A YANG Data Model for
Routing ManagementCZ.NIClhotka@nic.czCisco Systemsacee@cisco.com
Operations and Management
NETMOD Working GroupconfigurationIPv6 router advertisementsNETCONFRESTCONFThis document contains a specification of three YANG modules
and one submodule. Together they form the core routing data
model that serves as a framework for configuring and managing a
routing subsystem. It is expected that these modules will be
augmented by additional YANG modules defining data models for
control-plane protocols, route filters, and other functions. The core
routing data model provides common building blocks for such
extensions -- routes, Routing Information Bases (RIBs), and
control-plane protocols.This document contains a specification of the following YANG
modules:
The "ietf-routing" module provides generic components of a
routing data model.The "ietf-ipv4-unicast-routing" module augments the
"ietf-routing" module with additional data specific to IPv4
unicast.The "ietf-ipv6-unicast-routing" module augments the
"ietf-routing" module with additional data specific to IPv6
unicast. Its submodule "ietf-ipv6-router-advertisements" also
augments the "ietf-interfaces" and
"ietf-ip" modules with IPv6 router
configuration variables required by .These modules together define the so-called core routing data
model, which is intended as a basis for future data model
development covering more-sophisticated routing systems. While
these three modules can be directly used for simple IP devices
with static routing (see ), their
main purpose is to provide essential building blocks for more-complicated data models involving multiple control-plane protocols,
multicast routing, additional address families, and advanced
functions such as route filtering or policy routing.
To this
end, it is expected that the core routing data model will be
augmented by numerous modules developed by various IETF working
groups.The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL"
in this document are to be interpreted as described in .The following terms are defined in :
clientmessageprotocol operationserverThe following terms are defined in :
actionaugmentconfiguration datacontainercontainer with presencedata modeldata nodefeatureleaflistmandatory nodemoduleschema treestate dataRPC (Remote Procedure Call) operation YANG data model
comprising "ietf-routing", "ietf-ipv4-unicast-routing", and
"ietf-ipv6-unicast-routing" modules.a route to a directly connected
network.An object
containing a list of routes together with other
information. See for details.An entry of a list in
state data ("config false") that is created by the system
independently of what has been explicitly configured. See
for details.An entry of a list in
state data ("config false") that is created and deleted as a
direct consequence of certain configuration changes. See
for details.A simplified graphical representation of the complete data
tree is presented in , and similar
diagrams of its various subtrees appear in the main text.Brackets "[" and "]" enclose list keys.Curly braces "{" and "}" contain names of optional features that
make the corresponding node conditional.Abbreviations before data node names: "rw" means configuration
(read-write), "ro" state data (read-only), "-x" RPC operations or
actions, and "-n" notifications.Symbols after data node names: "?" means an optional node, "!" a
container with presence, and "*" denotes a "list" or "leaf-list".Parentheses enclose choice and case nodes, and case nodes are
also marked with a colon (":").Ellipsis ("...") stands for contents of subtrees that are not
shown.In this document, names of data nodes, actions, and other
data model objects are often used without a prefix, as long as
it is clear from the context in which YANG module each name is
defined. Otherwise, names are prefixed using the standard prefix
associated with the corresponding YANG module, as shown in .PrefixYANG moduleReferenceifietf-interfacesipietf-iprtietf-routingv4urietf-ipv4-unicast-routingv6urietf-ipv6-unicast-routingyangietf-yang-typesinetietf-inet-typesThe initial design of the core routing data model was driven by
the following objectives:
The data model should be suitable for the common address
families -- in particular, IPv4 and IPv6 -- and for unicast and
multicast routing, as well as Multiprotocol Label Switching
(MPLS).A simple IP routing system, such as one that uses only
static routing, should be configurable in a simple way,
ideally without any need to develop additional YANG
modules.On the other hand, the core routing framework must allow
for complicated implementations involving multiple Routing
Information Bases (RIBs) and multiple control-plane protocols, as
well as controlled redistributions of routing information.
Because device vendors will want to map the data models built on this
generic framework to their proprietary data models and
configuration interfaces, the framework should be
flexible enough to facilitate that and accommodate data
models with different logic.The core routing data model consists of three YANG modules
and one submodule. The first module, "ietf-routing", defines the
generic components of a routing system. The other two modules,
"ietf-ipv4-unicast-routing" and "ietf-ipv6-unicast-routing",
augment the "ietf-routing" module with additional data nodes
that are needed for IPv4 and IPv6 unicast routing,
respectively. The "ietf-ipv6-unicast-routing" module has a
submodule, "ietf-ipv6-router-advertisements", that augments the
"ietf-interfaces" and "ietf-ip" modules with configuration variables for IPv6
router advertisements as required by . Figures and show abridged views of the configuration and
state data hierarchies. See for
the complete data trees.As can be seen from Figures and , the core routing data model introduces
several generic components of a routing framework: routes, RIBs
containing lists of routes, and control-plane protocols. describes these components in
more detail.The core routing data model defines several lists in the
schema tree, such as "rib", that have to be populated with at
least one entry in any properly functioning device, and
additional entries may be configured by a client.In such a list, the server creates the required item as a
so-called system-controlled entry in state data, i.e., inside
the "routing-state" container.An example can be seen in : the
"/routing-state/ribs/rib" list has two
system-controlled entries named "ipv4-master" and
"ipv6-master".Additional entries may be created in the configuration by
a client, e.g., via the NETCONF protocol. These are so-called
user-controlled entries. If the server accepts a configured
user-controlled entry, then this entry also appears in the
state data version of the list.Corresponding entries in both versions of the list (in
state data and configuration) have the same value of the list
key.A client may also provide supplemental configuration of
system-controlled entries. To do so, the client creates a new
entry in the configuration with the desired contents. In order
to bind this entry to the corresponding entry in the state
data list, the key of the configuration entry has to be set to
the same value as the key of the state entry.Deleting a user-controlled entry from the configuration list
results in the removal of the corresponding entry in the
state data list. In contrast, if a system-controlled
entry is deleted from the configuration list, only the extra
configuration specified in that entry is removed but the
corresponding state data entry remains in the list.This section describes the essential components of the core
routing data model.Routes are basic elements of information in a routing
system. The core routing data model defines only the following
minimal set of route attributes:
"destination-prefix": address prefix specifying the set
of destination addresses for which the route may be
used. This attribute is mandatory."route-preference": an integer value (also known as
administrative distance) that is used for selecting a
preferred route among routes with the same destination
prefix. A lower value means a more preferred route."next-hop": determines the outgoing interface and/or
next-hop address(es), or a special operation to be performed with a
packet.Routes are primarily state data that appear as entries of
RIBs () but they may also be found in
configuration data, for example, as manually configured static
routes. In the latter case, configurable route attributes are
generally a subset of attributes defined for RIB routes.Every implementation of the core routing data model manages
one or more Routing Information Bases (RIBs). A RIB is a list
of routes complemented with administrative data. Each RIB
contains only routes of one address family. An address family
is represented by an identity derived from the
"rt:address-family" base identity.In the core routing data model, RIBs are state data
represented as entries of the list
"/routing-state/ribs/rib". The contents of
RIBs are controlled and manipulated by control-plane protocol
operations that may result in route additions, removals, and
modifications. This also includes manipulations via the
"static" and/or "direct" pseudo-protocols; see .For every supported address family, exactly one RIB MUST be
marked as the so-called default RIB to which control-plane
protocols place their routes by default.Simple router implementations that do not advertise the
feature "multiple-ribs" will typically create one
system-controlled RIB per supported address family and mark
it as the default RIB.More-complex router implementations advertising the
"multiple-ribs" feature support multiple RIBs per address
family that can be used for policy routing and other
purposes.The following action (see Section 7.15 of ) is defined for the "rib" list:
active-route -- return the active RIB route for the
destination address that is specified as the action's input
parameter.The core routing data model provides an open-ended
framework for defining multiple control-plane protocol
instances, e.g., for Layer 3 routing protocols. Each control-plane protocol instance MUST be assigned a type, which is an
identity derived from the "rt:control&nbhy;plane-protocol" base
identity. The core routing data model defines two identities
for the direct and static pseudo-protocols ().Multiple control-plane protocol instances of the same type MAY be
configured.The core routing data model defines two special routing
protocol types -- "direct" and "static". Both are in fact
pseudo-protocols, which means that they are confined to the
local device and do not exchange any routing information
with adjacent routers.Every implementation of the core routing data model MUST
provide exactly one instance of the "direct" pseudo-protocol
type. It is the source of direct routes for all configured
address families. Direct routes are normally supplied by the
operating system kernel, based on the configuration of
network interface addresses; see .A pseudo-protocol of the type "static" allows for specifying
routes manually. It MAY be configured in zero or multiple
instances, although a typical configuration will have exactly
one instance.It is expected that future YANG modules will create data
models for additional control-plane protocol types. Such a new
module has to define the protocol-specific configuration and
state data, and it has to integrate it into the core routing
framework in the following way:
A new identity MUST be defined for the control-plane protocol,
and its base identity MUST be set to "rt:control-plane-protocol"
or to an identity derived from "rt:control&nbhy;plane-protocol".Additional route attributes MAY be defined, preferably in
one place by means of defining a YANG grouping. The new
attributes have to be inserted by augmenting the definitions
of the nodes
and
and possibly other places in the configuration, state
data, notifications, and input/output parameters of
actions or RPC operations.Configuration parameters and/or state data for the new
protocol can be defined by augmenting the
"control-plane-protocol" data node under both "/routing"
and "/routing-state".By using a "when" statement, the augmented configuration
parameters and state data specific to the new protocol
SHOULD be made conditional and valid only if the value of
"rt:type" or "rt:source&nbhy;protocol" is equal to (or derived
from) the new protocol's identity.It is also RECOMMENDED that protocol-specific data nodes
be encapsulated in an appropriately named container with
presence. Such a container may contain mandatory data nodes
that are otherwise forbidden at the top level of an
augment.The above steps are implemented by the example YANG
module for the Routing Information Protocol (RIP) in .YANG module "ietf-ipv6-router-advertisements" (), which is a submodule of the
"ietf-ipv6-unicast-routing" module, augments the configuration
and state data of IPv6 interfaces with definitions of the
following variables as required by Section 6.2.1 of :
send-advertisementsmax-rtr-adv-intervalmin-rtr-adv-intervalmanaged-flagother-config-flaglink-mtureachable-timeretrans-timercur-hop-limitdefault-lifetimeprefix-list: a list of prefixes to be advertised.The
following parameters are associated with each prefix in the
list:
valid-lifetimeon-link-flagpreferred-lifetimeautonomous-flagNOTES:The "IsRouter" flag, which is also required by , is implemented in the "ietf-ip" module
(leaf "ip:forwarding").The original specification
allows the implementations to decide whether the
"valid-lifetime" and "preferred-lifetime" parameters remain
the same in consecutive advertisements or decrement in real
time. However, the latter behavior seems problematic because
the values might be reset again to the (higher) configured
values after a configuration is reloaded. Moreover, no
implementation is known to use the decrementing
behavior. The "ietf-ipv6-router-advertisements" submodule
therefore stipulates the former behavior with constant
values.The semantics of the core routing data model also depends on
several configuration parameters that are defined in other YANG
modules.The following boolean switch is defined in the
"ietf-interfaces" YANG module :
If this switch is set to "false" for a network-layer
interface, then all routing and forwarding functions MUST
be disabled on this interface.
The following boolean switches are defined in the "ietf-ip"
YANG module :
If this switch is set to "false" for a network-layer
interface, then all IPv4 routing and forwarding functions
MUST be disabled on this interface.
If this switch is set to "false" for a network-layer
interface, then the forwarding of IPv4 datagrams through
this interface MUST be disabled. However, the interface MAY
participate in other IPv4 routing functions, such as routing
protocols.
If this switch is set to "false" for a network-layer
interface, then all IPv6 routing and forwarding functions
MUST be disabled on this interface.
If this switch is set to "false" for a network-layer
interface, then the forwarding of IPv6 datagrams through
this interface MUST be disabled. However, the interface MAY
participate in other IPv6 routing functions, such as routing
protocols.
In addition, the "ietf-ip" module allows for configuring IPv4
and IPv6 addresses and network prefixes or masks on network-layer
interfaces. Configuration of these parameters on an
enabled interface MUST result in an immediate creation of the
corresponding direct route. The destination prefix of this route
is set according to the configured IP address and network
prefix/mask, and the interface is set as the outgoing interface
for that route.This document registers the following namespace URIs in the
"IETF XML Registry" :This document registers the following YANG modules in the "YANG
Module Names" registry :This document registers the following YANG submodule in the "YANG
Module Names" registry :Configuration and state data conforming to the core routing
data model (defined in this document) are designed to be
accessed via a management protocol with a secure transport layer,
such as NETCONF . The NETCONF access
control model provides the means to
restrict access for particular NETCONF users to a preconfigured
subset of all available NETCONF protocol operations and
content.A number of configuration data nodes defined in the YANG
modules belonging to the core routing data model are
writable/creatable/deletable (i.e., "config true" in YANG terms,
which is the default). These data nodes may be considered
sensitive or vulnerable in some network environments. Write
operations to these data nodes, such as "edit-config" in
NETCONF, can have negative effects on the network if the
protocol operations are not properly protected.The vulnerable "config true" parameters and subtrees are the
following:
This
list specifies the control-plane protocols configured on a
device.This list
specifies the RIBs configured for the device.
Unauthorized access to any of these lists can adversely affect the
routing subsystem of both the local device and the network. This
may lead to network malfunctions, delivery of packets to
inappropriate destinations, and other problems.This appendix presents the complete configuration and
state data trees of the core routing data model.
See for an explanation of the
symbols used. The data type of every leaf node is shown near the right
end of the corresponding line.Some parts and options of the core routing model, such as
user-defined RIBs, are intended only for advanced routers. This
appendix gives basic non-normative guidelines for implementing a
bare minimum of available functions. Such an implementation may
be used for hosts or very simple routers.A minimum implementation does not support the feature
"multiple&nbhy;ribs". This means that a single system-controlled RIB
is available for each supported address family -- IPv4, IPv6, or
both. These RIBs are also the default RIBs. No user-controlled
RIBs are allowed.In addition to the mandatory instance of the "direct"
pseudo-protocol, a minimum implementation should support
configuring instance(s) of the "static" pseudo-protocol.For hosts that are never intended to act as routers, the
ability to turn on sending IPv6 router advertisements () should be removed.Platforms with severely constrained resources may use
deviations for restricting the data model, e.g., limiting the
number of "static" control-plane protocol instances.This appendix demonstrates how the core routing data model
can be extended to support a new control-plane protocol. The YANG
module "example-rip" shown below is intended as an illustration
rather than a real definition of a data model for the Routing
Information Protocol (RIP). For the sake of brevity, this module does not
obey all the guidelines specified in . See also .This section contains an example of an instance data tree in the
JSON encoding ,
containing both configuration and state data. The data conforms
to a data model that is defined by the following YANG library
specification :
A simple network setup as shown in is assumed: router "A" uses static default
routes with the "ISP" router as the next hop. IPv6 router
advertisements are configured only on the "eth1" interface and
disabled on the upstream "eth0" interface.The instance data tree could then be as follows:The authors wish to thank Nitin Bahadur, Martin Bjorklund,
Dean Bogdanovic, Jeff Haas, Joel Halpern, Wes Hardaker,
Sriganesh Kini, David Lamparter, Andrew McGregor, Jan Medved,
Xiang Li, Stephane Litkowski, Thomas Morin, Tom Petch,
Yingzhen Qu, Bruno Rijsman, Juergen Schoenwaelder, Phil Shafer,
Dave Thaler, Yi Yang, Derek Man&nbhy;Kit Yeung, and Jeffrey Zhang for
their helpful comments and suggestions.