YANG Data Model for L3VPN Service Delivery
draft-wu-l3sm-rfc8049bis-02
The information below is for an old version of the document.
Document | Type |
This is an older version of an Internet-Draft that was ultimately published as RFC 8299.
|
|
---|---|---|---|
Authors | Qin Wu , Stephane Litkowski , Luis Tomotaki , Kenichi Ogaki | ||
Last updated | 2017-08-09 | ||
RFC stream | (None) | ||
Formats | |||
Reviews |
GENART Last Call review
(of
-07)
by Jari Arkko
Ready w/issues
|
||
Additional resources | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Became RFC 8299 (Proposed Standard) | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
draft-wu-l3sm-rfc8049bis-02
gt; 10. Security Considerations The YANG module defined in this document MAY be accessed via the RESTCONF protocol [RFC8040] or the NETCONF protocol [RFC6241]. The lowest RESTCONF or NETCONF layer requires that the transport-layer protocol provide both data integrity and confidentiality; see Section 2 in [RFC8040] and Section 2 in [RFC6241]. The client MUST carefully examine the certificate presented by the server to determine if it meets the client's expectations, and the server MUST authenticate client access to any protected resource. The client identity derived from the authentication mechanism used is subject to the NETCONF Access Control Model (NACM) [RFC6536]. Other protocols that are used to access this YANG module are also required to support similar security mechanisms. The data nodes defined in the "ietf-l3vpn-svc" YANG module MUST be carefully created, read, updated, or deleted as appropriate. The entries in the lists below include customer-proprietary or confidential information; therefore, access to confidential information MUST be limited to authorized clients, and other clients MUST NOT be permitted to access the information. o /l3vpn-svc/vpn-services/vpn-service o /l3vpn-svc/sites/site Wu, et al. Expires February 10, 2018 [Page 177] Internet-Draft YANG Data Model for L3VPN Service Delivery August 2017 The data model proposes some security parameters than can be extended via augmentation as part of the customer service request; those parameters are described in Section 6.9. 11. IANA Considerations IANA has assigned a new URI from the "IETF XML Registry" [RFC3688]. URI: urn:ietf:params:xml:ns:yang:ietf-l3vpn-svc Registrant Contact: The IESG XML: N/A; the requested URI is an XML namespace. This document adds a new YANG module name in the "YANG Module Names" registry [RFC7950]: Name: ietf-l3vpn-svc Namespace: urn:ietf:params:xml:ns:yang:ietf-l3vpn-svc Prefix: l3vpn-svc Reference: RFC 8049 12. References 12.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <http://www.rfc-editor.org/info/rfc2119>. [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, DOI 10.17487/RFC3688, January 2004, <http://www.rfc-editor.org/info/rfc3688>. [RFC4026] Andersson, L. and T. Madsen, "Provider Provisioned Virtual Private Network (VPN) Terminology", RFC 4026, DOI 10.17487/RFC4026, March 2005, <http://www.rfc-editor.org/info/rfc4026>. [RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February 2006, <http://www.rfc-editor.org/info/rfc4364>. [RFC4577] Rosen, E., Psenak, P., and P. Pillay-Esnault, "OSPF as the Provider/Customer Edge Protocol for BGP/MPLS IP Virtual Private Networks (VPNs)", RFC 4577, DOI 10.17487/RFC4577, June 2006, <http://www.rfc-editor.org/info/rfc4577>. Wu, et al. Expires February 10, 2018 [Page 178] Internet-Draft YANG Data Model for L3VPN Service Delivery August 2017 [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless Address Autoconfiguration", RFC 4862, DOI 10.17487/RFC4862, September 2007, <http://www.rfc-editor.org/info/rfc4862>. [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for the Network Configuration Protocol (NETCONF)", RFC 6020, DOI 10.17487/RFC6020, October 2010, <http://www.rfc-editor.org/info/rfc6020>. [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., and A. Bierman, Ed., "Network Configuration Protocol (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, <http://www.rfc-editor.org/info/rfc6241>. [RFC6513] Rosen, E., Ed. and R. Aggarwal, Ed., "Multicast in MPLS/ BGP IP VPNs", RFC 6513, DOI 10.17487/RFC6513, February 2012, <http://www.rfc-editor.org/info/rfc6513>. [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration Protocol (NETCONF) Access Control Model", RFC 6536, DOI 10.17487/RFC6536, March 2012, <http://www.rfc-editor.org/info/rfc6536>. [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", RFC 7950, DOI 10.17487/RFC7950, August 2016, <http://www.rfc-editor.org/info/rfc7950>. [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, <http://www.rfc-editor.org/info/rfc8040>. [RFC8049] Litkowski, S., Tomotaki, L., and K. Ogaki, "YANG Data Model for L3VPN Service Delivery", RFC 8049, DOI 10.17487/RFC8049, February 2017, <http://www.rfc-editor.org/info/rfc8049>. 12.2. Informative References [RFC4110] Callon, R. and M. Suzuki, "A Framework for Layer 3 Provider-Provisioned Virtual Private Networks (PPVPNs)", RFC 4110, DOI 10.17487/RFC4110, July 2005, <http://www.rfc-editor.org/info/rfc4110>. [RFC4760] Bates, T., Chandra, R., Katz, D., and Y. Rekhter, "Multiprotocol Extensions for BGP-4", RFC 4760, DOI 10.17487/RFC4760, January 2007, <http://www.rfc-editor.org/info/rfc4760>. Wu, et al. Expires February 10, 2018 [Page 179] Internet-Draft YANG Data Model for L3VPN Service Delivery August 2017 Appendix A. Acknowledgements Maxim Klyus, Luis Miguel Contreras, Gregory Mirsky, Zitao Wang, Jing Zhao, Kireeti Kompella, Eric Rosen, Aijun Wang,Michael Scharf, Xufeng Liu, David Ball, Lucy Yong, Jean-Philippe Landry, and Andrew Leu provided useful review to this document. Jan Lindblad reviewed the first release of RFC8049 and found some bugs and His thorough YANG Doctor review on the YANG Model is valuable input to revision of RFC8049. David ball also provided a second review on published RFC8049. Many thanks to these people. Appendix B. Contributors The authors would like to thank Rob Shakir for his major contributions to the initial modeling and use cases. Adrian Farrel prepared the editorial revisions for this bis. Appendix C. Open Issues o The algorithm for encryption customer profile is still a string. However it is customer profile not provider profile. Authors' Addresses Qin Wu (editor) Huawei Technologies Email: bill.wu@huawei.com Stephane Litkowski Orange Business Services Email: stephane.litkowski@orange.com Luis Tomotaki Verizon Email: luis.tomotaki@verizon.com Wu, et al. Expires February 10, 2018 [Page 180] Internet-Draft YANG Data Model for L3VPN Service Delivery August 2017 Kenichi Ogaki KDDI Corporation Email: ke-oogaki@kddi.com Wu, et al. Expires February 10, 2018 [Page 181]