-
Notifications
You must be signed in to change notification settings - Fork 1.2k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Cronjob - daily check of IETF modules.
- Loading branch information
Miroslav Kovac
committed
Jun 30, 2023
1 parent
43bfe7f
commit 036d25a
Showing
11 changed files
with
374 additions
and
64 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
237 changes: 237 additions & 0 deletions
237
experimental/ietf-extracted-YANG-modules/[email protected]
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,237 @@ | ||
module ietf-bgp-sec { | ||
yang-version "1.1"; | ||
namespace "urn:ietf:params:xml:ns:yang:" | ||
+ "ietf-bgp-sec"; | ||
prefix "oav"; | ||
|
||
import ietf-routing { | ||
prefix "rt"; | ||
reference | ||
"RFC 8349, A YANG Data Model for Routing Management | ||
(NMDA Version)."; | ||
} | ||
|
||
import ietf-bgp { | ||
prefix "bgp"; | ||
reference | ||
"RFC XXXX: BGP YANG Model for Service Provider Networks"; | ||
} | ||
|
||
import iana-bgp-types { | ||
prefix "bt"; | ||
reference | ||
"RFC XXXX: BGP YANG Model for Service Provider Networks"; | ||
} | ||
|
||
organization | ||
"IETF SIDROPS Working Group"; | ||
|
||
contact | ||
"TBD"; | ||
|
||
description | ||
"This module describes configuration of BGPsec. | ||
This YANG model conforms to the Network Management | ||
Datastore Architecture (NMDA) as described in RFC 8342. | ||
Copyright (c) 2022 IETF Trust and the persons identified as | ||
authors of the code. All rights reserved. | ||
Redistribution and use in source and binary forms, with or | ||
without modification, is permitted pursuant to, and subject to | ||
the license terms contained in, the Revised BSD License set | ||
forth in Section 4.c of the IETF Trust's Legal Provisions | ||
Relating to IETF Documents | ||
(https://trustee.ietf.org/license-info). | ||
This version of this YANG module is part of RFC XXXX; | ||
see the RFC itself for full legal notices. | ||
The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL | ||
NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', | ||
'MAY', and 'OPTIONAL' in this document are to be interpreted as | ||
described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, | ||
they appear in all capitals, as shown here."; | ||
|
||
reference "RFC XXXX"; | ||
|
||
revision 2022-10-18 { | ||
description | ||
"Initial Version"; | ||
reference | ||
"RFC XXXX, YANG Data Model for BGPSec"; | ||
} | ||
|
||
identity ineligible-bgp { | ||
base bgp:ineligible-route-reason; | ||
description | ||
"Route was ineligible due to bgpsec"; | ||
} | ||
|
||
typedef bgpsec-validity-state { | ||
type enumeration { | ||
enum valid { | ||
description | ||
"The BGPsec UPDATE message is valid."; | ||
} | ||
enum invalid { | ||
description | ||
"The BGPsec UPDATE message is invalid."; | ||
} | ||
enum disabled { | ||
description | ||
"BGPsec validation is not enabled."; | ||
} | ||
} | ||
description | ||
"BGPsec validation state of BGP routes."; | ||
reference | ||
"RFC 8205, BGPsec Protocol Specification."; | ||
} | ||
grouping bgpsec-validation-config { | ||
description | ||
"BGPsec validation of BGP prefix."; | ||
container bgpsec-validation { | ||
leaf enabled { | ||
type boolean; | ||
default "false"; | ||
description | ||
"Whether BGPsec validation of BGP prefix is enabled."; | ||
} | ||
description | ||
"BGPsec validation of BGP prefix."; | ||
} | ||
} | ||
|
||
grouping bgpsec-selection-option { | ||
description | ||
"BGPsec option for BGP route selection."; | ||
container bgpsec { | ||
leaf enabled { | ||
type boolean; | ||
default "false"; | ||
description | ||
"When enabled allows the BGPsec validity states to be | ||
taken into consideration in the best-path calculation."; | ||
} | ||
leaf allow-invalid { | ||
type boolean; | ||
default "false"; | ||
description | ||
"When enabled allows the route with 'invalid' BGPsec | ||
to be taken into consideration in the best-path | ||
calculation."; | ||
} | ||
description | ||
"BGPsec option for BGP route selection."; | ||
} | ||
} | ||
|
||
grouping export-bgpsec-validation-config { | ||
description | ||
"Export BGPsec validation of BGP prefix."; | ||
container export-bgpsec-validation { | ||
leaf enabled { | ||
type boolean; | ||
default "false"; | ||
description | ||
"When enabled allows the BGPsec validity states to be | ||
taken into consideration in BGP export."; | ||
} | ||
description | ||
"Export BGPsec validation of BGP prefix."; | ||
} | ||
} | ||
|
||
augment "/rt:routing/rt:control-plane-protocols" | ||
+ "/rt:control-plane-protocol/bgp:bgp/bgp:global" | ||
+ "/bgp:afi-safis/bgp:afi-safi/bgp:ipv4-unicast" { | ||
description | ||
"BGPSec augmentation of BGP IPv4 Unicast Address Family."; | ||
uses bgpsec-validation-config; | ||
} | ||
|
||
augment "/rt:routing/rt:control-plane-protocols" | ||
+ "/rt:control-plane-protocol/bgp:bgp/bgp:global" | ||
+ "/bgp:afi-safis/bgp:afi-safi/bgp:ipv6-unicast" { | ||
description | ||
" BGPSec augmentation of BGP IPv6 Unicast Address Family."; | ||
uses bgpsec-validation-config; | ||
} | ||
|
||
augment "/rt:routing/rt:control-plane-protocols" | ||
+ "/rt:control-plane-protocol/bgp:bgp/bgp:rib" | ||
+ "/bgp:afi-safis/bgp:afi-safi/bgp:ipv4-unicast" | ||
+ "/bgp:loc-rib/bgp:routes/bgp:route" { | ||
description | ||
" BGPSec augmentation of BGP IPv4 Unicast route."; | ||
leaf bgpsec-validity { | ||
type bgpsec-validity-state; | ||
description | ||
"BGPsec validity of BGP IPv4 Unicast prefix"; | ||
} | ||
} | ||
|
||
augment "/rt:routing/rt:control-plane-protocols" | ||
+ "/rt:control-plane-protocol/bgp:bgp/bgp:rib" | ||
+ "/bgp:afi-safis/bgp:afi-safi/bgp:ipv6-unicast" | ||
+ "/bgp:loc-rib/bgp:routes/bgp:route" { | ||
description | ||
"BGPSec augmentation of BGP IPv6 Unicast route."; | ||
leaf bgpsec-validity { | ||
type bgpsec-validity-state; | ||
description | ||
"BGPsec validity of BGP IPv6 Unicast prefix"; | ||
} | ||
} | ||
augment "/rt:routing/rt:control-plane-protocols" | ||
+ "/rt:control-plane-protocol/bgp:bgp/bgp:global" | ||
+ "/bgp:afi-safis/bgp:afi-safi" | ||
+ "/bgp:route-selection-options" { | ||
when "derived-from-or-self(../bgp:name, 'bt:ipv4-unicast') or " | ||
+ "derived-from-or-self(../bgp:name, 'bt:ipv6-unicast')" { | ||
description | ||
"This augmentation is valid for IPv4 and IPv6 Unicast."; | ||
} | ||
description | ||
"augmentation of BGP route selection options"; | ||
uses bgpsec-selection-option; | ||
} | ||
|
||
augment "/rt:routing/rt:control-plane-protocols" | ||
+ "/rt:control-plane-protocol/bgp:bgp/bgp:neighbors" | ||
+ "/bgp:neighbor/bgp:afi-safis/bgp:afi-safi" | ||
+ "/bgp:ipv4-unicast" { | ||
description | ||
"augmentation of BGPSec for IPv4 Unicast neighbor"; | ||
uses export-bgpsec-validation-config; | ||
} | ||
|
||
augment "/rt:routing/rt:control-plane-protocols" | ||
+ "/rt:control-plane-protocol/bgp:bgp/bgp:neighbors" | ||
+ "/bgp:neighbor/bgp:afi-safis/bgp:afi-safi" | ||
+ "/bgp:ipv6-unicast" { | ||
description | ||
"augmentation of BGPSec for IPv6 Unicast neighbor"; | ||
uses export-bgpsec-validation-config; | ||
} | ||
|
||
augment "/rt:routing/rt:control-plane-protocols" | ||
+ "/rt:control-plane-protocol/bgp:bgp/bgp:peer-groups" | ||
+ "/bgp:peer-group/bgp:afi-safis/bgp:afi-safi" | ||
+ "/bgp:ipv4-unicast" { | ||
description | ||
"augmentation of BGPSec for IPv4 Unicast peer group"; | ||
uses export-bgpsec-validation-config; | ||
} | ||
|
||
augment "/rt:routing/rt:control-plane-protocols" | ||
+ "/rt:control-plane-protocol/bgp:bgp/bgp:peer-groups" | ||
+ "/bgp:peer-group/bgp:afi-safis/bgp:afi-safi" | ||
+ "/bgp:ipv6-unicast" { | ||
description | ||
"augmentation of BGPSec for IPv6 Unicast peer group"; | ||
uses export-bgpsec-validation-config; | ||
} | ||
} |
Oops, something went wrong.