I2RS working group | S. Hares |
Internet-Draft | Huawei |
Intended status: Standards Track | S. Kini |
Expires: July 7, 2016 | Ericsson |
L. Dunbar | |
Huawei | |
A. Ghanwani | |
R. Krishnan | |
Dell | |
D. Bogdanovic | |
Juniper Networks | |
J. Tantsura | |
R. White | |
Ericsson | |
January 4, 2016 |
Filter-Based RIB Data Model
draft-hares-i2rs-fb-rib-data-model-01
This document defines a data model for the I2RS Filter-based Routing Information Base (RIB) Yang data model. A routing system uses the Filter-based RIBto program FIB entries that process incoming packets by matching on multiple fields within the packet and then performing a specified action on it. The FB-RIB can also specify an action to forward the packet according to the FIB entries programmed using the RIBs of its routing instance.
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."
This Internet-Draft will expire on July 7, 2016.
Copyright (c) 2016 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
The Interface to the Routing System (I2RS) [I-D.ietf-i2rs-architecture] architecture provides dynamic read and write access to the information and state within the routing elements. The I2RS client interacts with the I2RS agent in one or more network routing systems.
This document provides a yang module for the I2RS filter Based Routing Information Base (FB-RIB) and describes the I2RS interaction with routing filters within a routing element. The informational model for the FB-RIB is in [I-D.kini-i2rs-fb-rib-info-model]
Filter-based routing is a technique used to make packet forwarding decisions based on a filter that is matched to the incoming packets and the specified action. It should be noted that that this is distinct from the static routes in the RIB [I-D.ietf-i2rs-rib-info-model] where the routing is destination ddress based.
A Filter-Based RIB (Routing Information Base) is contained in a routing instance (defined in [I-D.ietf-i2rs-rib-info-model]). It contains a list of filters (match-action conditions), a list of interface the filter-based forwarding operates on. Filter-based RIBs (FB-RIBs) operate only on the interface the FB-RIB are configured on.
A Filter Based RIB uses Event-Condition-Action policy. A Filter-based RIB entry specifies matches on fields in a packet (which may include layer 2 fields, IP header fields, transport or application fields) or size of the packet or interface received on. The matches are contained in an ordered list of filters which contain pairs of match condition-action (aka event-condition-action).
If all matches fail, default action is to forward the packet using FIB entries that were programmed by the Routing Informational Base (RIB) manager described in [I-D.ietf-i2rs-rib-info-model].
Actions in the condition-action pair may impact forwarding or set something in the packet that will impact forwarding. Policy actions are typically applied before applying QoS constraints since policy actions may override QoS constraint.
The Filter-Based RIB resides in ephemeral state as does the I2RS RIB and I2RS topology models.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].
In this document, these words will appear with that interpretation only when in ALL CAPS. Lower case uses of these words are not to be interpreted as carrying RFC-2119 significance.
module: FB-RIB fb-rib-types module +--rw fib-ribs +--rw fb-rib* [rib-name] | +--rw rib-name string | +--rw rib-afi inet:afi | +--rw fb-rib-intf* if:interface-ref | +--rw default-i2rs-rib rt:rt-2rs-rib:name | +--rw fb-rib-status-info | | +--rw fb-rib-update-ref uint64 | +--rw instance-using* | | device:networking-instance:networking-instance-name | +--rw fb-rib-Group* [name] | | +--rw name string | | +--rw order-number uint64 | | +--rw filter-type identityref // acl, eca | | +--rw acl-policy | | | +--rw group* | | | acl:access_lists:access-list-entries | | +--rw eca-policy* bnp-eca:rule-group:name | | +--rw fb-rib-group-order_status +--rw default-group-order uint16 +--rw group-refcnt uint16 +--rw group-installed uint16 Figure 4: FB RIB Type Structure
The Top-level Yang structure for the FB-RIB types is:
ietf-fb-rib module +--rw ietf-fb-rib +--rw default-instance-name string +--rw default-router-id rt:router-id uses fb-ribs Figure 5: Global FB RIB Yang Structure
The Top-level Yang structure for a global FB-RIB types (similar to acl) is:
instance-fb-rib-model: imports fb-rib-types (fb-rib-t) augments rt:logical-network-elements:\ logical-network-element:network-instances: \ network-instance uses fb-ribs-t:fb-ribs Figure 6: Instance FB RIB Yang Structure
The Top-level Yang structure for an instance fb-rib is:
//<CODE BEGINS> file "ietf-fb-rib-types@2016-01-03.yang" module ietf-fb-rib-types { yang-version "1"; // namespace namespace "urn:ietf:params:xml:ns:yang:ietf-fb-rib-types"; prefix "fb-rib-t"; import ietf-interfaces {prefix "if";} import ietf-access-control-list {prefix "acl";} import ietf-routing {prefix "rt";} // meta organization "IETF"; contact "email: sriganesh.kini@ericsson.com email: cengiz@packetdesign.com email: anoop@ieee.duke.edu email: ivandean@gmal.org email: shares@ndzh.com; email: linda.dunbar@huawei.com; email: russ@riw.com; email: Jeff.Tantsura@ericsson.com; "; description "This module describes a YANG model for the I2RS Filter-based RIB Types. These types specify types for the Filter-Based RIB. Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved. Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Simplified BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info)."; revision "2016-01-03" { description "Filter-Based RIB protocol "; reference "draft-hares-i2rs-fb-rib-data-model-01"; } typedef fb-rib-policy-type-def { type identityref { base "fb-rib-policy-type"; } description "This type is used to refer to FB-RIB type"; } identity fb-rib-policy-type { description "Types of filter-based policies acl and eca"; } identity fb-rib-acl { base fb-rib-policy-type; description "filter based policy based on access-lists"; } identity fb-bnp-eca-rules { base fb-rib-policy-type; description "filter based policy based on qos forwarding rules"; } typedef fb-rules-status { type identityref { base "fb-rule-opstat"; } description "This type is used to refer to FB-RIB type"; } identity fb-rule-opstat { description "operational statues for filter rules inactive and active"; } identity fb-rule-inactive { base fb-rule-opstat; description "policy rule is inactive"; } identity fb-rule-active { base fb-rule-opstat; description "policy rule is active"; } grouping fb-rib-rule-order-status { leaf statement-order { type uint16; description "order identifier"; } leaf statement-oper_status { type fb-rules-status; description "status of rule"; } description "filter-rib policy rule order and status"; } grouping fb-rib-group-order-status { leaf group-order{ type uint16; description "group order"; } leaf group-refcnt { type uint16; description "refcnt for this group"; } leaf group-installed { type uint16; description "number of rules installed"; } description "fb-rib group list order and status info."; } grouping fb-rib-status-info { leaf fb-rib-update-ref { type uint64; description "number of updates to this FB RIB since last reboot"; } description "FB-RIB update info"; } grouping default-fb-rib { leaf default-rib { type string; description "default ribs for normal and ephemeral filter-based rib should use rt:routing:routing-instance:name"; } leaf i2rs-instance { type string; description "default I2RS RIB should use i2rs-rib:routing-instance:name"; } leaf rib-name { type string; description "name of RIB"; } leaf fb-rib-update-ref { type uint64; description " number of updates to this FB RIB since last reboot"; } description "I2RS RIB which will be used even if none of the policy match"; } grouping fb-ribs { list fib-rib { key fb-rib-name; leaf fb-rib-name { type string; mandatory true; description "RIB name"; } uses rt:address-family; list fb-rib-intf { key "name"; leaf name { type if:interface-ref; description "A reference to the name of a configured network layer interface."; } description "This represents the list of interfaces associated with this routing instance. The interface list helps constrain the boundaries of packet forwarding. Packets coming on these interfaces are directly associated with the given routing instance. The interface list contains a list of identifiers, with each identifier uniquely identifying an interface."; } uses default-fb-rib; list instance-using { key instance-name; leaf instance-name { type string; description " name of instance using this fb-rib rt:routing-instance"; } description "instances using this fb-rib"; } list fb-rib-group { key group-name; leaf group-name { type string; description "policy-group name"; } leaf fb-group-policy-type { type fb-rib-policy-type-def; description "Policy type (acl/eca)"; } list acl-group { key name; leaf name { type string; description "name of access list group"; } list acls { key fb-acl-name; leaf fb-acl-name { type acl:access-control-list-ref; description "acl list name associated with FB-RIB list"; } leaf fb-acl-type { type acl:acl-type; description "acl type"; } description "list of acls"; } description "acl group entry"; } list eca-group { key name; leaf eca-group-name { type string; description "name of eca group (?? should it link 5o bnp-eca group name)"; } description "list of eca groups"; } uses fb-rib-group-order-status; description "list of ordered policy groups "; } description "Configuration of an filter-based rib list"; } description "fb-rib group"; } } // <CODE ENDS>
//<CODE BEGINS> file "ietf-fb-rib@2016-01-03.yang" module ietf-fb-rib { yang-version "1"; // namespace namespace "urn:ietf:params:xml:ns:yang:ietf-fb-rib"; // replace with iana namespace when assigned prefix "fb-rib"; // import some basic inet types import ietf-yang-types {prefix "yang";} import ietf-routing { prefix "rt"; } import fb-rib-types { prefix "fb-rib-t";} // meta organization "IETF"; contact "email: sriganesh.kini@ericsson.com email: cengiz@packetdesign.com email: anoop@ieee.duke.edu email: ivandean@gmal.org email: shares@ndzh.com; email: linda.dunbar@huawei.com; email: russ@riw.com; email: Jeff.Tantsura@ericsson.com; "; description "This Top level module describes a YANG model for the I2RS Filter-based RIB which is an global protocol independent FB RIB module."; revision "2016-01-03" { description "initial revision"; reference "draft-hares-i2rs-fb-rib-data-model-01"; } container ietf-fb-rib { presence "top-level structure"; leaf default-instance-name { type string; mandatory true; description "A routing instance is identified by its name, INSTANCE_name. This MUST be unique across all routing instances in a given network device."; } leaf default-router-id { type yang:dotted-quad; description "Default router id"; } uses fb-rib-t:fb-ribs; description "i2rs FB-RIB"; } augment "/rt:routing/rt:routing-instance" { when "FB-RIB=='true'"; container instance-fb-fib { uses fb-rib-t:fb-ribs; description "instance filter-based rib"; } description "fb-rib augments routing instance"; } } //<CODE ENDS>
TBD
A I2RS RIB is ephemeral data store that will dyanamically change traffic paths set by the routing configuration. An I2RS FB-RIB provides dynamic Event-Condition-Action policy that will further change the operation of forwarding by allow dyanmic policy and ephemeral RIBs to alter the traffic paths set by routing configuration. Care must be taken in deployments to use the appropriate security and operational control to make use of the tools the I2RS RIB and I2RS FB-RIB provide.
[I-D.hares-i2rs-bnp-info-model] | Hares, S., Wu, Q., Tantsura, J. and R. White, "An Information Model for Basic Network Policy and Filter Rules", Internet-Draft draft-hares-i2rs-bnp-info-model-02, March 2015. |
[I-D.ietf-i2rs-architecture] | Atlas, A., Halpern, J., Hares, S., Ward, D. and T. Nadeau, "An Architecture for the Interface to the Routing System", Internet-Draft draft-ietf-i2rs-architecture-12, December 2015. |
[I-D.ietf-i2rs-rib-data-model] | Wang, L., Ananthakrishnan, H., Chen, M., amit.dass@ericsson.com, a., Kini, S. and N. Bahadur, "A YANG Data Model for Routing Information Base (RIB)", Internet-Draft draft-ietf-i2rs-rib-data-model-04, November 2015. |
[I-D.ietf-i2rs-rib-info-model] | Bahadur, N., Kini, S. and J. Medved, "Routing Information Base Info Model", Internet-Draft draft-ietf-i2rs-rib-info-model-08, October 2015. |
[I-D.ietf-netmod-acl-model] | Bogdanovic, D., Koushik, K., Huang, L. and D. Blair, "Network Access Control List (ACL) YANG Data Model", Internet-Draft draft-ietf-netmod-acl-model-06, December 2015. |
[I-D.kini-i2rs-fb-rib-info-model] | Kini, S., Hares, S., Dunbar, L., Ghanwani, A., Krishnan, R., Bogdanovic, D., Tantsura, J. and R. White, "Filter-Based RIB Information Model", Internet-Draft draft-kini-i2rs-fb-rib-info-model-02, October 2015. |
[I-D.ietf-i2rs-usecase-reqs-summary] | Hares, S. and M. Chen, "Summary of I2RS Use Case Requirements", Internet-Draft draft-ietf-i2rs-usecase-reqs-summary-01, May 2015. |
[RFC2119] | Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997. |