Gitiles
Code Review Sign In
gerrit.onosproject.org / onos / 6655bee7988213b1ea9b4411c3e6979797e902f0 / . / models / openconfig / src / main / yang / policy-forwarding / openconfig-pf-forwarding-policies.yang
blob: 48e9b19f5b00fd5ff738abf9819e7c6ce5808a1b [file] [log] [blame]
Thomas Vachuska6655bee2017-08-24 16:12:59 -0700[diff] [blame^]1submodule openconfig-pf-forwarding-policies {
2 belongs-to openconfig-policy-forwarding {
3 prefix "oc-pf";
4 }
5
6 import openconfig-extensions { prefix "oc-ext"; }
7 import openconfig-packet-match { prefix "oc-pmatch"; }
8 import ietf-yang-types { prefix "yang"; }
9 import ietf-inet-types { prefix "inet"; }
10
11 include openconfig-pf-path-groups;
12
13 organization
14 "OpenConfig working group";
15
16 contact
17 "OpenConfig working group
18 www.openconfig.net";
19
20 description
21 "This submodule contains configuration and operational state
22 relating to the definition of policy-forwarding policies.";
23
24 oc-ext:openconfig-version "0.2.0";
25
26 revision "2017-06-21" {
27 description
28 "Amend policy forwarding model based on ACL changes.";
29 reference "0.2.0";
30 }
31
32 revision "2017-02-28" {
33 description
34 "Initial public release of policy forwarding.";
35 reference "0.1.0";
36 }
37
38 revision "2016-11-08" {
39 description
40 "Initial revision";
41 reference "0.0.1";
42 }
43
44 grouping pf-forwarding-policy-structural {
45 description
46 "Structural grouping defining forwarding policies under the
47 policy- forwarding module.";
48
49 container policies {
50 description
51 "Forwarding policies defined to enact policy-based forwarding
52 on the local system.";
53
54 list policy {
55 key "policy-id";
56
57 description
58 "A forwarding policy is defined to have a set of match
59 criteria, allowing particular fields of a packet's header to
60 be matched, and a set of forwarding actions which determines
61 how the local system should forward the packet.";
62
63 leaf policy-id {
64 type leafref {
65 path "../config/policy-id";
66 }
67 description
68 "Reference to the identifier for the forwarding-policy.";
69 }
70
71 container config {
72 description
73 "Configuration options relating to the forwarding
74 policy.";
75 uses pf-forwarding-policy-config;
76 }
77
78 container state {
79 config false;
80 description
81 "Operational state parameters relating to the forwarding
82 policy.";
83 uses pf-forwarding-policy-config;
84 }
85
86 container rules {
87 description
88 "The criteria that should be matched for a packet to be
89 forwarded according to the policy action.";
90
91 list rule {
92 key "sequence-id";
93
94 description
95 "A match rule for the policy. In the case that multiple
96 criteria are specified within a single ";
97
98 leaf sequence-id {
99 type leafref {
100 path "../config/sequence-id";
101 }
102 description
103 "A unique sequence identifier for the match rule.";
104 }
105
106 container config {
107 description
108 "Configuration parameters relating to the match
109 rule.";
110 uses pf-forwarding-policy-rule-config;
111 }
112
113 container state {
114 config false;
115 description
116 "Operational state parameters relating to the match
117 rule.";
118 uses pf-forwarding-policy-rule-config;
119 uses pf-forwarding-policy-rule-state;
120 }
121
122 uses oc-pmatch:ethernet-header-top;
123 uses oc-pmatch:ipv4-protocol-fields-top;
124 uses oc-pmatch:ipv6-protocol-fields-top;
125 uses oc-pmatch:transport-fields-top;
126
127 container action {
128 description
129 "The forwarding policy action to be applied for
130 packets matching the rule.";
131
132 container config {
133 description
134 "Configuration parameters relating to the forwarding
135 rule's action.";
136 uses pf-forwarding-policy-action-config;
137 }
138
139 container state {
140 config false;
141 description
142 "Operational state parameters relating to the
143 forwarding rule's action.";
144 uses pf-forwarding-policy-action-config;
145 }
146
147 }
148 }
149 }
150 }
151 }
152 }
153
154 grouping pf-forwarding-policy-config {
155 description
156 "Configuration parameters relating to the forwarding policy.";
157
158 leaf policy-id {
159 type string;
160 description
161 "A unique name identifying the forwarding policy. This name is
162 used when applying the policy to a particular interface.";
163 }
164 }
165
166 grouping pf-forwarding-policy-rule-config {
167 description
168 "Configuration parameters relating to a policy rule.";
169
170 leaf sequence-id {
171 type uint32;
172 description
173 "Unique sequence number for the policy rule.";
174 }
175 }
176
177 grouping pf-forwarding-policy-rule-state {
178 description
179 "Operational state parameters relating to a policy rule.";
180
181 leaf matched-pkts {
182 type yang:counter64;
183 description
184 "Number of packets matched by the rule.";
185 }
186
187 leaf matched-octets {
188 type yang:counter64;
189 description
190 "Bytes matched by the rule.";
191 }
192 }
193
194 grouping pf-forwarding-policy-action-config {
195 description
196 "Forwarding policy action configuration parameters.";
197
198 leaf discard {
199 type boolean;
200 default false;
201 description
202 "When this leaf is set to true, the local system should drop
203 packets that match the rule.";
204 }
205
206 leaf decapsulate-gre {
207 type boolean;
208 default false;
209 description
210 "When this leaf is set to true, the local system should remove
211 the GRE header from the packet matching the rule. Following
212 the decapsulation it should subsequently forward the
213 encapsulated packet according to the relevant lookup (e.g., if
214 the encapsulated packet is IP, the packet should be routed
215 according to the IP destination).";
216 }
217
218 leaf network-instance {
219 type leafref {
220
221 // We are at:
222 // $NIROOT/policy-forwarding/policies/
223 // policy/rules/rule/action/config/
224 // network-instance
225 path "../../../../../../../../config/name";
226 }
227 description
228 "When this leaf is set, packets matching the match criteria
229 for the forwarding rule should be looked up in the
230 network-instance that is referenced rather than the
231 network-instance with which the interface is associated.
232 Such configuration allows policy-routing into multiple
233 sub-topologies from a single ingress access interface, or
234 different send and receive contexts for a particular
235 interface (sometimes referred to as half-duplex VRF).";
236 }
237
238 leaf path-selection-group {
239 type leafref {
240 // We are at:
241 // $NIROOT/policy-forwarding/policies/
242 // policy/rules/rule/action/config/to-path-group
243 path "../../../../../../../path-selection-groups/" +
244 "path-selection-group/config/group-id";
245 }
246 description
247 "When path-selection-group is set, packets matching the
248 match criteria for the forwarding rule should be forwarded
249 only via one of the paths that is specified within the
250 referenced path-selection-group. The next-hop of the packet
251 within the routing context should be used to determine between
252 multiple paths that are specified within the group.";
253 }
254
255 leaf next-hop {
256 type inet:ip-address-no-zone;
257 description
258 "When an IP next-hop is specified in the next-hop field,
259 packets matching the match criteria for the forwarding rule
260 should be forwarded to the next-hop IP address, bypassing any
261 lookup on the local system.";
262 }
263 }
264}