Internet DRAFT - draft-ietf-pim-evpn-multicast-yang

draft-ietf-pim-evpn-multicast-yang



PIM Working Group                                               H. Zhao
Internet Draft                                                 Ericsson
Intended status: Standards Track                                 Y. Liu
Expires: September 03, 2024                                China Mobile
                                                                 X. Liu
                                                              Alef Edge
                                                        M. Panchanathan
                                                                  Cisco
                                                           M. Sivakumar
                                                                Juniper


                                                         March 04, 2024


                    Yang Data Model for EVPN multicast
                 draft-ietf-pim-evpn-multicast-yang-01.txt




Abstract

This document describes a YANG data model for EVPN multicast services.
The model is agnostic of the underlay as well as RFC 9251. This
document mainly focuses on EVPN instance framework.



Status of this Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time. It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html




Zhao & Liu, etc                                                [Page 1]

                 DRAFT-IETF-PIM-EVPN-MULTICAST-YANG-01


   This Internet-Draft will expire on September 03, 2024.

Copyright Notice

   Copyright (c) 2024 IETF Trust and the persons identified as the
   document authors. All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document. Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document. Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.



Table of Contents


   1. Introduction...................................................3
      1.1. Terminology...............................................3
      1.2. Tree Diagrams.............................................3
      1.3. Prefixes in Data Node Names...............................3
   2. Module Structure...............................................3
      2.1. Attributes to control new BGP EVPN routes.................4
      2.2. New BGP EVPN routes.......................................4
   3. EVPN Multicast Yang Module.....................................5
   4. Security Considerations........................................9
   5. IANA Considerations...........................................10
      5.1. XML Registry.............................................10
      5.2. YANG Module Names Registry...............................10
   6. References....................................................10
      6.1. Normative References.....................................10
      6.2. Informative References...................................11
   Authors' Addresses...............................................12














Zhao & Liu, etc                                                [Page 2]

                 DRAFT-IETF-PIM-EVPN-MULTICAST-YANG-01


1. Introduction

This document describes a YANG data model for EVPN multicast services.
Its name is ietf-evpn-multicast. [RFC9251] introduces three new BGP EVPN
routes to carry IGMP Membership Reports. The module ietf-evpn-multicast
defines the three new BGP EVPN routes in it. It also defines other
attributes for EVPN multicast services.

1.1. Terminology

The terminology for describing YANG data models is found in [RFC6020]
and [RFC7950], including:
  *  augment
  *  data model
  *  data node
  *  module

1.2. Tree Diagrams

Tree diagrams used in this document follow the notation defined in

[RFC8340].

1.3. Prefixes in Data Node Names

In this document, names of data nodes, actions, and other data model
objects are often used without a prefix, as long as it is clear from the
context in which YANG module each name is defined. Otherwise, names are
prefixed using the standard prefix associated with the corresponding
YANG module, as shown in Table 1.

+----------+-----------------------+---------------------------------+
| Prefix   | YANG module           | Reference                       |
+==========+=======================+=================================+
| inet     | ietf-inet-types       | [RFC6991]                       |
+----------+-----------------------+---------------------------------+
| rt-types | ietf-routing-types    | [RFC8294]                       |
+----------+-----------------------+---------------------------------+
| evpn     | ietf-evpn             | [draft-ietf-bess-evpn-yang]     |
+----------+-----------------------+---------------------------------+
| es       | ietf-ethernet-segment | [draft-ietf-bess-evpn-yang]     |
+----------+-----------------------+---------------------------------+

      Table 1: Prefixes and Corresponding YANG Modules


2. Module Structure

This module extends ietf-evpn data model specified in [draft-ietf-bess-
evpn-yang] to configure and show EVPN multicast service.



Zhao & Liu, etc                                                [Page 3]

                 DRAFT-IETF-PIM-EVPN-MULTICAST-YANG-01


This module conforms to the Network Management Datastore Architecture
(NMDA) [RFC8342]. The operational state data is combined with the
associated configuration data in the same hierarchy [RFC8407].

2.1. Attributes to control new BGP EVPN routes

This module augments /evpn:evpn/evpn:evpn-instances/evpn:evpn-instance
to add some attributes to control the three new BGP EVPN routes to carry
IGMP Membership Reports.

If evpn-igmp-proxy is enabled, Trigger an IMET route update with
Multicast Flags Extended Community and IGMP proxy bit is set [RFC 9251].

If evpn-mld-proxy is enabled, Trigger an IMET route update with
Multicast Flags Extended Community and MLD proxy bit is set [RFC 9251].

   augment /evpn:evpn/evpn:evpn-instances/evpn:evpn-instance:
      +--rw evpn-igmp-proxy?   boolean {evpn-igmp-proxy}?
      +--rw evpn-mld-proxy?    boolean {evpn-mld-proxy}?



2.2. New BGP EVPN routes

This module augments /evpn:evpn/evpn:evpn-instances/evpn:evpn-
instance/evpn:routes to add three new BGP EVPN routes to carry IGMP
Membership Reports [RFC 9251]. The route types are known as:

   6 -  Selective Multicast Ethernet Tag Route

   7 -  Multicast Membership Report Synch Route

   8 -  Multicast Leave Synch Route


augment /evpn:evpn/evpn:evpn-instances/evpn:evpn-instance/evpn:routes:
   +--ro selective-multicast-ethernet-tag-route*
   |  +--ro rd-rt* [route-distinguisher]
   |  |  +--ro route-distinguisher    rt-types:route-distinguisher
   |  |  +--ro vpn-target* [route-target]
   |  |     +--ro route-target    rt-types:route-target
   |  +--ro ethernet-tag?               uint32
   |  +--ro multicast-source-address?   inet:ip-address
   |  +--ro multicast-group-address?    rt-types:ip-multicast-group-address
   |  +--ro originator-ip-prefix?       inet:ip-prefix
   +--ro multicast-membership-report-synch-route*
   |  +--ro rd-rt* [route-distinguisher]
   |  |  +--ro route-distinguisher    rt-types:route-distinguisher
   |  |  +--ro vpn-target* [route-target]
   |  |     +--ro route-target    rt-types:route-target
   |  +--ro ethernet-segment-identifier?   yang:hex-string
   |  +--ro ethernet-tag?                  uint32
Zhao & Liu, etc                                                [Page 4]

                 DRAFT-IETF-PIM-EVPN-MULTICAST-YANG-01


   |  +--ro multicast-source-address?      inet:ip-address
   |  +--ro multicast-group-address?       rt-types:ip-multicast-group-address
   |  +--ro originator-ip-prefix?          inet:ip-prefix
   +--ro multicast-leave-synch-route*
      +--ro rd-rt* [route-distinguisher]
      |  +--ro route-distinguisher    rt-types:route-distinguisher
      |  +--ro vpn-target* [route-target]
      |     +--ro route-target    rt-types:route-target
      +--ro ethernet-segment-identifier?   yang:hex-string
      +--ro ethernet-tag?                  uint32
      +--ro multicast-source-address?      inet:ip-address
      +--ro multicast-group-address?       rt-types:ip-multicast-group-address
      +--ro originator-ip-prefix?          inet:ip-prefix
      +--ro maximum-response-time?         uint16


3. EVPN Multicast Yang Module

This module references [RFC6991],[RFC8294],[draft-ietf-bess-evpn-yang].

<CODE BEGINS> file ietf-evpn-multicast@2024-03-04.yang
   module ietf-evpn-multicast {
     namespace "urn:ietf:params:xml:ns:yang:ietf-evpn-multicast";

     prefix "evpn-multicast";

     import ietf-inet-types {
       prefix "inet";
     }

     import ietf-routing-types {
       prefix "rt-types";
     }

     import ietf-yang-types {
       prefix yang;
     }

     import ietf-evpn {
       prefix "evpn";
     }

     organization  "ietf";

     contact       "ietf";

     description   "evpn multicast";

     revision "2024-03-04" {
       description "Initial draft";
       reference   "";
     }
Zhao & Liu, etc                                                [Page 5]

                 DRAFT-IETF-PIM-EVPN-MULTICAST-YANG-01



     /*
      * Features
      */

     feature evpn-igmp-proxy {
       description
         "Support IGMP Proxy for EVPN.";
       reference
         "RFC 9251";
     }

     feature evpn-mld-proxy {
       description
         "Support MLD Proxy for EVPN.";
       reference
         "RFC 9251";
     }

     /* Groupings */

     grouping route-rd-rt-grp {
       description "A grouping for a route's route distinguishers " +
                   "and route targets";
       list rd-rt {
         key "route-distinguisher";
         leaf route-distinguisher {
           type rt-types:route-distinguisher;
           description "Route distinguisher";
         }
         list vpn-target {
           key "route-target";
           leaf route-target {
             type rt-types:route-target;
             description "BGP route target";
           }
           description "A list of route targets";
         }
         description "A list of route distinguishers and " +
                     "corresponding VPN route targets";
       }
     }

     /* augments */

     augment "/evpn:evpn/evpn:evpn-instances/evpn:evpn-instance" {
       description "";
       leaf evpn-igmp-proxy {
           if-feature "evpn-igmp-proxy";
           type boolean;
           description "Trigger an IMET route update with Multicast
             Flags Extended Community and IGMP proxy bit is set.";
Zhao & Liu, etc                                                [Page 6]

                 DRAFT-IETF-PIM-EVPN-MULTICAST-YANG-01


       }
       leaf evpn-mld-proxy {
           if-feature "evpn-mld-proxy";
           type boolean;
           description "Trigger an IMET route update with Multicast
             Flags Extended Community and MLD proxy bit is set.";
       }
     }

     augment "/evpn:evpn/evpn:evpn-instances/evpn:evpn-
instance/evpn:routes" {
       if-feature "evpn-igmp-proxy or evpn-mld-proxy";
       description "Type6~8 route";
       list selective-multicast-ethernet-tag-route {
          uses route-rd-rt-grp;
          leaf ethernet-tag {
            type uint32;
            description "An ethernet tag (etag) indentifying a " +
                        "broadcast domain";
          }
          leaf multicast-source-address {
           type inet:ip-address;
           description
             "";
          }
          leaf multicast-group-address {
             type rt-types:ip-multicast-group-address;
             description
               "Multicast group address.";
           }
          leaf originator-ip-prefix {
            type inet:ip-prefix;
            description "originator-ip-prefix";
          }
          description "SMET route (type6)";
        }
       list multicast-membership-report-synch-route {
          uses route-rd-rt-grp;
          leaf ethernet-segment-identifier {
            type yang:hex-string {
              length "29";
            }
            description "Ethernet segment identifier (esi)";
          }
          leaf ethernet-tag {
            type uint32;
            description "An ethernet tag (etag) indentifying a " +
                        "broadcast domain";
          }
          leaf multicast-source-address {
           type inet:ip-address;
           description
Zhao & Liu, etc                                                [Page 7]

                 DRAFT-IETF-PIM-EVPN-MULTICAST-YANG-01


             "";
          }
          leaf multicast-group-address {
             type rt-types:ip-multicast-group-address;
             description
               "Multicast group address.";
           }
          leaf originator-ip-prefix {
            type inet:ip-prefix;
            description "originator-ip-prefix";
          }
          description "type7 route";
        }
       list multicast-leave-synch-route {
          uses route-rd-rt-grp;
          leaf ethernet-segment-identifier {
            type yang:hex-string {
              length "29";
            }
            description "Ethernet segment identifier (esi)";
          }
          leaf ethernet-tag {
            type uint32;
            description "An ethernet tag (etag) indentifying a " +
                        "broadcast domain";
          }
          leaf multicast-source-address {
           type inet:ip-address;
           description
             "";
          }
          leaf multicast-group-address {
             type rt-types:ip-multicast-group-address;
             description
               "Multicast group address.";
           }
          leaf originator-ip-prefix {
            type inet:ip-prefix;
            description "originator-ip-prefix";
          }
          leaf maximum-response-time {
            type uint16;
            units "seconds";
            description
              "Query maximum response time specifies the maximum time
               allowed before sending a responding report.";
            reference
              "Sections 4.1.1, 8.3 of RFC 3376: Internet Group
               Management Protocol, Version 3";
          }
          description "type8 route";
        }
Zhao & Liu, etc                                                [Page 8]

                 DRAFT-IETF-PIM-EVPN-MULTICAST-YANG-01


     }
  }
<CODE ENDS>


4. Security Considerations

The YANG module specified in this document defines a schema for data
that is designed to be accessed via network management protocols such as
NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer is the
secure transport layer, and the mandatory-to-implement secure transport
is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer is HTTPS, and
the mandatory-to-implement secure transport is TLS [RFC8446].

The Network Configuration Access Control Model (NACM) [RFC8341] provides
the means to restrict access for particular NETCONF or RESTCONF users to
a preconfigured subset of all available NETCONF or RESTCONF protocol
operations and content.

There are a number of data nodes defined in this YANG module that are
writable/creatable/deletable (i.e., config true, which is the default).
These data nodes may be considered sensitive or vulnerable in some
network environments. Write operations (e.g., edit-config) to these data
nodes without proper protection can have a negative effect on network
operations. These are the subtrees and data nodes and their
sensitivity/vulnerability:

Under /evpn:evpn/evpn:evpn-instances/evpn:evpn-instance:/

evpn-multicast:evpn-igmp-proxy

evpn-multicast:evpn-mld-proxy

Unauthorized access to any data node of these subtrees can adversely
affect the EVPN multicast service of both the local device and the
network. This may lead to network malfunctions, delivery of packets to
inappropriate destinations, and other problems.

Some of the readable data nodes in this YANG module may be considered
sensitive or vulnerable in some network environments. It is thus
important to control read access (e.g., via get, get-config, or
notification) to these data nodes. These are the subtrees and data nodes
and their sensitivity/vulnerability:

Under /evpn:evpn/evpn:evpn-instances/evpn:evpn-instance:/

evpn-multicast:evpn-igmp-proxy

evpn-multicast:evpn-mld-proxy

Under augment /evpn:evpn/evpn:evpn-instances/evpn:evpn-
instance/evpn:routes:/
Zhao & Liu, etc                                                [Page 9]

                 DRAFT-IETF-PIM-EVPN-MULTICAST-YANG-01


evpn-multicast:selective-multicast-ethernet-tag-route

evpn-multicast:multicast-membership-report-synch-route

evpn-multicast:multicast-leave-synch-route

Unauthorized access to any data node of these subtrees can disclose the
operational state information of EVPN multicast service on this device.



5. IANA Considerations

RFC Ed.: In this section, replace all occurrences of 'XXXX' with the
actual RFC number (and remove this note).

5.1. XML Registry

This document registers the following namespace URIs in the IETF XML

registry [RFC3688]:

--------------------------------------------------------------------
URI: urn:ietf:params:xml:ns:yang:ietf-evpn-multicast
Registrant Contact: The IESG.
XML: N/A, the requested URI is an XML namespace.
--------------------------------------------------------------------

5.2. YANG Module Names Registry

This document registers the following YANG modules in the YANG Module
Names registry [RFC7950]:
--------------------------------------------------------------------
name:      ietf-evpn-multicast
namespace: urn:ietf:params:xml:ns:yang:ietf-evpn-multicast
prefix:    evpn-multicast
reference: RFC XXXX
--------------------------------------------------------------------

6. References

6.1. Normative References

   [RFC3688] Mealling, M., "The IETF XML Registry", RFC 3688, January
             2004.

Zhao & Liu, etc                                               [Page 10]

                 DRAFT-IETF-PIM-EVPN-MULTICAST-YANG-01


   [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for
             the Network Configuration Protocol (NETCONF)", RFC 6020,
             October 2010.

   [RFC6241] R. Enns, Ed., M. Bjorklund, Ed., J. Schoenwaelder, Ed., A.
             Bierman, Ed., "Network Configuration Protocol (NETCONF)",
             RFC 6241, June 2011.

   [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure
             Shell (SSH)", RFC 6242, June 2011.

   [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", RFC 6991,
             July 2013.

   [RFC7950] M. Bjorklund, Ed., "The YANG 1.1 Data Modeling Language",
             RFC 7950, August 2016.

   [RFC8040] A. Bierman, M. Bjorklund, K. Watsen, "RESTCONF Protocol",
             RFC 8040, January 2017.

   [RFC8294] X. Liu, Y. Qu, A. Lindem, C. Hopps, L. Berger, "Common YANG
             Data Types for the Routing Area", RFC 8294, December 2017.

   [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration Access
             Control Model", RFC 8341, March 2018.

   [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
             Version 1.3", RFC 8446, August 2018.

   [RFC9251] A. Sajassi, S. Thoria, M. Mishra, K. Patel, J. Drake, W.
             Lin, "Internet Group Management Protocol (IGMP) and
             Multicast Listener Discovery (MLD) Proxies for Ethernet VPN
             (EVPN)", RFC 9251, June 2022.

   [draft-ietf-bess-evpn-yang] P. Brissette, H. Shah, I. Chen, I.
             Hussain, K. Tiruveedhula, J. Rabadan, "Yang Data Model for
             EVPN", draft-ietf-bess-evpn-yang-07, March 2019.



6.2. Informative References

   [RFC8407] A. Bierman, "Guidelines for Authors and Reviewers of
             Documents Containing YANG Data Models", RFC 8407, October
             2018.







Zhao & Liu, etc                                               [Page 11]

                 DRAFT-IETF-PIM-EVPN-MULTICAST-YANG-01


Authors' Addresses

   Hongji Zhao
   Ericsson (China) Communications Company Ltd.
   Ericsson Tower, No. 5 Lize East Street,
   Chaoyang District Beijing 100102, China
   Email: hongji.zhao@ericsson.com


   Yisong Liu
   China Mobile
   China
   Email: liuyisong@chinamobile.com


   Xufeng Liu
   Alef Edge
   United States of America
   EMail: xufeng.liu.ietf@gmail.com


   Mani Panchanathan
   Cisco Systems, Inc.
   3625 Cisco Way
   San Jose, CA
   United States of America
   Email: mapancha@cisco.com


   Mahesh Sivakumar
   Juniper Networks
   1133 Innovation Way
   Sunnyvale, CA
   United States of America
   Email: sivakumar.mahesh@gmail.com

















Zhao & Liu, etc                                               [Page 12]