Network Working Group S. Zhuang Internet-Draft Z. Li Intended status: Informational Huawei Technologies Expires: June 25, 2015 December 22, 2014 Yang Data Model for BGP/MPLS IP VPNs draft-zhuang-bess-l3vpn-yang-00 Abstract This document defines a YANG data model that can be used to configure and manage L3VPN (BGP/MPLS IP VPN). Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on June 25, 2015. Copyright Notice Copyright (c) 2014 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must Zhuang & Li Expires June 25, 2015 [Page 1] Internet-Draft Yang Data Model for L3VPN December 2014 include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Definitions and Acronyms . . . . . . . . . . . . . . . . . . 2 3. Design of the L3VPN Model . . . . . . . . . . . . . . . . . . 3 3.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . 3 3.2. VPN Instance Configuration . . . . . . . . . . . . . . . 4 3.2.1. Per-Instance Configuration . . . . . . . . . . . . . 5 3.2.2. Address Family Configuration of L3VPN Instance . . . 5 3.3. VPN Interface Configuration . . . . . . . . . . . . . . . 6 3.4. MP-BGP Configuration for L3VPN . . . . . . . . . . . . . 6 3.5. BGP VPN Instance Configuration . . . . . . . . . . . . . 6 4. L3VPN YANG MODEL . . . . . . . . . . . . . . . . . . . . . . 7 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 26 6. Security Considerations . . . . . . . . . . . . . . . . . . . 26 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 26 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 26 8.1. Normative References . . . . . . . . . . . . . . . . . . 26 8.2. Informative References . . . . . . . . . . . . . . . . . 27 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 27 1. Introduction YANG [RFC6020] is a data definition language that was introduced to define the contents of a conceptual data store that allows networked devices to be managed using NETCONF [RFC6241]. YANG is proving relevant beyond its initial confines, as bindings to other interfaces (e.g. ReST) and encodings other than XML (e.g. JSON) are being defined. Furthermore, YANG data models can be used as the basis of implementation for other interfaces, such as CLI and programmatic APIs. This document defines a YANG data model that can be used to configure and manage L3VPN (BGP/MPLS IP VPN) [RFC4364]. 2. Definitions and Acronyms AF: Address Family BGP: Border Gateway Protocol JSON: JavaScript Object Notation L3VPN: Layer 3 VPN Zhuang & Li Expires June 25, 2015 [Page 2] Internet-Draft Yang Data Model for L3VPN December 2014 NETCONF: Network Configuration Protocol ReST: Representational State Transfer, a style of stateless interface and protocol that is generally carried over HTTP YANG: A data definition language for NETCONF 3. Design of the L3VPN Model 3.1. Overview The L3VPN Yang module consists of the following components : o vpn-instances configuration : that contains per-instance writable configuration objects. VPN instances support both the IPv4 and IPv6 address families. o vpn-interfaces configuration: that contains writable configuration objects of MPLS VPN interface. o mp-bgp configuration: This component uses the definitions defined in BGP YANG module and augments some parameters. o bgp-vpn-instance configuration: that contains writable configuration objects when using BGP between PE and CE. The figure below describe the overall structure of the L3VPN Yang module : Zhuang & Li Expires June 25, 2015 [Page 3] Internet-Draft Yang Data Model for L3VPN December 2014 module: l3vpn +--rw vpn-instances | +--rw vpn-instance* [vpn-instance-name] | +--rw vpn-instance-name string | +--rw description? string | +--rw ipv4-family | | +--rw route-distinguisher? string | | +--rw vpnTargets | | | +--rw vpnTarget* [vrfRTValue] | | | +--rw vrfRTValue string | | | +--rw vrfRTType enumeration | ... | +--rw ipv6-family | ... +--rw vpn-interfaces | +--rw vpn-interface* [name] | +--rw name leafref | +--rw vpn-instance-name? string +--rw vrfInfo +--ro vrfCreateTime? yang:timestamp ... augment /bgp:bgp-router/bgp:vpnv4/bgp:unicast: +--rw apply-label-per-nexthop? boolean +--rw upeEnable? boolean augment /bgp:bgp-router/bgp:vpnv6/bgp:unicast: +--rw apply-label-per-nexthop? boolean +--rw upeEnable? boolean augment /bgp:bgp-router: +--rw bgp-af-ipv4-vpn-instances | +--rw bgp-af-ipv4-vpn-instance* [vpn-instance-name] |... +--rw bgp-af-ipv6-vpn-instances +--rw bgp-af-ipv6-vpn-instance* [vpn-instance-name] +--rw vpn-instance-name string +--rw router-id |... 3.2. VPN Instance Configuration An instance is created to comprise the VPN forwarding information for each VPN in a BGP/MPLS IP VPN. This instance is called a VPN instance or a VPN routing and forwarding (VRF) table. It is also called a per-site forwarding table in [RFC4364]. VPN instances must be created in all BGP/MPLS IP VPN solutions. VPN instances support both the IPv4 and IPv6 address families. VPN instance configuration consists of the following components : Zhuang & Li Expires June 25, 2015 [Page 4] Internet-Draft Yang Data Model for L3VPN December 2014 o Per-Instance Configuration : that contains the common writable configuration objects for VPN instance IPv4 and IPv6 address family. o Address Family Configuration of L3VPN Instance: that contains the address family specific writable configuration objects. 3.2.1. Per-Instance Configuration This component contains the common writable configuration objects for VPN instance IPv4 and IPv6 address family. +--rw vpn-instances | +--rw vpn-instance* [vpn-instance-name] | +--rw vpn-instance-name string | +--rw description? string | +--rw ipv4-family ... | +--rw ipv6-family ... 3.2.2. Address Family Configuration of L3VPN Instance This component contains the address family specific writable configuration objects, such as route-distinguisher, vpnTargets, apply-label mode, etc. +--rw ipv4-family | +--rw route-distinguisher? string | +--rw vpnTargets | | +--rw vpnTarget* [vrfRTValue] | | +--rw vrfRTValue string | | +--rw vrfRTType enumeration | +--rw apply-label | | +--rw (apply-label-mode)? | | +--:(per-route) | | | +--rw apply-label-per-route? boolean | | +--:(per-instance) | | +--rw apply-label-per-instance? boolean | +--rw import-route-policy? string | +--rw export-route-policy? string ... +--rw ipv6-family +--rw route-distinguisher? string ... Zhuang & Li Expires June 25, 2015 [Page 5] Internet-Draft Yang Data Model for L3VPN December 2014 3.3. VPN Interface Configuration This component contains per-interface writable configuration objects, such as VPN instance binded, IPv4 address, IPv6 address, etc. +--rw vpn-interfaces | +--rw vpn-interface* [name] | +--rw name leafref | +--rw vpn-instance-name? string ... 3.4. MP-BGP Configuration for L3VPN This component uses the definitions defined in BGP YANG module and augments some parameters. In a BGP/MPLS IP VPN, PEs must use MP-BGP to advertise VPNv4 or VPNv6 routes with the RD information to each other. A few of parameters have been defined in BGP YANG module [I- D.zhdankin-netmod-bgp-cfg]. This document adds some parameters. augment /bgp:bgp-router/bgp:vpnv4/bgp:unicast: +--rw apply-label-per-nexthop? boolean +--rw upeEnable? boolean augment /bgp:bgp-router/bgp:vpnv6/bgp:unicast: +--rw apply-label-per-nexthop? boolean +--rw upeEnable? boolean ... 3.5. BGP VPN Instance Configuration In a BGP/MPLS IP VPN, a routing protocol or static routes must be configured between a PE and a CE to allow them to communicate and allow the CE to obtain routes to other CEs. The routing protocol can be EBGP, IBGP, RIP, OSPF, or IS-IS. Choose one of the following configurations as needed. This section contains writable configuration objects when using BGP between PE and CE. Zhuang & Li Expires June 25, 2015 [Page 6] Internet-Draft Yang Data Model for L3VPN December 2014 augment /bgp:bgp-router: +--rw bgp-af-ipv4-vpn-instances | +--rw bgp-af-ipv4-vpn-instance* [vpn-instance-name] | +--rw vpn-instance-name string | +--rw router-id | | +--rw enable? boolean | | +--rw (config-type)? | | +--:(static) | | | +--rw ip-address? inet:ip-address | | +--:(auto-select) | | +--rw enable-auto-select? boolean | +--rw auto-frr? boolean | +--rw bgpPeers | +--rw bgpPeer* [peerAddr] | +--rw peerAddr inet:ip-address | +--rw groupName? string | +--rw remoteAs? string | +--rw description? string | +--rw soo? string | +--rw substituteAsEnable? boolean +--rw bgp-af-ipv6-vpn-instances +--rw bgp-af-ipv6-vpn-instance* [vpn-instance-name] +--rw vpn-instance-name string +--rw router-id | +--rw enable? boolean | +--rw (config-type)? | +--:(static) | | +--rw ip-address? inet:ip-address | +--:(auto-select) | +--rw enable-auto-select? boolean +--rw auto-frr? boolean +--rw bgpPeers +--rw bgpPeer* [peerAddr] +--rw peerAddr inet:ip-address +--rw groupName? string +--rw remoteAs? string +--rw description? string +--rw soo? string +--rw substituteAsEnable? boolean ... 4. L3VPN YANG MODEL L3VPN YANG MODEL file "l3vpn@2014-08-15.yang" module l3vpn { namespace "urn:huawei:params:xml:ns:yang:l3vpn"; Zhuang & Li Expires June 25, 2015 [Page 7] Internet-Draft Yang Data Model for L3VPN December 2014 // replace with IANA namespace when assigned prefix "l3vpn"; import bgp { prefix bgp; //draft-zhdankin-netmod-bgp-cfg } import ietf-interfaces { prefix if; //rfc7223-YANG Interface Management } import ietf-inet-types { prefix inet; //RFC6991 } import ietf-yang-types { prefix yang; //RFC6991 } description "This YANG module defines the generic configuration data for L3VPN service. Terms and Acronyms BGP (bgp): Border Gateway Protocol IPv4 (ipv4):Internet Protocol Version 4 IPv6 (ipv6): Internet Protocol Version 6 "; revision 2014-08-15 { description "Initial revision."; reference "RFC4271, RFC4364, RFC4760"; } grouping augment-bgp-af-vpn-config { description "A set of configuration parameters that is applicable to both BGP-VPNv4 and BGP-VPNv6 address family."; leaf apply-label-per-nexthop { description "The apply-label per-nexthop command enables the ASBR to allocate labels for IPv4 VPN routes or IPv6 VPN routes based on the next hop."; Zhuang & Li Expires June 25, 2015 [Page 8] Internet-Draft Yang Data Model for L3VPN December 2014 config "true"; type boolean; default "false"; } leaf upeEnable { description "Specify peer as UPE."; config "true"; type boolean; default "false"; } } grouping bgp-af-vpn-instance-config { container router-id { description "The router-id command configures router ID for BGP VPN instance IPv4 or IPv6 address family. By default, no router ID is configured for BGP VPN instance IPv4 or IPv6 address family, and the BGP router ID is used as the router ID."; leaf enable { type boolean; } choice config-type { case static { leaf ip-address { description "Specifies the router ID of a BGP VPN instance IPv4 address family. The router ID is expressed in the IPv4 address format. "; config "true"; type inet:ip-address; } } case auto-select { leaf enable-auto-select { description "Configures automatic route ID selection for the current BGP VPN instance address family."; Zhuang & Li Expires June 25, 2015 [Page 9] Internet-Draft Yang Data Model for L3VPN December 2014 config "true"; type boolean; } } } } leaf auto-frr { description "The auto-frr command enables BGP Auto FRR."; config "true"; type boolean; default "false"; } container bgpPeers { list bgpPeer { key "peerAddr"; max-elements "unbounded"; min-elements "0"; description "BGP Peer configure class"; leaf peerAddr { description "The nerighbor address"; config "true"; type inet:ip-address; mandatory true; } leaf groupName { description "peerGroupName"; config "true"; type string { length "1..47"; } } leaf remoteAs { description "Specifies the AS number of the peer."; config "true"; type string { length "1..11"; } } leaf description { Zhuang & Li Expires June 25, 2015 [Page 10] Internet-Draft Yang Data Model for L3VPN December 2014 description "specifies the description. The description is a string of letters or figures. The value ranges from 1 to 80 characters without spaces."; config "true"; type string { length "1..80"; pattern "([^?]*)"; } } leaf soo { description "The peer soo command configures the Site of Origin (SoO) attribute for an EBGP peer in a BGP VPN instance. Format is ASN:nn or IP-address:nn."; config "true"; type string { length "3..21"; } } leaf substituteAsEnable { description "Using the peer substitute-as command, you can substitute the AS number of the specified peer in the as-path with the local AS number."; config "true"; type boolean; default "false"; } } } } grouping vpn-af-config { description "A set of configuration parameters that is applicable to both IPv4 and IPv6 address family for a VPN instance ."; leaf route-distinguisher { description "The route-distinguisher command configures a route distinguisher (RD) for the IPv4 or IPv6 address family of a VPN instance. Zhuang & Li Expires June 25, 2015 [Page 11] Internet-Draft Yang Data Model for L3VPN December 2014 Format is ASN:nn or IP-address:nn."; config "true"; type string { length "3..21"; } } container vpnTargets { description "The vpn-target command configures the export or import VPN target extended community attribute for the VPN instance IPv4/IPv6 address family. Format is ASN:nn or IP-address:nn."; list vpnTarget { key "vrfRTValue"; max-elements "unbounded"; min-elements "0"; description "L3vpn vpntarget configure class"; leaf vrfRTValue { description "Vpn-target: adds VPN target extended community attribute to the export or import VPN target extended community list. The vpn-target can be expressed in either of the following formats: (1)16-bit AS number:32-bit user-defined number For example, 1:3. The AS number ranges from 0 to 65535. The user-defined number ranges from 0 to 4294967295. The AS number and the user-defined number cannot be 0s at the same time. That is, a VPN target cannot be 0:0. (2)32-bit IP address:16-bit user-defined number For example, 192.168.122.15:1. The IP address ranges from 0.0.0.0 to 255.255.255.255. The user-defined number ranges from 0 to 65535. (3)32-bit IP address:16-bit user-defined number For example, 192.168.122.15:1. An IP address ranges from 0.0.0.0 to 255.255.255.255. A user-defined number ranges from 0 to 65535."; config "true"; mandatory "true"; type string { length "3..21"; } } Zhuang & Li Expires June 25, 2015 [Page 12] Internet-Draft Yang Data Model for L3VPN December 2014 leaf vrfRTType { description "Specifies the vpn target type, export-extcommunity: specifies the extended community attributes carried in routing information to be sent. import-extcommunity: receives routing information carrying specified extended community attributes."; mandatory "true"; type enumeration { enum export_extcommunity { value "0"; description "export-extcommunity:"; } enum import_extcommunity { value "1"; description "import-extcommunity:"; } enum both { value "2"; description "export-extcommunity & import-extcommunity:"; } } } } } container apply-label { description "Apply one label mode for the VPN instance route."; choice apply-label-mode { case per-route { description "The apply-label per-route command enables the one-label-per-route mode. The VPN instance IPv4/IPv6 address family assigns a unique label to each route to be sent to the peer PE."; leaf apply-label-per-route { type boolean; default "true"; } } case per-instance { description "The apply-label per-instance command applies one label to all VPN instance IPv4 address family or IPv6 address family routes to a peer PE."; Zhuang & Li Expires June 25, 2015 [Page 13] Internet-Draft Yang Data Model for L3VPN December 2014 leaf apply-label-per-instance { type boolean; default "false"; } } } }//End of "container apply-label" leaf import-route-policy { description "The import route-policy command associates a VPN instance enabled with the IPv4 or IPv6 address family with an import routing policy. Only one import routing policy can be associated with a VPN instance enabled with the IPv4 or IPv6 address family. If the import route-policy command is run more than once, the latest configuration overrides the previous ones."; config "true"; type string { length "1..40"; } } leaf export-route-policy { description "The export route-policy command associates a VPN instance enabled with the IPv4 or IPv6 address family with an export routing policy. Only one export routing policy can be associated with a VPN instance enabled with the IPv4 or IPv6 address family. If the export route-policy command is run more than once, the latest configuration overrides the previous ones."; config "true"; type string { length "1..40"; } } container prefix-limit { description "The prefix limit command sets a limit on the maximum number of prefixes supported in the existing VPN instance, preventing the PE from importing excessive VPN route prefixes."; leaf prefix-limit-number { description "Specifies the maximum number of prefixes supported in the VPN Zhuang & Li Expires June 25, 2015 [Page 14] Internet-Draft Yang Data Model for L3VPN December 2014 instance IPv4 or IPv6 address family."; type uint32 { range "1..4294967295"; } } choice prefix-limit-action { case enable-alert-percent { leaf alert-percent-value { description "Specifies the proportion of the alarm threshold to the maximum number of prefixes."; type uint8 { range "1..100"; } } leaf route-unchanged { description "Indicates that the routing table remains unchanged. By default, route-unchanged is not configured. When the number of prefixes in the routing table is greater than the value of the parameter number, routes are processed as follows: (1)If route-unchanged is configured, routes in the routing table remain unchanged. (2)If route-unchanged is not configured, all routes in the routing table are deleted and then re-added."; config "true"; type boolean; default "false"; } } case enable-simple-alert { leaf simple-alert { description "Indicates that when the number of VPN route prefixes exceeds number, prefixes can still join the VPN routing table and alarms are displayed."; config "true"; type boolean; default "false"; } } } } Zhuang & Li Expires June 25, 2015 [Page 15] Internet-Draft Yang Data Model for L3VPN December 2014 container routing-table-limit { description "The routing-table limit command sets a limit on the maximum number of routes that the IPv4 or IPv6 address family of a VPN instance can support. By default, there is no limit on the maximum number of routes that the IPv4 or IPv6 address family of a VPN instance can support, but the total number of private network and public network routes on a device cannot exceed the allowed maximum number of unicast routes."; leaf routing-table-limit-number { description "Specifies the maximum number of routes supported by a VPN instance. "; config "true"; type uint32 { range "1..4294967295"; } } choice routing-table-limit-action { case enable-alert-percent { leaf alert-percent-value { description "Specifies the percentage of the maximum number of routes. When the maximum number of routes that join the VPN instance is up to the value (number*alert-percent)/100, the system prompts alarms. The VPN routes can be still added to the routing table, but after the number of routes reaches number, the subsequent routes are dropped."; config "true"; type uint8 { range "1..100"; } } } case enable-simple-alert { leaf simple-alert { description "Indicates that when VPN routes exceed number, routes can still be added into the routing table, but the system prompts alarms. However, after the total number of VPN routes and network public routes reaches the unicast route limit specified in the License, the subsequent VPN routes are dropped."; config "true"; type boolean; Zhuang & Li Expires June 25, 2015 [Page 16] Internet-Draft Yang Data Model for L3VPN December 2014 } } } } leaf vpn-frr { description "Enable VPN FRR in the VPN instance address family view. If a PE is connected to two other PEs, running the vpn frr command in the VPN instance address family view of the PE enables VPN FRR and improves network reliability. After VPN FRR is configured, traffic can switch to the secondary LSP immediately after the primary LSP becomes faulty."; type boolean; default "false"; } /* * VPN QoS. */ container l3vpnVrfPipe { description "The diffserv-mode command configures the mode of the MPLS differentiated service (Diff-Serv) for ensuring end-to-end QoS."; leaf pipeMode { description "Pipe mode"; type enumeration { enum pipe { value "0"; description "pipe: Indicates that the Pipe MPLS Diff-Serv mode is adopted."; } enum shortPipe { value "1"; description "shortPipe: Indicates that the Short-pipe MPLS Diff-Serv mode is adopted."; } enum uniform { value "2"; description "uniform: Indicates that the Uniform MPLS Diff-Serv mode is adopted."; Zhuang & Li Expires June 25, 2015 [Page 17] Internet-Draft Yang Data Model for L3VPN December 2014 } } default "uniform"; } leaf serviceClass { description "Service Class, Specifies the service type when the packet enters the public network from the private network. The values are cs7, cs6, ef, af4, af3, af2, af1, be."; type enumeration { enum be { value "0"; description "be:"; } enum af1 { value "1"; description "af1:"; } enum af2 { value "2"; description "af2:"; } enum af3 { value "3"; description "af3:"; } enum af4 { value "4"; description "af4:"; } enum ef { value "5"; description "ef:"; } enum cs6 { value "6"; description "cs6:"; } enum cs7 { value "7"; description "cs7:"; } } default "be"; } Zhuang & Li Expires June 25, 2015 [Page 18] Internet-Draft Yang Data Model for L3VPN December 2014 leaf color { description "Specifies a color for marking the discard priority of a packet transferred from a private network to a public network. The values are green, yellow, and red."; type enumeration { enum green { value "0"; description "green:"; } enum yellow { value "1"; description "yellow:"; } enum red { value "2"; description "red:"; } } default "green"; } leaf dsName { description "Specifies the DS domain name of the specified Per-Hop Behavior (PHB) applied to the egress in Short pipe mode. It is a string of 1 to 31 characters."; type string; default "default"; } } container l3vpnTtlMode { description "The ttl-mode command enables MPLS to process the TTL in a specified mode. By default, MPLS processes the TTL in pipe mode."; leaf ttlMode { description "TTL mode"; default "pipe"; type enumeration { enum pipe { value "0"; description "pipe: Enables MPLS to process the TTL in pipe mode."; } Zhuang & Li Expires June 25, 2015 [Page 19] Internet-Draft Yang Data Model for L3VPN December 2014 enum uniform { value "1"; description "uniform: Enables MPLS to process the TTL in uniform mode."; } } } } leaf tunnel-policy { description "The tnl-policy command associates the IPv4 or IPv6 address family of a VPN instance with a tunnel policy."; type string { length "1..39"; } } container importRibs { description "Import route class"; leaf protocol { description "Specifies the protocol from which routes are imported. At present, In the IPv4 unicast address family view, the protocol can be IS-IS,static, direct and BGP."; type enumeration { enum ALL { value "0"; description "ALL:"; } enum Direct { value "1"; description "Direct:"; } enum OSPF { value "2"; description "OSPF:"; } enum ISIS { value "3"; description "ISIS:"; } enum Static { value "4"; Zhuang & Li Expires June 25, 2015 [Page 20] Internet-Draft Yang Data Model for L3VPN December 2014 description "Static:"; } enum RIP { value "5"; description "RIP:"; } enum BGP { value "6"; description "BGP:"; } enum OSPFV3 { value "7"; description "OSPFV3:"; } enum RIPNG { value "8"; description "RIPNG:"; } enum INVALID { value "9"; description "INVALID:"; } } } leaf processId { description "Specifies the process ID if the protocol from routes are imported is IS-IS."; default "0"; type uint32 { range "0..4294967295"; } } leaf bgp-valid-route { type boolean; } leaf policyName { description "Policy Id for import routes"; type string { } } } Zhuang & Li Expires June 25, 2015 [Page 21] Internet-Draft Yang Data Model for L3VPN December 2014 leaf traffic-statistics { description "The traffic-statistics enable command enables traffic statistics for a VPN instance."; type boolean; default "false"; } } /* * VPN instance view. */ container vpn-instances { description "VPN instances configuration parameters. VPN instances support both the IPv4 and IPv6 address families."; list vpn-instance { max-elements "unbounded"; min-elements "0"; key "vpn-instance-name"; description "Specifies the name of the VPN instance. It is a string of 1 to 31 case-sensitive characters."; leaf vpn-instance-name { mandatory "true"; type string { length "1..31"; } description "The name of the vpn-instance."; } leaf description { description "A textual description of VPN instance, the VPN instance description helps users memorize the VPN instance."; type string { length "1..242"; pattern "([^?]*)"; } } Zhuang & Li Expires June 25, 2015 [Page 22] Internet-Draft Yang Data Model for L3VPN December 2014 container ipv4-family { description "The IPv4 address family is enabled for the VPN instance."; uses vpn-af-config; } container ipv6-family { description "The IPv6 address family is enabled for the VPN instance."; uses vpn-af-config; } } } /* * Binding Interfaces to a VPN Instance. */ container vpn-interfaces { description "VPN is enabled on interfaces."; list vpn-interface { key "name"; max-elements "unbounded"; min-elements "0"; leaf name { type leafref { path "/if:interfaces/if:interface/if:name"; } } leaf vpn-instance-name { type string { length "1..40"; } } } } container vrfInfo { description "Display the information of the vrf. Zhuang & Li Expires June 25, 2015 [Page 23] Internet-Draft Yang Data Model for L3VPN December 2014 It is intended that this container may be augmented by vendors to reflect the vendor-specific operational state parameters."; leaf vrfCreateTime { description "CreateTime of the vrf."; config "false"; type yang:timestamp; } leaf vrfUpTime { description "UpTime period of the vrf."; config "false"; type yang:timeticks; } leaf label { description "Label of the vrf."; config "false"; type uint32 { range "16..1048574"; } } leaf vrfStatus { description "vrf status."; config "false"; type enumeration { enum up { value "0"; description "vrf up."; } enum down { value "1"; description "vrf down."; } } } } /* * augment some bgp vpn functions in bgp module. */ augment "/bgp:bgp-router/bgp:vpnv4/bgp:unicast" { Zhuang & Li Expires June 25, 2015 [Page 24] Internet-Draft Yang Data Model for L3VPN December 2014 uses augment-bgp-af-vpn-config; } augment "/bgp:bgp-router/bgp:vpnv6/bgp:unicast" { uses augment-bgp-af-vpn-config; } augment "/bgp:bgp-router" { container bgp-af-ipv4-vpn-instances { description "vpn-instances ipv4 address family."; list bgp-af-ipv4-vpn-instance { key "vpn-instance-name"; max-elements "unbounded"; min-elements "0"; leaf vpn-instance-name { type string; } uses bgp-af-vpn-instance-config; } } container bgp-af-ipv6-vpn-instances { description "vpn-instances ipv6 address family."; list bgp-af-ipv6-vpn-instance { key "vpn-instance-name"; max-elements "unbounded"; min-elements "0"; leaf vpn-instance-name { type string; } uses bgp-af-vpn-instance-config; } } } } Zhuang & Li Expires June 25, 2015 [Page 25] Internet-Draft Yang Data Model for L3VPN December 2014 5. IANA Considerations This document makes no request of IANA. 6. Security Considerations This document does not introduce any new security risk. 7. Acknowledgements The authors would like to thank Guangying Zheng, Gang Yan for their contributions to this work. 8. References 8.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2629] Rose, M., "Writing I-Ds and RFCs using XML", RFC 2629, June 1999. [RFC4271] Rekhter, Y., Li, T., and S. Hares, "A Border Gateway Protocol 4 (BGP-4)", RFC 4271, January 2006. [RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private Networks (VPNs)", RFC 4364, February 2006. [RFC4760] Bates, T., Chandra, R., Katz, D., and Y. Rekhter, "Multiprotocol Extensions for BGP-4", RFC 4760, January 2007. [RFC6020] Bjorklund, M., "YANG - A Data Modeling Language for the Network Configuration Protocol (NETCONF)", RFC 6020, October 2010. [RFC6241] Enns, R., Bjorklund, M., Schoenwaelder, J., and A. Bierman, "Network Configuration Protocol (NETCONF)", RFC 6241, June 2011. [RFC6991] Schoenwaelder, J., "Common YANG Data Types", RFC 6991, July 2013. Zhuang & Li Expires June 25, 2015 [Page 26] Internet-Draft Yang Data Model for L3VPN December 2014 8.2. Informative References [I-D.zhdankin-netmod-bgp-cfg] Alex, A., Patel, K., and A. Clemm, "Yang Data Model for BGP Protocol", draft-zhdankin-netmod-bgp-cfg-01 (work in progress), October 2014. [RFC7223] Bjorklund, M., "A YANG Data Model for Interface Management", RFC 7223, May 2014. Authors' Addresses Shunwan Zhuang Huawei Technologies Huawei Bld., No.156 Beiqing Rd. Beijing 100095 China Email: zhuangshunwan@huawei.com Zhenbin Li Huawei Technologies Huawei Bld., No.156 Beiqing Rd. Beijing 100095 China Email: lizhenbin@huawei.com Zhuang & Li Expires June 25, 2015 [Page 27]