blob: dbd60dc36bcfe446e741ae253c77d4e9a9e4d709 [file] [log] [blame]
Brian O'Connor98c5bec2017-08-14 19:23:54 -07001module ietf-l3vpn-svc {
2
3 namespace "urn:ietf:params:xml:ns:yang:ietf-l3vpn-svc";
4
5 prefix l3vpn-svc;
6
7 import ietf-inet-types {
8 prefix inet;
9 }
10
11 import ietf-yang-types {
12 prefix yang;
13 }
14
15 organization
16 "IETF L3SM Working Group";
17
18 contact
19 "WG List: <mailto:l3sm@ietf.org>
20
21 Editor:
22
23 ";
24
25 description
26 "The YANG module defines a generic service configuration
27 model for Layer 3 VPN common across all of the vendor
28 implementations.";
29
30 revision 2016-07-30 {
31 description
32 "Eliminated warnings";
33 reference
34 "draft-ietf-l3sm-l3vpn-service-yang-11";
35 }
36
37 revision 2016-07-05 {
38 description
39 "Draft text update";
40 reference
41 "draft-ietf-l3sm-l3vpn-service-yang-11";
42 }
43 revision 2016-06-27 {
44 description
45 "
46 * Removed templates
47 * Add site-network-access-type
48 * Add a leaf number-of-dynamic-address in case
49 of pe-dhcp addressing;
50
51 ";
52 reference "draft-ietf-l3sm-l3vpn-service-yang-10";
53 }
54 revision 2016-06-10 {
55 description
56 "Add site-vpn-flavor NNI";
57 reference "draft-ietf-l3sm-l3vpn-service-yang-09";
58 }
59 revision 2016-06-09 {
60 description
61 "Traffic protection moved to site level.
62 Decouple operational-requirements in two containers.
63 ";
64 reference "draft-ietf-l3sm-l3vpn-service-yang-08";
65 }
66 revision 2016-06-06 {
67 description
68 "Set config false to actual-site-start and stop
69 Add a container before cloud-access list
70 Add a container before authorized-sites list
71 Add a container before denied-sites list
72 Modified access-diversity modeling
73 Replacing type placement diversity by an identity";
74 reference "draft-ietf-l3sm-l3vpn-service-yang-07";
75 }
76 revision 2016-04-19 {
77 description
78 "* remove reference to core routing model :
79 created new address family identities
80 * added features
81 * Modified bearer parameters
82 * Modified union for ipv4/ipv6 addresses to ip-address
83 type
84 * Add BSR parameters for multicast
85 * Add applications matching for QoS classification
86 ";
87 reference "draft-ietf-l3sm-l3vpn-service-yang-06";
88 }
89 revision 2016-04-05 {
90 description
91 "
92 * Added linecard diverse for site diversity
93 * Added a new diversity enum in placement-diversity : none
94 * Added state to site location
95
96 ";
97 reference "";
98 }
99 revision 2016-03-11 {
100 description
101 "
102 * Modify VPN policy and creating a vpn-policy-list
103 * Add VPN policy reference and VPN ID reference
104 under site-network-access
105 ";
106 reference "draft-ietf-l3sm-l3vpn-service-yang-05";
107 }
108 revision 2016-01-04 {
109 description
110 "
111 * Add extranet-vpn container in vpn-svc
112 * Creating top level containers
113 * Refine groupings
114 * Added site-vpn-flavor
115 ";
116 reference "draft-ietf-l3sm-l3vpn-service-yang-03";
117 }
118 revision 2016-01-04 {
119 description
120 "
121 * qos-profile moved to choice
122 * vpn leaf moved to vpn-id in vpn-policy
123 * added ordered-by user to qos classification list
124 * moved traffic protection to access availability
125 * creating a choice in matching filter for VPN policy
126 * added dot1p matching field in flow-definition
127 ";
128 reference "";
129 }
130 revision 2015-12-07 {
131 description
132 "
133 * A site is now a collection of site-accesses.
134 This was introduced to support M to N availability.
135 * Site-availability has been removed, replaced by
136 availability parameters under site-accesses
137 * Added transport-constraints within vpn-svc
138 ";
139 reference "draft-ietf-l3sm-l3vpn-service-yang-02";
140 }
141 revision 2015-11-03 {
142 description "
143 * Add ToS support in match-flow
144 * nexthop in cascaded lan as mandatory
145 * customer-specific-info deleted and moved to routing
146 protocols
147 * customer-lan-connection modified : need prefix and CE address
148 * add choice in managing PE-CE addressing
149 * Simplifying traffic protection
150 ";
151 reference "";
152 }
153 revision 2015-09-10 {
154 description "
155 * Refine groupings for vpn-svc
156 * Removed name in vpn-svc
157 * id in vpn-svc moved to string
158 * Rename id in vpn-svc to vpn-id
159 * Changed key of vpn-svc list to vpn-id
160 * Add DSCP support in flow definition
161 ";
162 reference "";
163 }
164 revision 2015-08-07 {
165 description
166 "
167 Multicast :
168 * Removed ACL from security
169 * Add FW for site and cloud access
170 ";
171 reference "";
172 }
173 revision 2015-08-05 {
174 description
175 "
176 Multicast :
177 * Removed anycast-rp identity as discovery mechanism
178 * Added rp-group mappings for multicast
179 * Added flag for provider managed RP.
180 ";
181 reference "";
182 }
183 revision 2015-08-03 {
184 description
185 " * Creating multiple reusable groupings
186 * Added mpls leaf in vpn-svc for carrier's carrier case
187 * Modify identity single to single-site
188 * Modify site-type to site-role and also child identities.
189 * Creating OAM container under site and moved BFD in.
190 * Creating flow-definition grouping to be reused
191 in ACL, QoS ...
192 * Simplified VPN policy.
193 * Adding multicast static group to RP mappings.
194 * Removed native-vpn and site-role from global site
195 cfg, now managed within the VPN policy.
196 * Creating a separate list for site templates.
197 ";
198 reference "draft-ietf-l3sm-l3vpn-service-yang-01";
199 }
200 revision 2015-07-02 {
201 reference "draft-ietf-l3sm-l3vpn-service-yang-00";
202 }
203 revision 2015-04-24 {
204 description "
205 * Add encryption parameters
206 * Adding holdtime for BFD.
207 * Add postal address in location
208 ";
209 reference "draft-lstd-l3sm-l3vpn-service-yang-00";
210 }
211 revision 2015-02-05 {
212 description "Initial revision.";
213 reference "draft-l3vpn-service-yang-00";
214 }
215
216 /* Features */
217
218 feature cloud-access {
219 description
220 "Allow VPN to connect to a Cloud Service
221 provider.";
222 }
223 feature multicast {
224 description
225 "Enables multicast capabilities in a VPN";
226 }
227 feature ipv4 {
228 description
229 "Enables IPv4 support in a VPN";
230 }
231 feature ipv6 {
232 description
233 "Enables IPv6 support in a VPN";
234 }
235 feature carrierscarrier {
236 description
237 "Enables support of carrier's carrier";
238 }
239 feature traffic-engineering {
240 description
241 "Enables support of transport constraint.";
242 }
243 feature traffic-engineering-multicast {
244 description
245 "Enables support of transport constraint
246 for multicast.";
247 }
248 feature extranet-vpn {
249 description
250 "Enables support of extranet VPNs";
251 }
252 feature site-diversity {
253 description
254 "Enables support of site diversity constraints";
255 }
256 feature encryption {
257 description
258 "Enables support of encryption";
259 }
260 feature qos {
261 description
262 "Enables support of Class of Services";
263 }
264 feature qos-custom {
265 description
266 "Enables support of custom qos profile";
267 }
268 feature rtg-bgp {
269 description
270 "Enables support of BGP routing protocol.";
271 }
272 feature rtg-rip {
273 description
274 "Enables support of RIP routing protocol.";
275 }
276 feature rtg-ospf {
277 description
278 "Enables support of OSPF routing protocol.";
279 }
280 feature rtg-ospf-sham-link {
281 description
282 "Enables support of OSPF sham-links.";
283 }
284 feature rtg-vrrp {
285 description
286 "Enables support of VRRP routing protocol.";
287 }
288 feature fast-reroute {
289 description
290 "Enables support of Fast Reroute.";
291 }
292 feature bfd {
293 description
294 "Enables support of BFD.";
295 }
296 feature always-on {
297 description
298 "Enables support for always-on access
299 constraint.";
300 }
301 feature requested-type {
302 description
303 "Enables support for requested-type access
304 constraint.";
305 }
306 feature bearer-reference {
307 description
308 "Enables support for bearer-reference access
309 constraint.";
310 }
311
312 /* Typedefs */
313
314 typedef svc-id {
315 type string;
316 description
317 "Defining a type of service component
318 identificators.";
319 }
320
321 typedef template-id {
322 type string;
323 description
324 "Defining a type of service template
325 identificators.";
326 }
327
328 /* Identities */
329
330 identity site-network-access-type {
331 description
332 "Base identity for site-network-access type";
333 }
334 identity point-to-point {
335 base site-network-access-type;
336 description
337 "Identity for point-to-point connection";
338 }
339 identity multipoint {
340 base site-network-access-type;
341 description
342 "Identity for multipoint connection
343 Example : ethernet broadcast segment";
344 }
345 identity placement-diversity {
346 description
347 "Base identity for site placement
348 constraints";
349 }
350 identity pe-diverse {
351 base placement-diversity;
352 description
353 "Identity for PE diversity";
354 }
355 identity pop-diverse {
356 base placement-diversity;
357 description
358 "Identity for POP diversity";
359 }
360 identity linecard-diverse {
361 base placement-diversity;
362 description
363 "Identity for linecard diversity";
364 }
365 identity same-pe {
366 base placement-diversity;
367 description
368 "Identity for having sites connected
369 on the same PE";
370 }
371 identity same-bearer {
372 base placement-diversity;
373 description
374 "Identity for having sites connected
375 using the same bearer";
376 }
377 identity customer-application {
378 description
379 "Base identity for customer application";
380 }
381 identity web {
382 base customer-application;
383 description
384 "Identity for web application (e.g. HTTP,HTTPS)";
385 }
386 identity mail {
387 base customer-application;
388 description
389 "Identity for mail applications";
390 }
391 identity file-transfer {
392 base customer-application;
393 description
394 "Identity for file transfer applications (
395 e.g. FTP, SFTP, ...)";
396 }
397 identity database {
398 base customer-application;
399 description
400 "Identity for database applications";
401 }
402 identity social {
403 base customer-application;
404 description
405 "Identity for social network applications";
406 }
407 identity games {
408 base customer-application;
409 description
410 "Identity for gaming applications";
411 }
412 identity p2p {
413 base customer-application;
414 description
415 "Identity for peer to peer applications";
416 }
417 identity network-management {
418 base customer-application;
419 description
420 "Identity for management applications (e.g. telnet
421 syslog, snmp ...)";
422 }
423 identity voice {
424 base customer-application;
425 description
426 "Identity for voice applications";
427 }
428 identity video {
429 base customer-application;
430 description
431 "Identity for video conference applications";
432 }
433 identity address-family {
434 description
435 "Base identity for an address family.";
436 }
437 identity ipv4 {
438 base address-family;
439 description
440 "Identity for IPv4 address family.";
441 }
442 identity ipv6 {
443 base address-family;
444 description
445 "Identity for IPv6 address family.";
446 }
447 identity site-vpn-flavor {
448 description
449 "Base identity for the site VPN service flavor.";
450 }
451 identity site-vpn-flavor-single {
452 base site-vpn-flavor;
453 description
454 "Base identity for the site VPN service flavor.
455 Used when the site belongs to only one VPN.";
456 }
457 identity site-vpn-flavor-multi {
458 base site-vpn-flavor;
459 description
460 "Base identity for the site VPN service flavor.
461 Used when a logical connection of a site
462 belongs to multiple VPNs.";
463 }
464 identity site-vpn-flavor-sub {
465 base site-vpn-flavor;
466 description
467 "Base identity for the site VPN service flavor.
468 Used when a site has multiple logical connections.
469 Each of the connection may belong to different
470 multiple VPNs.";
471 }
472 identity site-vpn-flavor-nni {
473 base site-vpn-flavor;
474 description
475 "Base identity for the site VPN service flavor.
476 Used to describe a NNI option A connection.";
477 }
478 identity transport-constraint {
479 description
480 "Base identity for transport constraint.";
481 }
482 identity tc-latency {
483 base transport-constraint;
484 description
485 "Base identity for transport constraint
486 based on latency.";
487 }
488 identity tc-jitter {
489 base transport-constraint;
490 description
491 "Base identity for transport constraint
492 based on jitter.";
493 }
494 identity tc-bandwidth {
495 base transport-constraint;
496 description
497 "Base identity for transport constraint
498 based on bandwidth.";
499 }
500 identity tc-path-diversity {
501 base transport-constraint;
502 description
503 "Base identity for transport constraint
504 based on path diversity.";
505 }
506 identity tc-site-diversity {
507 base transport-constraint;
508 description
509 "Base identity for transport constraint
510 based on site diversity.";
511 }
512 identity management {
513 description
514 "Base identity for site management scheme.";
515 }
516 identity co-managed {
517 base management;
518 description
519 "Base identity for comanaged site.";
520 }
521 identity customer-managed {
522 base management;
523 description
524 "Base identity for customer managed site.";
525 }
526 identity provider-managed {
527 base management;
528 description
529 "Base identity for provider managed site.";
530 }
531 identity address-allocation-type {
532 description
533 "Base identity for address-allocation-type
534 for PE-CE link.";
535 }
536 identity pe-dhcp {
537 base address-allocation-type;
538 description
539 "PE router provides DHCP service to CE.";
540 }
541 identity static-address {
542 base address-allocation-type;
543 description
544 "PE-CE addressing is static.";
545 }
546 identity slaac {
547 base address-allocation-type;
548 description
549 "Use IPv6 SLAAC.";
550 }
551 identity site-role {
552 description
553 "Base identity for site type.";
554 }
555 identity any-to-any-role {
556 base site-role;
557 description
558 "Site in a any to any IPVPN.";
559 }
560 identity spoke-role {
561 base site-role;
562 description
563 "Spoke Site in a Hub & Spoke IPVPN.";
564 }
565 identity hub-role {
566 base site-role;
567 description
568 "Hub Site in a Hub & Spoke IPVPN.";
569 }
570 identity vpn-topology {
571 description
572 "Base identity for VPN topology.";
573 }
574 identity any-to-any {
575 base vpn-topology;
576 description
577 "Identity for any to any VPN topology.";
578 }
579 identity hub-spoke {
580 base vpn-topology;
581 description
582 "Identity for Hub'n'Spoke VPN topology.";
583 }
584 identity hub-spoke-disjoint {
585 base vpn-topology;
586 description
587 "Identity for Hub'n'Spoke VPN topology
588 where Hubs cannot talk between each other.";
589 }
590 identity multicast-tree-type {
591 description
592 "Base identity for multicast tree type.";
593 }
594 identity ssm-tree-type {
595 base multicast-tree-type;
596 description
597 "Identity for SSM tree type.";
598 }
599 identity asm-tree-type {
600 base multicast-tree-type;
601 description
602 "Identity for ASM tree type.";
603 }
604 identity bidir-tree-type {
605 base multicast-tree-type;
606 description
607 "Identity for BiDir tree type.";
608 }
609 identity multicast-rp-discovery-type {
610 description
611 "Base identity for rp discovery type.";
612 }
613 identity auto-rp {
614 base multicast-rp-discovery-type;
615 description
616 "Base identity for auto-rp discovery type.";
617 }
618 identity static-rp {
619 base multicast-rp-discovery-type;
620 description
621 "Base identity for static type.";
622 }
623 identity bsr-rp {
624 base multicast-rp-discovery-type;
625 description
626 "Base identity for BDR discovery type.";
627 }
628 identity routing-protocol-type {
629 description
630 "Base identity for routing-protocol type.";
631 }
632 identity ospf {
633 base routing-protocol-type;
634 description
635 "Identity for OSPF protocol type.";
636 }
637 identity bgp {
638 base routing-protocol-type;
639 description
640 "Identity for BGP protocol type.";
641 }
642 identity static {
643 base routing-protocol-type;
644 description
645 "Identity for static routing protocol type.";
646 }
647 identity rip {
648 base routing-protocol-type;
649 description
650 "Identity for RIP protocol type.";
651 }
652 identity rip-ng {
653 base routing-protocol-type;
654 description
655 "Identity for RIPng protocol type.";
656 }
657 identity vrrp {
658 base routing-protocol-type;
659 description
660 "Identity for VRRP protocol type.
661 This is to be used when LAn are directly connected
662 to provider Edge routers.";
663 }
664 identity direct {
665 base routing-protocol-type;
666 description
667 "Identity for direct protocol type.
668 .";
669 }
670 identity protocol-type {
671 description
672 "Base identity for protocol field type.";
673 }
674 identity tcp {
675 base protocol-type;
676 description
677 "TCP protocol type.";
678 }
679 identity udp {
680 base protocol-type;
681 description
682 "UDP protocol type.";
683 }
684 identity icmp {
685 base protocol-type;
686 description
687 "icmp protocol type.";
688 }
689 identity icmp6 {
690 base protocol-type;
691 description
692 "icmp v6 protocol type.";
693 }
694 identity gre {
695 base protocol-type;
696 description
697 "GRE protocol type.";
698 }
699 identity ipip {
700 base protocol-type;
701 description
702 "IPinIP protocol type.";
703 }
704 identity hop-by-hop {
705 base protocol-type;
706 description
707 "Hop by Hop IPv6 header type.";
708 }
709 identity routing {
710 base protocol-type;
711 description
712 "Routing IPv6 header type.";
713 }
714 identity esp {
715 base protocol-type;
716 description
717 "ESP header type.";
718 }
719 identity ah {
720 base protocol-type;
721 description
722 "AH header type.";
723 }
724
725 /* Groupings */
726
727 grouping vpn-service-cloud-access {
728 container cloud-accesses {
729 list cloud-access {
730 if-feature cloud-access;
731 key cloud-identifier;
732
733 leaf cloud-identifier {
734 type string;
735 description
736 "Identification of cloud service. Local
737 admin meaning.";
738 }
739 container authorized-sites {
740 list authorized-site {
741 key site-id;
742
743 leaf site-id {
744 type leafref {
745 path "/l3vpn-svc/sites/site/site-id";
746 }
747 description
748 "Site ID.";
749 }
750 description
751 "List of authorized sites.";
752 }
753 description
754 "Configuration of authorized sites";
755 }
756 container denied-sites {
757 list denied-site {
758 key site-id;
759
760 leaf site-id {
761 type leafref {
762 path "/l3vpn-svc/sites/site/site-id";
763 }
764 description
765 "Site ID.";
766 }
767 description
768 "List of denied sites.";
769 }
770 description
771 "Configuration of denied sites";
772 }
773 leaf nat-enabled {
774 type boolean;
775 description
776 "Control if NAT is required or not.";
777 }
778 leaf customer-nat-address {
779 type inet:ipv4-address;
780 description
781 "NAT address to be used in case of public
782 or shared cloud.
783 This is to be used in case customer is providing
784 the public address.";
785 }
786 description
787 "Cloud access configuration.";
788 }
789 description
790 "Container for cloud access configurations";
791 }
792 description
793 "grouping for vpn cloud definition";
794 }
795
796 grouping multicast-rp-group-cfg {
797 choice group-format {
798 case startend {
799 leaf group-start {
800 type inet:ip-address;
801 description
802 "First group address.";
803 }
804 leaf group-end {
805 type inet:ip-address;
806 description
807 "Last group address.";
808 }
809 }
810 case singleaddress {
811 leaf group-address {
812 type inet:ip-address;
813 description
814 "Group address";
815 }
816 }
817 description
818 "Choice for group format.";
819 }
820 description
821 "Definition of groups for
822 RP to group mapping.";
823 }
824
825 grouping vpn-service-multicast {
826 container multicast {
827 if-feature multicast;
828 leaf enabled {
829 type boolean;
830 default false;
831 description
832 "Enable multicast.";
833 }
834 container customer-tree-flavors {
835 list tree-flavor {
836 key type;
837
838 leaf type {
839 type identityref {
840 base multicast-tree-type;
841 }
842 description
843 "Type of tree to be used.";
844 }
845 description
846 "List of tree flavors.";
847 }
848 description
849 "Type of trees used by customer.";
850 }
851 container rp {
852 container rp-group-mappings {
853 list rp-group-mapping {
854 key "id";
855
856 leaf id {
857 type uint16;
858 description
859 "Unique identifier for the mapping.";
860 }
861 container provider-managed {
862 leaf enabled {
863 type boolean;
864 default false;
865 description
866 "Set to true, if the RP must be a
867 provider
868 managed node.
869 Set to false, if it is a customer
870 managed node.";
871 }
872
873 leaf rp-redundancy {
874 when "../enabled = 'true'" {
875 description
876 "Relevant when RP
877 is provider managed.";
878 }
879 type boolean;
880 default false;
881 description
882 "If true, redundancy
883 mechanism for RP is required.";
884 }
885 leaf optimal-traffic-delivery {
886 when "../enabled = 'true'" {
887 description
888 "Relevant when RP
889 is provider managed.";
890 }
891 type boolean;
892 default false;
893 description
894 "If true, SP must ensure
895 that traffic uses an optimal path.";
896 }
897 description
898 "Parameters for provider managed RP.";
899 }
900
901 leaf rp-address {
902 when "../provider-managed/enabled='false'" {
903 description
904 "Relevant when RP
905 is provider managed.";
906 }
907 type inet:ip-address;
908 description
909 "Defines the address of the
910 RendezvousPoint.
911 Used if RP is customer managed.";
912 }
913
914 container groups {
915 list group {
916 key id;
917
918 leaf id {
919 type uint16;
920 description
921 "Identifier for the group.";
922 }
923 uses multicast-rp-group-cfg;
924 description
925 "List of groups.";
926 }
927 description
928 "Multicast groups associated with RP.";
929 }
930
931 description
932 "List of RP to group mappings.";
933 }
934 description
935 "RP to group mappings.";
936 }
937 container rp-discovery {
938 leaf rp-discovery-type {
939 type identityref {
940 base multicast-rp-discovery-type;
941 }
942 default static-rp;
943 description
944 "Type of RP discovery used.";
945 }
946 container bsr-candidates {
947 when "../rp-discovery-type='bsr-rp'" {
948 description
949 "Only applicable if discovery type
950 is BSR-RP";
951 }
952 list bsr-candidate {
953 key address;
954
955 leaf address {
956 type inet:ip-address;
957 description
958 "Address of BSR candidate";
959 }
960
961 description
962 "List of customer BSR candidates";
963 }
964 description
965 "Customer BSR candidates address";
966 }
967 description
968 "RP discovery parameters";
969 }
970
971 description
972 "RendezvousPoint parameters.";
973 }
974 description
975 "Multicast global parameters for the VPN service.";
976 }
977 description
978 "grouping for multicast vpn definition";
979 }
980
981 grouping vpn-service-mpls {
982 leaf carrierscarrier {
983 if-feature carrierscarrier;
984 type boolean;
985 default false;
986 description
987 "The VPN is using Carrier's Carrier,
988 and so MPLS is required.";
989 }
990 description
991 "grouping for mpls CsC definition";
992 }
993
994 grouping customer-location-info {
995 container location {
996 leaf address {
997 type string;
998 description
999 "Address (number and street)
1000 of the site.";
1001
1002 }
1003 leaf zip-code {
1004 type string;
1005 description
1006 "ZIP code of the site.";
1007 }
1008 leaf state {
1009 type string;
1010 description
1011 "State of the site.
1012 This leaf can also be used
1013 to describe a region
1014 for country who does not have
1015 states.
1016 ";
1017 }
1018 leaf city {
1019 type string;
1020 description
1021 "City of the site.";
1022 }
1023 leaf country-code {
1024 type string;
1025 description
1026 "Country of the site.";
1027 }
1028 description
1029 "Location of the site.";
1030 }
1031 description
1032 "This grouping defines customer location
1033 parameters";
1034 }
1035
1036 grouping site-diversity {
1037 container site-diversity {
1038 if-feature site-diversity;
1039
1040 container groups {
1041 list group {
1042 key group-id;
1043
1044 leaf group-id {
1045 type string;
1046 description
1047 "Group-id the site
1048 is belonging to";
1049 }
1050 description
1051 "List of group-id";
1052 }
1053 description
1054 "Groups the site
1055 is belonging to.
1056 All site network accesses will
1057 inherit those group values.";
1058 }
1059 description
1060 "Diversity constraint type.";
1061 }
1062 description
1063 "This grouping defines site diversity
1064 parameters";
1065 }
1066
1067 grouping access-diversity {
1068 container access-diversity {
1069 if-feature site-diversity;
1070 container groups {
1071 list group {
1072 key group-id;
1073
1074 leaf group-id {
1075 type string;
1076 description
1077 "Group-id the site network access
1078 is belonging to";
1079 }
1080 description
1081 "List of group-id";
1082 }
1083 description
1084 "Groups the site network access
1085 is belonging to";
1086 }
1087 container constraints {
1088 list constraint {
1089 key constraint-type;
1090
1091 leaf constraint-type {
1092 type identityref {
1093 base placement-diversity;
1094 }
1095 description
1096 "Diversity constraint type.";
1097 }
1098 container target {
1099 choice target-flavor {
1100 case id {
1101 list group {
1102 key group-id;
1103
1104 leaf group-id {
1105 type string;
1106 description
1107 "The constraint will apply
1108 against this particular
1109 group-id";
1110 }
1111 description
1112 "List of groups";
1113 }
1114 }
1115 case all-accesses {
1116 leaf all-other-accesses {
1117 type empty;
1118 description
1119 "The constraint will apply
1120 against all other site network
1121 access
1122 of this site";
1123 }
1124 }
1125 case all-groups {
1126 leaf all-other-groups {
1127 type empty;
1128 description
1129 "The constraint will apply
1130 against all other groups the
1131 customer
1132 is managing";
1133 }
1134 }
1135 description
1136 "Choice for the group definition";
1137 }
1138 description
1139 "The constraint will apply against
1140 this list of groups";
1141 }
1142 description
1143 "List of constraints";
1144 }
1145 description
1146 "Constraints for placing this site
1147 network access";
1148 }
1149
1150 description
1151 "Diversity parameters.";
1152 }
1153 description
1154 "This grouping defines access diversity
1155 parameters";
1156 }
1157
1158 grouping operational-requirements {
1159 leaf requested-site-start {
1160 type yang:date-and-time;
1161 description
1162 "Optional leaf indicating requested date
1163 and time
1164 when the service at a particular site is
1165 expected
1166 to start";
1167 }
1168
1169 leaf requested-site-stop {
1170 type yang:date-and-time;
1171 description
1172 "Optional leaf indicating requested date
1173 and time
1174 when the service at a particular site is
1175 expected
1176 to stop";
1177 }
1178 description
1179 "This grouping defines some operational parameters
1180 parameters";
1181 }
1182
1183 grouping operational-requirements-ops {
1184 leaf actual-site-start {
1185 type yang:date-and-time;
1186 config false;
1187 description
1188 "Optional leaf indicating actual date
1189 and time
1190 when the service at a particular site
1191 actually
1192 started";
1193 }
1194 leaf actual-site-stop {
1195 type yang:date-and-time;
1196 config false;
1197 description
1198 "Optional leaf indicating actual date
1199 and time
1200 when the service at a particular site
1201 actually
1202 stopped";
1203 }
1204 description
1205 "This grouping defines some operational parameters
1206 parameters";
1207 }
1208
1209 grouping flow-definition {
1210 container match-flow {
1211 leaf dscp {
1212 type uint8 {
1213 range "0 .. 63";
1214 }
1215 description
1216 "DSCP value.";
1217 }
1218 leaf tos {
1219 type uint8 {
1220 range "0 .. 254";
1221 }
1222 description
1223 "TOS value.";
1224 }
1225 leaf dot1p {
1226 type uint8 {
1227 range "0 .. 7";
1228 }
1229 description
1230 "802.1p matching.";
1231 }
1232 leaf ipv4-src-prefix {
1233 type inet:ipv4-prefix;
1234 description
1235 "Match on IPv4 src address.";
1236 }
1237 leaf ipv6-src-prefix {
1238 type inet:ipv6-prefix;
1239 description
1240 "Match on IPv6 src address.";
1241 }
1242 leaf ipv4-dst-prefix {
1243 type inet:ipv4-prefix;
1244 description
1245 "Match on IPv4 dst address.";
1246 }
1247 leaf ipv6-dst-prefix {
1248 type inet:ipv6-prefix;
1249 description
1250 "Match on IPv6 dst address.";
1251 }
1252 leaf l4-src-port {
1253 type uint16;
1254 description
1255 "Match on layer 4 src port.";
1256 }
1257 leaf l4-dst-port {
1258 type uint16;
1259 description
1260 "Match on layer 4 dst port.";
1261 }
1262 leaf protocol-field {
1263 type union {
1264 type uint8;
1265 type identityref {
1266 base protocol-type;
1267 }
1268 }
1269 description
1270 "Match on IPv4 protocol or
1271 Ipv6 Next Header
1272 field.";
1273 }
1274
1275 description
1276 "Describe flow matching
1277 criterions.";
1278 }
1279 description
1280 "Flow definition based on criteria.";
1281 }
1282
1283 grouping site-service-basic {
1284 leaf svc-input-bandwidth {
1285 type uint32;
1286 units bps;
1287 description
1288 "From the PE perspective, the service input
1289 bandwidth of the connection.";
1290 }
1291 leaf svc-output-bandwidth {
1292 type uint32;
1293 units bps;
1294 description
1295 "From the PE perspective, the service output
1296 bandwidth of the connection.";
1297 }
1298 leaf svc-mtu {
1299 type uint16;
1300 units bytes;
1301 description
1302 "MTU at service level.
1303 If the service is IP,
1304 it refers to the IP MTU.";
1305 }
1306 description
1307 "Defines basic service parameters for a site.";
1308 }
1309
1310 grouping site-protection {
1311 container traffic-protection {
1312 if-feature fast-reroute;
1313 leaf enabled {
1314 type boolean;
1315 description
1316 "Enables
1317 traffic protection of access link.";
1318 }
1319
1320 description
1321 "Fast reroute service parameters
1322 for the site.";
1323 }
1324 description
1325 "Defines protection service parameters for a site.";
1326 }
1327
1328 grouping site-service-mpls {
1329 container carrierscarrier {
1330 if-feature carrierscarrier;
1331 leaf signalling-type {
1332 type enumeration {
1333 enum "ldp" {
1334 description
1335 "Use LDP as signalling
1336 protocol between PE and CE.";
1337 }
1338 enum "bgp" {
1339 description
1340 "Use BGP 3107 as signalling
1341 protocol between PE and CE.
1342 In this case, bgp must be also
1343 configured
1344 as routing-protocol.
1345 ";
1346 }
1347 }
1348 description
1349 "MPLS signalling type.";
1350 }
1351 description
1352 "This container is used when customer provides
1353 MPLS based services.
1354 This is used in case of Carrier's
1355 Carrier.";
1356 }
1357 description
1358 "Defines MPLS service parameters for a site.";
1359 }
1360
1361 grouping site-service-qos-profile {
1362 container qos {
1363 if-feature qos;
1364 container qos-classification-policy {
1365 list rule {
1366 key id;
1367 ordered-by user;
1368
1369 leaf id {
1370 type uint16;
1371 description
1372 "ID of the rule.";
1373 }
1374
1375 choice match-type {
1376 case match-flow {
1377 uses flow-definition;
1378 }
1379 case match-application {
1380 leaf match-application {
1381 type identityref {
1382 base customer-application;
1383 }
1384 description
1385 "Defines the application
1386 to match.";
1387 }
1388 }
1389 description
1390 "Choice for classification";
1391 }
1392
1393 leaf target-class-id {
1394 type string;
1395 description
1396 "Identification of the
1397 class of service.
1398 This identifier is internal to
1399 the administration.";
1400 }
1401
1402 description
1403 "List of marking rules.";
1404 }
1405 description
1406 "Need to express marking rules ...";
1407 }
1408 container qos-profile {
1409
1410 choice qos-profile {
1411 description
1412 "Choice for QoS profile.
1413 Can be standard profile or custom.";
1414 case standard {
1415 leaf profile {
1416 type string;
1417 description
1418 "QoS profile to be used";
1419 }
1420 }
1421 case custom {
1422 container classes {
1423 if-feature qos-custom;
1424 list class {
1425 key class-id;
1426
1427 leaf class-id {
1428 type string;
1429 description
1430 "Identification of the
1431 class of service.
1432 This identifier is internal to
1433 the administration.";
1434 }
1435 leaf rate-limit {
1436 type uint8;
1437 units percent;
1438 description
1439 "To be used if class must
1440 be rate
1441 limited. Expressed as
1442 percentage of the svc-bw.";
1443 }
1444 leaf priority-level {
1445 type uint8;
1446 description
1447 "Defines the level of the
1448 class in
1449 term of priority queueing.
1450 The higher the level is the
1451 higher
1452 is the priority.";
1453 }
1454 leaf guaranteed-bw-percent {
1455 type uint8;
1456 units percent;
1457 description
1458 "To be used to define the
1459 guaranteed
1460 BW in percent of the svc-bw
1461 available at the priority-level.";
1462 }
1463 description
1464 "List of class of services.";
1465 }
1466 description
1467 "Container for
1468 list of class of services.";
1469 }
1470
1471 }
1472
1473 }
1474 description
1475 "Qos profile configuration.";
1476 }
1477 description
1478 "QoS configuration.";
1479 }
1480 description
1481 "This grouping defines QoS parameters
1482 for a site";
1483
1484 }
1485
1486 grouping site-security-authentication {
1487 container authentication {
1488 description
1489 "Authentication parameters";
1490 }
1491 description
1492 "This grouping defines authentication
1493 parameters
1494 for a site";
1495 }
1496
1497 grouping site-security-encryption {
1498 container encryption {
1499 if-feature encryption;
1500 leaf enabled {
1501 type boolean;
1502 description
1503 "If true, access encryption is required.";
1504 }
1505 leaf layer {
1506 type enumeration {
1507 enum layer2 {
1508 description
1509 "Encryption will occur at layer2.";
1510 }
1511 enum layer3 {
1512 description
1513 "IPSec is requested.";
1514 }
1515 }
1516 description
1517 "Layer on which encryption is applied.";
1518 }
1519 container encryption-profile {
1520 choice profile {
1521 case provider-profile {
1522 leaf profile-name {
1523 type string;
1524 description
1525 "Name of the SP profile
1526 to be applied.";
1527 }
1528 }
1529 case customer-profile {
1530 leaf algorithm {
1531 type string;
1532 description
1533 "Encryption algorithm to
1534 be used.";
1535 }
1536 choice key-type {
1537 case psk {
1538 leaf preshared-key {
1539 type string;
1540 description
1541 "Key coming from
1542 customer.";
1543 }
1544 }
1545 case pki {
1546
1547 }
1548 description
1549 "Type of keys to be used.";
1550 }
1551 }
1552 description
1553 "Choice of profile.";
1554 }
1555 description
1556 "Profile of encryption to be applied.";
1557 }
1558 description
1559 "Encryption parameters.";
1560 }
1561 description
1562 "This grouping defines encryption parameters
1563 for a site";
1564 }
1565
1566 grouping site-attachment-bearer {
1567 container bearer {
1568 container requested-type {
1569 if-feature requested-type;
1570 leaf requested-type {
1571 type string;
1572 description
1573 "Type of requested bearer Ethernet, DSL,
1574 Wireless ...
1575 Operator specific.";
1576 }
1577 leaf strict {
1578 type boolean;
1579 default false;
1580 description
1581 "define if the requested-type is a preference
1582 or a strict requirement.";
1583 }
1584 description
1585 "Container for requested type.";
1586 }
1587 leaf always-on {
1588 if-feature always-on;
1589 type boolean;
1590 default true;
1591 description
1592 "Request for an always on access type.
1593 This means no Dial access type for
1594 example.";
1595 }
1596 leaf bearer-reference {
1597 if-feature bearer-reference;
1598 type string;
1599 description
1600 "This is an internal reference for the
1601 service provider.
1602 Used ";
1603 }
1604 description
1605 "Bearer specific parameters.
1606 To be augmented.";
1607 }
1608 description
1609 "Defines physical properties of
1610 a site attachment.";
1611 }
1612
1613 grouping site-routing {
1614 container routing-protocols {
1615 list routing-protocol {
1616 key type;
1617
1618 leaf type {
1619 type identityref {
1620 base routing-protocol-type;
1621 }
1622 description
1623 "Type of routing protocol.";
1624 }
1625
1626
1627 container ospf {
1628 when "../type = 'ospf'" {
1629 description
1630 "Only applies
1631 when protocol is OSPF.";
1632 }
1633 if-feature rtg-ospf;
1634 leaf-list address-family {
1635 type identityref {
1636 base address-family;
1637 }
1638 description
1639 "Address family to be activated.";
1640 }
1641 leaf area-address {
1642 type yang:dotted-quad;
1643 description
1644 "Area address.";
1645 }
1646 leaf metric {
1647 type uint16;
1648 description
1649 "Metric of PE-CE link.";
1650 }
1651 container sham-links {
1652 if-feature rtg-ospf-sham-link;
1653 list sham-link {
1654 key target-site;
1655
1656 leaf target-site {
1657 type svc-id;
1658 description
1659 "Target site for the sham link
1660 connection.
1661 The site is referred through it's ID.";
1662 }
1663 leaf metric {
1664 type uint16;
1665 description
1666 "Metric of the sham link.";
1667 }
1668 description
1669 "Creates a shamlink with another
1670 site";
1671 }
1672 description
1673 "List of Sham links";
1674 }
1675 description
1676 "OSPF specific configuration.";
1677 }
1678
1679 container bgp {
1680
1681 when "../type = 'bgp'" {
1682 description
1683 "Only applies when
1684 protocol is BGP.";
1685 }
1686 if-feature rtg-bgp;
1687 leaf autonomous-system {
1688 type uint32;
1689 description
1690 "AS number.";
1691 }
1692 leaf-list address-family {
1693 type identityref {
1694 base address-family;
1695 }
1696 description
1697 "Address family to be activated.";
1698 }
1699 description
1700 "BGP specific configuration.";
1701 }
1702 container static {
1703 when "../type = 'static'" {
1704 description
1705 "Only applies when protocol
1706 is static.";
1707 }
1708
1709 container cascaded-lan-prefixes {
1710 list ipv4-lan-prefixes {
1711 if-feature ipv4;
1712 key "lan next-hop";
1713
1714 leaf lan {
1715 type inet:ipv4-prefix;
1716 description
1717 "Lan prefixes.";
1718 }
1719 leaf lan-tag {
1720 type string;
1721 description
1722 "Internal tag to be used in vpn
1723 policies.";
1724 }
1725 leaf next-hop {
1726 type inet:ipv4-address;
1727 description
1728 "Nexthop address to use at customer
1729 side.";
1730 }
1731 description "
1732 List of LAN prefixes for
1733 the site.
1734 ";
1735 }
1736 list ipv6-lan-prefixes {
1737 if-feature ipv6;
1738 key "lan next-hop";
1739
1740 leaf lan {
1741 type inet:ipv6-prefix;
1742 description
1743 "Lan prefixes.";
1744 }
1745 leaf lan-tag {
1746 type string;
1747 description
1748 "Internal tag to be used
1749 in vpn policies.";
1750 }
1751 leaf next-hop {
1752 type inet:ipv6-address;
1753 description
1754 "Nexthop address to use at
1755 customer side.";
1756 }
1757 description "
1758 List of LAN prefixes for the site.
1759 ";
1760 }
1761 description
1762 "LAN prefixes from the customer.";
1763 }
1764 description
1765 "Static routing
1766 specific configuration.";
1767 }
1768 container rip {
1769
1770 when "../type = 'rip'" {
1771 description
1772 "Only applies when
1773 protocol is RIP.";
1774 }
1775 if-feature rtg-rip;
1776 leaf-list address-family {
1777 type identityref {
1778 base address-family;
1779 }
1780 description
1781 "Address family to be
1782 activated.";
1783 }
1784
1785 description
1786 "RIP routing specific
1787 configuration.";
1788 }
1789
1790
1791 container vrrp {
1792
1793 when "../type = 'vrrp'" {
1794 description
1795 "Only applies when
1796 protocol is VRRP.";
1797 }
1798 if-feature rtg-vrrp;
1799 leaf-list address-family {
1800 type identityref {
1801 base address-family;
1802 }
1803 description
1804 "Address family to be activated.";
1805 }
1806 description
1807 "VRRP routing specific configuration.";
1808 }
1809
1810
1811 description
1812 "List of routing protocols used
1813 on the site.
1814 Need to be augmented.";
1815 }
1816 description
1817 "Defines routing protocols.";
1818 }
1819 description
1820 "Grouping for routing protocols.";
1821 }
1822
1823 grouping site-attachment-ip-connection {
1824 container ip-connection {
1825 container ipv4 {
1826 if-feature ipv4;
1827 leaf address-allocation-type {
1828 type identityref {
1829 base address-allocation-type;
1830 }
1831
1832 default "static-address";
1833 description
1834 "Defines how addresses are allocated.
1835 ";
1836 }
1837
1838 leaf number-of-dynamic-address {
1839 when
1840 "../address-allocation-type = 'pe-dhcp'"
1841 {
1842 description
1843 "Only applies when
1844 protocol allocation type is static";
1845 }
1846 type uint8;
1847 default 1;
1848 description
1849 "Describes the number of IP addresses the
1850 customer requires";
1851 }
1852 container addresses {
1853 when
1854 "../address-allocation-type = 'static-address'" {
1855 description
1856 "Only applies when
1857 protocol allocation type is static";
1858 }
1859 leaf provider-address {
1860 type inet:ipv4-address;
1861 description
1862 "Provider side address.";
1863 }
1864 leaf customer-address {
1865 type inet:ipv4-address;
1866 description
1867 "Customer side address.";
1868 }
1869 leaf mask {
1870 type uint8 {
1871 range "0..32";
1872 }
1873 description
1874 "Subnet mask expressed
1875 in bits";
1876 }
1877 description
1878 "Describes IP addresses used";
1879 }
1880 description
1881 "IPv4 specific parameters";
1882
1883 }
1884 container ipv6 {
1885 if-feature ipv6;
1886 leaf address-allocation-type {
1887 type identityref {
1888 base address-allocation-type;
1889 }
1890 default "static-address";
1891 description
1892 "Defines how addresses are allocated.
1893 ";
1894 }
1895 leaf number-of-dynamic-address {
1896 when
1897 "../address-allocation-type = 'pe-dhcp'" {
1898 description
1899 "Only applies when
1900 protocol allocation type is static";
1901 }
1902 type uint8;
1903 default 1;
1904 description
1905 "Describes the number of IP addresses the
1906 customer requires";
1907 }
1908 container addresses {
1909 when
1910 "../address-allocation-type = 'static-address'" {
1911 description
1912 "Only applies when
1913 protocol allocation type is static";
1914 }
1915 leaf provider-address {
1916 type inet:ipv6-address;
1917 description
1918 "Provider side address.";
1919 }
1920 leaf customer-address {
1921 type inet:ipv6-address;
1922 description
1923 "Customer side address.";
1924 }
1925 leaf mask {
1926 type uint8 {
1927 range "0..128";
1928
1929 }
1930 description
1931 "Subnet mask expressed
1932 in bits";
1933 }
1934 description
1935 "Describes IP addresses used";
1936 }
1937
1938 description
1939 "IPv6 specific parameters";
1940
1941 }
1942 container oam {
1943 container bfd {
1944 if-feature bfd;
1945 leaf bfd-enabled {
1946 type boolean;
1947 description
1948 "BFD activation";
1949 }
1950
1951 choice holdtime {
1952 case profile {
1953 leaf profile-name {
1954 type string;
1955 description
1956 "Service provider well
1957 known profile.";
1958 }
1959 description
1960 "Service provider well
1961 known profile.";
1962 }
1963 case fixed {
1964 leaf fixed-value {
1965 type uint32;
1966 units msec;
1967 description
1968 "Expected holdtime
1969 expressed
1970 in msec.";
1971 }
1972 }
1973 description
1974 "Choice for holdtime flavor.";
1975 }
1976 description
1977 "Container for BFD.";
1978 }
1979 description
1980 "Define the OAM used on the connection.";
1981 }
1982 description
1983 "Defines connection parameters.";
1984 }
1985 description
1986 "This grouping defines IP connection parameters.";
1987 }
1988
1989 grouping site-service-multicast {
1990 container multicast {
1991 if-feature multicast;
1992 leaf multicast-site-type {
1993 type enumeration {
1994 enum receiver-only {
1995 description
1996 "The site has only receivers.";
1997 }
1998 enum source-only {
1999 description
2000 "The site has only sources.";
2001 }
2002 enum source-receiver {
2003 description
2004 "The site has both
2005 sources & receivers.";
2006 }
2007 }
2008 default "source-receiver";
2009 description
2010 "Type of multicast site.";
2011 }
2012 container multicast-transport-protocol {
2013 leaf ipv4 {
2014 if-feature ipv4;
2015 type boolean;
2016 default true;
2017 description
2018 "Enables ipv4 multicast transport";
2019 }
2020 leaf ipv6 {
2021 if-feature ipv6;
2022 type boolean;
2023 default false;
2024 description
2025 "Enables ipv6 multicast transport";
2026 }
2027 description
2028 "Defines protocol to transport multicast.";
2029 }
2030 leaf protocol-type {
2031 type enumeration {
2032 enum host {
2033 description
2034 "
2035 Hosts are directly connected
2036 to the provider network.
2037 Host protocols like IGMP, MLD
2038 are required.
2039 ";
2040 }
2041 enum router {
2042 description
2043 "
2044 Hosts are behind a customer router.
2045 PIM will be implemented.
2046 ";
2047 }
2048 enum both {
2049 description
2050 "Some Hosts are behind a customer
2051 router and some others are directly
2052 connected to the provider network.
2053 Both host and routing protocols must be
2054 used. Typically IGMP and PIM will be
2055 implemented.
2056 ";
2057 }
2058 }
2059 default "both";
2060 description
2061 "Multicast protocol type to be used
2062 with the customer site.";
2063 }
2064
2065 description
2066 "Multicast parameters for the site.";
2067 }
2068 description
2069 "Multicast parameters for the site.";
2070 }
2071
2072 grouping site-management {
2073 container management {
2074 leaf type {
2075 type identityref {
2076 base management;
2077 }
2078 description
2079 "Management type of the connection.";
2080 }
2081 leaf management-transport {
2082 type identityref {
2083 base address-family;
2084 }
2085 description
2086 "Transport protocol used for management.";
2087 }
2088 leaf address {
2089 type inet:ip-address;
2090 description
2091 "Management address";
2092 }
2093
2094 description
2095 "Management configuration";
2096 }
2097 description
2098 "Management parameters for the site.";
2099 }
2100
2101 grouping site-vpn-flavor-profile {
2102 leaf site-vpn-flavor {
2103 type identityref {
2104 base site-vpn-flavor;
2105 }
2106 default site-vpn-flavor-single;
2107 description
2108 "Defines if the site
2109 is a single VPN site, or multiVPN or ...";
2110 }
2111 description
2112 "Grouping for site-vpn-flavor.";
2113 }
2114
2115 grouping site-vpn-policy {
2116 container vpn-policy-list {
2117 list vpn-policy {
2118 key vpn-policy-id;
2119
2120 leaf vpn-policy-id {
2121 type svc-id;
2122 description
2123 "Unique identifier for
2124 the VPN policy.";
2125 }
2126
2127 list entries {
2128 key id;
2129
2130 leaf id {
2131 type svc-id;
2132 description
2133 "Unique identifier for
2134 the policy entry.";
2135 }
2136 container filter {
2137 choice lan {
2138 case lan-prefix {
2139 container lan-prefixes {
2140 list ipv4-lan-prefixes {
2141 if-feature ipv4;
2142 key lan;
2143
2144 leaf lan {
2145 type inet:ipv4-prefix;
2146 description
2147 "Lan prefixes.";
2148 }
2149 description "
2150 List of LAN prefixes
2151 for the site.
2152 ";
2153 }
2154 list ipv6-lan-prefixes {
2155 if-feature ipv6;
2156 key lan;
2157
2158 leaf lan {
2159 type inet:ipv6-prefix;
2160 description
2161 "Lan prefixes.";
2162 }
2163 description "
2164 List of LAN prefixes
2165 for the site.
2166 ";
2167 }
2168 description
2169 "LAN prefixes from the customer.";
2170 }
2171 }
2172 case lan-tag {
2173 leaf-list lan-tag {
2174 type string;
2175 description
2176 "List of lan-tags to be matched.";
2177 }
2178 }
2179 description
2180 "Choice for LAN matching type";
2181 }
2182 description
2183 "If used, it permit to split site LANs
2184 among multiple VPNs.
2185 If no filter used, all the LANs will be
2186 part of the same VPNs with the same
2187 role.";
2188 }
2189 container vpn {
2190 leaf vpn-id {
2191 type leafref {
2192 path "/l3vpn-svc/vpn-services/vpn-svc/vpn-id";
2193 }
2194 mandatory true;
2195 description
2196 "Reference to an IPVPN.";
2197 }
2198 leaf site-role {
2199 type identityref {
2200 base site-role;
2201 }
2202 mandatory true;
2203 description
2204 "Role of the site in the IPVPN.";
2205 }
2206 description
2207 "List of VPNs the LAN is associated to.";
2208 }
2209 description
2210 "List of entries for export policy.";
2211 }
2212 description
2213 "List of VPN policies.";
2214 }
2215 description
2216 "VPN policy.";
2217 }
2218 description
2219 "VPN policy parameters for the site.";
2220 }
2221
2222 grouping site-maximum-routes {
2223 container maximum-routes {
2224 list address-family {
2225 key af;
2226
2227 leaf af {
2228 type identityref {
2229 base address-family;
2230 }
2231 description
2232 "Address-family.";
2233 }
2234 leaf maximum-routes {
2235 type uint32;
2236 description
2237 "Maximum prefixes the VRF can
2238 accept for this
2239 address-family.";
2240 }
2241 description
2242 "List of address families.";
2243 }
2244
2245 description
2246 "Define maximum-routes for the VRF.";
2247 }
2248 description
2249 "Define maximum-routes for the site.";
2250 }
2251
2252 grouping site-security {
2253 container security {
2254 uses site-security-authentication;
2255 uses site-security-encryption;
2256
2257 description
2258 "Site specific security parameters.";
2259 }
2260 description
2261 "Grouping for security parameters.";
2262 }
2263
2264 grouping site-service {
2265 container service {
2266 uses site-service-basic;
2267 uses site-service-qos-profile;
2268 uses site-service-mpls;
2269 uses site-service-multicast;
2270
2271 description
2272 "Service parameters on the attachement.";
2273 }
2274 description
2275 "Grouping for service parameters.";
2276 }
2277
2278 grouping transport-constraint-profile {
2279 list constraint-list {
2280 key constraint-type;
2281
2282 leaf constraint-type {
2283 type identityref {
2284 base transport-constraint;
2285 }
2286 description
2287 "Constraint type to be applied.";
2288 }
2289 leaf constraint-opaque-value {
2290 type string;
2291 description
2292 "Opaque value that can be used to
2293 specify constraint parameters.";
2294 }
2295 description
2296 "List of constraints";
2297 }
2298 description
2299 "Grouping for transport constraint.";
2300 }
2301
2302 grouping transport-constraints {
2303 container transport-constraints {
2304 if-feature traffic-engineering;
2305 container unicast-transport-constraints {
2306 list constraint {
2307 key constraint-id;
2308
2309 leaf constraint-id {
2310 type svc-id;
2311 description
2312 "Defines an ID for the constraint
2313 rule.";
2314 }
2315
2316 leaf site1 {
2317 type svc-id;
2318 description
2319 "The ID refers to one site end.";
2320 }
2321 leaf site2 {
2322 type svc-id;
2323 description
2324 "The ID refers to the other
2325 site end.";
2326 }
2327 uses transport-constraint-profile;
2328 description
2329 "List of constraints.
2330 Constraints are bidirectional.";
2331 }
2332 description
2333 "Unicast transport constraints.";
2334 }
2335 container multicast-transport-constraints {
2336 if-feature traffic-engineering-multicast;
2337 list constraint {
2338 key constraint-id;
2339
2340 leaf constraint-id {
2341 type svc-id;
2342 description
2343 "Defines an ID for the constraint
2344 rule.";
2345 }
2346
2347 leaf src-site {
2348 type svc-id;
2349 description
2350 "The ID refers to source site.";
2351 }
2352 leaf dst-site {
2353 type svc-id;
2354 description
2355 "The ID refers to the receiver
2356 site.";
2357 }
2358 uses transport-constraint-profile;
2359 description
2360 "List of constraints.
2361 Constraints are unidirectional.";
2362 }
2363 description
2364 "Multicast transport constraints.";
2365 }
2366 description
2367 "transport constraints.";
2368 }
2369 description
2370 "Grouping for transport constraints
2371 description.";
2372 }
2373
2374 grouping vpn-extranet {
2375 container extranet-vpns {
2376 if-feature extranet-vpn;
2377 list extranet-vpn {
2378 key vpn-id;
2379
2380 leaf vpn-id {
2381 type svc-id;
2382 description
2383 "Identifies the target VPN";
2384 }
2385 leaf local-sites-role {
2386 type identityref {
2387 base site-role;
2388 }
2389 description
2390 "This describes the role of the
2391 local sites in the target VPN topology.";
2392 }
2393 description
2394 "List of extranet VPNs the local
2395 VPN is attached to.";
2396 }
2397 description
2398 "Container for extranet vpn cfg.";
2399 }
2400 description
2401 "grouping for extranet VPN configuration.
2402 Extranet provides a way to interconnect all sites
2403 from two VPNs in a easy way.";
2404 }
2405
2406 grouping site-attachment-availability {
2407 container availability {
2408 leaf access-priority {
2409 type uint32;
2410 default 1;
2411 description
2412 "Defines the priority for the access.
2413 The highest the priority value is,
2414 the highest the
2415 preference of the access is.";
2416 }
2417 description
2418 "Availability parameters
2419 (used for multihoming)";
2420 }
2421 description
2422 "Defines site availability parameters.";
2423 }
2424
2425 grouping access-vpn-policy {
2426 container vpn-attachment {
2427 choice attachment-flavor {
2428 case vpn-policy-id {
2429 leaf vpn-policy-id {
2430 type leafref {
2431 path "/l3vpn-svc/sites/site/"+
2432 "vpn-policy-list/vpn-policy/"+
2433 "vpn-policy-id";
2434 }
2435 description
2436 "Reference to a VPN policy.";
2437 }
2438 }
2439 case vpn-id {
2440 leaf vpn-id {
2441 type leafref {
2442 path "/l3vpn-svc/vpn-services"+
2443 "/vpn-svc/vpn-id";
2444 }
2445 description
2446 "Reference to a VPN.";
2447 }
2448 leaf site-role {
2449 type identityref {
2450 base site-role;
2451 }
2452 mandatory true;
2453 description
2454 "Role of the site in the IPVPN.";
2455 }
2456 }
2457 mandatory true;
2458 description
2459 "Choice for VPN attachment flavor.";
2460 }
2461 description
2462 "Defines VPN attachment of a site.";
2463 }
2464 description
2465 "Defines the VPN attachment rules
2466 for a site logical access.";
2467 }
2468
2469 grouping vpn-svc-cfg {
2470 leaf vpn-id {
2471 type svc-id;
2472 description
2473 "VPN identifier. Local administration meaning.";
2474 }
2475 leaf customer-name {
2476 type string;
2477 description
2478 "Name of the customer.";
2479 }
2480 leaf topology {
2481 type identityref {
2482 base vpn-topology;
2483 }
2484 default "any-to-any";
2485 description
2486 "VPN topology.";
2487 }
2488
2489 uses vpn-service-cloud-access;
2490 uses vpn-service-multicast;
2491 uses vpn-service-mpls;
2492 uses transport-constraints;
2493 uses vpn-extranet;
2494
2495 description
2496 "grouping for vpn-svc configuration.";
2497 }
2498
2499 grouping site-top-level-cfg {
2500 uses operational-requirements;
2501 uses customer-location-info;
2502 uses site-diversity;
2503 uses site-management;
2504 uses site-vpn-policy;
2505 uses site-vpn-flavor-profile;
2506 uses site-maximum-routes;
2507 uses site-security;
2508 uses site-service;
2509 uses site-protection;
2510 uses site-routing;
2511
2512 description
2513 "Grouping for site top level cfg.";
2514 }
2515
2516 grouping site-network-access-top-level-cfg {
2517 leaf site-network-access-type {
2518 type identityref {
2519 base site-network-access-type;
2520 }
2521 default "point-to-point";
2522 description
2523 "Describes the type of connection, e.g. :
2524 point-to-point or multipoint";
2525 }
2526 uses access-diversity;
2527 uses site-attachment-bearer;
2528 uses site-attachment-ip-connection;
2529 uses site-security;
2530 uses site-service;
2531 uses site-routing;
2532 uses site-attachment-availability;
2533 uses access-vpn-policy;
2534
2535 description
2536 "Grouping for site network access
2537 top level cfg.";
2538 }
2539
2540 /* Main blocks */
2541
2542 container l3vpn-svc {
2543 container vpn-services {
2544 list vpn-svc {
2545 key vpn-id;
2546
2547 uses vpn-svc-cfg;
2548
2549 description "
2550 List of VPN services.
2551
2552 ";
2553 }
2554 description
2555 "top level container
2556 for the VPN services.";
2557 }
2558
2559 container sites {
2560 list site {
2561 key site-id;
2562
2563 leaf site-id {
2564 type svc-id;
2565 description
2566 "Identifier of the site.";
2567 }
2568
2569 uses site-top-level-cfg;
2570 uses operational-requirements-ops;
2571
2572 container site-network-accesses {
2573 list site-network-access {
2574 key site-network-access-id;
2575
2576 leaf site-network-access-id {
2577 type svc-id;
2578 description
2579 "Identifier for the access";
2580 }
2581 uses site-network-access-top-level-cfg;
2582
2583 description
2584 "List of accesses for a site.";
2585 }
2586 description
2587 "List of accesses for a site.";
2588 }
2589
2590 description "List of sites.";
2591 }
2592 description
2593 "Container for sites";
2594 }
2595
2596 description
2597 "Main container for L3VPN service configuration.";
2598 }
2599}