YANG Data Model for ISIS protocol
draft-ietf-isis-yang-isis-cfg-01
The information below is for an old version of the document.
Document | Type |
This is an older version of an Internet-Draft that was ultimately published as RFC 9130.
|
|
---|---|---|---|
Authors | Stephane Litkowski , Derek M. Yeung , Acee Lindem , Zhaohui (Jeffrey) Zhang , Ladislav Lhotka | ||
Last updated | 2014-10-26 | ||
RFC stream | Internet Engineering Task Force (IETF) | ||
Formats | |||
Reviews |
YANGDOCTORS Last Call review
(of
-24)
by Ebben Aries
On the Right Track
|
||
Additional resources | Mailing list discussion | ||
Stream | WG state | WG Document | |
Document shepherd | (None) | ||
IESG | IESG state | Became RFC 9130 (Proposed Standard) | |
Consensus boilerplate | Unknown | ||
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
draft-ietf-isis-yang-isis-cfg-01
Internet-Draft isis-cfg October 2014 description "This leaf describes the authentication key."; } leaf type { type authentication-type; description "This leaf describes the authentication type to be used."; } leaf level { type level; description "Level applicability."; } description "Container for ISIS authentication. It covers both LSPs and SNPs."; } list metric-type { key level; leaf value { type enumeration { enum wide-only { description "Advertise new metric style only (RFC5305)"; } enum old-only { description "Advertise old metric style only (RFC1195)"; } enum both { description "Advertise both metric styles"; } } description "This leaf describes the type of metric to be generated. Wide-only means only new metric style is generated, old-only means that only old style metric Litkowski, et al. Expires April 27, 2015 [Page 47] Internet-Draft isis-cfg October 2014 is generated, and both means that both are advertised. This leaf is only affecting IPv4 metrics."; } leaf level { type level; description "Level applicability."; } description "Metric style container."; } list preference { key level; choice granularity { case detail { leaf internal { type uint8; description "This leaf defines the protocol preference for internal routes."; } leaf external { type uint8; description "This leaf defines the protocol preference for external routes."; } } case coarse { leaf default { type uint8; description "This leaf defines the protocol preference for all ISIS routes."; } } description "Choice for implementation of route preference."; } leaf level { type level; description "Level applicability."; } description Litkowski, et al. Expires April 27, 2015 [Page 48] Internet-Draft isis-cfg October 2014 "This leaf defines the protocol preference."; } list default-metric { key level; leaf value { type wide-metric; description "Value of the metric"; } leaf level { type level; description "Level applicability of the metric."; } description "Defines the metric to be used by default."; } list af { if-feature nlpid-control; key af; leaf af { type string; description "Address-family"; } leaf enabled { type boolean; description "Describes the activation state of the AF."; } description "This list permits activation of new address families."; } list topologies { if-feature multi-topology; key "name"; leaf enabled { type boolean; description Litkowski, et al. Expires April 27, 2015 [Page 49] Internet-Draft isis-cfg October 2014 "Describes the activation state of the AF."; } leaf name { type rt:rib-ref; description "RIB"; } list default-metric { key level; leaf value { type wide-metric; description "Value of the metric"; } leaf level { type level; description "Level applicability of the metric."; } description "Defines the metric to be used by default."; } description "List of topologies"; } list overload { key level; leaf status { type boolean; description "This leaf defines the overload status."; } leaf timeout { type uint16; units "seconds"; description "This leaf defines the timeout in seconds of the overload condition."; } leaf level { type level; description "Level applicability of the metric."; Litkowski, et al. Expires April 27, 2015 [Page 50] Internet-Draft isis-cfg October 2014 } description "This leaf describes if the router is set to overload state."; } list overload-max-metric { if-feature overload-max-metric; key level; leaf status { type boolean; description "This leaf defines the overload status."; } leaf timeout { type uint16; units "seconds"; description "This leaf defines the timeout in seconds of the overload condition."; } leaf level { type level; description "Level applicability of the metric."; } description "This leaf describes if the router is set to overload state."; } container interfaces { list interface { key "name"; leaf name { type string; description "Reference to the interface within the routing-instance."; } leaf level-type { type level; default "level-all"; description "This leaf defines the associated ISIS Litkowski, et al. Expires April 27, 2015 [Page 51] Internet-Draft isis-cfg October 2014 level of the interface."; } leaf lsp-pacing-interval { type uint16; units "milliseconds"; description "This leaf defines the interval between LSP transmissions in milli-seconds"; } leaf lsp-retransmit-interval { type uint16; units "seconds"; description "This leaf defines the interval between retransmission of LSP"; } leaf passive { type boolean; default "false"; description "This leaf defines if interface is in passive mode (ISIS not running, but network is advertised)."; } leaf csnp-interval { type uint16; units "seconds"; description "This leaf defines the interval of CSNP messages."; } container hello-padding { leaf enabled { type boolean; default "true"; description "Status of Hello-padding activation. By default, the implementation shall pad HELLOs."; } description "This container handles ISIS hello padding configuration."; } leaf mesh-group-enabled { Litkowski, et al. Expires April 27, 2015 [Page 52] Internet-Draft isis-cfg October 2014 type mesh-group-state; description "Describes the mesh group state of the interface."; } leaf mesh-group { when "../mesh-group-enabled = meshSet" { description "Only valid when mesh-group-enabled equals meshSet"; } type uint8; description "Describes the mesh group ID of the interface."; } leaf interface-type { type interface-type; description "This leaf defines the type of adjacency to be established on the interface. This is affecting the type of hello message that would be used."; } leaf enabled { type boolean; default "true"; description "This leaf describes the administrative status of the ISIS interface."; } leaf-list tag { if-feature prefix-tag; type uint32; description "This leaf defines list of tags associated with the interface."; } leaf-list tag64 { if-feature prefix-tag64; Litkowski, et al. Expires April 27, 2015 [Page 53] Internet-Draft isis-cfg October 2014 type uint64; description "This leaf defines list of 64bits tags associated with the interface."; } list hello-authentication { key level; leaf type { type authentication-type; description "This leaf describes the authentication type to be used in hello messages."; } leaf key { type string; description "This leaf describes the authentication key to be used in hello messages. For security reason, the authentication key MUST NOT be presented in plaintext format upon a get-config reply. Authors recommends to use MD5 hash to present the authentication-key"; } leaf level { type level; description "Level applicability."; } description "This leaf describes the authentication type to be used in hello messages."; } list hello-interval { key level; leaf value { type uint16; units "seconds"; description Litkowski, et al. Expires April 27, 2015 [Page 54] Internet-Draft isis-cfg October 2014 "This leaf defines the interval of hello messages."; } leaf level { type level; description "Level applicability."; } description "This leaf defines the interval of hello messages."; } list hello-multiplier { key level; leaf value { type uint16; description "This leaf defines the number of hello failed to be received before declaring the adjacency down."; } leaf level { type level; description "Level applicability."; } description "This leaf defines the number of hello failed to be received before declaring the adjacency down."; } list priority { must 'interface-type = "broadcast"'; key level; leaf value { type uint8 { range "0 .. 127"; } description "This leaf describes the priority of the interface for DIS election."; } leaf level { Litkowski, et al. Expires April 27, 2015 [Page 55] Internet-Draft isis-cfg October 2014 type level; description "Level applicability."; } description "This leaf describes the priority of the interface for DIS election."; } list metric { key level; leaf value { type wide-metric; description "Metric value."; } leaf level { type level; description "Level applicability."; } description "Container for interface metric"; } list af { key af; leaf af { type string; description "Address-family"; } container bfd { if-feature bfd; leaf enabled { type boolean; default false; description "This leaf enables BFD."; } description "The container describes BFD config."; } description Litkowski, et al. Expires April 27, 2015 [Page 56] Internet-Draft isis-cfg October 2014 "List of AFs."; } list topologies { key name; leaf name { type rt:rib-ref; description "Name of RIB."; } list metric { key level; leaf value { type wide-metric; description "Metric value."; } leaf level { type level; description "Level applicability."; } description "Container for interface metric"; } description "List of topologies."; } description "List of ISIS interfaces."; } description "This container defines ISIS interface specific configuration objects."; } description "List of ISIS instances."; } description "This container defines ISIS specific configuration objects."; } } augment "/rt:routing-state/rt:routing-instance/" Litkowski, et al. Expires April 27, 2015 [Page 57] Internet-Draft isis-cfg October 2014 +"rt:routing-protocols/rt:routing-protocol" { when "rt:type = 'isis:isis'" { description "This augment is only valid when routing protocol instance type is isis."; } description "This augments routing protocol instance states with ISIS specific parameters."; container isis { config false; container system-counters { list level { key level; leaf level { type level-number; description "This leaf describes the ISIS level."; } leaf corrupted-lsps { type uint32; description "Number of corrupted in-memory LSPs detected. LSPs received from the wire with a bad checksum are silently dropped and not counted. LSPs received from the wire with parse errors are counted by lsp-errors."; } leaf authentication-type-fails { type uint32; description "Number of authentication type mismatches."; } leaf authentication-fails { type uint32; description "Number of authentication key failures."; } leaf database-overload { type uint32; description "Number of times the database has become overloaded."; } leaf own-lsp-purge { type uint32; description Litkowski, et al. Expires April 27, 2015 [Page 58] Internet-Draft isis-cfg October 2014 "Number of times a zero-aged copy of the system's own LSP is received from some other node."; } leaf manual-address-drop-from-area { type uint32; description "Number of times a manual address has been dropped from the area."; } leaf max-sequence { type uint32; description "Number of times the system has attempted to exceed the maximum sequence number."; } leaf sequence-number-skipped { type uint32; description "Number of times a sequence number skip has occured."; } leaf id-len-mismatch { type uint32; description "Number of times a PDU is received with a different value for ID field length from that of the receiving system."; } leaf partition-changes { type uint32; description "Number of partition changes detected."; } leaf lsp-errors { type uint32; description "Number of LSPs with errors we have received."; } leaf spf-runs { type uint32; description "Number of times we ran SPF at this level."; } description "List of supported levels."; } Litkowski, et al. Expires April 27, 2015 [Page 59] Internet-Draft isis-cfg October 2014 description "The container defines a list of counters for the IS."; } container interface-counters { list interface { key interface; leaf interface { type string; description "This leaf describes the name of the interface."; } leaf adjacency-changes { type uint32; description "The number of times an adjacency state change has occured on this interface."; } leaf adjacency-number { type uint32; description "The number of adjacencies on this interface."; } leaf init-fails { type uint32; description "The number of times initialization of this interface has failed. This counts events such as PPP NCP failures. Failures to form an adjacency are counted by adjacency-rejects."; } leaf adjacency-rejects { type uint32; description "The number of times an adjacency has been rejected on this interface."; } leaf id-len-mismatch { type uint32; description "The number of times an IS-IS PDU with an ID field length different from that for this system has been received on this interface."; Litkowski, et al. Expires April 27, 2015 [Page 60] Internet-Draft isis-cfg October 2014 } leaf max-area-addresses-mismatch { type uint32; description "The number of times an IS-IS PDU with according max area address field differs from that for this system has been received on this interface."; } leaf authentication-type-fails { type uint32; description "Number of authentication type mismatches."; } leaf authentication-fails { type uint32; description "Number of authentication key failures."; } leaf lan-dis-changes { type uint32; description "The number of times the DIS has changed on this interface at this level. If the interface type is point to point, the count is zero."; } description "List of interfaces."; } description "The container defines a list of counters for interfaces."; } container packet-counters { list level { key level; leaf level { type level-number; description "This leaf describes the ISIS level."; } container iih { leaf in { type uint32; Litkowski, et al. Expires April 27, 2015 [Page 61] Internet-Draft isis-cfg October 2014 description "Received PDUs."; } leaf out { type uint32; description "Sent PDUs."; } description "The number of IIH PDUs received/sent."; } container ish { leaf in { type uint32; description "Received PDUs."; } leaf out { type uint32; description "Sent PDUs."; } description "The number of ISH PDUs received/sent."; } container esh { leaf in { type uint32; description "Received PDUs."; } leaf out { type uint32; description "Sent PDUs."; } description "The number of ESH PDUs received/sent."; } container lsp { leaf in { type uint32; description "Received PDUs."; } leaf out { type uint32; description Litkowski, et al. Expires April 27, 2015 [Page 62] Internet-Draft isis-cfg October 2014 "Sent PDUs."; } description "The number of LSP PDUs received/sent."; } container psnp { leaf in { type uint32; description "Received PDUs."; } leaf out { type uint32; description "Sent PDUs."; } description "The number of PSNP PDUs received/sent."; } container csnp { leaf in { type uint32; description "Received PDUs."; } leaf out { type uint32; description "Sent PDUs."; } description "The number of CSNP PDUs received/sent."; } container unknown { leaf in { type uint32; description "Received PDUs."; } leaf out { type uint32; description "Sent PDUs."; } description "The number of unknown PDUs received/sent."; } description Litkowski, et al. Expires April 27, 2015 [Page 63] Internet-Draft isis-cfg October 2014 "List of supported levels."; } description "The container defines a list of PDU counters."; } container interfaces { list interfaces { key interface; leaf interface { type string; description "This leaf describes the name of the interface."; } leaf circuit-id { type circuit-id; description "This leaf describes the circuit-id associated with the interface."; } leaf admin-state { type admin-state; description "This leaf describes the admin state of the interface."; } leaf oper-state { type oper-state; description "This leaf describes the operational state of the interface."; } leaf interface-type { type interface-type; description "Type of interface to be used."; } leaf level { type level; description "Level associated with the interface."; } leaf passive { type empty; description "The interface is included in LSP, but does not run ISIS protocol."; Litkowski, et al. Expires April 27, 2015 [Page 64] Internet-Draft isis-cfg October 2014 } leaf three-way-handshake { type empty; description "The interface uses 3-way handshake."; } description "List of interfaces."; } description "The container defines operational parameters of interfaces."; } container adjacencies { list adjacency { leaf interface { type string; description "This leaf describes the name of the interface."; } leaf level { type level; description "This leaf describes the associated ISIS level of the interface. "; } leaf neighbor-sysid { type system-id; description "The system-id of the neighbor"; } leaf neighbor-extended-circuit-id { type extended-circuit-id; description "Circuit ID of the neighbor"; } leaf neighbor-snpa { type snpa; description "SNPA of the neighbor"; } leaf neighbor-level { type level; description "The type of the neighboring system."; Litkowski, et al. Expires April 27, 2015 [Page 65] Internet-Draft isis-cfg October 2014 } leaf hold-timer { type uint16; description "The holding time in seconds for this adjacency. This value is based on received hello PDUs and the elapsed time since receipt."; } leaf neighbor-priority { type uint8 { range "0 .. 127"; } description "Priority of the neighboring IS for becoming the DIS."; } leaf lastuptime { type yang:timestamp; description "When the adjacency most recently entered state 'up', measured in hundredths of a second since the last reinitialization of the network management subsystem. The value is 0 if the adjacency has never been in state 'up'."; } leaf state { type enumeration { enum "Up" { description "This state describes that adjacency is established."; } enum "Down" { description "This state describes that adjacency is NOT established."; } enum "Init" { description "This state describes that adjacency is establishing."; } } description "This leaf describes the state of the Litkowski, et al. Expires April 27, 2015 [Page 66] Internet-Draft isis-cfg October 2014 interface."; } description "List of operational adjacencies."; } description "This container lists the adjacencies of the local node."; } container spf-log { list event { key id; leaf id { type uint32; description "This leaf defines the event identifier. This is a purely internal value."; } leaf spf-type { type enumeration { enum full { description "Computation done is a Full SPF."; } enum incremental { description "Computation done is an incremental SPF."; } enum route-only { description "Computation done is a reachability computation only."; } } description "This leaf describes the type of computation used."; } leaf level { type level-number; description "This leaf describes the level affected by the the computation."; } leaf spf-delay { Litkowski, et al. Expires April 27, 2015 [Page 67] Internet-Draft isis-cfg October 2014 type uint32; units "milliseconds"; description "This leaf describes the SPF delay that was used for this event."; } leaf schedule-timestamp { type yang:timestamp; description "This leaf describes the timestamp when the computation was scheduled."; } leaf start-timestamp { type yang:timestamp; description "This leaf describes the timestamp when the computation was started."; } leaf end-timestamp { type yang:timestamp; description "This leaf describes the timestamp when the computation was ended."; } list trigger-lsp { key "lsp"; leaf lsp { type lsp-id; description "This leaf describes the LSPID of the LSP."; } leaf sequence { type uint32; description "This leaf describes the sequence number of the LSP."; } description "This leaf describes list of LSPs that triggered the computation."; } description "List of computation events."; } description "This container lists the SPF computation events."; Litkowski, et al. Expires April 27, 2015 [Page 68] Internet-Draft isis-cfg October 2014 } container lsp-log { list event { key id; leaf id { type uint32; description "This leaf defines the event identifier. This is a purely internal value."; } leaf level { type level-number; description "This leaf describes the level affected by the the computation."; } container lsp { leaf lsp { type lsp-id; description "This leaf describes the LSPID of the LSP."; } leaf sequence { type uint32; description "This leaf describes the sequence number of the LSP."; } description "This container describes the received LSP , in case of local LSP update the local LSP ID is referenced."; } leaf received-timestamp { type yang:timestamp; description "This leaf describes the timestamp when the LSP was received. In case of local LSP update, the timestamp refers to the local LSP update time."; } description Litkowski, et al. Expires April 27, 2015 [Page 69] Internet-Draft isis-cfg October 2014 "List of LSP events."; } description "This container lists the LSP reception events. Local LSP modification are also contained in the list."; } container database { list level-db { key level; leaf level { type level-number; description "Current level number"; } list lsp { key lsp-id; uses database; description "List of LSPs in LSDB."; } description "This container describes the list of LSPs in the level x database."; } description "This container describes ISIS Link State databases."; } container hostnames { list hostname { key system-id; leaf system-id { type system-id; description "This leaf describes the system-id associated with the hostname."; } leaf hostname { type string; description Litkowski, et al. Expires April 27, 2015 [Page 70] Internet-Draft isis-cfg October 2014 "This leaf describes the hostname associated with the system ID."; } description "List of system-id/hostname associations"; } description "This container describes the list of binding between system-id and hostnames."; } description "This container defines various ISIS states objects."; } } /* RPC methods */ rpc clear-adjacency { description "This RPC request clears a particular set of ISIS adjacencies. If the operation fails for ISIS internal reason, then error-tag and error-app-tag should be set to a meaningful value."; input { leaf routing-instance-name { type rt:routing-instance-state-ref; mandatory "true"; description "Name of the routing instance whose ISIS information is being queried. If the routing instance with name equal to the value of this parameter doesn't exist, then this operation SHALL fail with error-tag 'data-missing' and error-app-tag 'routing-instance-not-found'."; } leaf routing-protocol-instance-name { type instance-state-ref; mandatory "true"; description "Name of the ISIS protocol instance whose ISIS information is being queried. Litkowski, et al. Expires April 27, 2015 [Page 71] Internet-Draft isis-cfg October 2014 If the ISIS instance with name equal to the value of this parameter doesn't exist, then this operation SHALL fail with error-tag 'data-missing' and error-app-tag 'routing-protocol-instance-not-found'."; } leaf level { type level; description "ISIS level of the adjacency to be cleared. If ISIS level is level-1-2, both level 1 and level 2 adjacencies would be cleared. If the value provided is different from the one authorized in the enum type, then this operation SHALL fail with error-tag 'data-missing' and error-app-tag 'bad-isis-level'. "; } leaf interface { type string; description "Name of the ISIS interface. If the ISIS interface with name equal to the value of this parameter doesn't exist, then this operation SHALL fail with error-tag 'data-missing' and error-app-tag 'isis-interface-not-found'."; } } } rpc clear-database { description "This RPC request clears a particular ISIS database. If the operation fails for ISIS internal reason, then error-tag and error-app-tag should be set to a meaningful value."; input { leaf routing-instance-name { type rt:routing-instance-state-ref; mandatory "true"; description "Name of the routing instance whose ISIS information is being queried. Litkowski, et al. Expires April 27, 2015 [Page 72] Internet-Draft isis-cfg October 2014 If the routing instance with name equal to the value of this parameter doesn't exist, then this operation SHALL fail with error-tag 'data-missing' and error-app-tag 'routing-instance-not-found'."; } leaf routing-protocol-instance-name { type instance-state-ref; mandatory "true"; description "Name of the ISIS protocol instance whose ISIS information is being queried. If the ISIS instance with name equal to the value of this parameter doesn't exist, then this operation SHALL fail with error-tag 'data-missing' and error-app-tag 'routing-protocol-instance-not-found'."; } leaf level { type level; description "ISIS level of the adjacency to be cleared. If ISIS level is level-1-2, both level 1 and level 2 adjacencies would be cleared. If the value provided is different from the one authorized in the enum type, then this operation SHALL fail with error-tag 'data-missing' and error-app-tag 'bad-isis-level'. "; } } } /* Notifications */ notification database-overload { uses notification-instance-hdr; leaf overload { type enumeration { enum "off" { Litkowski, et al. Expires April 27, 2015 [Page 73] Internet-Draft isis-cfg October 2014 description "The system has left overload condition."; } enum "on" { description "The system is in overload condition."; } } description "Describes the new overload state of the instance."; } description "This notification is sent when an ISIS instance overload condition changes."; } notification lsp-too-large { uses notification-instance-hdr; uses notification-interface-hdr; leaf pdu-size { type uint32; description "Size of the PDU"; } leaf lsp-id { type lsp-id; description "LSP ID."; } description "This notification is sent when we attempt to propagate an LSP that is larger than the dataLinkBlockSize for the circuit. The notification generation must be throttled with at least a 5 second gap. "; } notification corrupted-lsp-detected { uses notification-instance-hdr; leaf lsp-id { type lsp-id; description "LSP ID."; } description Litkowski, et al. Expires April 27, 2015 [Page 74] Internet-Draft isis-cfg October 2014 "This notification is sent when we find that an LSP that was stored in memory has become corrupted. "; } notification attempt-to-exceed-max-sequence { uses notification-instance-hdr; leaf lsp-id { type lsp-id; description "LSP ID."; } description "This notification is sent when the system wraps the 32-bit sequence counter of an LSP. "; } notification id-len-mismatch { uses notification-instance-hdr; uses notification-interface-hdr; leaf pdu-field-len { type uint8; description "Size of the ID length in the received PDU"; } leaf raw-pdu { type binary; description "Received raw PDU."; } description "This notification is sent when we receive a PDU with a different value for the System ID length. The notification generation must be throttled with at least a 5 second gap. "; } notification max-area-addresses-mismatch { uses notification-instance-hdr; uses notification-interface-hdr; leaf max-area-addresses { type uint8; description Litkowski, et al. Expires April 27, 2015 [Page 75] Internet-Draft isis-cfg October 2014 "Received number of supported areas"; } leaf raw-pdu { type binary; description "Received raw PDU."; } description "This notification is sent when we receive a PDU with a different value for the Maximum Area Addresses. The notification generation must be throttled with at least a 5 second gap. "; } notification own-lsp-purge { uses notification-instance-hdr; uses notification-interface-hdr; leaf lsp-id { type lsp-id; description "LSP ID."; } description "This notification is sent when the system receives a PDU with its own system ID and zero age. "; } notification sequence-number-skipped { uses notification-instance-hdr; uses notification-interface-hdr; leaf lsp-id { type lsp-id; description "LSP ID."; } description "This notification is sent when the system receives a PDU with its own system ID and different contents. The system has to reissue the LSP with a higher sequence number. "; } notification authentication-type-failure { uses notification-instance-hdr; uses notification-interface-hdr; Litkowski, et al. Expires April 27, 2015 [Page 76] Internet-Draft isis-cfg October 2014 leaf raw-pdu { type binary; description "Received raw PDU."; } description "This notification is sent when the system receives a PDU with the wrong authentication type field. The notification generation must be throttled with at least a 5 second gap. "; } notification authentication-failure { uses notification-instance-hdr; uses notification-interface-hdr; leaf raw-pdu { type binary; description "Received raw PDU."; } description "This notification is sent when the system receives a PDU with the wrong authentication information. The notification generation must be throttled with at least a 5 second gap. "; } notification version-skew { uses notification-instance-hdr; uses notification-interface-hdr; leaf protocol-version { type uint8; description "Protocol version received in the PDU."; } leaf raw-pdu { type binary; description "Received raw PDU."; } description "This notification is sent when the system receives a PDU with a different protocol version number. Litkowski, et al. Expires April 27, 2015 [Page 77] Internet-Draft isis-cfg October 2014 The notification generation must be throttled with at least a 5 second gap. "; } notification area-mismatch { uses notification-instance-hdr; uses notification-interface-hdr; leaf raw-pdu { type binary; description "Received raw PDU."; } description "This notification is sent when the system receives a Hello PDU from an IS that does not share any area address. The notification generation must be throttled with at least a 5 second gap. "; } notification rejected-adjacency { uses notification-instance-hdr; uses notification-interface-hdr; leaf raw-pdu { type binary; description "Received raw PDU."; } leaf reason { type string; description "The system may provide a reason to reject the adjacency. If the reason is not available, the system use an empty string."; } description "This notification is sent when the system receives a Hello PDU from an IS but does not establish an adjacency for some reason. The notification generation must be throttled with at least a 5 second gap. "; } notification protocols-supported-mismatch { Litkowski, et al. Expires April 27, 2015 [Page 78] Internet-Draft isis-cfg October 2014 uses notification-instance-hdr; uses notification-interface-hdr; leaf raw-pdu { type binary; description "Received raw PDU."; } leaf-list protocols { type uint8; description "The list of protocols supported by the remote system."; } description "This notification is sent when the system receives a non pseudonode LSP that has no matching protocol supported. The notification generation must be throttled with at least a 5 second gap. "; } notification lsp-error-detected { uses notification-instance-hdr; uses notification-interface-hdr; leaf lsp-id { type lsp-id; description "LSP ID."; } leaf raw-pdu { type binary; description "Received raw PDU."; } leaf error-offset { type uint32; description "If the problem is a malformed TLV, the error-offset points to the start of the TLV. If the problem is with the LSP header, the error-offset points to the suspicious byte"; } leaf tlv-type { type uint8; description "if the problem is a malformed TLV, the tlv-type is set to the type value of the suspicious TLV. Litkowski, et al. Expires April 27, 2015 [Page 79] Internet-Draft isis-cfg October 2014 Otherwise this leaf is not present."; } description "This notification is sent when the system receives a LSP with a parse error. The notification generation must be throttled with at least a 5 second gap. "; } notification adjacency-change { uses notification-instance-hdr; uses notification-interface-hdr; leaf neighbor { type string; description "Describes the name of the neighbor. If the name of the neighbor is not available, the field would be empty."; } leaf neighbor-system-id { type system-id; description "Describes the system-id of the neighbor."; } leaf level { type level; description "Describes the ISIS level of the adjacency."; } leaf state { type enumeration { enum "Up" { description "This state describes that adjacency is established."; } enum "Down" { description "This state describes that adjacency is no more established."; } } description "This leaf describes the new state of the ISIS adjacency."; } leaf reason { Litkowski, et al. Expires April 27, 2015 [Page 80] Internet-Draft isis-cfg October 2014 type string; description "If the adjacency is going to DOWN, this leaf provides a reason for the adjacency going down. The reason is provided as a text. If the adjacency is going to UP, no reason is provided."; } description "This notification is sent when an ISIS adjacency moves to Up state or to Down state."; } notification lsp-received { uses notification-instance-hdr; uses notification-interface-hdr; leaf lsp-id { type lsp-id; description "LSP ID."; } leaf sequence { type uint32; description "Sequence number of the received LSP."; } leaf received-timestamp { type yang:timestamp; description "This leaf describes the timestamp when the LSP was received. "; } leaf neighbor-system-id { type system-id; description "Describes the system-id of the neighbor that sent the LSP."; } description "This notification is sent when a LSP is received. The notification generation must be throttled with at least a 5 second gap. "; } notification lsp-generation { Litkowski, et al. Expires April 27, 2015 [Page 81] Internet-Draft isis-cfg October 2014 uses notification-instance-hdr; leaf lsp-id { type lsp-id; description "LSP ID."; } leaf sequence { type uint32; description "Sequence number of the received LSP."; } leaf send-timestamp { type yang:timestamp; description "This leaf describes the timestamp when our LSP was regenerated. "; } description "This notification is sent when a LSP is regenerated. The notification generation must be throttled with at least a 5 second gap. "; } } <CODE ENDS> 7. Security Considerations Configuration and state data defined in this document are designed to be accessed via the NETCONF protocol [RFC6241]. As ISIS is an IGP protocol (critical piece of the network), ensuring stability and security of the protocol is mandatory for the network service. Authors recommends to implement NETCONF access control model ([RFC6536]) to restrict access to all or part of the configuration to specific users. Access control to RPCs is also critical as RPC permits to clear protocol datastructures that would definitively impact the network service. This kind of RPC needs only to be used in specific cases by well-known experienced users. Authors consider that all the configuration is considered as sensitive/vulnerable as well as RPCs. But security teams can decide Litkowski, et al. Expires April 27, 2015 [Page 82] Internet-Draft isis-cfg October 2014 to open some part of the configuration to less experienced users depending on the internal organization, for example: o User FullWrite: would access to the whole data model. This kind of profile may be restricted to few experienced people. o User PartialWrite: would only access to configuration part within /isis/interfaces/interface. So this kind of profile is restricted to creation/modification/deletion of interfaces. This profile does not have access to RPC. o User Read: would only access to state part /isis-state. Unauthorized access to configuration or RPC may cause high damages to the network service. The /isis-state/database may contain authentication information. As presented in the description of the /isis-state/database/level- 1/lsp/authentication/authentication-key, the authentication MUST never be presented in plaintext format for security reason. Authors recommends the usage of MD5 to present the authentication-key. Some authentication-key may also be present in the /isis configuration. When configuring ISIS using the NETCONF protocol, authors recommends the usage of secure transport of NETCONF using SSH ([RFC6242]). 8. Contributors Authors would like to thank Kiran Agrahara Sreenivasa, Dean Bogdanovic, Yingzhen Qu, Yi Yang for their major contributions to the draft. 9. Acknowledgements TBD. 10. IANA Considerations TBD. 11. Normative References [I-D.ietf-netmod-routing-cfg] Lhotka, L., "A YANG Data Model for Routing Management", draft-ietf-netmod-routing-cfg-15 (work in progress), May 2014. Litkowski, et al. Expires April 27, 2015 [Page 83] Internet-Draft isis-cfg October 2014 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC6020] Bjorklund, M., "YANG - A Data Modeling Language for the Network Configuration Protocol (NETCONF)", RFC 6020, October 2010. [RFC6241] Enns, R., Bjorklund, M., Schoenwaelder, J., and A. Bierman, "Network Configuration Protocol (NETCONF)", RFC 6241, June 2011. [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure Shell (SSH)", RFC 6242, June 2011. [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration Protocol (NETCONF) Access Control Model", RFC 6536, March 2012. Appendix A. Example: NETCONF <get> Reply This section gives an example of a reply to the NETCONF <get> request for a device that implements the data model defined in this document. The example is written in XML. <?xml version="1.0" encoding="utf-8"?> <data xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <routing xmlns="urn:ietf:params:xml:ns:yang:ietf-routing"> <routing-instance> <name>SLI</name> <router-id>1.1.1.1</router-id> <description/> <default-ribs> <default-rib> <address-family>ipv4-unicast</address-family> <rib-name>default</rib-name> </default-rib> </default-ribs> <interfaces> <interface> <name>Loopback0</name> </interface> <interface> <name>Eth1</name> </interface> </interfaces> <routing-protocols> <routing-protocol> <name>ISIS</name> Litkowski, et al. Expires April 27, 2015 [Page 84] Internet-Draft isis-cfg October 2014 <description/> <type>isis:isis</type> <connected-ribs> <connected-rib> <rib-name>default</rib-name> <import-filter/> <export-filter/> </connected-rib> </connected-ribs> <isis xmlns="urn:ietf:params:xml:ns:yang:ietf-isis"> <instance> <routing-instance>SLI</routing-instance> <level-type>level-2</level-type> <system-id>87FC.FCDF.4432</system-id> <area-address>49.0001</area-address> <mpls-te> <ipv4-router-id>1.1.1.1</ipv4-router-id> </mpls-te> <lsp-lifetime>65535</lsp-lifetime> <lsp-refresh>65000</lsp-refresh> <authentication> <key>ThisIsThePassword</key> <type>plain-text</type> <level>level-2</level> </authentication> <metric-type> <value>wide</value> </metric-type> <default-metric> <value>111111</value> </default-metric> <af> <af>ipv4-unicast</af> <enabled>true</enabled> </af> <interfaces> <interface> <name>Loopback0</name> <tag>200</tag> <metric> <value>0</value> </metric> <passive>true</passive> </interface> <interface> <name>Eth1</name> <level-type>level-2</level-type> <interface-type>point-to-point</interface-type> Litkowski, et al. Expires April 27, 2015 [Page 85] Internet-Draft isis-cfg October 2014 <metric> <value>167890</value> </metric> </interface> </interfaces> </instance> </isis> </routing-protocol> </routing-protocols> </routing-instance> <ribs> <rib> <name>default</name> <address-family>ipv4-unicast</address-family> <description/> <recipient-ribs> <recipient-rib> <rib-name/> <filter/> </recipient-rib> </recipient-ribs> </rib> </ribs> <route-filters> <route-filter> <name/> <description/> <type/> </route-filter> </route-filters> </routing> <interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"> <interface> <name>Loopback0</name> <description/> <type/> <link-up-down-trap-enable/> <ipv4 xmlns="urn:ietf:params:xml:ns:yang:ietf-ip"> <mtu/> <address> <ip>1.1.1.1</ip> <prefix-length>32</prefix-length> </address> </ipv4> </interface> <interface> Litkowski, et al. Expires April 27, 2015 [Page 86] Internet-Draft isis-cfg October 2014 <name>Eth1</name> <description/> <type/> <link-up-down-trap-enable/> <ipv4 xmlns="urn:ietf:params:xml:ns:yang:ietf-ip"> <mtu/> <address> <ip>10.0.0.1</ip> <prefix-length>30</prefix-length> </address> </ipv4> </interface> </interfaces> </data> Authors' Addresses Stephane Litkowski Orange Email: stephane.litkowski@orange.com Derek Yeung Cisco Systems Email: myeung@cisco.com Acee Lindem Cisco Systems Email: acee@cisco.com Jeffrey Zhang Juniper Networks Email: zzhang@juniper.net Ladislav Lhotka Email: lhotka@nic.cz Litkowski, et al. Expires April 27, 2015 [Page 87]