[ONOS-5989] YANG based L3VPN: Provide the skeleton structure with L3SM model
Change-Id: Ib72b92cef6b3f62f35eef6e10a811308f7b43b3f
diff --git a/apps/l3vpn/yangmodel/src/main/yang/ietf-l3vpn-svc@2016-07-30.yang b/apps/l3vpn/yangmodel/src/main/yang/ietf-l3vpn-svc@2016-07-30.yang
new file mode 100755
index 0000000..dbd60dc
--- /dev/null
+++ b/apps/l3vpn/yangmodel/src/main/yang/ietf-l3vpn-svc@2016-07-30.yang
@@ -0,0 +1,2599 @@
+module ietf-l3vpn-svc {
+
+ namespace "urn:ietf:params:xml:ns:yang:ietf-l3vpn-svc";
+
+ prefix l3vpn-svc;
+
+ import ietf-inet-types {
+ prefix inet;
+ }
+
+ import ietf-yang-types {
+ prefix yang;
+ }
+
+ organization
+ "IETF L3SM Working Group";
+
+ contact
+ "WG List: <mailto:l3sm@ietf.org>
+
+ Editor:
+
+ ";
+
+ description
+ "The YANG module defines a generic service configuration
+ model for Layer 3 VPN common across all of the vendor
+ implementations.";
+
+ revision 2016-07-30 {
+ description
+ "Eliminated warnings";
+ reference
+ "draft-ietf-l3sm-l3vpn-service-yang-11";
+ }
+
+ revision 2016-07-05 {
+ description
+ "Draft text update";
+ reference
+ "draft-ietf-l3sm-l3vpn-service-yang-11";
+ }
+ revision 2016-06-27 {
+ description
+ "
+ * Removed templates
+ * Add site-network-access-type
+ * Add a leaf number-of-dynamic-address in case
+ of pe-dhcp addressing;
+
+ ";
+ reference "draft-ietf-l3sm-l3vpn-service-yang-10";
+ }
+ revision 2016-06-10 {
+ description
+ "Add site-vpn-flavor NNI";
+ reference "draft-ietf-l3sm-l3vpn-service-yang-09";
+ }
+ revision 2016-06-09 {
+ description
+ "Traffic protection moved to site level.
+ Decouple operational-requirements in two containers.
+ ";
+ reference "draft-ietf-l3sm-l3vpn-service-yang-08";
+ }
+ revision 2016-06-06 {
+ description
+ "Set config false to actual-site-start and stop
+ Add a container before cloud-access list
+ Add a container before authorized-sites list
+ Add a container before denied-sites list
+ Modified access-diversity modeling
+ Replacing type placement diversity by an identity";
+ reference "draft-ietf-l3sm-l3vpn-service-yang-07";
+ }
+ revision 2016-04-19 {
+ description
+ "* remove reference to core routing model :
+ created new address family identities
+ * added features
+ * Modified bearer parameters
+ * Modified union for ipv4/ipv6 addresses to ip-address
+ type
+ * Add BSR parameters for multicast
+ * Add applications matching for QoS classification
+ ";
+ reference "draft-ietf-l3sm-l3vpn-service-yang-06";
+ }
+ revision 2016-04-05 {
+ description
+ "
+ * Added linecard diverse for site diversity
+ * Added a new diversity enum in placement-diversity : none
+ * Added state to site location
+
+ ";
+ reference "";
+ }
+ revision 2016-03-11 {
+ description
+ "
+ * Modify VPN policy and creating a vpn-policy-list
+ * Add VPN policy reference and VPN ID reference
+ under site-network-access
+ ";
+ reference "draft-ietf-l3sm-l3vpn-service-yang-05";
+ }
+ revision 2016-01-04 {
+ description
+ "
+ * Add extranet-vpn container in vpn-svc
+ * Creating top level containers
+ * Refine groupings
+ * Added site-vpn-flavor
+ ";
+ reference "draft-ietf-l3sm-l3vpn-service-yang-03";
+ }
+ revision 2016-01-04 {
+ description
+ "
+ * qos-profile moved to choice
+ * vpn leaf moved to vpn-id in vpn-policy
+ * added ordered-by user to qos classification list
+ * moved traffic protection to access availability
+ * creating a choice in matching filter for VPN policy
+ * added dot1p matching field in flow-definition
+ ";
+ reference "";
+ }
+ revision 2015-12-07 {
+ description
+ "
+ * A site is now a collection of site-accesses.
+ This was introduced to support M to N availability.
+ * Site-availability has been removed, replaced by
+ availability parameters under site-accesses
+ * Added transport-constraints within vpn-svc
+ ";
+ reference "draft-ietf-l3sm-l3vpn-service-yang-02";
+ }
+ revision 2015-11-03 {
+ description "
+ * Add ToS support in match-flow
+ * nexthop in cascaded lan as mandatory
+ * customer-specific-info deleted and moved to routing
+ protocols
+ * customer-lan-connection modified : need prefix and CE address
+ * add choice in managing PE-CE addressing
+ * Simplifying traffic protection
+ ";
+ reference "";
+ }
+ revision 2015-09-10 {
+ description "
+ * Refine groupings for vpn-svc
+ * Removed name in vpn-svc
+ * id in vpn-svc moved to string
+ * Rename id in vpn-svc to vpn-id
+ * Changed key of vpn-svc list to vpn-id
+ * Add DSCP support in flow definition
+ ";
+ reference "";
+ }
+ revision 2015-08-07 {
+ description
+ "
+ Multicast :
+ * Removed ACL from security
+ * Add FW for site and cloud access
+ ";
+ reference "";
+ }
+ revision 2015-08-05 {
+ description
+ "
+ Multicast :
+ * Removed anycast-rp identity as discovery mechanism
+ * Added rp-group mappings for multicast
+ * Added flag for provider managed RP.
+ ";
+ reference "";
+ }
+ revision 2015-08-03 {
+ description
+ " * Creating multiple reusable groupings
+ * Added mpls leaf in vpn-svc for carrier's carrier case
+ * Modify identity single to single-site
+ * Modify site-type to site-role and also child identities.
+ * Creating OAM container under site and moved BFD in.
+ * Creating flow-definition grouping to be reused
+ in ACL, QoS ...
+ * Simplified VPN policy.
+ * Adding multicast static group to RP mappings.
+ * Removed native-vpn and site-role from global site
+ cfg, now managed within the VPN policy.
+ * Creating a separate list for site templates.
+ ";
+ reference "draft-ietf-l3sm-l3vpn-service-yang-01";
+ }
+ revision 2015-07-02 {
+ reference "draft-ietf-l3sm-l3vpn-service-yang-00";
+ }
+ revision 2015-04-24 {
+ description "
+ * Add encryption parameters
+ * Adding holdtime for BFD.
+ * Add postal address in location
+ ";
+ reference "draft-lstd-l3sm-l3vpn-service-yang-00";
+ }
+ revision 2015-02-05 {
+ description "Initial revision.";
+ reference "draft-l3vpn-service-yang-00";
+ }
+
+ /* Features */
+
+ feature cloud-access {
+ description
+ "Allow VPN to connect to a Cloud Service
+ provider.";
+ }
+ feature multicast {
+ description
+ "Enables multicast capabilities in a VPN";
+ }
+ feature ipv4 {
+ description
+ "Enables IPv4 support in a VPN";
+ }
+ feature ipv6 {
+ description
+ "Enables IPv6 support in a VPN";
+ }
+ feature carrierscarrier {
+ description
+ "Enables support of carrier's carrier";
+ }
+ feature traffic-engineering {
+ description
+ "Enables support of transport constraint.";
+ }
+ feature traffic-engineering-multicast {
+ description
+ "Enables support of transport constraint
+ for multicast.";
+ }
+ feature extranet-vpn {
+ description
+ "Enables support of extranet VPNs";
+ }
+ feature site-diversity {
+ description
+ "Enables support of site diversity constraints";
+ }
+ feature encryption {
+ description
+ "Enables support of encryption";
+ }
+ feature qos {
+ description
+ "Enables support of Class of Services";
+ }
+ feature qos-custom {
+ description
+ "Enables support of custom qos profile";
+ }
+ feature rtg-bgp {
+ description
+ "Enables support of BGP routing protocol.";
+ }
+ feature rtg-rip {
+ description
+ "Enables support of RIP routing protocol.";
+ }
+ feature rtg-ospf {
+ description
+ "Enables support of OSPF routing protocol.";
+ }
+ feature rtg-ospf-sham-link {
+ description
+ "Enables support of OSPF sham-links.";
+ }
+ feature rtg-vrrp {
+ description
+ "Enables support of VRRP routing protocol.";
+ }
+ feature fast-reroute {
+ description
+ "Enables support of Fast Reroute.";
+ }
+ feature bfd {
+ description
+ "Enables support of BFD.";
+ }
+ feature always-on {
+ description
+ "Enables support for always-on access
+ constraint.";
+ }
+ feature requested-type {
+ description
+ "Enables support for requested-type access
+ constraint.";
+ }
+ feature bearer-reference {
+ description
+ "Enables support for bearer-reference access
+ constraint.";
+ }
+
+ /* Typedefs */
+
+ typedef svc-id {
+ type string;
+ description
+ "Defining a type of service component
+ identificators.";
+ }
+
+ typedef template-id {
+ type string;
+ description
+ "Defining a type of service template
+ identificators.";
+ }
+
+ /* Identities */
+
+ identity site-network-access-type {
+ description
+ "Base identity for site-network-access type";
+ }
+ identity point-to-point {
+ base site-network-access-type;
+ description
+ "Identity for point-to-point connection";
+ }
+ identity multipoint {
+ base site-network-access-type;
+ description
+ "Identity for multipoint connection
+ Example : ethernet broadcast segment";
+ }
+ identity placement-diversity {
+ description
+ "Base identity for site placement
+ constraints";
+ }
+ identity pe-diverse {
+ base placement-diversity;
+ description
+ "Identity for PE diversity";
+ }
+ identity pop-diverse {
+ base placement-diversity;
+ description
+ "Identity for POP diversity";
+ }
+ identity linecard-diverse {
+ base placement-diversity;
+ description
+ "Identity for linecard diversity";
+ }
+ identity same-pe {
+ base placement-diversity;
+ description
+ "Identity for having sites connected
+ on the same PE";
+ }
+ identity same-bearer {
+ base placement-diversity;
+ description
+ "Identity for having sites connected
+ using the same bearer";
+ }
+ identity customer-application {
+ description
+ "Base identity for customer application";
+ }
+ identity web {
+ base customer-application;
+ description
+ "Identity for web application (e.g. HTTP,HTTPS)";
+ }
+ identity mail {
+ base customer-application;
+ description
+ "Identity for mail applications";
+ }
+ identity file-transfer {
+ base customer-application;
+ description
+ "Identity for file transfer applications (
+ e.g. FTP, SFTP, ...)";
+ }
+ identity database {
+ base customer-application;
+ description
+ "Identity for database applications";
+ }
+ identity social {
+ base customer-application;
+ description
+ "Identity for social network applications";
+ }
+ identity games {
+ base customer-application;
+ description
+ "Identity for gaming applications";
+ }
+ identity p2p {
+ base customer-application;
+ description
+ "Identity for peer to peer applications";
+ }
+ identity network-management {
+ base customer-application;
+ description
+ "Identity for management applications (e.g. telnet
+ syslog, snmp ...)";
+ }
+ identity voice {
+ base customer-application;
+ description
+ "Identity for voice applications";
+ }
+ identity video {
+ base customer-application;
+ description
+ "Identity for video conference applications";
+ }
+ identity address-family {
+ description
+ "Base identity for an address family.";
+ }
+ identity ipv4 {
+ base address-family;
+ description
+ "Identity for IPv4 address family.";
+ }
+ identity ipv6 {
+ base address-family;
+ description
+ "Identity for IPv6 address family.";
+ }
+ identity site-vpn-flavor {
+ description
+ "Base identity for the site VPN service flavor.";
+ }
+ identity site-vpn-flavor-single {
+ base site-vpn-flavor;
+ description
+ "Base identity for the site VPN service flavor.
+ Used when the site belongs to only one VPN.";
+ }
+ identity site-vpn-flavor-multi {
+ base site-vpn-flavor;
+ description
+ "Base identity for the site VPN service flavor.
+ Used when a logical connection of a site
+ belongs to multiple VPNs.";
+ }
+ identity site-vpn-flavor-sub {
+ base site-vpn-flavor;
+ description
+ "Base identity for the site VPN service flavor.
+ Used when a site has multiple logical connections.
+ Each of the connection may belong to different
+ multiple VPNs.";
+ }
+ identity site-vpn-flavor-nni {
+ base site-vpn-flavor;
+ description
+ "Base identity for the site VPN service flavor.
+ Used to describe a NNI option A connection.";
+ }
+ identity transport-constraint {
+ description
+ "Base identity for transport constraint.";
+ }
+ identity tc-latency {
+ base transport-constraint;
+ description
+ "Base identity for transport constraint
+ based on latency.";
+ }
+ identity tc-jitter {
+ base transport-constraint;
+ description
+ "Base identity for transport constraint
+ based on jitter.";
+ }
+ identity tc-bandwidth {
+ base transport-constraint;
+ description
+ "Base identity for transport constraint
+ based on bandwidth.";
+ }
+ identity tc-path-diversity {
+ base transport-constraint;
+ description
+ "Base identity for transport constraint
+ based on path diversity.";
+ }
+ identity tc-site-diversity {
+ base transport-constraint;
+ description
+ "Base identity for transport constraint
+ based on site diversity.";
+ }
+ identity management {
+ description
+ "Base identity for site management scheme.";
+ }
+ identity co-managed {
+ base management;
+ description
+ "Base identity for comanaged site.";
+ }
+ identity customer-managed {
+ base management;
+ description
+ "Base identity for customer managed site.";
+ }
+ identity provider-managed {
+ base management;
+ description
+ "Base identity for provider managed site.";
+ }
+ identity address-allocation-type {
+ description
+ "Base identity for address-allocation-type
+ for PE-CE link.";
+ }
+ identity pe-dhcp {
+ base address-allocation-type;
+ description
+ "PE router provides DHCP service to CE.";
+ }
+ identity static-address {
+ base address-allocation-type;
+ description
+ "PE-CE addressing is static.";
+ }
+ identity slaac {
+ base address-allocation-type;
+ description
+ "Use IPv6 SLAAC.";
+ }
+ identity site-role {
+ description
+ "Base identity for site type.";
+ }
+ identity any-to-any-role {
+ base site-role;
+ description
+ "Site in a any to any IPVPN.";
+ }
+ identity spoke-role {
+ base site-role;
+ description
+ "Spoke Site in a Hub & Spoke IPVPN.";
+ }
+ identity hub-role {
+ base site-role;
+ description
+ "Hub Site in a Hub & Spoke IPVPN.";
+ }
+ identity vpn-topology {
+ description
+ "Base identity for VPN topology.";
+ }
+ identity any-to-any {
+ base vpn-topology;
+ description
+ "Identity for any to any VPN topology.";
+ }
+ identity hub-spoke {
+ base vpn-topology;
+ description
+ "Identity for Hub'n'Spoke VPN topology.";
+ }
+ identity hub-spoke-disjoint {
+ base vpn-topology;
+ description
+ "Identity for Hub'n'Spoke VPN topology
+ where Hubs cannot talk between each other.";
+ }
+ identity multicast-tree-type {
+ description
+ "Base identity for multicast tree type.";
+ }
+ identity ssm-tree-type {
+ base multicast-tree-type;
+ description
+ "Identity for SSM tree type.";
+ }
+ identity asm-tree-type {
+ base multicast-tree-type;
+ description
+ "Identity for ASM tree type.";
+ }
+ identity bidir-tree-type {
+ base multicast-tree-type;
+ description
+ "Identity for BiDir tree type.";
+ }
+ identity multicast-rp-discovery-type {
+ description
+ "Base identity for rp discovery type.";
+ }
+ identity auto-rp {
+ base multicast-rp-discovery-type;
+ description
+ "Base identity for auto-rp discovery type.";
+ }
+ identity static-rp {
+ base multicast-rp-discovery-type;
+ description
+ "Base identity for static type.";
+ }
+ identity bsr-rp {
+ base multicast-rp-discovery-type;
+ description
+ "Base identity for BDR discovery type.";
+ }
+ identity routing-protocol-type {
+ description
+ "Base identity for routing-protocol type.";
+ }
+ identity ospf {
+ base routing-protocol-type;
+ description
+ "Identity for OSPF protocol type.";
+ }
+ identity bgp {
+ base routing-protocol-type;
+ description
+ "Identity for BGP protocol type.";
+ }
+ identity static {
+ base routing-protocol-type;
+ description
+ "Identity for static routing protocol type.";
+ }
+ identity rip {
+ base routing-protocol-type;
+ description
+ "Identity for RIP protocol type.";
+ }
+ identity rip-ng {
+ base routing-protocol-type;
+ description
+ "Identity for RIPng protocol type.";
+ }
+ identity vrrp {
+ base routing-protocol-type;
+ description
+ "Identity for VRRP protocol type.
+ This is to be used when LAn are directly connected
+ to provider Edge routers.";
+ }
+ identity direct {
+ base routing-protocol-type;
+ description
+ "Identity for direct protocol type.
+ .";
+ }
+ identity protocol-type {
+ description
+ "Base identity for protocol field type.";
+ }
+ identity tcp {
+ base protocol-type;
+ description
+ "TCP protocol type.";
+ }
+ identity udp {
+ base protocol-type;
+ description
+ "UDP protocol type.";
+ }
+ identity icmp {
+ base protocol-type;
+ description
+ "icmp protocol type.";
+ }
+ identity icmp6 {
+ base protocol-type;
+ description
+ "icmp v6 protocol type.";
+ }
+ identity gre {
+ base protocol-type;
+ description
+ "GRE protocol type.";
+ }
+ identity ipip {
+ base protocol-type;
+ description
+ "IPinIP protocol type.";
+ }
+ identity hop-by-hop {
+ base protocol-type;
+ description
+ "Hop by Hop IPv6 header type.";
+ }
+ identity routing {
+ base protocol-type;
+ description
+ "Routing IPv6 header type.";
+ }
+ identity esp {
+ base protocol-type;
+ description
+ "ESP header type.";
+ }
+ identity ah {
+ base protocol-type;
+ description
+ "AH header type.";
+ }
+
+ /* Groupings */
+
+ grouping vpn-service-cloud-access {
+ container cloud-accesses {
+ list cloud-access {
+ if-feature cloud-access;
+ key cloud-identifier;
+
+ leaf cloud-identifier {
+ type string;
+ description
+ "Identification of cloud service. Local
+ admin meaning.";
+ }
+ container authorized-sites {
+ list authorized-site {
+ key site-id;
+
+ leaf site-id {
+ type leafref {
+ path "/l3vpn-svc/sites/site/site-id";
+ }
+ description
+ "Site ID.";
+ }
+ description
+ "List of authorized sites.";
+ }
+ description
+ "Configuration of authorized sites";
+ }
+ container denied-sites {
+ list denied-site {
+ key site-id;
+
+ leaf site-id {
+ type leafref {
+ path "/l3vpn-svc/sites/site/site-id";
+ }
+ description
+ "Site ID.";
+ }
+ description
+ "List of denied sites.";
+ }
+ description
+ "Configuration of denied sites";
+ }
+ leaf nat-enabled {
+ type boolean;
+ description
+ "Control if NAT is required or not.";
+ }
+ leaf customer-nat-address {
+ type inet:ipv4-address;
+ description
+ "NAT address to be used in case of public
+ or shared cloud.
+ This is to be used in case customer is providing
+ the public address.";
+ }
+ description
+ "Cloud access configuration.";
+ }
+ description
+ "Container for cloud access configurations";
+ }
+ description
+ "grouping for vpn cloud definition";
+ }
+
+ grouping multicast-rp-group-cfg {
+ choice group-format {
+ case startend {
+ leaf group-start {
+ type inet:ip-address;
+ description
+ "First group address.";
+ }
+ leaf group-end {
+ type inet:ip-address;
+ description
+ "Last group address.";
+ }
+ }
+ case singleaddress {
+ leaf group-address {
+ type inet:ip-address;
+ description
+ "Group address";
+ }
+ }
+ description
+ "Choice for group format.";
+ }
+ description
+ "Definition of groups for
+ RP to group mapping.";
+ }
+
+ grouping vpn-service-multicast {
+ container multicast {
+ if-feature multicast;
+ leaf enabled {
+ type boolean;
+ default false;
+ description
+ "Enable multicast.";
+ }
+ container customer-tree-flavors {
+ list tree-flavor {
+ key type;
+
+ leaf type {
+ type identityref {
+ base multicast-tree-type;
+ }
+ description
+ "Type of tree to be used.";
+ }
+ description
+ "List of tree flavors.";
+ }
+ description
+ "Type of trees used by customer.";
+ }
+ container rp {
+ container rp-group-mappings {
+ list rp-group-mapping {
+ key "id";
+
+ leaf id {
+ type uint16;
+ description
+ "Unique identifier for the mapping.";
+ }
+ container provider-managed {
+ leaf enabled {
+ type boolean;
+ default false;
+ description
+ "Set to true, if the RP must be a
+ provider
+ managed node.
+ Set to false, if it is a customer
+ managed node.";
+ }
+
+ leaf rp-redundancy {
+ when "../enabled = 'true'" {
+ description
+ "Relevant when RP
+ is provider managed.";
+ }
+ type boolean;
+ default false;
+ description
+ "If true, redundancy
+ mechanism for RP is required.";
+ }
+ leaf optimal-traffic-delivery {
+ when "../enabled = 'true'" {
+ description
+ "Relevant when RP
+ is provider managed.";
+ }
+ type boolean;
+ default false;
+ description
+ "If true, SP must ensure
+ that traffic uses an optimal path.";
+ }
+ description
+ "Parameters for provider managed RP.";
+ }
+
+ leaf rp-address {
+ when "../provider-managed/enabled='false'" {
+ description
+ "Relevant when RP
+ is provider managed.";
+ }
+ type inet:ip-address;
+ description
+ "Defines the address of the
+ RendezvousPoint.
+ Used if RP is customer managed.";
+ }
+
+ container groups {
+ list group {
+ key id;
+
+ leaf id {
+ type uint16;
+ description
+ "Identifier for the group.";
+ }
+ uses multicast-rp-group-cfg;
+ description
+ "List of groups.";
+ }
+ description
+ "Multicast groups associated with RP.";
+ }
+
+ description
+ "List of RP to group mappings.";
+ }
+ description
+ "RP to group mappings.";
+ }
+ container rp-discovery {
+ leaf rp-discovery-type {
+ type identityref {
+ base multicast-rp-discovery-type;
+ }
+ default static-rp;
+ description
+ "Type of RP discovery used.";
+ }
+ container bsr-candidates {
+ when "../rp-discovery-type='bsr-rp'" {
+ description
+ "Only applicable if discovery type
+ is BSR-RP";
+ }
+ list bsr-candidate {
+ key address;
+
+ leaf address {
+ type inet:ip-address;
+ description
+ "Address of BSR candidate";
+ }
+
+ description
+ "List of customer BSR candidates";
+ }
+ description
+ "Customer BSR candidates address";
+ }
+ description
+ "RP discovery parameters";
+ }
+
+ description
+ "RendezvousPoint parameters.";
+ }
+ description
+ "Multicast global parameters for the VPN service.";
+ }
+ description
+ "grouping for multicast vpn definition";
+ }
+
+ grouping vpn-service-mpls {
+ leaf carrierscarrier {
+ if-feature carrierscarrier;
+ type boolean;
+ default false;
+ description
+ "The VPN is using Carrier's Carrier,
+ and so MPLS is required.";
+ }
+ description
+ "grouping for mpls CsC definition";
+ }
+
+ grouping customer-location-info {
+ container location {
+ leaf address {
+ type string;
+ description
+ "Address (number and street)
+ of the site.";
+
+ }
+ leaf zip-code {
+ type string;
+ description
+ "ZIP code of the site.";
+ }
+ leaf state {
+ type string;
+ description
+ "State of the site.
+ This leaf can also be used
+ to describe a region
+ for country who does not have
+ states.
+ ";
+ }
+ leaf city {
+ type string;
+ description
+ "City of the site.";
+ }
+ leaf country-code {
+ type string;
+ description
+ "Country of the site.";
+ }
+ description
+ "Location of the site.";
+ }
+ description
+ "This grouping defines customer location
+ parameters";
+ }
+
+ grouping site-diversity {
+ container site-diversity {
+ if-feature site-diversity;
+
+ container groups {
+ list group {
+ key group-id;
+
+ leaf group-id {
+ type string;
+ description
+ "Group-id the site
+ is belonging to";
+ }
+ description
+ "List of group-id";
+ }
+ description
+ "Groups the site
+ is belonging to.
+ All site network accesses will
+ inherit those group values.";
+ }
+ description
+ "Diversity constraint type.";
+ }
+ description
+ "This grouping defines site diversity
+ parameters";
+ }
+
+ grouping access-diversity {
+ container access-diversity {
+ if-feature site-diversity;
+ container groups {
+ list group {
+ key group-id;
+
+ leaf group-id {
+ type string;
+ description
+ "Group-id the site network access
+ is belonging to";
+ }
+ description
+ "List of group-id";
+ }
+ description
+ "Groups the site network access
+ is belonging to";
+ }
+ container constraints {
+ list constraint {
+ key constraint-type;
+
+ leaf constraint-type {
+ type identityref {
+ base placement-diversity;
+ }
+ description
+ "Diversity constraint type.";
+ }
+ container target {
+ choice target-flavor {
+ case id {
+ list group {
+ key group-id;
+
+ leaf group-id {
+ type string;
+ description
+ "The constraint will apply
+ against this particular
+ group-id";
+ }
+ description
+ "List of groups";
+ }
+ }
+ case all-accesses {
+ leaf all-other-accesses {
+ type empty;
+ description
+ "The constraint will apply
+ against all other site network
+ access
+ of this site";
+ }
+ }
+ case all-groups {
+ leaf all-other-groups {
+ type empty;
+ description
+ "The constraint will apply
+ against all other groups the
+ customer
+ is managing";
+ }
+ }
+ description
+ "Choice for the group definition";
+ }
+ description
+ "The constraint will apply against
+ this list of groups";
+ }
+ description
+ "List of constraints";
+ }
+ description
+ "Constraints for placing this site
+ network access";
+ }
+
+ description
+ "Diversity parameters.";
+ }
+ description
+ "This grouping defines access diversity
+ parameters";
+ }
+
+ grouping operational-requirements {
+ leaf requested-site-start {
+ type yang:date-and-time;
+ description
+ "Optional leaf indicating requested date
+ and time
+ when the service at a particular site is
+ expected
+ to start";
+ }
+
+ leaf requested-site-stop {
+ type yang:date-and-time;
+ description
+ "Optional leaf indicating requested date
+ and time
+ when the service at a particular site is
+ expected
+ to stop";
+ }
+ description
+ "This grouping defines some operational parameters
+ parameters";
+ }
+
+ grouping operational-requirements-ops {
+ leaf actual-site-start {
+ type yang:date-and-time;
+ config false;
+ description
+ "Optional leaf indicating actual date
+ and time
+ when the service at a particular site
+ actually
+ started";
+ }
+ leaf actual-site-stop {
+ type yang:date-and-time;
+ config false;
+ description
+ "Optional leaf indicating actual date
+ and time
+ when the service at a particular site
+ actually
+ stopped";
+ }
+ description
+ "This grouping defines some operational parameters
+ parameters";
+ }
+
+ grouping flow-definition {
+ container match-flow {
+ leaf dscp {
+ type uint8 {
+ range "0 .. 63";
+ }
+ description
+ "DSCP value.";
+ }
+ leaf tos {
+ type uint8 {
+ range "0 .. 254";
+ }
+ description
+ "TOS value.";
+ }
+ leaf dot1p {
+ type uint8 {
+ range "0 .. 7";
+ }
+ description
+ "802.1p matching.";
+ }
+ leaf ipv4-src-prefix {
+ type inet:ipv4-prefix;
+ description
+ "Match on IPv4 src address.";
+ }
+ leaf ipv6-src-prefix {
+ type inet:ipv6-prefix;
+ description
+ "Match on IPv6 src address.";
+ }
+ leaf ipv4-dst-prefix {
+ type inet:ipv4-prefix;
+ description
+ "Match on IPv4 dst address.";
+ }
+ leaf ipv6-dst-prefix {
+ type inet:ipv6-prefix;
+ description
+ "Match on IPv6 dst address.";
+ }
+ leaf l4-src-port {
+ type uint16;
+ description
+ "Match on layer 4 src port.";
+ }
+ leaf l4-dst-port {
+ type uint16;
+ description
+ "Match on layer 4 dst port.";
+ }
+ leaf protocol-field {
+ type union {
+ type uint8;
+ type identityref {
+ base protocol-type;
+ }
+ }
+ description
+ "Match on IPv4 protocol or
+ Ipv6 Next Header
+ field.";
+ }
+
+ description
+ "Describe flow matching
+ criterions.";
+ }
+ description
+ "Flow definition based on criteria.";
+ }
+
+ grouping site-service-basic {
+ leaf svc-input-bandwidth {
+ type uint32;
+ units bps;
+ description
+ "From the PE perspective, the service input
+ bandwidth of the connection.";
+ }
+ leaf svc-output-bandwidth {
+ type uint32;
+ units bps;
+ description
+ "From the PE perspective, the service output
+ bandwidth of the connection.";
+ }
+ leaf svc-mtu {
+ type uint16;
+ units bytes;
+ description
+ "MTU at service level.
+ If the service is IP,
+ it refers to the IP MTU.";
+ }
+ description
+ "Defines basic service parameters for a site.";
+ }
+
+ grouping site-protection {
+ container traffic-protection {
+ if-feature fast-reroute;
+ leaf enabled {
+ type boolean;
+ description
+ "Enables
+ traffic protection of access link.";
+ }
+
+ description
+ "Fast reroute service parameters
+ for the site.";
+ }
+ description
+ "Defines protection service parameters for a site.";
+ }
+
+ grouping site-service-mpls {
+ container carrierscarrier {
+ if-feature carrierscarrier;
+ leaf signalling-type {
+ type enumeration {
+ enum "ldp" {
+ description
+ "Use LDP as signalling
+ protocol between PE and CE.";
+ }
+ enum "bgp" {
+ description
+ "Use BGP 3107 as signalling
+ protocol between PE and CE.
+ In this case, bgp must be also
+ configured
+ as routing-protocol.
+ ";
+ }
+ }
+ description
+ "MPLS signalling type.";
+ }
+ description
+ "This container is used when customer provides
+ MPLS based services.
+ This is used in case of Carrier's
+ Carrier.";
+ }
+ description
+ "Defines MPLS service parameters for a site.";
+ }
+
+ grouping site-service-qos-profile {
+ container qos {
+ if-feature qos;
+ container qos-classification-policy {
+ list rule {
+ key id;
+ ordered-by user;
+
+ leaf id {
+ type uint16;
+ description
+ "ID of the rule.";
+ }
+
+ choice match-type {
+ case match-flow {
+ uses flow-definition;
+ }
+ case match-application {
+ leaf match-application {
+ type identityref {
+ base customer-application;
+ }
+ description
+ "Defines the application
+ to match.";
+ }
+ }
+ description
+ "Choice for classification";
+ }
+
+ leaf target-class-id {
+ type string;
+ description
+ "Identification of the
+ class of service.
+ This identifier is internal to
+ the administration.";
+ }
+
+ description
+ "List of marking rules.";
+ }
+ description
+ "Need to express marking rules ...";
+ }
+ container qos-profile {
+
+ choice qos-profile {
+ description
+ "Choice for QoS profile.
+ Can be standard profile or custom.";
+ case standard {
+ leaf profile {
+ type string;
+ description
+ "QoS profile to be used";
+ }
+ }
+ case custom {
+ container classes {
+ if-feature qos-custom;
+ list class {
+ key class-id;
+
+ leaf class-id {
+ type string;
+ description
+ "Identification of the
+ class of service.
+ This identifier is internal to
+ the administration.";
+ }
+ leaf rate-limit {
+ type uint8;
+ units percent;
+ description
+ "To be used if class must
+ be rate
+ limited. Expressed as
+ percentage of the svc-bw.";
+ }
+ leaf priority-level {
+ type uint8;
+ description
+ "Defines the level of the
+ class in
+ term of priority queueing.
+ The higher the level is the
+ higher
+ is the priority.";
+ }
+ leaf guaranteed-bw-percent {
+ type uint8;
+ units percent;
+ description
+ "To be used to define the
+ guaranteed
+ BW in percent of the svc-bw
+ available at the priority-level.";
+ }
+ description
+ "List of class of services.";
+ }
+ description
+ "Container for
+ list of class of services.";
+ }
+
+ }
+
+ }
+ description
+ "Qos profile configuration.";
+ }
+ description
+ "QoS configuration.";
+ }
+ description
+ "This grouping defines QoS parameters
+ for a site";
+
+ }
+
+ grouping site-security-authentication {
+ container authentication {
+ description
+ "Authentication parameters";
+ }
+ description
+ "This grouping defines authentication
+ parameters
+ for a site";
+ }
+
+ grouping site-security-encryption {
+ container encryption {
+ if-feature encryption;
+ leaf enabled {
+ type boolean;
+ description
+ "If true, access encryption is required.";
+ }
+ leaf layer {
+ type enumeration {
+ enum layer2 {
+ description
+ "Encryption will occur at layer2.";
+ }
+ enum layer3 {
+ description
+ "IPSec is requested.";
+ }
+ }
+ description
+ "Layer on which encryption is applied.";
+ }
+ container encryption-profile {
+ choice profile {
+ case provider-profile {
+ leaf profile-name {
+ type string;
+ description
+ "Name of the SP profile
+ to be applied.";
+ }
+ }
+ case customer-profile {
+ leaf algorithm {
+ type string;
+ description
+ "Encryption algorithm to
+ be used.";
+ }
+ choice key-type {
+ case psk {
+ leaf preshared-key {
+ type string;
+ description
+ "Key coming from
+ customer.";
+ }
+ }
+ case pki {
+
+ }
+ description
+ "Type of keys to be used.";
+ }
+ }
+ description
+ "Choice of profile.";
+ }
+ description
+ "Profile of encryption to be applied.";
+ }
+ description
+ "Encryption parameters.";
+ }
+ description
+ "This grouping defines encryption parameters
+ for a site";
+ }
+
+ grouping site-attachment-bearer {
+ container bearer {
+ container requested-type {
+ if-feature requested-type;
+ leaf requested-type {
+ type string;
+ description
+ "Type of requested bearer Ethernet, DSL,
+ Wireless ...
+ Operator specific.";
+ }
+ leaf strict {
+ type boolean;
+ default false;
+ description
+ "define if the requested-type is a preference
+ or a strict requirement.";
+ }
+ description
+ "Container for requested type.";
+ }
+ leaf always-on {
+ if-feature always-on;
+ type boolean;
+ default true;
+ description
+ "Request for an always on access type.
+ This means no Dial access type for
+ example.";
+ }
+ leaf bearer-reference {
+ if-feature bearer-reference;
+ type string;
+ description
+ "This is an internal reference for the
+ service provider.
+ Used ";
+ }
+ description
+ "Bearer specific parameters.
+ To be augmented.";
+ }
+ description
+ "Defines physical properties of
+ a site attachment.";
+ }
+
+ grouping site-routing {
+ container routing-protocols {
+ list routing-protocol {
+ key type;
+
+ leaf type {
+ type identityref {
+ base routing-protocol-type;
+ }
+ description
+ "Type of routing protocol.";
+ }
+
+
+ container ospf {
+ when "../type = 'ospf'" {
+ description
+ "Only applies
+ when protocol is OSPF.";
+ }
+ if-feature rtg-ospf;
+ leaf-list address-family {
+ type identityref {
+ base address-family;
+ }
+ description
+ "Address family to be activated.";
+ }
+ leaf area-address {
+ type yang:dotted-quad;
+ description
+ "Area address.";
+ }
+ leaf metric {
+ type uint16;
+ description
+ "Metric of PE-CE link.";
+ }
+ container sham-links {
+ if-feature rtg-ospf-sham-link;
+ list sham-link {
+ key target-site;
+
+ leaf target-site {
+ type svc-id;
+ description
+ "Target site for the sham link
+ connection.
+ The site is referred through it's ID.";
+ }
+ leaf metric {
+ type uint16;
+ description
+ "Metric of the sham link.";
+ }
+ description
+ "Creates a shamlink with another
+ site";
+ }
+ description
+ "List of Sham links";
+ }
+ description
+ "OSPF specific configuration.";
+ }
+
+ container bgp {
+
+ when "../type = 'bgp'" {
+ description
+ "Only applies when
+ protocol is BGP.";
+ }
+ if-feature rtg-bgp;
+ leaf autonomous-system {
+ type uint32;
+ description
+ "AS number.";
+ }
+ leaf-list address-family {
+ type identityref {
+ base address-family;
+ }
+ description
+ "Address family to be activated.";
+ }
+ description
+ "BGP specific configuration.";
+ }
+ container static {
+ when "../type = 'static'" {
+ description
+ "Only applies when protocol
+ is static.";
+ }
+
+ container cascaded-lan-prefixes {
+ list ipv4-lan-prefixes {
+ if-feature ipv4;
+ key "lan next-hop";
+
+ leaf lan {
+ type inet:ipv4-prefix;
+ description
+ "Lan prefixes.";
+ }
+ leaf lan-tag {
+ type string;
+ description
+ "Internal tag to be used in vpn
+ policies.";
+ }
+ leaf next-hop {
+ type inet:ipv4-address;
+ description
+ "Nexthop address to use at customer
+ side.";
+ }
+ description "
+ List of LAN prefixes for
+ the site.
+ ";
+ }
+ list ipv6-lan-prefixes {
+ if-feature ipv6;
+ key "lan next-hop";
+
+ leaf lan {
+ type inet:ipv6-prefix;
+ description
+ "Lan prefixes.";
+ }
+ leaf lan-tag {
+ type string;
+ description
+ "Internal tag to be used
+ in vpn policies.";
+ }
+ leaf next-hop {
+ type inet:ipv6-address;
+ description
+ "Nexthop address to use at
+ customer side.";
+ }
+ description "
+ List of LAN prefixes for the site.
+ ";
+ }
+ description
+ "LAN prefixes from the customer.";
+ }
+ description
+ "Static routing
+ specific configuration.";
+ }
+ container rip {
+
+ when "../type = 'rip'" {
+ description
+ "Only applies when
+ protocol is RIP.";
+ }
+ if-feature rtg-rip;
+ leaf-list address-family {
+ type identityref {
+ base address-family;
+ }
+ description
+ "Address family to be
+ activated.";
+ }
+
+ description
+ "RIP routing specific
+ configuration.";
+ }
+
+
+ container vrrp {
+
+ when "../type = 'vrrp'" {
+ description
+ "Only applies when
+ protocol is VRRP.";
+ }
+ if-feature rtg-vrrp;
+ leaf-list address-family {
+ type identityref {
+ base address-family;
+ }
+ description
+ "Address family to be activated.";
+ }
+ description
+ "VRRP routing specific configuration.";
+ }
+
+
+ description
+ "List of routing protocols used
+ on the site.
+ Need to be augmented.";
+ }
+ description
+ "Defines routing protocols.";
+ }
+ description
+ "Grouping for routing protocols.";
+ }
+
+ grouping site-attachment-ip-connection {
+ container ip-connection {
+ container ipv4 {
+ if-feature ipv4;
+ leaf address-allocation-type {
+ type identityref {
+ base address-allocation-type;
+ }
+
+ default "static-address";
+ description
+ "Defines how addresses are allocated.
+ ";
+ }
+
+ leaf number-of-dynamic-address {
+ when
+ "../address-allocation-type = 'pe-dhcp'"
+ {
+ description
+ "Only applies when
+ protocol allocation type is static";
+ }
+ type uint8;
+ default 1;
+ description
+ "Describes the number of IP addresses the
+ customer requires";
+ }
+ container addresses {
+ when
+ "../address-allocation-type = 'static-address'" {
+ description
+ "Only applies when
+ protocol allocation type is static";
+ }
+ leaf provider-address {
+ type inet:ipv4-address;
+ description
+ "Provider side address.";
+ }
+ leaf customer-address {
+ type inet:ipv4-address;
+ description
+ "Customer side address.";
+ }
+ leaf mask {
+ type uint8 {
+ range "0..32";
+ }
+ description
+ "Subnet mask expressed
+ in bits";
+ }
+ description
+ "Describes IP addresses used";
+ }
+ description
+ "IPv4 specific parameters";
+
+ }
+ container ipv6 {
+ if-feature ipv6;
+ leaf address-allocation-type {
+ type identityref {
+ base address-allocation-type;
+ }
+ default "static-address";
+ description
+ "Defines how addresses are allocated.
+ ";
+ }
+ leaf number-of-dynamic-address {
+ when
+ "../address-allocation-type = 'pe-dhcp'" {
+ description
+ "Only applies when
+ protocol allocation type is static";
+ }
+ type uint8;
+ default 1;
+ description
+ "Describes the number of IP addresses the
+ customer requires";
+ }
+ container addresses {
+ when
+ "../address-allocation-type = 'static-address'" {
+ description
+ "Only applies when
+ protocol allocation type is static";
+ }
+ leaf provider-address {
+ type inet:ipv6-address;
+ description
+ "Provider side address.";
+ }
+ leaf customer-address {
+ type inet:ipv6-address;
+ description
+ "Customer side address.";
+ }
+ leaf mask {
+ type uint8 {
+ range "0..128";
+
+ }
+ description
+ "Subnet mask expressed
+ in bits";
+ }
+ description
+ "Describes IP addresses used";
+ }
+
+ description
+ "IPv6 specific parameters";
+
+ }
+ container oam {
+ container bfd {
+ if-feature bfd;
+ leaf bfd-enabled {
+ type boolean;
+ description
+ "BFD activation";
+ }
+
+ choice holdtime {
+ case profile {
+ leaf profile-name {
+ type string;
+ description
+ "Service provider well
+ known profile.";
+ }
+ description
+ "Service provider well
+ known profile.";
+ }
+ case fixed {
+ leaf fixed-value {
+ type uint32;
+ units msec;
+ description
+ "Expected holdtime
+ expressed
+ in msec.";
+ }
+ }
+ description
+ "Choice for holdtime flavor.";
+ }
+ description
+ "Container for BFD.";
+ }
+ description
+ "Define the OAM used on the connection.";
+ }
+ description
+ "Defines connection parameters.";
+ }
+ description
+ "This grouping defines IP connection parameters.";
+ }
+
+ grouping site-service-multicast {
+ container multicast {
+ if-feature multicast;
+ leaf multicast-site-type {
+ type enumeration {
+ enum receiver-only {
+ description
+ "The site has only receivers.";
+ }
+ enum source-only {
+ description
+ "The site has only sources.";
+ }
+ enum source-receiver {
+ description
+ "The site has both
+ sources & receivers.";
+ }
+ }
+ default "source-receiver";
+ description
+ "Type of multicast site.";
+ }
+ container multicast-transport-protocol {
+ leaf ipv4 {
+ if-feature ipv4;
+ type boolean;
+ default true;
+ description
+ "Enables ipv4 multicast transport";
+ }
+ leaf ipv6 {
+ if-feature ipv6;
+ type boolean;
+ default false;
+ description
+ "Enables ipv6 multicast transport";
+ }
+ description
+ "Defines protocol to transport multicast.";
+ }
+ leaf protocol-type {
+ type enumeration {
+ enum host {
+ description
+ "
+ Hosts are directly connected
+ to the provider network.
+ Host protocols like IGMP, MLD
+ are required.
+ ";
+ }
+ enum router {
+ description
+ "
+ Hosts are behind a customer router.
+ PIM will be implemented.
+ ";
+ }
+ enum both {
+ description
+ "Some Hosts are behind a customer
+ router and some others are directly
+ connected to the provider network.
+ Both host and routing protocols must be
+ used. Typically IGMP and PIM will be
+ implemented.
+ ";
+ }
+ }
+ default "both";
+ description
+ "Multicast protocol type to be used
+ with the customer site.";
+ }
+
+ description
+ "Multicast parameters for the site.";
+ }
+ description
+ "Multicast parameters for the site.";
+ }
+
+ grouping site-management {
+ container management {
+ leaf type {
+ type identityref {
+ base management;
+ }
+ description
+ "Management type of the connection.";
+ }
+ leaf management-transport {
+ type identityref {
+ base address-family;
+ }
+ description
+ "Transport protocol used for management.";
+ }
+ leaf address {
+ type inet:ip-address;
+ description
+ "Management address";
+ }
+
+ description
+ "Management configuration";
+ }
+ description
+ "Management parameters for the site.";
+ }
+
+ grouping site-vpn-flavor-profile {
+ leaf site-vpn-flavor {
+ type identityref {
+ base site-vpn-flavor;
+ }
+ default site-vpn-flavor-single;
+ description
+ "Defines if the site
+ is a single VPN site, or multiVPN or ...";
+ }
+ description
+ "Grouping for site-vpn-flavor.";
+ }
+
+ grouping site-vpn-policy {
+ container vpn-policy-list {
+ list vpn-policy {
+ key vpn-policy-id;
+
+ leaf vpn-policy-id {
+ type svc-id;
+ description
+ "Unique identifier for
+ the VPN policy.";
+ }
+
+ list entries {
+ key id;
+
+ leaf id {
+ type svc-id;
+ description
+ "Unique identifier for
+ the policy entry.";
+ }
+ container filter {
+ choice lan {
+ case lan-prefix {
+ container lan-prefixes {
+ list ipv4-lan-prefixes {
+ if-feature ipv4;
+ key lan;
+
+ leaf lan {
+ type inet:ipv4-prefix;
+ description
+ "Lan prefixes.";
+ }
+ description "
+ List of LAN prefixes
+ for the site.
+ ";
+ }
+ list ipv6-lan-prefixes {
+ if-feature ipv6;
+ key lan;
+
+ leaf lan {
+ type inet:ipv6-prefix;
+ description
+ "Lan prefixes.";
+ }
+ description "
+ List of LAN prefixes
+ for the site.
+ ";
+ }
+ description
+ "LAN prefixes from the customer.";
+ }
+ }
+ case lan-tag {
+ leaf-list lan-tag {
+ type string;
+ description
+ "List of lan-tags to be matched.";
+ }
+ }
+ description
+ "Choice for LAN matching type";
+ }
+ description
+ "If used, it permit to split site LANs
+ among multiple VPNs.
+ If no filter used, all the LANs will be
+ part of the same VPNs with the same
+ role.";
+ }
+ container vpn {
+ leaf vpn-id {
+ type leafref {
+ path "/l3vpn-svc/vpn-services/vpn-svc/vpn-id";
+ }
+ mandatory true;
+ description
+ "Reference to an IPVPN.";
+ }
+ leaf site-role {
+ type identityref {
+ base site-role;
+ }
+ mandatory true;
+ description
+ "Role of the site in the IPVPN.";
+ }
+ description
+ "List of VPNs the LAN is associated to.";
+ }
+ description
+ "List of entries for export policy.";
+ }
+ description
+ "List of VPN policies.";
+ }
+ description
+ "VPN policy.";
+ }
+ description
+ "VPN policy parameters for the site.";
+ }
+
+ grouping site-maximum-routes {
+ container maximum-routes {
+ list address-family {
+ key af;
+
+ leaf af {
+ type identityref {
+ base address-family;
+ }
+ description
+ "Address-family.";
+ }
+ leaf maximum-routes {
+ type uint32;
+ description
+ "Maximum prefixes the VRF can
+ accept for this
+ address-family.";
+ }
+ description
+ "List of address families.";
+ }
+
+ description
+ "Define maximum-routes for the VRF.";
+ }
+ description
+ "Define maximum-routes for the site.";
+ }
+
+ grouping site-security {
+ container security {
+ uses site-security-authentication;
+ uses site-security-encryption;
+
+ description
+ "Site specific security parameters.";
+ }
+ description
+ "Grouping for security parameters.";
+ }
+
+ grouping site-service {
+ container service {
+ uses site-service-basic;
+ uses site-service-qos-profile;
+ uses site-service-mpls;
+ uses site-service-multicast;
+
+ description
+ "Service parameters on the attachement.";
+ }
+ description
+ "Grouping for service parameters.";
+ }
+
+ grouping transport-constraint-profile {
+ list constraint-list {
+ key constraint-type;
+
+ leaf constraint-type {
+ type identityref {
+ base transport-constraint;
+ }
+ description
+ "Constraint type to be applied.";
+ }
+ leaf constraint-opaque-value {
+ type string;
+ description
+ "Opaque value that can be used to
+ specify constraint parameters.";
+ }
+ description
+ "List of constraints";
+ }
+ description
+ "Grouping for transport constraint.";
+ }
+
+ grouping transport-constraints {
+ container transport-constraints {
+ if-feature traffic-engineering;
+ container unicast-transport-constraints {
+ list constraint {
+ key constraint-id;
+
+ leaf constraint-id {
+ type svc-id;
+ description
+ "Defines an ID for the constraint
+ rule.";
+ }
+
+ leaf site1 {
+ type svc-id;
+ description
+ "The ID refers to one site end.";
+ }
+ leaf site2 {
+ type svc-id;
+ description
+ "The ID refers to the other
+ site end.";
+ }
+ uses transport-constraint-profile;
+ description
+ "List of constraints.
+ Constraints are bidirectional.";
+ }
+ description
+ "Unicast transport constraints.";
+ }
+ container multicast-transport-constraints {
+ if-feature traffic-engineering-multicast;
+ list constraint {
+ key constraint-id;
+
+ leaf constraint-id {
+ type svc-id;
+ description
+ "Defines an ID for the constraint
+ rule.";
+ }
+
+ leaf src-site {
+ type svc-id;
+ description
+ "The ID refers to source site.";
+ }
+ leaf dst-site {
+ type svc-id;
+ description
+ "The ID refers to the receiver
+ site.";
+ }
+ uses transport-constraint-profile;
+ description
+ "List of constraints.
+ Constraints are unidirectional.";
+ }
+ description
+ "Multicast transport constraints.";
+ }
+ description
+ "transport constraints.";
+ }
+ description
+ "Grouping for transport constraints
+ description.";
+ }
+
+ grouping vpn-extranet {
+ container extranet-vpns {
+ if-feature extranet-vpn;
+ list extranet-vpn {
+ key vpn-id;
+
+ leaf vpn-id {
+ type svc-id;
+ description
+ "Identifies the target VPN";
+ }
+ leaf local-sites-role {
+ type identityref {
+ base site-role;
+ }
+ description
+ "This describes the role of the
+ local sites in the target VPN topology.";
+ }
+ description
+ "List of extranet VPNs the local
+ VPN is attached to.";
+ }
+ description
+ "Container for extranet vpn cfg.";
+ }
+ description
+ "grouping for extranet VPN configuration.
+ Extranet provides a way to interconnect all sites
+ from two VPNs in a easy way.";
+ }
+
+ grouping site-attachment-availability {
+ container availability {
+ leaf access-priority {
+ type uint32;
+ default 1;
+ description
+ "Defines the priority for the access.
+ The highest the priority value is,
+ the highest the
+ preference of the access is.";
+ }
+ description
+ "Availability parameters
+ (used for multihoming)";
+ }
+ description
+ "Defines site availability parameters.";
+ }
+
+ grouping access-vpn-policy {
+ container vpn-attachment {
+ choice attachment-flavor {
+ case vpn-policy-id {
+ leaf vpn-policy-id {
+ type leafref {
+ path "/l3vpn-svc/sites/site/"+
+ "vpn-policy-list/vpn-policy/"+
+ "vpn-policy-id";
+ }
+ description
+ "Reference to a VPN policy.";
+ }
+ }
+ case vpn-id {
+ leaf vpn-id {
+ type leafref {
+ path "/l3vpn-svc/vpn-services"+
+ "/vpn-svc/vpn-id";
+ }
+ description
+ "Reference to a VPN.";
+ }
+ leaf site-role {
+ type identityref {
+ base site-role;
+ }
+ mandatory true;
+ description
+ "Role of the site in the IPVPN.";
+ }
+ }
+ mandatory true;
+ description
+ "Choice for VPN attachment flavor.";
+ }
+ description
+ "Defines VPN attachment of a site.";
+ }
+ description
+ "Defines the VPN attachment rules
+ for a site logical access.";
+ }
+
+ grouping vpn-svc-cfg {
+ leaf vpn-id {
+ type svc-id;
+ description
+ "VPN identifier. Local administration meaning.";
+ }
+ leaf customer-name {
+ type string;
+ description
+ "Name of the customer.";
+ }
+ leaf topology {
+ type identityref {
+ base vpn-topology;
+ }
+ default "any-to-any";
+ description
+ "VPN topology.";
+ }
+
+ uses vpn-service-cloud-access;
+ uses vpn-service-multicast;
+ uses vpn-service-mpls;
+ uses transport-constraints;
+ uses vpn-extranet;
+
+ description
+ "grouping for vpn-svc configuration.";
+ }
+
+ grouping site-top-level-cfg {
+ uses operational-requirements;
+ uses customer-location-info;
+ uses site-diversity;
+ uses site-management;
+ uses site-vpn-policy;
+ uses site-vpn-flavor-profile;
+ uses site-maximum-routes;
+ uses site-security;
+ uses site-service;
+ uses site-protection;
+ uses site-routing;
+
+ description
+ "Grouping for site top level cfg.";
+ }
+
+ grouping site-network-access-top-level-cfg {
+ leaf site-network-access-type {
+ type identityref {
+ base site-network-access-type;
+ }
+ default "point-to-point";
+ description
+ "Describes the type of connection, e.g. :
+ point-to-point or multipoint";
+ }
+ uses access-diversity;
+ uses site-attachment-bearer;
+ uses site-attachment-ip-connection;
+ uses site-security;
+ uses site-service;
+ uses site-routing;
+ uses site-attachment-availability;
+ uses access-vpn-policy;
+
+ description
+ "Grouping for site network access
+ top level cfg.";
+ }
+
+ /* Main blocks */
+
+ container l3vpn-svc {
+ container vpn-services {
+ list vpn-svc {
+ key vpn-id;
+
+ uses vpn-svc-cfg;
+
+ description "
+ List of VPN services.
+
+ ";
+ }
+ description
+ "top level container
+ for the VPN services.";
+ }
+
+ container sites {
+ list site {
+ key site-id;
+
+ leaf site-id {
+ type svc-id;
+ description
+ "Identifier of the site.";
+ }
+
+ uses site-top-level-cfg;
+ uses operational-requirements-ops;
+
+ container site-network-accesses {
+ list site-network-access {
+ key site-network-access-id;
+
+ leaf site-network-access-id {
+ type svc-id;
+ description
+ "Identifier for the access";
+ }
+ uses site-network-access-top-level-cfg;
+
+ description
+ "List of accesses for a site.";
+ }
+ description
+ "List of accesses for a site.";
+ }
+
+ description "List of sites.";
+ }
+ description
+ "Container for sites";
+ }
+
+ description
+ "Main container for L3VPN service configuration.";
+ }
+}
\ No newline at end of file