--- 1/draft-ietf-dhc-dhcpv6-yang-11.txt 2020-12-04 08:13:24.655775310 -0800 +++ 2/draft-ietf-dhc-dhcpv6-yang-12.txt 2020-12-04 08:13:24.819779471 -0800 @@ -1,30 +1,30 @@ DHC Working Group Y. Cui Internet-Draft L. Sun Intended status: Standards Track Tsinghua University -Expires: 19 December 2020 I.F. Farrer +Expires: 7 June 2021 I.F. Farrer S.Z. Zechlin Deutsche Telekom AG Z. He Tsinghua University M.N. Nowikowski Internet Systems Consortium - 17 June 2020 + 4 December 2020 YANG Data Model for DHCPv6 Configuration - draft-ietf-dhc-dhcpv6-yang-11 + draft-ietf-dhc-dhcpv6-yang-12 Abstract - This document describes several YANG data modules for the - configuration and management of DHCPv6 servers, relays, and clients. + This document describes YANG data modules for the configuration and + management of DHCPv6 servers, relays, and clients. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. Status of This Memo @@ -35,21 +35,21 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on 19 December 2020. + This Internet-Draft will expire on 7 June 2021. Copyright Notice Copyright (c) 2020 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights @@ -58,59 +58,62 @@ as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Scope . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.2. Extensibility of the DHCPv6 Server YANG Module . . . . . 3 1.2.1. DHCPv6 Option Definitions . . . . . . . . . . . . . . 4 1.3. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4 - 2. DHCPv6 Tree Diagrams . . . . . . . . . . . . . . . . . . . . 4 + 2. DHCPv6 Tree Diagrams . . . . . . . . . . . . . . . . . . . . 5 2.1. DHCPv6 Server Tree Diagram . . . . . . . . . . . . . . . 5 - 2.2. DHCPv6 Relay Tree Diagram . . . . . . . . . . . . . . . . 11 - 2.3. DHCPv6 Client Tree Diagram . . . . . . . . . . . . . . . 13 + 2.2. DHCPv6 Relay Tree Diagram . . . . . . . . . . . . . . . . 12 + 2.3. DHCPv6 Client Tree Diagram . . . . . . . . . . . . . . . 14 3. DHCPv6 YANG Modules . . . . . . . . . . . . . . . . . . . . . 17 3.1. DHCPv6 Server YANG Module . . . . . . . . . . . . . . . . 17 - 3.2. DHCPv6 Relay YANG Module . . . . . . . . . . . . . . . . 29 - 3.3. DHCPv6 Client YANG Module . . . . . . . . . . . . . . . . 36 - 3.4. DHCPv6 RFC8415 Options YANG Module . . . . . . . . . . . 46 - 3.5. DHCPv6 Common YANG Module . . . . . . . . . . . . . . . . 55 - 4. Security Considerations . . . . . . . . . . . . . . . . . . . 59 - 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 60 - 6. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 61 - 7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 61 - 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 61 - 8.1. Normative References . . . . . . . . . . . . . . . . . . 61 - 8.2. Informative References . . . . . . . . . . . . . . . . . 63 + 3.2. DHCPv6 Relay YANG Module . . . . . . . . . . . . . . . . 31 + 3.3. DHCPv6 Client YANG Module . . . . . . . . . . . . . . . . 40 + 3.4. RFC8415 Server Options YANG Module . . . . . . . . . . . 49 + 3.5. RFC8415 Relay Options YANG Module . . . . . . . . . . . . 56 + 3.6. RFC8415 Client Options YANG Module . . . . . . . . . . . 62 + 3.7. DHCPv6 Common YANG Module . . . . . . . . . . . . . . . . 67 + 4. Security Considerations . . . . . . . . . . . . . . . . . . . 71 + 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 72 + 6. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 73 + 7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 74 + 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 74 + 8.1. Normative References . . . . . . . . . . . . . . . . . . 74 + 8.2. Informative References . . . . . . . . . . . . . . . . . 76 Appendix A. Example of Augmenting Additional DHCPv6 Option - Definitions . . . . . . . . . . . . . . . . . . . . . . . 63 + Definitions . . . . . . . . . . . . . . . . . . . . . . . 76 Appendix B. Example Vendor Specific Server Configuration - Module . . . . . . . . . . . . . . . . . . . . . . . . . 66 + Module . . . . . . . . . . . . . . . . . . . . . . . . . 79 Appendix C. Example definition of class selector - configuration . . . . . . . . . . . . . . . . . . . . . . 71 - Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 77 + configuration . . . . . . . . . . . . . . . . . . . . . . 85 + Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 91 1. Introduction DHCPv6 [RFC8415] is widely used for supplying configuration and other relevant parameters to clients in IPv6 networks. This document - defines DHCPv6 YANG modules for the configuration and management of - DHCPv6 servers, relays and clients. Separate 'element' modules for - each of these. + defines YANG modules for the configuration and management of DHCPv6 + servers, relays and clients. Separate 'element' modules are defined + for each of these. There is an additional module per-element + defining DHCP options which are relevant for that element (taken from + the options defined in [RFC8415]. Additionally, a 'common' module contains typedefs and groupings used - by the element modules. A further module contains an initial set of - DHCPv6 option definitions. + by all of the element modules. It is worth noting that as DHCPv6 is itself a client configuration - protocol, it is not the intention of this document to describe a + protocol, it is not the intention of this document to provide a replacement for the allocation of DHCPv6 assigned addressing and parameters by using NETCONF/YANG. The DHCPv6 client module is intended for the configuration and monitoring of the DHCPv6 client function and does not play a part in the normal DHCPv6 message flow. 1.1. Scope [RFC8415] describes the current version of the DHCPv6 base protocol specification. A large number of additional specifications have also been published, extending DHCPv6 element functionality and adding new @@ -127,70 +130,82 @@ behavior and do not cover the configuration and management of functionality relevant for specific server implementations. The level of variance between implementations is too great to attempt to standardize in a way that is useful without being restrictive. However, it is recognized that implementation specific configuration and management is also an essential part of DHCP deployment and operations. To resolve this, Appendix B contains an example YANG module for the configuration of implementation specific functions, illustrating how this functionality can be augmented into the main - ietf-dhcpv6-server.yang module. + 'ietf-dhcpv6-server.yang' module. In DHCPv6 the concept of 'class selection' for messages received by the server is common. This is the identification and classification of messages based on a number of parameters so that the correct provisioning information can be supplied. For example, allocating a prefix from the correct pool, or supplying a set of options relevant for a specific vendor's client implementation. During the development of this document, research has been carried out into a number of vendor's class selection implementations and the findings were that while this function is common to all, the method for - implementing this differs greatly. Therefore, configuration of the - class selection function has been omitted from the DHCPv6 server - module to allow implementors to define their own suitable YANG - module. Appendix C provides an example of this, to demonstrate how - this is can be integrated with the main "ietf-dhcpv6-server.yang" - module. + configuring and implementing this function differs greatly. + Therefore, configuration of the class selection function has been + omitted from the DHCPv6 server module to allow implementors to define + their own suitable YANG module. Appendix C provides an example of + this, to demonstrate how this is can be integrated with the main + 'ietf-dhcpv6-server.yang' module. 1.2.1. DHCPv6 Option Definitions A large number of DHCPv6 options have been created in addition to those defined in [RFC8415]. As implementations differ widely in which DHCPv6 options that they support, the following approach has - been taken to defining options: Only the relevant set of DHCPv6 - options defined in [RFC8415] are included in this document. Further - options definitions can be added by additional YANG modules via - augmentation into the relevant element modules from this document. - Appendix A contains an example module showing how the DHCPv6 option - definitions can be extended in this manner and provides guidance on - writing YANG modules for DHCPv6 options. + been taken to defining options: Only the DHCPv6 options defined in + [RFC8415] are included in this document. + + Of these, only the options that require operator configuration are + modelled. E.g. OPTION_IA_NA (3) is created by the DHCP server when + requested by the client. The contents of the fields in the option + are based on a number of input configuration parameters which the + server will apply when it receives the request (e.g., the T1/T2 + timers that are relevant for the pool of addresses). As a result, + there are no fields that are directly configurable in the option, so + it is not modelled. + + Further options definitions can be added by additional YANG modules + via augmentation into the relevant element modules from this + document. Appendix A contains an example module showing how the + DHCPv6 option definitions can be extended in this manner. Some + guidance on how to write YANG modules for additional DHCPv6 options + is also provided. 1.3. Terminology The reader should be familiar with the YANG data modelling language defined in [RFC7950]. The YANG modules in this document adopt the Network Management Datastore Architecture (NMDA) [RFC8342]. The meanings of the symbols used in tree diagrams are defined in [RFC8340]. - The reader should be familiar with the terms defined in DHCPv6 - [RFC8415] and other relevant documents. + The reader should be familiar with DHCPv6 relevant terminology as + defined in [RFC8415] and other relevant documents. 2. DHCPv6 Tree Diagrams + 2.1. DHCPv6 Server Tree Diagram The tree diagram in Figure 1 provides an overview of the DHCPv6 server module. The tree also includes the augmentations of the relevant option definitions from Section 3.4 and the common functions - module Section 3.5. + module Section 3.7. module: ietf-dhcpv6-server +--rw dhcpv6-node-type? identityref +--rw dhcpv6-server +--rw server-duid | +--rw type-code? uint16 | +--rw (duid-type)? | | +--:(duid-llt) | | | +--rw duid-llt-hardware-type? uint16 | | | +--rw duid-llt-time? yang:timeticks @@ -208,70 +223,71 @@ | | +--:(duid-unstructured) | | +--rw data? binary | +--ro active-duid? binary +--rw vendor-config +--rw option-sets | +--rw option-set* [option-set-id] | +--rw option-set-id | | uint32 | +--rw description? | | string - | +--rw rfc8415:preference-option - | | +--rw rfc8415:pref-value? uint8 - | +--rw rfc8415:auth-option - | | +--rw rfc8415:protocol? uint8 - | | +--rw rfc8415:algorithm? uint8 - | | +--rw rfc8415:rdm? uint8 - | | +--rw rfc8415:replay-detection? uint64 - | | +--rw rfc8415:auth-information? string - | +--rw rfc8415:server-unicast-option - | | +--rw rfc8415:server-address? inet:ipv6-address - | +--rw rfc8415:status-code-option - | | +--rw rfc8415:status-code? uint16 - | | +--rw rfc8415:status-message? string - | +--rw rfc8415:rapid-commit-option! - | +--rw rfc8415:vendor-specific-information-option - | | +--rw rfc8415:vendor-specific-information-option- - | | instances* [enterprise-number] + | +--rw rfc8415-srv:preference-option + | | +--rw rfc8415-srv:pref-value? uint8 + | +--rw rfc8415-srv:auth-option + | | +--rw rfc8415-srv:protocol? uint8 + | | +--rw rfc8415-srv:algorithm? uint8 + | | +--rw rfc8415-srv:rdm? uint8 + | | +--rw rfc8415-srv:replay-detection? uint64 + | | +--rw rfc8415-srv:auth-information? string + | +--rw rfc8415-srv:server-unicast-option + | | +--rw rfc8415-srv:server-address? + | | inet:ipv6-address + | +--rw rfc8415-srv:status-code-option + | | +--rw rfc8415-srv:status-code? uint16 + | | +--rw rfc8415-srv:status-message? string + | +--rw rfc8415-srv:rapid-commit-option! + | +--rw rfc8415-srv:vendor-specific-information-option + | | +--rw rfc8415-srv:vendor-specific-information-option- + instances* | | [enterprise-number] - | | +--rw rfc8415:enterprise-number uint32 - | | +--rw rfc8415:vendor-option-data* + | | +--rw rfc8415-srv:enterprise-number uint32 + | | +--rw rfc8415-srv:vendor-option-data* | | [sub-option-code] - | | +--rw rfc8415:sub-option-code uint16 - | | +--rw rfc8415:sub-option-data? string - | +--rw rfc8415:reconfigure-message-option - | | +--rw rfc8415:msg-type? uint8 - | +--rw rfc8415:reconfigure-accept-option! - | +--rw rfc8415:info-refresh-time-option - | | +--rw rfc8415:info-refresh-time? + | | +--rw rfc8415-srv:sub-option-code uint16 + | | +--rw rfc8415-srv:sub-option-data? string + | +--rw rfc8415-srv:reconfigure-message-option + | | +--rw rfc8415-srv:msg-type? uint8 + | +--rw rfc8415-srv:reconfigure-accept-option! + | +--rw rfc8415-srv:info-refresh-time-option + | | +--rw rfc8415-srv:info-refresh-time? | | dhcpv6-common:timer-seconds32 - | +--rw rfc8415:sol-max-rt-option - | | +--rw rfc8415:sol-max-rt-value? + | +--rw rfc8415-srv:sol-max-rt-option + | | +--rw rfc8415-srv:sol-max-rt-value? | | dhcpv6-common:timer-seconds32 - | +--rw rfc8415:inf-max-rt-option - | +--rw rfc8415:inf-max-rt-value? + | +--rw rfc8415-srv:inf-max-rt-option + | +--rw rfc8415-srv:inf-max-rt-value? | dhcpv6-common:timer-seconds32 +--rw class-selector +--rw network-ranges +--rw option-set-id* leafref +--rw valid-lifetime? | dhcpv6-common:timer-seconds32 +--rw renew-time? | dhcpv6-common:timer-seconds32 +--rw rebind-time? | dhcpv6-common:timer-seconds32 +--rw preferred-lifetime? | dhcpv6-common:timer-seconds32 +--rw rapid-commit? boolean +--rw network-range* [network-range-id] - | +--rw network-range-id uint32 - | +--rw network-description string + | +--rw id uint32 + | +--rw description string | +--rw network-prefix inet:ipv6-prefix | +--rw option-set-id* leafref | +--rw valid-lifetime? | | dhcpv6-common:timer-seconds32 | +--rw renew-time? | | dhcpv6-common:timer-seconds32 | +--rw rebind-time? | | dhcpv6-common:timer-seconds32 | +--rw preferred-lifetime? | | dhcpv6-common:timer-seconds32 @@ -385,25 +401,37 @@ | | dhcpv6-common:timer-seconds32 | +--ro lease-t2? | dhcpv6-common:timer-seconds32 +--ro solicit-count? uint32 +--ro advertise-count? uint32 +--ro request-count? uint32 +--ro confirm-count? uint32 +--ro renew-count? uint32 +--ro rebind-count? uint32 +--ro reply-count? uint32 - +--rw release-count? uint32 + +--ro release-count? uint32 +--ro decline-count? uint32 +--ro reconfigure-count? uint32 +--ro information-request-count? uint32 + rpcs: + +---x delete-address-lease + | +---w input + | | +---w lease-address-to-delete inet:ipv6-address + | +--ro output + | +--ro return-message? string + +---x delete-prefix-lease + +---w input + | +---w lease-prefix-to-delete inet:ipv6-prefix + +--ro output + +--ro return-message? string + notifications: +---n address-pool-utilization-threshold-exceeded | +--ro pool-id? leafref | +--ro total-address-count uint64 | +--ro max-address-count uint64 | +--ro allocated-address-count uint64 +---n prefix-pool-utilization-threshold-exceeded | {prefix-delegation}? | +--ro pool-id leafref | +--ro max-pd-space-utilization leafref @@ -435,39 +463,38 @@ * server-duid: Each server must have a DUID (DHCP Unique Identifier) to identify itself to clients. A DUID consists of a two-octet type field and an arbitrary length (of no more than 128-bytes) content field. Currently there are four defined types of DUIDs in [RFC8415] and [RFC6355]: DUID-LLT, DUID-EN, DUID-LL, and DUID- UUID. DUID-Unknown is used for arbitrary DUID formats which do not follow any of these defined types. 'active-duid' is a read- only field that the server's current DUID can be retrieved from. The DUID definitions are imported from the 'ietf- - dhcpv6-common.yang' module as they are also used by the 'ietf- - dhcpv6-client.yang' module. + dhcpv6-common.yang' module. * vendor-config: This container is provided as a location for additional implementation specific YANG nodes for the configuration of the device to be augmented. See Appendix B for - an example module. + an example of such a module. * option-sets: The server can be configured with multiple option- sets. These are groups of DHCPv6 options with common parameters which will be supplied to clients on request. The 'option-set-id' field is used to reference an option-set elsewhere in the server's configuration. - * option-set: Holds configration parameters for DHCPv6 options. The - initial set of definitions are contained in the module 'ietf- - dhcpv6-options-rfc8415.yang' and are augmented into the server - module at this point. Other DHCPv6 options can be augmented here - as required. + * option-set: Holds configuration parameters for DHCPv6 options. + The initial set of definitions are contained in the module 'ietf- + dhcpv6-options-rfc8415-server.yang' and are augmented into the + server module at this point. Other DHCPv6 option modules can be + augmented here as required. * class-selector: This is provided as a location for additional implementation specific YANG nodes for vendor specific class selector nodes to be augmented. See Appendix C for an example of this. * network-ranges: This module uses a hierarchical model for the allocation of addresses and prefixes. At the top level 'network- ranges' holds global configuration parameters. Under this, a list of 'network-ranges' can be defined. Inside 'network-rages', @@ -475,61 +502,57 @@ pools' (for IA_PD allocation) are defined. Finally within the pools, specific host-reservations are held. * prefix-pools: Defines pools to be used for prefix delegation to clients. As prefix delegation is not supported by all DHCPv6 server implementations, it is enabled by a feature statement. Information about notifications: * address/prefix-pool-utilization-threshold-exceeded: Raised when - number of leased addresses or prefixes exceeds the configurated + number of leased addresses or prefixes exceeds the configured usage threshold. * invalid-client-detected: Raised when the server detects an invalid client. A description of the error that has generated the notification can be included. * decline-received: Raised when a DHCPv6 Decline message is received from a client. * non-success-code-sent: Raised when a status message is raised for an error. + Information about RPCs + * delete-address-lease: Allows the deletion of a lease for an + individual IPv6 address from the server's lease database. + + * delete-prefix-lease: Allows the deletion of a lease for an + individual IPv6 prefix from the server's lease database. + 2.2. DHCPv6 Relay Tree Diagram The tree diagram in Figure 2 provides an overview of the DHCPv6 relay module. The tree also includes the augmentations of the relevant - option definitions from Section 3.4 and the common functions module - Section 3.5. + option definitions from Section 3.5 and the common functions module + Section 3.7. module: ietf-dhcpv6-relay +--rw dhcpv6-node-type? identityref +--rw dhcpv6-relay +--rw relay-if* [if-name] | +--rw if-name | | if:interface-ref | +--rw destination-addresses* | | inet:ipv6-address | +--rw link-address? binary | +--rw relay-options - | | +--rw rfc8415:auth-option - | | | +--rw rfc8415:protocol? uint8 - | | | +--rw rfc8415:algorithm? uint8 - | | | +--rw rfc8415:rdm? uint8 - | | | +--rw rfc8415:replay-detection? uint64 - | | | +--rw rfc8415:auth-information? string - | | +--rw rfc8415:status-code-option - | | | +--rw rfc8415:status-code? uint16 - | | | +--rw rfc8415:status-message? string - | | +--rw rfc8415:interface-id-option - | | +--rw rfc8415:interface-id? string | +--ro solicit-received-count? uint32 | +--ro advertise-sent-count? uint32 | +--ro request-received-count? uint32 | +--ro confirm-received-count? uint32 | +--ro renew-received-count? uint32 | +--ro rebind-received-count? uint32 | +--ro reply-sent-count? uint32 | +--ro release-received-count? uint32 | +--ro decline-received-count? uint32 | +--ro reconfigure-sent-count? uint32 @@ -544,20 +567,37 @@ | +--ro client-peer-address? inet:ipv6-address | +--ro client-duid? binary | +--ro server-duid? binary +--ro relay-forward-sent-count? uint32 +--ro relay-forward-received-count? uint32 +--ro relay-reply-received-count? uint32 +--ro relay-forward-unknown-sent-count? uint32 +--ro relay-forward-unknown-received-count? uint32 +--ro discarded-message-count? uint32 + rpcs: + +---x clear-prefix-entry + | +---w input + | | +---w lease-prefix inet:ipv6-prefix + | +--ro output + | +--ro return-message? string + +---x clear-client-prefixes + | +---w input + | | +---w client-duid binary + | +--ro output + | +--ro return-message? string + +---x clear-interface-prefixes + +---w input + | +---w interface if:interface-ref + +--ro output + +--ro return-message? string + notifications: +---n relay-event +--ro topology-change +--ro relay-if-name? | -> /dhcpv6-relay/relay-if/if-name +--ro last-ipv6-addr? inet:ipv6-address Figure 2: DHCPv6 Relay Data Module Structure Descriptions of important nodes: @@ -588,26 +628,38 @@ active delegated prefix leases. * relay-options: As with the Server module, DHCPv6 options that can be sent by the relay are augmented here. Information about notifications: * topology-changed: Raised when the topology of the relay agent is changed, e.g. a client facing interface is reconfigured. + Information about RPCs + + * clear-prefix-lease: Allows the removal of a delegated lease entry + from the relay. + + * clear-client-prefixes: Allows the removal of all of the delegated + lease entries for a single client (referenced by client DUID) from + the relay. + + * clear-interface-prefixes: Allows the removal of all of the + delegated lease entries from an interface on the relay. + 2.3. DHCPv6 Client Tree Diagram The tree diagram in Figure 3 provides an overview of the DHCPv6 client module. The tree also includes the augmentations of the - relevant option definitions from Section 3.4 and the common functions - module Section 3.5. + relevant option definitions from Section 3.6 and the common functions + module Section 3.7. module: ietf-dhcpv6-client +--rw dhcpv6-node-type? identityref +--rw dhcpv6-client +--rw client-if* [if-name] +--rw if-name | if:interface-ref +--rw type-code? uint16 +--rw (duid-type)? | +--:(duid-llt) @@ -621,49 +673,20 @@ | +--:(duid-ll) | | +--rw duid-ll-hardware-type? uint16 | | +--rw duid-ll-link-layer-address? | | yang:mac-address | +--:(duid-uuid) | | +--rw uuid? yang:uuid | +--:(duid-unstructured) | +--rw data? binary +--ro active-duid? binary +--rw client-configured-options - | +--rw rfc8415:option-request-option - | | +--rw rfc8415:oro-option* uint16 - | +--rw rfc8415:status-code-option - | | +--rw rfc8415:status-code? uint16 - | | +--rw rfc8415:status-message? string - | +--rw rfc8415:rapid-commit-option! - | +--rw rfc8415:user-class-option - | | +--rw rfc8415:user-class-data* - | | [user-class-datum-id] - | | +--rw rfc8415:user-class-datum-id uint8 - | | +--rw rfc8415:user-class-datum? string - | +--rw rfc8415:vendor-class-option - | | +--rw rfc8415:vendor-class-option-instances* - | | [enterprise-number] - | | +--rw rfc8415:enterprise-number uint32 - | | +--rw rfc8415:vendor-class* - | | [vendor-class-datum-id] - | | +--rw rfc8415:vendor-class-datum-id uint8 - | | +--rw rfc8415:vendor-class-datum? string - | +--rw rfc8415:vendor-specific-information-option - | | +--rw rfc8415:vendor-specific-information-option- - | | instances* [enterprise-number] - | | [enterprise-number] - | | +--rw rfc8415:enterprise-number uint32 - | | +--rw rfc8415:vendor-option-data* - | | [sub-option-code] - | | +--rw rfc8415:sub-option-code uint16 - | | +--rw rfc8415:sub-option-data? string - | +--rw rfc8415:reconfigure-accept-option! +--rw ia-na* [iaid] | +--rw iaid uint32 | +--rw ia-na-options | +--ro lease-state | +--ro ia-na-address? inet:ipv6-address | +--ro preferred-lifetime? | | dhcpv6-common:timer-seconds32 | +--ro valid-lifetime? | | dhcpv6-common:timer-seconds32 | +--ro lease-t1? @@ -701,21 +724,21 @@ | +--ro allocation-time? yang:date-and-time | +--ro last-renew-rebind? yang:date-and-time | +--ro server-duid? binary +--ro solicit-count? uint32 +--ro advertise-count? uint32 +--ro request-count? uint32 +--ro confirm-count? uint32 +--ro renew-count? uint32 +--ro rebind-count? uint32 +--ro reply-count? uint32 - +--rw release-count? uint32 + +--ro release-count? uint32 +--ro decline-count? uint32 +--ro reconfigure-count? uint32 +--ro information-request-count? uint32 notifications: +---n invalid-ia-detected | +--ro iaid uint32 | +--ro description? string +---n retransmission-failed | +--ro failure-type enumeration @@ -759,49 +782,60 @@ module. DUID is configured under the 'client-if' to allow a client to have different DUIDs for each interface if required. * ia-na, ia-ta, ia-pd: Contains configuration nodes relevant for requesting one or more of each of the lease types. Also contains read only nodes related to active leases. Information about notifications: * invalid-ia-detected: Raised when the identity association of the - client can be proved to be invalid. Possible condition includes + client can be proved to be invalid. Possible conditions include: duplicated address, illegal address, etc. * retransmission-failed: Raised when the retransmission mechanism - defined in [RFC8415] is failed. + defined in [RFC8415] has failed. 3. DHCPv6 YANG Modules 3.1. DHCPv6 Server YANG Module This module imports typedefs from [RFC6991], [RFC8343]. file ietf-dhcpv6-server.yang module ietf-dhcpv6-server { yang-version 1.1; namespace "urn:ietf:params:xml:ns:yang:ietf-dhcpv6-server"; prefix "dhcpv6-server"; import ietf-inet-types { prefix inet; + reference + "RFC 6991: Common YANG Data Types"; } - import ietf-yang-types { prefix yang; + reference + "RFC 6991: Common YANG Data Types"; } import ietf-dhcpv6-common { prefix dhcpv6-common; + reference + "To be updated on publication"; + } + + import ietf-netconf-acm { + prefix nacm; + reference + "RFC 8341: Network Configuration Access Control Model"; } organization "DHC WG"; contact "cuiyong@tsinghua.edu.cn lh.sunlinh@gmail.com ian.farrer@telekom.de sladjana.zechlin@telekom.de hezihao9512@gmail.com godfryd@isc.org"; @@ -815,20 +849,24 @@ Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Simplified BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info). This version of this YANG module is part of RFC 8513; see the RFC itself for full legal notices."; + revision 2020-12-01 { + description "Version update for draft -12 publication."; + reference "I-D: draft-ietf-dhc-dhcpv6-yang-12"; + } revision 2020-05-26 { description "Version update for draft -11 publication and to align revisions across the different modules."; reference "I-D: draft-ietf-dhc-dhcpv6-yang-11"; } revision 2019-12-02 { description "Major reworking of the module."; reference "I-D: draft-ietf-dhc-dhcpv6-yang-10"; } @@ -853,31 +891,30 @@ description "First version of the separated server specific YANG model."; reference "I-D: draft-ietf-dhc-dhcpv6-yang"; } /* * Identities */ identity server { - base "dhcpv6-common:dhcpv6-node"; description "DHCPv6 server identity."; + base "dhcpv6-common:dhcpv6-node"; } leaf dhcpv6-node-type { description "Type for a DHCPv6 server."; type identityref { - base "dhcpv6-server:server"; + base "dhcpv6-common:dhcpv6-node"; } } - /* * Features */ feature prefix-delegation { description "Denotes that the server implements DHCPv6 prefix delegation."; } /* @@ -998,20 +1034,21 @@ config "false"; type uint32; description "Number of Rebind (6) messages received."; } leaf reply-count { config "false"; type uint32; description "Number of Reply (7) messages sent."; } leaf release-count { + config "false"; type uint32; description "Number of Release (8) messages received."; } leaf decline-count { config "false"; type uint32; description "Number of Decline (9) messages received."; } leaf reconfigure-count { config "false"; @@ -1077,26 +1113,26 @@ container network-ranges { description "This model is based on an address and parameter allocation hierarchy. The top level is 'global' - which is defined as the container for all network-ranges. Under this are the individual network-ranges."; uses resource-config; list network-range { key network-range-id; description "Network-ranges are identified by the 'network-range-id' key."; - leaf network-range-id { + leaf id { type uint32; mandatory true; description "Equivalent to subnet ID."; } - leaf network-description { + leaf description { type string; mandatory true; description "Description for the network range."; } leaf network-prefix { type inet:ipv6-prefix; mandatory true; description "Network prefix."; } uses resource-config; @@ -1152,26 +1189,27 @@ } container active-leases { description "Holds state related to active client leases."; config false; leaf total-count { type uint64; mandatory true; description "The total number of addresses in the pool."; + } leaf allocated-count { type uint64; mandatory true; - description "The number of addresses or prefixes in - the pool that are currently allocated."; + description "The number of addresses or prefixes + in the pool that are currently allocated."; } list active-lease { key leased-address; leaf leased-address { type inet:ipv6-address; } uses lease-information; } } } @@ -1261,22 +1299,22 @@ /* * Notifications */ notification address-pool-utilization-threshold-exceeded { description "Notification sent when the address pool utilization exceeds the configured threshold."; leaf pool-id { type leafref { - path "/dhcpv6-server/network-ranges/network-range/ - address-pools/address-pool/pool-id"; + path "/dhcpv6-server/network-ranges/network-range/address-poo + ls/address-pool/pool-id"; } } leaf total-address-count { type uint64; mandatory true; description "Count of the total addresses in the pool."; } leaf max-address-count { type uint64; mandatory true; @@ -1290,30 +1328,30 @@ description "Count of allocated addresses in the pool."; } } notification prefix-pool-utilization-threshold-exceeded { description "Notification sent when the prefix pool utilization exceeds the configured threshold."; if-feature prefix-delegation; leaf pool-id { type leafref { - path "/dhcpv6-server/network-ranges/network-range/ - prefix-pools/prefix-pool/pool-id"; + path "/dhcpv6-server/network-ranges/network-range/prefix-pool + s/prefix-pool/pool-id"; } mandatory true; } leaf max-pd-space-utilization { description "PD space utilization threshold."; type leafref { - path "/dhcpv6-server/network-ranges/network-range/ - prefix-pools/prefix-pool/max-pd-space-utilization"; + path "/dhcpv6-server/network-ranges/network-range/prefix-pool + s/prefix-pool/max-pd-space-utilization"; } mandatory true; } leaf pd-space-utilization { description "Current PD space utilization"; type uint64; } } notification invalid-client-detected { @@ -1359,48 +1399,110 @@ leaf status-code { type uint16; mandatory true; description "Status code returned to the client."; } leaf duid { description "Client DUID."; type binary; } } + + /* + * RPCs + */ + + rpc delete-address-lease { + nacm:default-deny-all; + description "Deletes a client's active address lease from the + server's lease database. Note, this will not cause the address + to be revoked from the client, and the lease may be refreshed + or renewed by the client."; + input { + leaf lease-address-to-delete { + type inet:ipv6-address; + mandatory true; + description "IPv6 address of an active lease that will be + deleted from the server."; + } + } + output { + leaf return-message { + type string; + description "Response message from the server."; + } + } + } + rpc delete-prefix-lease { + nacm:default-deny-all; + description "Deletes a client's active prefix lease from the + server's lease database. Note, this will not cause the prefix + to be revoked from the client, and the lease may be refreshed + or renewed by the client."; + + input { + leaf lease-prefix-to-delete { + type inet:ipv6-prefix; + mandatory true; + description "IPv6 prefix of an active lease that will be + deleted from the server."; + } } + output { + leaf return-message { + type string; + description "Response message from the server."; + } + } + } + } + 3.2. DHCPv6 Relay YANG Module This module imports typedefs from [RFC6991], [RFC8343]. file ietf-dhcpv6-relay.yang module ietf-dhcpv6-relay { yang-version 1.1; namespace "urn:ietf:params:xml:ns:yang:ietf-dhcpv6-relay"; prefix "dhcpv6-relay"; import ietf-inet-types { prefix inet; + reference + "RFC 6991: Common YANG Data Types"; } import ietf-yang-types { prefix yang; + reference + "RFC 6991: Common YANG Data Types"; } import ietf-dhcpv6-common { prefix dhcpv6-common; + reference + "To be updated on publication"; } - import ietf-interfaces { prefix if; + reference + "RFC 8343: A YANG Data Model for Interface Management"; + } + + import ietf-netconf-acm { + prefix nacm; + reference + "RFC 8341: Network Configuration Access Control Model"; } organization "IETF DHC (Dynamic Host Configuration) Working group"; contact "cuiyong@tsinghua.edu.cn lh.sunlinh@gmail.com ian.farrer@telekom.de sladjana.zechlin@telekom.de @@ -1413,26 +1515,33 @@ Copyright (c) 2018 IETF Trust and the persons identified as authors of the code. All rights reserved. Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Simplified BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info). + This version of this YANG module is part of RFC 8513; see the RFC itself for full legal notices."; + revision 2020-12-01 { + description "Version update for draft -12 publication."; + reference "I-D: draft-ietf-dhc-dhcpv6-yang-12"; + } + revision 2020-05-26 { description "Version update for draft -11 publication and to align revisions across the different modules."; + reference "I-D: draft-ietf-dhc-dhcpv6-yang-11"; } revision 2019-09-20 { description ""; reference "I-D: draft-ietf-dhc-dhcpv6-yang-10"; } revision 2018-03-04 { description "Resolved most issues on the DHC official @@ -1449,33 +1558,32 @@ revision 2017-11-24 { description "First version of the separated relay specific YANG model."; reference "I-D: draft-ietf-dhc-dhcpv6-yang"; } /* - * Indentities + * Identities */ identity relay { - base "dhcpv6-common:dhcpv6-node"; description "DHCPv6 relay agent identity."; + base "dhcpv6-common:dhcpv6-node"; } leaf dhcpv6-node-type { description "Type for a DHCPv6 relay."; type identityref { - base "dhcpv6-relay:relay"; - + base "dhcpv6-common:dhcpv6-node"; } } /* * Features */ feature prefix-delegation { description "Enable if the relay functions as a delegating router for DHCPv6 prefix delegation."; @@ -1693,48 +1801,119 @@ type leafref { path "/dhcpv6-relay/relay-if/if-name"; } } leaf last-ipv6-addr { type inet:ipv6-address; description "Last IPv6 address configured on the interface."; } } } + + /* + * RPCs + */ + + rpc clear-prefix-entry { + nacm:default-deny-all; + description "Clears an entry for an active delegated prefix + from the relay."; + input { + leaf lease-prefix { + type inet:ipv6-prefix; + mandatory true; + description "IPv6 prefix of an active lease entry that will b + e + deleted from the relay."; + + } + } + output { + leaf return-message { + type string; + description "Response message from the relay."; + } + } + } + rpc clear-client-prefixes { + nacm:default-deny-all; + description "Clears all active prefix entries for a single client + ."; + input { + leaf client-duid { + type binary; + mandatory true; + description "DUID of the client ."; + } + } + output { + leaf return-message { + type string; + description "Response message from the relay."; + } + } + } + rpc clear-interface-prefixes { + nacm:default-deny-all; + description "Clears all delegated prefix bindings from an + interface on the relay."; + input { + leaf interface { + type if:interface-ref; + mandatory true; + description "Reference to the relay interface that will have + all active prefix delegation bindings deleted."; + } + } + output { + leaf return-message { + type string; + description "Response message from the relay."; + } + } + } } 3.3. DHCPv6 Client YANG Module This module imports typedefs from [RFC6991], [RFC8343]. file ietf-dhcpv6-client.yang module ietf-dhcpv6-client { yang-version 1.1; namespace "urn:ietf:params:xml:ns:yang:ietf-dhcpv6-client"; prefix "dhcpv6-client"; import ietf-inet-types { prefix inet; + reference + "RFC 6991: Common YANG Data Types"; } import ietf-yang-types { prefix yang; + reference + "RFC 6991: Common YANG Data Types"; } import ietf-dhcpv6-common { prefix dhcpv6-common; + reference + "To be updated on publication"; } import ietf-interfaces { prefix if; + reference + "RFC 8343: A YANG Data Model for Interface Management"; } organization "DHC WG"; contact "cuiyong@tsinghua.edu.cn wangh13@mails.tsinghua.edu.cn lh.sunlinh@gmail.com ian.farrer@telekom.de sladjana.zechlin@telekom.de hezihao9512@gmail.com @@ -1750,20 +1929,25 @@ Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Simplified BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info). This version of this YANG module is part of RFC 8513; see the RFC itself for full legal notices."; + revision 2020-12-01 { + description "Version update for draft -12 publication."; + reference "I-D: draft-ietf-dhc-dhcpv6-yang-12"; + } + revision 2020-05-26 { description "Version update for draft -11 publication and to align revisions across the different modules."; reference "I-D: draft-ietf-dhc-dhcpv6-yang-11"; } revision 2019-09-20 { description ""; reference "I-D: draft-ietf-dhc-dhcpv6-yang-10"; } @@ -1794,23 +1979,22 @@ */ identity client { base "dhcpv6-common:dhcpv6-node"; description "DHCPv6 client identity."; } leaf dhcpv6-node-type { description "Type for a DHCPv6 client."; type identityref { - base "dhcpv6-client:client"; + base "dhcpv6-common:dhcpv6-node"; } - } /* * Groupings */ grouping message-statistics { description "Counters for DHCPv6 messages."; leaf solicit-count { config "false"; @@ -1841,20 +2025,21 @@ config "false"; type uint32; description "Number of Rebind (6) messages sent."; } leaf reply-count { config "false"; type uint32; description "Number of Reply (7) messages received."; } leaf release-count { + config "false"; type uint32; description "Number of Release (8) messages sent."; } leaf decline-count { config "false"; type uint32; description "Number of Decline (9) messages sent."; } leaf reconfigure-count { config "false"; @@ -1955,21 +2139,21 @@ list ia-ta { key iaid; description "Configuration relevant for an IA_TA."; reference "RFC8415: Dynamic Host Configuration Protocol for IPv6 (DHCPv6)."; leaf iaid { type uint32; description "The unique identifier for this IA_TA."; } container ia-ta-options { - description "An augmenation point for additional options + description "An augmentation point for additional options that the client will send in the IA_TA-options field of OPTION_IA_TA."; } container lease-state { config "false"; description "Information about an active IA_TA lease."; leaf ia-ta-address { description "Address that is currently leased."; type inet:ipv6-address; } @@ -2003,21 +2186,21 @@ list ia-pd { key iaid; reference "RFC8415: Dynamic Host Configuration Protocol for IPv6 (DHCPv6)."; description "Configuration relevant for an IA_PD."; leaf iaid { type uint32; description "The unique identifier for this IA_PD."; } container ia-pd-options { - description "An augmenation point for additional options + description "An augmentation point for additional options that the client will send in the IA_PD-options field of OPTION_IA_TA."; } container lease-state { config "false"; description "Information about an active IA_PD delegated prefix."; leaf ia-pd-prefix { description "Delegated prefix that is currently leased."; type inet:ipv6-prefix; @@ -2147,63 +2329,71 @@ leaf lease-ia-pd { description "Reference to the IA_PD lease."; type leafref { path "/dhcpv6-client/client-if/ia-pd/iaid"; } } } } -3.4. DHCPv6 RFC8415 Options YANG Module +3.4. RFC8415 Server Options YANG Module This module imports typedefs from [RFC6991]. - file ietf-dhcpv6-options-rfc8415.yang + file ietf-dhcpv6-options-rfc8415-server.yang module ietf-dhcpv6-options-rfc8415 { yang-version 1.1; - namespace "urn:ietf:params:xml:ns:yang:ietf-dhcpv6-options-8415"; - prefix "rfc8415"; + namespace "urn:ietf:params:xml:ns:yang:ietf-dhcpv6-options-8415-ser + ver"; + prefix "rfc8415-srv"; import ietf-inet-types { prefix inet; + reference + "RFC 6991: Common YANG Data Types"; } import ietf-dhcpv6-common { prefix dhcpv6-common; + reference + "To be updated on publication"; } import ietf-dhcpv6-server { prefix dhcpv6-server; - } - - import ietf-dhcpv6-relay { - prefix dhcpv6-relay; - } - - import ietf-dhcpv6-client { - prefix dhcpv6-client; + reference + "To be updated on publication"; } organization "DHC WG"; contact "cuiyong@tsinghua.edu.cn wangh13@mails.tsinghua.edu.cn lh.sunlinh@gmail.com ian.farrer@telekom.de sladjana.zechlin@telekom.de hezihao9512@gmail.com"; description "This YANG module contains DHCPv6 options defined - in RFC8415 that can be used by DHCPv6 clients, relays - and servers."; + in RFC8415 that can be used by DHCPv6 servers."; + + revision 2020-12-01 { + description "Version update for draft -12 publication."; + reference "I-D: draft-ietf-dhc-dhcpv6-yang-12"; + } + + revision 2020-11-19 { + description "Separated into a client specific set of options."; + reference "I-D: draft-ietf-dhc-dhcpv6-yang-12"; + } revision 2020-05-26 { description "Version update for draft -11 publication and to align revisions across the different modules."; reference "I-D: draft-ietf-dhc-dhcpv6-yang-11"; } revision 2019-06-07 { description "Major reworking to only contain RFC8415 options. if-feature for each option removed. Removed groupings @@ -2230,70 +2420,25 @@ revision 2017-11-24 { description "First version of the separated DHCPv6 options YANG model."; reference "I-D:draft-ietf-dhc-dhcpv6-yang"; } /* * Groupings */ - grouping option-iaaddr-option { - description "OPTION_IAADDR (5) IA Address Option."; - reference "RFC8415: Dynamic Host Configuration Protocol for IPv6 - (DHCPv6)"; - leaf IPv6-address { - type inet:ipv6-address; - description "An IPv6 address. A client MUST NOT form an - implicit prefix with a length other than 128 for this - address."; - } - leaf preferred-lifetime { - type uint32; - description "The preferred lifetime for the address in the - option, expressed in units of seconds."; - } - leaf valid-lifetime { - type uint32; - description "The preferred lifetime for the address - in the option, expressed in units of seconds."; - } - container iaaddr-options { - description "Definitions for DHCPv6 options that can be sent - by the client are augmented to this location from other YANG - modules as required."; - } - } - - grouping option-request-option-group { - container option-request-option { - description "OPTION_ORO (6) Option Request Option. A client - MUST include an Option Request option in a Solicit, Request, - Renew, Rebind, or Information-request message to inform - the server about options the client wants the server to send - to the client."; - reference "RFC8415: Dynamic Host Configuration Protocol for - IPv6 (DHCPv6)"; - leaf-list oro-option { - description "List of options that the client is requesting, - identified by option code"; - type uint16; - } - } - } - grouping preference-option-group { container preference-option { description "OPTION_PREFERENCE (7) Preference Option"; reference "RFC8415: Dynamic Host Configuration Protocol for IPv6 (DHCPv6)"; - leaf pref-value { type uint8; description "The preference value for the server in this message. A 1-octet unsigned integer."; } } } grouping auth-option-group { container auth-option { @@ -2364,81 +2509,331 @@ grouping rapid-commit-option-group { container rapid-commit-option { presence "Enable sending of this option"; description "OPTION_RAPID_COMMIT (14) Rapid Commit Option. The presence node is used to enable the option."; reference "RFC8415: Dynamic Host Configuration Protocol for IPv6 (DHCPv6)"; } } - grouping user-class-option-group { - container user-class-option { - description "OPTION_USER_CLASS (15) User Class Option"; + grouping vendor-specific-information-option-group { + container vendor-specific-information-option { + description "OPTION_VENDOR_OPTS (17) Vendor-specific + Information Option"; reference "RFC8415: Dynamic Host Configuration Protocol for IPv6 (DHCPv6)"; - list user-class-data { - key user-class-datum-id; - min-elements 1; - description "The user classes of which the client - is a member."; - leaf user-class-datum-id { - type uint8; - description "User class datum ID"; + list vendor-specific-information-option-instances { + key enterprise-number; + description "The vendor specific information option allows + for multiple instances in a single message. Each list entry + defines the contents of an instance of the option."; + leaf enterprise-number { + type uint32; + description "The vendor's registered Enterprise Number, + as maintained by IANA."; } - leaf user-class-datum { + list vendor-option-data { + key sub-option-code; + description "Vendor options, interpreted by vendor-specific + client/server functions."; + leaf sub-option-code { + type uint16; + description "The code for the sub-option."; + } + leaf sub-option-data { type string; - description "Opaque field representing a User Class - of which the client is a member."; + description "The data area for the sub-option."; } } } } - grouping vendor-class-option-group { - container vendor-class-option { - description "OPTION_VENDOR_CLASS (16) Vendor Class Option"; + } + + grouping reconfigure-message-option-group { + container reconfigure-message-option { + description "OPTION_RECONF_MSG (19) Reconfigure Message + Option."; + reference "RFC8415: Dynamic Host Configuration Protocol for + IPv6 (DHCPv6)"; + leaf msg-type { + type uint8; + description "5 for Renew message, 6 for Rebind message, + 11 for Information-request message."; + } + } + } + + grouping reconfigure-accept-option-group { + container reconfigure-accept-option { + presence "Enable sending of this option"; + description "OPTION_RECONF_ACCEPT (20) Reconfigure Accept + Option. + A client uses the Reconfigure Accept option to announce to + the server whether the client is willing to accept + Reconfigure messages, and a server uses this option to tell + the client whether or not to accept Reconfigure messages. + In the absence of this option, the default behavior is that + the client is unwilling to accept Reconfigure messages. + The presence node is used to enable the option."; reference "RFC8415: Dynamic Host Configuration Protocol for IPv6 (DHCPv6)"; - list vendor-class-option-instances { - key enterprise-number; - description "The vendor class option allows for multiple - instances in a single message. Each list entry defines - the contents of an instance of the option."; - leaf enterprise-number { - type uint32; - description "The vendor's registered Enterprise Number - as maintained by IANA."; } - list vendor-class { - key vendor-class-datum-id; - description "The vendor classes of which the client is - a member."; - leaf vendor-class-datum-id { + } + + grouping info-refresh-time-option-group { + container info-refresh-time-option { + description "OPTION_INFORMATION_REFRESH_TIME (32) + Information Refresh Time option."; + reference "RFC8415: Dynamic Host Configuration Protocol for + IPv6 (DHCPv6)"; + leaf info-refresh-time { + type dhcpv6-common:timer-seconds32; + description "Time duration relative to the current time, + expressed in units of seconds."; + } + } + } + + grouping sol-max-rt-option-group { + container sol-max-rt-option { + description "OPTION_SOL_MAX_RT (82) sol max rt option"; + reference "RFC8415: Dynamic Host Configuration Protocol for + IPv6 (DHCPv6)"; + leaf sol-max-rt-value { + type dhcpv6-common:timer-seconds32; + description "sol max rt value"; + } + } + } + + grouping inf-max-rt-option-group { + container inf-max-rt-option { + description "OPTION_INF_MAX_RT (83) inf max rt option"; + reference "RFC8415: Dynamic Host Configuration Protocol for + IPv6 (DHCPv6)"; + leaf inf-max-rt-value { + type dhcpv6-common:timer-seconds32; + description "inf max rt value"; + } + } + } + + /* + * Augmentations + */ + + augment "/dhcpv6-server:dhcpv6-server/dhcpv6-server:option-sets/dhc + pv6-server:option-set" { + when "../../../dhcpv6-server:dhcpv6-node-type='dhcpv6-server:serv + er'"; + uses preference-option-group; + uses auth-option-group; + uses server-unicast-option-group; + uses status-code-option-group; + uses rapid-commit-option-group; + uses vendor-specific-information-option-group; + uses reconfigure-message-option-group; + uses reconfigure-accept-option-group; + uses info-refresh-time-option-group; + uses sol-max-rt-option-group; + uses inf-max-rt-option-group; + } + } + + +3.5. RFC8415 Relay Options YANG Module + + This module imports typedefs from [RFC6991]. + + file ietf-dhcpv6-options-rfc8415-server.yang + + module ietf-dhcpv6-options-rfc8415 { + yang-version 1.1; + namespace "urn:ietf:params:xml:ns:yang:ietf-dhcpv6-options-8415-ser + ver"; + prefix "rfc8415-srv"; + + import ietf-inet-types { + prefix inet; + reference + "RFC 6991: Common YANG Data Types"; + } + + import ietf-dhcpv6-common { + prefix dhcpv6-common; + reference + "To be updated on publication"; + } + + import ietf-dhcpv6-server { + prefix dhcpv6-server; + reference + "To be updated on publication"; + } + + organization "DHC WG"; + contact + "cuiyong@tsinghua.edu.cn + wangh13@mails.tsinghua.edu.cn + lh.sunlinh@gmail.com + ian.farrer@telekom.de + sladjana.zechlin@telekom.de + hezihao9512@gmail.com"; + + description "This YANG module contains DHCPv6 options defined + in RFC8415 that can be used by DHCPv6 servers."; + + revision 2020-12-01 { + description "Version update for draft -12 publication."; + reference "I-D: draft-ietf-dhc-dhcpv6-yang-12"; + } + + revision 2020-11-19 { + description "Separated into a client specific set of options."; + reference "I-D: draft-ietf-dhc-dhcpv6-yang-12"; + } + + revision 2020-05-26 { + description "Version update for draft -11 publication and + to align revisions across the different modules."; + reference "I-D: draft-ietf-dhc-dhcpv6-yang-11"; + } + + revision 2019-06-07 { + description "Major reworking to only contain RFC8415 options. + if-feature for each option removed. Removed groupings + of features by device or combination of devices. Added "; + reference "I-D: draft-ietf-dhc-dhcpv6-yang"; + } + + revision 2018-09-04 { + description ""; + reference "I-D: draft-ietf-dhc-dhcpv6-yang"; + } + + revision 2018-03-04 { + description "Resolved most issues on the DHC official + github"; + reference "I-D: draft-ietf-dhc-dhcpv6-yang"; + } + + revision 2017-12-22 { + description "Resolve most issues on Ian's github."; + reference "I-D: draft-ietf-dhc-dhcpv6-yang"; + } + + revision 2017-11-24 { + description "First version of the separated DHCPv6 options + YANG model."; + reference "I-D:draft-ietf-dhc-dhcpv6-yang"; + } + + /* + * Groupings + */ + + grouping preference-option-group { + container preference-option { + description "OPTION_PREFERENCE (7) Preference Option"; + reference "RFC8415: Dynamic Host Configuration Protocol for + IPv6 (DHCPv6)"; + + leaf pref-value { type uint8; - description "Vendor class datum ID"; + description "The preference value for the server in this + message. A 1-octet unsigned integer."; } - leaf vendor-class-datum { + } + } + + grouping auth-option-group { + container auth-option { + description "OPTION_AUTH (11) Authentication Option"; + reference "RFC8415: Dynamic Host Configuration Protocol + for IPv6 (DHCPv6)"; + leaf protocol { + type uint8; + description "The authentication protocol used in this + Authentication option."; + } + leaf algorithm { + type uint8; + description "The algorithm used in the authentication + protocol."; + } + leaf rdm { + type uint8; + description "The replay detection method used + in this Authentication option."; + } + leaf replay-detection { + type uint64; + description "The replay detection information for the RDM."; + } + leaf auth-information { type string; - description "Opaque field representing a vendor class - of which the client is a member."; + description "The authentication information, as specified + by the protocol and algorithm used in this Authentication + option."; } } } + + grouping server-unicast-option-group { + container server-unicast-option { + description "OPTION_UNICAST (12) Server Unicast Option"; + reference "RFC8415: Dynamic Host Configuration Protocol for + IPv6 (DHCPv6)"; + leaf server-address { + type inet:ipv6-address; + description "The 128-bit address to which the client + should send messages delivered using unicast."; + } + } + } + + grouping status-code-option-group { + container status-code-option { + description "OPTION_STATUS_CODE (13) Status Code Option."; + reference "RFC8415: Dynamic Host Configuration Protocol + for IPv6 (DHCPv6)"; + leaf status-code { + type uint16; + description "The numeric code for the status encoded + in this option. See the Status Codes registry at + + for the current list of status codes."; + } + leaf status-message { + type string; + description "A UTF-8 encoded text string suitable for + display to an end user. MUST NOT be null-terminated."; + } + } + } + + grouping rapid-commit-option-group { + container rapid-commit-option { + presence "Enable sending of this option"; + description "OPTION_RAPID_COMMIT (14) Rapid Commit Option. + The presence node is used to enable the option."; + reference "RFC8415: Dynamic Host Configuration Protocol for + IPv6 (DHCPv6)"; } } grouping vendor-specific-information-option-group { container vendor-specific-information-option { description "OPTION_VENDOR_OPTS (17) Vendor-specific Information Option"; - reference "RFC8415: Dynamic Host Configuration Protocol for IPv6 (DHCPv6)"; list vendor-specific-information-option-instances { key enterprise-number; description "The vendor specific information option allows for multiple instances in a single message. Each list entry defines the contents of an instance of the option."; leaf enterprise-number { type uint32; description "The vendor's registered Enterprise Number, @@ -2454,90 +2849,51 @@ } leaf sub-option-data { type string; description "The data area for the sub-option."; } } } } } - grouping interface-id-option-group { - container interface-id-option { - description "OPTION_INTERFACE_ID (18) Interface-Id Option"; - reference "RFC8415: Dynamic Host Configuration Protocol for - IPv6 (DHCPv6)"; - leaf interface-id { - type string; - description "An opaque value of arbitrary length generated - by the relay agent to identify one of the relay agent's - interfaces."; - } - } - } - grouping reconfigure-message-option-group { container reconfigure-message-option { description "OPTION_RECONF_MSG (19) Reconfigure Message Option."; reference "RFC8415: Dynamic Host Configuration Protocol for IPv6 (DHCPv6)"; leaf msg-type { type uint8; description "5 for Renew message, 6 for Rebind message, 11 for Information-request message."; } } } grouping reconfigure-accept-option-group { container reconfigure-accept-option { presence "Enable sending of this option"; - description "OPTION_RECONF_ACCEPT (20) Rapid Commit Option. + description "OPTION_RECONF_ACCEPT (20) Reconfigure Accept + Option. A client uses the Reconfigure Accept option to announce to the server whether the client is willing to accept Reconfigure messages, and a server uses this option to tell the client whether or not to accept Reconfigure messages. In the absence of this option, the default behavior is that the client is unwilling to accept Reconfigure messages. The presence node is used to enable the option."; reference "RFC8415: Dynamic Host Configuration Protocol for IPv6 (DHCPv6)"; } } - grouping option-iaprefix-option { - description "OPTION_IAPREFIX (26) IA Address Option."; - reference "RFC8415: Dynamic Host Configuration Protocol for IPv6 - (DHCPv6)"; - leaf preferred-lifetime { - type uint32; - description "The preferred lifetime for the prefix in the - option, expressed in units of seconds."; - } - leaf valid-lifetime { - type uint32; - description "The preferred lifetime for the prefix in the - option, expressed in units of seconds."; - } - leaf IPv6-prefix { - type inet:ipv6-prefix; - description "The IPv6 prefix delegated to the client."; - } - container iaprefix-options { - description "Definitions for DHCPv6 options that can be sent - by the client are augmented to this location from other YANG - modules as required."; - } - - } - grouping info-refresh-time-option-group { container info-refresh-time-option { description "OPTION_INFORMATION_REFRESH_TIME (32) Information Refresh Time option."; reference "RFC8415: Dynamic Host Configuration Protocol for IPv6 (DHCPv6)"; leaf info-refresh-time { type dhcpv6-common:timer-seconds32; description "Time duration relative to the current time, expressed in units of seconds."; @@ -2566,87 +2922,339 @@ type dhcpv6-common:timer-seconds32; description "inf max rt value"; } } } /* * Augmentations */ - augment "/dhcpv6-server:dhcpv6-server/dhcpv6-server:option-sets/ - dhcpv6-server:option-set" { - when "../../../dhcpv6-server:dhcpv6-node-type= - 'dhcpv6-server:server'"; - + augment "/dhcpv6-server:dhcpv6-server/dhcpv6-server:option-sets/dhc + pv6-server:option-set" { + when "../../../dhcpv6-server:dhcpv6-node-type='dhcpv6-server:serv + er'"; uses preference-option-group; uses auth-option-group; uses server-unicast-option-group; uses status-code-option-group; uses rapid-commit-option-group; uses vendor-specific-information-option-group; uses reconfigure-message-option-group; uses reconfigure-accept-option-group; uses info-refresh-time-option-group; uses sol-max-rt-option-group; uses inf-max-rt-option-group; } - augment "/dhcpv6-relay:dhcpv6-relay/dhcpv6-relay:relay-if/ - dhcpv6-relay:relay-options" { - when "../../../dhcpv6-relay:dhcpv6-node-type= - 'dhcpv6-relay:relay'"; - uses auth-option-group; - uses status-code-option-group; - uses interface-id-option-group; } - augment "/dhcpv6-client:dhcpv6-client/dhcpv6-client:client-if/ - dhcpv6-client:client-configured-options" { - when "../../../dhcpv6-client:dhcpv6-node-type= - 'dhcpv6-client:client'"; + + +3.6. RFC8415 Client Options YANG Module + + This module imports typedefs from [RFC6991]. + + file ietf-dhcpv6-options-rfc8415-client.yang + + module ietf-dhcpv6-options-rfc8415 { + yang-version 1.1; + namespace "urn:ietf:params:xml:ns:yang:ietf-dhcpv6-options-8415-cli + ent"; + prefix "rfc8415-cli"; + + import ietf-inet-types { + prefix inet; + reference + "RFC 6991: Common YANG Data Types"; + } + + import ietf-dhcpv6-common { + prefix dhcpv6-common; + reference + "To be updated on publication"; + } + + import ietf-dhcpv6-client { + prefix dhcpv6-client; + reference + "To be updated on publication"; + } + + organization "DHC WG"; + contact + "cuiyong@tsinghua.edu.cn + wangh13@mails.tsinghua.edu.cn + lh.sunlinh@gmail.com + ian.farrer@telekom.de + sladjana.zechlin@telekom.de + hezihao9512@gmail.com"; + + description "This YANG module contains DHCPv6 options defined + in RFC8415 that can be used by DHCPv6 clients."; + + revision 2020-12-01 { + description "Version update for draft -12 publication."; + reference "I-D: draft-ietf-dhc-dhcpv6-yang-12"; + } + + revision 2020-11-19 { + description "Separated into a client specific set of options."; + reference "I-D: draft-ietf-dhc-dhcpv6-yang-12"; + } + + revision 2020-05-26 { + description "Version update for draft -11 publication and + to align revisions across the different modules."; + reference "I-D: draft-ietf-dhc-dhcpv6-yang-11"; + } + + revision 2019-06-07 { + description "Major reworking to only contain RFC8415 options. + if-feature for each option removed. Removed groupings + of features by device or combination of devices. Added "; + reference "I-D: draft-ietf-dhc-dhcpv6-yang"; + } + + revision 2018-09-04 { + description ""; + reference "I-D: draft-ietf-dhc-dhcpv6-yang"; + } + + revision 2018-03-04 { + description "Resolved most issues on the DHC official + github"; + reference "I-D: draft-ietf-dhc-dhcpv6-yang"; + } + + revision 2017-12-22 { + description "Resolve most issues on Ian's github."; + reference "I-D: draft-ietf-dhc-dhcpv6-yang"; + + } + + revision 2017-11-24 { + description "First version of the separated DHCPv6 options + YANG model."; + reference "I-D:draft-ietf-dhc-dhcpv6-yang"; + } + + /* + * Groupings + */ + + grouping option-request-option-group { + container option-request-option { + description "OPTION_ORO (6) Option Request Option. A client + MUST include an Option Request option in a Solicit, Request, + Renew, Rebind, or Information-request message to inform + the server about options the client wants the server t + o send + to the client."; + reference "RFC8415: Dynamic Host Configuration Protocol for + IPv6 (DHCPv6)"; + leaf-list oro-option { + description "List of options that the client is requesting, + identified by option code"; + type uint16; + } + } + } + + grouping status-code-option-group { + container status-code-option { + description "OPTION_STATUS_CODE (13) Status Code Option."; + reference "RFC8415: Dynamic Host Configuration Protocol + for IPv6 (DHCPv6)"; + leaf status-code { + type uint16; + description "The numeric code for the status encoded + in this option. See the Status Codes registry at + + for the current list of status codes."; + } + leaf status-message { + type string; + description "A UTF-8 encoded text string suitable for + display to an end user. MUST NOT be null-terminated."; + } + } + + } + + grouping rapid-commit-option-group { + container rapid-commit-option { + presence "Enable sending of this option"; + description "OPTION_RAPID_COMMIT (14) Rapid Commit Option. + The presence node is used to enable the option."; + reference "RFC8415: Dynamic Host Configuration Protocol for + IPv6 (DHCPv6)"; + } + } + + grouping user-class-option-group { + container user-class-option { + description "OPTION_USER_CLASS (15) User Class Option"; + reference "RFC8415: Dynamic Host Configuration Protocol + for IPv6 (DHCPv6)"; + list user-class-data { + key user-class-datum-id; + min-elements 1; + description "The user classes of which the client + is a member."; + leaf user-class-datum-id { + type uint8; + description "User class datum ID"; + } + leaf user-class-datum { + type string; + description "Opaque field representing a User Class + of which the client is a member."; + } + } + } + } + + grouping vendor-class-option-group { + container vendor-class-option { + description "OPTION_VENDOR_CLASS (16) Vendor Class Option"; + reference "RFC8415: Dynamic Host Configuration Protocol + for IPv6 (DHCPv6)"; + list vendor-class-option-instances { + key enterprise-number; + description "The vendor class option allows for multiple + instances in a single message. Each list entry defines + the contents of an instance of the option."; + leaf enterprise-number { + type uint32; + description "The vendor's registered Enterprise Number + as maintained by IANA."; + } + list vendor-class { + key vendor-class-datum-id; + description "The vendor classes of which the client is + a member."; + leaf vendor-class-datum-id { + type uint8; + description "Vendor class datum ID"; + } + leaf vendor-class-datum { + type string; + description "Opaque field representing a vendor class + of which the client is a member."; + } + } + } + } + } + + grouping vendor-specific-information-option-group { + container vendor-specific-information-option { + description "OPTION_VENDOR_OPTS (17) Vendor-specific + Information Option"; + reference "RFC8415: Dynamic Host Configuration Protocol + for IPv6 (DHCPv6)"; + list vendor-specific-information-option-instances { + key enterprise-number; + description "The vendor specific information option allows + for multiple instances in a single message. Each list entry + defines the contents of an instance of the option."; + leaf enterprise-number { + type uint32; + description "The vendor's registered Enterprise Number, + as maintained by IANA."; + } + list vendor-option-data { + key sub-option-code; + description "Vendor options, interpreted by vendor-specific + client/server functions."; + leaf sub-option-code { + type uint16; + description "The code for the sub-option."; + } + leaf sub-option-data { + type string; + description "The data area for the sub-option."; + } + + } + } + } + } + + grouping reconfigure-accept-option-group { + container reconfigure-accept-option { + presence "Enable sending of this option"; + description "OPTION_RECONF_ACCEPT (20) Reconfigure Accept + Option. + A client uses the Reconfigure Accept option to announce to + the server whether the client is willing to accept + Reconfigure messages, and a server uses this option to tell + the client whether or not to accept Reconfigure messages. + In the absence of this option, the default behavior is that + the client is unwilling to accept Reconfigure messages. + The presence node is used to enable the option."; + reference "RFC8415: Dynamic Host Configuration Protocol + for IPv6 (DHCPv6)"; + } + } + + /* + * Augmentations + */ + + augment "/dhcpv6-client:dhcpv6-client/dhcpv6-client:client-if/dhcpv + 6-client:client-configured-options" { + when "../../../dhcpv6-client:dhcpv6-node-type='dhcpv6-client:clie + nt'"; uses option-request-option-group; uses status-code-option-group; uses rapid-commit-option-group; uses user-class-option-group; uses vendor-class-option-group; uses vendor-specific-information-option-group; uses reconfigure-accept-option-group; } } -3.5. DHCPv6 Common YANG Module +3.7. DHCPv6 Common YANG Module This module imports typedefs from [RFC6991]. file ietf-dhcpv6-common.yang module ietf-dhcpv6-common { yang-version 1.1; namespace "urn:ietf:params:xml:ns:yang:ietf-dhcpv6-common"; prefix "dhcpv6-common"; import ietf-yang-types { prefix yang; - + reference + "RFC 6991: Common YANG Data Types"; } organization "DHC WG"; contact "yong@csnet1.cs.tsinghua.edu.cn lh.sunlinh@gmail.com ian.farrer@telekom.de sladjana.zechlin@telekom.de hezihao9512@gmail.com"; description "This YANG module defines common components used for the configuration and management of DHCPv6."; + revision 2020-12-01 { + description "Version update for draft -12 publication."; + reference "I-D: draft-ietf-dhc-dhcpv6-yang-12"; + } + revision 2020-05-26 { description "Version update for draft -11 publication and to align revisions across the different modules."; reference "I-D: draft-ietf-dhc-dhcpv6-yang-11"; } revision 2018-09-04 { description ""; reference "I-D: draft-ietf-dhc-dhcpv6-yang"; } @@ -2729,40 +3336,40 @@ description "DUID Assigned by Vendor Based on Enterprise Number (Type 2 - DUID-EN)."; reference "RFC8415 Section 11.3"; leaf duid-en-enterprise-number { type uint32; description "Vendor's registered Private Enterprise Number as maintained by IANA."; } leaf duid-en-identifier { type string; - description "Indentifier, unique to the device."; + description "Identifier, unique to the device."; } } case duid-ll { description "DUID Based on Link-layer Address (Type 3 - DUID-LL)."; reference "RFC8415 Section 11.4"; leaf duid-ll-hardware-type { type uint16; description "Hardware type, as assigned by IANA (RFC826)."; } leaf duid-ll-link-layer-address { type yang:mac-address; description "Link-layer address, as described in RFC2464"; } } case duid-uuid { description "DUID Based on Universally Unique Identifier (Type 4 - DUID-UUID)."; - reference "RFC6335 Defination of the UUID-Based Unique + reference "RFC6335 Definition of the UUID-Based Unique Identifier"; leaf uuid { type yang:uuid; description "A Universally Unique Identifier in the string representation, defined in RFC4122. The canonical representation uses lowercase characters."; } } case duid-unstructured { description "DUID which does not follow any of the other @@ -2796,47 +3402,51 @@ provides the means to restrict access for particular NETCONF or RESTCONF users to a preconfigured subset of all available NETCONF or RESTCONF protocol operations and content. All data nodes defined in the YANG modules which can be created, modified, and deleted (i.e., config true, which is the default) are considered sensitive. Write operations (e.g., edit-config) to these data nodes without proper protection can have a negative effect on network operations. + As the RPCs for deleting/clearing active address and prefix entries + in the server and relay modules are particularly sensitive, these use + 'nacm:default-deny-all'. + An attacker who is able to access the DHCPv6 server can undertake various attacks, such as: - * Denial of service attacks, based on reconfiguring messages to a + * Denial of service attacks, based on re-configuring messages to a rogue DHCPv6 server. - * Various attacks based on reconfiguring the contents of DHCPv6 + * Various attacks based on re-configuring the contents of DHCPv6 options. E.g., changing the address of a the DNS server supplied in a DHCP option to point to a rogue server. An attacker who is able to access the DHCPv6 relay can undertake various attacks, such as: - * Reconfiguring the relay's destination address to send messages to + * Re-configuring the relay's destination address to send messages to a rogue DHCPv6 server. * Deleting information about a client's delegated prefix, causing a denial of service attack as traffic will no longer be routed to the client. Some of the readable data nodes in this YANG module may be considered sensitive or vulnerable in some network environments. It is thus important to control read access (e.g., via get, get-config, or notification) to these data nodes. These subtrees and data nodes can be misused to track the activity of a host: - * Reconfiguring the relay's destination address to send messages to + * Re-configuring the relay's destination address to send messages to a rogue DHCPv6 server. * Information the server holds about clients with active leases: (dhcpv6-server/network-ranges/network-range/ address-pools/ address-pool/active-leases) * Information the relay holds about clients with active leases: (dhcpv6-relay/relay-if/prefix-delegation/) Security considerations related to DHCPv6 are discussed in [RFC8415]. @@ -2860,32 +3470,47 @@ name: ietf-dhcpv6 namespace: urn:ietf:params:xml:ns:yang:ietf-dhcpv6-client prefix: dhcpv6 reference: TBD name: ietf-dhcpv6 namespace: urn:ietf:params:xml:ns:yang:ietf-dhcpv6-relay prefix: dhcpv6 reference: TBD + name: ietf-dhcpv6 namespace: urn:ietf:params:xml:ns:yang:ietf-dhcpv6-options- - rfc8415 + rfc8415-server + prefix: dhcpv6 + reference: TBD + + name: ietf-dhcpv6 + namespace: + urn:ietf:params:xml:ns:yang:ietf-dhcpv6-options- + rfc8415-relay + prefix: dhcpv6 + reference: TBD + + name: ietf-dhcpv6 + namespace: + urn:ietf:params:xml:ns:yang:ietf-dhcpv6-options- + rfc8415-client prefix: dhcpv6 reference: TBD 6. Acknowledgments The authors would like to thank Qi Sun, Lishan Li, Sladjana Zoric, - Tomek Mrugalski, Marcin Siodelski, Bernie Volz and Bing Liu for their - valuable comments and contributions to this work. + Tomek Mrugalski, Marcin Siodelski, and Bing Liu for their valuable + comments and contributions to this work. 7. Contributors The following individuals contributed to this effort: Hao Wang Tsinghua University Beijing 100084 P.R. China Phone: +86-10-6278-5822 @@ -2981,25 +3606,25 @@ [RFC3319] Schulzrinne, H. and B. Volz, "Dynamic Host Configuration Protocol (DHCPv6) Options for Session Initiation Protocol (SIP) Servers", RFC 3319, DOI 10.17487/RFC3319, July 2003, . Appendix A. Example of Augmenting Additional DHCPv6 Option Definitions The following section provides a example of how the DHCPv6 option definitions can be extended for additional options. It is expected - that additional specficication documents will be published in the + that additional specification documents will be published in the future for this. - The example YANG models OPTION_SIP_SERVER_D (21) and - OPTION_SIP_SERVER_D (21) defined in [RFC3319]. The overall structure + The example defines YANG models for OPTION_SIP_SERVER_D (21) and + OPTION_SIP_SERVER_D (22) defined in [RFC3319]. The overall structure is as follows: * A separate grouping is used for each option. * The name of the option is taken from the registered IANA name for the option, with an '-option' suffix added. * The description field is taken from the relevant option code name and number. @@ -3013,21 +3638,21 @@ * Fields which can have multiple entries or instances are defined using list or leaf-list nodes. Below the groupings for option definitions, augment statements are used to add the option definitions for use in the relevant DHCP element's module (server, relay and/or client). If an option is relevant to more than one element type, then an augment statement for each element is used. - file example-dhcpv6-options-rfc3319.yang + file example-dhcpv6-options-rfc3319-server.yang module example-dhcpv6-options-rfc3319 { yang-version 1.1; namespace "urn:ietf:params:xml:ns:yang:example-dhcpv6-options-rfc33 19"; prefix "rfc3319"; import ietf-inet-types { prefix inet; } @@ -3037,20 +3662,25 @@ } organization "DHC WG"; contact "ian.farrer@telekom.de godfryd@isc.org"; description "This YANG module contains DHCPv6 options defined in RFC3319 that can be used by DHCPv6 servers."; + revision 2020-12-01 { + description "Version update for draft -12 publication."; + reference "I-D: draft-ietf-dhc-dhcpv6-yang-12"; + } + revision 2020-05-26 { description "Version update for draft -11 publication and to align revisions across the different modules."; reference "I-D: draft-ietf-dhc-dhcpv6-yang-11"; } revision 2019-10-18 { description "Initial version."; reference "I-D: draft-ietf-dhc-dhcpv6-yang"; } @@ -3056,29 +3686,38 @@ } /* * Groupings */ grouping sip-server-domain-name-list-option-group { container sip-server-domain-name-list-option { description "OPTION_SIP_SERVER_D (21) SIP Servers Domain Name List"; + reference "RFC3319: Dynamic Host Configuration Protocol (DHCPv6) Options for Session Initiation Protocol (SIP) Servers"; + list sip-server { + key sip-serv-id; + description "sip server info"; + leaf sip-serv-id { + type uint8; + description "sip server id"; + } leaf sip-serv-domain-name { type inet:domain-name; description "sip server domain name"; } } } + } grouping sip-server-address-list-option-group { container sip-server-address-list-option { description "OPTION_SIP_SERVER_A (22) SIP Servers IPv6 Address List"; reference "RFC3319: Dynamic Host Configuration Protocol (DHCPv6) Options for Session Initiation Protocol (SIP) Servers"; list sip-server { key sip-serv-id; @@ -3092,45 +3731,67 @@ description "sip server addr"; } } } } /* * Augmentations */ - augment "/dhcpv6-server:dhcpv6-server/dhcpv6-server:option-sets/ - dhcpv6-server:option-set" { - when "../../../dhcpv6-server:dhcpv6-node-type= - 'dhcpv6-server:server'"; + augment "/dhcpv6-server:dhcpv6-server/dhcpv6-server:option-sets/dhc + pv6-server:option-set" { + when "../../../dhcpv6-server:dhcpv6-node-type='dhcpv6-server:serv + er'"; uses sip-server-domain-name-list-option-group; uses sip-server-address-list-option-group; } } + The correct location to augment the new option definition(s) will + vary according to the specific rules defined for the use of that + specific option. E.g. for options which will be augmented into the + ietf-dhcpv6-server module, in many cases, these will be augmented to: + + '/dhcpv6-server:dhcpv6-server/dhcpv6-server:option-sets/\ dhcpv6- + server:option-set' + + so that they can be defined within option sets. However, there are + some options which are only applicable for specific deployment + scenarios and in these cases it may be more logical to augment the + option group to a location relevant for the option. + + One example for this could be OPTION_PD_EXCLUDE (67). This option is + only relevant in combination with a delegated prefix which contains a + specific prefix. In this case, the following location for the + augmentation may be more suitable: + + '/dhcpv6-server:dhcpv6-server/dhcpv6-server:network-ranges/\ dhcpv6- + server:network-range/dhcpv6-server:prefix-pools/\ dhcpv6- + server:prefix-pool" + Appendix B. Example Vendor Specific Server Configuration Module This section shows how to extend the server YANG module defined in this document with vendor specific configuration nodes, e.g., configuring access to a lease storage database. The example module defines additional server attributes such as name and description. Storage for leases is configured using a lease- storage container. It allows storing leases in one of three options: memory (memfile), MySQL and PosgreSQL. For each case, the necessary configuration parameters are provided. At the end there is an augment statement which adds the vendor specific configuration defined in "dhcpv6-server-config:config" under - "/dhcpv6-server:config/dhcpv6-server:vendor-config" mountpoint. + '/dhcpv6-server:config/dhcpv6-server:vendor-config' mount point. file example-dhcpv6-server-config.yang module example-dhcpv6-server-config { yang-version 1.1; namespace "urn:ietf:params:xml:ns:yang:example-dhcpv6-server-config "; prefix "dhcpv6-server-config"; import ietf-inet-types { @@ -3152,29 +3813,35 @@ ian.farrer@telekom.de sladjana.zechlin@telekom.de hezihao9512@gmail.com"; description "This YANG module defines components for the configuration and management of vendor/implementation specific DHCPv6 server functionality. As this functionality varies greatly between different implementations, the module provided as an example only."; + revision 2020-12-01 { + description "Version update for draft -12 publication."; + reference "I-D: draft-ietf-dhc-dhcpv6-yang-12"; + } + revision 2020-05-26 { description "Version update for draft -11 publication and to align revisions across the different modules."; reference "I-D: draft-ietf-dhc-dhcpv6-yang-11"; } revision 2019-06-04 { description ""; reference "I-D: draft-ietf-dhc-dhcpv6-yang"; + } /* * Groupings */ grouping config { description "Parameters necessary for the configuration of a DHCPv6 server"; container serv-attributes { @@ -3365,29 +4032,29 @@ augment "/dhcpv6-server:dhcpv6-server/dhcpv6-server:vendor-config" { uses dhcpv6-server-config:config; } } Appendix C. Example definition of class selector configuration The module "example-dhcpv6-class-selector" provides an example of how - vendor specific class selection configuration can be modeled and + vendor specific class selection configuration can be modelled and integrated with the "ietf-dhcpv6-server" module defined in this document. The example module defines "client-class-names" with associated matching rules. A client can be classified based on "client-id", "interface-id" (ingress interface of the client's messages), packets source or destination address, relay link address, relay link - interface-id and more. Actually there is endless methods for + interface-id and more. Actually, there are endless methods for classifying clients. So this standard does not try to provide full specification for class selection, it only shows an example how it can be defined. At the end of the example augment statements are used to add the defined class selector rules into the overall DHCPv6 addressing hierarchy. This is done in two main parts: * The augmented class-selector configuration in the main DHCPv6 Server configuration. @@ -3397,26 +4064,27 @@ required. The mechanism is as follows: class is associated to client based on rules and then client is allowed to get address(es)/prefix(es) from given network-range/pool if the class name matches. file example-dhcpv6-class-selector.yang module example-dhcpv6-class-selector { yang-version 1.1; - namespace - "urn:ietf:params:xml:ns:yang:example-dhcpv6-class-selector"; + namespace "urn:ietf:params:xml:ns:yang:example-dhcpv6-class-selecto + r"; prefix "dhcpv6-class-selector"; import ietf-inet-types { prefix inet; + } import ietf-interfaces { prefix if; } import ietf-dhcpv6-common { prefix dhcpv6-common; } @@ -3431,25 +4099,31 @@ ian.farrer@telekom.de sladjana.zechlin@telekom.de hezihao9512@gmail.com"; description "This YANG module defines components for the definition and configuration of the client class selector function for a DHCPv6 server. As this functionality varies greatly between different implementations, the module provided as an example only."; + revision 2020-12-01 { + description "Version update for draft -12 publication."; + reference "I-D: draft-ietf-dhc-dhcpv6-yang-12"; + } + revision 2020-05-26 { description "Version update for draft -11 publication and to align revisions across the different modules."; reference "I-D: draft-ietf-dhc-dhcpv6-yang-11"; } + revision 2019-06-13 { description ""; reference "I-D: draft-ietf-dhc-dhcpv6-yang"; } /* * Groupings */ grouping client-class-id { @@ -3599,64 +4274,60 @@ of the received client DUID."; uses dhcpv6-common:duid; } } } /* * Augmentations */ - augment - "/dhcpv6-server:dhcpv6-server/dhcpv6-server:class-selector" { + augment "/dhcpv6-server:dhcpv6-server/dhcpv6-server:class-selector" + { container client-classes { list class { description "List of the client class identifiers applicable to clients served by this address pool"; key client-class-name; uses dhcpv6-class-selector:client-class-id; } } } - augment - "/dhcpv6-server:dhcpv6-server/dhcpv6-server:network-ranges/ + augment "/dhcpv6-server:dhcpv6-server/dhcpv6-server:network-ranges/ dhcpv6-server:network-range" { leaf-list client-class { type leafref { path "/dhcpv6-server:dhcpv6-server/dhcpv6-server:class-select or/client-classes/class/client-class-name"; } } } - augment - "/dhcpv6-server:dhcpv6-server/dhcpv6-server:network-ranges/ - dhcpv6-server:network-range/dhcpv6-server:address-pools/ - dhcpv6-server:address-pool" { + augment "/dhcpv6-server:dhcpv6-server/dhcpv6-server:network-ranges/ + dhcpv6-server:network-range/dhcpv6-server:address-pools/dhcpv6-server + :address-pool" { leaf-list client-class { type leafref { - path "/dhcpv6-server:dhcpv6-server/dhcpv6-server: - class-selector/client-classes/class/client-class-name"; - + path "/dhcpv6-server:dhcpv6-server/dhcpv6-server:class-select + or/client-classes/class/client-class-name"; } } } - augment - "/dhcpv6-server:dhcpv6-server/dhcpv6-server:network-ranges/ - dhcpv6-server:network-range/dhcpv6-server:prefix-pools/ - dhcpv6-server:prefix-pool" { + augment "/dhcpv6-server:dhcpv6-server/dhcpv6-server:network-ranges/ + dhcpv6-server:network-range/dhcpv6-server:prefix-pools/dhcpv6-server: + prefix-pool" { leaf-list client-class { type leafref { - path "/dhcpv6-server:dhcpv6-server/dhcpv6-server: - class-selector/client-classes/class/client-class-name"; + path "/dhcpv6-server:dhcpv6-server/dhcpv6-server:class-select + or/client-classes/class/client-class-name"; } } } } Authors' Addresses Yong Cui Tsinghua University