draft-ietf-isis-sr-yang-08.txt   draft-ietf-isis-sr-yang-09.txt 
IS-IS Working Group S. Litkowski IS-IS Working Group S. Litkowski
Internet-Draft Cisco Systems Internet-Draft Cisco Systems
Intended status: Standards Track Y. Qu Intended status: Standards Track Y. Qu
Expires: January 13, 2021 Futurewei Expires: July 15, 2021 Futurewei
P. Sarkar P. Sarkar
Individual Individual
I. Chen I. Chen
The MITRE Corporation The MITRE Corporation
J. Tantsura J. Tantsura
Apstra Apstra
July 12, 2020 January 11, 2021
YANG Data Model for IS-IS Segment Routing YANG Data Model for IS-IS Segment Routing
draft-ietf-isis-sr-yang-08 draft-ietf-isis-sr-yang-09
Abstract Abstract
This document defines a YANG data model that can be used to configure This document defines a YANG data model that can be used to configure
and manage IS-IS Segment Routing. and manage IS-IS Segment Routing.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
skipping to change at page 1, line 38 skipping to change at page 1, line 38
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 13, 2021. This Internet-Draft will expire on July 15, 2021.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
skipping to change at page 2, line 22 skipping to change at page 2, line 22
2. Requirements Language . . . . . . . . . . . . . . . . . . . . 3 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 3
3. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . . . 3 3. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . . . 3
4. IS-IS Segment Routing . . . . . . . . . . . . . . . . . . . . 3 4. IS-IS Segment Routing . . . . . . . . . . . . . . . . . . . . 3
5. IS-IS Segment Routing configuration . . . . . . . . . . . . . 6 5. IS-IS Segment Routing configuration . . . . . . . . . . . . . 6
5.1. Segment Routing activation . . . . . . . . . . . . . . . 6 5.1. Segment Routing activation . . . . . . . . . . . . . . . 6
5.2. Advertising mapping server policy . . . . . . . . . . . . 6 5.2. Advertising mapping server policy . . . . . . . . . . . . 6
5.3. IP Fast reroute . . . . . . . . . . . . . . . . . . . . . 6 5.3. IP Fast reroute . . . . . . . . . . . . . . . . . . . . . 6
6. IS-IS Segment Routing YANG Module . . . . . . . . . . . . . . 6 6. IS-IS Segment Routing YANG Module . . . . . . . . . . . . . . 6
7. Security Considerations . . . . . . . . . . . . . . . . . . . 21 7. Security Considerations . . . . . . . . . . . . . . . . . . . 21
8. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 22 8. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 22
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 22 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 23
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 22 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 23
11. Change log for ietf-isis-sr YANG module . . . . . . . . . . . 22 11. Change log for ietf-isis-sr YANG module . . . . . . . . . . . 23
11.1. From version -03 to version -04 . . . . . . . . . . . . 22 11.1. From version -03 to version -04 . . . . . . . . . . . . 23
11.2. From version -02 to version -03 . . . . . . . . . . . . 22 11.2. From version -02 to version -03 . . . . . . . . . . . . 23
11.3. From isis-sr document version -01 to version -02 . . . . 23 11.3. From isis-sr document version -01 to version -02 . . . . 23
11.4. From isis-sr document version -00 to version -01 . . . . 23 11.4. From isis-sr document version -00 to version -01 . . . . 24
11.5. From isis document version -12 to isis-sr document 11.5. From isis document version -12 to isis-sr document
version -00 . . . . . . . . . . . . . . . . . . . . . . 23 version -00 . . . . . . . . . . . . . . . . . . . . . . 24
11.6. From isis document version -12 to version -13 . . . . . 23 11.6. From isis document version -12 to version -13 . . . . . 24
11.7. From isis document version -09 to version -11 . . . . . 23 11.7. From isis document version -09 to version -11 . . . . . 24
11.8. From isis document version -08 to version -09 . . . . . 23 11.8. From isis document version -08 to version -09 . . . . . 24
11.9. From isis document version -07 to version -08 . . . . . 23 11.9. From isis document version -07 to version -08 . . . . . 24
12. Normative References . . . . . . . . . . . . . . . . . . . . 23 12. Normative References . . . . . . . . . . . . . . . . . . . . 24
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 25 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 26
1. Overview 1. Overview
YANG [RFC6020] [RFC7950] is a data definition language used to define YANG [RFC6020] [RFC7950] is a data definition language used to define
the contents of a conceptual data store that allows networked devices the contents of a conceptual data store that allows networked devices
to be managed using NETCONF [RFC6241]. YANG is proving relevant to be managed using NETCONF [RFC6241]. YANG is proving relevant
beyond its initial confines, as bindings to other interfaces (e.g., beyond its initial confines, as bindings to other interfaces (e.g.,
ReST) and encodings other than XML (e.g., JSON) are being defined. ReST) and encodings other than XML (e.g., JSON) are being defined.
Furthermore, YANG data models can be used as the basis for Furthermore, YANG data models can be used as the basis for
implementation of other interfaces, such as CLI and programmatic implementation of other interfaces, such as CLI and programmatic
skipping to change at page 6, line 48 skipping to change at page 6, line 48
5.3. IP Fast reroute 5.3. IP Fast reroute
IS-IS SR model augments the fast-reroute container under interface. IS-IS SR model augments the fast-reroute container under interface.
It brings the ability to activate TI-LFA (topology independent LFA) It brings the ability to activate TI-LFA (topology independent LFA)
and also enhances remote LFA to use segment-routing tunneling instead and also enhances remote LFA to use segment-routing tunneling instead
of LDP. of LDP.
6. IS-IS Segment Routing YANG Module 6. IS-IS Segment Routing YANG Module
<CODE BEGINS> file "ietf-isis-sr@2020-07-12.yang" <CODE BEGINS> file "ietf-isis-sr@2021-01-11.yang"
module ietf-isis-sr { module ietf-isis-sr {
yang-version 1.1; yang-version 1.1;
namespace "urn:ietf:params:xml:ns:" namespace "urn:ietf:params:xml:ns:"
+ "yang:ietf-isis-sr"; + "yang:ietf-isis-sr";
prefix isis-sr; prefix isis-sr;
import ietf-routing { import ietf-routing {
prefix "rt"; prefix "rt";
reference "RFC 8349 - A YANG Data Model for Routing reference "RFC 8349 - A YANG Data Model for Routing
Management (NMDA Version)"; Management (NMDA Version)";
skipping to change at page 8, line 13 skipping to change at page 8, line 13
"; ";
description description
"The YANG module defines a generic configuration model for "The YANG module defines a generic configuration model for
Segment routing ISIS extensions common across all of the vendor Segment routing ISIS extensions common across all of the vendor
implementations. implementations.
This YANG model conforms to the Network Management This YANG model conforms to the Network Management
Datastore Architecture (NMDA) as described in RFC 8242. Datastore Architecture (NMDA) as described in RFC 8242.
Copyright (c) 2020 IETF Trust and the persons identified as Copyright (c) 2021 IETF Trust and the persons identified as
authors of the code. All rights reserved. authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject to without modification, is permitted pursuant to, and subject to
the license terms contained in, the Simplified BSD License set the license terms contained in, the Simplified BSD License set
forth in Section 4.c of the IETF Trust's Legal Provisions forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents Relating to IETF Documents
(https://trustee.ietf.org/license-info). (https://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX This version of this YANG module is part of RFC XXXX
skipping to change at page 8, line 38 skipping to change at page 8, line 38
NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
'MAY', and 'OPTIONAL' in this document are to be interpreted as 'MAY', and 'OPTIONAL' in this document are to be interpreted as
described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, described in BCP 14 (RFC 2119) (RFC 8174) when, and only when,
they appear in all capitals, as shown here. they appear in all capitals, as shown here.
This version of this YANG module is part of RFC XXXX; This version of this YANG module is part of RFC XXXX;
see the RFC itself for full legal notices."; see the RFC itself for full legal notices.";
reference "RFC XXXX"; reference "RFC XXXX";
revision 2020-07-12 { revision 2021-01-11 {
description description
"Initial revision."; "Initial revision.";
reference "RFC XXXX"; reference "RFC XXXX";
} }
/* Identities */ /* Identities */
identity sr-capability { identity sr-capability {
description description
"Base identity for ISIS SR-Capabilities sub-TLV flgs"; "Base identity for ISIS SR-Capabilities sub-TLV flgs";
} }
skipping to change at page 17, line 29 skipping to change at page 17, line 29
"/isis:isis" { "/isis:isis" {
when "/rt:routing/rt:control-plane-protocols/"+ when "/rt:routing/rt:control-plane-protocols/"+
"rt:control-plane-protocol/rt:type = 'isis:isis'" { "rt:control-plane-protocol/rt:type = 'isis:isis'" {
description description
"This augment ISIS routing protocol when used"; "This augment ISIS routing protocol when used";
} }
description description
"This augments ISIS protocol configuration "This augments ISIS protocol configuration
with segment routing."; with segment routing.";
uses sr-mpls:sr-controlplane; uses sr-mpls:sr-control-plane;
container protocol-srgb { container protocol-srgb {
if-feature sr-mpls:protocol-srgb; if-feature sr-mpls:protocol-srgb;
uses sr-cmn:srgb; uses sr-cmn:srgb;
description description
"Per-protocol SRGB."; "Per-protocol SRGB.";
} }
} }
augment "/rt:routing/" + augment "/rt:routing/" +
"rt:control-plane-protocols/rt:control-plane-protocol"+ "rt:control-plane-protocols/rt:control-plane-protocol"+
skipping to change at page 21, line 47 skipping to change at page 21, line 47
uses segment-routing-binding-tlv; uses segment-routing-binding-tlv;
} }
/* Notifications */ /* Notifications */
} }
<CODE ENDS> <CODE ENDS>
7. Security Considerations 7. Security Considerations
Configuration and state data defined in this document are designed to The YANG module specified in this document defines a schema for data
be accessed via the NETCONF protocol [RFC6241]. that is designed to be accessed via network management protocols such
as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer
is the secure transport layer, and the mandatory-to-implement secure
transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer
is HTTPS, and the mandatory-to-implement secure transport is TLS
[RFC8446].
As IS-IS is an IGP protocol (critical piece of the network), ensuring The NETCONF Access Control Model (NACM) [RFC8341] provides the means
stability and security of the protocol is mandatory for the network to restrict access for particular NETCONF or RESTCONF users to a pre-
service. configured subset of all available NETCONF or RESTCONF protocol
operations and content.
Authors recommends to implement NETCONF access control model There are a number of data nodes defined in this YANG module that are
([RFC6536]) to restrict access to all or part of the configuration to writable/creatable/deletable (i.e., config true, which is the
specific users. default). These data nodes may be considered sensitive or vulnerable
in some network environments. Write operations (e.g., edit-config)
to these data nodes without proper protection can have a negative
effect on network operations. These are the subtrees and data nodes
and their sensitivity/vulnerability:
/isis:isis/segment-routing
/isis:isis/protocol-srgb
/isis:isis/isis:interfaces/isis:interface/segment-routing
Some of the readable data nodes in the modules may be considered
sensitive or vulnerable in some network environments. It is thus
important to control read access (e.g., via get, get-config, or
notification) to these data nodes.
/isis:router-capabilities/sr-capability
/isis:router-capabilities/sr-algorithms
/isis:router-capabilities/local-blocks
/isis:router-capabilities/srms-preference
And the augmentations to the ISIS link state database.
Unauthorized access to any data node of these subtrees can disclose
the operational state information of IS-IS protocol on this device.
8. Contributors 8. Contributors
Authors would like to thank Derek Yeung, Acee Lindem, Yi Yang for Authors would like to thank Derek Yeung, Acee Lindem, Yi Yang for
their major contributions to the draft. their major contributions to the draft.
9. Acknowledgements 9. Acknowledgements
MITRE has approved this document for Public Release, Distribution MITRE has approved this document for Public Release, Distribution
Unlimited, with Public Release Case Number 19-3033. Unlimited, with Public Release Case Number 19-3033.
skipping to change at page 24, line 29 skipping to change at page 25, line 15
[RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for
the Network Configuration Protocol (NETCONF)", RFC 6020, the Network Configuration Protocol (NETCONF)", RFC 6020,
DOI 10.17487/RFC6020, October 2010, DOI 10.17487/RFC6020, October 2010,
<https://www.rfc-editor.org/info/rfc6020>. <https://www.rfc-editor.org/info/rfc6020>.
[RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed.,
and A. Bierman, Ed., "Network Configuration Protocol and A. Bierman, Ed., "Network Configuration Protocol
(NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011,
<https://www.rfc-editor.org/info/rfc6241>. <https://www.rfc-editor.org/info/rfc6241>.
[RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure
Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011,
<https://www.rfc-editor.org/info/rfc6242>.
[RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration
Protocol (NETCONF) Access Control Model", RFC 6536, Protocol (NETCONF) Access Control Model", RFC 6536,
DOI 10.17487/RFC6536, March 2012, DOI 10.17487/RFC6536, March 2012,
<https://www.rfc-editor.org/info/rfc6536>. <https://www.rfc-editor.org/info/rfc6536>.
[RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language",
RFC 7950, DOI 10.17487/RFC7950, August 2016, RFC 7950, DOI 10.17487/RFC7950, August 2016,
<https://www.rfc-editor.org/info/rfc7950>. <https://www.rfc-editor.org/info/rfc7950>.
[RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF
Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017,
<https://www.rfc-editor.org/info/rfc8040>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>. May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams",
BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018,
<https://www.rfc-editor.org/info/rfc8340>. <https://www.rfc-editor.org/info/rfc8340>.
[RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration
Access Control Model", STD 91, RFC 8341,
DOI 10.17487/RFC8341, March 2018,
<https://www.rfc-editor.org/info/rfc8341>.
[RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K.,
and R. Wilton, "Network Management Datastore Architecture and R. Wilton, "Network Management Datastore Architecture
(NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018,
<https://www.rfc-editor.org/info/rfc8342>. <https://www.rfc-editor.org/info/rfc8342>.
[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
<https://www.rfc-editor.org/info/rfc8446>.
[RFC8667] Previdi, S., Ed., Ginsberg, L., Ed., Filsfils, C., [RFC8667] Previdi, S., Ed., Ginsberg, L., Ed., Filsfils, C.,
Bashandy, A., Gredler, H., and B. Decraene, "IS-IS Bashandy, A., Gredler, H., and B. Decraene, "IS-IS
Extensions for Segment Routing", RFC 8667, Extensions for Segment Routing", RFC 8667,
DOI 10.17487/RFC8667, December 2019, DOI 10.17487/RFC8667, December 2019,
<https://www.rfc-editor.org/info/rfc8667>. <https://www.rfc-editor.org/info/rfc8667>.
Authors' Addresses Authors' Addresses
Stephane Litkowski Stephane Litkowski
Cisco Systems Cisco Systems
 End of changes. 19 change blocks. 
30 lines changed or deleted 81 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/