Network Working Group                                           M. Scott
Internet-Draft                                                    Nortel
Intended status: Standards Track                            M. Bjorklund
Expires: January 13, 2010                                 Tail-f Systems
                                                             S. Chisholm
                                                                  Nortel
                                                           July 12, 2009


                       NETCONF Monitoring Schema
                    draft-ietf-netconf-monitoring-07

Status of this Memo

   This Internet-Draft is submitted to IETF in full conformance with the
   provisions of BCP 78 and BCP 79.  This document may contain material
   from IETF Documents or IETF Contributions published or made publicly
   available before November 10, 2008.  The person(s) controlling the
   copyright in some of this material may not have granted the IETF
   Trust the right to allow modifications of such material outside the
   IETF Standards Process.  Without obtaining an adequate license from
   the person(s) controlling the copyright in such materials, this
   document may not be modified outside the IETF Standards Process, and
   derivative works of it may not be created outside the IETF Standards
   Process, except to format it for publication as an RFC or to
   translate it into languages other than English.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on January 13, 2010.

Copyright Notice

   Copyright (c) 2009 IETF Trust and the persons identified as the



Scott, et al.           Expires January 13, 2010                [Page 1]


Internet-Draft          NETCONF Monitoring Schema              July 2009


   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents in effect on the date of
   publication of this document (http://trustee.ietf.org/license-info).
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.












































Scott, et al.           Expires January 13, 2010                [Page 2]


Internet-Draft          NETCONF Monitoring Schema              July 2009


Abstract

   This document defines a NETCONF data model (in XML Schema) to be used
   to monitor the NETCONF protocol.  The monitoring data model includes
   information about NETCONF datastores, sessions, locks and statistics.
   This data facilitates the management of a NETCONF server.  This
   document also defines methods for NETCONF clients to discover data
   models supported by a NETCONF server and defines a new NETCONF <get-
   schema> operation to retrieve them.


Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  4
     1.1.  Definition of Terms  . . . . . . . . . . . . . . . . . . .  4
   2.  XML Schema to Monitor NETCONF  . . . . . . . . . . . . . . . .  5
     2.1.  The /netconf-state Subtree . . . . . . . . . . . . . . . .  5
       2.1.1.  The /netconf-state/capabilities Subtree  . . . . . . .  5
       2.1.2.  The /netconf-state/datastores Subtree  . . . . . . . .  6
       2.1.3.  The /netconf-state/schemas Subtree . . . . . . . . . .  6
       2.1.4.  The /netconf-state/sessions Subtree  . . . . . . . . .  7
       2.1.5.  The /netconf-state/statistics Subtree  . . . . . . . .  9
   3.  Schema Specific Operations . . . . . . . . . . . . . . . . . . 11
     3.1.  The <get-schema> Operation . . . . . . . . . . . . . . . . 11
   4.  Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
     4.1.  Retrieving Schema List via <get> Operation . . . . . . . . 12
     4.2.  Retrieving Schema Instances  . . . . . . . . . . . . . . . 14
   5.  XSD Schema . . . . . . . . . . . . . . . . . . . . . . . . . . 16
     5.1.  NETCONF Monitoring Schema  . . . . . . . . . . . . . . . . 16
     5.2.  inet:host schema . . . . . . . . . . . . . . . . . . . . . 26
   6.  Security Considerations  . . . . . . . . . . . . . . . . . . . 29
   7.  Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 30
   8.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 31
   9.  References . . . . . . . . . . . . . . . . . . . . . . . . . . 32
     9.1.  Normative References . . . . . . . . . . . . . . . . . . . 32
     9.2.  Informative References . . . . . . . . . . . . . . . . . . 32
   Appendix A.  YANG module (non-normative) . . . . . . . . . . . . . 33
   Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 42













Scott, et al.           Expires January 13, 2010                [Page 3]


Internet-Draft          NETCONF Monitoring Schema              July 2009


1.  Introduction

   This document defines NETCONF content via [XMLSchema] to be used to
   monitor the NETCONF protocol.  It provides information about NETCONF
   sessions.  Today, NETCONF capabilities exchange is the only
   standardized method a client can use to discover the functionality
   supported by a NETCONF server.  This works well for static protocol
   capabilities but is not well suited for capabilities which could
   change during a session.

   Considerations such as different schema formats, feature optionality
   and access controls can all impact the applicability and level of
   detail the NETCONF server sends to a client during session setup.
   Through updated monitoring data NETCONF clients can adjust their
   capabilities throughout a session.  Specifically the details returned
   can be used by a client to determine whether retrieval of new schema
   information is required and includes the information required to
   facilitate the retrieval.  The methods defined in this document
   address the need for further means to query and retrieve schema and
   netconf state information from a NETCONF server.  These are provided
   to complement existing base NETCONF capabilities and operations and
   in no way affect existing behaviour.

   A new <get-schema> operation is also defined to support explicit
   schema retrieval via NETCONF.

1.1.  Definition of Terms

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as d/lockedescribed in [RFC2119].

   Schema:  A machine readable data model definition.  The schema is
      independent of which data modeling language is used for the data
      model.

   XML Schema:  The W3C XML Schema [XMLSchema] data modeling language.

   YANG:  YANG is a data modeling language used to model configuration
      and state data manipulated by the NETCONF protocol, NETCONF remote
      procedure calls, and NETCONF notifications.










Scott, et al.           Expires January 13, 2010                [Page 4]


Internet-Draft          NETCONF Monitoring Schema              July 2009


2.  XML Schema to Monitor NETCONF

   The following data allows a NETCONF client to monitor both the
   NETCONF server itself and the associated network device operational
   data.  A server that implements the data model defined in this
   document MUST advertise the capability URI
   "urn:ietf:params:xml:ns:netconf:state".  The specific monitoring data
   defined in this draft which MUST be present follows.

2.1.  The /netconf-state Subtree


  The /netconf-state subtree is the root of the monitoring
  data model.  It acts as the container for the other monitored data.

    netconf-state
     |_capabilities
     |_datastores
     |_schemas
     |_sessions
     |_statistics

  capabilities
    List of NETCONF capabilities supported by the server.

  datastores
    List of NETCONF datastores on the server.
    Includes all supported datastore types (running, candidate, startup)

  schemas
    List of schemas supported on the server.
    Includes all the information required to identify the schemas and
    to support their retrieval.

  sessions
    List of all active NETCONF sessions on the device.
    Includes sessions for all NETCONF clients across all protocols.

  statistics
    Contains management stats for the NETCONF server
     including performance and error related counters.

2.1.1.  The /netconf-state/capabilities Subtree

   The /netconf-state/capabilibiles subtree contains the capabilities
   supported by the NETCONF server.  The list MUST include all
   capabilities exchanged during session setup still applicable at the
   time of the request.  This ensures consistency with the initial



Scott, et al.           Expires January 13, 2010                [Page 5]


Internet-Draft          NETCONF Monitoring Schema              July 2009


   capabilities exchanged while allowing for potential modifications
   during a session.

2.1.2.  The /netconf-state/datastores Subtree

The /netconf-state/datastores subtree contains the list of
available datastores for the NETCONF server and includes
information on their lock state.

configuration (type:  ConfigurationDataStore)
     |_name
     |_locks

name (type: NETCONFDatastoreType)
   Enumeration of supported datastores; candidate, running, startup.

locks (type: xs:choice)
   The NETCONF <lock> and <partial-lock> operations allow a client
   to lock specific resources in a datastore.  The NETCONF server will
   prevent changes to the locked resources by all sessions except
   the one which acquired the lock(s).

   To provide clients the ability to manage locked resources lock
   information is provided for each ConfigurationDataStore instance.
   The lock data includes details such as the session which acquired
   the lock, the type of lock (global or partial) and the list of locked
   resources.  Multiple locks per datastore are supported.

   Both a global lock and a partial lock MUST contain the sessionId.

   For partial locks the list of locked nodes and the select expressions
   originally used to request the lock are returned. The scope of the
   partial lock is defined by the list of locked nodes. This list might
   change during the lifetime of the lock.  The select expressions
   indicate the original intended scope of the lock.

2.1.3.  The /netconf-state/schemas Subtree














Scott, et al.           Expires January 13, 2010                [Page 6]


Internet-Draft          NETCONF Monitoring Schema              July 2009


  The list of supported schema for the NETCONF server.

   schema
      |_identifier   (key)
      |_version      (key)
      |_format       (key)
      |_namespace
      |_location

  The elements identifier, version, and format are used as a key in the
  schema list.  These are used in the <get-schema> operation.

  identifier (type: xs:string)
    Identifier for the schema list entry.  For modeling languages which
    support or require a data model name (eg: YANG module name) the
    identifier MUST match that name.  For modeling lanuguages which
    do not this must contain some other identifier such as filename.

    Identifier is used in the <get-schema> operation and may
    be used for other means such as file retrieval.

  version (type:  xs:string)
    Version of the schema supported.  Multiple versions MAY be supported
    simultaneously by a NETCONF server.  Each version MUST be reported
    individually in the schema list, i.e. with same identifier, possibly
    different location, but different version.

  format (type: xs:QName)
    The data modeling language of the file/module.  Current selection of
    xsd, yang, yin, rng and rnc.

  namespace(type: xs:anyURI)
    The XML namespace defined by the data model.

  location (type:  xs:union: xs:string, xs:anyURI)
    One of more locations from which this specific schema, format, and
    version can be retrieved.  The list SHOULD contain at least one
    entry per schema.

    A schema entry may be located on a network device (eg: xs:anyURI),
    (eg: xs:string reference to file system for ftp retrieval) or
    available explicitly via NETCONF (xs:string value 'NETCONF') for
    NETCONF servers which support the <get-schema> operation.

2.1.4.  The /netconf-state/sessions Subtree

   Includes session specific data for NETCONF management sessions.




Scott, et al.           Expires January 13, 2010                [Page 7]


Internet-Draft          NETCONF Monitoring Schema              July 2009


   sessions (type: ManagementSession):

   session
          |_sessionId (key)
          |_transport
          |_username
          |_sourceHost
          |_loginTime
          |_inRpcs
          |_inBadRpcs
          |_outRpcErrors
          |_outNotifications

   sessionId (type: SessionId)
     Unique NETCONF identifier for the session, used for all
     supported operations (e.g. monitoring, session kill, lock
     release) regardless of protocol.
     MUST be a unique non-0 value for all sessions reported.
     SessionId=0 will not be reported in the session table.
     For purposes of NETCONF management all sessions are one of:
        Known session:  any session which can be managed by the
           NETCONF server SHOULD be reported in this table and
           MUST map to a unique sessionId as described above
        Unknown session:  such sessions are not managed by the
           NETCONF server and all map to sessionId=0.  These MUST
           be excluded from the session table as a result.
      SessionId=0 will continue to be reported in error messages
      with sessionId=0 per existing 4741 definition.

   transport (type: xs: QName)
     Idenfities NETCONF transport for each session, e.g. "netconf-ssh".

   username (type: xs:string)
     Subject to the authentication mechanisms and security
     considerations this SHOULD contain an identifier which
     can be used to uniquely identify an individual client
     (human or machine).  This is likely be implementation
     specific subject to the security requirements of the
     device vendor and/or operators.  e.g. an SSH user, a host RSA
     fingerprint or other identifier deemed acceptable

   sourceHost (type: inet:host)
     Host identifier (IP + name) for the client.
     See section 5.2 for definition.

   loginTime (type: xs:dateTime)
     Time at which the session was established.




Scott, et al.           Expires January 13, 2010                [Page 8]


Internet-Draft          NETCONF Monitoring Schema              July 2009


   inRpcs (type: ZeroBasedCounter32)
     Number of correct <rpc> requests received.

   inBadRpcs (type: ZeroBasedCounter32)
     Number of messages received when a <rpc> message was expected,
     that were not correct <rpc> messages.  This includes XML parse
     errors and errors on the rpc layer.

   outRpcErrors (type: ZeroBasedCounter32)
     Number of <rpc-reply> messages sent which contained an <rpc-error>
     element.

   outNotifications (type: ZeroBasedCounter32)
     Number of <notification> messages sent.

2.1.5.  The /netconf-state/statistics Subtree

 Statistical data pertaining to the NETCONF server.

 statistics
    |_netconfStartTime
    |_inBadHellos
    |_inSessions
    |_droppedSessions
    |_inRpcs
    |_inBadRpcs
    |_outRpcErrors
    |_outNotifications

 statistics (type: ManagementStatistics):
   Contains management session related performance data for the NETCONF
   server.

   Data type ZeroBasedCounter32 is defined and used for counters.
   Counters are zero based with following reset behaviour:
      - at start of a session for all per session counters
        (in /netconf-state/sessions)
      - re-initilization of NETCONF server for global counters
        (in /netconf-state/statistics)
      - when max value is reached for all per session and global
        counters

 netconfStartTime (type: xs:dateTime)
   Date and time at which the NETCONF server process was started.
   Allows for calculation of simple time interval for reported metrics.
   Ie:  current time - startTime defines the collection interval for the
   metrics allowing for calculations such as averages.
   More complex calculations would require multiple collection



Scott, et al.           Expires January 13, 2010                [Page 9]


Internet-Draft          NETCONF Monitoring Schema              July 2009


   intervals with both start and stop times defined per interval.

 inBadHellos (type: ZeroBasedCounter32)
   Number of sessions silently dropped because an
   invalid <hello> message was received.  This includes hello
   messages with a 'session-id' attribute, bad namespace, and
   bad capability declarations.

 inSessions (type: ZeroBasedCounter32)
   Number of sessions started.  This counter is incremented when
   a <hello> message with a <session-id> is sent.
   I.e. inSessions - inBadHellos = number of correctly started
    netconf sessions

 droppedSessions (type: ZeroBasedCounter32)
   Number of sessions that were abnormally terminated, e.g. due
   to idle timeout or transport close.  This counter is not
   incremented when a session is properly closed by a
   <close-session> operation, or killed by a <kill-session>
   operation.

 inRpcs (type: ZeroBasedCounter32)
   Number of correct <rpc> requests received.

 inBadRpcs (type: ZeroBasedCounter32)
   Number of messages received when a <rpc> message was expected,
   that were not correct <rpc> messages.  This includes XML parse
   errors and errors on the rpc layer.

 outRpcErrors (type: ZeroBasedCounter32)
   Number of <rpc-reply> messages sent which contained an <rpc-error>
   element.

 outNotifications (type: ZeroBasedCounter32)
   Number of <notification> messages sent.
















Scott, et al.           Expires January 13, 2010               [Page 10]


Internet-Draft          NETCONF Monitoring Schema              July 2009


3.  Schema Specific Operations

3.1.  The <get-schema> Operation


Description:

When the schema is available on the device and the client
wishes to have it returned via NETCONF this new operation
is used.

Parameters:

  identifier (type: xs:string):
    Identifier for the schema list entry.

  version (type: xs:string):
    Version of the schema supported.

  format (type: SchemaFormat):
    The data modeling language of the schema.

Positive Response:

  The NETCONF server returns the requested schema.

Negative Response:

  If requested schema does not exist, the <error-tag> is 'data-missing'.






















Scott, et al.           Expires January 13, 2010               [Page 11]


Internet-Draft          NETCONF Monitoring Schema              July 2009


4.  Examples

4.1.  Retrieving Schema List via <get> Operation


A NETCONF client retrieves the list of supported schema from
a NETCONF server by retrieving the /netconf-state/schema
subtree via a <get> operation.

Available schema for the requesting session are returned in the
reply containing the  <identifier> ,<version>, <format>
and <location> elements.

Since the same schema may be available in multiple locations
and/or have multiple versions and/or multiple formats no
particular attribute is unique.

The response data can be used to determine the available schema
and their versions.  The schema itself (i.e. schema content) is
not returned in the response.  The URL details returned in the
list SHOULD facilitate retrieval from a network location via a
means such as ftp or http.

Additionally the ability to retrieve a schema via NETCONF SHOULD be
supported.  When a schema is available on the device and the
<get-schema> operation is supported by the NETCONF server a
location value of 'NETCONF' MUST be used to indicate that it can be
retrieved via NETCONF using the <get-schema> operation described
in section 3.1.

Example:

<rpc message-id="101"
     xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
   <get>
     <filter type="subtree">
       <netconf-state xmlns="urn:ietf:params:xml:ns:netconf:state">
         <schemas/>
       </netconf-state>
     </filter>
   </get>
 </rpc>


The NETCONF server returns a list of data models available for
retrieval.





Scott, et al.           Expires January 13, 2010               [Page 12]


Internet-Draft          NETCONF Monitoring Schema              July 2009


<rpc-reply message-id="101"
           xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
  <data>
    <netconf-state xmlns="urn:ietf:params:xml:ns:netconf:state">
      <schemas>
        <schema>
          <identifier>foo</identifier>
          <version>1.0</version>
          <format>xsd</format>
          <namespace>http://example.com/foo</namespace>
          <location>ftp://ftp.example.com/schemas/foo_1.0.xsd</location>
          <location>http://www.example.com/schema/foo_1.0.xsd</location>
          <location>NETCONF</location>
        </schema>
        <schema>
          <identifier>foo</identifier>
          <version>1.1</version>
          <format>xsd</format>
          <namespace>http://example.com/foo</namespace>
          <location>ftp://ftp.example.com/schemas/foo_1.1.xsd</location>
          <location>http://www.example.com/schema/foo_1.1.xsd</location>
          <location>NETCONF</location>
        </schema>
        <schema>
          <identifier>bar</identifier>
          <version>2008-06-01</version>
          <format>yang</format>
          <namespace>http://example.com/bar</namespace>
          <location>
            http://example.com/schema/bar-2008-06-01.yang
          </location>
          <location>NETCONF</location>
        </schema>
        <schema>
          <identifier>bar-types</identifier>
          <version>2008-06-01</version>
          <format>yang</format>
          <namespace>http://example.com/bar</namespace>
          <location>
            http://example.com/schema/bar-types-2008-06-01.yang
          </location>
          <location>NETCONF</location>
        </schema>
      </schemas>
    </netconf-state>
  </data>
</rpc-reply>




Scott, et al.           Expires January 13, 2010               [Page 13]


Internet-Draft          NETCONF Monitoring Schema              July 2009


4.2.  Retrieving Schema Instances

   Given the reply in the previous section, the following examples
   illustrate the retrieval of 'foo', 'bar', and 'bar-types' schema at
   multiple locations, with multiple formats, and in multiple locations.

     1.  foo,  version 1.0 in xsd format:

       a.  Via FTP using location
           ftp://ftp.example.com/schemas/foo_1.0.xsd

       b.  Via HTTP using location
           http://www.example.com/schema/foo/1.0.xsd

       c.  Via <get-schema> using identifier, version, and
       format parameters.


       <rpc message-id="101"
         xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
         <get-schema xmlns="urn:ietf:params:xml:ns:netconf:state">
           <identifier>foo</identifier>
           <version>v1</version>
           <format>xsd</format>
         </get-schema>
       </rpc>

       <rpc-reply message-id="101"
         xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
         <data xmlns="urn:ietf:params:xml:ns:netconf:state">
           <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema">
             <!-- foo v1 xsd schema contents here -->
           </xs:schema>
         </data>
       </rpc-reply>


     2. bar, version 2008-06-01 in YANG format:

       a.  Via HTTP using location
           http://example.com/schema/bar-2008-06-01.yang

       b.  Via <get-schema> using identifer, version, and
           format parameters:

         <rpc message-id="102"
           xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
           <get-schema xmlns="urn:ietf:params:xml:ns:netconf:state">



Scott, et al.           Expires January 13, 2010               [Page 14]


Internet-Draft          NETCONF Monitoring Schema              July 2009


             <identifer>bar</identifer>
             <version>2008-06-01</version>
             <format>yang</format>
           </get-schema>
         </rpc>

         <rpc-reply message-id="102"
           xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
           <data xmlns="urn:ietf:params:xml:ns:netconf:state">
             module bar {
               bar version 2008-06-01 yang module
               contents here ...
             }
           </data>
         </rpc-reply>


     3. bar-types, version 2008-06-01 in YANG format:

       a. Via <get-schema> using identifer, version, and
          format parameters:

       <rpc message-id="103"
         xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
         <get-schema xmlns="urn:ietf:params:xml:ns:netconf:state">
           <identifer>bar-types</identifer>
           <version>2008-06-01</version>
           <format>yang</format>
         </get-schema>
       </rpc>

       <rpc-reply message-id="103"
         xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
         <data xmlns="urn:ietf:params:xml:ns:netconf:state">
           module bar-types {
             bar-types version 2008-06-01 yang module
             contents here ...
           }
         </data>
       </rpc-reply>











Scott, et al.           Expires January 13, 2010               [Page 15]


Internet-Draft          NETCONF Monitoring Schema              July 2009


5.  XSD Schema

5.1.  NETCONF Monitoring Schema

   The data model described in this memo is defined in the following
   XSD.


<?xml version="1.0" encoding="utf-8"?>
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
  xmlns:netconf="urn:ietf:params:xml:ns:netconf:base:1.0"
  xmlns:ncEvent="urn:ietf:params:xml:ns:netconf:notification:1.0"
  xmlns:inet="urn:ietf:params:xml:ns:inet-types"
  targetNamespace="urn:ietf:params:xml:ns:netconf:state"
  xmlns="urn:ietf:params:xml:ns:netconf:state"
  elementFormDefault="qualified">
  <!-- import base netconf definitions -->
  <xs:import namespace="urn:ietf:params:xml:ns:netconf:base:1.0"
          schemaLocation="netconf.xsd" />
  <xs:import namespace="urn:ietf:params:xml:ns:netconf:notification:1.0"
          schemaLocation="notification.xsd" />
  <xs:import namespace="urn:ietf:params:xml:ns:inet-types"
          schemaLocation="inet-ip.xsd" />
  <!-- Model -->
  <xs:element name="netconf-state">
    <xs:complexType>
      <xs:sequence>
        <xs:element name="capabilities" minOccurs="1" maxOccurs="1">
          <xs:annotation>
            <xs:documentation>
              The list of currently provided NETCONF capabilities.
              This may be different than those exchanged during
              session setup (i.e. hello).
            </xs:documentation>
          </xs:annotation>
          <xs:complexType>
            <xs:sequence>
                    <xs:element name="capability" type="xs:anyURI"
                            maxOccurs="unbounded" />
            </xs:sequence>
          </xs:complexType>
        </xs:element>
        <xs:element name="datastores" minOccurs="1" maxOccurs="1">
          <xs:annotation>
            <xs:documentation>
              Contains the NETCONF configurations datastores available
              on the device.
            </xs:documentation>



Scott, et al.           Expires January 13, 2010               [Page 16]


Internet-Draft          NETCONF Monitoring Schema              July 2009


          </xs:annotation>
          <xs:complexType>
            <xs:sequence>
                    <xs:element name="datastore"
                            type="ConfigurationDatastore"
                            minOccurs="0" maxOccurs="unbounded" />
            </xs:sequence>
          </xs:complexType>
        </xs:element>
        <xs:element name="schemas" minOccurs="0" maxOccurs="1">
          <xs:annotation>
            <xs:documentation>
              Contains the list of supported schemas on the device.
              I.e. NETCONF data models, interface descriptions, etc.
            </xs:documentation>
          </xs:annotation>
          <xs:complexType>
            <xs:sequence>
                    <xs:element name="schema" type="SchemaEntry"
                            minOccurs="0" maxOccurs="unbounded" />
            </xs:sequence>
          </xs:complexType>
        </xs:element>
        <xs:element name="sessions" minOccurs="1" maxOccurs="1">
          <xs:annotation>
            <xs:documentation>
              Contains the details on active sessions on the device.
              Covers both NETCONF and non-NETCONF management sessions.
            </xs:documentation>
          </xs:annotation>
          <xs:complexType>
            <xs:sequence>
                    <xs:element name="session" type="ManagementSession"
                            minOccurs="0" maxOccurs="unbounded" />
            </xs:sequence>
          </xs:complexType>
        </xs:element>
        <xs:element name="statistics" type="ManagementStatistics"
                minOccurs="0" maxOccurs="1">
          <xs:annotation>
            <xs:documentation>
              Contains  management metrics for the NETCONF server.
            </xs:documentation>
          </xs:annotation>
        </xs:element>
      </xs:sequence>
    </xs:complexType>
  </xs:element>



Scott, et al.           Expires January 13, 2010               [Page 17]


Internet-Draft          NETCONF Monitoring Schema              July 2009


  <!-- Group definition -->
  <xs:group name="CommonCounters">
    <xs:annotation>
      <xs:documentation>
        Counters that exist both per session, and also globally,
        accumulated from all sessions.
      </xs:documentation>
    </xs:annotation>
    <xs:sequence>
      <xs:element name="inRpcs" type="ZeroBasedCounter32">
        <xs:annotation>
          <xs:documentation>
            Number of correct &lt;rpc&gt; requests received.
          </xs:documentation>
        </xs:annotation>
      </xs:element>
      <xs:element name="inBadRpcs" type="ZeroBasedCounter32">
        <xs:annotation>
          <xs:documentation>
            Number of messages received when a &lt;rpc&gt; message was
            expected, that were not correct &lt;rpc&gt; messages.  This
            includes XML parse errors and errors on the rpc layer.
          </xs:documentation>
        </xs:annotation>
      </xs:element>
      <xs:element name="outRpcErrors" type="ZeroBasedCounter32">
        <xs:annotation>
          <xs:documentation>
            Number of &lt;rpc-reply&gt; messages sent which contained an
            &lt;rpc-error&gt; element.
          </xs:documentation>
        </xs:annotation>
      </xs:element>
      <xs:element name="outNotifications" type="ZeroBasedCounter32">
        <xs:annotation>
          <xs:documentation>
            Number of &lt;notification&gt; messages sent.
          </xs:documentation>
        </xs:annotation>
      </xs:element>
    </xs:sequence>
  </xs:group>
  <!-- Complex type definitions -->
  <xs:complexType name="ConfigurationDatastore">
    <xs:annotation>
      <xs:documentation>
        Contains information on the datastores available on
        the NETCONF server including locks.



Scott, et al.           Expires January 13, 2010               [Page 18]


Internet-Draft          NETCONF Monitoring Schema              July 2009


      </xs:documentation>
    </xs:annotation>
    <xs:sequence>
      <xs:element name="name" type="NETCONFDatastoreType">
        <xs:annotation>
          <xs:documentation>
            enumeration of supported datastores; candidate,
            running, startup
          </xs:documentation>
        </xs:annotation>
      </xs:element>
      <xs:element name="locks" minOccurs="0">
        <xs:annotation>
          <xs:documentation>
            An indication of whether a resource is locked or
            unlocked.  If locked, additional information about
            the locking such as user an time stamp is provided.
          </xs:documentation>
        </xs:annotation>
        <xs:complexType>
          <xs:choice minOccurs="0">
            <xs:element name="globalLock" type="GlobalLock">
              <xs:annotation>
                <xs:documentation>
                  Present if a global lock is set.
                </xs:documentation>
              </xs:annotation>
            </xs:element>
            <xs:element name="partialLocks" type="PartialLock"
                    minOccurs="0" maxOccurs="unbounded">
              <xs:annotation>
                <xs:documentation>
                  Present if at least one partial lock is set.
                </xs:documentation>
              </xs:annotation>
            </xs:element>
          </xs:choice>
        </xs:complexType>
      </xs:element>
    </xs:sequence>
  </xs:complexType>
  <xs:complexType name="SchemaEntry">
    <xs:annotation>
      <xs:documentation>
        Contains the information used to describe the schema.
      </xs:documentation>
    </xs:annotation>
    <xs:sequence>



Scott, et al.           Expires January 13, 2010               [Page 19]


Internet-Draft          NETCONF Monitoring Schema              July 2009


      <xs:element name="identifier" type="xs:string">
        <xs:annotation>
          <xs:documentation>
            Identifier to uniquely reference the schema.
          </xs:documentation>
        </xs:annotation>
      </xs:element>
      <xs:element name="version" type="xs:string">
        <xs:annotation>
          <xs:documentation>
            Version of the schema supported.  Multiple versions can be
            supported simultaneously.
          </xs:documentation>
        </xs:annotation>
      </xs:element>
      <xs:element name="format" type="xs:QName">
        <xs:annotation>
          <xs:documentation>
            Schema language for the file/module.  Eg: ns:xsd, ns:yang
          </xs:documentation>
        </xs:annotation>
      </xs:element>
      <xs:element name="namespace" type="xs:anyURI">
        <xs:annotation>
          <xs:documentation>
            The XML namespace defined by the data model.
          </xs:documentation>
        </xs:annotation>
      </xs:element>
      <xs:element name="location" minOccurs="0" maxOccurs="unbounded">
        <xs:annotation>
          <xs:documentation>
            A location from which the schema can be retrieved.  Can be
            either on the network device retrievable explicitly via
            the get-schema netconf operation (denoted by the value
            'NETCONF') or some network location (i.e. URL).
          </xs:documentation>
        </xs:annotation>
        <xs:simpleType>
          <xs:union>
            <xs:simpleType>
              <xs:restriction base="xs:string">
                <xs:enumeration value="NETCONF" />
              </xs:restriction>
            </xs:simpleType>
            <xs:simpleType>
              <xs:restriction base="xs:anyURI"></xs:restriction>
            </xs:simpleType>



Scott, et al.           Expires January 13, 2010               [Page 20]


Internet-Draft          NETCONF Monitoring Schema              July 2009


          </xs:union>
        </xs:simpleType>
      </xs:element>
    </xs:sequence>
  </xs:complexType>
  <xs:complexType name="ManagementSession">
    <xs:annotation>
      <xs:documentation>
        Contains information related to managment sessions on
        the device.
    </xs:documentation>
    </xs:annotation>
    <xs:sequence>
      <xs:element name="sessionId" type="netconf:SessionId">
        <xs:annotation>
          <xs:documentation>  Unique NETCONF identifier for the session,
        used for all supported operations (e.g. monitoring, session
        kill, lock release) regardless of protocol.
        MUST be a unique non-0 value for all sessions reported.
        SessionId=0 will not be reported in the session table.
        For purposes of NETCONF management all sessions are one of:
           Known session:  any session which can be managed by the
              NETCONF server SHOULD be reported in this table and MUST
              map to a unique sessionId as described above
           Unknown session:  such sessions are not managed by the
              NETCONF server and all map to sessionId=0.  These MUST
              be excluded from the session table as a result.
        SessionId=0 will continue to be reported in error messages
        with sessionId=0 per existing 4741 definition.
        </xs:documentation>
        </xs:annotation>
      </xs:element>
      <xs:element name="transport" type="xs:QName">
        <xs:annotation>
          <xs:documentation>
            Identifies the transport for each session, e.g.
            ns:netconf-ssh, ns:netconf-beep.
          </xs:documentation>
        </xs:annotation>
      </xs:element>
      <xs:element name="username" type="xs:string">
        <xs:annotation>
          <xs:documentation>
            Session owner.
          </xs:documentation>
        </xs:annotation>
      </xs:element>
      <xs:element name="sourceHost" type="inet:host">



Scott, et al.           Expires January 13, 2010               [Page 21]


Internet-Draft          NETCONF Monitoring Schema              July 2009


        <xs:annotation>
          <xs:documentation>
            Client for the session.
          </xs:documentation>
        </xs:annotation>
      </xs:element>
      <xs:element name="loginTime" type="xs:dateTime">
        <xs:annotation>
          <xs:documentation>
            Time at which the session was established.
          </xs:documentation>
        </xs:annotation>
      </xs:element>
      <xs:group ref="CommonCounters">
        <xs:annotation>
          <xs:documentation>
            Per-session counters.
          </xs:documentation>
        </xs:annotation>
      </xs:group>
    </xs:sequence>
  </xs:complexType>
  <xs:complexType name="ManagementStatistics">
    <xs:annotation>
      <xs:documentation>
        Contains management statistics for the NETCONF server.
    </xs:documentation>
    </xs:annotation>
    <xs:sequence>
      <xs:element name="netconfStartTime" type="xs:dateTime">
        <xs:annotation>
          <xs:documentation>
            Date and time at which the NETCONF server process was
            started.  Allows for calculation of time interval for
            reported metrics.
        </xs:documentation>
        </xs:annotation>
      </xs:element>
      <xs:element name="inBadHellos" type="ZeroBasedCounter32">
        <xs:annotation>
          <xs:documentation>
            Number of sessions silently dropped because an
            invalid &lt;hello&gt; message was received.  This includes
            hello messages with a 'session-id' attribute, bad namespace,
            and bad capability declarations.
          </xs:documentation>
        </xs:annotation>
      </xs:element>



Scott, et al.           Expires January 13, 2010               [Page 22]


Internet-Draft          NETCONF Monitoring Schema              July 2009


      <xs:element name="inSessions" type="ZeroBasedCounter32">
        <xs:annotation>
          <xs:documentation>
            Number of sessions started.  This counter is incremented
            when a &lt;hello&gt; message with a &lt;session-id&gt;
            is sent.
            inSessions - inBadHellos = 'number of correctly started
              netconf sessions'
          </xs:documentation>
        </xs:annotation>
      </xs:element>
      <xs:element name="droppedSessions" type="ZeroBasedCounter32">
        <xs:annotation>
          <xs:documentation>
            Number of sessions that were abnormally terminated,
            e.g. due to idle timeout or transport close.  This
            counter is not incremented when a session is properly
            closed by a &lt;close-session&gt; operation, or killed
            by a &lt;kill-session&gt; operation.
          </xs:documentation>
        </xs:annotation>
      </xs:element>
      <xs:group ref="CommonCounters">
        <xs:annotation>
          <xs:documentation>
            Global counters, accumulated from all sessions.
          </xs:documentation>
        </xs:annotation>
      </xs:group>
    </xs:sequence>
  </xs:complexType>
  <xs:simpleType name="ZeroBasedCounter32">
    <xs:annotation>
      <xs:documentation>
        A non-negative integer which monotonically increases
        until it reaches a maximum value of 2^32-1, when it
        wraps around and starts increasing again from zero.
      </xs:documentation>
    </xs:annotation>
    <xs:restriction base="xs:unsignedInt" />
  </xs:simpleType>
  <xs:complexType name="NETCONFDatastoreType">
    <xs:annotation>
      <xs:documentation>
        Enumeration of possible NETCONF datastore types.
      </xs:documentation>
    </xs:annotation>
    <xs:choice>



Scott, et al.           Expires January 13, 2010               [Page 23]


Internet-Draft          NETCONF Monitoring Schema              July 2009


      <xs:element name="startup" type="xs:string" />
      <xs:element name="candidate" type="xs:string" />
      <xs:element name="running" type="xs:string" />
    </xs:choice>
  </xs:complexType>
  <xs:complexType name="GlobalLock">
    <xs:sequence>
      <xs:element name="lockedBySession" type="netconf:SessionId">
        <xs:annotation>
          <xs:documentation>
            The session Id which holds the lock.
          </xs:documentation>
        </xs:annotation>
      </xs:element>
      <xs:element name="lockedTime" type="xs:dateTime">
        <xs:annotation>
          <xs:documentation>
            Date and Time the lock was acquired.
          </xs:documentation>
        </xs:annotation>
      </xs:element>
    </xs:sequence>
  </xs:complexType>
  <xs:complexType name="PartialLock">
    <xs:sequence>
      <xs:element name="lockId" type="xs:unsignedInt">
        <xs:annotation>
          <xs:documentation>
                  For a partial lock this is the lock id returned
                  in the partial-lock response.
          </xs:documentation>
        </xs:annotation>
      </xs:element>
      <xs:element name="lockedBySession" type="netconf:SessionId">
        <xs:annotation>
          <xs:documentation>
            The session Id which holds the lock.
          </xs:documentation>
        </xs:annotation>
      </xs:element>
      <xs:element name="lockedTime" type="xs:dateTime">
        <xs:annotation>
          <xs:documentation>
            Date and Time the lock was acquired.
          </xs:documentation>
        </xs:annotation>
      </xs:element>
      <xs:element name="select" maxOccurs="unbounded">



Scott, et al.           Expires January 13, 2010               [Page 24]


Internet-Draft          NETCONF Monitoring Schema              July 2009


        <xs:annotation>
          <xs:documentation>
            The xpath expression which was used to request the lock.
          </xs:documentation>
        </xs:annotation>
      </xs:element>
      <xs:element name="lockedNodes" minOccurs="0"
              maxOccurs="unbounded">
        <xs:annotation>
          <xs:documentation>
            The list of instance-identifiers (i.e. the locked nodes).
          </xs:documentation>
        </xs:annotation>
      </xs:element>
    </xs:sequence>
  </xs:complexType>
  <!-- RPC Definitions -->
  <xs:element name="get-schema"
          substitutionGroup="netconf:rpcOperation">
    <xs:annotation>
      <xs:documentation>
        RPC definition:  &lt;get-schema&gt;
      </xs:documentation>
    </xs:annotation>
    <xs:complexType>
      <xs:complexContent>
        <xs:extension base="netconf:rpcOperationType">
          <xs:sequence>
            <xs:element name="identifier" type="xs:string" />
            <xs:element name="version" type="xs:string" />
            <xs:element name="format" type="xs:QName" />
          </xs:sequence>
        </xs:extension>
      </xs:complexContent>
    </xs:complexType>
  </xs:element>
  <!-- RPC Reply to get-schema -->
  <xs:element name="data" type="xs:anyType" />
  <!-- schema-format elements, used as QNames only -->
  <xs:element name="xsd" />
  <xs:element name="rng" />
  <xs:element name="yang" />
  <xs:element name="yin" />
  <xs:element name="rnc" />
  <!-- transport abstract elements, used as QNames only -->
  <xs:element name="netconf-ssh" />
  <xs:element name="netconf-beep" />
  <xs:element name="netconf-soap-over-beep" />



Scott, et al.           Expires January 13, 2010               [Page 25]


Internet-Draft          NETCONF Monitoring Schema              July 2009


  <xs:element name="netconf-soap-over-https" />
  <xs:element name="netconf-tls" />
</xs:schema>
<![CDATA[

5.2.  inet:host schema

   The complex type ManagementSession contains element sourceHost of
   type inet:host.  The following schema defines the referenced type.


   <?xml version="1.0" encoding="UTF-8"?>
   <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
              targetNamespace="urn:ietf:params:xml:ns:inet-types"
              xmlns:inet="urn:ietf:params:xml:ns:inet-types"
              elementFormDefault="qualified"
              attributeFormDefault="unqualified">

     <xs:simpleType name="ipAddress">
       <xs:annotation>
         <xs:documentation>
           The ipAddress type represents an IP address and
           is IP version neutral. The format of the textual
           representations implies the IP version.
         </xs:documentation>
       </xs:annotation>

       <xs:union>
         <xs:simpleType>
           <xs:restriction base="inet:ipv4Address">
           </xs:restriction>
         </xs:simpleType>
         <xs:simpleType>
           <xs:restriction base="inet:ipv6Address">
           </xs:restriction>
         </xs:simpleType>
       </xs:union>
     </xs:simpleType>

     <xs:simpleType name="ipv4Address">
       <xs:annotation>
         <xs:documentation>
           The ipv4Address type represents an IPv4 address in
           dotted-quad notation. The IPv4 address may include
           a zone index, separated by a % sign.
         </xs:documentation>
       </xs:annotation>




Scott, et al.           Expires January 13, 2010               [Page 26]


Internet-Draft          NETCONF Monitoring Schema              July 2009


       <xs:restriction base="xs:string">
         <xs:pattern value=
                  "(([0-1]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.){3}
                   ([0-1]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])
                   (%[\p{N}\p{L}]+)?"/>
       </xs:restriction>
     </xs:simpleType>

     <xs:simpleType name="ipv6Address">
       <xs:annotation>
         <xs:documentation>
           The ipv6Address type represents an IPv6 address in
           full, mixed, shortened and shortened mixed notation.
           The IPv6 address may include a zone index, separated
           by a % sign.
         </xs:documentation>
       </xs:annotation>

       <xs:restriction base="xs:string">
         <xs:pattern value=
                  "((([0-9a-fA-F]{1,4}:){7})([0-9a-fA-F]{1,4})
                   (%[\p{N}\p{L}]+)?)
                   |((([0-9a-fA-F]{1,4}:){6})(([0-9]{1,3}\.
                       [0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}))
                    (%[\p{N}\p{L}]+)?)
                  |((([0-9a-fA-F]{1,4}:)*([0-9a-fA-F]{1,4}))*(::)
                    (([0-9a-fA-F]{1,4}:)*([0-9a-fA-F]{1,4}))*
                    (%[\p{N}\p{L}]+)?)
                  ((([0-9a-fA-F]{1,4}:)*([0-9a-fA-F]{1,4}))*(::)
                   (([0-9a-fA-F]{1,4}:)*([0-9a-fA-F]{1,4}))*
                   (([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}))
                    (%[\p{N}\p{L}]+)?)"/>
       </xs:restriction>
     </xs:simpleType>

     <xs:simpleType name="domainName">
       <xs:annotation>
         <xs:documentation>
           The domainName type represents a DNS domain
           name. The name SHOULD be fully qualified
           whenever possible.

           The description clause of objects using the
           domainName type MUST describe how (and when)
           these names are resolved to IP addresses.

           Note that the resolution of a domainName value
           may require to query multiple DNS records (e.g.,



Scott, et al.           Expires January 13, 2010               [Page 27]


Internet-Draft          NETCONF Monitoring Schema              July 2009


           A for IPv4 and AAAA for IPv6).  The order of the
           resolution process and which DNS record takes
           precedence depends on the configuration of the
           resolver.
         </xs:documentation>
       </xs:annotation>

       <xs:restriction base="xs:string">
         <xs:pattern value="([\p{L}\p{N}]+\.)*[\p{L}\p{N}]"/>
       </xs:restriction>
     </xs:simpleType>

     <xs:simpleType name="host">
       <xs:annotation>
         <xs:documentation>
           The host type represents either an IP address
           or a DNS domain name.
         </xs:documentation>
       </xs:annotation>

       <xs:union>
         <xs:simpleType>
           <xs:restriction base="inet:ipAddress">
           </xs:restriction>
         </xs:simpleType>
         <xs:simpleType>
           <xs:restriction base="inet:domainName">
           </xs:restriction>
         </xs:simpleType>
       </xs:union>
     </xs:simpleType>


   </xs:schema>

















Scott, et al.           Expires January 13, 2010               [Page 28]


Internet-Draft          NETCONF Monitoring Schema              July 2009


6.  Security Considerations

   The NETCONF monitoring schema as defined in this document provides
   information about a NETCONF system that could be used to aid an
   attack on that system.  The same considerations as for the base
   NETCONF Protocol [RFC4741] are valid.  It is assumed that access to
   the data and operations defined in this document are subject to
   appropriate access control on the device.











































Scott, et al.           Expires January 13, 2010               [Page 29]


Internet-Draft          NETCONF Monitoring Schema              July 2009


7.  Acknowledgements

   The authors would like to thank Andy Bierman, Mehmet Ersue, Washam
   Fan, David Harrington, Balazs Lengyel, Hideki Okita, Juergen
   Schoenwaelder, Bert Wijnen and many other members of the NETCONF WG
   for providing important input to this document.













































Scott, et al.           Expires January 13, 2010               [Page 30]


Internet-Draft          NETCONF Monitoring Schema              July 2009


8.  IANA Considerations

   -- Editor note to IANA/RFC-Editor: we request that you make these
   assignments, in which case it is to be documented as below.

   This document registers two URIs in the IETF XML registry.

   Following the format in [RFC3688], the following registration is
   requested.

        URI: urn:ietf:params:xml:ns:netconf:state
        Registrant Contact: The IESG.
        XML: N/A, the requested URI is an XML namespace.

        URI: urn:ietf:params:xml:ns:inet-types
        Registrant Contact:  The IESG.
        XML: N/A, the requested URI is an XML namespace.


































Scott, et al.           Expires January 13, 2010               [Page 31]


Internet-Draft          NETCONF Monitoring Schema              July 2009


9.  References

9.1.  Normative References

   [NETCONF]  Enns, R., "NETCONF Configuration Protocol", RFC 4741,
              February 2006.

   [NETCONF-EVENT]
              Chisholm, S. and H. Trevino, "NETCONF Event
              Notifications", ID draft-ietf-netconf-notification-14,
              June 2008.

   [RFC2119]  Bradner, s., ""Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14", RFC 2119, March 1997.

   [RFC3688]  Mealling, M., ""The IETF XML Registry", BCP 81", RFC 3688,
              January 2004.

   [XML]      World Wide Web Consortium, "Extensible Markup Language
              (XML) 1.0", W3C XML, February 1998,
              <http://www.w3.org/TR/1998/REC-xml-19980210>.

   [XMLSchema]
              Fallside, D. and P. Walmsley, "XML Schema Part 0: Primer
              Second Edition", W3C XML Schema, October 2004.

   [draft-ietf-netconf-partial-lock-07]
              Lengyel, Balazs., "Partial Lock RPC for NETCONF",
              February 2009.

9.2.  Informative References

   [I-D.ietf-netmod-yang-06]
              Bjorklund, M., "YANG - A data modeling language for
              NETCONF", June 2009.

   [I-D.ietf-netmod-yang-types-03]
              Schoenwaelder, J., "Common YANG Data Types", June 2009.













Scott, et al.           Expires January 13, 2010               [Page 32]


Internet-Draft          NETCONF Monitoring Schema              July 2009


Appendix A.  YANG module (non-normative)

   The following YANG module is included as a reference only.  It is
   based on YANG specification at the time of publishing and is subject
   to change as a result of NETMOD work underway to refine YANG.


It is worth noting the included YANG module has a distinct advantage
over the normative XSD:

The normative XSD in this draft does not allow for vendor
extensions of the data model without modification of the base
schema.

In the YANG model, identities are used to provide extensibile
enumerations.  In the XSD, this is partially addressed by the use
of QName datatype in the model.

Although this approach is more restrictive than other alternatives
(such as redefinition) it was chosen for simplicity and improved
interoperability.

module ietf-netconf-state {

  namespace "urn:ietf:params:xml:ns:netconf:state";
  prefix "ns";

  import ietf-yang-types { prefix yang; }
  import ietf-inet-types { prefix inet; }

  organization
    "IETF NETCONF (Network Configuration) Working Group";

  contact
    "WG Web:   <http://tools.ietf.org/wg/netconf/>
     WG List:  <mailto:netconf@ietf.org>

     WG Chair: Mehmet Ersue
               <mailto:mehmet.ersue@nsn.com>

     WG Chair: Bert Wijnen
               <mailto:bertietf@bwijnen.net>

     Editor:   Mark Scott
               <mailto:markscot@nortel.com>";

  description
    "NETCONF Monitoring Module.



Scott, et al.           Expires January 13, 2010               [Page 33]


Internet-Draft          NETCONF Monitoring Schema              July 2009


     All elements in this module are read-only.

     Copyright (c) 2009 IETF Trust and the persons identified as the
     document authors.  All rights reserved.

     This version of this YANG module is part of RFC XXXX; see the
     RFC itself for full legal notices.";
     // RFC Ed.: replace XXXX with actual RFC number
     // and remove this note

  revision 2009-06-16 {
    description
      "Initial revision, published as RFC XXXX.";
    // RFC Ed.: replace XXXX with actual RFC number
    // and remove this note
  }

  typedef SessionId {
    type uint32 {
      range "1..max";
    }
    reference "RFC 4741: NETCONF Configuration Protocol";
  }

  grouping NETCONFDatastoreType {
    description
      "Enumeration of possible NETCONF datastore types.";
    reference "RFC 4741: NETCONF Configuration Protocol";
    choice datastore {
      mandatory true;
      leaf running {
        type empty;
      }
      leaf candidate {
        type empty;
      }
      leaf startup {
        type empty;
      }
    }
  }

  identity transport {
    description
      "Base identity for session transports.";
  }

  identity netconf-ssh {



Scott, et al.           Expires January 13, 2010               [Page 34]


Internet-Draft          NETCONF Monitoring Schema              July 2009


    base transport;
    reference "RFC 4742";
  }

  identity netconf-soap-over-beep {
    base transport;
    reference "RFC 4743";
  }

  identity netconf-soap-over-https {
    base transport;
    reference "RFC 4743";
  }

  identity netconf-beep {
    base transport;
    reference "RFC 4744";
  }

  identity netconf-tls {
    base transport;
    reference "RFC 5539";
  }

  identity schema-format {
    description
      "Base identity for data model schema languages.";
  }

  identity xsd {
    base schema-format;
    reference "W3C REC REC-xmlschema-1-20041028";
  }

  identity rng {
    base schema-format;
    reference "ISO/IEC 19757-2";
  }

  identity yang {
    base schema-format;
    reference "draft-ietf-netmod-yang";
  }

  identity yin {
    base schema-format;
    reference "draft-ietf-netmod-yang";
  }



Scott, et al.           Expires January 13, 2010               [Page 35]


Internet-Draft          NETCONF Monitoring Schema              July 2009


  identity rnc {
    base schema-format;
    reference "ISO/IEC 19757-2";
  }

  grouping CommonCounters {
    description
      "Counters that exist both per session, and also globally,
      accumulated from all sessions.";
    leaf inRpcs {
      type yang:zero-based-counter32;
      description
        "Number of correct <rpc> requests received.";
    }
    leaf inBadRpcs {
      type yang:zero-based-counter32;
      description
        "Number of messages received when a <rpc> message was expected,
        that were not correct <rpc> messages.  This includes XML parse
        errors and errors on the rpc layer.";
    }
    leaf outRpcErrors {
      type yang:zero-based-counter32;
      description
        "Number of <rpc-reply> messages sent which contained an
        <rpc-error> element.";
    }
    leaf outNotifications {
      type yang:zero-based-counter32;
      description
        "Number of <notification> messages sent.";
    }
  }

  container netconf-state {
    config false;

    container capabilities {
      description
        "The list of currently provided NETCONF capabilities.  This
         may be different than those exchanged during session setup
         (i.e. hello).";
      leaf-list capability {
        type inet:uri;
      }
    }

    container datastores {



Scott, et al.           Expires January 13, 2010               [Page 36]


Internet-Draft          NETCONF Monitoring Schema              July 2009


      description
        "List of NETCONF configuration datastores (e.g. running,
         startup, candidate) supported on this device and related
         information.";
      list datastore {
        container name {
          uses NETCONFDatastoreType;
        }
        container locks {
          description
            "An indication of whether a resource is locked or
             unlocked.  If locked, additional information about
             the locking such as user an time stamp is provided.";

          grouping LockInfo {
            leaf lockedBySession {
              type SessionId;
              description
                "The session ID of the session that has locked
                 this resource.";
            }
            leaf lockedTime {
              type yang:date-and-time;
              description
                "The date and time of when the resource was
                 locked.";
            }
          }

          choice lockType {
            container globalLock {
              description
                "Present if the global lock is set.";
              uses LockInfo;
            }
            list partialLocks {
              key lockId;
              description
                "For a partial lock this is the lock id returned
                  in the <partial-lock> response.";
              leaf lockId {
                type uint32;
              }

              uses LockInfo;
              leaf-list select {
                type string;
                min-elements 1;



Scott, et al.           Expires January 13, 2010               [Page 37]


Internet-Draft          NETCONF Monitoring Schema              July 2009


                description
                  "The xpath expression which was used to request
                   the lock.";
              }
              leaf-list lockedNodes {
                type instance-identifier;
                description
                  "The list of instance-identifiers (i.e. the
                   locked nodes).";
              }
            }
          }
        }
      }
    }

    container schemas {
      list schema {
        key "identifier version format";
        leaf identifier {
          type string;
          description
            "Identifier to uniquely reference the schema";
        }
        leaf version {
          type string;
          description
            "Version of the schema supported.  Multiple versions can be
             supported simultaneously.";
        }
        leaf format {
          type identityref {
            base schema-format;
          }
          description
            "Schema language for the file/module.";
        }
        leaf namespace {
          type inet:uri;
          description
            "The XML namespace defined by the data model.";
        }
        leaf-list location {
          type union {
            type enumeration {
              enum "NETCONF";
            }
            type inet:uri;



Scott, et al.           Expires January 13, 2010               [Page 38]


Internet-Draft          NETCONF Monitoring Schema              July 2009


          }
          description
          "One or more Locations from which the schema can be
          retrieved. Can be either on the network device
          retrievable explicitly via the <get-schema> NETCONF
          operation (denoted by the value 'NETCONF') or some
          network location (i.e. URL).";
        }
      }
    }

    container sessions {
      description
        "List of management sessions currently active on this device.";

      list session {
        key sessionId;
        leaf sessionId {
          type SessionId;
        }
        leaf transport {
          type identityref {
            base transport;
          }
        }
        leaf username  {
          type string;
        }
        leaf sourceHost {
          type inet:host;
        }
        leaf loginTime {
          type yang:date-and-time;
          description
            "Time at which the session was established.";
        }
        uses CommonCounters {
          description
            "Per-session counters.";
        }
      }
    }

    container statistics {
      leaf netconfStartTime {
        type yang:date-and-time;
        description
          "Date and time at which the NETCONF server process was



Scott, et al.           Expires January 13, 2010               [Page 39]


Internet-Draft          NETCONF Monitoring Schema              July 2009


           started.  Allows for calculation of time interval for
           reported metrics.";
      }
      leaf inBadHellos {
        type yang:zero-based-counter32;
        description
          "Number of sessions silently dropped because an
          invalid <hello> message was received.  This includes hello
          messages with a 'session-id' attribute, bad namespace, and
          bad capability declarations.";
      }
      leaf inSessions {
        type yang:zero-based-counter32;
        description
          "Number of sessions started.  This counter is incremented when
          a <hello> message with a <session-id> is sent.

            inSessions - inBadHellos = 'number of correctly started
                                        netconf sessions'";
      }
      leaf droppedSessions {
        type yang:zero-based-counter32;
        description
          "Number of sessions that were abnormally terminated, e.g. due
           to idle timeout or transport close.  This counter is not
           incremented when a session is properly closed by a
           <close-session> operation, or killed by a <kill-session>
           operation.";
      }
      uses CommonCounters {
        description
          "Global counters, accumulated from all sessions.";
      }

    }

  }

  rpc get-schema {
    input {
      leaf identifier {
        type string;
        mandatory true;
      }
      leaf version {
        type string;
        mandatory true;
      }



Scott, et al.           Expires January 13, 2010               [Page 40]


Internet-Draft          NETCONF Monitoring Schema              July 2009


      leaf format {
        type identityref {
          base schema-format;
        }
        mandatory true;
      }
    }
    output {
      anyxml data {
        description "Contains the schema content.";
      }
    }
  }
}





































Scott, et al.           Expires January 13, 2010               [Page 41]


Internet-Draft          NETCONF Monitoring Schema              July 2009


Authors' Addresses

   Mark Scott
   Nortel
   3500 Carling Ave
   Nepean, Ontario  K2H 8E9
   Canada

   Email: markscot@nortel.com


   Martin Bjorklund
   Tail-f Systems
   Klara Norra Kyrkogata 31
   SE-111 22 Stockholm,
   Sweden

   Email: mbj@tail-f.com


   Sharon Chisholm
   Nortel
   3500 Carling Ave
   Nepean, Ontario  K2H 8E9
   Canada

   Email: schishol@nortel.com
























Scott, et al.           Expires January 13, 2010               [Page 42]