| rfc9903v1.txt | rfc9903.txt | |||
|---|---|---|---|---|
| Internet Engineering Task Force (IETF) Y. Qu | Internet Engineering Task Force (IETF) Y. Qu | |||
| Request for Comments: 9903 Futurewei Technologies | Request for Comments: 9903 Futurewei Technologies | |||
| Category: Standards Track A. Lindem | Category: Standards Track A. Lindem | |||
| ISSN: 2070-1721 LabN Consulting, L.L.C. | ISSN: 2070-1721 LabN Consulting, L.L.C. | |||
| J. Zhang | J. Zhang | |||
| Juniper Networks | Juniper Networks | |||
| I. Chen | I. Chen | |||
| The MITRE Corporation | Red Hat, Inc. | |||
| November 2025 | November 2025 | |||
| A YANG Data Model for OSPF Segment Routing over the MPLS Data Plane | A YANG Data Model for OSPF Segment Routing over the MPLS Data Plane | |||
| Abstract | Abstract | |||
| This document defines a YANG data model that can be used to manage | This document defines a YANG data model that can be used to manage | |||
| OSPF extensions for Segment Routing over the MPLS data plane. | OSPF extensions for Segment Routing over the MPLS data plane. | |||
| Status of This Memo | Status of This Memo | |||
| skipping to change at line 68 ¶ | skipping to change at line 68 ¶ | |||
| 6.1. Normative References | 6.1. Normative References | |||
| 6.2. Informative References | 6.2. Informative References | |||
| Appendix A. A Configuration Example | Appendix A. A Configuration Example | |||
| Appendix B. Full Tree Diagram | Appendix B. Full Tree Diagram | |||
| Acknowledgements | Acknowledgements | |||
| Authors' Addresses | Authors' Addresses | |||
| 1. Overview | 1. Overview | |||
| This document defines a YANG data model [RFC7950] that can be used to | This document defines a YANG data model [RFC7950] that can be used to | |||
| manage OSPFv2 extensions for Segment Routing [RFC8665] and OSPFv3 | manage OSPFv2 extensions for Segment Routing [RFC2328] [RFC8665] and | |||
| extensions for Segment Routing [RFC8666] over the MPLS data plane. | OSPFv3 extensions for Segment Routing [RFC5340] [RFC8666] over the | |||
| The defined YANG data model is an augmentation to the OSPF YANG data | MPLS data plane. The defined YANG data model is an augmentation to | |||
| model [RFC9129]. | the OSPF YANG data model [RFC9129]. | |||
| The YANG data model in this document conforms to the Network | The YANG data model in this document conforms to the Network | |||
| Management Datastore Architecture (NMDA) [RFC8342]. | Management Datastore Architecture (NMDA) [RFC8342]. | |||
| 1.1. Requirements Language | 1.1. Requirements Language | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
| "OPTIONAL" in this document are to be interpreted as described in | "OPTIONAL" in this document are to be interpreted as described in | |||
| BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
| skipping to change at line 111 ¶ | skipping to change at line 111 ¶ | |||
| The "ietf-ospf-sr-mpls" module defines both the data nodes to | The "ietf-ospf-sr-mpls" module defines both the data nodes to | |||
| configure OSPF Segment Routing MPLS extensions and the additions to | configure OSPF Segment Routing MPLS extensions and the additions to | |||
| the OSPF Link State Advertisements (LSAs) necessary to support | the OSPF Link State Advertisements (LSAs) necessary to support | |||
| Segment Routing over MPLS (SR-MPLS). The OSPF configuration | Segment Routing over MPLS (SR-MPLS). The OSPF configuration | |||
| includes: | includes: | |||
| * OSPF instance level configuration imported from the "ietf-segment- | * OSPF instance level configuration imported from the "ietf-segment- | |||
| routing-mpls" YANG module, including the mapping server bindings | routing-mpls" YANG module, including the mapping server bindings | |||
| and the per-protocol Segment Routing Global Block (SRGB) (refer to | and the per-protocol Segment Routing Global Block (SRGB) (refer to | |||
| the "sr-protocol" grouping [RFC9020]). | the "sr-control-plane" grouping [RFC9020]). | |||
| * OSPF area level configuration, which enables Segment Routing over | * OSPF area level configuration, which enables SR-MPLS on all | |||
| MPLS on all interfaces as well as advertisement of Segment Routing | interfaces as well as advertisement of SR-MPLS information in Link | |||
| over MPLS information in Link State Advertisements (LSAs). | State Advertisements (LSAs). | |||
| * OSPF interface level configuration for Adjacency Segment | * OSPF interface level configuration for Adjacency Segment | |||
| Identifiers (Adj-SIDs) corresponding to specific neighbors on | Identifiers (Adj-SIDs) corresponding to specific neighbors on | |||
| multi-access interfaces (OSPF interface type broadcast or Non- | multi-access interfaces (OSPF interface type broadcast or Non- | |||
| Broadcast Multi-Access (NBMA)). The adjacency-sid definitions are | Broadcast Multi-Access (NBMA)). The adjacency-sid definitions are | |||
| imported from the "ietf-segment-routing-mpls" YANG module (refer | imported from the "ietf-segment-routing-mpls" YANG module (refer | |||
| to the "igp-interface" grouping [RFC9020]). | to the "igp-interface" grouping [RFC9020]). | |||
| * OSPF interface level configuration for Topology Independent Loop- | * OSPF interface level configuration for Topology Independent Loop- | |||
| Free Alternative (TI-LFA) using the MPLS data plane. TI-LFA is | Free Alternative (TI-LFA) using the MPLS data plane. TI-LFA is | |||
| described in [RFC9855]. | described in [RFC9855]. | |||
| The operational state (read-only) additions specific to OSPFv2 LSA | The operational state (read-only) additions specific to OSPFv2 LSA | |||
| include: | include: | |||
| * OSPFv2 extended range TLV encodings [RFC8665] in the OSPF Extended | * OSPFv2 Extended Prefix Range TLV encodings [RFC8665] in the OSPF | |||
| Prefix Opaque LSA [RFC7684]. | Extended Prefix Opaque LSA [RFC7684]. | |||
| * OSPFv2 Prefix-SID Sub-TLV encodings [RFC8665], including the OSPF | * OSPFv2 Prefix-SID Sub-TLV encodings [RFC8665], including the OSPF | |||
| Extended Prefix TLV, which is advertised in the OSPF Extended | Extended Prefix TLV, which is advertised in the OSPF Extended | |||
| Prefix Opaque LSA [RFC7684]. | Prefix Opaque LSA [RFC7684]. | |||
| * OSPFv2 SR-Algorithm, SID/Label Range TLV, SR Local Block TLV, and | * OSPFv2 SR-Algorithm, SID/Label Range TLV, SR Local Block TLV, and | |||
| Segment Routing Mapping Server (SRMS) Preference TLV [RFC8665] | Segment Routing Mapping Server (SRMS) Preference TLV [RFC8665] | |||
| advertised in the OSPFv2 Router Information Opaque LSA [RFC7770]. | advertised in the OSPFv2 Router Information Opaque LSA [RFC7770]. | |||
| The operational state (read-only) additions specific to OSPFv3 LSA | The operational state (read-only) additions specific to OSPFv3 LSA | |||
| include: | include: | |||
| * OSPFv3 extended range TLV encodings [RFC8666] in the OSPFv3 E- | * OSPFv3 Extended Prefix Range TLV encodings [RFC8666] in the OSPFv3 | |||
| Intra-Area-Prefix-LSA, E-Inter-Area-Prefix-LSA, E-AS-External-LSA, | E-Intra-Area-Prefix-LSA, E-Inter-Area-Prefix-LSA, E-AS-External- | |||
| and E-Type-7-LSA [RFC8362]. | LSA, and E-Type-7-LSA [RFC8362]. | |||
| * OSPFv3 Prefix-SID Sub-TLV encodings [RFC8666] in the OSPFv3 Intra- | * OSPFv3 Prefix-SID Sub-TLV encodings [RFC8666] in the OSPFv3 Intra- | |||
| Area-Prefix TLV, Inter-Area-Prefix TLV, External-Prefix TLV, and | Area-Prefix TLV, Inter-Area-Prefix TLV, External-Prefix TLV | |||
| OSPFv3 Extended Prefix Range TLV [RFC8362]. | [RFC8362], and OSPFv3 Extended Prefix Range TLV [RFC8666]. | |||
| * OSPFv3 Adj-SID Sub-TLV [RFC8666] in the OSPFv3 Router-Link TLV | * OSPFv3 Adj-SID Sub-TLV [RFC8666] in the OSPFv3 Router-Link TLV | |||
| [RFC8362]. | [RFC8362]. | |||
| * OSPFv3 LAN Adj-SID Sub-TLV [RFC8666] in the OSPFv3 Router-Link TLV | * OSPFv3 LAN Adj-SID Sub-TLV [RFC8666] in the OSPFv3 Router-Link TLV | |||
| [RFC8362]. | [RFC8362]. | |||
| * OSPFv3 SR-Algorithm, SID/Label Range TLV, SR Local Block TLV, and | * OSPFv3 SR-Algorithm, SID/Label Range TLV, SR Local Block TLV, and | |||
| Segment Routing Mapping Server (SRMS) Preference TLV [RFC8666] | SRMS Preference TLV [RFC8666] advertised in the OSPFv3 Router | |||
| advertised in the OSPFv3 Router Information LSA [RFC7770]. | Information LSA [RFC7770]. | |||
| 3. OSPF Segment Routing over MPLS YANG Module | 3. OSPF Segment Routing over MPLS YANG Module | |||
| [RFC2328], [RFC4915], [RFC5340], [RFC6991], [RFC8102], [RFC8294], | [RFC4915], [RFC6991], [RFC8102], [RFC8294], [RFC8349], [RFC8665], | |||
| [RFC8349], [RFC9587], and [RFC9855] are referenced in the YANG | [RFC8666], [RFC9020], [RFC9129], [RFC9587], and [RFC9855] are | |||
| module. | referenced in the YANG module. | |||
| <CODE BEGINS> file "ietf-ospf-sr-mpls@2025-11-21.yang" | <CODE BEGINS> file "ietf-ospf-sr-mpls@2025-11-21.yang" | |||
| module ietf-ospf-sr-mpls { | module ietf-ospf-sr-mpls { | |||
| yang-version 1.1; | yang-version 1.1; | |||
| namespace "urn:ietf:params:xml:ns:yang:ietf-ospf-sr-mpls"; | namespace "urn:ietf:params:xml:ns:yang:ietf-ospf-sr-mpls"; | |||
| prefix ospf-sr-mpls; | prefix ospf-sr-mpls; | |||
| import ietf-inet-types { | import ietf-inet-types { | |||
| prefix inet; | prefix inet; | |||
| reference | reference | |||
| skipping to change at line 227 ¶ | skipping to change at line 227 ¶ | |||
| organization | organization | |||
| "IETF LSR - Link State Routing Working Group"; | "IETF LSR - Link State Routing Working Group"; | |||
| contact | contact | |||
| "WG Web: <https://datatracker.ietf.org/wg/lsr/> | "WG Web: <https://datatracker.ietf.org/wg/lsr/> | |||
| WG List: <mailto:lsr@ietf.org> | WG List: <mailto:lsr@ietf.org> | |||
| Author: Yingzhen Qu | Author: Yingzhen Qu | |||
| <mailto:yingzhen.ietf@gmail.com> | <mailto:yingzhen.ietf@gmail.com> | |||
| Author: Acee Lindem | Author: Acee Lindem | |||
| <mailto:acee.ietf@gmail.com> | <mailto:acee.ietf@gmail.com> | |||
| Author: Derek Yeung | ||||
| <mailto:derek@arrcus.com> | ||||
| Author: Jeffrey Zhang | Author: Jeffrey Zhang | |||
| <mailto:zzhang@juniper.net> | <mailto:zzhang@juniper.net> | |||
| Author: Ing-Wher Chen | Author: Ing-Wher Chen | |||
| <mailto:ingwherchen@mitre.org>"; | <mailto:ichen@redhat.com>"; | |||
| description | description | |||
| "This YANG module defines the generic configuration | "This YANG module defines the generic configuration | |||
| and operational state for OSPF Segment Routing (SR). | and operational state for OSPF Segment Routing (SR). | |||
| The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL | The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL | |||
| NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', | NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', | |||
| 'MAY', and 'OPTIONAL' in this document are to be interpreted as | 'MAY', and 'OPTIONAL' in this document are to be interpreted as | |||
| described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, | described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, | |||
| they appear in all capitals, as shown here. | they appear in all capitals, as shown here. | |||
| skipping to change at line 278 ¶ | skipping to change at line 276 ¶ | |||
| feature remote-lfa-sr { | feature remote-lfa-sr { | |||
| description | description | |||
| "Enhance Remote Loop-Free Alternate (RLFA) to use an SR path."; | "Enhance Remote Loop-Free Alternate (RLFA) to use an SR path."; | |||
| reference | reference | |||
| "RFC 8102: Remote-LFA Node Protection and Manageability"; | "RFC 8102: Remote-LFA Node Protection and Manageability"; | |||
| } | } | |||
| feature ti-lfa { | feature ti-lfa { | |||
| description | description | |||
| "Topology Independent Loop-Free Alternate (TI-LFA) | "Topology Independent Loop-Free Alternate (TI-LFA) | |||
| computation using segment routing."; | computation using Segment Routing."; | |||
| reference | reference | |||
| "RFC 9855: Topology Independent Fast Reroute Using Segment | "RFC 9855: Topology Independent Fast Reroute Using Segment | |||
| Routing"; | Routing"; | |||
| } | } | |||
| identity prefix-sid-flag { | identity prefix-sid-flag { | |||
| description | description | |||
| "Base identity for Prefix-SID Sub-TLV flags."; | "Base identity for Prefix-SID Sub-TLV flags."; | |||
| reference | reference | |||
| "RFC 8665: OSPF Extensions for Segment Routing, Section 5 | "RFC 8665: OSPF Extensions for Segment Routing, Section 5 | |||
| skipping to change at line 471 ¶ | skipping to change at line 469 ¶ | |||
| "Prefix-SID Sub-TLV."; | "Prefix-SID Sub-TLV."; | |||
| container prefix-sid-flags { | container prefix-sid-flags { | |||
| leaf-list flag { | leaf-list flag { | |||
| type identityref { | type identityref { | |||
| base prefix-sid-flag; | base prefix-sid-flag; | |||
| } | } | |||
| description | description | |||
| "Prefix-SID Sub-TLV flags."; | "Prefix-SID Sub-TLV flags."; | |||
| } | } | |||
| description | description | |||
| "Segment Identifier (SID) flags."; | "SID flags."; | |||
| } | } | |||
| leaf mt-id { | leaf mt-id { | |||
| type uint8 { | type uint8 { | |||
| range "0 .. 127"; | range "0 .. 127"; | |||
| } | } | |||
| description | description | |||
| "Multi-topology ID."; | "Multi-topology ID."; | |||
| reference | reference | |||
| "RFC 4915: Multi-Topology (MT) Routing in OSPF"; | "RFC 4915: Multi-Topology (MT) Routing in OSPF"; | |||
| } | } | |||
| skipping to change at line 695 ¶ | skipping to change at line 693 ¶ | |||
| "SID range. The return of a zero value would indicate | "SID range. The return of a zero value would indicate | |||
| an error."; | an error."; | |||
| } | } | |||
| uses sid-tlv-encoding; | uses sid-tlv-encoding; | |||
| } | } | |||
| } | } | |||
| } | } | |||
| grouping srms-preference-tlv { | grouping srms-preference-tlv { | |||
| description | description | |||
| "The SR Mapping Server (SRMS) Preference TLV is | "The SRMS Preference TLV is used to advertise a preference | |||
| used to advertise a preference associated with | associated with the node that acts as an SRMS. SRMS | |||
| the node that acts as an SR Mapping Server. SR | advertisements with a higher preference value are preferred | |||
| Mapping Server advertisements with a higher | over those with a lower preference value."; | |||
| preference value are preferred over those with | ||||
| a lower preference value."; | ||||
| reference | reference | |||
| "RFC 8665: OSPF Extensions for Segment Routing, Section 3.4"; | "RFC 8665: OSPF Extensions for Segment Routing, Section 3.4"; | |||
| container srms-preference-tlv { | container srms-preference-tlv { | |||
| description | description | |||
| "SRMS Preference TLV."; | "SRMS Preference TLV."; | |||
| leaf preference { | leaf preference { | |||
| type uint8; | type uint8; | |||
| description | description | |||
| "SRMS Preference TLV, value from 0 to 255 with | "SRMS Preference TLV, value from 0 to 255 with | |||
| 255 being the most preferred."; | 255 being the most preferred."; | |||
| skipping to change at line 735 ¶ | skipping to change at line 731 ¶ | |||
| "Prefix-SID Sub-TLV."; | "Prefix-SID Sub-TLV."; | |||
| container ospfv3-prefix-sid-flags { | container ospfv3-prefix-sid-flags { | |||
| leaf-list flag { | leaf-list flag { | |||
| type identityref { | type identityref { | |||
| base prefix-sid-flag; | base prefix-sid-flag; | |||
| } | } | |||
| description | description | |||
| "Prefix-SID Sub-TLV flags."; | "Prefix-SID Sub-TLV flags."; | |||
| } | } | |||
| description | description | |||
| "Segment Identifier (SID) flags."; | "SID flags."; | |||
| } | } | |||
| leaf algorithm { | leaf algorithm { | |||
| type identityref { | type identityref { | |||
| base sr-cmn:prefix-sid-algorithm; | base sr-cmn:prefix-sid-algorithm; | |||
| } | } | |||
| description | description | |||
| "Algorithm associated with the Prefix-SID."; | "Algorithm associated with the Prefix-SID."; | |||
| } | } | |||
| uses sid-tlv-encoding; | uses sid-tlv-encoding; | |||
| } | } | |||
| skipping to change at line 804 ¶ | skipping to change at line 800 ¶ | |||
| "Adj-SID optional sub-TLVs."; | "Adj-SID optional sub-TLVs."; | |||
| list adj-sid-sub-tlv { | list adj-sid-sub-tlv { | |||
| description | description | |||
| "List of Adj-SID Sub-TLVs."; | "List of Adj-SID Sub-TLVs."; | |||
| container adj-sid-flags { | container adj-sid-flags { | |||
| leaf-list flag { | leaf-list flag { | |||
| type identityref { | type identityref { | |||
| base adj-sid-flag; | base adj-sid-flag; | |||
| } | } | |||
| description | description | |||
| "Adj-SID Sub-tlv flags."; | "Adj-SID Sub-TLV flags."; | |||
| } | } | |||
| description | description | |||
| "Adj-SID Sub-tlv flags."; | "Adj-SID Sub-TLV flags."; | |||
| } | } | |||
| leaf weight { | leaf weight { | |||
| type uint8; | type uint8; | |||
| description | description | |||
| "Weight used for load-balancing."; | "Weight used for load-balancing."; | |||
| } | } | |||
| uses sid-tlv-encoding; | uses sid-tlv-encoding; | |||
| } | } | |||
| } | } | |||
| } | } | |||
| skipping to change at line 898 ¶ | skipping to change at line 894 ¶ | |||
| + "rt:control-plane-protocol/rt:type, 'ospf:ospf') and " | + "rt:control-plane-protocol/rt:type, 'ospf:ospf') and " | |||
| + "/rt:routing/rt:control-plane-protocols" | + "/rt:routing/rt:control-plane-protocols" | |||
| + "/rt:control-plane-protocol/ospf:ospf" | + "/rt:control-plane-protocol/ospf:ospf" | |||
| + "/ospf-sr-mpls:segment-routing/" | + "/ospf-sr-mpls:segment-routing/" | |||
| + "ospf-sr-mpls:enabled = 'true'" { | + "ospf-sr-mpls:enabled = 'true'" { | |||
| description | description | |||
| "This augments the OSPF area configuration when Segment | "This augments the OSPF area configuration when Segment | |||
| Routing is enabled at the OSPF instance level."; | Routing is enabled at the OSPF instance level."; | |||
| } | } | |||
| container segment-routing { | container segment-routing { | |||
| presence "When present, Segment Routing over MPLS is enabled | presence "When present, SR-MPLS is enabled | |||
| for the area."; | for the area."; | |||
| description | description | |||
| "OSPF area level Segment Routing configuration. Enables | "OSPF area level Segment Routing configuration. Enables | |||
| Segment Routing over MPLS on all interfaces, and enables | SR-MPLS on all interfaces, and enables advertisement of | |||
| advertisement of Link State Advertisements (LSAs) and TLVs | Link State Advertisements (LSAs) and TLVs supporting | |||
| supporting Segment Routing over MPLS."; | SR-MPLS."; | |||
| } | } | |||
| description | description | |||
| "This augments the OSPF protocol area configuration with | "This augments the OSPF protocol area configuration with | |||
| Segment Routing."; | Segment Routing."; | |||
| } | } | |||
| augment "/rt:routing/rt:control-plane-protocols/" | augment "/rt:routing/rt:control-plane-protocols/" | |||
| + "rt:control-plane-protocol/ospf:ospf/" | + "rt:control-plane-protocol/ospf:ospf/" | |||
| + "ospf:areas/ospf:area/ospf:interfaces/ospf:interface" { | + "ospf:areas/ospf:area/ospf:interfaces/ospf:interface" { | |||
| when "derived-from(/rt:routing/rt:control-plane-protocols/" | when "derived-from(/rt:routing/rt:control-plane-protocols/" | |||
| skipping to change at line 933 ¶ | skipping to change at line 929 ¶ | |||
| "This augments the OSPF protocol interface | "This augments the OSPF protocol interface | |||
| configuration with Segment Routing."; | configuration with Segment Routing."; | |||
| reference | reference | |||
| "RFC 9020: YANG Data Model for Segment Routing"; | "RFC 9020: YANG Data Model for Segment Routing"; | |||
| uses sr-mpls:igp-interface { | uses sr-mpls:igp-interface { | |||
| augment "segment-routing/adjacency-sid/adj-sids" { | augment "segment-routing/adjacency-sid/adj-sids" { | |||
| when "((../../../ospf:interface-type = 'broadcast') or | when "((../../../ospf:interface-type = 'broadcast') or | |||
| (../../../ospf:interface-type = 'non-broadcast'))" { | (../../../ospf:interface-type = 'non-broadcast'))" { | |||
| description | description | |||
| "This augments broadcast and non-broadcast multi-access | "This augments broadcast and non-broadcast multi-access | |||
| interface Segment Routing interface configuration."; | interface with Segment Routing interface | |||
| configuration."; | ||||
| } | } | |||
| description | description | |||
| "This augments LAN interface adj-sid with neighbor-id."; | "This augments LAN interface adj-sid with neighbor-id."; | |||
| leaf neighbor-id { | leaf neighbor-id { | |||
| type inet:ip-address; | type inet:ip-address; | |||
| mandatory true; | mandatory true; | |||
| description | description | |||
| "Neighbor's Router ID, IPv4 address, or IPv6 address. | "Neighbor's Router ID, IPv4 address, or IPv6 address. | |||
| Specification is optional and, if specified, SHOULD | Specification is optional and, if specified, SHOULD | |||
| specify a neighbor reachable via the interface."; | specify a neighbor reachable via the interface."; | |||
| skipping to change at line 1030 ¶ | skipping to change at line 1027 ¶ | |||
| augment "/rt:routing/rt:control-plane-protocols/" | augment "/rt:routing/rt:control-plane-protocols/" | |||
| + "rt:control-plane-protocol/ospf:ospf/" | + "rt:control-plane-protocol/ospf:ospf/" | |||
| + "ospf:areas/ospf:area/ospf:interfaces/ospf:interface/" | + "ospf:areas/ospf:area/ospf:interfaces/ospf:interface/" | |||
| + "ospf:fast-reroute/ospf:lfa/ospf:remote-lfa" { | + "ospf:fast-reroute/ospf:lfa/ospf:remote-lfa" { | |||
| when "derived-from(/rt:routing/rt:control-plane-protocols/" | when "derived-from(/rt:routing/rt:control-plane-protocols/" | |||
| + "rt:control-plane-protocol/rt:type, 'ospf:ospf')" { | + "rt:control-plane-protocol/rt:type, 'ospf:ospf')" { | |||
| description | description | |||
| "This augments the OSPF routing protocol when used."; | "This augments the OSPF routing protocol when used."; | |||
| } | } | |||
| description | description | |||
| "This augments the OSPF protocol IP-FRR with Remote LFA."; | "This augments the OSPF protocol IP-FRR with RLFA."; | |||
| reference | reference | |||
| "RFC 9855: Topology Independent Fast Reroute Using Segment | "RFC 9855: Topology Independent Fast Reroute Using Segment | |||
| Routing"; | Routing"; | |||
| leaf use-segment-routing-path { | leaf use-segment-routing-path { | |||
| if-feature "remote-lfa-sr"; | if-feature "remote-lfa-sr"; | |||
| type boolean; | type boolean; | |||
| default "false"; | default "false"; | |||
| description | description | |||
| "Force Remote LFA to use a Segment Routing path instead of an | "Force RLFA to use a Segment Routing path instead of an | |||
| LDP path. The value of this leaf is in effect only when | LDP path. The value of this leaf is in effect only when | |||
| remote-lfa is enabled."; | remote-lfa is enabled."; | |||
| } | } | |||
| } | } | |||
| /* Operational states */ | /* Operational states */ | |||
| augment "/rt:routing/rt:control-plane-protocols/" | augment "/rt:routing/rt:control-plane-protocols/" | |||
| + "rt:control-plane-protocol/ospf:ospf/" | + "rt:control-plane-protocol/ospf:ospf/" | |||
| + "ospf:areas/ospf:area/ospf:interfaces/ospf:interface/" | + "ospf:areas/ospf:area/ospf:interfaces/ospf:interface/" | |||
| + "ospf:neighbors/ospf:neighbor" { | + "ospf:neighbors/ospf:neighbor" { | |||
| when "derived-from(/rt:routing/rt:control-plane-protocols/" | when "derived-from(/rt:routing/rt:control-plane-protocols/" | |||
| + "rt:control-plane-protocol/rt:type, 'ospf:ospf')" { | + "rt:control-plane-protocol/rt:type, 'ospf:ospf')" { | |||
| description | description | |||
| "This augments the OSPF routing protocol when used."; | "This augments the OSPF routing protocol when used."; | |||
| } | } | |||
| description | description | |||
| "This augments the OSPF interface adjacency-sid state."; | "This augments the OSPF interface adjacency-sid state."; | |||
| list adjacency-sid { | list adjacency-sid { | |||
| description | description | |||
| "List of adjacency Segment IDs."; | "List of Adj-SIDs."; | |||
| leaf value { | leaf value { | |||
| type uint32; | type uint32; | |||
| description | description | |||
| "Value of the Adj-SID."; | "Value of the Adj-SID."; | |||
| } | } | |||
| leaf weight { | leaf weight { | |||
| type uint8; | type uint8; | |||
| description | description | |||
| "Weight associated with the adjacency SID."; | "Weight associated with the Adj-SID."; | |||
| } | } | |||
| leaf protection-requested { | leaf protection-requested { | |||
| type boolean; | type boolean; | |||
| description | description | |||
| "Describe if the adjacency SID is protected."; | "Describe if the Adj-SID is protected."; | |||
| } | } | |||
| } | } | |||
| } | } | |||
| /* | /* | |||
| * Augmentations for read-only data nodes corresponding to Segment | * Augmentations for read-only data nodes corresponding to Segment | |||
| * Routing encodings in OSPFv2 and OSPFv3 Link State Advertisements | * Routing encodings in OSPFv2 and OSPFv3 Link State Advertisements | |||
| * (LSAs) in OSPF Link State Databases (LSDBs) at the instance, | * (LSAs) in OSPF Link State Databases (LSDBs) at the instance, | |||
| * area, and interface level. | * area, and interface level. | |||
| */ | */ | |||
| skipping to change at line 1525 ¶ | skipping to change at line 1522 ¶ | |||
| protection or authentication can have a negative effect on network | protection or authentication can have a negative effect on network | |||
| operations. The following subtrees and data nodes have particular | operations. The following subtrees and data nodes have particular | |||
| sensitivities/vulnerabilities: | sensitivities/vulnerabilities: | |||
| * /ospf:ospf/segment-routing/enabled - Modification to the | * /ospf:ospf/segment-routing/enabled - Modification to the | |||
| enablement for SR could result in a Denial-of-Service (DoS) | enablement for SR could result in a Denial-of-Service (DoS) | |||
| attack. If an attacker disables SR, it will cause traffic | attack. If an attacker disables SR, it will cause traffic | |||
| disruption. | disruption. | |||
| * /ospf:ospf/segment-routing/bindings - Modification to the local | * /ospf:ospf/segment-routing/bindings - Modification to the local | |||
| bindings could result in a Denial-of-Service (DoS) attack. | bindings could result in a DoS attack. | |||
| * /ospf:ospf/protocol-srgb - Modification of the protocol SRGB could | * /ospf:ospf/protocol-srgb - Modification of the protocol SRGB could | |||
| be used to mount a DoS attack. For example, if the protocol SRGB | be used to mount a DoS attack. For example, if the protocol SRGB | |||
| size is reduced to a very small value, a lot of existing segments | size is reduced to a very small value, a lot of existing segments | |||
| could no longer be installed, leading to a traffic disruption. | could no longer be installed, leading to a traffic disruption. | |||
| * /ospf:interfaces/ospf:interface/segment-routing - Modification of | * /ospf:interfaces/ospf:interface/segment-routing - Modification of | |||
| the Adjacency Segment Identifier (Adj-SID) could be used to mount | the Adj-SID could be used to mount a DoS attack. Change of an | |||
| a DoS attack. Change of an Adj-SID could be used to redirect | Adj-SID could be used to redirect traffic. | |||
| traffic. | ||||
| * /ospf:interfaces/ospf:interface/ospf:fast-reroute/ti-lfa - | * /ospf:interfaces/ospf:interface/ospf:fast-reroute/ti-lfa - | |||
| Modification of the TI-LFA enablement could lead to traffic | Modification of the TI-LFA enablement could lead to traffic | |||
| disruption. | disruption. | |||
| Some of the readable data nodes in this YANG module may be considered | Some of the readable data nodes in this YANG module may be considered | |||
| sensitive or vulnerable in some network environments. It is thus | sensitive or vulnerable in some network environments. It is thus | |||
| important to control read access (e.g., via get, get-config, or | important to control read access (e.g., via get, get-config, or | |||
| notification) to these data nodes. Specifically, the following | notification) to these data nodes. Specifically, the following | |||
| subtrees and data nodes have particular sensitivities/ | subtrees and data nodes have particular sensitivities/ | |||
| skipping to change at line 1565 ¶ | skipping to change at line 1561 ¶ | |||
| the topology and path for MPLS segment-routed packets. Examples | the topology and path for MPLS segment-routed packets. Examples | |||
| include the OSPFv2 extended-prefix-opaque-LSA/prefix-sid-sub-tlvs | include the OSPFv2 extended-prefix-opaque-LSA/prefix-sid-sub-tlvs | |||
| and OSPFv3 e-router-tlvs/link-tlv/sub-tlvs/ospfv3-lan-adj-sid-sub- | and OSPFv3 e-router-tlvs/link-tlv/sub-tlvs/ospfv3-lan-adj-sid-sub- | |||
| tlvs. | tlvs. | |||
| * Knowledge of Prefix and Adjacency SIDs may also divulge a view of | * Knowledge of Prefix and Adjacency SIDs may also divulge a view of | |||
| the Segment Routing network topology architecture, which may be | the Segment Routing network topology architecture, which may be | |||
| considered a proprietary asset. | considered a proprietary asset. | |||
| * Knowledge of the advertised SID/Label Range TLVs, SR Local Block | * Knowledge of the advertised SID/Label Range TLVs, SR Local Block | |||
| TLVs, and Segment Routing Mapping Server (SRMS) TLVs may | TLVs, and SRMS TLVs may facilitate a DoS attack on the advertising | |||
| facilitate a Denial of Service (DoS) attack on the advertising | ||||
| node's SR and SRMS functionality. Examples include augmentations | node's SR and SRMS functionality. Examples include augmentations | |||
| to the OSPFv2 ri-opaque/sid-range-tlvs and OSPFv3 router- | to the OSPFv2 ri-opaque/sid-range-tlvs and OSPFv3 router- | |||
| information/local-block-tlvs. | information/local-block-tlvs. | |||
| There are no particularly sensitive RPC or action operations. | ||||
| This YANG module uses groupings from other YANG modules that define | This YANG module uses groupings from other YANG modules that define | |||
| nodes that may be considered sensitive or vulnerable in network | nodes that may be considered sensitive or vulnerable in network | |||
| environments. Refer to the Security Considerations of [RFC9020] for | environments. Refer to the Security Considerations of [RFC9020] for | |||
| information as to which nodes may be considered sensitive or | information as to which nodes may be considered sensitive or | |||
| vulnerable in network environments. | vulnerable in network environments. | |||
| 5. IANA Considerations | 5. IANA Considerations | |||
| This document registers a URI in the "IETF XML Registry" [RFC3688]. | This document registers a URI in the "IETF XML Registry" [RFC3688]. | |||
| Following the format in [RFC3688], the following registration has | Following the format in [RFC3688], the following registration has | |||
| skipping to change at line 2363 ¶ | skipping to change at line 2360 ¶ | |||
| +--ro weight? uint8 | +--ro weight? uint8 | |||
| +--ro neighbor-router-id? rt-types:router-id | +--ro neighbor-router-id? rt-types:router-id | |||
| +--ro (sid)? | +--ro (sid)? | |||
| +--:(sid-label) | +--:(sid-label) | |||
| | +--ro label-value? uint32 | | +--ro label-value? uint32 | |||
| +--:(sid-index) | +--:(sid-index) | |||
| +--ro index-value? uint32 | +--ro index-value? uint32 | |||
| Acknowledgements | Acknowledgements | |||
| The authors wish to thank Dean Bogdanovic and Kiran Koushik Agrahara | The authors wish to thank Dean Bogdanovic, Kiran Koushik Agrahara | |||
| Sreenivasa for their YANG module discussions. | Sreenivasa, and Derek Yeung for their YANG module discussions. | |||
| The authors wish to thank Yi Yang, Alexander Clemm, Gaurav Gupta, | The authors wish to thank Yi Yang, Alexander Clemm, Gaurav Gupta, | |||
| Ladislav Lhotka, Stephane Litkowski, Greg Hankins, Manish Gupta, Alan | Ladislav Lhotka, Stephane Litkowski, Greg Hankins, Manish Gupta, Alan | |||
| Davey, Divakaran Baskaran, Reshad Rahman, Tom Petch, and Corey | Davey, Divakaran Baskaran, Reshad Rahman, Tom Petch, and Corey | |||
| Bonnell for their thorough reviews and helpful comments. | Bonnell for their thorough reviews and helpful comments. | |||
| The authors wish to thank Julien Meuric for a very meticulous Routing | The authors wish to thank Julien Meuric for a very meticulous Routing | |||
| Directorate review. | Directorate review. | |||
| The authors wish to thank Mohamed Boucadair and Ketan Talaulikar for | The authors wish to thank Mohamed Boucadair and Ketan Talaulikar for | |||
| extensive AD reviews for the IESG Telechat. Thanks to Éric Vyncke | extensive AD reviews for the IESG Telechat. Thanks to Éric Vyncke | |||
| and Mahesh Jethanandani for review comments. | and Mahesh Jethanandani for review comments. | |||
| Author affiliation with The MITRE Corporation is provided for | ||||
| identification purposes only and is not intended to convey or imply | ||||
| MITRE's concurrence with, or support for, the positions, opinions, or | ||||
| viewpoints expressed. MITRE has agreed to this document for Public | ||||
| Release, Distribution Unlimited, with Public Release Case Number | ||||
| 18-3281. This approval allows the MITRE employee to release | ||||
| contributions externally and does not assert authority to publish. | ||||
| Authors' Addresses | Authors' Addresses | |||
| Yingzhen Qu | Yingzhen Qu | |||
| Futurewei Technologies | Futurewei Technologies | |||
| Email: yingzhen.ietf@gmail.com | Email: yingzhen.ietf@gmail.com | |||
| Acee Lindem | Acee Lindem | |||
| LabN Consulting, L.L.C. | LabN Consulting, L.L.C. | |||
| 301 Midenhall Way | 301 Midenhall Way | |||
| Cary, NC 27513 | Cary, NC 27513 | |||
| skipping to change at line 2407 ¶ | skipping to change at line 2396 ¶ | |||
| Email: acee.ietf@gmail.com | Email: acee.ietf@gmail.com | |||
| Jeffrey Zhang | Jeffrey Zhang | |||
| Juniper Networks | Juniper Networks | |||
| 10 Technology Park Drive | 10 Technology Park Drive | |||
| Westford, MA 01886 | Westford, MA 01886 | |||
| United States of America | United States of America | |||
| Email: zzhang@juniper.net | Email: zzhang@juniper.net | |||
| Ing-Wher Chen | Ing-Wher Chen | |||
| The MITRE Corporation | Red Hat, Inc. | |||
| Email: ingwherchen@mitre.org | Email: ichen@redhat.com | |||
| End of changes. 32 change blocks. | ||||
| 61 lines changed or deleted | 50 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||