draft-ietf-netmod-ip-cfg-14.txt   rfc7277.txt 
Network Working Group M. Bjorklund Internet Engineering Task Force (IETF) M. Bjorklund
Internet-Draft Tail-f Systems Request for Comments: 7277 Tail-f Systems
Intended status: Standards Track March 28, 2014 Category: Standards Track June 2014
Expires: September 29, 2014 ISSN: 2070-1721
A YANG Data Model for IP Management A YANG Data Model for IP Management
draft-ietf-netmod-ip-cfg-14
Abstract Abstract
This document defines a YANG data model for management of IP This document defines a YANG data model for management of IP
implementations. The data model includes configuration data and implementations. The data model includes configuration data and
state data. state data.
Status of this Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering This is an Internet Standards Track document.
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document is a product of the Internet Engineering Task Force
and may be updated, replaced, or obsoleted by other documents at any (IETF). It represents the consensus of the IETF community. It has
time. It is inappropriate to use Internet-Drafts as reference received public review and has been approved for publication by the
material or to cite them other than as "work in progress." Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 5741.
This Internet-Draft will expire on September 29, 2014. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc7277.
Copyright Notice Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction ....................................................2
1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Terminology ................................................2
1.2. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 3 1.2. Tree Diagrams ..............................................3
2. IP Data Model . . . . . . . . . . . . . . . . . . . . . . . . 5 2. IP Data Model ...................................................3
3. Relationship to IP-MIB . . . . . . . . . . . . . . . . . . . . 7 3. Relationship to the IP-MIB ......................................6
4. IP management YANG Module . . . . . . . . . . . . . . . . . . 9 4. IP Management YANG Module .......................................8
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 24 5. IANA Considerations ............................................24
6. Security Considerations . . . . . . . . . . . . . . . . . . . 25 6. Security Considerations ........................................24
7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 27 7. Acknowledgments ................................................25
8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 28 8. References .....................................................25
8.1. Normative References . . . . . . . . . . . . . . . . . . . 28 8.1. Normative References ......................................25
8.2. Informative References . . . . . . . . . . . . . . . . . . 28 8.2. Informative References ....................................26
Appendix A. Example: NETCONF <get> reply . . . . . . . . . . . . 30 Appendix A. Example: NETCONF <get> Reply ..........................28
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 32
1. Introduction 1. Introduction
This document defines a YANG [RFC6020] data model for management of This document defines a YANG [RFC6020] data model for management of
IP implementations. IP implementations.
The data model covers configuration of per-interface IPv4 and IPv6 The data model covers configuration of per-interface IPv4 and IPv6
parameters, and mappings of IP addresses to link-layer addresses. It parameters, and mappings of IP addresses to link-layer addresses. It
also provides information about which IP addresses are operationally also provides information about which IP addresses are operationally
used, and which link-layer mappings exist. Per-interface parameters used, and which link-layer mappings exist. Per-interface parameters
are added through augmentation of the interface data model defined in are added through augmentation of the interface data model defined in
[I-D.ietf-netmod-interfaces-cfg]. [RFC7223].
1.1. Terminology 1.1. Terminology
The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14, [RFC2119].
The following terms are defined in [RFC6241] and are not redefined The following terms are defined in [RFC6241] and are not redefined
here: here:
o client o client
o configuration data o configuration data
o server o server
o state data o state data
skipping to change at page 4, line 8 skipping to change at page 3, line 25
1.2. Tree Diagrams 1.2. Tree Diagrams
A simplified graphical representation of the data model is used in A simplified graphical representation of the data model is used in
this document. The meaning of the symbols in these diagrams is as this document. The meaning of the symbols in these diagrams is as
follows: follows:
o Brackets "[" and "]" enclose list keys. o Brackets "[" and "]" enclose list keys.
o Abbreviations before data node names: "rw" means configuration o Abbreviations before data node names: "rw" means configuration
data (read-write) and "ro" state data (read-only). data (read-write), and "ro" means state data (read-only).
o Symbols after data node names: "?" means an optional node, "!" o Symbols after data node names: "?" means an optional node, "!"
means a presence container, and "*" denotes a list and leaf-list. means a presence container, and "*" denotes a list and leaf-list.
o Parentheses enclose choice and case nodes, and case nodes are also o Parentheses enclose choice and case nodes, and case nodes are also
marked with a colon (":"). marked with a colon (":").
o Ellipsis ("...") stands for contents of subtrees that are not o Ellipsis ("...") stands for contents of subtrees that are not
shown. shown.
2. IP Data Model 2. IP Data Model
This document defines the YANG module "ietf-ip", which augments the This document defines the YANG module "ietf-ip", which augments the
"interface" and "interface-state" lists defined in the "interface" and "interface-state" lists defined in the
"ietf-interfaces" module [I-D.ietf-netmod-interfaces-cfg] with IP "ietf-interfaces" module [RFC7223] with IP-specific data nodes, and
specific data nodes, and adds IP specific state data. also adds IP-specific state data.
The data model has the following structure for IP configuration per The data model has the following structure for IP configuration per
interface: interface:
+--rw if:interfaces +--rw if:interfaces
+--rw if:interface* [name] +--rw if:interface* [name]
... ...
+--rw ipv4! +--rw ipv4!
| +--rw enabled? boolean | +--rw enabled? boolean
| +--rw forwarding? boolean | +--rw forwarding? boolean
| +--rw mtu? uint16 | +--rw mtu? uint16
| +--rw address* [ip] | +--rw address* [ip]
| | +--rw ip inet:ipv4-address-no-zone | | +--rw ip inet:ipv4-address-no-zone
| | +--rw (subnet) | | +--rw (subnet)
| | +--:(prefix-length) | | +--:(prefix-length)
| | | +--rw ip:prefix-length? uint8 | | | +--rw ip:prefix-length? uint8
| | +--:(netmask) | | +--:(netmask)
| | +--rw ip:netmask? yang:dotted-quad | | +--rw ip:netmask? yang:dotted-quad
| +--rw neighbor* [ip] | +--rw neighbor* [ip]
| +--rw ip inet:ipv4-address-no-zone | +--rw ip inet:ipv4-address-no-zone
| +--rw link-layer-address yang:phys-address | +--rw link-layer-address yang:phys-address
+--rw ipv6! +--rw ipv6!
+--rw enabled? boolean +--rw enabled? boolean
+--rw forwarding? boolean +--rw forwarding? boolean
+--rw mtu? uint32 +--rw mtu? uint32
+--rw address* [ip] +--rw address* [ip]
| +--rw ip inet:ipv6-address-no-zone | +--rw ip inet:ipv6-address-no-zone
| +--rw prefix-length uint8 | +--rw prefix-length uint8
+--rw neighbor* [ip] +--rw neighbor* [ip]
| +--rw ip inet:ipv6-address-no-zone | +--rw ip inet:ipv6-address-no-zone
| +--rw link-layer-address yang:phys-address | +--rw link-layer-address yang:phys-address
+--rw dup-addr-detect-transmits? uint32 +--rw dup-addr-detect-transmits? uint32
+--rw autoconf +--rw autoconf
+--rw create-global-addresses? boolean +--rw create-global-addresses? boolean
+--rw create-temporary-addresses? boolean +--rw create-temporary-addresses? boolean
+--rw temporary-valid-lifetime? uint32 +--rw temporary-valid-lifetime? uint32
+--rw temporary-preferred-lifetime? uint32 +--rw temporary-preferred-lifetime? uint32
The data model defines two configuration containers per interface, The data model defines two configuration containers per interface --
"ipv4" and "ipv6", representing the IPv4 and IPv6 address families. "ipv4" and "ipv6", representing the IPv4 and IPv6 address families.
In each container, there is a leaf "enabled" that controls if the In each container, there is a leaf "enabled" that controls whether or
address family is enabled on that interface, and a leaf "forwarding" not the address family is enabled on that interface, and a leaf
that controls if IP packet forwarding for the address family is "forwarding" that controls whether or not IP packet forwarding for
enabled on the interface. In each container, there is also a list of the address family is enabled on the interface. In each container,
configured addresses, and a list of configured mappings from IP there is also a list of configured addresses, and a list of
addresses to link-layer addresses. configured mappings from IP addresses to link-layer addresses.
The data model has the following structure for IP state per The data model has the following structure for IP state per
interface: interface:
+--ro if:interfaces-state +--ro if:interfaces-state
+--ro if:interface* [name] +--ro if:interface* [name]
... ...
+--ro ipv4! +--ro ipv4!
| +--ro forwarding? boolean | +--ro forwarding? boolean
| +--ro mtu? uint16 | +--ro mtu? uint16
| +--ro address* [ip] | +--ro address* [ip]
| | +--ro ip inet:ipv4-address-no-zone | | +--ro ip inet:ipv4-address-no-zone
| | +--ro (subnet)? | | +--ro (subnet)?
| | | +--:(prefix-length) | | | +--:(prefix-length)
| | | | +--ro prefix-length? uint8 | | | | +--ro prefix-length? uint8
| | | +--:(netmask) | | | +--:(netmask)
| | | +--ro netmask? yang:dotted-quad | | | +--ro netmask? yang:dotted-quad
| | +--ro origin? ip-address-origin | | +--ro origin? ip-address-origin
| +--ro neighbor* [ip] | +--ro neighbor* [ip]
| +--ro ip inet:ipv4-address-no-zone | +--ro ip inet:ipv4-address-no-zone
| +--ro link-layer-address? yang:phys-address | +--ro link-layer-address? yang:phys-address
| +--ro origin? neighbor-origin | +--ro origin? neighbor-origin
+--ro ipv6! +--ro ipv6!
+--ro forwarding? boolean +--ro forwarding? boolean
+--ro mtu? uint32 +--ro mtu? uint32
+--ro address* [ip] +--ro address* [ip]
| +--ro ip inet:ipv6-address-no-zone | +--ro ip inet:ipv6-address-no-zone
| +--ro prefix-length uint8 | +--ro prefix-length uint8
| +--ro origin? ip-address-origin | +--ro origin? ip-address-origin
| +--ro status? enumeration | +--ro status? enumeration
+--ro neighbor* [ip] +--ro neighbor* [ip]
+--ro ip inet:ipv6-address-no-zone +--ro ip inet:ipv6-address-no-zone
+--ro link-layer-address? yang:phys-address +--ro link-layer-address? yang:phys-address
+--ro origin? neighbor-origin +--ro origin? neighbor-origin
+--ro is-router? empty +--ro is-router? empty
+--ro state? enumeration +--ro state? enumeration
The data model defines two state containers per interface, "ipv4" and The data model defines two state containers per interface -- "ipv4"
"ipv6", representing the IPv4 and IPv6 address families. In each and "ipv6", representing the IPv4 and IPv6 address families. In each
container, there is a leaf "forwarding" that indicates if IP packet container, there is a leaf "forwarding" that indicates whether or not
forwarding is enabled on that interface. In each container there is IP packet forwarding is enabled on that interface. In each
also a list of all addresses in use, and a list of known mappings container, there is also a list of all addresses in use and a list of
from IP addresses to link-layer addresses. known mappings from IP addresses to link-layer addresses.
3. Relationship to IP-MIB 3. Relationship to the IP-MIB
If the device implements IP-MIB [RFC4293], each entry in the "ipv4/ If the device implements the IP-MIB [RFC4293], each entry in the
address" and "ipv6/address" lists is mapped to one ipAddressEntry, "ipv4/address" and "ipv6/address" lists is mapped to one
where the ipAddressIfIndex refers to the "address" entry's interface. ipAddressEntry, where the ipAddressIfIndex refers to the "address"
entry's interface.
The IP-MIB defines objects to control IPv6 Router Advertisement. The The IP-MIB defines objects to control IPv6 Router Advertisement
corresponding YANG data nodes are defined in messages. The corresponding YANG data nodes are defined in
[I-D.ietf-netmod-routing-cfg]. [ROUTING-MGMT].
The entries in "ipv4/neighbor" and "ipv6/neighbor" are mapped to The entries in "ipv4/neighbor" and "ipv6/neighbor" are mapped to
ipNetToPhysicalTable. ipNetToPhysicalTable.
The following tables list the YANG data nodes with corresponding The following tables list the YANG data nodes with corresponding
objects in the IP-MIB. objects in the IP-MIB.
+----------------------------------+--------------------------------+ +----------------------------------+--------------------------------+
| YANG data node in | IP-MIB object | | YANG data node in | IP-MIB object |
| /if:interfaces/if:interface | | | /if:interfaces/if:interface | |
+----------------------------------+--------------------------------+ +----------------------------------+--------------------------------+
| ipv4/enabled | ipv4InterfaceEnableStatus | | ipv4/enabled | ipv4InterfaceEnableStatus |
| ipv4/address | ipAddressEntry | | ipv4/address | ipAddressEntry |
| ipv4/address/ip | ipAddressAddrType | | ipv4/address/ip | ipAddressAddrType |
| | ipAddressAddr | | | ipAddressAddr |
| ipv4/neighbor | ipNetToPhysicalEntry | | ipv4/neighbor | ipNetToPhysicalEntry |
| ipv4/neighbor/ip | ipNetToPhysicalNetAddressType | | ipv4/neighbor/ip | ipNetToPhysicalNetAddressType |
| | ipNetToPhysicalNetAddressAddr | | | ipNetToPhysicalNetAddress |
| ipv4/neighbor/link-layer-address | ipNetToPhysicalPhysAddress | | ipv4/neighbor/link-layer-address | ipNetToPhysicalPhysAddress |
| | |
| ipv6/enabled | ipv6InterfaceEnableStatus | | ipv6/enabled | ipv6InterfaceEnableStatus |
| ipv6/forwarding | ipv6InterfaceForwarding | | ipv6/forwarding | ipv6InterfaceForwarding |
| ipv6/address | ipAddressEntry | | ipv6/address | ipAddressEntry |
| ipv6/address/ip | ipAddressAddrType | | ipv6/address/ip | ipAddressAddrType |
| | ipAddressAddr | | | ipAddressAddr |
| ipv6/neighbor | ipNetToPhysicalEntry | | ipv6/neighbor | ipNetToPhysicalEntry |
| ipv6/neighbor/link-layer-address | ipNetToPhysicalPhysAddress | | ipv6/neighbor/link-layer-address | ipNetToPhysicalPhysAddress |
| ipv6/neighbor/origin | ipNetToPhysicalType | | ipv6/neighbor/origin | ipNetToPhysicalType |
+----------------------------------+--------------------------------+ +----------------------------------+--------------------------------+
YANG interface configuration data nodes and related IP-MIB objects YANG Interface Configuration Data Nodes and Related IP-MIB Objects
+-----------------------------------+-------------------------------+ +-----------------------------------+-------------------------------+
| YANG data node in | IP-MIB object | | YANG data node in | IP-MIB object |
| /if:interfaces-state/if:interface | | | /if:interfaces-state/if:interface | |
+-----------------------------------+-------------------------------+ +-----------------------------------+-------------------------------+
| ipv4 | ipv4InterfaceEnableStatus | | ipv4 | ipv4InterfaceEnableStatus |
| ipv4/address | ipAddressEntry | | ipv4/address | ipAddressEntry |
| ipv4/address/ip | ipAddressAddrType | | ipv4/address/ip | ipAddressAddrType |
| | ipAddressAddr | | | ipAddressAddr |
| ipv4/address/origin | ipAddressOrigin | | ipv4/address/origin | ipAddressOrigin |
| ipv4/neighbor | ipNetToPhysicalEntry | | ipv4/neighbor | ipNetToPhysicalEntry |
| ipv4/neighbor/ip | ipNetToPhysicalNetAddressType | | ipv4/neighbor/ip | ipNetToPhysicalNetAddressType |
| | ipNetToPhysicalNetAddressAddr | | | ipNetToPhysicalNetAddress |
| ipv4/neighbor/link-layer-address | ipNetToPhysicalPhysAddress | | ipv4/neighbor/link-layer-address | ipNetToPhysicalPhysAddress |
| ipv4/neighbor/origin | ipNetToPhysicalType | | ipv4/neighbor/origin | ipNetToPhysicalType |
| | |
| ipv6 | ipv6InterfaceEnableStatus | | ipv6 | ipv6InterfaceEnableStatus |
| ipv6/forwarding | ipv6InterfaceForwarding | | ipv6/forwarding | ipv6InterfaceForwarding |
| ipv6/address | ipAddressEntry | | ipv6/address | ipAddressEntry |
| ipv6/address/ip | ipAddressAddrType | | ipv6/address/ip | ipAddressAddrType |
| | ipAddressAddr | | | ipAddressAddr |
| ipv6/address/origin | ipAddressOrigin | | ipv6/address/origin | ipAddressOrigin |
| ipv6/address/status | ipAddressStatus | | ipv6/address/status | ipAddressStatus |
| ipv6/neighbor | ipNetToPhysicalEntry | | ipv6/neighbor | ipNetToPhysicalEntry |
| ipv6/neighbor/ip | ipNetToPhysicalNetAddressType | | ipv6/neighbor/ip | ipNetToPhysicalNetAddressType |
| | ipNetToPhysicalNetAddressAddr | | | ipNetToPhysicalNetAddress |
| ipv6/neighbor/link-layer-address | ipNetToPhysicalPhysAddress | | ipv6/neighbor/link-layer-address | ipNetToPhysicalPhysAddress |
| ipv6/neighbor/origin | ipNetToPhysicalType | | ipv6/neighbor/origin | ipNetToPhysicalType |
| ipv6/neighbor/state | ipNetToPhysicalState | | ipv6/neighbor/state | ipNetToPhysicalState |
+-----------------------------------+-------------------------------+ +-----------------------------------+-------------------------------+
YANG interface state data nodes and related IP-MIB objects YANG Interface State Data Nodes and Related IP-MIB Objects
4. IP management YANG Module
This module imports typedefs from [RFC6991] and 4. IP Management YANG Module
[I-D.ietf-netmod-interfaces-cfg], and references [RFC0791],
[RFC0826], [RFC2460], [RFC4861], [RFC4862], [RFC4941] and
[I-D.ietf-6man-stable-privacy-addresses].
RFC Ed.: update the date below with the date of RFC publication and This module imports typedefs from [RFC6991] and [RFC7223], and it
remove this note. references [RFC0791], [RFC0826], [RFC2460], [RFC4861], [RFC4862],
[RFC4941], and [RFC7217].
<CODE BEGINS> file "ietf-ip@2014-03-28.yang" <CODE BEGINS> file "ietf-ip@2014-06-16.yang"
module ietf-ip { module ietf-ip {
namespace "urn:ietf:params:xml:ns:yang:ietf-ip"; namespace "urn:ietf:params:xml:ns:yang:ietf-ip";
prefix ip; prefix ip;
import ietf-interfaces {
prefix if;
}
import ietf-inet-types {
prefix inet;
}
import ietf-yang-types {
prefix yang;
}
organization
"IETF NETMOD (NETCONF Data Modeling Language) Working Group";
contact
"WG Web: <http://tools.ietf.org/wg/netmod/>
WG List: <mailto:netmod@ietf.org>
WG Chair: Thomas Nadeau import ietf-interfaces {
<mailto:tnadeau@lucidvision.com> prefix if;
}
import ietf-inet-types {
prefix inet;
}
import ietf-yang-types {
prefix yang;
}
WG Chair: Juergen Schoenwaelder organization
<mailto:j.schoenwaelder@jacobs-university.de> "IETF NETMOD (NETCONF Data Modeling Language) Working Group";
Editor: Martin Bjorklund contact
<mailto:mbj@tail-f.com>"; "WG Web: <http://tools.ietf.org/wg/netmod/>
WG List: <mailto:netmod@ietf.org>
description WG Chair: Thomas Nadeau
"This module contains a collection of YANG definitions for <mailto:tnadeau@lucidvision.com>
configuring IP implementations.
Copyright (c) 2013 IETF Trust and the persons identified as WG Chair: Juergen Schoenwaelder
authors of the code. All rights reserved. <mailto:j.schoenwaelder@jacobs-university.de>
Redistribution and use in source and binary forms, with or Editor: Martin Bjorklund
without modification, is permitted pursuant to, and subject <mailto:mbj@tail-f.com>";
to the license terms contained in, the Simplified BSD License
set forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(http://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX; see description
the RFC itself for full legal notices."; "This module contains a collection of YANG definitions for
configuring IP implementations.
// RFC Ed.: replace XXXX with actual RFC number and remove this Copyright (c) 2014 IETF Trust and the persons identified as
// note. authors of the code. All rights reserved.
// RFC Ed.: update the date below with the date of RFC publication Redistribution and use in source and binary forms, with or
// and remove this note. without modification, is permitted pursuant to, and subject
revision 2014-03-28 { to the license terms contained in, the Simplified BSD License
description set forth in Section 4.c of the IETF Trust's Legal Provisions
"Initial revision."; Relating to IETF Documents
reference (http://trustee.ietf.org/license-info).
"RFC XXXX: A YANG Data Model for IP Management";
}
/* This version of this YANG module is part of RFC 7277; see
* Features the RFC itself for full legal notices.";
*/
feature ipv4-non-contiguous-netmasks { revision 2014-06-16 {
description description
"Indicates support for configuring non-contiguous "Initial revision.";
subnet masks."; reference
} "RFC 7277: A YANG Data Model for IP Management";
}
feature ipv6-privacy-autoconf { /*
description
"Indicates support for Privacy Extensions for Stateless Address
Autoconfiguration in IPv6.";
reference
"RFC 4941: Privacy Extensions for Stateless Address
Autoconfiguration in IPv6";
}
/* * Features
* Typedefs */
*/
typedef ip-address-origin { feature ipv4-non-contiguous-netmasks {
type enumeration { description
enum other { "Indicates support for configuring non-contiguous
description subnet masks.";
"None of the following."; }
}
enum static {
description
"Indicates that the address has been statically
configured, for example using NETCONF or a Command Line
Interface.";
}
enum dhcp {
description
"Indicates an address that has been assigned to this
system by a DHCP server.";
}
enum link-layer {
description
"Indicates an address created by IPv6 stateless
auto-configuration that embeds a link-layer address in its
interface identifier.";
}
enum random {
description
"Indicates an address chosen by the system at
random, e.g., an IPv4 address within 169.254/16, an
RFC 4941 temporary address, or a semantically opaque
address [I-D.ietf-6man-stable-privacy-addresses]";
}
}
description
"The origin of an address.";
}
typedef neighbor-origin { feature ipv6-privacy-autoconf {
type enumeration { description
enum other { "Indicates support for Privacy Extensions for Stateless Address
description Autoconfiguration in IPv6.";
"None of the following."; reference
} "RFC 4941: Privacy Extensions for Stateless Address
enum static { Autoconfiguration in IPv6";
description }
"Indicates that the mapping has been statically /*
configured, for example using NETCONF or a Command Line * Typedefs
Interface."; */
}
enum dynamic {
description
"Indicates that the mapping has been dynamically resolved
using e.g., IPv4 ARP or the IPv6 Neighbor Discovery
protocol.";
}
}
description
"The origin of a neighbor entry.";
}
/* typedef ip-address-origin {
* Configuration data nodes type enumeration {
*/ enum other {
description
"None of the following.";
}
enum static {
description
"Indicates that the address has been statically
configured - for example, using NETCONF or a Command Line
Interface.";
}
enum dhcp {
description
"Indicates an address that has been assigned to this
system by a DHCP server.";
}
enum link-layer {
description
"Indicates an address created by IPv6 stateless
autoconfiguration that embeds a link-layer address in its
interface identifier.";
}
enum random {
description
"Indicates an address chosen by the system at
augment "/if:interfaces/if:interface" { random, e.g., an IPv4 address within 169.254/16, an
description RFC 4941 temporary address, or an RFC 7217 semantically
"Parameters for configuring IP on interfaces. opaque address.";
reference
"RFC 4941: Privacy Extensions for Stateless Address
Autoconfiguration in IPv6
RFC 7217: A Method for Generating Semantically Opaque
Interface Identifiers with IPv6 Stateless
Address Autoconfiguration (SLAAC)";
}
}
description
"The origin of an address.";
}
typedef neighbor-origin {
type enumeration {
enum other {
description
"None of the following.";
}
enum static {
description
"Indicates that the mapping has been statically
configured - for example, using NETCONF or a Command Line
Interface.";
}
enum dynamic {
description
"Indicates that the mapping has been dynamically resolved
using, e.g., IPv4 ARP or the IPv6 Neighbor Discovery
protocol.";
}
}
description
"The origin of a neighbor entry.";
}
If an interface is not capable of running IP, the server /*
must not allow the client to configure these parameters."; * Configuration data nodes
*/
container ipv4 { augment "/if:interfaces/if:interface" {
presence description
"Enables IPv4 unless the 'enabled' leaf "Parameters for configuring IP on interfaces.
(which defaults to 'true') is set to 'false'";
description
"Parameters for the IPv4 address family.";
leaf enabled { If an interface is not capable of running IP, the server
type boolean; must not allow the client to configure these parameters.";
default true;
description
"Controls if IPv4 is enabled or disabled on this
interface. When IPv4 is enabled, this interface is
connected to an IPv4 stack, and the interface can send
and receive IPv4 packets.";
}
leaf forwarding {
type boolean;
default false;
description
"Controls IPv4 packet forwarding of datagrams received by,
but not addressed to, this interface. IPv4 routers
forward datagrams. IPv4 hosts do not (except those
source-routed via the host)";
}
leaf mtu {
type uint16 {
range "68..max";
} container ipv4 {
units octets; presence
description "Enables IPv4 unless the 'enabled' leaf
"The size, in octets, of the largest IPv4 packet that the (which defaults to 'true') is set to 'false'";
interface will send and receive. description
"Parameters for the IPv4 address family.";
The server may restrict the allowed values for this leaf leaf enabled {
depending on the interface's type. type boolean;
default true;
description
"Controls whether IPv4 is enabled or disabled on this
interface. When IPv4 is enabled, this interface is
connected to an IPv4 stack, and the interface can send
and receive IPv4 packets.";
}
leaf forwarding {
type boolean;
default false;
description
"Controls IPv4 packet forwarding of datagrams received by,
but not addressed to, this interface. IPv4 routers
forward datagrams. IPv4 hosts do not (except those
source-routed via the host).";
}
leaf mtu {
type uint16 {
range "68..max";
}
units octets;
description
"The size, in octets, of the largest IPv4 packet that the
interface will send and receive.
If this leaf is not configured, the operationally used mtu The server may restrict the allowed values for this leaf,
depends on the interface's type."; depending on the interface's type.
reference
"RFC 791: Internet Protocol";
}
list address {
key "ip";
description
"The list of configured IPv4 addresses on the interface.";
leaf ip { If this leaf is not configured, the operationally used MTU
type inet:ipv4-address-no-zone; depends on the interface's type.";
description reference
"The IPv4 address on the interface."; "RFC 791: Internet Protocol";
} }
choice subnet { list address {
mandatory true; key "ip";
description description
"The subnet can be specified as a prefix-length, or, "The list of configured IPv4 addresses on the interface.";
if the server supports non-contiguous netmasks, as
a netmask.";
leaf prefix-length {
type uint8 {
range "0..32";
}
description
"The length of the subnet prefix.";
}
leaf netmask {
if-feature ipv4-non-contiguous-netmasks;
type yang:dotted-quad;
description
"The subnet specified as a netmask.";
}
}
}
list neighbor {
key "ip";
description
"A list of mappings from IPv4 addresses to
link-layer addresses.
Entries in this list are used as static entries in the leaf ip {
ARP cache."; type inet:ipv4-address-no-zone;
reference description
"RFC 826: An Ethernet Address Resolution Protocol"; "The IPv4 address on the interface.";
}
choice subnet {
mandatory true;
description
"The subnet can be specified as a prefix-length, or,
if the server supports non-contiguous netmasks, as
a netmask.";
leaf prefix-length {
type uint8 {
range "0..32";
}
description
"The length of the subnet prefix.";
}
leaf netmask {
if-feature ipv4-non-contiguous-netmasks;
type yang:dotted-quad;
description
"The subnet specified as a netmask.";
}
}
}
list neighbor {
key "ip";
description
"A list of mappings from IPv4 addresses to
link-layer addresses.
leaf ip { Entries in this list are used as static entries in the
type inet:ipv4-address-no-zone; ARP Cache.";
description reference
"The IPv4 address of the neighbor node."; "RFC 826: An Ethernet Address Resolution Protocol";
}
leaf link-layer-address {
type yang:phys-address;
mandatory true;
description
"The link-layer address of the neighbor node.";
}
}
} leaf ip {
container ipv6 { type inet:ipv4-address-no-zone;
presence description
"Enables IPv6 unless the 'enabled' leaf "The IPv4 address of the neighbor node.";
(which defaults to 'true') is set to 'false'"; }
description leaf link-layer-address {
"Parameters for the IPv6 address family."; type yang:phys-address;
mandatory true;
description
"The link-layer address of the neighbor node.";
}
}
leaf enabled { }
type boolean; container ipv6 {
default true; presence
description "Enables IPv6 unless the 'enabled' leaf
"Controls if IPv6 is enabled or disabled on this (which defaults to 'true') is set to 'false'";
interface. When IPv6 is enabled, this interface is description
connected to an IPv6 stack, and the interface can send "Parameters for the IPv6 address family.";
and receive IPv6 packets.";
}
leaf forwarding {
type boolean;
default false;
description
"Controls IPv6 packet forwarding of datagrams received by,
but not addressed to, this interface. IPv6 routers
forward datagrams. IPv6 hosts do not (except those
source-routed via the host)";
reference
"RFC 4861: Neighbor Discovery for IP version 6 (IPv6)
Section 6.2.1, IsRouter";
}
leaf mtu {
type uint32 {
range "1280..max";
}
units octets;
description
"The size, in octets, of the largest IPv6 packet that the
interface will send and receive.
The server may restrict the allowed values for this leaf leaf enabled {
depending on the interface's type. type boolean;
default true;
description
"Controls whether IPv6 is enabled or disabled on this
interface. When IPv6 is enabled, this interface is
connected to an IPv6 stack, and the interface can send
and receive IPv6 packets.";
}
leaf forwarding {
type boolean;
default false;
description
"Controls IPv6 packet forwarding of datagrams received by,
but not addressed to, this interface. IPv6 routers
forward datagrams. IPv6 hosts do not (except those
source-routed via the host).";
reference
"RFC 4861: Neighbor Discovery for IP version 6 (IPv6)
Section 6.2.1, IsRouter";
}
leaf mtu {
type uint32 {
range "1280..max";
}
units octets;
description
"The size, in octets, of the largest IPv6 packet that the
interface will send and receive.
If this leaf is not configured, the operationally used mtu The server may restrict the allowed values for this leaf,
depends on the interface's type."; depending on the interface's type.
reference
"RFC 2460: IPv6 Specification
Section 5";
}
list address {
key "ip";
description
"The list of configured IPv6 addresses on the interface.";
leaf ip { If this leaf is not configured, the operationally used MTU
type inet:ipv6-address-no-zone; depends on the interface's type.";
description reference
"The IPv6 address on the interface."; "RFC 2460: Internet Protocol, Version 6 (IPv6) Specification
} Section 5";
leaf prefix-length { }
type uint8 { list address {
range "0..128"; key "ip";
} description
mandatory true; "The list of configured IPv6 addresses on the interface.";
description
"The length of the subnet prefix.";
}
}
list neighbor {
key "ip";
description
"A list of mappings from IPv6 addresses to
link-layer addresses.
Entries in this list are used as static entries in the leaf ip {
Neighbor Cache."; type inet:ipv6-address-no-zone;
reference description
"RFC 4861: Neighbor Discovery for IP version 6 (IPv6)"; "The IPv6 address on the interface.";
}
leaf prefix-length {
type uint8 {
range "0..128";
}
mandatory true;
description
"The length of the subnet prefix.";
}
}
list neighbor {
key "ip";
description
"A list of mappings from IPv6 addresses to
link-layer addresses.
leaf ip { Entries in this list are used as static entries in the
type inet:ipv6-address-no-zone; Neighbor Cache.";
description reference
"The IPv6 address of the neighbor node."; "RFC 4861: Neighbor Discovery for IP version 6 (IPv6)";
}
leaf link-layer-address {
type yang:phys-address;
mandatory true;
description
"The link-layer address of the neighbor node.";
}
}
leaf dup-addr-detect-transmits {
type uint32;
default 1;
description
"The number of consecutive Neighbor Solicitation messages
sent while performing Duplicate Address Detection on a
tentative address. A value of zero indicates that
Duplicate Address Detection is not performed on
tentative addresses. A value of one indicates a single
transmission with no follow-up retransmissions.";
reference
"RFC 4862: IPv6 Stateless Address Autoconfiguration";
}
container autoconf {
description
"Parameters to control the autoconfiguration of IPv6
addresses, as described in RFC 4862.";
reference
"RFC 4862: IPv6 Stateless Address Autoconfiguration";
leaf create-global-addresses { leaf ip {
type boolean; type inet:ipv6-address-no-zone;
default true; description
description "The IPv6 address of the neighbor node.";
"If enabled, the host creates global addresses as }
described in section 5.5 of RFC 4862."; leaf link-layer-address {
reference type yang:phys-address;
"RFC 4862: IPv6 Stateless Address Autoconfiguration"; mandatory true;
} description
leaf create-temporary-addresses { "The link-layer address of the neighbor node.";
if-feature ipv6-privacy-autoconf; }
type boolean; }
default false; leaf dup-addr-detect-transmits {
description type uint32;
"If enabled, the host creates temporary addresses as default 1;
described in RFC 4941."; description
reference "The number of consecutive Neighbor Solicitation messages
"RFC 4941: Privacy Extensions for Stateless Address sent while performing Duplicate Address Detection on a
Autoconfiguration in IPv6"; tentative address. A value of zero indicates that
} Duplicate Address Detection is not performed on
leaf temporary-valid-lifetime { tentative addresses. A value of one indicates a single
if-feature ipv6-privacy-autoconf; transmission with no follow-up retransmissions.";
type uint32; reference
units "seconds"; "RFC 4862: IPv6 Stateless Address Autoconfiguration";
default 604800; }
description container autoconf {
"The time period during which the temporary address description
is valid."; "Parameters to control the autoconfiguration of IPv6
reference addresses, as described in RFC 4862.";
"RFC 4941: Privacy Extensions for Stateless Address reference
Autoconfiguration in IPv6 "RFC 4862: IPv6 Stateless Address Autoconfiguration";
- TEMP_VALID_LIFETIME";
}
leaf temporary-preferred-lifetime {
if-feature ipv6-privacy-autoconf;
type uint32;
units "seconds";
default 86400;
description
"The time period during which the temporary address is
preferred.";
reference
"RFC 4941: Privacy Extensions for Stateless Address
Autoconfiguration in IPv6
- TEMP_PREFERRED_LIFETIME";
}
}
}
}
/* leaf create-global-addresses {
* Operational state data nodes type boolean;
*/ default true;
description
"If enabled, the host creates global addresses as
described in RFC 4862.";
reference
"RFC 4862: IPv6 Stateless Address Autoconfiguration
Section 5.5";
}
leaf create-temporary-addresses {
if-feature ipv6-privacy-autoconf;
type boolean;
default false;
description
"If enabled, the host creates temporary addresses as
described in RFC 4941.";
reference
"RFC 4941: Privacy Extensions for Stateless Address
Autoconfiguration in IPv6";
}
leaf temporary-valid-lifetime {
if-feature ipv6-privacy-autoconf;
type uint32;
units "seconds";
default 604800;
description
"The time period during which the temporary address
is valid.";
reference
"RFC 4941: Privacy Extensions for Stateless Address
Autoconfiguration in IPv6
- TEMP_VALID_LIFETIME";
}
leaf temporary-preferred-lifetime {
if-feature ipv6-privacy-autoconf;
type uint32;
units "seconds";
default 86400;
description
"The time period during which the temporary address is
preferred.";
reference
"RFC 4941: Privacy Extensions for Stateless Address
Autoconfiguration in IPv6
- TEMP_PREFERRED_LIFETIME";
}
}
}
}
augment "/if:interfaces-state/if:interface" { /*
description * Operational state data nodes
"Data nodes for the operational state of IP on interfaces."; */
container ipv4 { augment "/if:interfaces-state/if:interface" {
presence "Present if IPv4 is enabled on this interface"; description
config false; "Data nodes for the operational state of IP on interfaces.";
description
"Interface specific parameters for the IPv4 address family.";
leaf forwarding { container ipv4 {
type boolean; presence "Present if IPv4 is enabled on this interface";
description config false;
"Indicates if IPv4 packet forwarding is enabled or disabled description
on this interface."; "Interface-specific parameters for the IPv4 address family.";
}
leaf mtu {
type uint16 {
range "68..max";
}
units octets;
description
"The size, in octets, of the largest IPv4 packet that the
interface will send and receive.";
reference
"RFC 791: Internet Protocol";
}
list address {
key "ip";
description
"The list of IPv4 addresses on the interface.";
leaf ip { leaf forwarding {
type inet:ipv4-address-no-zone; type boolean;
description description
"The IPv4 address on the interface."; "Indicates whether IPv4 packet forwarding is enabled or
} disabled on this interface.";
choice subnet { }
description leaf mtu {
"The subnet can be specified as a prefix-length, or, type uint16 {
if the server supports non-contiguous netmasks, as range "68..max";
a netmask."; }
leaf prefix-length { units octets;
type uint8 { description
range "0..32"; "The size, in octets, of the largest IPv4 packet that the
} interface will send and receive.";
description reference
"The length of the subnet prefix."; "RFC 791: Internet Protocol";
} }
leaf netmask { list address {
if-feature ipv4-non-contiguous-netmasks; key "ip";
type yang:dotted-quad; description
description "The list of IPv4 addresses on the interface.";
"The subnet specified as a netmask.";
}
}
leaf origin {
type ip-address-origin;
description
"The origin of this address.";
}
}
list neighbor {
key "ip";
description
"A list of mappings from IPv4 addresses to
link-layer addresses.
This list represents the ARP Cache."; leaf ip {
reference type inet:ipv4-address-no-zone;
"RFC 826: An Ethernet Address Resolution Protocol"; description
"The IPv4 address on the interface.";
}
choice subnet {
description
"The subnet can be specified as a prefix-length, or,
if the server supports non-contiguous netmasks, as
a netmask.";
leaf prefix-length {
type uint8 {
range "0..32";
}
description
"The length of the subnet prefix.";
}
leaf netmask {
if-feature ipv4-non-contiguous-netmasks;
type yang:dotted-quad;
description
"The subnet specified as a netmask.";
}
}
leaf origin {
type ip-address-origin;
description
"The origin of this address.";
}
}
list neighbor {
key "ip";
description
"A list of mappings from IPv4 addresses to
link-layer addresses.
leaf ip { This list represents the ARP Cache.";
type inet:ipv4-address-no-zone; reference
description "RFC 826: An Ethernet Address Resolution Protocol";
"The IPv4 address of the neighbor node.";
}
leaf link-layer-address {
type yang:phys-address;
description
"The link-layer address of the neighbor node.";
}
leaf origin {
type neighbor-origin;
description
"The origin of this neighbor entry.";
}
}
} leaf ip {
type inet:ipv4-address-no-zone;
description
"The IPv4 address of the neighbor node.";
}
leaf link-layer-address {
type yang:phys-address;
description
"The link-layer address of the neighbor node.";
}
leaf origin {
type neighbor-origin;
description
"The origin of this neighbor entry.";
}
}
container ipv6 { }
presence "Present if IPv6 is enabled on this interface";
config false;
description
"Parameters for the IPv6 address family.";
leaf forwarding { container ipv6 {
type boolean; presence "Present if IPv6 is enabled on this interface";
default false; config false;
description description
"Indicates if IPv6 packet forwarding is enabled or disabled "Parameters for the IPv6 address family.";
on this interface.";
reference
"RFC 4861: Neighbor Discovery for IP version 6 (IPv6)
Section 6.2.1, IsRouter";
}
leaf mtu {
type uint32 {
range "1280..max";
}
units octets;
description
"The size, in octets, of the largest IPv6 packet that the
interface will send and receive.";
reference
"RFC 2460: IPv6 Specification
Section 5";
}
list address {
key "ip";
description
"The list of IPv6 addresses on the interface.";
leaf ip { leaf forwarding {
type inet:ipv6-address-no-zone; type boolean;
description default false;
"The IPv6 address on the interface."; description
} "Indicates whether IPv6 packet forwarding is enabled or
leaf prefix-length { disabled on this interface.";
type uint8 { reference
range "0..128"; "RFC 4861: Neighbor Discovery for IP version 6 (IPv6)
} Section 6.2.1, IsRouter";
mandatory true; }
description leaf mtu {
"The length of the subnet prefix."; type uint32 {
} range "1280..max";
leaf origin { }
type ip-address-origin; units octets;
description description
"The origin of this address."; "The size, in octets, of the largest IPv6 packet that the
} interface will send and receive.";
leaf status { reference
type enumeration { "RFC 2460: Internet Protocol, Version 6 (IPv6) Specification
enum preferred { Section 5";
description }
"This is a valid address that can appear as the list address {
destination or source address of a packet."; key "ip";
} description
enum deprecated { "The list of IPv6 addresses on the interface.";
description
"This is a valid but deprecated address that should
no longer be used as a source address in new
communications, but packets addressed to such an
address are processed as expected.";
}
enum invalid {
description
"This isn't a valid address and it shouldn't appear
as the destination or source address of a packet.";
}
enum inaccessible {
description
"The address is not accessible because the interface
to which this address is assigned is not
operational.";
}
enum unknown {
description
"The status cannot be determined for some reason.";
}
enum tentative {
description
"The uniqueness of the address on the link is being
verified. Addresses in this state should not be
used for general communication and should only be
used to determine the uniqueness of the address.";
}
enum duplicate {
description
"The address has been determined to be non-unique on
the link and so must not be used.";
}
enum optimistic {
description
"The address is available for use, subject to
restrictions, while its uniqueness on a link is
being verified.";
}
}
description
"The status of an address. Most of the states correspond
to states from the IPv6 Stateless Address
Autoconfiguration protocol.";
reference
"RFC 4293: Management Information Base for the
Internet Protocol (IP)
- IpAddressStatusTC
RFC 4862: IPv6 Stateless Address Autoconfiguration";
}
} leaf ip {
list neighbor { type inet:ipv6-address-no-zone;
key "ip"; description
description "The IPv6 address on the interface.";
"A list of mappings from IPv6 addresses to }
link-layer addresses. leaf prefix-length {
type uint8 {
range "0..128";
}
mandatory true;
description
"The length of the subnet prefix.";
}
leaf origin {
type ip-address-origin;
description
"The origin of this address.";
}
leaf status {
type enumeration {
enum preferred {
description
"This is a valid address that can appear as the
destination or source address of a packet.";
}
enum deprecated {
description
"This is a valid but deprecated address that should
no longer be used as a source address in new
communications, but packets addressed to such an
address are processed as expected.";
}
enum invalid {
description
"This isn't a valid address, and it shouldn't appear
as the destination or source address of a packet.";
}
enum inaccessible {
description
"The address is not accessible because the interface
to which this address is assigned is not
operational.";
}
enum unknown {
description
"The status cannot be determined for some reason.";
}
enum tentative {
description
"The uniqueness of the address on the link is being
verified. Addresses in this state should not be
used for general communication and should only be
used to determine the uniqueness of the address.";
}
enum duplicate {
description
"The address has been determined to be non-unique on
the link and so must not be used.";
}
enum optimistic {
description
"The address is available for use, subject to
restrictions, while its uniqueness on a link is
being verified.";
}
}
description
"The status of an address. Most of the states correspond
to states from the IPv6 Stateless Address
Autoconfiguration protocol.";
reference
"RFC 4293: Management Information Base for the
Internet Protocol (IP)
- IpAddressStatusTC
RFC 4862: IPv6 Stateless Address Autoconfiguration";
}
}
list neighbor {
key "ip";
description
"A list of mappings from IPv6 addresses to
link-layer addresses.
This list represents the Neighbor Cache."; This list represents the Neighbor Cache.";
reference reference
"RFC 4861: Neighbor Discovery for IP version 6 (IPv6)"; "RFC 4861: Neighbor Discovery for IP version 6 (IPv6)";
leaf ip { leaf ip {
type inet:ipv6-address-no-zone; type inet:ipv6-address-no-zone;
description description
"The IPv6 address of the neighbor node."; "The IPv6 address of the neighbor node.";
} }
leaf link-layer-address { leaf link-layer-address {
type yang:phys-address; type yang:phys-address;
description description
"The link-layer address of the neighbor node."; "The link-layer address of the neighbor node.";
} }
leaf origin { leaf origin {
type neighbor-origin; type neighbor-origin;
description description
"The origin of this neighbor entry."; "The origin of this neighbor entry.";
} }
leaf is-router { leaf is-router {
type empty; type empty;
description description
"Indicates that the neighbor node acts as a router."; "Indicates that the neighbor node acts as a router.";
} }
leaf state { leaf state {
type enumeration { type enumeration {
enum incomplete { enum incomplete {
description description
"Address resolution is in progress and the link-layer "Address resolution is in progress, and the link-layer
address of the neighbor has not yet been address of the neighbor has not yet been
determined."; determined.";
} }
enum reachable { enum reachable {
description description
"Roughly speaking, the neighbor is known to have been "Roughly speaking, the neighbor is known to have been
reachable recently (within tens of seconds ago)."; reachable recently (within tens of seconds ago).";
} }
enum stale { enum stale {
description description
"The neighbor is no longer known to be reachable but "The neighbor is no longer known to be reachable, but
until traffic is sent to the neighbor, no attempt until traffic is sent to the neighbor no attempt
should be made to verify its reachability."; should be made to verify its reachability.";
} }
enum delay { enum delay {
description description
"The neighbor is no longer known to be reachable, and "The neighbor is no longer known to be reachable, and
traffic has recently been sent to the neighbor. traffic has recently been sent to the neighbor.
Rather than probe the neighbor immediately, however, Rather than probe the neighbor immediately, however,
delay sending probes for a short while in order to delay sending probes for a short while in order to
give upper-layer protocols a chance to provide give upper-layer protocols a chance to provide
reachability confirmation."; reachability confirmation.";
} }
enum probe { enum probe {
description description
"The neighbor is no longer known to be reachable, and "The neighbor is no longer known to be reachable, and
unicast Neighbor Solicitation probes are being sent unicast Neighbor Solicitation probes are being sent
to verify reachability."; to verify reachability.";
} }
} }
description description
"The Neighbor Unreachability Detection state of this "The Neighbor Unreachability Detection state of this
entry."; entry.";
reference reference
"RFC 4861: Neighbor Discovery for IP version 6 (IPv6) "RFC 4861: Neighbor Discovery for IP version 6 (IPv6)
Section 7.3.2"; Section 7.3.2";
} }
} }
} }
} }
} }
<CODE ENDS> <CODE ENDS>
5. IANA Considerations 5. IANA Considerations
This document registers a URI in the IETF XML registry [RFC3688]. This document registers a URI in the "IETF XML Registry" [RFC3688].
Following the format in RFC 3688, the following registration is Following the format in RFC 3688, the following registration has been
requested to be made. made.
URI: urn:ietf:params:xml:ns:yang:ietf-ip URI: urn:ietf:params:xml:ns:yang:ietf-ip
Registrant Contact: The NETMOD WG of the IETF. Registrant Contact: The NETMOD WG of the IETF.
XML: N/A, the requested URI is an XML namespace. XML: N/A; the requested URI is an XML namespace.
This document registers a YANG module in the YANG Module Names This document registers a YANG module in the "YANG Module Names"
registry [RFC6020]. registry [RFC6020].
name: ietf-ip Name: ietf-ip
namespace: urn:ietf:params:xml:ns:yang:ietf-ip Namespace: urn:ietf:params:xml:ns:yang:ietf-ip
prefix: ip Prefix: ip
reference: RFC XXXX Reference: RFC 7277
6. Security Considerations 6. Security Considerations
The YANG module defined in this memo is designed to be accessed via The YANG module defined in this memo is designed to be accessed via
the NETCONF protocol [RFC6241]. The lowest NETCONF layer is the the NETCONF protocol [RFC6241]. The lowest NETCONF layer is the
secure transport layer and the mandatory-to-implement secure secure transport layer and the mandatory-to-implement secure
transport is SSH [RFC6242]. The NETCONF access control model transport is SSH [RFC6242]. The NETCONF access control model
[RFC6536] provides the means to restrict access for particular [RFC6536] provides the means to restrict access for particular
NETCONF users to a pre-configured subset of all available NETCONF NETCONF users to a pre-configured subset of all available NETCONF
protocol operations and content. protocol operations and content.
skipping to change at page 25, line 45 skipping to change at page 25, line 18
or accept (at least at the IP layer) messages it would otherwise or accept (at least at the IP layer) messages it would otherwise
ignore. The use of filtering or security associations may reduce ignore. The use of filtering or security associations may reduce
the potential damage in the latter case. the potential damage in the latter case.
ipv4/forwarding and ipv6/forwarding: These leafs allow a client to ipv4/forwarding and ipv6/forwarding: These leafs allow a client to
enable or disable the forwarding functions on the entity. By enable or disable the forwarding functions on the entity. By
disabling the forwarding functions, an attacker would possibly be disabling the forwarding functions, an attacker would possibly be
able to deny service to users. By enabling the forwarding able to deny service to users. By enabling the forwarding
functions, an attacker could open a conduit into an area. This functions, an attacker could open a conduit into an area. This
might result in the area providing transit for packets it might result in the area providing transit for packets it
shouldn't or might allow the attacker access to the area bypassing shouldn't, or it might allow the attacker access to the area,
security safeguards. bypassing security safeguards.
ipv6/autoconf: The leafs in this branch control the ipv6/autoconf: The leafs in this branch control the
autoconfiguration of IPv6 addresses and in particular whether autoconfiguration of IPv6 addresses and, in particular, whether or
temporary addresses are used or not. By modifying the not temporary addresses are used. By modifying the corresponding
corresponding leafs, an attacker might impact the addresses used leafs, an attacker might impact the addresses used by a node and
by a node and thus indirectly the privacy of the users using the thus indirectly the privacy of the users using the node.
node.
ipv4/mtu and ipv6/mtu: Setting these leafs to very small values can ipv4/mtu and ipv6/mtu: Setting these leafs to very small values can
be used to slow down interfaces. be used to slow down interfaces.
7. Acknowledgments 7. Acknowledgments
The author wishes to thank Jeffrey Lange, Ladislav Lhotka, Juergen The author wishes to thank Jeffrey Lange, Ladislav Lhotka, Juergen
Schoenwaelder, and Dave Thaler for their helpful comments. Schoenwaelder, and Dave Thaler for their helpful comments.
8. References 8. References
8.1. Normative References 8.1. Normative References
[I-D.ietf-netmod-interfaces-cfg]
Bjorklund, M., "A YANG Data Model for Interface
Configuration", draft-ietf-netmod-interfaces-cfg-12 (work
in progress), July 2012.
[RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791, [RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791,
September 1981. September 1981.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6
(IPv6) Specification", RFC 2460, December 1998. (IPv6) Specification", RFC 2460, December 1998.
[RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
January 2004. January 2004.
[RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman,
"Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861,
September 2007. September 2007.
skipping to change at page 28, line 48 skipping to change at page 26, line 23
Network Configuration Protocol (NETCONF)", RFC 6020, Network Configuration Protocol (NETCONF)", RFC 6020,
October 2010. October 2010.
[RFC6241] Enns, R., Bjorklund, M., Schoenwaelder, J., and A. [RFC6241] Enns, R., Bjorklund, M., Schoenwaelder, J., and A.
Bierman, "Network Configuration Protocol (NETCONF)", Bierman, "Network Configuration Protocol (NETCONF)",
RFC 6241, June 2011. RFC 6241, June 2011.
[RFC6991] Schoenwaelder, J., "Common YANG Data Types", RFC 6991, [RFC6991] Schoenwaelder, J., "Common YANG Data Types", RFC 6991,
July 2013. July 2013.
8.2. Informative References [RFC7223] Bjorklund, M., "A YANG Data Model for Interface
Management", RFC 7223, May 2014.
[I-D.ietf-6man-stable-privacy-addresses] [XML] Bray, T., Paoli, J., Sperberg-McQueen, C., Maler, E., and
Gont, F., "A Method for Generating Semantically Opaque F. Yergeau, "Extensible Markup Language (XML) 1.0 (Fifth
Interface Identifiers with IPv6 Stateless Address Edition)", W3C Recommendation, November 2008,
Autoconfiguration (SLAAC)", <http://www.w3.org/TR/xml/>.
draft-ietf-6man-stable-privacy-addresses-17 (work in
progress), January 2014.
[I-D.ietf-netmod-routing-cfg] 8.2. Informative References
Lhotka, L., "A YANG Data Model for Routing Configuration",
draft-ietf-netmod-routing-cfg-10 (work in progress),
July 2012.
[RFC0826] Plummer, D., "Ethernet Address Resolution Protocol: Or [RFC0826] Plummer, D., "Ethernet Address Resolution Protocol: Or
converting network protocol addresses to 48.bit Ethernet converting network protocol addresses to 48.bit Ethernet
address for transmission on Ethernet hardware", STD 37, address for transmission on Ethernet hardware", STD 37,
RFC 826, November 1982. RFC 826, November 1982.
[RFC4293] Routhier, S., "Management Information Base for the [RFC4293] Routhier, S., "Management Information Base for the
Internet Protocol (IP)", RFC 4293, April 2006. Internet Protocol (IP)", RFC 4293, April 2006.
[RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure
Shell (SSH)", RFC 6242, June 2011. Shell (SSH)", RFC 6242, June 2011.
[RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration
Protocol (NETCONF) Access Control Model", RFC 6536, Protocol (NETCONF) Access Control Model", RFC 6536,
March 2012. March 2012.
Appendix A. Example: NETCONF <get> reply [RFC7217] Gont, F., "A Method for Generating Semantically Opaque
Interface Identifiers with IPv6 Stateless Address
Autoconfiguration (SLAAC)", RFC 7217, April 2014.
[ROUTING-MGMT]
Lhotka, L., "A YANG Data Model for Routing Management",
Work in Progress, May 2014.
Appendix A. Example: NETCONF <get> Reply
This section gives an example of a reply to the NETCONF <get> request This section gives an example of a reply to the NETCONF <get> request
for a device that implements the data model defined in this document. for a device that implements the data model defined in this document.
The example is written in XML [XML].
<rpc-reply <rpc-reply
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"
message-id="101"> message-id="101">
<data> <data>
<interfaces <interfaces
xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces" xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"
xmlns:ianaift="urn:ietf:params:xml:ns:yang:iana-if-type"> xmlns:ianaift="urn:ietf:params:xml:ns:yang:iana-if-type">
<interface> <interface>
<name>eth0</name> <name>eth0</name>
<type>ianaift:ethernetCsmacd</type> <type>ianaift:ethernetCsmacd</type>
<ipv4 xmlns="urn:ietf:params:xml:ns:yang:ietf-ip"> <ipv4 xmlns="urn:ietf:params:xml:ns:yang:ietf-ip">
skipping to change at page 31, line 40 skipping to change at page 29, line 48
</neighbor> </neighbor>
<neighbor> <neighbor>
<ip>2001:db8::4</ip> <ip>2001:db8::4</ip>
<origin>dynamic</origin> <origin>dynamic</origin>
<state>incomplete</state> <state>incomplete</state>
</neighbor> </neighbor>
</ipv6> </ipv6>
</interface> </interface>
</interfaces-state> </interfaces-state>
</data> </data>
</rpc-reply> </rpc-reply>
Author's Address Author's Address
Martin Bjorklund Martin Bjorklund
Tail-f Systems Tail-f Systems
Email: mbj@tail-f.com EMail: mbj@tail-f.com
 End of changes. 96 change blocks. 
820 lines changed or deleted 805 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/