Network Working Group X. Liu
Internet-Draft Jabil
Intended status: Standards Track I. Bryskin
Expires: September 2, 2018 Huawei Technologies
V. Beeram
Juniper Networks
T. Saad
Cisco Systems Inc
H. Shah
Ciena
O. Gonzalez de Dios
Telefonica
March 1, 2018
A YANG Data Model for Configuration Scheduling
draft-liu-netmod-yang-schedule-05
Abstract
This document describes a data model for configuration scheduling.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 2, 2018.
Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
Liu, et al. Expires September 2, 2018 [Page 1]
Internet-Draft YANG Configuration Scheduling March 2018
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3
2. Motivation . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Configuration Scheduling YANG Data Model Overview . . . . . . 3
4. Usage Example . . . . . . . . . . . . . . . . . . . . . . . . 4
5. Relations to Datastores . . . . . . . . . . . . . . . . . . . 6
5.1. Validation . . . . . . . . . . . . . . . . . . . . . . . 6
5.2. Schedules Expansion and Operational States . . . . . . . 7
5.3. Server Executions at Scheduled Moments . . . . . . . . . 7
5.4. Interactions with Locks . . . . . . . . . . . . . . . . . 7
5.5. Interactions with Authorization Mechanism . . . . . . . . 7
6. Synchronization Aspects . . . . . . . . . . . . . . . . . . . 7
7. Configuration Scheduling YANG Module . . . . . . . . . . . . 8
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13
9. Security Considerations . . . . . . . . . . . . . . . . . . . 14
10. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 14
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 14
11.1. Normative References . . . . . . . . . . . . . . . . . . 14
11.2. Informative References . . . . . . . . . . . . . . . . . 16
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 16
1. Introduction
This document introduces a YANG [RFC6020] [RFC7950] data model for
configuration scheduling. This model can be used together with other
YANG data models to specify a schedule applied on a configuration
data node, so that the configuration data can take effect according
to the schedule. Such a configuration schedule can be one-time or
recurring, with its properties persistently saved in the datastores
of the management system server.
The mechanism described in this document is designed to complement
the one described in [RFC7758], which defines a capability extension
to NETCONF to allow time-triggered RPCs. Such RPCs can be executed
at a future time moment, but cannot be repeated and is not saved in
the persistent datastores.
Liu, et al. Expires September 2, 2018 [Page 2]
Internet-Draft YANG Configuration Scheduling March 2018
1.1. Terminology
The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14, [RFC2119].
The following terms are defined in [RFC7950] and are not redefined
here:
o augment
o data model
o data node
2. Motivation
Some applications benefit from resource scheduling to allow operators
to plan ahead of time. Traffic engineering is one of such examples
[RFC7399]. When configuration and state models are designed for such
applications, it has been considered that certain data objects need
to be configured according to predefined schedules. In other
situations, operators need to deconfigure certain data objects at
predefined schedules for the purposes such as maintenance. These
data objects are interpreted and implemented by the applicable
applications.
Delay/Disruption Tolerant Networking (DTN) is another example for
which the scheduled configuration can be used, where a long-lived,
reliable, low-latency sequenced data delivery session is
unsustainable. Section 4.3 of [I-D.birrane-dtn-ama] describes the
Autonomous Parameterized Control. Time-based event is one of the two
types of triggers in such a system.
3. Configuration Scheduling YANG Data Model Overview
This document defines a YANG data model that specifies configuration
schedules for other YANG data models. For each targeted
configuration data object or a group of configuration data objects,
an entry is specified along with requested schedules using this
configuration schedule model. The application implementing the
targeted schema nodes implements the configuration schedules,
configuring or deconfiguring the specified objects according to the
specified schedules. The model schema of the targeted application
does not need changes, so the data model described in this document
can be used for any data model. The configuration scheduling YANG
data model has the following structure:
Liu, et al. Expires September 2, 2018 [Page 3]
Internet-Draft YANG Configuration Scheduling March 2018
module: ietf-schedule
+--rw configuration-schedules
+--rw target* [object]
+--rw object yang:xpath1.0
+--rw schedules
| +--rw schedule* [schedule-id]
| +--rw schedule-id uint32
| +--rw inclusive-exclusive? enumeration
| +--rw start? yang:date-and-time
| +--rw schedule-duration? string
| +--rw repeat-interval? string
| +--rw operation? operation
| +--rw data-value? <anydata>
+--ro state
| +--ro future-executions
| +--ro execution* [start]
| +--ro start yang:date-and-time
| +--ro duration? string
| +--ro operation? operation
+---n execution
+---- operation operation
+---- datetime? yang:date-and-time
+---- results? <anydata>
4. Usage Example
The following model defines a list of TE (Traffic Engineering) links
which can be configured with specified schedules:
module: example
+--rw te-links
+--rw te-link* [id]
+--rw id string
+--rw enabled? boolean
The following configuration requests that
o link-1 is configured weekly for five one-day periods, starting
from 2016-09-12T23:20:50.52Z.
o link-2 is deconfigured for two hours, starting from 2016-09-
15T01:00:00.00Z.
Liu, et al. Expires September 2, 2018 [Page 4]
Internet-Draft YANG Configuration Scheduling March 2018
<configuration-schedules>
<target xmlns:ex="urn:example">
<object>/ex:te-links</object>
<schedules>
<schedule>
<schedule-id>11<schedule-id>
<start>2016-09-12T23:20:50.52Z</start>
<schedule-duration>P1D</schedule-duration>
<repeat-interval>R5/P1W</repeat-interval>
<operation>configure</operation>
<data-value>
<te-link>
<id>link-1</id>
<enabled>true</enabled>
</te-link>
</data-value>
</schedule>
</schedules>
</target>
<target xmlns:ex="urn:example">
<object>/ex:te-links</object>
<schedules>
<schedule>
<schedule-id>12<schedule-id>
<inclusive-exclusive>exclusive</inclusive-exclusive>
<start>2016-09-15T01:00:00.00Z</start>
<schedule-duration>P2H</schedule-duration>
<operation>configure</operation>
<data-value>
<te-link>
<id>link-2</id>
<enabled>true</enabled>
</te-link>
</data-value>
</schedule>
</schedules>
</target>
</configuration-schedules>
The following configuration requests that
o link-1 is enabled weekly for five one-day periods, starting from
2016-09-12T23:20:50.52Z.
o link-2 is not enabled for two hours, starting from 2016-09-
15T01:00:00.00Z.
Liu, et al. Expires September 2, 2018 [Page 5]
Internet-Draft YANG Configuration Scheduling March 2018
<configuration-schedules>
<target xmlns:ex="urn:example">
<object>/ex:te-links/ex:te-link[ex:link-id='link-1']/ex:enabled
</object>
<schedules>
<schedule>
<schedule-id>11<schedule-id>
<start>2016-09-12T23:20:50.52Z</start>
<schedule-duration>P1D</schedule-duration>
<repeat-interval>R5/P1W</repeat-interval>
<operation>set</operation>
<data-value>true</data-value>
</schedule>
</schedules>
</target>
<target xmlns:ex="urn:example">
<object>/ex:te-links/ex:te-link[ex:link-id='link-2']/ex:enabled
</object>
<schedules>
<schedule>
<schedule-id>12<schedule-id>
<inclusive-exclusive>exclusive</inclusive-exclusive>
<start>2016-09-15T01:00:00.00Z</start>
<schedule-duration>P2H</schedule-duration>
<operation>set</operation>
<data-value>true</data-value>
</schedule>
</schedules>
</target>
</configuration-schedules>
5. Relations to Datastores
NETCONF defines configuration datastores and operations that can be
used to access these datastores. The configuration data encoded
according to this data model is persistently saved in the proper
datastores in the same way as other data model, such as ietf-
interfaces.
5.1. Validation
When configuration data based on this model is received, the server
MUST perform syntax validations on the received data nodes, and
examine the requested schedules. The server does not validate
whether requested target configuration data can be applied to the
Liu, et al. Expires September 2, 2018 [Page 6]
Internet-Draft YANG Configuration Scheduling March 2018
target configuration objects, until the actual scheduled time
arrives.
At each scheduled time moment, the server applies the requested
target configuration data to the target configuration objects. The
server MUST perform the validations on the target configuration data
along with the current target configuration objects in the proper
datastore.
5.2. Schedules Expansion and Operational States
The server SHOULD expand these schedules and expose them to the
client as operational states.
5.3. Server Executions at Scheduled Moments
At each scheduled time moment, the server applies the requested
target configuration data to the target configuration objects, as if
an RPC request is newly received. Whether such a time-triggered
configuration is successfully applied depends on the configuration
data of the target object and requested configuration data. The
results of such executions are sent to the client through
notifications. The notification management mechanism described in
[I-D.ietf-netconf-yang-push] and
[I-D.ietf-netconf-subscribed-notifications] can be used to enable,
disable, subscribe, filter, and replay the notifications.
5.4. Interactions with Locks
The rules of datastore lock specified by NETCONF [RFC6241] are
checked when the schedule configuration data is received and when the
target configuration data is applied.
5.5. Interactions with Authorization Mechanism
If the server implements any authorization mechanism, the
authorization rules MUST be checked against this data model schema
when the schedule configuration data is received. At each scheduled
time moment, the authorization rules MUST be checked against the
target objects by using the target configuration data. To check the
authorization rules, the server uses the same client credential
learned when the initial configuration data was received.
6. Synchronization Aspects
The scheduling mechanisms described in this document assume that
servers have access to the wall-clock time. Thus, servers are
required to acquire the time-of-day from an external time source, for
Liu, et al. Expires September 2, 2018 [Page 7]
Internet-Draft YANG Configuration Scheduling March 2018
example using the Network Time Protocol [RFC5905], or the Precision
Time Protocol [IEEE1588].
It is assumed that the client and servers rely on a common time
source, so as to guarantee that schedules are defined with respect to
a common reference. In order to avoid the potential ambiguity of
different time zones and daylight saving time, it is recommended to
define all schedules in the UTC time zone, using the suffix 'Z'. For
example, the time 2016-09-12T23:20:50.52Z, is specified with respect
to the UTC time zone.
7. Configuration Scheduling YANG Module
<CODE BEGINS> file "ietf-schedule@2018-02-26.yang"
module ietf-schedule {
yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-schedule";
prefix "sch";
import ietf-yang-types {
prefix "yang";
}
organization
"IETF NETMOD (NETCONF Data Modeling Language) Working Group";
contact
"WG Web: <http://tools.ietf.org/wg/netmod/>
WG List: <mailto:netmod@ietf.org>
Editor: Xufeng Liu
<mailto:Xufeng_Liu@jabil.com>
Editor: Igor Bryskin
<mailto:Igor.Bryskin@huawei.com>
Editor: Vishnu Pavan Beeram
<mailto:vbeeram@juniper.net>
Editor: Tarek Saad
<mailto:tsaad@cisco.com>
Editor: Himanshu Shah
<mailto:hshah@ciena.com>
Editor: Oscar Gonzalez De Dios
<mailto:oscar.gonzalezdedios@telefonica.com>";
Liu, et al. Expires September 2, 2018 [Page 8]
Internet-Draft YANG Configuration Scheduling March 2018
description
"The model allows time scheduling parameters to be specified.";
revision 2018-02-26 {
description "Initial revision";
reference "TBD";
}
/*
* Typedefs
*/
typedef operation {
type enumeration {
enum configure {
description
"Create the configuration data.";
}
enum deconfigure {
description
"Remove the configuration data.";
}
enum set {
description
"Set the specified configuration data.";
}
enum reset {
description
"Revert the specified configuration data back to the
original value.";
}
}
description "Operation type.";
}
/*
* Groupings
*/
grouping schedule-config-attributes {
description
"A group of attributes for a schedule.";
leaf inclusive-exclusive {
type enumeration {
enum inclusive {
description
"The schedule element is inclusive, i.e., the schedule
specifies the time at which the element is enabled.";
Liu, et al. Expires September 2, 2018 [Page 9]
Internet-Draft YANG Configuration Scheduling March 2018
}
enum exclusive {
description
"The schedule element is exclusive. i.e., the schedule
specifies the time at which the element is disabled.";
}
}
default "inclusive";
description
"Whether the list item is inclusive or exclusive.";
}
leaf start {
type yang:date-and-time;
description "Start time.";
}
leaf schedule-duration {
type string {
pattern
'P(\d+Y)?(\d+M)?(\d+W)?(\d+D)?T(\d+H)?(\d+M)?(\d+S)?';
}
description "Schedule duration in ISO 8601 format.";
}
leaf repeat-interval {
type string {
pattern
'R\d*/P(\d+Y)?(\d+M)?(\d+W)?(\d+D)?T(\d+H)?(\d+M)?'
+ '(\d+S)?';
}
description "Repeat interval in ISO 8601 format.";
}
leaf operation {
type operation;
default "configure";
description
"Operation type.";
}
anydata data-value {
description
"The data value applied to the leaf data node
specified by data-objects.
The format of the data value depends on the value of the
leaf operation defined above:
configure: data-value is the sub-tree added to the
target object;
deconfigure: data-value is the child to be deleted from
the target object;
set: the target object MULST be a leaf, and
data-value is the new value to be set to
Liu, et al. Expires September 2, 2018 [Page 10]
Internet-Draft YANG Configuration Scheduling March 2018
the target object;
reset: data-value is ignored.";
}
} // schedule-config-attributes
grouping schedule-config-notification {
description
"A group of attributes for a schedule notification.";
notification execution {
description
"Notification event for an execution performed on a target
object.";
leaf operation {
type operation;
mandatory true;
description "Operation type.";
}
leaf datetime {
type yang:date-and-time;
description
"The date and time when the execution was performed.";
}
anydata results {
description
"This chunk of data contains the results of the execution
performed on the target object. The results are the same
or equivalent to the contents of a <rpc-reply> message,
Because of the nature of such a target execution, a
<rpc-reply> message is not used to return the execution
results. Instead, this notification is used to serve
the same purpose.";
}
}
} // schedule-config-notification
grouping schedule-state-attributes {
description
"State attributes for a schedule.";
container future-executions {
description
"The state information of the nexte scheduled event.";
list execution {
key "start";
description
"List of scheduled future executions.";
leaf start {
type yang:date-and-time;
Liu, et al. Expires September 2, 2018 [Page 11]
Internet-Draft YANG Configuration Scheduling March 2018
description "Start time.";
}
leaf duration {
type string {
pattern
'P(\d+Y)?(\d+M)?(\d+W)?(\d+D)?T(\d+H)?(\d+M)?(\d+S)?';
}
description "Schedule duration in ISO 8601 format.";
}
leaf operation {
type operation;
description "Operation type.";
}
} // event
} // future-events
} // schedule-state-attributes
grouping schedules {
description
"A list of schedules defining when a particular
configuration takes effect.";
container schedules {
description
"Container of a schedule list defining when a particular
configuration takes effect.";
list schedule {
key "schedule-id";
description "A list of schedule elements.";
leaf schedule-id {
type uint32;
description "Identifies the schedule element.";
}
uses schedule-config-attributes;
}
}
} // schedules
/*
* Configuration data and operational state nodes
*/
container configuration-schedules {
description
"Serves as top-level container for a list of configuration
schedules.";
list target {
key "object";
description
"A list of targets that configuration schedules are
Liu, et al. Expires September 2, 2018 [Page 12]
Internet-Draft YANG Configuration Scheduling March 2018
applied.";
leaf object {
type yang:xpath1.0;
description
"Xpath defining the data items of interest.";
}
uses schedules;
container state {
config false;
description
"Operational state data.";
uses schedule-state-attributes;
} // state
uses schedule-config-notification;
} // target
} // configuration-schedules
}
<CODE ENDS>
8. IANA Considerations
RFC Ed.: In this section, replace all occurrences of 'XXXX' with the
actual RFC number (and remove this note).
This document registers the following namespace URI in the IETF XML
registry [RFC3688]:
--------------------------------------------------------------------
URI: urn:ietf:params:xml:ns:yang:ietf-schedule
Registrant Contact: The IESG.
XML: N/A, the requested URI is an XML namespace.
--------------------------------------------------------------------
This document registers the following YANG module in the YANG Module
Names registry [RFC6020]:
--------------------------------------------------------------------
name: ietf-schedule
namespace: urn:ietf:params:xml:ns:yang:ietf-schedule
prefix: l3te
reference: RFC XXXX
--------------------------------------------------------------------
Liu, et al. Expires September 2, 2018 [Page 13]
Internet-Draft YANG Configuration Scheduling March 2018
9. Security Considerations
The configuration, state, action and notification data defined in
this document are designed to be accessed via the NETCONF protocol
[RFC6241]. The lowest NETCONF layer is the secure transport layer,
and the mandatory-to-implement secure transport is Secure Shell (SSH)
[RFC6242]. The NETCONF access control model [RFC6536] provides the
means to restrict access for particular NETCONF users to a pre-
configured subset of all available NETCONF protocol operations and
contents.
The functionality defined in this memo can potentially allow network
reconnaissance; by gathering information about schedules an attacker
can learn about the network policy, its temporal behavior, and future
events.
The schedule YANG model defines schedules that are writable,
creatable, and deletable. Therefore, this model may be considered
sensitive or vulnerable in some network environments. An attacker
may maliciously configure a schedule in a way that disrupts the
normal behavior of the network. Furthermore, an attacker may attempt
to maliciously set a schedule or a set of schedules in a way that
amplifies an attack, or schedules an attack to a particularly
sensitive time instant.
The use of configuration scheduling implicitly assumes that there is
an underlying synchronization or time distribution mechanism.
Therefore, an attack on the synchronization mechanism may compromise
the configuration scheduling. The security considerations of time
protocols are discussed further in [RFC7384].
10. Contributors
Tal Mizrahi
Email: talmi@marvell.com
11. References
11.1. Normative References
[IEEE1588]
IEEE, "IEEE Standard for a Precision Clock Synchronization
Protocol for Networked Measurement and Control Systems
Version 2", IEEE Standard 1588.
Liu, et al. Expires September 2, 2018 [Page 14]
Internet-Draft YANG Configuration Scheduling March 2018
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, <https://www.rfc-
editor.org/info/rfc2119>.
[RFC5905] Mills, D., Martin, J., Ed., Burbank, J., and W. Kasch,
"Network Time Protocol Version 4: Protocol and Algorithms
Specification", RFC 5905, DOI 10.17487/RFC5905, June 2010,
<https://www.rfc-editor.org/info/rfc5905>.
[RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for
the Network Configuration Protocol (NETCONF)", RFC 6020,
DOI 10.17487/RFC6020, October 2010, <https://www.rfc-
editor.org/info/rfc6020>.
[RFC6021] Schoenwaelder, J., Ed., "Common YANG Data Types",
RFC 6021, DOI 10.17487/RFC6021, October 2010,
<https://www.rfc-editor.org/info/rfc6021>.
[RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed.,
and A. Bierman, Ed., "Network Configuration Protocol
(NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011,
<https://www.rfc-editor.org/info/rfc6241>.
[RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language",
RFC 7950, DOI 10.17487/RFC7950, August 2016,
<https://www.rfc-editor.org/info/rfc7950>.
[RFC7384] Mizrahi, T., "Security Requirements of Time Protocols in
Packet Switched Networks", RFC 7384, DOI 10.17487/RFC7384,
October 2014, <https://www.rfc-editor.org/info/rfc7384>.
[RFC7399] Farrel, A. and D. King, "Unanswered Questions in the Path
Computation Element Architecture", RFC 7399,
DOI 10.17487/RFC7399, October 2014, <https://www.rfc-
editor.org/info/rfc7399>.
[RFC7758] Mizrahi, T. and Y. Moses, "Time Capability in NETCONF",
RFC 7758, DOI 10.17487/RFC7758, February 2016,
<https://www.rfc-editor.org/info/rfc7758>.
[I-D.birrane-dtn-ama]
Birrane, E., "Asynchronous Management Architecture",
draft-birrane-dtn-ama-06 (work in progress), October 2017.
Liu, et al. Expires September 2, 2018 [Page 15]
Internet-Draft YANG Configuration Scheduling March 2018
[I-D.ietf-netconf-subscribed-notifications]
Voit, E., Clemm, A., Prieto, A., Nilsen-Nygaard, E., and
A. Tripathy, "Custom Subscription to Event Streams",
draft-ietf-netconf-subscribed-notifications-09 (work in
progress), January 2018.
[I-D.ietf-netconf-yang-push]
Clemm, A., Voit, E., Prieto, A., Tripathy, A., Nilsen-
Nygaard, E., Bierman, A., and B. Lengyel, "YANG Datastore
Subscription", draft-ietf-netconf-yang-push-14 (work in
progress), February 2018.
11.2. Informative References
[RFC6087] Bierman, A., "Guidelines for Authors and Reviewers of YANG
Data Model Documents", RFC 6087, DOI 10.17487/RFC6087,
January 2011, <https://www.rfc-editor.org/info/rfc6087>.
Authors' Addresses
Xufeng Liu
Jabil
8281 Greensboro Drive, Suite 200
McLean VA 22102
USA
EMail: Xufeng_Liu@jabil.com
Igor Bryskin
Huawei Technologies
EMail: Igor.Bryskin@huawei.com
Vishnu Pavan Beeram
Juniper Networks
EMail: vbeeram@juniper.net
Tarek Saad
Cisco Systems Inc
EMail: tsaad@cisco.com
Liu, et al. Expires September 2, 2018 [Page 16]
Internet-Draft YANG Configuration Scheduling March 2018
Himanshu Shah
Ciena
EMail: hshah@ciena.com
Oscar Gonzalez de Dios
Telefonica
EMail: oscar.gonzalezdedios@telefonica.com
Liu, et al. Expires September 2, 2018 [Page 17]