RFC 8299
YANG Data Model for L3VPN Service Delivery
leaf next-hop {
type inet:ipv4-address;
description
"Next-hop address to use on the customer side.";
}
description
"List of LAN prefixes for the site.";
}
list ipv6-lan-prefixes {
if-feature ipv6;
key "lan next-hop";
leaf lan {
type inet:ipv6-prefix;
description
"LAN prefixes.";
}
leaf lan-tag {
type string;
description
"Internal tag to be used in VPN policies.";
}
leaf next-hop {
type inet:ipv6-address;
description
"Next-hop address to use on the customer side.";
}
description
"List of LAN prefixes for the site.";
}
description
"LAN prefixes from the customer.";
}
description
"Configuration specific to static routing.";
}
container rip {
when "derived-from-or-self(../type, 'l3vpn-svc:rip')" {
description
"Only applies when the protocol is RIP. For IPv4,
the model assumes that RIP version 2 is used.";
}
if-feature rtg-rip;
leaf-list address-family {
type address-family;
min-elements "1";
description
"If RIP is used on this site, this node
contains a configured value. This node
contains at least one address family
to be activated.";
}
description
"Configuration specific to RIP routing.";
}
container vrrp {
when "derived-from-or-self(../type, 'l3vpn-svc:vrrp')" {
description
"Only applies when protocol is VRRP.";
}
if-feature rtg-vrrp;
leaf-list address-family {
type address-family;
min-elements "1";
description
"If VRRP is used on this site, this node
contains a configured value. This node contains
at least one address family to be activated.";
}
description
"Configuration specific to VRRP routing.";
}
description
"List of routing protocols used on
the site. This list can be augmented.";
}
description
"Defines routing protocols.";
}
description
"Grouping for routing protocols.";
}
grouping site-attachment-ip-connection {
container ip-connection {
container ipv4 {
if-feature ipv4;
leaf address-allocation-type {
type identityref {
base address-allocation-type;
}
must "not(derived-from-or-self(current(), 'l3vpn-svc:slaac') or "+
"derived-from-or-self(current(), "+
"'l3vpn-svc:provider-dhcp-slaac'))" {
error-message "SLAAC is only applicable to IPv6";
}
description
"Defines how addresses are allocated.
If there is no value for the address
allocation type, then IPv4 is not enabled.";
}
container provider-dhcp {
when "derived-from-or-self(../address-allocation-type, "+
"'l3vpn-svc:provider-dhcp')" {
description
"Only applies when addresses are allocated by DHCP.";
}
leaf provider-address {
type inet:ipv4-address;
description
"Address of provider side. If provider-address is not
specified, then prefix length should not be specified
either. It also implies provider-dhcp allocation is
not enabled. If provider-address is specified, then
the prefix length may or may not be specified.";
}
leaf prefix-length {
type uint8 {
range "0..32";
}
must "(../provider-address)" {
error-message
"If the prefix length is specified, provider-address
must also be specified.";
description
"If the prefix length is specified, provider-address
must also be specified.";
}
description
"Subnet prefix length expressed in bits.
If not specified, or specified as zero,
this means the customer leaves the actual
prefix length value to the provider.";
}
choice address-assign {
default number;
case number {
leaf number-of-dynamic-address {
type uint16;
default 1;
description
"Describes the number of IP addresses
the customer requires.";
}
}
case explicit {
container customer-addresses {
list address-group {
key "group-id";
leaf group-id {
type string;
description
"Group-id for the address range from
start-address to end-address.";
}
leaf start-address {
type inet:ipv4-address;
description
"First address.";
}
leaf end-address {
type inet:ipv4-address;
description
"Last address.";
}
description
"Describes IP addresses allocated by DHCP.
When only start-address or only end-address
is present, it represents a single address.
When both start-address and end-address are
specified, it implies a range inclusive of both
addresses. If no address is specified, it implies
customer addresses group is not supported.";
}
description
"Container for customer addresses is allocated by DHCP.";
}
}
description
"Choice for the way to assign addresses.";
}
description
"DHCP allocated addresses related parameters.";
}
container dhcp-relay {
when "derived-from-or-self(../address-allocation-type, "+
"'l3vpn-svc:provider-dhcp-relay')" {
description
"Only applies when provider is required to implement
DHCP relay function.";
}
leaf provider-address {
type inet:ipv4-address;
description
"Address of provider side. If provider-address is not
specified, then prefix length should not be specified
either. It also implies provider-dhcp allocation is
not enabled. If provider-address is specified, then
prefix length may or may not be specified.";
}
leaf prefix-length {
type uint8 {
range "0..32";
}
must "(../provider-address)" {
error-message
"If prefix length is specified, provider-address
must also be specified.";
description
"If prefix length is specified, provider-address
must also be specified.";
}
description
"Subnet prefix length expressed in bits. If not
specified, or specified as zero, this means the
customer leaves the actual prefix length value
to the provider.";
}
container customer-dhcp-servers {
leaf-list server-ip-address {
type inet:ipv4-address;
description
"IP address of customer DHCP server.";
}
description
"Container for list of customer DHCP servers.";
}
description
"DHCP relay provided by operator.";
}
container addresses {
when "derived-from-or-self(../address-allocation-type, "+
"'l3vpn-svc:static-address')" {
description
"Only applies when protocol allocation type is static.";
}
leaf provider-address {
type inet:ipv4-address;
description
"IPv4 Address List of the provider side.
When the protocol allocation type is static,
the provider address must be configured.";
}
leaf customer-address {
type inet:ipv4-address;
description
"IPv4 Address of customer side.";
}
leaf prefix-length {
type uint8 {
range "0..32";
}
description
"Subnet prefix length expressed in bits.
It is applied to both provider-address
and customer-address.";
}
description
"Describes IPv4 addresses used.";
}
description
"IPv4-specific parameters.";
}
container ipv6 {
if-feature ipv6;
leaf address-allocation-type {
type identityref {
base address-allocation-type;
}
description
"Defines how addresses are allocated.
If there is no value for the address
allocation type, then IPv6 is
not enabled.";
}
container provider-dhcp {
when "derived-from-or-self(../address-allocation-type, "+
"'l3vpn-svc:provider-dhcp') "+
"or derived-from-or-self(../address-allocation-type, "+
"'l3vpn-svc:provider-dhcp-slaac')" {
description
"Only applies when addresses are allocated by DHCP.";
}
leaf provider-address {
type inet:ipv6-address;
description
"Address of the provider side. If provider-address
is not specified, then prefix length should not be
specified either. It also implies provider-dhcp
allocation is not enabled. If provider-address is
specified, then prefix length may or may
not be specified.";
}
leaf prefix-length {
type uint8 {
range "0..128";
}
must "(../provider-address)" {
error-message
"If prefix length is specified, provider-address
must also be specified.";
description
"If prefix length is specified, provider-address
must also be specified.";
}
description
"Subnet prefix length expressed in bits. If not
specified, or specified as zero, this means the
customer leaves the actual prefix length value
to the provider.";
}
choice address-assign {
default number;
case number {
leaf number-of-dynamic-address {
type uint16;
default 1;
description
"Describes the number of IP addresses the customer
requires.";
}
}
case explicit {
container customer-addresses {
list address-group {
key "group-id";
leaf group-id {
type string;
description
"Group-id for the address range from
start-address to end-address.";
}
leaf start-address {
type inet:ipv6-address;
description
"First address.";
}
leaf end-address {
type inet:ipv6-address;
description
"Last address.";
}
description
"Describes IP addresses allocated by DHCP. When only
start-address or only end-address is present, it
represents a single address. When both start-address
and end-address are specified, it implies a range
inclusive of both addresses. If no address is
specified, it implies customer addresses group is
not supported.";
}
description
"Container for customer addresses allocated by DHCP.";
}
}
description
"Choice for the way to assign addresses.";
}
description
"DHCP allocated addresses related parameters.";
}
container dhcp-relay {
when "derived-from-or-self(../address-allocation-type, "+
"'l3vpn-svc:provider-dhcp-relay')" {
description
"Only applies when the provider is required
to implement DHCP relay function.";
}
leaf provider-address {
type inet:ipv6-address;
description
"Address of the provider side. If provider-address is
not specified, then prefix length should not be
specified either. It also implies provider-dhcp
allocation is not enabled. If provider address
is specified, then prefix length may or may
not be specified.";
}
leaf prefix-length {
type uint8 {
range "0..128";
}
must "(../provider-address)" {
error-message
"If prefix length is specified, provider-address
must also be specified.";
description
"If prefix length is specified, provider-address
must also be specified.";
}
description
"Subnet prefix length expressed in bits. If not
specified, or specified as zero, this means the
customer leaves the actual prefix length value
to the provider.";
}
container customer-dhcp-servers {
leaf-list server-ip-address {
type inet:ipv6-address;
description
"This node contains the IP address of
the customer DHCP server. If the DHCP relay
function is implemented by the
provider, this node contains the
configured value.";
}
description
"Container for list of customer DHCP servers.";
}
description
"DHCP relay provided by operator.";
}
container addresses {
when "derived-from-or-self(../address-allocation-type, "+
"'l3vpn-svc:static-address')" {
description
"Only applies when protocol allocation type is static.";
}
leaf provider-address {
type inet:ipv6-address;
description
"IPv6 Address of the provider side. When the protocol
allocation type is static, the provider address
must be configured.";
}
leaf customer-address {
type inet:ipv6-address;
description
"The IPv6 Address of the customer side.";
}
leaf prefix-length {
type uint8 {
range "0..128";
}
description
"Subnet prefix length expressed in bits.
It is applied to both provider-address and
customer-address.";
}
description
"Describes IPv6 addresses used.";
}
description
"IPv6-specific parameters.";
}
container oam {
container bfd {
if-feature bfd;
leaf enabled {
type boolean;
default false;
description
"If true, BFD activation is required.";
}
choice holdtime {
default fixed;
case fixed {
leaf fixed-value {
type uint32;
units msec;
description
"Expected BFD holdtime expressed in msec. The customer
may impose some fixed values for the holdtime period
if the provider allows the customer use this function.
If the provider doesn't allow the customer to use this
function, the fixed-value will not be set.";
}
}
case profile {
leaf profile-name {
type leafref {
path "/l3vpn-svc/vpn-profiles/valid-provider-identifiers/"+
"bfd-profile-identifier/id";
}
description
"Well-known SP profile name. The provider can propose
some profiles to the customer, depending on the service
level the customer wants to achieve. Profile names
must be communicated to the customer.";
}
description
"Well-known SP profile.";
}
description
"Choice for holdtime flavor.";
}
description
"Container for BFD.";
}
description
"Defines the Operations, Administration, and Maintenance (OAM)
mechanisms used on the connection. BFD is set as a fault
detection mechanism, but the 'oam' container can easily
be augmented by other mechanisms";
}
description
"Defines connection parameters.";
}
description
"This grouping defines IP connection parameters.";
}
grouping site-service-multicast {
container multicast {
if-feature multicast;
leaf multicast-site-type {
type enumeration {
enum receiver-only {
description
"The site only has receivers.";
}
enum source-only {
description
"The site only has sources.";
}
enum source-receiver {
description
"The site has both sources and receivers.";
}
}
default source-receiver;
description
"Type of multicast site.";
}
container multicast-address-family {
leaf ipv4 {
if-feature ipv4;
type boolean;
default false;
description
"Enables IPv4 multicast.";
}
leaf ipv6 {
if-feature ipv6;
type boolean;
default false;
description
"Enables IPv6 multicast.";
}
description
"Defines protocol to carry multicast.";
}
leaf protocol-type {
type enumeration {
enum host {
description
"Hosts are directly connected to the provider network.
Host protocols such as IGMP or MLD are required.";
}
enum router {
description
"Hosts are behind a customer router.
PIM will be implemented.";
}
enum both {
description
"Some hosts are behind a customer router, and
some others are directly connected to the
provider network. Both host and routing protocols
must be used. Typically, IGMP and PIM will be
implemented.";
}
}
default "both";
description
"Multicast protocol type to be used with the customer site.";
}
description
"Multicast parameters for the site.";
}
description
"Multicast parameters for the site.";
}
grouping site-management {
container management {
leaf type {
type identityref {
base management;
}
mandatory true;
description
"Management type of the connection.";
}
description
"Management configuration.";
}
description
"Management parameters for the site.";
}
grouping site-devices {
container devices {
when "derived-from-or-self(../management/type, "+
"'l3vpn-svc:provider-managed') or "+
"derived-from-or-self(../management/type, 'l3vpn-svc:co-managed')" {
description
"Applicable only for provider-managed or
co-managed device.";
}
list device {
key device-id;
leaf device-id {
type svc-id;
description
"Identifier for the device.";
}
leaf location {
type leafref {
path "../../../locations/"+
"location/location-id";
}
mandatory true;
description
"Location of the device.";
}
container management {
when "derived-from-or-self(../../../management/type,"+
"'l3vpn-svc:co-managed')" {
description
"Applicable only for co-managed device.";
}
leaf address-family {
type address-family;
description
"Address family used for management.";
}
leaf address {
when "(../address-family)" {
description
"If address-family is specified, then address should
also be specified. If address-family is not specified,
then address should also not be specified.";
}
type inet:ip-address;
mandatory true;
description
"Management address.";
}
description
"Management configuration. Applicable only for
co-managed device.";
}
description
"List of devices requested by customer.";
}
description
"Device configuration.";
}
description
"Grouping for device allocation.";
}
grouping site-vpn-flavor {
leaf site-vpn-flavor {
type identityref {
base site-vpn-flavor;
}
default site-vpn-flavor-single;
description
"Defines the way the VPN multiplexing is done, e.g., whether
the site belongs to a single VPN site or a multiVPN; or, in the case
of a multiVPN, whether the logical accesses of the sites belong
to the same set of VPNs or each logical access maps to
different VPNs.";
}
description
"Grouping for site VPN flavor.";
}
grouping site-vpn-policy {
container vpn-policies {
list vpn-policy {
key vpn-policy-id;
leaf vpn-policy-id {
type svc-id;
description
"Unique identifier for the VPN policy.";
}
list entries {
key id;
leaf id {
type svc-id;
description
"Unique identifier for the policy entry.";
}
container filters {
list filter {
key type;
ordered-by user;
leaf type {
type identityref {
base vpn-policy-filter-type;
}
description
"Type of VPN Policy filter.";
}
leaf-list lan-tag {
when "derived-from-or-self(../type, 'l3vpn-svc:lan')" {
description
"Only applies when the VPN Policy filter is a
LAN Tag filter.";
}
if-feature lan-tag;
type string;
description
"List of 'lan-tag' items to be matched. LAN Tag
is an Internal tag to be used in VPN policies ";
}
leaf-list ipv4-lan-prefix {
when "derived-from-or-self(../type, 'l3vpn-svc:ipv4')" {
description
"Only applies when VPN Policy filter is IPv4 Prefix filter.";
}
if-feature ipv4;
type inet:ipv4-prefix;
description
"List of IPv4 prefixes as LAN Prefixes to be matched.";
}
leaf-list ipv6-lan-prefix {
when "derived-from-or-self(../type, 'l3vpn-svc:ipv6')" {
description
"Only applies when VPN Policy filter is IPv6 Prefix filter.";
}
if-feature ipv6;
type inet:ipv6-prefix;
description
"List of IPv6 prefixes as LAN prefixes to be matched.";
}
description
"List of filters used on the site. This list can
be augmented.";
}
description
"If a more-granular VPN attachment is necessary, filtering can
be used. If used, it permits the splitting of site LANs among
multiple VPNs. The Site LAN can be split based on either LAN
Tag or LAN prefix. If no filter is used, all the LANs will be
part of the same VPNs with the same role.";
}
list vpn {
key vpn-id;
leaf vpn-id {
type leafref {
path "/l3vpn-svc/vpn-services/"+
"vpn-service/vpn-id";
}
mandatory true;
description
"Reference to an IP VPN.";
}
leaf site-role {
type identityref {
base site-role;
}
default any-to-any-role;
description
"Role of the site in the IP VPN.";
}
description
"List of VPNs the LAN is associated with.";
}
description
"List of entries for export policy.";
}
description
"List of VPN policies.";
}
description
"VPN policy.";
}
description
"VPN policy parameters for the site.";
}
grouping site-maximum-routes {
container maximum-routes {
list address-family {
key af;
leaf af {
type address-family;
description
"Address family.";
}
leaf maximum-routes {
type uint32;
description
"Maximum prefixes the VRF can accept
for this address family.";
}
description
"List of address families.";
}
description
"Defines 'maximum-routes' for the VRF.";
}
description
"Defines 'maximum-routes' for the site.";
}
grouping site-security {
container security {
uses site-security-authentication;
uses site-security-encryption;
description
"Site-specific security parameters.";
}
description
"Grouping for security parameters.";
}
grouping site-service {
container service {
uses site-service-qos-profile;
uses site-service-mpls;
uses site-service-multicast;
description
"Service parameters on the attachment.";
}
description
"Grouping for service parameters.";
}
grouping site-network-access-service {
container service {
uses site-service-basic;
uses site-service-qos-profile;
uses site-service-mpls;
uses site-service-multicast;
description
"Service parameters on the attachment.";
}
description
"Grouping for service parameters.";
}
grouping vpn-extranet {
container extranet-vpns {
if-feature extranet-vpn;
list extranet-vpn {
key vpn-id;
leaf vpn-id {
type svc-id;
description
"Identifies the target VPN the local VPN want to access.";
}
leaf local-sites-role {
type identityref {
base site-role;
}
default any-to-any-role;
description
"This describes the role of the
local sites in the target VPN topology. In the any-to-any VPN
service topology, the local sites must have the same role, which
will be 'any-to-any-role'. In the Hub-and-Spoke VPN service
topology or the Hub-and-Spoke disjoint VPN service topology,
the local sites must have a Hub role or a Spoke role.";
}
description
"List of extranet VPNs or target VPNs the local VPN is
attached to.";
}
description
"Container for extranet VPN configuration.";
}
description
"Grouping for extranet VPN configuration.
This provides an easy way to interconnect
all sites from two VPNs.";
}
grouping site-attachment-availability {
container availability {
leaf access-priority {
type uint32;
default 100;
description
"Defines the priority for the access.
The higher the access-priority value,
the higher the preference of the
access will be.";
}
description
"Availability parameters (used for multihoming).";
}
description
"Defines availability parameters for a site.";
}
grouping access-vpn-policy {
container vpn-attachment {
choice attachment-flavor {
case vpn-policy-id {
leaf vpn-policy-id {
type leafref {
path "../../../../"+
"vpn-policies/vpn-policy/"+
"vpn-policy-id";
}
description
"Reference to a VPN policy. When referencing VPN
policy for attachment, the vpn-policy-id must be
configured.";
}
}
case vpn-id {
leaf vpn-id {
type leafref {
path "/l3vpn-svc/vpn-services"+
"/vpn-service/vpn-id";
}
description
"Reference to an IP VPN. Referencing a vpn-id provides
an easy way to attach a particular logical access to
a VPN. In this case, vpn-id must be configured.";
}
leaf site-role {
type identityref {
base site-role;
}
default any-to-any-role;
description
"Role of the site in the IP VPN. When referencing a vpn-id,
the site-role setting must be added to express the role of
the site in the target VPN service topology.";
}
}
mandatory true;
description
"Choice for VPN attachment flavor. A choice is implemented
to allow the user to choose the flavor that provides the
best fit.";
}
description
"Defines VPN attachment of a site.";
}
description
"Defines the VPN attachment rules for
a site's logical access.";
}
grouping vpn-profile-cfg {
container valid-provider-identifiers {
list cloud-identifier {
if-feature cloud-access;
key id;
leaf id {
type string;
description
"Identification of cloud service.
Local administration meaning.";
}
description
"List for Cloud Identifiers.";
}
list encryption-profile-identifier {
key id;
leaf id {
type string;
description
"Identification of the SP encryption profile
to be used. Local administration meaning.";
}
description
"List for encryption profile identifiers.";
}
list qos-profile-identifier {
key id;
leaf id {
type string;
description
"Identification of the QoS Profile to be used.
Local administration meaning.";
}
description
"List for QoS Profile Identifiers.";
}
list bfd-profile-identifier {
key id;
leaf id {
type string;
description
"Identification of the SP BFD Profile to be used.
Local administration meaning.";
}
description
"List for BFD Profile identifiers.";
}
nacm:default-deny-write;
description
"Container for Valid Provider Identifies.";
}
description
"Grouping for VPN Profile configuration.";
}
grouping vpn-svc-cfg {
leaf vpn-id {
type svc-id;
description
"VPN identifier. Local administration meaning.";
}
leaf customer-name {
type string;
description
"Name of the customer that actually uses the VPN service.
In the case that any intermediary (e.g., Tier-2 provider
or partner) sells the VPN service to their end user
on behalf of the original service provider (e.g., Tier-1
provider), the original service provider may require the
customer name to provide smooth activation/commissioning
and operation for the service.";
}
leaf vpn-service-topology {
type identityref {
base vpn-topology;
}
default any-to-any;
description
"VPN service topology.";
}
uses vpn-service-cloud-access;
uses vpn-service-multicast;
uses vpn-service-mpls;
uses vpn-extranet;
description
"Grouping for VPN service configuration.";
}
grouping site-top-level-cfg {
uses operational-requirements;
uses customer-location-info;
uses site-devices;
uses site-diversity;
uses site-management;
uses site-vpn-policy;
uses site-vpn-flavor;
uses site-maximum-routes;
uses site-security;
uses site-service;
uses site-protection;
uses site-routing;
description
"Grouping for site top-level configuration.";
}
grouping site-network-access-top-level-cfg {
leaf site-network-access-type {
type identityref {
base site-network-access-type;
}
default point-to-point;
description
"Describes the type of connection, e.g.,
point-to-point or multipoint.";
}
choice location-flavor {
case location {
when "derived-from-or-self(../../management/type, "+
"'l3vpn-svc:customer-managed')" {
description
"Applicable only for customer-managed device.";
}
leaf location-reference {
type leafref {
path "../../../locations/location/location-id";
}
description
"Location of the site-network-access.";
}
}
case device {
when "derived-from-or-self(../../management/type, "+
"'l3vpn-svc:provider-managed') or "+
"derived-from-or-self(../../management/type, "+
"'l3vpn-svc:co-managed')" {
description
"Applicable only for provider-managed or co-managed device.";
}
leaf device-reference {
type leafref {
path "../../../devices/device/device-id";
}
description
"Identifier of CE to use.";
}
}
mandatory true;
description
"Choice of how to describe the site's location.";
}
uses access-diversity;
uses site-attachment-bearer;
uses site-attachment-ip-connection;
uses site-security;
uses site-network-access-service;
uses site-routing;
uses site-attachment-availability;
uses access-vpn-policy;
description
"Grouping for site network access top-level configuration.";
}
/* Main blocks */
container l3vpn-svc {
container vpn-profiles {
uses vpn-profile-cfg;
description
"Container for VPN Profiles.";
}
container vpn-services {
list vpn-service {
key vpn-id;
uses vpn-svc-cfg;
description
"List of VPN services.";
}
description
"Top-level container for the VPN services.";
}
container sites {
list site {
key site-id;
leaf site-id {
type svc-id;
description
"Identifier of the site.";
}
uses site-top-level-cfg;
uses operational-requirements-ops;
container site-network-accesses {
list site-network-access {
key site-network-access-id;
leaf site-network-access-id {
type svc-id;
description
"Identifier for the access.";
}
uses site-network-access-top-level-cfg;
description
"List of accesses for a site.";
}
description
"List of accesses for a site.";
}
description
"List of sites.";
}
description
"Container for sites.";
}
description
"Main container for L3VPN service configuration.";
}
}
<CODE ENDS>
10. Security Considerations
The YANG module specified in this document defines a schema for data that is designed to be accessed via network management protocols such as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer is the secure transport layer, and the mandatory-to-implement secure transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer is HTTPS, and the mandatory-to-implement secure transport is TLS [RFC5246]. The NETCONF access control model [RFC6536]provides the means to restrict access for particular NETCONF or RESTCONF users to a preconfigured subset of all available NETCONF or RESTCONF protocol operations and content. There are a number of data nodes defined in this YANG module that are writable/creatable/deletable (i.e., config true, which is the default). These data nodes may be considered sensitive or vulnerable in some network environments. Write operations (e.g., edit-config) to these data nodes without proper protection can have a negative effect on network operations. These are the subtrees and data nodes and their sensitivity/vulnerability: o /l3vpn-svc/vpn-services/vpn-service The entries in the list above include the whole vpn service configurations which the customer subscribes, and indirectly create or modify the PE and CE device configurations. Unexpected changes to these entries could lead to service disruption and/or network misbehavior. o /l3vpn-svc/sites/site The entries in the list above include the customer site configurations. As above, unexpected changes to these entries could lead to service disruption and/or network misbehavior. Some of the readable data nodes in this YANG module may be considered sensitive or vulnerable in some network environments. It is thus important to control read access (e.g., via get, get-config, or notification) to these data nodes. These are the subtrees and data nodes and their sensitivity/vulnerability: o /l3vpn-svc/vpn-services/vpn-service o /l3vpn-svc/sites/site
The entries in the lists above include customer-proprietary or confidential information, e.g., customer-name, site location, what service the customer subscribes. The data model defines some security parameters than can be extended via augmentation as part of the customer service request; those parameters are described in Section 6.9.11. IANA Considerations
IANA has assigned a new URI from the "IETF XML Registry" [RFC3688]. URI: urn:ietf:params:xml:ns:yang:ietf-l3vpn-svc Registrant Contact: The IESG XML: N/A; the requested URI is an XML namespace. IANA has recorded a YANG module name in the "YANG Module Names" registry [RFC6020] as follows: Name: ietf-l3vpn-svc Namespace: urn:ietf:params:xml:ns:yang:ietf-l3vpn-svc Prefix: l3vpn-svc Reference: RFC 8299 IANA previously assigned the URI and YANG module as described in [RFC8049]. IANA has updated the references for these entries to refer to this document.12. References
12.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <https://www.rfc-editor.org/info/rfc2119>. [RFC3022] Srisuresh, P. and K. Egevang, "Traditional IP Network Address Translator (Traditional NAT)", RFC 3022, DOI 10.17487/RFC3022, January 2001, <https://www.rfc-editor.org/info/rfc3022>. [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, DOI 10.17487/RFC3688, January 2004, <https://www.rfc-editor.org/info/rfc3688>.
[RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February 2006, <https://www.rfc-editor.org/info/rfc4364>. [RFC4577] Rosen, E., Psenak, P., and P. Pillay-Esnault, "OSPF as the Provider/Customer Edge Protocol for BGP/MPLS IP Virtual Private Networks (VPNs)", RFC 4577, DOI 10.17487/RFC4577, June 2006, <https://www.rfc-editor.org/info/rfc4577>. [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless Address Autoconfiguration", RFC 4862, DOI 10.17487/RFC4862, September 2007, <https://www.rfc-editor.org/info/rfc4862>. [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security (TLS) Protocol Version 1.2", RFC 5246, DOI 10.17487/RFC5246, August 2008, <https://www.rfc-editor.org/info/rfc5246>. [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for the Network Configuration Protocol (NETCONF)", RFC 6020, DOI 10.17487/RFC6020, October 2010, <https://www.rfc-editor.org/info/rfc6020>. [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., and A. Bierman, Ed., "Network Configuration Protocol (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, <https://www.rfc-editor.org/info/rfc6241>. [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, <https://www.rfc-editor.org/info/rfc6242>. [RFC6513] Rosen, E., Ed. and R. Aggarwal, Ed., "Multicast in MPLS/ BGP IP VPNs", RFC 6513, DOI 10.17487/RFC6513, February 2012, <https://www.rfc-editor.org/info/rfc6513>. [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration Protocol (NETCONF) Access Control Model", RFC 6536, DOI 10.17487/RFC6536, March 2012, <https://www.rfc-editor.org/info/rfc6536>. [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", RFC 7950, DOI 10.17487/RFC7950, August 2016, <https://www.rfc-editor.org/info/rfc7950>.
[RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, <https://www.rfc-editor.org/info/rfc8040>. [RFC8049] Litkowski, S., Tomotaki, L., and K. Ogaki, "YANG Data Model for L3VPN Service Delivery", RFC 8049, DOI 10.17487/RFC8049, February 2017, <https://www.rfc-editor.org/info/rfc8049>. [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, <https://www.rfc-editor.org/info/rfc8174>.12.2. Informative References
[ACL-YANG] Jethanandani, M., Huang, L., Agarwal, S., and D. Blair, "Network Access Control List (ACL) YANG Data Model", Work in Progress, draft-ietf-netmod-acl-model-14, October 2017. [RFC4026] Andersson, L. and T. Madsen, "Provider Provisioned Virtual Private Network (VPN) Terminology", RFC 4026, DOI 10.17487/RFC4026, March 2005, <https://www.rfc-editor.org/info/rfc4026>. [RFC4110] Callon, R. and M. Suzuki, "A Framework for Layer 3 Provider-Provisioned Virtual Private Networks (PPVPNs)", RFC 4110, DOI 10.17487/RFC4110, July 2005, <https://www.rfc-editor.org/info/rfc4110>. [RFC4760] Bates, T., Chandra, R., Katz, D., and Y. Rekhter, "Multiprotocol Extensions for BGP-4", RFC 4760, DOI 10.17487/RFC4760, January 2007, <https://www.rfc-editor.org/info/rfc4760>. [RFC8277] Rosen, E., "Using BGP to Bind MPLS Labels to Address Prefixes", RFC 8277, DOI 10.17487/RFC8277, October 2017, <https://www.rfc-editor.org/info/rfc8277>.
Acknowledgements
Maxim Klyus, Luis Miguel Contreras, Gregory Mirsky, Zitao Wang, Jing Zhao, Kireeti Kompella, Eric Rosen, Aijun Wang, Michael Scharf, Xufeng Liu, David Ball, Lucy Yong, Jean-Philippe Landry, and Andrew Leu provided useful review to this document. Jan Lindblad reviewed RFC 8049 and found some bugs, and his thorough YANG Doctor review on the YANG Module is valuable input. David Ball also provided a second review on RFC 8049. Many thanks to these people.Contributors
The authors would like to thank Rob Shakir for his major contributions to the initial modeling and use cases. Adrian Farrel prepared the editorial revisions for this document.Authors' Addresses
Qin Wu (editor) Huawei Technologies Email: bill.wu@huawei.com Stephane Litkowski Orange Business Services Email: stephane.litkowski@orange.com Luis Tomotaki Verizon Email: luis.tomotaki@verizon.com Kenichi Ogaki KDDI Corporation Email: ke-oogaki@kddi.com