draft-ietf-babel-yang-model-02.txt   draft-ietf-babel-yang-model-03.txt 
Babel Working Group M. Jethanandani Babel Working Group M. Jethanandani
Internet-Draft VMware Internet-Draft VMware
Intended status: Standards Track B. Stark Intended status: Standards Track B. Stark
Expires: January 23, 2020 AT&T Expires: February 23, 2020 AT&T
July 22, 2019 August 22, 2019
YANG Data Model for Babel YANG Data Model for Babel
draft-ietf-babel-yang-model-02 draft-ietf-babel-yang-model-03
Abstract Abstract
This document defines a data model for the Babel routing protocol. This document defines a data model for the Babel routing protocol.
The data model is defined using the YANG data modeling language. The data model is defined using the YANG data modeling language.
Requirements Language Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
skipping to change at page 1, line 40 skipping to change at page 1, line 40
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 23, 2020. This Internet-Draft will expire on February 23, 2020.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Note to RFC Editor . . . . . . . . . . . . . . . . . . . 2 1.1. Note to RFC Editor . . . . . . . . . . . . . . . . . . . 2
1.2. Definitions and Acronyms . . . . . . . . . . . . . . . . 3 1.2. Tree Diagram Annotations . . . . . . . . . . . . . . . . 3
1.3. Tree Diagram Annotations . . . . . . . . . . . . . . . . 3
2. Babel Module . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Babel Module . . . . . . . . . . . . . . . . . . . . . . . . 3
2.1. Information Model . . . . . . . . . . . . . . . . . . . . 3 2.1. Information Model . . . . . . . . . . . . . . . . . . . . 3
2.2. Tree Diagram . . . . . . . . . . . . . . . . . . . . . . 3 2.2. Tree Diagram . . . . . . . . . . . . . . . . . . . . . . 3
2.3. YANG Module . . . . . . . . . . . . . . . . . . . . . . . 5 2.3. YANG Module . . . . . . . . . . . . . . . . . . . . . . . 5
2.4. Example . . . . . . . . . . . . . . . . . . . . . . . . . 30 3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 28
3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 31 3.1. URI Registrations . . . . . . . . . . . . . . . . . . . . 28
3.1. URI Registrations . . . . . . . . . . . . . . . . . . . . 31 3.2. YANG Module Name Registration . . . . . . . . . . . . . . 28
3.2. YANG Module Name Registration . . . . . . . . . . . . . . 31 4. Security Considerations . . . . . . . . . . . . . . . . . . . 28
4. Security Considerations . . . . . . . . . . . . . . . . . . . 31 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 30
5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 31 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 30
6. References . . . . . . . . . . . . . . . . . . . . . . . . . 31 6.1. Normative References . . . . . . . . . . . . . . . . . . 30
6.1. Normative References . . . . . . . . . . . . . . . . . . 32 6.2. Informative References . . . . . . . . . . . . . . . . . 31
6.2. Informative References . . . . . . . . . . . . . . . . . 32 Appendix A. An Appendix . . . . . . . . . . . . . . . . . . . . 32
Appendix A. An Appendix . . . . . . . . . . . . . . . . . . . . 33 A.1. Statistics Gathering Enabled . . . . . . . . . . . . . . 32
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 33 A.2. Automatic Detection of Properties . . . . . . . . . . . . 33
A.3. Override Default Properties . . . . . . . . . . . . . . . 34
A.4. Configuring other Properties . . . . . . . . . . . . . . 36
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 37
1. Introduction 1. Introduction
This document defines a data model for the Babel routing protocol This document defines a data model for the Babel routing protocol
[I-D.ietf-babel-rfc6126bis]. The data model is defined using YANG [I-D.ietf-babel-rfc6126bis]. The data model is defined using YANG
1.1 [RFC7950] data modeling language and is Network Management 1.1 [RFC7950] data modeling language and is Network Management
Datastore Architecture (NDMA) [RFC8342] compatible. It is based on Datastore Architecture (NDMA) [RFC8342] compatible. It is based on
the Babel Information Model [I-D.ietf-babel-information-model]. the Babel Information Model [I-D.ietf-babel-information-model].
1.1. Note to RFC Editor 1.1. Note to RFC Editor
skipping to change at page 3, line 5 skipping to change at page 3, line 8
Artwork in this document contains shorthand references to drafts in Artwork in this document contains shorthand references to drafts in
progress. Please apply the following replacements and remove this progress. Please apply the following replacements and remove this
note before publication. note before publication.
o "XXXX" --> the assigned RFC value for this draft both in this o "XXXX" --> the assigned RFC value for this draft both in this
draft and in the YANG models under the revision statement. draft and in the YANG models under the revision statement.
o "ZZZZ" --> the assigned RFC value for Babel Information Model o "ZZZZ" --> the assigned RFC value for Babel Information Model
[I-D.ietf-babel-information-model] [I-D.ietf-babel-information-model]
o Revision date in model, in the format 2019-07-22 needs to get o Revision date in model, in the format 2019-08-22 needs to get
updated with the date the draft gets approved. The date also updated with the date the draft gets approved. The date also
needs to get reflected on the line with <CODE BEGINS>. needs to get reflected on the line with <CODE BEGINS>.
1.2. Definitions and Acronyms 1.2. Tree Diagram Annotations
1.3. Tree Diagram Annotations
For a reference to the annotations used in tree diagrams included in For a reference to the annotations used in tree diagrams included in
this draft, please see YANG Tree Diagrams [RFC8340]. this draft, please see YANG Tree Diagrams [RFC8340].
2. Babel Module 2. Babel Module
This document defines a YANG 1.1 [RFC7950] data model for the This document defines a YANG 1.1 [RFC7950] data model for the
configuration and management of Babel. The YANG module is based on configuration and management of Babel. The YANG module is based on
the Babel Information Model [I-D.ietf-babel-information-model]. the Babel Information Model [I-D.ietf-babel-information-model].
skipping to change at page 4, line 11 skipping to change at page 4, line 11
In addition to information like the version number implemented by In addition to information like the version number implemented by
this device, the model contains subtrees on constants, interfaces, this device, the model contains subtrees on constants, interfaces,
routes and security. routes and security.
module: ietf-babel module: ietf-babel
augment /rt:routing/rt:control-plane-protocols augment /rt:routing/rt:control-plane-protocols
/rt:control-plane-protocol: /rt:control-plane-protocol:
+--rw babel! +--rw babel!
+--ro version? string +--ro version? string
+--rw enable boolean +--rw enable boolean
+--ro router-id binary +--ro router-id? binary
+--ro link-properties* identityref +--ro seqno? uint16
+--ro sequence-number? uint16
+--ro metric-comp-algorithms* identityref +--ro metric-comp-algorithms* identityref
+--ro security-supported* identityref +--ro security-supported* identityref
+--ro hmac-algorithms* identityref +--ro mac-algorithms* identityref
+--ro dtls-cert-types* identityref +--ro dtls-cert-types* identityref
+--rw stats-enable? boolean +--rw stats-enable? boolean
+--rw constants +--rw constants
| ... | ...
+--rw interfaces* [reference] +--rw interfaces* [reference]
| ... | ...
+--rw hmac* [name] +--rw mac* [name]
| ... | ...
+--rw dtls* [name] +--rw dtls* [name]
| ...
+--ro routes* [prefix]
... ...
augment /rt:routing/rt:ribs/rt:rib/rt:routes/rt:route:
+--ro routes* [prefix]
+--ro prefix inet:ip-prefix
+--ro router-id? binary
+--ro neighbor? leafref
+--ro received-metric? uint16
+--ro calculated-metric? uint16
+--ro seqno? uint16
+--ro next-hop? inet:ip-address
+--ro feasible? boolean
+--ro selected? boolean
The interfaces subtree describes attributes such as interface object The interfaces subtree describes attributes such as interface object
that is being referenced, the type of link as enumerated by Babel that is being referenced, the type of link as enumerated by metric-
Link Properties, and whether the interface is enabled or not. algorithm and split-horizon and whether the interface is enabled or
not.
The constants subtree describes the UDP port used for sending and The constants subtree describes the UDP port used for sending and
receiving Babel messages, and the multicast group used to send and receiving Babel messages, and the multicast group used to send and
receive announcements on IPv6. receive announcements on IPv6.
The routes subtree describes objects such as the prefix for which the The routes subtree describes objects such as the prefix for which the
route is advertised, a reference to the neighboring route, and next- route is advertised, a reference to the neighboring route, and next-
hop address. hop address.
Finally, for security two subtree are defined to contain HMAC keys Finally, for security two subtree are defined to contain MAC keys and
and DTLS certificates. The hmac subtree contains keys used with the DTLS certificates. The mac-key-sets subtree contains keys used with
HMAC security mechanism. The boolean flag babel-hmac-default-apply the MAC security mechanism. The boolean flag babel-mac-default-apply
indicates whether the set of HMAC keys is automatically applied to indicates whether the set of MAC keys is automatically applied to new
new interfaces. The dtls subtree contains certificates used with interfaces. The dtls subtree contains certificates used with DTLS
DTLS security mechanism. Similar to the HMAC mechanism, the boolean security mechanism. Similar to the MAC mechanism, the boolean flag
flag babel-dtls-default-apply indicates whether the set of DTLS babel-dtls-default-apply indicates whether the set of DTLS
certificates is automatically applied to new interfaces. certificates is automatically applied to new interfaces.
2.3. YANG Module 2.3. YANG Module
This module augments A YANG Data Model for Interface Management This module augments A YANG Data Model for Interface Management
[RFC8343], YANG Routing Management [RFC8349], and imports definitions [RFC8343], YANG Routing Management [RFC8349], imports definitions
from Common YANG Data Types [RFC6991]. from Common YANG Data Types [RFC6991], and references HMAC: Keyed-
Hashing for Message Authentication [RFC2104], Using HMAC-SHA-256,
<CODE BEGINS> file "ietf-babel@2019-07-22.yang" HMAC-SHA-384, and HMAC-SHA-512 [RFC4868], Datagram Transport Layer
Security Version 1.2 [RFC6347], The Blake2 Cryptographic Hash and
module ietf-babel { Message Authentication Code (MAC) [RFC7693], Babel Information Model
yang-version 1.1; [I-D.ietf-babel-information-model], and The Babel Routing Protocol
namespace "urn:ietf:params:xml:ns:yang:ietf-babel"; [I-D.ietf-babel-rfc6126bis].
prefix babel;
import ietf-yang-types {
prefix yt;
reference
"RFC 6991 - Common YANG Data Types.";
}
import ietf-inet-types {
prefix inet;
reference
"RFC 6991 - Common YANG Data Types.";
}
import ietf-interfaces {
prefix if;
reference
"RFC 8343 - A YANG Data Model for Interface Management";
}
import ietf-routing {
prefix "rt";
reference
"RFC 8349 - YANG Routing Management";
}
organization
"IETF Babel routing protocol Working Group";
contact
"WG Web: http://tools.ietf.org/wg/babel/
WG List: babel@ietf.org
Editor: Mahesh Jethanandani
mjethanandani@gmail.com
Editor: Barbara Stark
bs7652@att.com";
description
"This YANG module defines a model for the Babel routing
protocol.
Copyright (c) 2019 IETF Trust and the persons identified as
the document authors. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject
to the license terms contained in, the Simplified BSD
License set forth in Section 4.c of the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX; see
the RFC itself for full legal notices.";
revision 2019-07-22 {
description
"Initial version.";
reference
"RFC XXX: Babel YANG Data Model.";
}
/* <CODE BEGINS> file "ietf-babel@2019-08-22.yang"
* Identities
*/
identity link-property {
description
"Base identity from which all Babel Link Types are derived.";
}
identity other { module ietf-babel {
base "link-property"; yang-version 1.1;
description namespace "urn:ietf:params:xml:ns:yang:ietf-babel";
"No link property information available."; prefix babel;
}
identity tunnel { import ietf-yang-types {
base "link-property"; prefix yt;
description reference
"A tunneled interface over unknown physical link."; "RFC 6991: Common YANG Data Types.";
} }
identity wired { import ietf-inet-types {
base "link-property"; prefix inet;
description reference
"A wired link with fixed physical properties."; "RFC 6991: Common YANG Data Types.";
} }
import ietf-interfaces {
prefix if;
reference
"RFC 8343: A YANG Data Model for Interface Management";
}
import ietf-routing {
prefix "rt";
reference
"RFC 8349: YANG Routing Management";
}
identity wireless { organization
base "link-property"; "IETF Babel routing protocol Working Group";
description
"Wireless link type for Babel Routing Protocol.";
}
identity metric-comp-algorithms { contact
description "WG Web: http://tools.ietf.org/wg/babel/
"Base identity from which all Babel metric comp algorithms WG List: babel@ietf.org
are derived.";
}
identity k-out-of-j {
base "metric-comp-algorithms";
description
"k-out-of-j algorithm.";
}
identity etx {
base "metric-comp-algorithms";
description
"Expected Transmission Count.";
}
/* Editor: Mahesh Jethanandani
* Babel security type identities mjethanandani@gmail.com
*/ Editor: Barbara Stark
identity security-supported { bs7652@att.com";
description
"Base identity from which all Babel security types are
derived.";
}
identity hmac { description
base security-supported; "This YANG module defines a model for the Babel routing
description protocol.
"HMAC supported.";
}
identity dtls { Copyright (c) 2019 IETF Trust and the persons identified as
base security-supported; the document authors. All rights reserved.
description Redistribution and use in source and binary forms, with or
"Datagram Transport Layer Security (DTLS) supported."; without modification, is permitted pursuant to, and subject
reference to the license terms contained in, the Simplified BSD
"RFC 6347, Datagram Transport Layer Security Version 1.2."; License set forth in Section 4.c of the IETF Trust's Legal
} Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info).
/* This version of this YANG module is part of RFC XXXX; see
* Babel HMAC algorithms identities. the RFC itself for full legal notices.";
*/
identity hmac-algorithms {
description
"Base identity for all Babel HMAC algorithms.";
}
identity hmac-sha256 { revision 2019-08-22 {
base hmac-algorithms; description
description "Initial version.";
"HMAC-SHA256 algorithm supported."; reference
} "RFC XXXX: Babel YANG Data Model.";
}
identity blake2s { /*
base hmac-algorithms; * Identities
description */
"BLAKE2s algorithm supported."; identity metric-comp-algorithms {
reference description
"RFC 7693, The BLAKE2 Cryptographic Hash and Message "Base identity from which all Babel metric comp algorithms
Authentication Code (MAC)."; are derived.";
} }
identity two-out-of-three {
base "metric-comp-algorithms";
description
"2-out-of-3 algorithm.";
}
identity etx {
base "metric-comp-algorithms";
description
"Expected Transmission Count.";
}
/* /*
* Babel Cert Types * Babel security type identities
*/ */
identity dtls-cert-types { identity security-supported {
description description
"Base identity for Babel DTLS certificate types."; "Base identity from which all Babel security types are
} derived.";
}
identity x-509 { identity mac {
base dtls-cert-types; base security-supported;
description description
"X.509 certificate type."; "Keyed MAC supported.";
} }
identity raw-public-key { identity dtls {
base dtls-cert-types; base security-supported;
description description
"Raw Public Key type."; "Datagram Transport Layer Security (DTLS) supported.";
} reference
"RFC 6347, Datagram Transport Layer Security Version 1.2.";
}
/* /*
* Babel routing protocol identity. * Babel MAC algorithms identities.
*/
identity mac-algorithms {
description
"Base identity for all Babel MAC algorithms.";
}
*/ identity hmac-sha256 {
identity babel { base mac-algorithms;
base "rt:routing-protocol"; description
description "HMAC-SHA256 algorithm supported.";
"Babel routing protocol"; reference
} "RFC 4868: Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512
with IPsec.";
}
/* identity blake2s {
* Features base mac-algorithms;
*/ description
"BLAKE2s algorithm supported.";
reference
"RFC 7693: The BLAKE2 Cryptographic Hash and Message
Authentication Code (MAC).";
}
/* /*
* Features supported * Babel Cert Types
*/ */
identity dtls-cert-types {
description
"Base identity for Babel DTLS certificate types.";
}
/* identity x-509 {
* Typedefs base dtls-cert-types;
*/ description
"X.509 certificate type.";
}
/* identity raw-public-key {
* Groupings base dtls-cert-types;
*/ description
grouping routes { "Raw Public Key type.";
list routes { }
key "prefix";
config false;
leaf prefix { /*
type inet:ip-prefix; * Babel routing protocol identity.
description */
"Prefix (expressed in ip-address/prefix-length format) for identity babel {
which this route is advertised."; base "rt:routing-protocol";
reference description
"RFC ZZZZ, Babel Information Model, Section 3.6."; "Babel routing protocol";
} }
leaf router-id { /*
type binary; * Groupings
description */
"router-id of the source router for which this route is grouping routes {
advertised."; list routes {
reference key "prefix";
"RFC ZZZZ, Babel Information Model, Section 3.6."; config false;
}
leaf neighbor { leaf prefix {
type leafref { type inet:ip-prefix;
path "/rt:routing/rt:control-plane-protocols/" + description
"rt:control-plane-protocol/babel/interfaces/" + "Prefix (expressed in ip-address/prefix-length format) for
"neighbor-objects/neighbor-address"; which this route is advertised.";
} reference
description "RFC ZZZZ: Babel Information Model, Section 3.6.";
"Reference to the babel-neighbors entry for the neighbor }
that advertised this route.";
reference
"RFC ZZZZ, Babel Information Model, Section 3.6.";
}
leaf received-metric { leaf router-id {
type uint16; type binary;
description description
"The metric with which this route was advertised by the "router-id of the source router for which this route is
neighbor, or maximum value (infinity) to indicate a the advertised.";
route was recently retracted and is temporarily reference
unreachable. this metric will be 0 (zero) if the route "RFC ZZZZ: Babel Information Model, Section 3.6.";
was not received from a neighbor but was generated }
through other means. Either babel-route-calculated-metric
or babel-route-received-metric MUST be provided.";
reference
"RFC ZZZZ, Babel Information Model, Section 3.6,
draft-ietf-babel-rfc6126bis, The Babel Routing Protocol,
Section 3.5.5.";
}
leaf calculated-metric { leaf neighbor {
type uint16; type leafref {
description path "/rt:routing/rt:control-plane-protocols/" +
"A calculated metric for this route. How the metric is "rt:control-plane-protocol/babel/interfaces/" +
calculated is implementation-specific. Maximum value "neighbor-objects/neighbor-address";
(infinity) indicates the route was recently retracted }
and is temporarily unreachable. Either description
babel-route-calculated-metric or "Reference to the babel-neighbors entry for the neighbor
babel-route-received-metric MUST be provided."; that advertised this route.";
reference reference
"RFC ZZZZ, Babel Information Model, Section 3.6, "RFC ZZZZ: Babel Information Model, Section 3.6.";
draft-ietf-babel-rfc6126bis, The Babel Routing Protocol, }
Section 3.5.5.";
}
leaf seqno { leaf received-metric {
type uint16; type uint16;
description description
"The sequence number with which this route was advertised."; "The metric with which this route was advertised by the
reference neighbor, or maximum value (infinity) to indicate a the
"RFC ZZZZ, Babel Information Model, Section 3.6."; route was recently retracted and is temporarily
} unreachable. This metric will be 0 (zero) if the route
leaf next-hop { was not received from a neighbor but was generated
type inet:ip-address; through other means. At least one of
description babel-route-calculated-metric or
"The next-hop address of this route. This will be empty if babel-route-received-metric MUST be non-NULL.";
this route has no next-hop address."; reference
reference "RFC ZZZZ: Babel Information Model, Section 3.6,
"RFC ZZZZ, Babel Information Model, Section 3.6."; draft-ietf-babel-rfc6126bis: The Babel Routing Protocol,
} Section 3.5.5.";
}
leaf feasible { leaf calculated-metric {
type boolean; type uint16;
description description
"A boolean flag indicating whether this route is feasible."; "A calculated metric for this route. How the metric is
reference calculated is implementation-specific. Maximum value
"RFC ZZZZ, Babel Information Model, Section 3.6, (infinity) indicates the route was recently retracted
draft-ietf-babel-rfc6126bis, The Babel Routing Protocol, and is temporarily unreachable. At least one of
Section 3.5.1."; babel-route-calculated-metric or
} babel-route-received-metric MUST be non-NULL.";
reference
"RFC ZZZZ: Babel Information Model, Section 3.6,
draft-ietf-babel-rfc6126bis: The Babel Routing Protocol,
Section 3.5.5.";
}
leaf selected { leaf seqno {
type boolean; type uint16;
description description
"A boolean flag indicating whether this route is selected, "The sequence number with which this route was advertised.";
i.e., whether it is currently being used for forwarding and reference
is being advertised."; "RFC ZZZZ: Babel Information Model, Section 3.6.";
reference }
"RFC ZZZZ, Babel Information Model, Section 3.6.";
}
description
"A set of babel-route-obj objects. Includes received and
routes routes.";
reference
"RFC ZZZZ, Babel Information Model, Section 3.1.";
}
description
"Common grouping for routing used in RIB augmentation.";
}
/* leaf next-hop {
* Data model type inet:ip-address;
*/ description
"The next-hop address of this route. This will be empty if
this route has no next-hop address.";
reference
"RFC ZZZZ: Babel Information Model, Section 3.6.";
}
augment "/rt:routing/rt:control-plane-protocols/" + leaf feasible {
"rt:control-plane-protocol" { type boolean;
when "derived-from-or-self(rt:type, 'babel')" { description
description "A boolean flag indicating whether this route is feasible.";
"Augmentation is valid only when the instance of routing type reference
is of type 'babel'."; "RFC ZZZZ: Babel Information Model, Section 3.6,
draft-ietf-babel-rfc6126bis, The Babel Routing Protocol,
Section 3.5.1.";
}
} leaf selected {
description type boolean;
"Augment the routing module to support features such as VRF."; description
reference "A boolean flag indicating whether this route is selected,
"YANG Routing Management, RFC 8349, Lhotka & Lindem, March i.e., whether it is currently being used for forwarding and
2018."; is being advertised.";
reference
"RFC ZZZZ: Babel Information Model, Section 3.6.";
}
description
"A set of babel-route-obj objects. Includes received and
routes routes.";
reference
"RFC ZZZZ: Babel Information Model, Section 3.1.";
}
description
"Common grouping for routing used in RIB.";
}
/*
* Data model
*/
container babel { augment "/rt:routing/rt:control-plane-protocols/" +
presence "A Babel container."; "rt:control-plane-protocol" {
when "derived-from-or-self(rt:type, 'babel')" {
description
"Augmentation is valid only when the instance of routing type
is of type 'babel'.";
}
description
"Augment the routing module to support a common structure
between routing protocols.";
reference
"YANG Routing Management, RFC 8349, Lhotka & Lindem, March
2018.";
leaf version { container babel {
type string; presence "A Babel container.";
config false;
description
"The name and version of this implementation of the Babel
protocol.";
reference
"RFC ZZZZ, Babel Information Model, Section 3.1.";
}
leaf enable { leaf version {
type boolean; type string;
mandatory true; config false;
description description
"When written, it configures whether the protocol should be "The name and version of this implementation of the Babel
enabled. A read from the <running> or <intended> datastore protocol.";
therefore indicates the configured administrative value of reference
whether the protocol is enabled or not. "RFC ZZZZ: Babel Information Model, Section 3.1.";
}
A read from the <operational> datastore indicates whether leaf enable {
the protocol is actually running or not, i.e. it indicates type boolean;
the operational state of the protocol."; mandatory true;
reference description
"RFC ZZZZ, Babel Information Model, Section 3.1."; "When written, it configures whether the protocol should be
} enabled. A read from the <running> or <intended> datastore
therefore indicates the configured administrative value of
whether the protocol is enabled or not.
leaf router-id { A read from the <operational> datastore indicates whether
type binary; the protocol is actually running or not, i.e. it indicates
config false; the operational state of the protocol.";
mandatory "true"; reference
description "RFC ZZZZ: Babel Information Model, Section 3.1.";
"Every Babel speaker is assigned a router-id, which is an }
arbitrary string of 8 octets that is assumed to be unique
across the routing domain";
reference
"RFC ZZZZ, Babel Information Model, Section 3.1,
rfc6126bis, The Babel Routing Protocol. Section 3.";
}
leaf-list link-properties {
type identityref {
base link-property;
}
config false;
min-elements 1;
description
"Lists the collections of link properties supported by this
instance of Babel. Valid enumeration values are defined
in the Babel Link Properties registry.";
reference
"RFC ZZZZ, Babel Information Model, Section 3.1.";
}
leaf sequence-number { leaf router-id {
type uint16; type binary;
config false; config false;
description description
"Sequence number included in route updates for routes "Every Babel speaker is assigned a router-id, which is an
originated by this node."; arbitrary string of 8 octets that is assumed to be unique
reference across the routing domain";
"RFC ZZZZ, Babel Information Model, Section 3.1."; reference
} "RFC ZZZZ: Babel Information Model, Section 3.1,
draft-ietf-babel-rfc6126bis: The Babel Routing Protocol,
Section 3.";
}
leaf-list metric-comp-algorithms { leaf seqno {
type identityref { type uint16;
base "metric-comp-algorithms"; config false;
} description
config false; "Sequence number included in route updates for routes
min-elements 1; originated by this node.";
description reference
"List of cost compute algorithms supported by this "RFC ZZZZ: Babel Information Model, Section 3.1.";
implementation of Babel."; }
reference
"RFC ZZZZ, Babel Information Model, Section 3.1.";
}
leaf-list security-supported { leaf-list metric-comp-algorithms {
type identityref { type identityref {
base "security-supported"; base "metric-comp-algorithms";
} }
config false; config false;
min-elements 1; min-elements 1;
description description
"Babel security mechanism used by this implementation or "List of cost compute algorithms supported by this
per interface."; implementation of Babel.";
reference reference
"RFC ZZZZ, Babel Information Model, Section 3.1."; "RFC ZZZZ: Babel Information Model, Section 3.1.";
}
} leaf-list security-supported {
type identityref {
base "security-supported";
}
config false;
min-elements 1;
description
"List of supported security mechanisms.";
reference
"RFC ZZZZ: Babel Information Model, Section 3.1.";
}
leaf-list hmac-algorithms { leaf-list mac-algorithms {
type identityref { type identityref {
base hmac-algorithms; base mac-algorithms;
} }
config false; config false;
description description
"List of supported HMAC computation algorithms. Possible "List of supported MAC computation algorithms. Possible
values include 'HMAC-SHA256', 'BLAKE2s'."; values include 'HMAC-SHA256', 'BLAKE2s'.";
reference reference
"RFC ZZZZ, Babel Information Model, Section 3.1."; "RFC ZZZZ: Babel Information Model, Section 3.1.";
} }
leaf-list dtls-cert-types { leaf-list dtls-cert-types {
type identityref { type identityref {
base dtls-cert-types; base dtls-cert-types;
} }
config false; config false;
description description
"List of supported DTLS certificate types. Possible values "List of supported DTLS certificate types. Possible values
include 'X.509' and 'RawPublicKey'."; include 'X.509' and 'RawPublicKey'.";
reference reference
"RFC ZZZZ, Babel Information Model, Section 3.1."; "RFC ZZZZ: Babel Information Model, Section 3.1.";
} }
leaf stats-enable { leaf stats-enable {
type boolean; type boolean;
description description
"Indicates whether statistics collection is enabled (true) "Indicates whether statistics collection is enabled (true)
or disabled (false) on all interfaces, including or disabled (false) on all interfaces.";
neighbor-specific statistics (babel-nbr-stats)."; }
}
container constants { container constants {
leaf udp-port { leaf udp-port {
type inet:port-number; type inet:port-number;
default "6696"; default "6696";
description description
"UDP port for sending and receiving Babel messages. The "UDP port for sending and receiving Babel messages. The
default port is 6696."; default port is 6696.";
reference reference
"RFC ZZZZ, Babel Information Model, Section 3.2."; "RFC ZZZZ: Babel Information Model, Section 3.2.";
} }
leaf mcast-group { leaf mcast-group {
type inet:ip-address; type inet:ip-address;
default "ff02:0:0:0:0:0:1:6"; default "ff02::1:6";
description description
"Multicast group for sending and receiving multicast "Multicast group for sending and receiving multicast
announcements on IPv6."; announcements on IPv6.";
reference reference
"RFC ZZZZ, Babel Information Model, Section 3.2."; "RFC ZZZZ: Babel Information Model, Section 3.2.";
} }
description description
"Babel Constants object."; "Babel Constants object.";
reference reference
"RFC ZZZZ, Babel Information Model, Section 3.1."; "RFC ZZZZ: Babel Information Model, Section 3.1.";
} }
list interfaces { list interfaces {
key "reference"; key "reference";
leaf reference { leaf reference {
type if:interface-ref; type if:interface-ref;
description description
"Reference to an interface object as defined by the data "References the name of the interface over which Babel
model (e.g., YANG, BBF TR-181); data model is assumed to packets are sent and received.";
allow for referencing of interface objects which may be at reference
any layer (physical, Ethernet MAC, IP, tunneled IP, etc.). "RFC ZZZZ: Babel Information Model, Section 3.3.";
Referencing syntax will be specific to the data model. If }
there is no set of interface objects available, this should
be a string that indicates the interface name used by the
underlying operating system.";
reference
"RFC ZZZZ, Babel Information Model, Section 3.3.";
}
leaf enable { leaf enable {
type boolean; type boolean;
default "true"; default "true";
description description
"If true, babel sends and receives messages on this "If true, babel sends and receives messages on this
interface. If false, babel messages received on this interface. If false, babel messages received on this
interface are ignored and none are sent."; interface are ignored and none are sent.";
reference reference
"RFC ZZZZ, Babel Information Model, Section 3.3."; "RFC ZZZZ: Babel Information Model, Section 3.3.";
} }
leaf link-properties { leaf metric-algorithm {
type identityref { type identityref {
base link-property; base metric-comp-algorithms;
} }
default "wired"; mandatory true;
description description
"Indicates the properties of the link. The value MUST be "Indicates the metric computation algorithm used on this
one of those listed in the babel-supported-link- interface. The value MUST be one of those listed in
properties parameter. Valid enumeration values are 'metric-comp-algorithms'.";
identity-refs derived from properties identified in reference
Babel Link Properties registry."; "RFC ZZZZ: Babel Information Model, Section 3.X.";
reference }
"RFC ZZZZ, Babel Information Model, Section 3.3.";
}
leaf metric-algorithm { leaf split-horizon {
type identityref { type boolean;
base metric-comp-algorithms; description
} "Indicates whether or not the split horizon optimization
default "k-out-of-j"; is used when calculating metrics on this interface.
description A value of true indicates split horizon optimization
"Indicates the metric computation algorithm used on this is used.";
interface. The value MUST be one of those listed in the reference
babel-information-obj babel-metric-comp-algorithms "RFC ZZZZ: Babel Information Model, Section 3.X.";
parameter."; }
}
leaf mcast-hello-seqno { leaf mcast-hello-seqno {
type uint16; type uint16;
config false; config false;
description description
"The current sequence number in use for multicast hellos "The current sequence number in use for multicast hellos
sent on this interface."; sent on this interface.";
reference reference
"RFC ZZZZ, Babel Information Model, Section 3.3."; "RFC ZZZZ: Babel Information Model, Section 3.3.";
} }
leaf mcast-hello-interval { leaf mcast-hello-interval {
type uint16; type uint16;
config false; units centiseconds;
description description
"The current multicast hello interval in use for hellos "The current multicast hello interval in use for hellos
sent on this interface."; sent on this interface.";
reference reference
"RFC ZZZZ, Babel Information Model, Section 3.3."; "RFC ZZZZ: Babel Information Model, Section 3.3.";
} }
leaf update-interval { leaf update-interval {
type uint16; type uint16;
units centiseconds; units centiseconds;
config false; description
description "The current update interval in use for this interface.
"The current update interval in use for this interface. Units are centiseconds.";
Units are centiseconds."; reference
reference "RFC ZZZZ: Babel Information Model, Section 3.3.";
"RFC ZZZZ, Babel Information Model, Section 3.3."; }
}
leaf hmac-enable { leaf mac-enable {
type boolean; type boolean;
description description
"Indicates whether the HMAC security mechanism is enabled "Indicates whether the MAC security mechanism is enabled
(true) or disabled (false)."; (true) or disabled (false).";
reference reference
"RFC ZZZZ, Babel Information Model, Section 3.3."; "RFC ZZZZ: Babel Information Model, Section 3.3.";
} }
leaf-list hmac-keys { leaf-list mac-key-sets {
type leafref { type leafref {
path "../../hmac/name"; path "../../mac/name";
} }
description description
"List of references to the babel-hmac entries that apply "List of references to the babel-mac entries that apply
to this interface. When an interface instance is created, to this interface. When an interface instance is created,
all babel-hmac-key-sets instances with all babel-mac-key-sets instances with
babel-hmac-default-apply 'true' will be included in this babel-mac-default-apply 'true' will be included in this
list."; list.";
reference reference
"RFC ZZZZ, Babel Information Model, Section 3.3."; "RFC ZZZZ: Babel Information Model, Section 3.3.";
} }
leaf hmac-algorithm { leaf mac-verify {
type identityref { type boolean;
base hmac-algorithms; description
} "A Boolean flag indicating whether MAC hashes in
description incoming Babel packets are required to be present and
"The name of the HMAC algorithm used on this interface. are verified. If this parameter is 'true', incoming
The value is one of the identities listed as part of packets are required to have a valid MAC hash.";
babel-hmac-algorithms at a global level."; reference
reference "RFC ZZZZ: Babel Information Model, Section 3.3.";
"RFC ZZZZ, Babel Information Model, Section 3.3."; }
}
leaf hmac-verify { leaf dtls-enable {
type boolean; type boolean;
description description
"A Boolean flag indicating whether HMAC hashes in "Indicates whether the DTLS security mechanism is enabled
incoming Babel packets are required to be present and (true) or disabled (false).";
are verified. If this parameter is 'true', incoming reference
packets are required to have a valid HMAC hash."; "RFC ZZZZ: Babel Information Model, Section 3.3.";
reference }
"RFC ZZZZ, Babel Information Model, Section 3.3.";
}
leaf dtls-enable {
type boolean;
description
"Indicates whether the DTLS security mechanism is enabled
(true) or disabled (false).";
reference
"RFC ZZZZ, Babel Information Model, Section 3.3.";
}
leaf-list dtls-certs { leaf-list dtls-certs {
type leafref { type leafref {
path "../../dtls/name"; path "../../dtls/name";
} }
description description
"List of references to the babel-dtls-cert-sets entries "List of references to the babel-dtls-cert-sets entries
that apply to this interface. When an interface instance that apply to this interface. When an interface instance
is created, all babel-dtls instances with is created, all babel-dtls instances with
babel-dtls-default-apply 'true' will be included in babel-dtls-default-apply 'true' will be included in
this list."; this list.";
reference reference
"RFC ZZZZ, Babel Information Model, Section 3.3."; "RFC ZZZZ: Babel Information Model, Section 3.3.";
} }
leaf dtls-cached-info { leaf dtls-cached-info {
type boolean; type boolean;
description description
"Indicates whether the cached_info extension is included "Indicates whether the cached_info extension is included
in ClientHello and ServerHello packets. The extension in ClientHello and ServerHello packets. The extension
is included if the value is 'true'."; is included if the value is 'true'.";
reference reference
"RFC ZZZZ, Babel Information Model, Section 3.3."; "RFC ZZZZ: Babel Information Model, Section 3.3.";
} }
leaf-list dtls-cert-prefer { leaf-list dtls-cert-prefer {
type leafref { type leafref {
path "../../dtls/certs/type"; path "../../dtls/certs/type";
} }
ordered-by user; ordered-by user;
description description
"List of supported certificate types, in order of "List of supported certificate types, in order of
preference. The values MUST be among those listed in the preference. The values MUST be among those listed in the
babel-dtls-cert-types parameter. This list is used to babel-dtls-cert-types parameter. This list is used to
populate the server_certificate_type extension in a populate the server_certificate_type extension in a
Client Hello. Values that are present in at least one Client Hello. Values that are present in at least one
instance in the babel-dtls-certs object of a referenced instance in the babel-dtls-certs object of a referenced
babel-dtls instance and that have a non-empty babel-dtls instance and that have a non-empty
babel-cert-private-key will be used to populate the babel-cert-private-key will be used to populate the
client_certificate_type extension in a Client Hello."; client_certificate_type extension in a Client Hello.";
reference
"RFC ZZZZ: Babel Information Model, Section 3.3.";
}
reference leaf packet-log-enable {
"RFC ZZZZ, Babel Information Model, Section 3.3."; type boolean;
} description
"If true, logging of babel packets received on this
interface is enabled; if false, babel packets are not
logged.";
reference
"RFC ZZZZ: Babel Information Model, Section 3.3.";
}
leaf packet-log-enable { leaf packet-log {
type boolean; type inet:uri;
description config false;
"If true, logging of babel packets received on this description
interface is enabled; if false, babel packets are not "A reference or url link to a file that contains a
logged."; timestamped log of packets received and sent on
reference babel-udp-port on this interface. The [libpcap] file
"RFC ZZZZ, Babel Information Model, Section 3.3."; format with .pcap file extension SHOULD be supported for
} packet log files. Logging is enabled / disabled by
packet-log-enable.";
reference
"RFC ZZZZ: Babel Information Model, Section 3.3.";
}
leaf packet-log { container stats {
type inet:uri; config false;
config false; leaf sent-mcast-hello {
description type yt:counter32;
"A reference or url link to a file that contains a description
timestamped log of packets received and sent on "A count of the number of multicast Hello packets sent
babel-udp-port on this interface. The [libpcap] file on this interface.";
format with .pcap file extension SHOULD be supported for reference
packet log files. Logging is enabled / disabled by "RFC ZZZZ: Babel Information Model, Section 3.4.";
packet-log-enable."; }
reference
"RFC ZZZZ, Babel Information Model, Section 3.3.";
}
container stats { leaf sent-mcast-update {
config false; type yt:counter32;
leaf sent-mcast-hello { description
type yt:counter32; "A count of the number of multicast update packets sent
description on this interface.";
"A count of the number of multicast Hello packets sent reference
on this interface."; "RFC ZZZZ: Babel Information Model, Section 3.4.";
reference }
"RFC ZZZZ, Babel Information Model, Section 3.4.";
}
leaf sent-mcast-update { leaf sent-ucast-hello {
type yt:counter32; type yt:counter32;
description description
"A count of the number of multicast update packets sent "A count of the number of unicast Hello packets sent
on this interface."; to this neighbor.";
reference reference
"RFC ZZZZ, Babel Information Model, Section 3.4."; "RFC ZZZZ: Babel Information Model, Section 3.6.";
} }
leaf received-packets {
type yt:counter32;
description
"A count of the number of Babel packets received on
this interface.";
reference
"RFC ZZZZ, Babel Information Model, Section 3.4.";
}
action reset {
input {
leaf reset-at {
type yt:date-and-time;
description
"The time when the reset was issued.";
}
}
output {
leaf reset-finished-at {
type yt:date-and-time;
description
"The time when the reset finished.";
}
}
}
description
"Statistics collection object for this interface.";
reference
"RFC ZZZZ, Babel Information Model, Section 3.3.";
}
list neighbor-objects { leaf sent-ucast-update {
key "neighbor-address"; type yt:counter32;
config false; description
"A count of the number of unicast update packets sent
to this neighbor.";
reference
"RFC ZZZZ: Babel Information Model, Section 3.6.";
}
leaf neighbor-address { leaf sent-ihu {
type inet:ip-address; type yt:counter32;
description description
"IPv4 or v6 address the neighbor sends packets from."; "A count of the number of IHU packets sent to this
reference neighbor.";
"RFC ZZZZ, Babel Information Model, Section 3.5."; reference
} "RFC ZZZZ: Babel Information Model, Section 3.6.";
leaf hello-mcast-history { }
type string;
description
"The multicast Hello history of whether or not the
multicast Hello packets prior to babel-exp-mcast-
hello-seqno were received, with a '1' for the most
recent Hello placed in the most significant bit and
prior Hellos shifted right (with '0' bits placed
between prior Hellos and most recent Hello for any
not-received Hellos); represented as a string using
utf-8 encoded hex digits where a '1' bit = Hello
received and a '0' bit = Hello not received.";
reference
"RFC ZZZZ, Babel Information Model, Section 3.5.";
}
leaf hello-ucast-history { leaf received-packets {
type string; type yt:counter32;
description description
"The unicast Hello history of whether or not the "A count of the number of Babel packets received on
unicast Hello packets prior to babel-exp-ucast- this interface.";
hello-seqno were received, with a '1' for the most reference
recent Hello placed in the most significant bit and "RFC ZZZZ: Babel Information Model, Section 3.4.";
prior Hellos shifted right (with '0' bits placed }
between prior Hellos and most recent Hello for any action reset {
not-received Hellos); represented as a string using description
utf-8 encoded hex digits where a '1' bit = Hello "The information model [RFC ZZZZ] defines this reset
received and a '0' bit = Hello not received."; action as a system-wide reset of Babel statistics
reference parameters, but in YANG the reset action has to be
"RFC ZZZZ, Babel Information Model, Section 3.5."; contained in the container where the action needs to
} be performed.";
leaf txcost { input {
type int32; leaf reset-at {
default "0"; type yt:date-and-time;
description description
"Transmission cost value from the last IHU packet "The time when the reset was issued.";
received from this neighbor, or maximum value }
(infinity) to indicates the IHU hold timer for this }
neighbor has expired description."; output {
reference leaf reset-finished-at {
"RFC ZZZZ, Babel Information Model, Section 3.5."; type yt:date-and-time;
} description
"The time when the reset finished.";
}
}
}
description
"Statistics collection object for this interface.";
reference
"RFC ZZZZ: Babel Information Model, Section 3.3.";
}
leaf exp-mcast-hello-seqno { list neighbor-objects {
type uint16; key "neighbor-address";
default "0"; config false;
description
"Expected multicast Hello sequence number of next Hello
to be received from this neighbor; if multicast Hello
packets are not expected, or processing of multicast
packets is not enabled, this MUST be 0.";
reference
"RFC ZZZZ, Babel Information Model, Section 3.5.";
} leaf neighbor-address {
type inet:ip-address;
description
"IPv4 or v6 address the neighbor sends packets from.";
reference
"RFC ZZZZ: Babel Information Model, Section 3.5.";
}
leaf exp-ucast-hello-seqno { leaf hello-mcast-history {
type uint16; type string;
default "0"; description
description "The multicast Hello history of whether or not the
"Expected unicast Hello sequence number of next Hello to multicast Hello packets prior to babel-exp-mcast-
be received from this neighbor; if unicast Hello hello-seqno were received, with a '1' for the most
packets are not expected, or processing of unicast recent Hello placed in the most significant bit and
packets is not enabled, this MUST be 0."; prior Hellos shifted right (with '0' bits placed
reference between prior Hellos and most recent Hello for any
"RFC ZZZZ, Babel Information Model, Section 3.5."; not-received Hellos); represented as a string using
} utf-8 encoded hex digits where a '1' bit = Hello
received and a '0' bit = Hello not received.";
reference
"RFC ZZZZ: Babel Information Model, Section 3.5.";
}
leaf ucast-hello-seqno { leaf hello-ucast-history {
type uint16; type string;
description description
"Expected unicast Hello sequence number of next Hello "The unicast Hello history of whether or not the
to be received from this neighbor. If unicast Hello unicast Hello packets prior to babel-exp-ucast-
packets are not expected, or processing of unicast hello-seqno were received, with a '1' for the most
packets is not enabled, this MUST be 0."; recent Hello placed in the most significant bit and
reference prior Hellos shifted right (with '0' bits placed
"RFC ZZZZ, Babel Information Model, Section 3.5."; between prior Hellos and most recent Hello for any
} not-received Hellos); represented as a string using
utf-8 encoded hex digits where a '1' bit = Hello
received and a '0' bit = Hello not received.";
reference
"RFC ZZZZ: Babel Information Model, Section 3.5.";
}
leaf ucast-hello-interval { leaf txcost {
type uint16; type int32;
units centiseconds; default "0";
description description
"The current interval in use for unicast hellos sent to "Transmission cost value from the last IHU packet
this neighbor. Units are centiseconds."; received from this neighbor, or maximum value
reference (infinity) to indicate the IHU hold timer for this
"RFC ZZZZ, Babel Information Model, Section 3.5."; neighbor has expired description.";
} reference
"RFC ZZZZ: Babel Information Model, Section 3.5.";
}
leaf rxcost { leaf exp-mcast-hello-seqno {
type int32; type uint16;
description default "0";
"Reception cost calculated for this neighbor. This value description
is usually derived from the Hello history, which may be "Expected multicast Hello sequence number of next Hello
combined with other data, such as statistics maintained to be received from this neighbor; if multicast Hello
by the link layer. The rxcost is sent to a neighbor in packets are not expected, or processing of multicast
each IHU."; packets is not enabled, this MUST be NULL.";
reference reference
"RFC ZZZZ, Babel Information Model, Section 3.5."; "RFC ZZZZ: Babel Information Model, Section 3.5.";
} }
leaf cost { leaf exp-ucast-hello-seqno {
type int32; type uint16;
description default "0";
"Link cost is computed from the values maintained in description
the neighbor table. The statistics kept in the neighbor "Expected unicast Hello sequence number of next Hello to
table about the reception of Hellos, and the txcost be received from this neighbor; if unicast Hello
computed from received IHU packets."; packets are not expected, or processing of unicast
reference packets is not enabled, this MUST be NULL.";
"RFC ZZZZ, Babel Information Model, Section 3.5."; reference
} "RFC ZZZZ: Babel Information Model, Section 3.5.";
}
container stats { leaf ucast-hello-seqno {
config false; type uint16;
leaf sent-ucast-hello { description
type yt:counter32; "Expected unicast Hello sequence number of next Hello
description to be received from this neighbor. If unicast Hello
"A count of the number of unicast Hello packets sent packets are not expected, or processing of unicast
to this neighbor."; packets is not enabled, this MUST be 0.";
reference reference
"RFC ZZZZ, Babel Information Model, Section 3.6."; "RFC ZZZZ: Babel Information Model, Section 3.5.";
} }
leaf sent-ucast-update { leaf ucast-hello-interval {
type yt:counter32; type uint16;
description units centiseconds;
"A count of the number of unicast update packets sent description
to this neighbor."; "The current interval in use for unicast hellos sent to
reference this neighbor. Units are centiseconds.";
"RFC ZZZZ, Babel Information Model, Section 3.6."; reference
} "RFC ZZZZ: Babel Information Model, Section 3.5.";
}
leaf sent-ihu { leaf rxcost {
type yt:counter32; type int32;
description description
"A count of the number of IHU packets sent to this "Reception cost calculated for this neighbor. This value
neighbor."; is usually derived from the Hello history, which may be
reference combined with other data, such as statistics maintained
"RFC ZZZZ, Babel Information Model, Section 3.6."; by the link layer. The rxcost is sent to a neighbor in
} each IHU.";
reference
"RFC ZZZZ: Babel Information Model, Section 3.5.";
}
leaf received-hello { leaf cost {
type yt:counter32; type int32;
description description
"A count of the number of Hello packets received from "Link cost is computed from the values maintained in
this neighbor."; the neighbor table. The statistics kept in the neighbor
reference table about the reception of Hellos, and the txcost
"RFC ZZZZ, Babel Information Model, Section 3.6."; computed from received IHU packets.";
} reference
leaf received-update { "RFC ZZZZ: Babel Information Model, Section 3.5.";
type yt:counter32; }
description description
"A count of the number of update packets received "A set of Babel Neighbor Object.";
from this neighbor."; reference
reference "RFC ZZZZ: Babel Information Model, Section 3.5.";
"RFC ZZZZ, Babel Information Model, Section 3.6."; }
} description
"A set of Babel Interface objects.";
reference
"RFC ZZZZ: Babel Information Model, Section 3.3.";
}
leaf received-ihu { list mac {
type yt:counter32; key "name";
description
"A count of the number of IHU packets received from
this neighbor.";
reference
"RFC ZZZZ, Babel Information Model, Section 3.6.";
}
action reset { leaf name {
input { type string;
leaf reset-at { description
type yt:date-and-time; "A string that uniquely identifies the mac object.";
description }
"The time the reset was issued.";
}
}
output {
leaf reset-finished-at {
type yt:date-and-time;
description
"The time when the reset operation finished.";
}
}
}
description
"Statistics collection object for this neighbor.";
reference
"RFC ZZZZ, Babel Information Model, Section 3.6.";
}
description
"A set of Babel Neighbor Object.";
reference
"RFC ZZZZ, Babel Information Model, Section 3.5.";
}
description
"A set of Babel Interface objects.";
reference
"RFC ZZZZ, Babel Information Model, Section 3.3.";
} leaf default-apply {
type boolean;
description
"A Boolean flag indicating whether this babel-mac
instance is applied to all new interfaces, by default. If
'true', this instance is applied to new
babel-interfaces instances at the time they are created,
by including it in the babel-interface-mac-keys list.
If 'false', this instance is not applied to new
babel-interfaces instances when they are created.";
list hmac { reference
key "name"; "RFC ZZZZ: Babel Information Model, Section 3.7.";
}
leaf name { list keys {
type string; key "name";
description min-elements "1";
"A string that uniquely identifies the hmac object.";
}
leaf default-apply { leaf name {
type boolean; type string;
description mandatory true;
"A Boolean flag indicating whether this babel-hmac description
instance is applied to all new interfaces, by default. If "A unique name for this MAC key that can be used to
'true', this instance is applied to new identify the key in this object instance, since the key
babel-interfaces instances at the time they are created, value is not allowed to be read. This value can only be
by including it in the babel-interface-hmac-keys list. provided when this instance is created, and is not
If 'false', this instance is not applied to new subsequently writable.";
babel-interfaces instances when they are created."; reference
reference "RFC ZZZZ: Babel Information Model, Section 3.8.";
"RFC ZZZZ, Babel Information Model, Section 3.8."; }
}
list keys { leaf use-sign {
key "name"; type boolean;
min-elements "1"; mandatory true;
description
"Indicates whether this key value is used to sign sent
Babel packets. Sent packets are signed using this key
if the value is 'true'. If the value is 'false', this
key is not used to sign sent Babel packets.";
reference
"RFC ZZZZ: Babel Information Model, Section 3.8.";
}
leaf name { leaf use-verify {
type string; type boolean;
mandatory "true"; mandatory true;
description description
"A unique name for this HMAC key that can be used to "Indicates whether this key value is used to verify
identify the key in this object instance, since the key incoming Babel packets. This key is used to verify
value is not allowed to be read. This value can only be incoming packets if the value is 'true'. If the value
provided when this instance is created, and is not is 'false', no MAC is computed from this key for
subsequently writable."; comparing an incoming packet.";
reference reference
"RFC ZZZZ, Babel Information Model, Section 3.9."; "RFC ZZZZ: Babel Information Model, Section 3.8.";
} }
leaf use-sign { leaf value {
type boolean; type binary;
mandatory "true"; mandatory true;
description description
"Indicates whether this key value is used to sign sent "The value of the MAC key. An implementation MUST NOT
Babel packets. Sent packets are signed using this key allow this parameter to be read. This can be done by
if the value is 'true'. If the value is 'false', this always providing an empty string, or through
key is not used to sign sent Babel packets."; permissions, or other means. This value MUST be
reference provided when this instance is created, and is not
"RFC ZZZZ, Babel Information Model, Section 3.9."; subsequently writable.
}
leaf use-verify { This value is of a length suitable for the associated
type boolean; babel-mac-key-algorithm. If the algorithm is based on
mandatory "true"; the HMAC construction [RFC2104], the length MUST be
description between 0 and the block size of the underlying hash
"Indicates whether this key value is used to verify inclusive (where 'HMAC-SHA256' block size is 64
incoming Babel packets. This key is used to verify bytes as described in [RFC4868]). If the algorithm
incoming packets if the value is 'true'. If the value is 'BLAKE2s', the length MUST be between 0 and 32
is 'false', no HMAC is computed from this key for bytes inclusive, as described in [RFC7693].";
comparing an incoming packet."; reference
reference "RFC ZZZZ: Babel Information Model, Section 3.8,
"RFC ZZZZ, Babel Information Model, Section 3.9."; RFC 2104: HMAC: Keyed-Hashing for Message
} Authentication
RFC 4868: Using HMAC-SHA-256, HMAC-SHA-384, and
HMAC-SHA-512 with IPsec,
RFC 7693: The BLAKE2 Cryptographic Hash and Message
Authentication Code (MAC).";
}
leaf value { leaf algorithm {
type binary; type identityref {
mandatory "true"; base mac-algorithms;
description }
"The value of the HMAC key. An implementation MUST NOT description
allow this parameter to be read. This can be done by "The name of the MAC algorithm used with this key. The
always providing an empty string, or through value MUST be the same as one of the enumerations
permissions, or other means. This value MUST be listed in the babel-mac-algorithms parameter.";
provided when this instance is created, and is not reference
subsequently writable."; "RFC ZZZZ: Babel Information Model, Section 3.8.";
reference }
"RFC ZZZZ, Babel Information Model, Section 3.9.";
}
action test { action test {
input { input {
leaf test-string { leaf test-string {
type binary; type binary;
mandatory "true"; mandatory true;
description description
"The test string on which this test has to be "The test string on which this test has to be
performed."; performed.";
} }
}
output {
leaf resulting-hash {
type binary;
mandatory "true";
description
"An operation that allows the HMAC key and hash
algorithm to be tested to see if they produce an
expected outcome. Input to this operation is a
binary string. The implementation is expected to
create a hash of this string using the
babel-hmac-key-value and the babel-hmac-algorithm.
The output of this operation is the resulting hash,
as a binary string.";
reference
"RFC ZZZZ, Babel Information Model, Section 3.9.";
}
}
}
description
"A set of babel-hmac-keys-obj objects.";
reference
"RFC ZZZZ, Babel Information Model, Section 3.8.";
}
description
"A babel-hmac-obj object. If this object is implemented, it
provides access to parameters related to the HMAC security
mechanism.";
reference
"RFC ZZZZ, Babel Information Model, Section 3.1.";
}
list dtls { }
key "name"; output {
leaf resulting-hash {
type binary;
mandatory true;
description
"An operation that allows the MAC key and hash
algorithm to be tested to see if they produce an
expected outcome. Input to this operation is a
binary string. The implementation is expected to
create a hash of this string using the
babel-mac-key-value and the babel-mac-algorithm.
The output of this operation is the resulting hash,
as a binary string.";
reference
"RFC ZZZZ: Babel Information Model, Section 3.8.";
}
}
}
description
"A set of babel-mac-keys-obj objects.";
reference
"RFC ZZZZ: Babel Information Model, Section 3.8.";
}
description
"A babel-mac-obj object. If this object is implemented, it
provides access to parameters related to the MAC security
mechanism.";
reference
"RFC ZZZZ: Babel Information Model, Section 3.7.";
}
leaf name { list dtls {
type string; key "name";
description
"TODO: This attribute does not exist in the model, but is
needed for this model to work.";
}
leaf default-apply { leaf name {
type boolean; type string;
mandatory "true"; description
description "A string that uniquely identifies a dtls object.";
"A Boolean flag indicating whether this babel-dtls }
instance is applied to all new interfaces, by default. If
'true', this instance is applied to new babel-interfaces
instances at the time they are created, by including it
in the babel-interface-dtls-certs list. If 'false',
this instance is not applied to new babel-interfaces
instances when they are created.";
reference
"RFC ZZZZ, Babel Information Model, Section 3.10.";
}
list certs { leaf default-apply {
key "name"; type boolean;
min-elements "1"; mandatory true;
description
"A Boolean flag indicating whether this babel-dtls
instance is applied to all new interfaces, by default. If
'true', this instance is applied to new babel-interfaces
instances at the time they are created, by including it
in the babel-interface-dtls-certs list. If 'false',
this instance is not applied to new babel-interfaces
instances when they are created.";
reference
"RFC ZZZZ: Babel Information Model, Section 3.9.";
}
leaf name { list certs {
type string; key "name";
description min-elements "1";
"A unique name that identifies the cert in the list.";
}
leaf value { leaf name {
type string; type string;
mandatory "true"; description
description "A unique name for this DTLS certificate that can be
"The DTLS certificate in PEM format [RFC7468]. This used to identify the certificate in this object
value can only be provided when this instance is instance, since the value is too long to be useful
created, and is not subsequently writable."; for identification. This value MUST NOT be empty
reference and can only be provided when this instance is created
"RFC ZZZZ, Babel Information Model, Section 3.11."; (i.e., it is not subsequently writable).";
} reference
"RFC ZZZZ: Babel Information Model, Section 3.10.";
}
leaf type { leaf value {
type identityref { type string;
base dtls-cert-types; mandatory true;
} description
mandatory "true"; "The DTLS certificate in PEM format [RFC7468]. This
description value can only be provided when this instance is
"The name of the certificate type of this object created, and is not subsequently writable.";
instance. The value MUST be the same as one of the reference
enumerations listed in the babel-dtls-cert-types "RFC ZZZZ: Babel Information Model, Section 3.10.";
parameter. This value can only be provided when this }
instance is created, and is not subsequently writable.";
reference
"RFC ZZZZ, Babel Information Model, Section 3.11.";
}
leaf private-key { leaf type {
type binary; type identityref {
mandatory "true"; base dtls-cert-types;
description }
"The value of the private key. If this is non-empty, mandatory true;
this certificate can be used by this implementation to description
provide a certificate during DTLS handshaking. An "The name of the certificate type of this object
implementation MUST NOT allow this parameter to be instance. The value MUST be the same as one of the
read. This can be done by always providing an empty enumerations listed in the babel-dtls-cert-types
string, or through permissions, or other means. This parameter. This value can only be provided when this
value can only be provided when this instance is instance is created, and is not subsequently writable.";
created, and is not subsequently writable."; reference
reference "RFC ZZZZ: Babel Information Model, Section 3.10.";
"RFC ZZZZ, Babel Information Model, Section 3.11."; }
}
action test { leaf private-key {
input { type binary;
leaf test-string { mandatory true;
type binary; description
mandatory "true"; "The value of the private key. If this is non-empty,
description this certificate can be used by this implementation to
"The test string on which this test has to be provide a certificate during DTLS handshaking. An
performed."; implementation MUST NOT allow this parameter to be
} read. This can be done by always providing an empty
} string, or through permissions, or other means. This
output { value can only be provided when this instance is
leaf resulting-hash { created, and is not subsequently writable.";
type binary; reference
mandatory "true"; "RFC ZZZZ: Babel Information Model, Section 3.10.";
description }
"The output of this operation is a binary string,
and is the resulting hash computed using the
certificate public key, and the SHA-256
hash algorithm.";
}
}
}
description
"A set of babel-dtls-keys-obj objects. This contains
both certificates for this implementation to present
for authentication, and to accept from others.
Certificates with a non-empty babel-cert-private-key
can be presented by this implementation for
authentication.";
reference
"RFC ZZZZ, Babel Information Model, Section 3.10.";
}
description
"A babel-dtls-obj object. If this object is implemented,
it provides access to parameters related to the DTLS
security mechanism.";
reference
"RFC ZZZZ, Babel Information Model, Section 3.1";
}
description
"Babel Information Objects.";
reference action test {
"RFC ZZZZ, Babel Information Model, Section 3."; input {
} leaf test-string {
} type binary;
augment "/rt:routing/rt:ribs/rt:rib/rt:routes/rt:route" { mandatory true;
when "derived-from(rt:source-protocol, 'babel')" { description
description "The test string on which this test has to be
"Augmentation is valid for a routes whose source protocol performed.";
is Babel."; }
} }
description output {
"Babel specific route attributes."; leaf resulting-hash {
uses routes; type binary;
} mandatory true;
} description
"The output of this operation is a binary string,
and is the resulting hash computed using the
certificate public key, and the SHA-256
hash algorithm.";
}
}
}
description
"A set of babel-dtls-keys-obj objects. This contains
both certificates for this implementation to present
for authentication, and to accept from others.
Certificates with a non-empty babel-cert-private-key
can be presented by this implementation for
authentication.";
<CODE ENDS> reference
"RFC ZZZZ: Babel Information Model, Section 3.10.";
}
description
"A babel-dtls-obj object. If this object is implemented,
it provides access to parameters related to the DTLS
security mechanism.";
reference
"RFC ZZZZ: Babel Information Model, Section 3.9";
}
description
"Babel Information Objects.";
reference
"RFC ZZZZ: Babel Information Model, Section 3.";
2.4. Example uses routes;
}
}
}
The following snippet demonstrates how this data module can be <CODE ENDS>
configured. In this example, the routing protocol being configured
is Babel, and statistics gathering is enabled.
<?xml version="1.0" encoding="UTF-8"?>
<config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<routing
xmlns="urn:ietf:params:xml:ns:yang:ietf-routing">
<control-plane-protocols>
<control-plane-protocol>
<type
xmlns:babel="urn:ietf:params:xml:ns:yang:ietf-babel">babel:babel
</type>
<name>name:babel</name>
<babel
xmlns="urn:ietf:params:xml:ns:yang:ietf-babel">
<enable>true</enable>
<stats-enable>true</stats-enable>
</babel>
</control-plane-protocol>
</control-plane-protocols>
</routing>
</config>
3. IANA Considerations 3. IANA Considerations
This document registers one URIs and one YANG module. This document registers one URIs and one YANG module.
3.1. URI Registrations 3.1. URI Registrations
URI: urn:ietf:params:xml:ns:yang:ietf-babel URI: urn:ietf:params:xml:ns:yang:ietf-babel
3.2. YANG Module Name Registration 3.2. YANG Module Name Registration
skipping to change at page 31, line 40 skipping to change at page 29, line 14
The NETCONF Access Control Model (NACM [RFC8341]) provides the means The NETCONF Access Control Model (NACM [RFC8341]) provides the means
to restrict access for particular NETCONF users to a pre-configured to restrict access for particular NETCONF users to a pre-configured
subset of all available NETCONF protocol operations and content. subset of all available NETCONF protocol operations and content.
There are a number of data nodes defined in the YANG module which are There are a number of data nodes defined in the YANG module which are
writable/created/deleted (i.e., config true, which is the default). writable/created/deleted (i.e., config true, which is the default).
These data nodes may be considered sensitive or vulnerable in some These data nodes may be considered sensitive or vulnerable in some
network environments. Write operations (e.g., <edit-config>) to network environments. Write operations (e.g., <edit-config>) to
these data nodes without proper protection can have a negative effect these data nodes without proper protection can have a negative effect
on network operations. on network operations.These are the subtrees and data nodes and their
sensitivity/vulnerability from a config true perspective:
These are the subtrees and data nodes and their sensitivity/ babel: This container includes an "enable" parameter that can be used
vulnerability: to enable or disable use of Babel on a router
babel/constants: This container includes configuration parameters
that can prevent reachability if misconfigured.
babel/interfaces: This leaf-list has configuration parameters that
can enable/disable security mechanisms and change performance
characteristics of the Babel protocol.
babel/hmac and babel/dtls: These contain security credentials that
influence whether packets are trusted.
Some of the readable data or config false nodes in this YANG module
may be considered sensitive or vulnerable in some network
environments. It is thus important to control read access (e.g., via
get, get-config, or notification) to these data nodes. These are the
subtrees and data nodes and their sensitivity/vulnerability from a
config false perpective:
babel: Access to the information in the various nodes can disclose
the network topology. Additionally, the routes used by a network
device may be used to mount a subsequent attack on traffic traversing
the network device.
babel/hmac and babel/dtls: These contain security credentials,
include private credentials of the router.
Some of the RPC operations in this YANG module may be considered
sensitive or vulnerable in some network environments. It is thus
important to control access to these operations. These are the
operations and their sensitivity/vulnerability from a RPC operation
perspective:
babel/hmac/hmac/keys/test and babel/dtls/certs/test: These can be
used in a brute force attack to identify the credentials being used
to secure the Babel protocol.
5. Acknowledgements 5. Acknowledgements
Juliusz Chroboczek provided most of the example configurations for
babel that are shown in the Appendix.
6. References 6. References
6.1. Normative References 6.1. Normative References
[I-D.ietf-babel-rfc6126bis] [I-D.ietf-babel-rfc6126bis]
Chroboczek, J. and D. Schinazi, "The Babel Routing Chroboczek, J. and D. Schinazi, "The Babel Routing
Protocol", draft-ietf-babel-rfc6126bis-11 (work in Protocol", draft-ietf-babel-rfc6126bis-14 (work in
progress), June 2019. progress), August 2019.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC4868] Kelly, S. and S. Frankel, "Using HMAC-SHA-256, HMAC-SHA-
384, and HMAC-SHA-512 with IPsec", RFC 4868,
DOI 10.17487/RFC4868, May 2007,
<https://www.rfc-editor.org/info/rfc4868>.
[RFC6347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer
Security Version 1.2", RFC 6347, DOI 10.17487/RFC6347,
January 2012, <https://www.rfc-editor.org/info/rfc6347>.
[RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types",
RFC 6991, DOI 10.17487/RFC6991, July 2013, RFC 6991, DOI 10.17487/RFC6991, July 2013,
<https://www.rfc-editor.org/info/rfc6991>. <https://www.rfc-editor.org/info/rfc6991>.
[RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language",
RFC 7950, DOI 10.17487/RFC7950, August 2016, RFC 7950, DOI 10.17487/RFC7950, August 2016,
<https://www.rfc-editor.org/info/rfc7950>. <https://www.rfc-editor.org/info/rfc7950>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
skipping to change at page 32, line 41 skipping to change at page 31, line 14
[RFC8349] Lhotka, L., Lindem, A., and Y. Qu, "A YANG Data Model for [RFC8349] Lhotka, L., Lindem, A., and Y. Qu, "A YANG Data Model for
Routing Management (NMDA Version)", RFC 8349, Routing Management (NMDA Version)", RFC 8349,
DOI 10.17487/RFC8349, March 2018, DOI 10.17487/RFC8349, March 2018,
<https://www.rfc-editor.org/info/rfc8349>. <https://www.rfc-editor.org/info/rfc8349>.
6.2. Informative References 6.2. Informative References
[I-D.ietf-babel-information-model] [I-D.ietf-babel-information-model]
Stark, B. and M. Jethanandani, "Babel Information Model", Stark, B. and M. Jethanandani, "Babel Information Model",
draft-ietf-babel-information-model-06 (work in progress), draft-ietf-babel-information-model-08 (work in progress),
July 2019. August 2019.
[RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed-
Hashing for Message Authentication", RFC 2104,
DOI 10.17487/RFC2104, February 1997,
<https://www.rfc-editor.org/info/rfc2104>.
[RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for
the Network Configuration Protocol (NETCONF)", RFC 6020, the Network Configuration Protocol (NETCONF)", RFC 6020,
DOI 10.17487/RFC6020, October 2010, DOI 10.17487/RFC6020, October 2010,
<https://www.rfc-editor.org/info/rfc6020>. <https://www.rfc-editor.org/info/rfc6020>.
[RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed.,
and A. Bierman, Ed., "Network Configuration Protocol and A. Bierman, Ed., "Network Configuration Protocol
(NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011,
<https://www.rfc-editor.org/info/rfc6241>. <https://www.rfc-editor.org/info/rfc6241>.
[RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure
Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011,
<https://www.rfc-editor.org/info/rfc6242>. <https://www.rfc-editor.org/info/rfc6242>.
[RFC7693] Saarinen, M-J., Ed. and J-P. Aumasson, "The BLAKE2
Cryptographic Hash and Message Authentication Code (MAC)",
RFC 7693, DOI 10.17487/RFC7693, November 2015,
<https://www.rfc-editor.org/info/rfc7693>.
[RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF
Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017,
<https://www.rfc-editor.org/info/rfc8040>. <https://www.rfc-editor.org/info/rfc8040>.
[RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams",
BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018,
<https://www.rfc-editor.org/info/rfc8340>. <https://www.rfc-editor.org/info/rfc8340>.
[RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration
Access Control Model", STD 91, RFC 8341, Access Control Model", STD 91, RFC 8341,
skipping to change at page 33, line 38 skipping to change at page 32, line 16
and R. Wilton, "Network Management Datastore Architecture and R. Wilton, "Network Management Datastore Architecture
(NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018,
<https://www.rfc-editor.org/info/rfc8342>. <https://www.rfc-editor.org/info/rfc8342>.
[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
<https://www.rfc-editor.org/info/rfc8446>. <https://www.rfc-editor.org/info/rfc8446>.
Appendix A. An Appendix Appendix A. An Appendix
This section is devoted to examples that demonstrate how Babel can be
configured.
A.1. Statistics Gathering Enabled
In this example, interface eth0 is being configured for routing
protocol Babel, and statistics gathering is enabled.
<?xml version="1.0" encoding="UTF-8"?>
<config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"
xmlns:ianaift="urn:ietf:params:xml:ns:yang:iana-if-type">
<interface>
<name>eth0</name>
<type>ianaift:ethernetCsmacd</type>
<enabled>true</enabled>
</interface>
</interfaces>
<routing
xmlns="urn:ietf:params:xml:ns:yang:ietf-routing">
<control-plane-protocols>
<control-plane-protocol>
<type
xmlns:babel="urn:ietf:params:xml:ns:yang:ietf-babel">babel:babel
</type>
<name>name:babel</name>
<babel
xmlns="urn:ietf:params:xml:ns:yang:ietf-babel">
<enable>true</enable>
<interfaces>
<reference>eth0</reference>
<metric-algorithm>two-out-of-three</metric-algorithm>
<split-horizon>true</split-horizon>
</interfaces>
<stats-enable>true</stats-enable>
</babel>
</control-plane-protocol>
</control-plane-protocols>
</routing>
</config>
A.2. Automatic Detection of Properties
<!-- In this example, babeld is configured on two interfaces
interface eth0
interface wlan0
This says to run Babel on interfaces eth0 and wlan0. Babeld will
automatically detect that eth0 is wired and wlan0 is wireless, and
will configure the right parameters automatically.
-->
<?xml version="1.0" encoding="UTF-8"?>
<config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"
xmlns:ianaift="urn:ietf:params:xml:ns:yang:iana-if-type">
<interface>
<name>eth0</name>
<type>ianaift:ethernetCsmacd</type>
<enabled>true</enabled>
</interface>
<interface>
<name>wlan0</name>
<type>ianaift:ieee80211</type>
<enabled>true</enabled>
</interface>
</interfaces>
<routing
xmlns="urn:ietf:params:xml:ns:yang:ietf-routing">
<control-plane-protocols>
<control-plane-protocol>
<type
xmlns:babel="urn:ietf:params:xml:ns:yang:ietf-babel">babel:babel
</type>
<name>name:babel</name>
<babel
xmlns="urn:ietf:params:xml:ns:yang:ietf-babel">
<enable>true</enable>
<interfaces>
<reference>eth0</reference>
<enable>true</enable>
<metric-algorithm>two-out-of-three</metric-algorithm>
<split-horizon>true</split-horizon>
</interfaces>
<interfaces>
<reference>wlan0</reference>
<enable>true</enable>
<metric-algorithm>etx</metric-algorithm>
<split-horizon>false</split-horizon>
</interfaces>
</babel>
</control-plane-protocol>
</control-plane-protocols>
</routing>
</config>
A.3. Override Default Properties
<!-- In this example, babeld is configured on three interfaces
interface eth0
interface eth1 type wireless
interface tun0 type tunnel
Here, interface eth1 is an Ethernet bridged to a wireless radio, so
babeld's autodetection fails, and the interface type needs to be
configured manually. Tunnels are not detected automatically, so this
needs to be specified.
This is equivalent to the following:
interface eth0 metric-algorithm 2-out-of-3 split-horizon true
interface eth1 metric-algorithm etx split-horizon false
interface tun0 metric-algorithm 2-out-of-3 split-horizon true
-->
<?xml version="1.0" encoding="UTF-8"?>
<config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"
xmlns:ianaift="urn:ietf:params:xml:ns:yang:iana-if-type">
<interface>
<name>eth0</name>
<type>ianaift:ethernetCsmacd</type>
<enabled>true</enabled>
</interface>
<interface>
<name>eth1</name>
<type>ianaift:ethernetCsmacd</type>
<enabled>true</enabled>
</interface>
<interface>
<name>tun0</name>
<type>ianaift:tunnel</type>
<enabled>true</enabled>
</interface>
</interfaces>
<routing
xmlns="urn:ietf:params:xml:ns:yang:ietf-routing">
<control-plane-protocols>
<control-plane-protocol>
<type
xmlns:babel="urn:ietf:params:xml:ns:yang:ietf-babel">babel:babel
</type>
<name>name:babel</name>
<babel
xmlns="urn:ietf:params:xml:ns:yang:ietf-babel">
<enable>true</enable>
<interfaces>
<reference>eth0</reference>
<enable>true</enable>
<metric-algorithm>two-out-of-three</metric-algorithm>
<split-horizon>true</split-horizon>
</interfaces>
<interfaces>
<reference>eth1</reference>
<enable>true</enable>
<metric-algorithm>etx</metric-algorithm>
<split-horizon>false</split-horizon>
</interfaces>
<interfaces>
<reference>tun0</reference>
<enable>true</enable>
<metric-algorithm>two-out-of-three</metric-algorithm>
<split-horizon>true</split-horizon>
</interfaces>
</babel>
</control-plane-protocol>
</control-plane-protocols>
</routing>
</config>
A.4. Configuring other Properties
<!-- In this example, two interfaces are configured for babeld
interface eth0
interface ppp0 hello-interval 30 update-interval 120
Here, ppp0 is a metered 3G link used for fallback connectivity. It runs
with much higher than default time constants in order to avoid control
traffic as much as possible.
-->
<?xml version="1.0" encoding="UTF-8"?>
<config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"
xmlns:ianaift="urn:ietf:params:xml:ns:yang:iana-if-type">
<interface>
<name>eth0</name>
<type>ianaift:ethernetCsmacd</type>
<enabled>true</enabled>
</interface>
<interface>
<name>ppp0</name>
<type>ianaift:ppp</type>
<enabled>true</enabled>
</interface>
</interfaces>
<routing
xmlns="urn:ietf:params:xml:ns:yang:ietf-routing">
<control-plane-protocols>
<control-plane-protocol>
<type
xmlns:babel="urn:ietf:params:xml:ns:yang:ietf-babel">babel:babel
</type>
<name>name:babel</name>
<babel
xmlns="urn:ietf:params:xml:ns:yang:ietf-babel">
<enable>true</enable>
<interfaces>
<reference>eth0</reference>
<enable>true</enable>
<metric-algorithm>two-out-of-three</metric-algorithm>
<split-horizon>true</split-horizon>
</interfaces>
<interfaces>
<reference>ppp0</reference>
<enable>true</enable>
<mcast-hello-interval>30</mcast-hello-interval>
<update-interval>120</update-interval>
<metric-algorithm>two-out-of-three</metric-algorithm>
</interfaces>
</babel>
</control-plane-protocol>
</control-plane-protocols>
</routing>
</config>
Authors' Addresses Authors' Addresses
Mahesh Jethanandani Mahesh Jethanandani
VMware VMware
California California
USA USA
Email: mjethanandani@gmail.com Email: mjethanandani@gmail.com
Barbara Stark Barbara Stark
AT&T AT&T
Atlanta, GA Atlanta, GA
USA USA
Email: barbara.stark@att.com Email: barbara.stark@att.com
 End of changes. 132 change blocks. 
1182 lines changed or deleted 1354 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/