Internet DRAFT - draft-keyupate-bess-bgp-l3vpn-cfg
draft-keyupate-bess-bgp-l3vpn-cfg
BESS Working Group K. Patel
Internet-Draft D. Jain
Intended status: Informational Cisco
Expires: June 29, 2016 December 27, 2015
Yang Data Model for BGP/MPLS L3 VPNs
draft-keyupate-bess-bgp-l3vpn-cfg-02.txt
Abstract
This document defines a YANG data model that can be used to configure
and manage BGP Layer 3 VPNs.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on June 29, 2016.
Copyright Notice
Copyright (c) 2015 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
This document may contain material from IETF Documents or IETF
Contributions published or made publicly available before November
Patel & Jain Expires June 29, 2016 [Page 1]
�
Internet-Draft Yang Data Model for BGP/MPLS L3 VPNs December 2015
10, 2008. The person(s) controlling the copyright in some of this
material may not have granted the IETF Trust the right to allow
modifications of such material outside the IETF Standards Process.
Without obtaining an adequate license from the person(s) controlling
the copyright in such materials, this document may not be modified
outside the IETF Standards Process, and derivative works of it may
not be created outside the IETF Standards Process, except to format
it for publication as an RFC or to translate it into languages other
than English.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3
2. Definitions and Acronyms . . . . . . . . . . . . . . . . . . 3
3. Design of L3VPN Routing Data Model . . . . . . . . . . . . . 3
3.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . 3
3.2. BGP Specific Configuration . . . . . . . . . . . . . . . 4
3.2.1. VPN peering . . . . . . . . . . . . . . . . . . . . . 4
3.2.2. Route distinguisher . . . . . . . . . . . . . . . . . 4
3.2.3. Import and export route target . . . . . . . . . . . 4
3.2.4. Route target retention . . . . . . . . . . . . . . . 5
3.2.5. Label Mode . . . . . . . . . . . . . . . . . . . . . 5
3.2.6. Nexthop options . . . . . . . . . . . . . . . . . . . 5
3.3. VRF Specific Configuration . . . . . . . . . . . . . . . 8
3.3.1. VRF interface . . . . . . . . . . . . . . . . . . . . 8
3.3.2. Import and export route-targets . . . . . . . . . . . 8
3.3.3. Forwarding mode . . . . . . . . . . . . . . . . . . . 8
3.3.4. Label security . . . . . . . . . . . . . . . . . . . 8
4. BGP Yang Module . . . . . . . . . . . . . . . . . . . . . . . 10
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 19
6. Security Considerations . . . . . . . . . . . . . . . . . . . 19
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 20
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 20
8.1. Normative References . . . . . . . . . . . . . . . . . . 20
8.2. Informative References . . . . . . . . . . . . . . . . . 21
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 21
1. Introduction
YANG [RFC6020] is a data definition language that was introduced to
define the contents of a conceptual data store that allows networked
devices to be managed using NETCONF [RFC6241]. YANG is proving
relevant beyond its initial confines, as bindings to other interfaces
(e.g. ReST) and encodings other than XML (e.g. JSON) are being
defined. Furthermore, YANG data models can be used as the basis of
implementation for other interfaces, such as CLI and programmatic
APIs.
Patel & Jain Expires June 29, 2016 [Page 2]
�
Internet-Draft Yang Data Model for BGP/MPLS L3 VPNs December 2015
This document defines a YANG model that can be used to configure and
manage BGP L3VPNs [RFC4364]. There are two parts of the L3VPN BGP
model. The first part of the model augments base BGP data model
defined in [I-D.shaikh-idr-bgp-model] for BGP specific L3VPN
configuration and the second part of the model augments the Routing
data model defined in [I-D.ietf-netmod-routing-cfg] for VRF specific
L3VPN configuration. This model defines control knobs for
configuration for that purpose, as well as a few data nodes that can
be used to monitor health and gather statistics.
1.1. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
2. Definitions and Acronyms
AF: Address Family
AS: Autonomous System
ASBR: Autonomous System Border Router
BGP: Border Gateway Protocol
L3VPN: Layer 3 VPN
NETCONF: Network Configuration Protocol
ReST: Representational State Transfer, a style of stateless interface
and protocol that is generally carried over HTTP
RTFilter: Route Filter
VPN: Virtual Private Network
YANG: Data definition language for NETCONF
3. Design of L3VPN Routing Data Model
3.1. Overview
L3VPN specific configuration and state data is defined in BGP
specific model and VRF specific model. This document does not cover
the model for some of the other entities involved in L3 VPNs such as
IGPs and MPLS.
Patel & Jain Expires June 29, 2016 [Page 3]
�
Internet-Draft Yang Data Model for BGP/MPLS L3 VPNs December 2015
3.2. BGP Specific Configuration
The BGP specific configuration for L3VPNs is augmentation of base BGP
model defined in [I-D.shaikh-idr-bgp-model]. In particular,
containers for BGP global mode and BGP address family mode are
augmented with L3VPN specific attributes and parameters. It is
noteworthy that current form of BGP model needs to align with netmod
routing model such that BGP entry level container becomes an instance
of routing-instance container in netmod routing model. The
augmentation proposed in this document are based on current state of
BGP yang model as defined in [I-D.shaikh-idr-bgp-model]
3.2.1. VPN peering
For Peering between PE routers, specific VPN address family needs to
be enabled under BGP container in the default routing-instance. Base
BGP draft [I-D.shaikh-idr-bgp-model] has l3vpn address family in the
list of identity refs for AFs under global and neighbor modes. The
same is augmented here for additional knobs. For peering with CE
routers the VRF specific BGP configurations such as neighbors and
address-family are covered in base BGP config, except that such
configuration will be in the context of a VRF. The instance of BGP
in this case would be a separate instance in the context of routing
instance realizing a VRF.
3.2.2. Route distinguisher
Route distinguisher (RD) is an unique identifier used in VPN routes
to distinguish prefixes across different VPNs. RD is 8 byte field as
defined in the [RFC4364]. Where the first two bytes refer to type
followed by 6 bytes of value. The format of the value is dependent
on type. In the yang model, RDs are defined by augmenting BGP global
mode. Note that BGP will be modeled as an instance of routing-
protocol under a routing-instance container in the overall routing
model. Further a routing-instance is representation of VRF in
routing model. Therefore providing RD under BGP global level results
into RDs being in the context of VRF under BGP.
3.2.3. Import and export route target
Route-target (RT) community is an extended community used to specify
the rules for importing and exporting the routes for each VRF. This
is applicable in the context of an address-family under the VRF.
Since BGP instance is in the context of each routing-instance (aka
VRF), the import/export rules can be specified per global address-
family under BGP. An import rule is modeled as list of RTs or a
policy leafref specifying the list of RTs, which must appear in
routes a VRF is interested in importing. Similarly an export rule is
Patel & Jain Expires June 29, 2016 [Page 4]
�
Internet-Draft Yang Data Model for BGP/MPLS L3 VPNs December 2015
set or RTs or a policy leafref specifying the list of RTs which
should be attached to routes exported from this VRF. In the case
where policy is used to specify the RTs, a reference to the policy
via leafref is used in this model, but actual definition of policy is
outside the scope of this document.
3.2.4. Route target retention
This configuration is required on ASBRs to retain the VPN routes for
certain or all route-targets. Since ASBRs do not require that VRFs
be configured, but need to retain the IPv4 VPN prefix information.
This configuration augments BGP global AF containers, particularly
the VPN address family containers.
3.2.5. Label Mode
Label mode knobs control the label allocation behavior for VRF
routes. Such as to specify Per-CE, Per-VRF and Per-Prefix label
allocation. These knobs augment BGP global AF containers in the
context of default routing instance.
3.2.6. Nexthop options
For inter-as VPN peering across ASBRs with option-B method, the
bordering ASBR need to rewrite nexthop to self. Similarly for
Option-C peering the route reflectors need to keep nexthop unchanged
for ebgp routes from remote AS's route-reflector. BGP neighbor and
peer-group containers are augmented to provide these knobs. In
addition the knobs are added under per address family mode under
neighbor and peer-group as well for finer level of granularity.
module: ietf-bgp-l3vpn
augment /bgp:bgp/bgp:global:
+--rw route-distinguisher
+--rw config
| +--rw rd? string
+--ro state
+--ro rd? string
...
augment /bgp:bgp/bgp:global/bgp:afi-safis/bgp:afi-safi/bgp:ipv4-unicast:
+--rw import-routes
| +--rw config
| | +--rw route-targets
| | | +--rw rt-list* [rt]
| | | +--rw rt string
Patel & Jain Expires June 29, 2016 [Page 5]
�
Internet-Draft Yang Data Model for BGP/MPLS L3 VPNs December 2015
| | +--rw route-policy? string
| | +--rw from-default-vrf? boolean
| | +--rw advertise-as-vpn? boolean
| +--ro state
| +--ro route-targets
| | +--ro rt-list* [rt]
| | +--ro rt string
| +--ro route-policy? string
| +--ro from-default-vrf? boolean
| +--ro advertise-as-vpn? boolean
+--rw export-routes
| +--rw config
| | +--rw route-targets
| | | +--rw rt-list* [rt]
| | | +--rw rt string
| | +--rw route-policy? string
| | +--rw to-default-vrf? boolean
| +--ro state
| +--ro route-targets
| | +--ro rt-list* [rt]
| | +--ro rt string
| +--ro route-policy? string
| +--ro to-default-vrf? boolean
+--rw import-export-routes
+--rw config
| +--rw route-targets
| | +--rw rt-list* [rt]
| | +--rw rt string
| +--rw route-policy? string
+--ro state
+--ro route-targets
| +--ro rt-list* [rt]
| +--ro rt string
+--ro route-policy? string
...
augment /bgp:bgp/bgp:global/bgp:afi-safis/bgp:afi-safi/bgp:l3vpn-ipv4-unicast:
+--rw retain-rts
+--rw config
| +--rw all? empty
| +--rw route-policy? string
+--ro state
+--ro all? empty
+--ro route-policy? string
...
Patel & Jain Expires June 29, 2016 [Page 6]
�
Internet-Draft Yang Data Model for BGP/MPLS L3 VPNs December 2015
augment /bgp:bgp/bgp:global/bgp:afi-safis/bgp:afi-safi/bgp:ipv4-unicast:
+--rw config
| +--rw label-mode? bgp-label-mode
+--ro state
+--ro label-mode? bgp-label-mode
...
augment /bgp:bgp/bgp:neighbors/bgp:neighbor:
+--rw nexthop-options
+--rw config
| +--rw next-hop-self? boolean
| +--rw next-hop-unchanged? boolean
+--rw state
+--rw next-hop-self? boolean
+--rw next-hop-unchanged? boolean
augment /bgp:bgp/bgp:peer-groups/bgp:peer-group:
+--rw nexthop-options
+--rw config
| +--rw next-hop-self? boolean
| +--rw next-hop-unchanged? boolean
+--rw state
+--rw next-hop-self? boolean
+--rw next-hop-unchanged? boolean
augment /bgp:bgp/bgp:neighbors/bgp:neighbor/bgp:afi-safis/bgp:afi-safi:
+--rw nexthop-options
+--rw config
| +--rw next-hop-self? boolean
| +--rw next-hop-unchanged? boolean
+--rw state
+--rw next-hop-self? boolean
+--rw next-hop-unchanged? boolean
augment /bgp:bgp/bgp:peer-groups/bgp:peer-group/bgp:afi-safis/bgp:afi-safi:
+--rw nexthop-options
+--rw config
| +--rw next-hop-self? boolean
| +--rw next-hop-unchanged? boolean
+--rw state
+--rw next-hop-self? boolean
+--rw next-hop-unchanged? boolean
Patel & Jain Expires June 29, 2016 [Page 7]
�
Internet-Draft Yang Data Model for BGP/MPLS L3 VPNs December 2015
3.3. VRF Specific Configuration
VRF specific configuration is defined by augmenting the IETF routing
model. The routing-instance defined in the IETF routing model refers
to a named VRF instance.
3.3.1. VRF interface
To associate a VRF instance with an interface, the interface should
be defined in the context of routing-instance representing a VRF.
This is covered in base routing model [I-D.ietf-netmod-routing-cfg].
3.3.2. Import and export route-targets
Under the routing-instance modeled as VRF, statements for import and
export route-targets are added as augmented containers. Both import
and export sets are modeled as a list of rout-targets as defined in
[RFC4364]. In addition, a route-target-policy can be applied at this
level to set the route-targets. Policyref to IETF policy model is
TBD.
3.3.3. Forwarding mode
This configuration augments interface list under interface container
under a routing-instance as defined in IETF routing model
[I-D.ietf-netmod-routing-cfg]. Forwarding mode configuration is
required under the ASBR facing interface to enable mpls forwarding
for directly connected BGP peers for inter-as option B peering.
3.3.4. Label security
For inter-as option-B peering across ASs, under the ASBR facing
interface, mpls label security enables the checks for RPF label on
incoming packets. Ietf-interface container is augmented to add this
config.
augment /rt:routing/rt:routing-instance:
+--rw import-routes
| +--rw config
| | +--rw route-targets
| | | +--rw rt-list* [rt]
| | | +--rw rt string
| | +--rw route-policy? string
| | +--rw from-default-vrf? boolean
| | +--rw advertise-as-vpn? boolean
| +--ro state
| +--ro route-targets
Patel & Jain Expires June 29, 2016 [Page 8]
�
Internet-Draft Yang Data Model for BGP/MPLS L3 VPNs December 2015
| | +--ro rt-list* [rt]
| | +--ro rt string
| +--ro route-policy? string
| +--ro from-default-vrf? boolean
| +--ro advertise-as-vpn? boolean
+--rw export-routes
| +--rw config
| | +--rw route-targets
| | | +--rw rt-list* [rt]
| | | +--rw rt string
| | +--rw route-policy? string
| | +--rw to-default-vrf? boolean
| +--ro state
| +--ro route-targets
| | +--ro rt-list* [rt]
| | +--ro rt string
| +--ro route-policy? string
| +--ro to-default-vrf? boolean
+--rw import-export-routes
+--rw config
| +--rw route-targets
| | +--rw rt-list* [rt]
| | +--rw rt string
| +--rw route-policy? string
+--ro state
+--ro route-targets
| +--ro rt-list* [rt]
| +--ro rt string
+--ro route-policy? string
...
augment /if:interfaces/if:interface:
+--rw forwarding-mode
| +--rw config
| | +--rw forwarding-mode? fwd-mode-type
| +--ro state
| +--ro forwarding-mode? fwd-mode-type
+--rw mpls-label-security
+--rw config
| +--rw rpf? boolean
+--ro state
+--ro rpf? boolean
Patel & Jain Expires June 29, 2016 [Page 9]
�
Internet-Draft Yang Data Model for BGP/MPLS L3 VPNs December 2015
4. BGP Yang Module
<CODE BEGINS> file "ietf-bgp-l3vpn@2015-12-27.yang"
module ietf-bgp-l3vpn {
namespace "urn:ietf:params:xml:ns:yang:ietf-bgp-l3vpn";
// replace with IANA namespace when assigned
prefix l3vpn ;
import ietf-routing {
prefix rt;
revision-date 2015-10-16;
}
import ietf-interfaces {
prefix if;
}
import bgp {
prefix bgp;
}
organization
"Cisco Systems
170 West Tasman Drive
San Jose, CA 95134-1706
USA";
contact
"Keyur Patel keyupate@cisco.com
Dhanendra Jain dhjain@cisco.com
";
description
"This YANG module defines the configuration for the BGP Layer 3 VPNs.
It augments the IETF bgp yang model and IETF routing model to add L3VPN specific
configuration and operational knobs.
Terms and Acronyms
AS : Autonomous System
ASBR : Autonomous Systems Border Router
BGP (bgp): Border Gateway Protocol
Patel & Jain Expires June 29, 2016 [Page 10]
�
Internet-Draft Yang Data Model for BGP/MPLS L3 VPNs December 2015
CE : Customer Edge
IP (ip): Internet Protocol
IPv4 (ipv4):Internet Protocol Version 4
IPv6 (ipv6): Internet Protocol Version 6
PE : Provider Edge
RT : Route Target
RD : Route Distinguisher
VPN : Virtual Private Network
";
revision 2015-12-27 {
description
"Initial revision.";
reference
"RFC XXXX: A YANG Data Model for L3VPN config management";
}
grouping bgp-rd-spec {
description "Route distinguisher specification as per RFC4364";
leaf rd {
type string;
description "Route distinguisher value as per RFC4364";
}
}
grouping bgp-rd {
description "BGP route distinguisher";
container route-distinguisher {
description "Route distinguisher";
container config {
description "Configuration parameters for route distinguisher";
uses bgp-rd-spec ;
}
container state {
config "false" ;
description "State information for route distinguisher";
uses bgp-rd-spec ;
}
Patel & Jain Expires June 29, 2016 [Page 11]
�
Internet-Draft Yang Data Model for BGP/MPLS L3 VPNs December 2015
}
}
typedef bgp-label-mode {
type enumeration {
enum per-ce {
description "Allocate labels per CE";
}
enum per-prefix {
description "Allocate labels per prefix";
}
enum per-vrf {
description "Allocate labels per VRF";
}
}
description "BGP label allocation mode";
}
typedef fwd-mode-type {
type enumeration {
enum mpls {
description "Forwarding mode mpls";
}
}
description "Enable forwarding mode under ASBR facing interface";
}
grouping forwarding-mode {
description "Forwarding mode of interface for ASBR scenario";
container forwarding-mode {
description "Forwarding mode of interface for ASBR scenario";
container config {
description "Configuration of Forwarding mode";
leaf forwarding-mode {
type fwd-mode-type;
description "Forwarding mode for this interface";
}
}
container state {
config "false";
description "State information of Forwarding mode";
leaf forwarding-mode {
type fwd-mode-type;
description "Forwarding mode for this interface";
}
}
}
Patel & Jain Expires June 29, 2016 [Page 12]
�
Internet-Draft Yang Data Model for BGP/MPLS L3 VPNs December 2015
}
grouping label-security {
description "Mpls label security for ASBR option B scenario";
container mpls-label-security {
description "MPLS label secruity";
container config {
description "Configuration parameters";
leaf rpf {
type boolean;
description "Enable MPLS label security rpf on interface";
}
}
container state {
config "false";
description "State information";
leaf rpf {
type boolean;
description "MPLS label security rpf on interface";
}
}
}
}
grouping route-target-set {
description
"Extended community route-target set ";
container route-targets {
description
"Route-target";
list rt-list {
key "rt";
description
"List of route-targets" ;
leaf rt {
type string {
pattern '([0-9]+:[0-9]+)';
}
description "Route target extended community as per RFC4360";
}
}
}
leaf route-policy {
type string;
description
Patel & Jain Expires June 29, 2016 [Page 13]
�
Internet-Draft Yang Data Model for BGP/MPLS L3 VPNs December 2015
"Reference to the policy containing set of routes.
TBD: leafref to policy entry in IETF policy model";
}
}
grouping import-from-default {
description "Import from default VRF";
leaf from-default-vrf {
type boolean;
description "Import from default VRF";
}
leaf advertise-as-vpn {
when "../from-default-vrf == TRUE" {
description "This option is valid only when importing from default VRF";
}
type boolean;
description "Advertise from-default routes as VPN routes";
}
}
grouping export-to-default {
description "Export routes to default VRF";
leaf to-default-vrf {
type boolean;
description "Export routes to default VRF";
}
}
grouping route-import-set {
description "Grouping to specify rules for route import";
container import-routes {
description "Set of route-targets to match to import routes into VRF";
container config {
description
"Configuration parameters for import routes";
uses route-target-set ;
uses import-from-default;
}
container state {
config "false" ;
description
"State information for the import routes";
uses route-target-set ;
uses import-from-default;
}
}
}
grouping route-export-set {
Patel & Jain Expires June 29, 2016 [Page 14]
�
Internet-Draft Yang Data Model for BGP/MPLS L3 VPNs December 2015
description "Groupign to specify rules for route export";
container export-routes {
description "Set of route-targets to attach with exported routes from VRF";
container config {
description
"Configuration parameters for export routes";
uses route-target-set ;
uses export-to-default;
}
container state {
config "false" ;
description
"State information for export routes";
uses route-target-set ;
uses export-to-default;
}
}
}
grouping route-import-export-set {
description "Grouping to specify rules for route import/export both";
container import-export-routes {
description "Set of route-targets for import/export both";
container config {
description "Both import/export routes";
uses route-target-set;
}
container state {
config "false" ;
description "Both import/export routes";
uses route-target-set;
}
}
}
grouping route-filter-set {
description "Specify route filtering rules for import/export";
uses route-import-set;
uses route-export-set;
uses route-import-export-set;
}
grouping bgp-label-mode {
description "MPLS/VPN label allocation mode";
container config {
description "Configuration parameters for label allocation mode";
leaf label-mode {
type bgp-label-mode;
Patel & Jain Expires June 29, 2016 [Page 15]
�
Internet-Draft Yang Data Model for BGP/MPLS L3 VPNs December 2015
description "Label allocation mode";
}
}
container state {
config "false" ;
description "State information for label allocation mode";
leaf label-mode {
type bgp-label-mode;
description "Label allocation mode";
}
}
}
grouping retain-route-targets {
description "Grouping for route target accept";
container retain-rts {
description "Control route target acceptance behavior for ASBRs";
container config {
description "Configuration parameters for retaining route targets";
leaf all {
type empty;
description "Disable filtering of all route-targets";
}
leaf route-policy {
type string;
description "Filter routes as per filter policy name
TBD: leafref to IETF routing policy model";
}
}
container state {
config "false" ;
description "State information for retaining route targets";
leaf all {
type empty;
description "Disable filtering of all route-targets";
}
leaf route-policy {
type string;
description "Filter routes as per filter policy name";
}
}
}
}
grouping nexthop-opts {
description "Next hop control options for inter-as route exchange";
leaf next-hop-self {
type boolean;
Patel & Jain Expires June 29, 2016 [Page 16]
�
Internet-Draft Yang Data Model for BGP/MPLS L3 VPNs December 2015
description "Set nexthop of the route to self when advertising routes";
}
leaf next-hop-unchanged {
type boolean;
description "Enforce no nexthop change when advertising routes";
}
}
grouping asbr-nexthop-options {
description "Nexthop parameters for inter-as VPN options ";
container nexthop-options {
description "Nexthop related options for inter-as options";
container config {
description "Configuration parameters for nexthop options";
uses nexthop-opts;
}
container state {
description "State information for nexthop options" ;
uses nexthop-opts;
}
}
}
// Augmentations of base models.
// Route-distinguisher is added in BGP global level. BGP is supposed to be
// under scope of VRF as a routing instance, once BGP model is augmented.
// Which means rd defined here will be per VPN per BGP instance.
//
augment "/bgp:bgp/bgp:global" {
description "Route distinguisher under BGP global mode";
uses bgp-rd ;
}
// route import/export rules in applicable address families.
augment "/bgp:bgp/bgp:global/bgp:afi-safis/bgp:afi-safi/bgp:ipv4-unicast" {
description "Route import/export rules under BGP Address family mode";
uses route-filter-set;
}
augment "/bgp:bgp/bgp:global/bgp:afi-safis/bgp:afi-safi/bgp:ipv6-unicast" {
description "Route import/export rules under BGP Address family mode";
uses route-filter-set ;
}
/* multicast safi is not in the BGP base model yet.
augment "/bgp:bgp/bgp:global/bgp:afi-safis/bgp:afi-safi/bgp:ipv6-multicast" {
Patel & Jain Expires June 29, 2016 [Page 17]
�
Internet-Draft Yang Data Model for BGP/MPLS L3 VPNs December 2015
description "Route import/export rules under BGP Address family mode";
uses route-filter-set ;
}
augment "/bgp:bgp/bgp:global/bgp:afi-safis/bgp:afi-safi/bgp:ipv4-multicast" {
description "Route import/export rules under BGP Address family mode";
uses route-filter-set ;
}
*/
// Retain route-target for inter-as option ASBR-B knob.
// vpnv4/vpnv6/mvpn address-family only.
augment "/bgp:bgp/bgp:global/bgp:afi-safis/bgp:afi-safi/bgp:l3vpn-ipv4-unicast" {
description "Retain route targets for ASBR scenario";
uses retain-route-targets;
}
augment "/bgp:bgp/bgp:global/bgp:afi-safis/bgp:afi-safi/bgp:l3vpn-ipv6-unicast" {
description "Retain route targets for ASBR scenario";
uses retain-route-targets;
}
augment "/bgp:bgp/bgp:global/bgp:afi-safis/bgp:afi-safi/bgp:l3vpn-ipv4-multicast" {
description "Retain route targets for ASBR scenario";
uses retain-route-targets;
}
/* MPVN address family is not in BASE BGP model yet.
augment "/bgp:bgp/bgp:global/bgp:afi-safis/bgp:afi-safi/bgp:ipv4-mpvn" {
description "Retain route targets for ASBR scenario";
uses retain-route-targets;
}
augment "/bgp:bgp/bgp:global/bgp:afi-safis/bgp:afi-safi/bgp:ipv6-mpvn" {
description "Retain route targets for ASBR scenario";
uses retain-route-targets;
}
*/
// Label allocation mode configuration. Certain AFs only.
augment "/bgp:bgp/bgp:global/bgp:afi-safis/bgp:afi-safi/bgp:ipv4-unicast" {
description "Augment BGP global AF mode for label allocation mode configuration";
uses bgp-label-mode ;
}
augment "/bgp:bgp/bgp:global/bgp:afi-safis/bgp:afi-safi/bgp:ipv6-unicast" {
description "Augment BGP global AF mode for label allocation mode configuration";
uses bgp-label-mode ;
Patel & Jain Expires June 29, 2016 [Page 18]
�
Internet-Draft Yang Data Model for BGP/MPLS L3 VPNs December 2015
}
//Nexthop options for the inter-as option-B and option-C ASBR peering.
augment "/bgp:bgp/bgp:neighbors/bgp:neighbor" {
description "Augment BGP NBR mode with nexthop options for inter-as ASBRs";
uses asbr-nexthop-options;
}
augment "/bgp:bgp/bgp:peer-groups/bgp:peer-group" {
description "Augment BGP peer-group mode with nexthop options for inter-as ASBRs";
uses asbr-nexthop-options;
}
augment "/bgp:bgp/bgp:neighbors/bgp:neighbor/bgp:afi-safis/bgp:afi-safi" {
description "Augment BGP NBR AF mode with nexthop options for inter-as ASBRs";
uses asbr-nexthop-options;
}
augment "/bgp:bgp/bgp:peer-groups/bgp:peer-group/bgp:afi-safis/bgp:afi-safi" {
description "Augment BGP peer-group AF mode with nexthop options for inter-as ASBRs";
uses asbr-nexthop-options;
}
// Add route import-export rules in VRF level (routing instance container in ietf-routing model).
augment "/rt:routing/rt:routing-instance" {
description "Augment routing instance container for per VRF import/export rules configuration";
uses route-filter-set ;
}
// bgp mpls forwarding enable required for inter-as option AB.
// mpls label secruity for inter-as option-B
augment "/if:interfaces/if:interface" {
description "BGP mpls forwarding mode configuration on interface for ASBR scenario";
uses forwarding-mode ;
uses label-security;
}
}
<CODE ENDS>
5. IANA Considerations
6. Security Considerations
The transport protocol used for sending the BGP L3VPN data MUST
support authentication and SHOULD support encryption. The data-model
by itself does not create any security implications.
Patel & Jain Expires June 29, 2016 [Page 19]
�
Internet-Draft Yang Data Model for BGP/MPLS L3 VPNs December 2015
This draft does not change any underlying security issues inherent in
[I-D.ietf-netmod-routing-cfg] and [I-D.shaikh-idr-bgp-model].
7. Acknowledgements
The authors would like to thank TBD for their detail reviews and
comments.
8. References
8.1. Normative References
[I-D.ietf-netmod-routing-cfg]
Lhotka, L., "A YANG Data Model for Routing Management",
draft-ietf-netmod-routing-cfg-15 (work in progress), May
2014.
[I-D.shaikh-idr-bgp-model]
Shaikh, A., Shakir, R., Patel, K., Hares, S., D'Souza, K.,
Bansal, D., Clemm, A., Alex, A., Jethanandani, M., and X.
Liu, "BGP Model for Service Provider Networks", draft-
shaikh-idr-bgp-model-02 (work in progress), June 2015.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>.
[RFC2547] Rosen, E. and Y. Rekhter, "BGP/MPLS VPNs", RFC 2547,
DOI 10.17487/RFC2547, March 1999,
<http://www.rfc-editor.org/info/rfc2547>.
[RFC2629] Rose, M., "Writing I-Ds and RFCs using XML", RFC 2629,
DOI 10.17487/RFC2629, June 1999,
<http://www.rfc-editor.org/info/rfc2629>.
[RFC3552] Rescorla, E. and B. Korver, "Guidelines for Writing RFC
Text on Security Considerations", BCP 72, RFC 3552,
DOI 10.17487/RFC3552, July 2003,
<http://www.rfc-editor.org/info/rfc3552>.
[RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A
Border Gateway Protocol 4 (BGP-4)", RFC 4271,
DOI 10.17487/RFC4271, January 2006,
<http://www.rfc-editor.org/info/rfc4271>.
Patel & Jain Expires June 29, 2016 [Page 20]
�
Internet-Draft Yang Data Model for BGP/MPLS L3 VPNs December 2015
[RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private
Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February
2006, <http://www.rfc-editor.org/info/rfc4364>.
[RFC4760] Bates, T., Chandra, R., Katz, D., and Y. Rekhter,
"Multiprotocol Extensions for BGP-4", RFC 4760,
DOI 10.17487/RFC4760, January 2007,
<http://www.rfc-editor.org/info/rfc4760>.
[RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for
the Network Configuration Protocol (NETCONF)", RFC 6020,
DOI 10.17487/RFC6020, October 2010,
<http://www.rfc-editor.org/info/rfc6020>.
[RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed.,
and A. Bierman, Ed., "Network Configuration Protocol
(NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011,
<http://www.rfc-editor.org/info/rfc6241>.
8.2. Informative References
[RFC5492] Scudder, J. and R. Chandra, "Capabilities Advertisement
with BGP-4", RFC 5492, DOI 10.17487/RFC5492, February
2009, <http://www.rfc-editor.org/info/rfc5492>.
Authors' Addresses
Keyur Patel
Cisco
170 W. Tasman Drive
San Jose, CA 95134
USA
Email: keyupate@cisco.com
Dhanendra Jain
Cisco
170 W. Tasman Drive
San Jose, CA 95134
USA
Email: dhjain@cisco.com
Patel & Jain Expires June 29, 2016 [Page 21]
