draft-ietf-pim-igmp-mld-snooping-yang-09.txt   draft-ietf-pim-igmp-mld-snooping-yang-10.txt 
PIM Working Group H. Zhao PIM Working Group H. Zhao
Internet Draft Ericsson Internet Draft Ericsson
Intended status: Standards Track X. Liu Intended status: Standards Track X. Liu
Expires: July 08, 2020 Volta Networks Expires: November 01, 2020 Volta Networks
Y. Liu Y. Liu
China Mobile China Mobile
M. Sivakumar M. Sivakumar
Juniper Juniper
A. Peter A. Peter
Individual Individual
January 9, 2020 May 02, 2020
A Yang Data Model for IGMP and MLD Snooping A Yang Data Model for IGMP and MLD Snooping
draft-ietf-pim-igmp-mld-snooping-yang-09.txt draft-ietf-pim-igmp-mld-snooping-yang-10.txt
Abstract Abstract
This document defines a YANG data model that can be used to This document defines a YANG data model that can be used to configure
configure and manage Internet Group Management Protocol (IGMP) and and manage Internet Group Management Protocol (IGMP) and Multicast
Multicast Listener Discovery (MLD) Snooping devices. The YANG module in Listener Discovery (MLD) Snooping devices. The YANG module in this
this document conforms to Network Management Datastore Architecture document conforms to Network Management Datastore Architecture (NMDA).
(NMDA).
Status of this Memo Status of this Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
skipping to change at page 2, line 4 skipping to change at page 1, line 45
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html http://www.ietf.org/shadow.html
This Internet-Draft will expire on July 08, 2020.
This Internet-Draft will expire on November 01, 2020.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction...................................................3 1. Introduction...................................................3
1.1. Terminology...............................................3 1.1. Terminology...............................................3
1.2. Tree Diagrams.............................................3 1.2. Tree Diagrams.............................................4
2. Design of Data Model...........................................3 1.3. Prefixes in Data Node Names...............................4
2.1. Overview..................................................4 2. Design of Data Model...........................................5
2.2. IGMP Snooping Instances...................................4 2.1. Overview..................................................5
2.3. MLD Snooping Instances....................................6 2.2. Optional Capabilities.....................................6
2.4. IGMP and MLD Snooping Instances Reference.................8 2.3. Position of Address Family in Hierarchy...................6
2.5. IGMP and MLD Snooping RPC.................................8 3. Module Structure...............................................7
3. IGMP and MLD Snooping YANG Module..............................9 3.1. IGMP Snooping Instances...................................7
4. Security Considerations.......................................31 3.2. MLD Snooping Instances...................................10
5. IANA Considerations...........................................32 3.3. Using IGMP and MLD Snooping Instances....................12
6. Normative References..........................................33 3.4. IGMP and MLD Snooping RPC................................13
Appendix A. Data Tree Example...................................35 4. IGMP and MLD Snooping YANG Module.............................13
A.1 Bridge scenario...........................................35 5. Security Considerations.......................................35
A.2 L2VPN scenario............................................38 6. IANA Considerations...........................................37
Authors' Addresses...............................................42 7. References....................................................38
7.1. Normative References.....................................38
7.2. Informative References...................................40
Appendix A. Data Tree Example...................................41
A.1 Bridge scenario...........................................41
A.2 L2VPN scenario............................................44
Authors' Addresses...............................................48
1. Introduction 1. Introduction
This document defines a YANG [RFC6020] data model for the management of This document defines a YANG [RFC6020] data model for the management of
Internet Group Management Protocol (IGMP) and Multicast Listener Internet Group Management Protocol (IGMP) and Multicast Listener
Discovery (MLD) Snooping devices. Discovery (MLD) Snooping [RFC4541] devices.
The YANG module in this document conforms to the Network Management The YANG module in this document conforms to the Network Management
Datastore Architecture defined in [RFC8342]. The "Network Management Datastore Architecture defined in [RFC8342]. The "Network Management
Datastore Architecture" (NMDA) adds the ability to inspect the current Datastore Architecture" (NMDA) adds the ability to inspect the current
operational values for configuration, allowing clients to use identical operational values for configuration, allowing clients to use identical
paths for retrieving the configured values and the operational values. paths for retrieving the configured values and the operational values.
1.1. Terminology 1.1. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The terminology for describing YANG data models is found in [RFC6020]
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP 14
[RFC2119].
The terminology for describing YANG data models is found in [RFC6020]. and [RFC7950], including:
* augment
* data model
* data node
* identity
* module
The following terminologies are used in this document:
* mrouter: multicast router, which means nodes attached to a switch
have multicast routing enabled [RFC4286].
* mrouter interfaces: snooping switch ports where multicast routers
are attached [RFC4541].
The following abbreviations are used in this document and defined model:
IGMP: Internet Group Management Protocol [RFC3376].
MLD: Multicast Listener Discovery [RFC3810].
AC: Attachment Circuit [RFC3916].
PW: Pseudo Wire [RFC3916].
1.2. Tree Diagrams 1.2. Tree Diagrams
A simplified graphical representation of the data model is used in this Tree diagrams used in this document follow the notation defined in
document. The meaning of the symbols in these diagrams is as follows:
o Brackets "[" and "]" enclose list keys. [RFC8340].
o Abbreviations before data node names: "rw" means configuration 1.3. Prefixes in Data Node Names
(read-write), and "ro" means state data (read-only).
o Symbols after data node names: "?" means an optional node, "!" In this document, names of data nodes, actions, and other data model
means a presence container, and "*" denotes a list and leaf-list. objects are often used without a prefix, as long as it is clear from the
context in which YANG module each name is defined. Otherwise, names are
prefixed using the standard prefix associated with the corresponding
YANG module, as shown in Table 1.
o Parentheses enclose choice and case nodes, and case nodes are also +----------+-----------------------+---------------------------------+
marked with a colon (":").
o Ellipsis ("...") stands for contents of subtrees that are not | Prefix | YANG module | Reference |
shown.
+==========+=======================+=================================+
| inet | ietf-inet-types | [RFC6991] |
+----------+-----------------------+---------------------------------+
| yang | ietf-yang-types | [RFC6991] |
+----------+-----------------------+---------------------------------+
| if | ietf-interfaces | [RFC8343] |
+----------+-----------------------+---------------------------------+
| rt | ietf-routing | [RFC8349] |
+----------+-----------------------+---------------------------------+
| rt-types | ietf-routing-types | [RFC8294] |
+----------+-----------------------+---------------------------------+
| ni | ietf-network-instance | [RFC8529] |
+----------+-----------------------+---------------------------------+
| pw | ietf-pseudowires | [draft-ietf-bess-l2vpn-yang] |
+----------+-----------------------+---------------------------------+
| l2vpn | ietf-l2vpn | [draft-ietf-bess-l2vpn-yang] |
+----------+-----------------------+---------------------------------+
| dot1q | ieee802-dot1q-bridge | [dot1Qcp] |
+----------+-----------------------+---------------------------------+
Table 1: Prefixes and Corresponding YANG Modules
2. Design of Data Model 2. Design of Data Model
The model covers Considerations for Internet Group Management Protocol The model covers considerations for Internet Group Management Protocol
(IGMP) and Multicast Listener Discovery (MLD) Snooping Switches (IGMP) and Multicast Listener Discovery (MLD) Snooping Switches
[RFC4541]. [RFC4541].
In recent years, a number of commercial vendors have introduced products
described as "IGMP snooping switches" to the market. These devices do
not adhere to the conceptual model that provides the strict separation
of functionality between different communications layers in the ISO
model, and instead utilize information in the upper level protocol
headers as factors to be considered in processing at the lower levels
[RFC4541].
IGMP Snooping switches utilize IGMP, and could support IGMPv1, IGMPv2,
and IGMPv3. IGMP snooping switches may maintain forwarding tables based
on either MAC addresses or IP addresses [RFC4541]. MLD Snooping switches
utilize MLD, and could support MLDv1 and MLDv2.
The goal of this document is to define a data model that provides a The goal of this document is to define a data model that provides a
common user interface to IGMP and MLD Snooping. common user interface to IGMP and MLD Snooping.
2.1. Overview 2.1. Overview
The IGMP and MLD Snooping YANG module defined in this document has all The IGMP and MLD Snooping YANG module defined in this document has all
the common building blocks for the IGMP and MLD Snooping protocol. the common building blocks for the IGMP and MLD Snooping switches.
The YANG module includes IGMP and MLD Snooping instance definition, The YANG module includes IGMP and MLD Snooping instance definition,
instance reference in the scenario of BRIDGE and L2VPN. The module also using instance in the scenario of BRIDGE [dot1Qcp] and L2VPN [draft-
includes the RPC methods for clearing IGMP and MLD Snooping group ietf-bess-l2vpn-yang]. The module also includes the RPC methods for
tables. clearing IGMP and MLD Snooping group tables.
This YANG module conforms to Network Management Datastore Architecture This YANG module conforms to Network Management Datastore Architecture
(NMDA)[RFC8342]. This NMDA architecture provides an architectural (NMDA)[RFC8342]. This NMDA architecture provides an architectural
framework for datastores as they are used by network management framework for datastores as they are used by network management
protocols such as NETCONF [RFC6241], RESTCONF [RFC8040] and the YANG protocols such as NETCONF [RFC6241], RESTCONF [RFC8040] and the YANG
[RFC7950] data modeling language. [RFC7950] data modeling language.
2.2. IGMP Snooping Instances 2.2. Optional Capabilities
This model is designed to represent the capabilities of IGMP and MLD
switches with various specifications, including the basic capability
subsets of IGMP and MLD Snooping. The main design goals of this document
are that the basic capabilities described in the model are supported by
any major now-existing implementation, and that the configuration of all
implementations meeting the specifications is easy to express through
some combination of the optional features in the model and simple vendor
augmentations.
There is also value in widely supported features being standardized, to
provide a standardized way to access these features, to save work for
individual vendors, and so that mapping between different vendors'
configuration is not needlessly complicated. Therefore, this model
declares a number of features representing capabilities that not all
deployed devices support.
The extensive use of feature declarations should also substantially
simplify the capability negotiation process for a vendor's IGMP and MLD
Snooping implementations.
On the other hand, operational state parameters are not so widely
designated as features, as there are many cases where the defaulting
of an operational state parameter would not cause any harm to the
system, and it is much more likely that an implementation without
native support for a piece of operational state would be able to derive
a suitable value for a state variable that is not natively supported.
2.3. Position of Address Family in Hierarchy
IGMP Snooping only supports IPv4, while MLD Snooping only supports IPv6.
The data model defined in this document can be used for both IPv4 and
IPv6 address families.
This document defines IGMP Snooping and MLD Snooping as separate schema
branches in the structure. The benefits are:
* The model can support IGMP Snooping (IPv4), MLD Snooping (IPv6), or
both optionally and independently. Such flexibility cannot be achieved
cleanly with a combined branch.
* The structure is consistent with other YANG data models such as
[RFC8344], which uses separate branches for IPv4 and IPv6.
* The separate branches for IGMP Snooping and MLD Snooping can
accommodate their differences better and cleaner. The two branches can
better support different features and node types.
3. Module Structure
This model augments the core routing data model specified in [RFC8349].
+--rw routing
+--rw router-id?
+--rw control-plane-protocols
| +--rw control-plane-protocol* [type name]
| +--rw type
| +--rw name
| +--rw igmp-snooping-instance <= Augmented by this Model
...
| +--rw mld-snooping-instance <= Augmented by this Model
...
The "igmp-snooping-instance" container instantiates an IGMP Snooping
Instance. The "mld-snooping-instance" container instantiates an MLD
Snooping Instance.
The YANG data model defined in this document conforms to the Network
Management Datastore Architecture (NMDA) [RFC8342]. The operational
state data is combined with the associated configuration data in the
same hierarchy [RFC8407].
A configuration data node is marked as mandatory only when its value
must be provided by the user. Where nodes are not essential to protocol
operation, they are marked as optional. Some other nodes are essential
but have a default specified, so that they are also optional and need
not be configured explicitly.
3.1. IGMP Snooping Instances
The YANG module defines igmp-snooping-instance which augments The YANG module defines igmp-snooping-instance which augments
/rt:routing/rt:control-plane-protocols/rt:control-plane-protocol. /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol.
All the IGMP Snooping related attributes have been defined in the igmp- All the IGMP Snooping related attributes have been defined in the igmp-
snooping-instance. The read-write attribute means configurable data. The snooping-instance. The read-write attribute represents configurable
read-only attribute means state data. data. The read-only attribute represents state data.
One igmp-snooping-instance could be referenced in one BRIDGE instance or One igmp-snooping-instance could be used in one BRIDGE [dot1Qcp]
L2VPN instance. One igmp-snooping-instance corresponds to one BRIDGE instance or L2VPN [draft-ietf-bess-l2vpn-yang] instance. One igmp-
instance or L2VPN instance. snooping-instance corresponds to one BRIDGE instance or one L2VPN
instance.
The value of scenario in igmp-snooping-instance is bridge or l2vpn. When The value of scenario in igmp-snooping-instance is bridge or l2vpn. When
it is bridge, the igmp-snooping-instance will be referenced in the it is bridge, igmp-snooping-instance will be used in the BRIDGE
BRIDGE scenario. When it is l2vpn, the igmp-snooping-instance will be scenario. When it is l2vpn, igmp-snooping-instance will be used in the
referenced in the L2VPN scenario. L2VPN scenario.
The value of bridge-mrouter-interface, l2vpn-mrouter-interface-ac, The value of bridge-mrouter-interface, l2vpn-mrouter-interface-ac,
l2vpn-mrouter-interface-pw are filled by snooping device dynamically. l2vpn-mrouter-interface-pw are filled by the snooping device
They are different from static-bridge-mrouter-interface, static-l2vpn- dynamically. They are different from static-bridge-mrouter-interface,
mrouter-interface-ac, and static-l2vpn-mrouter-interface-pw which are static-l2vpn-mrouter-interface-ac, and static-l2vpn-mrouter-interface-pw
configured statically. which are configured statically.
The attributes under the interfaces show the statistics of IGMP Snooping The attributes under the interfaces show the statistics of IGMP Snooping
related packets. related packets.
module: ietf-igmp-mld-snooping augment /rt:routing/rt:control-plane-protocols
augment /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol: /rt:control-plane-protocol:
+--rw igmp-snooping-instance {feature-igmp-snooping}? +--rw igmp-snooping-instance {feature-igmp-snooping}?
| +--rw scenario? snooping-scenario-type | +--rw scenario?
| | snooping-scenario-type
| +--rw enable? boolean | +--rw enable? boolean
| +--rw forwarding-mode? enumeration | +--rw forwarding-table-type? enumeration
| +--rw explicit-tracking? boolean {explicit-tracking}? | +--rw explicit-tracking? boolean
| +--rw exclude-lite? boolean {exclude-lite}? | | {feature-explicit-tracking}?
| +--rw exclude-lite? boolean
| | {feature-exclude-lite}?
| +--rw send-query? boolean | +--rw send-query? boolean
| +--rw immediate-leave? empty {immediate-leave}? | +--rw immediate-leave? empty
| | {feature-immediate-leave}?
| +--rw last-member-query-interval? uint16 | +--rw last-member-query-interval? uint16
| +--rw query-interval? uint16 | +--rw query-interval? uint16
| +--rw query-max-response-time? uint16 | +--rw query-max-response-time? uint16
| +--rw require-router-alert? boolean {require-router-alert}? | +--rw require-router-alert? boolean
| | {feature-require-router-alert}?
| +--rw robustness-variable? uint8 | +--rw robustness-variable? uint8
| +--rw static-bridge-mrouter-interface* if:interface-ref {static-mrouter- | +--rw static-bridge-mrouter-interface* if:interface-ref
interface}? | | {static-mrouter-interface}?
| +--rw static-l2vpn-mrouter-interface-ac* if:interface-ref {static-mrouter- | +--rw static-l2vpn-mrouter-interface-ac* if:interface-ref
interface}? | | {static-mrouter-interface}?
| +--rw static-l2vpn-mrouter-interface-pw* pw:pseudowire-ref {static-mrouter- | +--rw static-l2vpn-mrouter-interface-pw* pw:pseudowire-ref
interface}? | | {static-mrouter-interface}?
| +--rw version? uint8 | +--rw igmp-version? uint8
| +--rw querier-source? inet:ipv4-address | +--rw querier-source? inet:ipv4-address
| +--rw static-l2-multicast-group* [group source-addr] {static-l2-multicast- | +--rw static-l2-multicast-group* [group source-addr]
group}? | | {feature-static-l2-multicast-group}?
| | +--rw group rt-types:ipv4-multicast-group-address | | +--rw group
| | +--rw source-addr rt-types:ipv4-multicast-source-address | | | rt-types:ipv4-multicast-group-address
| | +--rw source-addr
| | | rt-types:ipv4-multicast-source-address
| | +--rw bridge-outgoing-interface* if:interface-ref | | +--rw bridge-outgoing-interface* if:interface-ref
| | +--rw l2vpn-outgoing-ac* if:interface-ref | | +--rw l2vpn-outgoing-ac* if:interface-ref
| | +--rw l2vpn-outgoing-pw* pw:pseudowire-ref | | +--rw l2vpn-outgoing-pw* pw:pseudowire-ref
| +--ro entries-count? uint32 | +--ro entries-count? uint32
| +--ro bridge-mrouter-interface* if:interface-ref | +--ro bridge-mrouter-interface* if:interface-ref
| +--ro l2vpn-mrouter-interface-ac* if:interface-ref | +--ro l2vpn-mrouter-interface-ac* if:interface-ref
| +--ro l2vpn-mrouter-interface-pw* pw:pseudowire-ref | +--ro l2vpn-mrouter-interface-pw* pw:pseudowire-ref
| +--ro group* [address] | +--ro group* [address]
| | +--ro address rt-types:ipv4-multicast-group-address | | +--ro address
| | | rt-types:ipv4-multicast-group-address
| | +--ro mac-address? yang:phys-address | | +--ro mac-address? yang:phys-address
| | +--ro expire? rt-types:timer-value-seconds16 | | +--ro expire? rt-types:timer-value-seconds16
| | +--ro up-time uint32 | | +--ro up-time uint32
| | +--ro last-reporter? inet:ipv4-address | | +--ro last-reporter? inet:ipv4-address
| | +--ro source* [address] | | +--ro source* [address]
| | +--ro address rt-types:ipv4-multicast-source-address | | +--ro address
| | | rt-types:ipv4-multicast-source-address
| | +--ro bridge-outgoing-interface* if:interface-ref | | +--ro bridge-outgoing-interface* if:interface-ref
| | +--ro l2vpn-outgoing-ac* if:interface-ref | | +--ro l2vpn-outgoing-ac* if:interface-ref
| | +--ro l2vpn-outgoing-pw* pw:pseudowire-ref | | +--ro l2vpn-outgoing-pw* pw:pseudowire-ref
| | +--ro up-time uint32 | | +--ro up-time uint32
| | +--ro expire? rt-types:timer-value-seconds16 | | +--ro expire?
| | +--ro host-count? uint32 {explicit-tracking}? | | | rt-types:timer-value-seconds16
| | +--ro host-count? uint32
| | | {feature-explicit-tracking}?
| | +--ro last-reporter? inet:ipv4-address | | +--ro last-reporter? inet:ipv4-address
| | +--ro host* [host-address] {explicit-tracking}? | | +--ro host* [host-address] {feature-explicit-tracking}?
| | +--ro host-address inet:ipv4-address | | +--ro host-address inet:ipv4-address
| | +--ro host-filter-mode filter-mode-type | | +--ro host-filter-mode filter-mode-type
| +--ro interfaces | +--ro interfaces
| +--ro interface* [name] | +--ro interface* [name]
| +--ro name if:interface-ref | +--ro name if:interface-ref
| +--ro statistics | +--ro statistics
| +--ro received | +--ro received
| | +--ro num-query? yang:counter64 | | +--ro num-query? yang:counter64
| | +--ro num-membership-report-v1? yang:counter64 | | +--ro num-membership-report-v1? yang:counter64
| | +--ro num-membership-report-v2? yang:counter64 | | +--ro num-membership-report-v2? yang:counter64
skipping to change at page 6, line 25 skipping to change at page 10, line 5
| | +--ro num-pim-hello? yang:counter64 | | +--ro num-pim-hello? yang:counter64
| +--ro sent | +--ro sent
| +--ro num-query? yang:counter64 | +--ro num-query? yang:counter64
| +--ro num-membership-report-v1? yang:counter64 | +--ro num-membership-report-v1? yang:counter64
| +--ro num-membership-report-v2? yang:counter64 | +--ro num-membership-report-v2? yang:counter64
| +--ro num-membership-report-v3? yang:counter64 | +--ro num-membership-report-v3? yang:counter64
| +--ro num-leave? yang:counter64 | +--ro num-leave? yang:counter64
| +--ro num-non-member-leave? yang:counter64 | +--ro num-non-member-leave? yang:counter64
| +--ro num-pim-hello? yang:counter64 | +--ro num-pim-hello? yang:counter64
2.3. MLD Snooping Instances 3.2. MLD Snooping Instances
The YANG module defines mld-snooping-instance which could be referenced The YANG module defines mld-snooping-instance which could be used in the
in the BRIDGE or L2VPN scenario to enable MLD Snooping. BRIDGE [dot1Qcp] or L2VPN [draft-ietf-bess-l2vpn-yang] scenario to
enable MLD Snooping.
All the MLD Snooping related attributes have been defined in the mld-
snooping-instance. The read-write attribute represents configurable
data. The read-only attribute represents state data.
The mld-snooping-instance is the same as IGMP snooping except changing The mld-snooping-instance is the same as IGMP snooping except changing
IPv4 addresses to IPv6 addresses. IPv4 addresses to IPv6 addresses. One mld-snooping-instance could be
used in one BRIDGE instance or L2VPN instance. One mld-snooping-instance
corresponds to one BRIDGE instance or L2VPN instance.
module: ietf-igmp-mld-snooping The value of scenario in mld-snooping-instance is bridge or l2vpn. When
augment /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol: it is bridge, mld-snooping-instance will be used in the BRIDGE scenario.
+--rw igmp-snooping-instance {feature-igmp-snooping}? When it is l2vpn, mld-snooping-instance will be used in the L2VPN
| ... scenario.
+--rw mld-snooping-instance {feature-mld-snooping}?
+--rw scenario? snooping-scenario-type
+--rw enable? boolean
+--rw forwarding-mode? enumeration
+--rw explicit-tracking? boolean {explicit-tracking}?
+--rw exclude-lite? boolean {exclude-lite}?
+--rw send-query? boolean
+--rw immediate-leave? empty {immediate-leave}?
+--rw last-member-query-interval? uint16
+--rw query-interval? uint16
+--rw query-max-response-time? uint16
+--rw require-router-alert? boolean {require-router-alert}?
+--rw robustness-variable? uint8
+--rw static-bridge-mrouter-interface* if:interface-ref {static-mrouter-
interface}?
+--rw static-l2vpn-mrouter-interface-ac* if:interface-ref {static-mrouter-
interface}?
+--rw static-l2vpn-mrouter-interface-pw* pw:pseudowire-ref {static-mrouter-
interface}?
+--rw version? uint8
+--rw querier-source? inet:ipv6-address
+--rw static-l2-multicast-group* [group source-addr] {static-l2-multicast-
group}?
| +--rw group rt-types:ipv6-multicast-group-address
| +--rw source-addr rt-types:ipv6-multicast-source-address
| +--rw bridge-outgoing-interface* if:interface-ref
| +--rw l2vpn-outgoing-ac* if:interface-ref
| +--rw l2vpn-outgoing-pw* pw:pseudowire-ref
+--ro entries-count? uint32
+--ro bridge-mrouter-interface* if:interface-ref
+--ro l2vpn-mrouter-interface-ac* if:interface-ref
+--ro l2vpn-mrouter-interface-pw* pw:pseudowire-ref
+--ro group* [address]
| +--ro address rt-types:ipv6-multicast-group-address
| +--ro mac-address? yang:phys-address
| +--ro expire? rt-types:timer-value-seconds16
| +--ro up-time uint32
| +--ro last-reporter? inet:ipv6-address
| +--ro source* [address]
| +--ro address rt-types:ipv6-multicast-source-address
| +--ro bridge-outgoing-interface* if:interface-ref
| +--ro l2vpn-outgoing-ac* if:interface-ref
| +--ro l2vpn-outgoing-pw* pw:pseudowire-ref
| +--ro up-time uint32
| +--ro expire? rt-types:timer-value-seconds16
| +--ro host-count? uint32 {explicit-tracking}?
| +--ro last-reporter? inet:ipv6-address
| +--ro host* [host-address] {explicit-tracking}?
| +--ro host-address inet:ipv6-address
| +--ro host-filter-mode filter-mode-type
+--ro interfaces
+--ro interface* [name]
+--ro name if:interface-ref
+--ro statistics
+--ro received
| +--ro num-query? yang:counter64
| +--ro num-report-v1? yang:counter64
| +--ro num-report-v2? yang:counter64
| +--ro num-done? yang:counter64
| +--ro num-pim-hello? yang:counter64
+--ro sent
+--ro num-query? yang:counter64
+--ro num-report-v1? yang:counter64
+--ro num-report-v2? yang:counter64
+--ro num-done? yang:counter64
+--ro num-pim-hello? yang:counter64
2.4. IGMP and MLD Snooping Instances Reference The value of bridge-mrouter-interface, l2vpn-mrouter-interface-ac,
l2vpn-mrouter-interface-pw are filled by the snooping device
dynamically. They are different from static-bridge-mrouter-interface,
static-l2vpn-mrouter-interface-ac, and static-l2vpn-mrouter-interface-pw
which are configured statically.
The igmp-snooping-instance could be referenced in the scenario of BRIDGE The attributes under the interfaces show the statistics of MLD Snooping
or L2VPN to configure the IGMP Snooping. related packets.
augment /rt:routing/rt:control-plane-protocols
/rt:control-plane-protocol:
+--rw igmp-snooping-instance {feature-igmp-snooping}?
..
+--rw mld-snooping-instance {feature-mld-snooping}?
+--rw scenario?
| snooping-scenario-type
+--rw enable? boolean
+--rw forwarding-table-type? enumeration
+--rw explicit-tracking? boolean
| {feature-explicit-tracking}?
+--rw exclude-lite? boolean
| {feature-exclude-lite}?
+--rw send-query? boolean
+--rw immediate-leave? empty
| {feature-immediate-leave}?
+--rw last-member-query-interval? uint16
+--rw query-interval? uint16
+--rw query-max-response-time? uint16
+--rw require-router-alert? boolean
| {feature-require-router-alert}?
+--rw robustness-variable? uint8
+--rw static-bridge-mrouter-interface* if:interface-ref
| {static-mrouter-interface}?
+--rw static-l2vpn-mrouter-interface-ac* if:interface-ref
| {static-mrouter-interface}?
+--rw static-l2vpn-mrouter-interface-pw* pw:pseudowire-ref
| {static-mrouter-interface}?
+--rw mld-version? uint8
+--rw querier-source? inet:ipv6-address
+--rw static-l2-multicast-group* [group source-addr]
| {feature-static-l2-multicast-group}?
| +--rw group
| | rt-types:ipv6-multicast-group-address
| +--rw source-addr
| | rt-types:ipv6-multicast-source-address
| +--rw bridge-outgoing-interface* if:interface-ref
| +--rw l2vpn-outgoing-ac* if:interface-ref
| +--rw l2vpn-outgoing-pw* pw:pseudowire-ref
+--ro entries-count? uint32
+--ro bridge-mrouter-interface* if:interface-ref
+--ro l2vpn-mrouter-interface-ac* if:interface-ref
+--ro l2vpn-mrouter-interface-pw* pw:pseudowire-ref
+--ro group* [address]
| +--ro address
| | rt-types:ipv6-multicast-group-address
| +--ro mac-address? yang:phys-address
| +--ro expire? rt-types:timer-value-seconds16
| +--ro up-time uint32
| +--ro last-reporter? inet:ipv6-address
| +--ro source* [address]
| +--ro address
| | rt-types:ipv6-multicast-source-address
| +--ro bridge-outgoing-interface* if:interface-ref
| +--ro l2vpn-outgoing-ac* if:interface-ref
| +--ro l2vpn-outgoing-pw* pw:pseudowire-ref
| +--ro up-time uint32
| +--ro expire?
| | rt-types:timer-value-seconds16
| +--ro host-count? uint32
| | {feature-explicit-tracking}?
| +--ro last-reporter? inet:ipv6-address
| +--ro host* [host-address] {feature-explicit-tracking}?
| +--ro host-address inet:ipv6-address
| +--ro host-filter-mode filter-mode-type
+--ro interfaces
+--ro interface* [name]
+--ro name if:interface-ref
+--ro statistics
+--ro received
| +--ro num-query? yang:counter64
| +--ro num-report-v1? yang:counter64
| +--ro num-report-v2? yang:counter64
| +--ro num-done? yang:counter64
| +--ro num-pim-hello? yang:counter64
+--ro sent
+--ro num-query? yang:counter64
+--ro num-report-v1? yang:counter64
+--ro num-report-v2? yang:counter64
+--ro num-done? yang:counter64
+--ro num-pim-hello? yang:counter64
3.3. Using IGMP and MLD Snooping Instances
The igmp-snooping-instance could be used in the scenario of BRIDGE
[dot1Qcp] or L2VPN [draft-ietf-bess-l2vpn-yang] to configure the IGMP
Snooping.
For the BRIDGE scenario this model augments /dot1q:bridges/dot1q:bridge For the BRIDGE scenario this model augments /dot1q:bridges/dot1q:bridge
to reference igmp-snooping-instance. It means IGMP Snooping is enabled to use igmp-snooping-instance. It means IGMP Snooping is enabled in the
in the whole bridge. whole bridge.
It also augments /dot1q:bridges/dot1q:bridge/dot1q:component/ It also augments /dot1q:bridges/dot1q:bridge/dot1q:component/
dot1q:bridge-vlan/dot1q:vlan to reference igmp-snooping-instance. It dot1q:bridge-vlan/dot1q:vlan to use igmp-snooping-instance. It means
means IGMP Snooping is enabled in the certain VLAN of the bridge. IGMP Snooping is enabled in the certain VLAN of the bridge.
augment /dot1q:bridges/dot1q:bridge:
+--rw igmp-snooping-instance? igmp-snooping-instance-ref
+--rw mld-snooping-instance? mld-snooping-instance-ref
augment /dot1q:bridges/dot1q:bridge/dot1q:component/dot1q:bridge-vlan/dot1q:vlan: augment /dot1q:bridges/dot1q:bridge:
+--rw igmp-snooping-instance? igmp-snooping-instance-ref +--rw igmp-snooping-instance? igmp-mld-snooping-instance-ref
+--rw mld-snooping-instance? mld-snooping-instance-ref +--rw mld-snooping-instance? igmp-mld-snooping-instance-ref
augment /dot1q:bridges/dot1q:bridge/dot1q:component
/dot1q:bridge-vlan/dot1q:vlan:
+--rw igmp-snooping-instance? igmp-mld-snooping-instance-ref
+--rw mld-snooping-instance? igmp-mld-snooping-instance-ref
For the L2VPN scenario this model augments /ni:network-instances/ For the L2VPN scenario this model augments /ni:network-instances/
ni:network-instance/ni:ni-type/l2vpn:l2vpn to reference igmp-snooping- ni:network-instance/ni:ni-type/l2vpn:l2vpn [RFC8529] to use igmp-
instance. It means IGMP Snooping is enabled in the specified l2vpn snooping-instance. It means IGMP Snooping is enabled in the specified
instance. l2vpn instance.
augment /ni:network-instances/ni:network-instance/ni:ni-type/l2vpn:l2vpn: augment /ni:network-instances/ni:network-instance/ni:ni-type
+--rw igmp-snooping-instance? igmp-snooping-instance-ref /l2vpn:l2vpn:
+--rw mld-snooping-instance? mld-snooping-instance-ref +--rw igmp-snooping-instance? igmp-mld-snooping-instance-ref
+--rw mld-snooping-instance? igmp-mld-snooping-instance-ref
The mld-snooping-instance could be referenced in concurrence with igmp- The mld-snooping-instance could be used in concurrence with igmp-
snooping-instance to configure the MLD Snooping. snooping-instance to configure the MLD Snooping.
2.5. IGMP and MLD Snooping RPC 3.4. IGMP and MLD Snooping RPC
IGMP and MLD Snooping RPC clears the specified IGMP and MLD Snooping IGMP and MLD Snooping RPC clears the specified IGMP and MLD Snooping
group tables. group tables.
rpcs: rpcs:
+---x clear-igmp-snooping-groups {rpc-clear-groups}? +---x clear-igmp-snooping-groups {rpc-clear-groups}?
| +---w input | +---w input
| +---w name? igmp-mld-snooping-instance-ref | +---w name? igmp-mld-snooping-instance-ref
| | {feature-igmp-snooping}? | | {feature-igmp-snooping}?
| +---w group? rt-types:ipv4-multicast-group-address | +---w group? rt-types:ipv4-multicast-group-address
| +---w source? rt-types:ipv4-multicast-source-address | +---w source? rt-types:ipv4-multicast-source-address
+---x clear-mld-snooping-groups {rpc-clear-groups}? +---x clear-mld-snooping-groups {rpc-clear-groups}?
+---w input +---w input
+---w name? igmp-mld-snooping-instance-ref +---w name? igmp-mld-snooping-instance-ref
| {feature-mld-snooping}? | {feature-mld-snooping}?
+---w group? rt-types:ipv6-multicast-group-address +---w group? rt-types:ipv6-multicast-group-address
+---w source? rt-types:ipv6-multicast-source-address +---w source? rt-types:ipv6-multicast-source-address
3. IGMP and MLD Snooping YANG Module 4. IGMP and MLD Snooping YANG Module
<CODE BEGINS> file ietf-igmp-mld-snooping@2019-06-04.yang This module references
[RFC2236],[RFC3376],[RFC3810],[RFC4286],[RFC4541],[RFC4604],[RFC4607],
[RFC6020],[RFC6241],[RFC6636],[RFC6991],[RFC7950],[RFC8040],[RFC8342],
[RFC8343],[RFC8340],[RFC8529],[RFC8652],[dot1Qcp], and [draft-ietf-bess-
l2vpn-yang].
<CODE BEGINS> file ietf-igmp-mld-snooping@2020-04-29.yang
module ietf-igmp-mld-snooping { module ietf-igmp-mld-snooping {
yang-version 1.1; yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-igmp-mld-snooping"; namespace "urn:ietf:params:xml:ns:yang:ietf-igmp-mld-snooping";
prefix ims; prefix ims;
import ietf-inet-types { import ietf-inet-types {
prefix "inet"; prefix "inet";
reference
"RFC 6991: Common YANG Data Types";
} }
import ietf-yang-types { import ietf-yang-types {
prefix "yang"; prefix "yang";
reference
"RFC 6991: Common YANG Data Types";
} }
import ietf-interfaces { import ietf-interfaces {
prefix "if"; prefix "if";
reference
"RFC 8343: A YANG Data Model for Interface Management";
} }
import ietf-routing { import ietf-routing {
prefix "rt"; prefix "rt";
reference
"RFC 8349: A YANG Data Model for Routing Management (NMDA
Version)";
} }
import ietf-routing-types { import ietf-routing-types {
prefix "rt-types"; prefix "rt-types";
reference
"RFC 8294: Common YANG Data Types for the Routing Area";
} }
import ietf-l2vpn { import ietf-l2vpn {
prefix "l2vpn"; prefix "l2vpn";
reference
"draft-ietf-bess-l2vpn-yang: YANG Data Model for MPLS-based
L2VPN";
} }
import ietf-network-instance { import ietf-network-instance {
prefix "ni"; prefix "ni";
reference
"RFC 8529: YANG Data Model for Network Instances";
} }
import ietf-pseudowires { import ietf-pseudowires {
prefix "pw"; prefix "pw";
reference
"draft-ietf-bess-l2vpn-yang: YANG Data Model for MPLS-based
L2VPN";
} }
import ieee802-dot1q-bridge { import ieee802-dot1q-bridge {
prefix "dot1q"; prefix "dot1q";
reference
"dot1Qcp: IEEE 802.1Qcp-2018 Bridges and Bridged Networks
- Amendment: YANG Data Model";
} }
organization organization
"IETF PIM Working Group"; "IETF PIM Working Group";
contact contact
"WG Web: <http://tools.ietf.org/wg/pim/> "WG Web: <http://tools.ietf.org/wg/pim/>
WG List: <mailto:pim@ietf.org> WG List: <mailto:pim@ietf.org>
Editors: Hongji Zhao Editors: Hongji Zhao
skipping to change at page 10, line 38 skipping to change at page 15, line 19
Anish Peter Anish Peter
<mailto:anish.ietf@gmail.com> <mailto:anish.ietf@gmail.com>
Mahesh Sivakumar Mahesh Sivakumar
<mailto:sivakumar.mahesh@gmail.com> <mailto:sivakumar.mahesh@gmail.com>
"; ";
description description
"The module defines a collection of YANG definitions common for "The module defines a collection of YANG definitions common for
all Internet Group Management Protocol (IGMP) and Multicast all devices that implement Internet Group Management Protocol
Listener Discovery (MLD) Snooping devices. (IGMP) and Multicast Listener Discovery (MLD) Snooping [RFC 4541].
Copyright (c) 2019 IETF Trust and the persons identified as Copyright (c) 2020 IETF Trust and the persons identified as
authors of the code. All rights reserved. authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject to without modification, is permitted pursuant to, and subject to
the license terms contained in, the Simplified BSD License set the license terms contained in, the Simplified BSD License set
forth in Section 4.c of the IETF Trust's Legal Provisions forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents Relating to IETF Documents
(http://trustee.ietf.org/license-info). (http://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX; see the This version of this YANG module is part of RFC XXXX; see the
RFC itself for full legal notices."; RFC itself for full legal notices.";
revision 2019-06-04 { revision 2020-04-29 {
description description
"Initial revision."; "Initial revision.";
reference reference
"RFC XXXX: A YANG Data Model for IGMP and MLD Snooping"; "RFC XXXX: A YANG Data Model for IGMP and MLD Snooping";
} }
/* /*
* Features * Features
*/ */
feature feature-igmp-snooping { feature feature-igmp-snooping {
description description
"Support IGMP snooping protocol."; "Support IGMP snooping.";
reference
"RFC 4541, Section 1";
} }
feature feature-mld-snooping { feature feature-mld-snooping {
description description
"Support MLD snooping protocol."; "Support MLD snooping.";
reference
"RFC 4541, Section 1";
} }
feature feature-immediate-leave {
feature immediate-leave {
description description
"Support configuration of immediate-leave."; "Support configuration of immediate-leave.";
reference
"RFC 2236, Section 10";
} }
feature require-router-alert { feature feature-static-l2-multicast-group {
description
"Support configuration of require-router-alert.";
reference
"RFC 3376, Section 5.2";
}
feature static-l2-multicast-group {
description description
"Support configuration of L2 multicast static-group."; "Support configuration of L2 multicast static-group.";
reference
"RFC 4541, Section 2.1";
} }
feature static-mrouter-interface { feature static-mrouter-interface {
description description
"Support configuration of mrouter interface."; "Support configuration of mrouter interface.";
reference
"RFC 4541, Section 2.1";
} }
feature rpc-clear-groups { feature rpc-clear-groups {
description description
"Support clearing statistics by RPC for IGMP & MLD snooping."; "Support clearing statistics by RPC for IGMP & MLD snooping.";
reference
"RFC 4541, Section 2.1";
} }
feature explicit-tracking { feature feature-require-router-alert {
description description
"Support configuration of per instance explicit-tracking."; "Support configuration of require-router-alert.";
reference reference
"RFC 3376, Appendix B"; "RFC 3376, Section 5.2";
} }
feature exclude-lite { feature feature-exclude-lite {
description description
"Support configuration of per instance exclude-lite."; "Support configuration of per instance exclude-lite.";
reference reference
"RFC 5790, Section 3"; "RFC 5790, Section 3";
} }
feature feature-explicit-tracking {
description
"Support configuration of per instance explicit-tracking.";
reference
"RFC 6636, Section 3";
}
/* identities */ /* identities */
identity scenario-type { identity scenario-type {
description description
"Base identity for scenario type in IGMP & MLD snooping"; "Base identity for scenario type in IGMP & MLD snooping";
} }
identity bridge { identity bridge {
base scenario-type; base scenario-type;
description description
skipping to change at page 13, line 12 skipping to change at page 17, line 33
identity exclude { identity exclude {
base filter-mode; base filter-mode;
description description
"This identity represents exclude mode."; "This identity represents exclude mode.";
} }
identity igmp-snooping { identity igmp-snooping {
base rt:control-plane-protocol; base rt:control-plane-protocol;
description description
"IGMP snooping protocol"; "IGMP snooping";
} }
identity mld-snooping { identity mld-snooping {
base rt:control-plane-protocol; base rt:control-plane-protocol;
description description
"MLD snooping protocol"; "MLD snooping";
} }
/* /*
* Typedefs * Typedefs
*/ */
typedef snooping-scenario-type { typedef snooping-scenario-type {
type identityref { type identityref {
base "scenario-type"; base "scenario-type";
} }
skipping to change at page 14, line 9 skipping to change at page 18, line 29
/* /*
* Groupings * Groupings
*/ */
grouping instance-config-attributes-igmp-snooping { grouping instance-config-attributes-igmp-snooping {
description description
"IGMP snooping configuration for each BRIDGE or L2VPN instance."; "IGMP snooping configuration for each BRIDGE or L2VPN instance.";
uses instance-config-attributes-igmp-mld-snooping; uses instance-config-attributes-igmp-mld-snooping;
leaf version { leaf igmp-version {
type uint8 { type uint8 {
range "1..3"; range "1..3";
} }
default 2; default 2;
description "IGMP snooping version."; description "IGMP version.";
} }
leaf querier-source { leaf querier-source {
type inet:ipv4-address; type inet:ipv4-address;
description description
"Use the IGMP snooping querier to support IGMP "Use the IGMP snooping querier to support IGMP
snooping in a VLAN where PIM and IGMP are not configured. snooping in a VLAN where PIM and IGMP are not configured.
The IPv4 address is used as source address in messages."; The IPv4 address is used as source address in messages.";
} }
list static-l2-multicast-group { list static-l2-multicast-group {
if-feature static-l2-multicast-group; if-feature feature-static-l2-multicast-group;
key "group source-addr"; key "group source-addr";
description description
"A static multicast route, (*,G) or (S,G)."; "A static multicast route, (*,G) or (S,G).";
leaf group { leaf group {
type rt-types:ipv4-multicast-group-address; type rt-types:ipv4-multicast-group-address;
description description
"Multicast group IPv4 address"; "Multicast group IPv4 address";
} }
leaf source-addr { leaf source-addr {
type rt-types:ipv4-multicast-source-address; type rt-types:ipv4-multicast-source-address;
description description
"Multicast source IPv4 address."; "Multicast source IPv4 address.";
} }
leaf-list bridge-outgoing-interface { leaf-list bridge-outgoing-interface {
when 'derived-from-or-self(../../scenario,"ims:bridge")'; when 'derived-from-or-self(../../scenario,"ims:bridge")';
skipping to change at page 14, line 52 skipping to change at page 19, line 22
leaf-list bridge-outgoing-interface { leaf-list bridge-outgoing-interface {
when 'derived-from-or-self(../../scenario,"ims:bridge")'; when 'derived-from-or-self(../../scenario,"ims:bridge")';
type if:interface-ref; type if:interface-ref;
description "Outgoing interface in BRIDGE forwarding"; description "Outgoing interface in BRIDGE forwarding";
} }
leaf-list l2vpn-outgoing-ac { leaf-list l2vpn-outgoing-ac {
when 'derived-from-or-self(../../scenario,"ims:l2vpn")'; when 'derived-from-or-self(../../scenario,"ims:l2vpn")';
type if:interface-ref; type if:interface-ref;
description "Outgoing AC in L2VPN forwarding"; description "Outgoing Attachment Circuit (AC) in L2VPN
forwarding";
} }
leaf-list l2vpn-outgoing-pw { leaf-list l2vpn-outgoing-pw {
when 'derived-from-or-self(../../scenario,"ims:l2vpn")'; when 'derived-from-or-self(../../scenario,"ims:l2vpn")';
type pw:pseudowire-ref; type pw:pseudowire-ref;
description "Outgoing PW in L2VPN forwarding"; description "Outgoing Pseudo Wire (PW) in L2VPN forwarding";
} }
} // static-l2-multicast-group } // static-l2-multicast-group
} // instance-config-attributes-igmp-snooping } // instance-config-attributes-igmp-snooping
grouping instance-config-attributes-igmp-mld-snooping { grouping instance-config-attributes-igmp-mld-snooping {
description description
"IGMP and MLD snooping configuration of each VLAN."; "IGMP and MLD snooping configuration of each VLAN.";
leaf enable { leaf enable {
type boolean; type boolean;
default false; default false;
description description
"Set the value to true to enable IGMP & MLD snooping."; "Set the value to true to enable IGMP & MLD snooping.";
} }
leaf forwarding-mode { leaf forwarding-table-type {
type enumeration { type enumeration {
enum "mac" { enum "mac" {
description description
"MAC-based lookup mode"; "MAC-based lookup mode";
} }
enum "ip" { enum "ip" {
description description
"IP-based lookup mode"; "IP-based lookup mode";
} }
} }
default "ip"; default "ip";
description "The default forwarding mode is ip"; description "The default forwarding table type is ip";
} }
leaf explicit-tracking { leaf explicit-tracking {
if-feature explicit-tracking; if-feature feature-explicit-tracking;
type boolean; type boolean;
default false; default false;
description description
"Track the IGMP v3 & MLD v2 membership reports "Track the IGMPv3 and MLDv2 snooping membership reports
from individual hosts. It contributes to saving network from individual hosts. It contributes to saving network
resources and shortening leave latency."; resources and shortening leave latency.";
} }
leaf exclude-lite { leaf exclude-lite {
if-feature exclude-lite; if-feature feature-exclude-lite;
type boolean; type boolean;
default false; default false;
description description
"Track the Lightweight IGMPv3 and MLDv2 protocol report"; "Track the Lightweight IGMPv3 and MLDv2 protocol report";
reference "RFC5790"; reference "RFC 5790";
} }
leaf send-query { leaf send-query {
type boolean; type boolean;
default false; default false;
description description
"Enable quick response for topology changes. "Enable quick response for topology changes.
To support IGMP snooping in a VLAN where PIM and IGMP are To support IGMP snooping in a VLAN where PIM and IGMP are
not configured. It cooperates with parameter querier-source."; not configured. It cooperates with parameter querier-source.";
} }
leaf immediate-leave { leaf immediate-leave {
skipping to change at page 16, line 14 skipping to change at page 20, line 36
leaf send-query { leaf send-query {
type boolean; type boolean;
default false; default false;
description description
"Enable quick response for topology changes. "Enable quick response for topology changes.
To support IGMP snooping in a VLAN where PIM and IGMP are To support IGMP snooping in a VLAN where PIM and IGMP are
not configured. It cooperates with parameter querier-source."; not configured. It cooperates with parameter querier-source.";
} }
leaf immediate-leave { leaf immediate-leave {
if-feature immediate-leave; if-feature feature-immediate-leave;
type empty; type empty;
description description
"When immediate leave is enabled, the IGMP software assumes "When immediate leave is enabled, the IGMP software assumes
that no more than one host is present on each VLAN port."; that no more than one host is present on each VLAN port.";
} }
leaf last-member-query-interval { leaf last-member-query-interval {
type uint16 { type uint16 {
range "1..1023"; range "10..10230";
} }
units seconds; units one-tenth-second;
default 1; default 10;
description description
"Last Member Query Interval, which may be tuned to modify "Last Member Query Interval, which may be tuned to modify
the leave latency of the network."; the leave latency of the network.
reference "RFC3376. Sec. 8.8."; It is represented in units of 1/10 second.";
reference "RFC 3376. Sec. 8.8.";
} }
leaf query-interval { leaf query-interval {
type uint16; type uint16;
units seconds; units seconds;
default 125; default 125;
description description
"The Query Interval is the interval between General Queries "The Query Interval is the interval between General Queries
sent by the Querier."; sent by the Querier.";
reference "RFC3376. Sec. 4.1.7, 8.2, 8.14.2."; reference "RFC 3376. Sec. 4.1.7, 8.2, 8.14.2.";
} }
leaf query-max-response-time { leaf query-max-response-time {
type uint16; type uint16;
units seconds; units one-tenth-second;
default 10; default 100;
description description
"Query maximum response time specifies the maximum time "Query maximum response time specifies the maximum time
allowed before sending a responding report."; allowed before sending a responding report.
reference "RFC3376. Sec. 4.1.1, 8.3, 8.14.3."; It is represented in units of 1/10 second.";
reference "RFC 3376. Sec. 4.1.1, 8.3, 8.14.3.";
} }
leaf require-router-alert { leaf require-router-alert {
if-feature require-router-alert; if-feature feature-require-router-alert;
type boolean; type boolean;
default false; default false;
description description
"When the value is true, router alert should exist "When the value is true, router alert should exist
in the IP head of IGMP or MLD packet."; in the IP header of IGMP or MLD packet.";
} }
leaf robustness-variable { leaf robustness-variable {
type uint8 { type uint8 {
range "1..7"; range "1..7";
} }
default 2; default 2;
description description
"Querier's Robustness Variable allows tuning for the "Querier's Robustness Variable allows tuning for the
expected packet loss on a network."; expected packet loss on a network.";
reference "RFC3376. Sec. 4.1.6, 8.1, 8.14.1."; reference "RFC 3376. Sec. 4.1.6, 8.1, 8.14.1.";
} }
leaf-list static-bridge-mrouter-interface { leaf-list static-bridge-mrouter-interface {
when 'derived-from-or-self(../scenario,"ims:bridge")'; when 'derived-from-or-self(../scenario,"ims:bridge")';
if-feature static-mrouter-interface; if-feature static-mrouter-interface;
type if:interface-ref; type if:interface-ref;
description "static mrouter interface in BRIDGE forwarding"; description "static mrouter interface in BRIDGE forwarding";
} }
leaf-list static-l2vpn-mrouter-interface-ac { leaf-list static-l2vpn-mrouter-interface-ac {
skipping to change at page 17, line 52 skipping to change at page 22, line 24
"static mrouter interface whose type is PW "static mrouter interface whose type is PW
in L2VPN forwarding"; in L2VPN forwarding";
} }
} // instance-config-attributes-igmp-mld-snooping } // instance-config-attributes-igmp-mld-snooping
grouping instance-config-attributes-mld-snooping { grouping instance-config-attributes-mld-snooping {
description "MLD snooping configuration of each VLAN."; description "MLD snooping configuration of each VLAN.";
uses instance-config-attributes-igmp-mld-snooping; uses instance-config-attributes-igmp-mld-snooping;
leaf version { leaf mld-version {
type uint8 { type uint8 {
range "1..2"; range "1..2";
} }
default 2; default 2;
description "MLD snooping version."; description "MLD version.";
} }
leaf querier-source { leaf querier-source {
type inet:ipv6-address; type inet:ipv6-address;
description description
"Use the MLD snooping querier to support MLD snooping where "Use the MLD snooping querier to support MLD snooping where
PIM and MLD are not configured. The IPv6 address is used as PIM and MLD are not configured. The IPv6 address is used as
the source address in messages."; the source address in messages.";
} }
list static-l2-multicast-group { list static-l2-multicast-group {
if-feature static-l2-multicast-group; if-feature feature-static-l2-multicast-group;
key "group source-addr"; key "group source-addr";
description description
"A static multicast route, (*,G) or (S,G)."; "A static multicast route, (*,G) or (S,G).";
leaf group { leaf group {
type rt-types:ipv6-multicast-group-address; type rt-types:ipv6-multicast-group-address;
description description
"Multicast group IPv6 address"; "Multicast group IPv6 address";
} }
skipping to change at page 18, line 43 skipping to change at page 23, line 16
leaf-list bridge-outgoing-interface { leaf-list bridge-outgoing-interface {
when 'derived-from-or-self(../../scenario,"ims:bridge")'; when 'derived-from-or-self(../../scenario,"ims:bridge")';
type if:interface-ref; type if:interface-ref;
description "Outgoing interface in BRIDGE forwarding"; description "Outgoing interface in BRIDGE forwarding";
} }
leaf-list l2vpn-outgoing-ac { leaf-list l2vpn-outgoing-ac {
when 'derived-from-or-self(../../scenario,"ims:l2vpn")'; when 'derived-from-or-self(../../scenario,"ims:l2vpn")';
type if:interface-ref; type if:interface-ref;
description "Outgoing AC in L2VPN forwarding"; description "Outgoing Attachment Circuit (AC) in L2VPN
forwarding";
} }
leaf-list l2vpn-outgoing-pw { leaf-list l2vpn-outgoing-pw {
when 'derived-from-or-self(../../scenario,"ims:l2vpn")'; when 'derived-from-or-self(../../scenario,"ims:l2vpn")';
type pw:pseudowire-ref; type pw:pseudowire-ref;
description "Outgoing PW in L2VPN forwarding"; description "Outgoing Pseudo Wire (PW) in L2VPN forwarding";
} }
} // static-l2-multicast-group } // static-l2-multicast-group
} // instance-config-attributes-mld-snooping } // instance-config-attributes-mld-snooping
grouping instance-state-group-attributes-igmp-mld-snooping { grouping instance-state-group-attributes-igmp-mld-snooping {
description description
"Attributes for both IGMP and MLD snooping groups."; "Attributes for both IGMP and MLD snooping groups.";
leaf mac-address { leaf mac-address {
type yang:phys-address; type yang:phys-address;
skipping to change at page 20, line 23 skipping to change at page 24, line 49
uses instance-state-source-attributes-igmp-mld-snooping; uses instance-state-source-attributes-igmp-mld-snooping;
leaf last-reporter { leaf last-reporter {
type inet:ipv4-address; type inet:ipv4-address;
description description
"Address of the last host which has sent report "Address of the last host which has sent report
to join the multicast group."; to join the multicast group.";
} }
list host { list host {
if-feature explicit-tracking; if-feature feature-explicit-tracking;
key "host-address"; key "host-address";
description description
"List of multicast membership hosts "List of multicast membership hosts
of the specific multicast source-group."; of the specific multicast source-group.";
leaf host-address { leaf host-address {
type inet:ipv4-address; type inet:ipv4-address;
description description
"Multicast membership host address."; "Multicast membership host address.";
} }
skipping to change at page 22, line 27 skipping to change at page 26, line 53
uses instance-state-source-attributes-igmp-mld-snooping; uses instance-state-source-attributes-igmp-mld-snooping;
leaf last-reporter { leaf last-reporter {
type inet:ipv6-address; type inet:ipv6-address;
description description
"Address of the last host which has sent report "Address of the last host which has sent report
to join the multicast group."; to join the multicast group.";
} }
list host { list host {
if-feature explicit-tracking; if-feature feature-explicit-tracking;
key "host-address"; key "host-address";
description description
"List of multicast membership hosts "List of multicast membership hosts
of the specific multicast source-group."; of the specific multicast source-group.";
leaf host-address { leaf host-address {
type inet:ipv6-address; type inet:ipv6-address;
description description
"Multicast membership host address."; "Multicast membership host address.";
} }
skipping to change at page 23, line 11 skipping to change at page 27, line 36
leaf-list bridge-outgoing-interface { leaf-list bridge-outgoing-interface {
when 'derived-from-or-self(../../../scenario,"ims:bridge")'; when 'derived-from-or-self(../../../scenario,"ims:bridge")';
type if:interface-ref; type if:interface-ref;
description "Outgoing interface in BRIDGE forwarding"; description "Outgoing interface in BRIDGE forwarding";
} }
leaf-list l2vpn-outgoing-ac { leaf-list l2vpn-outgoing-ac {
when 'derived-from-or-self(../../../scenario,"ims:l2vpn")'; when 'derived-from-or-self(../../../scenario,"ims:l2vpn")';
type if:interface-ref; type if:interface-ref;
description "Outgoing AC in L2VPN forwarding"; description "Outgoing Attachment Circuit (AC) in L2VPN
forwarding";
} }
leaf-list l2vpn-outgoing-pw { leaf-list l2vpn-outgoing-pw {
when 'derived-from-or-self(../../../scenario,"ims:l2vpn")'; when 'derived-from-or-self(../../../scenario,"ims:l2vpn")';
type pw:pseudowire-ref; type pw:pseudowire-ref;
description "Outgoing PW in L2VPN forwarding"; description "Outgoing Pseudo Wire (PW) in L2VPN forwarding";
} }
leaf up-time { leaf up-time {
type uint32; type uint32;
units seconds; units seconds;
mandatory true; mandatory true;
description description
"The time elapsed since L2 multicast record created"; "The time elapsed since L2 multicast record created";
} }
leaf expire { leaf expire {
type rt-types:timer-value-seconds16; type rt-types:timer-value-seconds16;
units seconds; units seconds;
description description
"The time left before multicast group timeout."; "The time left before multicast group timeout.";
} }
leaf host-count { leaf host-count {
if-feature explicit-tracking; if-feature feature-explicit-tracking;
type uint32; type uint32;
description description
"The number of host addresses."; "The number of host addresses.";
} }
} // instance-state-source-attributes-igmp-mld-snooping } // instance-state-source-attributes-igmp-mld-snooping
grouping igmp-snooping-statistics { grouping igmp-snooping-statistics {
description description
"The statistics attributes for IGMP snooping."; "The statistics attributes for IGMP snooping.";
leaf num-query { leaf num-query {
type yang:counter64; type yang:counter64;
description description
"The number of query messages."; "The number of query messages.";
reference
"RFC 2236, Section 2.1";
} }
leaf num-membership-report-v1 { leaf num-membership-report-v1 {
type yang:counter64; type yang:counter64;
description description
"The number of membership report v1 messages."; "The number of membership report v1 messages.";
reference
"RFC 3376, Section 4";
} }
leaf num-membership-report-v2 { leaf num-membership-report-v2 {
type yang:counter64; type yang:counter64;
description description
"The number of membership report v2 messages."; "The number of membership report v2 messages.";
reference
"RFC 3376, Section 4";
} }
leaf num-membership-report-v3 { leaf num-membership-report-v3 {
type yang:counter64; type yang:counter64;
description description
"The number of membership report v3 messages."; "The number of membership report v3 messages.";
reference
"RFC 3376, Section 4";
} }
leaf num-leave { leaf num-leave {
type yang:counter64; type yang:counter64;
description description
"The number of leave messages."; "The number of leave messages.";
reference
"RFC 3376, Section 4";
} }
leaf num-non-member-leave { leaf num-non-member-leave {
type yang:counter64; type yang:counter64;
description description
"The number of non member leave messages."; "The number of non member leave messages.";
reference
"RFC 3376, Section 4";
} }
leaf num-pim-hello { leaf num-pim-hello {
type yang:counter64; type yang:counter64;
description description
"The number of PIM hello messages."; "The number of PIM hello messages.";
reference
"RFC 7761, Section 4.9";
} }
} // igmp-snooping-statistics } // igmp-snooping-statistics
grouping mld-snooping-statistics { grouping mld-snooping-statistics {
description description
"The statistics attributes for MLD snooping."; "The statistics attributes for MLD snooping.";
leaf num-query { leaf num-query {
type yang:counter64; type yang:counter64;
description description
"The number of Multicast Listener Query messages."; "The number of Multicast Listener Query messages.";
skipping to change at page 24, line 54 skipping to change at page 29, line 15
} // igmp-snooping-statistics } // igmp-snooping-statistics
grouping mld-snooping-statistics { grouping mld-snooping-statistics {
description description
"The statistics attributes for MLD snooping."; "The statistics attributes for MLD snooping.";
leaf num-query { leaf num-query {
type yang:counter64; type yang:counter64;
description description
"The number of Multicast Listener Query messages."; "The number of Multicast Listener Query messages.";
reference
"RFC 3810, Section 5";
} }
leaf num-report-v1 { leaf num-report-v1 {
type yang:counter64; type yang:counter64;
description description
"The number of Version 1 Multicast Listener Report."; "The number of Version 1 Multicast Listener Report.";
reference
"RFC 3810, Section 5";
} }
leaf num-report-v2 { leaf num-report-v2 {
type yang:counter64; type yang:counter64;
description description
"The number of Version 2 Multicast Listener Report."; "The number of Version 2 Multicast Listener Report.";
reference
"RFC 3810, Section 5";
} }
leaf num-done { leaf num-done {
type yang:counter64; type yang:counter64;
description description
"The number of Version 1 Multicast Listener Done."; "The number of Version 1 Multicast Listener Done.";
reference
"RFC 3810, Section 5";
} }
leaf num-pim-hello { leaf num-pim-hello {
type yang:counter64; type yang:counter64;
description description
"The number of PIM hello messages."; "The number of PIM hello messages.";
reference
"RFC 7761, Section 4.9";
} }
} // mld-snooping-statistics } // mld-snooping-statistics
grouping igmp-snooping-interface-statistics-attributes { grouping igmp-snooping-interface-statistics-attributes {
description "Interface statistics attributes for IGMP snooping"; description "Interface statistics attributes for IGMP snooping";
container interfaces { container interfaces {
config false; config false;
skipping to change at page 27, line 33 skipping to change at page 31, line 36
"IGMP & MLD snooping augmentation to control plane protocol "IGMP & MLD snooping augmentation to control plane protocol
configuration and state."; configuration and state.";
/* /*
* igmp-snooping-instance * igmp-snooping-instance
*/ */
container igmp-snooping-instance { container igmp-snooping-instance {
when 'derived-from-or-self(../rt:type, "ims:igmp-snooping")' { when 'derived-from-or-self(../rt:type, "ims:igmp-snooping")' {
description description
"This container is only valid for IGMP snooping protocol."; "This container is only valid for IGMP snooping.";
} }
if-feature feature-igmp-snooping; if-feature feature-igmp-snooping;
description description
"IGMP snooping instance to configure the igmp-snooping."; "IGMP snooping instance to configure the igmp-snooping.";
leaf scenario { leaf scenario {
type snooping-scenario-type; type snooping-scenario-type;
default bridge; default bridge;
description description
"The scenario indicates BRIDGE or L2VPN."; "The scenario indicates BRIDGE or L2VPN.";
skipping to change at page 27, line 53 skipping to change at page 32, line 4
"The scenario indicates BRIDGE or L2VPN."; "The scenario indicates BRIDGE or L2VPN.";
} }
uses instance-config-attributes-igmp-snooping; uses instance-config-attributes-igmp-snooping;
uses instance-state-attributes-igmp-snooping; uses instance-state-attributes-igmp-snooping;
uses igmp-snooping-interface-statistics-attributes; uses igmp-snooping-interface-statistics-attributes;
} //igmp-snooping-instance } //igmp-snooping-instance
/* /*
* mld-snooping-instance * mld-snooping-instance
*/ */
container mld-snooping-instance { container mld-snooping-instance {
when 'derived-from-or-self(../rt:type, "ims:mld-snooping")' { when 'derived-from-or-self(../rt:type, "ims:mld-snooping")' {
description description
"This container is only valid for MLD snooping protocol."; "This container is only valid for MLD snooping.";
} }
if-feature feature-mld-snooping; if-feature feature-mld-snooping;
description description
"MLD snooping instance to configure the mld-snooping."; "MLD snooping instance to configure the mld-snooping.";
leaf scenario { leaf scenario {
type snooping-scenario-type; type snooping-scenario-type;
default bridge; default bridge;
description description
"The scenario indicates BRIDGE or L2VPN."; "The scenario indicates BRIDGE or L2VPN.";
skipping to change at page 28, line 34 skipping to change at page 32, line 35
uses instance-state-attributes-mld-snooping; uses instance-state-attributes-mld-snooping;
uses mld-snooping-interface-statistics-attributes; uses mld-snooping-interface-statistics-attributes;
}//mld-snooping-instance }//mld-snooping-instance
} }
augment "/dot1q:bridges/dot1q:bridge" { augment "/dot1q:bridges/dot1q:bridge" {
description description
"Reference IGMP & MLD snooping instance in BRIDGE scenario"; "Use IGMP & MLD snooping instance in BRIDGE scenario";
leaf igmp-snooping-instance { leaf igmp-snooping-instance {
type igmp-mld-snooping-instance-ref; type igmp-mld-snooping-instance-ref;
description description
"Configure IGMP snooping instance under bridge view"; "Configure IGMP snooping instance under bridge view";
} }
leaf mld-snooping-instance { leaf mld-snooping-instance {
type igmp-mld-snooping-instance-ref; type igmp-mld-snooping-instance-ref;
description description
"Configure MLD snooping instance under bridge view"; "Configure MLD snooping instance under bridge view";
} }
} }
augment "/dot1q:bridges/dot1q:bridge"+ augment "/dot1q:bridges/dot1q:bridge"+
"/dot1q:component/dot1q:bridge-vlan/dot1q:vlan" { "/dot1q:component/dot1q:bridge-vlan/dot1q:vlan" {
description description
"Reference IGMP & MLD snooping instance in BRIDGE scenario"; "Use IGMP & MLD snooping instance in certain VLAN of BRIDGE";
leaf igmp-snooping-instance { leaf igmp-snooping-instance {
type igmp-mld-snooping-instance-ref; type igmp-mld-snooping-instance-ref;
description description
"Configure IGMP snooping instance under VLAN view"; "Configure IGMP snooping instance under VLAN view";
} }
leaf mld-snooping-instance { leaf mld-snooping-instance {
type igmp-mld-snooping-instance-ref; type igmp-mld-snooping-instance-ref;
description description
"Configure MLD snooping instance under VLAN view"; "Configure MLD snooping instance under VLAN view";
} }
} }
augment "/ni:network-instances/ni:network-instance"+ augment "/ni:network-instances/ni:network-instance"+
"/ni:ni-type/l2vpn:l2vpn" { "/ni:ni-type/l2vpn:l2vpn" {
description description
"Reference IGMP & MLD snooping instance in L2VPN scenario"; "Use IGMP & MLD snooping instance in L2VPN scenario";
leaf igmp-snooping-instance { leaf igmp-snooping-instance {
type igmp-mld-snooping-instance-ref; type igmp-mld-snooping-instance-ref;
description description
"Configure IGMP snooping instance in L2VPN scenario"; "Configure IGMP snooping instance in L2VPN scenario";
} }
leaf mld-snooping-instance { leaf mld-snooping-instance {
type igmp-mld-snooping-instance-ref; type igmp-mld-snooping-instance-ref;
skipping to change at page 31, line 4 skipping to change at page 35, line 4
leaf source { leaf source {
type rt-types:ipv6-multicast-source-address; type rt-types:ipv6-multicast-source-address;
description description
"Multicast source IPv6 address. If it is not specified, "Multicast source IPv6 address. If it is not specified,
all MLD snooping source-group tables are cleared."; all MLD snooping source-group tables are cleared.";
} }
} }
} // rpc clear-mld-snooping-groups } // rpc clear-mld-snooping-groups
} }
<CODE ENDS> <CODE ENDS>
4. Security Considerations 5. Security Considerations
The YANG module specified in this document defines a schema for data The YANG module specified in this document defines a schema for data
that is designed to be accessed via network management protocols such as that is designed to be accessed via network management protocols such as
NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer is the NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer is the
secure transport layer, and the mandatory-to-implement secure transport secure transport layer, and the mandatory-to-implement secure transport
is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer is HTTPS, and is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer is HTTPS, and
the mandatory-to-implement secure transport is TLS [RFC5246]. the mandatory-to-implement secure transport is TLS [RFC8446].
The NETCONF access control model [RFC6536] provides the means to The Network Configuration Access Control Model (NACM) [RFC8341] provides
restrict access for particular NETCONF or RESTCONF users to a the means to restrict access for particular NETCONF or RESTCONF users to
preconfigured subset of all available NETCONF or RESTCONF protocol a preconfigured subset of all available NETCONF or RESTCONF protocol
operations and content. operations and content.
There are a number of data nodes defined in this YANG module that are There are a number of data nodes defined in this YANG module that are
writable/creatable/deletable (i.e., config true, which is the default). writable/creatable/deletable (i.e., config true, which is the default).
These data nodes may be considered sensitive or vulnerable in some These data nodes may be considered sensitive or vulnerable in some
network environments. Write operations (e.g., edit-config) to these data network environments. Write operations (e.g., edit-config) to these data
nodes without proper protection can have a negative effect on network nodes without proper protection can have a negative effect on network
operations. These are the subtrees and data nodes and their operations. These are the subtrees and data nodes and their
sensitivity/vulnerability: sensitivity/vulnerability:
/rt:routing/rt:control-plane-protocols/rt:control-plane-protocol/ims:igmp-snooping- /rt:routing/rt:control-plane-protocols
instance
/rt:routing/rt:control-plane-protocols/rt:control-plane-protocol/ims:mld-snooping- /rt:control-plane-protocol:/ims:igmp-snooping-instance
instance
/rt:routing/rt:control-plane-protocols
/rt:control-plane-protocol:/ims:mld-snooping-instance
The subtrees under /dot1q:bridges/dot1q:bridge The subtrees under /dot1q:bridges/dot1q:bridge
/dot1q:bridges/dot1q:bridge/ims:igmp-snooping-instance /dot1q:bridges/dot1q:bridge/ims:igmp-snooping-instance
/dot1q:bridges/dot1q:bridge/ims:mld-snooping-instance /dot1q:bridges/dot1q:bridge/ims:mld-snooping-instance
The subtrees under The subtrees under /dot1q:bridges/dot1q:bridge/dot1q:component
/dot1q:bridges/dot1q:bridge/dot1q:component/dot1q:bridge-vlan/dot1q:vlan /dot1q:bridge-vlan/dot1q:vlan
/dot1q:bridges/dot1q:bridge/dot1q:component/dot1q:bridge-vlan/dot1q:vlan/ims:igmp- /dot1q:bridges/dot1q:bridge/dot1q:component
snooping-instance
/dot1q:bridges/dot1q:bridge/dot1q:component/dot1q:bridge-vlan/dot1q:vlan/ims:mld-
snooping-instance
The subtrees under /ni:network-instances/ni:network-instance/ni:ni- /dot1q:bridge-vlan/dot1q:vlan/ims:igmp-snooping-instance
type/l2vpn:l2vpn
/dot1q:bridges/dot1q:bridge/dot1q:component
/dot1q:bridge-vlan/dot1q:vlan/ims:mld-snooping-instance
/ni:network-instances/ni:network-instance/ni:ni-type/l2vpn:l2vpn/ims:igmp-snooping-
instance
/ni:network-instances/ni:network-instance/ni:ni-type/l2vpn:l2vpn/ims:mld-snooping-
instance
Unauthorized access to any data node of these subtrees can adversely Unauthorized access to any data node of these subtrees can adversely
affect the IGMP & MLD Snooping subsystem of both the local device and affect the IGMP & MLD Snooping subsystem of both the local device and
the network. This may lead to network malfunctions, delivery of packets the network. This may lead to network malfunctions, delivery of packets
to inappropriate destinations, and other problems. to inappropriate destinations, and other problems.
Some of the readable data nodes in this YANG module may be considered Some of the readable data nodes in this YANG module may be considered
sensitive or vulnerable in some network environments. It is thus sensitive or vulnerable in some network environments. It is thus
important to control read access (e.g., via get, get-config, or important to control read access (e.g., via get, get-config, or
notification) to these data nodes. These are the subtrees and data nodes notification) to these data nodes. These are the subtrees and data nodes
and their sensitivity/vulnerability: and their sensitivity/vulnerability:
/rt:routing/rt:control-plane-protocols/rt:control-plane-protocol/ims:igmp-snooping- /rt:routing/rt:control-plane-protocols
instance
/rt:routing/rt:control-plane-protocols/rt:control-plane-protocol/ims:mld-snooping- /rt:control-plane-protocol:/ims:igmp-snooping-instance
instance
/rt:routing/rt:control-plane-protocols
/rt:control-plane-protocol:/ims:mld-snooping-instance
Unauthorized access to any data node of these subtrees can disclose the Unauthorized access to any data node of these subtrees can disclose the
operational state information of IGMP & MLD Snooping on this device. operational state information of IGMP & MLD Snooping on this device.
Some of the RPC operations in this YANG module may be considered Some of the RPC operations in this YANG module may be considered
sensitive or vulnerable in some network environments. It is thus sensitive or vulnerable in some network environments. It is thus
important to control access to these operations. The IGMP & MLD Snooping important to control access to these operations. These are the
Yang module support the "clear-igmp-snooping-groups" and " clear-mld- operations and their sensitivity/vulnerability:
snooping-groups" RPCs. If it meets unauthorized RPC operation
invocation, the IGMP and MLD Snooping group tables will be cleared
unexpectedly.
5. IANA Considerations ims:clear-igmp-snooping-groups
ims:clear-mld-snooping-groups
The IGMP & MLD Snooping YANG module supports the "clear-igmp-snooping-
groups" and "clear-mld-snooping-groups" RPCs. If it meets unauthorized
RPC operation invocation, the IGMP and MLD Snooping group tables will be
cleared unexpectedly.
6. IANA Considerations
RFC Ed.: In this section, replace all occurrences of 'XXXX' with the RFC Ed.: In this section, replace all occurrences of 'XXXX' with the
actual RFC number (and remove this note). actual RFC number (and remove this note).
This document registers the following namespace URIs in the IETF XML This document registers the following namespace URIs in the IETF XML
registry [RFC3688]: registry [RFC3688]:
-------------------------------------------------------------------- --------------------------------------------------------------------
skipping to change at page 33, line 18 skipping to change at page 38, line 4
name: ietf-igmp-mld-snooping name: ietf-igmp-mld-snooping
namespace: urn:ietf:params:xml:ns:yang:ietf-igmp-mld-snooping namespace: urn:ietf:params:xml:ns:yang:ietf-igmp-mld-snooping
prefix: ims prefix: ims
reference: RFC XXXX reference: RFC XXXX
-------------------------------------------------------------------- --------------------------------------------------------------------
7. References
6. Normative References 7.1. Normative References
[P802.1Qcp/D2.2] IEEE Approved Draft Standard for Local and
Metropolitan Area Networks, "Bridges and Bridged Networks Amendment:
YANG Data Model", Mar 2018
[RFC2236] Fenner, W., "Internet Group Management Protocol, Version [dot1Qcp] Holness, M., "IEEE 802.1Qcp-2018 Bridges and Bridged
2", RFC 2236, November 1997. Networks - Amendment: YANG Data Model", 2018.
[RFC2710] Deering, S., Fenner, W., and B. Haberman, "Multicast [RFC2236] W. Fenner, "Internet Group Management Protocol, Version 2",
Listener Discovery (MLD) for IPv6", RFC 2710, October 1999. RFC 2236, November 1997.
[RFC3376] Cain, B., Deering, S., Kouvelas, I., Fenner, B., and A. [RFC3376] Cain, B., Deering, S., Kouvelas, I., Fenner, B., and A.
Thyagarajan, "Internet Group Management Protocol, Version Thyagarajan, "Internet Group Management Protocol, Version
3", RFC 3376, October 2002. 3", RFC 3376, October 2002.
[RFC3688] Mealling, M., "The IETF XML Registry", RFC 3688, January
2004.
[RFC3810] Vida, R. and L. Costa, "Multicast Listener Discovery [RFC3810] Vida, R. and L. Costa, "Multicast Listener Discovery
Version 2 (MLDv2) for IPv6", RFC 3810, June 2004. Version 2 (MLDv2) for IPv6", RFC 3810, June 2004.
[RFC4541] M. Christensen, K. Kimball, F. Solensky, "Considerations [RFC4286] B. Haberman and J. Martin, "Multicast Router Discovery",
for Internet Group Management Protocol (IGMP) and Multicast RFC 4286, December 2005.
Listener Discovery (MLD) Snooping Switches", RFC 4541, May
2006.
[RFC4604] Holbrook, H., Cain, B., and B. Haberman, "Using Internet [RFC4604] Holbrook, H., Cain, B., and B. Haberman, "Using Internet
Group Management Protocol Version 3 (IGMPv3) and Multicast Group Management Protocol Version 3 (IGMPv3) and Multicast
Listener Discovery Protocol Version 2 (MLDv2) for Source- Listener Discovery Protocol Version 2 (MLDv2) for Source-
Specific Multicast", RFC 4604, August 2006. Specific Multicast", RFC 4604, August 2006.
[RFC4607] Holbrook, H. and B. Cain, "Source-Specific Multicast for [RFC4607] Holbrook, H. and B. Cain, "Source-Specific Multicast for
IP", RFC 4607, August 2006. IP", RFC 4607, August 2006.
[RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for
the Network Configuration Protocol (NETCONF)", RFC 6020, the Network Configuration Protocol (NETCONF)", RFC 6020,
October 2010. October 2010.
[RFC6021] Schoenwaelder, J., Ed., "Common YANG Data Types", RFC 6021, [RFC6241] R. Enns, Ed., M. Bjorklund, Ed., J. Schoenwaelder, Ed., A.
October 2010. Bierman, Ed., "Network Configuration Protocol (NETCONF)",
RFC 6241, June 2011.
[RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure
Shell (SSH)", RFC 6242, June 2011.
[RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", RFC 6991, [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", RFC 6991,
July 2013. July 2013.
[RFC7950] M. Bjorklund, Ed., "The YANG 1.1 Data Modeling Language",
RFC 7950, August 2016.
[RFC7951] L. Lhotka, "JSON Encoding of Data Modeled with YANG", RFC
7951, August 2016.
[RFC8040] A. Bierman, M. Bjorklund, K. Watsen, "RESTCONF Protocol",
RFC 8040, January 2017.
[RFC8294] X. Liu, Y. Qu, A. Lindem, C. Hopps, L. Berger, "Common YANG
Data Types for the Routing Area", RFC 8294, December 2017.
[RFC8340] M. Bjorklund, and L. Berger, Ed., "YANG Tree Diagrams", RFC
8340, March 2018.
[RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration Access
Control Model", RFC 8341, March 2018.
[RFC8342] M. Bjorklund and J. Schoenwaelder, "Network Management [RFC8342] M. Bjorklund and J. Schoenwaelder, "Network Management
Datastore Architecture (NMDA)", RFC 8342, March 2018. Datastore Architecture (NMDA)", RFC 8342, March 2018.
[RFC8343] M. Bjorklund, "A YANG Data Model for Interface Management", [RFC8343] M. Bjorklund, "A YANG Data Model for Interface Management",
RFC 8343, March 2018. RFC 8343, March 2018.
[draft-ietf-pim-igmp-mld-yang-06] X. Liu, F. Guo, M. Sivakumar, P. [RFC8344] M. Bjorklund, "A YANG Data Model for IP Management", RFC
McAllister, A. Peter, "A YANG data model for Internet Group 8344, March 2018.
Management Protocol (IGMP) and Multicast Listener Discovery
(MLD)", draft-ietf-pim-igmp-mld-yang-06, Oct 20, 2017.
[draft-bjorklund-netmod-rfc7223bis-00] M. Bjorklund, "A YANG Data [RFC8349] L. Lhotka, A. Lindem, Y. Qu, "A YANG Data Model for Routing
Model for Interface Management", draft-bjorklund-netmod- Management (NMDA Version)", RFC 8349, March 2018.
rfc7223bis-00, August 21, 2017
[draft-bjorklund-netmod-rfc7277bis-00] M. Bjorklund, "A YANG Data [RFC8407] A. Bierman, "Guidelines for Authors and Reviewers of
Model for IP Management", draft-bjorklund-netmod- Documents Containing YANG Data Models", RFC 8407, October
rfc7277bis-00, August 21, 2017 2018.
[draft-ietf-netmod-revised-datastores-03] M. Bjorklund, J. [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
Schoenwaelder, P. Shafer, K. Watsen, R. Wilton, "Network Version 1.3", RFC 8446, August 2018.
Management Datastore Architecture", draft-ietf-netmod-
revised-datastores-03, July 3, 2017
[draft-ietf-bess-evpn-yang-02] P.Brissette, A. Sajassi, H. Shah, Z. [RFC8529] L. Berger, C. Hopps, A. Lindem, D. Bogdanovic, X. Liu,
Li, H. Chen, K. Tiruveedhula, I. Hussain, J. Rabadan, "Yang "YANG Data Model for Network Instances", RFC 8529, March
Data Model for EVPN", draft-ietf-bess-evpn-yang-02, March 2019.
13, 2017
[draft-ietf-bess-l2vpn-yang-08] H. Shah, P. Brissette, I. Chen, I. [RFC8652] X. Liu, F. Guo, M. Sivakumar, P. McAllister, A. Peter, "A
Hussain, B. Wen, K. Tiruveedhula, "YANG Data Model for YANG Data Model for the Internet Group Management Protocol
MPLS-based L2VPN", draft-ietf-bess-l2vpn-yang-06.txt, (IGMP) and Multicast Listener Discovery (MLD)", RFC 8652,
February 17, 2018 November 2019.
[draft-ietf-rtgwg-ni-model-12] L. Berger, C. Hopps, A. Lindem, X. [draft-ietf-bess-l2vpn-yang] Shah, H., Brissette, P., Chen, I.,
Liu, "YANG Model for Network Instances", draft-ietf-rtgwg- Hussain, I., Wen, B., and K. Tiruveedhula, "YANG Data Model
ni-model-12.txt, March 19, 2018 for MPLS-basedL2VPN", draft-ietf-bess-l2vpn-yang-10 (work
in progress), July 2019.
7.2. Informative References
[RFC3916] X. Xiao, Ed., D. McPherson, Ed., P. Pate, Ed.,
"Requirements for Pseudo-Wire Emulation Edge-to-Edge
(PWE3)", RFC 3916, September 2004.
[RFC4541] M. Christensen, K. Kimball, F. Solensky, "Considerations
for Internet Group Management Protocol (IGMP) and Multicast
Listener Discovery (MLD) Snooping Switches", RFC 4541, May
2006.
[RFC6636] H. Asaeda, H. Liu, Q. Wu, "Tuning the Behavior of the
Internet Group Management Protocol (IGMP) and Multicast
Listener Discovery (MLD) for Routers in Mobile and Wireless
Networks", RFC 6636, May 2012.
Appendix A. Data Tree Example Appendix A. Data Tree Example
A.1 Bridge scenario A.1 Bridge scenario
This section contains an example for bridge scenario in the JSON This section contains an example for bridge scenario in the JSON
encoding [RFC7951], containing both configuration and state data. encoding [RFC7951], containing both configuration and state data.
+-----------+ +-----------+
+ Source + + Source +
+-----+-----+ +-----+-----+
| |
-----------------+---------------------------- -----------------+----------------------------
|eth1/1 |eth1/1
+---+---+ +---+---+
+ R1 + + R1 +
+-+---+-+ +-+---+-+
eth1/2 | \ eth1/3 eth1/2 | \ eth1/3
| \ | \
| \ | \
| \ | \
| \ | \
eth2/1 | \ eth3/1 eth2/1 | \ eth3/1
+---+---+ +--+---+ +---+---+ +--+---+
+ R2 + + R3 + + R2 + + R3 +
+---+---+ +--+---+ +---+---+ +--+---+
eth2/2 | | eth3/2 eth2/2 | | eth3/2
| | | |
---------------+----------+------------------- ---------------+----------+-------------------
| | | |
| | | |
+--------+--+ +---+--------+ +--------+--+ +---+--------+
+ Receiver1 + + Receiver2 + + Receiver1 + + Receiver2 +
+-----------+ +------------+ +-----------+ +------------+
The configuration data for R1 in the above figure could be as follows: The configuration data for R1 in the above figure could be as follows:
{ {
"ietf-interfaces:interfaces":{ "ietf-interfaces:interfaces":{
"interface":[ "interface":[
{ {
"name":"eth1/1", "name":"eth1/1",
"type":"iana-if-type:ethernetCsmacd" "type":"iana-if-type:ethernetCsmacd"
} }
skipping to change at page 38, line 19 skipping to change at page 44, line 19
+-----------+ +-----------+
+ Source + + Source +
+-----+-----+ +-----+-----+
| |
-----------------+---------------------------- -----------------+----------------------------
|eth1/1 |eth1/1
+---+---+ +---+---+
+ R1 + + R1 +
+-+---+-+ +-+---+-+
eth1/2 | \ eth1/3 eth1/2 | \ eth1/3
| \ | \
| \ | \
| \ | \
| \ | \
eth2/1 | \ eth3/1 eth2/1 | \ eth3/1
+---+---+ +-+---+ +---+---+ +-+---+
+ R2 +---+ R3 + + R2 +----+ R3 +
+---+---+ +-+---+ +---+---+ +-+---+
eth2/2 | | eth3/2 eth2/2 | | eth3/2
| | | |
---------------+----------+------------------- ---------------+----------+-------------------
| | | |
| | | |
+--------+--+ +---+--------+ +--------+--+ +---+--------+
+ Receiver1 + + Receiver2 + + Receiver1 + + Receiver2 +
+-----------+ +------------+ +-----------+ +------------+
The configuration data for R1 in the above figure could be as follows: The configuration data for R1 in the above figure could be as follows:
{ {
"ietf-interfaces:interfaces":{ "ietf-interfaces:interfaces":{
"interface":[ "interface":[
{ {
"name":"eth1/1", "name":"eth1/1",
"type":"iana-if-type:ethernetCsmacd" "type":"iana-if-type:ethernetCsmacd"
} }
] ]
 End of changes. 169 change blocks. 
389 lines changed or deleted 642 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/