| Network Working Group | J. Boyd |
| Internet-Draft | ADTRAN |
| Obsoletes: 6728 (if approved) | M. Seda |
| Intended status: Standards Track | Calix |
| Expires: April 25, 2019 | October 22, 2018 |
Data Models for the IP Flow Information Export (IPFIX) Protocol, Packet Sampling (PSAMP) Protocol, and Bulk Data Export
draft-boydseda-ipfix-psamp-bulk-data-yang-model-00
This document defines a flexible modular alternative YANG model for bulk data collection and export via the IPFIX protocol to the model defined in [RFC6728] "Configuration Data Model for the IP Flow Information Export (IPFIX) and Packet Sampling (PSAMP) Protocols". The model defined in this RFC configures the IPFIX exporter and collector (if applicable) and refers to the bulk data monitoring configuration. Optionally, the model can be configured to support PSAMP export of data via IPFIX.
This document obsoletes [RFC6728] (if approved).
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."
This Internet-Draft will expire on April 25, 2019.
Copyright (c) 2018 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
Bulk data collection is an automated collection of data from a device that is packaged together and delivered to an IPFIX collector. The IPFIX protocol may be used to transport bulk data such as:
IPFIX can also be used to meet the bulk transport requirements of other protocols. For example: * [BBF.TR-352] ICTP (Inter-Channel Transport Protocol): ICTP uses IPFIX to transport dynamic data (e.g., lease information) across participating NGPON2 (Next-Generation Passive Optical Network 2) systems.
Below is a historical timeline of IETF IPFIX and YANG RFCs:
[RFC6728] defines a single YANG module that performs PSAMP sampling. The collection process (PSAMP) and the IPFIX exporting process are part of the same YANG module. The PSAMP YANG model defines a variety of features. However, it only supports a PSAMP meter and it assumes a device supports SCTP (minimally). Both constructs prove challenging to other applications that use IPFIX for transport of bulk data:
Rather than these approaches, it would be preferable that a new YANG model be developed where functionality is separated into different modules such that the functions can be independently leveraged.
These are some of the other issues with the current model:
This RFC uses the general principles defined in [RFC6728] with the following exceptions:
Bulk data applications that use this RFC are expected to only need to import the applicable YANG modules. For example:
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.
The following terms are defined in [RFC7950] and are not redefined here:
Tree diagrams used in this document follow the notation defined in [RFC8340].
This document defines a YANG data model for the configuration and state retrieval of bulk data collection and export via IPFIX. The YANG module in this document conforms to the Network Management Datastore Architecture (NMDA) [RFC8342] and [RFC8407] YANG guidelines.
This document defines three YANG modules:
This document defines the YANG module "ietf-ipfix", which has the following structure:
module: ietf-ipfix
+--rw ipfix
+--rw collecting-process* [name] {collector}?
| +--rw name name-type
| +--rw tcp-collector* [name] {tcp-transport}?
| | +--rw name name-type
| | +--rw local-port? inet:port-number
| | +--rw transport-layer-security!
| | | +--rw local-certification-authority-dn* string
| | | +--rw local-subject-dn* string
| | | +--rw local-subject-fqdn* inet:domain-name
| | | +--rw remote-certification-authority-dn* string
| | | +--rw remote-subject-dn* string
| | | +--rw remote-subject-fqdn* inet:domain-name
| | +--rw (local-address-method)?
| | | +--:(local-address)
| | | +--rw local-ip-address* inet:ip-address
| | +--ro transport-session* [name]
| | +--ro name name-type
| | +--ro ipfix-version? uint16
| | +--ro source-ip-address? inet:ip-address
| | +--ro destination-ip-address? inet:ip-address
| | +--ro source-port? inet:port-number
| | +--ro destination-port? inet:port-number
| | +--ro status? transport-session-status
| | +--ro rate? yang:gauge32
| | +--ro bytes? yang:counter64
| | +--ro messages? yang:counter64
| | +--ro discarded-messages? yang:counter64
| | +--ro records? yang:counter64
| | +--ro templates? yang:counter32
| | +--ro options-templates? yang:counter32
| | +--ro transport-session-start-time? yang:date-and-time
| | +--ro transport-session-discontinuity-time? yang:date-and-time
| | +--ro template* []
| | +--ro observation-domain-id? uint32
| | +--ro template-id? uint16
| | +--ro set-id? uint16
| | +--ro access-time? yang:date-and-time
| | +--ro template-data-records? yang:counter64
| | +--ro template-discontinuity-time? yang:date-and-time
| | +--ro field* []
| | +--ro ie-id? ie-id-type
| | +--ro ie-length? uint16
| | +--ro ie-enterprise-number? uint32
| | +--ro is-flow-key? empty
| | +--ro is-scope? empty
| +--rw exporting-process* -> /ipfix/exporting-process/name {exporter}?
+--rw exporting-process* [name] {exporter}?
+--rw name name-type
+--rw export-mode? identityref
+--rw destination* [name]
| +--rw name name-type
| +--rw (destination-parameters)
| +--:(tcp-exporter)
| +--rw tcp-exporter {tcp-transport}?
| +--rw ipfix-version? uint16
| +--rw destination-port? inet:port-number
| +--rw send-buffer-size? uint32
| +--rw rate-limit? uint32
| +--rw transport-layer-security!
| | +--rw local-certification-authority-dn* string
| | +--rw local-subject-dn* string
| | +--rw local-subject-fqdn* inet:domain-name
| | +--rw remote-certification-authority-dn* string
| | +--rw remote-subject-dn* string
| | +--rw remote-subject-fqdn* inet:domain-name
| +--rw (source-method)?
| | +--:(source-address)
| | +--rw source-address? inet:ip-address
| +--rw (destination-method)
| | +--:(destination-address)
| | +--rw destination-address? inet:host
| +--ro transport-session
| +--ro ipfix-version? uint16
| +--ro source-ip-address? inet:ip-address
| +--ro destination-ip-address? inet:ip-address
| +--ro source-port? inet:port-number
| +--ro destination-port? inet:port-number
| +--ro status? transport-session-status
| +--ro rate? yang:gauge32
| +--ro bytes? yang:counter64
| +--ro messages? yang:counter64
| +--ro discarded-messages? yang:counter64
| +--ro records? yang:counter64
| +--ro templates? yang:counter32
| +--ro options-templates? yang:counter32
| +--ro transport-session-start-time? yang:date-and-time
| +--ro transport-session-discontinuity-time? yang:date-and-time
| +--ro template* []
| +--ro observation-domain-id? uint32
| +--ro template-id? uint16
| +--ro set-id? uint16
| +--ro access-time? yang:date-and-time
| +--ro template-data-records? yang:counter64
| +--ro template-discontinuity-time? yang:date-and-time
| +--ro field* []
| +--ro ie-id? ie-id-type
| +--ro ie-length? uint16
| +--ro ie-enterprise-number? uint32
| +--ro is-flow-key? empty
| +--ro is-scope? empty
+--rw options* [name]
| +--rw name name-type
| +--rw options-type identityref
| +--rw options-timeout? uint32
+--ro exporting-process-id? uint32
This YANG Module imports typedefs from [RFC6991].
<CODE BEGINS> file "ietf-ipfix@2018-10-22.yang"
module ietf-ipfix {
yang-version 1.1;
namespace "urn:ietf-params:xml:ns:yang:ietf-ipfix";
prefix ietf-ipfix;
import ietf-inet-types {
prefix inet;
}
import ietf-yang-types {
prefix yang;
}
organization
"TBD";
contact
"TBD";
description
"TBD.
Copyright (c) 2018 IETF Trust and the persons identified
as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject
to the license terms contained in, the Simplified BSD License
set forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(http://trustee.ietf.org/license-info).
This version of this YANG module is part of XXX; see the RFC
itself for full legal notices.";
revision 2018-10-22 {
description
"Initial revision.";
reference
"Internet draft: draft-ipfix-psamp-bulk-data-yang-model-00";
}
feature exporter {
description
"If supported, the Monitoring Device can be used as
an Exporter. Exporting Processes can be configured.";
}
feature tcp-transport {
description
"If supported, the Monitoring Device supports TCP
as the transport protocol.";
}
feature collector {
description
"If supported, the Monitoring Device can be used as
a Collector. Collecting Processes can be configured.";
}
identity export-mode {
description
"Base identity for different usages of export
destinations configured for an Exporting Process.";
}
identity parallel {
base export-mode;
description
"Parallel export of Data Records to all
destinations configured for the Exporting Process.";
}
identity load-balancing {
base export-mode;
description
"Load-balancing between the different destinations
configured for the Exporting Process.";
}
identity fallback {
base export-mode;
description
"Export to the primary destination (i.e., the first
destination configured for the Exporting Process). If the
export to the primary destination fails, the Exporting Process
tries to export to the secondary destination. If the
secondary destination fails as well, it continues with the
tertiary, etc.";
}
identity options-type {
description
"Base identity for report types exported with
options templates.";
}
identity metering-statistics {
base options-type;
description
"Metering Process Statistics.";
reference
"RFC 5101, Section 4.1.";
}
identity metering-reliability {
base options-type;
description
"Metering Process Reliability Statistics.";
reference
"RFC 5101, Section 4.2.";
}
identity exporting-reliability {
base options-type;
description
"Exporting Process Reliability Statistics.";
reference
"RFC 5101, Section 4.3.";
}
identity flow-keys {
base options-type;
description
"Flow Keys.";
reference
"RFC 5101, Section 4.4.";
}
identity selection-sequence {
base options-type;
description
"Selection Sequence and Selector Reports.";
reference
"RFC 5476, Sections 6.5.1 and 6.5.2.";
}
identity selection-statistics {
base options-type;
description
"Selection Sequence Statistics Report.";
reference
"RFC 5476, Sections 6.5.3.";
}
identity accuracy {
base options-type;
description
"Accuracy Report.";
reference
"RFC 5476, Section 6.5.4.";
}
identity reducing-redundancy {
base options-type;
description
"Enables the utilization of Options Templates to
reduce redundancy in the exported Data Records.";
reference
"RFC 5473.";
}
identity extended-type-information {
base options-type;
description
"Export of extended type information for
enterprise-specific Information Elements used in the
exported Templates.";
reference
"RFC 5610.";
}
typedef ie-name-type {
type string {
length "1..max";
pattern '\S+';
}
description
"Type for Information Element names. Whitespaces
are not allowed.";
}
typedef name-type {
type string {
length "1..max";
pattern '\S(.*\S)?';
}
description
"Type for 'name' leafs, which are used to identify
specific instances within lists, etc.
Leading and trailing whitespaces are not allowed.";
}
typedef ie-id-type {
type uint16 {
range "1..32767";
}
description
"Type for Information Element identifiers.";
}
typedef transport-session-status {
type enumeration {
enum "inactive" {
value 0;
description
"This value MUST be used for Transport Sessions
that are specified in the system but currently not active.
The value can be used for Transport Sessions that are
backup (secondary) sessions.";
}
enum "active" {
value 1;
description
"This value MUST be used for Transport Sessions
that are currently active and transmitting or receiving
data.";
}
enum "unknown" {
value 2;
description
"This value MUST be used if the status of the
Transport Sessions cannot be detected by the device.
This value should be avoided as far as possible.";
}
}
description
"Status of a Transport Session.";
reference
"RFC 6615, Section 8 (ipfixTransportSessionStatus).";
}
grouping transport-layer-security-parameters {
description
"TLS or DTLS parameters.";
leaf-list local-certification-authority-dn {
type string;
description
"Distinguished names of certification authorities
whose certificates may be used to identify the local
endpoint.";
reference
"RFC 5280.";
}
leaf-list local-subject-dn {
type string;
description
"Distinguished names that may be used in the
certificates to identify the local endpoint.";
reference
"RFC 5280.";
}
leaf-list local-subject-fqdn {
type inet:domain-name;
description
"Fully qualified domain names that may be used to
in the certificates to identify the local endpoint.";
reference
"RFC 5280.";
}
leaf-list remote-certification-authority-dn {
type string;
description
"Distinguished names of certification authorities
whose certificates are accepted to authorize remote
endpoints.";
reference
"RFC 5280.";
}
leaf-list remote-subject-dn {
type string;
description
"Distinguished names which are accepted in
certificates to authorize remote endpoints.";
reference
"RFC 5280.";
}
leaf-list remote-subject-fqdn {
type inet:domain-name;
description
"Fully qualified domain names that are accepted in
certificates to authorize remote endpoints.";
reference
"RFC 5280.";
}
}
grouping transport-session-state-parameters {
description
"State parameters of a Transport Session originating
from an Exporting Process or terminating at a Collecting
Process. Parameter names and semantics correspond to the
managed objects in IPFIX-MIB.";
reference
"RFC 5101; RFC 6615, Section 8
(ipfixTransportSessionEntry,
ipfixTransportSessionStatsEntry).";
leaf ipfix-version {
type uint16;
description
"Used for Exporting Processes, this parameter
contains the version number of the IPFIX protocol that the
Exporter uses to export its data in this Transport Session.
Used for Collecting Processes, this parameter contains the
version number of the IPFIX protocol it receives for
this Transport Session. If IPFIX Messages of different
IPFIX protocol versions are received, this parameter
contains the maximum version number.
Note that this parameter corresponds to
ipfixTransportSessionIpfixVersion in the IPFIX MIB
module.";
reference
"RFC 6615, Section 8
(ipfixTransportSessionIpfixVersion).";
}
leaf source-ip-address {
type inet:ip-address;
description
"The source address of the Exporter of the
IPFIX Transport Session. ";
reference
"RFC 6615, Section 8
(ipfixTransportSessionSourceAddressType,
ipfixTransportSessionSourceAddress);
RFC 4960, Section 6.4.";
}
leaf destination-ip-address {
type inet:ip-address;
description
"The destination IP address of the
path that is selected by the Exporter to
send IPFIX messages to the Collector.
In the case of TCP, it is possible
that if an FQDN address is configured it
resolves into many IP addresses.
Note that this parameter functionally corresponds to
ipfixTransportSessionDestinationAddressType and
ipfixTransportSessionDestinationAddress in the IPFIX MIB
module.";
reference
"RFC 6615, Section 8
(ipfixTransportSessionDestinationAddressType,
ipfixTransportSessionDestinationAddress);
RFC 4960, Section 6.4.";
}
leaf source-port {
type inet:port-number;
description
"The transport-protocol port number of the
Exporter of the IPFIX Transport Session.
Note that this parameter corresponds to
ipfixTransportSessionSourcePort in the IPFIX MIB module.";
reference
"RFC 6615, Section 8
(ipfixTransportSessionSourcePort).";
}
leaf destination-port {
type inet:port-number;
description
"The transport-protocol port number of the
Collector of the IPFIX Transport Session.
Note that this parameter corresponds to
ipfixTransportSessionDestinationPort in the IPFIX MIB
module.";
reference
"RFC 6615, Section 8
(ipfixTransportSessionDestinationPort).";
}
leaf status {
type transport-session-status;
description
"Status of the Transport Session.
Note that this parameter corresponds to
ipfixTransportSessionStatus in the IPFIX MIB module.";
reference
"RFC 6615, Section 8 (ipfixTransportSessionStatus).";
}
leaf rate {
type yang:gauge32;
units "bytes per second";
description
"The number of bytes per second transmitted by the
Exporting Process or received by the Collecting Process.
This parameter is updated every second.
Note that this parameter corresponds to
ipfixTransportSessionRate in the IPFIX MIB module.";
reference
"RFC 6615, Section 8 (ipfixTransportSessionRate).";
}
leaf bytes {
type yang:counter64;
units "bytes";
description
"The number of bytes transmitted by the
Exporting Process or received by the Collecting Process.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
transportSessionDiscontinuityTime.
Note that this parameter corresponds to
ipfixTransportSessionBytes in the IPFIX MIB module.";
reference
"RFC 6615, Section 8 (ipfixTransportSessionBytes).";
}
leaf messages {
type yang:counter64;
units "IPFIX Messages";
description
"The number of messages transmitted by the
Exporting Process or received by the Collecting Process.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
transportSessionDiscontinuityTime.
Note that this parameter corresponds to
ipfixTransportSessionMessages in the IPFIX MIB module.";
reference
"RFC 6615, Section 8
(ipfixTransportSessionMessages).";
}
leaf discarded-messages {
type yang:counter64;
units "IPFIX Messages";
description
"Used for Exporting Processes, this parameter
indicates the number of messages that could not be sent due
to internal buffer overflows, network congestion, routing
issues, etc. Used for Collecting Process, this parameter
indicates the number of received IPFIX Message that are
malformed, cannot be decoded, are received in the wrong
order or are missing according to the sequence number.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
transport-session-discontinuity-time.
Note that this parameter corresponds to
ipfixTransportSessionDiscardedMessages in the IPFIX MIB
module.";
reference
"RFC 6615, Section 8
(ipfixTransportSessionDiscardedMessages).";
}
leaf records {
type yang:counter64;
units "Data Records";
description
"The number of Data Records transmitted by the
Exporting Process or received by the Collecting Process.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
transportSessionDiscontinuityTime.
Note that this parameter corresponds to
ipfixTransportSessionRecords in the IPFIX MIB module.";
reference
"RFC 6615, Section 8
(ipfixTransportSessionRecords).";
}
leaf templates {
type yang:counter32;
units "Templates";
description
"The number of Templates transmitted by the
Exporting Process or received by the Collecting Process.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
transportSessionDiscontinuityTime.
Note that this parameter corresponds to
ipfixTransportSessionTemplates in the IPFIX MIB module.";
reference
"RFC 6615, Section 8
(ipfixTransportSessionTemplates).";
}
leaf options-templates {
type yang:counter32;
units "Options Templates";
description
"The number of Option Templates transmitted by the
Exporting Process or received by the Collecting Process.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
transportSessionDiscontinuityTime.
Note that this parameter corresponds to
ipfixTransportSessionOptionsTemplates in the IPFIX MIB
module.";
reference
"RFC 6615, Section 8
(ipfixTransportSessionOptionsTemplates).";
}
leaf transport-session-start-time {
type yang:date-and-time;
description
"Timestamp of the start of the given Transport
Session.
This state parameter does not correspond to any object in
the IPFIX MIB module.";
}
leaf transport-session-discontinuity-time {
type yang:date-and-time;
description
"Timestamp of the most recent occasion at which
one or more of the Transport Session counters suffered a
discontinuity.
Note that this parameter functionally corresponds to
ipfixTransportSessionDiscontinuityTime in the IPFIX MIB
module. In contrast to
ipfixTransportSessionDiscontinuityTime, the time is
absolute and not relative to sysUpTime.";
reference
"RFC 6615, Section 8
(ipfixTransportSessionDiscontinuityTime).";
}
list template {
description
"This list contains the Templates and Options
Templates that are transmitted by the Exporting Process
or received by the Collecting Process.
Withdrawn or invalidated (Options) Templates MUST be removed
from this list.";
uses template-parameters-state;
}
}
grouping template-parameters-state {
description
"State parameters of a Template used by an Exporting
Process or received by a Collecting Process in a specific
Transport Session. Parameter names and semantics
correspond to the managed objects in IPFIX-MIB";
reference
"RFC 5101; RFC 6615, Section 8 (ipfixTemplateEntry,
ipfixTemplateDefinitionEntry, ipfixTemplateStatsEntry)";
leaf observation-domain-id {
type uint32;
description
"The ID of the Observation Domain for which this
Template is defined.
Note that this parameter corresponds to
ipfixTemplateObservationDomainId in the IPFIX MIB module.";
reference
"RFC 6615, Section 8
(ipfixTemplateObservationDomainId).";
}
leaf template-id {
type uint16 {
range "256..65535";
}
description
"This number indicates the Template ID in the IPFIX
message.
Note that this parameter corresponds to ipfixTemplateId in
the IPFIX MIB module.";
reference
"RFC 6615, Section 8 (ipfixTemplateId).";
}
leaf set-id {
type uint16;
description
"This number indicates the Set ID of the Template.
Currently, there are two values defined. The value 2
is used for Sets containing Template definitions.
The value 3 is used for Sets containing Options
Template definitions. Note that this parameter
corresponds to ipfixTemplateSetId
in the IPFIX MIB module.";
reference
"RFC 6615, Section 8 (ipfixTemplateSetId).";
}
leaf access-time {
type yang:date-and-time;
description
"Used for Exporting Processes, this parameter
contains the time when this (Options) Template was last
sent to the Collector(s) or written to the file.
Used for Collecting Processes, this parameter contains the
time when this (Options) Template was last received from the
Exporter or read from the file.
Note that this parameter corresponds to
ipfixTemplateAccessTime in the IPFIX MIB module.";
reference
"RFC 6615, Section 8 (
ipfixTemplateAccessTime).";
}
leaf template-data-records {
type yang:counter64;
description
"The number of transmitted or received Data
Records defined by this (Options) Template.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
templateDiscontinuityTime.
Note that this parameter corresponds to
ipfixTemplateDataRecords in the IPFIX MIB module.";
reference
"RFC 6615, Section 8 (ipfixTemplateDataRecords).";
}
leaf template-discontinuity-time {
type yang:date-and-time;
description
"Timestamp of the most recent occasion at which
the counter templateDataRecords suffered a discontinuity.
Note that this parameter functionally corresponds to
ipfixTemplateDiscontinuityTime in the IPFIX MIB module.
In contrast to ipfixTemplateDiscontinuityTime, the time
is absolute and not relative to sysUpTime.";
reference
"RFC 6615, Section 8
(ipfixTemplateDiscontinuityTime).";
}
list field {
description
"This list contains the (Options) Template
fields of which the (Options) Template is defined.
The order of the list corresponds to the order of the fields
in the (Option) Template Record.";
leaf ie-id {
type ie-id-type;
description
"This parameter indicates the Information
Element identifier of the field.
Note that this parameter corresponds to
ipfixTemplateDefinitionIeId in the IPFIX MIB module.";
reference
"RFC 5101; RFC 6615, Section 8
(ipfixTemplateDefinitionIeId).";
}
leaf ie-length {
type uint16;
units "octets";
description
"This parameter indicates the length of the
Information Element of the field.
Note that this parameter corresponds to
ipfixTemplateDefinitionIeLength in the IPFIX MIB
module.";
reference
"RFC 5101; RFC 6615, Section 8
(ipfixTemplateDefinitionIeLength).";
}
leaf ie-enterprise-number {
type uint32;
description
"This parameter indicates the IANA enterprise
number of the authority defining the Information Element
identifier.
If the Information Element is not enterprise-specific,
this state parameter is zero.
Note that this parameter corresponds to
ipfixTemplateDefinitionIeEnterpriseNumber in the IPFIX
MIB module.";
reference
"RFC 6615, Section 8
(ipfixTemplateDefinitionIeEnterpriseNumber);
IANA registry for Private Enterprise Numbers,
http://www.iana.org/assignments/enterprise-numbers.";
}
leaf is-flow-key {
when "../../set-id = 2" {
description
"This parameter is available for non-Options
Templates (Set ID is 2).";
}
type empty;
description
"If present, this is a Flow Key field.
Note that this corresponds to flowKey(1) being set in
ipfixTemplateDefinitionFlags.";
reference
"RFC 6615, Section 8
(ipfixTemplateDefinitionFlags).";
}
leaf is-scope {
when "../../set-id = 3" {
description
"This parameter is available for Options
Templates (Set ID is 3).";
}
type empty;
description
"If present, this is a scope field.
Note that this corresponds to scope(0) being set in
ipfixTemplateDefinitionFlags.";
reference
"RFC 6615, Section 8
(ipfixTemplateDefinitionFlags).";
}
}
}
grouping common-collector-parameters {
description
"Parameters of a Collecting Process that are
common to all transport protocols.";
leaf local-port {
type inet:port-number;
description
"If not configured, the Monitoring Device uses the
default port number for IPFIX, which is 4739 without
TLS or DTLS and 4740 if TLS or DTLS is activated.";
}
container transport-layer-security {
presence
"The presence of this container indicates TLS is enabled.";
description
"TLS or DTLS configuration.";
uses transport-layer-security-parameters;
}
}
grouping common-collector-parameters-state {
description
"Parameters of a Collecting Process that are
common to all transport protocols.";
list transport-session {
key name;
config false;
description
"This list contains the currently established
Transport Sessions terminating at the given socket.";
leaf name {
type name-type;
description
"The name of the transporter session.";
}
uses transport-session-state-parameters;
}
}
grouping tcp-collector-parameters {
description
"Parameters of a listening TCP socket at a
Collecting Process.";
uses common-collector-parameters;
choice local-address-method {
description
"Method to configure the local IP address
of the collecting process. Note that it is
expected that other methods be available. Those
method can augment this choice.";
case local-address {
leaf-list local-ip-address {
type inet:ip-address;
description
"List of local IP addresses on which the Collecting
Process listens for IPFIX Messages.";
}
}
}
}
grouping collecting-process-parameters {
description
"Parameters of a Collecting Process.";
list tcp-collector {
if-feature tcp-transport;
key "name";
description
"List of TCP receivers (sockets) on which the
Collecting Process receives IPFIX Messages.";
leaf name {
type name-type;
description
"Name of the TCP collector.";
}
uses tcp-collector-parameters;
uses common-collector-parameters-state;
}
}
grouping exporting-process-parameters {
description
"Parameters of an Exporting Process.";
leaf export-mode {
type identityref {
base export-mode;
}
default 'parallel';
description
"This parameter determines to which configured
destination(s) the incoming Data Records are exported.";
}
list destination {
key "name";
min-elements 1;
description
"List of export destinations.";
leaf name {
type name-type;
description
"Export destination name.";
}
choice destination-parameters {
mandatory true;
description
"Destination configuration.";
container tcp-exporter {
if-feature tcp-transport;
description
"TCP parameters.";
uses tcp-exporter-parameters;
container transport-session {
config false;
description
"Transport session state data.";
uses transport-session-state-parameters;
}
}
}
}
list options {
key "name";
description
"List of options reported by the Exporting Process.";
leaf name {
type name-type;
description
"Name of the option.";
}
uses options-parameters;
}
}
grouping common-exporter-parameters {
description
"Parameters of en export destination that are
common to all transport protocols.";
leaf ipfix-version {
type uint16;
default '10';
description
"IPFIX version number.";
reference
"RFC 5101.";
}
leaf destination-port {
type inet:port-number;
description
"If not configured by the user, the Monitoring
Device uses the default port number for IPFIX, which is
4739 without TLS or DTLS and 4740 if TLS or DTLS is
activated.";
}
leaf send-buffer-size {
type uint32;
units "bytes";
description
"Size of the socket send buffer.
If not configured by the user, this parameter is set by
the Monitoring Device.";
}
leaf rate-limit {
type uint32;
units "bytes per second";
description
"Maximum number of bytes per second the Exporting
Process may export to the given destination. The number of
bytes is calculated from the lengths of the IPFIX Messages
exported. If not configured, no rate limiting is
performed.";
reference
"RFC 5476, Section 6.3.";
}
container transport-layer-security {
presence
"The presence of this container indicates TLS is enabled.";
description
"TLS or DTLS configuration.";
uses transport-layer-security-parameters;
}
}
grouping tcp-exporter-parameters {
description
"Parameters of a TCP export destination.";
uses common-exporter-parameters;
choice source-method {
description
"Method to configure the source IP address
of the exporter.
Note that it is expected that other methods be available.
Those methods can augment this choice.";
case source-address {
leaf source-address {
type inet:ip-address;
description
"Select the source IP address used by the Exporting
Process.";
}
}
}
choice destination-method {
mandatory true;
description
"Method to configuring the IP address destination
of the Collection Process to which IPFIX Messages are sent.
Note it is expected that if other methods are available
that they would augment from this statement.";
case destination-address {
leaf destination-address {
type inet:host;
description
"Destination IP address or hostname. A hostname may
resolve to one or more IP addresses.";
}
}
}
}
grouping options-parameters {
description
"Parameters specifying the data export using an
Options Template.";
leaf options-type {
type identityref {
base options-type;
}
mandatory true;
description
"Type of the exported options data.";
}
leaf options-timeout {
type uint32;
units "milliseconds";
description
"Time interval for periodic export of the options
data. If set to zero, the export is triggered when the
options data has changed.
If not configured by the user, this parameter is set by the
Monitoring Device.";
}
}
container ipfix {
description
"IPFIX Exporter and/or Collector data nodes.";
list collecting-process {
if-feature collector;
key "name";
description
"Collecting Process of the Monitoring Device.";
leaf name {
type name-type;
description
"Name of the collecting process.";
}
uses collecting-process-parameters;
leaf-list exporting-process {
if-feature exporter;
type leafref {
path "/ietf-ipfix:ipfix"
+ "/ietf-ipfix:exporting-process"
+ "/ietf-ipfix:name";
}
description
"Export of received records without any
modifications. Records are processed by all Exporting
Processes in the list.";
}
}
list exporting-process {
if-feature exporter;
key "name";
description
"List of Exporting Processes of the IPFIX Monitoring Device
for which configuration will be applied.";
leaf name {
type name-type;
description
"Name of the exporting process.";
}
uses exporting-process-parameters;
leaf exporting-process-id {
type uint32;
config false;
description
"The identifier of the Exporting Process.
This parameter corresponds to the Information Element
exportingProcessId. Its occurrence helps to associate
Exporting Process parameters with Exporing Process
statistics exported by the Monitoring Device using the
Exporting Process Reliability Statistics Template as
defined by the IPFIX protocol specification.";
reference
"RFC 5101, Section 4.3; IANA registry for IPFIX
Entities, http://www.iana.org/assignments/ipfix.";
}
}
}
}
<CODE ENDS>
This document defines the YANG module "ietf-psamp", which has the following structure:
module: ietf-psamp
augment /ietf-ipfix:ipfix:
+--rw psamp
+--rw observation-point* [name] {meter}?
| +--rw name ietf-ipfix:name-type
| +--rw observation-domain-id uint32
| +--rw interface-ref* if:interface-ref
| +--rw ent-physical-name* string
| +--rw direction? direction
| +--rw selection-process* -> /ietf-ipfix:ipfix/psamp/selection-process/name
+--rw selection-process* [name] {meter}?
| +--rw name ietf-ipfix:name-type
| +--rw selector* [name]
| | +--rw name ietf-ipfix:name-type
| | +--rw (method)
| | | +--:(select-all)
| | | | +--rw select-all? empty
| | | +--:(samp-count-based)
| | | | +--rw samp-count-based {psamp-samp-count-based}?
| | | | +--rw packet-interval uint32
| | | | +--rw packet-space uint32
| | | +--:(samp-time-based)
| | | | +--rw samp-time-based {psamp-samp-time-based}?
| | | | +--rw time-interval uint32
| | | | +--rw time-space uint32
| | | +--:(samp-rand-out-of-n)
| | | | +--rw samp-rand-out-of-n {psamp-samp-rand-out-of-n}?
| | | | +--rw size uint32
| | | | +--rw population uint32
| | | +--:(samp-uni-prob)
| | | | +--rw samp-uni-prob {psamp-samp-uni-prob}?
| | | | +--rw probability decimal64
| | | +--:(filter-match)
| | | | +--rw filter-match {psamp-filter-match}?
| | | | +--rw (name-or-id)
| | | | | +--:(ie-name)
| | | | | | +--rw ie-name? ietf-ipfix:ie-name-type
| | | | | +--:(ie-id)
| | | | | +--rw ie-id? ietf-ipfix:ie-id-type
| | | | +--rw ie-enterprise-number? uint32
| | | | +--rw value string
| | | +--:(filter-hash)
| | | +--rw filter-hash {psamp-filter-hash}?
| | | +--rw hash-function? identityref
| | | +--rw initializer-value? uint64
| | | +--rw ip-payload-offset? uint64
| | | +--rw ip-payload-size? uint64
| | | +--rw digest-output? boolean
| | | +--rw selected-range* [name]
| | | | +--rw name ietf-ipfix:name-type
| | | | +--rw min? uint64
| | | | +--rw max? uint64
| | | +--ro output-range-min? uint64
| | | +--ro output-range-max? uint64
| | +--ro packets-observed? yang:counter64
| | +--ro packets-dropped? yang:counter64
| | +--ro selector-discontinuity-time? yang:date-and-time
| +--rw cache? -> /ietf-ipfix:ipfix/psamp/cache/name
| +--ro selection-sequence* []
| +--ro observation-domain-id? uint32
| +--ro selection-sequence-id? uint64
+--rw cache* [name] {meter}?
+--rw name ietf-ipfix:name-type
+--ro metering-process-id? uint32
+--ro data-records? yang:counter64
+--ro cache-discontinuity-time? yang:date-and-time
+--rw (cache-type)
| +--:(immediate-cache)
| | +--rw immediate-cache {immediate-cache}?
| | +--rw cache-layout
| | +--rw cache-field* [name]
| | +--rw name ietf-ipfix:name-type
| | +--rw (name-or-id)
| | | +--:(ie-name)
| | | | +--rw ie-name? ietf-ipfix:ie-name-type
| | | +--:(ie-id)
| | | +--rw ie-id? ietf-ipfix:ie-id-type
| | +--rw ie-length? uint16
| | +--rw ie-enterprise-number? uint32
| | +--rw is-flow-key? empty
| +--:(timeout-cache)
| | +--rw timeout-cache {timeout-cache}?
| | +--rw max-flows? uint32
| | +--rw active-timeout? uint32
| | +--rw idle-timeout? uint32
| | +--rw export-interval? uint32
| | +--rw cache-layout
| | | +--rw cache-field* [name]
| | | +--rw name ietf-ipfix:name-type
| | | +--rw (name-or-id)
| | | | +--:(ie-name)
| | | | | +--rw ie-name? ietf-ipfix:ie-name-type
| | | | +--:(ie-id)
| | | | +--rw ie-id? ietf-ipfix:ie-id-type
| | | +--rw ie-length? uint16
| | | +--rw ie-enterprise-number? uint32
| | | +--rw is-flow-key? empty
| | +--ro active-flows? yang:gauge32
| | +--ro unused-cache-entries? yang:gauge32
| +--:(natural-cache)
| | +--rw natural-cache {natural-cache}?
| | +--rw max-flows? uint32
| | +--rw active-timeout? uint32
| | +--rw idle-timeout? uint32
| | +--rw export-interval? uint32
| | +--rw cache-layout
| | | +--rw cache-field* [name]
| | | +--rw name ietf-ipfix:name-type
| | | +--rw (name-or-id)
| | | | +--:(ie-name)
| | | | | +--rw ie-name? ietf-ipfix:ie-name-type
| | | | +--:(ie-id)
| | | | +--rw ie-id? ietf-ipfix:ie-id-type
| | | +--rw ie-length? uint16
| | | +--rw ie-enterprise-number? uint32
| | | +--rw is-flow-key? empty
| | +--ro active-flows? yang:gauge32
| | +--ro unused-cache-entries? yang:gauge32
| +--:(permanent-cache)
| +--rw permanent-cache {permanent-cache}?
| +--rw max-flows? uint32
| +--rw active-timeout? uint32
| +--rw idle-timeout? uint32
| +--rw export-interval? uint32
| +--rw cache-layout
| | +--rw cache-field* [name]
| | +--rw name ietf-ipfix:name-type
| | +--rw (name-or-id)
| | | +--:(ie-name)
| | | | +--rw ie-name? ietf-ipfix:ie-name-type
| | | +--:(ie-id)
| | | +--rw ie-id? ietf-ipfix:ie-id-type
| | +--rw ie-length? uint16
| | +--rw ie-enterprise-number? uint32
| | +--rw is-flow-key? empty
| +--ro active-flows? yang:gauge32
| +--ro unused-cache-entries? yang:gauge32
+--rw exporting-process* -> /ietf-ipfix:ipfix/exporting-process/name {ietf-ipfix:exporter}?
This YANG Module imports typedefs from [RFC6991].
<CODE BEGINS> file "ietf-psamp@2018-10-22.yang"
module ietf-psamp {
yang-version 1.1;
namespace "urn:ietf-params:xml:ns:yang:ietf-psamp";
prefix ietf-psamp;
import ietf-yang-types {
prefix yang;
}
import ietf-ipfix {
prefix ietf-ipfix;
}
import ietf-interfaces {
prefix if;
}
organization
"TBD";
contact
"TBD";
description
"TBD.
Copyright (c) 2018 IETF Trust and the persons identified
as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject
to the license terms contained in, the Simplified BSD License
set forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(http://trustee.ietf.org/license-info).
This version of this YANG module is part of XXX; see the RFC
itself for full legal notices.";
revision 2018-10-22 {
description
"Initial revision.";
reference
"Internet draft: draft-ipfix-psamp-bulk-data-yang-model-00";
}
feature meter {
description
"If supported, Observation Points, Selection
Processes, and Caches can be configured.";
}
feature psamp-samp-count-based {
description
"If supported, the Monitoring Device supports
count-based Sampling. The Selector method sampCountBased can
be configured.";
}
feature psamp-samp-time-based {
description
"If supported, the Monitoring Device supports
time-based Sampling. The Selector method sampTimeBased can
be configured.";
}
feature psamp-samp-rand-out-of-n {
description
"If supported, the Monitoring Device supports
random n-out-of-N Sampling. The Selector method
sampRandOutOfN can be configured.";
}
feature psamp-samp-uni-prob {
description
"If supported, the Monitoring Device supports
uniform probabilistic Sampling. The Selector method
sampUniProb can be configured.";
}
feature psamp-filter-match {
description
"If supported, the Monitoring Device supports
property match Filtering. The Selector method filterMatch
can be configured.";
}
feature psamp-filter-hash {
description
"If supported, the Monitoring Device supports
hash-based Filtering. The Selector method filterHash can be
configured.";
}
feature immediate-cache {
description
"If supported, the Monitoring Device supports
Caches generating PSAMP Packet Reports by configuration with
immediateCache.";
}
feature timeout-cache {
description
"If supported, the Monitoring Device supports
Caches generating IPFIX Flow Records by configuration with
timeoutCache.";
}
feature natural-cache {
description
"If supported, the Monitoring Device supports
Caches generating IPFIX Flow Records by configuration with
naturalCache.";
}
feature permanent-cache {
description
"If supported, the Monitoring Device supports
Caches generating IPFIX Flow Records by configuration with
permanentCache.";
}
identity bob {
base hash-function;
description
"BOB hash function.";
reference
"RFC 5475, Section 6.2.4.1.";
}
identity ipsx {
base hash-function;
description
"IPSX hash function.";
reference
"RFC 5475, Section 6.2.4.1.";
}
identity crc {
base hash-function;
description
"CRC hash function.";
reference
"RFC 5475, Section 6.2.4.1.";
}
identity hash-function {
description
"Base identity for all hash functions used for
hash-based packet Filtering.";
}
typedef if-name-type {
type string {
length "1..255";
}
description
"This corresponds to the DisplayString textual
convention of SNMPv2-TC, which is used for ifName in the IF
MIB module.";
reference
"RFC 2863 (ifName).";
}
typedef direction {
type enumeration {
enum "ingress" {
value 0;
description
"This value is used for monitoring incoming packets.";
}
enum "egress" {
value 1;
description
"This value is used for monitoring outgoing packets.";
}
enum "both" {
value 2;
description
"This value is used for monitoring incoming and
outgoing packets.";
}
}
description
"Direction of packets going through an interface.";
}
grouping observation-point-parameters {
description
"Interface as input to Observation Point.";
leaf observation-domain-id {
type uint32;
mandatory true;
description
"The Observation Domain ID associates the
Observation Point to an Observation Domain. Observation
Points with identical Observation Domain IDs belong to the
same Observation Domain.
Note that this parameter corresponds to
ipfixObservationPointObservationDomainId in the IPFIX MIB
module.";
reference
"RFC 5101; RFC 6615, Section 8
(ipfixObservationPointObservationDomainId).";
}
leaf-list interface-ref {
type if:interface-ref;
description
"List of names identifying interfaces of the
Monitoring Device. The Observation Point observes packets at
the specified interfaces.";
}
leaf-list ent-physical-name {
type string;
description
"List of names identifying physical entities of the
Monitoring Device. The Observation Point observes packets at
the specified entities.";
}
leaf direction {
type direction;
default "both";
description
"Direction of packets. If not applicable (e.g., in
the case of a sniffing interface in promiscuous mode), this
parameter is ignored.";
}
}
grouping samp-count-based-parameters {
description
"Configuration parameters of a Selector applying
systematic count-based packet Sampling to the packet
stream.";
reference
"RFC 5475, Section 5.1; RFC 5476, Section 6.5.2.1.";
leaf packet-interval {
type uint32;
units "packets";
mandatory true;
description
"The number of packets that are consecutively
sampled between gaps of length packetSpace.
This parameter corresponds to the Information Element
samplingPacketInterval and to psampSampCountBasedInterval
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.2.2; RFC 6727, Section 6
(psampSampCountBasedInterval).";
}
leaf packet-space {
type uint32;
units "packets";
mandatory true;
description
"The number of unsampled packets between two
Sampling intervals.
This parameter corresponds to the Information Element
samplingPacketSpace and to psampSampCountBasedSpace
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.2.3; RFC 6727, Section 6
(psampSampCountBasedSpace).";
}
}
grouping samp-time-based-parameters {
description
"Configuration parameters of a Selector applying
systematic time-based packet Sampling to the packet
stream.";
reference
"RFC 5475, Section 5.1; RFC 5476, Section 6.5.2.2.";
leaf time-interval {
type uint32;
units "microseconds";
mandatory true;
description
"The time interval in microseconds during
which all arriving packets are sampled between gaps
of length timeSpace.
This parameter corresponds to the Information Element
samplingTimeInterval and to psampSampTimeBasedInterval
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.2.4; RFC 6727, Section 6
(psampSampTimeBasedInterval).";
}
leaf time-space {
type uint32;
units "microseconds";
mandatory true;
description
"The time interval in microseconds during
which no packets are sampled between two Sampling
intervals specified by timeInterval.
This parameter corresponds to the Information Element
samplingTimeInterval and to psampSampTimeBasedSpace
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.2.5; RFC 6727, Section 6
(psampSampTimeBasedSpace).";
}
}
grouping samp-rand-out-of-n-parameters {
description
"Configuration parameters of a Selector applying
n-out-of-N packet Sampling to the packet stream.";
reference
"RFC 5475, Section 5.2.1; RFC 5476, Section 6.5.2.3.";
leaf size {
type uint32;
units "packets";
mandatory true;
description
"The number of elements taken from the parent
population.
This parameter corresponds to the Information Element
samplingSize and to psampSampRandOutOfNSize in the PSAMP
MIB module.";
reference
"RFC 5477, Section 8.2.6; RFC 6727, Section 6
(psampSampRandOutOfNSize).";
}
leaf population {
type uint32;
units "packets";
mandatory true;
description
"The number of elements in the parent
population.
This parameter corresponds to the Information Element
samplingPopulation and to psampSampRandOutOfNPopulation
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.2.7; RFC 6727, Section 6
(psampSampRandOutOfNPopulation).";
}
}
grouping samp-uni-prob-parameters {
description
"Configuration parameters of a Selector applying
uniform probabilistic packet Sampling (with equal
probability per packet) to the packet stream.";
reference
"RFC 5475, Section 5.2.2.1;
RFC 5476, Section 6.5.2.4.";
leaf probability {
type decimal64 {
fraction-digits 18;
range "0..1";
}
mandatory true;
description
"Probability that a packet is sampled,
expressed as a value between 0 and 1. The probability
is equal for every packet.
This parameter corresponds to the Information Element
samplingProbability and to psampSampUniProbProbability
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.2.8; RFC 6727, Section 6
(psampSampUniProbProbability).";
}
}
grouping filter-match-parameters {
description
"Configuration parameters of a Selector applying
property match Filtering to the packet stream.
The field to be matched is specified as an Information
Element.";
reference
"RFC 5475, Section 6.1; RFC 5476, Section 6.5.2.5.";
choice name-or-id {
mandatory true;
description
"The field to be matched is specified by
either the name or the identifier of the Information
Element.";
leaf ie-name {
type ietf-ipfix:ie-name-type;
description
"Name of the Information Element.";
}
leaf ie-id {
type ietf-ipfix:ie-id-type;
description
"Identifier of the Information Element.";
}
}
leaf ie-enterprise-number {
type uint32;
default '0';
description
"If this parameter is zero, the Information
Element is registered in the IANA registry of IPFIX
Information Elements.
If this parameter is configured with a non-zero private
enterprise number, the Information Element is
enterprise-specific.";
reference
"IANA registry for Private Enterprise Numbers,
http://www.iana.org/assignments/enterprise-numbers;
IANA registry for IPFIX Entities,
http://www.iana.org/assignments/ipfix.";
}
leaf value {
type string;
mandatory true;
description
"Matching value of the Information Element.";
}
}
grouping filter-hash-parameters {
description
"Configuration parameters of a Selector applying
hash-based Filtering to the packet stream.";
reference
"RFC 5475, Section 6.2; RFC 5476, Section 6.5.2.6.";
leaf hash-function {
type identityref {
base hash-function;
}
default 'bob';
description
"Hash function to be applied. According to
RFC 5475, Section 6.2.4.1, 'BOB' must be used in order to
be compliant with PSAMP.
This parameter functionally corresponds to
psampFiltHashFunction in the PSAMP MIB module.";
reference
"RFC 6727, Section 6 (psampFiltHashFunction)";
}
leaf initializer-value {
type uint64;
description
"Initializer value to the hash function.
If not configured by the user, the Monitoring Device
arbitrarily chooses an initializer value.
This parameter corresponds to the Information Element
hashInitialiserValue and to psampFiltHashInitializerValue
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.3.9; RFC 6727, Section 6
(psampFiltHashInitializerValue).";
}
leaf ip-payload-offset {
type uint64;
units "octets";
default '0';
description
"IP payload offset indicating the position of
the first payload byte considered as input to the hash
function.
Default value 0 corresponds to the minimum offset that
must be configurable according to RFC 5476, Section
6.5.2.6.
This parameter corresponds to the Information Element
hashIPPayloadOffset and to psampFiltHashIpPayloadOffset
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.3.2; RFC 6727, Section 6
(psampFiltHashIpPayloadOffset).";
}
leaf ip-payload-size {
type uint64;
units "octets";
default '8';
description
"Number of IP payload bytes used as input to
the hash function, counted from the payload offset.
If the IP payload is shorter than the payload range,
all available payload octets are used as input.
Default value 8 corresponds to the minimum IP payload
size that must be configurable according to RFC 5476,
Section 6.5.2.6.
This parameter corresponds to the Information Element
hashIPPayloadSize and to psampFiltHashIpPayloadSize
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.3.3; RFC 6727, Section 6
(psampFiltHashIpPayloadSize).";
}
leaf digest-output {
type boolean;
default 'false';
description
"If true, the output from this Selector is
included in the Packet Report as a packet digest.
Therefore, the configured Cache Layout needs to contain
a digestHashValue field.
This parameter corresponds to the Information Element
hashDigestOutput.";
reference
"RFC 5477, Section 8.3.8.";
}
list selected-range {
key "name";
min-elements 1;
description
"List of hash function return ranges for
which packets are selected.";
leaf name {
type ietf-ipfix:name-type;
description
"Name of the selected range.";
}
leaf min {
type uint64;
description
"Beginning of the hash function's selected
range.
This parameter corresponds to the Information Element
hashSelectedRangeMin and to psampFiltHashSelectedRangeMin
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.3.6; RFC 6727, Section 6
(psampFiltHashSelectedRangeMin).";
}
leaf max {
type uint64;
description
"End of the hash function's selected range.
This parameter corresponds to the Information Element
hashSelectedRangeMax and to psampFiltHashSelectedRangeMax
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.3.7; RFC 6727, Section 6
(psampFiltHashSelectedRangeMax).";
}
}
}
grouping filter-hash-parameters-state {
description
"Configuration parameters of a Selector applying
hash-based Filtering to the packet stream.";
reference
"RFC 5475, Section 6.2; RFC 5476, Section 6.5.2.6.";
leaf output-range-min {
type uint64;
config false;
description
"Beginning of the hash function's potential
range.
This parameter corresponds to the Information Element
hashOutputRangeMin and to psampFiltHashOutputRangeMin
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.3.4; RFC 6727, Section 6
(psampFiltHashOutputRangeMin).";
}
leaf output-range-max {
type uint64;
config false;
description
"End of the hash function's potential range.
This parameter corresponds to the Information Element
hashOutputRangeMax and to psampFiltHashOutputRangeMax
in the PSAMP MIB module.";
reference
"RFC 5477, Section 8.3.5; RFC 6727, Section 6
(psampFiltHashOutputRangeMax).";
}
}
grouping selector-parameters {
description
"Configuration and state parameters of a Selector.";
choice method {
mandatory true;
description
"Packet selection method applied by the Selector.";
leaf select-all {
type empty;
description
"Method that selects all packets.";
}
container samp-count-based {
if-feature psamp-samp-count-based;
description
"Systematic count-based packet Sampling.";
uses samp-count-based-parameters;
}
container samp-time-based {
if-feature psamp-samp-time-based;
description
"Systematic time-based packet Sampling.";
uses samp-time-based-parameters;
}
container samp-rand-out-of-n {
if-feature psamp-samp-rand-out-of-n;
description
"n-out-of-N packet Sampling.";
uses samp-rand-out-of-n-parameters;
}
container samp-uni-prob {
if-feature psamp-samp-uni-prob;
description
"Uniform probabilistic packet Sampling.";
uses samp-uni-prob-parameters;
}
container filter-match {
if-feature psamp-filter-match;
description
"Property match Filtering.";
uses filter-match-parameters;
}
container filter-hash {
if-feature psamp-filter-hash;
description
"Hash-based Filtering.";
uses filter-hash-parameters;
uses filter-hash-parameters-state;
}
}
}
grouping selector-parameters-state {
description
"Configuration and state parameters of a Selector.";
leaf packets-observed {
type yang:counter64;
config false;
description
"The number of packets observed at the input of
the Selector.
If this is the first Selector in the Selection Process,
this counter corresponds to the total number of packets in
all Observed Packet Streams at the input of the Selection
Process. Otherwise, the counter corresponds to the total
number of packets at the output of the preceding Selector.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
selectorDiscontinuityTime.
Note that this parameter corresponds to
ipfixSelectorStatsPacketsObserved in the IPFIX MIB
module.";
reference
"RFC 6615, Section 8
(ipfixSelectorStatsPacketsObserved).";
}
leaf packets-dropped {
type yang:counter64;
config false;
description
"The total number of packets discarded by the
Selector.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
selectorDiscontinuityTime.
Note that this parameter corresponds to
ipfixSelectorStatsPacketsDropped in the IPFIX MIB
module.";
reference
"RFC 6615, Section 8
(ipfixSelectorStatsPacketsDropped).";
}
leaf selector-discontinuity-time {
type yang:date-and-time;
config false;
description
"Timestamp of the most recent occasion at which
one or more of the Selector counters suffered a
discontinuity.
Note that this parameter functionally corresponds to
ipfixSelectionProcessStatsDiscontinuityTime in the IPFIX
MIB module. In contrast to
ipfixSelectionProcessStatsDiscontinuityTime, the time is
absolute and not relative to sysUpTime.";
reference
"RFC 6615, Section 8
(ipfixSelectionProcessStatsDiscontinuityTime).";
}
}
grouping cache-layout-parameters {
description
"Cache Layout parameters used by immediateCache,
timeoutCache, naturalCache, and permanentCache.";
container cache-layout {
description
"Cache Layout parameters.";
list cache-field {
key "name";
min-elements 1;
description
"Superset of fields that are included in the
Packet Reports or Flow Records generated by the Cache.";
leaf name {
type ietf-ipfix:name-type;
description
"Name of the cache field.";
}
choice name-or-id {
mandatory true;
description
"Name or identifier of the Information
Element.";
reference
"RFC 5102, Section 2; IANA registry for IPFIX
Entities, http://www.iana.org/assignments/ipfix.";
leaf ie-name {
type ietf-ipfix:ie-name-type;
description
"Name of the Information Element.";
}
leaf ie-id {
type ietf-ipfix:ie-id-type;
description
"Identifier of the Information Element.";
}
}
leaf ie-length {
type uint16;
units "octets";
description
"Length of the field in which the Information
Element is encoded. A value of 65535 specifies a
variable-length Information Element. For Information
Elements of integer and float type, the field length MAY
be set to a smaller value than the standard length of
the abstract data type if the rules of reduced size
encoding are fulfilled.
If not configured by the user, this parameter is set by
the Monitoring Device.";
reference
"RFC 5101, Section 6.2.";
}
leaf ie-enterprise-number {
type uint32;
default '0';
description
"If this parameter is zero, the Information
Element is registered in the IANA registry of IPFIX
Information Elements.
If this parameter is configured with a non-zero private
enterprise number, the Information Element is
enterprise-specific.
If the enterprise number is set to 29305, this field
contains a Reverse Information Element. In this case,
the Cache MUST generate Data Records in accordance to
RFC 5103.";
reference
"RFC 5101; RFC 5103;
IANA registry for Private Enterprise Numbers,
http://www.iana.org/assignments/enterprise-numbers;
IANA registry for IPFIX Entities,
http://www.iana.org/assignments/ipfix.";
}
leaf is-flow-key {
when
"(name(../../..) != 'immediate-cache')
and
((count(../ie-enterprise-number) = 0)
or
(../ie-enterprise-number != 29305))" {
description
"This parameter is not available for
Reverse Information Elements (which have enterprise
number 29305). It is also not available for
immediateCache.";
}
type empty;
description
"If present, this is a flow key.";
}
}
}
}
grouping flow-cache-parameters {
description
"Configuration parameters of a Cache generating Flow Records.";
leaf max-flows {
type uint32;
units "flows";
description
"This parameter configures the maximum number of
Flows in the Cache, which is the maximum number of Flows
that can be measured simultaneously.
The Monitoring Device MUST ensure that sufficient resources
are available to store the configured maximum number of
Flows.
If the maximum number of Flows is measured, an additional
Flow can be measured only if an existing entry is removed.
However, traffic that pertains to existing Flows can
continue to be measured.";
}
leaf active-timeout {
when "(name(..) = 'timeout-cache') or
(name(..) = 'natural-cache')" {
description
"This parameter is only available for
timeoutCache and naturalCache.";
}
type uint32;
units "seconds";
description
"This parameter configures the time in
seconds after which a Flow is expired even though packets
matching this Flow are still received by the Cache.
The parameter value zero indicates infinity, meaning that
there is no active timeout.
If not configured by the user, the Monitoring Device sets
this parameter.
Note that this parameter corresponds to
ipfixMeteringProcessCacheActiveTimeout in the IPFIX
MIB module.";
reference
"RFC 6615, Section 8
(ipfixMeteringProcessCacheActiveTimeout).";
}
leaf idle-timeout {
when
"(name(..) = 'timeout-cache') or
(name(..) = 'natural-cache')" {
description
"This parameter is only available for
timeoutCache and naturalCache.";
}
type uint32;
units "seconds";
description
"This parameter configures the time in
seconds after which a Flow is expired if no more packets
matching this Flow are received by the Cache.
The parameter value zero indicates infinity, meaning that
there is no idle timeout.
If not configured by the user, the Monitoring Device sets
this parameter.
Note that this parameter corresponds to
ipfixMeteringProcessCacheIdleTimeout in the IPFIX
MIB module.";
reference
"RFC 6615, Section 8
(ipfixMeteringProcessCacheIdleTimeout).";
}
leaf export-interval {
when "name(..) = 'permanent-cache'" {
description
"This parameter is only available for permanentCache.";
}
type uint32;
units "seconds";
description
"This parameter configures the interval (in
seconds) for periodical export of Flow Records.
If not configured by the user, the Monitoring Device sets
this parameter.";
}
}
grouping flow-cache-parameters-state {
description
"State parameters of a Cache generating Flow Records.";
leaf active-flows {
type yang:gauge32;
units "flows";
config false;
description
"The number of Flows currently active in this Cache.
Note that this parameter corresponds to
ipfixMeteringProcessCacheActiveFlows in the IPFIX MIB
module.";
reference
"RFC 6615, Section 8
(ipfixMeteringProcessCacheActiveFlows).";
}
leaf unused-cache-entries {
type yang:gauge32;
units "flows";
config false;
description
"The number of unused Cache entries in this
Cache.
Note that this parameter corresponds to
ipfixMeteringProcessCacheUnusedCacheEntries in the IPFIX
MIB module.";
reference
"RFC 6615, Section 8
(ipfixMeteringProcessCacheUnusedCacheEntries).";
}
}
augment '/ietf-ipfix:ipfix' {
description
"Augment IPFIX transport to add PSAMP.";
container psamp {
description
"Container for PSAMP configuration.";
list observation-point {
if-feature meter;
key "name";
description
"Observation Point of the Monitoring Device.";
leaf name {
type ietf-ipfix:name-type;
description "Name of the observation point.";
}
uses observation-point-parameters;
leaf-list selection-process {
type leafref {
path "/ietf-ipfix:ipfix/psamp/selection-process/name";
}
description
"Selection Processes in this list process
packets in parallel.";
}
}
list selection-process {
if-feature meter;
key "name";
description
"Selection Process of the Monitoring Device.";
leaf name {
type ietf-ipfix:name-type;
description
"Name of the selection process.";
}
list selector {
key "name";
min-elements 1;
ordered-by user;
description
"List of Selectors that define the action of the
Selection Process on a single packet. The Selectors
are serially invoked in the same order as they appear
in this list.";
leaf name {
type ietf-ipfix:name-type;
description
"Name of the selector.";
}
uses selector-parameters;
uses selector-parameters-state;
}
leaf cache {
type leafref {
path "/ietf-ipfix:ipfix/psamp/cache/name";
}
description
"Cache that receives the output of the
Selection Process.";
}
list selection-sequence {
config false;
description
"This list contains the Selection Sequence IDs
that are assigned by the Monitoring Device to
distinguish different Selection Sequences passing
through the Selection Process.
As Selection Sequence IDs are unique per Observation
Domain, the corresponding Observation Domain IDs are
included as well.
With this information, it is possible to associate
Selection Sequence (Statistics) Report Interpretations
exported according to the PSAMP protocol with a
Selection Process in the configuration data.";
reference
"RFC 5476.";
leaf observation-domain-id {
type uint32;
description
"Observation Domain ID for which the
Selection Sequence ID is assigned.";
}
leaf selection-sequence-id {
type uint64;
description
"Selection Sequence ID used in the Selection
Sequence (Statistics) Report Interpretation.";
}
}
}
list cache {
if-feature meter;
key "name";
description
"Cache of the Monitoring Device.";
leaf name {
type ietf-ipfix:name-type;
description
"Name of the cache.";
}
leaf metering-process-id {
type uint32;
config false;
description
"The identifier of the Metering Process this
Cache belongs to.
This parameter corresponds to the Information Element
meteringProcessId. Its occurrence helps to associate
Cache parameters with Metering Process statistics
exported by the Monitoring Device using the Metering
Process (Reliability) Statistics Template as
defined by the IPFIX protocol specification.";
reference
"RFC 5101, Sections 4.1 and 4.2;
IANA registry for IPFIX Entities,
http://www.iana.org/assignments/ipfix.";
}
leaf data-records {
type yang:counter64;
units "Data Records";
config false;
description
"The number of Data Records generated by this
Cache.
Discontinuities in the value of this counter can occur
at re-initialization of the management system, and at
other times as indicated by the value of
cacheDiscontinuityTime.
Note that this parameter corresponds to
ipfixMeteringProcessDataRecords in the IPFIX MIB
module.";
reference
"RFC 6615, Section 8
(ipfixMeteringProcessDataRecords).";
}
leaf cache-discontinuity-time {
type yang:date-and-time;
config false;
description
"Timestamp of the most recent occasion at which
the counter dataRecords suffered a discontinuity.
Note that this parameter functionally corresponds to
ipfixMeteringProcessDiscontinuityTime in the IPFIX MIB
module. In contrast to
ipfixMeteringProcessDiscontinuityTime, the time is
absolute and not relative to sysUpTime.";
reference
"RFC 6615, Section 8
(ipfixMeteringProcessDiscontinuityTime).";
}
choice cache-type {
mandatory true;
description
"Type of Cache and specific parameters.";
container immediate-cache {
if-feature immediate-cache;
description
"Flow expiration after the first packet;
generation of Packet Records.";
uses cache-layout-parameters;
}
container timeout-cache {
if-feature timeout-cache;
description
"Flow expiration after active and idle
timeout; generation of Flow Records.";
uses flow-cache-parameters;
uses cache-layout-parameters;
uses flow-cache-parameters-state;
}
container natural-cache {
if-feature natural-cache;
description
"Flow expiration after active and idle
timeout, or on natural termination (e.g., TCP FIN or
TCP RST) of the Flow; generation of Flow Records.";
uses flow-cache-parameters;
uses cache-layout-parameters;
uses flow-cache-parameters-state;
}
container permanent-cache {
if-feature permanent-cache;
description
"No flow expiration, periodical export with
time interval exportInterval; generation of Flow
Records.";
uses flow-cache-parameters;
uses cache-layout-parameters;
uses flow-cache-parameters-state;
}
}
leaf-list exporting-process {
if-feature ietf-ipfix:exporter;
type leafref {
path "/ietf-ipfix:ipfix"
+ "/ietf-ipfix:exporting-process"
+ "/ietf-ipfix:name";
}
description
"Records are exported by all Exporting Processes
in the list.";
}
}
}
}
}
<CODE ENDS>
This document defines the YANG module "ietf-bulk-data-export", which has the following tentative structure:
TBD
This YANG Module imports typedefs from [RFC6991].
TBD
This document registers a URI in the "IETF XML Registry". [RFC3688]. Following the format in RFC 3688, the following registration has been made.
URI: urn:ietf:params:xml:ns:yang:ietf-TBD Registrant Contact: The IESG. XML: N/A, the requested URI is an XML namespace.
This document registers a YANG module in the "YANG Module Names" registry. Following the format in [RFC7950], the following has been registered.
Name: ietf-TBD Namespace: urn:ietf:params:xml:ns:yang:ietf-TBD Prefix: TBD Reference: TBD
The YANG module specified in this document defines a schema for data that is designed to be accessed via network management protocols such as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer is the secure transport layer, and the mandatory-to-implement secure transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer is HTTPS, and the mandatory-to-implement secure transport is TLS [RFC5246].
The NETCONF access control model [RFC6536] provides the means to restrict access for particular NETCONF or RESTCONF users to a preconfigured subset of all available NETCONF or RESTCONF protocol operations and content.
There are a number of data nodes defined in this YANG module that are writable/creatable/deletable (i.e., config true, which is the default). These data nodes may be considered sensitive or vulnerable in some network environments. Write operations (e.g., edit-config) to these data nodes without proper protection can have a negative effect on network operations. These are the subtrees and data nodes and their sensitivity/vulnerability:
Some of the readable data nodes in this YANG module may be considered sensitive or vulnerable in some network environments. It is thus important to control read access (e.g., via get, get-config, or notification) to these data nodes. These are the subtrees and data nodes and their sensitivity/vulnerability:
(The section needs to be expanded to include bulk data export YANG.)
TBD
This configuration example configures an IPFIX exporter for a BBF TR-352 ICTP Proxy.
<ipfix>
<exporting-process>
<name>TR352-exporter</name>
<destination>
<name>ICTP-Proxy1-collector</name>
<tcp-exporter>
<source-method>source-address
<source-address>192.0.2.1</source-address>
</source-method>
<destination-method>destination-address
<destination-address>ictp-proxy-1.ngpon2-system1.com</destination-address>
</destination-method>
</tcp-exporter>
</destination>
<options>
<name>Options 1</name>
<options-type>extended-type-information</options-type>
<options-timeout>0</options-timeout>
</options>
</exporting-prrocess>
</ipfix>
This configuration example configures an IPFIX mediator.
<ipfix>
<collecting-process>
<name>OLT-collector</name>
<tcp-collector>
<name>myolt-tcp-collector</name>
<local-address-method>local-ip-address
<local-ip-address>192.100.2.1</local-ip-address>
</local-address-method>
</tcp-collector>
<exporting-process>OLT-exporter</exporting-process>
</collecting-process>
<exporting-process>
<name>OLT-exporter</name>
<destination>
<name>big-collector</name>
<tcp-exporter>
<source-method>source-address
<source-address>192.100.2.1</source-address>
</source-method>
<destination-method>destination-address
<destination-address>big-collector1.system.com</destination-address>
</destination-method>
<options>
<name>Options 1</name>
<options-type>extended-type-information</options-type>
<options-timeout>0</options-timeout>
</options>
</exporting-process>
</ipfix>
TBD
The configuration example configures a field-layout template:
TBD