diff --git a/experimental/ietf-extracted-YANG-modules/ietf-ac-common@2022-11-30.yang b/experimental/ietf-extracted-YANG-modules/ietf-ac-common@2023-11-13.yang
similarity index 95%
rename from experimental/ietf-extracted-YANG-modules/ietf-ac-common@2022-11-30.yang
rename to experimental/ietf-extracted-YANG-modules/ietf-ac-common@2023-11-13.yang
index 5bbf66ca9..a87b712ca 100644
--- a/experimental/ietf-extracted-YANG-modules/ietf-ac-common@2022-11-30.yang
+++ b/experimental/ietf-extracted-YANG-modules/ietf-ac-common@2023-11-13.yang
@@ -63,7 +63,7 @@ module ietf-ac-common {
This version of this YANG module is part of RFC xxx; see the
RFC itself for full legal notices.";
- revision 2022-11-30 {
+ revision 2023-11-13 {
description
"Initial revision.";
reference
@@ -202,7 +202,8 @@ module ietf-ac-common {
base local-defined-next-hop;
}
description
- "Predefined next-hop designation for locally generated routes.";
+ "Predefined next-hop designation for locally generated
+ routes.";
}
typedef area-address {
@@ -435,7 +436,7 @@ module ietf-ac-common {
base vpn-common:vxlan-peer-mode;
}
description
- "Specifies the VXLAN access mode. By default,
+ "Specifies the VXLAN access mode. By default,
the peer mode is set to 'static-mode'.";
}
leaf-list peer-ip-address {
@@ -489,6 +490,7 @@ module ietf-ac-common {
/**** Layer 3 connection *****/
// IPv4 allocation type
+
grouping ipv4-allocation-type {
description
"IPv4-specific parameters.";
@@ -497,8 +499,8 @@ module ietf-ac-common {
range "0..32";
}
description
- "Subnet prefix length expressed in bits. It is applied to both
- local and customer addresses.";
+ "Subnet prefix length expressed in bits. It is applied to
+ both local and customer addresses.";
}
leaf address-allocation-type {
type identityref {
@@ -524,8 +526,8 @@ module ietf-ac-common {
range "0..128";
}
description
- "Subnet prefix length expressed in bits. It is applied to both
- local and customer addresses.";
+ "Subnet prefix length expressed in bits. It is applied to
+ both local and customer addresses.";
}
leaf address-allocation-type {
type identityref {
@@ -535,8 +537,8 @@ module ietf-ac-common {
"Defines how IPv6 addresses are allocated to the peer site.";
}
}
-
// Basic parameters for IPv4 connection
+
grouping ipv4-connection-basic {
description
"Basic set fof IPv4-specific parameters for the connection.";
@@ -663,7 +665,6 @@ module ietf-ac-common {
"When the addresses are allocated by DHCP or other
dynamic means local to the infrastructure.";
choice address-assign {
- default "number";
description
"A choice for how IPv4 addresses are assigned.";
case number {
@@ -682,10 +683,11 @@ module ietf-ac-common {
list address-pool {
key "pool-id";
description
- "Describes IP addresses to be dyncamically allocated.
+ "Describes IP addresses to be dyncamically
+ allocated.
- When only 'start-address' is present, it represents a
- single address.
+ When only 'start-address' is present, it
+ represents a single address.
When both 'start-address' and 'end-address' are
specified, it implies a range inclusive of both
@@ -754,8 +756,9 @@ module ietf-ac-common {
key "address-id";
ordered-by user;
description
- "Lists the IPv4 addresses that are used. The first address of
- the list is the primary address of the connection.";
+ "Lists the IPv4 addresses that are used. The first
+ address of the list is the primary address of the
+ connection.";
leaf address-id {
type string;
description
@@ -795,15 +798,14 @@ module ietf-ac-common {
"When the addresses are allocated by DHCP or other
dynamic means local to the infrastructure.";
choice address-assign {
- default "number";
description
"A choice for how IPv6 addresses are assigned.";
case number {
leaf number-of-dynamic-address {
type uint16;
description
- "Specifies the number of IP addresses to be assigned to
- the customer on this access.";
+ "Specifies the number of IP addresses to be
+ assigned to the customer on this access.";
}
}
case explicit {
@@ -814,10 +816,11 @@ module ietf-ac-common {
list address-pool {
key "pool-id";
description
- "Describes IP addresses to be dyncamically allocated.
+ "Describes IP addresses to be dyncamically
+ allocated.
- When only 'start-address' is present, it represents a
- single address.
+ When only 'start-address' is present, it
+ represents a single address.
When both 'start-address' and 'end-address' are
specified, it implies a range inclusive of both
@@ -886,8 +889,9 @@ module ietf-ac-common {
key "address-id";
ordered-by user;
description
- "Lists the IPv6 addresses that are used. The first address
- of the list is the primary IP address of the connection.";
+ "Lists the IPv6 addresses that are used. The first
+ address of the list is the primary IP address of
+ the connection.";
leaf address-id {
type string;
description
@@ -914,7 +918,6 @@ module ietf-ac-common {
"Container for BGP authentication parameters.";
leaf enable {
type boolean;
- default "false";
description
"Enables or disables authentication.";
}
@@ -994,15 +997,14 @@ module ietf-ac-common {
"Container for OSPF authentication parameters.";
leaf enable {
type boolean;
- default "false";
description
"Enables or disables authentication.";
}
container keying-material {
when "../enable = 'true'";
description
- "Container for describing how an OSPF session is to be secured
- for this AC.";
+ "Container for describing how an OSPF session is to be
+ secured for this AC.";
choice option {
description
"Options for OSPF authentication.";
@@ -1032,8 +1034,8 @@ module ietf-ac-common {
base key-chain:crypto-algorithm;
}
description
- "Indicates the cryptographic algorithm associated with
- the key.";
+ "Indicates the cryptographic algorithm associated
+ with the key.";
}
}
}
@@ -1049,7 +1051,6 @@ module ietf-ac-common {
"Container for IS-IS authentication parameters.";
leaf enable {
type boolean;
- default "false";
description
"Enables or disables authentication.";
}
@@ -1087,8 +1088,8 @@ module ietf-ac-common {
base key-chain:crypto-algorithm;
}
description
- "Indicates the cryptographic algorithm associated with
- the key.";
+ "Indicates the cryptographic algorithm associated
+ with the key.";
}
}
}
@@ -1104,15 +1105,14 @@ module ietf-ac-common {
"Container for RIP authentication parameters.";
leaf enable {
type boolean;
- default "false";
description
"Enables or disables authentication.";
}
container keying-material {
when "../enable = 'true'";
description
- "Container for describing how a RIP session is to be secured
- on this AC.";
+ "Container for describing how a RIP session is to be
+ secured on this AC.";
choice option {
description
"Specifies the authentication
@@ -1138,8 +1138,8 @@ module ietf-ac-common {
base key-chain:crypto-algorithm;
}
description
- "Indicates the cryptographic algorithm associated with
- the key.";
+ "Indicates the cryptographic algorithm associated
+ with the key.";
}
}
}
@@ -1172,7 +1172,8 @@ module ietf-ac-common {
}
description
"This node contains the address families to be activated.
- 'dual-stack' means that both IPv4 and IPv6 will be activated.";
+ 'dual-stack' means that both IPv4 and IPv6 will be
+ activated.";
}
}
@@ -1212,7 +1213,6 @@ module ietf-ac-common {
}
leaf metric {
type uint16;
- default "1";
description
"Metric of the AC. It is used in the routing state
calculation and path selection.";
@@ -1364,10 +1364,10 @@ module ietf-ac-common {
type uint64;
units "bytes";
description
- "Committed Burst Size (CBS). CBS controls the bursty nature of
- the traffic. Traffic that does not use the configured CIR
- accumulates credits until the credits reach the configured
- CBS.";
+ "Committed Burst Size (CBS). CBS controls the bursty nature
+ of the traffic. Traffic that does not use the configured
+ CIR accumulates credits until the credits reach the
+ configured CBS.";
}
leaf eir {
type uint64;
diff --git a/experimental/ietf-extracted-YANG-modules/ietf-ac-glue@2023-07-13.yang b/experimental/ietf-extracted-YANG-modules/ietf-ac-glue@2023-07-13.yang
deleted file mode 100644
index 9a2748a07..000000000
--- a/experimental/ietf-extracted-YANG-modules/ietf-ac-glue@2023-07-13.yang
+++ /dev/null
@@ -1,120 +0,0 @@
-module ietf-ac-glue {
- yang-version 1.1;
- namespace "urn:ietf:params:xml:ns:yang:ietf-ac-glue";
- prefix ac-glue;
-
- import ietf-l3vpn-svc {
- prefix l3vpn-svc;
- reference
- "RFC 8299: YANG Data Model for L3VPN Service Delivery";
- }
- import ietf-l2vpn-svc {
- prefix l2vpn-svc;
- reference
- "RFC 8466: A YANG Data Model for Layer 2 Virtual Private
- Network (L2VPN) Service Delivery";
- }
- import ietf-l3vpn-ntw {
- prefix l3nm;
- reference
- "RFC 9182: A YANG Network Data Model for Layer 3 VPNs";
- }
- import ietf-l2vpn-ntw {
- prefix l2nm;
- reference
- "RFC 9291: A YANG Network Data Model for Layer 2 VPNs";
- }
- import ietf-ac-svc {
- prefix ac-svc;
- reference
- "RFC XXXX: YANG Service Data Models for Attachment Circuits";
- }
-
- organization
- "IETF OPSAWG (Operations and Management Area Working Group)";
- contact
- "WG Web:
- WG List:
-
- Editor: Mohamed Boucadair
-
- Author: Richard Roberts
-
- Author: Samier Barguil
-
- Author: Oscar Gonzalez de Dios
- ";
- description
- "This YANG module defines a YANG model for augmenting the LxSM
- and the LxNM with attachment circuit references.
-
- Copyright (c) 2023 IETF Trust and the persons identified as
- authors of the code. All rights reserved.
-
- Redistribution and use in source and binary forms, with or
- without modification, is permitted pursuant to, and subject
- to the license terms contained in, the Revised BSD License
- set forth in Section 4.c of the IETF Trust's Legal Provisions
- Relating to IETF Documents
- (https://trustee.ietf.org/license-info).
-
- This version of this YANG module is part of RFC XXXX; see the
- RFC itself for full legal notices.";
-
- revision 2023-07-13 {
- description
- "Initial revision.";
- reference
- "RFC XXXX: A YANG Data Model for Augmenting VPN Service
- and Network Models with Attachment Circuits";
- }
-
- grouping ac-glue {
- description
- "A set of AC-related data.";
- leaf-list ac-ref {
- type ac-svc:attachment-circuit-reference;
- description
- "A reference to the AC as exposed at the service that
- was provisionned using the AC module.";
- }
- }
-
- augment "/l2vpn-svc:l2vpn-svc"
- + "/l2vpn-svc:sites/l2vpn-svc:site"
- + "/l2vpn-svc:site-network-accesses"
- + "/l2vpn-svc:site-network-access" {
- description
- "Augments VPN network access with AC provisioning details.";
-
- uses ac-glue;
- }
-
- augment "/l3vpn-svc:l3vpn-svc"
- + "/l3vpn-svc:sites/l3vpn-svc:site"
- + "/l3vpn-svc:site-network-accesses"
- + "/l3vpn-svc:site-network-access" {
- description
- "Augments VPN network access with AC provisioning details.";
-
- uses ac-glue;
- }
-
- augment "/l2nm:l2vpn-ntw/l2nm:vpn-services/l2nm:vpn-service"
- + "/l2nm:vpn-nodes/l2nm:vpn-node"
- + "/l2nm:vpn-network-accesses/l2nm:vpn-network-access" {
- description
- "Augments VPN network access with AC provisioning details.";
-
- uses ac-glue;
- }
-
- augment "/l3nm:l3vpn-ntw/l3nm:vpn-services/l3nm:vpn-service"
- + "/l3nm:vpn-nodes/l3nm:vpn-node"
- + "/l3nm:vpn-network-accesses/l3nm:vpn-network-access" {
- description
- "Augments VPN network access with AC provisioning details.";
-
- uses ac-glue;
- }
-}
diff --git a/experimental/ietf-extracted-YANG-modules/ietf-ac-glue@2023-11-13.yang b/experimental/ietf-extracted-YANG-modules/ietf-ac-glue@2023-11-13.yang
new file mode 100644
index 000000000..745b27ddb
--- /dev/null
+++ b/experimental/ietf-extracted-YANG-modules/ietf-ac-glue@2023-11-13.yang
@@ -0,0 +1,222 @@
+module ietf-ac-glue {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-ac-glue";
+ prefix ac-glue;
+
+ import ietf-l3vpn-svc {
+ prefix l3vpn-svc;
+ reference
+ "RFC 8299: YANG Data Model for L3VPN Service Delivery";
+ }
+ import ietf-l2vpn-svc {
+ prefix l2vpn-svc;
+ reference
+ "RFC 8466: A YANG Data Model for Layer 2 Virtual Private
+ Network (L2VPN) Service Delivery";
+ }
+ import ietf-l3vpn-ntw {
+ prefix l3nm;
+ reference
+ "RFC 9182: A YANG Network Data Model for Layer 3 VPNs";
+ }
+ import ietf-l2vpn-ntw {
+ prefix l2nm;
+ reference
+ "RFC 9291: A YANG Network Data Model for Layer 2 VPNs";
+ }
+ import ietf-ac-svc {
+ prefix ac-svc;
+ reference
+ "RFC SSSS: YANG Service Data Models for Attachment Circuits";
+ }
+ import ietf-ac-ntw {
+ prefix ac-ntw;
+ reference
+ "RFC NNNN: A Network YANG Data Model for Attachment Circuits";
+ }
+ organization
+ "IETF OPSAWG (Operations and Management Area Working Group)";
+ contact
+ "WG Web:
+ WG List:
+
+ Editor: Mohamed Boucadair
+
+ Author: Richard Roberts
+
+ Author: Samier Barguil
+
+ Author: Oscar Gonzalez de Dios
+ ";
+ description
+ "This YANG module defines a YANG model for augmenting the LxSM
+ and the LxNM with attachment circuit references.
+
+ Copyright (c) 2023 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Revised BSD License
+ set forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC XXXX; see the
+ RFC itself for full legal notices.";
+
+ revision 2023-11-13 {
+ description
+ "Initial revision.";
+ reference
+ "RFC XXXX: A YANG Data Model for Augmenting VPN Service
+ and Network Models with Attachment Circuits";
+ }
+
+ feature ac-glue {
+ description
+ "The VPN implementation supports binding a specific VPN
+ network access or site access to an attachment circuit.";
+ }
+
+ grouping single-ac-svc-ref {
+ description
+ "A grouping with single reference to a service AC.";
+ leaf ac-svc-ref {
+ type ac-svc:attachment-circuit-reference;
+ description
+ "A reference to the AC as exposed at the service that
+ was provisionned using the ACaaS module.";
+ }
+ }
+
+ grouping single-ac-svc-ntw-ref {
+ description
+ "A grouping with single AC references.";
+ leaf ac-svc-ref {
+ type ac-svc:attachment-circuit-reference;
+ description
+ "A reference to the AC as exposed at the service that
+ was provisionned using the ACaaS module.";
+ }
+ leaf ac-ntw-ref {
+ type ac-ntw:attachment-circuit-reference;
+ description
+ "A reference to the AC that was provisionned
+ using the AC network module.";
+ }
+ }
+
+ grouping ac-svc-ref {
+ description
+ "A set of service-specific AC-related data.";
+ leaf-list ac-svc-ref {
+ type ac-svc:attachment-circuit-reference;
+ description
+ "A reference to the AC as exposed at the service that
+ was provisionned using the ACaaS module.";
+ }
+ }
+
+ grouping ac-svc-ntw-ref {
+ description
+ "A set of AC-related data.";
+ leaf-list ac-svc-ref {
+ type ac-svc:attachment-circuit-reference;
+ description
+ "A reference to the AC as exposed at the service that
+ was provisionned using the ACaaS module.";
+ }
+ leaf-list ac-ntw-ref {
+ type ac-ntw:attachment-circuit-reference;
+ description
+ "A reference to the AC that was provisionned
+ using the AC network module.";
+ }
+ }
+
+ augment "/l2vpn-svc:l2vpn-svc"
+ + "/l2vpn-svc:sites/l2vpn-svc:site"
+ + "/l2vpn-svc:site-network-accesses" {
+ description
+ "Augments VPN site network access with AC provisioning
+ details.";
+
+ uses ac-svc-ref;
+ }
+
+ augment "/l2vpn-svc:l2vpn-svc"
+ + "/l2vpn-svc:sites/l2vpn-svc:site"
+ + "/l2vpn-svc:site-network-accesses"
+ + "/l2vpn-svc:site-network-access" {
+ if-feature "ac-glue";
+ description
+ "Augments VPN site network access with a reference to
+ a service AC.";
+
+ uses single-ac-svc-ref;
+ }
+
+ augment "/l3vpn-svc:l3vpn-svc"
+ + "/l3vpn-svc:sites/l3vpn-svc:site"
+ + "/l3vpn-svc:site-network-accesses" {
+ description
+ "Augments VPN network access with AC provisioning details.";
+
+ uses ac-svc-ref;
+ }
+
+ augment "/l3vpn-svc:l3vpn-svc"
+ + "/l3vpn-svc:sites/l3vpn-svc:site"
+ + "/l3vpn-svc:site-network-accesses"
+ + "/l3vpn-svc:site-network-access" {
+ if-feature "ac-glue";
+ description
+ "Augments VPN site network access with a reference to
+ a service AC.";
+
+ uses single-ac-svc-ref;
+ }
+
+ augment "/l2nm:l2vpn-ntw/l2nm:vpn-services/l2nm:vpn-service"
+ + "/l2nm:vpn-nodes/l2nm:vpn-node"
+ + "/l2nm:vpn-network-accesses" {
+ description
+ "Augments VPN network access with AC provisioning details.";
+
+ uses ac-svc-ntw-ref;
+ }
+
+ augment "/l2nm:l2vpn-ntw/l2nm:vpn-services/l2nm:vpn-service"
+ + "/l2nm:vpn-nodes/l2nm:vpn-node"
+ + "/l2nm:vpn-network-accesses"
+ + "/l2nm:vpn-network-access" {
+ if-feature "ac-glue";
+ description
+ "Augments VPN network access with service and network
+ references to an AC.";
+
+ uses single-ac-svc-ntw-ref;
+ }
+
+ augment "/l3nm:l3vpn-ntw/l3nm:vpn-services/l3nm:vpn-service"
+ + "/l3nm:vpn-nodes/l3nm:vpn-node"
+ + "/l3nm:vpn-network-accesses" {
+ description
+ "Augments VPN network access with AC provisioning details.";
+
+ uses ac-svc-ntw-ref;
+ }
+
+ augment "/l3nm:l3vpn-ntw/l3nm:vpn-services/l3nm:vpn-service"
+ + "/l3nm:vpn-nodes/l3nm:vpn-node"
+ + "/l3nm:vpn-network-accesses"
+ + "/l3nm:vpn-network-access" {
+ if-feature "ac-glue";
+ description
+ "Augments VPN network access with service and network
+ references to an AC.";
+
+ uses single-ac-svc-ntw-ref;
+ }
+}
diff --git a/experimental/ietf-extracted-YANG-modules/ietf-ac-ntw@2022-11-30.yang b/experimental/ietf-extracted-YANG-modules/ietf-ac-ntw@2023-11-13.yang
similarity index 91%
rename from experimental/ietf-extracted-YANG-modules/ietf-ac-ntw@2022-11-30.yang
rename to experimental/ietf-extracted-YANG-modules/ietf-ac-ntw@2023-11-13.yang
index 88edd8db8..b9b8ba5ef 100644
--- a/experimental/ietf-extracted-YANG-modules/ietf-ac-ntw@2022-11-30.yang
+++ b/experimental/ietf-extracted-YANG-modules/ietf-ac-ntw@2023-11-13.yang
@@ -24,6 +24,11 @@ module ietf-ac-ntw {
reference
"RFC 8294: Common YANG Data Types for the Routing Area";
}
+ import ietf-routing-policy {
+ prefix rt-pol;
+ reference
+ "RFC 9067: A YANG Data Model for Routing Policy";
+ }
import ietf-interfaces {
prefix if;
reference
@@ -57,7 +62,6 @@ module ietf-ac-ntw {
reference
"RFC SSSS: YANG Service Data Models for Attachment Circuits";
}
-
organization
"IETF OPSAWG (Operations and Management Area Working Group)";
contact
@@ -85,11 +89,97 @@ module ietf-ac-ntw {
This version of this YANG module is part of RFC xxx; see the
RFC itself for full legal notices.";
- revision 2022-11-30 {
+ revision 2023-11-13 {
description
"Initial revision.";
reference
- "RFC xxxx: A YANG Network Data Model for Attachment Circuits";
+ "RFC XXXX: A YANG Network Data Model for Attachment Circuits";
+ }
+
+ // L2 connection groupings
+
+ /* A set of typedefs to ease referencing cross-modules */
+
+ typedef attachment-circuit-reference {
+ type leafref {
+ path "/nw:networks/nw:network/nw:node/sap:service/sap:sap"
+ + "/ac-ntw:ac/ac-ntw:name";
+ }
+ description
+ "Defines a reference to an attachment circuit that can be used
+ by other modules.";
+ }
+
+ typedef ac-profile-reference {
+ type leafref {
+ path "/nw:networks/nw:network/ac-profile/name";
+ }
+ description
+ "Defines a reference to an attachment circuit profile that
+ can be used by other modules.";
+ }
+
+ typedef encryption-profile-reference {
+ type leafref {
+ path
+ "/nw:networks/nw:network"
+ + "/ac-ntw:specific-provisioning-profiles"
+ + "/ac-ntw:valid-provider-identifiers"
+ + "/ac-ntw:encryption-profile-identifier/ac-ntw:id";
+ }
+ description
+ "Defines a type to an encryption profile for referencing
+ purposes.";
+ }
+
+ typedef qos-profile-reference {
+ type leafref {
+ path
+ "/nw:networks/nw:network"
+ + "/ac-ntw:specific-provisioning-profiles"
+ + "/ac-ntw:valid-provider-identifiers"
+ + "/ac-ntw:qos-profile-identifier/ac-ntw:id";
+ }
+ description
+ "Defines a type to a QoS profile for referencing purposes.";
+ }
+
+ typedef bfd-profile-reference {
+ type leafref {
+ path
+ "/nw:networks/nw:network"
+ + "/ac-ntw:specific-provisioning-profiles"
+ + "/ac-ntw:valid-provider-identifiers"
+ + "/ac-ntw:bfd-profile-identifier/ac-ntw:id";
+ }
+ description
+ "Defines a type to a BFD profile for referencing purposes.";
+ }
+
+ typedef forwarding-profile-reference {
+ type leafref {
+ path
+ "/nw:networks/nw:network"
+ + "/ac-ntw:specific-provisioning-profiles"
+ + "/ac-ntw:valid-provider-identifiers"
+ + "/ac-ntw:forwarding-profile-identifier/ac-ntw:id";
+ }
+ description
+ "Defines a type to a forwarding profile for referencing
+ purposes.";
+ }
+
+ typedef routing-profile-reference {
+ type leafref {
+ path
+ "/nw:networks/nw:network"
+ + "/ac-ntw:specific-provisioning-profiles"
+ + "/ac-ntw:valid-provider-identifiers"
+ + "/ac-ntw:routing-profile-identifier/ac-ntw:id";
+ }
+ description
+ "Defines a type to a routing profile for referencing
+ purposes.";
}
// L2 conenction
@@ -350,7 +440,7 @@ module ietf-ac-ntw {
}
}
- // IPv4 connection
+ // IPv4 connection groupings
grouping ipv4-connection {
description
@@ -673,6 +763,7 @@ module ietf-ac-ntw {
is meant to be used for diagnostic purposes. The semantic
of the description is local to an implementation.";
}
+ uses rt-pol:apply-policy-group;
leaf local-as {
type inet:as-number;
description
@@ -1107,12 +1198,7 @@ module ietf-ac-ntw {
description
"Routing profiles.";
leaf id {
- type leafref {
- path "/nw:networks/nw:network"
- + "/ac-ntw:specific-provisioning-profiles"
- + "/valid-provider-identifiers"
- + "/routing-profile-identifier/id";
- }
+ type routing-profile-reference;
description
"Routing profile to be used.";
}
@@ -1502,12 +1588,7 @@ module ietf-ac-ntw {
description
"Container for BFD.";
leaf profile {
- type leafref {
- path "/nw:networks/nw:network"
- + "/ac-ntw:specific-provisioning-profiles"
- + "/valid-provider-identifiers"
- + "/bfd-profile-identifier/id";
- }
+ type bfd-profile-reference;
description
"Well-known service provider profile name.";
}
@@ -1583,12 +1664,7 @@ module ietf-ac-ntw {
"Choice for the encryption profile.";
case provider-profile {
leaf profile-name {
- type leafref {
- path "/nw:networks/nw:network"
- + "/ac-ntw:specific-provisioning-profiles"
- + "/valid-provider-identifiers"
- + "/encryption-profile-identifier/id";
- }
+ type encryption-profile-reference;
description
"Name of the provider's profile to be applied.";
}
@@ -1636,6 +1712,7 @@ module ietf-ac-ntw {
}
}
}
+
//AC network provisioning
grouping ac {
@@ -1672,6 +1749,62 @@ module ietf-ac-ntw {
"AC-specific security parameters.";
uses security;
}
+ container service {
+ description
+ "AC-specific bandwith parameters.";
+ leaf mtu {
+ type uint32;
+ units "bytes";
+ description
+ "Layer 2 MTU.";
+ }
+ uses ac-svc:bandwidth;
+ container qos {
+ if-feature "vpn-common:qos";
+ description
+ "QoS configuration.";
+ container qos-profiles {
+ description
+ "QoS profile configuration.";
+ list qos-profile {
+ key "profile";
+ description
+ "Points to a QoS profile.";
+ leaf profile {
+ type qos-profile-reference;
+ description
+ "QoS profile to be used.";
+ }
+ leaf direction {
+ type identityref {
+ base vpn-common:qos-profile-direction;
+ }
+ description
+ "The direction to which the QoS profile
+ is applied.";
+ }
+ }
+ }
+ }
+ container access-control-list {
+ description
+ "Container for the Access Control List (ACL).";
+ container acl-profiles {
+ description
+ "ACL profile configuration.";
+ list acl-profile {
+ key "profile";
+ description
+ "Points to an ACL profile.";
+ leaf profile {
+ type forwarding-profile-reference;
+ description
+ "Forwarding profile to be used.";
+ }
+ }
+ }
+ }
+ }
}
augment "/nw:networks/nw:network" {
@@ -1681,7 +1814,7 @@ module ietf-ac-ntw {
description
"Contains a set of valid profiles to reference in the AC
activation.";
- uses vpn-common:vpn-profile-cfg;
+ uses ac-common:ac-profile-cfg;
}
list ac-profile {
key "name";
@@ -1711,9 +1844,9 @@ module ietf-ac-ntw {
leaf name {
type string;
description
- "A local AC identifier.";
+ "A name that identifies the AC locally.";
}
- leaf ac-ref {
+ leaf ac-svc-ref {
type ac-svc:attachment-circuit-reference;
description
"A reference to the AC as exposed at the service level.";
@@ -1723,13 +1856,19 @@ module ietf-ac-ntw {
description
"List of AC profiles.";
leaf profile-id {
- type leafref {
- path "/nw:networks/nw:network/ac-profile/name";
- }
+ type ac-profile-reference;
description
"A reference to an AC profile.";
}
}
+ leaf ac-parent-ref {
+ type ac-ntw:attachment-circuit-reference;
+ description
+ "Specifies the parent AC that is inherited by an AC.
+ Parent ACs are used, e.g., in contexts where multiple
+ CEs are terminating the same AC, but some specific
+ information is required for each peer SAP.";
+ }
leaf-list peer-sap-id {
type string;
description
diff --git a/experimental/ietf-extracted-YANG-modules/ietf-ac-svc@2022-11-30.yang b/experimental/ietf-extracted-YANG-modules/ietf-ac-svc@2023-11-13.yang
similarity index 87%
rename from experimental/ietf-extracted-YANG-modules/ietf-ac-svc@2022-11-30.yang
rename to experimental/ietf-extracted-YANG-modules/ietf-ac-svc@2023-11-13.yang
index 05281dbf9..fe2ff9a07 100644
--- a/experimental/ietf-extracted-YANG-modules/ietf-ac-svc@2022-11-30.yang
+++ b/experimental/ietf-extracted-YANG-modules/ietf-ac-svc@2023-11-13.yang
@@ -63,7 +63,7 @@ module ietf-ac-svc {
This version of this YANG module is part of RFC XXXX; see the
RFC itself for full legal notices.";
- revision 2022-11-30 {
+ revision 2023-11-13 {
description
"Initial revision.";
reference
@@ -88,11 +88,11 @@ module ietf-ac-svc {
description
"Defines a reference to an attachment circuit profile.";
}
-
typedef encryption-profile-reference {
type leafref {
path
- "/ac-svc:specific-provisioning-profiles/ac-svc:valid-provider-identifiers"
+ "/ac-svc:specific-provisioning-profiles"
+ + "/ac-svc:valid-provider-identifiers"
+ "/ac-svc:encryption-profile-identifier/ac-svc:id";
}
description
@@ -103,7 +103,8 @@ module ietf-ac-svc {
typedef qos-profile-reference {
type leafref {
path
- "/ac-svc:specific-provisioning-profiles/ac-svc:valid-provider-identifiers"
+ "/ac-svc:specific-provisioning-profiles"
+ + "/ac-svc:valid-provider-identifiers"
+ "/ac-svc:qos-profile-identifier/ac-svc:id";
}
description
@@ -113,7 +114,8 @@ module ietf-ac-svc {
typedef bfd-profile-reference {
type leafref {
path
- "/ac-svc:specific-provisioning-profiles/ac-svc:valid-provider-identifiers"
+ "/ac-svc:specific-provisioning-profiles"
+ + "/ac-svc:valid-provider-identifiers"
+ "/ac-svc:bfd-profile-identifier/ac-svc:id";
}
description
@@ -123,31 +125,37 @@ module ietf-ac-svc {
typedef forwarding-profile-reference {
type leafref {
path
- "/ac-svc:specific-provisioning-profiles/ac-svc:valid-provider-identifiers"
+ "/ac-svc:specific-provisioning-profiles"
+ + "/ac-svc:valid-provider-identifiers"
+ "/ac-svc:forwarding-profile-identifier/ac-svc:id";
}
description
- "Defines a type to a forwarding profile for referencing purposes.";
+ "Defines a type to a forwarding profile for referencing
+ purposes.";
}
typedef routing-profile-reference {
type leafref {
path
- "/ac-svc:specific-provisioning-profiles/ac-svc:valid-provider-identifiers"
+ "/ac-svc:specific-provisioning-profiles"
+ + "/ac-svc:valid-provider-identifiers"
+ "/ac-svc:routing-profile-identifier/ac-svc:id";
}
description
- "Defines a type to a routing profile for referencing purposes.";
+ "Defines a type to a routing profile for referencing
+ purposes.";
}
typedef service-profile-reference {
type leafref {
path
- "/ac-svc:service-provisioning-profiles/ac-svc:service-profile-identifier"
+ "/ac-svc:service-provisioning-profiles"
+ + "/ac-svc:service-profile-identifier"
+ "/ac-svc:id";
}
description
- "Defines a type to a service profile for referencing purposes.";
+ "Defines a type to a service profile for referencing
+ purposes.";
}
/******************** Reusable groupings ********************/
@@ -155,8 +163,9 @@ module ietf-ac-svc {
grouping l2-connection-basic {
description
- "Defines Layer 2 protocols and parameters that can be factorized
- when provisioning Layer 2 connectivity among multiple ACs.";
+ "Defines Layer 2 protocols and parameters that can be
+ factorized when provisioning Layer 2 connectivity
+ among multiple ACs.";
container encapsulation {
description
"Container for Layer 2 encapsulation.";
@@ -189,12 +198,13 @@ module ietf-ac-svc {
}
}
}
+
// Full Layer 2 connection
grouping l2-connection {
description
- "Defines Layer 2 protocols and parameters that are used to enable
- AC connectivity.";
+ "Defines Layer 2 protocols and parameters that are used to
+ enable AC connectivity.";
container encapsulation {
description
"Container for Layer 2 encapsulation.";
@@ -203,7 +213,7 @@ module ietf-ac-svc {
base vpn-common:encapsulation-type;
}
description
- "Encapsulation type.";
+ "Indicates the encapsulation type.";
}
container dot1q {
when "derived-from-or-self(../type, 'vpn-common:dot1q')" {
@@ -239,9 +249,9 @@ module ietf-ac-svc {
}
choice l2-service {
description
- "The Layer 2 connectivity service can be provided by indicating
- a pointer to an L2VPN or by specifying a Layer 2 tunnel
- service.";
+ "The Layer 2 connectivity service can be provided by
+ indicating a pointer to an L2VPN or by specifying a
+ Layer 2 tunnel service.";
container l2-tunnel-service {
description
"Defines a Layer 2 tunnel termination.
@@ -252,8 +262,8 @@ module ietf-ac-svc {
leaf l2vpn-id {
type vpn-common:vpn-id;
description
- "Indicates the L2VPN service associated with an Integrated
- Routing and Bridging (IRB) interface.";
+ "Indicates the L2VPN service associated with an
+ Integrated Routing and Bridging (IRB) interface.";
}
}
}
@@ -346,8 +356,9 @@ module ietf-ac-svc {
list peer-group {
key "name";
description
- "List of BGP peer-groups configured on the local system -
- uniquely identified by peer-group name";
+ "List of BGP peer-groups configured on the local
+ system - uniquely identified by peer-group
+ name.";
uses ac-common:bgp-peer-group-with-name;
leaf local-address {
type inet:ip-address;
@@ -413,7 +424,6 @@ module ietf-ac-svc {
uses ac-common:isis-authentication;
uses vpn-common:service-status;
}
-
// RIP Service
grouping rip-svc {
@@ -479,8 +489,9 @@ module ietf-ac-svc {
list peer-group {
key "name";
description
- "List of BGP peer-groups configured on the local system -
- uniquely identified by peer-group name";
+ "List of BGP peer-groups configured on the local
+ system - uniquely identified by peer-group
+ name.";
uses ac-common:bgp-peer-group-with-name;
}
}
@@ -618,7 +629,8 @@ module ietf-ac-svc {
+ "'vpn-common:rip-routing')" {
description
"Only applies when the protocol is RIP.
- For IPv4, the model assumes that RIP version 2 is used.";
+ For IPv4, the model assumes that RIP version 2 is
+ used.";
}
description
"Configuration specific to RIP routing.";
@@ -691,8 +703,8 @@ module ietf-ac-svc {
enum layer3 {
description
"Encryption occurs at Layer 3.
- For example, IPsec may be used when a customer requests
- Layer 3 encryption.";
+ For example, IPsec may be used when a customer
+ requests Layer 3 encryption.";
}
}
description
@@ -710,7 +722,7 @@ module ietf-ac-svc {
}
}
- // Bandwith
+ // Bandwith parameters
grouping bandwidth {
description
@@ -733,7 +745,7 @@ module ietf-ac-svc {
}
}
- // Basic AC parameter
+ // Basic AC parameters
grouping ac-basic {
description
@@ -745,8 +757,8 @@ module ietf-ac-svc {
}
container l2-connection {
description
- "Defines Layer 2 protocols and parameters that are required to
- enable AC connectivity.";
+ "Defines Layer 2 protocols and parameters that are required
+ to enable AC connectivity.";
uses l2-connection-basic;
}
container ip-connection {
@@ -761,8 +773,8 @@ module ietf-ac-svc {
}
container oam {
description
- "Defines the Operations, Administration, and Maintenance (OAM)
- mechanisms used.";
+ "Defines the Operations, Administration, and Maintenance
+ (OAM) mechanisms used.";
container bfd {
if-feature "vpn-common:bfd";
description
@@ -796,8 +808,9 @@ module ietf-ac-svc {
leaf name {
type string;
description
- "A name of the AC. Data models that need to reference an attachment
- circuits should use attachment-circuit-reference.";
+ "A name of the AC. Data models that need to reference
+ an attachment circuit should use
+ attachment-circuit-reference.";
}
leaf-list service-profile {
type service-profile-reference;
@@ -806,8 +819,8 @@ module ietf-ac-svc {
}
container l2-connection {
description
- "Defines Layer 2 protocols and parameters that are required to
- enable AC connectivity.";
+ "Defines Layer 2 protocols and parameters that are required
+ to enable AC connectivity.";
uses l2-connection;
}
container ip-connection {
@@ -889,13 +902,21 @@ module ietf-ac-svc {
leaf customer-name {
type string;
description
- "Indicates the name of the customer that requested this AC.";
+ "Indicates the name of the customer that requested this
+ AC.";
}
leaf description {
type string;
description
"Associates a description with an AC.";
}
+ leaf test-only {
+ type empty;
+ description
+ "When present, this indicates that this is a feasibility
+ check request. No resources are commited for such AC
+ requests.";
+ }
uses ac-common:op-instructions;
leaf-list peer-sap-id {
type string;
@@ -907,6 +928,15 @@ module ietf-ac-svc {
description
"A reference to an AC profile.";
}
+ leaf ac-bundle-ref {
+ type ac-svc:attachment-circuit-reference;
+ description
+ "Specifies the AC bundle that is inherited by an AC.
+ AC bundles are used, e.g., in contexts where dynamic
+ terminating points are managed while stable AC reference
+ are exposed to services that make use of these dynamic
+ ACs.";
+ }
list group {
key "group-id";
description
@@ -925,6 +955,29 @@ module ietf-ac-svc {
"Defines redundancy of an AC.";
}
}
+ list service-ref {
+ key "service-type service-id";
+ config false;
+ description
+ "Reports the set of services that are bound to the AC.";
+ leaf service-type {
+ type identityref {
+ base vpn-common:service-type;
+ }
+ description
+ "Indicates the service type (e.g., L3VPN, Network Slice
+ Service).";
+ reference
+ "RFC 9408: A YANG Network Data Model for Service
+ Attachment Points (SAPs), Section 5";
+ }
+ leaf service-id {
+ type string;
+ description
+ "Indicates an identifier of a service instance
+ of a given type that uses the AC.";
+ }
+ }
uses ac;
}
}
diff --git a/experimental/ietf-extracted-YANG-modules/ietf-bearer-svc@2022-11-30.yang b/experimental/ietf-extracted-YANG-modules/ietf-bearer-svc@2023-11-13.yang
similarity index 93%
rename from experimental/ietf-extracted-YANG-modules/ietf-bearer-svc@2022-11-30.yang
rename to experimental/ietf-extracted-YANG-modules/ietf-bearer-svc@2023-11-13.yang
index dd089af2a..1e5b5caef 100644
--- a/experimental/ietf-extracted-YANG-modules/ietf-bearer-svc@2022-11-30.yang
+++ b/experimental/ietf-extracted-YANG-modules/ietf-bearer-svc@2023-11-13.yang
@@ -53,7 +53,7 @@ module ietf-bearer-svc {
This version of this YANG module is part of RFC xxx; see the
RFC itself for full legal notices.";
- revision 2022-11-30 {
+ revision 2023-11-13 {
description
"Initial revision.";
reference
@@ -124,8 +124,8 @@ module ietf-bearer-svc {
leaf location-name {
type string;
description
- "Provides a location name. This data node can be mapped, e.g., to the 3GPP
- NRM IOC ManagedElement.";
+ "Provides a location name. This data node can be mapped,
+ e.g., to the 3GPP NRM IOC ManagedElement.";
}
leaf address {
type string;
@@ -251,9 +251,10 @@ module ietf-bearer-svc {
leaf op-comment {
type string;
description
- "Includes comments that can be shared with operational teams and
- which may be useful for the activation of a bearer. This may include,
- for example, information about the building, level, etc.";
+ "Includes comments that can be shared with operational
+ teams and which may be useful for the activation of a
+ bearer. This may include, for example, information
+ about the building, level, etc.";
}
container customer-point {
description
@@ -295,7 +296,8 @@ module ietf-bearer-svc {
leaf site-id {
type string;
description
- "Identifier for the site or sites where that bearer belongs.";
+ "Identifier for the site or sites where that bearer
+ belongs.";
}
uses location-information;
}
@@ -316,7 +318,15 @@ module ietf-bearer-svc {
base bearer-type;
}
description
- "Type of the requested bearer (e.g., Ethernet or wireless)";
+ "Type of the requested bearer (e.g., Ethernet or
+ wireless)";
+ }
+ leaf test-only {
+ type empty;
+ description
+ "When present, this indicates that this is a feasibility
+ check request. No resources are commited for such bearer
+ requests.";
}
leaf bearer-reference {
if-feature "vpn-common:bearer-reference";
@@ -326,7 +336,7 @@ module ietf-bearer-svc {
"This is an internal reference for the service provider
to identify the bearers.";
}
- leaf-list ac-refs {
+ leaf-list ac-svc-ref {
type ac-svc:attachment-circuit-reference;
config false;
description
diff --git a/experimental/ietf-extracted-YANG-modules/ietf-ospfv3-extended-lsa@2023-08-21.yang b/experimental/ietf-extracted-YANG-modules/ietf-ospfv3-extended-lsa@2023-11-29.yang
similarity index 89%
rename from experimental/ietf-extracted-YANG-modules/ietf-ospfv3-extended-lsa@2023-08-21.yang
rename to experimental/ietf-extracted-YANG-modules/ietf-ospfv3-extended-lsa@2023-11-29.yang
index 5e14857ed..a0d265101 100644
--- a/experimental/ietf-extracted-YANG-modules/ietf-ospfv3-extended-lsa@2023-08-21.yang
+++ b/experimental/ietf-extracted-YANG-modules/ietf-ospfv3-extended-lsa@2023-11-29.yang
@@ -1,49 +1,42 @@
module ietf-ospfv3-extended-lsa {
yang-version 1.1;
- namespace
- "urn:ietf:params:xml:ns:yang:ietf-ospfv3-extended-lsa";
-
+ namespace "urn:ietf:params:xml:ns:yang:ietf-ospfv3-extended-lsa";
prefix ospfv3-e-lsa;
import ietf-routing-types {
- prefix "rt-types";
+ prefix rt-types;
reference
"RFC 8294: Common YANG Data Types for the Routing Area";
}
-
import ietf-inet-types {
- prefix "inet";
+ prefix inet;
reference
"RFC 6991: Common YANG Data Types";
}
-
import ietf-routing {
- prefix "rt";
+ prefix rt;
reference
"RFC 8349: A YANG Data Model for Routing
Management (NMDA Version)";
}
-
import ietf-ospf {
- prefix "ospf";
+ prefix ospf;
reference
"RFC 9129: A YANG Data Model for OSPF Protocol";
}
organization
"IETF LSR - Link State Routing Working Group";
-
contact
- "WG Web:
- WG List:
-
- Author: Acee Lindem
-
- Author: Sharmila Palani
-
- Author: Yingzhen Qu
- ";
-
+ "WG Web:
+ WG List:
+
+ Author: Acee Lindem
+
+ Author: Sharmila Palani
+
+ Author: Yingzhen Qu
+ ";
description
"This YANG module defines the configuration
and operational state for OSPFv3 Extended LSAs, which is
@@ -63,6 +56,7 @@ module ietf-ospfv3-extended-lsa {
forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(https://trustee.ietf.org/license-info).
+
This version of this YANG module is part of RFC XXXX
(https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself
for full legal notices.
@@ -72,10 +66,10 @@ module ietf-ospfv3-extended-lsa {
'MAY', and 'OPTIONAL' in this document are to be interpreted as
described in BCP 14 (RFC 2119) (RFC 8174) when, and only when,
they appear in all capitals, as shown here.";
+ reference
+ "RFC XXXX - YANG Model for OSPFv3 Extended LSAs";
- reference "RFC XXXX - YANG Model for OSPFv3 Extended LSAs";
-
- revision 2023-08-21 {
+ revision 2023-11-29 {
description
"Initial revision.";
reference
@@ -85,6 +79,7 @@ module ietf-ospfv3-extended-lsa {
/*
* OSPFv3 Extend LSA Type Identities
*/
+
identity ospfv3-e-router-lsa {
base ospf:ospfv3-lsa-type;
description
@@ -111,6 +106,7 @@ module ietf-ospfv3-extended-lsa {
"RFC 8362: OSPFv3 Link State Advertisement (LSA)
Extensibility, Section 4.3 and Section 4.4";
}
+
identity ospfv3-e-inter-area-prefix-lsa {
base ospfv3-e-summary-lsa-type;
description
@@ -435,6 +431,7 @@ module ietf-ospfv3-extended-lsa {
}
/* Configuration */
+
augment "/rt:routing/rt:control-plane-protocols"
+ "/rt:control-plane-protocol/ospf:ospf" {
when "../rt:type = 'ospf:ospfv3'" {
@@ -446,7 +443,7 @@ module ietf-ospfv3-extended-lsa {
with Extended LSA support.";
leaf extended-lsa-support {
type boolean;
- default false;
+ default "false";
description
"Enable OSPFv3 Extended LSA Support for the OSPFv3
domain";
@@ -457,7 +454,8 @@ module ietf-ospfv3-extended-lsa {
}
augment "/rt:routing/rt:control-plane-protocols/"
- + "rt:control-plane-protocol/ospf:ospf/ospf:areas/ospf:area" {
+ + "rt:control-plane-protocol/ospf:ospf/ospf:"
+ + "areas/ospf:area" {
when "../../../rt:type = 'ospf:ospfv3'" {
description
"This augments the OSPFv3 protocol area-level configuration
@@ -468,17 +466,17 @@ module ietf-ospfv3-extended-lsa {
configuration with Extended LSA support.";
leaf extended-lsa-support {
type boolean;
- must "derived-from(../ospf:area-type,'stub-nssa-area') or "
- + "(current() = 'true') or "
- + "(../../../extended-lsa-support = 'false')" {
+ must "derived-from(../ospf:area-type,'stub-nssa-area') or "
+ + "(current() = 'true') or "
+ + "(../../../extended-lsa-support = 'false')" {
description
- "For regular areas, i.e., areas where AS-scoped LSAs
- are flooded, disabling AreaExtendedLSASupport at the
- area level is prohibited when ExtendedLSASupport is
- enabled at the instance level. AS-External LSAs
- are flooded into all OSPFv3 regular areas (i.e., not
- a stub or an NSSA area) and disabling support at the
- area level is not possible.";
+ "For regular areas, i.e., areas where AS-scoped LSAs
+ are flooded, disabling AreaExtendedLSASupport at the
+ area level is prohibited when ExtendedLSASupport is
+ enabled at the instance level. AS-External LSAs
+ are flooded into all OSPFv3 regular areas (i.e., not
+ a stub or an NSSA area) and disabling support at the
+ area level is not possible.";
}
description
"Enable OSPFv3 Extended LSA Support for the OSPFv3
@@ -492,16 +490,17 @@ module ietf-ospfv3-extended-lsa {
/*
* Link State Database (LSDB) Augmentations
- */
+ */
+
augment "/rt:routing/"
- + "rt:control-plane-protocols/rt:control-plane-protocol/"
- + "ospf:ospf/ospf:areas/ospf:area/"
- + "ospf:interfaces/ospf:interface/ospf:database/"
- + "ospf:link-scope-lsa-type/ospf:link-scope-lsas/"
- + "ospf:link-scope-lsa/ospf:version/ospf:ospfv3/"
- + "ospf:ospfv3/ospf:body" {
+ + "rt:control-plane-protocols/rt:control-plane-protocol/"
+ + "ospf:ospf/ospf:areas/ospf:area/"
+ + "ospf:interfaces/ospf:interface/ospf:database/"
+ + "ospf:link-scope-lsa-type/ospf:link-scope-lsas/"
+ + "ospf:link-scope-lsa/ospf:version/ospf:ospfv3/"
+ + "ospf:ospfv3/ospf:body" {
when "../../../../../../../../../../../"
- + "rt:type = 'ospf:ospfv3'" {
+ + "rt:type = 'ospf:ospfv3'" {
description
"This augmentation is only valid for OSPFv3.";
}
@@ -509,7 +508,6 @@ module ietf-ospfv3-extended-lsa {
"This augmentation adds OSPFv3 Link-Scoped Extended LSAs
to the operational state for an interface Link State
Database (LSDB).";
-
container e-link {
when "../../ospf:header/ospf:type = "
+ "'ospfv3-e-lsa:ospfv3-e-link-lsa'" {
@@ -543,11 +541,11 @@ module ietf-ospfv3-extended-lsa {
}
augment "/rt:routing/"
- + "rt:control-plane-protocols/rt:control-plane-protocol/"
- + "ospf:ospf/ospf:areas/ospf:area/ospf:database/"
- + "ospf:area-scope-lsa-type/ospf:area-scope-lsas/"
- + "ospf:area-scope-lsa/ospf:version/ospf:ospfv3/"
- + "ospf:ospfv3/ospf:body" {
+ + "rt:control-plane-protocols/rt:control-plane-protocol/"
+ + "ospf:ospf/ospf:areas/ospf:area/ospf:database/"
+ + "ospf:area-scope-lsa-type/ospf:area-scope-lsas/"
+ + "ospf:area-scope-lsa/ospf:version/ospf:ospfv3/"
+ + "ospf:ospfv3/ospf:body" {
when "../../../../../../../../../"
+ "rt:type = 'ospf:ospfv3'" {
description
@@ -557,14 +555,12 @@ module ietf-ospfv3-extended-lsa {
"This augmentation adds OSPFv3 Area-Scoped Extended LSAs
to the operational state for an area Link State
Database (LSDB).";
-
reference
"RFC 8362: OSPFv3 Link State Advertisement (LSA)
- Extensibility, Section 4";
-
+ Extensibility, Section 4";
container e-router {
- when "../../ospf:header/ospf:type = "
- + "'ospfv3-e-lsa:ospfv3-e-router-lsa'" {
+ when "../../ospf:header/ospf:type = "
+ + "'ospfv3-e-lsa:ospfv3-e-router-lsa'" {
description
"Only valid for OSPFv3 Extended-Router LSAs";
}
@@ -575,7 +571,6 @@ module ietf-ospfv3-extended-lsa {
Extensibility, Section 4.1";
uses ospf:ospf-router-lsa-bits;
uses ospf:ospfv3-lsa-options;
-
list e-router-tlvs {
description
"E-Router LSA TLVs";
@@ -612,8 +607,8 @@ module ietf-ospfv3-extended-lsa {
}
leaf metric {
type uint16;
- description
- "Link Metric";
+ description
+ "Link Metric";
}
list sub-tlvs {
description
@@ -623,7 +618,6 @@ module ietf-ospfv3-extended-lsa {
}
}
}
-
container e-network {
when "../../ospf:header/ospf:type = "
+ "'ospfv3-e-lsa:ospfv3-e-network-lsa'" {
@@ -655,7 +649,6 @@ module ietf-ospfv3-extended-lsa {
}
}
}
-
container e-nssa {
when "../../ospf:header/ospf:type = "
+ "'ospfv3-e-lsa:ospfv3-e-nssa-lsa'" {
@@ -678,7 +671,6 @@ module ietf-ospfv3-extended-lsa {
"RFC 8362: OSPFv3 Link State Advertisement (LSA)
Extensibility, Section 4.6";
}
-
container e-inter-area-prefix {
when "../../ospf:header/ospf:type = "
+ "'ospfv3-e-lsa:ospfv3-e-inter-area-prefix-lsa'" {
@@ -703,8 +695,8 @@ module ietf-ospfv3-extended-lsa {
"Unknown E-Inter-Area-Prefix LSA TLV";
leaf metric {
type rt-types:uint24;
- description
- "Inter-Area Prefix Metric";
+ description
+ "Inter-Area Prefix Metric";
}
uses ospfv3-lsa-prefix;
list sub-tlvs {
@@ -715,7 +707,6 @@ module ietf-ospfv3-extended-lsa {
}
}
}
-
container e-inter-area-router {
when "../../ospf:header/ospf:type = "
+ "'ospfv3-e-lsa:ospfv3-e-inter-area-router-lsa'" {
@@ -741,8 +732,8 @@ module ietf-ospfv3-extended-lsa {
uses ospf:ospfv3-lsa-options;
leaf metric {
type rt-types:uint24;
- description
- "Inter-Area Router Metric";
+ description
+ "Inter-Area Router Metric";
}
leaf destination-router-id {
type rt-types:router-id;
@@ -757,7 +748,6 @@ module ietf-ospfv3-extended-lsa {
}
}
}
-
container e-intra-area-prefix {
when "../../ospf:header/ospf:type = "
+ "'ospfv3-e-lsa:ospfv3-e-intra-area-prefix-lsa'" {
@@ -798,13 +788,13 @@ module ietf-ospfv3-extended-lsa {
}
augment "/rt:routing/"
- + "rt:control-plane-protocols/rt:control-plane-protocol/"
- + "ospf:ospf/ospf:database/"
- + "ospf:as-scope-lsa-type/ospf:as-scope-lsas/"
- + "ospf:as-scope-lsa/ospf:version/ospf:ospfv3/"
- + "ospf:ospfv3/ospf:body" {
+ + "rt:control-plane-protocols/rt:control-plane-protocol/"
+ + "ospf:ospf/ospf:database/"
+ + "ospf:as-scope-lsa-type/ospf:as-scope-lsas/"
+ + "ospf:as-scope-lsa/ospf:version/ospf:ospfv3/"
+ + "ospf:ospfv3/ospf:body" {
when "../../../../../../../"
- + "rt:type = 'ospf:ospfv3'" {
+ + "rt:type = 'ospf:ospfv3'" {
description
"This augmentation is only valid for OSPFv3.";
}
@@ -812,7 +802,6 @@ module ietf-ospfv3-extended-lsa {
"This augmentation adds OSPFv3 AS-Scoped Extended LSAs
to the operational state for an AS instance-level Link
State Database (LSDB).";
-
container e-as-external {
when "../../ospf:header/ospf:type = "
+ "'ospfv3-e-lsa:ospfv3-e-as-external-lsa'" {
@@ -833,7 +822,7 @@ module ietf-ospfv3-extended-lsa {
"E-AS-External LSA.";
reference
"RFC 8362: OSPFv3 Link State Advertisement (LSA)
- Extensibility, Section 4.5";
+ Extensibility, Section 4.5";
}
}
}
diff --git a/experimental/ietf-extracted-YANG-modules/ietf-voucher-security-profile@2023-05-30.yang b/experimental/ietf-extracted-YANG-modules/ietf-voucher-security-profile@2023-05-30.yang
index 821cadeab..c3645b8aa 100644
--- a/experimental/ietf-extracted-YANG-modules/ietf-voucher-security-profile@2023-05-30.yang
+++ b/experimental/ietf-extracted-YANG-modules/ietf-voucher-security-profile@2023-05-30.yang
@@ -19,12 +19,12 @@ module ietf-voucher-security-profile {
organization
"IETF ANIMA Working Group";
-
contact
"WG Web:
WG List:
Author: Srihari Raghavan
";
+
description
"This module extends the RFC8366 voucher format to provide
a mechanism by which the authority can configure the security
@@ -35,11 +35,35 @@ module ietf-voucher-security-profile {
and 'OPTIONAL' in the module text are to be interpreted as
described in BCP 14 RFC 2119, and RFC8174.";
- revision "2023-05-30" {
+ revision "2023-05-30" {
+ description
+ "Initial version";
+ reference
+ "RFC XXXX: Voucher extensions for security profile";
+ }
+
+ revision "2023-11-27" {
+ description
+ "Updates to security profile aspects";
+ reference
+ "RFC XXXX: Voucher extensions for security profile";
+ }
+
+ feature security-profile-ietf
+ {
description
- "Initial version";
- reference
- "RFC XXXX: Voucher extensions for security profile";
+ "This feature indicates that the IETF version of the security profile
+ feature is supported";
+ reference "RFC XXXX: Voucher extensions for security profile";
+ }
+
+ feature security-profile-oem
+ {
+ description
+ "This feature indicates that the oem version of the security profile
+ feature is supported. The OEM list is expected to be based on
+ https://www.iana.org/assignments/enterprise-numbers/ (PENs).";
+ reference "RFC XXXX: Voucher extensions for security profile";
}
rc:yang-data voucher-security-profile-artifact {
@@ -47,10 +71,10 @@ module ietf-voucher-security-profile {
uses voucher-security-profile-grouping;
}
- typedef bitmask32 {
- type uint32;
+ typedef bitmask64 {
+ type uint64;
description
- "The bitmask32 type represents a non-negative integer
+ "The bitmask64 type represents a non-negative integer
that represents a bit mask type field with each bit
set (or unset) representing a different intent along
with a range of bits/values representing a group. Using
@@ -62,9 +86,9 @@ module ietf-voucher-security-profile {
not lend itself easily to range based comparisons and
hence the need for a customized type definition.
- The bitmask32 type can be used for configuration
+ The bitmask64 type can be used for configuration
schema nodes. A default statement can be used in
- combination with the type bitmask32.";
+ combination with the type bitmask64.";
reference
"RFC 2578: Structure of Management Information Version 2
@@ -75,25 +99,32 @@ module ietf-voucher-security-profile {
//
// These are separated into two-groups: standardized and OEM.
//
- // The security-parameters-standard are subject to standards
+ // The security-parameters-standard are subject to standards definition
// for inter-operability while the OEM range is expected to be
// implementation dependent.
//
//
- grouping security-parameters-oem-group {
- leaf security-params-oem-value {
- type bitmask32;
+ // The specific bits are expected to be defined
+ // following discussions with WG members and some examples
+ // could be FIPS mode handling, SELinux handling,
+ // Linux IMA handling etc., which could decide the
+ // overall security posture of a device.";
+ //
+ //
+ grouping security-parameters-group {
+ leaf security-params-value {
+ type bitmask64;
description
"Bit map for the different underlying security
parameters. This is only valid if
security-profile-enable-flag is true.
- Range: - 0x1, 0x2, 0x4..0x8000..0x10000..0x800000000
+ Range: - 0x1, 0x2, 0x4..0x8000..0x10000..
";
}
- leaf security-params-oem-mask {
- type bitmask32;
+ leaf security-params-mask {
+ type bitmask64;
description
"This represents the mask for the value above.
If this mask is on for a bit, the corresponding
@@ -101,62 +132,20 @@ module ietf-voucher-security-profile {
the mask is off, the value of the bit could be
treated as a don't care or default value";
}
- description
- "This grouping represents the OEM group of the
- security parameters.
- ";
}
grouping security-parameters {
- leaf security-parameters-standard {
- type bits {
- bit reserved { position 0; }
- bit last;
- }
+ container security-parameters-standard {
+ if-feature security-profile-ietf;
description
- "The specific bits are expected to be defined
- following discussions with WG members and some examples
- could be FIPS mode handling, SELinux handling,
- Linux IMA handling etc., which could decide the
- overall security posture of a device.";
- }
-
- container security-parameters-oem {
- uses security-parameters-oem-group;
- description
- "This is the overall security parameters
- for OEMs.";
- }
-
- description
- "This represents the overall security
- parameters group that encompasses the
- standards and oem based parameters.
- ";
- }
-
- grouping voucher-security-profile-grouping {
- description
- "Grouping to allow reuse/extensions in future work.";
-
- uses iv:voucher-artifact-grouping {
- augment "voucher" {
- description "Base the security profile voucher
- upon the regular voucher";
-
- leaf security-profile-enable-flag {
- type boolean;
- description
- "A global enable flag to the pledge that security
- profiles for this pledge is enabled(true) or
- not (false). With default, this flag is false,
- which is consistent with the voucher
- artifact in RFC8366. ";
- }
-
- uses security-parameters;
+ "Security profiles based on IETF version.";
+ leaf enabled {
+ type boolean;
+ default false;
+ description
+ "When true, IETF version of security profiles MUST be processed.";
}
+
+ uses security-parameters-group;
}
- }
-}