draft-ietf-netconf-rfc7895bis-04.txt   draft-ietf-netconf-rfc7895bis-05.txt 
Network Working Group A. Bierman Network Working Group A. Bierman
Internet-Draft YumaWorks Internet-Draft YumaWorks
Obsoletes: 7895 (if approved) M. Bjorklund Obsoletes: 7895 (if approved) M. Bjorklund
Intended status: Standards Track Tail-f Systems Intended status: Standards Track Tail-f Systems
Expires: August 2, 2018 J. Schoenwaelder Expires: August 31, 2018 J. Schoenwaelder
Jacobs University Jacobs University
K. Watsen K. Watsen
Juniper Networks Juniper Networks
R. Wilton R. Wilton
Cisco Systems Cisco Systems
January 29, 2018 February 27, 2018
YANG Library YANG Library
draft-ietf-netconf-rfc7895bis-04 draft-ietf-netconf-rfc7895bis-05
Abstract Abstract
This document describes a YANG library that provides information This document describes a YANG library that provides information
about the YANG modules, datastores, and datastore schemas used by a about the YANG modules, datastores, and datastore schemas used by a
network management server. Simple caching mechanisms are provided to network management server. Simple caching mechanisms are provided to
allow clients to minimize retrieval of this information. This allow clients to minimize retrieval of this information. This
version of the YANG library supports the Network Management Datastore version of the YANG library supports the Network Management Datastore
Architecture by listing all datastores supported by a network Architecture by listing all datastores supported by a network
management server and the schema that is used by each of these management server and the schema that is used by each of these
skipping to change at page 1, line 46 skipping to change at page 1, line 46
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 2, 2018. This Internet-Draft will expire on August 31, 2018.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 29 skipping to change at page 2, line 29
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Objectives . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. Objectives . . . . . . . . . . . . . . . . . . . . . . . . . 4
4. YANG Library Data Model . . . . . . . . . . . . . . . . . . . 6 4. YANG Library Data Model . . . . . . . . . . . . . . . . . . . 6
5. YANG Library YANG Module . . . . . . . . . . . . . . . . . . 8 5. YANG Library YANG Module . . . . . . . . . . . . . . . . . . 8
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 21 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 21
7. Security Considerations . . . . . . . . . . . . . . . . . . . 21 7. Security Considerations . . . . . . . . . . . . . . . . . . . 21
8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 22 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 22
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 22 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 22
9.1. Normative References . . . . . . . . . . . . . . . . . . 22 9.1. Normative References . . . . . . . . . . . . . . . . . . 22
9.2. Informative References . . . . . . . . . . . . . . . . . 23 9.2. Informative References . . . . . . . . . . . . . . . . . 23
Appendix A. Summary of Changes from RFC 7895 . . . . . . . . . . 25 Appendix A. Summary of Changes from RFC 7895 . . . . . . . . . . 25
Appendix B. Example YANG Library Instance for a Basic Server . . 25 Appendix B. Example YANG Library Instance for a Basic Server . . 25
Appendix C. Example YANG Library Instance for an Advanced Server 28 Appendix C. Example YANG Library Instance for an Advanced Server 27
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 32 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 31
1. Introduction 1. Introduction
There is a need for a standard mechanism to expose which YANG modules There is a need for a standard mechanism to expose which YANG modules
[RFC7950], datastores and datastore schemas [RFC7950], datastores and datastore schemas
[I-D.ietf-netmod-revised-datastores] are in use by a network [I-D.ietf-netmod-revised-datastores] are in use by a network
management server. management server.
This document defines the YANG module "ietf-yang-library" that This document defines the YANG module "ietf-yang-library" that
provides this informaton. This version of the YANG library is provides this information. This version of the YANG library is
compatible with the Network Management Datastore Architecture (NMDA) compatible with the Network Management Datastore Architecture (NMDA)
[I-D.ietf-netmod-revised-datastores]. The previous version of the [I-D.ietf-netmod-revised-datastores]. The previous version of the
YANG library, defined in [RFC7895], is not compatible with the NMDA YANG library, defined in [RFC7895], is not compatible with the NMDA
since it assumes that all datastores have exactly the same schema. since it assumes that all datastores have exactly the same schema.
This is not necessarily true in the NMDA since dynamic configuration This is not necessarily true in the NMDA since dynamic configuration
datastores may have their own datastore schema. Furthermore, the datastores may have their own datastore schema. Furthermore, the
operational state datastore may support non-configurable YANG modules operational state datastore may support non-configurable YANG modules
in addition to the YANG modules supported by conventional in addition to the YANG modules supported by conventional
configuration datastores. configuration datastores.
The old YANG library definitions have been retained (for backwards The old YANG library definitions have been retained (for backwards
compability reasons) but the definitions have been marked as compatibility reasons) but the definitions have been marked as
deprecated. For backwards compatability, an NMDA-supporting server deprecated. For backwards compatibility, an NMDA-supporting server
SHOULD populate the deprecated "/modules-state" tree in a backwards- SHOULD populate the deprecated "/modules-state" tree in a backwards-
compatible manner. The new "/yang-library" tree would be ignored by compatible manner. The new "/yang-library" tree would be ignored by
legacy clients, while providing all the data needed for NMDA-aware legacy clients, while providing all the data needed for NMDA-aware
clients, which would themselves ignore the "/modules-state" tree. clients, which would themselves ignore the "/modules-state" tree.
The recommended approach to populate /modules-state is to report the The recommended approach to populate "/modules-state" is to report
schema for YANG modules that are configurable via conventional the schema for YANG modules that are configurable via conventional
datastores and for which config false data nodes are returned via a datastores and for which config false data nodes are returned via a
NETCONF <get> operation, or equivalent. NETCONF <get> operation, or equivalent.
The YANG library information can be different on every server and it The YANG library information can be different on every server and it
can change at runtime or across a server reboot. If a server can change at runtime or across a server reboot. If a server
implements multiple network management protocols to access the implements multiple network management protocols to access the
server's datastores, then each such protocol may have its own server's datastores, then each such protocol may have its own
conceptual instantiation of the YANG library. conceptual instantiation of the YANG library.
If a large number of YANG modules are utilized by a server, then the If a large number of YANG modules are utilized by a server, then the
skipping to change at page 4, line 8 skipping to change at page 4, line 8
2. Terminology 2. Terminology
The following terms are defined in [RFC7950]: The following terms are defined in [RFC7950]:
o module o module
o submodule o submodule
o data node o data node
This document uses the phrase "implementing a module" as defined in
[RFC7950] Section 5.6.5.
The following terms are defined in The following terms are defined in
[I-D.ietf-netmod-revised-datastores]: [I-D.ietf-netmod-revised-datastores]:
o datastore o datastore
o datastore schema o datastore schema
o configuration o configuration
o configuration datastore o configuration datastore
skipping to change at page 5, line 15 skipping to change at page 5, line 15
o revision: Each YANG module and submodule within the library SHOULD o revision: Each YANG module and submodule within the library SHOULD
have a revision. This is derived from the most recent revision have a revision. This is derived from the most recent revision
statement within the module or submodule. statement within the module or submodule.
o submodule list: The name, and if defined, revision of each o submodule list: The name, and if defined, revision of each
submodule used by the module MUST be identified. submodule used by the module MUST be identified.
o feature list: The name of each YANG feature supported by the o feature list: The name of each YANG feature supported by the
server, in a given datastore schema, MUST be identified. server, in a given datastore schema, MUST be identified.
o deviation list: The name of each YANG module used for deviation o deviation list: The name of each YANG module with deviation
statements, in a given datastore schema, MUST be identified. statements affecting a given YANG module, in a given datastore
schema, MUST be identified.
In addition, the following information is needed by a client In addition, the following information is needed by a client
application for each datastore supported by a server: application for each datastore supported by a server:
o identity: The YANG identity for the datastore. o identity: The YANG identity for the datastore.
o schema: The schema (i.e., the set of modules) implemented by the o schema: The schema (i.e., the set of modules) implemented by the
datastore. datastore.
In order to select one out of several possible data model designs, In order to select one out of several possible data model designs,
skipping to change at page 6, line 31 skipping to change at page 6, line 34
+-----------+ +--------+ +------------+ +-----------+ +--------+ +------------+
Figure 1 Figure 1
The conceptual model of the YANG library is depicted in Figure 1. The conceptual model of the YANG library is depicted in Figure 1.
Following the NMDA, every datastore has an associated datastore Following the NMDA, every datastore has an associated datastore
schema. A datastore schema is a union of module sets and every schema. A datastore schema is a union of module sets and every
module set is a collection of modules and submodules, including the module set is a collection of modules and submodules, including the
modules and submodules used for imports. Note that multiple modules and submodules used for imports. Note that multiple
datastores may refer to the same datastore schema. Furthermore, it datastores may refer to the same datastore schema. Furthermore, it
is possible that individual datastore schema share module sets. A is possible that individual datastore schemas share module sets. A
common use case is the operational state datastore schema which is a common use case is the operational state datastore schema which is a
superset of the schema used by conventional configuration datastores. superset of the schema used by conventional configuration datastores.
Below is the YANG Tree Diagram for the "ietf-yang-library" module, Below is the YANG Tree Diagram for the "ietf-yang-library" module,
excluding the deprecated "modules-state" tree: excluding the deprecated "modules-state" tree:
module: ietf-yang-library module: ietf-yang-library
+--ro yang-library +--ro yang-library
+--ro module-set* [name] +--ro module-set* [name]
| +--ro name string | +--ro name string
| +--ro module* [name] | +--ro module* [name]
| | +--ro name yang:yang-identifier | | +--ro name yang:yang-identifier
| | +--ro revision? revision-identifier | | +--ro revision? revision-identifier
| | +--ro namespace inet:uri | | +--ro namespace inet:uri
| | +--ro location* inet:uri | | +--ro location* inet:uri
| | +--ro submodule* [name] | | +--ro submodule* [name]
| | | +--ro name yang:yang-identifier | | | +--ro name yang:yang-identifier
| | | +--ro revision? revision-identifier | | | +--ro revision? revision-identifier
| | | +--ro location* inet:uri | | | +--ro location* inet:uri
| | +--ro feature* [name] | | +--ro feature* yang:yang-identifier
| | | +--ro name yang:yang-identifier | | +--ro deviation* -> ../../module/name
| | +--ro deviation* [module]
| | +--ro module -> ../../../module/name
| +--ro import-only-module* [name revision] | +--ro import-only-module* [name revision]
| +--ro name yang:yang-identifier | +--ro name yang:yang-identifier
| +--ro revision union | +--ro revision union
| +--ro namespace inet:uri | +--ro namespace inet:uri
| +--ro location* inet:uri | +--ro location* inet:uri
| +--ro submodule* [name] | +--ro submodule* [name]
| +--ro name yang:yang-identifier | +--ro name yang:yang-identifier
| +--ro revision? revision-identifier | +--ro revision? revision-identifier
| +--ro location* inet:uri | +--ro location* inet:uri
+--ro schema* [name] +--ro schema* [name]
skipping to change at page 9, line 5 skipping to change at page 9, line 5
The "ietf-yang-library" YANG module imports definitions from The "ietf-yang-library" YANG module imports definitions from
"ietf-yang-types" and "ietf-inet-types" defined in [RFC6991] and from "ietf-yang-types" and "ietf-inet-types" defined in [RFC6991] and from
"ietf-datastores" defined in [I-D.ietf-netmod-revised-datastores]. "ietf-datastores" defined in [I-D.ietf-netmod-revised-datastores].
While the YANG module is defined using YANG version 1.1, the YANG While the YANG module is defined using YANG version 1.1, the YANG
library supports the YANG modules written in any version of YANG. library supports the YANG modules written in any version of YANG.
RFC Ed.: update the date below with the date of RFC publication and RFC Ed.: update the date below with the date of RFC publication and
remove this note. remove this note.
<CODE BEGINS> file "ietf-yang-library@2018-01-26.yang" <CODE BEGINS> file "ietf-yang-library@2018-02-21.yang"
module ietf-yang-library {
yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-yang-library";
prefix "yanglib";
import ietf-yang-types {
prefix yang;
reference "RFC 6991: Common YANG Data Types.";
}
import ietf-inet-types {
prefix inet;
reference "RFC 6991: Common YANG Data Types.";
}
import ietf-datastores {
prefix ds;
reference "I-D.ietf-revised-datastores:
Network Management Datastore Architecture.";
}
organization
"IETF NETCONF (Network Configuration) Working Group";
contact module ietf-yang-library {
"WG Web: <http://tools.ietf.org/wg/netconf/> yang-version 1.1;
WG List: <mailto:netconf@ietf.org> namespace "urn:ietf:params:xml:ns:yang:ietf-yang-library";
prefix "yanglib";
Author: Andy Bierman import ietf-yang-types {
<mailto:andy@yumaworks.com> prefix yang;
reference "RFC 6991: Common YANG Data Types.";
}
import ietf-inet-types {
prefix inet;
reference "RFC 6991: Common YANG Data Types.";
}
import ietf-datastores {
prefix ds;
// RFC Ed.: update the reference below with the actual RFC number
reference "RFC XXXX: Network Management Datastore Architecture.";
}
Author: Martin Bjorklund organization
<mailto:mbj@tail-f.com> "IETF NETCONF (Network Configuration) Working Group";
Author: Juergen Schoenwaelder contact
<mailto:j.schoenwaelder@jacobs-university.de> "WG Web: <http://tools.ietf.org/wg/netconf/>
WG List: <mailto:netconf@ietf.org>
Author: Kent Watsen Author: Andy Bierman
<mailto:kwatsen@juniper.net> <mailto:andy@yumaworks.com>
Author: Rob Wilton Author: Martin Bjorklund
<rwilton@cisco.com>"; <mailto:mbj@tail-f.com>
description Author: Juergen Schoenwaelder
"This module provides information about the YANG modules, <mailto:j.schoenwaelder@jacobs-university.de>
datastores, and datastore schemas used by a network
management server.
Copyright (c) 2018 IETF Trust and the persons identified as Author: Kent Watsen
authors of the code. All rights reserved. <mailto:kwatsen@juniper.net>
Redistribution and use in source and binary forms, with or Author: Rob Wilton
without modification, is permitted pursuant to, and subject <rwilton@cisco.com>";
to the license terms contained in, the Simplified BSD License
set forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(http://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX; see description
the RFC itself for full legal notices."; "This module provides information about the YANG modules,
datastores, and datastore schemas used by a network
management server.
// RFC Ed.: update the date below with the date of RFC publication Copyright (c) 2018 IETF Trust and the persons identified as
// and remove this note. authors of the code. All rights reserved.
// RFC Ed.: replace XXXX with actual RFC number and remove this
// note.
revision 2018-01-26 {
description
"Added support for multiple datastores according to the
Network Management Datastore Architecture (NMDA).";
reference
"RFC XXXX: YANG Library.";
}
revision 2016-04-09 {
description
"Initial revision.";
reference
"RFC 7895: YANG Module Library.";
}
/* Redistribution and use in source and binary forms, with or
* Typedefs without modification, is permitted pursuant to, and subject
*/ to the license terms contained in, the Simplified BSD License
set forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(http://trustee.ietf.org/license-info).
typedef revision-identifier { This version of this YANG module is part of RFC XXXX; see
type string { the RFC itself for full legal notices.";
pattern '\d{4}-\d{2}-\d{2}';
}
description
"Represents a specific date in YYYY-MM-DD format.";
}
/* // RFC Ed.: update the date below with the date of RFC publication
* Groupings // and remove this note.
*/ // RFC Ed.: replace XXXX with actual RFC number and remove this
// note.
revision 2018-02-21 {
description
"Added support for multiple datastores according to the
Network Management Datastore Architecture (NMDA).";
reference
"RFC XXXX: YANG Library.";
}
revision 2016-04-09 {
description
"Initial revision.";
reference
"RFC 7895: YANG Module Library.";
}
grouping module-identification-leafs { /*
description * Typedefs
"Parameters for identifying YANG modules and submodules."; */
leaf name { typedef revision-identifier {
type yang:yang-identifier; type string {
mandatory true; pattern '\d{4}-\d{2}-\d{2}';
description }
"The YANG module or submodule name."; description
} "Represents a specific date in YYYY-MM-DD format.";
leaf revision { }
type revision-identifier;
description
"The YANG module or submodule revision date. If no revision
statement is present in the YANG module or submodule, this
leaf is not instantiated.";
}
}
grouping location-leaf-list { /*
description * Groupings
"Common location leaf list parameter for modules and */
submodules.";
leaf-list location { grouping module-identification-leafs {
type inet:uri; description
description "Parameters for identifying YANG modules and submodules.";
"Contains a URL that represents the YANG schema
resource for this module or submodule.
This leaf will only be present if there is a URL leaf name {
available for retrieval of the schema for this entry."; type yang:yang-identifier;
} mandatory true;
} description
"The YANG module or submodule name.";
}
leaf revision {
type revision-identifier;
description
"The YANG module or submodule revision date. If no revision
statement is present in the YANG module or submodule, this
leaf is not instantiated.";
}
}
grouping implementation-parameters { grouping location-leaf-list {
description description
"Parameters for describing the implementation of a module."; "Common location leaf list parameter for modules and
submodules.";
list feature { leaf-list location {
key "name"; type inet:uri;
description description
"List of YANG feature names from this module that are "Contains a URL that represents the YANG schema
supported by the server, regardless whether they are defined resource for this module or submodule.
in the module or any included submodule.";
leaf name {
type yang:yang-identifier;
description
"A feature supported by the server.";
} This leaf will only be present if there is a URL
} available for retrieval of the schema for this entry.";
list deviation { }
key "module"; }
description
"List of YANG deviation modules used by this server to modify
the conformance of the module associated with this entry.
Note that the same module can be used for deviations for
multiple modules, so the same entry MAY appear within
multiple 'module' entries.";
leaf module { grouping implementation-parameters {
type leafref { description
path "../../../module/name"; "Parameters for describing the implementation of a module.";
}
description
"A module that deviates the module associated with this
entry.
While this reference MUST NOT be directly or indirectly leaf-list feature {
self-referential, clients must make sure that they type yang:yang-identifier;
handle such a situation gracefully."; description
} "List of YANG feature names from this module that are
} supported by the server, regardless whether they are defined
} in the module or any included submodule.";
}
leaf-list deviation {
type leafref {
path "../../module/name";
grouping module-set-parameters { }
description description
"A set of parameters that describe a module set."; "List of YANG deviation modules used by this server to modify
the conformance of the module associated with this entry.
Note that the same module can be used for deviations for
multiple modules, so the same entry MAY appear within
multiple 'module' entries.
leaf name { This reference MUST NOT (directly or indirectly)
type string; refer to the module being deviated.
description
"An arbitrary name of the module set.";
}
list module {
key "name";
description
"An entry in this list represents a module implemented by the
server with a particular set of supported features and
deviations.
The server implements one or more protocol-accessible Robust clients may want to make sure that they handle a
objects defined in the YANG module identified in this entry. situation where a module deviates itself (directly or
This includes deviation statements defined in the module."; indirectly) gracefully.";
}
}
uses module-identification-leafs; grouping module-set-parameters {
leaf namespace { description
type inet:uri; "A set of parameters that describe a module set.";
mandatory true;
description
"The XML namespace identifier for this module.";
}
uses location-leaf-list; leaf name {
type string;
description
"An arbitrary name of the module set.";
}
list module {
key "name";
description
"An entry in this list represents a module implemented by the
server, as per RFC 7950 section 5.6.5, with a particular set
of supported features and deviations.";
reference
"RFC 7950: The YANG 1.1 Data Modeling Language.";
list submodule { uses module-identification-leafs;
key "name";
description
"Each entry represents one submodule within the
parent module.";
uses module-identification-leafs;
uses location-leaf-list;
}
uses implementation-parameters; leaf namespace {
} type inet:uri;
list import-only-module { mandatory true;
key "name revision"; description
description "The XML namespace identifier for this module.";
"An entry in this list indicates that the server imports }
reusable definitions from the specified revision of the
module, but does not implement any protocol accessible
objects from this revision.
Multiple entries for the same module name MAY exist. This uses location-leaf-list;
can occur if multiple modules import the same module, but
specify different revision-dates in the import statements.";
leaf name { list submodule {
type yang:yang-identifier; key "name";
description description
"The YANG module name."; "Each entry represents one submodule within the
} parent module.";
leaf revision { uses module-identification-leafs;
type union { uses location-leaf-list;
type revision-identifier; }
type string {
length 0;
}
}
description
"The YANG module revision date.
A zero-length string is used if no revision statement
is present in the YANG module.";
} uses implementation-parameters;
leaf namespace { }
type inet:uri; list import-only-module {
mandatory true; key "name revision";
description description
"The XML namespace identifier for this module."; "An entry in this list indicates that the server imports
} reusable definitions from the specified revision of the
module, but does not implement any protocol accessible
objects from this revision.
uses location-leaf-list; Multiple entries for the same module name MAY exist. This
can occur if multiple modules import the same module, but
specify different revision-dates in the import statements.";
list submodule { leaf name {
key "name"; type yang:yang-identifier;
description description
"Each entry represents one submodule within the "The YANG module name.";
parent module."; }
leaf revision {
type union {
type revision-identifier;
type string {
length 0;
}
}
description
"The YANG module revision date.
A zero-length string is used if no revision statement
is present in the YANG module.";
}
leaf namespace {
type inet:uri;
mandatory true;
description
"The XML namespace identifier for this module.";
}
uses module-identification-leafs; uses location-leaf-list;
uses location-leaf-list;
}
}
}
grouping yang-library-parameters { list submodule {
description key "name";
"The YANG library data structure is represented as a grouping description
so it can be reused in configuration or another monitoring "Each entry represents one submodule within the
data structure."; parent module.";
list module-set { uses module-identification-leafs;
key name; uses location-leaf-list;
description }
"A set of modules that may be used by one or more schemas. }
}
A module set does not have to be referentially complete, grouping yang-library-parameters {
i.e., it may define modules that contain import statements description
for other modules not included in the module set."; "The YANG library data structure is represented as a grouping
so it can be reused in configuration or another monitoring
data structure.";
uses module-set-parameters; list module-set {
} key name;
description
"A set of modules that may be used by one or more schemas.
list schema { A module set does not have to be referentially complete,
key "name"; i.e., it may define modules that contain import statements
description for other modules not included in the module set.";
"A datastore schema that may be used by one or more
datastores.
The schema must be valid and referentially complete, i.e., it uses module-set-parameters;
must contain modules to satisfy all used import statements }
for all modules specified in the schema";
leaf name { list schema {
type string; key "name";
description description
"An arbitrary name of the schema."; "A datastore schema that may be used by one or more
} datastores.
leaf-list module-set {
type leafref {
path "../../module-set/name";
}
description
"A set of module-sets that are included in this schema.
If a non-import module appears in multiple module sets,
then the module revision and the associated features
and deviations must be identical.";
}
}
list datastore { The schema must be valid and referentially complete, i.e.,
key "name"; it must contain modules to satisfy all used import
description statements for all modules specified in the schema.";
"A datastore supported by this server.
Each datastore indicates which schema it supports. leaf name {
type string;
description
"An arbitrary name of the schema.";
}
leaf-list module-set {
type leafref {
path "../../module-set/name";
}
description
"A set of module-sets that are included in this schema.
If a non import-only module appears in multiple module
sets, then the module revision and the associated features
and deviations must be identical.";
}
}
The server MUST instantiate one entry in this list per list datastore {
specific datastore it supports. key "name";
description
"A datastore supported by this server.
Each datstore entry with the same datastore schema SHOULD Each datastore indicates which schema it supports.
reference the same schema.";
leaf name { The server MUST instantiate one entry in this list per
type ds:datastore-ref; specific datastore it supports.
description
"The identity of the datastore.";
}
leaf schema {
type leafref {
path "../../schema/name";
}
mandatory true;
description
"A reference to the schema supported by this datastore.
All non-import modules of the schema are implemented
with their associated features and deviations.";
}
}
} Each datstore entry with the same datastore schema SHOULD
reference the same schema.";
/* leaf name {
* Top-level container type ds:datastore-ref;
*/ description
"The identity of the datastore.";
}
leaf schema {
type leafref {
path "../../schema/name";
}
mandatory true;
description
"A reference to the schema supported by this datastore.
All non import-only modules of the schema are implemented
with their associated features and deviations.";
}
}
}
container yang-library { /*
config false; * Top-level container
description */
"Container holding the entire YANG library of this server.";
uses yang-library-parameters; container yang-library {
config false;
description
"Container holding the entire YANG library of this server.";
leaf checksum { uses yang-library-parameters;
type string;
mandatory true;
description
"A server-generated checksum of the contents of the
'yang-library' tree. The server MUST change the value of
this leaf if the information represented by the
'yang-library' tree, except 'yang-library/checksum', has
changed.";
}
}
/* leaf checksum {
* Notifications type string;
*/ mandatory true;
description
"A server-generated checksum of the contents of the
'yang-library' tree. The server MUST change the value of
this leaf if the information represented by the
'yang-library' tree, except 'yang-library/checksum', has
changed.";
}
}
notification yang-library-update { /*
description * Notifications
"Generated when any YANG library information on the */
server has changed.";
leaf checksum { notification yang-library-update {
type leafref { description
path "/yanglib:yang-library/yanglib:checksum"; "Generated when any YANG library information on the
} server has changed.";
mandatory true;
description
"Contains the YANG library checksum for the updated YANG
library at the time the notification is generated.";
}
}
/* leaf checksum {
* Legacy groupings type leafref {
*/ path "/yanglib:yang-library/yanglib:checksum";
}
mandatory true;
description
"Contains the YANG library checksum for the updated YANG
library at the time the notification is generated.";
}
}
grouping module-list { /*
status deprecated; * Legacy groupings
description */
"The module data structure is represented as a grouping
so it can be reused in configuration or another monitoring
data structure.";
grouping common-leafs { grouping module-list {
status deprecated; status deprecated;
description description
"Common parameters for YANG modules and submodules."; "The module data structure is represented as a grouping
so it can be reused in configuration or another monitoring
data structure.";
leaf name { grouping common-leafs {
type yang:yang-identifier; status deprecated;
status deprecated; description
description "Common parameters for YANG modules and submodules.";
"The YANG module or submodule name.";
}
leaf revision {
type union {
type revision-identifier;
type string {
length 0;
}
}
status deprecated;
description
"The YANG module or submodule revision date.
A zero-length string is used if no revision statement
is present in the YANG module or submodule.";
}
}
grouping schema-leaf {
status deprecated;
description
"Common schema leaf parameter for modules and submodules.";
leaf schema {
type inet:uri;
description
"Contains a URL that represents the YANG schema
resource for this module or submodule.
This leaf will only be present if there is a URL leaf name {
available for retrieval of the schema for this entry."; type yang:yang-identifier;
} status deprecated;
} description
"The YANG module or submodule name.";
}
leaf revision {
type union {
type revision-identifier;
type string {
length 0;
}
}
status deprecated;
description
"The YANG module or submodule revision date.
A zero-length string is used if no revision statement
is present in the YANG module or submodule.";
}
}
grouping schema-leaf {
status deprecated;
description
"Common schema leaf parameter for modules and submodules.";
leaf schema {
type inet:uri;
description
"Contains a URL that represents the YANG schema
resource for this module or submodule.
list module { This leaf will only be present if there is a URL
key "name revision"; available for retrieval of the schema for this entry.";
status deprecated; }
description }
"Each entry represents one revision of one module
currently supported by the server.";
uses common-leafs { list module {
status deprecated; key "name revision";
} status deprecated;
uses schema-leaf { description
status deprecated; "Each entry represents one revision of one module
} currently supported by the server.";
leaf namespace { uses common-leafs {
type inet:uri; status deprecated;
mandatory true; }
status deprecated; uses schema-leaf {
description status deprecated;
"The XML namespace identifier for this module."; }
}
leaf-list feature {
type yang:yang-identifier;
status deprecated;
description
"List of YANG feature names from this module that are
supported by the server, regardless whether they are
defined in the module or any included submodule.";
}
list deviation {
key "name revision";
status deprecated;
description
"List of YANG deviation module names and revisions
used by this server to modify the conformance of
the module associated with this entry. Note that
the same module can be used for deviations for
multiple modules, so the same entry MAY appear
within multiple 'module' entries.
The deviation module MUST be present in the 'module' leaf namespace {
list, with the same name and revision values. type inet:uri;
The 'conformance-type' value will be 'implement' for mandatory true;
the deviation module."; status deprecated;
uses common-leafs { description
status deprecated; "The XML namespace identifier for this module.";
} }
} leaf-list feature {
leaf conformance-type { type yang:yang-identifier;
type enumeration { status deprecated;
enum implement { description
description "List of YANG feature names from this module that are
"Indicates that the server implements one or more supported by the server, regardless whether they are
protocol-accessible objects defined in the YANG module defined in the module or any included submodule.";
identified in this entry. This includes deviation }
statements defined in the module. list deviation {
key "name revision";
status deprecated;
description
"List of YANG deviation module names and revisions
used by this server to modify the conformance of
the module associated with this entry. Note that
the same module can be used for deviations for
multiple modules, so the same entry MAY appear
within multiple 'module' entries.
For YANG version 1.1 modules, there is at most one The deviation module MUST be present in the 'module'
module entry with conformance type 'implement' for a list, with the same name and revision values.
particular module name, since YANG 1.1 requires that The 'conformance-type' value will be 'implement' for
at most one revision of a module is implemented. the deviation module.";
uses common-leafs {
status deprecated;
}
}
leaf conformance-type {
type enumeration {
enum implement {
description
"Indicates that the server implements one or more
protocol-accessible objects defined in the YANG module
identified in this entry. This includes deviation
statements defined in the module.
For YANG version 1 modules, there SHOULD NOT be more For YANG version 1.1 modules, there is at most one
than one module entry for a particular module name."; module entry with conformance type 'implement' for a
} particular module name, since YANG 1.1 requires that
enum import { at most one revision of a module is implemented.
description
"Indicates that the server imports reusable definitions
from the specified revision of the module, but does
not implement any protocol accessible objects from
this revision.
Multiple module entries for the same module name MAY For YANG version 1 modules, there SHOULD NOT be more
exist. This can occur if multiple modules import the than one module entry for a particular module name.";
same module, but specify different revision-dates in }
the import statements."; enum import {
} description
} "Indicates that the server imports reusable definitions
mandatory true; from the specified revision of the module, but does
status deprecated; not implement any protocol accessible objects from
description this revision.
"Indicates the type of conformance the server is claiming
for the YANG module identified by this entry.";
}
list submodule {
key "name revision";
status deprecated;
description
"Each entry represents one submodule within the
parent module.";
uses common-leafs {
status deprecated;
}
uses schema-leaf {
status deprecated;
}
}
} Multiple module entries for the same module name MAY
} exist. This can occur if multiple modules import the
same module, but specify different revision-dates in
the import statements.";
}
}
mandatory true;
status deprecated;
description
"Indicates the type of conformance the server is claiming
for the YANG module identified by this entry.";
}
list submodule {
key "name revision";
status deprecated;
description
"Each entry represents one submodule within the
parent module.";
uses common-leafs {
status deprecated;
}
uses schema-leaf {
status deprecated;
}
}
}
}
/* /*
* Legacy operational state data nodes * Legacy operational state data nodes
*/ */
container modules-state { container modules-state {
config false; config false;
status deprecated; status deprecated;
description description
"Contains YANG module monitoring information."; "Contains YANG module monitoring information.";
leaf module-set-id { leaf module-set-id {
type string; type string;
mandatory true; mandatory true;
status deprecated; status deprecated;
description description
"Contains a server-specific identifier representing "Contains a server-specific identifier representing
the current set of modules and submodules. The the current set of modules and submodules. The
server MUST change the value of this leaf if the server MUST change the value of this leaf if the
information represented by the 'module' list instances information represented by the 'module' list instances
has changed."; has changed.";
} }
uses module-list { uses module-list {
status deprecated; status deprecated;
} }
} }
/* /*
* Legacy notifications * Legacy notifications
*/ */
notification yang-library-change { notification yang-library-change {
status deprecated; status deprecated;
description description
"Generated when the set of modules and submodules supported "Generated when the set of modules and submodules supported
by the server has changed."; by the server has changed.";
leaf module-set-id { leaf module-set-id {
type leafref { type leafref {
path "/yanglib:modules-state/yanglib:module-set-id"; path "/yanglib:modules-state/yanglib:module-set-id";
} }
mandatory true; mandatory true;
status deprecated; status deprecated;
description description
"Contains the module-set-id value representing the "Contains the module-set-id value representing the
set of modules and submodules supported at the server set of modules and submodules supported at the server
at the time the notification is generated."; at the time the notification is generated.";
} }
} }
} }
<CODE ENDS> <CODE ENDS>
6. IANA Considerations 6. IANA Considerations
RFC 7895 previously registered one URI in the IETF XML registry RFC 7895 previously registered one URI in the IETF XML registry
[RFC3688]. This document takes over this registration entry made by [RFC3688]. This document takes over this registration entry made by
RFC 7895 and changes the Registrant to the IESG according to RFC 7895 and changes the Registrant to the IESG according to
Section 4 in [RFC3688]. Section 4 in [RFC3688].
skipping to change at page 22, line 24 skipping to change at page 22, line 17
management protocols), this YANG module potentially exposes management protocols), this YANG module potentially exposes
additional details that could be of some assistance to an attacker. additional details that could be of some assistance to an attacker.
Server vulnerabilities may be specific to particular modules, module Server vulnerabilities may be specific to particular modules, module
revisions, module features, or even module deviations. For example, revisions, module features, or even module deviations. For example,
if a particular operation on a particular data node is known to cause if a particular operation on a particular data node is known to cause
a server to crash or significantly degrade device performance, then a server to crash or significantly degrade device performance, then
the module list information will help an attacker identify server the module list information will help an attacker identify server
implementations with such a defect, in order to launch a denial-of- implementations with such a defect, in order to launch a denial-of-
service attack on the device. service attack on the device.
8. Acknowledgements 8. Acknowledgments
Contributions to this material by Andy Bierman are based upon work Contributions to this material by Andy Bierman are based upon work
supported by the The Space & Terrestrial Communications Directorate supported by the The Space & Terrestrial Communications Directorate
(S&TCD) under Contract No. W15P7T-13-C-A616. Any opinions, findings (S&TCD) under Contract No. W15P7T-13-C-A616. Any opinions, findings
and conclusions or recommendations expressed in this material are and conclusions or recommendations expressed in this material are
those of the author(s) and do not necessarily reflect the views of those of the author(s) and do not necessarily reflect the views of
The Space & Terrestrial Communications Directorate (S&TCD). The Space & Terrestrial Communications Directorate (S&TCD).
9. References 9. References
skipping to change at page 24, line 9 skipping to change at page 23, line 48
[I-D.ietf-i2rs-yang-network-topo] [I-D.ietf-i2rs-yang-network-topo]
Clemm, A., Medved, J., Varga, R., Bahadur, N., Clemm, A., Medved, J., Varga, R., Bahadur, N.,
Ananthakrishnan, H., and X. Liu, "A Data Model for Network Ananthakrishnan, H., and X. Liu, "A Data Model for Network
Topologies", draft-ietf-i2rs-yang-network-topo-20 (work in Topologies", draft-ietf-i2rs-yang-network-topo-20 (work in
progress), December 2017. progress), December 2017.
[I-D.ietf-netconf-nmda-netconf] [I-D.ietf-netconf-nmda-netconf]
Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K.,
and R. Wilton, "NETCONF Extensions to Support the Network and R. Wilton, "NETCONF Extensions to Support the Network
Management Datastore Architecture", draft-ietf-netconf- Management Datastore Architecture", draft-ietf-netconf-
nmda-netconf-02 (work in progress), January 2018. nmda-netconf-03 (work in progress), February 2018.
[I-D.ietf-netconf-nmda-restconf] [I-D.ietf-netconf-nmda-restconf]
Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K.,
and R. Wilton, "RESTCONF Extensions to Support the Network and R. Wilton, "RESTCONF Extensions to Support the Network
Management Datastore Architecture", draft-ietf-netconf- Management Datastore Architecture", draft-ietf-netconf-
nmda-restconf-02 (work in progress), January 2018. nmda-restconf-02 (work in progress), January 2018.
[I-D.ietf-netmod-entity] [I-D.ietf-netmod-entity]
Bierman, A., Bjorklund, M., Dong, J., and D. Romascanu, "A Bierman, A., Bjorklund, M., Dong, J., and D. Romascanu, "A
YANG Data Model for Hardware Management", draft-ietf- YANG Data Model for Hardware Management", draft-ietf-
skipping to change at page 24, line 44 skipping to change at page 24, line 38
Routing Management (NMDA Version)", draft-ietf-netmod- Routing Management (NMDA Version)", draft-ietf-netmod-
rfc8022bis-11 (work in progress), January 2018. rfc8022bis-11 (work in progress), January 2018.
[I-D.ietf-netmod-schema-mount] [I-D.ietf-netmod-schema-mount]
Bjorklund, M. and L. Lhotka, "YANG Schema Mount", draft- Bjorklund, M. and L. Lhotka, "YANG Schema Mount", draft-
ietf-netmod-schema-mount-08 (work in progress), October ietf-netmod-schema-mount-08 (work in progress), October
2017. 2017.
[I-D.ietf-netmod-yang-tree-diagrams] [I-D.ietf-netmod-yang-tree-diagrams]
Bjorklund, M. and L. Berger, "YANG Tree Diagrams", draft- Bjorklund, M. and L. Berger, "YANG Tree Diagrams", draft-
ietf-netmod-yang-tree-diagrams-05 (work in progress), ietf-netmod-yang-tree-diagrams-06 (work in progress),
January 2018. February 2018.
[RFC5277] Chisholm, S. and H. Trevino, "NETCONF Event [RFC5277] Chisholm, S. and H. Trevino, "NETCONF Event
Notifications", RFC 5277, DOI 10.17487/RFC5277, July 2008, Notifications", RFC 5277, DOI 10.17487/RFC5277, July 2008,
<https://www.rfc-editor.org/info/rfc5277>. <https://www.rfc-editor.org/info/rfc5277>.
[RFC6470] Bierman, A., "Network Configuration Protocol (NETCONF) [RFC6470] Bierman, A., "Network Configuration Protocol (NETCONF)
Base Notifications", RFC 6470, DOI 10.17487/RFC6470, Base Notifications", RFC 6470, DOI 10.17487/RFC6470,
February 2012, <https://www.rfc-editor.org/info/rfc6470>. February 2012, <https://www.rfc-editor.org/info/rfc6470>.
[RFC7895] Bierman, A., Bjorklund, M., and K. Watsen, "YANG Module [RFC7895] Bierman, A., Bjorklund, M., and K. Watsen, "YANG Module
skipping to change at page 28, line 7 skipping to change at page 27, line 44
<datastore> <datastore>
<name>ds:operational</name> <name>ds:operational</name>
<schema>state-schema</schema> <schema>state-schema</schema>
</datastore> </datastore>
<checksum>75a43df9bd56b92aacc156a2958fbe12312fb285</checksum> <checksum>75a43df9bd56b92aacc156a2958fbe12312fb285</checksum>
</yang-library> </yang-library>
Appendix C. Example YANG Library Instance for an Advanced Server Appendix C. Example YANG Library Instance for an Advanced Server
The following example extends the preceding Basic Server YANG Libary The following example extends the preceding Basic Server YANG Library
example, by using modules from [I-D.ietf-netmod-rfc8022bis] and example, by using modules from [I-D.ietf-netmod-rfc8022bis] and
[I-D.ietf-i2rs-yang-network-topo], to illustrate a slightly more [I-D.ietf-i2rs-yang-network-topo], to illustrate a slightly more
advanced server that: advanced server that:
o Has a module with features only enabled in <operational>; the o Has a module with features only enabled in <operational>; the
"ietf-routing module" is supported in <running>, <startup>, and "ietf-routing module" is supported in <running>, <startup>, and
<operational>, but the "multiple-ribs" and "router-id" features <operational>, but the "multiple-ribs" and "router-id" features
are only enabled in <operational>. Hence the "router-id" leaf may are only enabled in <operational>. Hence the "router-id" leaf may
be read but not configured. be read but not configured.
skipping to change at page 30, line 21 skipping to change at page 30, line 11
</module-set> </module-set>
<module-set> <module-set>
<name>state-only-modules</name> <name>state-only-modules</name>
<module> <module>
<name>ietf-hardware</name> <name>ietf-hardware</name>
<revision>2018-12-18</revision> <!-- RFC Ed. update this --> <revision>2018-12-18</revision> <!-- RFC Ed. update this -->
<namespace> <namespace>
urn:ietf:params:xml:ns:yang:ietf-hardware urn:ietf:params:xml:ns:yang:ietf-hardware
</namespace> </namespace>
<deviation>example-vendor-hardware-deviations</deviation>
</module> </module>
<module> <module>
<name>ietf-routing</name> <name>ietf-routing</name>
<revision>2018-01-25</revision> <!-- RFC Ed. update this --> <revision>2018-01-25</revision> <!-- RFC Ed. update this -->
<namespace> <namespace>
urn:ietf:params:xml:ns:yang:ietf-routing urn:ietf:params:xml:ns:yang:ietf-routing
</namespace> </namespace>
<feature> <feature>multiple-ribs</feature>
<name>multiple-ribs</name> <feature>router-id</feature>
</feature> </module>
<feature> <module>
<name>router-id</name> <name>example-vendor-hardware-deviations</name>
</feature> <revision>2018-01-31</revision>
<namespace>
urn:example:example-vendor-hardware-deviations
</namespace>
</module> </module>
<import-only-module> <import-only-module>
<name>ietf-inet-types</name> <name>ietf-inet-types</name>
<revision>2013-07-15</revision> <revision>2013-07-15</revision>
<namespace> <namespace>
urn:ietf:params:xml:ns:yang:ietf-inet-types urn:ietf:params:xml:ns:yang:ietf-inet-types
</namespace> </namespace>
</import-only-module> </import-only-module>
<import-only-module> <import-only-module>
<name>ietf-yang-types</name> <name>ietf-yang-types</name>
skipping to change at page 31, line 9 skipping to change at page 31, line 4
</namespace> </namespace>
</import-only-module> </import-only-module>
<import-only-module> <import-only-module>
<name>iana-hardware</name> <name>iana-hardware</name>
<revision>2017-12-18</revision> <!-- RFC Ed. update this --> <revision>2017-12-18</revision> <!-- RFC Ed. update this -->
<namespace> <namespace>
urn:ietf:params:xml:ns:yang:iana-hardware urn:ietf:params:xml:ns:yang:iana-hardware
</namespace> </namespace>
</import-only-module> </import-only-module>
</module-set> </module-set>
<module-set>
<name>state-only-vendor-deviation-modules</name>
<module>
<name>example-vendor-hardware-deviations</name>
<revision>2018-01-31</revision> <!-- RFC Ed. update this -->
<namespace>
urn:example:example-vendor-hardware-deviations
</namespace>
</module>
</module-set>
<schema> <schema>
<name>config-schema</name> <name>config-schema</name>
<module-set>config-state-modules</module-set> <module-set>config-state-modules</module-set>
<module-set>config-only-modules</module-set> <module-set>config-only-modules</module-set>
</schema> </schema>
<schema> <schema>
<name>dynamic-config-schema</name> <name>dynamic-config-schema</name>
<module-set>dynamic-config-state-modules</module-set> <module-set>dynamic-config-state-modules</module-set>
</schema> </schema>
<schema> <schema>
<name>state-schema</name> <name>state-schema</name>
<module-set>config-state-modules</module-set> <module-set>config-state-modules</module-set>
<module-set>dynamic-config-state-modules</module-set> <module-set>dynamic-config-state-modules</module-set>
<module-set>state-only-modules</module-set> <module-set>state-only-modules</module-set>
<module-set>state-only-vendor-deviation-modules</module-set>
</schema> </schema>
<datastore> <datastore>
<name>ds:startup</name> <name>ds:startup</name>
<schema>config-schema</schema> <schema>config-schema</schema>
</datastore> </datastore>
<datastore> <datastore>
<name>ds:running</name> <name>ds:running</name>
<schema>config-schema</schema> <schema>config-schema</schema>
</datastore> </datastore>
 End of changes. 99 change blocks. 
551 lines changed or deleted 531 lines changed or added

This html diff was produced by rfcdiff 1.46. The latest version is available from http://tools.ietf.org/tools/rfcdiff/