--- 1/draft-ietf-isis-yang-isis-cfg-40.txt 2019-10-08 11:13:11.567070454 -0700
+++ 2/draft-ietf-isis-yang-isis-cfg-41.txt 2019-10-08 11:13:11.763075434 -0700
@@ -1,25 +1,25 @@
IS-IS Working Group S. Litkowski
Internet-Draft Cisco Systems
Intended status: Standards Track D. Yeung
-Expires: March 31, 2020 Arrcus, Inc
+Expires: April 10, 2020 Arrcus, Inc
A. Lindem
Cisco Systems
J. Zhang
Juniper Networks
L. Lhotka
CZ.NIC
- September 28, 2019
+ October 08, 2019
YANG Data Model for IS-IS Protocol
- draft-ietf-isis-yang-isis-cfg-40
+ draft-ietf-isis-yang-isis-cfg-41
Abstract
This document defines a YANG data model that can be used to configure
and manage the IS-IS protocol on network elements.
Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
@@ -35,21 +35,21 @@
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
- This Internet-Draft will expire on March 31, 2020.
+ This Internet-Draft will expire on April 10, 2020.
Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
@@ -57,49 +57,49 @@
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Design of the Data Model . . . . . . . . . . . . . . . . . . 3
2.1. IS-IS Configuration . . . . . . . . . . . . . . . . . . . 9
- 2.2. Multi-topology Parameters . . . . . . . . . . . . . . . . 9
+ 2.2. Multi-topology Parameters . . . . . . . . . . . . . . . . 10
2.3. Per-Level Parameters . . . . . . . . . . . . . . . . . . 10
- 2.4. Per-Interface Parameters . . . . . . . . . . . . . . . . 11
- 2.5. Authentication Parameters . . . . . . . . . . . . . . . . 18
+ 2.4. Per-Interface Parameters . . . . . . . . . . . . . . . . 12
+ 2.5. Authentication Parameters . . . . . . . . . . . . . . . . 19
2.6. IGP/LDP synchronization . . . . . . . . . . . . . . . . . 19
- 2.7. ISO parameters . . . . . . . . . . . . . . . . . . . . . 19
- 2.8. IP FRR . . . . . . . . . . . . . . . . . . . . . . . . . 19
+ 2.7. ISO parameters . . . . . . . . . . . . . . . . . . . . . 20
+ 2.8. IP FRR . . . . . . . . . . . . . . . . . . . . . . . . . 20
2.9. Operational States . . . . . . . . . . . . . . . . . . . 20
- 3. RPC Operations . . . . . . . . . . . . . . . . . . . . . . . 20
- 4. Notifications . . . . . . . . . . . . . . . . . . . . . . . . 20
+ 3. RPC Operations . . . . . . . . . . . . . . . . . . . . . . . 21
+ 4. Notifications . . . . . . . . . . . . . . . . . . . . . . . . 21
5. Interaction with Other YANG Modules . . . . . . . . . . . . . 22
- 6. IS-IS YANG Module . . . . . . . . . . . . . . . . . . . . . . 22
- 7. Security Considerations . . . . . . . . . . . . . . . . . . . 105
- 8. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 107
- 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 107
- 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 107
- 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 108
- 11.1. Normative References . . . . . . . . . . . . . . . . . . 108
- 11.2. Informative References . . . . . . . . . . . . . . . . . 112
- Appendix A. Example of IS-IS configuration in XML . . . . . . . 112
- Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 114
+ 6. IS-IS YANG Module . . . . . . . . . . . . . . . . . . . . . . 23
+ 7. Security Considerations . . . . . . . . . . . . . . . . . . . 108
+ 8. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 110
+ 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 110
+ 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 110
+ 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 110
+ 11.1. Normative References . . . . . . . . . . . . . . . . . . 110
+ 11.2. Informative References . . . . . . . . . . . . . . . . . 115
+ Appendix A. Example of IS-IS configuration in XML . . . . . . . 115
+ Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 117
1. Introduction
This document defines a YANG [RFC7950] data model for IS-IS routing
protocol.
The data model covers configuration of an IS-IS routing protocol
- instance, as well as, the retrieval of IS-IS operational state.
+ instance, as well as, the retrieval of IS-IS operational states.
A simplified tree representation of the data model is presented in
Section 2. Tree diagrams used in this document follow the notation
defined in [RFC8340].
The module is designed as per the NMDA (Network Management Datastore
Architecture) [RFC8342].
2. Design of the Data Model
@@ -109,32 +109,32 @@
The figure below describes the overall structure of the ietf-isis
YANG module:
module: ietf-isis
augment /rt:routing/rt:ribs/rt:rib/rt:routes/rt:route:
+--ro metric? uint32
+--ro tag* uint64
+--ro route-type? enumeration
augment /if:interfaces/if:interface:
+--rw clns-mtu? uint16 {osi-interface}?
- augment
- | /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol:
+augment /rt:routing/rt:control-plane-protocols/rt:
+ control-plane-protocol:
+--rw isis
+--rw enable? boolean {admin-control}?
+--rw level-type? level
+--rw system-id? system-id
+--rw maximum-area-addresses? uint8 {maximum-area-addresses}?
+--rw area-address* area-address
+--rw lsp-mtu? uint16
+--rw lsp-lifetime? uint16
- +--rw lsp-refresh?
- | rt-types:timer-value-seconds16 {lsp-refresh}?
+ +--rw lsp-refresh? rt-types:timer-value-seconds16
+ | {lsp-refresh}?
+--rw poi-tlv? boolean {poi-tlv}?
+--rw graceful-restart {graceful-restart}?
| +--rw enable? boolean
| +--rw restart-interval? rt-types:timer-value-seconds16
| +--rw helper-enable? boolean
+--rw nsr {nsr}?
| +--rw enable? boolean
+--rw node-tags {node-tag}?
| +--rw node-tag* [tag]
| ...
@@ -197,201 +197,222 @@
+--ro local-rib
| +--ro route* [prefix]
| ...
+--ro system-counters
| +--ro level* [level]
| ...
+--ro protected-routes
| +--ro address-family-stats* [address-family prefix alternate]
| ...
+--ro unprotected-routes
- | +--ro address-family-stats* [address-family prefix]
+ | +--ro prefixes* [address-family prefix]
| ...
+--ro protection-statistics* [frr-protection-method]
| +--ro frr-protection-method identityref
| +--ro address-family-stats* [address-family]
| ...
+--rw discontinuity-time? yang:date-and-time
+--rw topologies {multi-topology}?
| +--rw topology* [name]
| ...
+--rw interfaces
+--rw interface* [name]
...
rpcs:
+---x clear-adjacency
| +---w input
- | +---w routing-protocol-instance-name
- | ->/rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +---w routing-protocol-instance-name -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +---w level? level
| +---w interface? if:interface-ref
+---x clear-database
+---w input
- +---w routing-protocol-instance-name
- -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ +---w routing-protocol-instance-name -> /rt:routing/
+ | control-plane-protocols/
+ | control-plane-protocol/name
+---w level? level
notifications:
+---n database-overload
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro overload? enumeration
+---n lsp-too-large
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro pdu-size? uint32
| +--ro lsp-id? lsp-id
+---n if-state-change
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro state? if-state-type
+---n corrupted-lsp-detected
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro lsp-id? lsp-id
+---n attempt-to-exceed-max-sequence
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro lsp-id? lsp-id
+---n id-len-mismatch
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro pdu-field-len? uint8
| +--ro raw-pdu? binary
+---n max-area-addresses-mismatch
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro max-area-addresses? uint8
| +--ro raw-pdu? binary
+---n own-lsp-purge
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro lsp-id? lsp-id
+---n sequence-number-skipped
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro lsp-id? lsp-id
+---n authentication-type-failure
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro raw-pdu? binary
+---n authentication-failure
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro raw-pdu? binary
+---n version-skew
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro protocol-version? uint8
| +--ro raw-pdu? binary
+---n area-mismatch
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro raw-pdu? binary
+---n rejected-adjacency
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro raw-pdu? binary
| +--ro reason? string
+---n protocols-supported-mismatch
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro raw-pdu? binary
| +--ro protocols* uint8
+---n lsp-error-detected
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro lsp-id? lsp-id
| +--ro raw-pdu? binary
| +--ro error-offset? uint32
| +--ro tlv-type? uint8
+---n adjacency-state-change
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro neighbor? string
| +--ro neighbor-system-id? system-id
| +--ro state? adj-state-type
| +--ro reason? string
+---n lsp-received
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro lsp-id? lsp-id
| +--ro sequence? uint32
| +--ro received-timestamp? yang:timestamp
| +--ro neighbor-system-id? system-id
+---n lsp-generation
- +--ro routing-protocol-name?
- -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ +--ro routing-protocol-name? -> /rt:routing/
+ | control-plane-protocols/
+ | control-plane-protocol/name
+--ro isis-level? level
+--ro lsp-id? lsp-id
+--ro sequence? uint32
+--ro send-timestamp? yang:timestamp
2.1. IS-IS Configuration
The IS-IS configuration is divided into:
o Global parameters.
@@ -412,25 +433,25 @@
lsp-mtu, lsp-lifetime, lsp-refresh, default-metric, etc.
2.2. Multi-topology Parameters
The model supports multi-topology (MT) IS-IS as defined in [RFC5120].
The "topologies" container is used to enable support of the MT
extensions.
The "name" used in the topology list should refer to an existing
- Routing Information Base (RIB) defined for the device [RFC8349].
+ Routing Information Based (RIB) defined for the device [RFC8349].
Some specific parameters can be defined on a per-topology basis, both
at the global level and at the interface level: for example, an
- interface metric can be defined per-topology.
+ interface metric can be defined per topology.
Multiple address families (such as, IPv4 or IPv6) can also be enabled
within the default topology. This can be achieved using the address-
families container (requiring the "nlpid-control" feature to be
supported).
2.3. Per-Level Parameters
Some parameters allow a per-level configuration. For such
parameters, the parameter is modeled as a container with three
@@ -450,30 +471,26 @@
| +--rw level-2
| +--rw value? uint8
Example:
250
100
-
- 200
-
An implementation MUST prefer a level-specific parameter over a top-
- level parameter. For example, if the priority is 100 for the level-
- 1, 200 for the level-2 and 250 for the top-level configuration, the
- implementation must use 100 for the level-1 priority and 200 for the
- level-2 priority.
+ level parameter. For example, if the priority is 100 for the level-1
+ and 250 for the top-level configuration, the implementation must use
+ 100 for the level-1 priority and 250 for the level-2 priority.
Some parameters, such as, "overload bit" and "route preference", are
not modeled to support a per-level configuration. If an
implementation supports per-level configuration for such parameter,
this implementation MUST augment the current model by adding both
level-1 and level-2 containers and MUST reuse existing configuration
groupings.
Example of augmentation:
@@ -523,27 +540,27 @@
parameter.
Some parameters, such as, hello-padding are defined as containers to
allow easy extension by vendor-specific modules.
+--rw interfaces
+--rw interface* [name]
+--rw name if:interface-ref
+--rw enable? boolean {admin-control}?
+--rw level-type? level
- +--rw lsp-pacing-interval?
- | rt-types:timer-value-milliseconds
- +--rw lsp-retransmit-interval?
- | rt-types:timer-value-seconds16
+ +--rw lsp-pacing-interval? rt-types:
+ | timer-value-milliseconds
+ +--rw lsp-retransmit-interval? rt-types:
+ | timer-value-seconds16
+--rw passive? boolean
- +--rw csnp-interval?
- | rt-types:timer-value-seconds16
+ +--rw csnp-interval? rt-types:
+ | timer-value-seconds16
+--rw hello-padding
| +--rw enable? boolean
+--rw mesh-group-enable? mesh-group-state
+--rw mesh-group? uint8
+--rw interface-type? interface-type
+--rw tag* uint32 {prefix-tag}?
+--rw tag64* uint64 {prefix-tag64}?
+--rw node-flag? boolean {node-flag}?
+--rw hello-authentication
| +--rw (authentication-type)?
@@ -618,26 +635,25 @@
| | +--rw enable? boolean
| +--rw level-2
| +--rw candidate-enable? boolean
| +--rw enable? boolean
| +--rw remote-lfa {remote-lfa}?
| +--rw enable? boolean
+--ro adjacencies
| +--ro adjacency* []
| +--ro neighbor-sys-type? level
| +--ro neighbor-sysid? system-id
- | +--ro neighbor-extended-circuit-id?
- | | extended-circuit-id
+ | +--ro neighbor-extended-circuit-id? extended-circuit-id
| +--ro neighbor-snpa? snpa
| +--ro usage? level
- | +--ro hold-timer?
- | rt-types:timer-value-seconds16
+ | +--ro hold-timer? rt-types:
+ | | timer-value-seconds16
| +--ro neighbor-priority? uint8
| +--ro lastuptime? yang:timestamp
| +--ro state? adj-state-type
+--ro event-counters
| +--ro adjacency-changes? uint32
| +--ro adjacency-number? uint32
| +--ro init-fails? uint32
| +--ro adjacency-rejects? uint32
| +--ro id-len-mismatch? uint32
| +--ro max-area-addresses-mismatch? uint32
@@ -663,196 +679,217 @@
| | +--ro in? uint32
| | +--ro out? uint32
| +--ro csnp
| | +--ro in? uint32
| | +--ro out? uint32
| +--ro unknown
| +--ro in? uint32
+--rw discontinuity-time? yang:date-and-time
+--rw topologies {multi-topology}?
+--rw topology* [name]
- +--rw name
- | -> ../../../../../../../../rt:ribs/rib/name
+ +--rw name ->
+ | ../../../../../../../../rt:ribs/rib/name
+--rw metric
+--rw value? wide-metric
+--rw level-1
| +--rw value? wide-metric
+--rw level-2
+--rw value? wide-metric
rpcs:
+---x clear-adjacency
| +---w input
- | +---w routing-protocol-instance-name
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +---w routing-protocol-instance-name -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +---w level? level
| +---w interface? if:interface-ref
+---x clear-database
+---w input
- +---w routing-protocol-instance-name
- -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ +---w routing-protocol-instance-name -> /rt:routing/
+ | control-plane-protocols/
+ | control-plane-protocol/name
+---w level? level
notifications:
+---n database-overload
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro overload? enumeration
+---n lsp-too-large
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro pdu-size? uint32
| +--ro lsp-id? lsp-id
+---n if-state-change
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro state? if-state-type
+---n corrupted-lsp-detected
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro lsp-id? lsp-id
+---n attempt-to-exceed-max-sequence
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro lsp-id? lsp-id
+---n id-len-mismatch
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro pdu-field-len? uint8
| +--ro raw-pdu? binary
+---n max-area-addresses-mismatch
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro max-area-addresses? uint8
| +--ro raw-pdu? binary
+---n own-lsp-purge
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro lsp-id? lsp-id
+---n sequence-number-skipped
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro lsp-id? lsp-id
+---n authentication-type-failure
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro raw-pdu? binary
+---n authentication-failure
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro raw-pdu? binary
+---n version-skew
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro protocol-version? uint8
| +--ro raw-pdu? binary
+---n area-mismatch
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro raw-pdu? binary
+---n rejected-adjacency
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro raw-pdu? binary
| +--ro reason? string
+---n protocols-supported-mismatch
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro raw-pdu? binary
| +--ro protocols* uint8
+---n lsp-error-detected
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro lsp-id? lsp-id
| +--ro raw-pdu? binary
| +--ro error-offset? uint32
| +--ro tlv-type? uint8
+---n adjacency-state-change
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro neighbor? string
| +--ro neighbor-system-id? system-id
| +--ro state? adj-state-type
| +--ro reason? string
+---n lsp-received
- | +--ro routing-protocol-name?
- | -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ | +--ro routing-protocol-name? -> /rt:routing/
+ | | control-plane-protocols/
+ | | control-plane-protocol/name
| +--ro isis-level? level
| +--ro interface-name? if:interface-ref
| +--ro interface-level? level
| +--ro extended-circuit-id? extended-circuit-id
| +--ro lsp-id? lsp-id
| +--ro sequence? uint32
| +--ro received-timestamp? yang:timestamp
| +--ro neighbor-system-id? system-id
+---n lsp-generation
- +--ro routing-protocol-name?
- -> /rt:routing/control-plane-protocols/control-plane-protocol/name
+ +--ro routing-protocol-name? -> /rt:routing/
+ | control-plane-protocols/
+ | control-plane-protocol/name
+--ro isis-level? level
+--ro lsp-id? lsp-id
+--ro sequence? uint32
+--ro send-timestamp? yang:timestamp
2.5. Authentication Parameters
The module enables authentication configuration through the IETF key-
chain module [RFC8177]. The IS-IS module imports the "ietf-key-
chain" module and reuses some groupings to allow global and per-
@@ -862,42 +899,43 @@
and LSPs (Link State Packets) with the authentication parameters
supplied. The authentication of HELLO PDUs (Protocol Data Units) can
be activated on a per-interface basis.
2.6. IGP/LDP synchronization
[RFC5443] defines a mechanism where IGP (Interior Gateway Protocol)
needs to be synchronized with LDP (Label Distribution Protocol). An
"ldp-igp-sync" feature has been defined in the model to support this
functionality. The "mpls/ldp/igp-sync" leaf under "interface" allows
- activation of the mechanism on a per-interface basis. The "mpls/ldp/
- igp-sync" container in the global configuration is intentionally
- empty and is not required for feature activation. The goal of this
- empty container is to facilitate augmentation with additional
- parameters, e.g., timers.
+ activation of the functionality on a per-interface basis. The
+ "mpls/ldp/igp-sync" container in the global configuration is
+ intentionally empty and is not required for feature activation. The
+ goal of this empty container is to facilitate augmentation with
+ additional parameters, e.g., timers.
2.7. ISO parameters
As the IS-IS protocol is based on the ISO protocol suite, some ISO
parameters may be required.
This module augments interface configuration model to support
selected ISO configuration parameters.
The clns-mtu can be configured for an interface.
2.8. IP FRR
This YANG module supports LFA (Loop Free Alternates) [RFC5286] and
remote LFA [RFC7490] as IP Fast Re-Route (FRR) techniques. The
"fast-reroute" container may be augmented by other models to support
- other IP FRR flavors (MRT, TI-LFA, etc.).
+ other IP FRR flavors (MRT as defined in [RFC7812], TI-LFA as defined
+ in [I-D.ietf-rtgwg-segment-routing-ti-lfa], etc.).
The current version of the model supports activation of LFA and
remote LFA at the interface-level only. The global "lfa" container
is present but kept empty to allow augmentation with vendor-specific
properties, e.g., policies.
Remote LFA is considered as an extension of LFA. Remote LFA cannot
be enabled if LFA is not enabled.
The "candidate-enable" data leaf designates that an interface can be
@@ -945,22 +983,22 @@
4. Notifications
The "ietf-isis" module defines the following notifications :
database-overload: This notification is sent when the IS-IS Node
overload condition changes.
lsp-too-large: This notification is sent when the system tries to
propagate a PDU that is too large.
- if-state-change: This notification is sent when the state of an
- interface's state changes.
+ if-state-change: This notification is sent when an interface's
+ state changes.
corrupted-lsp-detected: This notification is sent when the IS-IS
node discovers that an LSP that was previously stored in the Link
State Database, i.e., local memory, has become corrupted.
attempt-to-exceed-max-sequence: This notification is sent when the
system wraps the 32-bit sequence counter of an LSP.
id-len-mismatch: This notification is sent when we receive a PDU
with a different value for the System ID length.
@@ -1004,21 +1042,21 @@
lsp-received: This notification is sent when an LSP is received.
lsp-generation: This notification is sent when an LSP is
regenerated.
5. Interaction with Other YANG Modules
The "isis" container augments the "/rt:routing/rt:control-plane-
protocols/control-plane-protocol" container of the ietf-routing
- [RFC8349] module by with IS-IS-specific parameters.
+ [RFC8349] module with IS-IS-specific parameters.
The "isis" module augments "/if:interfaces/if:interface" defined by
[RFC8343] with ISO specific parameters.
The "isis" operational state container augments the "/rt:routing-
state/rt:control-plane-protocols/control-plane-protocol" container of
the ietf-routing module with IS-IS-specific operational states.
Some IS-IS-specific route attributes are added to route objects in
the ietf-routing module by augmenting "/rt:routing-
@@ -1034,21 +1072,21 @@
6. IS-IS YANG Module
The following RFCs, drafts and external standards are not referenced
in the document text but are referenced in the ietf-isis.yang module:
[ISO-10589], [RFC1195], [RFC4090],[RFC5029], [RFC5130], [RFC5302],
[RFC5305], [RFC5306], [RFC5307], [RFC5308], [RFC5880], [RFC5881],
[RFC6119], [RFC6232], [RFC7794], [RFC7981], [RFC8570], [RFC7917],
[RFC8405].
- file "ietf-isis@2019-09-26.yang"
+ file "ietf-isis@2019-10-08.yang"
module ietf-isis {
yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-isis";
prefix isis;
import ietf-routing {
prefix "rt";
reference "RFC 8349 - A YANG Data Model for Routing
Management (NMDA Version)";
@@ -1142,28 +1181,27 @@
The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
'MAY', and 'OPTIONAL' in this document are to be interpreted as
described in BCP 14 (RFC 2119) (RFC 8174) when, and only when,
they appear in all capitals, as shown here.
This version of this YANG module is part of RFC XXXX;
see the RFC itself for full legal notices.";
- revision 2019-09-26 {
+ revision 2019-10-08 {
description
"Initial revision.";
reference "RFC XXXX";
}
/* Identities */
-
identity isis {
base rt:routing-protocol;
description "Identity for the IS-IS routing protocol.";
}
identity lsp-log-reason {
description "Base identity for an LSP change log reason.";
}
identity refresh {
@@ -1215,20 +1253,54 @@
}
identity frr-protection-available-downstream-type {
base frr-protection-available-type;
description "The alternate is downstream of node in the path.";
}
identity frr-protection-available-other-type {
base frr-protection-available-type;
description "The level of protection is unknown.";
}
+ identity frr-alternate-type {
+ description "Base identity for IP Fast Reroute alternate type.";
+ }
+ identity frr-alternate-type-equal-cost {
+ base frr-alternate-type;
+ description "ECMP alternate.";
+ }
+ identity frr-alternate-type-lfa {
+ base frr-alternate-type;
+ description "LFA alternate.";
+ }
+ identity frr-alternate-type-remote-lfa {
+ base frr-alternate-type;
+ description "Remote LFA alternate.";
+ }
+ identity frr-alternate-type-tunnel {
+ base frr-alternate-type;
+ description "Tunnel based alternate (such as,
+ RSVP-TE or GRE).";
+ }
+ identity frr-alternate-mrt {
+ base frr-alternate-type;
+ description "MRT alternate.";
+ }
+ identity frr-alternate-tilfa {
+ base frr-alternate-type;
+ description "TILFA alternate.";
+ }
+ identity frr-alternate-other {
+ base frr-alternate-type;
+ description "Other alternate.";
+
+ }
+
identity unidirectional-link-delay-subtlv-flag {
description "Base identity for unidirectional-link-delay
subTLV flags. Flags are defined in RFC8570.";
}
identity unidirectional-link-delay-subtlv-a-flag {
base unidirectional-link-delay-subtlv-flag;
description
"The A bit represents the Anomalous (A) bit.
The A bit is set when the measured value of
this parameter exceeds its configured
@@ -1309,45 +1381,46 @@
"Quote from RFC7981: 'When the IS-IS Router CAPABILITY TLV
is leaked from level-2 to level-1, the D bit MUST be set.
Otherwise, this bit MUST be clear. IS-IS Router
capability TLVs with the D bit set MUST NOT be
leaked from level-1 to level-2 in to prevent
TLV looping'.";
}
identity lsp-flag {
description "Base identity for LSP attributes.
+
Attributes are defined in ISO 10589";
}
identity lsp-partitioned-flag {
base lsp-flag;
description "Originator partition repair supported";
}
identity lsp-attached-error-metric-flag {
base lsp-flag;
description "Set when originator is attached to
- another area using the referred metric.";
+ another area using the error metric.";
}
identity lsp-attached-delay-metric-flag {
base lsp-flag;
description "Set when originator is attached to
- another area using the referred metric.";
+ another area using the delay metric.";
}
identity lsp-attached-expense-metric-flag {
base lsp-flag;
description "Set when originator is attached to
- another area using the referred metric.";
+ another area using the expense metric.";
}
identity lsp-attached-default-metric-flag {
base lsp-flag;
description "Set when originator is attached to
- another area using the referred metric.";
+ another area using the default metric.";
}
identity lsp-overload-flag {
base lsp-flag;
description
"If set, the originator is overloaded,
and must be avoided in path calculation.";
}
identity lsp-l1system-flag {
base lsp-flag;
description
@@ -1396,30 +1468,30 @@
Extended IP and IPv6 Reachability";
}
feature node-tag {
description
"Support for node admin tag for IS-IS routing instances.";
reference "RFC7917 - Advertising Node Administrative Tags
in IS-IS";
}
feature ldp-igp-sync {
description
- "LDP IGP synchronization.";
+ "Support for LDP IGP synchronization.";
reference "RFC5443 - LDP IGP Synchronization.";
}
feature fast-reroute {
description
"Support for IP Fast Reroute (IP-FRR).";
}
feature nsr {
description
- "Non-Stop-Routing (NSR) support. The IS-IS NSR feature
+ "Support for Non-Stop-Routing (NSR). The IS-IS NSR feature
allows a router with redundant control-plane capability
(e.g., dual Route-Processor (RP) cards) to maintain its
state and adjacencies during planned and unplanned
IS-IS instance restarts. It differs from graceful-restart
or Non-Stop Forwarding (NSF) in that no protocol signaling
or assistance from adjacent IS-IS neighbors is required to
recover control-plane state.";
}
feature lfa {
description
@@ -1448,58 +1520,59 @@
IS-IS Using Administrative Tags";
}
feature prefix-tag64 {
description
"Support for 64-bit prefix tags";
reference "RFC5130 - A Policy Control Mechanism in
IS-IS Using Administrative Tags";
}
feature auto-cost {
description
- "Calculate IS-IS interface metric according to
- reference bandwidth.";
+ "Support for IS-IS interface metric computation
+ according to a reference bandwidth.";
}
feature te-rid {
description
"Traffic-Engineering Router-ID.";
reference "RFC5305 - IS-IS Extensions for Traffic Engineering
RFC6119 - IPv6 Traffic Engineering in IS-IS";
}
feature max-ecmp {
description
"Setting maximum number of ECMP paths.";
}
feature multi-topology {
description
"Support for Multiple-Topology Routing (MTR).";
reference "RFC5120 - M-IS-IS: Multi Topology Routing in IS-IS";
}
feature nlpid-control {
description
- "This feature controls the advertisement
- of support NLPID within IS-IS configuration.";
+ "Support for the advertisement
+ of a Network Layer Protocol Identifier within IS-IS
+ configuration.";
}
feature graceful-restart {
description
"IS-IS Graceful restart support.";
reference "RFC5306 - Restart Signaling in IS-IS";
}
feature lsp-refresh {
description
"Configuration of LSP refresh interval.";
}
feature maximum-area-addresses {
description
- "Support of maximum-area-addresses config.";
+ "Support for maximum-area-addresses configuration.";
}
feature admin-control {
description
"Administrative control of the protocol state.";
}
/* Type definitions */
typedef circuit-id {
@@ -1814,50 +1889,22 @@
type inet:ip-prefix;
description
"Protected prefix.";
}
leaf alternate {
type inet:ip-address;
description
"Alternate next hop for the prefix.";
}
leaf alternate-type {
- type enumeration {
- enum equal-cost {
- description
- "ECMP alternate.";
- }
- enum lfa {
- description
- "LFA alternate.";
- }
- enum remote-lfa {
- description
- "Remote LFA alternate.";
- }
- enum tunnel {
- description
- "Tunnel based alternate (such as,
- RSVP-TE or GRE).";
- }
- enum ti-lfa {
- description
- "TI-LFA alternate.";
- }
- enum mrt {
- description
- "MRT alternate.";
- }
- enum other {
- description
- "Unknown alternate type.";
- }
+ type identityref {
+ base frr-alternate-type;
}
description
"Type of alternate.";
}
leaf best {
type boolean;
description
"Is set when the alternate is the preferred one,
is clear otherwise.";
}
@@ -1899,34 +1947,32 @@
description
"Metric from PLR to the alternate node";
}
leaf alternate-metric3 {
type uint32;
description
"Metric from alternate node to the destination";
}
description
"Per-AF protected prefix statistics.";
-
}
description
"List of prefixes that are protected.";
}
container unprotected-routes {
config false;
- list address-family-stats {
+ list prefixes {
key "address-family prefix";
leaf address-family {
type iana-rt-types:address-family;
-
description "Address-family";
}
leaf prefix {
type inet:ip-prefix;
description "Unprotected prefix.";
}
description
"Per-AF unprotected prefix statistics.";
}
description
@@ -1944,40 +1990,41 @@
}
list address-family-stats {
key address-family;
leaf address-family {
type iana-rt-types:address-family;
description "Address-family";
}
leaf total-routes {
- type uint32;
+ type yang:gauge32;
description "Total prefixes.";
}
leaf unprotected-routes {
- type uint32;
+ type yang:gauge32;
description
"Total prefixes that are not protected.";
}
leaf protected-routes {
- type uint32;
+ type yang:gauge32;
description
"Total prefixes that are protected.";
}
leaf link-protected-routes {
- type uint32;
+ type yang:gauge32;
description
"Total prefixes that are link protected.";
+
}
leaf node-protected-routes {
- type uint32;
+ type yang:gauge32;
description
"Total prefixes that are node protected.";
}
description
"Per-AF protected prefix statistics.";
}
description "Global protection statistics.";
}
}
@@ -2032,22 +2080,23 @@
grouping route-content {
description
"IS-IS protocol-specific route properties grouping.";
leaf metric {
type uint32;
description "IS-IS metric of a route.";
}
leaf-list tag {
type uint64;
description
- "List of tags associated with the route. The leaf
- describes both 32-bit and 64-bit tags.";
+ "List of tags associated with the route.
+ This list provides a consolidated view of both
+ 32-bit and 64-bit tags (RFC5130) available for the prefix.";
}
leaf route-type {
type enumeration {
enum l2-intra-area {
description "Level 2 internal route. As per RFC5302,
the prefix is directly connected to the
advertising router. It cannot be
distinguished from an L1->L2 inter-area
route.";
}
@@ -2313,37 +2364,74 @@
"Advertise new metric style only (RFC5305)";
}
enum old-only {
description
"Advertise old metric style only (RFC1195)";
}
enum both {
description "Advertise both metric styles";
}
}
+ description
+ "Type of metric to be generated:
+ - wide-only means only new metric style
+ is generated,
+ - old-only means that only old-style metric
+ is generated,
+ - both means that both are advertised.
+ This leaf is only affecting IPv4 metrics.";
+ }
+ description
+ "Grouping for global metric style config.";
+ }
+
+ grouping metric-type-global-cfg-with-default {
+ leaf value {
+ type enumeration {
+ enum wide-only {
+ description
+ "Advertise new metric style only (RFC5305)";
+ }
+ enum old-only {
+ description
+ "Advertise old metric style only (RFC1195)";
+ }
+ enum both {
+ description "Advertise both metric styles";
+
+ }
+ }
default wide-only;
description
"Type of metric to be generated:
- wide-only means only new metric style
is generated,
- old-only means that only old-style metric
is generated,
- both means that both are advertised.
This leaf is only affecting IPv4 metrics.";
}
description
"Grouping for global metric style config.";
}
grouping default-metric-global-cfg {
leaf value {
type wide-metric;
+ description "Value of the metric";
+ }
+ description
+ "Global default metric config grouping.";
+ }
+ grouping default-metric-global-cfg-with-default {
+ leaf value {
+ type wide-metric;
default "10";
description "Value of the metric";
}
description
"Global default metric config grouping.";
}
grouping overload-global-cfg {
leaf status {
type boolean;
@@ -2419,81 +2507,120 @@
}
description "Choice of authentication.";
}
description "Grouping for hello authentication.";
}
grouping hello-interval-cfg {
leaf value {
type rt-types:timer-value-seconds16;
units "seconds";
- default 10;
description
"Interval (in seconds) between successive hello
messages.";
+ }
+ description "Interval between hello messages.";
+ }
+ grouping hello-interval-cfg-with-default {
+ leaf value {
+ type rt-types:timer-value-seconds16;
+ units "seconds";
+ default 10;
+ description
+ "Interval (in seconds) between successive hello
+ messages.";
}
description "Interval between hello messages.";
}
grouping hello-multiplier-cfg {
leaf value {
type uint16;
+ description
+ "Number of missed hello messages prior to
+ declaring the adjacency down.";
+ }
+ description
+ "Number of missed hello messages prior to
+ adjacency down grouping.";
+ }
+ grouping hello-multiplier-cfg-with-default {
+ leaf value {
+ type uint16;
default 3;
description
"Number of missed hello messages prior to
declaring the adjacency down.";
}
description
"Number of missed hello messages prior to
adjacency down grouping.";
}
grouping priority-cfg {
leaf value {
type uint8 {
range "0 .. 127";
}
+ description
+ "Priority of interface for DIS election.";
+ }
+
+ description "Interface DIS election priority grouping";
+ }
+ grouping priority-cfg-with-default {
+ leaf value {
+ type uint8 {
+ range "0 .. 127";
+ }
default 64;
description
"Priority of interface for DIS election.";
}
description "Interface DIS election priority grouping";
}
grouping metric-cfg {
leaf value {
type wide-metric;
+ description "Metric value.";
+ }
+ description "Interface metric grouping";
+ }
+ grouping metric-cfg-with-default {
+ leaf value {
+ type wide-metric;
default "10";
description "Metric value.";
}
description "Interface metric grouping";
}
grouping metric-parameters {
container metric-type {
- uses metric-type-global-cfg;
+ uses metric-type-global-cfg-with-default;
container level-1 {
uses metric-type-global-cfg;
description "level-1 specific configuration";
}
container level-2 {
uses metric-type-global-cfg;
description "level-2 specific configuration";
}
description "Metric style global configuration";
}
container default-metric {
- uses default-metric-global-cfg;
+ uses default-metric-global-cfg-with-default;
container level-1 {
uses default-metric-global-cfg;
description "level-1 specific configuration";
}
container level-2 {
uses default-metric-global-cfg;
description "level-2 specific configuration";
}
description "Default metric global configuration";
}
@@ -2647,36 +2774,38 @@
units "seconds";
description
"Lifetime of the router's LSPs in seconds.";
}
leaf lsp-refresh {
if-feature lsp-refresh;
type rt-types:timer-value-seconds16;
units "seconds";
description
"Refresh interval of the router's LSPs in seconds.";
+
}
leaf poi-tlv {
if-feature poi-tlv;
type boolean;
default false;
description
- "Enable advertisement of IS-IS purge TLV.";
+ "Enable advertisement of IS-IS Purge Originator
+ Identification TLV.";
}
description "Grouping for LSP global parameters.";
}
grouping spf-parameters {
container spf-control {
leaf paths {
if-feature max-ecmp;
type uint16 {
- range "1..32";
+ range "1..65535";
}
description
"Maximum number of Equal-Cost Multi-Path (ECMP) paths.";
}
container ietf-spf-delay {
if-feature ietf-spf-delay;
uses ietf-spf-delay;
description "IETF SPF delay algorithm configuration.";
}
description
@@ -2881,62 +3008,62 @@
description "level-1 specific configuration";
}
container level-2 {
uses hello-authentication-cfg;
description "level-2 specific configuration";
}
description
"Authentication type to be used in hello messages.";
}
container hello-interval {
- uses hello-interval-cfg;
+ uses hello-interval-cfg-with-default;
container level-1 {
uses hello-interval-cfg;
description "level-1 specific configuration";
}
container level-2 {
uses hello-interval-cfg;
description "level-2 specific configuration";
}
description "Interval between hello messages.";
}
container hello-multiplier {
- uses hello-multiplier-cfg;
+ uses hello-multiplier-cfg-with-default;
container level-1 {
uses hello-multiplier-cfg;
description "level-1 specific configuration";
}
container level-2 {
uses hello-multiplier-cfg;
description "level-2 specific configuration";
}
description "Hello multiplier configuration.";
}
container priority {
must '../interface-type = "broadcast"' {
error-message
"Priority only applies to broadcast interfaces.";
description "Check for broadcast interface.";
}
- uses priority-cfg;
+ uses priority-cfg-with-default;
container level-1 {
uses priority-cfg;
description "level-1 specific configuration";
}
container level-2 {
uses priority-cfg;
description "level-2 specific configuration";
}
description "Priority for DIS election.";
}
container metric {
- uses metric-cfg;
+ uses metric-cfg-with-default;
container level-1 {
uses metric-cfg;
description "level-1 specific configuration";
}
container level-2 {
uses metric-cfg;
description "level-2 specific configuration";
}
description "Metric configuration.";
}
@@ -3290,31 +3415,32 @@
description
"List of packet counter for supported levels.";
}
description "Packet counters per IS-IS level.";
}
description
"Grouping for per IS-IS Level packet counters.";
}
/* Groupings for various log buffers */
-
grouping spf-log {
container spf-log {
config false;
list event {
key id;
leaf id {
- type uint32;
+ type yang:counter32;
description
- "Event identifier - purely internal value.";
+ "Event identifier - purely internal value.
+ It is expected the most recent events to have the bigger
+ id number.";
}
leaf spf-type {
type enumeration {
enum full {
description "Full SPF computation.";
}
enum route-only {
description
"Route reachability only SPF computation";
}
@@ -3368,25 +3494,26 @@
"This container lists the SPF computation events.";
}
description "Grouping for spf-log events.";
}
grouping lsp-log {
container lsp-log {
config false;
list event {
key id;
-
leaf id {
- type uint32;
+ type yang:counter32;
description
- "Event identifier - purely internal value.";
+ "Event identifier - purely internal value.
+ It is expected the most recent events to have the bigger
+ id number.";
}
leaf level {
type level-number;
description
"IS-IS level number for LSP";
}
container lsp {
leaf lsp {
type lsp-id;
description
@@ -3522,29 +3648,29 @@
leaf ip-prefix {
type inet:ipv4-address;
description "IPv4 prefix address";
}
leaf prefix-len {
type uint8;
description "IPv4 prefix length (in bits)";
}
leaf i-e {
type boolean;
- description "Internal or External (I/E) Metric bit value.";
+ description "Internal or External (I/E) Metric bit value.
+ Set to false to indicate an internal metric.";
}
container default-metric {
leaf metric {
type std-metric;
description "Default IS-IS metric for IPv4 prefix";
}
description "IS-IS default metric container.";
-
}
container delay-metric {
leaf metric {
type std-metric;
description "IS-IS delay metric for IPv4 prefix";
}
leaf supported {
type boolean;
default "false";
description
@@ -3554,23 +3680,24 @@
}
container expense-metric {
leaf metric {
type std-metric;
description "IS-IS expense metric for IPv4 prefix";
}
leaf supported {
type boolean;
default "false";
description
- "Indicates whether IS-IS delay metric is supported.";
+ "Indicates whether IS-IS expense metric is supported.";
}
description "IS-IS expense metric container.";
+
}
container error-metric {
leaf metric {
type std-metric;
description
"This leaf describes the IS-IS error metric value";
}
leaf supported {
type boolean;
default "false";
@@ -3567,33 +3694,36 @@
}
container error-metric {
leaf metric {
type std-metric;
description
"This leaf describes the IS-IS error metric value";
}
leaf supported {
type boolean;
default "false";
- description "IS-IS error metric for IPv4 prefix";
+ description
+ "Indicates whether IS-IS error metric is supported.";
}
description "IS-IS error metric container.";
}
}
grouping prefix-ipv4-extended {
description
"Grouping for attributes of an IPv4 extended prefix
as defined in RFC5305.";
leaf up-down {
type boolean;
- description "Value of up/down bit.";
+ description "Value of up/down bit.
+ Set to true when the prefix has been advertised down
+ the hierarchy.";
}
leaf ip-prefix {
type inet:ipv4-address;
description "IPv4 prefix address";
}
leaf prefix-len {
type uint8;
description "IPv4 prefix length (in bits)";
}
leaf metric {
@@ -3601,53 +3731,56 @@
description "IS-IS wide metric value";
}
leaf-list tag {
type uint32;
description
"List of 32-bit tags associated with the IPv4 prefix.";
}
leaf-list tag64 {
type uint64;
description
- "List of 32-bit tags associated with the IPv4 prefix.";
+ "List of 64-bit tags associated with the IPv4 prefix.";
+
}
uses prefix-attributes-extension;
}
grouping prefix-ipv6-extended {
description "Grouping for attributes of an IPv6 prefix
as defined in RFC5308.";
leaf up-down {
type boolean;
- description "Value of up/down bit.";
+ description "Value of up/down bit.
+ Set to true when the prefix has been advertised down
+ the hierarchy.";
}
leaf ip-prefix {
type inet:ipv6-address;
description "IPv6 prefix address";
}
leaf prefix-len {
type uint8;
- description "IPv4 prefix length (in bits)";
+ description "IPv6 prefix length (in bits)";
}
leaf metric {
type wide-metric;
description "IS-IS wide metric value";
}
leaf-list tag {
type uint32;
description
"List of 32-bit tags associated with the IPv4 prefix.";
}
leaf-list tag64 {
type uint64;
description
- "List of 32-bit tags associated with the IPv4 prefix.";
+ "List of 64-bit tags associated with the IPv4 prefix.";
}
uses prefix-attributes-extension;
}
/* TLVs and sub-TLVs for neighbors */
grouping neighbor-link-attributes {
description
"Grouping for link attributes as defined
in RFC5029";
@@ -3999,28 +4135,28 @@
leaf supported {
type boolean;
default "false";
description "IS-IS delay metric supported";
}
description "IS-IS delay metric container";
}
container expense-metric {
leaf metric {
type std-metric;
- description "IS-IS delay expense metric value";
+ description "IS-IS expense metric value";
}
leaf supported {
type boolean;
default "false";
- description "IS-IS delay expense metric supported";
+ description "IS-IS expense metric supported";
}
- description "IS-IS delay expense metric container";
+ description "IS-IS expense metric container";
}
container error-metric {
leaf metric {
type std-metric;
description "IS-IS error metric value";
}
leaf supported {
type boolean;
default "false";
description "IS-IS error metric supported";
@@ -4839,26 +4974,26 @@
notification rejected-adjacency {
uses notification-instance-hdr;
uses notification-interface-hdr;
leaf raw-pdu {
type binary;
description
"Received raw PDU.";
}
leaf reason {
type string {
- length "1..255";
+ length "0..255";
}
description
"The system may provide a reason to reject the
adjacency. If the reason is not available,
- an empty string will be returned.
+ the reason string will not be returned.
The expected format is a single line text.";
}
description
"This notification is sent when the system receives a
Hello PDU from an IS but does not establish an adjacency
for some reason. The notification generation must be
throttled with at least 5 seconds between successive
notifications.";
}
@@ -5034,74 +5170,87 @@
/isis/interfaces/interface[name]
For IS-IS, the ability to modify IS-IS configuration will allow the
entire IS-IS domain to be compromised including forming adjacencies
with unauthorized routers to misroute traffic or mount a massive
Denial-of-Service (DoS) attack. For example, adding IS-IS on any
unprotected interface could allow an IS-IS adjacency to be formed
with an unauthorized and malicious neighbor. Once an adjacency is
formed, traffic could be hijacked. As a simpler example, a Denial-
- of-Service attack could be mounted by changing the cost of an IS-IS
+ Of-Service attack could be mounted by changing the cost of an IS-IS
interface to be asymmetric such that a hard routing loop ensues. In
general, unauthorized modification of most IS-IS features will pose
their own set of security risks and the "Security Considerations" in
the respective reference RFCs should be consulted.
Some of the readable data nodes in the ietf-isis.yang module may be
considered sensitive or vulnerable in some network environments. It
is thus important to control read access (e.g., via get, get-config,
or notification) to these data nodes. The exposure of the Link State
Database (LSDB) will expose the detailed topology of the network.
- The Link State Database (LSDB) is represented by the following schema
- node:
+ Similarly, the IS-IS local RIB exposes the reachable prefixes in the
+ IS-IS routing domain. The Link State Database (LSDB) and local RIB
+ are represented by the following schema nodes:
/isis/database
- Exposure of the Link State Database includes information beyond the
- scope of the IS-IS router and this may be undesirable since exposure
- may facilitate other attacks. Additionally, the complete IP network
- topology and, if deployed, the traffic engineering topology of the
- IS-IS domain can be reconstructed. Network operators may consider
- their topologies to be sensitive confidential data.
+ /isis/local-rib
+
+ Exposure of the Link State Database and local RIB include information
+ beyond the scope of the IS-IS router and this may be undesirable
+ since exposure may facilitate other attacks. Additionally, the
+ complete IP network topology and, if deployed, the traffic
+ engineering topology of the IS-IS domain can be reconstructed from
+ the Link State Database. Though not as straightforward, the IS-IS
+ local RIB can also be discover topological information. Network
+ operators may consider their topologies to be sensitive confidential
+ data.
For IS-IS authentication, configuration is supported via the
- specification of key-chain [RFC8177] or the direction specification
- of key and authentication algorithm. Hence, authentication
+ specification of key-chain [RFC8177] or the direct specification of
+ key and authentication algorithm. Hence, authentication
configuration using the "auth-table-trailer" case in the
"authentication" container inherits the security considerations of
[RFC8177]. This includes the considerations with respect to the
local storage and handling of authentication keys.
Some of the RPC operations in this YANG module may be considered
sensitive or vulnerable in some network environments. It is thus
important to control access to these operations. The IS-IS YANG
module support the "clear-adjacency" and "clear-database" RPCs. If
access to either of these is compromised, they can result in
temporary network outages be employed to mount DoS attacks.
The actual authentication key data (whether locally specified or part
of a key-chain) is sensitive and needs to be kept secret from
unauthorized parties; compromise of the key data would allow an
attacker to forge IS-IS traffic that would be accepted as authentic,
potentially compromising the entirety IS-IS domain.
+ The model describes several notifications, implementations must rate-
+ limit the generation of these notifications to avoid creating
+ significant notification load. Otherwise, this notification load may
+ have some side effects on the system stability and may be exploited
+ as an attack vector.
+
8. Contributors
The authors would like to thank Kiran Agrahara Sreenivasa, Dean
Bogdanovic, Yingzhen Qu, Yi Yang, Jeff Tanstura for their major
contributions to the draft.
9. Acknowledgements
- The authors would like to thank Tom Petch, Alvaro Retena, Stewart
- Bryant, and Barry Leiba for their review and comments.
+ The authors would like to thank Tom Petch, Alvaro Retana, Stewart
+ Bryant, Barry Leiba, Benjamin Kaduk and Adam Roach, and Roman Danyliw
+ for their review and comments.
10. IANA Considerations
The IANA is requested to assign two new URIs from the IETF XML
registry [RFC3688]. Authors are suggesting the following URI:
URI: urn:ietf:params:xml:ns:yang:ietf-isis
Registrant Contact: The IESG
XML: N/A, the requested URI is an XML namespace
@@ -5165,21 +5314,21 @@
[RFC5286] Atlas, A., Ed. and A. Zinin, Ed., "Basic Specification for
IP Fast Reroute: Loop-Free Alternates", RFC 5286,
DOI 10.17487/RFC5286, September 2008,
.
[RFC5301] McPherson, D. and N. Shen, "Dynamic Hostname Exchange
Mechanism for IS-IS", RFC 5301, DOI 10.17487/RFC5301,
October 2008, .
- [RFC5302] Li, T., Smit, H., and T. Przygienda, "Domain-wide Prefix
+ [RFC5302] Li, T., Smit, H., and T. Przygienda, "Domain-Wide Prefix
Distribution with Two-Level IS-IS", RFC 5302,
DOI 10.17487/RFC5302, October 2008,
.
[RFC5305] Li, T. and H. Smit, "IS-IS Extensions for Traffic
Engineering", RFC 5305, DOI 10.17487/RFC5305, October
2008, .
[RFC5306] Shand, M. and L. Ginsberg, "Restart Signaling for IS-IS",
RFC 5306, DOI 10.17487/RFC5306, October 2008,
@@ -5305,34 +5454,46 @@
Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
.
[RFC8570] Ginsberg, L., Ed., Previdi, S., Ed., Giacalone, S., Ward,
D., Drake, J., and Q. Wu, "IS-IS Traffic Engineering (TE)
Metric Extensions", RFC 8570, DOI 10.17487/RFC8570, March
2019, .
11.2. Informative References
+ [I-D.ietf-rtgwg-segment-routing-ti-lfa]
+ Litkowski, S., Bashandy, A., Filsfils, C., Decraene, B.,
+ Francois, P., daniel.voyer@bell.ca, d., Clad, F., and P.
+ Camarillo, "Topology Independent Fast Reroute using
+ Segment Routing", draft-ietf-rtgwg-segment-routing-ti-
+ lfa-01 (work in progress), March 2019.
+
+ [RFC7812] Atlas, A., Bowers, C., and G. Enyedi, "An Architecture for
+ IP/LDP Fast Reroute Using Maximally Redundant Trees (MRT-
+ FRR)", RFC 7812, DOI 10.17487/RFC7812, June 2016,
+ .
+
[RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams",
BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018,
.
Appendix A. Example of IS-IS configuration in XML
This section gives an example of configuration of an IS-IS instance
on a device. The example is written in XML.
SLI
- 1.1.1.1
+ 192.0.2.1
ISIS-example
isis:isis