RFC 8512
A YANG Module for Network Address Translation (NAT) and Network Prefix Translation (NPT)
Pages: 94
Proposed Standard
Proposed Standard
Part 6 of 8 – Pages 59 to 68
leaf limit-per-instance {
type uint32;
units "bits/second";
description
"Rate-limit the number of new mappings and sessions
per instance.";
}
list limit-per-protocol {
if-feature "napt44 or nat64";
key "protocol-id";
description
"Configure limits per transport protocol";
leaf protocol-id {
type uint8;
mandatory true;
description
"The upper-layer protocol.
Values are taken from the IANA Protocol Numbers
registry.
For example, this field contains 6 for TCP,
17 for UDP, 33 for DCCP, or 132 for SCTP.";
}
leaf limit {
type uint32;
description
"Limit the number of protocol-specific mappings
and sessions per instance.";
}
}
}
container notification-limits {
description
"Sets notification limits.";
leaf notify-interval {
if-feature "basic-nat44 or napt44 or nat64";
type uint32 {
range "1 .. 3600";
}
units "seconds";
default "10";
description
"Minimum number of seconds between successive
notifications for this NAT instance.";
reference
"RFC 7659: Definitions of Managed Objects for
Network Address Translators (NATs)";
}
leaf notify-addresses-usage {
if-feature "basic-nat44 or napt44 or nat64";
type percent;
description
"Notification of address mappings usage over
the whole NAT instance.
Notification must be generated when the defined
threshold is reached.
For example, if a notification is required when
the address mappings utilization reaches 90%,
this configuration parameter must be set
to 90.";
}
leaf notify-ports-usage {
if-feature "napt44 or nat64";
type percent;
description
"Notification of port mappings usage over the
whole NAT instance.
Notification must be generated when the defined
threshold is reached.
For example, if a notification is required when
the port mappings utilization reaches 90%, this
configuration parameter must be set to 90.";
}
leaf notify-subscribers-limit {
if-feature "basic-nat44 or napt44 or nat64";
type uint32;
description
"Notification of active subscribers per NAT
instance.
Notification must be generated when the defined
threshold is reached.";
}
}
container mapping-table {
if-feature "basic-nat44 or napt44 or nat64 "
+ "or clat or dst-nat";
description
"NAT mapping table. Applicable for functions that maintain
static and/or dynamic mappings, such as NAT44, Destination
NAT, NAT64, or CLAT.";
list mapping-entry {
key "index";
description
"NAT mapping entry.";
uses mapping-entry;
}
}
container statistics {
config false;
description
"Statistics related to the NAT instance.";
leaf discontinuity-time {
type yang:date-and-time;
mandatory true;
description
"The time on the most recent occasion at which the NAT
instance suffered a discontinuity. This must be
initialized when the NAT instance is configured
or rebooted.";
}
container traffic-statistics {
description
"Generic traffic statistics.";
leaf sent-packets {
type yang:zero-based-counter64;
description
"Number of packets sent.";
}
leaf sent-bytes {
type yang:zero-based-counter64;
units "bytes";
description
"Counter for sent traffic in bytes.";
}
leaf rcvd-packets {
type yang:zero-based-counter64;
description
"Number of received packets.";
}
leaf rcvd-bytes {
type yang:zero-based-counter64;
units "bytes";
description
"Counter for received traffic in bytes.";
}
leaf dropped-packets {
type yang:zero-based-counter64;
description
"Number of dropped packets.";
}
leaf dropped-bytes {
type yang:zero-based-counter64;
units "bytes";
description
"Counter for dropped traffic in bytes.";
}
leaf dropped-fragments {
if-feature "napt44 or nat64";
type yang:zero-based-counter64;
description
"Number of dropped fragments on the external realm.";
}
leaf dropped-address-limit-packets {
if-feature "basic-nat44 or napt44 or nat64";
type yang:zero-based-counter64;
description
"Number of dropped packets because an address limit
is reached.";
}
leaf dropped-address-limit-bytes {
if-feature "basic-nat44 or napt44 or nat64";
type yang:zero-based-counter64;
units "bytes";
description
"Counter of dropped packets because an address limit
is reached, in bytes.";
}
leaf dropped-address-packets {
if-feature "basic-nat44 or napt44 or nat64";
type yang:zero-based-counter64;
description
"Number of dropped packets because no address is
available for allocation.";
}
leaf dropped-address-bytes {
if-feature "basic-nat44 or napt44 or nat64";
type yang:zero-based-counter64;
units "bytes";
description
"Counter of dropped packets because no address is
available for allocation, in bytes.";
}
leaf dropped-port-limit-packets {
if-feature "napt44 or nat64";
type yang:zero-based-counter64;
description
"Number of dropped packets because a port limit
is reached.";
}
leaf dropped-port-limit-bytes {
if-feature "napt44 or nat64";
type yang:zero-based-counter64;
units "bytes";
description
"Counter of dropped packets because a port limit
is reached, in bytes.";
}
leaf dropped-port-packets {
if-feature "napt44 or nat64";
type yang:zero-based-counter64;
description
"Number of dropped packets because no port is
available for allocation.";
}
leaf dropped-port-bytes {
if-feature "napt44 or nat64";
type yang:zero-based-counter64;
units "bytes";
description
"Counter of dropped packets because no port is
available for allocation, in bytes.";
}
leaf dropped-subscriber-limit-packets {
if-feature "basic-nat44 or napt44 or nat64";
type yang:zero-based-counter64;
description
"Number of dropped packets because the subscriber
limit per instance is reached.";
}
leaf dropped-subscriber-limit-bytes {
if-feature "basic-nat44 or napt44 or nat64";
type yang:zero-based-counter64;
units "bytes";
description
"Counter of dropped packets because the subscriber
limit per instance is reached, in bytes.";
}
}
container mappings-statistics {
description
"Mappings statistics.";
leaf total-active-subscribers {
if-feature "basic-nat44 or napt44 or nat64";
type yang:gauge32;
description
"Total number of active subscribers (that is,
subscribers for which the NAT maintains active
mappings).
A subscriber is identified by a subnet,
subscriber-mask, etc.";
}
leaf total-address-mappings {
if-feature "basic-nat44 or napt44 or nat64 "
+ "or clat or dst-nat";
type yang:gauge32;
description
"Total number of address mappings present at a given
time. It includes both static and dynamic mappings.";
reference
"Section 3.3.8 of RFC 7659";
}
leaf total-port-mappings {
if-feature "napt44 or nat64";
type yang:gauge32;
description
"Total number of NAT port mappings present at
a given time. It includes both static and dynamic
mappings.";
reference
"Section 3.3.9 of RFC 7659";
}
list total-per-protocol {
if-feature "napt44 or nat64";
key "protocol-id";
description
"Total mappings for each enabled/supported protocol.";
leaf protocol-id {
type uint8;
mandatory true;
description
"The upper-layer protocol.
For example, this field contains 6 for TCP,
17 for UDP, 33 for DCCP, or 132 for SCTP.";
}
leaf total {
type yang:gauge32;
description
"Total number of a protocol-specific mappings present
at a given time. The protocol is identified by
protocol-id.";
}
}
}
container pools-stats {
if-feature "basic-nat44 or napt44 or nat64";
description
"Statistics related to address/prefix pools
usage";
leaf addresses-allocated {
type yang:gauge32;
description
"Number of all allocated addresses.";
}
leaf addresses-free {
type yang:gauge32;
description
"Number of unallocated addresses of all pools at
a given time. The sum of unallocated and allocated
addresses is the total number of addresses of
the pools.";
}
container ports-stats {
if-feature "napt44 or nat64";
description
"Statistics related to port numbers usage.";
leaf ports-allocated {
type yang:gauge32;
description
"Number of allocated ports from all pools.";
}
leaf ports-free {
type yang:gauge32;
description
"Number of unallocated addresses from all pools.";
}
}
list per-pool-stats {
if-feature "basic-nat44 or napt44 or nat64";
key "pool-id";
description
"Statistics related to address/prefix pool usage";
leaf pool-id {
type uint32;
description
"Unique identifier that represents a pool of
addresses/prefixes.";
}
leaf discontinuity-time {
type yang:date-and-time;
mandatory true;
description
"The time on the most recent occasion at which this
pool counter suffered a discontinuity. This must
be initialized when the address pool is
configured.";
}
container pool-stats {
description
"Statistics related to address/prefix pool usage";
leaf addresses-allocated {
type yang:gauge32;
description
"Number of allocated addresses from this pool.";
}
leaf addresses-free {
type yang:gauge32;
description
"Number of unallocated addresses in this pool.";
}
}
container port-stats {
if-feature "napt44 or nat64";
description
"Statistics related to port numbers usage.";
leaf ports-allocated {
type yang:gauge32;
description
"Number of allocated ports from this pool.";
}
leaf ports-free {
type yang:gauge32;
description
"Number of unallocated addresses from this pool.";
}
}
}
}
}
}
}
}
/*
* Notifications
*/
notification nat-pool-event {
if-feature "basic-nat44 or napt44 or nat64";
description
"Notifications must be generated when the defined high/low
threshold is reached. Related configuration parameters
must be provided to trigger the notifications.";
leaf id {
type leafref {
path "/nat/instances/instance/id";
}
mandatory true;
description
"NAT instance identifier.";
}
leaf policy-id {
type leafref {
path "/nat/instances/instance/policy/id";
}
description
"Policy identifier.";
}
leaf pool-id {
type leafref {
path "/nat/instances/instance/policy"
+ "/external-ip-address-pool/pool-id";
}
mandatory true;
description
"Pool Identifier.";
}
leaf notify-pool-threshold {
type percent;
mandatory true;
description
"A threshold (high threshold or low threshold) has
been fired.";
}
}
notification nat-instance-event {
if-feature "basic-nat44 or napt44 or nat64";
description
"Notifications must be generated when notify-addresses-usage
and/or notify-ports-usage thresholds are reached.";
leaf id {
type leafref {
path "/nat/instances/instance/id";
}
mandatory true;
description
"NAT instance identifier.";
}
leaf notify-subscribers-threshold {
type uint32;
description
"The notify-subscribers-limit threshold has been fired.";
}
leaf notify-addresses-threshold {
type percent;
description
"The notify-addresses-usage threshold has been fired.";
}
leaf notify-ports-threshold {
type percent;
description
"The notify-ports-usage threshold has been fired.";
}
}
}
<CODE ENDS>
(page 68 continued on part 7)