YANG Data Model for Bidirectional Forwarding Detection (BFD)Xoriant Corporation1248 Reamwood AveSunnyvaleCalifornia94089United States of Americamjethanandani@gmail.comCanadareshad@yahoo.comHuawei TechnologiesChinaveronique_cheng@hotmail.comVMwareIndiasantosh.pallagatti@gmail.comEricssongregimirsky@gmail.comLiveliness checkBGPOSPFIS-ISTCP-AOMD5This document defines a YANG data model that can be used to configure
and manage Bidirectional Forwarding Detection (BFD).The YANG modules in this document conform to the Network Management
Datastore Architecture (NMDA) (RFC 8342). This document updates YANG Data Model for Bidirectional Forwarding Detection (BFD) (RFC 9127).Status of This Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by
the Internet Engineering Steering Group (IESG). Further
information on Internet Standards is available in Section 2 of
RFC 7841.
Information about the current status of this document, any
errata, and how to provide feedback on it may be obtained at
.
Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
() in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
document must include Simplified BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Simplified BSD License.
Table of Contents
. Introduction
. Tree Diagrams
. Design of the Data Model
. Design of the Configuration Model
. Common BFD Configuration Parameters
. Single-Hop IP
. Multihop IP
. MPLS Label Switched Paths
. Link Aggregation Groups
. Design of the Operational State Model
. Notifications
. RPC Operations
. BFD Top-Level Hierarchy
. BFD IP Single-Hop Hierarchy
. BFD IP Multihop Hierarchy
. BFD-over-LAG Hierarchy
. BFD-over-MPLS-LSPs Hierarchy
. Interaction with other YANG Modules
. "ietf-interfaces" Module
. "ietf-ip" Module
. "ietf-mpls" Module
. BFD Types YANG Module
. BFD Top-Level YANG Module
. BFD IP Single-Hop YANG Module
. BFD IP Multihop YANG Module
. BFD-over-LAG YANG Module
. BFD-over-MPLS YANG Module
. Data Model Examples
. IP Single-Hop
. IP Multihop
. LAG
. MPLS
. Security Considerations
. IANA Considerations
. References
. Normative References
. Informative References
. Echo Function Configuration Example
. Example YANG Module for BFD Echo Function Configuration
Acknowledgments
Updates since RFC 9127
IntroductionThis document defines a YANG data model that can be used to configure
and manage Bidirectional Forwarding Detection (BFD) . BFD is a network protocol that is used
for liveness detection of arbitrary paths between systems. Some examples
of different types of paths over which we have BFD are as follows:
Two systems directly connected via IP. This is known as BFD over
single-hop IP, a.k.a. BFD for
IPv4 and IPv6.
Two systems connected via multiple hops as described in "Bidirectional Forwarding Detection
(BFD) for Multihop Paths".
Two systems connected via MPLS Label Switched Paths (LSPs) as
described in "Bidirectional
Forwarding Detection (BFD) for MPLS Label Switched Paths (LSPs)".
Two systems connected via a Link Aggregation Group (LAG) interface
as described in "Bidirectional
Forwarding Detection (BFD) on Link Aggregation Group (LAG) Interfaces".
Two systems connected via pseudowires (PWs). This is known as
Virtual Circuit Connectivity Verification (VCCV), as described in "Bidirectional
Forwarding Detection (BFD) for the Pseudowire Virtual
Circuit Connectivity Verification (VCCV)". This scenario is not
addressed in this document.
BFD typically does not operate on its own. Various control protocols,
also known as BFD clients, use the services provided by BFD for their
own operation, as described in "Generic Application of Bidirectional Forwarding
Detection (BFD)". The obvious
candidates that use BFD are those that do not have "hellos" to detect
failures, e.g., static routes, and routing protocols whose "hellos" do
not support sub-second failure detection, e.g., OSPF and IS-IS.The YANG modules in this document conform to the Network Management Datastore
Architecture (NMDA). This means that the data models do not have
separate top-level or sibling containers for configuration data and
operational state data.Tree DiagramsThis document uses the graphical representation of data models, as defined in
.Design of the Data ModelSince BFD is used for liveness detection of various forwarding
paths, there is no uniform key to identify a BFD session, and so the BFD
data model is split into multiple YANG modules where each module
corresponds to one type of forwarding path. For example, BFD for IP
single-hop is in one YANG module, and BFD for MPLS is in another YANG
module. The main difference between these modules is how a BFD session
is uniquely identified, i.e., the key for the list containing the BFD
sessions for that forwarding path. To avoid duplication of BFD
definitions, we have common types and groupings that are used by all
the modules.A new control-plane protocol, "bfdv1", is defined, and a "bfd" container
is created under "control-plane-protocol" as specified in "A YANG Data Model for Routing
Management (NMDA Version)". This new "bfd" container is augmented
by the following YANG modules for their respective specific information:
The "ietf-bfd-ip-sh" module () augments
"/routing/control-plane-protocols/control-plane-protocol/bfd/" with
the "ip-sh" container for BFD sessions over IP single-hop.
The "ietf-bfd-ip-mh" module () augments
"/routing/control-plane-protocols/control-plane-protocol/bfd/" with
the "ip-mh" container for BFD sessions over IP multihop.
The "ietf-bfd-lag" module () augments
"/routing/control-plane-protocols/control-plane-protocol/bfd/" with
the "lag" container for BFD sessions over a LAG.
The "ietf-bfd-mpls" module () augments
"/routing/control-plane-protocols/control-plane-protocol/bfd/" with
the "mpls" container for BFD-over-MPLS LSPs.
BFD can operate in the following contexts:
At the network device level.
In logical network elements (LNEs) as described in "YANG Model for Logical Network Elements".
In network instances as described in "YANG Data Model for Network Instances".
When used at the network device level, the BFD YANG data model is
used "as is". When the BFD YANG data model is used in an LNE or network instance, the BFD YANG data model augments
the mounted routing model for the LNE or network instance.Design of the Configuration ModelThe configuration model consists mainly of the parameters specified
in BFD -- for example, desired
minimum transmit interval, required minimum receive interval, and
detection multiplier.BFD clients are applications that use BFD for fast detection of
failures. Some implementations have BFD session configuration under
the BFD clients -- for example, BFD session configuration under routing
applications such as OSPF, IS-IS, or BGP. Other implementations have
BFD session configuration centralized under BFD, i.e., outside the
multiple BFD clients.The main BFD parameters of interest to a BFD client are those
related to the
multiplier and interval(s), since those parameters impact the
convergence time of the BFD clients when a failure occurs. Other
parameters, such as BFD authentication, are not specific to the
requirements of the BFD client. Configuration of BFD for all
clients should be centralized. However, this is a problem for BFD clients
that auto-discover their peers. For example, IGPs do not have the
peer address configured; instead, the IGP is enabled on an interface,
and the IGP peers are auto-discovered. So, for an operator to configure
BFD to an IGP peer, the operator would first have to determine the
peer addresses. And when a new peer is discovered, BFD configuration
would need to be added. To avoid this issue, we define the grouping
"client-cfg-parms" in for BFD clients to
configure BFD: this allows BFD clients, such as the IGPs, to have
configuration (multiplier and intervals) for the BFD sessions they
need. For example, when a new IGP peer is discovered, the IGP would
create a BFD session to the newly discovered peer; similarly, when
an IGP peer goes away, the IGP would remove the BFD session to that
peer. The mechanism for how the BFD sessions are created and removed by
the BFD clients is outside the scope of this document, but
this would typically be done by using an API implemented by the BFD module on
the system. In the case of BFD clients that create BFD sessions via their own
configuration, authentication parameters (if required) are still
specified in BFD.Common BFD Configuration ParametersThe basic BFD configuration parameters are as follows:
local-multiplier
This is the detection time multiplier as defined in BFD.
desired-min-tx-interval
This is the Desired Min TX Interval as defined in BFD.
required-min-rx-interval
This is the Required Min RX Interval as defined in BFD.
Although BFD
allows for different values for transmit and receive intervals, some
implementations allow users to specify just one interval that is
used for both transmit and receive intervals, or separate values for
transmit and receive intervals. The BFD YANG data model supports this:
there is a choice between "min-interval", used for both transmit and
receive intervals, and "desired-min-tx-interval" and
"required-min-rx-interval". This is supported via the
"base-cfg-parms" grouping (), which
is used by the YANG modules for the various forwarding paths.For BFD authentication, we have the following:
key-chain
This is a reference to "key-chain" as defined in "YANG Data Model for Key
Chains". The keys, cryptographic algorithms, key lifetime,
etc. are all defined in the "key-chain" model.
meticulous
This enables a meticulous mode as per BFD .
Single-Hop IPFor single-hop IP, there is an augment of the "bfd" data node, as
described in
. The "ip-sh" node
contains a list of IP single-hop sessions where each session is
uniquely identified by the interface and destination address
pair. We use the configuration parameters defined in
. The "ip-sh" node
also contains a list of interfaces and is used to specify
authentication parameters for BFD sessions that are created by BFD
clients. See . and do not specify whether
the Echo function operates continuously or on demand. Therefore, the mechanism used to
start and stop the Echo function is implementation specific and should
be done by augmentation:
Configuration. This is suitable for an Echo function that
operates continuously. An example is provided in .
RPC. This is suitable for an Echo function that operates
on demand.
Multihop IPFor multihop IP, there is an augment of the "bfd" data node, as described in
.Because of multiple paths, there could be multiple multihop IP
sessions between a source and a destination address. We identify
this set of sessions as a "session-group". The key for each "session-group" consists
of the following:
Source address
Address belonging to the local system as per "Bidirectional Forwarding
Detection (BFD) for Multihop Paths".
Destination address
Address belonging to the remote system as per .
We use the configuration parameters defined in .This document also provides the following parameters:
tx-ttl
TTL of outgoing BFD control packets.
rx-ttl
Minimum TTL of incoming BFD control packets.
MPLS Label Switched PathsHere, we address MPLS LSPs whose
Forwarding Equivalence Class (FEC) is an IP
address. The "bfd"
node () is augmented
with "mpls", which contains a list of sessions uniquely identified by
an IP prefix. Because of multiple paths, there could be multiple
MPLS sessions to an MPLS FEC. We identify this set of sessions as a
"session-group".Since these LSPs are unidirectional, there is no LSP
configuration on the egress node.The BFD parameters for the egress node are added under
"mpls".Link Aggregation GroupsPer "Bidirectional
Forwarding Detection (BFD) on Link Aggregation Group (LAG)
Interfaces", configuring BFD on a LAG consists of having micro-BFD
sessions on each LAG member link. Since the BFD parameters are an
attribute of the LAG, they should be under the LAG. However, there is
no LAG YANG data model that we can augment. So, a "lag" data node is
added to the "bfd" node; see . The configuration is per LAG: we have a list of
LAGs. The destination IP address of the micro-BFD sessions is
configured per LAG and per address family (IPv4 and IPv6).Design of the Operational State ModelThe operational state model contains both the overall statistics for
the BFD sessions running on the device and the per-session operational
information.The overall statistics for the BFD sessions consist of the number of BFD
sessions, the number of BFD sessions that are up, etc. This information is available
globally (i.e., for all BFD sessions) under the "bfd" node
() and also per type of
forwarding path.For each BFD session, three main categories of operational state
data are shown.
The first category includes fundamental information regarding a BFD session, such as
the local discriminator, the remote discriminator, and the ability to
support Demand mode.
The
second category includes BFD "session-running" information, e.g., the
remote BFD state and the diagnostic code received. Another example is
the actual transmit interval between the control packets, which may be
different from the configured desired minimum transmit
interval. Similar examples include the actual receive interval
between the control packets and the actual transmit interval between
the Echo packets.
The third category contains the detailed statistics
for the session, e.g., when the session transitioned up/down and how
long it has been in that state.
For some path types, there may be more than one session on the
virtual path to the destination. For example, with IP multihop and
MPLS LSPs, there could be multiple BFD sessions from the source to the
same destination to test the various paths (ECMP) to the destination.
This is represented by having multiple "sessions" under each
"session-group".NotificationsThis YANG data model defines notifications to inform end users of
important events detected during the protocol operation. The
local discriminator identifies the corresponding BFD session on the
local system, and the remote discriminator identifies the BFD session
on the remote system.
Notifications also give more important details about BFD sessions,
e.g., new state, time in previous state, network instance, and the
reason that the BFD session state changed. The notifications are
defined for each type of forwarding path but use groupings for common
information.RPC OperationsNone.BFD Top-Level HierarchyAt the "bfd" node under "control-plane-protocol", there is no
configuration data -- only operational state data. The operational state
data consists of overall BFD session statistics, i.e., for BFD on all
types of forwarding paths.
module: ietf-bfd
augment /rt:routing/rt:control-plane-protocols
/rt:control-plane-protocol:
+--rw bfd
+--ro summary
+--ro number-of-sessions? yang:gauge32
+--ro number-of-sessions-up? yang:gauge32
+--ro number-of-sessions-down? yang:gauge32
+--ro number-of-sessions-admin-down? yang:gauge32
BFD IP Single-Hop HierarchyAn "ip-sh" node is added under the "bfd" node in
"control-plane-protocol". The configuration data and operational state data
for each BFD IP single-hop session are under this "ip-sh" node.
module: ietf-bfd-ip-sh
augment /rt:routing/rt:control-plane-protocols
/rt:control-plane-protocol/bfd:bfd:
+--rw ip-sh
+--ro summary
| +--ro number-of-sessions? yang:gauge32
| +--ro number-of-sessions-up? yang:gauge32
| +--ro number-of-sessions-down? yang:gauge32
| +--ro number-of-sessions-admin-down? yang:gauge32
+--rw sessions
| +--rw session* [interface dest-addr]
| +--rw interface if:interface-ref
| +--rw dest-addr inet:ip-address
| +--rw source-addr? inet:ip-address
| +--rw local-multiplier? multiplier
| +--rw (interval-config-type)?
| | +--:(tx-rx-intervals)
| | | +--rw desired-min-tx-interval? uint32
| | | +--rw required-min-rx-interval? uint32
| | +--:(single-interval) {single-minimum-interval}?
| | +--rw min-interval? uint32
| +--rw demand-enabled? boolean
| | {demand-mode}?
| +--rw admin-down? boolean
| +--rw authentication! {authentication}?
| | +--rw key-chain? key-chain:key-chain-ref
| | +--rw meticulous? boolean
| +--ro path-type? identityref
| +--ro ip-encapsulation? boolean
| +--ro local-discriminator? discriminator
| +--ro remote-discriminator? discriminator
| +--ro remote-multiplier? multiplier
| +--ro demand-capability? boolean
| | {demand-mode}?
| +--ro source-port? inet:port-number
| +--ro dest-port? inet:port-number
| +--ro session-running
| | +--ro session-index? uint32
| | +--ro local-state? state
| | +--ro remote-state? state
| | +--ro local-diagnostic?
| | | iana-bfd-types:diagnostic
| | +--ro remote-diagnostic?
| | | iana-bfd-types:diagnostic
| | +--ro remote-authenticated? boolean
| | +--ro remote-authentication-type?
| | | iana-bfd-types:auth-type {authentication}?
| | +--ro detection-mode? enumeration
| | +--ro negotiated-tx-interval? uint32
| | +--ro negotiated-rx-interval? uint32
| | +--ro detection-time? uint32
| | +--ro echo-tx-interval-in-use? uint32
| | {echo-mode}?
| +--ro session-statistics
| +--ro create-time?
| | yang:date-and-time
| +--ro last-down-time?
| | yang:date-and-time
| +--ro last-up-time?
| | yang:date-and-time
| +--ro down-count? yang:counter32
| +--ro admin-down-count? yang:counter32
| +--ro receive-packet-count? yang:counter64
| +--ro send-packet-count? yang:counter64
| +--ro receive-invalid-packet-count? yang:counter64
| +--ro send-failed-packet-count? yang:counter64
+--rw interfaces* [interface]
+--rw interface if:interface-ref
+--rw authentication! {authentication}?
+--rw key-chain? key-chain:key-chain-ref
+--rw meticulous? boolean
notifications:
+---n singlehop-notification
+--ro local-discr? discriminator
+--ro remote-discr? discriminator
+--ro new-state? state
+--ro state-change-reason? iana-bfd-types:diagnostic
+--ro time-of-last-state-change? yang:date-and-time
+--ro dest-addr? inet:ip-address
+--ro source-addr? inet:ip-address
+--ro session-index? uint32
+--ro path-type? identityref
+--ro interface? if:interface-ref
+--ro echo-enabled? boolean
BFD IP Multihop HierarchyAn "ip-mh" node is added under the "bfd" node in
"control-plane-protocol". The configuration data and operational state data
for each BFD IP multihop session are under this "ip-mh" node. In the
operational state model, we support multiple BFD multihop sessions per
remote address (ECMP); the local discriminator is used as the key.
module: ietf-bfd-ip-mh
augment /rt:routing/rt:control-plane-protocols
/rt:control-plane-protocol/bfd:bfd:
+--rw ip-mh
+--ro summary
| +--ro number-of-sessions? yang:gauge32
| +--ro number-of-sessions-up? yang:gauge32
| +--ro number-of-sessions-down? yang:gauge32
| +--ro number-of-sessions-admin-down? yang:gauge32
+--rw session-groups
+--rw session-group* [source-addr dest-addr]
+--rw source-addr inet:ip-address
+--rw dest-addr inet:ip-address
+--rw local-multiplier? multiplier
+--rw (interval-config-type)?
| +--:(tx-rx-intervals)
| | +--rw desired-min-tx-interval? uint32
| | +--rw required-min-rx-interval? uint32
| +--:(single-interval) {single-minimum-interval}?
| +--rw min-interval? uint32
+--rw demand-enabled? boolean
| {demand-mode}?
+--rw admin-down? boolean
+--rw authentication! {authentication}?
| +--rw key-chain? key-chain:key-chain-ref
| +--rw meticulous? boolean
+--rw tx-ttl? bfd-types:hops
+--rw rx-ttl bfd-types:hops
+--ro sessions* []
+--ro path-type? identityref
+--ro ip-encapsulation? boolean
+--ro local-discriminator? discriminator
+--ro remote-discriminator? discriminator
+--ro remote-multiplier? multiplier
+--ro demand-capability? boolean {demand-mode}?
+--ro source-port? inet:port-number
+--ro dest-port? inet:port-number
+--ro session-running
| +--ro session-index? uint32
| +--ro local-state? state
| +--ro remote-state? state
| +--ro local-diagnostic?
| | iana-bfd-types:diagnostic
| +--ro remote-diagnostic?
| | iana-bfd-types:diagnostic
| +--ro remote-authenticated? boolean
| +--ro remote-authentication-type?
| | iana-bfd-types:auth-type {authentication}?
| +--ro detection-mode? enumeration
| +--ro negotiated-tx-interval? uint32
| +--ro negotiated-rx-interval? uint32
| +--ro detection-time? uint32
| +--ro echo-tx-interval-in-use? uint32
| {echo-mode}?
+--ro session-statistics
+--ro create-time?
| yang:date-and-time
+--ro last-down-time?
| yang:date-and-time
+--ro last-up-time?
| yang:date-and-time
+--ro down-count?
| yang:counter32
+--ro admin-down-count?
| yang:counter32
+--ro receive-packet-count?
| yang:counter64
+--ro send-packet-count?
| yang:counter64
+--ro receive-invalid-packet-count?
| yang:counter64
+--ro send-failed-packet-count?
yang:counter64
notifications:
+---n multihop-notification
+--ro local-discr? discriminator
+--ro remote-discr? discriminator
+--ro new-state? state
+--ro state-change-reason? iana-bfd-types:diagnostic
+--ro time-of-last-state-change? yang:date-and-time
+--ro dest-addr? inet:ip-address
+--ro source-addr? inet:ip-address
+--ro session-index? uint32
+--ro path-type? identityref
BFD-over-LAG HierarchyA "lag" node is added under the "bfd" node in
"control-plane-protocol". The configuration data and operational state data
for each BFD LAG session are under this "lag" node.
module: ietf-bfd-lag
augment /rt:routing/rt:control-plane-protocols
/rt:control-plane-protocol/bfd:bfd:
+--rw lag
+--rw micro-bfd-ipv4-session-statistics
| +--ro summary
| +--ro number-of-sessions? yang:gauge32
| +--ro number-of-sessions-up? yang:gauge32
| +--ro number-of-sessions-down? yang:gauge32
| +--ro number-of-sessions-admin-down? yang:gauge32
+--rw micro-bfd-ipv6-session-statistics
| +--ro summary
| +--ro number-of-sessions? yang:gauge32
| +--ro number-of-sessions-up? yang:gauge32
| +--ro number-of-sessions-down? yang:gauge32
| +--ro number-of-sessions-admin-down? yang:gauge32
+--rw sessions
+--rw session* [lag-name]
+--rw lag-name if:interface-ref
+--rw ipv4-dest-addr?
| inet:ipv4-address
+--rw ipv6-dest-addr?
| inet:ipv6-address
+--rw local-multiplier? multiplier
+--rw (interval-config-type)?
| +--:(tx-rx-intervals)
| | +--rw desired-min-tx-interval? uint32
| | +--rw required-min-rx-interval? uint32
| +--:(single-interval) {single-minimum-interval}?
| +--rw min-interval? uint32
+--rw demand-enabled? boolean
| {demand-mode}?
+--rw admin-down? boolean
+--rw authentication! {authentication}?
| +--rw key-chain? key-chain:key-chain-ref
| +--rw meticulous? boolean
+--rw use-ipv4? boolean
+--rw use-ipv6? boolean
+--ro member-links* [member-link]
+--ro member-link if:interface-ref
+--ro micro-bfd-ipv4
| +--ro path-type? identityref
| +--ro ip-encapsulation? boolean
| +--ro local-discriminator? discriminator
| +--ro remote-discriminator? discriminator
| +--ro remote-multiplier? multiplier
| +--ro demand-capability? boolean
| | {demand-mode}?
| +--ro source-port? inet:port-number
| +--ro dest-port? inet:port-number
| +--ro session-running
| | +--ro session-index? uint32
| | +--ro local-state? state
| | +--ro remote-state? state
| | +--ro local-diagnostic?
| | | iana-bfd-types:diagnostic
| | +--ro remote-diagnostic?
| | | iana-bfd-types:diagnostic
| | +--ro remote-authenticated? boolean
| | +--ro remote-authentication-type?
| | | iana-bfd-types:auth-type
| | | {authentication}?
| | +--ro detection-mode? enumeration
| | +--ro negotiated-tx-interval? uint32
| | +--ro negotiated-rx-interval? uint32
| | +--ro detection-time? uint32
| | +--ro echo-tx-interval-in-use? uint32
| | {echo-mode}?
| +--ro session-statistics
| +--ro create-time?
| | yang:date-and-time
| +--ro last-down-time?
| | yang:date-and-time
| +--ro last-up-time?
| | yang:date-and-time
| +--ro down-count?
| | yang:counter32
| +--ro admin-down-count?
| | yang:counter32
| +--ro receive-packet-count?
| | yang:counter64
| +--ro send-packet-count?
| | yang:counter64
| +--ro receive-invalid-packet-count?
| | yang:counter64
| +--ro send-failed-packet-count?
| yang:counter64
+--ro micro-bfd-ipv6
+--ro path-type? identityref
+--ro ip-encapsulation? boolean
+--ro local-discriminator? discriminator
+--ro remote-discriminator? discriminator
+--ro remote-multiplier? multiplier
+--ro demand-capability? boolean
| {demand-mode}?
+--ro source-port? inet:port-number
+--ro dest-port? inet:port-number
+--ro session-running
| +--ro session-index? uint32
| +--ro local-state? state
| +--ro remote-state? state
| +--ro local-diagnostic?
| | iana-bfd-types:diagnostic
| +--ro remote-diagnostic?
| | iana-bfd-types:diagnostic
| +--ro remote-authenticated? boolean
| +--ro remote-authentication-type?
| | iana-bfd-types:auth-type
| | {authentication}?
| +--ro detection-mode? enumeration
| +--ro negotiated-tx-interval? uint32
| +--ro negotiated-rx-interval? uint32
| +--ro detection-time? uint32
| +--ro echo-tx-interval-in-use? uint32
| {echo-mode}?
+--ro session-statistics
+--ro create-time?
| yang:date-and-time
+--ro last-down-time?
| yang:date-and-time
+--ro last-up-time?
| yang:date-and-time
+--ro down-count?
| yang:counter32
+--ro admin-down-count?
| yang:counter32
+--ro receive-packet-count?
| yang:counter64
+--ro send-packet-count?
| yang:counter64
+--ro receive-invalid-packet-count?
| yang:counter64
+--ro send-failed-packet-count?
yang:counter64
notifications:
+---n lag-notification
+--ro local-discr? discriminator
+--ro remote-discr? discriminator
+--ro new-state? state
+--ro state-change-reason? iana-bfd-types:diagnostic
+--ro time-of-last-state-change? yang:date-and-time
+--ro dest-addr? inet:ip-address
+--ro source-addr? inet:ip-address
+--ro session-index? uint32
+--ro path-type? identityref
+--ro lag-name? if:interface-ref
+--ro member-link? if:interface-ref
BFD-over-MPLS-LSPs HierarchyAn "mpls" node is added under the "bfd" node in
"control-plane-protocol". The configuration is per MPLS FEC under this
"mpls" node. In the operational state model, we support multiple BFD
sessions per MPLS FEC (ECMP); the local discriminator is used as the key.
The "mpls" node can be used in a network device (top level) or can be
mounted in an LNE or network instance.
module: ietf-bfd-mpls
augment /rt:routing/rt:control-plane-protocols
/rt:control-plane-protocol/bfd:bfd:
+--rw mpls
+--ro summary
| +--ro number-of-sessions? yang:gauge32
| +--ro number-of-sessions-up? yang:gauge32
| +--ro number-of-sessions-down? yang:gauge32
| +--ro number-of-sessions-admin-down? yang:gauge32
+--rw egress
| +--rw enabled? boolean
| +--rw local-multiplier? multiplier
| +--rw (interval-config-type)?
| | +--:(tx-rx-intervals)
| | | +--rw desired-min-tx-interval? uint32
| | | +--rw required-min-rx-interval? uint32
| | +--:(single-interval) {single-minimum-interval}?
| | +--rw min-interval? uint32
| +--rw authentication! {authentication}?
| +--rw key-chain? key-chain:key-chain-ref
| +--rw meticulous? boolean
+--rw session-groups
+--rw session-group* [mpls-fec]
+--rw mpls-fec inet:ip-prefix
+--rw local-multiplier? multiplier
+--rw (interval-config-type)?
| +--:(tx-rx-intervals)
| | +--rw desired-min-tx-interval? uint32
| | +--rw required-min-rx-interval? uint32
| +--:(single-interval) {single-minimum-interval}?
| +--rw min-interval? uint32
+--rw demand-enabled? boolean
| {demand-mode}?
+--rw admin-down? boolean
+--rw authentication! {authentication}?
| +--rw key-chain? key-chain:key-chain-ref
| +--rw meticulous? boolean
+--ro sessions* []
+--ro path-type? identityref
+--ro ip-encapsulation? boolean
+--ro local-discriminator? discriminator
+--ro remote-discriminator? discriminator
+--ro remote-multiplier? multiplier
+--ro demand-capability? boolean {demand-mode}?
+--ro source-port? inet:port-number
+--ro dest-port? inet:port-number
+--ro session-running
| +--ro session-index? uint32
| +--ro local-state? state
| +--ro remote-state? state
| +--ro local-diagnostic?
| | iana-bfd-types:diagnostic
| +--ro remote-diagnostic?
| | iana-bfd-types:diagnostic
| +--ro remote-authenticated? boolean
| +--ro remote-authentication-type?
| | iana-bfd-types:auth-type {authentication}?
| +--ro detection-mode? enumeration
| +--ro negotiated-tx-interval? uint32
| +--ro negotiated-rx-interval? uint32
| +--ro detection-time? uint32
| +--ro echo-tx-interval-in-use? uint32
| {echo-mode}?
+--ro session-statistics
| +--ro create-time?
| | yang:date-and-time
| +--ro last-down-time?
| | yang:date-and-time
| +--ro last-up-time?
| | yang:date-and-time
| +--ro down-count?
| | yang:counter32
| +--ro admin-down-count?
| | yang:counter32
| +--ro receive-packet-count?
| | yang:counter64
| +--ro send-packet-count?
| | yang:counter64
| +--ro receive-invalid-packet-count?
| | yang:counter64
| +--ro send-failed-packet-count?
| yang:counter64
+--ro mpls-dest-address? inet:ip-address
notifications:
+---n mpls-notification
+--ro local-discr? discriminator
+--ro remote-discr? discriminator
+--ro new-state? state
+--ro state-change-reason? iana-bfd-types:diagnostic
+--ro time-of-last-state-change? yang:date-and-time
+--ro dest-addr? inet:ip-address
+--ro source-addr? inet:ip-address
+--ro session-index? uint32
+--ro path-type? identityref
+--ro mpls-dest-address? inet:ip-address
Interaction with other YANG Modules"Generic YANG Data Model for the Management
of Operations, Administration, and Maintenance (OAM) Protocols That
Use Connectionless Communications" describes how the
Layer-Independent OAM Management in the Multi-Layer Environment (LIME)
connectionless OAM model could be extended to support BFD.Also, the operation of the BFD data model depends on configuration
parameters that are defined in other YANG modules."ietf-interfaces" ModuleThe following boolean configuration is defined in "A YANG Data Model for Interface Management":
/if:interfaces/if:interface/if:enabled
If this configuration is set to "false", no BFD packets can be
transmitted or received on that interface.
"ietf-ip" ModuleThe following boolean configuration is defined in "A YANG Data Model for IP Management":
/if:interfaces/if:interface/ip:ipv4/ip:enabled
If this configuration is set to "false", no BFD IPv4 packets
can be transmitted or received on that interface.
/if:interfaces/if:interface/ip:ipv4/ip:forwarding
If this configuration is set to "false", no BFD IPv4 packets
can be transmitted or received on that interface.
/if:interfaces/if:interface/ip:ipv6/ip:enabled
If this configuration is set to "false", no BFD IPv6 packets
can be transmitted or received on that interface.
/if:interfaces/if:interface/ip:ipv6/ip:forwarding
If this configuration is set to "false", no BFD IPv6 packets
can be transmitted or received on that interface.
"ietf-mpls" ModuleThe following boolean configuration is defined in "A YANG Data Model for MPLS Base":
If this configuration is set to "false", no BFD MPLS packets
can be transmitted or received on that interface.
BFD Types YANG ModuleThis YANG module imports typedefs from and .
It also imports definitions from
, ,
, , and
, as well as the
"control-plane-protocol" identity from
.
BFD Top-Level YANG ModuleThis YANG module imports and augments
"/routing/control-plane-protocols/control-plane-protocol" from . It also references
.BFD IP Single-Hop YANG ModuleThis YANG module imports "interface-ref" from and typedefs from . It also imports and augments
"/routing/control-plane-protocols/control-plane-protocol" from , and it references
.BFD IP Multihop YANG ModuleThis YANG module imports typedefs from
. It also imports and augments
"/routing/control-plane-protocols/control-plane-protocol" from , and it references
.BFD-over-LAG YANG ModuleThis YANG module imports "interface-ref" from and typedefs from . It also imports and augments
"/routing/control-plane-protocols/control-plane-protocol" from . Additionally, it references
.BFD-over-MPLS YANG ModuleThis YANG module imports typedefs from . It also imports and augments
"/routing/control-plane-protocols/control-plane-protocol" from .
Additionally, it references and
.Data Model ExamplesThis section presents some simple and illustrative examples of how to
configure BFD.The examples are represented in XML .IP Single-HopThe following is an example configuration for a BFD IP single-hop
session. The desired transmit interval and the required receive
interval are both set to 10 ms.
<?xml version="1.0" encoding="UTF-8"?>
<config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces">
<interface>
<name>eth0</name>
<type xmlns:ianaift="urn:ietf:params:xml:ns:yang:iana-if-type">
ianaift:ethernetCsmacd
</type>
</interface>
</interfaces>
<routing xmlns="urn:ietf:params:xml:ns:yang:ietf-routing">
<control-plane-protocols>
<control-plane-protocol>
<type xmlns:bfd-types=
"urn:ietf:params:xml:ns:yang:ietf-bfd-types">
bfd-types:bfdv1
</type>
<name>name:BFD</name>
<bfd xmlns="urn:ietf:params:xml:ns:yang:ietf-bfd">
<ip-sh xmlns="urn:ietf:params:xml:ns:yang:ietf-bfd-ip-sh">
<sessions>
<session>
<interface>eth0</interface>
<dest-addr>2001:db8:0:113::101</dest-addr>
<desired-min-tx-interval>
10000
</desired-min-tx-interval>
<required-min-rx-interval>
10000
</required-min-rx-interval>
</session>
</sessions>
</ip-sh>
</bfd>
</control-plane-protocol>
</control-plane-protocols>
</routing>
</config>
IP MultihopThe following is an example configuration for a BFD IP multihop
session group. The desired transmit interval and the required receive
interval are both set to 150 ms.
<?xml version="1.0" encoding="UTF-8"?>
<config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<routing xmlns="urn:ietf:params:xml:ns:yang:ietf-routing">
<control-plane-protocols>
<control-plane-protocol>
<type xmlns:bfd-types=
"urn:ietf:params:xml:ns:yang:ietf-bfd-types">
bfd-types:bfdv1
</type>
<name>name:BFD</name>
<bfd xmlns="urn:ietf:params:xml:ns:yang:ietf-bfd">
<ip-mh xmlns="urn:ietf:params:xml:ns:yang:ietf-bfd-ip-mh">
<session-groups>
<session-group>
<source-addr>2001:db8:0:113::103</source-addr>
<dest-addr>2001:db8:0:114::100</dest-addr>
<desired-min-tx-interval>
150000
</desired-min-tx-interval>
<required-min-rx-interval>
150000
</required-min-rx-interval>
<rx-ttl>240</rx-ttl>
</session-group>
</session-groups>
</ip-mh>
</bfd>
</control-plane-protocol>
</control-plane-protocols>
</routing>
</config>
LAGThe following is an example of BFD configuration for a LAG session.
In this case, an interface named "Bundle-Ether1" of interface type
"ieee8023adLag" has a desired transmit interval and required receive interval
set to 10 ms.
<?xml version="1.0" encoding="UTF-8"?>
<config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces">
<interface>
<name>Bundle-Ether1</name>
<type xmlns:ianaift="urn:ietf:params:xml:ns:yang:iana-if-type">
ianaift:ieee8023adLag
</type>
</interface>
</interfaces>
<routing xmlns="urn:ietf:params:xml:ns:yang:ietf-routing">
<control-plane-protocols>
<control-plane-protocol>
<type xmlns:bfd-types=
"urn:ietf:params:xml:ns:yang:ietf-bfd-types">
bfd-types:bfdv1
</type>
<name>name:BFD</name>
<bfd xmlns="urn:ietf:params:xml:ns:yang:ietf-bfd">
<lag xmlns="urn:ietf:params:xml:ns:yang:ietf-bfd-lag">
<sessions>
<session>
<lag-name>Bundle-Ether1</lag-name>
<ipv6-dest-addr>2001:db8:112::16</ipv6-dest-addr>
<desired-min-tx-interval>
100000
</desired-min-tx-interval>
<required-min-rx-interval>
100000
</required-min-rx-interval>
<use-ipv6>true</use-ipv6>
</session>
</sessions>
</lag>
</bfd>
</control-plane-protocol>
</control-plane-protocols>
</routing>
</config>
MPLSThe following is an example of BFD configured for an MPLS LSP. In
this case, the desired transmit interval and required receive interval
are both set to 250 ms.
<?xml version="1.0" encoding="UTF-8"?>
<config xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<routing xmlns="urn:ietf:params:xml:ns:yang:ietf-routing">
<control-plane-protocols>
<control-plane-protocol>
<type xmlns:bfd-types=
"urn:ietf:params:xml:ns:yang:ietf-bfd-types">
bfd-types:bfdv1
</type>
<name>name:BFD</name>
<bfd xmlns="urn:ietf:params:xml:ns:yang:ietf-bfd">
<mpls xmlns="urn:ietf:params:xml:ns:yang:ietf-bfd-mpls">
<session-groups>
<session-group>
<mpls-fec>2001:db8:114::/116</mpls-fec>
<desired-min-tx-interval>
250000
</desired-min-tx-interval>
<required-min-rx-interval>
250000
</required-min-rx-interval>
</session-group>
</session-groups>
</mpls>
</bfd>
</control-plane-protocol>
</control-plane-protocols>
</routing>
</config>
Security ConsiderationsThe YANG modules specified in this document define a schema for data
that is designed to be accessed via network management protocols such
as NETCONF or RESTCONF .
The lowest NETCONF layer is the secure transport layer, and the
mandatory-to-implement secure transport is Secure Shell (SSH)
. The lowest RESTCONF layer is HTTPS, and the
mandatory-to-implement secure transport is TLS .The Network Configuration Access Control Model (NACM)
provides the means to restrict access for particular NETCONF or RESTCONF users
to a preconfigured subset of all available NETCONF or RESTCONF protocol
operations and content.There are a number of data nodes defined in these YANG modules that are
writable/creatable/deletable (i.e., config true, which is the default). These
data nodes may be considered sensitive or vulnerable in some network
environments. Write operations (e.g., edit-config) to these data nodes without
proper protection can have a negative effect on network operations. These are
the subtrees and data nodes and their sensitivity/vulnerability from a write access perspective:
This list specifies the IP single-hop BFD sessions.Data nodes "local-multiplier", "desired-min-tx-interval",
"required-min-rx-interval", and "min-interval" all impact the
BFD IP single-hop session. The "source-addr" and "dest-addr" data nodes can be used to
send BFD packets to unwitting recipients. describes how BFD mitigates such
threats. Authentication data nodes "key-chain" and "meticulous" impact the
security of the BFD IP single-hop session.
This list specifies the IP multihop BFD session groups.Data nodes "local-multiplier", "desired-min-tx-interval",
"required-min-rx-interval", and "min-interval" all impact the
BFD IP multihop session. The "source-addr" and "dest-addr" data nodes can be used to
send BFD packets to unwitting recipients. describes how BFD mitigates such
threats. Authentication data nodes "key-chain" and "meticulous" impact the
security of the BFD IP multihop session.
This list specifies the BFD sessions over a LAG.Data nodes "local-multiplier", "desired-min-tx-interval",
"required-min-rx-interval", and "min-interval" all impact the BFD-over-LAG
session. The "ipv4-dest-addr" and "ipv6-dest-addr" data nodes can be used to
send BFD packets to unwitting recipients. describes how BFD mitigates such
threats. Authentication data nodes "key-chain" and "meticulous" impact the
security of the BFD-over-LAG session.
This list specifies the session groups for BFD over MPLS.Data nodes "local-multiplier", "desired-min-tx-interval",
"required-min-rx-interval", and "min-interval" all impact the
BFD-over-MPLS-LSPs session. Authentication data nodes "key-chain" and "meticulous" impact
the security of the BFD-over-MPLS-LSPs session.
Data nodes "local-multiplier", "desired-min-tx-interval",
"required-min-rx-interval", and "min-interval" all impact the
BFD-over-MPLS-LSPs sessions for which this device is an MPLS LSP egress
node. Authentication data nodes "key-chain" and "meticulous" impact the
security of the BFD-over-MPLS-LSPs sessions for which this device is an
MPLS LSP egress node.
The YANG modules have writable data nodes that can be used for the
creation of BFD sessions and the modification of BFD session parameters. The
system should "police" the creation of BFD sessions to prevent new sessions
from causing existing BFD sessions to fail. In the case of BFD session
modification, the BFD protocol has mechanisms in place that allow for
in-service modification.When BFD clients are used to modify BFD configuration (as described
in ), the BFD clients need to
be included in an analysis of the security properties of the system that
uses BFD (e.g., when considering the authentication and authorization of
control actions). In many cases, BFD is not the most vulnerable portion
of such a composite system, since BFD is limited to generating
well-defined traffic at a fixed rate on a given path; in the case of an
IGP acting as a BFD client, attacking the IGP could cause more broad-scale
disruption than would (de)configuring a BFD session.Some of the readable data nodes in these YANG modules may be considered
sensitive or vulnerable in some network environments. It is thus
important to control read access (e.g., via get, get-config, or
notification) to these data nodes. These are the subtrees and data nodes
and their sensitivity/vulnerability from a read access perspective:
Access to this information discloses the number of BFD IP single-hop
sessions that are in the "up", "down", or "admin-down" state. The counters include BFD
sessions for which the user does not have read access.
Access to data nodes "local-discriminator" and "remote-discriminator"
(combined with the data nodes in the authentication container) provides the
ability to spoof BFD IP single-hop packets.
Access to this information discloses the number of BFD IP multihop
sessions that are in the "up", "down", or "admin-down" state. The counters include BFD
sessions for which the user does not have read access.
Access to data nodes "local-discriminator" and "remote-discriminator"
(combined with the data nodes in the session group's authentication container) provides the
ability to spoof BFD IP multihop packets.
Access to this information discloses the number of micro-BFD IPv4 LAG
sessions that are in the "up", "down", or "admin-down" state. The counters include BFD
sessions for which the user does not have read access.
Access to data nodes "local-discriminator" and "remote-discriminator"
(combined with the data nodes in the session's authentication container) provides the
ability to spoof BFD IPv4 LAG packets.
Access to this information discloses the number of micro-BFD IPv6 LAG
sessions that are in the "up", "down", or "admin-down" state. The counters include BFD
sessions for which the user does not have read access.
Access to data nodes "local-discriminator" and "remote-discriminator"
(combined with the data nodes in the session's authentication container) provides the
ability to spoof BFD IPv6 LAG packets.
Access to this information discloses the number of BFD sessions over
MPLS LSPs that are in the "up", "down", or "admin-down" state. The counters include BFD
sessions for which the user does not have read access.
Access to data nodes "local-discriminator" and "remote-discriminator"
(combined with the data nodes in the session group's authentication container) provides the
ability to spoof BFD-over-MPLS-LSPs packets.
This document does not define any RPC operations.IANA ConsiderationsThis document registers the following namespace URIs in the IETF XML in the "IETF XML Registry" :
URI:
urn:ietf:params:xml:ns:yang:ietf-bfd-types
Registrant Contact:
The IESG.
XML:
N/A; the requested URI is an XML namespace.
URI:
urn:ietf:params:xml:ns:yang:ietf-bfd
Registrant Contact:
The IESG.
XML:
N/A; the requested URI is an XML namespace.
URI:
urn:ietf:params:xml:ns:yang:ietf-bfd-ip-sh
Registrant Contact:
The IESG.
XML:
N/A; the requested URI is an XML namespace.
URI:
urn:ietf:params:xml:ns:yang:ietf-bfd-ip-mh
Registrant Contact:
The IESG.
XML:
N/A; the requested URI is an XML namespace.
URI:
urn:ietf:params:xml:ns:yang:ietf-bfd-lag
Registrant Contact:
The IESG.
XML:
N/A; the requested URI is an XML namespace.
URI:
urn:ietf:params:xml:ns:yang:ietf-bfd-mpls
Registrant Contact:
The IESG.
XML:
N/A; the requested URI is an XML namespace.
This document registers the following YANG modules in the "YANG Module Names"
registry :
Name:
ietf-bfd-types
Namespace:
urn:ietf:params:xml:ns:yang:ietf-bfd-types
Prefix:
bfd-types
Reference:
RFC XXXX
Name:
ietf-bfd
Namespace:
urn:ietf:params:xml:ns:yang:ietf-bfd
Prefix:
bfd
Reference:
RFC XXXX
Name:
ietf-bfd-ip-sh
Namespace:
urn:ietf:params:xml:ns:yang:ietf-bfd-ip-sh
Prefix:
bfd-ip-sh
Reference:
RFC XXXX
Name:
ietf-bfd-ip-mh
Namespace:
urn:ietf:params:xml:ns:yang:ietf-bfd-ip-mh
Prefix:
bfd-ip-mh
Reference:
RFC XXXX
Name:
ietf-bfd-lag
Namespace:
urn:ietf:params:xml:ns:yang:ietf-bfd-lag
Prefix:
bfd-lag
Reference:
RFC XXXX
Name:
ietf-bfd-mpls
Namespace:
urn:ietf:params:xml:ns:yang:ietf-bfd-mpls
Prefix:
bfd-mpls
Reference:
RFC XXXX
ReferencesNormative ReferencesThe IETF XML RegistryThis document describes an IANA maintained registry for IETF standards which use Extensible Markup Language (XML) related items such as Namespaces, Document Type Declarations (DTDs), Schemas, and Resource Description Framework (RDF) Schemas.MPLS Generic Associated ChannelThis document generalizes the applicability of the pseudowire (PW) Associated Channel Header (ACH), enabling the realization of a control channel associated to MPLS Label Switched Paths (LSPs) and MPLS Sections in addition to MPLS pseudowires. In order to identify the presence of this Associated Channel Header in the label stack, this document also assigns one of the reserved MPLS label values to the Generic Associated Channel Label (GAL), to be used as a label based exception mechanism.Bidirectional Forwarding Detection (BFD)This document describes a protocol intended to detect faults in the bidirectional path between two forwarding engines, including interfaces, data link(s), and to the extent possible the forwarding engines themselves, with potentially very low latency. It operates independently of media, data protocols, and routing protocols. [STANDARDS-TRACK]Bidirectional Forwarding Detection (BFD) for IPv4 and IPv6 (Single Hop)This document describes the use of the Bidirectional Forwarding Detection (BFD) protocol over IPv4 and IPv6 for single IP hops. [STANDARDS-TRACK]Generic Application of Bidirectional Forwarding Detection (BFD)This document describes the generic application of the Bidirectional Forwarding Detection (BFD) protocol. [STANDARDS-TRACK]Bidirectional Forwarding Detection (BFD) for Multihop PathsThis document describes the use of the Bidirectional Forwarding Detection (BFD) protocol over multihop paths, including unidirectional links. [STANDARDS-TRACK]Bidirectional Forwarding Detection (BFD) for MPLS Label Switched Paths (LSPs)One desirable application of Bidirectional Forwarding Detection (BFD) is to detect a Multiprotocol Label Switching (MPLS) Label Switched Path (LSP) data plane failure. LSP Ping is an existing mechanism for detecting MPLS data plane failures and for verifying the MPLS LSP data plane against the control plane. BFD can be used for the former, but not for the latter. However, the control plane processing required for BFD Control packets is relatively smaller than the processing required for LSP Ping messages. A combination of LSP Ping and BFD can be used to provide faster data plane failure detection and/or make it possible to provide such detection on a greater number of LSPs. This document describes the applicability of BFD in relation to LSP Ping for this application. It also describes procedures for using BFD in this environment. [STANDARDS-TRACK]Bidirectional Forwarding Detection (BFD) for the Pseudowire Virtual Circuit Connectivity Verification (VCCV)This document describes Connectivity Verification (CV) Types using Bidirectional Forwarding Detection (BFD) with Virtual Circuit Connectivity Verification (VCCV). VCCV provides a control channel that is associated with a pseudowire (PW), as well as the corresponding operations and management functions such as connectivity verification to be used over that control channel. [STANDARDS-TRACK]YANG - A Data Modeling Language for the Network Configuration Protocol (NETCONF)YANG is a data modeling language used to model configuration and state data manipulated by the Network Configuration Protocol (NETCONF), NETCONF remote procedure calls, and NETCONF notifications. [STANDARDS-TRACK]Network Configuration Protocol (NETCONF)The Network Configuration Protocol (NETCONF) defined in this document provides mechanisms to install, manipulate, and delete the configuration of network devices. It uses an Extensible Markup Language (XML)-based data encoding for the configuration data as well as the protocol messages. The NETCONF protocol operations are realized as remote procedure calls (RPCs). This document obsoletes RFC 4741. [STANDARDS-TRACK]Using the NETCONF Protocol over Secure Shell (SSH)This document describes a method for invoking and running the Network Configuration Protocol (NETCONF) within a Secure Shell (SSH) session as an SSH subsystem. This document obsoletes RFC 4742. [STANDARDS-TRACK]Common YANG Data TypesThis document introduces a collection of common data types to be used with the YANG data modeling language. This document obsoletes RFC 6021.Bidirectional Forwarding Detection (BFD) on Link Aggregation Group (LAG) InterfacesThis document defines a mechanism to run Bidirectional Forwarding Detection (BFD) on Link Aggregation Group (LAG) interfaces. It does so by running an independent Asynchronous mode BFD session on every LAG member link.This mechanism allows the verification of member link continuity, either in combination with, or in absence of, Link Aggregation Control Protocol (LACP). It provides a shorter detection time than what LACP offers. The continuity check can also cover elements of Layer 3 (L3) bidirectional forwarding.RESTCONF ProtocolThis document describes an HTTP-based protocol that provides a programmatic interface for accessing data defined in YANG, using the datastore concepts defined in the Network Configuration Protocol (NETCONF).YANG Data Model for Key ChainsThis document describes the key chain YANG data model. Key chains are commonly used for routing protocol authentication and other applications requiring symmetric keys. A key chain is a list containing one or more elements containing a Key ID, key string, send/accept lifetimes, and the associated authentication or encryption algorithm. By properly overlapping the send and accept lifetimes of multiple key chain elements, key strings and algorithms may be gracefully updated. By representing them in a YANG data model, key distribution can be automated.YANG Tree DiagramsThis document captures the current syntax used in YANG module tree diagrams. The purpose of this document is to provide a single location for this definition. This syntax may be updated from time to time based on the evolution of the YANG language.Network Configuration Access Control ModelThe standardization of network configuration interfaces for use with the Network Configuration Protocol (NETCONF) or the RESTCONF protocol requires a structured and secure operating environment that promotes human usability and multi-vendor interoperability. There is a need for standard mechanisms to restrict NETCONF or RESTCONF protocol access for particular users to a preconfigured subset of all available NETCONF or RESTCONF protocol operations and content. This document defines such an access control model.This document obsoletes RFC 6536.A YANG Data Model for Interface ManagementThis document defines a YANG data model for the management of network interfaces. It is expected that interface-type-specific data models augment the generic interfaces data model defined in this document. The data model includes definitions for configuration and system state (status information and counters for the collection of statistics).The YANG data model in this document conforms to the Network Management Datastore Architecture (NMDA) defined in RFC 8342.This document obsoletes RFC 7223.A YANG Data Model for IP ManagementThis document defines a YANG data model for management of IP implementations. The data model includes configuration and system state.The YANG data model in this document conforms to the Network Management Datastore Architecture defined in RFC 8342.This document obsoletes RFC 7277.A YANG Data Model for Routing Management (NMDA Version)This document specifies three YANG modules and one submodule. Together, they form the core routing data model that serves as a framework for configuring and managing a routing subsystem. It is expected that these modules will be augmented by additional YANG modules defining data models for control-plane protocols, route filters, and other functions. The core routing data model provides common building blocks for such extensions -- routes, Routing Information Bases (RIBs), and control-plane protocols.The YANG modules in this document conform to the Network Management Datastore Architecture (NMDA). This document obsoletes RFC 8022.The Transport Layer Security (TLS) Protocol Version 1.3This document specifies version 1.3 of the Transport Layer Security (TLS) protocol. TLS allows client/server applications to communicate over the Internet in a way that is designed to prevent eavesdropping, tampering, and message forgery.This document updates RFCs 5705 and 6066, and obsoletes RFCs 5077, 5246, and 6961. This document also specifies new requirements for TLS 1.2 implementations.A YANG Data Model for MPLS BaseThis document contains a specification of the MPLS base YANG data model. The MPLS base YANG data model serves as a base framework for configuring and managing an MPLS switching subsystem on an MPLS-enabled router. It is expected that other MPLS YANG data models (e.g., MPLS Label Switched Path (LSP) static, LDP, or RSVP-TE YANG data models) will augment the MPLS base YANG data model.Informative ReferencesMultiprotocol Label Switching ArchitectureThis document specifies the architecture for Multiprotocol Label Switching (MPLS). [STANDARDS-TRACK]Network Management Datastore Architecture (NMDA)Datastores are a fundamental concept binding the data models written in the YANG data modeling language to network management protocols such as the Network Configuration Protocol (NETCONF) and RESTCONF. This document defines an architectural framework for datastores based on the experience gained with the initial simpler model, addressing requirements that were not well supported in the initial model. This document updates RFC 7950.YANG Data Model for Network InstancesThis document defines a network instance module. This module can be used to manage the virtual resource partitioning that may be present on a network device. Examples of common industry terms for virtual resource partitioning are VPN Routing and Forwarding (VRF) instances and Virtual Switch Instances (VSIs).The YANG data model in this document conforms to the Network Management Datastore Architecture (NMDA) defined in RFC 8342.YANG Model for Logical Network ElementsThis document defines a logical network element (LNE) YANG module that is compliant with the Network Management Datastore Architecture (NMDA). This module can be used to manage the logical resource partitioning that may be present on a network device. Examples of common industry terms for logical resource partitioning are logical systems or logical routers. The YANG model in this document conforms with NMDA as defined in RFC 8342.Generic YANG Data Model for the Management of Operations, Administration, and Maintenance (OAM) Protocols That Use Connectionless CommunicationsThis document presents a base YANG Data model for the management of Operations, Administration, and Maintenance (OAM) protocols that use connectionless communications. The data model is defined using the YANG data modeling language, as specified in RFC 7950. It provides a technology-independent abstraction of key OAM constructs for OAM protocols that use connectionless communication. The base model presented here can be extended to include technology-specific details.There are two key benefits of this approach: First, it leads to uniformity between OAM protocols. Second, it supports both nested OAM workflows (i.e., performing OAM functions at the same level or different levels through a unified interface) as well as interactive OAM workflows (i.e., performing OAM functions at the same level through a unified interface).Extensible Markup Language (XML) 1.0 (Fifth Edition)World Wide Web Consortium Recommendation REC-xml-20081126Echo Function Configuration ExampleAs mentioned in , the mechanism to start
and stop the Echo function, as defined in and discussed in
, is implementation specific. In this appendix, we
provide an example of how the Echo function can be implemented via
configuration.
module: example-bfd-echo
augment /rt:routing/rt:control-plane-protocols
/rt:control-plane-protocol/bfd:bfd/bfd-ip-sh:ip-sh
/bfd-ip-sh:sessions:
+--rw echo {bfd-types:echo-mode}?
+--rw desired-min-echo-tx-interval? uint32
+--rw required-min-echo-rx-interval? uint32
Example YANG Module for BFD Echo Function ConfigurationThis appendix provides an example YANG module for
configuration of the BFD Echo function. It imports and augments
"/routing/control-plane-protocols/control-plane-protocol" from
, and it references .
module example-bfd-echo {
namespace "tag:example.com,2021:example-bfd-echo";
prefix example-bfd-echo;
import ietf-bfd-types {
prefix bfd-types;
}
import ietf-bfd {
prefix bfd;
}
import ietf-bfd-ip-sh {
prefix bfd-ip-sh;
}
import ietf-routing {
prefix rt;
}
organization
"IETF BFD Working Group";
contact
"WG Web: <https://datatracker.ietf.org/wg/bfd/>
WG List: <mailto:rtg-bfd@ietf.org>
Editor: Reshad Rahman
<mailto:reshad@yahoo.com>
Editor: Lianshu Zheng
<mailto:veronique_cheng@hotmail.com>
Editor: Mahesh Jethanandani
<mailto:mjethanandani@gmail.com>";
description
"This module contains an example YANG augmentation for
configuration of the BFD Echo function.
Copyright (c) 2021 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject to
the license terms contained in, the Simplified BSD License set
forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(https://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC 9127; see the
RFC itself for full legal notices.";
revision 2021-09-03 {
description
"Initial revision.";
reference
"RFC 9127: YANG Data Model for Bidirectional Forwarding
Detection (BFD)";
}
/*
* Groupings
*/
grouping echo-cfg-parms {
description
"BFD grouping for Echo configuration parameters.";
leaf desired-min-echo-tx-interval {
type uint32;
units "microseconds";
default "0";
description
"This is the minimum interval that the local system would
like to use when transmitting BFD Echo packets. If 0,
the Echo function as defined in BFD (RFC 5880) is
disabled.";
}
leaf required-min-echo-rx-interval {
type uint32;
units "microseconds";
default "0";
description
"This is the Required Min Echo RX Interval as defined in BFD
(RFC 5880).";
}
}
augment "/rt:routing/rt:control-plane-protocols/"
+ "rt:control-plane-protocol/bfd:bfd/bfd-ip-sh:ip-sh/"
+ "bfd-ip-sh:sessions" {
description
"Augmentation for the BFD Echo function.";
container echo {
if-feature "bfd-types:echo-mode";
description
"BFD Echo function container.";
uses echo-cfg-parms;
}
}
}
AcknowledgmentsWe would like to thank and
for their encouragement on this work.
We would also like to thank for his
comments on the document. We would also like to thank
for his guidance. Thanks also to
, who was instrumental in improving the YANG
modules.Updates since RFC 9127This version of the draft updates the 'ietf-bfd-types' module
to define a new feature called 'client-base-cfg-parms and a
'if-feature' statement that conditionally includes definition
of parameters such as 'multiplier' or
'desired-min-tx-interval'. The feature statement allows
YANG implementations of protocol such as OSPF, ISIS, PIM
and BGP, to support both a model where such parameters are
not needed, such as when multiple BFD sessions are supported
over a given interface, as well as when they need to be
defined per session. As a result, the BFD MPLS module has to
use the base-cfg-parms instead of client-cfg-parms to be able
to include all the parameters unconditionally.
The
iana-bfd-types module, created in RFC 9127, was delegated to
IANA for maintenance. No changes are requested from IANA as
part of this update.