PIM Working Group H. Zhao Internet Draft Ericsson Intended status: Standards Track X. Liu Expires: March 2, 2019 Jabil Y. Liu Huawei M. Sivakumar Juniper A. Peter Individual September 3, 2018 A Yang Data Model for IGMP/MLD Proxy draft-zhao-pim-igmp-mld-proxy-yang-00.txt Abstract This document defines a YANG data model that can be used to configure and manage Internet Group Management Protocol (IGMP) or Multicast Listener Discovery (MLD) proxy devices. The YANG module in this document conforms to Network Management Datastore Architecture (NMDA). Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html Zhao & Liu, etc Expires March 2, 2019 [Page 1] Internet-Draft IGMP/MLD Proxy Yang Module September 3, 2018 This Internet-Draft will expire on March 2, 2019. Copyright Notice Copyright (c) 2018 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction...................................................3 1.1. Terminology...............................................3 1.2. Tree Diagrams.............................................3 2. Design of Data Model...........................................3 2.1. Overview..................................................4 2.2. Augment /if:interfaces/if:interface.......................4 2.3. Augment /rt:routing/rt:control-plane-protocols/rt:control- plane-protocol/igmp-mld:igmp...................................5 2.4. Augment /rt:routing/rt:control-plane-protocols/rt:control- plane-protocol/igmp-mld:mld....................................5 3. IGMP/MLD Proxy YANG Module.....................................6 4. Security Considerations.......................................13 5. IANA Considerations...........................................14 6. Normative References..........................................15 Authors' Addresses...............................................17 Zhao & Liu, etc Expires March 2, 2019 [Page 2] Internet-Draft IGMP/MLD Proxy Yang Module September 3, 2018 1. Introduction This document defines a YANG [RFC6020] data model for the management of Internet Group Management Protocol (IGMP) or Multicast Listener Discovery (MLD) proxy devices. The YANG module in this document conforms to the Network Management Datastore Architecture defined in [RFC8342]. The "Network Management Datastore Architecture" (NMDA) adds the ability to inspect the current operational values for configuration, allowing clients to use identical paths for retrieving the configured values and the operational values. 1.1. Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119]. The terminology for describing YANG data models is found in [RFC6020]. 1.2. Tree Diagrams A simplified graphical representation of the data model is used in this document. The meaning of the symbols in these diagrams is as follows: o Brackets "[" and "]" enclose list keys. o Abbreviations before data node names: "rw" means configuration (read-write), and "ro" means state data (read-only). o Symbols after data node names: "?" means an optional node, "!" means a presence container, and "*" denotes a list and leaf-list. o Parentheses enclose choice and case nodes, and case nodes are also marked with a colon (":"). o Ellipsis ("...") stands for contents of subtrees that are not shown. 2. Design of Data Model The model covers Considerations for Internet Group Management Protocol (IGMP) / Multicast Listener Discovery (MLD) - Based Multicast Forwarding ("IGMP/MLD Proxying") [RFC4605]. Zhao & Liu, etc Expires March 2, 2019 [Page 3] Internet-Draft IGMP/MLD Proxy Yang Module September 3, 2018 The goal of this document is to define a data model that provides a common user interface to IGMP/MLD proxy. This document provides freedom for vendors to adapt this data model to their product implementations. 2.1. Overview The IGMP/MLD proxy YANG module defined in this document has all the common building blocks for the IGMP/MLD proxy protocol. The YANG module augments /if:interfaces/if:interface to enable IGMP/MLD proxy and configure other related parameters. It also augments /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol/igmp- mld:igmp and /rt:routing/rt:control-plane-protocols/rt:control-plane- protocol/igmp-mld:mld to configure the global parameters and retrieve the IGMP/MLD proxy group information. This YANG module follows the Guidelines for YANG Module Authors (NMDA) [draft-dsdt-nmda-guidelines-01]. This NMDA ("Network Management Datastore Architecture") architecture provides an architectural framework for datastores as they are used by network management protocols such as NETCONF [RFC6241], RESTCONF [RFC8040] and the YANG [RFC7950] data modeling language. 2.2. Augment /if:interfaces/if:interface A proxy device performing IGMP/MLD-based forwarding has a single upstream interface and one or more downstream interfaces [RFC4605]. The YANG module augments /if:interfaces/if:interface and you can enable IGMP/MLD proxy on the upstream interface. module: ietf-igmp-mld-proxy augment /if:interfaces/if:interface: +--rw igmp-proxy | +--rw enable? boolean | +--rw require-router-alert? boolean {require-router-alert}? | +--rw query-interval? uint16 | +--rw robustness-variable? uint8 | +--rw version? uint8 +--rw mld-proxy +--rw enable? boolean +--rw require-router-alert? boolean {require-router-alert}? +--rw query-interval? uint16 +--rw robustness-variable? uint8 +--rw version? uint8 Zhao & Liu, etc Expires March 2, 2019 [Page 4] Internet-Draft IGMP/MLD Proxy Yang Module September 3, 2018 2.3. Augment /rt:routing/rt:control-plane-protocols/rt:control-plane- protocol/igmp-mld:igmp The YANG module augments /rt:routing/rt:control-plane- protocols/rt:control-plane-protocol/igmp-mld:igmp to configure source lifetime globally and retrieve the IGMP proxy group information for (S,G) or (*,G). module: ietf-igmp-mld-proxy augment /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol /igmp-mld:igmp: +--rw proxy +--rw source-lifetime? uint32 +--ro group* [group-address] +--ro group-address inet:ipv4-address +--ro up-time? uint32 +--ro filter-mode? enumeration +--ro source* [source-address] +--ro source-address inet:ipv4-address +--ro up-time? uint32 +--ro upstream-interface? if:interface-ref +--ro downstream-interface* if:interface-ref 2.4. Augment /rt:routing/rt:control-plane-protocols/rt:control-plane- protocol/igmp-mld:mld The YANG module augments /rt:routing/rt:control-plane- protocols/rt:control-plane-protocol/igmp-mld:mld to configure source lifetime globally and retrieve the MLD proxy group information for (S,G) or (*,G). module: ietf-igmp-mld-proxy augment /rt:routing/rt:control-plane-protocols/rt:control-plane-protocol/ igmp-mld:mld: +--rw proxy +--rw source-lifetime? uint32 +--ro group* [group-address] +--ro group-address inet:ipv6-address +--ro up-time? uint32 +--ro filter-mode? enumeration +--ro source* [source-address] +--ro source-address inet:ipv6-address +--ro up-time? uint32 +--ro upstream-interface? if:interface-ref +--ro downstream-interface* if:interface-ref Zhao & Liu, etc Expires March 2, 2019 [Page 5] Internet-Draft IGMP/MLD Proxy Yang Module September 3, 2018 3. IGMP/MLD Proxy YANG Module file ietf-igmp-mld-proxy@2018-08-29.yang module ietf-igmp-mld-proxy { yang-version 1.1; namespace "urn:ietf:params:xml:ns:yang:ietf-igmp-mld-proxy"; // replace with IANA namespace when assigned prefix imp; import ietf-inet-types { prefix inet; } import ietf-interfaces { prefix if; } import ietf-routing { prefix rt; } import ietf-igmp-mld { prefix igmp-mld; } organization "IETF PIM Working Group"; contact "WG Web: WG List: Editors: Hongji Zhao Xufeng Liu Yisong Liu Anish Peter Mahesh Sivakumar "; description "The module defines a collection of YANG definitions common for Zhao & Liu, etc Expires March 2, 2019 [Page 6] Internet-Draft IGMP/MLD Proxy Yang Module September 3, 2018 all Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Proxy devices. Copyright (c) 2018 IETF Trust and the persons identified as authors of the code. All rights reserved. Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Simplified BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info). This version of this YANG module is part of RFC XXXX; see the RFC itself for full legal notices."; revision 2018-08-29 { description "Initial revision."; reference "RFC XXXX: A YANG Data Model for IGMP and MLD Proxy"; } /* * Features */ feature require-router-alert { description "Support configuration of require-router-alert."; } /* * Groupings */ grouping per-interface-config-attributes { description "Config attributes under interface view"; leaf enable { type boolean; default false; description "Set the value to true to enable IGMP/MLD proxy"; } leaf require-router-alert { if-feature require-router-alert; Zhao & Liu, etc Expires March 2, 2019 [Page 7] Internet-Draft IGMP/MLD Proxy Yang Module September 3, 2018 type boolean; default false; description "When the value is true, router alert should exist in the IP head of IGMP or MLD packet."; } leaf query-interval { type uint16; units seconds; default 125; description "The Query Interval is the interval between General Queries sent by the Querier."; reference "RFC3376. Sec. 4.1.7, 8.2, 8.14.2."; } leaf robustness-variable { type uint8 { range "1..7"; } default 2; description "Querier's Robustness Variable allows tuning for the expected packet loss on a network."; reference "RFC3376. Sec. 4.1.6, 8.1, 8.14.1."; } } // per-interface-config-attributes grouping global-config-attributes { description "Config attributes globally"; leaf source-lifetime { type uint32; units seconds; description "The life time for (S,G)."; } } // global-config-attributes grouping state-group-attributes { description "State group attributes"; leaf up-time { type uint32; units seconds; description Zhao & Liu, etc Expires March 2, 2019 [Page 8] Internet-Draft IGMP/MLD Proxy Yang Module September 3, 2018 "The elapsed time for (S,G) or (*,G)."; } leaf filter-mode { type enumeration { enum "include" { description "In include mode, reception of packets sent to the specified multicast address is requested only from those IP source addresses listed in the source-list parameter"; } enum "exclude" { description "In exclude mode, reception of packets sent to the given multicast address is requested from all IP source addresses except those listed in the source-list parameter."; } } description "Filter mode for a multicast group, may be either include or exclude."; } } // state-group-attributes grouping up-down-stream-interfaces { description "upstream and downstream interfaces"; leaf upstream-interface { type if:interface-ref; description "Upstream interface"; } leaf-list downstream-interface { type if:interface-ref; description "Downstream interfaces for each upstream-interface"; } } // up-down-stream-interfaces /* augments */ augment "/if:interfaces/if:interface" { description "Augment interface for enable IGMP/MLD proxy which only fit for interface view."; Zhao & Liu, etc Expires March 2, 2019 [Page 9] Internet-Draft IGMP/MLD Proxy Yang Module September 3, 2018 container igmp-proxy { description "Configure igmp proxy under the upstream interface"; uses per-interface-config-attributes; leaf version { type uint8 { range "1..3"; } default 2; description "IGMP version."; } } // igmp-proxy container mld-proxy { description "Configure MLD proxy under the upstream interface"; uses per-interface-config-attributes; leaf version { type uint8 { range "1..2"; } default 1; description "MLD version."; } } // mld-proxy } augment "/rt:routing/rt:control-plane-protocols/" +"rt:control-plane-protocol/igmp-mld:igmp" { description "Augment IGMP to configure IGMP/MLD proxy globally"; container proxy { description "IGMP proxy"; uses global-config-attributes; list group { key "group-address"; config false; description "Multicast group membership information that joined on the interface."; leaf group-address { type inet:ipv4-address; Zhao & Liu, etc Expires March 2, 2019 [Page 10] Internet-Draft IGMP/MLD Proxy Yang Module September 3, 2018 description "Multicast group address."; } uses state-group-attributes; list source { key "source-address"; description "List of multicast source information of the multicast group."; leaf source-address { type inet:ipv4-address; description "Multicast source address"; } leaf up-time { type uint32; units seconds; description "The elapsed time for (S,G) or (*,G)."; } uses up-down-stream-interfaces; } // list source } // list group } } augment "/rt:routing/rt:control-plane-protocols/" +"rt:control-plane-protocol/igmp-mld:mld" { description "Augment MLD to configure IGMP/MLD proxy globally"; container proxy { description "MLD proxy"; uses global-config-attributes; list group { key "group-address"; config false; description "Multicast group membership information that joined on the interface."; leaf group-address { Zhao & Liu, etc Expires March 2, 2019 [Page 11] Internet-Draft IGMP/MLD Proxy Yang Module September 3, 2018 type inet:ipv6-address; description "Multicast group address."; } uses state-group-attributes; list source { key "source-address"; description "List of multicast source information of the multicast group."; leaf source-address { type inet:ipv6-address; description "Multicast source address"; } leaf up-time { type uint32; units seconds; description "The elapsed time for (S,G) or (*,G)."; } uses up-down-stream-interfaces; } // list source } // list group } } } Zhao & Liu, etc Expires March 2, 2019 [Page 12] Internet-Draft IGMP/MLD Proxy Yang Module September 3, 2018 4. Security Considerations The YANG module specified in this document defines a schema for data that is designed to be accessed via network management protocols such as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer is the secure transport layer, and the mandatory-to-implement secure transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer is HTTPS, and the mandatory-to-implement secure transport is TLS [RFC5246]. The NETCONF access control model [RFC6536] provides the means to restrict access for particular NETCONF or RESTCONF users to a preconfigured subset of all available NETCONF or RESTCONF protocol operations and content. There are a number of data nodes defined in this YANG module that are writable/creatable/deletable (i.e., config true, which is the default). These data nodes may be considered sensitive or vulnerable in some network environments. Write operations (e.g., edit-config) to these data nodes without proper protection can have a negative effect on network operations. These are the subtrees and data nodes and their sensitivity/vulnerability: /if:interfaces/if:interface/imp:igmp-proxy /if:interfaces/if:interface/imp:mld-proxy /rt:routing/rt:control-plane-protocols/rt:control-plane- protocol/igmp-mld:igmp/imp:proxy /rt:routing/rt:control-plane-protocols/rt:control-plane- protocol/igmp-mld:mld/imp:proxy Unauthorized access to any data node of these subtrees can adversely affect the IGMP/MLD proxy subsystem of both the local device and the network. This may lead to network malfunctions, delivery of packets to inappropriate destinations, and other problems. Some of the readable data nodes in this YANG module may be considered sensitive or vulnerable in some network environments. It is thus important to control read access (e.g., via get, get-config, or notification) to these data nodes. These are the subtrees and data nodes and their sensitivity/vulnerability: /if:interfaces/if:interface/imp:igmp-proxy /if:interfaces/if:interface/imp:mld-proxy Zhao & Liu, etc Expires March 2, 2019 [Page 13] Internet-Draft IGMP/MLD Proxy Yang Module September 3, 2018 /rt:routing/rt:control-plane-protocols/rt:control-plane- protocol/igmp-mld:igmp/imp:proxy /rt:routing/rt:control-plane-protocols/rt:control-plane- protocol/igmp-mld:mld/imp:proxy Unauthorized access to any data node of these subtrees can disclose the operational state information of IGMP/MLD proxy on this device. 5. IANA Considerations RFC Ed.: In this section, replace all occurrences of 'XXXX' with the actual RFC number (and remove this note). This document registers the following namespace URIs in the IETF XML registry [RFC3688]: -------------------------------------------------------------------- URI: urn:ietf:params:xml:ns:yang:ietf-igmp-mld-proxy Registrant Contact: The IESG. XML: N/A, the requested URI is an XML namespace. -------------------------------------------------------------------- This document registers the following YANG modules in the YANG Module Names registry [RFC7950]: -------------------------------------------------------------------- name: ietf-igmp-mld-proxy namespace: urn:ietf:params:xml:ns:yang:ietf-igmp-mld-proxy prefix: imp reference: RFC XXXX -------------------------------------------------------------------- Zhao & Liu, etc Expires March 2, 2019 [Page 14] Internet-Draft IGMP/MLD Proxy Yang Module September 3, 2018 6. Normative References [RFC2236] Fenner, W., "Internet Group Management Protocol, Version 2", RFC 2236, November 1997. [RFC2710] Deering, S., Fenner, W., and B. Haberman, "Multicast Listener Discovery (MLD) for IPv6", RFC 2710, October 1999. [RFC3376] Cain, B., Deering, S., Kouvelas, I., Fenner, B., and A. Thyagarajan, "Internet Group Management Protocol, Version 3", RFC 3376, October 2002. [RFC3810] Vida, R. and L. Costa, "Multicast Listener Discovery Version 2 (MLDv2) for IPv6", RFC 3810, June 2004. [RFC4604] Holbrook, H., Cain, B., and B. Haberman, "Using Internet Group Management Protocol Version 3 (IGMPv3) and Multicast Listener Discovery Protocol Version 2 (MLDv2) for Source- Specific Multicast", RFC 4604, August 2006. [RFC4605] B. Fenner, H. He, B. Haberman and H. Sandick, "Internet Group Management Protocol (IGMP) / Multicast Listener Discovery (MLD) - Based Multicast Forwarding ("IGMP/MLD Proxying")", RFC 4605, August 2006. [RFC4607] Holbrook, H. and B. Cain, "Source-Specific Multicast for IP", RFC 4607, August 2006. [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for the Network Configuration Protocol (NETCONF)", RFC 6020, October 2010. [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", RFC 6991, July 2013. [RFC8342] M. Bjorklund and J. Schoenwaelder, "Network Management Datastore Architecture (NMDA)", RFC 8342, March 2018. [RFC8343] M. Bjorklund, "A YANG Data Model for Interface Management", RFC 8343, March 2018. [draft-ietf-pim-igmp-mld-yang-06] X. Liu, F. Guo, M. Sivakumar, P. McAllister, A. Peter, "A YANG data model for Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD)", draft-ietf-pim-igmp-mld-yang-06, Oct 20, 2017. [draft-dsdt-nmda-guidelines-01] M. Bjorklund, J. Schoenwaelder, P. Shafer, K. Watsen, R. Wilton, "Guidelines for YANG Module Authors (NMDA)", draft-dsdt-nmda-guidelines-01, May 2017 Zhao & Liu, etc Expires March 2, 2019 [Page 15] Internet-Draft IGMP/MLD Proxy Yang Module September 3, 2018 [draft-ietf-netmod-revised-datastores-03] M. Bjorklund, J. Schoenwaelder, P. Shafer, K. Watsen, R. Wilton, "Network Management Datastore Architecture", draft-ietf-netmod- revised-datastores-03, July 3, 2017 Zhao & Liu, etc Expires March 2, 2019 [Page 16] Internet-Draft IGMP/MLD Proxy Yang Module September 3, 2018 Authors' Addresses Hongji Zhao Ericsson (China) Communications Company Ltd. Ericsson Tower, No. 5 Lize East Street, Chaoyang District Beijing 100102, P.R. China Email: hongji.zhao@ericsson.com Xufeng Liu Jabil 8281 Greensboro Drive, Suite 200 McLean VA 22102 USA EMail: Xufeng.liu.ietf@gmail.com Yisong Liu Huawei Technologies Huawei Bld., No.156 Beiqing Rd. Beijing 100095 China Email: liuyisong@huawei.com Anish Peter Individual EMail: anish.ietf@gmail.com Mahesh Sivakumar Cisco Systems 510 McCarthy Boulevard Milpitas, California USA EMail: sivakumar.mahesh@gmail.com Zhao & Liu, etc Expires March 2, 2019 [Page 17]