summaryrefslogtreecommitdiffstats
path: root/yang
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 04:24:32 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 04:24:32 +0000
commit35cadacd2bb9383686753731e31bd7e145fb2506 (patch)
tree4489adbde75a837989533837185b2b8369a0bf68 /yang
parentAdding debian version 9.1-0.1. (diff)
downloadfrr-35cadacd2bb9383686753731e31bd7e145fb2506.tar.xz
frr-35cadacd2bb9383686753731e31bd7e145fb2506.zip
Merging upstream version 10.0.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'yang')
-rw-r--r--yang/frr-affinity-map.yang11
-rw-r--r--yang/frr-bgp-neighbor.yang2
-rw-r--r--yang/frr-bgp-route-map.yang6
-rw-r--r--yang/frr-eigrpd.yang5
-rw-r--r--yang/frr-filter.yang194
-rw-r--r--yang/frr-interface.yang9
-rw-r--r--yang/frr-ripd.yang11
-rw-r--r--yang/frr-ripngd.yang11
-rw-r--r--yang/frr-route-types.yang56
-rw-r--r--yang/frr-test-module.yang18
-rw-r--r--yang/frr-zebra.yang787
-rw-r--r--yang/ietf/ietf-netconf-acm.yang464
-rw-r--r--yang/ietf/ietf-netconf-with-defaults.yang139
-rw-r--r--yang/ietf/ietf-netconf.yang933
-rw-r--r--yang/subdir.am3
15 files changed, 2533 insertions, 116 deletions
diff --git a/yang/frr-affinity-map.yang b/yang/frr-affinity-map.yang
index c4377e6..f1d9e44 100644
--- a/yang/frr-affinity-map.yang
+++ b/yang/frr-affinity-map.yang
@@ -53,12 +53,22 @@ module frr-affinity-map {
"Initial revision";
}
+ typedef affinity-map-ref {
+ type leafref {
+ path "/frr-affinity-map:lib/frr-affinity-map:affinity-maps/frr-affinity-map:affinity-map/frr-affinity-map:name";
+ require-instance true;
+ }
+ description
+ "Reference to an affinity map";
+ }
+
container lib {
container affinity-maps {
description
"Affinity Mapping Table";
list affinity-map {
key "name";
+ unique "value";
description
"Affinity Mapping configuration";
leaf name {
@@ -69,6 +79,7 @@ module frr-affinity-map {
"Affinity Name";
}
leaf value {
+ mandatory true;
type uint16 {
range "0..1023";
}
diff --git a/yang/frr-bgp-neighbor.yang b/yang/frr-bgp-neighbor.yang
index 5a4c379..b199ab9 100644
--- a/yang/frr-bgp-neighbor.yang
+++ b/yang/frr-bgp-neighbor.yang
@@ -76,7 +76,7 @@ submodule frr-bgp-neighbor {
leaf enforce-first-as {
type boolean;
- default "false";
+ default "true";
description
"When set to 'true' it will enforce the first AS for EBGP routes.";
}
diff --git a/yang/frr-bgp-route-map.yang b/yang/frr-bgp-route-map.yang
index c50c513..c679f3b 100644
--- a/yang/frr-bgp-route-map.yang
+++ b/yang/frr-bgp-route-map.yang
@@ -379,6 +379,7 @@ identity set-extcommunity-color {
grouping extcommunity-non-transitive-types {
leaf two-octet-as-specific {
type boolean;
+ default false;
description
"Non-Transitive Two-Octet AS-Specific Extended Community";
}
@@ -769,6 +770,7 @@ identity set-extcommunity-color {
+ "derived-from-or-self(/frr-route-map:lib/frr-route-map:route-map/frr-route-map:entry/frr-route-map:match-condition/frr-route-map:condition, 'frr-bgp-route-map:match-extcommunity')";
container comm-list {
leaf comm-list-name {
+ mandatory true;
type bgp-filter:bgp-list-name;
}
@@ -872,11 +874,13 @@ identity set-extcommunity-color {
description
"Value of the ext-community.";
leaf lb-type {
+ mandatory true;
type frr-bgp-route-map:extcommunity-lb-type;
}
leaf bandwidth {
when "../lb-type = 'explicit-bandwidth'";
+ mandatory true;
type uint16 {
range "1..25600";
}
@@ -1108,12 +1112,14 @@ identity set-extcommunity-color {
container aggregator {
leaf aggregator-asn {
type asn-type;
+ mandatory true;
description
"ASN of the aggregator";
}
leaf aggregator-address {
type inet:ipv4-address;
+ mandatory true;
description
"IPv4 address of the aggregator";
}
diff --git a/yang/frr-eigrpd.yang b/yang/frr-eigrpd.yang
index e9071c8..f672dd5 100644
--- a/yang/frr-eigrpd.yang
+++ b/yang/frr-eigrpd.yang
@@ -22,6 +22,9 @@ module frr-eigrpd {
import frr-route-types {
prefix frr-route-types;
}
+ import frr-filter {
+ prefix frr-filter;
+ }
organization "FRRouting";
contact
@@ -224,6 +227,8 @@ module frr-eigrpd {
type inet:ipv4-address;
}
+ uses frr-filter:distribute-list-group;
+
list redistribute {
description "Redistribute routes learned from other routing protocols";
diff --git a/yang/frr-filter.yang b/yang/frr-filter.yang
index a1946d8..9b65fcc 100644
--- a/yang/frr-filter.yang
+++ b/yang/frr-filter.yang
@@ -10,6 +10,9 @@ module frr-filter {
import ietf-yang-types {
prefix yang;
}
+ import frr-interface {
+ prefix frr-interface;
+ }
organization "FRRouting";
contact
@@ -45,35 +48,95 @@ module frr-filter {
revision 2019-07-04 {
description "Initial revision";
+ reference "FRRouting";
}
/*
* Types.
*/
typedef access-list-name {
- description "Access list name formatting";
type string {
length 1..128;
}
+ description "Access list name formatting";
}
typedef access-list-sequence {
- description "Access list sequence number";
type uint32 {
range "1..4294967295";
}
+ description "Access list sequence number";
}
typedef access-list-action {
- description "Access list return action on match";
type enumeration {
enum deny {
- description "Deny an entry";
value 0;
+ description "Deny an entry";
}
enum permit {
- description "Accept an entry";
value 1;
+ description "Accept an entry";
+ }
+ }
+ description "Access list return action on match";
+ }
+
+ typedef access-list-ref {
+ type leafref {
+ path "/frr-filter:lib/frr-filter:access-list/frr-filter:name";
+ require-instance false;
+ }
+ description "IPv4 or IPv6 access list reference";
+ }
+
+ typedef prefix-list-ref {
+ type leafref {
+ path "/frr-filter:lib/frr-filter:prefix-list/frr-filter:name";
+ require-instance false;
+ }
+ description "IPv4 or IPv6 prefix list reference";
+ }
+
+ /*
+ * Grouping.
+ */
+ grouping distribute-list-group {
+ description "Distribute list grouping";
+ list distribute-list {
+ key "interface";
+ description "Distribute list configuration";
+
+ leaf interface {
+ type union {
+ type frr-interface:interface-ref;
+ type empty;
+ }
+ description
+ "Interface to attach list to or empty for global.";
+ }
+
+ container in {
+ description "Inbound filter list";
+ leaf access-list {
+ type access-list-ref;
+ description "inbound access list";
+ }
+ leaf prefix-list {
+ type prefix-list-ref;
+ description "inbound prefix list";
+ }
+ }
+ container out {
+ description "Outbound filter list";
+ leaf access-list {
+ type access-list-ref;
+ description "outbound access list";
+ }
+ leaf prefix-list {
+ type prefix-list-ref;
+ description "outbound prefix list";
+ }
}
}
}
@@ -82,77 +145,74 @@ module frr-filter {
* Configuration data.
*/
container lib {
+ description "Filter library";
list access-list {
- description "Access list instance";
-
key "type name";
+ description "Access list instance";
leaf type {
- description "Access list content type";
type enumeration {
enum ipv4 {
- description "Internet Protocol address version 4";
- value 0;
- }
- enum ipv6 {
- description "Internet Protocol address version 6";
- value 1;
+ value 0;
+ description "Internet Protocol address version 4";
+ }
+ enum ipv6 {
+ value 1;
+ description "Internet Protocol address version 6";
}
enum mac {
- description "Media Access Control address";
value 2;
+ description "Media Access Control address";
}
}
+ description "Access list content type";
}
leaf name {
- description "Access list name";
type access-list-name;
+ description "Access list name";
}
leaf remark {
- description "Access list remark";
type string;
+ description "Access list remark";
}
list entry {
- description "Access list entry";
-
key "sequence";
-
+ description "Access list entry";
leaf sequence {
- description "Access list sequence value";
type access-list-sequence;
+ description "Access list sequence value";
}
-
leaf action {
- description "Access list action on match";
type access-list-action;
mandatory true;
+ description "Access list action on match";
}
choice value {
- description "Access list value to match";
mandatory true;
+ description "Access list value to match";
case ipv4-prefix {
when "../type = 'ipv4'";
choice style {
- description "Access list entry style selection: zebra or cisco.";
mandatory true;
+ description "Access list entry style selection: zebra or cisco.";
case zebra {
leaf ipv4-prefix {
- description "Configure IPv4 prefix to match";
type inet:ipv4-prefix;
mandatory true;
+ description "Configure IPv4 prefix to match";
}
leaf ipv4-exact-match {
- description "Exact match of prefix";
type boolean;
default false;
+ description "Exact match of prefix";
}
}
case cisco {
@@ -160,19 +220,20 @@ module frr-filter {
description "Source value to match";
leaf host {
- description "Host to match";
type inet:ipv4-address;
+ description "Host to match";
}
container network {
+ description "Network to match";
leaf address {
+ type inet:ipv4-address;
mandatory true;
description "Network address part.";
- type inet:ipv4-address;
}
leaf mask {
+ type inet:ipv4-address;
mandatory true;
description "Network mask/wildcard part.";
- type inet:ipv4-address;
}
}
leaf source-any {
@@ -180,8 +241,8 @@ module frr-filter {
* Was `any`, however it conflicts with `any` leaf
* outside this choice.
*/
- description "Match any";
type empty;
+ description "Match any";
}
}
@@ -189,24 +250,25 @@ module frr-filter {
description "Destination value to match";
leaf destination-host {
- description "Host to match";
type inet:ipv4-address;
+ description "Host to match";
}
container destination-network {
+ description "Destination network to match";
leaf address {
+ type inet:ipv4-address;
mandatory true;
description "Network address part.";
- type inet:ipv4-address;
}
leaf mask {
+ type inet:ipv4-address;
mandatory true;
description "Network mask/wildcard part.";
- type inet:ipv4-address;
}
}
leaf destination-any {
- description "Match any";
type empty;
+ description "Match any";
}
}
}
@@ -216,29 +278,29 @@ module frr-filter {
when "../type = 'ipv6'";
leaf ipv6-prefix {
- description "Configure IPv6 prefix to match";
type inet:ipv6-prefix;
mandatory true;
+ description "Configure IPv6 prefix to match";
}
leaf ipv6-exact-match {
- description "Exact match of prefix";
type boolean;
default false;
+ description "Exact match of prefix";
}
}
case mac {
when "../type = 'mac'";
leaf mac {
- description "Configure MAC address to match";
type yang:mac-address;
+ description "Configure MAC address to match";
}
}
case any {
leaf any {
- description "Match anything";
type empty;
+ description "Match anything";
}
}
}
@@ -246,108 +308,104 @@ module frr-filter {
}
list prefix-list {
- description "Prefix list instance";
-
key "type name";
-
+ description "Prefix list instance";
leaf type {
- description "Prefix list type";
type enumeration {
enum ipv4 {
- description "Internet Protocol address version 4";
value 0;
+ description "Internet Protocol address version 4";
}
enum ipv6 {
- description "Internet Protocol address version 6";
value 1;
+ description "Internet Protocol address version 6";
}
}
+ description "Prefix list type";
}
leaf name {
- description "Prefix list name";
type access-list-name;
+ description "Prefix list name";
}
leaf remark {
- description "Prefix list user description";
type string;
+ description "Prefix list user description";
}
list entry {
- description "Prefix list entry";
-
key "sequence";
-
+ description "Prefix list entry";
leaf sequence {
- description "Prefix list sequence value";
type access-list-sequence;
+ description "Prefix list sequence value";
}
leaf action {
- description "Prefix list action on match";
type access-list-action;
mandatory true;
+ description "Prefix list action on match";
}
choice value {
- description "Prefix list value to match";
mandatory true;
+ description "Prefix list value to match";
case ipv4-prefix {
leaf ipv4-prefix {
- description "Configure IPv4 prefix to match";
type inet:ipv4-prefix;
mandatory true;
+ description "Configure IPv4 prefix to match";
}
leaf ipv4-prefix-length-greater-or-equal {
- description
- "Specifies if matching prefixes with length greater than
- or equal to value";
type uint8 {
range "0..32";
}
+ description
+ "Specifies if matching prefixes with length greater than
+ or equal to value";
}
leaf ipv4-prefix-length-lesser-or-equal {
- description
- "Specifies if matching prefixes with length lesser than
- or equal to value";
type uint8 {
range "0..32";
}
+ description
+ "Specifies if matching prefixes with length lesser than
+ or equal to value";
}
}
case ipv6-prefix {
leaf ipv6-prefix {
- description "Configure IPv6 prefix to match";
type inet:ipv6-prefix;
mandatory true;
+ description "Configure IPv6 prefix to match";
}
leaf ipv6-prefix-length-greater-or-equal {
- description
- "Specifies if matching prefixes with length greater than
- or equal to value";
type uint8 {
range "0..128";
}
+ description
+ "Specifies if matching prefixes with length greater than
+ or equal to value";
}
leaf ipv6-prefix-length-lesser-or-equal {
- description
- "Specifies if matching prefixes with length lesser than
- or equal to value";
type uint8 {
range "0..128";
}
+ description
+ "Specifies if matching prefixes with length lesser than
+ or equal to value";
}
}
case any {
leaf any {
- description "Match anything";
type empty;
+ description "Match anything";
}
}
}
diff --git a/yang/frr-interface.yang b/yang/frr-interface.yang
index 012c96b..fc5a290 100644
--- a/yang/frr-interface.yang
+++ b/yang/frr-interface.yang
@@ -241,17 +241,18 @@ module frr-interface {
}
leaf mtu {
- type uint16;
+ type uint32;
description
- "The size of the largest IPV4 packet that the interface
- will send and receive.";
+ "The size of the largest IPV4 packet that the interface will send.
+ Normally this will never be larger than 65535; however, some devices
+ (e.g., vrf) can have larger values";
}
leaf mtu6 {
type uint32;
description
"The size of the largest IPV6 packet that the interface
- will send and receive.";
+ will send.";
}
leaf speed {
diff --git a/yang/frr-ripd.yang b/yang/frr-ripd.yang
index 5f85a4c..d65ee48 100644
--- a/yang/frr-ripd.yang
+++ b/yang/frr-ripd.yang
@@ -16,6 +16,9 @@ module frr-ripd {
import frr-bfdd {
prefix frr-bfdd;
}
+ import frr-filter {
+ prefix frr-filter;
+ }
import frr-interface {
prefix frr-interface;
}
@@ -258,6 +261,9 @@ module frr-ripd {
"A list of interfaces where the sending of RIP packets
is enabled.";
}
+
+ uses frr-filter:distribute-list-group;
+
list redistribute {
key "protocol";
description
@@ -380,9 +386,9 @@ module frr-ripd {
}
leaf default-bfd-profile {
+ type frr-bfdd:profile-ref;
description
"Use this BFD profile for all peers by default.";
- type frr-bfdd:profile-ref;
}
/*
@@ -691,12 +697,13 @@ module frr-ripd {
container bfd-monitoring {
presence
"Present if BFD is configured for RIP peers in this interface.";
+ description "Configure BFD use in RIPD";
leaf enable {
type boolean;
+ default false;
description
"Enable/disable BFD monitoring.";
- default false;
}
leaf profile {
diff --git a/yang/frr-ripngd.yang b/yang/frr-ripngd.yang
index 4aeaf36..383b45f 100644
--- a/yang/frr-ripngd.yang
+++ b/yang/frr-ripngd.yang
@@ -13,6 +13,9 @@ module frr-ripngd {
import frr-if-rmap {
prefix frr-if-rmap;
}
+ import frr-filter {
+ prefix frr-filter;
+ }
import frr-interface {
prefix frr-interface;
}
@@ -63,6 +66,7 @@ module frr-ripngd {
description
"Changed interface references to use
frr-interface:interface-ref typedef";
+ reference "FRRouting";
}
revision 2018-11-27 {
description
@@ -72,6 +76,7 @@ module frr-ripngd {
}
container ripngd {
+ description "ripng routing instance data";
/*
* Routing instance configuration.
*/
@@ -169,15 +174,18 @@ module frr-ripngd {
"A list of interfaces where the sending of RIPng packets
is disabled.";
}
+
+ uses frr-filter:distribute-list-group;
+
list redistribute {
key "protocol";
description
"Redistributes routes learned from other routing protocols.";
leaf protocol {
type frr-route-types:frr-route-types-v6;
+ must '. != "ripng"';
description
"Routing protocol.";
- must '. != "ripng"';
}
leaf route-map {
type frr-route-map:route-map-ref;
@@ -330,6 +338,7 @@ module frr-ripngd {
* Per-interface configuration data
*/
augment "/frr-interface:lib/frr-interface:interface" {
+ description "RIPng interface augmentation.";
container ripng {
description
"RIPng interface parameters.";
diff --git a/yang/frr-route-types.yang b/yang/frr-route-types.yang
index 728607c..aa676ce 100644
--- a/yang/frr-route-types.yang
+++ b/yang/frr-route-types.yang
@@ -54,44 +54,47 @@ module frr-route-types {
enum connected {
value 2;
}
- enum static {
+ enum local {
value 3;
}
- enum rip {
+ enum static {
value 4;
}
+ enum rip {
+ value 5;
+ }
enum ospf {
- value 6;
+ value 7;
}
enum isis {
- value 8;
+ value 9;
}
enum bgp {
- value 9;
+ value 10;
}
enum eigrp {
- value 11;
+ value 12;
}
enum nhrp {
- value 12;
+ value 13;
}
enum table {
- value 15;
+ value 16;
}
enum vnc {
- value 17;
+ value 18;
}
enum vnc-direct {
- value 18;
+ value 19;
}
enum babel {
- value 22;
+ value 23;
}
enum sharp {
- value 23;
+ value 24;
}
enum openfabric {
- value 26;
+ value 27;
}
}
}
@@ -104,41 +107,44 @@ module frr-route-types {
enum connected {
value 2;
}
- enum static {
+ enum local {
value 3;
}
+ enum static {
+ value 4;
+ }
enum ripng {
- value 5;
+ value 6;
}
enum ospf6 {
- value 7;
+ value 8;
}
enum isis {
- value 8;
+ value 9;
}
enum bgp {
- value 9;
+ value 10;
}
enum nhrp {
- value 12;
+ value 13;
}
enum table {
- value 15;
+ value 16;
}
enum vnc {
- value 17;
+ value 18;
}
enum vnc-direct {
- value 18;
+ value 19;
}
enum babel {
- value 22;
+ value 23;
}
enum sharp {
- value 23;
+ value 24;
}
enum openfabric {
- value 26;
+ value 27;
}
}
}
diff --git a/yang/frr-test-module.yang b/yang/frr-test-module.yang
index d6e7188..6cc60e8 100644
--- a/yang/frr-test-module.yang
+++ b/yang/frr-test-module.yang
@@ -82,5 +82,23 @@ module frr-test-module {
}
}
}
+ choice achoice {
+ description "a choice statement";
+ case case1 {
+ leaf c1value {
+ type uint8;
+ description "A uint8 value for case 1";
+ }
+ }
+ case case2 {
+ container c2cont {
+ description "case 2 container";
+ leaf c2value {
+ type uint32;
+ description "A uint32 value for case 2";
+ }
+ }
+ }
+ }
}
}
diff --git a/yang/frr-zebra.yang b/yang/frr-zebra.yang
index 3c6e451..c338a23 100644
--- a/yang/frr-zebra.yang
+++ b/yang/frr-zebra.yang
@@ -81,6 +81,16 @@ module frr-zebra {
"Initial revision.";
}
+ feature ipv6-router-advertisements {
+ description
+ "Support for IPv6 Router Advertisements.";
+ }
+
+ feature ptm-bfd {
+ description
+ "Using an external PTM daemon that implements BFD.";
+ }
+
typedef unix-timestamp {
type uint32;
units "seconds";
@@ -1935,19 +1945,23 @@ module frr-zebra {
description
"Extends interface model with Zebra-related parameters.";
container zebra {
- list ip-addrs {
- key "address-family ip-prefix";
+ list ipv4-addrs {
+ key "ip prefix-length";
description
- "IP prefixes for an interface.";
- uses frr-rt:address-family {
+ "The list of configured IPv4 addresses on the interface.";
+
+ leaf ip {
+ type inet:ipv4-address-no-zone;
description
- "Address family of the RIB.";
+ "The IPv4 address on the interface.";
}
- leaf ip-prefix {
- type inet:ip-prefix;
+ leaf prefix-length {
+ type uint8 {
+ range "0..32";
+ }
description
- "IP address prefix.";
+ "The length of the subnet prefix.";
}
leaf label {
@@ -1955,12 +1969,57 @@ module frr-zebra {
description
"Optional string label for the address.";
}
+ }
+
+ list ipv4-p2p-addrs {
+ key "ip peer-ip peer-prefix-length";
+ description
+ "The list of configured peer-to-peer IPv4 addresses on the interface.";
+
+ leaf ip {
+ type inet:ipv4-address-no-zone;
+ description
+ "The IPv4 address on the interface.";
+ }
+
+ leaf peer-ip {
+ type inet:ipv4-address-no-zone;
+ description
+ "Peer address.";
+ }
+
+ leaf peer-prefix-length {
+ type uint8 {
+ range "0..32";
+ }
+ description
+ "The length of the peer subnet prefix.";
+ }
- leaf ip4-peer {
- when "derived-from-or-self(../address-family, 'frr-rt:ipv4')";
- type inet:ipv4-prefix;
+ leaf label {
+ type string;
description
- "Peer prefix, for peer-to-peer interfaces.";
+ "Optional string label for the address.";
+ }
+ }
+
+ list ipv6-addrs {
+ key "ip prefix-length";
+ description
+ "The list of configured IPv6 addresses on the interface.";
+
+ leaf ip {
+ type inet:ipv6-address-no-zone;
+ description
+ "The IPv6 address on the interface.";
+ }
+
+ leaf prefix-length {
+ type uint8 {
+ range "0..128";
+ }
+ description
+ "The length of the subnet prefix.";
}
}
@@ -1972,11 +2031,12 @@ module frr-zebra {
leaf link-detect {
type boolean;
+ default "true";
description
"Link-detection for the interface.";
}
- leaf shutdown {
+ leaf enabled {
type boolean;
description
"Interface admin status.";
@@ -1990,14 +2050,69 @@ module frr-zebra {
leaf bandwidth {
type uint32 {
- range "1..100000";
+ range "1..1000000";
}
+ units "megabits/sec";
description
"Link bandwidth informational parameter, in megabits.";
}
container link-params {
+ presence "Activates link parameters on this interface.";
description
"link-params for Traffic-Engineering (TE) use in IGP extensions.";
+ leaf metric {
+ type uint32;
+ description
+ "Link metric for MPLS-TE purpose.";
+ }
+ leaf max-bandwidth {
+ type rt-types:bandwidth-ieee-float32;
+ description
+ "Maximum bandwidth.";
+ }
+ leaf max-reservable-bandwidth {
+ type rt-types:bandwidth-ieee-float32;
+ description
+ "Maximum reservable bandwidth.";
+ }
+ container unreserved-bandwidths {
+ description
+ "All unreserved bandwidths.";
+ list unreserved-bandwidth {
+ key "priority";
+ leaf priority {
+ type uint8 {
+ range "0 .. 7";
+ }
+ description
+ "Priority from 0 to 7.";
+ }
+ leaf unreserved-bandwidth {
+ type rt-types:bandwidth-ieee-float32;
+ mandatory true;
+ description
+ "Unreserved bandwidth.";
+ }
+ description
+ "List of unreserved bandwidths for different
+ priorities.";
+ }
+ }
+ leaf residual-bandwidth {
+ type rt-types:bandwidth-ieee-float32;
+ description
+ "Unidirectional residual bandwidth.";
+ }
+ leaf available-bandwidth {
+ type rt-types:bandwidth-ieee-float32;
+ description
+ "Unidirectional available bandwidth.";
+ }
+ leaf utilized-bandwidth {
+ type rt-types:bandwidth-ieee-float32;
+ description
+ "Unidirectional utilized bandwidth.";
+ }
choice admin-group-mode {
description "Admin-group mode";
case legacy {
@@ -2011,8 +2126,11 @@ module frr-zebra {
case affinity {
container affinities {
leaf-list affinity {
- type string;
+ type frr-affinity-map:affinity-map-ref;
max-elements "256";
+ must '../../affinity-mode != "standard" or /frr-affinity-map:lib/frr-affinity-map:affinity-maps/frr-affinity-map:affinity-map[frr-affinity-map:name=current()]/frr-affinity-map:value < 32' {
+ error-message "Affinity bit-position must be less than 32 when used with standard affinity mode";
+ }
description
"Array of Attribute Names";
}
@@ -2041,9 +2159,526 @@ module frr-zebra {
}
}
}
+ container neighbor {
+ description "Remote ASBR information (RFC 5316 & RFC 5392)";
+ presence "Activates neighbor information on this interface.";
+ leaf remote-as {
+ type inet:as-number;
+ mandatory true;
+ description
+ "Remote AS Number (RFC 5316 & RFC 5392)";
+ }
+ leaf ipv4-remote-id {
+ type inet:ipv4-address;
+ mandatory true;
+ description
+ "IPv4 Remote ASBR ID (RFC 5316 & RFC 5392)";
+ }
+ }
+ leaf delay {
+ type uint32 {
+ range "0..16777215";
+ }
+ description
+ "Average Unidirectional Link Delay";
+ }
+ container min-max-delay {
+ description
+ "Min/Max Unidirectional Link Delay";
+ presence "Activates min/max delay.";
+ leaf delay-min {
+ type uint32 {
+ range "0..16777215";
+ }
+ must '. <= ../../delay' {
+ error-message "Min delay must be less than or equal to delay";
+ }
+ mandatory true;
+ description
+ "Min Delay";
+ }
+ leaf delay-max {
+ type uint32 {
+ range "0..16777215";
+ }
+ must '. >= ../../delay' {
+ error-message "Max delay must be greater than or equal to delay";
+ }
+ mandatory true;
+ description
+ "Max Delay";
+ }
+ }
+ leaf delay-variation {
+ type uint32 {
+ range "0..16777215";
+ }
+ description
+ "Unidirectional Delay Variation";
+ }
+ leaf packet-loss {
+ type decimal64 {
+ fraction-digits 6;
+ range "0..50.331642";
+ }
+ description
+ "Unidirectional Link Packet Loss";
+ }
// TODO -- other link-params options
// for (experimental/partial TE use in IGP extensions)
}
+ container evpn-mh {
+ description "EVPN multihoming configuration";
+ choice esi-choice {
+ description "ESI type";
+ container type-0 {
+ leaf esi {
+ type yang:hex-string {
+ length "29";
+ }
+ description
+ "10-octet ESI.";
+ }
+ }
+ container type-3 {
+ leaf system-mac {
+ type yang:mac-address;
+ description
+ "System MAC address.";
+ }
+ leaf local-discriminator {
+ type uint32 {
+ range "1..16777215";
+ }
+ description
+ "Local discriminator.";
+ }
+ }
+ }
+ leaf df-preference {
+ type uint16;
+ default "32767";
+ description
+ "Preference value used for DF election.";
+ }
+ leaf bypass {
+ type boolean;
+ default "false";
+ description
+ "Bypass mode.";
+ }
+ leaf uplink {
+ type boolean;
+ default "false";
+ description
+ "Uplink to the VxLAN core.";
+ }
+ }
+ container ipv6-router-advertisements {
+ if-feature "ipv6-router-advertisements";
+ description
+ "Support for IPv6 Router Advertisements.";
+ leaf send-advertisements {
+ type boolean;
+ default "false";
+ description
+ "A flag indicating whether or not the router sends
+ periodic Router Advertisements and responds to
+ Router Solicitations.";
+ reference
+ "RFC 4861: Neighbor Discovery for IP version 6 (IPv6)
+ - AdvSendAdvertisements";
+ }
+ leaf max-rtr-adv-interval {
+ type uint32 {
+ range "70..1800000";
+ }
+ units "milliseconds";
+ default "600000";
+ description
+ "The maximum time allowed between sending unsolicited
+ multicast Router Advertisements from the interface.";
+ reference
+ "RFC 4861: Neighbor Discovery for IP version 6 (IPv6)
+ - MaxRtrAdvInterval
+ RFC 6275: Mobility Support in IPv6";
+ }
+ // Setting this value is not yet supported by the actual code.
+ /*
+ leaf min-rtr-adv-interval {
+ type uint32 {
+ range "30..1350000";
+ }
+ units "milliseconds";
+ must ". <= 0.75 * ../max-rtr-adv-interval" {
+ description
+ "The value MUST NOT be greater than 75% of
+ 'max-rtr-adv-interval'.";
+ }
+ description
+ "The minimum time allowed between sending unsolicited
+ multicast Router Advertisements from the interface.
+
+ The default value to be used operationally if this
+ leaf is not configured is determined as follows:
+
+ - if max-rtr-adv-interval >= 9 seconds, the default
+ value is 0.33 * max-rtr-adv-interval;
+
+ - otherwise, it is 0.75 * max-rtr-adv-interval.";
+ reference
+ "RFC 4861: Neighbor Discovery for IP version 6 (IPv6)
+ - MaxRtrAdvInterval
+ RFC 6275: Mobility Support in IPv6";
+ }
+ */
+ leaf managed-flag {
+ type boolean;
+ default "false";
+ description
+ "The value to be placed in the 'Managed address
+ configuration' flag field in the Router
+ Advertisement.";
+ reference
+ "RFC 4861: Neighbor Discovery for IP version 6 (IPv6)
+ - AdvManagedFlag";
+ }
+ leaf other-config-flag {
+ type boolean;
+ default "false";
+ description
+ "The value to be placed in the 'Other configuration'
+ flag field in the Router Advertisement.";
+ reference
+ "RFC 4861: Neighbor Discovery for IP version 6 (IPv6)
+ - AdvOtherConfigFlag";
+ }
+ leaf home-agent-flag {
+ type boolean;
+ default "false";
+ description
+ "The value to be placed in the 'Home Agent'
+ flag field in the Router Advertisement.";
+ reference
+ "RFC 6275: Mobility Support in IPv6";
+ }
+ leaf link-mtu {
+ type uint32;
+ default "0";
+ description
+ "The value to be placed in MTU options sent by the
+ router. A value of zero indicates that no MTU options
+ are sent.";
+ reference
+ "RFC 4861: Neighbor Discovery for IP version 6 (IPv6)
+ - AdvLinkMTU";
+ }
+ leaf reachable-time {
+ type uint32 {
+ range "0..3600000";
+ }
+ units "milliseconds";
+ default "0";
+ description
+ "The value to be placed in the Reachable Time field in
+ the Router Advertisement messages sent by the router.
+ A value of zero means unspecified (by this router).";
+ reference
+ "RFC 4861: Neighbor Discovery for IP version 6 (IPv6)
+ - AdvReachableTime";
+ }
+ leaf retrans-timer {
+ type uint32;
+ units "milliseconds";
+ default "0";
+ description
+ "The value to be placed in the Retrans Timer field in
+ the Router Advertisement messages sent by the router.
+ A value of zero means unspecified (by this router).";
+ reference
+ "RFC 4861: Neighbor Discovery for IP version 6 (IPv6)
+ - AdvRetransTimer";
+ }
+ leaf cur-hop-limit {
+ type uint8;
+ description
+ "The value to be placed in the Cur Hop Limit field in
+ the Router Advertisement messages sent by the router.
+ A value of zero means unspecified (by this router).
+
+ If this parameter is not configured, the device SHOULD
+ use the IANA-specified value for the default IPv4
+ Time to Live (TTL) parameter that was in effect at the
+ time of implementation.";
+ reference
+ "RFC 3232: Assigned Numbers: RFC 1700 is Replaced by
+ an On-line Database
+ RFC 4861: Neighbor Discovery for IP version 6 (IPv6)
+ - AdvCurHopLimit
+ IANA: IP Parameters
+ (https://www.iana.org/assignments/ip-parameters)";
+ }
+ leaf default-lifetime {
+ type uint16 {
+ range "0..9000";
+ }
+ units "seconds";
+ must ". = 0 or . * 1000 >= ../max-rtr-adv-interval" {
+ description
+ "The value MUST NOT be less than max-rtr-adv-interval.";
+ }
+ description
+ "The value to be placed in the Router Lifetime field of
+ Router Advertisements sent from the interface, in
+ seconds. It MUST be either zero or between
+ max-rtr-adv-interval and 9000 seconds. A value of zero
+ indicates that the router is not to be used as a
+ default router. These limits may be overridden by
+ specific documents that describe how IPv6 operates over
+ different link layers.
+
+ If this parameter is not configured, the device SHOULD
+ use a value of 3 * max-rtr-adv-interval.";
+ reference
+ "RFC 4861: Neighbor Discovery for IP version 6 (IPv6)
+ - AdvDefaultLifetime";
+ }
+ leaf fast-retransmit {
+ type boolean;
+ default "true";
+ description
+ "Allow sending unsolicited multicast Router Advertisements
+ more frequently than once every 3 seconds as required by
+ RFC 4861.";
+ }
+ leaf advertisement-interval-option {
+ type boolean;
+ default "false";
+ description
+ "Enable sending the Advertisement Interval Option in
+ Router Advertisements.";
+ reference
+ "RFC 6275: Mobility Support in IPv6";
+ }
+ leaf home-agent-preference {
+ type uint16;
+ description
+ "The value to be placed in the Home Agent Preference
+ field in the Router Advertisement messages sent by the
+ router.";
+ reference
+ "RFC 6275: Mobility Support in IPv6";
+ }
+ leaf home-agent-lifetime {
+ type uint16;
+ description
+ "The value to be placed in the Home Agent Lifetime
+ field in the Router Advertisement messages sent by the
+ router.";
+ reference
+ "RFC 6275: Mobility Support in IPv6";
+ }
+ leaf default-router-preference {
+ type enumeration {
+ enum high {
+ value 1; /* 01 */
+ description
+ "High preference.";
+ }
+ enum medium {
+ value 0; /* 00 */
+ description
+ "Medium preference.";
+ }
+ enum low {
+ value 3; /* 11 */
+ description
+ "Low preference.";
+ }
+ }
+ default "medium";
+ description
+ "The value to be placed in the Default Router
+ Preference field in the Router Advertisement messages
+ sent by the router.";
+ reference
+ "RFC 4191: Default Router Preferences and More-Specific
+ Routes";
+ }
+ container prefix-list {
+ description
+ "Support for prefixes to be placed in Prefix
+ Information options in Router Advertisement messages
+ sent from the interface.
+
+ Prefixes that are advertised by default but do not
+ have their entries in the child 'prefix' list are
+ advertised with the default values of all parameters.
+
+ The link-local prefix SHOULD NOT be included in the
+ list of advertised prefixes.";
+ reference
+ "RFC 4861: Neighbor Discovery for IP version 6 (IPv6)
+ - AdvPrefixList";
+ list prefix {
+ key "prefix-spec";
+ description
+ "Support for an advertised prefix entry.";
+ leaf prefix-spec {
+ type inet:ipv6-prefix;
+ description
+ "IPv6 address prefix.";
+ }
+ // FRR doesn't support 'no-advertise'. Keeping the code
+ // here for future reference.
+ /*
+ choice control-adv-prefixes {
+ default "advertise";
+ description
+ "Either (1) the prefix is explicitly removed from the
+ set of advertised prefixes or (2) the parameters with
+ which the prefix is advertised are specified (default
+ case).";
+ leaf no-advertise {
+ type empty;
+ description
+ "The prefix will not be advertised.
+
+ This can be used for removing the prefix from
+ the default set of advertised prefixes.";
+ }
+ case advertise {
+ */
+ leaf valid-lifetime {
+ type uint32;
+ units "seconds";
+ default "2592000";
+ description
+ "The value to be placed in the Valid Lifetime
+ in the Prefix Information option. The
+ designated value of all 1's (0xffffffff)
+ represents infinity.";
+ reference
+ "RFC 4861: Neighbor Discovery for IP version 6
+ (IPv6) - AdvValidLifetime";
+ }
+ leaf on-link-flag {
+ type boolean;
+ default "true";
+ description
+ "The value to be placed in the on-link flag
+ ('L-bit') field in the Prefix Information
+ option.";
+ reference
+ "RFC 4861: Neighbor Discovery for IP version 6
+ (IPv6) - AdvOnLinkFlag";
+ }
+ leaf preferred-lifetime {
+ type uint32;
+ units "seconds";
+ must ". <= ../valid-lifetime" {
+ description
+ "This value MUST NOT be greater than
+ valid-lifetime.";
+ }
+ default "604800";
+ description
+ "The value to be placed in the Preferred
+ Lifetime in the Prefix Information option.
+ The designated value of all 1's (0xffffffff)
+ represents infinity.";
+ reference
+ "RFC 4861: Neighbor Discovery for IP version 6
+ (IPv6) - AdvPreferredLifetime";
+ }
+ leaf autonomous-flag {
+ type boolean;
+ default "true";
+ description
+ "The value to be placed in the Autonomous Flag
+ field in the Prefix Information option.";
+ reference
+ "RFC 4861: Neighbor Discovery for IP version 6
+ (IPv6) - AdvAutonomousFlag";
+ }
+ leaf router-address-flag {
+ type boolean;
+ default "false";
+ description
+ "The value to be placed in the Router Address
+ flag field in the Prefix Information option.";
+ reference
+ "RFC 6275: Mobility Support in IPv6";
+ }
+ /*
+ }
+ }
+ */
+ // This is closing brackets for `case advertise` and
+ // `choice control-adv-prefixes`.
+ }
+ }
+ container rdnss {
+ description
+ "A list of recursive DNS server addresses that are placed
+ in Recursive DNS Server (RDNSS) options in Router
+ Advertisement messages sent from the interface.";
+ reference
+ "RFC 8106: IPv6 Router Advertisement Options for DNS
+ Configuration";
+ list rdnss-address {
+ key "address";
+ description
+ "Recursive DNS server address.";
+ leaf address {
+ type inet:ipv6-address;
+ description
+ "IPv6 address of a recursive DNS server.";
+ }
+ leaf lifetime {
+ type uint32;
+ units "seconds";
+ description
+ "The value that is placed in the Lifetime field in the
+ RDNSS option. The designated value of all 1's
+ (0xffffffff) represents infinity.";
+ }
+ }
+ }
+ container dnssl {
+ description
+ "A list of domain names that are placed in DNS Search List (DNSSL)
+ options in Router Advertisement messages sent from the interface.";
+ reference
+ "RFC 8106: IPv6 Router Advertisement Options for DNS
+ Configuration";
+ list dnssl-domain {
+ key "domain";
+ description
+ "Domain name for the search list.";
+ leaf domain {
+ type inet:domain-name;
+ description
+ "Domain name for the search list.";
+ }
+ leaf lifetime {
+ type uint32;
+ units "seconds";
+ description
+ "The value that is placed in the Lifetime field in the
+ DNSSL option. The designated value of all 1's
+ (0xffffffff) represents infinity.";
+ }
+ }
+ }
+ }
+ leaf ptm-enable {
+ if-feature ptm-bfd;
+ type boolean;
+ default "true";
+ description
+ "Enable PTM on the interface.";
+ }
container state {
config false;
description
@@ -2108,6 +2743,112 @@ module frr-zebra {
container zebra {
description
"Zebra's vrf specific configuration and operational model.";
+
+ leaf router-id {
+ type yang:dotted-quad;
+ description
+ "A 32-bit number in the form of a dotted quad that is used by
+ some routing protocols identifying a router.";
+ }
+
+ leaf ipv6-router-id {
+ type inet:ipv6-address-no-zone;
+ description
+ "A 128-bit number in the form of an IPv6 address that is used by
+ some routing protocols identifying a router.";
+ }
+
+ list filter-protocol {
+ key "afi-safi protocol";
+ description
+ "Filter routing info exchanged between zebra and protocol.";
+ leaf afi-safi {
+ type identityref {
+ base frr-rt:afi-safi-type;
+ }
+ description
+ "AFI-SAFI type.";
+ }
+ leaf protocol {
+ // This should be identityref to frr-rt:control-plane-protocol someday
+ type string;
+ description
+ "The protocol to filter.";
+ }
+ leaf route-map {
+ type frr-route-map:route-map-ref;
+ mandatory true;
+ description
+ "A route-map to filter routes.";
+ }
+ }
+
+ list filter-nht {
+ key "afi-safi protocol";
+ description
+ "Filter next hop tracking route resolution.";
+ leaf afi-safi {
+ type identityref {
+ base frr-rt:afi-safi-type;
+ }
+ description
+ "AFI-SAFI type.";
+ }
+ leaf protocol {
+ // This should be identityref to frr-rt:control-plane-protocol someday
+ type string;
+ description
+ "The protocol to filter.";
+ }
+ leaf route-map {
+ type frr-route-map:route-map-ref;
+ mandatory true;
+ description
+ "A route-map to filter nexthops.";
+ }
+ }
+
+ leaf resolve-via-default {
+ type boolean;
+ description
+ "Resolve IPv4 nexthops via the default route. This is true by default
+ for traditional profile and false by default for datacenter profile.
+ Removing the leaf sets it back to the default value for the profile.";
+ }
+
+ leaf ipv6-resolve-via-default {
+ type boolean;
+ description
+ "Resolve IPv4 nexthops via the default route. This is true by default
+ for traditional profile and false by default for datacenter profile.
+ Removing the leaf sets it back to the default value for the profile.";
+ }
+
+ container netns {
+ description
+ "Configuration for netns VRF backend.";
+ container table-range {
+ presence "Activates table-range configuration.";
+ description
+ "The range of tables to use for this netns.";
+ leaf start {
+ type uint32;
+ mandatory true;
+ description
+ "The first table to use.";
+ }
+ leaf end {
+ type uint32;
+ mandatory true;
+ must ". >= ../start" {
+ error-message "End table must be greater than or equal to start table";
+ }
+ description
+ "The last table to use.";
+ }
+ }
+ }
+
uses ribs;
uses vrf-vni-mapping;
@@ -2213,6 +2954,22 @@ module frr-zebra {
description
"Limit on the number of updates queued to the dataplane subsystem.";
}
+ leaf ptm-enable {
+ if-feature ptm-bfd;
+ type boolean;
+ default "false";
+ description
+ "Enable PTM globally.";
+ }
+ leaf route-map-delay {
+ type uint32 {
+ range "0..600";
+ }
+ units "seconds";
+ default "5";
+ description
+ "Time to wait before route-map updates are processed.";
+ }
/*
* Debug options
*/
diff --git a/yang/ietf/ietf-netconf-acm.yang b/yang/ietf/ietf-netconf-acm.yang
new file mode 100644
index 0000000..f7e02f2
--- /dev/null
+++ b/yang/ietf/ietf-netconf-acm.yang
@@ -0,0 +1,464 @@
+module ietf-netconf-acm {
+
+ namespace "urn:ietf:params:xml:ns:yang:ietf-netconf-acm";
+
+ prefix nacm;
+
+ import ietf-yang-types {
+ prefix yang;
+ }
+
+ organization
+ "IETF NETCONF (Network Configuration) Working Group";
+
+ contact
+ "WG Web: <https://datatracker.ietf.org/wg/netconf/>
+ WG List: <mailto:netconf@ietf.org>
+
+ Author: Andy Bierman
+ <mailto:andy@yumaworks.com>
+
+ Author: Martin Bjorklund
+ <mailto:mbj@tail-f.com>";
+
+ description
+ "Network Configuration Access Control Model.
+
+ Copyright (c) 2012 - 2018 IETF Trust and the persons
+ identified as authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD
+ License set forth in Section 4.c of the IETF Trust's
+ Legal Provisions Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 8341; see
+ the RFC itself for full legal notices.";
+
+ revision 2018-02-14 {
+ description
+ "Added support for YANG 1.1 actions and notifications tied to
+ data nodes. Clarified how NACM extensions can be used by
+ other data models.";
+ reference
+ "RFC 8341: Network Configuration Access Control Model";
+ }
+
+ revision 2012-02-22 {
+ description
+ "Initial version.";
+ reference
+ "RFC 6536: Network Configuration Protocol (NETCONF)
+ Access Control Model";
+ }
+
+ /*
+ * Extension statements
+ */
+
+ extension default-deny-write {
+ description
+ "Used to indicate that the data model node
+ represents a sensitive security system parameter.
+
+ If present, the NETCONF server will only allow the designated
+ 'recovery session' to have write access to the node. An
+ explicit access control rule is required for all other users.
+
+ If the NACM module is used, then it must be enabled (i.e.,
+ /nacm/enable-nacm object equals 'true'), or this extension
+ is ignored.
+
+ The 'default-deny-write' extension MAY appear within a data
+ definition statement. It is ignored otherwise.";
+ }
+
+ extension default-deny-all {
+ description
+ "Used to indicate that the data model node
+ controls a very sensitive security system parameter.
+
+ If present, the NETCONF server will only allow the designated
+ 'recovery session' to have read, write, or execute access to
+ the node. An explicit access control rule is required for all
+ other users.
+
+ If the NACM module is used, then it must be enabled (i.e.,
+ /nacm/enable-nacm object equals 'true'), or this extension
+ is ignored.
+
+ The 'default-deny-all' extension MAY appear within a data
+ definition statement, 'rpc' statement, or 'notification'
+ statement. It is ignored otherwise.";
+ }
+
+ /*
+ * Derived types
+ */
+
+ typedef user-name-type {
+ type string {
+ length "1..max";
+ }
+ description
+ "General-purpose username string.";
+ }
+
+ typedef matchall-string-type {
+ type string {
+ pattern '\*';
+ }
+ description
+ "The string containing a single asterisk '*' is used
+ to conceptually represent all possible values
+ for the particular leaf using this data type.";
+ }
+
+ typedef access-operations-type {
+ type bits {
+ bit create {
+ description
+ "Any protocol operation that creates a
+ new data node.";
+ }
+ bit read {
+ description
+ "Any protocol operation or notification that
+ returns the value of a data node.";
+ }
+ bit update {
+ description
+ "Any protocol operation that alters an existing
+ data node.";
+ }
+ bit delete {
+ description
+ "Any protocol operation that removes a data node.";
+ }
+ bit exec {
+ description
+ "Execution access to the specified protocol operation.";
+ }
+ }
+ description
+ "Access operation.";
+ }
+
+ typedef group-name-type {
+ type string {
+ length "1..max";
+ pattern '[^\*].*';
+ }
+ description
+ "Name of administrative group to which
+ users can be assigned.";
+ }
+
+ typedef action-type {
+ type enumeration {
+ enum permit {
+ description
+ "Requested action is permitted.";
+ }
+ enum deny {
+ description
+ "Requested action is denied.";
+ }
+ }
+ description
+ "Action taken by the server when a particular
+ rule matches.";
+ }
+
+ typedef node-instance-identifier {
+ type yang:xpath1.0;
+ description
+ "Path expression used to represent a special
+ data node, action, or notification instance-identifier
+ string.
+
+ A node-instance-identifier value is an
+ unrestricted YANG instance-identifier expression.
+ All the same rules as an instance-identifier apply,
+ except that predicates for keys are optional. If a key
+ predicate is missing, then the node-instance-identifier
+ represents all possible server instances for that key.
+
+ This XML Path Language (XPath) expression is evaluated in the
+ following context:
+
+ o The set of namespace declarations are those in scope on
+ the leaf element where this type is used.
+
+ o The set of variable bindings contains one variable,
+ 'USER', which contains the name of the user of the
+ current session.
+
+ o The function library is the core function library, but
+ note that due to the syntax restrictions of an
+ instance-identifier, no functions are allowed.
+
+ o The context node is the root node in the data tree.
+
+ The accessible tree includes actions and notifications tied
+ to data nodes.";
+ }
+
+ /*
+ * Data definition statements
+ */
+
+ container nacm {
+ nacm:default-deny-all;
+
+ description
+ "Parameters for NETCONF access control model.";
+
+ leaf enable-nacm {
+ type boolean;
+ default "true";
+ description
+ "Enables or disables all NETCONF access control
+ enforcement. If 'true', then enforcement
+ is enabled. If 'false', then enforcement
+ is disabled.";
+ }
+
+ leaf read-default {
+ type action-type;
+ default "permit";
+ description
+ "Controls whether read access is granted if
+ no appropriate rule is found for a
+ particular read request.";
+ }
+
+ leaf write-default {
+ type action-type;
+ default "deny";
+ description
+ "Controls whether create, update, or delete access
+ is granted if no appropriate rule is found for a
+ particular write request.";
+ }
+
+ leaf exec-default {
+ type action-type;
+ default "permit";
+ description
+ "Controls whether exec access is granted if no appropriate
+ rule is found for a particular protocol operation request.";
+ }
+
+ leaf enable-external-groups {
+ type boolean;
+ default "true";
+ description
+ "Controls whether the server uses the groups reported by the
+ NETCONF transport layer when it assigns the user to a set of
+ NACM groups. If this leaf has the value 'false', any group
+ names reported by the transport layer are ignored by the
+ server.";
+ }
+
+ leaf denied-operations {
+ type yang:zero-based-counter32;
+ config false;
+ mandatory true;
+ description
+ "Number of times since the server last restarted that a
+ protocol operation request was denied.";
+ }
+
+ leaf denied-data-writes {
+ type yang:zero-based-counter32;
+ config false;
+ mandatory true;
+ description
+ "Number of times since the server last restarted that a
+ protocol operation request to alter
+ a configuration datastore was denied.";
+ }
+
+ leaf denied-notifications {
+ type yang:zero-based-counter32;
+ config false;
+ mandatory true;
+ description
+ "Number of times since the server last restarted that
+ a notification was dropped for a subscription because
+ access to the event type was denied.";
+ }
+
+ container groups {
+ description
+ "NETCONF access control groups.";
+
+ list group {
+ key name;
+
+ description
+ "One NACM group entry. This list will only contain
+ configured entries, not any entries learned from
+ any transport protocols.";
+
+ leaf name {
+ type group-name-type;
+ description
+ "Group name associated with this entry.";
+ }
+
+ leaf-list user-name {
+ type user-name-type;
+ description
+ "Each entry identifies the username of
+ a member of the group associated with
+ this entry.";
+ }
+ }
+ }
+
+ list rule-list {
+ key name;
+ ordered-by user;
+ description
+ "An ordered collection of access control rules.";
+
+ leaf name {
+ type string {
+ length "1..max";
+ }
+ description
+ "Arbitrary name assigned to the rule-list.";
+ }
+ leaf-list group {
+ type union {
+ type matchall-string-type;
+ type group-name-type;
+ }
+ description
+ "List of administrative groups that will be
+ assigned the associated access rights
+ defined by the 'rule' list.
+
+ The string '*' indicates that all groups apply to the
+ entry.";
+ }
+
+ list rule {
+ key name;
+ ordered-by user;
+ description
+ "One access control rule.
+
+ Rules are processed in user-defined order until a match is
+ found. A rule matches if 'module-name', 'rule-type', and
+ 'access-operations' match the request. If a rule
+ matches, the 'action' leaf determines whether or not
+ access is granted.";
+
+ leaf name {
+ type string {
+ length "1..max";
+ }
+ description
+ "Arbitrary name assigned to the rule.";
+ }
+
+ leaf module-name {
+ type union {
+ type matchall-string-type;
+ type string;
+ }
+ default "*";
+ description
+ "Name of the module associated with this rule.
+
+ This leaf matches if it has the value '*' or if the
+ object being accessed is defined in the module with the
+ specified module name.";
+ }
+ choice rule-type {
+ description
+ "This choice matches if all leafs present in the rule
+ match the request. If no leafs are present, the
+ choice matches all requests.";
+ case protocol-operation {
+ leaf rpc-name {
+ type union {
+ type matchall-string-type;
+ type string;
+ }
+ description
+ "This leaf matches if it has the value '*' or if
+ its value equals the requested protocol operation
+ name.";
+ }
+ }
+ case notification {
+ leaf notification-name {
+ type union {
+ type matchall-string-type;
+ type string;
+ }
+ description
+ "This leaf matches if it has the value '*' or if its
+ value equals the requested notification name.";
+ }
+ }
+
+ case data-node {
+ leaf path {
+ type node-instance-identifier;
+ mandatory true;
+ description
+ "Data node instance-identifier associated with the
+ data node, action, or notification controlled by
+ this rule.
+
+ Configuration data or state data
+ instance-identifiers start with a top-level
+ data node. A complete instance-identifier is
+ required for this type of path value.
+
+ The special value '/' refers to all possible
+ datastore contents.";
+ }
+ }
+ }
+
+ leaf access-operations {
+ type union {
+ type matchall-string-type;
+ type access-operations-type;
+ }
+ default "*";
+ description
+ "Access operations associated with this rule.
+
+ This leaf matches if it has the value '*' or if the
+ bit corresponding to the requested operation is set.";
+ }
+
+ leaf action {
+ type action-type;
+ mandatory true;
+ description
+ "The access control action associated with the
+ rule. If a rule has been determined to match a
+ particular request, then this object is used
+ to determine whether to permit or deny the
+ request.";
+ }
+
+ leaf comment {
+ type string;
+ description
+ "A textual description of the access rule.";
+ }
+ }
+ }
+ }
+}
diff --git a/yang/ietf/ietf-netconf-with-defaults.yang b/yang/ietf/ietf-netconf-with-defaults.yang
new file mode 100644
index 0000000..05ff399
--- /dev/null
+++ b/yang/ietf/ietf-netconf-with-defaults.yang
@@ -0,0 +1,139 @@
+module ietf-netconf-with-defaults {
+
+ namespace "urn:ietf:params:xml:ns:yang:ietf-netconf-with-defaults";
+
+ prefix ncwd;
+
+ import ietf-netconf { prefix nc; }
+
+ organization
+ "IETF NETCONF (Network Configuration Protocol) Working Group";
+
+ contact
+ "WG Web: <http://tools.ietf.org/wg/netconf/>
+
+ WG List: <netconf@ietf.org>
+
+ WG Chair: Bert Wijnen
+ <bertietf@bwijnen.net>
+
+ WG Chair: Mehmet Ersue
+ <mehmet.ersue@nsn.com>
+
+ Editor: Andy Bierman
+ <andy.bierman@brocade.com>
+
+ Editor: Balazs Lengyel
+ <balazs.lengyel@ericsson.com>";
+
+ description
+ "This module defines an extension to the NETCONF protocol
+ that allows the NETCONF client to control how default
+ values are handled by the server in particular NETCONF
+ operations.
+
+ Copyright (c) 2011 IETF Trust and the persons identified as
+ the document authors. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD License
+ set forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (http://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 6243; see
+ the RFC itself for full legal notices.";
+
+ revision 2011-06-01 {
+ description
+ "Initial version.";
+ reference
+ "RFC 6243: With-defaults Capability for NETCONF";
+ }
+
+ typedef with-defaults-mode {
+ description
+ "Possible modes to report default data.";
+ reference
+ "RFC 6243; Section 3.";
+ type enumeration {
+ enum report-all {
+ description
+ "All default data is reported.";
+ reference
+ "RFC 6243; Section 3.1";
+ }
+ enum report-all-tagged {
+ description
+ "All default data is reported.
+ Any nodes considered to be default data
+ will contain a 'default' XML attribute,
+ set to 'true' or '1'.";
+ reference
+ "RFC 6243; Section 3.4";
+ }
+ enum trim {
+ description
+ "Values are not reported if they contain the default.";
+ reference
+ "RFC 6243; Section 3.2";
+ }
+ enum explicit {
+ description
+ "Report values that contain the definition of
+ explicitly set data.";
+ reference
+ "RFC 6243; Section 3.3";
+ }
+ }
+ }
+
+ grouping with-defaults-parameters {
+ description
+ "Contains the <with-defaults> parameter for control
+ of defaults in NETCONF retrieval operations.";
+
+ leaf with-defaults {
+ description
+ "The explicit defaults processing mode requested.";
+ reference
+ "RFC 6243; Section 4.5.1";
+
+ type with-defaults-mode;
+ }
+ }
+
+ // extending the get-config operation
+ augment /nc:get-config/nc:input {
+ description
+ "Adds the <with-defaults> parameter to the
+ input of the NETCONF <get-config> operation.";
+ reference
+ "RFC 6243; Section 4.5.1";
+
+ uses with-defaults-parameters;
+ }
+
+ // extending the get operation
+ augment /nc:get/nc:input {
+ description
+ "Adds the <with-defaults> parameter to
+ the input of the NETCONF <get> operation.";
+ reference
+ "RFC 6243; Section 4.5.1";
+
+ uses with-defaults-parameters;
+ }
+
+ // extending the copy-config operation
+ augment /nc:copy-config/nc:input {
+ description
+ "Adds the <with-defaults> parameter to
+ the input of the NETCONF <copy-config> operation.";
+ reference
+ "RFC 6243; Section 4.5.1";
+
+ uses with-defaults-parameters;
+ }
+}
diff --git a/yang/ietf/ietf-netconf.yang b/yang/ietf/ietf-netconf.yang
new file mode 100644
index 0000000..93927f1
--- /dev/null
+++ b/yang/ietf/ietf-netconf.yang
@@ -0,0 +1,933 @@
+module ietf-netconf {
+
+ // the namespace for NETCONF XML definitions is unchanged
+ // from RFC 4741, which this document replaces
+ namespace "urn:ietf:params:xml:ns:netconf:base:1.0";
+
+ prefix nc;
+
+ import ietf-inet-types {
+ prefix inet;
+ }
+
+ import ietf-netconf-acm { prefix nacm; }
+
+ organization
+ "IETF NETCONF (Network Configuration) Working Group";
+
+ contact
+ "WG Web: <http://tools.ietf.org/wg/netconf/>
+ WG List: <netconf@ietf.org>
+
+ WG Chair: Bert Wijnen
+ <bertietf@bwijnen.net>
+
+ WG Chair: Mehmet Ersue
+ <mehmet.ersue@nsn.com>
+
+ Editor: Martin Bjorklund
+ <mbj@tail-f.com>
+
+ Editor: Juergen Schoenwaelder
+ <j.schoenwaelder@jacobs-university.de>
+
+ Editor: Andy Bierman
+ <andy.bierman@brocade.com>";
+ description
+ "NETCONF Protocol Data Types and Protocol Operations.
+
+ Copyright (c) 2011 IETF Trust and the persons identified as
+ the document authors. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD License
+ set forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (http://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 6241; see
+ the RFC itself for full legal notices.";
+
+ revision 2011-06-01 {
+ description
+ "Initial revision;
+ 2013-09-29: Updated to include NACM attributes,
+ as specified in RFC 6536: sec 3.2.5 and 3.2.8";
+ reference
+ "RFC 6241: Network Configuration Protocol";
+ }
+
+ extension get-filter-element-attributes {
+ description
+ "If this extension is present within an 'anyxml'
+ statement named 'filter', which must be conceptually
+ defined within the RPC input section for the <get>
+ and <get-config> protocol operations, then the
+ following unqualified XML attribute is supported
+ within the <filter> element, within a <get> or
+ <get-config> protocol operation:
+
+ type : optional attribute with allowed
+ value strings 'subtree' and 'xpath'.
+ If missing, the default value is 'subtree'.
+
+ If the 'xpath' feature is supported, then the
+ following unqualified XML attribute is
+ also supported:
+
+ select: optional attribute containing a
+ string representing an XPath expression.
+ The 'type' attribute must be equal to 'xpath'
+ if this attribute is present.";
+ }
+
+ // NETCONF capabilities defined as features
+ feature writable-running {
+ description
+ "NETCONF :writable-running capability;
+ If the server advertises the :writable-running
+ capability for a session, then this feature must
+ also be enabled for that session. Otherwise,
+ this feature must not be enabled.";
+ reference "RFC 6241, Section 8.2";
+ }
+
+ feature candidate {
+ description
+ "NETCONF :candidate capability;
+ If the server advertises the :candidate
+ capability for a session, then this feature must
+ also be enabled for that session. Otherwise,
+ this feature must not be enabled.";
+ reference "RFC 6241, Section 8.3";
+ }
+
+ feature confirmed-commit {
+ if-feature candidate;
+ description
+ "NETCONF :confirmed-commit:1.1 capability;
+ If the server advertises the :confirmed-commit:1.1
+ capability for a session, then this feature must
+ also be enabled for that session. Otherwise,
+ this feature must not be enabled.";
+
+ reference "RFC 6241, Section 8.4";
+ }
+
+ feature rollback-on-error {
+ description
+ "NETCONF :rollback-on-error capability;
+ If the server advertises the :rollback-on-error
+ capability for a session, then this feature must
+ also be enabled for that session. Otherwise,
+ this feature must not be enabled.";
+ reference "RFC 6241, Section 8.5";
+ }
+
+ feature validate {
+ description
+ "NETCONF :validate:1.1 capability;
+ If the server advertises the :validate:1.1
+ capability for a session, then this feature must
+ also be enabled for that session. Otherwise,
+ this feature must not be enabled.";
+ reference "RFC 6241, Section 8.6";
+ }
+
+ feature startup {
+ description
+ "NETCONF :startup capability;
+ If the server advertises the :startup
+ capability for a session, then this feature must
+ also be enabled for that session. Otherwise,
+ this feature must not be enabled.";
+ reference "RFC 6241, Section 8.7";
+ }
+
+ feature url {
+ description
+ "NETCONF :url capability;
+ If the server advertises the :url
+ capability for a session, then this feature must
+ also be enabled for that session. Otherwise,
+ this feature must not be enabled.";
+ reference "RFC 6241, Section 8.8";
+ }
+
+ feature xpath {
+ description
+ "NETCONF :xpath capability;
+ If the server advertises the :xpath
+ capability for a session, then this feature must
+ also be enabled for that session. Otherwise,
+ this feature must not be enabled.";
+ reference "RFC 6241, Section 8.9";
+ }
+
+ // NETCONF Simple Types
+
+ typedef session-id-type {
+ type uint32 {
+ range "1..max";
+ }
+ description
+ "NETCONF Session Id";
+ }
+
+ typedef session-id-or-zero-type {
+ type uint32;
+ description
+ "NETCONF Session Id or Zero to indicate none";
+ }
+ typedef error-tag-type {
+ type enumeration {
+ enum in-use {
+ description
+ "The request requires a resource that
+ already is in use.";
+ }
+ enum invalid-value {
+ description
+ "The request specifies an unacceptable value for one
+ or more parameters.";
+ }
+ enum too-big {
+ description
+ "The request or response (that would be generated) is
+ too large for the implementation to handle.";
+ }
+ enum missing-attribute {
+ description
+ "An expected attribute is missing.";
+ }
+ enum bad-attribute {
+ description
+ "An attribute value is not correct; e.g., wrong type,
+ out of range, pattern mismatch.";
+ }
+ enum unknown-attribute {
+ description
+ "An unexpected attribute is present.";
+ }
+ enum missing-element {
+ description
+ "An expected element is missing.";
+ }
+ enum bad-element {
+ description
+ "An element value is not correct; e.g., wrong type,
+ out of range, pattern mismatch.";
+ }
+ enum unknown-element {
+ description
+ "An unexpected element is present.";
+ }
+ enum unknown-namespace {
+ description
+ "An unexpected namespace is present.";
+ }
+ enum access-denied {
+ description
+ "Access to the requested protocol operation or
+ data model is denied because authorization failed.";
+ }
+ enum lock-denied {
+ description
+ "Access to the requested lock is denied because the
+ lock is currently held by another entity.";
+ }
+ enum resource-denied {
+ description
+ "Request could not be completed because of
+ insufficient resources.";
+ }
+ enum rollback-failed {
+ description
+ "Request to roll back some configuration change (via
+ rollback-on-error or <discard-changes> operations)
+ was not completed for some reason.";
+
+ }
+ enum data-exists {
+ description
+ "Request could not be completed because the relevant
+ data model content already exists. For example,
+ a 'create' operation was attempted on data that
+ already exists.";
+ }
+ enum data-missing {
+ description
+ "Request could not be completed because the relevant
+ data model content does not exist. For example,
+ a 'delete' operation was attempted on
+ data that does not exist.";
+ }
+ enum operation-not-supported {
+ description
+ "Request could not be completed because the requested
+ operation is not supported by this implementation.";
+ }
+ enum operation-failed {
+ description
+ "Request could not be completed because the requested
+ operation failed for some reason not covered by
+ any other error condition.";
+ }
+ enum partial-operation {
+ description
+ "This error-tag is obsolete, and SHOULD NOT be sent
+ by servers conforming to this document.";
+ }
+ enum malformed-message {
+ description
+ "A message could not be handled because it failed to
+ be parsed correctly. For example, the message is not
+ well-formed XML or it uses an invalid character set.";
+ }
+ }
+ description "NETCONF Error Tag";
+ reference "RFC 6241, Appendix A";
+ }
+
+ typedef error-severity-type {
+ type enumeration {
+ enum error {
+ description "Error severity";
+ }
+ enum warning {
+ description "Warning severity";
+ }
+ }
+ description "NETCONF Error Severity";
+ reference "RFC 6241, Section 4.3";
+ }
+
+ typedef edit-operation-type {
+ type enumeration {
+ enum merge {
+ description
+ "The configuration data identified by the
+ element containing this attribute is merged
+ with the configuration at the corresponding
+ level in the configuration datastore identified
+ by the target parameter.";
+ }
+ enum replace {
+ description
+ "The configuration data identified by the element
+ containing this attribute replaces any related
+ configuration in the configuration datastore
+ identified by the target parameter. If no such
+ configuration data exists in the configuration
+ datastore, it is created. Unlike a
+ <copy-config> operation, which replaces the
+ entire target configuration, only the configuration
+ actually present in the config parameter is affected.";
+ }
+ enum create {
+ description
+ "The configuration data identified by the element
+ containing this attribute is added to the
+ configuration if and only if the configuration
+ data does not already exist in the configuration
+ datastore. If the configuration data exists, an
+ <rpc-error> element is returned with an
+ <error-tag> value of 'data-exists'.";
+ }
+ enum delete {
+ description
+ "The configuration data identified by the element
+ containing this attribute is deleted from the
+ configuration if and only if the configuration
+ data currently exists in the configuration
+ datastore. If the configuration data does not
+ exist, an <rpc-error> element is returned with
+ an <error-tag> value of 'data-missing'.";
+ }
+ enum remove {
+ description
+ "The configuration data identified by the element
+ containing this attribute is deleted from the
+ configuration if the configuration
+ data currently exists in the configuration
+ datastore. If the configuration data does not
+ exist, the 'remove' operation is silently ignored
+ by the server.";
+ }
+ }
+ default "merge";
+ description "NETCONF 'operation' attribute values";
+ reference "RFC 6241, Section 7.2";
+ }
+
+ // NETCONF Standard Protocol Operations
+
+ rpc get-config {
+ description
+ "Retrieve all or part of a specified configuration.";
+
+ reference "RFC 6241, Section 7.1";
+
+ input {
+ container source {
+ description
+ "Particular configuration to retrieve.";
+
+ choice config-source {
+ mandatory true;
+ description
+ "The configuration to retrieve.";
+ leaf candidate {
+ if-feature candidate;
+ type empty;
+ description
+ "The candidate configuration is the config source.";
+ }
+ leaf running {
+ type empty;
+ description
+ "The running configuration is the config source.";
+ }
+ leaf startup {
+ if-feature startup;
+ type empty;
+ description
+ "The startup configuration is the config source.
+ This is optional-to-implement on the server because
+ not all servers will support filtering for this
+ datastore.";
+ }
+ }
+ }
+
+ anyxml filter {
+ description
+ "Subtree or XPath filter to use.";
+ nc:get-filter-element-attributes;
+ }
+ }
+
+ output {
+ anyxml data {
+ description
+ "Copy of the source datastore subset that matched
+ the filter criteria (if any). An empty data container
+ indicates that the request did not produce any results.";
+ }
+ }
+ }
+
+ rpc edit-config {
+ description
+ "The <edit-config> operation loads all or part of a specified
+ configuration to the specified target configuration.";
+
+ reference "RFC 6241, Section 7.2";
+
+ input {
+ container target {
+ description
+ "Particular configuration to edit.";
+
+ choice config-target {
+ mandatory true;
+ description
+ "The configuration target.";
+
+ leaf candidate {
+ if-feature candidate;
+ type empty;
+ description
+ "The candidate configuration is the config target.";
+ }
+ leaf running {
+ if-feature writable-running;
+ type empty;
+ description
+ "The running configuration is the config source.";
+ }
+ }
+ }
+
+ leaf default-operation {
+ type enumeration {
+ enum merge {
+ description
+ "The default operation is merge.";
+ }
+ enum replace {
+ description
+ "The default operation is replace.";
+ }
+ enum none {
+ description
+ "There is no default operation.";
+ }
+ }
+ default "merge";
+ description
+ "The default operation to use.";
+ }
+
+ leaf test-option {
+ if-feature validate;
+ type enumeration {
+ enum test-then-set {
+ description
+ "The server will test and then set if no errors.";
+ }
+ enum set {
+ description
+ "The server will set without a test first.";
+ }
+
+ enum test-only {
+ description
+ "The server will only test and not set, even
+ if there are no errors.";
+ }
+ }
+ default "test-then-set";
+ description
+ "The test option to use.";
+ }
+
+ leaf error-option {
+ type enumeration {
+ enum stop-on-error {
+ description
+ "The server will stop on errors.";
+ }
+ enum continue-on-error {
+ description
+ "The server may continue on errors.";
+ }
+ enum rollback-on-error {
+ description
+ "The server will roll back on errors.
+ This value can only be used if the 'rollback-on-error'
+ feature is supported.";
+ }
+ }
+ default "stop-on-error";
+ description
+ "The error option to use.";
+ }
+
+ choice edit-content {
+ mandatory true;
+ description
+ "The content for the edit operation.";
+
+ anyxml config {
+ description
+ "Inline Config content.";
+ }
+ leaf url {
+ if-feature url;
+ type inet:uri;
+ description
+ "URL-based config content.";
+ }
+ }
+ }
+ }
+
+ rpc copy-config {
+ description
+ "Create or replace an entire configuration datastore with the
+ contents of another complete configuration datastore.";
+
+ reference "RFC 6241, Section 7.3";
+
+ input {
+ container target {
+ description
+ "Particular configuration to copy to.";
+
+ choice config-target {
+ mandatory true;
+ description
+ "The configuration target of the copy operation.";
+
+ leaf candidate {
+ if-feature candidate;
+ type empty;
+ description
+ "The candidate configuration is the config target.";
+ }
+ leaf running {
+ if-feature writable-running;
+ type empty;
+ description
+ "The running configuration is the config target.
+ This is optional-to-implement on the server.";
+ }
+ leaf startup {
+ if-feature startup;
+ type empty;
+ description
+ "The startup configuration is the config target.";
+ }
+ leaf url {
+ if-feature url;
+ type inet:uri;
+ description
+ "The URL-based configuration is the config target.";
+ }
+ }
+ }
+
+ container source {
+ description
+ "Particular configuration to copy from.";
+
+ choice config-source {
+ mandatory true;
+ description
+ "The configuration source for the copy operation.";
+
+ leaf candidate {
+ if-feature candidate;
+ type empty;
+ description
+ "The candidate configuration is the config source.";
+ }
+ leaf running {
+ type empty;
+ description
+ "The running configuration is the config source.";
+ }
+ leaf startup {
+ if-feature startup;
+ type empty;
+ description
+ "The startup configuration is the config source.";
+ }
+ leaf url {
+ if-feature url;
+ type inet:uri;
+ description
+ "The URL-based configuration is the config source.";
+ }
+ anyxml config {
+ description
+ "Inline Config content: <config> element. Represents
+ an entire configuration datastore, not
+ a subset of the running datastore.";
+ }
+ }
+ }
+ }
+ }
+
+ rpc delete-config {
+ nacm:default-deny-all;
+ description
+ "Delete a configuration datastore.";
+
+ reference "RFC 6241, Section 7.4";
+
+ input {
+ container target {
+ description
+ "Particular configuration to delete.";
+
+ choice config-target {
+ mandatory true;
+ description
+ "The configuration target to delete.";
+
+ leaf startup {
+ if-feature startup;
+ type empty;
+ description
+ "The startup configuration is the config target.";
+ }
+ leaf url {
+ if-feature url;
+ type inet:uri;
+ description
+ "The URL-based configuration is the config target.";
+ }
+ }
+ }
+ }
+ }
+
+ rpc lock {
+ description
+ "The lock operation allows the client to lock the configuration
+ system of a device.";
+
+ reference "RFC 6241, Section 7.5";
+
+ input {
+ container target {
+ description
+ "Particular configuration to lock.";
+
+ choice config-target {
+ mandatory true;
+ description
+ "The configuration target to lock.";
+
+ leaf candidate {
+ if-feature candidate;
+ type empty;
+ description
+ "The candidate configuration is the config target.";
+ }
+ leaf running {
+ type empty;
+ description
+ "The running configuration is the config target.";
+ }
+ leaf startup {
+ if-feature startup;
+ type empty;
+ description
+ "The startup configuration is the config target.";
+ }
+ }
+ }
+ }
+ }
+
+ rpc unlock {
+ description
+ "The unlock operation is used to release a configuration lock,
+ previously obtained with the 'lock' operation.";
+
+ reference "RFC 6241, Section 7.6";
+
+ input {
+ container target {
+ description
+ "Particular configuration to unlock.";
+
+ choice config-target {
+ mandatory true;
+ description
+ "The configuration target to unlock.";
+
+ leaf candidate {
+ if-feature candidate;
+ type empty;
+ description
+ "The candidate configuration is the config target.";
+ }
+ leaf running {
+ type empty;
+ description
+ "The running configuration is the config target.";
+ }
+ leaf startup {
+ if-feature startup;
+ type empty;
+ description
+ "The startup configuration is the config target.";
+ }
+ }
+ }
+ }
+ }
+
+ rpc get {
+ description
+ "Retrieve running configuration and device state information.";
+
+ reference "RFC 6241, Section 7.7";
+
+ input {
+ anyxml filter {
+ description
+ "This parameter specifies the portion of the system
+ configuration and state data to retrieve.";
+ nc:get-filter-element-attributes;
+ }
+ }
+
+ output {
+ anyxml data {
+ description
+ "Copy of the running datastore subset and/or state
+ data that matched the filter criteria (if any).
+ An empty data container indicates that the request did not
+ produce any results.";
+ }
+ }
+ }
+
+ rpc close-session {
+ description
+ "Request graceful termination of a NETCONF session.";
+
+ reference "RFC 6241, Section 7.8";
+ }
+
+ rpc kill-session {
+ nacm:default-deny-all;
+ description
+ "Force the termination of a NETCONF session.";
+
+ reference "RFC 6241, Section 7.9";
+
+ input {
+ leaf session-id {
+ type session-id-type;
+ mandatory true;
+ description
+ "Particular session to kill.";
+ }
+ }
+ }
+
+ rpc commit {
+ if-feature candidate;
+
+ description
+ "Commit the candidate configuration as the device's new
+ current configuration.";
+
+ reference "RFC 6241, Section 8.3.4.1";
+
+ input {
+ leaf confirmed {
+ if-feature confirmed-commit;
+ type empty;
+ description
+ "Requests a confirmed commit.";
+ reference "RFC 6241, Section 8.3.4.1";
+ }
+
+ leaf confirm-timeout {
+ if-feature confirmed-commit;
+ type uint32 {
+ range "1..max";
+ }
+ units "seconds";
+ default "600"; // 10 minutes
+ description
+ "The timeout interval for a confirmed commit.";
+ reference "RFC 6241, Section 8.3.4.1";
+ }
+
+ leaf persist {
+ if-feature confirmed-commit;
+ type string;
+ description
+ "This parameter is used to make a confirmed commit
+ persistent. A persistent confirmed commit is not aborted
+ if the NETCONF session terminates. The only way to abort
+ a persistent confirmed commit is to let the timer expire,
+ or to use the <cancel-commit> operation.
+
+ The value of this parameter is a token that must be given
+ in the 'persist-id' parameter of <commit> or
+ <cancel-commit> operations in order to confirm or cancel
+ the persistent confirmed commit.
+
+ The token should be a random string.";
+ reference "RFC 6241, Section 8.3.4.1";
+ }
+
+ leaf persist-id {
+ if-feature confirmed-commit;
+ type string;
+ description
+ "This parameter is given in order to commit a persistent
+ confirmed commit. The value must be equal to the value
+ given in the 'persist' parameter to the <commit> operation.
+ If it does not match, the operation fails with an
+ 'invalid-value' error.";
+ reference "RFC 6241, Section 8.3.4.1";
+ }
+
+ }
+ }
+
+ rpc discard-changes {
+ if-feature candidate;
+
+ description
+ "Revert the candidate configuration to the current
+ running configuration.";
+ reference "RFC 6241, Section 8.3.4.2";
+ }
+
+ rpc cancel-commit {
+ if-feature confirmed-commit;
+ description
+ "This operation is used to cancel an ongoing confirmed commit.
+ If the confirmed commit is persistent, the parameter
+ 'persist-id' must be given, and it must match the value of the
+ 'persist' parameter.";
+ reference "RFC 6241, Section 8.4.4.1";
+
+ input {
+ leaf persist-id {
+ type string;
+ description
+ "This parameter is given in order to cancel a persistent
+ confirmed commit. The value must be equal to the value
+ given in the 'persist' parameter to the <commit> operation.
+ If it does not match, the operation fails with an
+ 'invalid-value' error.";
+ }
+ }
+ }
+
+ rpc validate {
+ if-feature validate;
+
+ description
+ "Validates the contents of the specified configuration.";
+
+ reference "RFC 6241, Section 8.6.4.1";
+
+ input {
+ container source {
+ description
+ "Particular configuration to validate.";
+
+ choice config-source {
+ mandatory true;
+ description
+ "The configuration source to validate.";
+
+ leaf candidate {
+ if-feature candidate;
+ type empty;
+ description
+ "The candidate configuration is the config source.";
+ }
+ leaf running {
+ type empty;
+ description
+ "The running configuration is the config source.";
+ }
+ leaf startup {
+ if-feature startup;
+ type empty;
+ description
+ "The startup configuration is the config source.";
+ }
+ leaf url {
+ if-feature url;
+ type inet:uri;
+ description
+ "The URL-based configuration is the config source.";
+ }
+ anyxml config {
+ description
+ "Inline Config content: <config> element. Represents
+ an entire configuration datastore, not
+ a subset of the running datastore.";
+ }
+ }
+ }
+ }
+ }
+}
diff --git a/yang/subdir.am b/yang/subdir.am
index eb17c38..0bdf937 100644
--- a/yang/subdir.am
+++ b/yang/subdir.am
@@ -38,6 +38,9 @@ dist_yangmodels_DATA += yang/frr-routing.yang
dist_yangmodels_DATA += yang/ietf/ietf-routing-types.yang
dist_yangmodels_DATA += yang/ietf/ietf-interfaces.yang
dist_yangmodels_DATA += yang/ietf/ietf-bgp-types.yang
+dist_yangmodels_DATA += yang/ietf/ietf-netconf-acm.yang
+dist_yangmodels_DATA += yang/ietf/ietf-netconf.yang
+dist_yangmodels_DATA += yang/ietf/ietf-netconf-with-defaults.yang
if BFDD
dist_yangmodels_DATA += yang/frr-bfdd.yang