OPSAWG Working Group R. Even
Internet-Draft Q. Wu
Intended status: Standards Track Huawei
Expires: March 31, 2019 Y. Cheng
China Unicom
September 27, 2018
YANG Data Model for Composed VPN Service Delivery
draft-evenwu-opsawg-yang-composed-vpn-00
Abstract
This document defines a YANG data model that can be used by a network
operator to configure a VPN service at one layer interconnecting VPN
service at another layer and manage how a hybrid VPN service is
engineered in the network [RFC8309]. This model is intended to be
instantiated at the management system to deliver the overall service.
It is not a configuration model to be used directly on network
elements. This model provides an abstracted view of VPN service
configuration components at different layer. It is up to a
management system to take this as an input and generate specific
configurations models to configure the different network elements to
deliver the service. How configuration of network elements is done
is out of scope of the document.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 31, 2019.
Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved.
Even, et al. Expires March 31, 2019 [Page 1]
Internet-Draft Composed VPN YANG Model September 2018
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3
1.1.1. Requirements Language . . . . . . . . . . . . . . . . 3
1.2. Tree diagram . . . . . . . . . . . . . . . . . . . . . . 4
2. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. The Composed VPN Service Model . . . . . . . . . . . . . . . 4
3.1. VPN Service Types . . . . . . . . . . . . . . . . . . . . 5
3.2. Composed VPN Physical Network Topology . . . . . . . . . 5
4. Service Model Usage . . . . . . . . . . . . . . . . . . . . . 6
5. Design of the Data Model . . . . . . . . . . . . . . . . . . 8
6. Basic Building Blocks . . . . . . . . . . . . . . . . . . . . 9
6.1. Access Points . . . . . . . . . . . . . . . . . . . . . . 9
6.1.1. Termination Point Basic Information . . . . . . . . . 11
6.1.2. Peer CE Node . . . . . . . . . . . . . . . . . . . . 13
6.1.3. Routing Protocols . . . . . . . . . . . . . . . . . . 13
6.2. Segmented VPN . . . . . . . . . . . . . . . . . . . . . . 13
7. Composed VPN YANG Module . . . . . . . . . . . . . . . . . . 14
8. Segment VPN YANG Module . . . . . . . . . . . . . . . . . . . 16
9. Service Model Usage Example . . . . . . . . . . . . . . . . . 33
10. Interaction with other YANG models . . . . . . . . . . . . . 36
11. Security Considerations . . . . . . . . . . . . . . . . . . . 36
12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 37
13. Normative References . . . . . . . . . . . . . . . . . . . . 38
Appendix A. Acknowledges . . . . . . . . . . . . . . . . . . . . 39
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 39
1. Introduction
BGP/MPLS IP Virtual Private Networks (IP VPNs) [RFC4364] have been
widely deployed to provide network based Layer 3 VPNs solutions. As
MPLS-based Layer 2 services grow in demand, many mobile SPs are
interested to extend their conventional L2VPN at the X1 interface in
the metro access network into IP VPN capabilities at the S1 interface
between access network and core network to provide end-to-end native
BGP IP VPN services to their enterprise customers. Another benefit
Even, et al. Expires March 31, 2019 [Page 2]
Internet-Draft Composed VPN YANG Model September 2018
is to enable the sharing of a provider's core network infrastructure
between IP and Layer 2 VPN services.
This document defines a YANG data model that can be used by a network
operator to configure a VPN across multi-domain environment with a
VPN service at one layer interconnecting a VPN service at another
layer and manage how a hybrid VPN service is engineered in the
network [RFC8309]. This model is intended to be instantiated at the
management system to deliver the overall service. It is not a
configuration model to be used directly on network elements. This
model provides an abstracted view of VPN service configuration
components at different layer. It is up to a management system to
take this as an input and generate specific configurations models to
configure the different network elements to deliver the service. How
configuration of network elements is done is out of scope of the
document.
1.1. Terminology
The following terms are defined in [RFC6241] and are not redefined
here:
o client
o server
o configuration data
o state data
The following terms are defined in [RFC7950] and are not redefined
here:
o augment
o data model
o data node
The terminology for describing YANG data models is found in
[RFC7950].
1.1.1. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
Even, et al. Expires March 31, 2019 [Page 3]
Internet-Draft Composed VPN YANG Model September 2018
14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
1.2. Tree diagram
Tree diagrams used in this document follow the notation defined in
[RFC8340].
2. Definitions
This document uses the following terms:
Service Provider (SP): The organization (usually a commercial
undertaking) responsible for operating the network that offers VPN
services to clients and customers.
Customer Edge (CE) Device: Equipment that is dedicated to a
particular customer and is directly connected to one or more PE
devices via attachment circuits. A CE is usually located at the
customer premises, and is usually dedicated to a single VPN,
although it may support multiple VPNs if each one has separate
attachment circuits. The CE devices can be routers, bridges,
switches, or hosts.
Provider Edge (PE) Device: Equipment managed by the SP that can
support multiple VPNs for different customers, and is directly
connected to one or more CE devices via attachment circuits. A PE
is usually located at an SP point of presence (PoP) and is managed
by the SP.
3. The Composed VPN Service Model
A Composed VPN service is a collection of VPN sites that are
authorized to exchange traffic between each other over a shared
infrastructure of a common L3VPN technology. This Composed VPN
service model provides a common understanding of how the
corresponding composed VPN service is to be deployed in an end to end
manner over the shared infrastructure.
This document presents the Composed VPN Service Delivery Model using
the YANG data modeling language [RFC7950] as a formal language that
is both human-readable and parsable by software for use with
protocols such as NETCONF [RFC6241] and RESTCONF [RFC8040].
Even, et al. Expires March 31, 2019 [Page 4]
Internet-Draft Composed VPN YANG Model September 2018
3.1. VPN Service Types
From a technology perspective, a set of basic VPN service types
include:
o Layer 2 VPN Service
o Layer 3 VPN Service
o VXLAN Service
3.2. Composed VPN Physical Network Topology
NodeBs of the site 1,2,3,4 in the access metro network are one end of
the Layer 2 VPN and communicate with each other via X2 interface.
sGW/MME of site 5,6 in the core network are another end of Layer 3
VPN and communicate NodeB in site 1,2,3,4 via S1 interface in the
access metro network . The Router PE at the edge of the access metro
network is performing the VPN stitching between the Layer 2 VPN and
the Layer 3 VPN using the technology such as bridging or other
interconnection technology. The Router PE uses the logical tunnel
interface (lt interface) configured with different logical interface
units applied under two different VPN instances. Therefore the end
to end VPN connection spanning across the metro access network and
the IP core network can be established.
Even, et al. Expires March 31, 2019 [Page 5]
Internet-Draft Composed VPN YANG Model September 2018
+-Site5+ +Site6--+
|sGW/MME |sGW/MME|
| | | |
+------+////----------------------\\\\ +-------+
^ ///////// \\\\\\\\\
| ||| L3VPN |||
| || ||
| \\\\\\\\\ /////////
| +----------------------------------------+
|S1 -| PE |
| /// +----------------------------------------+\
| / \ / \
| / \ / \
| | | | |
| | | | |
| | L2VPN | | L2VPN |
| | | | |
| | | X2 | |
| \ ----------------------------/ /
| \ \ / \ / /
| \\\ \// \\\ / ///
+-----+-----+-----+ +---/-+----+-----+
|NodeB| |NodeB| |NodeB| |NodeB|
+-----+ +-----+ +-----+ +-----+
Site1 Site2 Site3 Site4
L2VPN interconnection with L3VPN in Mobile Backhaul Network
4. Service Model Usage
Even, et al. Expires March 31, 2019 [Page 6]
Internet-Draft Composed VPN YANG Model September 2018
+------------------+
| Orchestration |
+------------------+
| |
+----------------+ |
| Config manager | |
+----------------+ |
| |
| NETCONF/CLI ...
| |
+------------------------------------------------+
Network
++++++++ Bearer
+ CE A + ----------------
++++++++ Connection
L2VE|L3VE
L2 Site A ++++++++ Bearer ++++++++
+ PE A + ------ ---- + CE C +
++++++++ Connection ++++++++
++++++++ Bearer
+ CE B + ---------------- L3 Site C
++++++++ Connection
L2 Site B
The idea of the composed VPN model is to decompose end to end VPN
service across multiple-domain enviroment into segmented tunnel or
segmented VPN service in each domain. A typical scenario would be to
use composed VPN model spanning across multi-domain as an input for
an orchestration layer that will be responsible for translating it to
an orchestrated per domain configuration of network elements that
will be part of the service. The per domain configuration of network
elements will be defined as segmented VPN model in each domain. The
configuration of network elements can be done via the CLI, NETCONF/
RESTCONF [RFC6241][RFC8040] coupled with YANG data models of a
specific configuration (BGP, VRF, BFD, etc.), or some other
technique, as preferred by the operator. Another scenario is to use
customer facing model such as L3SM service model as an input for an
orchestration layer that will be responsible for translating it to
the composed VPN model and the composed VPN model can be further
broken down into per domain segmented VPN model in each domain.
The usage of this composed VPN model is not limited to this example;
it can be used by any component of the management system but not
directly by network elements.
Even, et al. Expires March 31, 2019 [Page 7]
Internet-Draft Composed VPN YANG Model September 2018
5. Design of the Data Model
The YANG data model for the composed VPN has been split into two YANG
modules. The first module, "ietf-composed-vpn-svc", defines global
parameters and the essential components of a composed VPN that are
used to provide end to end connectivity spanning across multiple
domains. The second module "ietf-segmented-vpn" defines per domain
segmented vpn parameters and associated access point list parameters
that are used to connect to the peer device or domain. The segmented
vpn list defined in the second module "ietf-segmented-vpn" also
provides basic component for the first module "ietf-composed-vpn-
svc".
The global parameters under composed-vpns container contain generic
information about the VPN service such as vpn-id, customer-name,
service-topology and operational state. The "vpn-id" provided in the
composed-vpn list refers to an internal reference for this composed
VPN service, while the customer name refers to a more-explicit
reference to the customer. This identifier is purely internal to the
organization responsible for the composed VPN service. vpn-topology
describes the type of VPN service topology is required for
configuration. Our proposed model supports any-to-any, Hub and
Spoke.Operation state includes admin-state, oper-state, sync- State
and start-time.
Two essential components of a composed VPN are segmented vpns list
and access points list. A composed-vpn is composed of at least one
access points and at least one segmented vpns. A segmented vpn under
"segmented-vpn" list is composed of at least one access point. The
access point parameters under comosed-vpn level is used to describe
end to end connectivity stitching with one or multiple access
connectivities in each segmented VPN while the access point
parameters under segmented VPN level is used to describe one or
multiple access connectivities pertaining to each segment VPN.
Figure 1 shows abridged views of the hierarchies.
Even, et al. Expires March 31, 2019 [Page 8]
Internet-Draft Composed VPN YANG Model September 2018
+--rw composed-vpns
+--rw composed-vpn* [vpn-id]
+--rw vpn-id yang:uuid
+--rw vpn-name? string
+--rw customer-name? yang:uuid
+--rw topo? svpn:topology
+--rw service-type? svpn:service-type
+--rw technology? svpn:tunnel-type
+--rw admin-state? svpn:admin-state
+--ro oper-State? svpn:oper-state
+--ro sync-state? svpn:sync-state
+--rw start-time? yang:date-and-time
+--rw seg-vpns* [index]
| ...
+--rw access-points* [tp-id]
+--rw tp-basic
+--rw peer-ce-node
+--rw route-protocol* [type]
Figure 1: Figure 1
6. Basic Building Blocks
This section describes the essential components of the composed VPN
data model.
6.1. Access Points
The access points are basic element information in a composed VPN and
used to describe any network access connectivity across domains or
within a domain. The access points list models a list of access
points including the access or attachment information for the remote
peer. The access point provided by the remote peer(e.g.,PE) at the
composed VPN level are used to describe the network access
connectivity across domains. The access point provided by the remote
peer(e.g.,PE) at the segmented VPN level are used to describe network
access connectivity within a domain. The access point uses working
layer and corresponding layer information to describe the different
configurations in composed VPN level and the segmented VPN level.
As can be seen from Figure 1, the access points list further
introduces several generic components of a composed VPN: termination
point basic information, peer CE node information, QoS and routing
protocols. Section 6.1.1, Section6.1.2 and Section 6.1.3 describes
these components in more detail.
+--rw access-point* [tp-id]
+--rw peer-ce-node
Even, et al. Expires March 31, 2019 [Page 9]
Internet-Draft Composed VPN YANG Model September 2018
| +--rw ce-id? yang:uuid
| +--rw ce-node-id? yang:uuid
| +--rw ce-tp-id? yang:uuid
| +--rw ce-address? inet:ip-address
| +--rw location? string
+--rw tp-basic
| +--rw tp-id yang:uuid
| +--rw tp-name? string
| +--rw node-id? yang:uuid
| +--rw edge-role? edge-role
| +--rw topo-role? topo-role
| +--rw tp-type? tp-type
| +--rw working-layer? layer-rate
| +--rw type-spec* [layer-rate]
| | +--rw layer-rate layer-rate
| | +--rw (spec-value)?
| | +--:(lr-eth)
| | | +--rw eth
| | | +--rw access-type? eth-encap-type
| | | +--rw (vlan)?
| | | | +--:(qinq)
| | | | | +--rw qinq
| | | | | +--rw cvlan* uint64
| | | | | +--rw svlan? uint64
| | | | +--:(dot1q)
| | | | +--rw dot1q
| | | | +--rw dot1q* uint64
| | | +--rw vlan-action? eth-action
| | | +--rw action? string
| | +--:(lr-ip)
| | | +--rw ip
| | | +--rw ip-address? inet:ip-address
| | | +--rw mtu? uint64
| | +--:(lr-pw)
| | | +--rw pw
| | | +--rw control-word
| | | +--rw vlan-action
| | +--:(lr-vxlan)
| | +--rw vxlan
| | +--rw vni? uint32
| | +--rw vtep-ip? inet:ip-address
| +--rw tp-qos-node
| | +--rw qos-config-type? qos-config-type
| | +--rw qos-sub-type? qos-sub-type
| | +--rw in-profile-id? yang:uuid
| | +--rw out-profile-id? yang:uuid
| | +--rw in-tp-car* [index]
| | | +--rw index uint32
Even, et al. Expires March 31, 2019 [Page 10]
Internet-Draft Composed VPN YANG Model September 2018
| | | +--rw color-type? color-type
| | | +--rw action-type? action-type
| | | +--rw action? string
| | +--rw out-tp-car* [index]
| | | +--rw index uint32
| | | +--rw color-type? color-type
| | | +--rw action-type? action-type
| | | +--rw action? string
| +--rw flow-services
| +--rw qos-config-type? qos-config-type
| +--rw qos-sub-type? qos-sub-type
| +--rw in-template-id? yang:uuid
| +--rw out-template-id? yang:uuid
| +--rw flow-service* [class-id]
| +--rw class-id yang:uuid
| +--rw flow-behavior* [index]
| +--rw index uint32
| +--rw color-type? color-type
| +--rw action-type? action-type
| +--rw action? string
+--rw route-protocol* [type]
| +--rw type protocol-type
| +--rw (para)?
| +--:(static)
| | +--rw static* [index]
| | +--rw index uint32
| | +--rw dest-cidr? inet:ip-address
| | +--rw egress-tp? yang:uuid
| | +--rw route-preference? string
| | +--rw next-hop? inet:ip-address
| +--:(bgp)
| +--rw bgp* [index]
| +--rw index uint32
| +--rw as-no? uint64
| +--rw max-prefix? int32
| +--rw max-prefix-alarm? uint32
| +--rw peer-address? inet:ip-address
+--rw admin-state? admin-state
+--ro oper-state? oper-state
6.1.1. Termination Point Basic Information
The tp-basic list describes the basic information that is used to
express attachment point information(e.g., PE information) and QoS
requirements( see section 6.1.1.1 for details)of the network access
connectivity from the Termination Point (TP) of view. That means the
information described here is relative static, no matter which two
pair of peer TPs are going to connect.
Even, et al. Expires March 31, 2019 [Page 11]
Internet-Draft Composed VPN YANG Model September 2018
The type-Spec list describes the layered information on the TP, such
as ethernet layer information, or the IP layer and VXLAN information
if any higher layer protocol is enabled.
6.1.1.1. QoS
This model supports two kinds of QoS requirements as described in the
section 7 and section 8:
TP based QoS: Describes the QoS attributes on a termination point.
For example, the CAR (committed access rate) definition on the
inbound or outbound ports.
Flow based QoS: Describes the QoS attributes on a service flow.
This enables the fine grained QoS control with the capability of
identifying the service flow.
Both are applicable to network access connectivity between any two
peers within domain or across domain.
For TP based QoS, this model defines the following QoS attributes:
o "qos-config-type": Specify QoS configuration type. This model
support the following setting:standard and custom.
o " qos-sub-type": Specify QoS detailed configuration type. This
model support the following settings: car, diffserv,
diffservdomain,QoS Profile.
o "in-profile-id": Identification of the QoS Profile to be used for
downstream traffic. Local administration meaning.
o "out-profile-id": Identification of the QoS Profile to be used for
upsteam trafic. Local administration meaning.
o "in-tp-car":describe service bandwidth configurations for
downstream traffic.
o "out-tp-car": describe service bandwidth configurations for
downstream traffic.
For Flow based QoS, this model defines the following QoS attributes:
o "qos-config-type": Specify QoS configuration type. This model
support the following setting:standard and custom.
Even, et al. Expires March 31, 2019 [Page 12]
Internet-Draft Composed VPN YANG Model September 2018
o "qos-sub-type": Specify QoS detailed configuration type. This
model support the following settings: car, diffserv,
diffservdomain,QoS Profile.
o "in-template-id": Identification of the Flow template to be used
for downstream flow.Local administration meaning.
o "out-template-id": Identification of the Flow template to be used
for upstream flow. Local administration meaning.
o " flow-service": describe service bandwidth configuration for each
service flow.
6.1.2. Peer CE Node
The peer-ce-node describes CE node information associated with access
point including CE node information, TP information,address and
location. The peer CE node can be used together with the node-id and
node-addr under access-point list to identify the source endpoint and
destination endpoint of network access connectivity between any two
routers(e.g., PE or ASBR)at the edge of each domain.
6.1.3. Routing Protocols
The "routing-protocol" list defines which routing protocol must be
activated between any two routers(e.g., PE or ASBR)at the edge of
each domain. The current model supports the following settings: bgp,
rip, ospf, static. In addition, the "routing-protocol" list in this
model can be augmented with any possible routing protocols. The BGP
and static routing list are examples to show how these two widely
used routing protocols are described.
6.2. Segmented VPN
As a large network grows, it might become desirable to partition the
network into multiple domains or segments. The seg-vpn list
describes a list of Segmented VPN information from the segment point
of view. i.e., specify how it communicates with peered devices
outside this Segmented VPN. The segmented VPN information is
composed of basic VPN information and a list of access points. The
set of access points are ougoing interfaces that customer sites or
other segmented VPNs can attach. The Segmented VPN could be a layer
2 VPN, or layer 3 VPN,or even a termination point. The seg-vpn list
can be used as key component for both "ietf-composed-vpn-svc" and
"ietf-segmented-vpn".
Even, et al. Expires March 31, 2019 [Page 13]
Internet-Draft Composed VPN YANG Model September 2018
+--rw segment-vpns
+--rw segment-vpn* [index]
+--rw index uint32
+--rw protect-role? protection-role
+--rw vpn-info
+--rw (vpn-type)?
+--:(wan-vpn)
+--rw vpn
+--rw vpn-id? yang:uuid
+--rw vpn-name? string
+--rw topo? Topology
+--rw service-type? service-type
+--rw technology? tunnel-type
+--rw admin-state? admin-state
+--ro oper-state? oper-state
+--ro sync-state? sync-state
+--rw access-point* [tp-id]
...
7. Composed VPN YANG Module
<CODE BEGINS> file "ietf-composed-vpn-svc.yang"
module ietf-composed-vpn-svc {
namespace "urn:ietf:params:xml:ns:yang:ietf-composed-vpn-svc" ;
prefix cvpn ;
import ietf-yang-types {
prefix yang;
}
import ietf-segmented-vpn {
prefix svpn;
}
organization "IETF OPSAWG Working Group";
contact "
WG Web: <https://datatracker.ietf.org/wg/opsawg>
WG List: <mailto:netmod@ietf.org>
Editor: Roni Even
<mailto:roni.even@huawei.com>
Qin Wu
<mailto:bill.wu@huawei.com>
Ying Cheng
<mailto:chengying10@chinaunicom.cn>";
description "ietf-compsed-vpn";
revision 2018-08-21 {
reference "draft-evenwu-opsawg-yang-composed-vpn-00";
}
grouping vpn-basic {
Even, et al. Expires March 31, 2019 [Page 14]
Internet-Draft Composed VPN YANG Model September 2018
description "VPNBasicInfo Grouping.";
leaf topo {
type svpn:topology;
description "current support for full-mesh and
point_to_multipoint(hub-spoke), others is reserved for
future extensions." ;
}
leaf service-type {
type svpn:service-type;
description "current support for mpls l3vpn/vxlan/L2VPN
overlay, others is reserved for future extensions." ;
}
leaf technology {
type svpn:tunnel-type;
description "mpls|vxlan overlay l3vpn|eth over sdh|nop";
}
leaf admin-state {
type svpn:admin-state;
description "administrative status." ;
}
leaf oper-State {
type svpn:oper-state;
config false;
description "Operational status." ;
}
leaf sync-state {
type svpn:sync-state;
config false;
description "Sync status." ;
}
leaf start-time {
type yang:date-and-time;
description "Service lifecycle: request for service start
time." ;
}
}
container composed-vpns{
description "";
list composed-vpn {
key "vpn-id";
description "List for composed VPNs.";
uses composedvpn;
}
}
grouping composedvpn {
description "ComposedVPN Grouping.";
Even, et al. Expires March 31, 2019 [Page 15]
Internet-Draft Composed VPN YANG Model September 2018
leaf vpn-id {
type yang:uuid;
description "Composed VPN identifier." ;
}
leaf vpn-name {
type string {length "0..200";}
description "Composed VPN Name. Local administration meaning" ;
}
leaf customer-name {
type yang:uuid;
description
"Name of the customer that actually uses the VPN service.
In the case that any intermediary (e.g., Tier-2 provider
or partner) sells the VPN service to their end user
on behalf of the original service provider (e.g., Tier-1
provider), the original service provider may require the
customer name to provide smooth activation/commissioning
and operation for the service." ;
}
uses vpn-basic;
list seg-vpns {
key "index";
description "SegVpn list ";
uses svpn:segment-vpn;
}
list access-points {
key "tp-id";
description "TP list of the access links which associated
with CE and PE";
uses svpn:termination-point;
}
}
}
<CODE ENDS>
8. Segment VPN YANG Module
<CODE BEGINS> file "ietf-segmented-vpn.yang"
module ietf-segmented-vpn {
namespace "urn:ietf:params:xml:ns:yang:ietf-segmented-vpn" ;
prefix svpn;
import ietf-yang-types {
prefix yang;
}
import ietf-inet-types {
prefix inet;
}
Even, et al. Expires March 31, 2019 [Page 16]
Internet-Draft Composed VPN YANG Model September 2018
organization "IETF OPSAWG Working Group";
contact "
WG Web: <https://datatracker.ietf.org/wg/opsawg>
WG List: <mailto:netmod@ietf.org>
Editor: Roni Even
<mailto:roni.even@huawei.com>
Qin Wu
<mailto:bill.wu@huawei.com>
Cheng Ying
<mailto:chengying10@chinaunicom.cn>";
description
"This YANG module defines a generic service configuration
model for Composed VPNs. This model is common across all
vendor implementations.";
revision 2018-08-21 {
reference "draft-opsawg-evenwu-yang-composed-vpn-00";
}
typedef edge-role {
type enumeration {
enum nop {
description "nop";
}
enum pe {
description "PE";
}
enum p {
description "P";
}
enum uni {
description "UNI";
}
enum nni {
description "NNI";
}
enum asbtp {
description "AsbTP";
}
}
description "Edge Point Role.";
}
typedef topo-role {
type enumeration {
enum hub {
description "hub";
}
enum spoke {
description "spoke";
Even, et al. Expires March 31, 2019 [Page 17]
Internet-Draft Composed VPN YANG Model September 2018
}
enum other {
description "other";
}
}
description "Topo Node Role.";
}
typedef protection-role {
type enumeration {
enum nop{
description "NOP";
}
enum main{
description "MAIN";
}
}
description "Protection Role.";
}
typedef qos-config-type {
type enumeration {
enum nop{
description "nop.";
}
enum template{
description "standard.";
}
enum agile{
description "custom.";
}
}
description "Qos Config Type.";
}
typedef qos-sub-type {
type enumeration {
enum nop{
description "nop";
}
enum car{
description "CAR";
}
enum qosProfile{
description "Qos Profile";
}
enum diffservdomain{
description "diffServDomain";
}
enum diffserv{
description "diffServ";
Even, et al. Expires March 31, 2019 [Page 18]
Internet-Draft Composed VPN YANG Model September 2018
}
}
description "Qos Detail Type";
}
typedef tp-type{
type enumeration {
enum nop {
description "nop";
}
enum ptp {
description "PTP";
}
enum ctp {
description "CTP";
}
enum trunk {
description "TRUNK";
}
enum loopback {
description "LoopBack";
}
enum tppool {
description "TPPool";
}
}
description "Tp Type.";
}
typedef layer-rate{
type enumeration {
enum lr-unknow {
description "Layer Rate UNKNOW.";
}
enum lr-ip {
description "Layer Rate IP.";
}
enum lr-eth {
description "Layer Rate Ethernet.";
}
enum lr_vxlan {
description "Layer Rate VXLAN.";
}
}
description "Layer Rate.";
}
typedef admin-state {
type enumeration {
enum active {
description "Active status";
Even, et al. Expires March 31, 2019 [Page 19]
Internet-Draft Composed VPN YANG Model September 2018
}
enum inactive {
description "Inactive status";
}
enum partial {
description "Partial status";
}
}
description "Admin State.";
}
typedef oper-state {
type enumeration {
enum up {
description "Up status";
}
enum down {
description "Down status";
}
enum degrade {
description "Degrade status";
}
}
description "Operational Status.";
}
typedef sync-state {
type enumeration {
enum sync {
description "Sync status";
}
enum out-sync {
description "Out sync status";
}
}
description "Sync Status";
}
typedef eth-encap-type {
type enumeration {
enum default {
description "DEFAULT";
}
enum dot1q {
description "DOT1Q";
}
enum qinq {
description "QINQ";
}
enum untag {
description "UNTAG";
Even, et al. Expires March 31, 2019 [Page 20]
Internet-Draft Composed VPN YANG Model September 2018
}
}
description "Ethernet Encap Type.";
}
typedef protocol-type {
type enumeration {
enum static {
description "Static Routing";
}
enum bgp {
description "bgp";
}
enum rip {
description "rip";
}
enum ospf {
description "ospf";
}
enum isis {
description "isis";
}
}
description "Routing Protocol Type";
}
typedef tunnel-type {
type enumeration {
enum NOP{
description "NOP";
}
enum MPLS{
description "MPLS";
}
enum MPLS-TP{
description "MPLS-TP";
}
enum MPLS-SR {
description "MPLS Segment Routing";
}
enum SRv6 {
description "SRv6";
}
}
description "VPN Tunnel Type.";
}
typedef service-type {
type enumeration {
enum l3vpn {
Even, et al. Expires March 31, 2019 [Page 21]
Internet-Draft Composed VPN YANG Model September 2018
description "l3vpn";
}
enum l2vpn {
description "l2vpn";
}
enum vxlan {
description "vxlan";
}
}
description "VPN Service Type.";
}
typedef topology {
type enumeration {
enum any-to-any {
description "any to any";
}
enum hub-spoke {
description "hub and spoke VPN topology.";
}
enum hub-spoke-disjoint {
description "Hub and spoke VPN topology where
Hubs cannot communicate with each other ";
}
enum unknow {
description "unknown.";
}
}
description "Topology.";
}
typedef ethernet-action {
type enumeration {
enum nop {
description "nop";
}
enum untag {
description "UNTAG";
}
enum stacking {
description "STACKING";
}
}
description "Ethernet Action.";
}
typedef color-type{
type enumeration {
enum green{
description "green";
Even, et al. Expires March 31, 2019 [Page 22]
Internet-Draft Composed VPN YANG Model September 2018
}
enum yellow{
description "yellow";
}
enum red{
description "red";
}
enum all{
description "all";
}
}
description "Color Type.";
}
typedef action-type {
type enumeration {
enum nop{
description "nop";
}
enum bandwidth{
description "bandwidth";
}
enum pass{
description "pass";
}
enum discard{
description "discard";
}
enum remark{
description "remark";
}
enum redirect{
description "redirect";
}
enum recolor{
description "recolor";
}
enum addRt{
description "addRt";
}
}
description "Action Type";
}
//----------------------------------------------//
//typedef
//----------------------------------------------//
typedef PWTagMode {
type enumeration {
enum raw{
Even, et al. Expires March 31, 2019 [Page 23]
Internet-Draft Composed VPN YANG Model September 2018
description "RAW";
}
enum tagged{
description "TAGGED";
}
}
description "PWTagMode";
}
grouping QinQVlan {
description "QinQVlan Grouping.";
leaf-list cvlan {
type uint64;
description "cvlan List.";
}
leaf svlan {
type uint64;
description "svlan.";
}
}
grouping Dot1QVlan {
description "Dot1QVlan Grouping.";
leaf-list dot1q {
type uint64;
description "dot1q Vlan List";
}
}
//TpTypeSpec
grouping tp-type-spec{
description "Tp Type Spec Grouping.";
leaf layer-rate {
type layer-rate;
description "layer Rate";
}
choice spec-value {
description "Spec Value";
case lr-eth {
container eth {
description "ethernetSpec";
uses ethernet-spec;
}
}
case lr-ip {
container ip {
description "ipSpec";
uses IpSpec;
}
}
case lr-pw {
Even, et al. Expires March 31, 2019 [Page 24]
Internet-Draft Composed VPN YANG Model September 2018
container pw {
description "PwSpec";
uses PwSpec;
}
}
case lr-vxlan {
container vxlan {
description "vxlanSpec";
uses VxlanSpec;
}
}
}
}
grouping FlowServices {
description "FlowServices Grouping.";
leaf qos-config-type {
type qos-config-type;
description "qos Config Type.";
}
leaf qos-sub-type {
type qos-sub-type;
description "qosDetailType";
}
leaf in-template-id {
type yang:uuid;
description "in Flow Qos Template ID.";
}
leaf out-template-id {
type yang:uuid;
description "out Flow Qos Template ID.";
}
list flow-service {
key class-id;
description "default in flow and behaviors";
uses FlowAndBehavior;
}
}
grouping TPQosNode {
description "TPQosNode Grouping.";
leaf qos-config-type {
type qos-config-type;
description "qos Config Type.";
}
leaf qos-sub-ype {
type qos-sub-type;
description "qos Detail Type";
}
leaf in-profile-id {
Even, et al. Expires March 31, 2019 [Page 25]
Internet-Draft Composed VPN YANG Model September 2018
type yang:uuid;
description "inQosProfileId";
}
leaf out-profile-id {
type yang:uuid;
description "outQosProfileId";
}
list in-tp-car {
key index;
uses FlowBehavior;
description "inTpCar";
}
list out-tp-car {
key index;
uses FlowBehavior;
description "outTpCar";
}
}
//CE spec
grouping CeTp {
description "CeTp Grouping.";
leaf ce-id {
type yang:uuid;
description "Site router ID";
}
leaf ce-node-id {
type yang:uuid;
description "directly connected NE node ID, only valid in
asbr ";
}
leaf ce-tp-id {
type yang:uuid;
description "ce Directly connected TP id, only valid in asbr";
}
leaf ce-address {
type inet:ip-address;
description "ceIfmasterIp";
}
leaf location {
type string {length "0..400";}
description "CE device location ";
}
}
//TPBasicInfo
grouping TPBasicInfo {
description "TPBasicInfo Grouping.";
leaf tp-id {
Even, et al. Expires March 31, 2019 [Page 26]
Internet-Draft Composed VPN YANG Model September 2018
type yang:uuid;
description "An identifier for termination point on a node.";
}
leaf tp-name {
type string {length "0..200";}
description "The termination point Name on a node. It conforms to
name rule defined in system. Example FE0/0/1, GE1/2/1.1,
Eth-Trunk1.1, etc";
}
leaf node-id {
type yang:uuid;
description "Identifier for a node.";
}
leaf edge-role {
type edge-role;
description "edge role for TP, for example:UNI/NNI ";
}
leaf topo-role {
type topo-role;
description "hub/spoke role, etc";
}
leaf tp-type {
type tp-type;
description "Type";
}
leaf working-layer {
type layer-rate;
description "working layer";
}
list type-spec {
key "layer-rate";
uses tp-type-spec;
description "typeSpecList";
}
container tp-qos-node {
description "tp Qos Node.";
uses TPQosNode;
}
container flow-services{
description "flow services in one TP.";
uses FlowServices;
}
}
grouping RouteProtocolSpec {
description "Routing Protocol Spec Grouping.";
leaf type {
type protocol-type;
description "Protocol type" ;
Even, et al. Expires March 31, 2019 [Page 27]
Internet-Draft Composed VPN YANG Model September 2018
}
choice para {
description "para" ;
case static {
list static {
key "index";
uses StaticRouteItem;
description "staticRouteItems" ;
}
}
case bgp {
list bgp {
key "index";
uses BGPProtocolItem;
description "bgpProtocols" ;
}
}
}
}
grouping BGPProtocolItem {
description "BGPProtocolItem Grouping.";
leaf index {
type uint32;
description "index of BGP protocol item";
}
leaf as-no {
type uint64;
description "Peer AS Number.";
}
leaf max-prefix {
type int32;
description "maximum number limit of prefixes.";
}
leaf max-prefix-alarm {
type uint32;
description "alarm threshold of BGP rout";
}
leaf peer-address {
type inet:ip-address;
description "peerIp";
}
}
grouping StaticRouteItem {
description "StaticRouteItem Grouping.";
leaf index {
type uint32;
description "static item index";
}
Even, et al. Expires March 31, 2019 [Page 28]
Internet-Draft Composed VPN YANG Model September 2018
leaf dest-cidr {
type string;
description "address prefix specifying the set of
destination addresses for which the route may be
used. ";
}
leaf egress-tp {
type yang:uuid;
description "egress tp";
}
leaf route-preference {
type string;
description "route priority. Ordinary, work route have
higher priority.";
}
leaf next-hop {
type inet:ip-address;
description "Determines the outgoing interface and/or
next-hop address(es), or a special operation to be
performed on a packet..";
}
}
grouping ethernet-spec {
description "Ethernet Spec Grouping.";
leaf access-type {
type eth-encap-type;
description "access frame type";
}
choice accessVlanValue {
description "accessVlanValue";
case qinq {
container qinq {
description "qinqVlan";
uses QinQVlan;
}
}
case dot1q {
container dot1q {
description "dot1q";
uses Dot1QVlan;
}
}
}
leaf vlan-action {
type ethernet-action;
description "specify the action when the vlan is matched";
}
leaf action {
Even, et al. Expires March 31, 2019 [Page 29]
Internet-Draft Composed VPN YANG Model September 2018
type string{length "0..100";}
description "specify the action value.";
}
}
grouping PwSpec {
description "PwSpec Grouping.";
leaf control-word {
type boolean;
default false;
description "control Word.";
}
leaf vlan-action {
type PWTagMode;
description "pw Vlan Action.";
}
}
grouping IpSpec {
description "IpSpec Grouping.";
leaf ip-address {
type inet:ip-address;
description "master IP address";
}
leaf mtu {
type uint64;
description "mtu for ip layer,scope:46~9600";
}
}
grouping VxlanSpec {
description "VxlanSpec Grouping.";
leaf vni {
type uint32;
description "vni";
}
leaf vtep-ip {
type inet:ip-address;
description "vtep ip";
}
}
grouping FlowAndBehavior {
description "FlowAndBehavior Grouping.";
leaf class-id {
type yang:uuid;
description "flowClassifierId";
}
list flow-behavior {
key index;
uses FlowBehavior;
description "flowBehaviors";
Even, et al. Expires March 31, 2019 [Page 30]
Internet-Draft Composed VPN YANG Model September 2018
}
}
grouping FlowBehavior {
description "FlowAndBehavior Grouping.";
leaf index {
type uint32;
description "index";
}
leaf color-type {
type color-type;
description "Color Type.";
}
leaf action-type {
type action-type;
description "action Type";
}
leaf action {
type string;
description "action";
}
}
grouping VPNBasicInfo {
description "VPNBasicInfo Grouping.";
leaf topo {
type topology;
description "current support for full-mesh and
hub-spoke, others is reserved for
future extensions." ;
}
leaf service-type {
type service-type;
description "current support for mpls l3vpn/vxlan/L2VPN
overlay, others is reserved for future extensions." ;
}
leaf technology {
type tunnel-type;
description "mpls|vxlan overlay l3vpn|eth over sdh|nop";
}
leaf admin-state {
type admin-state;
description "administrative status." ;
}
leaf oper-state {
type oper-state;
config false;
description "Operational status." ;
}
leaf sync-state {
Even, et al. Expires March 31, 2019 [Page 31]
Internet-Draft Composed VPN YANG Model September 2018
type sync-state;
config false;
description "Sync status." ;
}
}
grouping VPN {
description "VPN Grouping.";
leaf vpn-id {
type yang:uuid ;
description "VPN Identifier." ;
}
leaf vpn-name {
type string {length "0..200";}
description "Human-readable name for the VPN service." ;
}
uses VPNBasicInfo;
list access-point {
key "tp-id";
description "TP list of the access links which associated
with CE and PE";
uses termination-point;
}
}
grouping termination-point {
description "grouping for termination points.";
leaf tp-id {
type yang:uuid;
description "An identifier for termination point on a node.";
}
container peer-ce-node {
description "CE TP Information.";
uses CeTp;
}
container tp-basic {
description "Termination point basic info.";
uses TPBasicInfo;
}
list route-protocol {
key "type";
description "route protocol spec.";
uses RouteProtocolSpec;
}
leaf admin-state {
type admin-state;
description "administrative status.";
}
leaf oper-state {
type oper-state;
Even, et al. Expires March 31, 2019 [Page 32]
Internet-Draft Composed VPN YANG Model September 2018
config false;
description "Operational status." ;
}
}
grouping segment-vpn {
description "SegmentVPN Grouping.";
leaf index {
type uint32;
description "index of segment VPN in a composed VPN.";
}
leaf protect-role {
type protection-role;
description "The protection role of segment VPN, by
default it is set as nop role.";
}
container vpn-info {
description "vpn information";
choice vpn-type {
description "vpn type.";
case wan-vpn {
container vpn {
description "vpn.";
uses VPN;
}
}
}
}
}
container segment-vpns {
list segment-vpn {
key "index";
description "Segment Vpn list.";
uses segment-vpn;
}
description
"Container for Segment VPN.";
}
}
<CODE ENDS>
9. Service Model Usage Example
This section provides an example of how a management system can use
this model to configure an IP VPN service on network elements.
Even, et al. Expires March 31, 2019 [Page 33]
Internet-Draft Composed VPN YANG Model September 2018
+-----------------------------------------------------------------------+
| ------- PE2----- Spoke_Site1 |
| | |
| Hub_Site -----PE1------ASBR1-------- ASBR2 |
| | |
| --------PE3 ---- Spoke_Site2 |
+----------------|----------|--------------|--------|-------------------+
| | | |
|<SegVPN1> | <SegVPN2> |<SegVPN3>
| | | |
| | | |
| Intra-AS | Inter-AS |Intra-AS|
| |
|<--------Composed VPN ----------->|
In this example, we want to achieve the provisioning of a end to end
VPN service for three sites using a Hub-and-Spoke VPN service
topology. The end to end VPN service is stitched by three segmented
VPN, two are within intra-AS domain, one is within inter AS domain.
The following XML snippet describes the overall simplified service
configuration of this composed VPN.
<?xml version="1.0"?>
<composed-vpns xmlns="urn:ietf:params:xml:ns:yang:ietf-composed-vpn-svc">
<composed-vpn>
<vpn-id>12456487</vpn-id>
<topo>hub-spoke</topo>
<service-type>hybrid-vpn</service-type>
<seg-vpns>
<index>1</index>
<vpn-info>
<vpn-id>111<vpn-id>
<topo>hub-spoke</topo>
<service-type>l2vpn</service-type>
<access-point>
<node-id>ASBR1</node-id>
<peer-ce-node>
<ce-node-id>PE1</ce-node-id>
</peer-ce-node>
<tp-basic>
<topo-role>hub</topo-role>
<flow-serices>
<in-template-id>TEMPLATE-A</in-template-id>
<out-template-id>TEMPLATE-B</out-template-id>
</flow-services>
</tp-basic>
<routing-protocol>
Even, et al. Expires March 31, 2019 [Page 34]
Internet-Draft Composed VPN YANG Model September 2018
<bgp>
<as-no>AS1</as-no>
</bgp>
<routing-protocol>
</access-point>
</vpn-info
<seg-vpns>
<seg-vpns>
<index>2</index>
<vpn-info>
<vpn-id>222<vpn-id>
<topo>hub-spoke</topo>
<service-type>l3vpn</service-type>
<access-point>
<node-id>ASBR2</node-id>
<peer-ce-node>
<ce-node-id>ASBR1</ce-node-id>
</peer-ce-node>
<tp-basic>
<topo-role>hub</topo-role>
<flow-serices>
<in-template-id>TEMPLATE-B</in-template-id>
<out-template-id>TEMPLATE-C</out-template-id>
</flow-services>
</tp-basic>
<routing-protocol>
<bgp>
<as-no>interAS-1</as-no>
</bgp>
<routing-protocol>
</access-point>
</vpn-info
<seg-vpns>
<seg-vpns>
<index>3</index>
<vpn-info>
<vpn-id>333<vpn-id>
<topo>hub-spoke</topo>
<service-type>l2vpn</service-type>
<access-point>
<node-id>PE2</node-id>
<peer-ce-node>
<ce-node-id>ASBR2</ce-node-id>
</peer-ce-node>
<tp-basic>
<topo-role>spoke</topo-role>
<flow-serices>
<in-template-id>TEMPLATE-B</in-template-id>
Even, et al. Expires March 31, 2019 [Page 35]
Internet-Draft Composed VPN YANG Model September 2018
<out-template-id>TEMPLATE-D</out-template-id>
</flow-services>
</tp-basic>
<routing-protocol>
<bgp>
<as-no>AS2</as-no>
</bgp>
<routing-protocol>
</access-point>
</vpn-info
<seg-vpns>
</composed-vpn>
</composed-vpns>
10. Interaction with other YANG models
As expressed in Section 4, this composed VPN service model is
intended to be instantiated in a management system and not directly
on network elements.
The management system's role will be to configure the network
elements. The management system may be modular and distinguish the
component instantiating the service model (let's call it "service
component") from the component responsible for network element
configuration (let's call it "configuration component"). The service
is built from a combination of networkelements and protocols
configuration which also include various aspects of the underlying
network infrastructure, including functions/devices and their
subsystems, and relevant protocols operating at the link and network
layers across multiple device. Therfore there will be a strong
relationship between the abstracted view provided by this service
model and the detailed configuration view that will be provided by
specific configuration models for network elements.
The service component will take input from customer service model
such as L3SM service model or composed VPN service model and
translate it into segment VPN in each domain and then further break
down the segment VPN into detailed configuration view that will be
provided by specific configuration models for network elements.
11. Security Considerations
The YANG module specified in this document defines a schema for data
that is designed to be accessed via network management protocols such
as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer
is the secure transport layer, and the mandatory-to-implement secure
transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer
Even, et al. Expires March 31, 2019 [Page 36]
Internet-Draft Composed VPN YANG Model September 2018
is HTTPS, and the mandatory-to-implement secure transport is TLS
[RFC5246].
The NETCONF access control model [RFC6536] provides the means to
restrict access for particular NETCONF or RESTCONF users to a
preconfigured subset of all available NETCONF or RESTCONF protocol
operations and content.
There are a number of data nodes defined in this YANG module that are
writable/creatable/deletable (i.e., config true, which is the
default). These data nodes may be considered sensitive or vulnerable
in some network environments. Write operations (e.g., edit-config)
to these data nodes without proper protection can have a negative
effect on network operations. These are the subtrees and data nodes
and their sensitivity/vulnerability:
o /composed-vpns/composed-vpn
The entries in the list above include the whole composed vpn
service configurations which the customer subscribes, and
indirectly create or modify the PE,CE and ASBR device
configurations. Unexpected changes to these entries could lead to
service disruption and/or network misbehavior.
o /composed-vpns/composed-vpn/seg-vpns
The entries in the list above include the access points
configurations. As above, unexpected changes to these entries
could lead to service disruption and/or network misbehavior.
o /composed-vpns/composed-vpn/access-points
The entries in the list above include the access points
configurations. As above, unexpected changes to these entries
could lead to service disruption and/or network misbehavior.
12. IANA Considerations
This document registers a URI in the IETF XML registry [RFC3688].
Following the format in [RFC3688], the following registrations are
requested to be made:
Even, et al. Expires March 31, 2019 [Page 37]
Internet-Draft Composed VPN YANG Model September 2018
---------------------------------------------------------------------
URI: urn:ietf:params:xml:ns:yang:ietf-composed-vpn-svc
Registrant Contact: The IESG
XML: N/A; the requested URI is an XML namespace.
URI: urn:ietf:params:xml:ns:yang:ietf-segmented-vpn
Registrant Contact: The IESG
XML: N/A; the requested URI is an XML namespace.
---------------------------------------------------------------------
This document registers two YANG modules in the YANG Module Names
registry [RFC6020].
---------------------------------------------------------------------
Name: ietf-composite-vpn-svc
Namespace: urn:ietf:params:xml:ns:yang:ietf-composed-vpn-svc
Prefix: composite-svc
Reference: RFC xxxx
Name: ietf-segmented-vpn
Namespace: urn:ietf:params:xml:ns:yang:ietf-segmented-vpn
Prefix: segment-vpn
Reference: RFC xxxx
---------------------------------------------------------------------
13. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", March 1997.
[RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
DOI 10.17487/RFC3688, January 2004,
<https://www.rfc-editor.org/info/rfc3688>.
[RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private
Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February
2006, <https://www.rfc-editor.org/info/rfc4364>.
[RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security
(TLS) Protocol Version 1.2", RFC 5246,
DOI 10.17487/RFC5246, August 2008,
<https://www.rfc-editor.org/info/rfc5246>.
[RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for
the Network Configuration Protocol (NETCONF)", RFC 6020,
DOI 10.17487/RFC6020, October 2010,
<https://www.rfc-editor.org/info/rfc6020>.
Even, et al. Expires March 31, 2019 [Page 38]
Internet-Draft Composed VPN YANG Model September 2018
[RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed.,
and A. Bierman, Ed., "Network Configuration Protocol
(NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011,
<https://www.rfc-editor.org/info/rfc6241>.
[RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure
Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011,
<https://www.rfc-editor.org/info/rfc6242>.
[RFC6370] Bocci, M., Swallow, G., and E. Gray, "MPLS Transport
Profile (MPLS-TP) Identifiers", RFC 6370,
DOI 10.17487/RFC6370, September 2011,
<https://www.rfc-editor.org/info/rfc6370>.
[RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration
Protocol (NETCONF) Access Control Model", RFC 6536,
DOI 10.17487/RFC6536, March 2012,
<https://www.rfc-editor.org/info/rfc6536>.
[RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language",
RFC 7950, DOI 10.17487/RFC7950, August 2016,
<https://www.rfc-editor.org/info/rfc7950>.
[RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF
Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017,
<https://www.rfc-editor.org/info/rfc8040>.
[RFC8309] Wu, Q., Liu, W., and A. Farrel, "Service Models
Explained", RFC 8309, DOI 10.17487/RFC8309, January 2018,
<https://www.rfc-editor.org/info/rfc8309>.
Appendix A. Acknowledges
Geng Liang,Congfeng Xie, Chen Rui, LiYa Zhang,Hui Deng contributed to
an earlier version of [I-D.chen-opsawg-composite-vpn-dm]. We would
like to thank the authors of that document on the operators' view for
the PE-based VPN service configuration for material that assisted in
thinking about this document.
Authors' Addresses
Roni Even
Huawei Technologies,Co.,Ltd
Tel Aviv
Israel
Email: roni.even@huawei.com
Even, et al. Expires March 31, 2019 [Page 39]
Internet-Draft Composed VPN YANG Model September 2018
Qin Wu
Huawei
101 Software Avenue, Yuhua District
Nanjing, Jiangsu 210012
China
Email: bill.wu@huawei.com
YingCheng
China Unicom
No.21 Financial Street, XiCheng District
Beijing 100033
China
Email: chengying10@chinaunicom.cn
Even, et al. Expires March 31, 2019 [Page 40]