babel
          "List of cost compute algorithms
         are derived."; supported by this
           implementation of Babel.";
        reference
          "RFC ZZZZ, Babel Information Model, Section 3.1.";
      }
    identity k-out-of-j

      leaf-list security-supported {
      base "babel-cost-compute-algorithm";
      description
        "k-out-of-j algorithm.";
    }
    identity etx
        type identityref {
          base "babel-cost-compute-algorithm";
      description
        "Expected Transmission Count."; "security-supported";
        }

    /*
     * Babel type identities
     */
    identity babel-security-supported {
        description
        "Base identity from which all Babel
          "Babel security types are
         derived.";
    }

    /*
     * Features
     */

    /*
     * Features supported
     */

    /*
     * Typedefs
     */
    typedef base64 mechanism used by this implementation or
           per interface.";
        reference
          "RFC ZZZZ, Babel Information Model, Section 3.1.";
      }

      leaf hmac-enable {
        type string {
        pattern '(([A-Za-z0-9+/]{4})*([A-Za-z0-9+/]{3}=|'
              + '[A-Za-z0-9+/]{2}==)?){1}';
      } boolean;
        description
        "A binary-to-text encoding scheme to represent binary data in
         an ASCII string format.";
          "Indicates whether the HMAC security mechanism is enabled
           (true) or disabled (false).";
        reference
          "RFC 4648, The Base16, Base32, and Base64 Data Encodings"; ZZZZ, Babel Information Model, Section 3.1.";
      }

    /*
     * Groupings
     */
    grouping log {
      leaf log-time

      leaf-list hmac-algorithms {
        type yang:timestamp; identityref {
          base hmac-algorithms;
        }
        description
          "The date and time (according to the device internal
           clock setting, which may be a time relative to boot
           time, acquired from NTP, configured by the user, etc.)
           when this log entry was created.";
          "List of supported HMAC computation algorithms. Possible
           values include 'HMAC-SHA256', 'BLAKE2s'.";
        reference
          "RFC YYYY, ZZZZ, Babel Information Model, Section 4.2."; 3.1.";
      }

      leaf log-entry dtls-enable {
        type string; boolean;
        description
          "The logged message, as a string of utf-8 encoded hex
           characters.";
          "Indicates whether the DTLS security mechanism is enabled
           (true) or disabled (false).";
        reference
          "RFC YYYY, ZZZZ, Babel Information Model, Section 4.2."; 3.1.";
      }

      leaf-list dtls-cert-types {
        type identityref {
          base dtls-cert-types;
        }
        description
        "A babel-log-obj list.";
          "List of supported DTLS certificate types. Possible values
           include 'X.509' and 'RawPublicKey'.";
        reference
          "RFC YYYY, ZZZZ, Babel Information Model, Section 4.2."; 3.1.";
      }

    grouping credential

      leaf stats-enable {
        type boolean;
        description
          "Indicates whether statistics collection is enabled (true)
           or disabled (false) on all interfaces, including
           neighbor-specific statistics (babel-nbr-stats).";
      }

      container constants {
        leaf id udp-port {
          type string; inet:port-number;
          default "6696";
          description
          "An identifier that identifies this credential uniquely.";
            "UDP port for sending and receiving Babel messages. The
             default port is 6696.";
          reference
            "RFC ZZZZ, Babel Information Model, Section 3.2.";
        }

        leaf cred mcast-group {
          type binary; inet:ip-address;
          default "ff02:0:0:0:0:0:1:6";
          description
          "A credential, such as an X.509 certificate, a public key,
           etc. used
            "Multicast group for signing and/or encrypting babel messages."; sending and receiving multicast
             announcements on IPv6.";
          reference
            "RFC YYYY, ZZZZ, Babel Information Model, Section 4.1."; 3.2.";
        }
        description
        "A babel-credential-obj list.";
          "Babel Constants object.";
        reference
          "RFC YYYY, ZZZZ, Babel Information Model, Section 4.1."; 3.1.";
      }

    grouping security

      list interfaces {
        key "reference";

        leaf mechanism reference {
          type string; if:interface-ref;
          description
          "The name of the security mechanism this
            "Reference to an interface object instance as defined by the data
             model (e.g., YANG, BBF TR-181); data model is about. The value MUST assumed to
             allow for referencing of interface objects which may be at
             any layer (physical, Ethernet MAC, IP, tunneled IP, etc.).
             Referencing syntax will be specific to the same as one data model. If
             there is no set of interface objects available, this should
             be a string that indicates the
           identities listed as interface name used by the babel-security-supported
           parameter.";
             underlying operating system.";
          reference
            "RFC YYYY, ZZZZ, Babel Information Model, Section 3.5."; 3.3.";
        }

        leaf enable {
          type boolean;
          default "true";
          description
            "If true, the security mechanism is running. babel sends and receives messages on this
             interface. If false,
           the security mechanism is not currently running.";
        reference
          "RFC YYYY, Babel Information Model, Section 3.5.";
      }
      list self-cred {
        key "id";

        uses credential;
        description
          "Credentials babel messages received on this router presents to participate in the
           enabled security mechanism. Any private key component of
           a credential MUST NOT be readable. Adding
             interface are ignored and deleting
           credentials MAY be allowed."; none are sent.";
          reference
            "RFC YYYY, ZZZZ, Babel Information Model, Section 3.5."; 3.3.";
        }

      list trust

        leaf link-type {
        key "id";

        uses credential;
          type identityref {
            base link-type;
          }
          default "ethernet";
          description
          "A list of credential-obj objects that identify
            "Indicates the
           credentials of routers whose babel messages may be
           trusted or type of a certificate authority (CA) whose signing link. Set of a router's credentials implies the router credentials
           can be trusted, in the context values of this security
           mechanism. How a security mechanism interacts with this
           list is determined by supported
             link types where the mechanism. A security algorithm
           may do additional validation of credentials, such as
           checking validity dates or revocation lists, so presence
           in this list may not following enumeration values MUST
             be sufficient to determine trust.
           Adding supported when applicable: 'ethernet', 'wireless',
             'tunnel', and deleting credentials 'other'. Additional values MAY be allowed.";
             supported.";
          reference
            "RFC YYYY, ZZZZ, Babel Information Model, Section 3.5."; 3.3.";
        }

        leaf credvalid-log-enable metric-algorithm {
          type boolean;
        description
          "If true, logging of messages that include credentials
           used for authentication is enabled. If false, these
           messages are not logged.";
        reference
          "RFC YYYY, Babel Information Model, Section 3.5.";
      }

      list credvalid-log identityref {
        key "log-time";

        uses log;
            base metric-comp-algorithms;
          }
          default "k-out-of-j";
          description
          "Log entries that have
            "Indicates the timestamp a message containing
           credentials metric computation algorithm used for peer authentication (e.g., DTLS
           Server Hello) was received on a Babel port, and the
           entire received message (including Ethernet frame and IP
           headers, if possible); an implementation must restrict
           the size this
             interface. The value MUST be one of those listed in the
             babel-information-obj babel-metric-comp-algorithms
             parameter.";
        }

        leaf mcast-hello-seqno {
          type uint16;
          config false;
          description
            "The current sequence number in use for multicast hellos
           sent on this log, but how and what size is
           implementation-specific."; interface.";
          reference
            "RFC YYYY, ZZZZ, Babel Information Model, Section 3.5."; 3.3.";
        }

        leaf mcast-hello-interval {
          type uint16;
          config false;
          description
        "A babel-security-obj list.";
            "The current multicast hello interval in use for hellos
             sent on this interface.";
          reference
            "RFC YYYY, ZZZZ, Babel Information Model, Section 3.5."; 3.3.";
        }

    /*
     * Data model
     */
    container babel

        leaf update-interval {
      presence "A Babel container.";
          type uint16;
          units centiseconds;
          description
        "This is a top level container
            "The current update interval in use for the this interface.
             Units are centiseconds.";
          reference
            "RFC ZZZZ, Babel routing protocol."; Information Model, Section 3.3.";
        }

        leaf version packet-log-enable {
          type string; boolean;
          description
          "This is the version
            "If true, logging of the babel protocol implemented."; packets received on this
             interface is enabled; if false, babel packets are not
             logged.";
          reference
            "RFC YYYY, ZZZZ, Babel Information Model, Section 3.1."; 3.3.";
        }

        leaf enable packet-log {
          type boolean;
        default false; inet:uri;
          description
          "When written, it configures whether the protocol should be
           enabled. A read from the <running>
            "A reference or <intended> datastore
           therefore indicates the configured adminstrative value url link to a file that contains a
             timestamped log of
           whether the protocol packets received and sent on
             babel-udp-port on this interface. The [libpcap] file
             format with .pcap file extension SHOULD be supported for
             packet log files. Logging is enabled or not.

           A read from the <operational> datastore indicates whether
           the protocol is actually running or not, i.e. it indicates
           the operational state of the protocol."; / disabled by
             packet-log-enable.";
          reference
            "RFC YYYY, ZZZZ, Babel Information Model, Section 3.1."; 3.3.";
        }

        container stats {
          config false;
          leaf router-id sent-mcast-hello {
            type binary;
        mandatory "true"; yt:counter32;
            description
          "Every Babel speaker is assigned a router-id, which is an
           arbitrary string
              "A count of 8 octets that is assumed to be unique
           across the routing domain"; number of multicast Hello packets sent
               on this interface.";
            reference
              "RFC YYYY, ZZZZ, Babel Information Model, Section 3.1,
           rfc6126bis, The Babel Routing Protocol. Section 3."; 3.4.";
          }

      leaf-list link-type

          leaf sent-mcast-update {
            type identityref {
          base "babel-link-type";
        } yt:counter32;
            description
          "Link types supported by this implementation
              "A count of the number of Babel."; multicast update packets sent
               on this interface.";
            reference
              "RFC YYYY, ZZZZ, Babel Information Model, Section 3.1."; 3.4.";
          }

          leaf sequence-number received-packets {
            type yang:counter32;
        config false; yt:counter32;
            description
          "Sequence
              "A count of the number included in route updates for routes
           originated by of Babel packets received on
               this node."; interface.";
            reference
              "RFC YYYY, ZZZZ, Babel Information Model, Section 3.1."; 3.4.";
          }

      leaf-list cost-compute-algorithm
          action reset {
            input {
              leaf reset-at {
                type identityref yt:date-and-time;
                description
                  "The time when the reset was issued.";
              }
            }
            output {
          base "babel-cost-compute-algorithm";
              leaf reset-finished-at {
                type yt:date-and-time;
                description
                  "The time when the reset finished.";
              }
            }
          }
          description
          "List of cost compute algorithms supported by
            "Statistics collection object for this
           implementation of Babel."; interface.";
          reference
            "RFC YYYY, ZZZZ, Babel Information Model, Section 3.1."; 3.3.";
        }

      leaf-list security-supported

        list neighbor-objects {
        type identityref
          key "neighbor-address";

          leaf neighbor-address {
          base "babel-security-supported";
        }
            type inet:ip-address;
            description
          "Babel security mechanism used by this implementation
              "IPv4 or
           per interface."; v6 address the neighbor sends packets from.";
            reference
              "RFC YYYY, ZZZZ, Babel Information Model, Section 3.1."; 3.5.";
          }

      container transport {

          leaf udp-port hello-mcast-history {
            type inet:port-number;
          default "6696"; string;
            description
            "UDP port
              "The multicast Hello history of whether or not the
               multicast Hello packets prior to babel-exp-mcast-
               hello-seqno were received, with a '1' for sending the most
               recent Hello placed in the most significant bit and receiving Babel messages. The
             default port is 6696.";
               prior Hellos shifted right (with '0' bits placed
               between prior Hellos and most recent Hello for any
               not-received Hellos); represented as a string using
               utf-8 encoded hex digits where a '1' bit = Hello
               received and a '0' bit = Hello not received.";
            reference
              "RFC YYYY, ZZZZ, Babel Information Model, Section 3.2."; 3.5.";
          }

          leaf mcast-group hello-ucast-history {
            type inet:ip-address;
          default "ff02:0:0:0:0:0:1:6"; string;
            description
            "Multicast group
              "The unicast Hello history of whether or not the
               unicast Hello packets prior to babel-exp-ucast-
               hello-seqno were received, with a '1' for sending the most
               recent Hello placed in the most significant bit and
               prior Hellos shifted right (with '0' bits placed
               between prior Hellos and most recent Hello for any
               not-received Hellos); represented as a string using
               utf-8 encoded hex digits where a '1' bit = Hello
               received and receiving multicast
             announcements on IPv6.";
          reference
            "RFC YYYY, Babel Information Model, Section 3.2.";
        }
        description
          "Babel Transport object."; a '0' bit = Hello not received.";
            reference
              "RFC YYYY, ZZZZ, Babel Information Model, Section 3.1."; 3.5.";
          }
      list interfaces {
        key "reference";

          leaf reference txcost {
            type if:interface-ref; int32;
            default "0";
            description
            "Reference to an interface object as defined by the data
             model (e.g., YANG, BBF TR-181); data model is assumed to
             allow for referencing of interface objects which may be at
             any layer (physical, Ethernet MAC, IP, tunneled IP, etc.).
             Referencing syntax will be specific to
              "Transmission cost value from the data model. If
             there is no set of interface objects available, last IHU packet
               received from this should
             be a string that neighbor, or maximum value
               (infinity) to indicates the interface name used by the
             underlying operating system."; IHU hold timer for this
               neighbor has expired description.";
            reference
              "RFC YYYY, ZZZZ, Babel Information Model, Section 3.3."; 3.5.";
          }

          leaf enable exp-mcast-hello-seqno {
            type boolean; uint16;
            default "true"; "0";
            description
            "If true, babel sends and receives messages on this
             interface. If false, babel messages
              "Expected multicast Hello sequence number of next Hello
               to be received on from this
             interface are ignored and none neighbor; if multicast Hello
               packets are sent."; not expected, or processing of multicast
               packets is not enabled, this MUST be 0.";
            reference
              "RFC YYYY, ZZZZ, Babel Information Model, Section 3.3."; 3.5.";
          }

          leaf link-type exp-ucast-hello-seqno {
            type identityref {
            base babel-link-type;
          } uint16;
            default "0";
            description
            "Indicates the type of link. Set of values
              "Expected unicast Hello sequence number of supported
             link types where the following enumeration values MUST next Hello to
               be supported when applicable: 'ethernet', 'wireless',
             'tunnel', and 'other'. Additional values MAY received from this neighbor; if unicast Hello
               packets are not expected, or processing of unicast
               packets is not enabled, this MUST be
             supported."; 0.";
            reference
              "RFC YYYY, ZZZZ, Babel Information Model, Section 3.3."; 3.5.";
          }

          leaf mcast-hello-seqno ucast-hello-seqno {
            type int16;
          config false; uint16;
            description
            "The current
              "Expected unicast Hello sequence number in use for multicast hellos
             sent on of next Hello
               to be received from this interface."; neighbor. If unicast Hello
               packets are not expected, or processing of unicast
               packets is not enabled, this MUST be 0.";
            reference
              "RFC YYYY, ZZZZ, Babel Information Model, Section 3.3."; 3.5.";
          }

          leaf ucast-hello-seqno ucast-hello-interval {
            type int16;
          config false; uint16;
            units centiseconds;
            description
              "The current sequence number interval in use for unicast hellos sent on to
               this interface."; neighbor. Units are centiseconds.";
            reference
              "RFC YYYY, ZZZZ, Babel Information Model, Section 3.3."; 3.5.";
          }
          leaf mcast-hello-interval rxcost {
            type int16;
          config false; int32;
            description
            "The current multicast hello interval in use
              "Reception cost calculated for hellos
             sent on this interface."; neighbor. This value
               is usually derived from the Hello history, which may be
               combined with other data, such as statistics maintained
               by the link layer. The rxcost is sent to a neighbor in
               each IHU.";
            reference
              "RFC YYYY, ZZZZ, Babel Information Model, Section 3.3."; 3.5.";
          }

          leaf ucast-hello-interval cost {
            type int16; int32;
            description
              "Link cost is computed from the values maintained in
               the neighbor table. The statistics kept in the neighbor
               table about the reception of Hellos, and the txcost
               computed from received IHU packets.";
            reference
              "RFC ZZZZ, Babel Information Model, Section 3.5.";
          }

          container stats {
            config false;
            leaf sent-ucast-hello {
              type yt:counter32;
              description
            "The current
                "A count of the number of unicast hello interval in use for hellos Hello packets sent
             on
                 to this interface."; neighbor.";
              reference
                "RFC YYYY, ZZZZ, Babel Information Model, Section 3.3."; 3.6.";
            }

            leaf update-interval sent-ucast-update {
              type uint32; yt:counter32;
              description
            "The current
                "A count of the number of unicast update interval in use for packets sent
                 to this interface."; neighbor.";
              reference
                "RFC YYYY, ZZZZ, Babel Information Model, Section 3.3."; 3.6.";
            }

            leaf external-cost sent-ihu {
              type uint32; yt:counter32;
              description
            "External input to cost of link
                "A count of this interface. If
             supported, this is a value that is added to the metrics number of routes learned over this interface. How an
             implementation uses the value is up to the implementation,
             which means the use may not be consistent across
             implementations."; IHU packets sent to this
                 neighbor.";

              reference
                "RFC YYYY, ZZZZ, Babel Information Model, Section 3.3."; 3.6.";
            }

            leaf message-log-enable received-hello {
              type boolean; yt:counter32;
              description
            "If true, logging
                "A count of babel messages the number of Hello packets received on from
                 this
             interface is enabled; if false, babel messages are not
             logged."; neighbor.";
              reference
                "RFC YYYY, ZZZZ, Babel Information Model, Section 3.3."; 3.6.";
            }

        list message-log

            leaf received-update {
          key "log-time";

          uses log;
              type yt:counter32;
              description
            "Log entries that have timestamp
                "A count of a received Babel
             message and the entire received Babel message (including
             Ethernet frame and IP headers, if possible). An
             implementation must restrict the size number of update packets received
                 from this log, but how
             and what size is implementation specific."; neighbor.";
              reference
                "RFC YYYY, ZZZZ, Babel Information Model, Section 3.3."; 3.6.";
            }

        list neighbor-objects {
          key "neighbor-address";

            leaf neighbor-address received-ihu {
              type inet:ip-address; yt:counter32;
              description
              "IPv4 or v6 address
                "A count of the neighbor sends messages from."; number of IHU packets received from
                 this neighbor.";
              reference
                "RFC YYYY, ZZZZ, Babel Information Model, Section 3.4."; 3.6.";
            }

            action reset {
              input {
                leaf hello-mcast-history reset-at {
                  type string; yt:date-and-time;
                  description
                    "The multicast Hello history of whether or not the
               multicast Hello messages prior to babel-exp-mcast-
               hello-seqno were received, with a '1' for time the most
               recent Hello placed in reset was issued.";
                }
              }
              output {
                leaf reset-finished-at {
                  type yt:date-and-time;
                  description
                    "The time when the most significant bit and
               prior Hellos shifted right (with '0' bits placed
               between prior Hellos and most recent Hello reset operation finished.";
                }
              }
            }
            description
              "Statistics collection object for any
               not-received Hellos); represented as a string using
               utf-8 encoded hex digits where a '1' bit = Hello
               received and a '0' bit = Hello not received."; this neighbor.";
            reference
              "RFC YYYY, ZZZZ, Babel Information Model, Section 3.4."; 3.6.";
          }
          description
            "A set of Babel Neighbor Object.";
          reference
            "RFC ZZZZ, Babel Information Model, Section 3.5.";
        }
        description
          "A set of Babel Interface objects.";
        reference
          "RFC ZZZZ, Babel Information Model, Section 3.3.";
      }

      list hmac {
        key "algorithm";

        leaf hello-ucast-history algorithm {
          type string; identityref {
            base hmac-algorithms;
          }
          description
            "The unicast Hello history name of whether or not the
               unicast Hello messages prior to babel-exp-ucast-
               hello-seqno were received, with a '1' for HMAC algorithm this object instance uses.
             The value MUST be the most
               recent Hello placed same as one of the enumerations
             listed in the most significant bit and
               prior Hellos shifted right (with '0' bits placed
               between prior Hellos and most recent Hello for any
               not-received Hellos); represented as a string using
               utf-8 encoded hex digits where a '1' bit = Hello
               received babel-hmac-algorithms parameter.";
          reference
            "RFC ZZZZ, Babel Information Model, Section 3.8.";
        }

        leaf verify {
          type boolean;
          mandatory "true";
          description
            "A Boolean flag indicating whether HMAC hashes in incoming
             Babel packets are required to be present and are
             verified. If this parameter is 'true', incoming packets
             are required to have a '0' bit = Hello not received."; valid HMAC hash.";
          reference
            "RFC YYYY, ZZZZ, Babel Information Model, Section 3.4."; 3.8.";
        }

        leaf txcost apply-all {
          type int32; boolean;
          mandatory "true";
          description
              "Transmission cost value from the last IHU packet
               received from
            "A Boolean flag indicating whether this neighbor, or maximum value
               (infinity) babel-hmac
             instance is to indicates the IHU hold timer be used for all interfaces. If 'true',
             this
               neighbor has expired description."; instance applies to all interfaces and the
             babel-hmac-interfaces parameter is ignored. If
             babel-hmac-apply-all is 'true', there MUST NOT be other
             instances of the babel-hmac object. If 'false', the
             babel-hmac-interfaces parameter determines which
             interfaces this instance applies to.";
          reference
            "RFC YYYY, ZZZZ, Babel Information Model, Section 3.4."; 3.8.";
        }

          leaf exp-mcast-hello-seqno

        leaf-list interfaces {
          type int32; if:interface-ref;
          min-elements "1";
          description
              "Expected multicast Hello sequence number
            "List of next Hello references to be received from the babel-interfaces entries this neighbor;
             babel-hmac entry applies to. This parameter is ignored
             if multicast Hello
               messages are not expected, or processing of multicast
               messages babel-hmac-apply-all is not enabled, this 'true'. An interface MUST NOT
             be 0."; listed in multiple instances of the babel-hmac
             object.";
          reference
            "RFC YYYY, ZZZZ, Babel Information Model, Section 3.4."; 3.8.";
        }

        list hmac-keys {
          key "name";
          min-elements "1";

          leaf exp-ucast-hello-seqno name {
            type int32; string;
            mandatory "true";
            description
              "Expected unicast Hello sequence number of next Hello to
              "A unique name for this HMAC key that can be received from used to
               identify the key in this neighbor; if unicast Hello
               messages are object instance, since the key
               value is not expected, or processing of unicast
               messages allowed to be read. This value can only be
               provided when this instance is created, and is not enabled, this MUST be 0.";
               subsequently writable.";
            reference
              "RFC YYYY, ZZZZ, Babel Information Model, Section 3.4."; 3.9.";
          }

          leaf neighbor-ihu-interval use-sign {
            type int32; boolean;
            mandatory "true";
            description
              "Current IHU interval for
              "Indicates whether this neighbor.";
            reference
              "RFC YYYY, key value is used to sign sent
               Babel Information Model, Section 3.4.";
          }

          leaf rxcost {
            type int32;
            description
              "Reception cost calculated for packets. Sent packets are signed using this neighbor. This key
               if the value is usually derived from the Hello history, which may be
               combined with other data, such as statistics maintained
               by 'true'. If the link layer. The rxcost value is sent 'false', this
               key is not used to a neighbour in
               each IHU."; sign sent Babel packets.";

            reference
              "RFC YYYY, ZZZZ, Babel Information Model, Section 3.4."; 3.9.";
          }

          leaf cost use-verify {
            type int32; boolean;
            mandatory "true";
            description
              "Link cost
              "Indicates whether this key value is computed from the values maintained in
               the neighbour table. The statistics kept in the neighbour
               table about used to verify
               incoming Babel packets. This key is used to verify
               incoming packets if the reception of Hellos, and value is 'true'. If the txcost value
               is 'false', no HMAC is computed from received IHU packets."; this key for
               comparing an incoming packet.";
            reference
              "RFC YYYY, ZZZZ, Babel Information Model, Section 3.4."; 3.9.";
          }

          leaf value {
            type binary;
            mandatory "true";
            description
            "A set
              "The value of Babel Neighbor Object."; the HMAC key. An implementation MUST NOT
               allow this parameter to be read. This can be done by
               always providing an empty string, or through
               permissions, or other means. This value can only be
               provided when this instance is created, and is not
               subsequently writable.";
            reference
              "RFC YYYY, ZZZZ, Babel Information Model, Section 3.3."; 3.9.";
          }

        list security

          action test {
          key "mechanism";

          uses security;
            input {
              leaf test-string {
                type binary;
                mandatory "true";
                description
            "A security-obj object
                  "The test string on which this test has to be
                   performed.";
              }
            }
            output {
              leaf resulting-hash {
                type binary;
                mandatory "true";
                description
                  "An operation that applies allows the HMAC key and hash
                   algorithm to be tested to see if they produce an
                   expected outcome. Input to this operation is a
                   binary string. The implementation is expected to
                   create a hash of this interface. If
             implemented, string using the
                   babel-hmac-key-value and the babel-hmac-algorithm.
                   The output of this allows security to be enabled only on
             specific interfaces or allows different security mechanisms
             to be enabled on different interfaces."; operation is the resulting hash,
                   as a binary string.";
                reference
                  "RFC YYYY, ZZZZ, Babel Information Model, Section 3.3."; 3.9.";
              }
            }
          }
          description
            "A set of Babel Interface babel-hmac-keys-obj objects.";
          reference
            "RFC YYYY, ZZZZ, Babel Information Model, Section 3.1."; 3.8.";
        }

      list routes {
        key "prefix";

        leaf prefix {
          type inet:ip-address;
        description
            "Prefix (expressed in IP address format) for which
          "A babel-hmac-obj object. If this
             route object is advertised."; implemented, it
           provides access to parameters related to the HMAC security
           mechanism.";
        reference
          "RFC YYYY, ZZZZ, Babel Information Model, Section 3.6."; 3.1.";
      }

      list dtls {
        key "name";

        leaf prefix-length name {
          type inet:ip-prefix; string;
          description
            "Length of
            "TODO: This attribute does not exist in the prefix model, but is
             needed for which this route is advertised.";
          reference
            "RFC YYYY, Babel Information Model, Section 3.6."; model to work.";
        }

        leaf router-id apply-all {
          type binary; boolean;
          mandatory "true";
          description
            "router-id of the source router for which
            "A Boolean flag indicating whether this route babel-dtls
             instance is
             advertised.";
          reference
            "RFC YYYY, Babel Information Model, Section 3.6.";
        }

        leaf neighbor {
          type leafref {
            path "../../interfaces/neighbor-objects/neighbor-address";
          }
          description
            "Reference to the babel-neighbors entry be used for all interfaces. If 'true',
             this instance applies to all interfaces and the neighbor
             that advertised
             babel-dtls-interfaces parameter is ignored. If
             babel-dtls-apply-all is 'true', there MUST NOT be other
             instances of the babel-dtls object. If 'false', the
             babel-dtls-interfaces parameter determines which
             interfaces this route."; instance applies to.";
          reference
            "RFC YYYY, ZZZZ, Babel Information Model, Section 3.6."; 3.10.";

        }

        choice metric {
          mandatory "true";
          leaf received-metric

        leaf-list interfaces {
          type int32; if:interface-ref;
          min-elements "1";
          description
              "The metric with which this route was advertised by the
               neighbor, or maximum value (infinity)
            "List of references to indicate a the
               route was recently retracted and is temporarily
               unreachable. babel-interfaces entries this metric will be 0 (zero)
             babel-dtls entry applies to. This parameter is ignored
             if the route
               was not received from a neighbor but was generated
               through other means. Either babel-route-calculated-metric
               or babel-route-received-metric babel-dtls-apply-all is 'true'. An interface MUST NOT
             be provided."; listed in multiple instances of the babel-dtls object.
             If this list is empty, then it applies to all
             interfaces.";
          reference
            "RFC YYYY, ZZZZ, Babel Information Model, Section 3.6,
               draft-ietf-babel-rfc6126bis, The Babel Routing Protocol,
               Section 3.5.5."; 3.10.";
        }

        leaf calcuated-metric cached-info {
          type int32; boolean;
          description
              "A calculated metric for this route. How
            "Indicates whether the metric cached_info extension is
               calculated included
             in ClientHello and ServerHello packets. The extension
             is implementation-specific. Maximum value
               (infinity) indicates included if the route was recently retracted
               and value is temporarily unreachable. Either
               babel-route-calculated-metric or
               babel-route-received-metric MUST be provided."; 'true'.";
          reference
            "RFC YYYY, ZZZZ, Babel Information Model, Section 3.6,
               draft-ietf-babel-rfc6126bis, The Babel Routing Protocol,
               Section 3.5.5."; 3.10.";
        }

        leaf-list cert-prefer {
          type identityref {
            base dtls-cert-types;
          }
          ordered-by user;
          description
            "Either babel-route-calculated-metric or
             babel-route-received-metric
            "List of supported certificate types, in order of
             preference. The values MUST be provided."; among those listed in
             the babel-dtls-cert-types parameter. This list is used
             to populate the server_certificate_type extension in
             a Client Hello. Values that are present in at least one
             instance in the babel-dtls-certs object with a non-empty
             babel-cert-private-key will be used bto populate the
             client_certificate_type extension in a Client Hello.";
          reference
            "RFC YYYY, ZZZZ, Babel Information Model, Section 3.6,
             draft-ietf-babel-rfc6126bis, The 3.10.";
        }

        list certs {
          key "name";
          min-elements "1";
          leaf name {
            type string;
            description
              "A unique name that identifies the cert in the list.";
          }

          leaf value {
            type string;
            mandatory "true";
            description
              "The DTLS certificate in PEM format [RFC7468]. This
               value can only be provided when this instance is
               created, and is not subsequently writable.";
            reference
              "RFC ZZZZ, Babel Routing Protocol, Information Model, Section 3.5.5."; 3.11.";
          }

          leaf seqno type {
            type int32; identityref {
              base dtls-cert-types;
            }
            mandatory "true";
            description
              "The sequence number with which name of the certificate type of this route was advertised."; object
               instance. The value MUST be the same as one of the
               enumerations listed in the babel-dtls-cert-types
               parameter. This value can only be provided when this
               instance is created, and is not subsequently writable.";
            reference
              "RFC YYYY, ZZZZ, Babel Information Model, Section 3.6."; 3.11.";
          }

          leaf next-hop private-key {
            type inet:ip-address; binary;
            mandatory "true";
            description
              "The next-hop address value of the private key. If this route. is non-empty,
               this certificate can be used by this implementation to
               provide a certificate during DTLS handshaking. An
               implementation MUST NOT allow this parameter to be
               read. This will can be done by always providing an empty if
               string, or through permissions, or other means. This
               value can only be provided when this route has no next-hop address."; instance is
               created, and is not subsequently writable.";
            reference
              "RFC YYYY, ZZZZ, Babel Information Model, Section 3.6."; 3.11.";
          }
          action test {
            input {
              leaf feasible test-string {
                type boolean; binary;
                mandatory "true";
                description
            "A boolean flag indicating whether
                  "The test string on which this route is feasible.";
          reference
            "RFC YYYY, Babel Information Model, Section 3.6,
             draft-ietf-babel-rfc6126bis, The Babel Routing Protocol,
             Section 3.5.1."; test has to be
                   performed.";
              }
            }
            output {
              leaf selected resulting-hash {
                type boolean; binary;
                mandatory "true";
                description
            "A boolean flag indicating whether
                  "The output of this route is selected,
             i.e., whether it operation is currently being used for forwarding a binary string,
                   and is being advertised.";
          reference
            "RFC YYYY, Babel Information Model, Section 3.6."; the resulting hash computed using the
                   certificate public key, and the SHA-256
                   hash algorithm.";
              }
            }
          }
          description
            "A set of babel-route-obj babel-dtls-keys-obj objects. Includes received This contains
             both certificates for this implementation to present
             for authentication, and
           routes routes."; to accept from others.
             Certificates with a non-empty babel-cert-private-key
             can be presented by this implementation for
             authentication.";
          reference
            "RFC YYYY, ZZZZ, Babel Information Model, Section 3.1."; 3.10.";
        }

      list security {
        key "mechanism";

        uses security;
        description
          "A security-obj object that applies to all interfaces. babel-dtls-obj object. If this object is implemented,
           it allows a security mechanism provides access to be
           enabled or disabled in a manner that applies parameters related to all the DTLS
           security mechanism.";
        reference
          "RFC ZZZZ, Babel
           messages on all interfaces"; Information Model, Section 3.1";
      }
      description
        "Babel Information Objects.";
      reference
        "RFC YYYY, ZZZZ, Babel Information Model, Section 3.1."; 3.";
    }
  }
  augment "/rt:routing/rt:ribs/rt:rib/rt:routes/rt:route" {
    when "derived-from(rt:source-protocol, 'babel')" {
      description
        "Augmentation is valid for a routes whose source protocol
         is Babel.";
    }
    description
      "Babel specific route attributes.";
    uses routes;
  }
}

<CODE ENDS>

3.  IANA Considerations

   This document registers ?? one URIs and ?? one YANG modules. module.

3.1.  URI Registrations

   URI: urn:ietf:params:xml:ns:yang:ietf-babel

3.2.  YANG Module Name Registration

   This document registers ?? one YANG module in the YANG Module Names
   registry YANG [RFC6020].

   name:
   namespace: urn:ietf:params:xml:ns:yang:

   Name:ietf-babel
   Namespace: urn:ietf:params:xml:ns:yang:ietf-babel
   prefix: babel
   reference: RFC XXXX

4.  Security Considerations

   The YANG module specified in this document defines a schema for data
   that is designed to be accessed via network management protocol such
   as NETCONF [RFC6241] or RESTCONF [RFC8040].  The lowest NETCONF layer
   is the secure transport layer and the mandatory-to-implement secure
   transport is SSH [RFC6242].  The lowest RESTCONF layer is HTTPS, and
   the mandatory-to-implement secure transport is TLS [RFC5246]. [RFC8446].

   The NETCONF Access Control Model (NACM [RFC8341]) provides the means
   to restrict access for particular NETCONF users to a pre-configured
   subset of all available NETCONF protocol operations and content.

   There are a number of data nodes defined in the YANG module which are
   writable/creatable/deletable
   writable/created/deleted (i.e., config true, which is the default).
   These data nodes may be considered sensitive or vulnerable in some
   network environments.  Write operations (e.g., <edit-config>) to
   these data nodes without proper protection can have a negative effect
   on network operations.

   These are the subtrees and data nodes and their sensitivity/
   vulnerability:

5.  Acknowledgements

6.  References

6.1.  Normative References

   [I-D.ietf-babel-rfc6126bis]
              Chroboczek, J. and D. Schinazi, "The Babel Routing
              Protocol", draft-ietf-babel-rfc6126bis-07 (work in
              progress), November 2018.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <https://www.rfc-editor.org/info/rfc2119>.

   [RFC6991]  Schoenwaelder, J., Ed., "Common YANG Data Types",
              RFC 6991, DOI 10.17487/RFC6991, July 2013,
              <https://www.rfc-editor.org/info/rfc6991>.

   [RFC7950]  Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language",
              RFC 7950, DOI 10.17487/RFC7950, August 2016,
              <https://www.rfc-editor.org/info/rfc7950>.

   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
              May 2017, <https://www.rfc-editor.org/info/rfc8174>.

   [RFC8343]  Bjorklund, M., "A YANG Data Model for Interface
              Management", RFC 8343, DOI 10.17487/RFC8343, March 2018,
              <https://www.rfc-editor.org/info/rfc8343>.

   [RFC8349]  Lhotka, L., Lindem, A., and Y. Qu, "A YANG Data Model for
              Routing Management (NMDA Version)", RFC 8349,
              DOI 10.17487/RFC8349, March 2018,
              <https://www.rfc-editor.org/info/rfc8349>.

6.2.  Informative References

   [I-D.ietf-babel-information-model]
              Stark, B., B. and M. Jethanandani, "Babel Information Model", draft-ietf-babel-
              information-model-04
              draft-ietf-babel-information-model-05 (work in progress), October 2018.

   [RFC5246]  Dierks, T. and E. Rescorla, "The Transport Layer Security
              (TLS) Protocol Version 1.2", RFC 5246,
              DOI 10.17487/RFC5246, August 2008,
              <https://www.rfc-editor.org/info/rfc5246>.
              March 2019.

   [RFC6020]  Bjorklund, M., Ed., "YANG - A Data Modeling Language for
              the Network Configuration Protocol (NETCONF)", RFC 6020,
              DOI 10.17487/RFC6020, October 2010,
              <https://www.rfc-editor.org/info/rfc6020>.

   [RFC6241]  Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed.,
              and A. Bierman, Ed., "Network Configuration Protocol
              (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011,
              <https://www.rfc-editor.org/info/rfc6241>.

   [RFC6242]  Wasserman, M., "Using the NETCONF Protocol over Secure
              Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011,
              <https://www.rfc-editor.org/info/rfc6242>.

   [RFC8040]  Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF
              Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017,
              <https://www.rfc-editor.org/info/rfc8040>.

   [RFC8340]  Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams",
              BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018,
              <https://www.rfc-editor.org/info/rfc8340>.

   [RFC8341]  Bierman, A. and M. Bjorklund, "Network Configuration
              Access Control Model", STD 91, RFC 8341,
              DOI 10.17487/RFC8341, March 2018,
              <https://www.rfc-editor.org/info/rfc8341>.

   [RFC8342]  Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K.,
              and R. Wilton, "Network Management Datastore Architecture
              (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018,
              <https://www.rfc-editor.org/info/rfc8342>.

   [RFC8446]  Rescorla, E., "The Transport Layer Security (TLS) Protocol
              Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
              <https://www.rfc-editor.org/info/rfc8446>.

Appendix A.  An Appendix

Authors' Addresses

   Mahesh Jethanandani
   VMware
   California
   USA

   Email: mjethanandani@gmail.com
   Barbara Stark
   AT&T
   Atlanta, GA
   USA

   Email: barbara.stark@att.com