I2NSF NSF Monitoring Interface YANG Data Model
draft-ietf-i2nsf-nsf-monitoring-data-model-07
The information below is for an old version of the document.
Document | Type |
This is an older version of an Internet-Draft whose latest revision state is "Active".
|
|
---|---|---|---|
Authors | Jaehoon Paul Jeong , Patrick Lingga , Susan Hares , Liang Xia , Henk Birkholz | ||
Last updated | 2021-03-31 | ||
Replaces | draft-hong-i2nsf-nsf-monitoring-data-model | ||
RFC stream | Internet Engineering Task Force (IETF) | ||
Formats | |||
Reviews |
INTDIR Telechat review
(of
-14)
by Donald Eastlake
Ready w/issues
TSVART Last Call review
(of
-12)
by Kyle Rose
Ready w/nits
GENART Last Call review
(of
-12)
by Dale Worley
Ready w/issues
ARTART Last Call review
(of
-12)
by Valery Smyslov
Ready w/issues
YANGDOCTORS Last Call review
(of
-06)
by Andy Bierman
Ready w/issues
YANGDOCTORS Early review
(of
-04)
by Andy Bierman
Almost ready
|
||
Additional resources | Mailing list discussion | ||
Stream | WG state | Submitted to IESG for Publication | |
Document shepherd | Linda Dunbar | ||
Shepherd write-up | Show Last changed 2021-02-23 | ||
IESG | IESG state | Publication Requested | |
Consensus boilerplate | Unknown | ||
Telechat date | (None) | ||
Responsible AD | Roman Danyliw | ||
Send notices to | dunbar.ll@gmail.com |
draft-ietf-i2nsf-nsf-monitoring-data-model-07
Internet Engineering Task Force M. Veillette, Ed. Internet-Draft Trilliant Networks Inc. Intended status: Standards Track A. Pelov, Ed. Expires: June 22, 2019 I. Petrov, Ed. Acklio December 19, 2018 YANG Schema Item iDentifier (SID) draft-ietf-core-sid-05 Abstract YANG Schema Item iDentifiers (SID) are globally unique 64-bit unsigned numbers used to identify YANG items. This document defines the semantics, the registration, and assignment processes of SIDs. To enable the implementation of these processes, this document also defines a file format used to persist and publish assigned SIDs. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on June 22, 2019. Copyright Notice Copyright (c) 2018 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of Veillette, et al. Expires June 22, 2019 [Page 1] Internet-Draft YANG Schema Item iDentifier (SID) December 2018 the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Terminology and Notation . . . . . . . . . . . . . . . . . . 3 3. ".sid" file lifecycle . . . . . . . . . . . . . . . . . . . . 4 4. ".sid" file format . . . . . . . . . . . . . . . . . . . . . 7 5. Third party registries . . . . . . . . . . . . . . . . . . . 11 6. Security Considerations . . . . . . . . . . . . . . . . . . . 11 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 7.1. Module registration . . . . . . . . . . . . . . . . . . . 12 7.2. "SID mega-range" registry . . . . . . . . . . . . . . . . 12 7.2.1. "IANA SID Mega-Range" allocation . . . . . . . . . . 13 7.2.2. "RFC SID range assignment" sub-registry . . . . . . . 14 7.2.3. "Specification SID range assignment" sub-registry . . 14 7.3. "YANG module assignment" registry . . . . . . . . . . . . 15 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 15 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 16 9.1. Normative References . . . . . . . . . . . . . . . . . . 16 9.2. Informative References . . . . . . . . . . . . . . . . . 16 Appendix A. ".sid" file example . . . . . . . . . . . . . . . . 17 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 26 1. Introduction Some of the items defined in YANG [RFC7950] require the use of a unique identifier. In both NETCONF [RFC6241] and RESTCONF [RFC8040], these identifiers are implemented using names. To allow the implementation of data models defined in YANG in constrained devices and constrained networks, a more compact method to identify YANG items is required. This compact identifier, called SID, is encoded using a 64-bit unsigned integer. The following items are identified using SIDs: o identities o data nodes (Note: including those part of a YANG template as defined by the 'yang-data' extension.) o RPCs and associated input(s) and output(s) o actions and associated input(s) and output(s) o notifications and associated information o YANG modules, submodules and features Veillette, et al. Expires June 22, 2019 [Page 2] Internet-Draft YANG Schema Item iDentifier (SID) December 2018 To minimize their size, SIDs are often represented as a difference between the current SID and a reference SID. Such difference is called "delta", shorthand for "delta-encoded SID". Conversion from SIDs to deltas and back to SIDs is a stateless process. Each protocol implementing deltas must unambiguously define the reference SID for each YANG item. SIDs are globally unique numbers, a registration system is used in order to guarantee their uniqueness. SIDs are registered in blocks called "SID ranges". Assignment of SIDs to YANG items can be automated, the recommended process to assign SIDs is as follows: 1. A tool extracts the different items defined for a specific YANG module. 2. The list of items is sorted in alphabetical order, 'namespace' in descending order, 'identifier' in ascending order. The 'namespace' and 'identifier' formats are described in the YANG module 'ietf-sid-file' defined in Section 4. 3. SIDs are assigned sequentially from the entry point up to the size of the registered SID range. This approach is recommended to minimize the serialization overhead, especially when delta encoding is implemented. 4. If the number of items exceeds the SID range(s) allocated to a YANG module, an extra range is added for subsequent assignments. SIDs are assigned permanently, items introduced by a new revision of a YANG module are added to the list of SIDs already assigned. This process can also be automated using the same method described above, only unassigned YANG items are processed at step #3. Section 3 provides more details about the registration process of YANG modules and associated SIDs. To enable the implementation of this registry, Section 4 defines a standard file format used to store and publish SIDs. 2. Terminology and Notation The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. The following terms are defined in [RFC7950]: Veillette, et al. Expires June 22, 2019 [Page 3] quot;; uses dampening; uses enable-notification; } container i2nsf-nsf-detection-ddos { if-feature "i2nsf-nsf-detection-ddos"; description "The container for configuring I2NSF nsf-detection-ddos notification"; uses enable-notification; uses dampening; } container i2nsf-nsf-detection-session-table-configuration { description "The container for configuring I2NSF nsf-detection-session-table notification"; uses enable-notification; uses dampening; } container i2nsf-nsf-detection-virus { if-feature "i2nsf-nsf-detection-virus"; description "The container for configuring I2NSF nsf-detection-virus notification"; Jeong, et al. Expires October 2, 2021 [Page 71] Internet-Draft NSF Monitoring Interface YANG Data Model March 2021 uses enable-notification; uses dampening; } container i2nsf-nsf-detection-intrusion { if-feature "i2nsf-nsf-detection-intrusion"; description "The container for configuring I2NSF nsf-detection-intrusion notification"; uses enable-notification; uses dampening; } container i2nsf-nsf-detection-botnet { if-feature "i2nsf-nsf-detection-botnet"; description "The container for configuring I2NSF nsf-detection-botnet notification"; uses enable-notification; uses dampening; } container i2nsf-nsf-detection-web-attack { if-feature "i2nsf-nsf-detection-web-attack"; description "The container for configuring I2NSF nsf-detection-web-attack notification"; uses enable-notification; uses dampening; } container i2nsf-nsf-system-access-log { description "The container for configuring I2NSF system-access-log notification"; uses enable-notification; uses dampening; } container i2nsf-system-res-util-log { description "The container for configuring I2NSF system-res-util-log notification"; uses enable-notification; uses dampening; } container i2nsf-system-user-activity-log { description "The container for configuring I2NSF system-user-activity-log notification"; uses enable-notification; uses dampening; } Jeong, et al. Expires October 2, 2021 [Page 72] Internet-Draft NSF Monitoring Interface YANG Data Model March 2021 container i2nsf-nsf-log-dpi { if-feature "i2nsf-nsf-log-dpi"; description "The container for configuring I2NSF nsf-log-dpi notification"; uses enable-notification; uses dampening; } container i2nsf-nsf-log-vuln-scan { if-feature "i2nsf-nsf-log-vuln-scan"; description "The container for configuring I2NSF nsf-log-vuln-scan notification"; uses enable-notification; uses dampening; } container i2nsf-counter { description "This is used to configure the counters for monitoring an NSF"; leaf period { type uint16; units "minutes"; default 0; description "The configuration for the period interval of reporting the counter. If 0, then the counter period is disabled. If value is not 0, then the counter will be reported following the period value."; } } } } <CODE ENDS> Figure 2: Data Model of Monitoring 11. I2NSF Event Stream This section discusses the NETCONF event stream for I2NSF NSF Monitoring subscription. The YANG module in this document supports "ietf-subscribed-notifications" YANG module [RFC8639] for subscription. The reserved event stream name for this document is "I2NSF-Monitoring". The NETCONF Server (e.g., an NSF) MUST support "I2NSF-Monitoring" event stream for an NSF data collector (e.g., Security Controller and NSF data analyzer). The "I2NSF-Monitoring" event stream contains all I2NSF events described in this document. The following example shows the capabilities of the event streams of Jeong, et al. Expires October 2, 2021 [Page 73] Internet-Draft NSF Monitoring Interface YANG Data Model March 2021 an NSF (e.g., "NETCONF" and "I2NSF-Monitoring" event streams) by the subscription of an NSF data collector; note that this example XML file is delivered by an NSF to an NSF data collector: <?xml version="1.0" encoding="UTF-8"?> <rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1"> <data> <netconf xmlns="urn:ietf:params:xml:ns:netmod:notification"> <streams> <stream> <name>NETCONF</name> <description>Default NETCONF Event Stream</description> <replaySupport>false</replaySupport> </stream> <stream> <name>I2NSF-Monitoring</name> <description>I2NSF Monitoring Event Stream</description> <replaySupport>true</replaySupport> <replayLogCreationTime>2021-03-31T09:37:39+00:00</replayLogCreationTime> </stream> </streams> </netconf> </data> </rpc-reply> Figure 3: Example of NETCONF Server supporting I2NSF-Monitoring Event Stream 12. XML Examples for I2NSF NSF Monitoring This section shows the XML examples of I2NSF NSF Monitoring data delivered via Monitoring Interface from an NSF. 12.1. I2NSF System Detection Alarm The following example shows an alarm triggered by Memory Usage of the server; note that this example XML file is delivered by an NSF to an NSF data collector: Jeong, et al. Expires October 2, 2021 [Page 74] Internet-Draft NSF Monitoring Interface YANG Data Model March 2021 <?xml version="1.0" encoding="UTF-8"?> <notification xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0"> <eventTime>2021-03-31T07:43:52.181088+00:00</eventTime> <i2nsf-event xmlns="urn:ietf:params:xml:ns:yang:ietf-i2nsf-nsf-monitoring"> <i2nsf-system-detection-alarm> <alarm-category xmlns:nsfmi="urn:ietf:params:xml:ns:yang:ietf-i2nsf-nsf-monitoring"> nsfmi:mem-usage-alarm </alarm-category> <acquisition-method xmlns:nsfmi="urn:ietf:params:xml:ns:yang:ietf-i2nsf-nsf-monitoring"> nsfmi:subscription </acquisition-method> <emission-type xmlns:nsfmi="urn:ietf:params:xml:ns:yang:ietf-i2nsf-nsf-monitoring"> nsfmi:on-change </emission-type> <dampening-type xmlns:nsfmi="urn:ietf:params:xml:ns:yang:ietf-i2nsf-nsf-monitoring"> nsfmi:on-repetition </dampening-type> <usage>91</usage> <threshold>90</threshold> <message>Memory Usage Exceeded The Threshold</message> <nsf-name>time_based_firewall</nsf-name> <severity>high</severity> </i2nsf-system-detection-alarm> </i2nsf-event> </notification> Figure 4: Example of I2NSF System Detection Alarm triggered by Memory Usage The XML data above shows: 1. The NSF that sends the information is named "time_based_firewall". 2. The memory usage of the NSF triggered the alarm. 3. The monitoring information is received by subscription method. 4. The monitoring information is emitted "on-change". 5. The monitoring information is dampened "on-repetition". 6. The memory usage of the NSF is 91 percent. 7. The memory threshold to trigger the alarm is 90 percent. 8. The severity level of the notification is high. Jeong, et al. Expires October 2, 2021 [Page 75] Internet-Draft NSF Monitoring Interface YANG Data Model March 2021 12.2. I2NSF Interface Counters To get the I2NSF system interface counters information by query, NETCONF Client (e.g., NSF data collector) needs to initiate GET connection with NETCONF Server (e.g., NSF). The following XML file can be used to get the state data and filter the information. <?xml version="1.0" encoding="UTF-8"?> <rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1"> <get> <filter xmlns="urn:ietf:params:xml:ns:yang:ietf-i2nsf-nsf-monitoring"> <i2nsf-counters> <system-interface/> Internet-Draft YANG Schema Item iDentifier (SID) December 2018& o action o feature o module o notification o RPC o schema node o schema tree o submodule The following term is defined in [RFC8040]: o yang-data extension This specification also makes use of the following terminology: o delta : Difference between the current SID and a reference SID. Each protocol that uses delta encoded SIDs MUST define how the reference SID is obtained. o item: A schema node, an identity, a module, a submodule or a feature defined using the YANG modeling language. o path: A path is a string that identifies a schema node within the schema tree. A path consists of the list of schema node identifier(s) separated by slashes ("/"). Schema node identifier(s) are always listed from the top-level schema node up to the targeted schema node. (e.g. "/ietf-system:system- state/clock/current-datetime") o YANG Schema Item iDentifier (SID): Unsigned integer used to identify different YANG items. 3. ".sid" file lifecycle YANG is a language designed to model data accessed using one of the compatible protocols (e.g. NETCONF [RFC6241], RESCONF [RFC8040] and CoMI [I-D.ietf-core-comi]). A YANG module defines hierarchies of data, including configuration, state data, RPCs, actions and notifications. Veillette, et al. Expires June 22, 2019 [Page 4] Internet-Draft YANG Schema Item iDentifier (SID) December 2018 YANG modules are not necessarily created in the context of constrained applications. YANG modules can be implemented using NETCONF [RFC6241] or RESTCONF [RFC8040] without the need to assign SIDs. As needed, authors of YANG modules can assign SIDs to their YANG modules. In order to do that, they should first obtain a SID range from a registry. It could be "RFC SID range assignment" sub-registry as defined in Section Section 7.2.2, the "Specification SID range assignment" sub-registry as defined in Section Section 7.2.3 or another one, depending on the particular case. The minimal information required for this would be a start SID number and a range size, but might include additional details depending on the registry policy, which is outside the scope of this document. Once a SID range is registered, the owner can use it to generate ".sid" file/s for his YANG module/s. It is recommended to leave some unallocated SIDs following the allocated range in each ".sid" file in order to allow better evolution of the YANG module in the future. Generation of ".sid" files SHOULD be performed using an automated tool. Note that ".sid" files can only be generated for YANG modules and not for submodules. Registration of the .sid file associated to a YANG module is optional but recommended to promote interoperability between devices and to avoid duplicate allocation of SIDs to a single YANG module. Different registries might have different requirement for the registration and publication of the ".sid" files. The following activity diagram summarizes the creation of a YANG module and its associated .sid file. +---------------+ O | Creation of a | -|- ->| YANG module | / \ +---------------+ | V /-------------\ / Standardized \ yes \ YANG module ? /-------------+ \-------------/ | | no | V V /-------------\ +---------------+ / Constrained \ yes | SID range | +-->\ application ? /---->| registration |<----------+ | \-------------/ +---------------+ | | | no | | Veillette, et al. Expires June 22, 2019 [Page 5] Internet-Draft YANG Schema Item iDentifier (SID) December 2018 | V V | | +---------------+ +---------------+ | +---| YANG module | | SID sub-range | | | update | | assignment |<----------+ +---------------+ +---------------+ | | | V | +---------------+ +-------------+ | .sid file | | Rework YANG | | generation | | model | +---------------+ +-------------+ | ^ V | /----------\ yes | / Work in \ -----------+ \ progress / \----------/ | no V /-------------\ /-------------\ / RFC \ no / Open \ no \ publication? /---->\ specification?/---+ \-------------/ \-------------/ | | yes | yes | | +---------------+ | V V V +---------------+ +---------------+ | IANA | | Third party | | registration | | registration | +-------+-------+ +-------+-------+ | | +---------------------------------+ V [DONE] Each time a YANG module or one of its imported module(s) or included sub-module(s) is updated, the ".sid" file MAY need to be updated. This update SHOULD also be performed using an automated tool. If a new revision requires more SIDs than initially allocated, a new SID range MUST be added to the 'assignment-ranges' as defined in Section 4. These extra SIDs are used for subsequent assignments. The following activity diagram summarizes the update of a YANG module and its associated .sid file. Veillette, et al. Expires June 22, 2019 [Page 6] Internet-Draft YANG Schema Item iDentifier (SID) December 2018 +---------------+ O | Update of the | -|- ->| YANG module | / \ | or include(s) | | or import(s) | +---------------+ | V /-------------\ / New items \ yes \ created ? /------+ \-------------/ | | no V | /-------------\ +----------------+ | / SID range \ yes | Extra sub-range| | \ exhausted ? /---->| assignment | | \-------------/ +----------------+ | | no | | +---------------------+ | | | V | +---------------+ | | .sid file | | | update based | | | on previous | | | .sid file | | +---------------+ | | | V | /-------------\ +---------------+ | / Publicly \ yes | YANG module | | \ available ? /---->| registration | | \-------------/ +---------------+ | | no | +--------------+---------------------+ | [DONE] 4. ".sid" file format ".sid" files are used to persist and publish SIDs assigned to the different YANG items of a specific YANG module. The following YANG module defined the structure of this file, encoding is performed using the rules defined in [RFC7951]. <CODE BEGINS> file "ietf-sid-file@2017-11-26.yang" module ietf-sid-file { Veillette, et al. Expires June 22, 2019 [Page 7] Internet-Draft YANG Schema Item iDentifier (SID) December 2018 namespace "urn:ietf:params:xml:ns:yang:ietf-sid-file"; prefix sid; import ietf-yang-types { prefix yang; } import ietf-comi { prefix comi; } organization "IETF Core Working Group"; contact "Michel Veillette <mailto:michel.veillette@trilliant.com> Andy Bierman <mailto:andy@yumaworks.com> Alexander Pelov <mailto:a@ackl.io>"; description "This module defines the structure of the .sid files. Each .sid file contains the mapping between the different string identifiers defined by a YANG module and a corresponding numeric value called SID."; revision 2017-11-26 { description "Initial revision."; reference "[I-D.ietf-core-sid] YANG Schema Item iDentifier (SID)"; } typedef revision-identifier { type string { pattern '\d{4}-\d{2}-\d{2}'; } description "Represents a date in YYYY-MM-DD format."; } typedef schema-node-path { type string { Veillette, et al. Expires June 22, 2019 [Page 8] Internet-Draft YANG Schema Item iDentifier (SID) December 2018 pattern '/[a-zA-Z_][a-zA-Z0-9\-_.]*:[a-zA-Z_][a-zA-Z0-9\-_.]*' + '(/[a-zA-Z_][a-zA-Z0-9\-_.]*(:[a-zA-Z_][a-zA-Z0-9\-_.]*)?)*'; } description "Identifies a schema-node path string for use in the SID registry. This string format follows the rules for an instance-identifier, as defined in RFC 7959, except that no predicates are allowed. This format is intended to support the YANG 1.1 ABNF for a schema node identifier, except module names are used instead of prefixes, as specified in RFC 7951."; reference "RFC 7950, The YANG 1.1 Data Modeling Language; Section 6.5: Schema Node Identifier; RFC 7951, JSON Encoding of YANG Data; Section 6.11: The instance-identifier type"; } leaf module-name { type yang:yang-identifier; description "Name of the YANG module associated with this .sid file."; } leaf module-revision { type revision-identifier; description "Revision of the YANG module associated with this .sid file. This leaf is not present if no revision statement is defined in the YANG module."; } list assigment-ranges { key "entry-point"; description "SID range(s) allocated to the YANG module identified by 'module-name' and 'module-revision'."; leaf entry-point { type comi:sid; mandatory true; description "Lowest SID available for assignment."; } leaf size { Veillette, et al. Expires June 22, 2019 [Page 9] Internet-Draft YANG Schema Item iDentifier (SID) December 2018 type uint64; mandatory true; description "Number of SIDs available for assignment."; } } list items { key "namespace identifier"; description "Each entry within this list defined the mapping between a YANG item string identifier and a SID. This list MUST include a mapping entry for each YANG item defined by the YANG module identified by 'module-name' and 'module-revision'."; leaf namespace { type enumeration { enum module { value 0; description "All module and submodule names share the same global module identifier namespace."; } enum identity { value 1; description "All identity names defined in a module and its submodules share the same identity identifier namespace."; } enum feature { value 2; description "All feature names defined in a module and its submodules share the same feature identifier namespace."; } enum data { value 3; description "The namespace for all data nodes, as defined in YANG."; } } description "Namespace of the YANG item for this mapping entry."; } Veillette, et al. Expires June 22, 2019 [Page 10] Internet-Draft YANG Schema Item iDentifier (SID) December 2018 leaf identifier { type union { type yang:yang-identifier; type schema-node-path; } description "String identifier of the YANG item for this mapping entry. If the corresponding 'namespace' field is 'module', 'feature', or 'identity', then this field MUST contain a valid YANG identifier string. If the corresponding 'namespace' field is 'data', then this field MUST contain a valid schema node path."; } leaf sid { type comi:sid; mandatory true; description "SID assigned to the YANG item for this mapping entry."; } } } <CODE ENDS> 5. Third party registries The organization and functioning of third party registries is outside the scope of the current document. The only limitations connected to those registries are listed in Section 7.2. 6. Security Considerations The security considerations of [RFC7049] and [RFC7950] apply. This document defines a new type of identifier used to encode data models defined in YANG [RFC7950]. As such, this identifier does not contribute to any new security issues in addition of those identified for the specific protocols or contexts for which it is used. 7. IANA Considerations In this section are given specifications for an entry into the module registry and two new registries, a SID-range registry and a SID module registry. Veillette, et al. Expires June 22, 2019 [Page 11] Internet-Draft YANG Schema Item iDentifier (SID) December 2018 7.1. Module registration This document registers one YANG modules in the "YANG Module Names" registry [RFC6020]: o name: ietf-sid-file o namespace: urn:ietf:params:xml:ns:yang:ietf-sid-file o prefix: sid o reference: [[THISRFC]] 7.2. "SID mega-range" registry The name of this registry is "SID mega-range". This registry is used to record the delegation of the management of a block of SIDs to third parties (e.g. SDO, registrar). Each entry in this registry must include: o The entry point (first entry) of the registered SID range. o The size of the registered SID range. o The contact information of the requesting organization including: o Organization name o Primary contact name, email address, and phone number o Secondary contact name, email address, and phone number The initial entry in this registry is allocated to IANA: +-------------+---------+-------------------+ | Entry Point | Size | Organization name | +-------------+---------+-------------------+ | 0 | 1000000 | IANA | +-------------+---------+-------------------+ The IANA policies for future additions to this registry are "Hierarchical Allocation, Expert Review" [RFC5226]. Prior to a first allocation, the requesting organization must demonstrate a functional registry infrastructure. On subsequent allocation request(s), the organization must demonstrate the exhaustion of the prior range. These conditions need to be asserted by the assigned expert(s). Veillette, et al. Expires June 22, 2019 [Page 12] Internet-Draft YANG Schema Item iDentifier (SID) December 2018 7.2.1. "IANA SID Mega-Range" allocation The first million SIDs assigned to IANA is sub-divided as follow: o The range of 0 to 999 is reserved for future extensions. The IANA policy for this range is "IETF review" [RFC5226]. This range is reserved for a future uses and no sub-registries are currently defined for it. o The range of 1000 to 59,999 is reserved for YANG modules defined in RFCs. The IANA policy for future additions to this sub- registry is "RFC required" [RFC5226]. Allocation within this range requires publishing of the associated ".yang" and ".sid" files in the YANG module registry. The allocation within this range is done during IESG review. o The range of 60,000 to 99,999 is reserved for experimental YANG modules. This range MUST NOT be used in operational deployments since these SIDs are not globally unique which limit their interoperability. The IANA policy for this range is "Experimental use" [RFC5226]. o The range of 100,000 to 999,999 is reserved for standardized YANG modules. The IANA policy for future additions to this sub- registry is "Specification Required" [RFC5226]. Allocation within this range requires publishing of the associated ".yang" and ".sid" files in the YANG module registry. +-------------+---------+------------------------+ | Entry Point | Size | IANA policy | +-------------+---------+------------------------+ | 0 | 1,000 | IETF review | | 1,000 | 59,000 | RFC required | | 60,000 | 40,000 | Experimental use | | 100,000 | 900,000 | Specification Required | +-------------+---------+------------------------+ The size of a SID range assigned to a YANG module should be at least 33% above the current number of YANG items. This headroom allows assignment within the same range of new YANG items introduced by subsequent revisions. A larger SID range size may be requested by the authors if this recommendation is considered insufficient. It is important to note that an extra SID range can be allocated to an existing YANG module if the initial range is exhausted. Veillette, et al. Expires June 22, 2019 [Page 13] Internet-Draft YANG Schema Item iDentifier (SID) December 2018 7.2.2. "RFC SID range assignment" sub-registry The name of this sub-registry is "RFC SID range assignment". This sub-registry of "IANA SID Mega-Range" allocation Section 7.2.1 corresponds to the SID entry point 1000, size 59000. Each entry in this sub-registry must include: o The SID range entry point. o The SID range size. o The YANG module name. o The RFC number. Initial entries in this registry are as follows: +-------------+------+------------------+----------------------+ | Entry Point | Size | Module name | RFC number | +-------------+------+------------------+----------------------+ | 1000 | 100 | ietf-comi | [I-D.ietf-core-comi] | | 1100 | 50 | ietf-yang-types | [RFC6021] | | 1150 | 50 | ietf-inet-types | [RFC6021] | | 1200 | 50 | iana-crypt-hash | [RFC7317] | | 1250 | 50 | ietf-netconf-acm | [RFC6536] | | 1300 | 50 | ietf-sid-file | RFCXXXX | | 1500 | 100 | ietf-interfaces | [RFC7223] | | 1600 | 100 | ietf-ip | [RFC7277] | | 1700 | 100 | ietf-system | [RFC7317] | | 1800 | 400 | iana-if-type | [RFC7224] | +-------------+------+------------------+----------------------+ // RFC Ed.: replace XXXX with RFC number assigned to this draft. For allocation, RFC publication of the module is required as per [RFC5226]. The YANG module must be registered in the "YANG module Name" registry according to the rules specified in section 14 of [RFC6020]. 7.2.3. "Specification SID range assignment" sub-registry The name of this sub-registry is "Specification SID range assignment". This sub-registry of "IANA SID Mega-Range" allocation Section 7.2.1 corresponds to the SID entry point 100000, size 900000. Each entry in this sub-registry must include: o The SID range entry point. Veillette, et al. Expires June 22, 2019 [Page 14] Internet-Draft YANG Schema Item iDentifier (SID) December 2018 o The SID range size. o The YANG module name. o The name of the standard organization o The specification identifier or URI 7.3. "YANG module assignment" registry The name of this registry is "YANG module assignment". This registry is used to track which YANG modules have been assigned and the specific YANG items assignment. Each entry in this registry must include: o The YANG module name. o The associated ".yang" file(s) o The associated ".sid" file The validity of the ".yang" and ".sid" files added to this registry MUST be verified. o The syntax of the registered ".yang" and ".sid" files must be valid. o Each YANG item defined by the registered ".yang" file must have a corresponding SID assigned in the ".sid" file. o Each SID is assigned to a single YANG item, duplicate assignment is not allowed. o The SID range(s) defined in the ".sid" file must be unique, must not conflict with any other SID ranges defined in already registered ".sid" files. o The ownership of the SID range(s) should be verified. The IANA policy for future additions to this registry is "First Come First Served" as described in [RFC5226]. 8. Acknowledgments The authors would like to thank Andy Bierman, Carsten Bormann, Abhinav Somaraju, Laurent Toutain, Randy Turner and Peter van der Stok for their help during the development of this document and their useful comments during the review process. Veillette, et al. Expires June 22, 2019 [Page 15] Internet-Draft YANG Schema Item iDentifier (SID) December 2018 9. References 9.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <https://www.rfc-editor.org/info/rfc2119>. [RFC7049] Bormann, C. and P. Hoffman, "Concise Binary Object Representation (CBOR)", RFC 7049, DOI 10.17487/RFC7049, October 2013, <https://www.rfc-editor.org/info/rfc7049>. [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", RFC 7950, DOI 10.17487/RFC7950, August 2016, <https://www.rfc-editor.org/info/rfc7950>. [RFC7951] Lhotka, L., "JSON Encoding of Data Modeled with YANG", RFC 7951, DOI 10.17487/RFC7951, August 2016, <https://www.rfc-editor.org/info/rfc7951>. 9.2. Informative References [I-D.ietf-core-comi] Veillette, M., Stok, P., Pelov, A., and A. Bierman, "CoAP Management Interface", draft-ietf-core-comi-04 (work in progress), November 2018. [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", RFC 5226, DOI 10.17487/RFC5226, May 2008, <https://www.rfc-editor.org/info/rfc5226>. [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for the Network Configuration Protocol (NETCONF)", RFC 6020, DOI 10.17487/RFC6020, October 2010, <https://www.rfc-editor.org/info/rfc6020>. [RFC6021] Schoenwaelder, J., Ed., "Common YANG Data Types", RFC 6021, DOI 10.17487/RFC6021, October 2010, <https://www.rfc-editor.org/info/rfc6021>. [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., and A. Bierman, Ed., "Network Configuration Protocol (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, <https://www.rfc-editor.org/info/rfc6241>. Veillette, et al. Expires June 22, 2019 [Page 16] Internet-Draft YANG Schema Item iDentifier (SID) December 2018 [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration Protocol (NETCONF) Access Control Model", RFC 6536, DOI 10.17487/RFC6536, March 2012, <https://www.rfc-editor.org/info/rfc6536>. [RFC7223] Bjorklund, M., "A YANG Data Model for Interface Management", RFC 7223, DOI 10.17487/RFC7223, May 2014, <https://www.rfc-editor.org/info/rfc7223>. [RFC7224] Bjorklund, M., "IANA Interface Type YANG Module", RFC 7224, DOI 10.17487/RFC7224, May 2014, <https://www.rfc-editor.org/info/rfc7224>. [RFC7277] Bjorklund, M., "A YANG Data Model for IP Management", RFC 7277, DOI 10.17487/RFC7277, June 2014, <https://www.rfc-editor.org/info/rfc7277>. [RFC7317] Bierman, A. and M. Bjorklund, "A YANG Data Model for System Management", RFC 7317, DOI 10.17487/RFC7317, August 2014, <https://www.rfc-editor.org/info/rfc7317>. [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, <https://www.rfc-editor.org/info/rfc8040>. Appendix A. ".sid" file example The following .sid file (ietf-system@2014-08-06.sid) have been generated using the following yang modules: o ietf-system@2014-08-06.yang o ietf-yang-types@2013-07-15.yang o ietf-inet-types@2013-07-15.yang o ietf-netconf-acm@2012-02-22.yang o iana-crypt-hash@2014-04-04.yang { "assignment-ranges": [ { "entry-point": 1700, "size": 100 } ], "module-name": "ietf-system", Veillette, et al. Expires June 22, 2019 [Page 17] Internet-Draft YANG Schema Item iDentifier (SID) December 2018 "module-revision": "2014-08-06", "items": [ { "namespace": "module", "identifier": "ietf-system", "sid": 1700 }, { "namespace": "identity", "identifier": "authentication-method", "sid": 1701 }, { "namespace": "identity", "identifier": "local-users", "sid": 1702 }, { "namespace": "identity", "identifier": "radius", "sid": 1703 }, { "namespace": "identity", "identifier": "radius-authentication-type", "sid": 1704 }, { "namespace": "identity", "identifier": "radius-chap", "sid": 1705 }, { "namespace</i2nsf-counters> </filter> </get> </rpc> Figure 5: XML Example for NETCONF GET with System Interface Filter The following XML file shows the reply from the NETCONF Server (e.g., NSF): Jeong, et al. Expires October 2, 2021 [Page 76] Internet-Draft NSF Monitoring Interface YANG Data Model March 2021 <?xml version="1.0" encoding="UTF-8"?> <rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1"> <data> <i2nsf-counters xmlns="urn:ietf:params:xml:ns:yang:ietf-i2nsf-nsf-monitoring"> <system-interface> <interface-name>ens3</interface-name> <acquisition-method xmlns:nsfmi="urn:ietf:params:xml:ns:yang:ietf-i2nsf-nsf-monitoring"> nsfmi:query </acquisition-method> <in-total-traffic-bytes>549050</in-total-traffic-bytes> <out-total-traffic-bytes>814956</out-total-traffic-bytes> <in-drop-traffic-bytes>0</in-drop-traffic-bytes> <out-drop-traffic-bytes>5078</out-drop-traffic-bytes> <nsf-name>time_based_firewall</nsf-name> </system-interface> <system-interface> <interface-name>lo</interface-name> <acquisition-method xmlns:nsfmi="urn:ietf:params:xml:ns:yang:ietf-i2nsf-nsf-monitoring"> nsfmi:query </acquisition-method> <in-total-traffic-bytes>48487</in-total-traffic-bytes> <out-total-traffic-bytes>48487</out-total-traffic-bytes> <in-drop-traffic-bytes>0</in-drop-traffic-bytes> <out-drop-traffic-bytes>0</out-drop-traffic-bytes> <nsf-name>time_based_firewall</nsf-name> </system-interface> </i2nsf-counters> </data> </rpc-reply> Figure 6: Example of I2NSF System Interface Counters XML Information 13. IANA Considerations This document requests IANA to register the following URI in the "IETF XML Registry" [RFC3688]: URI: urn:ietf:params:xml:ns:yang:ietf-i2nsf-nsf-monitoring Registrant Contact: The IESG. XML: N/A; the requested URI is an XML namespace. This document requests IANA to register the following YANG module in the "YANG Module Names" registry [RFC7950][RFC8525]: Jeong, et al. Expires October 2, 2021 [Page 77] Internet-Draft NSF Monitoring Interface YANG Data Model March 2021 name: ietf-i2nsf-nsf-monitoring namespace: urn:ietf:params:xml:ns:yang:ietf-i2nsf-nsf-monitoring prefix: nsfmi reference: RFC XXXX // RFC Ed.: replace XXXX with an actual RFC number and remove // this note. 14. Security Considerations The YANG module described in this document defines a schema for data that is designed to be accessed via network management protocols such as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer is the secure transport layer, and the mandatory-to-implement secure transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer is HTTPS, and the mandatory-to-implement secure transport is TLS [RFC8446]. The NETCONF access control model [RFC8341] provides the means to restrict access for particular NETCONF or RESTCONF users to a preconfigured subset of all available NETCONF or RESTCONF protocol operations and content. All data nodes defined in the YANG module which can be created, modified and deleted (i.e., config true, which is the default) are considered sensitive. Write operations (e.g., edit-config) applied to these data nodes without proper protection can negatively affect framework operations. The monitoring YANG module should be protected by the secure communication channel, to ensure its confidentiality and integrity. In another side, the NSF and NSF data collector can all be faked, which lead to undesirable results (i.e., leakage of an NSF's important operational information, and faked NSF sending false information to mislead the NSF data collector). The mutual authentication is essential to protected against this kind of attack. The current mainstream security technologies (i.e., TLS, DTLS, IPsec, and X.509 PKI) can be employed appropriately to provide the above security functions. In addition, to defend against the DDoS attack caused by a lot of NSFs sending massive notifications to the NSF data collector, the rate limiting or similar mechanisms should be considered in both an NSF and NSF data collector, whether in advance or just in the process of DDoS attack. Jeong, et al. Expires October 2, 2021 [Page 78] Internet-Draft NSF Monitoring Interface YANG Data Model March 2021 15. Acknowledgments This work was supported by Institute of Information & Communications Technology Planning & Evaluation (IITP) grant funded by the Korea MSIT (Ministry of Science and ICT) (R-20160222-002755, Cloud based Security Intelligence Technology Development for the Customized Security Service Provisioning). This work was supported in part by the IITP (2020-0-00395, Standard Development of Blockchain based Network Management Automation Technology). This work was supported in part by the MSIT under the Information Technology Research Center (ITRC) support program (IITP-2020-2017-0-01633) supervised by the IITP. 16. Contributors This document is made by the group effort of I2NSF working group. Many people actively contributed to this document. The authors sincerely appreciate their contributions. The following are co-authors of this document: Chaehong Chung Department of Electronic, Electrical and Computer Engineering Sungkyunkwan University 2066 Seo-ro Jangan-gu Suwon, Gyeonggi-do 16419 Republic of Korea EMail: darkhong@skku.edu Jinyong (Tim) Kim Department of Electronic, Electrical and Computer Engineering Sungkyunkwan University 2066 Seo-ro Jangan-gu Suwon, Gyeonggi-do 16419 Republic of Korea EMail: timkim@skku.edu Dongjin Hong Department of Electronic, Electrical and Computer Engineering Sungkyunkwan University 2066 Seo-ro Jangan-gu Suwon, Gyeonggi-do 16419 Republic of Korea Jeong, et al. Expires October 2, 2021 [Page 79] Internet-Draft NSF Monitoring Interface YANG Data Model March 2021 EMail: dong.jin@skku.edu Dacheng Zhang Huawei EMail: dacheng.zhang@huawei.com Yi Wu Aliababa Group EMail: anren.wy@alibaba-inc.com Rakesh Kumar Juniper Networks 1133 Innovation Way Sunnyvale, CA 94089 USA EMail: rkkumar@juniper.net Anil Lohiya Juniper Networks EMail: alohiya@juniper.net 17. References 17.1. Normative References [RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, DOI 10.17487/RFC0768, August 1980, <https://www.rfc-editor.org/info/rfc768>. [RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791, DOI 10.17487/RFC0791, September 1981, <https://www.rfc-editor.org/info/rfc791>. [RFC0792] Postel, J., "Internet Control Message Protocol", STD 5, RFC 792, DOI 10.17487/RFC0792, September 1981, <https://www.rfc-editor.org/info/rfc792>. Jeong, et al. Expires October 2, 2021 [Page 80] Internet-Draft NSF Monitoring Interface YANG Data Model March 2021 [RFC0793] Postel, J., "Transmission Control Protocol", STD 7, RFC 793, DOI 10.17487/RFC0793, September 1981, <https://www.rfc-editor.org/info/rfc793>. [RFC0956] Mills, D., "Algorithms for synchronizing network clocks", RFC 956, DOI 10.17487/RFC0956, September 1985, <https://www.rfc-editor.org/info/rfc956>. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <https://www.rfc-editor.org/info/rfc2119>. [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext Transfer Protocol -- HTTP/1.1", RFC 2616, DOI 10.17487/RFC2616, June 1999, <https://www.rfc-editor.org/info/rfc2616>. [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, DOI 10.17487/RFC3688, January 2004, <https://www.rfc-editor.org/info/rfc3688>. [RFC3877] Chisholm, S. and D. Romascanu, "Alarm Management Information Base (MIB)", RFC 3877, DOI 10.17487/RFC3877, September 2004, <https://www.rfc-editor.org/info/rfc3877>. [RFC3954] Claise, B., Ed., "Cisco Systems NetFlow Services Export Version 9", RFC 3954, DOI 10.17487/RFC3954, October 2004, <https://www.rfc-editor.org/info/rfc3954>. [RFC4443] Conta, A., Deering, S., and M. Gupta, Ed., "Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification", STD 89, RFC 4443, DOI 10.17487/RFC4443, March 2006, <https://www.rfc-editor.org/info/rfc4443>. [RFC4949] Shirey, R., "Internet Security Glossary, Version 2", FYI 36, RFC 4949, DOI 10.17487/RFC4949, August 2007, <https://www.rfc-editor.org/info/rfc4949>. [RFC5424] Gerhards, R., "The Syslog Protocol", RFC 5424, DOI 10.17487/RFC5424, March 2009, <https://www.rfc-editor.org/info/rfc5424>. Jeong, et al. Expires October 2, 2021 [Page 81] Internet-Draft NSF Monitoring Interface YANG Data Model March 2021 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., and A. Bierman, Ed., "Network Configuration Protocol (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, <https://www.rfc-editor.org/info/rfc6241>. [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, <https://www.rfc-editor.org/info/rfc6242>. [RFC6587] Gerhards, R. and C. Lonvick, "Transmission of Syslog Messages over TCP", RFC 6587, DOI 10.17487/RFC6587, April 2012, <https://www.rfc-editor.org/info/rfc6587>. [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", RFC 6991, DOI 10.17487/RFC6991, July 2013, <https://www.rfc-editor.org/info/rfc6991>. [RFC7011] Claise, B., Ed., Trammell, B., Ed., and P. Aitken, "Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of Flow Information", STD 77, RFC 7011, DOI 10.17487/RFC7011, September 2013, <https://www.rfc-editor.org/info/rfc7011>. [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", RFC 7950, DOI 10.17487/RFC7950, August 2016, <https://www.rfc-editor.org/info/rfc7950>. [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, <https://www.rfc-editor.org/info/rfc8040>. [RFC8200] Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6) Specification", STD 86, RFC 8200, DOI 10.17487/RFC8200, July 2017, <https://www.rfc-editor.org/info/rfc8200>. [RFC8329] Lopez, D., Lopez, E., Dunbar, L., Strassner, J., and R. Kumar, "Framework for Interface to Network Security Functions", RFC 8329, DOI 10.17487/RFC8329, February 2018, <https://www.rfc-editor.org/info/rfc8329>. [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, <https://www.rfc-editor.org/info/rfc8340>. Jeong, et al. Expires October 2, 2021 [Page 82] Internet-Draft NSF Monitoring Interface YANG Data Model March 2021 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration Access Control Model", STD 91, RFC 8341, DOI 10.17487/RFC8341, March 2018, <https://www.rfc-editor.org/info/rfc8341>. [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., and R. Wilton, "Network Management Datastore Architecture (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, <https://www.rfc-editor.org/info/rfc8342>. [RFC8407] Bierman, A., "Guidelines for Authors and Reviewers of Documents Containing YANG Data Models", BCP 216, RFC 8407, DOI 10.17487/RFC8407, October 2018, <https://www.rfc-editor.org/info/rfc8407>. [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, <https://www.rfc-editor.org/info/rfc8446>. [RFC8525] Bierman, A., Bjorklund, M., Schoenwaelder, J., Watsen, K., and R. Wilton, "YANG Library", RFC 8525, DOI 10.17487/RFC8525, March 2019, <https://www.rfc-editor.org/info/rfc8525>. [RFC8639] Voit, E., Clemm, A., Gonzalez Prieto, A., Nilsen-Nygaard, E., and A. Tripathy, "Subscription to YANG Notifications", RFC 8639, DOI 10.17487/RFC8639, September 2019, <https://www.rfc-editor.org/info/rfc8639>. [RFC8641] Clemm, A. and E. Voit, "Subscription to YANG Notifications for Datastore Updates", RFC 8641, DOI 10.17487/RFC8641, September 2019, <https://www.rfc-editor.org/info/rfc8641>. 17.2. Informative References [I-D.ietf-i2nsf-applicability] Jeong, J., Hyun, S., Ahn, T., Hares, S., and D. Lopez, "Applicability of Interfaces to Network Security Functions to Network-Based Security Services", draft-ietf-i2nsf- applicability-18 (work in progress), September 2019. [I-D.ietf-i2nsf-capability] Xia, L., Strassner, J., Basile, C., and D. Lopez, "Information Model of NSFs Capabilities", draft-ietf- i2nsf-capability-05 (work in progress), April 2019. Jeong, et al. Expires October 2, 2021 [Page 83] Internet-Draft NSF Monitoring Interface YANG Data Model March 2021 [I-D.ietf-i2nsf-consumer-facing-interface-dm] Jeong, J., Chung, C., Ahn, T., Kumar, R., and S. Hares, "I2NSF Consumer-Facing Interface YANG Data Model", draft- ietf-i2nsf-consumer-facing-interface-dm-12 (work in progress), September 2020. [I-D.ietf-i2nsf-nsf-facing-interface-dm] Kim, J., Jeong, J., J., J., PARK, P., Hares, S., and Q. Lin, "I2NSF Network Security Function-Facing Interface YANG Data Model", draft-ietf-i2nsf-nsf-facing-interface- dm-10 (work in progress), August 2020. [I-D.ietf-i2nsf-registration-interface-dm] Hyun, S., Jeong, J., Roh, T., Wi, S., J., J., and P. PARK, "I2NSF Registration Interface YANG Data Model", draft- ietf-i2nsf-registration-interface-dm-09 (work in progress), August 2020. [I-D.ietf-netconf-subscribed-notifications] Voit, E., Clemm, A., Prieto, A., Nilsen-Nygaard, E., and A. Tripathy, "Subscription to YANG Event Notifications", draft-ietf-netconf-subscribed-notifications-26 (work in progress), May 2019. [I-D.ietf-netconf-yang-push] Clemm, A. and E. Voit, "Subscription to YANG Datastores", draft-ietf-netconf-yang-push-25 (work in progress), May 2019. [I-D.yang-i2nsf-security-policy-translation] Jeong, J., Yang, J., Chung, C., and J. Kim, "Security Policy Translation in Interface to Network Security Functions", draft-yang-i2nsf-security-policy- translation-07 (work in progress), November 2020. Jeong, et al. Expires October 2, 2021 [Page 84] Internet-Draft NSF Monitoring Interface YANG Data Model March 2021 Appendix A. Changes from draft-ietf-i2nsf-nsf-monitoring-data-model-06 The following changes are made from draft-ietf-i2nsf-nsf-monitoring- data-model-06: o This version is revised according to the comments of Andy Bierman who is a YANG doctor. o This version updates its title as "I2NSF NSF Monitoring Interface YANG Data Model". It clarifies the NSF Monitoring Interface to deliver NSF monitoring data to an NSF data collector (e.g., Security Controller and NSF data analyzer). o This version adds an attack destination IP address for DDoS-attack event to provide I2NSF Analyser with more information about the destination of DDoS-attack packets. o This version supports a notification for monitoring traffic flows. Authors' Addresses Jaehoon (Paul) Jeong (editor) Department of Computer Science and Engineering Sungkyunkwan University 2066 Seobu-Ro, Jangan-Gu Suwon, Gyeonggi-Do 16419 Republic of Korea Phone: +82 31 299 4957 Fax: +82 31 290 7996 EMail: pauljeong@skku.edu URI: http://iotlab.skku.edu/people-jaehoon-jeong.php Patrick Lingga Department of Electronic, Electrical and Computer Engineering Sungkyunkwan University 2066 Seobu-Ro, Jangan-Gu Suwon, Gyeonggi-Do 16419 Republic of Korea Phone: +82 31 299 4957 EMail: patricklink@skku.edu Jeong, et al. Expires October 2, 2021 [Page 85] Internet-Draft NSF Monitoring Interface YANG Data Model March 2021 Susan Hares Huawei 7453 Hickory Hill Saline, MI 48176 USA Phone: +1-734-604-0332 EMail: shares@ndzh.com Liang (Frank) Xia Huawei 101 Software Avenue, Yuhuatai District Nanjing, Jiangsu China EMail: Frank.xialiang@huawei.com Henk Birkholz Fraunhofer Institute for Secure Information Technology Rheinstrasse 75 Darmstadt 64295 Germany EMail: henk.birkholz@sit.fraunhofer.de Jeong, et al. Expires October 2, 2021 [Page 86]