Gitiles
Code Review Sign In
gerrit.onosproject.org / onos / 2e4a6d4f9c9f22c4bb189987512073f378f89c6c / . / models / openconfig / src / main / yang / system / openconfig-aaa-radius.yang
blob: e0ad1dd2e2d77907bd748a6426ba642a6c61625a [file] [log] [blame]
Thomas Vachuska8ca75a22017-08-24 16:12:59 -0700[diff] [blame]1submodule openconfig-aaa-radius {
2
3 yang-version "1";
4
5 belongs-to "openconfig-aaa" {
6 prefix "oc-aaa";
7 }
8
9 // import some basic types
10 import ietf-inet-types { prefix inet; }
11 import openconfig-extensions { prefix oc-ext; }
12 import openconfig-aaa-types { prefix oc-aaa-types; }
13 import openconfig-types { prefix oc-types; }
14 import openconfig-yang-types { prefix oc-yang; }
15
16
17 // meta
18 organization "OpenConfig working group";
19
20 contact
21 "OpenConfig working group
22 www.openconfig.net";
23
24 description
25 "This module defines configuration and operational state data
26 related to the RADIUS protocol for authentication,
27 authorization, and accounting.";
28
29 oc-ext:openconfig-version "0.2.0";
30
31 revision "2017-07-06" {
32 description
33 "Move to oc-inet types, add IETF attribution, add RADIUS
34 counters, changed password leaf names to indicate hashed";
35 reference "0.2.0";
36 }
37
38 revision "2017-01-29" {
39 description
40 "Initial public release";
41 reference "0.1.0";
42 }
43
44 // extension statements
45
46 // feature statements
47
48 // identity statements
49
50 identity RADIUS {
51 base oc-aaa-types:AAA_SERVER_TYPE;
52 description
53 "Remote Authentication Dial In User Service (RADIUS) AAA
54 server";
55 reference
56 "RFC 2865 - Remote Authentication Dial In User Service
57 (RADIUS)";
58 }
59
60 // typedef statements
61
62 // grouping statements
63
64 grouping aaa-radius-server-config {
65 description
66 "Configuration data for a RADIUS server";
67
68 leaf auth-port {
69 type inet:port-number;
70 default 1812;
71 description
72 "Port number for authentication requests";
73 }
74
75 leaf acct-port {
76 type inet:port-number;
77 default 1813;
78 description
79 "Port number for accounting requests";
80 }
81
82 leaf secret-key {
83 type oc-types:routing-password;
84 description
85 "The unencrypted shared key used between the authentication
86 server and the device.";
87 }
88
89 leaf source-address {
90 type inet:ip-address;
91 description
92 "Source IP address to use in messages to the RADIUS server";
93 }
94
95 leaf retransmit-attempts {
96 type uint8;
97 description
98 "Number of times the system may resend a request to the
99 RADIUS server when it is unresponsive";
100 }
101 }
102
103 grouping aaa-radius-server-state {
104 description
105 "Operational state data for a RADIUS server";
106
107 container counters {
108 description
109 "A collection of RADIUS related state objects.";
110
111 leaf retried-access-requests {
112 type oc-yang:counter64;
113 description
114 "Retransmitted Access-Request messages.";
115 }
116
117 leaf access-accepts {
118 type oc-yang:counter64;
119 description
120 "Received Access-Accept messages.";
121 }
122
123 leaf access-rejects {
124 type oc-yang:counter64;
125 description
126 "Received Access-Reject messages.";
127 }
128
129 leaf timeout-access-requests {
130 type oc-yang:counter64;
131 description
132 "Access-Request messages that have timed-out,
133 requiring retransmission.";
134 }
135 }
136 }
137
138 grouping aaa-radius-server-top {
139 description
140 "Top-level grouping for RADIUS server data";
141
142 container radius {
143 description
144 "Top-level container for RADIUS server data";
145
146 container config {
147 description
148 "Configuration data for RADIUS servers";
149
150 uses aaa-radius-server-config;
151 }
152
153 container state {
154
155 config false;
156
157 description
158 "Operational state data for RADIUS servers";
159
160 uses aaa-radius-server-config;
161 uses aaa-radius-server-state;
162 }
163 }
164 }
165
166 // data definition statements
167
168 // augment statements
169
170 // rpc statements
171
172 // notification statements
173
174}