Tech-invite3GPPspaceIETFspace
959493929190898887868584838281807978777675747372717069686766656463626160595857565554535251504948474645444342414039383736353433323130292827262524232221201918171615141312111009080706050403020100
in Index   Prev   Next

RFC 8347

A YANG Data Model for the Virtual Router Redundancy Protocol (VRRP)

Pages: 45
Proposed Standard
Part 1 of 2 – Pages 1 to 12
None   None   Next

Top   ToC   RFC8347 - Page 1
Internet Engineering Task Force (IETF)                       X. Liu, Ed.
Request for Comments: 8347                                   A. Kyparlis
Category: Standards Track                                          Jabil
ISSN: 2070-1721                                                R. Parikh
                                                                  VMware
                                                               A. Lindem
                                                           Cisco Systems
                                                                M. Zhang
                                                     Huawei Technologies
                                                              March 2018


  A YANG Data Model for the Virtual Router Redundancy Protocol (VRRP)

Abstract

This document describes a data model for the Virtual Router Redundancy Protocol (VRRP). Both versions 2 and 3 of VRRP are covered. Status of This Memo This is an Internet Standards Track document. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 7841. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at https://www.rfc-editor.org/info/rfc8347. Copyright Notice Copyright (c) 2018 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
Top   ToC   RFC8347 - Page 2

Table of Contents

1. Introduction ....................................................2 1.1. Terminology ................................................2 1.2. Tree Diagrams ..............................................3 1.3. Prefixes in Data Node Names ................................3 2. Design of the Data Model ........................................3 2.1. Scope of the Model .........................................3 2.2. Relationships with the Interface Model and IP Model ........4 2.3. Protocol Configuration .....................................5 2.4. Protocol States ............................................6 2.5. Notifications ..............................................9 3. Tree Structure .................................................10 4. YANG Module ....................................................13 5. IANA Considerations ............................................35 6. Security Considerations ........................................36 7. References .....................................................37 7.1. Normative References ......................................37 7.2. Informative References ....................................38 Appendix A. Data Tree Example .....................................40 Authors' Addresses ................................................45

1. Introduction

This document introduces a YANG data model [RFC6020] [RFC7950] for the Virtual Router Redundancy Protocol (VRRP) [RFC3768] [RFC5798]. VRRP provides higher resiliency by specifying an election protocol that dynamically assigns responsibility for a virtual router to one of the VRRP routers on a LAN. The YANG module specified in this document supports both versions 2 and 3 of VRRP. VRRP version 2 (defined in [RFC3768]) supports IPv4. VRRP version 3 (defined in [RFC5798]) supports both IPv4 and IPv6.

1.1. Terminology

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.
Top   ToC   RFC8347 - Page 3
   The following terms are defined in [RFC7950] and are not redefined
   here:

   o  augment

   o  data model

   o  data node

1.2. Tree Diagrams

A simplified graphical representation of the data model is used in this document. The meaning of the symbols in these diagrams is defined in [RFC8340].

1.3. Prefixes in Data Node Names

In this document, names of data nodes, actions, and other data model objects are often used without a prefix, as long as it is clear from the context in which YANG module each name is defined. Otherwise, names are prefixed using the standard prefix associated with the corresponding YANG module, as shown in Table 1. +--------+-----------------+-----------+ | Prefix | YANG module | Reference | +--------+-----------------+-----------+ | yang | ietf-yang-types | [RFC6991] | | inet | ietf-inet-types | [RFC6991] | | if | ietf-interfaces | [RFC8343] | | ip | ietf-ip | [RFC8344] | +--------+-----------------+-----------+ Table 1: Prefixes and Corresponding YANG Modules

2. Design of the Data Model

2.1. Scope of the Model

The model covers VRRP version 2 [RFC3768] and VRRP version 3 [RFC5798]. The model is designed to be implemented on a device where VRRP version 2 or 3 is implemented. With the help of a proper management protocol, the defined model can be used to: o Configure VRRP version 2 or 3. o Manage the protocol operational behavior.
Top   ToC   RFC8347 - Page 4
   o  Retrieve the protocol operational status.

   o  Receive the protocol notifications.

2.2. Relationships with the Interface Model and IP Model

This model augments the interface data model "ietf-interfaces" [RFC8343] and the IP management model "ietf-ip" [RFC8344]. The augmentation relationships are shown as follows: module: ietf-interfaces +--rw interfaces +--rw interface* [name] ... +--rw ip:ipv4! | +--rw ip:address* [ip] ... | +--rw vrrp:vrrp | +--rw vrrp:vrrp-instance* [vrid] | +--rw vrrp:vrid uint8 | +--rw vrrp:virtual-ipv4-addresses ... +--rw ip:ipv6! +--rw ip:address* [ip] ... +--rw vrrp:vrrp +--rw vrrp:vrrp-instance* [vrid] +--rw vrrp:vrid uint8 +--rw vrrp:virtual-ipv6-addresses ... In the above figure, a tree node without a prefix is from the model "ietf-interfaces". A tree node with prefix "ip:" is from the model "ietf-ip". A tree node with prefix "vrrp:" is from the VRRP model specified in this document. The "vrrp" container contains a list of vrrp-instance nodes, which are instantiated under an interface for a specified address family (IPv4 or IPv6). Each vrrp-instance node represents a VRRP router state machine, as described in Section 6.4 of [RFC5798], providing the configuration and state information for the election process of a virtual router. The IP addresses on the augmented interface are the real addresses through which the VRRP router operates. The IPv4 or IPv6 address or addresses associated with a virtual router (described in Section 1 of [RFC5798]) are modeled as a list of IPv4 or IPv6 addresses under the vrrp-instance.
Top   ToC   RFC8347 - Page 5

2.3. Protocol Configuration

The model structure for the protocol configuration is as shown below: augment /if:interfaces/if:interface/ip:ipv4: +--rw vrrp +--rw vrrp-instance* [vrid] +--rw vrid uint8 | ... +--rw track | +--rw interfaces | | +--rw interface* [interface] | | +--rw interface if:interface-ref | | ... | +--rw networks | +--rw network* [prefix] | +--rw prefix inet:ipv4-prefix | ... +--rw virtual-ipv4-addresses +--rw virtual-ipv4-address* [ipv4-address] +--rw ipv4-address inet:ipv4-address augment /if:interfaces/if:interface/ip:ipv6: +--rw vrrp +--rw vrrp-instance* [vrid] +--rw vrid uint8 | ... +--rw track | +--rw interfaces | | +--rw interface* [interface] | | +--rw interface if:interface-ref | | ... | +--rw networks | +--rw network* [prefix] | +--rw prefix inet:ipv6-prefix | ... +--rw virtual-ipv6-addresses +--rw virtual-ipv6-address* [ipv6-address] +--rw ipv6-address inet:ipv6-address
Top   ToC   RFC8347 - Page 6
   The model allows the following protocol entities to be configured:

   o  VRRP instance (version 2 or 3), representing a VRRP router.

   o  Virtual IPv4 or IPv6 address associated with a virtual router.

   o  Tracking interface, to detect interface connectivity failures.

   o  Tracking network, to detect network connectivity failures.

2.4. Protocol States

The model structure for the protocol states is as shown below: module: ietf-vrrp +--ro vrrp | // global operational states +--ro virtual-routers? uint32 +--ro interfaces? uint32 +--ro statistics // global statistics +--ro discontinuity-datetime? yang:date-and-time +--ro checksum-errors? yang:counter64 +--ro version-errors? yang:counter64 +--ro vrid-errors? yang:counter64 +--ro ip-ttl-errors? yang:counter64 augment /if:interfaces/if:interface/ip:ipv4: +--rw vrrp +--rw vrrp-instance* [vrid] +--rw vrid uint8 | ... +--rw track | +--rw interfaces | | +--rw interface* [interface] | | +--rw interface if:interface-ref | | ... | +--rw networks | +--rw network* [prefix] | +--rw prefix inet:ipv4-prefix | ...
Top   ToC   RFC8347 - Page 7
             +--rw virtual-ipv4-addresses
             |  +--rw virtual-ipv4-address* [ipv4-address]
             |     +--rw ipv4-address    inet:ipv4-address
             |
             |     // per-instance operational states
             +--ro state?                         identityref
             +--ro is-owner?                      boolean
             +--ro last-adv-source?               inet:ip-address
             +--ro up-datetime?                   yang:date-and-time
             +--ro master-down-interval?          uint32
             +--ro skew-time?                     uint32
             +--ro last-event?                    identityref
             +--ro new-master-reason?             new-master-reason-type
             +--ro statistics                // per-instance statistics
                +--ro discontinuity-datetime?    yang:date-and-time
                +--ro master-transitions?        yang:counter32
                +--ro advertisement-rcvd?        yang:counter64
                +--ro advertisement-sent?        yang:counter64
                +--ro interval-errors?           yang:counter64
                |       {validate-interval-errors}?
                +--ro priority-zero-pkts-rcvd?   yang:counter64
                +--ro priority-zero-pkts-sent?   yang:counter64
                +--ro invalid-type-pkts-rcvd?    yang:counter64
                +--ro address-list-errors?       yang:counter64
                |       {validate-address-list-errors}?
                +--ro packet-length-errors?      yang:counter64

     augment /if:interfaces/if:interface/ip:ipv6:
       +--rw vrrp
          +--rw vrrp-instance* [vrid]
             +--rw vrid                            uint8
             +     ...
             +--rw track
             |  +--rw interfaces
             |  |  +--rw interface* [interface]
             |  |     +--rw interface             if:interface-ref
             |  |           ...
             |  +--rw networks
             |     +--rw network* [prefix]
             |        +--rw prefix                inet:ipv6-prefix
             |              ...
             +--rw virtual-ipv6-addresses
             |  +--rw virtual-ipv6-address* [ipv6-address]
             |     +--rw ipv6-address    inet:ipv6-address
             |
Top   ToC   RFC8347 - Page 8
             |     // per-instance operational states
             +--ro state?                         identityref
             +--ro is-owner?                      boolean
             +--ro last-adv-source?               inet:ip-address
             +--ro up-datetime?                   yang:date-and-time
             +--ro master-down-interval?          uint32
             +--ro skew-time?                     uint32
             +--ro last-event?                    identityref
             +--ro new-master-reason?             new-master-reason-type
             +--ro statistics                // per-instance statistics
                +--ro discontinuity-datetime?    yang:date-and-time
                +--ro master-transitions?        yang:counter32
                +--ro advertisement-rcvd?        yang:counter64
                +--ro advertisement-sent?        yang:counter64
                +--ro interval-errors?           yang:counter64
                |       {validate-interval-errors}?
                +--ro priority-zero-pkts-rcvd?   yang:counter64
                +--ro priority-zero-pkts-sent?   yang:counter64
                +--ro invalid-type-pkts-rcvd?    yang:counter64
                +--ro address-list-errors?       yang:counter64
                |       {validate-address-list-errors}?
                +--ro packet-length-errors?      yang:counter64

   This model conforms to the Network Management Datastore Architecture
   (NMDA) [RFC8342].  The operational state data is combined with the
   associated configuration data in the same hierarchy
   [YANG-Guidelines].  When protocol states are retrieved from the NMDA
   operational state datastore, the returned states cover all
   "config true" (rw) and "config false" (ro) nodes defined in the
   schema.

   The model allows the retrieval of protocol states at the following
   levels:

   o  VRRP instance (version 2 or 3), representing a VRRP router.

   o  Virtual IPv4 or IPv6 address associated with a virtual router.

   o  Tracking interface, to detect interface connectivity failures.

   o  Tracking network, to detect network connectivity failures.

   o  Global states and statistics summarizing all instances.
Top   ToC   RFC8347 - Page 9

2.5. Notifications

This model defines the following VRRP-specific notifications: notifications: +---n vrrp-new-master-event | +--ro master-ip-address inet:ip-address | +--ro new-master-reason new-master-reason-type +---n vrrp-protocol-error-event | +--ro protocol-error-reason identityref +---n vrrp-virtual-router-error-event +--ro interface if:interface-ref +--ro (ip-version) | +--:(ipv4) | | +--ro ipv4 | | +--ro vrid leafref | +--:(ipv6) | +--ro ipv6 | +--ro vrid leafref +--ro virtual-router-error-reason identityref Each notification type is used to indicate a type of VRRP state change or error occurrence: vrrp-new-master-event VRRP new master event, indicating that a new master has been elected. vrrp-protocol-error-event VRRP protocol error event for a message that fails to reach a VRRP instance to be processed. vrrp-virtual-router-error-event VRRP virtual router error event for a message processed on a VRRP instance. In addition to the notifications specified above, the mechanisms defined in [Subscribed-Notifications] and [YANG-Push] can be used for other general notifications. These mechanisms currently allow the user to: o Subscribe notifications on a per-client basis. o Specify subtree filters or XML Path Language (XPath) filters so that only contents of interest will be sent. o Specify either periodic or on-demand notifications.
Top   ToC   RFC8347 - Page 10

3. Tree Structure

The VRRP YANG data model defined in this document has the following tree structure: module: ietf-vrrp +--ro vrrp +--ro virtual-routers? uint32 +--ro interfaces? uint32 +--ro statistics +--ro discontinuity-datetime? yang:date-and-time +--ro checksum-errors? yang:counter64 +--ro version-errors? yang:counter64 +--ro vrid-errors? yang:counter64 +--ro ip-ttl-errors? yang:counter64 augment /if:interfaces/if:interface/ip:ipv4: +--rw vrrp +--rw vrrp-instance* [vrid] +--rw vrid uint8 +--rw version identityref +--rw log-state-change? boolean +--rw preempt | +--rw enabled? boolean | +--rw hold-time? uint16 +--rw priority? uint8 +--rw accept-mode? boolean +--rw (advertise-interval-choice)? | +--:(v2) | | +--rw advertise-interval-sec? uint8 | +--:(v3) | +--rw advertise-interval-centi-sec? uint16 +--rw track | +--rw interfaces | | +--rw interface* [interface] | | +--rw interface if:interface-ref | | +--rw priority-decrement? uint8 | +--rw networks | +--rw network* [prefix] | +--rw prefix inet:ipv4-prefix | +--rw priority-decrement? uint8 +--rw virtual-ipv4-addresses | +--rw virtual-ipv4-address* [ipv4-address] | +--rw ipv4-address inet:ipv4-address +--ro state? identityref +--ro is-owner? boolean +--ro last-adv-source? inet:ip-address +--ro up-datetime? yang:date-and-time +--ro master-down-interval? uint32
Top   ToC   RFC8347 - Page 11
             +--ro skew-time?                      uint32
             +--ro last-event?                     identityref
             +--ro new-master-reason?
    new-master-reason-type
             +--ro statistics
                +--ro discontinuity-datetime?    yang:date-and-time
                +--ro master-transitions?        yang:counter32
                +--ro advertisement-rcvd?        yang:counter64
                +--ro advertisement-sent?        yang:counter64
                +--ro interval-errors?           yang:counter64
                |       {validate-interval-errors}?
                +--ro priority-zero-pkts-rcvd?   yang:counter64
                +--ro priority-zero-pkts-sent?   yang:counter64
                +--ro invalid-type-pkts-rcvd?    yang:counter64
                +--ro address-list-errors?       yang:counter64
                |       {validate-address-list-errors}?
                +--ro packet-length-errors?      yang:counter64
     augment /if:interfaces/if:interface/ip:ipv6:
       +--rw vrrp
          +--rw vrrp-instance* [vrid]
             +--rw vrid                            uint8
             +--rw version                         identityref
             +--rw log-state-change?               boolean
             +--rw preempt
             |  +--rw enabled?     boolean
             |  +--rw hold-time?   uint16
             +--rw priority?                       uint8
             +--rw accept-mode?                    boolean
             +--rw advertise-interval-centi-sec?   uint16
             +--rw track
             |  +--rw interfaces
             |  |  +--rw interface* [interface]
             |  |     +--rw interface             if:interface-ref
             |  |     +--rw priority-decrement?   uint8
             |  +--rw networks
             |     +--rw network* [prefix]
             |        +--rw prefix                inet:ipv6-prefix
             |        +--rw priority-decrement?   uint8
             +--rw virtual-ipv6-addresses
             |  +--rw virtual-ipv6-address* [ipv6-address]
             |     +--rw ipv6-address    inet:ipv6-address
             +--ro state?                          identityref
             +--ro is-owner?                       boolean
             +--ro last-adv-source?                inet:ip-address
             +--ro up-datetime?                    yang:date-and-time
             +--ro master-down-interval?           uint32
Top   ToC   RFC8347 - Page 12
             +--ro skew-time?                      uint32
             +--ro last-event?                     identityref
             +--ro new-master-reason?
    new-master-reason-type
             +--ro statistics
                +--ro discontinuity-datetime?    yang:date-and-time
                +--ro master-transitions?        yang:counter32
                +--ro advertisement-rcvd?        yang:counter64
                +--ro advertisement-sent?        yang:counter64
                +--ro interval-errors?           yang:counter64
                |       {validate-interval-errors}?
                +--ro priority-zero-pkts-rcvd?   yang:counter64
                +--ro priority-zero-pkts-sent?   yang:counter64
                +--ro invalid-type-pkts-rcvd?    yang:counter64
                +--ro address-list-errors?       yang:counter64
                |       {validate-address-list-errors}?
                +--ro packet-length-errors?      yang:counter64

     notifications:
       +---n vrrp-new-master-event
       |  +--ro master-ip-address    inet:ip-address
       |  +--ro new-master-reason    new-master-reason-type
       +---n vrrp-protocol-error-event
       |  +--ro protocol-error-reason    identityref
       +---n vrrp-virtual-router-error-event
          +--ro interface                      if:interface-ref
          +--ro (ip-version)
          |  +--:(ipv4)
          |  |  +--ro ipv4
          |  |     +--ro vrid    leafref
          |  +--:(ipv6)
          |     +--ro ipv6
          |        +--ro vrid    leafref
          +--ro virtual-router-error-reason    identityref


(next page on part 2)

Next Section