draft-ietf-opsawg-l2nm-00.txt   draft-ietf-opsawg-l2nm-01.txt 
Internet Engineering Task Force S. Barguil, Ed. Internet Engineering Task Force S. Barguil, Ed.
Internet-Draft O. Gonzalez de Dios, Ed. Internet-Draft O. Gonzalez de Dios, Ed.
Intended status: Standards Track Telefonica Intended status: Standards Track Telefonica
Expires: January 3, 2021 M. Boucadair Expires: May 6, 2021 M. Boucadair
Orange Orange
L. Munoz L. Munoz
Vodafone Vodafone
L. Jalil L. Jalil
Verizon Verizon
J. Ma J. Ma
China Unicom China Unicom
July 02, 2020 November 02, 2020
A Layer 2 VPN Network YANG Model A Layer 2 VPN Network YANG Model
draft-ietf-opsawg-l2nm-00 draft-ietf-opsawg-l2nm-01
Abstract Abstract
This document defines a YANG Data model (called, L2NM) that can be This document defines a YANG Data model (called, L2NM) that can be
used to manage the provisioning of Layer 2 VPN services within a used to manage the provisioning of Layer 2 VPN services within a
Service Provider Network. This YANG module provides representation Service Provider Network. This YANG module provides representation
of the Layer 2 VPN Service from a network standpoint. The module is of the Layer 2 VPN Service from a network standpoint. The module is
meant to be used by a Network Controller to derive the configuration meant to be used by a Network Controller to derive the configuration
information that will be sent to relevant network devices. information that will be sent to relevant network devices.
skipping to change at page 1, line 47 skipping to change at page 1, line 47
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 3, 2021. This Internet-Draft will expire on May 6, 2021.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3
1.2. Requirements Language . . . . . . . . . . . . . . . . . . 4 1.2. Requirements Language . . . . . . . . . . . . . . . . . . 4
2. Reference architecture . . . . . . . . . . . . . . . . . . . 4 2. Reference architecture . . . . . . . . . . . . . . . . . . . 4
3. Description of the L2NM YANG Module . . . . . . . . . . . . . 7 3. Description of the L2NM YANG Module . . . . . . . . . . . . . 8
3.1. Structure of the Module . . . . . . . . . . . . . . . . . 7 3.1. Structure of the Module . . . . . . . . . . . . . . . . . 8
3.2. L2 VPN Service . . . . . . . . . . . . . . . . . . . . . 7 3.2. VPN Profiles . . . . . . . . . . . . . . . . . . . . . . 8
3.2.1. L2 VPN Service Types . . . . . . . . . . . . . . . . 8 3.3. L2 VPN Service . . . . . . . . . . . . . . . . . . . . . 9
3.2.2. Underlying Transport Selection . . . . . . . . . . . 9 3.3.1. L2 VPN Service Types . . . . . . . . . . . . . . . . 11
3.2.3. Other relevant Network Parameters . . . . . . . . . . 9 3.3.2. Underlying Transport Selection . . . . . . . . . . . 11
3.3. L2NM Module Tree . . . . . . . . . . . . . . . . . . . . 10 3.3.3. VPN Node . . . . . . . . . . . . . . . . . . . . . . 11
4. Relation with other YANG Models . . . . . . . . . . . . . . . 18 3.3.3.1. Signaling options . . . . . . . . . . . . . . . . 13
4.1. Relation with L2SM . . . . . . . . . . . . . . . . . . . 18 3.3.3.2. VPN Network Access . . . . . . . . . . . . . . . 15
4.2. Relation with Network Topology . . . . . . . . . . . . . 18 3.3.3.2.1. Connection . . . . . . . . . . . . . . . . . 18
4.3. Relation with Device Models . . . . . . . . . . . . . . . 18 3.3.3.2.2. Layer 2 service requirements . . . . . . . . 19
5. YANG Module . . . . . . . . . . . . . . . . . . . . . . . . . 19 4. Relation with other YANG Models . . . . . . . . . . . . . . . 23
6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 89 4.1. Relation with L2SM . . . . . . . . . . . . . . . . . . . 23
7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 89 4.2. Relation with Network Topology . . . . . . . . . . . . . 23
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 89 4.3. Relation with Device Models . . . . . . . . . . . . . . . 23
9. Security Considerations . . . . . . . . . . . . . . . . . . . 90 5. YANG Module . . . . . . . . . . . . . . . . . . . . . . . . . 24
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 91 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 60
10.1. Normative References . . . . . . . . . . . . . . . . . . 91 7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 60
10.2. Informative References . . . . . . . . . . . . . . . . . 92 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 61
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 92 9. Security Considerations . . . . . . . . . . . . . . . . . . . 61
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 62
10.1. Normative References . . . . . . . . . . . . . . . . . . 62
10.2. Informative References . . . . . . . . . . . . . . . . . 63
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 64
1. Introduction 1. Introduction
[RFC8466] defines a L2VPN Service Model (L2SM) YANG data model that [RFC8466] defines a L2VPN Service Model (L2SM) YANG data model that
can be used for L2VPN service ordering matters between customers and can be used for L2VPN service ordering matters between customers and
Service Providers (SPs). This document complements the L2SM model by Service Providers (SPs). This document complements the L2SM model by
creating a network-centric view of the service which can be exposed creating a network-centric view of the service which can be exposed
by a Network to a Service Controller within the Service Provider by a Network to a Service Controller within the Service Provider
Network. In particular, the model can be used in the communication Network. In particular, the model can be used in the communication
between the entity that interacts directly with the customer, the between the entity that interacts directly with the customer, the
skipping to change at page 3, line 20 skipping to change at page 3, line 27
The data model defined in this document is called the L2VPN Network The data model defined in this document is called the L2VPN Network
Model (L2NM), playing the role of Service Delivery Model (Figure 3 of Model (L2NM), playing the role of Service Delivery Model (Figure 3 of
[RFC8466]. The module supports additional capabilities, such as [RFC8466]. The module supports additional capabilities, such as
exposing operational parameters, transport protocols selection and exposing operational parameters, transport protocols selection and
precedence. It also serves as a multi-domain orchestration precedence. It also serves as a multi-domain orchestration
interface, because this model can transport resources (i.e., VCID) interface, because this model can transport resources (i.e., VCID)
between domains. The data model keeps minimum customer-related between domains. The data model keeps minimum customer-related
information. information.
The YANG module reuses containers and groupings from L2SM [RFC8466] This document uses the common VPN YANG module defined in
for the cases that the requirements from L2SM can be translated [I-D.ietf-opsawg-vpn-common].
directly to L2NM.
The YANG data model in this document conforms to the Network
Management Datastore Architecture (NMDA) defined in [RFC8342].
1.1. Terminology 1.1. Terminology
This document assumes that the reader is familiar with the contents This document assumes that the reader is familiar with the contents
of [RFC6241], [RFC7950], [RFC8466], [RFC8309], and [RFC8453] and uses of [RFC6241], [RFC7950], [RFC8466], [RFC8309], and [RFC8453] and uses
terminology from those documents. The meaning of the symbols in YANG terminology from those documents. The meaning of the symbols in YANG
tree diagrams is [RFC8340]. tree diagrams is [RFC8340].
This document makes use of the following terms: This document makes use of the following terms:
skipping to change at page 7, line 36 skipping to change at page 8, line 36
module: ietf-l2vpn-ntw module: ietf-l2vpn-ntw
+--rw l2vpn-ntw +--rw l2vpn-ntw
+--rw vpn-profiles +--rw vpn-profiles
| ....... | .......
+--rw vpn-services +--rw vpn-services
+--rw vpn-service* [vpn-id] +--rw vpn-service* [vpn-id]
........ ........
Figure 3: Simplified L2NM Tree Structure Figure 3: Simplified L2NM Tree Structure
3.2. L2 VPN Service 3.2. VPN Profiles
The 'vpn-profiles' container (Figure 4) allows the network provider
to define and maintain a set of common VPN profiles
[I-D.ietf-opsawg-vpn-common] that apply to one or several VPN
services. The exact definition of the profiles is local to each
network provider.
This document does not make any assumption about the exact definition
of these profiles. How such profiles are defined is deployment
specific. The model only includes an identifier to these profiles to
ease identifying local policies when building a VPN service. As
shown in Figure 4, the following identifiers can be included:
o 'cloud-identifier': This identifier refers to a cloud service.
o 'encryption-profile-identifier': An encryption profile refers to a
set of policies related to the encryption scheme(s) and setup that
can be applied when building and offering a VPN service.
o 'qos-profile-identifier': A QoS profile refers to as set of
policies such as classification, marking, and actions (e.g.,
[RFC3644]).
o 'bfd-profile-identifier': A Bidirectional Forwarding Detection
(BFD) profile refers to a set of BFD [RFC5880] policies that can
be invoked when building a VPN service.
o 'forwarding-profile-identifier': A forwarding profile refers to
the policies that apply to the forwarding of packets conveyed
within a VPN. Such policies may consist at applying Access
Control Lists (ACLs).
o 'routing-profile-identifier': A routing profile refers to a set of
routing policies that will be invoked (e.g., BGP policies).
+--rw l2vpn-ntw
+--rw vpn-profiles
| +--rw valid-provider-identifiers
| +--rw cloud-identifier* [id] {cloud-access}?
| | +--rw id string
| +--rw encryption-profile-identifier* [id]
| | +--rw id string
| +--rw qos-profile-identifier* [id]
| | +--rw id string
| +--rw bfd-profile-identifier* [id]
| | +--rw id string
| +--rw forwarding-profile-identifier* [id]
| | +--rw id string
| +--rw routing-profile-identifier* [id]
| +--rw id string
+--rw vpn-services
...
Figure 4: VPN Profiles Subtree Structure
3.3. L2 VPN Service
The 'vpn-service' is the data structure that abstracts a L2 VPN The 'vpn-service' is the data structure that abstracts a L2 VPN
Service within the SP Network. Every 'vpn-service' has a unique Service within the SP Network. Every 'vpn-service' has a unique
identifier: vpn-id. Such vpn-id is only meaningful locally within identifier: vpn-id. Such vpn-id is only meaningful locally within
the Network controller. In order to facilitate the recognition of the Network controller. In order to facilitate the recognition of
the service, a 'customer-name' and a 'description' may be included. the service, a 'customer-name' and a 'description' may be included.
The topology of the VPN service is expressed in the 'vpn-service- The topology of the VPN service is expressed in the 'vpn-service-
topology' leaf. topology' leaf.
A VPN Service is built by adding instances of 'vpn-node' to the 'vpn- A VPN Service is built by adding instances of 'vpn-node' to the 'vpn-
nodes' container. The 'vpn-node' is an abstraction that represents a nodes' container. The 'vpn-node' is an abstraction that represents a
set of policies applied to a network node and that belong to a single set of policies/configurations applied to a network node and that
'vpn-service'. A 'vpn-node' contains 'vpn-network-accesses', which belong to a single 'vpn-service'. A 'vpn-node' contains 'vpn-
are the interfaces involved in the creation of the VPN. The customer network-accesses', which are the interfaces involved in the creation
sites are connected to the 'vpn_network_accesses'. Note that, as of the VPN. The customer sites are connected to the
this is a network data model, the information about customers site is 'vpn_network_accesses'. Note that, as this is a network data model,
not needed. Such information, is only relevant in the L2SM model. the information about customers site is not needed. Such
information, is only relevant in the L2SM model.
+--rw vpn-services +--rw vpn-services
+--rw vpn-service* [vpn-id] +--rw vpn-service* [vpn-id]
+--rw vpn-id svc-id +--rw status
+--rw vpn-svc-type? identityref | +--rw admin-status
| | +--rw status? identityref
| | +--rw last-updated? yang:date-and-time
| +--ro oper-status
| +--ro status? identityref
| +--ro last-updated? yang:date-and-time
+--rw vpn-id vpn-id
+--rw vpn-name? string
+--rw vpn-description? string
+--rw customer-name? string +--rw customer-name? string
+--rw l2sm-vpn-id? vpn-common:vpn-id
+--rw vpn-svc-type? identityref
+--rw svc-topo? identityref +--rw svc-topo? identityref
+-rw service-status +--rw multicast-like {vpn-common:multicast}?
| +-rw admin | +--rw enabled? boolean
| | +-rw status? operational-type | +--rw customer-tree-flavors
| | +-rw timestamp? yang:date-and-time | +--rw tree-flavor* identityref
| +-ro ops +--rw extranet-vpns {vpn-common:extranet-vpn}?
| +-ro status? operational-type | +--rw extranet-vpn* [vpn-id]
| +-ro timestamp? yang:date-and-time | +--rw vpn-id vpn-common:vpn-id
| ...
+--rw multicast-like {multicast-like}?
| ...
+--rw extranet-vpns {extranet-vpn}?
| ...
| +--rw local-sites-role? identityref | +--rw local-sites-role? identityref
+--rw svc-mtu? uint32 +--rw svc-mtu? uint32
+--rw ce-vlan-preservation? boolean +--rw ce-vlan-preservation? boolean
+--rw ce-vlan-cos-perservation? boolean +--rw ce-vlan-cos-perservation? boolean
+--rw transport-encapsulation +--rw underlay-transport
+--rw protocol? protocols-type | +--rw type* identityref
+--rw vpn-nodes +--rw vpn-nodes
.....
Figure 4 Figure 5
3.2.1. L2 VPN Service Types 3.3.1. L2 VPN Service Types
The L2 VPN Service types directly matches with the L2VPN Service The L2 VPN Service types directly matches with the L2VPN Service
types defined in Section 5.1.3 of [RFC8466]: types defined in Section 5.1.3 of [RFC8466]:
o Point-to-point VPWSs. o Point-to-point VPWSs.
o Point-to-point or point-to-multipoint VPWSs [RFC8214]. o Point-to-point or point-to-multipoint VPWSs [RFC8214].
o Multipoint VPLSs. o Multipoint VPLSs.
o Multipoint VPLSs connecting one or more root sites and a set of o Multipoint VPLSs connecting one or more root sites and a set of
leaf sites but preventing inter-leaf-site communication. leaf sites but preventing inter-leaf-site communication.
o EVPN services [RFC7432]. o EVPN services [RFC7432].
o EVPN VPWSs between two customer sites or a set of customer sites o EVPN VPWSs between two customer sites or a set of customer sites
as specified in [RFC8214]. as specified in [RFC8214].
3.2.2. Underlying Transport Selection 3.3.2. Underlying Transport Selection
The model enables network operators to select the type of transport The model enables network operators to select the type of transport
protocol underlay. Also, in scenarios with multiple domains and NNI protocol underlay. Also, in scenarios with multiple domains and NNI
types, the selection of the transport protocol underlay is required. types, the selection of the transport protocol underlay is required.
The Service Provider Network might have several underlay The Service Provider Network might have several underlay
possibilities available. If no underlay transport protocol is possibilities available. If no underlay transport protocol is
specified, the Network Controller will take care of the transport specified, the Network Controller will take care of the transport
decision. The following options are supported in the "underlay- decision. The following options are supported in the "underlay-
transport" container: transport" container:
skipping to change at page 9, line 31 skipping to change at page 11, line 47
GRE: A mesh of GRE tunnels is established between vpn-nodes. GRE: A mesh of GRE tunnels is established between vpn-nodes.
BGP: BGP tunnels (kompella encapsulation) are preferred to route BGP: BGP tunnels (kompella encapsulation) are preferred to route
traffic between VPN nodes. traffic between VPN nodes.
TE: TE tunnels (either RSVP-TE or SR) are prefered. The mapping TE: TE tunnels (either RSVP-TE or SR) are prefered. The mapping
details will be specified in draft-ietf-te-service-mapping. details will be specified in draft-ietf-te-service-mapping.
SR: Non-TE SR is preferred to route traffic. SR: Non-TE SR is preferred to route traffic.
3.2.3. Other relevant Network Parameters 3.3.3. VPN Node
This draft is focus in the development of the network centric set of The 'vpn-node' is an abstraction that represents a set of policies/
parameters to provision L2VPNs. Thus, the covered scenarios include configurations applied to a network node and that belong to a single
the augmentation of Virtual Circuit Identifier synchronization in a 'vpn-service'. A 'vpn-node' contains 'vpn-network-accesses', which
multidomain environment, precedence management (i.e., Primary and are the interfaces involved in the creation of the VPN. The customer
backup coordination), Split Horizon group management. The parameters sites are connected to the 'vpn_network_accesses'.
are described by the container associated:
The set of augmentations done in the VPN service are: +--rw vpn-nodes
+--rw vpn-node* [vpn-node-id ne-id]
+--rw vpn-node-id vpn-common:vpn-id
+--rw description? string
+--rw node-role? identityref
+--rw ne-id string
+--rw port-id? string
+--rw status
| +--rw admin-status
| | +--rw status? identityref
| | +--rw last-updated? yang:date-and-time
| +--ro oper-status
| +--ro status? identityref
| +--ro last-updated? yang:date-and-time
+--rw signaling-options* [type]
| +--rw type identityref
| +--rw l2vpn-bgp
| | +--rw pwe-encapsulation-type? identityref
| | +--rw vpn-target* [id]
| | | +--rw id int8
| | | +--rw route-targets* [route-target]
| | | | +--rw route-target
| | | | rt-types:route-target
| | | +--rw route-target-type
| | | rt-types:route-target-type
| | +--rw vpn-policies
| | | +--rw import-policy? string
| | | +--rw export-policy? string
| | +--rw pwe-mtu
| | | +--rw allow-mtu-mismatch? boolean
| | +--rw address-family?
| | vpn-common:address-family
| +--rw evpn-bgp
| | +--rw vpn-id? leafref
| | +--rw type? identityref
| | +--rw address-family?
| | | vpn-common:address-family
| | +--rw mac-learning-mode? identityref
| | +--rw arp-suppress? boolean
| +--rw t-ldp-pwe
| | +--rw type? identityref
| | +--rw pwe-encapsulation-type? identityref
| | +--rw pwe-mtu? uint16
| | +--rw ac-pw-list* [peer-addr vc-id]
| | | +--rw peer-addr inet:ip-address
| | | +--rw vc-id vpn-common:vpn-id
| | | +--rw pw-type? identityref
| | | +--rw pw-priority? uint32
| | +--rw qinq
| | +--rw s-tag? uint32
| | +--rw c-tag? uint32
| +--rw l2tp-pwe
| +--rw type? identityref
| +--rw encapsulation-type? identityref
| +--rw ac-pw-list* [peer-addr vc-id]
| +--rw peer-addr inet:ip-address
| +--rw vc-id string
| +--rw pw-priority? uint32
+--rw vpn-network-accesses
Status: Request and modify the service status Figure 6
The set of augmentations done in the Site Network Access are: 3.3.3.1. Signaling options
Site Bearer: Reference the NEs and Ports were each site Network This sub-tree defines the L2VPN service type, according to the
access belongs. This may help to preserve the local and farends several signalling options to exchange membership information between
from the Network controller site. the PE that is used. There are some common parameters inside each of
them (e.g encapsulation type, MTU) but some others are:
Precedence: When two L2VPNs are created at the same time, the l2vpn-bgp. The service is a Multipoint VPLSs that use a BGP
primary secondary option is enabled according to the tunnel role control plane as described in [RFC4761] and [RFC6624]. The VPLS
on the network. members exchange Route Targets with related import/export
policies.
Lag Interface Support. evpn-bgp. The service is a Multipoint VPLSs that use also a BGP
control plane but also includes the additional features and
related parameters described in [RFC7432] and [RFC7209].
Split Horizon group: Split-horizon group name is extended as part t-ldp-pwe. A Multipoint VPLSs that use a mesh of LDP-signaled
of the Site Network Access container. Pseudowires [RFC6074], including as parameters the list of
Pseudowires that constitute the mesh, with their details (VC-IDs
and endpoints).
Status: Request and modify the interface status. L2tp-pwe. Multipoint VPLSs that use L2TP-signaled Pseudowires
[RFC6074].
3.3. L2NM Module Tree +--rw signaling-options* [type]
+--rw type identityref
+--rw l2vpn-bgp
| +--rw pwe-encapsulation-type? identityref
| +--rw vpn-target* [id]
| | +--rw id int8
| | +--rw route-targets* [route-target]
| | | +--rw route-target
| | | rt-types:route-target
| | +--rw route-target-type
| | rt-types:route-target-type
| +--rw vpn-policies
| | +--rw import-policy? string
| | +--rw export-policy? string
| +--rw pwe-mtu
| | +--rw allow-mtu-mismatch? boolean
| +--rw address-family?
| vpn-common:address-family
+--rw evpn-bgp
| +--rw vpn-id? leafref
| +--rw type? identityref
| +--rw address-family?
| | vpn-common:address-family
| +--rw mac-learning-mode? identityref
| +--rw arp-suppress? boolean
+--rw t-ldp-pwe
| +--rw type? identityref
| +--rw pwe-encapsulation-type? identityref
| +--rw pwe-mtu? uint16
| +--rw ac-pw-list* [peer-addr vc-id]
| | +--rw peer-addr inet:ip-address
| | +--rw vc-id vpn-common:vpn-id
| | +--rw pw-type? identityref
| | +--rw pw-priority? uint32
| +--rw qinq
| +--rw s-tag? uint32
| +--rw c-tag? uint32
+--rw l2tp-pwe
+--rw type? identityref
+--rw encapsulation-type? identityref
+--rw ac-pw-list* [peer-addr vc-id]
+--rw peer-addr inet:ip-address
+--rw vc-id string
+--rw pw-priority? uint32
The tree structure of the YANG module proposed by this document is Figure 7
shown below:
module: ietf-l2vpn-ntw 3.3.3.2. VPN Network Access
+--rw l2vpn-ntw
+--rw vpn-profiles A 'vpn-network-access' represents an entry point to a VPN service .
| +--rw valid-provider-identifiers In other words, this container encloses the parameters that describe
| +--rw cloud-identifier* string {cloud-access}? the access information for the traffic that belongs to a particular
| +--rw qos-profile-identifier* string L2VPN. As such, every 'vpn-network-access' MUST belong to one and
| +--rw bfd-profile-identifier* string only one 'vpn-node'.
| +--rw remote-carrier-identifier* string
+--rw vpn-services A 'vpn-network-access' includes information such as the connection on
+--rw vpn-service* [vpn-id] which the access is defined , the specific layer 2 service
+--rw vpn-id svc-id requirements, etc.
+--rw vpn-service-type? identityref
+--rw customer-name? string The Site Network Access is comprised of:
+--rw svc-topo? identityref
+--rw status? operational-type id: Identifier of the vpn network access.
+--rw timestamp? yang:date-and-time
+--rw multicast-like {multicast-like}? description: Text describing the vpn network access.
| +--rw enabled? boolean
| +--rw customer-tree-flavors interface-mtu: maximum transmission unit or maximum frame size of
| | +--rw tree-flavor* identityref the interface belonging to the vpn network access. When a frame
| +--rw bum-frame-delivery-modes is larger than the MTU, it is broken down, or fragmented, into
| | +--rw bum-frame-delivery* [traffic-type] smaller pieces by the network protocol to accommodate the MTU of
| | +--rw traffic-type identityref the network"
| | +--rw delivery-mode? identityref
| +--rw multicast-gp-port-mapping? identityref status: Administrative and operational status of the service.
+--rw extranet-vpns {extranet-vpn}?
| +--rw extranet-vpn* [vpn-id] ethernet-service-oam: Carries information about the service OAM
| +--rw vpn-id svc-id
| +--rw local-sites-role? identityref +--rw vpn-network-accesses
+--rw svc-mtu? uint32 +--rw vpn-network-access* [id]
+--rw ce-vlan-preservation? boolean +--rw id
+--rw ce-vlan-cos-perservation? boolean | vpn-common:vpn-id
+--rw underlay-transport
| +--rw type* protocol-type
+--rw vpn-nodes
+--rw vpn-node* [vpn-node-id ne-id]
+--rw vpn-node-id string
+--rw description? string
+--rw node-role? identityref
+--rw ne-id string
+--rw vpn-target* [id]
| +--rw id int8
| +--rw route-targets* [route-target]
| | +--rw route-target rt-types:route-target
| +--rw route-target-type
| rt-types:route-target-type
+--rw vpn-policies
| +--rw import-policy? leafref
| +--rw export-policy? leafref
+--rw vpn-network-accesses
+--rw vpn-network-access* [network-access-id]
+--rw network-access-id
| string
+--rw description? +--rw description?
| string | string
+--rw remote-carrier-name?
| string
+--rw Interface-mtu? +--rw Interface-mtu?
| uint32 | uint32
+--rw status? +--rw status
| operational-type | +--rw admin-status
+--rw timestamp? | | +--rw status? identityref
| yang:date-and-time | | +--rw last-updated? yang:date-and-time
+--rw access-diversity {site-diversity}? | +--ro oper-status
| +--ro status? identityref
| +--ro last-updated? yang:date-and-time
+--rw access-diversity
| {vpn-common:placement-diversity}?
| +--rw groups | +--rw groups
| | +--rw fate-sharing-group-size? uint16 | | +--rw fate-sharing-group-size? uint16
| | +--rw group-color? string | | +--rw group-color? string
| | +--rw group* [group-id] | | +--rw group* [group-id]
| | +--rw group-id string | | +--rw group-id string
| +--rw constraints | +--rw constraints
| +--rw constraint* [constraint-type] | +--rw constraint* [constraint-type]
| +--rw constraint-type identityref | +--rw constraint-type identityref
| +--rw target | +--rw target
| +--rw (target-flavor)? | +--rw (target-flavor)?
| +--:(id) | +--:(id)
| | +--rw group* [group-id] | | +--rw group* [group-id]
| | +--rw group-id string | | +--rw group-id string
| +--:(all-accesses) | +--:(all-accesses)
| | +--rw all-other-accesses? | | +--rw all-other-accesses?
| | empty | | empty
| +--:(all-groups) | +--:(all-groups)
| +--rw all-other-groups? | +--rw all-other-groups?
| empty | empty
+--rw connection +--rw connection
| +--rw encapsulation-type? identityref | ....
| +--rw eth-inf-type* identityref
| +--rw dot1q-interface
| | +--rw l2-access-type? identityref
| | +--rw dot1q {dot1q}?
| | | +--rw physical-inf? string
| | | +--rw c-vlan-id? uint32
| | +--rw sub-inf {sub-inf}?
| | | +--rw interface-description?
| | | | string
| | | +--rw sub-if-id?
| | | uint32
| | +--rw qinq {qinq}?
| | | +--rw s-vlan-id? uint32
| | | +--rw c-vlan-id? uint32
| | +--rw qinany {qinany}?
| | | +--rw s-vlan-id? uint32
| | +--rw atm {atm}?
| | | +--rw vpi? uint32
| | | +--rw vci? uint32
| | +--rw vxlan {vxlan}?
| | +--rw vni-id? uint32
| | +--rw peer-mode? identityref
| | +--rw peer-list* [peer-ip]
| | +--rw peer-ip inet:ip-address
| +--rw phy-interface
| | +--rw port-number? uint32
| | +--rw port-speed? uint32
| | +--rw mode? neg-mode
| | +--rw phy-mtu? uint32
| | +--rw flow-control? string
| | +--rw physical-if? string
| | +--rw circuit-id? string
| | +--rw lldp? boolean
| | +--rw oam-802.3ah-link {oam-3ah}?
| | | +--rw enable? boolean
| | +--rw uni-loop-prevention? boolean
| +--rw lag-interface {lag-interface}?
| | +--rw lag-interface*
| | [lag-interface-number]
| | +--rw lag-interface-number uint32
| | +--rw lacp
| | +--rw lacp-state? boolean
| | +--rw lacp-mode? boolean
| | +--rw lacp-speed? boolean
| | +--rw mini-link? uint32
| | +--rw system-priority? uint16
| | +--rw micro-bfd {micro-bfd}?
| | | +--rw micro-bfd-on-off?
| | | | enumeration
| | | +--rw bfd-interval?
| | | | uint32
| | | +--rw bfd-hold-timer?
| | | uint32
| | +--rw bfd {bfd}?
| | | +--rw bfd-enabled?
| | | | boolean
| | | +--rw (holdtime)?
| | | +--:(profile)
| | | | +--rw profile-name?
| | | | string
| | | +--:(fixed)
| | | +--rw fixed-value?
| | | uint32
| | +--rw member-link-list
| | | +--rw member-link* [name]
| | | +--rw name
| | | | string
| | | +--rw port-speed?
| | | | uint32
| | | +--rw mode?
| | | | neg-mode
| | | +--rw link-mtu?
| | | | uint32
| | | +--rw oam-802.3ah-link
| | | {oam-3ah}?
| | | +--rw enable? boolean
| | +--rw flow-control? string
| | +--rw lldp? boolean
| +--rw cvlan-id-to-svc-map* [svc-id]
| | +--rw svc-id leafref
| | +--rw cvlan-id* [vid]
| | +--rw vid uint32
| +--rw split-horizon
| | +--rw group-name? string
| +--rw l2cp-control {L2CP-control}?
| +--rw stp-rstp-mstp? control-mode
| +--rw pause? control-mode
| +--rw lacp-lamp? control-mode
| +--rw link-oam? control-mode
| +--rw esmc? control-mode
| +--rw l2cp-802.1x? control-mode
| +--rw e-lmi? control-mode
| +--rw lldp? boolean
| +--rw ptp-peer-delay? control-mode
| +--rw garp-mrp? control-mode
+--rw availability +--rw availability
| +--rw access-priority? uint32 | +--rw access-priority? uint32
| +--rw (redundancy-mode)? | +--rw (redundancy-mode)?
| +--:(single-active) | +--:(single-active)
| | +--rw single-active? boolean | | +--rw single-active? boolean
| +--:(all-active) | +--:(all-active)
| +--rw all-active? boolean | +--rw all-active? boolean
+--rw service +--rw service
| +--rw svc-input-bandwidth {input-bw}? | .....
| | +--rw input-bandwidth* [type]
| | +--rw type identityref
| | +--rw cos-id? uint8
| | +--rw vpn-id? svc-id
| | +--rw cir? uint64
| | +--rw cbs? uint64
| | +--rw eir? uint64
| | +--rw ebs? uint64
| | +--rw pir? uint64
| | +--rw pbs? uint64
| +--rw svc-output-bandwidth {output-bw}?
| | +--rw output-bandwidth* [type]
| | +--rw type identityref
| | +--rw cos-id? uint8
| | +--rw vpn-id? svc-id
| | +--rw cir? uint64
| | +--rw cbs? uint64
| | +--rw eir? uint64
| | +--rw ebs? uint64
| | +--rw pir? uint64
| | +--rw pbs? uint64
| +--rw qos {qos}?
| +--rw classification-policy
| | +--rw rule* [id]
| | +--rw id
| | | string
| | +--rw (match-type)?
| | | +--:(match-flow)
| | | | +--rw match-flow
| | | | +--rw dscp?
| | | | | inet:dscp
| | | | +--rw dot1q?
| | | | | uint16
| | | | +--rw pcp?
| | | | | uint8
| | | | +--rw src-mac?
| | | | | yang:mac-address
| | | | +--rw dst-mac?
| | | | | yang:mac-address
| | | | +--rw color-type?
| | | | | identityref
| | | | +--rw target-sites*
| | | | | svc-id
| | | | | {target-sites}?
| | | | +--rw any?
| | | | | empty
| | | | +--rw vpn-id?
| | | | svc-id
| | | +--:(match-application)
| | | +--rw match-application?
| | | identityref
| | +--rw target-class-id?
| | string
| +--rw qos-profile
| +--rw (qos-profile)?
| +--:(standard)
| | +--rw profile? leafref
| +--:(custom)
| +--rw classes {qos-custom}?
| +--rw class* [class-id]
| +--rw class-id
| | string
| +--rw direction?
| | identityref
| +--rw policing?
| | identityref
| +--rw byte-offset?
| | uint16
| +--rw frame-delay
| | +--rw (flavor)?
| | +--:(lowest)
| | | +--rw use-lowest
| | | -latency? empty
| | +--:(boundary)
| | +--rw delay-
| | bound? uint16
| +--rw frame-jitter
| | +--rw (flavor)?
| | +--:(lowest)
| | | +--rw use-lowest
| | | -jitter? empty
| | +--:(boundary)
| | +--rw delay-
| | bound? uint32
| +--rw frame-loss
| | +--rw rate?
| | decimal64
| +--rw bandwidth
| +--rw guaranteed-bw-
| | percent decimal64
| +--rw end-to-end?
| empty
+--rw svc-precedence
| +--rw precedence? identityref
+--rw broadcast-unknown-unicast-multicast +--rw broadcast-unknown-unicast-multicast
| +--rw multicast-site-type? | +--rw multicast-site-type?
| | enumeration | | enumeration
| +--rw multicast-gp-address-mapping* [id] | +--rw multicast-gp-address-mapping* [id]
| | +--rw id uint16 | | +--rw id uint16
| | +--rw vlan-id? uint32 | | +--rw vlan-id? uint32
| | +--rw mac-gp-address? | | +--rw mac-gp-address?
| | | yang:mac-address | | | yang:mac-address
| | +--rw port-lag-number? uint32 | | +--rw port-lag-number? uint32
| +--rw bum-overall-rate? | +--rw bum-overall-rate?
| | uint32 | uint32
| +--rw bum-rate-per-type* [type]
| +--rw type identityref
| +--rw rate? uint32
+--rw ethernet-service-oam +--rw ethernet-service-oam
| +--rw md-name? string | +--rw md-name? string
| +--rw md-level? uint8 | +--rw md-level? uint8
| +--rw cfm-802.1-ag | +--rw cfm-802.1-ag
| | +--rw n2-uni-c* [maid] | | +--rw n2-uni-c* [maid]
| | | +--rw maid | | | +--rw maid string
| | | | string | | | +--rw mep-id? uint32
| | | +--rw mep-id? | | | +--rw mep-level? uint32
| | | | uint32 | | | +--rw mep-up-down? enumeration
| | | +--rw mep-level? | | | +--rw remote-mep-id? uint32
| | | | uint32 | | | +--rw cos-for-cfm-pdus? uint32
| | | +--rw mep-up-down? | | | +--rw ccm-interval? uint32
| | | | enumeration | | | +--rw ccm-holdtime? uint32
| | | +--rw remote-mep-id?
| | | | uint32
| | | +--rw cos-for-cfm-pdus?
| | | | uint32
| | | +--rw ccm-interval?
| | | | uint32
| | | +--rw ccm-holdtime?
| | | | uint32
| | | +--rw alarm-priority-defect?
| | | | identityref
| | | +--rw ccm-p-bits-pri? | | | +--rw ccm-p-bits-pri?
| | | ccm-priority-type | | | vpn-common:ccm-priority-type
| | +--rw n2-uni-n* [maid] | | +--rw n2-uni-n* [maid]
| | +--rw maid | | +--rw maid string
| | | string | | +--rw mep-id? uint32
| | +--rw mep-id? | | +--rw mep-level? uint32
| | | uint32 | | +--rw mep-up-down? enumeration
| | +--rw mep-level? | | +--rw remote-mep-id? uint32
| | | uint32 | | +--rw cos-for-cfm-pdus? uint32
| | +--rw mep-up-down? | | +--rw ccm-interval? uint32
| | | enumeration | | +--rw ccm-holdtime? uint32
| | +--rw remote-mep-id?
| | | uint32
| | +--rw cos-for-cfm-pdus?
| | | uint32
| | +--rw ccm-interval?
| | | uint32
| | +--rw ccm-holdtime?
| | | uint32
| | +--rw alarm-priority-defect?
| | | identityref
| | +--rw ccm-p-bits-pri? | | +--rw ccm-p-bits-pri?
| | ccm-priority-type | | vpn-common:ccm-priority-type
| +--rw y-1731* [maid] | +--rw y-1731* [maid]
| +--rw maid | +--rw maid
| | string | | string
| +--rw mep-id? | +--rw mep-id?
| | uint32 | | uint32
| +--rw type? | +--rw type?
| | identityref | | identityref
| +--rw remote-mep-id? | +--rw remote-mep-id?
| | uint32 | | uint32
| +--rw message-period? | +--rw message-period?
skipping to change at page 18, line 9 skipping to change at page 18, line 6
| +--rw session-type? | +--rw session-type?
| enumeration | enumeration
+--rw mac-loop-prevention +--rw mac-loop-prevention
| +--rw frequency? uint32 | +--rw frequency? uint32
| +--rw protection-type? identityref | +--rw protection-type? identityref
| +--rw number-retries? uint32 | +--rw number-retries? uint32
+--rw access-control-list +--rw access-control-list
| +--rw mac* [mac-address] | +--rw mac* [mac-address]
| +--rw mac-address yang:mac-address | +--rw mac-address yang:mac-address
+--rw mac-addr-limit +--rw mac-addr-limit
| +--rw mac-num-limit? uint16 +--rw mac-num-limit? uint16
| +--rw time-interval? uint32 +--rw time-interval? uint32
| +--rw action? identityref +--rw action? identityref
+--rw site-bearers
+--rw bearer-id?
string
Figure 5 Figure 8
3.3.3.2.1. Connection
The connection container is used to configure the relevant properties
of the interface that is attached to the VPN, for example the
encapsulation type, the physical interface or creating a lag.
+--rw connection
+--rw encapsulation-type? identityref
+--rw eth-inf-type* identityref
+--rw dot1q-interface
| +--rw l2-access-type? identityref
| +--rw dot1q {vpn-common:dot1q}?
| | +--rw physical-inf? string
| | +--rw c-vlan-id? uint32
| +--rw qinq {vpn-common:qinq}?
| | +--rw s-vlan-id? uint32
| | +--rw c-vlan-id? uint32
| +--rw qinany {vpn-common:qinany}?
| | +--rw s-vlan-id? uint32
| +--rw vxlan {vxlan}?
| +--rw vni-id? uint32
| +--rw peer-mode? identityref
| +--rw peer-list* [peer-ip]
| +--rw peer-ip inet:ip-address
+--rw phy-interface
| +--rw port-number? uint32
| +--rw port-speed? uint32
| +--rw mode?
| | vpn-common:neg-mode
| +--rw phy-mtu? uint32
| +--rw flow-control? string
| +--rw oam-802.3ah-link {oam-3ah}?
| | +--rw enable? boolean
| +--rw uni-loop-prevention? boolean
+--rw lag-interface
| {vpn-common:lag-interface}?
| +--rw lag-interface*
| [lag-interface-number]
| +--rw lag-interface-number uint32
| +--rw lacp
| +--rw lacp-state? boolean
| +--rw lacp-mode? boolean
| +--rw lacp-speed? boolean
| +--rw mini-link? uint32
| +--rw system-priority? uint16
| +--rw member-link-list
| | +--rw member-link* [name]
| | +--rw name
| | | string
| | +--rw port-speed?
| | | uint32
| | +--rw mode?
| | | vpn-common:neg-mode
| | +--rw link-mtu?
| | | uint32
| | +--rw oam-802.3ah-link
| | {oam-3ah}?
| | +--rw enable? boolean
| +--rw flow-control? string
| +--rw lldp? boolean
+--rw cvlan-id-to-svc-map* [svc-id]
| +--rw svc-id leafref
| +--rw cvlan-id* [vid]
| +--rw vid uint32
+--rw split-horizon
+--rw group-name? string
Figure 9
3.3.3.2.2. Layer 2 service requirements
This container is usedd to indicate the details of the ethernet
service such as bandwidth or qos.
+--rw service
| +--rw svc-input-bandwidth
| | {vpn-common:input-bw}?
| | +--rw input-bandwidth* [type]
| | +--rw type identityref
| | +--rw cos-id? uint8
| | +--rw cir? uint64
| | +--rw cbs? uint64
| | +--rw eir? uint64
| | +--rw ebs? uint64
| | +--rw pir? uint64
| | +--rw pbs? uint64
| +--rw svc-output-bandwidth {output-bw}?
| | +--rw output-bandwidth* [type]
| | +--rw type identityref
| | +--rw cos-id? uint8
| | +--rw cir? uint64
| | +--rw cbs? uint64
| | +--rw eir? uint64
| | +--rw ebs? uint64
| | +--rw pir? uint64
| | +--rw pbs? uint64
| +--rw qos {vpn-common:qos}?
| | +--rw qos-classification-policy
| | | +--rw rule* [id]
| | | +--rw id
| | | | string
| | | +--rw (match-type)?
| | | | +--:(match-flow)
| | | | | +--rw (l3)?
| | | | | | +--:(ipv4)
| | | | | | | +--rw ipv4
| | | | | | | +--rw dscp?
| | | | | | | | inet:dscp
| | | | | | | +--rw ecn?
| | | | | | | | uint8
| | | | | | | +--rw length?
| | | | | | | | uint16
| | | | | | | +--rw ttl?
| | | | | | | | uint8
| | | | | | | +--rw protocol?
| | | | | | | | uint8
| | | | | | | +--rw ihl?
| | | | | | | | uint8
| | | | | | | +--rw flags?
| | | | | | | | bits
| | | | | | | +--rw offset?
| | | | | | | | uint16
| | | | | | | +--rw identification?
| | | | | | | | uint16
| | | | | | | +--rw (destination-network)?
| | | | | | | | +--:(destination-ipv4-network)
| | | | | | | | +--rw destination-ipv4-network?
| | | | | | | | inet:ipv4-prefix
| | | | | | | +--rw (source-network)?
| | | | | | | +--:(source-ipv4-network)
| | | | | | | +--rw source-ipv4-network?
| | | | | | | inet:ipv4-prefix
| | | | | | +--:(ipv6)
| | | | | | +--rw ipv6
| | | | | | +--rw dscp?
| | | | | | | inet:dscp
| | | | | | +--rw ecn?
| | | | | | | uint8
| | | | | | +--rw length?
| | | | | | | uint16
| | | | | | +--rw ttl?
| | | | | | | uint8
| | | | | | +--rw protocol?
| | | | | | | uint8
| | | | | | +--rw (destination-network)?
| | | | | | | +--:(destination-ipv6-network)
| | | | | | | +--rw destination-ipv6-network?
| | | | | | | inet:ipv6-prefix
| | | | | | +--rw (source-network)?
| | | | | | | +--:(source-ipv6-network)
| | | | | | | +--rw source-ipv6-network?
| | | | | | | inet:ipv6-prefix
| | | | | | +--rw flow-label?
| | | | | | inet:ipv6-flow-label
| | | | | +--rw (l4)?
| | | | | +--:(tcp)
| | | | | | +--rw tcp
| | | | | | +--rw sequence-number?
| | | | | | | uint32
| | | | | | +--rw acknowledgement-number?
| | | | | | | uint32
| | | | | | +--rw data-offset?
| | | | | | | uint8
| | | | | | +--rw reserved?
| | | | | | | uint8
| | | | | | +--rw flags?
| | | | | | | bits
| | | | | | +--rw window-size?
| | | | | | | uint16
| | | | | | +--rw urgent-pointer?
| | | | | | | uint16
| | | | | | +--rw options?
| | | | | | | binary
| | | | | | +--rw (source-port)?
| | | | | | | +--:(source-port-range-or-operator)
| | | | | | | +--rw source-port-range-or-operator
| | | | | | | +--rw (port-range-or-operator)?
| | | | | | | +--:(range)
| | | | | | | | +--rw lower-port
| | | | | | | | | inet:port-number
| | | | | | | | +--rw upper-port
| | | | | | | | inet:port-number
| | | | | | | +--:(operator)
| | | | | | | +--rw operator?
| | | | | | | | operator
| | | | | | | +--rw port
| | | | | | | inet:port-number
| | | | | | +--rw (destination-port)?
| | | | | | +--:(destination-port-range-or-operator)
| | | | | | +--rw destination-port-range-or-operator
| | | | | | +--rw (port-range-or-operator)?
| | | | | | +--:(range)
| | | | | | | +--rw lower-port
| | | | | | | | inet:port-number
| | | | | | | +--rw upper-port
| | | | | | | inet:port-number
| | | | | | +--:(operator)
| | | | | | +--rw operator?
| | | | | | | operator
| | | | | | +--rw port
| | | | | | inet:port-number
| | | | | +--:(udp)
| | | | | +--rw udp
| | | | | +--rw length?
| | | | | | uint16
| | | | | +--rw (source-port)?
| | | | | | +--:(source-port-range-or-operator)
| | | | | | +--rw source-port-range-or-operator
| | | | | | +--rw (port-range-or-operator)?
| | | | | | +--:(range)
| | | | | | | +--rw lower-port
| | | | | | | | inet:port-number
| | | | | | | +--rw upper-port
| | | | | | | inet:port-number
| | | | | | +--:(operator)
| | | | | | +--rw operator?
| | | | | | | operator
| | | | | | +--rw port
| | | | | | inet:port-number
| | | | | +--rw (destination-port)?
| | | | | +--:(destination-port-range-or-operator)
| | | | | +--rw destination-port-range-or-operator
| | | | | +--rw (port-range-or-operator)?
| | | | | +--:(range)
| | | | | | +--rw lower-port
| | | | | | | inet:port-number
| | | | | | +--rw upper-port
| | | | | | inet:port-number
| | | | | +--:(operator)
| | | | | +--rw operator?
| | | | | | operator
| | | | | +--rw port
| | | | | inet:port-number
| | | | +--:(match-application)
| | | | +--rw match-application?
| | | | identityref
| | | +--rw target-class-id?
| | | string
| | +--rw qos-profile
| | +--rw qos-profile* [profile]
| | +--rw profile leafref
| | +--rw direction? identityref
| +--rw precedence
| +--rw precedence? identityref
Figure 10
4. Relation with other YANG Models 4. Relation with other YANG Models
The L2NM model, aimed at managing the L2VPN Services in a Service The L2NM model, aimed at managing the L2VPN Services in a Service
Provider Network controller/orchestrator has relations with other Provider Network controller/orchestrator has relations with other
YANG modules. YANG modules.
4.1. Relation with L2SM 4.1. Relation with L2SM
[RFC8466] defines a L2VPN Service YANG data Model (L2SM) that can be [RFC8466] defines a L2VPN Service YANG data Model (L2SM) that can be
skipping to change at page 19, line 7 skipping to change at page 24, line 9
4.3. Relation with Device Models 4.3. Relation with Device Models
Creating services in the l2vpn-ntw module will will lead at some Creating services in the l2vpn-ntw module will will lead at some
point to the configuration of devices. Hence, it is foreseen that point to the configuration of devices. Hence, it is foreseen that
the data for the device yang modules will be derived partially from the data for the device yang modules will be derived partially from
the L2NM vpn-service container. Note that L2NM is NOT a device the L2NM vpn-service container. Note that L2NM is NOT a device
model. model.
5. YANG Module 5. YANG Module
<CODE BEGINS>file "ietf-l2vpn-ntw@2020-05-26.yang" <CODE BEGINS>file "ietf-l2vpn-ntw@2020-11-02.yang"
module ietf-l2vpn-ntw { module ietf-l2vpn-ntw {
yang-version 1.1; yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-l2vpn-ntw"; namespace "urn:ietf:params:xml:ns:yang:ietf-l2vpn-ntw";
prefix l2vpn-ntw; prefix l2vpn-ntw;
import ietf-inet-types { import ietf-inet-types {
prefix inet; prefix inet;
reference reference
"Section 4 of RFC 6991"; "Section 4 of RFC 6991";
} }
import ietf-yang-types { import ietf-yang-types {
prefix yang; prefix yang;
reference reference
"Section 3 of RFC 6991"; "Section 3 of RFC 6991";
} }
import ietf-netconf-acm { import ietf-vpn-common {
prefix nacm; prefix vpn-common;
reference
"RFC 8341: Network Configuration Access Control Model";
}
import ietf-l3vpn-ntw {
prefix l3vpn-ntw;
reference
"RFC NNNN: A Layer 3 VPN Network YANG Model";
}
import ietf-l2vpn-svc {
prefix l2vpn-svc;
reference
"RFC 8466: YANG Data Model for Layer 2 Virtual Private
Network (L2VPN) Service Delivery";
}
import ietf-packet-fields {
prefix pf;
reference
"RFC 8519 - YANG Data Model for Network Access Control
Lists (ACLs).";
}
import ietf-routing-types {
prefix rt-types;
reference reference
"RFC 8294: Common YANG Data Types for the Routing Area"; "RFC CCCC: A Layer 2/3 VPN Common YANG Model";
} }
organization organization
"IETF OPSA (Operations and Management Area) Working Group"; "IETF OPSA (Operations and Management Area) Working Group";
contact contact
"WG Web: <http://tools.ietf.org/wg/opsawg/> "WG Web: <http://tools.ietf.org/wg/opsawg/>
WG List: <mailto:opsawg@ietf.org> WG List: <mailto:opsawg@ietf.org>
Editor: Samier Barguil
<mailto:samier.barguilgiraldo.ext@telefonica.com> Editor: Samier Barguil
Editor: Oscar Gonzalez de Dios <mailto:samier.barguilgiraldo.ext@telefonica.com>
<mailto:oscar.gonzalezdedios@telefonica.com> Editor: Oscar Gonzalez de Dios
Author: Mohamed Boucadair <mailto:oscar.gonzalezdedios@telefonica.com>
<mailto:mohamed.boucadair@orange.com> Author: Mohamed Boucadair
Author: Luis Angel Munoz <mailto:mohamed.boucadair@orange.com>
<mailto:luis-angel.munoz@vodafone.com> Author: Luis Angel Munoz
Author: Luay Jalil <mailto:luis-angel.munoz@vodafone.com>
<mailto:luay.jalil@verizon.com> Author: Luay Jalil
Author: Jichun Ma <mailto:luay.jalil@verizon.com>
<mailto:majc16@chinaunicom.cn> Author: Jichun Ma
<mailto:majc16@chinaunicom.cn>
"; ";
description description
"The YANG module defines a generic network configuration "The YANG module defines a generic network configuration
model for Layer 2 VPN services common across all of the model for Layer 2 VPN services common across all of the
vendor implementations. vendor implementations.
Copyright (c) 2020 IETF Trust and the persons identified as Copyright (c) 2020 IETF Trust and the persons identified as
authors of the code. All rights reserved. authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject to without modification, is permitted pursuant to, and subject to
the license terms contained in, the Simplified BSD License set the license terms contained in, the Simplified BSD License set
forth in Section 4.c of the IETF Trust's Legal Provisions forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents Relating to IETF Documents
(https://trustee.ietf.org/license-info). (https://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX This version of this YANG module is part of RFC XXXX
(https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself
for full legal notices."; for full legal notices.";
revision 2020-05-26 { revision 2020-11-02 {
description description
"Third revision -02 version"; "Initial version.";
reference reference
"RFC XXXX: A Layer 2 VPN Network YANG Model."; "RFC XXXX: A Layer 2 VPN Network YANG Model.";
} }
/* Features */ /* Features */
feature multicast-like { feature multicast-like {
description description
"Indicates the support of multicast-like capabilities "Indicates the support of multicast-like capabilities
in a L2VPN."; in a L2VPN.";
}
feature extranet-vpn {
description
"Indicates the Support of Extranet VPN.";
} }
feature target-sites { feature target-sites {
description description
"Indicates the support of 'target-sites' match flow "Indicates the support of 'target-sites' match flow
parameter."; parameter.";
} }
feature l2cp-control { feature l2cp-control {
description description
"Indicates the support of L2CP control."; "Indicates the support of L2CP control.";
} }
feature input-bw {
description
"Indicates the suppport of Input Bandwidth
in a VPN.";
}
feature output-bw { feature output-bw {
description description
"Indicates the support of Output Bandwidth in "Indicates the support of Output Bandwidth in
a VPN"; a VPN";
} }
feature uni-list { feature uni-list {
description description
"Indicates thesupport of UNI list in a VPN."; "Indicates thesupport of UNI list in a VPN.";
} }
feature cloud-access {
description
"Indicates the support of a VPN to connect to a Cloud Service
provider.";
}
feature oam-3ah { feature oam-3ah {
description description
"Indicates the support of OAM 802.3ah."; "Indicates the support of OAM 802.3ah.";
} }
feature micro-bfd { feature micro-bfd {
description description
"Indicates the support of Micro-BFD."; "Indicates the support of Micro-BFD.";
} }
feature bfd {
description
"Indicates the support of BFD.";
}
feature signaling-options { feature signaling-options {
description description
"Indicates the support of signalling option."; "Indicates the support of signalling option.";
} }
feature site-diversity {
description
"Indicates the support of site diversity constraints in
a VPN.";
}
feature encryption {
description
"Indicates the support of encryption.";
}
feature always-on { feature always-on {
description description
"Indicates the support for always-on access "Indicates the support for always-on access
constraint."; constraint.";
} }
feature requested-type { feature requested-type {
description description
"Indicates the support for requested-type access "Indicates the support for requested-type access
constraint."; constraint.";
} }
feature bearer-reference {
description
"Indicates the support for bearer-reference access
constraint.";
}
feature qos {
description
"Indicates the support of Class of Services.";
}
feature lag-interface {
description
"Enable lag-interface.";
}
feature vlan { feature vlan {
description description
"Indicates the support of VLAN."; "Indicates the support of VLAN.";
} }
feature dot1q {
description
"Indicates the support of Dot1Q.";
}
feature sub-inf { feature sub-inf {
description description
"Indicates the support of Sub Interface."; "Indicates the support of Sub Interface.";
} }
feature qinq {
description
"Indicates the support of QinQ.";
}
feature qinany {
description
"Indicates the support of QinAny.";
}
feature atm { feature atm {
description description
"Indicates the support of ATM."; "Indicates the support of ATM.";
} }
feature vxlan { feature vxlan {
description description
"Indicates the support of VxLAN."; "Indicates the support of VxLAN.";
} }
feature ipv4 {
description
"Indicates the support in a VPN.";
}
feature ipv6 {
description
"Indicates the support in a VPN.";
}
feature lan-tag { feature lan-tag {
description description
"Indicates the LAN Tag support in a VPN."; "Indicates the LAN Tag support in a VPN.";
} }
/* Typedefs */ /* Typedefs */
typedef protocol-type {
type enumeration {
enum GRE {
value 0;
description
"Transport based on GRE.";
}
enum LDP {
value 1;
description
"Transport based on LDP.";
reference
"RFC 5036: LDP Specification";
}
enum BGP {
value 2;
description
"Transport based on BGP.";
reference
"RFC 4760: Multiprotocol Extensions for BGP-4";
}
enum SR {
value 3;
description
"Transport based on Segment Routing";
reference
"RFC 8660: Segment Routing with the MPLS Data Plane";
}
enum SR-TE {
value 4;
description
"Transport based on Segment Routing for Traffic
Engineering";
}
enum RSVP-TE {
value 5;
description
"Transport based on RSVP-TE signaled tunnels";
reference
"RFC 3209: RSVP-TE: Extensions to RSVP for LSP Tunnels";
}
}
description
"This are attributes used to identify underly
transport protocols used to deliver the service.";
}
typedef operational-type {
type enumeration {
enum up {
value 0;
description
"Operational status UP.";
}
enum down {
value 1;
description
"Operational status DOWN";
}
enum unknown {
value 2;
description
"Operational status UNKNOWN";
}
}
description
"This is an attribute used to determine the
operational status of a particular element.";
}
typedef svc-id {
type string;
description
"Indicates the type of service component identifier.";
}
typedef ccm-priority-type {
type uint8 {
range "0..7";
}
description
"A 3 bit priority value to be used in the VLAN tag,
if present in the transmitted frame.";
}
typedef control-mode {
type enumeration {
enum peer {
description
"Peer mode, i.e., participate in the protocol towards
the CE. Peering is common for LACP and E-LMI and
occasionally for LLDP. For virtual private services
the Subscriber can also request that the Service
Provider peer spanning tree.";
}
enum tunnel {
description
"Tunnel mode,i.e.,pass to the egress or destination site.
For EPL, the expectation is that L2CP frames are
tunneled.";
}
enum discard {
description
"Discard mode,i.e.,discard the frame.";
}
}
description
"Defining a type of the control mode on L2CP protocols.";
}
typedef neg-mode {
type enumeration {
enum full-duplex {
description
"Defining Full duplex mode";
}
enum auto-neg {
description
"Defining Auto negotiation mode";
}
}
description
"Defining a type of the negotiation mode";
}
/* Identities */ /* Identities */
identity multicast-tree-type {
base l2vpn-svc:multicast-tree-type;
description
"Base identity for multicast tree type.";
}
identity mapping-type { identity mapping-type {
base l2vpn-svc:multicast-gp-address-mapping; base vpn-common:multicast-gp-address-mapping;
description description
"Identity mapping-type."; "Identity mapping-type.";
}
identity tf-type {
base l2vpn-svc:tf-type;
description
"Identity traffic-type";
}
identity pwe-encapsulation-type {
base l2vpn-svc:encapsulation-type;
description
"Identity pwe-encapsulation-type";
}
identity l2tp-pw-type {
description
"Identity for L2TP PW type";
}
identity encapsulation-type {
description
"Identity for encapsulation type";
}
identity ethernet-type {
base encapsulation-type;
description
"Identity for encapsulation type";
}
identity vlan-type {
base encapsulation-type;
description
"Identity for encapsulation type";
} }
identity protection-mode { identity protection-mode {
description description
"Identity of protection mode"; "Identity of protection mode";
} }
identity oneplusone { identity oneplusone {
base protection-mode; base protection-mode;
description description
skipping to change at page 28, line 18 skipping to change at page 27, line 48
identity one-to-one { identity one-to-one {
base protection-mode; base protection-mode;
description description
"In this scheme, a backup circuit to the primary "In this scheme, a backup circuit to the primary
circuit is provisioned. Depending on the implementation circuit is provisioned. Depending on the implementation
agreement, the protection circuits may either always be agreement, the protection circuits may either always be
in active forwarding state, or may only become active when in active forwarding state, or may only become active when
a faulty state is detected on the primary circuit."; a faulty state is detected on the primary circuit.";
} }
identity eth-inf-type { identity bundling-type {
base l2vpn-svc:eth-inf-type;
description description
"Identity of Ethernet Interface Type"; "The base identity for the bundling type. It supports
multiple CE-VLANs associated with an L2VPN service or
all CE-VLANs associated with an L2VPN service.";
} }
identity bw-type { identity multi-svc-bundling {
base l2vpn-svc:bw-type; base bundling-type;
description description
"Identity of bandwidth"; "Identity for multi-service bundling, i.e.,
multiple CE-VLAN IDs can be associated with an
L2VPN service at a site.";
} }
identity site-type { identity one2one-bundling {
base bundling-type;
description description
"Identity of site type."; "Identity for one-to-one service bundling, i.e.,
each L2VPN can be associated with only one CE-VLAN ID
at a site.";
} }
identity uni { identity all2one-bundling {
base site-type; base bundling-type;
description description
"Identity of User Network Interface "; "Identity for all-to-one bundling, i.e., all CE-VLAN IDs
are mapped to one L2VPN service.";
} }
identity enni { identity color-id {
base site-type;
description description
"Identity of External Network to Network Interface"; "Base identity of the color ID.";
} }
identity service-type { identity color-id-cvlan {
base l2vpn-svc:service-type; base color-id;
description description
"Base Identity of service type."; "Identity of the color ID based on a CVLAN.";
} }
identity bundling-type {
base l2vpn-svc:bundling-type; identity color-type {
description description
"This is base identity for Bundling type. It supports "Identity of color types.";
multiple CE-VLAN associated with L2VPN service or all
CE-VLANs associated with L2VPN service.";
} }
identity color-id { identity green {
base l2vpn-svc:color-id; base color-type;
description description
"base identity of color id"; "Identity of the 'green' color type.";
} }
identity yellow {
identity cos-id { base color-type;
base l2vpn-svc:cos-id;
description description
"Identity of class of service id"; "Identity of the 'yellow' color type.";
} }
identity color-type { identity red {
base l2vpn-svc:color-type; base color-type;
description description
"Identity of color types"; "Identity of the 'red' color type.";
} }
identity perf-tier-opt { identity perf-tier-opt {
description description
"Identity of performance tier option."; "Identity of performance tier option.";
} }
identity metro { identity metro {
base perf-tier-opt; base perf-tier-opt;
description description
skipping to change at page 30, line 27 skipping to change at page 30, line 14
description description
"Identity of one-rate, two-color (1R2C)"; "Identity of one-rate, two-color (1R2C)";
} }
identity two-rate-three-color { identity two-rate-three-color {
base policing; base policing;
description description
"Identity of two-rate, three-color (2R3C)"; "Identity of two-rate, three-color (2R3C)";
} }
identity bum-type {
base l2vpn-svc:bum-type;
description
"Identity of BUM type";
}
identity loop-prevention-type { identity loop-prevention-type {
base l2vpn-svc:loop-prevention-type;
description
"Identity of loop prevention";
}
identity lacp-state {
base l2vpn-svc:lacp-state;
description
"Identity of LACP state";
}
identity lacp-mode {
base l2vpn-svc:lacp-mode;
description
"Identity of LACP mode";
}
identity lacp-speed {
base l2vpn-svc:lacp-speed;
description
"Identity of LACP speed";
}
identity vpn-signaling-type {
description
"Identity of VPN signaling types";
}
identity l2vpn-bgp {
base vpn-signaling-type;
description
"Identity of l2vpn-bgp";
}
identity evpn-bgp {
base vpn-signaling-type;
description
"Identity of evpn-bgp";
}
identity t-ldp {
base vpn-signaling-type;
description description
"Identity of t-ldp."; "Identity of loop prevention.";
} }
identity h-vpls { identity shut {
base vpn-signaling-type; base loop-prevention-type;
description description
"Identity for h-vpls"; "Identity of shut protection.";
} }
identity l2tp { identity trap {
base vpn-signaling-type; base loop-prevention-type;
description description
"Identity of l2tp."; "Identity of trap protection.";
} }
identity t-ldp-pwe-type { identity t-ldp-pwe-type {
description description
"Identity for t-ldp-pwe-type."; "Identity for t-ldp-pwe-type.";
} }
identity vpws-type { identity vpws-type {
base t-ldp-pwe-type; base t-ldp-pwe-type;
description description
skipping to change at page 33, line 4 skipping to change at page 31, line 40
identity evpn-type { identity evpn-type {
description description
"Ethernet VPN types"; "Ethernet VPN types";
} }
identity evpn-vpws { identity evpn-vpws {
base evpn-type; base evpn-type;
description description
"VPWS support in EVPN."; "VPWS support in EVPN.";
} }
identity evpn-pbb { identity evpn-pbb {
base evpn-type; base evpn-type;
description description
" Provider Backbone Bridging Support in EVPN."; " Provider Backbone Bridging Support in EVPN.";
} }
identity management {
base l2vpn-svc:management;
description
"Base identity for site management scheme.";
}
identity address-family {
base l2vpn-svc:address-family;
description
"Base identity for an address family.";
}
identity vpn-topology {
base l3vpn-ntw:vpn-topology;
description
"Base identity for VPN topology.";
}
identity site-role {
base l2vpn-svc:site-role;
description
"Base identity for site type.";
}
identity any-to-any-role {
base site-role;
description
"Any-to-any-role site type.";
}
identity pm-type { identity pm-type {
base l2vpn-svc:pm-type;
description
"Performance monitor type";
}
identity fault-alarm-defect-type {
base l2vpn-svc:fault-alarm-defect-type;
description description
"Indicating the alarm priority defect"; "Performance-monitoring type.";
}
identity frame-delivery-mode {
base l2vpn-svc:frame-delivery-mode;
description
"Delivery types";
}
identity pw-topo-type {
base l2vpn-svc:site-network-access-type;
description
"base identity for pw topology Type";
}
identity placement-diversity {
base l2vpn-svc:placement-diversity;
description
"Base identity for site placement
constraints";
}
identity l2-access-type {
description
"This identify the access type
of the vpn acccess interface";
}
identity untag {
base l2-access-type;
description
"Untag";
} }
identity port { identity loss {
base l2-access-type; base pm-type;
description description
"Port"; "Loss measurement.";
} }
identity dot1q { identity delay {
base l2-access-type; base pm-type;
description description
"Qot1q"; "Delay measurement.";
} }
identity qinq { identity mac-learning-mode {
base l2-access-type;
description
"QinQ";
}
identity sub-interface {
base l2-access-type;
description description
"Create a default sub-interface and keep vlan."; "MAC learning mode.";
} }
identity atm { identity data-plane {
base l2-access-type; base mac-learning-mode;
description description
"ATM Cell."; "User MAC addresses are learned through ARP broadcast.";
} }
identity vxlan { identity control-plane {
base l2-access-type; base mac-learning-mode;
description description
"Vxlan access into the vpn"; "User MAC addresses are advertised through EVPN-BGP.";
} }
identity provision-model { identity mac-action {
base l2vpn-svc:provision-model;
description description
"base identity for provision model."; "Base identity for a MAC action.";
} }
identity mac-learning-mode { identity drop {
base l2vpn-svc:mac-learning-mode; base mac-action;
description description
"MAC learning mode"; "Identity for dropping a packet.";
} }
identity vpn-policy-filter-type { identity flood {
base l2vpn-svc:vpn-policy-filter-type; base mac-action;
description description
"Base identity for filter type."; "Identity for packet flooding.";
} }
identity mac-action { identity warning {
base l2vpn-svc:mac-action; base mac-action;
description description
"Base identity for MAC action."; "Identity for sending a warning log message.";
} }
identity load-balance-method { identity load-balance-method {
description description
"Base identity for load balance method."; "Base identity for load balance method.";
} }
identity fat-pw { identity fat-pw {
base load-balance-method; base load-balance-method;
description description
skipping to change at page 36, line 26 skipping to change at page 33, line 35
L2VPN or L3VPN across MPLS network"; L2VPN or L3VPN across MPLS network";
} }
identity vxlan-source-port { identity vxlan-source-port {
base load-balance-method; base load-balance-method;
description description
"Identity for vxlan source port.VxLAN "Identity for vxlan source port.VxLAN
Source Port is one load balancing method."; Source Port is one load balancing method.";
} }
identity qos-profile-direction {
base l2vpn-svc:qos-profile-direction;
description
"Base identity for qos profile direction.";
}
identity vxlan-peer-mode {
base l2vpn-svc:vxlan-peer-mode;
description
"Base identity for vxlan peer mode.";
}
identity customer-application {
base l2vpn-svc:customer-application;
description
"Base identity for customer application.";
}
identity precedence-type { identity precedence-type {
description description
"Redundancy type. The service can be created "Redundancy type. The service can be created
with active and bakcup signalization."; with active and bakcup signalization.";
} }
identity primary { identity primary {
base precedence-type; base precedence-type;
description description
"Identifies the Main L2VPN."; "Identifies the Main L2VPN.";
skipping to change at page 37, line 13 skipping to change at page 34, line 4
base precedence-type; base precedence-type;
description description
"Identifies the Main L2VPN."; "Identifies the Main L2VPN.";
} }
identity backup { identity backup {
base precedence-type; base precedence-type;
description description
"Identifies the Backup L2VPN."; "Identifies the Backup L2VPN.";
} }
/* Groupings */ /* Groupings */
grouping vpn-route-targets {
description
"A grouping that specifies Route Target import-export rules
used in a BGP-enabled VPN.";
list vpn-target {
key "id";
leaf id {
type int8;
description
"Identifies each VPN Target";
}
list route-targets {
key "route-target";
leaf route-target {
type rt-types:route-target;
description
"Route Target value";
}
description
"List of Route Targets.";
}
leaf route-target-type {
type rt-types:route-target-type;
mandatory true;
description
"Import/export type of the Route Target.";
}
description
"l3vpn route targets. AND/OR Operations are available
based on the RTs assigment";
}
reference
"RFC4364: BGP/MPLS IP Virtual Private Networks (VPNs)
RFC4664: Framework for Layer 2 Virtual Private Networks
(L2VPNs)";
container vpn-policies {
description
"";
leaf import-policy {
type string;
description
"Reference to a VRF import policy.";
}
leaf export-policy {
type string;
description
"Reference to a VRF export policy.";
}
}
}
grouping svc-transport-encapsulation {
container transport-encapsulation {
leaf-list protocol {
type protocol-type;
ordered-by user;
description
"Protocols used to support transport";
}
description
"Container for the Transport Underlay.";
}
description
"This grouping defines the type of underlay transport
for VPN service.";
}
grouping split-horizon-group {
container split-horizon {
leaf group-name {
type string;
description
"group-name of the Split Horizon";
}
description
"Configuration with split horizon enabled";
}
description
"Configuration with split horizon enabled";
}
grouping svc-precedence {
container svc-precedence {
leaf precedence {
type identityref {
base precedence-type;
}
description
"Defining service redundancy in transport
network.";
}
description
"Transport netowrk precedence selector
Primary or Secondary tunnel.";
}
description
"Transport netowrk precedence selector
Primary or Secondary tunnel.";
}
grouping vpn-service-cloud-access {
container cloud-accesses {
if-feature "cloud-access";
list cloud-access {
key "cloud-identifier";
leaf cloud-identifier {
type string;
description
"Identification of cloud service. Local
admin meaning.";
}
choice list-flavor {
case permit-any {
leaf permit-any {
type empty;
description
"Allow all sites.";
}
}
case deny-any-except {
leaf-list permit-site {
type leafref {
path "/l2vpn-ntw/sites/site/site-id";
}
description
"Site ID to be authorized.";
}
}
case permit-any-except {
leaf-list deny-site {
type leafref {
path "/l2vpn-ntw/sites/site/site-id";
}
description
"Site ID to be denied.";
}
}
description
"Choice for cloud access policy.";
}
container authorized-sites {
list authorized-site {
key "site-id";
leaf site-id {
type leafref {
path "/l2vpn-ntw/sites/site/site-id";
}
description
"Site ID.";
}
description
"List of authorized sites.";
}
description
"Configuration of authorized sites.";
}
container denied-sites {
list denied-site {
key "site-id";
leaf site-id {
type leafref {
path "/l2vpn-ntw/sites/site/site-id";
}
description
"Site ID.";
}
description
"List of denied sites.";
}
description
"Configuration of denied sites.";
}
description
"Cloud access configuration.";
}
description
"Container for cloud access configurations";
}
description
"Grouping for vpn cloud definition";
}
grouping site-device {
container device {
list devices {
key "device-id";
leaf device-id {
type string;
description
"Device ID";
}
leaf location {
type leafref {
path "/l2vpn-ntw/sites/site/locations/location/" +
"location-id";
}
description
"Site name";
}
container management {
leaf address {
type inet:ip-address;
description
"Address";
}
leaf management-transport {
type identityref {
base address-family;
}
description
"Transport protocol used for management.";
}
description
"Container for management";
}
description
"List of devices";
}
description
"Devices configuration";
}
description
"Device parameters for the site.";
}
grouping site-management {
container management {
leaf type {
type identityref {
base management;
}
description
"Management type of the connection.";
}
description
"Container for management";
}
description
"Grouping for management";
}
grouping site-vpn-policy {
container vpn-policies {
list vpn-policy {
key "vpn-policy-id";
leaf vpn-policy-id {
type string;
description
"Unique identifier for the VPN policy.";
}
list entries {
key "id";
leaf id {
type string;
description
"Unique identifier for the policy entry.";
}
container filters {
list filter {
key "type";
ordered-by user;
leaf type {
type identityref {
base vpn-policy-filter-type;
}
description
"Type of VPN Policy filter.";
}
description
"List of filters used on the site. This list can
be augmented.";
}
description
"If a more-granular VPN attachment is necessary,
filtering can be used. If used, it permits the
splitting of site LANs among multiple VPNs. The
Site LAN can be split based on either LAN-tag
or LAN prefix. If no filter is used, all the LANs
will be part of the same VPNs with the same role.";
}
list vpn {
key "vpn-id";
leaf vpn-id {
type leafref {
path "/l2vpn-ntw/vpn-services/"
+ "vpn-service/vpn-id";
}
mandatory true;
description
"Reference to an IP VPN.";
}
leaf site-role {
type identityref {
base site-role;
}
default "any-to-any-role";
description
"Role of the site in the IP VPN.";
}
description
"List of VPNs the LAN is associated with.";
}
description
"List of entries for export policy.";
}
description
"List of VPN policies.";
}
description
"VPN policy.";
}
description
"VPN policy parameters for the site.";
}
grouping bum-frame-delivery {
container bum-frame-delivery-modes {
list bum-frame-delivery {
key "traffic-type";
leaf traffic-type {
type identityref {
base tf-type;
}
description
"Type of frame delivery. It support unicast
frame delivery, multicast frame delivery
and broadcast frame delivery.";
}
leaf delivery-mode {
type identityref {
base frame-delivery-mode;
}
description
" Define Frame Delivery Mode
(unconditional[default], conditional, or discard).";
}
description
"List of frame delivery type and mode.";
}
description
"Define frame delivery type and mode.";
}
description
"Grouping for unicast, mulitcast, broadcast frame delivery";
}
grouping cvlan-svc-map-grouping {
list cvlan-id-to-svc-map {
key "svc-id";
leaf svc-id {
type leafref {
path "/l2vpn-ntw/vpn-services/vpn-service/vpn-id";
}
description
"VPN Service identifier";
}
list cvlan-id {
key "vid";
leaf vid {
type uint32;
description
"CVLAN ID";
}
description
"List of CVLAN-ID to SVC Map configurations";
}
description
"List for cvlan-id to L2VPn Service map configurations";
}
description
"Grouping for cvlan to L2VPN service mapping";
}
grouping customer-location-info {
container locations {
list location {
key "location-id";
leaf location-id {
type string;
description
"Location ID";
}
leaf address {
type string;
description
"Address (number and street) of the site.";
}
leaf zip-code {
type string;
description
"ZIP code of the site.";
}
leaf state {
type string;
description
"State of the site. This leaf can also be used to
describe a region for country who does not have
states.";
}
leaf city {
type string;
description
"City of the site.";
}
leaf country-code {
type string;
description
"Country of the site.";
}
description
"List for location";
}
description
"Location of the site.";
}
description
"This grouping defines customer location parameters";
}
grouping site-diversity {
container site-diversity {
if-feature "site-diversity";
container groups {
list group {
key "group-id";
leaf group-id {
type string;
description
"Group-id the site is belonging to";
}
description
"List of group-id";
}
description
"Groups the site is belonging to.
All site network accesses will inherit those group
values.";
}
description
"Diversity constraint type.";
}
description
"This grouping defines site diversity parameters";
}
grouping site-service {
description
"This grouping defines site service parameters";
}
grouping vpn-service-multicast {
container multicast-like {
if-feature "multicast-like";
leaf enabled {
type boolean;
default "false";
description
"Enables multicast.";
}
container customer-tree-flavors {
leaf-list tree-flavor {
type identityref {
base multicast-tree-type;
}
description
"Type of tree to be used.";
}
description
"Type of trees used by customer.";
}
uses bum-frame-delivery;
leaf multicast-gp-port-mapping {
type identityref {
base mapping-type;
}
description
"Describe the way in which each interface is associated
with the Multicast group";
}
description
"Multicast global parameters for the VPN service.";
}
description
"Grouping for multicast VPN definition.";
}
grouping vpn-extranet {
container extranet-vpns {
if-feature "extranet-vpn";
list extranet-vpn {
key "vpn-id";
leaf vpn-id {
type svc-id;
description
"Identifies the target VPN.";
}
leaf local-sites-role {
type identityref {
base site-role;
}
default "any-to-any-role";
description
"This describes the role of the
local sites in the target VPN topology.";
}
description
"List of extranet VPNs the local VPN is attached to.";
}
description
"Container for extranet VPN configuration.";
}
description
"Grouping for extranet VPN configuration.
This provides an easy way to interconnect
all sites from two VPNs.";
}
grouping signaling-options-grouping {
list signaling-options {
key "type";
leaf type {
type identityref {
base vpn-signaling-type;
}
description
"VPN signaling types";
}
container l2vpn-bgp {
when "/l2vpn-ntw/vpn-services/vpn-service/vpn-nodes/vpn-node/signaling-options/type = 'l2vpn-ntw:l2vpn-bgp'" {
description
"Only applies when vpn signaling type is l2vpn
BGP protocol.";
}
leaf vpn-id {
type leafref {
path "/l2vpn-ntw/vpn-services/vpn-service/vpn-id";
}
description
"Identifies the target VPN";
}
leaf type {
type identityref {
base l2vpn-type;
}
description
"L2VPN types";
}
leaf pwe-encapsulation-type {
type identityref {
base pwe-encapsulation-type;
}
description
"PWE Encapsulation Type";
}
uses vpn-route-targets;
container pwe-mtu {
leaf allow-mtu-mismatch {
type boolean;
description
"Allow MTU mismatch";
}
description
"Container of PWE MTU configurations";
}
leaf address-family {
type identityref {
base address-family;
}
description
"Address family used for management.";
}
description
"Container for MP BGP L2VPN";
}
container evpn-bgp {
when "/l2vpn-ntw/vpn-services/vpn-service/vpn-nodes/vpn-node/signaling-options/type = 'l2vpn-ntw:evpn-bgp'" {
description
"Only applies when vpn signaling type is EVPN
BGP protocol.";
}
leaf vpn-id {
type leafref {
path "/l2vpn-ntw/vpn-services/vpn-service/vpn-id";
}
description
"Identifies the target EVPN";
}
leaf type {
type identityref {
base evpn-type;
}
description
"L2VPN types";
}
leaf address-family {
type identityref {
base address-family;
}
description
"Address family used for management.";
}
leaf mac-learning-mode {
type identityref {
base mac-learning-mode;
}
description
"Indicates through which plane MAC addresses are
advertised.";
}
leaf arp-suppress {
type boolean;
default "false";
description
"Indicates whether to suppress ARP broadcast.";
}
description
"Container for MP BGP L2VPN";
}
container t-ldp-pwe {
when "/l2vpn-ntw/vpn-services/vpn-service/vpn-nodes/vpn-node/signaling-options/type = 'l2vpn-ntw:t-ldp'" {
description
"Only applies when vpn signaling type is Target LDP.";
}
leaf type {
type identityref {
base t-ldp-pwe-type;
}
description
"T-LDP PWE type";
}
leaf pwe-encapsulation-type {
type identityref {
base pwe-encapsulation-type;
}
description
"PWE Encapsulation Type.";
}
leaf control-word {
type boolean;
description
"Control word configurations";
}
container pwe-mtu {
leaf allow-mtu-mismatch {
type boolean;
description
"Allow MTU mismatch";
}
description
"Container of PWE MTU configurations";
}
leaf provision-mode {
type identityref {
base provision-model;
}
description
"provision-models. It support Double-Sided Provisioning
model or single-side provisioning model.";
}
list ac-pw-list {
key "peer-addr vc-id";
leaf peer-addr {
type inet:ip-address;
description
"Peer IP address.";
}
leaf vc-id {
type string;
description
"VC lable used to identify PW.";
}
leaf pw-type {
type identityref {
base pw-topo-type;
}
description
"PW topology type";
}
leaf pw-priority {
type uint32;
description
"Defines the priority for the PW.
The higher the pw-priority value,
the higher the preference of the PW will be.";
}
description
"List of AC and PW bindings.";
}
container qinq {
when "/l2vpn-ntw/vpn-services/vpn-service/vpn-nodes/vpn-node/signaling-options/type = 'l2vpn-ntw:h-vpls'" {
description
"Only applies when t-ldp pwe type is h-vpls.";
}
leaf s-tag {
type uint32;
description
"S-TAG";
}
leaf c-tag {
type uint32;
description
"C-TAG";
}
description
"Container for QinQ";
}
description
"Container of T-LDP PWE configurations";
}
container l2tp-pwe {
when "/l2vpn-ntw/vpn-services/vpn-service/vpn-nodes/vpn-node/signaling-options/type = 'l2vpn-ntw:l2tp'" {
description
"Applies when vpn signaling type is L2TP protocol.";
}
leaf type {
type identityref {
base t-ldp-pwe-type;
}
description
"T-LDP PWE type";
}
leaf encapsulation-type {
type identityref {
base encapsulation-type;
}
description
"Encapsulation type";
}
leaf control-word {
type boolean;
description
"Control word configurations";
}
list ac-pw-list {
key "peer-addr vc-id";
leaf peer-addr {
type inet:ip-address;
description
"Peer IP address.";
}
leaf vc-id {
type string;
description
"VC lable used to identify PW.";
}
leaf pw-type {
type identityref {
base pw-topo-type;
}
description
"PW topology type";
}
leaf pw-priority {
type uint32;
description
"PW priority";
}
description
"List of AC and PW bindings.";
}
description
"Container for l2tp pw";
}
description
"List of VPN Signaling Option.";
}
description
"Grouping for signaling option";
}
grouping operational-requirements-ops {
leaf actual-site-start {
type yang:date-and-time;
config false;
description
"Optional leaf indicating actual date
and time when the service at a particular
site actually started";
}
leaf actual-site-stop {
type yang:date-and-time;
config false;
description
"Optional leaf indicating actual date
and time when the service at a particular
site actually stopped";
}
leaf bundling-type {
type identityref {
base bundling-type;
}
description
"Bundling type";
}
leaf default-ce-vlan-id {
type uint32;
description
"Default CE VLAN ID set at site level.";
}
description
"This grouping defines some operational parameters
parameters";
}
grouping cfm-802-grouping { grouping cfm-802-grouping {
leaf maid { leaf maid {
type string; type string;
description description
"MA ID"; "MA ID";
} }
leaf mep-id { leaf mep-id {
type uint32; type uint32;
description description
"Local MEP ID"; "Local MEP ID";
skipping to change at page 55, line 9 skipping to change at page 35, line 8
leaf ccm-interval { leaf ccm-interval {
type uint32; type uint32;
description description
"CCM interval"; "CCM interval";
} }
leaf ccm-holdtime { leaf ccm-holdtime {
type uint32; type uint32;
description description
"CCM hold time"; "CCM hold time";
} }
leaf alarm-priority-defect {
type identityref {
base fault-alarm-defect-type;
}
description
"The lowest priority defect that is
allowed to generate a Fault Alarm.
The non-existence of this leaf means
that no defects are to be reported";
}
leaf ccm-p-bits-pri { leaf ccm-p-bits-pri {
type ccm-priority-type; type vpn-common:ccm-priority-type;
description description
"The priority parameter for CCMs transmitted by the MEP"; "The priority parameter for CCMs transmitted by the MEP";
} }
description description
"Grouping for 802.1ag CFM attribute"; "Grouping for 802.1ag CFM attribute";
} }
grouping y-1731 { grouping y-1731 {
list y-1731 { list y-1731 {
key "maid"; key "maid";
skipping to change at page 57, line 25 skipping to change at page 37, line 14
description description
"Session type"; "Session type";
} }
description description
"List for y-1731."; "List for y-1731.";
} }
description description
"Grouping for y.1731"; "Grouping for y.1731";
} }
grouping enni-site-info-grouping { /* MAIN L2VPN SERVICE */
container site-info {
leaf site-name {
type string;
description
"Site name";
}
leaf address {
type inet:ip-address;
description
"Address";
}
leaf Edge-Gateway-Device-Info {
type string;
description
"Edge Gateway Device Info ";
}
description
"Container of site info configurations";
}
description
"Grouping for site information";
}
grouping acl-grouping {
container access-control-list {
list mac {
key "mac-address";
leaf mac-address {
type yang:mac-address;
description
"MAC address.";
}
description
"List for MAC.";
}
description
"Container for access control List.";
}
description
"This grouping defines Access Control List.";
}
grouping lacp-grouping {
container lacp {
leaf lacp-state {
type boolean;
description
"LACP on/off";
}
leaf lacp-mode {
type boolean;
description
"LACP mode";
}
leaf lacp-speed {
type boolean;
description
"LACP speed";
}
leaf mini-link {
type uint32;
description
"The minimum aggregate bandwidth for a LAG";
}
leaf system-priority {
type uint16;
description
"Indicates the LACP priority for the system.
The range is from 0 to 65535.
The default is 32768.";
}
container micro-bfd {
if-feature "micro-bfd";
leaf micro-bfd-on-off {
type enumeration {
enum on {
description
"Micro-bfd on";
}
enum off {
description
"Micro-bfd off";
}
}
description
"Micro BFD ON/OFF";
}
leaf bfd-interval {
type uint32;
description
"BFD interval";
}
leaf bfd-hold-timer {
type uint32;
description
"BFD hold timer";
}
description
"Container of Micro-BFD configurations";
}
container bfd {
if-feature "bfd";
leaf bfd-enabled {
type boolean;
description
"BFD activation";
}
choice holdtime {
case profile {
leaf profile-name {
type string;
description
"Service provider well known profile.";
}
description
"Service provider well known profile.";
}
case fixed {
leaf fixed-value {
type uint32;
units "msec";
description
"Expected hold time expressed in msec.";
}
}
description
"Choice for hold time flavor.";
}
description
"Container for BFD.";
}
container member-link-list {
list member-link {
key "name";
leaf name {
type string;
description
"Member link name";
}
leaf port-speed {
type uint32;
description
"Port speed";
}
leaf mode {
type neg-mode;
description
"Negotiation mode";
}
leaf link-mtu {
type uint32;
description
"Link MTU size.";
}
container oam-802.3ah-link {
if-feature "oam-3ah";
leaf enable {
type boolean;
description
"Indicate whether support oam 802.3 ah link";
}
description
"Container for oam 802.3 ah link.";
}
description
"Member link";
}
description
"Container of Member link list";
}
leaf flow-control {
type string;
description
"Flow control";
}
leaf lldp {
type boolean;
description
"LLDP";
}
description
"LACP";
}
description
"Grouping for lacp";
}
grouping phy-interface-grouping {
container phy-interface {
leaf port-number {
type uint32;
description
"Port number";
}
leaf port-speed {
type uint32;
description
"Port speed";
}
leaf mode {
type neg-mode;
description
"Negotiation mode";
}
leaf phy-mtu {
type uint32;
description
"PHY MTU";
}
leaf flow-control {
type string;
description
"Flow control";
}
leaf physical-if {
type string;
description
"Physical interface";
}
leaf circuit-id {
type string;
description
"Circuit ID";
}
leaf lldp {
type boolean;
description
"LLDP";
}
container oam-802.3ah-link {
if-feature "oam-3ah";
leaf enable {
type boolean;
description
"Indicate whether support oam 802.3 ah link";
}
description
"Container for oam 802.3 ah link.";
}
leaf uni-loop-prevention {
type boolean;
description
"If this leaf set to truth that the port automatically
goes down when a physical loopback is detect.";
}
description
"Container of PHY Interface Attributes configurations";
}
description
"Grouping for phy interface.";
}
grouping lag-interface-grouping { container l2vpn-ntw {
container lag-interface { container vpn-profiles {
if-feature "lag-interface"; uses vpn-common:vpn-profile-cfg;
list lag-interface {
key "lag-interface-number";
leaf lag-interface-number {
type uint32;
description
"LAG interface number";
}
uses lacp-grouping;
description
"List of LAG interfaces";
}
description description
"Container of LAG interface attributes configuration"; "Container for VPN Profiles.";
} }
description container vpn-services {
"Grouping for LAG interface"; list vpn-service {
} key "vpn-id";
uses vpn-common:service-status;
grouping dot1q-interface-grouping { uses vpn-common:vpn-description;
container dot1q-interface { leaf l2sm-vpn-id {
leaf l2-access-type { type vpn-common:vpn-id;
type identityref {
base l2-access-type;
}
description
"L2 Access Encapsulation Type";
}
container dot1q {
when "'../l2-access-type'='dot1q'";
if-feature "dot1q";
leaf physical-inf {
type string;
description
"Physical Interface";
}
leaf c-vlan-id {
type uint32;
description
"VLAN identifier";
}
description
"Qot1q";
}
container sub-inf {
when "'../l2-access-type'='sub-interface'";
if-feature "sub-inf";
leaf interface-description {
type string;
description
"Interface description";
}
leaf sub-if-id {
type uint32;
description
"Sub interface ID";
}
description
"sub interface";
}
container qinq {
when "'../l2-access-type'='qinq'";
if-feature "qinq";
leaf s-vlan-id {
type uint32;
description
"S-VLAN Identifier";
}
leaf c-vlan-id {
type uint32;
description
"C-VLAN Identifier";
}
description
"QinQ";
}
container qinany {
if-feature "qinany";
leaf s-vlan-id {
type uint32;
description
"S-Vlan ID";
}
description
"Container for Q in Any";
}
container atm {
when "'../l2-access-type'='atm'";
if-feature "atm";
leaf vpi {
type uint32;
description
"VPI Identifier";
}
leaf vci {
type uint32;
description
"VCI Identifier";
}
description
"ATM Cell.";
}
container vxlan {
when "'../l2-access-type'='vxlan'";
if-feature "vxlan";
leaf vni-id {
type uint32;
description description
"VNI Identifier"; "Pointer to the L2SM service.";
} }
leaf peer-mode { leaf vpn-svc-type {
type identityref { type identityref {
base vxlan-peer-mode; base vpn-common:vpn-signaling-type;
}
description
"specify the vxlan access mode";
}
list peer-list {
key "peer-ip";
leaf peer-ip {
type inet:ip-address;
description
"Peer IP";
}
description
"List for peer IP";
}
description
"QinQ";
}
description
"Container for dot1Q Interface";
}
description
"Grouping for Layer2 access";
}
grouping ethernet-connection-grouping {
container connection {
leaf port-id {
type string;
description
"Reference to the Port-id.
The semantic of the Port-Id depends on the vendor's
semantic. i.e ge-X/Y/Z , xe-X/Y/Z , et-X/Y/Z,AeXXX.YYY,
aeXXX,GigabitEthernetX/Y/Z";
}
leaf encapsulation-type {
type identityref {
base encapsulation-type;
}
description
"Encapsulation Type";
}
leaf-list eth-inf-type {
type identityref {
base eth-inf-type;
}
description
"Ethernet Interface Type";
}
uses dot1q-interface-grouping;
uses phy-interface-grouping;
uses lag-interface-grouping;
uses cvlan-svc-map-grouping;
uses split-horizon-group;
uses l2cp-grouping;
description
"Container for bearer";
}
description
"Grouping for bearer.";
}
grouping svc-mtu-grouping {
leaf svc-mtu {
type uint32;
description
"SVC MTU, it is also known as the maximum transmission unit
or maximum frame size,When a frame is larger than the MTU,
it is broken down, or fragmented, into smaller pieces by the
network protocol to accommodate the MTU of the network";
}
description
"Grouping for service mtu.";
}
grouping svc-preservation-grouping {
leaf ce-vlan-preservation {
type boolean;
description
"Preserve the CE-VLAN ID from ingress to egress,i.e.,
CE-VLAN tag of the egress frame are identical to
those of the ingress frame that yielded this egress
service frame. If All-to-One bundling within a site
is Enabled, then preservation applies to all Ingress
service frames. If All-to-One bundling is Disabled,
then preservation applies to tagged Ingress service
frames having CE-VLAN ID 1 through 4094.";
}
leaf ce-vlan-cos-perservation {
type boolean;
description
"CE vlan CoS preservation. PCP bits in the CE-VLAN tag
of the egress frame are identical to those of the ingress
frame that yielded this egress service frame.";
}
description
"Grouping for service preservation.";
}
grouping mac-addr-limit-grouping {
container mac-addr-limit {
leaf mac-num-limit {
type uint16;
description
"maximum number of MAC addresses learned from
the subscriber for a single service instance.";
}
leaf time-interval {
type uint32;
units "milliseconds";
description
"The aging time of the mac address.";
}
leaf action {
type identityref {
base mac-action;
}
description
"specify the action when the upper limit is
exceeded: drop the packet, flood the
packet, or simply send a warning log message.";
}
description
"Container of MAC-Addr limit configurations";
}
description
"Grouping for mac address limit";
}
grouping availability-grouping {
container availability {
leaf access-priority {
type uint32;
description
"Access priority";
}
choice redundancy-mode {
case single-active {
leaf single-active {
type boolean;
description
"Single active";
}
description
"Single active case";
}
case all-active {
leaf all-active {
type boolean;
description
"All active";
}
description
"All active case";
}
description
"Redundancy mode choice";
}
description
"Container of availability optional configurations";
}
description
"Grouping for availability";
}
grouping l2cp-grouping {
container l2cp-control {
if-feature "l2cp-control";
leaf stp-rstp-mstp {
type control-mode;
description
"STP/RSTP/MSTP protocol type applicable to all UNIs";
}
leaf pause {
type control-mode;
description
"Pause protocol type applicable to all UNIs";
}
leaf lacp-lamp {
type control-mode;
description
"LACP/LAMP ";
}
leaf link-oam {
type control-mode;
description
"Link OAM";
}
leaf esmc {
type control-mode;
description
"ESMC";
}
leaf l2cp-802.1x {
type control-mode;
description
"802.x";
}
leaf e-lmi {
type control-mode;
description
"E-LMI";
}
leaf lldp {
type boolean;
description
"LLDP protocol type applicable to all UNIs";
}
leaf ptp-peer-delay {
type control-mode;
description
"PTP peer delay";
}
leaf garp-mrp {
type control-mode;
description
"GARP/MRP";
}
description
"Container of L2CP control configurations";
}
description
"Grouping for l2cp control";
}
grouping B-U-M-grouping {
container broadcast-unknown-unicast-multicast {
leaf multicast-site-type {
type enumeration {
enum receiver-only {
description
"The site only has receivers.";
}
enum source-only {
description
"The site only has sources.";
}
enum source-receiver {
description
"The site has both sources and receivers.";
} }
}
default "source-receiver";
description
"Type of multicast site.";
}
list multicast-gp-address-mapping {
key "id";
leaf id {
type uint16;
description
"Unique identifier for the mapping.";
}
leaf vlan-id {
type uint32;
description
"the VLAN ID of the Multicast group";
}
leaf mac-gp-address {
type yang:mac-address;
description description
"the MAC address of the Multicast group"; "Service type";
}
leaf port-lag-number {
type uint32;
description
"the ports/LAGs belonging to the Multicast group";
} }
description leaf svc-topo {
"List of Port to group mappings.";
}
leaf bum-overall-rate {
type uint32;
description
"overall rate for BUM";
}
list bum-rate-per-type {
key "type";
leaf type {
type identityref { type identityref {
base bum-type; base vpn-common:vpn-topology;
} }
description description
"BUM type"; "Defining service topology, such as
} any-to-any, hub-spoke, etc.";
leaf rate {
type uint32;
description
"rate for BUM";
}
description
"List of rate per type";
}
description
"Container of broadcast, unknown unicast, and multicast
configurations";
}
description
"Grouping for broadcast, unknown unicast, and multicast ";
}
grouping mac-loop-prevention-grouping {
container mac-loop-prevention {
leaf frequency {
type uint32;
description
"Frequency";
}
leaf protection-type {
type identityref {
base loop-prevention-type;
}
description
"Protection type";
}
leaf number-retries {
type uint32;
description
"Number of retries";
}
description
"Container of MAC loop prevention.";
}
description
"Grouping for MAC loop prevention";
}
grouping ethernet-svc-oam-grouping {
container ethernet-service-oam {
leaf md-name {
type string;
description
"Maintenance domain name";
}
leaf md-level {
type uint8;
description
"Maintenance domain level";
}
container cfm-802.1-ag {
list n2-uni-c {
key "maid";
uses cfm-802-grouping;
description
"List of UNI-N to UNI-C";
}
list n2-uni-n {
key "maid";
uses cfm-802-grouping;
description
"List of UNI-N to UNI-N";
}
description
"Container of 802.1ag CFM configurations.";
}
uses y-1731;
description
"Container for Ethernet service OAM.";
}
description
"Grouping for Ethernet service OAM.";
}
grouping fate-sharing-group {
container groups {
leaf fate-sharing-group-size {
type uint16;
description
"Fate sharing group size.";
}
leaf group-color {
type string;
description
"Group color associated with a particular VPN.";
}
list group {
key "group-id";
leaf group-id {
type string;
description
"Group-id the site network access
is belonging to";
}
description
"List of group-id";
}
description
"Groups the fate sharing group member
is belonging to";
}
description
"Grouping for Fate sharing group.";
}
grouping site-group {
container groups {
list group {
key "group-id";
leaf group-id {
type string;
description
"Group-id the site is belonging to";
} }
description container multicast-like {
"List of group-id"; if-feature "vpn-common:multicast";
} leaf enabled {
description type boolean;
"Groups the site or vpn-network-access default "false";
is belonging to.";
}
description
"Grouping definition to assign
group-ids to site or vpn-network-access";
}
grouping access-diversity {
container access-diversity {
if-feature "site-diversity";
uses fate-sharing-group;
container constraints {
list constraint {
key "constraint-type";
leaf constraint-type {
type identityref {
base placement-diversity;
}
description description
"Diversity constraint type."; "Enables multicast.";
} }
container target { container customer-tree-flavors {
choice target-flavor { leaf-list tree-flavor {
case id { type identityref {
list group { base vpn-common:multicast-tree-type;
key "group-id";
leaf group-id {
type string;
description
"The constraint will apply
against this particular
group-id";
}
description
"List of groups";
}
}
case all-accesses {
leaf all-other-accesses {
type empty;
description
"The constraint will apply
against all other site network
access of this site";
}
}
case all-groups {
leaf all-other-groups {
type empty;
description
"The constraint will apply
against all other groups the
customer is managing";
}
} }
description description
"Choice for the group definition"; "Type of tree to be used.";
} }
description description
"The constraint will apply against "Type of trees used by customer.";
this list of groups";
} }
description description
"List of constraints"; "Multicast like container";
} }
description container extranet-vpns {
"Constraints for placing this site if-feature "vpn-common:extranet-vpn";
network access"; list extranet-vpn {
} key "vpn-id";
description leaf vpn-id {
"Diversity parameters."; type vpn-common:vpn-id;
}
description
"This grouping defines access diversity
parameters";
}
grouping request-type-profile-grouping {
container request-type-profile {
choice request-type-choice {
case dot1q-case {
container dot1q {
leaf physical-if {
type string;
description description
"Physical interface"; "Identifies the target VPN.";
} }
leaf vlan-id { leaf local-sites-role {
type uint16; type identityref {
base vpn-common:role;
}
default "vpn-common:any-to-any-role";
description description
"VLAN ID"; "This describes the role of the
local sites in the target VPN topology.";
} }
description description
"Container for dot1q."; "List of extranet VPNs the local VPN is attached to.";
} }
description description
"Case for dot1q"; "Container for extranet VPN configuration.";
} }
case physical-case { leaf svc-mtu {
leaf physical-if { type uint32;
type string;
description
"Physical interface";
}
leaf circuit-id {
type string;
description
"Circuit ID";
}
description description
"Physical case"; "SVC MTU, it is also known as the maximum transmission unit
} or maximum frame size,When a frame is larger than the MTU,
description it is broken down, or fragmented, into smaller pieces by the
"Choice for request type"; network protocol to accommodate the MTU of the network";
}
description
"Container for request type profile.";
}
description
"Grouping for request type profile";
}
grouping site-attachment-bearer {
container bearer {
container requested-type {
if-feature "requested-type";
leaf requested-type {
type string;
description
"Type of requested bearer Ethernet, ATM, Frame
Relay, IP Layer 2 Transport, Frame Relay DLCI,
SONET/SDH,PPP.";
} }
leaf strict { leaf ce-vlan-preservation {
type boolean; type boolean;
default "false";
description description
"Define if the requested-type is a preference "Preserve the CE-VLAN ID from ingress to egress,i.e.,
or a strict requirement."; CE-VLAN tag of the egress frame are identical to
} those of the ingress frame that yielded this egress
description service frame. If All-to-One bundling within a site
"Container for requested type."; is Enabled, then preservation applies to all Ingress
} service frames. If All-to-One bundling is Disabled,
leaf always-on { then preservation applies to tagged Ingress service
if-feature "always-on"; frames having CE-VLAN ID 1 through 4094.";
type boolean;
default "true";
description
"Request for an always on access type.
This means no Dial access type for
example.";
}
leaf bearer-reference {
if-feature "bearer-reference";
type string;
description
"This is an internal reference for the
service provider.";
}
description
"Bearer specific parameters.
To be augmented.";
}
description
"Grouping to define physical properties of
a site attachment.";
}
grouping vpn-attachment-grouping {
container vpn-attachment {
leaf device-id {
type string;
description
"Device ID";
}
container management {
leaf address-family {
type identityref {
base address-family;
}
description
"Address family used for management.";
} }
leaf address { leaf ce-vlan-cos-perservation {
type inet:ip-address; type boolean;
description description
"Management address"; "CE vlan CoS preservation. PCP bits in the CE-VLAN tag
of the egress frame are identical to those of the ingress
frame that yielded this egress service frame.";
} }
description uses vpn-common:svc-transport-encapsulation;
"Management configuration.."; container vpn-nodes {
} list vpn-node {
choice attachment-flavor { key "vpn-node-id ne-id";
case vpn-flavor { leaf vpn-node-id {
list vpn-flavor { type vpn-common:vpn-id;
key "vpn-id";
leaf vpn-id {
type leafref {
path "/l2vpn-ntw/vpn-services"
+ "/vpn-service/vpn-id";
}
description description
"Reference to a VPN."; "";
} }
leaf site-role { leaf description {
type string;
description
"Textual description of a VPN node.";
}
leaf node-role {
type identityref { type identityref {
base site-role; base vpn-common:role;
} }
default "any-to-any-role"; default "vpn-common:any-to-any-role";
description description
"Role of the site in the IPVPN."; "Role of the vpn-node in the IP VPN.";
} }
description leaf ne-id {
"List of IPVPNs attached by the Site Network Access"; type string;
} description
} "NE IP address";
case vpn-policy-id {
leaf vpn-policy-id {
type leafref {
path "/l2vpn-ntw/sites/site/vpn-policies/vpn-policy/"+
"vpn-policy-id";
} }
description leaf port-id {
"Reference to a vpn policy"; type string;
} description
} "NE Port-id";
mandatory true; }
description uses vpn-common:service-status;
"Choice for VPN attachment flavor."; list signaling-options {
} key "type";
description leaf type {
"Defines VPN attachment of a site."; type identityref {
} base vpn-common:vpn-signaling-type;
description }
"Grouping for access attachment"; description
} "VPN signaling types";
}
grouping site-service-basic { container l2vpn-bgp {
container svc-input-bandwidth { when "/l2vpn-ntw/vpn-services/vpn-service/vpn-nodes/vpn-node/signaling-options/type = 'vpn-common:l2vpn-bgp'" {
if-feature "input-bw";
list input-bandwidth {
key "type";
leaf type {
type identityref {
base bw-type;
}
description
"Bandwidth Type";
}
leaf cos-id {
type uint8;
description
"Identifier of Class of Service
, indicated by DSCP or a CE-CLAN
CoS(802.1p)value in the service frame.";
}
leaf vpn-id {
type svc-id;
description
"Identifies the target VPN.";
}
leaf cir {
type uint64;
description
"Committed Information Rate. The maximum number of
bits that a port can receive or send during
one-second over an interface.";
}
leaf cbs {
type uint64;
description
"Committed Burst Size.CBS controls the bursty nature
of the traffic. Traffic that does not use the
configured CIR accumulates credits until the credits
reach the configured CBS.";
}
leaf eir {
type uint64;
description
"Excess Information Rate,i.e.,Excess frame delivery
allowed not subject to SLA.The traffic rate can be
limited by eir.";
}
leaf ebs {
type uint64;
description
"Excess Burst Size. The bandwidth available for burst
traffic from the EBS is subject to the amount of
bandwidth that is accumulated during periods when
traffic allocated by the EIR policy is not used.";
}
leaf pir {
type uint64;
description
"Peak Information Rate, i.e., maixmum frame delivery
allowed. It is equal to or less than sum of cir and
eir.";
}
leaf pbs {
type uint64;
description
"Peak Burst Size. It is measured in bytes per second.";
}
description
"List for input bandwidth";
}
description
"From the PE perspective, the service input
bandwidth of the connection.";
}
container svc-output-bandwidth {
if-feature "output-bw";
list output-bandwidth {
key "type";
leaf type {
type identityref {
base bw-type;
}
description
"Bandwidth Type";
}
leaf cos-id {
type uint8;
description
"Identifier of Class of Service
, indicated by DSCP or a CE-CLAN
CoS(802.1p)value in the service frame.";
}
leaf vpn-id {
type svc-id;
description
"Identifies the target VPN.";
}
leaf cir {
type uint64;
description
"Committed Information Rate. The maximum number of
bits that a port can receive or send during
one-second over an interface.";
}
leaf cbs {
type uint64;
description
"Committed Burst Size.CBS controls the bursty nature
of the traffic. Traffic that does not use the
configured CIR accumulates credits until the credits
reach the configured CBS.";
}
leaf eir {
type uint64;
description
"Excess Information Rate,i.e.,Excess frame delivery
allowed not subject to SLA.The traffic rate can be
limited by eir.";
}
leaf ebs {
type uint64;
description
"Excess Burst Size. The bandwidth available for burst
traffic from the EBS is subject to the amount of
bandwidth that is accumulated during periods when
traffic allocated by the EIR policy is not used.";
}
leaf pir {
type uint64;
description
"Peak Information Rate, i.e., maixmum frame delivery
allowed. It is equal to or less than sum of cir and
eir.";
}
leaf pbs {
type uint64;
description
"Peak Burst Size. It is measured in bytes per second.";
}
description
"List for output bandwidth";
}
description
"From the PE perspective, the service output
bandwidth of the connection.";
}
description
"Grouping for site service";
}
grouping flow-definition {
container match-flow {
leaf dscp {
type inet:dscp;
description
"DSCP value.";
}
leaf dot1q {
type uint32;
description
"802.1q matching. It is VLAN Tag added into frame.";
}
leaf pcp {
type uint8 {
range "0 .. 7";
}
description
"PCP value";
}
uses pf:acl-eth-header-fields;
leaf color-type {
type identityref {
base color-type;
}
description
"Color Types";
}
leaf-list target-sites {
type svc-id;
description
"Identify a site as traffic destination.";
}
leaf any {
type empty;
description
"Allow all.";
}
leaf vpn-id {
type svc-id;
description
"Reference to the target VPN.";
}
description
"Describe flow matching criteria.";
}
description
"Flow definition based on criteria.";
}
grouping services-grouping {
container service {
uses site-service-qos-profile;
description
"Container for service";
}
description
"Grouping for Services";
}
grouping service-grouping {
container service {
uses site-service-basic;
uses site-service-qos-profile;
uses svc-precedence;
description
"Container for service";
}
description
"Grouping for service.";
}
grouping site-service-qos-profile {
container qos {
if-feature "qos";
container classification-policy {
list rule {
key "id";
ordered-by user;
leaf id {
type string;
description
"A description identifying qos classification
policy rule.";
}
choice match-type {
default "match-flow";
case match-flow {
container match-flow {
leaf dscp {
type inet:dscp;
description description
"DSCP value."; "Only applies when vpn signaling type is l2vpn
BGP protocol.";
} }
leaf dot1q { leaf pwe-encapsulation-type {
type uint16; type identityref {
base vpn-common:encapsulation-type;
}
description description
"802.1q matching. It is VLAN Tag added into "PWE Encapsulation Type";
frame.";
} }
leaf pcp { uses vpn-common:vpn-route-targets;
type uint8 { container pwe-mtu {
range "0 .. 7"; leaf allow-mtu-mismatch {
type boolean;
description
"Allow MTU mismatch";
} }
description description
"PCP value."; "Container of PWE MTU configurations";
} }
uses pf:acl-eth-header-fields; leaf address-family {
leaf color-type { type vpn-common:address-family;
description
"Address family used for router-id information.";
}
description
"Container for MP BGP L2VPN";
}
container evpn-bgp {
when "/l2vpn-ntw/vpn-services/vpn-service/vpn-nodes/vpn-node/signaling-options/type = 'vpn-common:evpn-bgp'" {
description
"Only applies when vpn signaling type is EVPN
BGP protocol.";
}
leaf vpn-id {
type leafref {
path "/l2vpn-ntw/vpn-services/vpn-service/vpn-id";
}
description
"Identifies the target EVPN";
}
leaf type {
type identityref { type identityref {
base color-type; base evpn-type;
} }
description description
"Color Types."; "L2VPN types";
} }
leaf-list target-sites { leaf address-family {
if-feature "target-sites"; type vpn-common:address-family;
type svc-id;
description description
"Identify a site as traffic destination."; "Address family used for router-id information.";
} }
leaf any { leaf mac-learning-mode {
type empty; type identityref {
base mac-learning-mode;
}
description description
"Allow all."; "Indicates through which plane MAC addresses are
advertised.";
} }
leaf vpn-id { leaf arp-suppress {
type svc-id; type boolean;
default "false";
description description
"Reference to the target VPN."; "Indicates whether to suppress ARP broadcast.";
} }
description description
"Describe flow matching criteria."; "Container for MP BGP L2VPN";
} }
} container t-ldp-pwe {
case match-application { when "/l2vpn-ntw/vpn-services/vpn-service/vpn-nodes/vpn-node/signaling-options/type = 'vpn-common:t-ldp'" {
leaf match-application { description
type identityref { "Only applies when vpn signaling type is Target LDP.";
base customer-application; }
leaf type {
type identityref {
base t-ldp-pwe-type;
}
description
"T-LDP PWE type";
}
leaf pwe-encapsulation-type {
type identityref {
base vpn-common:encapsulation-type;
}
description
"PWE Encapsulation Type.";
}
leaf pwe-mtu {
type uint16;
description
"Allow MTU mismatch";
}
list ac-pw-list {
key "peer-addr vc-id";
leaf peer-addr {
type inet:ip-address;
description
"Peer IP address.";
}
leaf vc-id {
type vpn-common:vpn-id;
description
"VC lable used to identify PW.";
}
leaf pw-type {
type identityref {
base vpn-common:vpn-topology;
}
description
"PW topology type";
}
leaf pw-priority {
type uint32;
description
"Defines the priority for the PW.
The higher the pw-priority value,
the higher the preference of the PW will be.";
}
description
"List of AC and PW bindings.";
}
container qinq {
when "/l2vpn-ntw/vpn-services/vpn-service/vpn-nodes/vpn-node/signaling-options/type = 'vpn-common:h-vpls'" {
description
"Only applies when t-ldp pwe type is h-vpls.";
}
leaf s-tag {
type uint32;
description
"S-TAG";
}
leaf c-tag {
type uint32;
description
"C-TAG";
}
description
"Container for QinQ";
} }
description description
"Defines the application to match."; "Container of T-LDP PWE configurations";
} }
} container l2tp-pwe {
description when "/l2vpn-ntw/vpn-services/vpn-service/vpn-nodes/vpn-node/signaling-options/type = 'vpn-common:l2tp'" {
"Choice for classification"; description
} "Applies when vpn signaling type is L2TP protocol.";
leaf target-class-id { }
type string; leaf type {
description type identityref {
"Identification of the class of service. base t-ldp-pwe-type;
This identifier is internal to the }
administration."; description
} "T-LDP PWE type";
description }
"List of marking rules."; leaf encapsulation-type {
} type identityref {
description base vpn-common:encapsulation-type;
"Configuration of the traffic classification policy."; }
} description
container qos-profile { "Encapsulation type";
leaf profile { }
type leafref { list ac-pw-list {
path "/l2vpn-ntw/vpn-profiles/" key "peer-addr vc-id";
+ "valid-provider-identifiers" leaf peer-addr {
+ "/qos-profile-identifier"; type inet:ip-address;
} description
description "Peer IP address.";
"QoS profile configuration."; }
} leaf vc-id {
description type string;
"QoS profile configuration."; description
} "VC lable used to identify PW.";
description }
"QoS configuration."; leaf pw-priority {
} type uint32;
description description
"This grouping defines QoS parameters "PW priority";
for a site"; }
} description
"List of AC and PW bindings.";
/* MAIN L2VPN SERVICE */ }
description
container l2vpn-ntw { "Container for l2tp pw";
container vpn-profiles {
container valid-provider-identifiers {
leaf-list cloud-identifier {
if-feature "cloud-access";
type string;
description
"Identification of public cloud service
or internet service. Local administration
meaning.";
}
leaf-list qos-profile-identifier {
type string;
description
"Identification of the QoS Profile to be used.
Local administration meaning.";
}
leaf-list bfd-profile-identifier {
type string;
description
"Identification of the SP BFD Profile to be used.
Local administration meaning.";
}
leaf-list remote-carrier-identifier {
type string;
description
"Identification of the remote carrier name to be used.
It can be L2VPN partner, Data center service provider
or private cloud service provider. Local administration
meaning.";
}
nacm:default-deny-write;
description
"Container for Valid Provider Identifies.";
}
description
"Container for VPN Profiles.";
}
container vpn-services {
list vpn-service {
key "vpn-id";
leaf vpn-id {
type svc-id;
description
"Refers to unique identifier for the L2NM.";
}
leaf l2sm-vpn-id {
type svc-id;
description
"Pointer to the L2SM service.";
}
leaf vpn-svc-type {
type identityref {
base service-type;
}
description
"Service type";
}
leaf customer-name {
type string;
description
"Customer name";
}
leaf svc-topo {
type identityref {
base vpn-topology;
}
description
"Defining service topology, such as
any-to-any,hub-spoke, etc.";
}
uses l3vpn-ntw:service-status;
uses site-service;
uses vpn-service-multicast;
uses vpn-extranet;
uses svc-mtu-grouping;
uses svc-preservation-grouping;
uses l3vpn-ntw:svc-transport-encapsulation;
container vpn-nodes {
list vpn-node {
key "vpn-node-id ne-id";
leaf vpn-node-id {
type string;
description
"";
}
leaf description {
type string;
description
"Textual description of a VPN node.";
}
leaf node-role {
type identityref {
base site-role;
} }
default "any-to-any-role";
description description
"Role of the vpn-node in the IP VPN."; "List of VPN Signaling Option.";
}
leaf ne-id {
type string;
description
"NE IP address";
}
leaf port-id {
type string;
description
"NE Port-id";
} }
uses signaling-options-grouping;
container vpn-network-accesses { container vpn-network-accesses {
list vpn-network-access { list vpn-network-access {
key "network-access-id"; key "id";
leaf network-access-id { leaf id {
type string; type vpn-common:vpn-id;
description description
"Identifier of network access"; "Identifier of network access";
} }
leaf description { leaf description {
type string; type string;
description description
"String to describe the element."; "String to describe the element.";
} }
leaf remote-carrier-name {
when "'../site-type' = 'enni'" {
description
"Site type = enni";
}
type string;
description
"Remote carrier name";
}
leaf Interface-mtu { leaf Interface-mtu {
type uint32; type uint32;
description description
"Interface MTU, it is also known as the maximum "Interface MTU, it is also known as the maximum
transmission unit or maximum frame size. When a transmission unit or maximum frame size. When a
frame is larger than the MTU, it is broken down, frame is larger than the MTU, it is broken down,
or fragmented, into smaller pieces by the or fragmented, into smaller pieces by the
network protocol to accommodate the MTU of the network protocol to accommodate the MTU of the
network"; network";
} }
uses l3vpn-ntw:service-status; uses vpn-common:service-status;
uses access-diversity; container access-diversity {
uses ethernet-connection-grouping; if-feature "vpn-common:placement-diversity";
uses availability-grouping; container groups {
uses service-grouping; leaf fate-sharing-group-size {
uses B-U-M-grouping; type uint16;
uses ethernet-svc-oam-grouping; description
uses mac-loop-prevention-grouping; "Fate sharing group size.";
uses acl-grouping; }
uses mac-addr-limit-grouping; leaf group-color {
type string;
description
"Group color associated with a particular VPN.";
}
list group {
key "group-id";
leaf group-id {
type string;
description
"Group-id the site network access
is belonging to";
}
description
"List of group-id";
}
description
"Groups the fate sharing group member
is belonging to";
}
container constraints {
list constraint {
key "constraint-type";
leaf constraint-type {
type identityref {
base vpn-common:placement-diversity;
}
description
"Diversity constraint type.";
}
container target {
choice target-flavor {
case id {
list group {
key "group-id";
leaf group-id {
type string;
description
"The constraint will apply
against this particular
group-id";
}
description
"List of groups";
}
}
case all-accesses {
leaf all-other-accesses {
type empty;
description
"The constraint will apply
against all other site network
access of this site";
}
}
case all-groups {
leaf all-other-groups {
type empty;
description
"The constraint will apply
against all other groups the
customer is managing";
}
}
description
"Choice for the group definition";
}
description
"The constraint will apply against
this list of groups";
}
description
"List of constraints";
}
description
"Constraints for placing this site
network access";
}
description
"Diversity parameters.";
}
container connection {
leaf encapsulation-type {
type identityref {
base vpn-common:encapsulation-type;
}
description
"Encapsulation Type";
}
leaf-list eth-inf-type {
type identityref {
base vpn-common:encapsulation-type;
}
description
"Ethernet Interface Type";
}
container dot1q-interface {
leaf l2-access-type {
type identityref {
base vpn-common:encapsulation-type;
}
description
"L2 Access Encapsulation Type";
}
container dot1q {
when "../l2-access-type='vpn-common:dot1q'";
if-feature "vpn-common:dot1q";
leaf physical-inf {
type string;
description
"Physical Interface";
}
leaf c-vlan-id {
type uint32;
description
"VLAN identifier";
}
description
"Qot1q";
}
container qinq {
when "../l2-access-type='vpn-common:qinq'";
if-feature "vpn-common:qinq";
leaf s-vlan-id {
type uint32;
description
"S-VLAN Identifier";
}
leaf c-vlan-id {
type uint32;
description
"C-VLAN Identifier";
}
description
"QinQ";
}
container qinany {
if-feature "vpn-common:qinany";
leaf s-vlan-id {
type uint32;
description
"S-Vlan ID";
}
description
"Container for Q in Any";
}
container vxlan {
when "../l2-access-type='vpn-common:vxlan'";
if-feature "vxlan";
leaf vni-id {
type uint32;
description
"VNI Identifier";
}
leaf peer-mode {
type identityref {
base vpn-common:vxlan-peer-mode;
}
description
"specify the vxlan access mode";
}
list peer-list {
key "peer-ip";
leaf peer-ip {
type inet:ip-address;
description
"Peer IP";
}
description
"List for peer IP";
}
description
"QinQ";
}
description
"Container for dot1Q Interface";
}
container phy-interface {
leaf port-number {
type uint32;
description
"Port number";
}
leaf port-speed {
type uint32;
description
"Port speed";
}
leaf mode {
type vpn-common:neg-mode;
description
"Negotiation mode";
}
leaf phy-mtu {
type uint32;
description
"PHY MTU";
}
leaf flow-control {
type string;
description
"Flow control";
}
container oam-802.3ah-link {
if-feature "oam-3ah";
leaf enable {
type boolean;
description
"Indicate whether support oam 802.3 ah link";
}
description
"Container for oam 802.3 ah link.";
}
leaf uni-loop-prevention {
type boolean;
description
"If this leaf set to truth that the port automatically
goes down when a physical loopback is detect.";
}
description
"Container of PHY Interface Attributes configurations";
}
container lag-interface {
if-feature "vpn-common:lag-interface";
list lag-interface {
key "lag-interface-number";
leaf lag-interface-number {
type uint32;
description
"LAG interface number";
}
container lacp {
leaf lacp-state {
type boolean;
description
"LACP on/off";
}
leaf lacp-mode {
type boolean;
description
"LACP mode";
}
leaf lacp-speed {
type boolean;
description
"LACP speed";
}
leaf mini-link {
type uint32;
description
"The minimum aggregate bandwidth for a LAG";
}
leaf system-priority {
type uint16;
description
"Indicates the LACP priority for the system.
The range is from 0 to 65535.
The default is 32768.";
}
container member-link-list {
list member-link {
key "name";
leaf name {
type string;
description
"Member link name";
}
leaf port-speed {
type uint32;
description
"Port speed";
}
leaf mode {
type vpn-common:neg-mode;
description
"Negotiation mode";
}
leaf link-mtu {
type uint32;
description
"Link MTU size.";
}
container oam-802.3ah-link {
if-feature "oam-3ah";
leaf enable {
type boolean;
description
"Indicate whether support oam 802.3 ah link";
}
description
"Container for oam 802.3 ah link.";
}
description
"Member link";
}
description
"Container of Member link list";
}
leaf flow-control {
type string;
description
"Flow control";
}
leaf lldp {
type boolean;
description
"LLDP";
}
description
"LACP";
}
description
"List of LAG interfaces";
}
description
"Container of LAG interface attributes configuration";
}
list cvlan-id-to-svc-map {
key "svc-id";
leaf svc-id {
type leafref {
path "/l2vpn-ntw/vpn-services/vpn-service/vpn-id";
}
description
"VPN Service identifier";
}
list cvlan-id {
key "vid";
leaf vid {
type uint32;
description
"CVLAN ID";
}
description
"List of CVLAN-ID to SVC Map configurations";
}
description
"List for cvlan-id to L2VPn Service map configurations";
}
container split-horizon {
leaf group-name {
type string;
description
"group-name of the Split Horizon";
}
description
"Configuration with split horizon enabled";
}
description
"Container for bearer";
}
container availability {
leaf access-priority {
type uint32;
description
"Access priority";
}
choice redundancy-mode {
case single-active {
leaf single-active {
type boolean;
description
"Single active";
}
description
"Single active case";
}
case all-active {
leaf all-active {
type boolean;
description
"All active";
}
description
"All active case";
}
description
"Redundancy mode choice";
}
description
"Container of availability optional configurations";
}
container service {
container svc-input-bandwidth {
if-feature "vpn-common:input-bw";
list input-bandwidth {
key "type";
leaf type {
type identityref {
base vpn-common:bw-type;
}
description
"Bandwidth Type";
}
leaf cos-id {
type uint8;
description
"Identifier of Class of Service
, indicated by DSCP or a CE-CLAN
CoS(802.1p)value in the service frame.";
}
leaf cir {
type uint64;
description
"Committed Information Rate. The maximum number of
bits that a port can receive or send during
one-second over an interface.";
}
leaf cbs {
type uint64;
description
"Committed Burst Size.CBS controls the bursty nature
of the traffic. Traffic that does not use the
configured CIR accumulates credits until the credits
reach the configured CBS.";
}
leaf eir {
type uint64;
description
"Excess Information Rate,i.e.,Excess frame delivery
allowed not subject to SLA.The traffic rate can be
limited by eir.";
}
leaf ebs {
type uint64;
description
"Excess Burst Size. The bandwidth available for burst
traffic from the EBS is subject to the amount of
bandwidth that is accumulated during periods when
traffic allocated by the EIR policy is not used.";
}
leaf pir {
type uint64;
description
"Peak Information Rate, i.e., maixmum frame delivery
allowed. It is equal to or less than sum of cir and
eir.";
}
leaf pbs {
type uint64;
description
"Peak Burst Size. It is measured in bytes per second.";
}
description
"List for input bandwidth";
}
description
"From the PE perspective, the service input
bandwidth of the connection.";
}
container svc-output-bandwidth {
if-feature "output-bw";
list output-bandwidth {
key "type";
leaf type {
type identityref {
base vpn-common:bw-type;
}
description
"Bandwidth Type";
}
leaf cos-id {
type uint8;
description
"Identifier of Class of Service
, indicated by DSCP or a CE-CLAN
CoS(802.1p)value in the service frame.";
}
leaf cir {
type uint64;
description
"Committed Information Rate. The maximum number of
bits that a port can receive or send during
one-second over an interface.";
}
leaf cbs {
type uint64;
description
"Committed Burst Size.CBS controls the bursty nature
of the traffic. Traffic that does not use the
configured CIR accumulates credits until the credits
reach the configured CBS.";
}
leaf eir {
type uint64;
description
"Excess Information Rate,i.e.,Excess frame delivery
allowed not subject to SLA.The traffic rate can be
limited by eir.";
}
leaf ebs {
type uint64;
description
"Excess Burst Size. The bandwidth available for burst
traffic from the EBS is subject to the amount of
bandwidth that is accumulated during periods when
traffic allocated by the EIR policy is not used.";
}
leaf pir {
type uint64;
description
"Peak Information Rate, i.e., maixmum frame delivery
allowed. It is equal to or less than sum of cir and
eir.";
}
leaf pbs {
type uint64;
description
"Peak Burst Size. It is measured in bytes per second.";
}
description
"List for output bandwidth";
}
description
"From the PE perspective, the service output
bandwidth of the connection.";
}
container qos {
if-feature "vpn-common:qos";
container qos-classification-policy {
uses vpn-common:qos-classification-policy;
description
"Configuration of the traffic classification
policy.";
}
container qos-profile {
list qos-profile {
key "profile";
description
"QoS profile.
Can be standard profile or customized
profile.";
leaf profile {
type leafref {
path "/l2vpn-ntw/vpn-profiles"
+ "/valid-provider-identifiers"
+ "/qos-profile-identifier/id";
}
description
"QoS profile to be used.";
}
leaf direction {
type identityref {
base vpn-common:qos-profile-direction;
}
default "vpn-common:both";
description
"The direction to which the QoS profile
is applied.";
}
}
description
"QoS profile configuration.";
}
description
"QoS configuration.";
}
container precedence {
leaf precedence {
type identityref {
base precedence-type;
}
description
"Defining service redundancy in transport
network.";
}
description
"Transport netowrk precedence selector
Primary or Secondary tunnel.";
}
description
"Container for service";
}
container broadcast-unknown-unicast-multicast {
leaf multicast-site-type {
type enumeration {
enum receiver-only {
description
"The site only has receivers.";
}
enum source-only {
description
"The site only has sources.";
}
enum source-receiver {
description
"The site has both sources and receivers.";
}
}
default "source-receiver";
description
"Type of multicast site.";
}
list multicast-gp-address-mapping {
key "id";
leaf id {
type uint16;
description
"Unique identifier for the mapping.";
}
leaf vlan-id {
type uint32;
description
"The VLAN ID of the Multicast group.";
}
leaf mac-gp-address {
type yang:mac-address;
description
"The MAC address of the Multicast group.";
}
leaf port-lag-number {
type uint32;
description
"The ports/LAGs belonging to the Multicast group.";
}
description
"List of Port to group mappings.";
}
leaf bum-overall-rate {
type uint32;
description
"overall rate for BUM";
}
description
"Container of broadcast, unknown unicast, and multicast
configurations";
}
container ethernet-service-oam {
leaf md-name {
type string;
description
"Maintenance domain name";
}
leaf md-level {
type uint8;
description
"Maintenance domain level";
}
container cfm-802.1-ag {
list n2-uni-c {
key "maid";
uses cfm-802-grouping;
description
"List of UNI-N to UNI-C";
}
list n2-uni-n {
key "maid";
uses cfm-802-grouping;
description
"List of UNI-N to UNI-N";
}
description
"Container of 802.1ag CFM configurations.";
}
uses y-1731;
description
"Container for Ethernet service OAM.";
}
container mac-loop-prevention {
leaf frequency {
type uint32;
description
"Frequency";
}
leaf protection-type {
type identityref {
base loop-prevention-type;
}
description
"Protection type";
}
leaf number-retries {
type uint32;
description
"Number of retries";
}
description
"Container of MAC loop prevention.";
}
container access-control-list {
list mac {
key "mac-address";
leaf mac-address {
type yang:mac-address;
description
"MAC address.";
}
description
"List for MAC.";
}
description
"Container for access control List.";
}
container mac-addr-limit {
leaf mac-num-limit {
type uint16;
description
"maximum number of MAC addresses learned from
the subscriber for a single service instance.";
}
leaf time-interval {
type uint32;
units "milliseconds";
description
"The aging time of the mac address.";
}
leaf action {
type identityref {
base mac-action;
}
description
"specify the action when the upper limit is
exceeded: drop the packet, flood the
packet, or simply send a warning log message.";
}
description
"Container of MAC-Addr limit configurations";
}
description description
"List of VPN Network Accesses."; "List of VPN Network Accesses.";
} }
description description
"List of VPN Nodes."; "List of VPN Nodes.";
} }
description description
"Container of VPN Nodes."; "Container of VPN Nodes.";
} }
description description
skipping to change at page 89, line 7 skipping to change at page 60, line 22
description description
"Container of port configurations"; "Container of port configurations";
} }
description description
"Container for L2VPN service"; "Container for L2VPN service";
} }
description description
"Container for VPN services."; "Container for VPN services.";
} }
} }
<CODE ENDS> <CODE ENDS>
Figure 6 Figure 11
6. Acknowledgements 6. Acknowledgements
The authors would like to thank Tom Petch for the comments to improve The authors would like to thank Tom Petch for the comments to improve
the document. the document.
7. Contributors 7. Contributors
Daniel King Daniel King
Old Dog Consulting Old Dog Consulting
skipping to change at page 91, line 9 skipping to change at page 62, line 27
o customer-name: An attacker can retrieve privacy-related o customer-name: An attacker can retrieve privacy-related
information which can be used to track a customer. Disclosing information which can be used to track a customer. Disclosing
such information may be considered as a violation of the customer- such information may be considered as a violation of the customer-
provider trust relationship. provider trust relationship.
10. References 10. References
10.1. Normative References 10.1. Normative References
[I-D.ietf-opsawg-vpn-common]
barguil, s., Dios, O., Boucadair, M., and Q. WU, "A Layer
2/3 VPN Common YANG Model", draft-ietf-opsawg-vpn-
common-02 (work in progress), October 2020.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
DOI 10.17487/RFC3688, January 2004, DOI 10.17487/RFC3688, January 2004,
<https://www.rfc-editor.org/info/rfc3688>. <https://www.rfc-editor.org/info/rfc3688>.
[RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for
skipping to change at page 92, line 10 skipping to change at page 63, line 36
[RFC8214] Boutros, S., Sajassi, A., Salam, S., Drake, J., and J. [RFC8214] Boutros, S., Sajassi, A., Salam, S., Drake, J., and J.
Rabadan, "Virtual Private Wire Service Support in Ethernet Rabadan, "Virtual Private Wire Service Support in Ethernet
VPN", RFC 8214, DOI 10.17487/RFC8214, August 2017, VPN", RFC 8214, DOI 10.17487/RFC8214, August 2017,
<https://www.rfc-editor.org/info/rfc8214>. <https://www.rfc-editor.org/info/rfc8214>.
[RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration
Access Control Model", STD 91, RFC 8341, Access Control Model", STD 91, RFC 8341,
DOI 10.17487/RFC8341, March 2018, DOI 10.17487/RFC8341, March 2018,
<https://www.rfc-editor.org/info/rfc8341>. <https://www.rfc-editor.org/info/rfc8341>.
[RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K.,
and R. Wilton, "Network Management Datastore Architecture
(NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018,
<https://www.rfc-editor.org/info/rfc8342>.
[RFC8466] Wen, B., Fioccola, G., Ed., Xie, C., and L. Jalil, "A YANG [RFC8466] Wen, B., Fioccola, G., Ed., Xie, C., and L. Jalil, "A YANG
Data Model for Layer 2 Virtual Private Network (L2VPN) Data Model for Layer 2 Virtual Private Network (L2VPN)
Service Delivery", RFC 8466, DOI 10.17487/RFC8466, October Service Delivery", RFC 8466, DOI 10.17487/RFC8466, October
2018, <https://www.rfc-editor.org/info/rfc8466>. 2018, <https://www.rfc-editor.org/info/rfc8466>.
10.2. Informative References 10.2. Informative References
[RFC3644] Snir, Y., Ramberg, Y., Strassner, J., Cohen, R., and B.
Moore, "Policy Quality of Service (QoS) Information
Model", RFC 3644, DOI 10.17487/RFC3644, November 2003,
<https://www.rfc-editor.org/info/rfc3644>.
[RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection
(BFD)", RFC 5880, DOI 10.17487/RFC5880, June 2010,
<https://www.rfc-editor.org/info/rfc5880>.
[RFC8309] Wu, Q., Liu, W., and A. Farrel, "Service Models [RFC8309] Wu, Q., Liu, W., and A. Farrel, "Service Models
Explained", RFC 8309, DOI 10.17487/RFC8309, January 2018, Explained", RFC 8309, DOI 10.17487/RFC8309, January 2018,
<https://www.rfc-editor.org/info/rfc8309>. <https://www.rfc-editor.org/info/rfc8309>.
[RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams",
BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018,
<https://www.rfc-editor.org/info/rfc8340>. <https://www.rfc-editor.org/info/rfc8340>.
[RFC8453] Ceccarelli, D., Ed. and Y. Lee, Ed., "Framework for [RFC8453] Ceccarelli, D., Ed. and Y. Lee, Ed., "Framework for
Abstraction and Control of TE Networks (ACTN)", RFC 8453, Abstraction and Control of TE Networks (ACTN)", RFC 8453,
 End of changes. 187 change blocks. 
3104 lines changed or deleted 1687 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/