Internet DRAFT - draft-bestbar-teas-yang-nrp-policy
draft-bestbar-teas-yang-nrp-policy
TEAS Working Group V.P. Beeram
Internet-Draft Juniper Networks
Intended status: Standards Track T. Saad
Expires: 28 April 2023 Cisco Systems
B. Wen
Comcast
D. Ceccarelli
Ericsson
S. Peng
R. Chen
ZTE Corporation
LM. Contreras
Telefonica
X. Liu
IBM Corporation
25 October 2022
YANG Data Model for Network Resource Partition Policy
draft-bestbar-teas-yang-nrp-policy-03
Abstract
A Network Resource Partition (NRP) is a collection of resources
identified in the underlay network to support services (like IETF
Network Slices) that need logical network structures with required
characteristics to be created. An NRP policy is a policy construct
that enables instantiation of mechanisms in support of service
specific control and data plane behaviors on select topological
elements associated with the NRP. This document defines a YANG data
model for the management of NRP policies on NRP capable nodes and
controllers in IP/MPLS networks.
Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Beeram, et al. Expires 28 April 2023 [Page 1]
�
Internet-Draft NRP Policy YANG Data Model October 2022
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on 28 April 2023.
Copyright Notice
Copyright (c) 2022 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components
extracted from this document must include Revised BSD License text as
described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Revised BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4
1.2. Tree Structure . . . . . . . . . . . . . . . . . . . . . 4
2. NRP Policy Data Model . . . . . . . . . . . . . . . . . . . . 4
2.1. Model Usage . . . . . . . . . . . . . . . . . . . . . . . 4
2.2. Model Structure . . . . . . . . . . . . . . . . . . . . . 4
2.3. NRP Policies . . . . . . . . . . . . . . . . . . . . . . 5
2.3.1. Resource Reservation . . . . . . . . . . . . . . . . 5
2.3.2. Flow Aggregate Selector . . . . . . . . . . . . . . . 6
2.3.3. Per-Hop-Behavior . . . . . . . . . . . . . . . . . . 7
2.3.4. Topology . . . . . . . . . . . . . . . . . . . . . . 7
2.4. YANG Module . . . . . . . . . . . . . . . . . . . . . . . 9
3. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 21
4. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 21
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 21
6. Security Considerations . . . . . . . . . . . . . . . . . . . 22
7. References . . . . . . . . . . . . . . . . . . . . . . . . . 22
7.1. Normative References . . . . . . . . . . . . . . . . . . 22
7.2. Informative References . . . . . . . . . . . . . . . . . 24
Appendix A. Complete Model Tree Structure . . . . . . . . . . . 24
Beeram, et al. Expires 28 April 2023 [Page 2]
�
Internet-Draft NRP Policy YANG Data Model October 2022
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 27
1. Introduction
An IETF Network Slice [I-D.ietf-teas-ietf-network-slices] is a
service that provides connectivity coupled with a set of specific
commitments of network resources between a number of endpoints over a
shared underlay network. The IETF Network Slice service is expressed
in terms of one or more connectivity constructs. One or more
connectivity constructs from one or more IETF Network Slices are
mapped to a set of network resources called a Network Resource
Partition (NRP). An NRP [I-D.ietf-teas-ietf-network-slices] is a
collection of resources identified in the underlay network to support
the IETF Network Slice service (or any other service that needs
logical network structures with required characteristics to be
created). An NRP Policy [I-D.ietf-teas-ns-ip-mpls] is a policy
construct that enables instantiation of mechanisms in support of
service specific control and data plane behaviors on select
topological elements associated with the NRP.
An NRP policy specifies the rules for determining the topology
associated with the NRP and dictates how an NRP can be realized in
IP/MPLS networks using one of three modes. The NRP policy dictates
if the partitioning of the shared network resources can be achieved
in (a) just the data plane or in (b) just the control plane or in (c)
both the control and data planes.
The NRP policy modes (a) and (c) require the forwarding engine on
each NRP capable node to identify the traffic belonging to a specific
flow aggregate and to apply the corresponding Per-Hop Behavior (PHB)
that determines the forwarding treatment of the packets belonging to
the flow aggregate. The identification of the flow aggregate that
the packet belongs to and the corresponding forwarding treatment that
needs to be applied to the packet is dictated by the NRP policy.
When catering to IETF Network Slices, this flow aggregate is referred
to as the Slice-Flow Aggregate [I-D.ietf-teas-ns-ip-mpls] and
comprises of traffic streams from one or more connectivity constructs
(belonging to one or more IETF network slices) mapped to a specific
NRP.
The NRP policy modes (b) and (c) require the distributed/centralized
resource reservation manager in the control plane to manage NRP
resource reservation. The provisions for enabling NRP state aware
traffic engineering (NRP-TE) [I-D.ietf-teas-ns-ip-mpls] are dictated
by the NRP policy.
This document defines a YANG data model for the management of NRP
policies on NRP capable nodes and controllers in IP/MPLS networks.
Beeram, et al. Expires 28 April 2023 [Page 3]
�
Internet-Draft NRP Policy YANG Data Model October 2022
1.1. Terminology
The terminology for describing YANG data models is found in
[RFC7950].
The reader is expected to be familiar with the terminology specified
in [I-D.ietf-teas-ietf-network-slices] and
[I-D.ietf-teas-ns-ip-mpls].
1.2. Tree Structure
A simplified graphical representation of the data model is presented
in Appendix A of this document. The tree format defined in [RFC8340]
is used for the YANG data model tree representation.
2. NRP Policy Data Model
2.1. Model Usage
A controller that consumes the IETF Network Slice service requests
determines which specific connectivity constructs from one or more
slices can be grouped together. This could be based on a specific
set of SLOs and SLEs, or on any administrative or operational reason.
A controller function that has visibility of the underlay network and
its resources maps these connectivity constructs onto the NRP. It
also constructs and distributes the network wide consistent NRP
policy (using the data model defined in this document) to the
relevant NRP capable nodes and controllers.
2.2. Model Structure
The high-level model structure defined by this document is as shown
below:
Beeram, et al. Expires 28 April 2023 [Page 4]
�
Internet-Draft NRP Policy YANG Data Model October 2022
module: ietf-nrp-policy
augment /nw:networks:
+--rw nrp-policies
+--rw nrp-policy* [name]
+--rw name string
+--rw nrp-id? uint32
+--rw resource-reservation
| + ............
+--rw flow-agg-selector
| + ............
+--rw phb? string
+--rw topology
+--rw filters
| +--rw filter* [filter-ref]
| + ............
| +--rw resource-reservation
| | + ............
| +--rw flow-agg-selector
| | + ............
| +--rw phb? string
+--ro filtered-topology
+ ............
The 'networks' container from the 'ietf-network' module [RFC8345]
provides a placeholder for an inventory of nodes in the network.
This container is augmented to carry a set of NRP policies.
2.3. NRP Policies
The 'nrp-policies' container carries a list of NRP policies. Each
'nrp-policy' entry is identified by a name and holds the set of
attributes needed to instantiate the NRP. Each entry also carries an
'nrp-id' leaf which uniquely identifies the NRP created by the
enforcement of this policy. The key elements of each nrp-policy
entry are discussed in the following sub-sections.
2.3.1. Resource Reservation
The 'resource-reservation' container carries data nodes that are used
to support NRP state aware bandwidth engineering. The data nodes in
this container facilitate preference-based preemption of NRP state
aware TE paths, sharing of resources amongst a group of NRPs and
backup path bandwidth protection.
Beeram, et al. Expires 28 April 2023 [Page 5]
�
Internet-Draft NRP Policy YANG Data Model October 2022
+--rw resource-reservation
| +--rw preference? uint16
| +--rw (max-bw-type)?
| | +--:(bw-value)
| | | +--rw maximum-bandwidth? uint64
| | +--:(bw-percentage)
| | +--rw maximum-bandwidth-percent?
| | rt-types:percentage
| +--rw shared-resource-groups* uint32
| +--rw protection
| +--rw backup-nrp-id? uint32
| +--rw (backup-bw-type)?
| +--:(backup-bw-value)
| | +--rw backup-bandwidth? uint64
| +--:(backup-bw-percentage)
| +--rw backup-bandwidth-percent?
| rt-types:percentage
2.3.2. Flow Aggregate Selector
The 'flow-agg-selector' container carries data nodes that specify the
rules for identifying which packets belong to the flow aggregate that
this NRP caters to.
Beeram, et al. Expires 28 April 2023 [Page 6]
�
Internet-Draft NRP Policy YANG Data Model October 2022
+--rw flow-agg-selector
| +--rw mpls
| | +--rw (fas-type)?
| | +--:(label)
| | | +--rw (specification-type)?
| | | +--:(derived)
| | | | +--rw forwarding-label? empty
| | | +--:(explicit)
| | | +--rw label?
| | | | rt-types:mpls-label
| | | +--rw label-position?
| | | | identityref
| | | +--rw label-position-offset? uint8
| | +--:(label-ranges)
| | +--rw label-range* [index]
| | +--rw index string
| | +--rw start-label?
| | | rt-types:mpls-label
| | +--rw end-label?
| | | rt-types:mpls-label
| | +--rw label-position? identityref
| | +--rw label-position-offset? uint8
| +--rw ipv4
| | +--rw destination-prefix* inet:ipv4-prefix
| +--rw ipv6
| | +--rw (fas-type)?
| | +--:(ipv6-destination)
| | | +--rw destination-prefix* inet:ipv6-prefix
| | +--:(ipv6-hbh-eh)
| | +--rw fas-hbh-eh* uint32
| +--rw acl-ref* nrp-policy-acl-ref
2.3.3. Per-Hop-Behavior
The 'phb' leaf carries a name of a PHB profile available on the
topological element where the policy is being enforced.
+--rw phb? string
2.3.4. Topology
The 'topology' container consists of a list of filters where each
entry references a topology filter
[I-D.bestbar-teas-yang-topology-filter]. The topological elements
that satisfy the membership criteria can optionally override the
default resource-reservation, flow-agg-selector and phb specific
leafs. The 'topology' container also consists of a read-only
reference to the resultant filtered topology formed from the union of
Beeram, et al. Expires 28 April 2023 [Page 7]
�
Internet-Draft NRP Policy YANG Data Model October 2022
the specified filters.
+--rw topology
+--rw filters
| +--rw filter* [filter-ref]
| +--rw filter-ref
| | nrp-policy-topo-filter-ref
| +--rw resource-reservation
| | +--rw preference? uint16
| | +--rw (max-bw-type)?
| | | +--:(bw-value)
| | | | +--rw maximum-bandwidth? uint64
| | | +--:(bw-percentage)
| | | +--rw maximum-bandwidth-percent?
| | | rt-types:percentage
| | +--rw shared-resource-groups* uint32
| | +--rw protection
| | +--rw backup-nrp-id?
| | | uint32
| | +--rw (backup-bw-type)?
| | +--:(backup-bw-value)
| | | +--rw backup-bandwidth?
| | | uint64
| | +--:(backup-bw-percentage)
| | +--rw backup-bandwidth-percent?
| | rt-types:percentage
| +--rw flow-agg-selector
| | +--rw mpls
| | | +--rw (fas-type)?
| | | +--:(label)
| | | | +--rw (specification-type)?
| | | | +--:(derived)
| | | | | +--rw forwarding-label?
| | | | | empty
| | | | +--:(explicit)
| | | | +--rw label?
| | | | | rt-types:mpls-label
| | | | +--rw label-position?
| | | | | identityref
| | | | +--rw label-position-offset?
| | | | uint8
| | | +--:(label-ranges)
| | | +--rw label-range* [index]
| | | +--rw index
| | | | string
| | | +--rw start-label?
| | | | rt-types:mpls-label
| | | +--rw end-label?
Beeram, et al. Expires 28 April 2023 [Page 8]
�
Internet-Draft NRP Policy YANG Data Model October 2022
| | | | rt-types:mpls-label
| | | +--rw label-position?
| | | | identityref
| | | +--rw label-position-offset?
| | | uint8
| | +--rw ipv4
| | | +--rw destination-prefix* inet:ipv4-prefix
| | +--rw ipv6
| | | +--rw (fas-type)?
| | | +--:(ipv6-destination)
| | | | +--rw destination-prefix*
| | | | inet:ipv6-prefix
| | | +--:(ipv6-hbh-eh)
| | | +--rw fas-hbh-eh* uint32
| | +--rw acl-ref* nrp-policy-acl-ref
| +--rw phb? string
+--ro filtered-topology
+--ro (filtered-topo-type)?
+--:(network)
| +--ro network* [network-ref]
| +--ro network-ref
| nrp-policy-topo-network-ref
+--:(network-elements)
+--ro node* [network-ref node-ref]
| +--ro network-ref
| | nrp-policy-topo-network-ref
| +--ro node-ref
| nrp-policy-topo-node-ref
+--ro link* [network-ref link-ref]
+--ro network-ref
| nrp-policy-topo-network-ref
+--ro link-ref
nrp-policy-topo-link-ref
2.4. YANG Module
<CODE BEGINS> file "ietf-nrp-policy@2022-10-24.yang"
module ietf-nrp-policy {
yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-nrp-policy";
prefix nrp-pol;
import ietf-inet-types {
prefix inet;
reference
"RFC 6991: Common YANG Data Types";
}
import ietf-routing-types {
Beeram, et al. Expires 28 April 2023 [Page 9]
�
Internet-Draft NRP Policy YANG Data Model October 2022
prefix rt-types;
reference
"RFC 8294: Common YANG Data Types for the Routing Area";
}
import ietf-network {
prefix nw;
reference
"RFC 8345: A YANG Data Model for Network Topologies";
}
import ietf-network-topology {
prefix nt;
reference
"RFC 8345: A YANG Data Model for Network Topologies";
}
import ietf-access-control-list {
prefix acl;
reference
"RFC 8519: YANG Data Model for Network Access Control Lists
(ACLs)";
}
import ietf-topology-filter {
prefix topo-filt;
reference
"draft-bestbar-teas-yang-topology-filter: YANG Data Model
for Topology Filter";
}
organization
"IETF Traffic Engineering Architecture and Signaling (TEAS)
Working Group.";
contact
"WG Web: <http://tools.ietf.org/wg/teas/>
WG List: <mailto:teas@ietf.org>
Editor: Vishnu Pavan Beeram
<mailto:vbeeram@juniper.net>
Editor: Tarek Saad
<mailto:tsaad.net@gmail.com>
Editor: Bin Wen
<mailto:Bin_Wen@cable.comcast.com>
Editor: Daniele Ceccarelli
<mailto:daniele.ceccarelli@ericsson.com>
Editor: Shaofu Peng
<mailto:peng.shaofu@zte.com.cn>
Beeram, et al. Expires 28 April 2023 [Page 10]
�
Internet-Draft NRP Policy YANG Data Model October 2022
Editor: Ran Chen
<mailto:chen.ran@zte.com.cn>
Editor: Luis M. Contreras
<mailto:luismiguel.contrerasmurillo@telefonica.com>
Editor: Xufeng Liu
<mailto:xufeng.liu.ietf@gmail.com>";
description
"This YANG module defines a data model for managing Network
Resource Partition Policies on Network Resource Partition
capable nodes and controllers.
Copyright (c) 2022 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject to
the license terms contained in, the Revised BSD License set
forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(https://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX
(https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself
for full legal notices.";
revision 2022-10-24 {
description
"Initial revision.";
reference
"RFC XXXX: YANG Data Model for Network Resource Partition
Policies.";
}
/*
* I D E N T I T I E S
*/
/*
* Identity:
* MPLS Flow Aggregate Selector (FAS) Label Position Type.
*/
identity fas-mpls-label-position-type {
description
"Base identity for the position of the MPLS FAS label.";
}
Beeram, et al. Expires 28 April 2023 [Page 11]
�
Internet-Draft NRP Policy YANG Data Model October 2022
identity fas-mpls-label-position-top {
base fas-mpls-label-position-type;
description
"MPLS FAS label is at the top of the label stack.";
}
identity fas-mpls-label-position-bottom {
base fas-mpls-label-position-type;
description
"MPLS FAS label is either at the bottom or at a specific
offset from the bottom of the label stack.";
}
identity fas-mpls-label-position-indicator {
base fas-mpls-label-position-type;
description
"MPLS FAS is preceded by a special purpose
indicator label in the label stack.";
}
/*
* T Y P E D E F S
*/
typedef nrp-policy-acl-ref {
type leafref {
path "/acl:acls/acl:acl/acl:name";
}
description
"This type is used to reference an ACL.";
}
typedef nrp-policy-topo-filter-ref {
type leafref {
path "/nw:networks/topo-filt:topology-filters/"
+ "topo-filt:topology-filter/topo-filt:name";
}
description
"This type is used to reference a Topology Filter.";
}
typedef nrp-policy-topo-network-ref {
type leafref {
path "/nw:networks/nw:network/nw:network-id";
}
description
"This type is used to reference a network.";
}
Beeram, et al. Expires 28 April 2023 [Page 12]
�
Internet-Draft NRP Policy YANG Data Model October 2022
typedef nrp-policy-topo-node-ref {
type leafref {
path "/nw:networks/nw:network/nw:node/"
+ "nw:node-id";
}
description
"This type is used to reference a node.";
}
typedef nrp-policy-topo-link-ref {
type leafref {
path "/nw:networks/nw:network/nt:link/"
+ "nt:link-id";
}
description
"This type is used to reference a link.";
}
/*
* G R O U P I N G S
*/
/*
* Grouping - MPLS FAS label location specific fields
*/
grouping nrp-pol-fas-mpls-label-location {
description
"Grouping for MPLS FAS label location specific fields.";
leaf label-position {
type identityref {
base fas-mpls-label-position-type;
}
description
"MPLS FAS label position.";
}
leaf label-position-offset {
when "derived-from-or-self(../label-position,"
+ "'nrp-pol:fas-mpls-label-position-bottom')" {
description
"MPLS label position offset is relevant only when the
label-position is set to 'bottom'.";
}
type uint8;
description
"MPLS label position offset.";
}
}
Beeram, et al. Expires 28 April 2023 [Page 13]
�
Internet-Draft NRP Policy YANG Data Model October 2022
/*
* Grouping - Flow-Aggregate Selector (FAS)
*/
grouping nrp-pol-flow-agg-selector {
description
"Grouping for Flow-Aggregate Selector (FAS).";
container flow-agg-selector {
description
"Container for FAS.";
container mpls {
description
"Container for MPLS FAS.";
choice fas-type {
description
"Choices for MPLS FAS.";
case label {
choice specification-type {
description
"Choices for MPLS label specification.";
case derived {
leaf forwarding-label {
type empty;
description
"MPLS FAS Label is derived from
forwarding label.";
}
}
case explicit {
leaf label {
type rt-types:mpls-label;
description
"MPLS FAS Label is explicitly
specified.";
}
uses nrp-pol-fas-mpls-label-location;
}
}
}
case label-ranges {
list label-range {
key "index";
unique "start-label end-label";
description
"Any label from the specified set of MPLS label
ranges can be used as the FAS.";
leaf index {
type string;
Beeram, et al. Expires 28 April 2023 [Page 14]
�
Internet-Draft NRP Policy YANG Data Model October 2022
description
"A string that uniquely identifies a label
range.";
}
leaf start-label {
type rt-types:mpls-label;
must '. <= ../end-label' {
error-message
"The start-label must be less than or equal "
+ "to end-label";
}
description
"Label-range start.";
}
leaf end-label {
type rt-types:mpls-label;
must '. >= ../start-label' {
error-message
"The end-label must be greater than or equal "
+ "to start-label";
}
description
"Label-range end.";
}
uses nrp-pol-fas-mpls-label-location;
}
}
}
}
container ipv4 {
description
"Container for IPv4 FAS.";
leaf-list destination-prefix {
type inet:ipv4-prefix;
description
"Any prefix from the specified set of IPv4
destination prefixes can be the FAS.";
}
}
container ipv6 {
description
"Container for IPv6 FAS.";
choice fas-type {
description
"Choices for IPv6 FAS.";
case ipv6-destination {
leaf-list destination-prefix {
type inet:ipv6-prefix;
Beeram, et al. Expires 28 April 2023 [Page 15]
�
Internet-Draft NRP Policy YANG Data Model October 2022
description
"Any prefix from the specified set of IPv6
destination prefixes can be the FAS.";
}
}
case ipv6-hbh-eh {
leaf-list fas-hbh-eh {
type uint32;
description
"Set of FAS values carried in Hop-by-Hop
Option of IPv6 extension header.";
}
}
}
}
leaf-list acl-ref {
type nrp-policy-acl-ref;
description
"Flow Aggregate selection is done based on the
specified list of ACLs.";
}
}
}
/*
* Grouping - NRP Policy Resource Reservation
*/
grouping nrp-pol-resource-reservation {
description
"Grouping for NRP policy resource reservation.";
container resource-reservation {
description
"Container for NRP policy resource reservation.";
leaf preference {
type uint16;
description
"Control plane preference for the corresponding
Network Resource Partition (NRP). A higher
preference indicates a more favorable resource
reservation than a lower preference.";
}
choice max-bw-type {
description
"Choice of maximum bandwidth specification.";
case bw-value {
leaf maximum-bandwidth {
type uint64;
Beeram, et al. Expires 28 April 2023 [Page 16]
�
Internet-Draft NRP Policy YANG Data Model October 2022
description
"The maximum bandwidth allocated to an NRP
- specified as absolute value.";
}
}
case bw-percentage {
leaf maximum-bandwidth-percent {
type rt-types:percentage;
description
"The maximum bandwidth allocated to an NRP
- specified as percentage of link
capacity.";
}
}
}
leaf-list shared-resource-groups {
type uint32;
description
"List of shared resource groups that an NRP
shares its allocated resources with.";
}
container protection {
description
"Container for NRP protection reservation.";
leaf backup-nrp-id {
type uint32;
description
"The ID that identifies the NRP used for
backup paths that protect primary paths
setup over a specific NRP.";
}
choice backup-bw-type {
description
"Choice of backup bandwidth specification.";
case backup-bw-value {
leaf backup-bandwidth {
type uint64;
description
"The maximum bandwidth on a network resource that
is allocated for backup traffic - specified as
absolute value.";
}
}
case backup-bw-percentage {
leaf backup-bandwidth-percent {
type rt-types:percentage;
description
"The maximum bandwidth on a network resource that
Beeram, et al. Expires 28 April 2023 [Page 17]
�
Internet-Draft NRP Policy YANG Data Model October 2022
is allocated for backup traffic - specified as
percentage of the link capacity.";
}
}
}
}
}
}
/*
* Grouping - NRP policy - PHB (NRP-PHB)
*/
grouping nrp-pol-phb {
description
"Grouping for NRP-PHB.";
leaf phb {
type string;
description
"PHB profile identifier.";
}
}
/*
* Grouping - NRP Policy - Topology
*/
grouping nrp-pol-topology {
description
"Grouping for NRP topology.";
container topology {
description
"Container for NRP topology.";
container filters {
description
"Container for filters.";
list filter {
key "filter-ref";
description
"List of filters.";
leaf filter-ref {
type nrp-policy-topo-filter-ref;
description
"Reference to a specific topology filter from the
list of global topology filters.";
}
uses nrp-pol-resource-reservation;
uses nrp-pol-flow-agg-selector;
Beeram, et al. Expires 28 April 2023 [Page 18]
�
Internet-Draft NRP Policy YANG Data Model October 2022
uses nrp-pol-phb;
}
}
container filtered-topology {
config false;
description
"Container for filtered topology.";
choice filtered-topo-type {
description
"Choices for filtered topology.";
case network {
list network {
key "network-ref";
description
"List of networks.";
leaf network-ref {
type nrp-policy-topo-network-ref;
description
"Reference to a specific network.";
}
}
}
case network-elements {
list node {
key "network-ref node-ref";
description
"List of nodes.";
leaf network-ref {
type nrp-policy-topo-network-ref;
description
"Reference to the network that
the node belongs to.";
}
leaf node-ref {
type nrp-policy-topo-node-ref;
description
"Reference to a specific node.";
}
}
list link {
key "network-ref link-ref";
description
"List of links.";
leaf network-ref {
type nrp-policy-topo-network-ref;
description
"Reference to the network that
the link belongs to.";
Beeram, et al. Expires 28 April 2023 [Page 19]
�
Internet-Draft NRP Policy YANG Data Model October 2022
}
leaf link-ref {
type nrp-policy-topo-link-ref;
description
"Reference to a specific link.";
}
}
}
}
}
}
}
/*
* Grouping - Network Resource Partition Policies
*/
grouping nrp-pol {
description
"Grouping for NRP policies.";
container nrp-policies {
description
"Container for nrp policies.";
list nrp-policy {
key "name";
unique "nrp-id";
description
"List of NRP policies.";
leaf name {
type string;
description
"A string that uniquely identifies the NRP policy.";
}
leaf nrp-id {
type uint32;
description
"A 32-bit ID that uniquely identifies the NRP
created by the enforcement of this NRP policy.";
}
uses nrp-pol-resource-reservation;
uses nrp-pol-flow-agg-selector;
uses nrp-pol-phb;
uses nrp-pol-topology;
}
}
}
/*
Beeram, et al. Expires 28 April 2023 [Page 20]
�
Internet-Draft NRP Policy YANG Data Model October 2022
* Augment - Network Resource Partition Policies.
*/
augment "/nw:networks" {
description
"Augment networks with network resource partition
policies.";
uses nrp-pol;
}
}
<CODE ENDS>
3. Acknowledgements
The authors would like to thank Krzysztof Szarkowicz for his input
from discussions.
4. Contributors
The following individuals contributed to this document:
Colby Barth
Juniper Networks
Email: cbarth@juniper.net
Srihari R. Sangli
Juniper Networks
Email: ssangli@juniper.net
Chandra Ramachandran
Juniper Networks
Email: csekar@juniper.net
5. IANA Considerations
This document registers the following URI in the IETF XML registry
[RFC3688]. Following the format in [RFC3688], the following
registration is requested to be made.
URI: urn:ietf:params:xml:ns:yang:ietf-nrp-policy
Registrant Contact: The TEAS WG of the IETF.
XML: N/A, the requested URI is an XML namespace.
This document registers a YANG module in the YANG Module Names
registry [RFC6020].
Beeram, et al. Expires 28 April 2023 [Page 21]
�
Internet-Draft NRP Policy YANG Data Model October 2022
name: ietf-nrp-policy
namespace: urn:ietf:params:xml:ns:yang:ietf-nrp-policy
prefix: nrp-pol
reference: RFCXXXX
6. Security Considerations
The YANG module specified in this document defines a schema for data
that is designed to be accessed via network management protocols such
as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer
is the secure transport layer, and the mandatory-to-implement secure
transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer
is HTTPS, and the mandatory-to-implement secure transport is TLS
[RFC8446].
The Network Configuration Access Control Model (NACM) [RFC8341]
provides the means to restrict access for particular NETCONF or
RESTCONF users to a preconfigured subset of all available NETCONF or
RESTCONF protocol operations and content.
The data nodes defined in this YANG module that are
writable/creatable/deletable (i.e., config true, which is the
default) may be considered sensitive or vulnerable in some network
environments. Write operations (e.g., edit-config) to these data
nodes without proper protection can have a negative effect on network
operations. These are the subtrees and data nodes and their
sensitivity/vulnerability:
* "/networks/nrp-policies": This subtree specifies the
configurations for NRP policies on a given network element. By
manipulating these data nodes, a malicious attacker may cause
unauthorized and improper behavior to be provided for the flow
aggregate traffic on the network element.
The readable data nodes in this YANG module may be considered
sensitive or vulnerable in some network environments. It is thus
important to control read access (e.g., via get, get-config, or
notification) to these data nodes. These are the subtrees and data
nodes and their sensitivity/vulnerability:
* "/networks/nrp-policies": Unauthorized access to this subtree can
disclose the NRP policy definitions on the network element.
7. References
7.1. Normative References
Beeram, et al. Expires 28 April 2023 [Page 22]
�
Internet-Draft NRP Policy YANG Data Model October 2022
[I-D.bestbar-teas-yang-topology-filter]
Beeram, V. P., Saad, T., Gandhi, R., and X. Liu, "YANG
Data Model for Topology Filter", Work in Progress,
Internet-Draft, draft-bestbar-teas-yang-topology-filter-
03, 7 March 2022, <https://www.ietf.org/archive/id/draft-
bestbar-teas-yang-topology-filter-03.txt>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
[RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
DOI 10.17487/RFC3688, January 2004,
<https://www.rfc-editor.org/info/rfc3688>.
[RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for
the Network Configuration Protocol (NETCONF)", RFC 6020,
DOI 10.17487/RFC6020, October 2010,
<https://www.rfc-editor.org/info/rfc6020>.
[RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed.,
and A. Bierman, Ed., "Network Configuration Protocol
(NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011,
<https://www.rfc-editor.org/info/rfc6241>.
[RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure
Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011,
<https://www.rfc-editor.org/info/rfc6242>.
[RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language",
RFC 7950, DOI 10.17487/RFC7950, August 2016,
<https://www.rfc-editor.org/info/rfc7950>.
[RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF
Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017,
<https://www.rfc-editor.org/info/rfc8040>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration
Access Control Model", STD 91, RFC 8341,
DOI 10.17487/RFC8341, March 2018,
<https://www.rfc-editor.org/info/rfc8341>.
Beeram, et al. Expires 28 April 2023 [Page 23]
�
Internet-Draft NRP Policy YANG Data Model October 2022
[RFC8345] Clemm, A., Medved, J., Varga, R., Bahadur, N.,
Ananthakrishnan, H., and X. Liu, "A YANG Data Model for
Network Topologies", RFC 8345, DOI 10.17487/RFC8345, March
2018, <https://www.rfc-editor.org/info/rfc8345>.
[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
<https://www.rfc-editor.org/info/rfc8446>.
7.2. Informative References
[I-D.ietf-teas-ietf-network-slices]
Farrel, A., Drake, J., Rokui, R., Homma, S., Makhijani,
K., Contreras, L. M., and J. Tantsura, "Framework for IETF
Network Slices", Work in Progress, Internet-Draft, draft-
ietf-teas-ietf-network-slices-15, 21 October 2022,
<https://www.ietf.org/archive/id/draft-ietf-teas-ietf-
network-slices-15.txt>.
[I-D.ietf-teas-ns-ip-mpls]
Saad, T., Beeram, V. P., Dong, J., Wen, B., Ceccarelli,
D., Halpern, J., Peng, S., Chen, R., Liu, X., Luis
Contreras, M., Rokui, R., and L. Jalil, "Realizing Network
Slices in IP/MPLS Networks", Work in Progress, Internet-
Draft, draft-ietf-teas-ns-ip-mpls-00, 16 June 2022,
<https://www.ietf.org/archive/id/draft-ietf-teas-ns-ip-
mpls-00.txt>.
[RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams",
BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018,
<https://www.rfc-editor.org/info/rfc8340>.
Appendix A. Complete Model Tree Structure
module: ietf-nrp-policy
augment /nw:networks:
+--rw nrp-policies
+--rw nrp-policy* [name]
+--rw name string
+--rw nrp-id? uint32
+--rw resource-reservation
| +--rw preference? uint16
| +--rw (max-bw-type)?
| | +--:(bw-value)
| | | +--rw maximum-bandwidth? uint64
| | +--:(bw-percentage)
| | +--rw maximum-bandwidth-percent?
Beeram, et al. Expires 28 April 2023 [Page 24]
�
Internet-Draft NRP Policy YANG Data Model October 2022
| | rt-types:percentage
| +--rw shared-resource-groups* uint32
| +--rw protection
| +--rw backup-nrp-id? uint32
| +--rw (backup-bw-type)?
| +--:(backup-bw-value)
| | +--rw backup-bandwidth? uint64
| +--:(backup-bw-percentage)
| +--rw backup-bandwidth-percent?
| rt-types:percentage
+--rw flow-agg-selector
| +--rw mpls
| | +--rw (fas-type)?
| | +--:(label)
| | | +--rw (specification-type)?
| | | +--:(derived)
| | | | +--rw forwarding-label? empty
| | | +--:(explicit)
| | | +--rw label?
| | | | rt-types:mpls-label
| | | +--rw label-position?
| | | | identityref
| | | +--rw label-position-offset? uint8
| | +--:(label-ranges)
| | +--rw label-range* [index]
| | +--rw index string
| | +--rw start-label?
| | | rt-types:mpls-label
| | +--rw end-label?
| | | rt-types:mpls-label
| | +--rw label-position? identityref
| | +--rw label-position-offset? uint8
| +--rw ipv4
| | +--rw destination-prefix* inet:ipv4-prefix
| +--rw ipv6
| | +--rw (fas-type)?
| | +--:(ipv6-destination)
| | | +--rw destination-prefix* inet:ipv6-prefix
| | +--:(ipv6-hbh-eh)
| | +--rw fas-hbh-eh* uint32
| +--rw acl-ref* nrp-policy-acl-ref
+--rw phb? string
+--rw topology
+--rw filters
| +--rw filter* [filter-ref]
| +--rw filter-ref
| | nrp-policy-topo-filter-ref
| +--rw resource-reservation
Beeram, et al. Expires 28 April 2023 [Page 25]
�
Internet-Draft NRP Policy YANG Data Model October 2022
| | +--rw preference? uint16
| | +--rw (max-bw-type)?
| | | +--:(bw-value)
| | | | +--rw maximum-bandwidth? uint64
| | | +--:(bw-percentage)
| | | +--rw maximum-bandwidth-percent?
| | | rt-types:percentage
| | +--rw shared-resource-groups* uint32
| | +--rw protection
| | +--rw backup-nrp-id?
| | | uint32
| | +--rw (backup-bw-type)?
| | +--:(backup-bw-value)
| | | +--rw backup-bandwidth?
| | | uint64
| | +--:(backup-bw-percentage)
| | +--rw backup-bandwidth-percent?
| | rt-types:percentage
| +--rw flow-agg-selector
| | +--rw mpls
| | | +--rw (fas-type)?
| | | +--:(label)
| | | | +--rw (specification-type)?
| | | | +--:(derived)
| | | | | +--rw forwarding-label?
| | | | | empty
| | | | +--:(explicit)
| | | | +--rw label?
| | | | | rt-types:mpls-label
| | | | +--rw label-position?
| | | | | identityref
| | | | +--rw label-position-offset?
| | | | uint8
| | | +--:(label-ranges)
| | | +--rw label-range* [index]
| | | +--rw index
| | | | string
| | | +--rw start-label?
| | | | rt-types:mpls-label
| | | +--rw end-label?
| | | | rt-types:mpls-label
| | | +--rw label-position?
| | | | identityref
| | | +--rw label-position-offset?
| | | uint8
| | +--rw ipv4
| | | +--rw destination-prefix* inet:ipv4-prefix
| | +--rw ipv6
Beeram, et al. Expires 28 April 2023 [Page 26]
�
Internet-Draft NRP Policy YANG Data Model October 2022
| | | +--rw (fas-type)?
| | | +--:(ipv6-destination)
| | | | +--rw destination-prefix*
| | | | inet:ipv6-prefix
| | | +--:(ipv6-hbh-eh)
| | | +--rw fas-hbh-eh* uint32
| | +--rw acl-ref* nrp-policy-acl-ref
| +--rw phb? string
+--ro filtered-topology
+--ro (filtered-topo-type)?
+--:(network)
| +--ro network* [network-ref]
| +--ro network-ref
| nrp-policy-topo-network-ref
+--:(network-elements)
+--ro node* [network-ref node-ref]
| +--ro network-ref
| | nrp-policy-topo-network-ref
| +--ro node-ref
| nrp-policy-topo-node-ref
+--ro link* [network-ref link-ref]
+--ro network-ref
| nrp-policy-topo-network-ref
+--ro link-ref
nrp-policy-topo-link-ref
Authors' Addresses
Vishnu Pavan Beeram
Juniper Networks
Email: vbeeram@juniper.net
Tarek Saad
Cisco Systems
Email: tsaad.net@gmail.com
Bin Wen
Comcast
Email: Bin_Wen@cable.comcast.com
Daniele Ceccarelli
Ericsson
Email: daniele.ceccarelli@ericsson.com
Beeram, et al. Expires 28 April 2023 [Page 27]
�
Internet-Draft NRP Policy YANG Data Model October 2022
Shaofu Peng
ZTE Corporation
Email: peng.shaofu@zte.com.cn
Ran Chen
ZTE Corporation
Email: chen.ran@zte.com.cn
Luis M. Contreras
Telefonica
Email: luismiguel.contrerasmurillo@telefonica.com
Xufeng Liu
IBM Corporation
Email: xufeng.liu.ietf@gmail.com
Beeram, et al. Expires 28 April 2023 [Page 28]
