netconfcentral logo

ietf-sdwan-svc@2019-06-06



  module ietf-sdwan-svc {

    yang-version 1.1;

    namespace
      "urn:ietf:params:xml:ns:yang:ietf-sdwan-svc";

    prefix sdwan-svc;

    import ietf-inet-types {
      prefix inet;
    }
    import ietf-yang-types {
      prefix yang;
    }

    organization "IETF foo Working Group.";

    contact
      "WG List: foo@ietf.org
     Editor:  ";

    description
      "The YANG module defines a generic service configuration
     model for Managed SD-WAN.";

    revision "2019-06-06" {
      description "Initial revision";
      reference
        "A YANG Data Model for SD-WAN service.";

    }


    typedef svc-id {
      type string;
      description
        "Type definition for service identifier";
    }

    typedef address-family {
      type enumeration {
        enum "ipv4" {
          value 0;
          description "IPv4 address family.";
        }
        enum "ipv6" {
          value 1;
          description "IPv6 address family.";
        }
      }
      description
        "Defines a type for the address family.";
    }

    typedef neg-mode {
      type enumeration {
        enum "full-duplex" {
          value 0;
          description
            "Defining Full duplex mode";
        }
        enum "auto-neg" {
          value 1;
          description
            "Defining Auto negotiation mode";
        }
      }
      description
        "Defining a type of the negotiation mode";
    }

    typedef device-type {
      type enumeration {
        enum "physical" {
          value 0;
          description "Physical device";
        }
        enum "virtual" {
          value 1;
          description "Virtual device";
        }
      }
      description "Defines device types.";
    }

    identity device-type {
      base 
      description
        "Base identity for device type.";
    }

    identity virtual-ce {
      base device-type;
      description "Identity for virtual-ce.";
    }

    identity physical-ce {
      base device-type;
      description
        "Identity for physical-ce.";
    }

    identity customer-application {
      base 
      description
        "Base identity for customer application.";
    }

    identity web {
      base customer-application;
      description
        "Identity for Web application (e.g., HTTP, HTTPS).";
    }

    identity mail {
      base customer-application;
      description
        "Identity for mail application.";
    }

    identity file-transfer {
      base customer-application;
      description
        "Identity for file transfer application (e.g., FTP, SFTP).";
    }

    identity database {
      base customer-application;
      description
        "Identity for database application.";
    }

    identity social {
      base customer-application;
      description
        "Identity for social-network application.";
    }

    identity games {
      base customer-application;
      description
        "Identity for gaming application.";
    }

    identity p2p {
      base customer-application;
      description
        "Identity for peer-to-peer application.";
    }

    identity network-management {
      base customer-application;
      description
        "Identity for management application
       (e.g., Telnet, syslog, SNMP).";
    }

    identity voice {
      base customer-application;
      description
        "Identity for voice application.";
    }

    identity video {
      base customer-application;
      description
        "Identity for video conference application.";
    }

    identity eth-inf-type {
      base 
      description
        "Identity of the Ethernet interface type.";
    }

    identity tagged {
      base eth-inf-type;
      description
        "Identity of the tagged interface type.";
    }

    identity untagged {
      base eth-inf-type;
      description
        "Identity of the untagged interface type.";
    }

    identity lag {
      base eth-inf-type;
      description
        "Identity of the LAG interface type.";
    }

    identity tag-type {
      base 
      description
        "Base identity from which all tag types
       are derived from";
    }

    identity c-vlan {
      base tag-type;
      description
        "A Customer-VLAN tag, normally using the 0x8100
       Ethertype";
    }

    identity tagged-inf-type {
      base 
      description
        "Identity for the tagged
       interface type.";
    }

    identity dot1q {
      base tagged-inf-type;
      description
        "Identity for dot1q vlan tagged interface.";
    }

    identity priority-tagged {
      base tagged-inf-type;
      description
        "This identity the priority-tagged interface.";
    }

    identity vpn-topology {
      base 
      description
        "Base identity for vpn topology.";
    }

    identity any-to-any {
      base vpn-topology;
      description
        "Identity for any-to-any VPN topology.";
    }

    identity hub-spoke {
      base vpn-topology;
      description
        "Identity for Hub-and-Spoke VPN topology.";
    }

    identity site-role {
      base 
      description
        "Site Role in a VPN topology ";
    }

    identity any-to-any-role {
      base site-role;
      description
        "Site in an any-to-any IP VPN.";
    }

    identity hub {
      base site-role;
      description
        "Hub Role in Hub-and-Spoke IP VPN.";
    }

    identity spoke {
      base site-role;
      description
        "Spoke Role in Hub-and-Spoke IP VPN.";
    }

    identity access-type {
      base 
      description
        "Access type of a site in a connection to different WAN";
    }

    identity commodity {
      base access-type;
      description "Internet access";
    }

    identity cellular {
      base access-type;
      description
        "Refers to a subset of 3G/4G/LTE and 5G";
    }

    identity private {
      base access-type;
      description
        "Refers to private circuits such as Ethernet, T1, etc";
    }

    identity routing-protocol-type {
      base 
      description
        "Base identity for routing protocol type.";
    }

    identity ospf {
      base routing-protocol-type;
      description
        "Identity for OSPF protocol type.";
    }

    identity bgp {
      base routing-protocol-type;
      description
        "Identity for BGP protocol type.";
    }

    identity static {
      base routing-protocol-type;
      description
        "Identity for static routing protocol type.";
    }

    identity address-allocation-type {
      base 
      description
        "Base identity for address-allocation-type for PE-CE link.";
    }

    identity dhcp {
      base address-allocation-type;
      description
        "Provider network provides DHCP service to customer.";
    }

    identity static-address {
      base address-allocation-type;
      description
        "Provider-to-customer addressing is static.";
    }

    identity slaac {
      base address-allocation-type;
      description "Use IPv6 SLAAC.";
    }

    identity ll-only {
      base address-allocation-type;
      description "Use IPv6 Link Local.";
    }

    identity traffic-direction {
      base 
      description
        "Base identity for traffic direction";
    }

    identity inbound {
      base traffic-direction;
      description "Identity for inbound";
    }

    identity outbound {
      base traffic-direction;
      description "Identity for outbound";
    }

    identity both {
      base traffic-direction;
      description "Identity for both";
    }

    identity traffic-action {
      base 
      description
        "Base identity for traffic action";
    }

    identity permit {
      base traffic-action;
      description
        "Identity for permit action";
    }

    identity deny {
      base traffic-action;
      description "Identity for deny action";
    }

    identity bd-limit-type {
      base 
      description
        "base identity for bd limit type";
    }

    identity percent {
      base bd-limit-type;
      description "Identity for percent";
    }

    identity value {
      base bd-limit-type;
      description "Identity for value";
    }

    identity protocol-type {
      base 
      description
        "Base identity for protocol field type.";
    }

    identity tcp {
      base protocol-type;
      description "TCP protocol type.";
    }

    identity udp {
      base protocol-type;
      description "UDP protocol type.";
    }

    identity icmp {
      base protocol-type;
      description "ICMP protocol type.";
    }

    identity icmp6 {
      base protocol-type;
      description "ICMPv6 protocol type.";
    }

    identity gre {
      base protocol-type;
      description "GRE protocol type.";
    }

    identity ipip {
      base protocol-type;
      description "IP-in-IP protocol type.";
    }

    identity hop-by-hop {
      base protocol-type;
      description
        "Hop-by-Hop IPv6 header type.";
    }

    identity routing {
      base protocol-type;
      description
        "Routing IPv6 header type.";
    }

    identity esp {
      base protocol-type;
      description "ESP header type.";
    }

    identity ah {
      base protocol-type;
      description "AH header type.";
    }

    grouping vpn-endpoint {
      description
        "grouping for vpn endpoint";
      leaf endpoint-id {
        type svc-id;
        description
          "Identity for the vpn endpoint";
      }

      leaf site-role {
        type identityref {
          base site-role;
        }
        default "any-to-any-role";
        description
          "Role of the site in the VPN.";
      }

      container site-attachment {
        description
          "Defines site attachment to a vpn endpoint.";
        leaf site-id {
          type leafref {
            path
              "/sdwan-svc/sites/site/site-id";
          }
          description
            "Defines site id attached.";
        }
      }  // container site-attachment

      container endpoint-policy-map {
        description
          "Identity for policy maps";
        list app-group-policy {
          key "app-group-id";
          description
            "list for application group policy";
          leaf app-group-id {
            type leafref {
              path
                "/sdwan-svc/vpn-services/vpn-service"
                  + "/application-group/app-group-id";
            }
            description
              "Identity for application";
          }

          leaf policy-id {
            type leafref {
              path
                "/sdwan-svc/vpn-services/vpn-service/policy/policy-id";
            }
            description "Identity for value";
          }
        }  // list app-group-policy

        list app-policy {
          key "app-id";
          description
            "list for application policy";
          leaf app-id {
            type leafref {
              path
                "/sdwan-svc/vpn-services/vpn-service"
                  + "/application/app-id";
            }
            description
              "Identity for application";
          }

          leaf policy-id {
            type leafref {
              path
                "/sdwan-svc/vpn-services/vpn-service/policy/policy-id";
            }
            description "Identity for value";
          }
        }  // list app-policy
      }  // container endpoint-policy-map
    }  // grouping vpn-endpoint

    grouping flow-definition {
      description
        "Grouping for flow definition.";
      container match-flow {
        description
          "Describes flow-matching criteria.";
        leaf ethertype {
          type uint16;
          description
            "Ethertype value, e.g. 0800 for IPv4.";
        }

        leaf cvlan {
          type uint8 {
            range "0..7";
          }
          description "802.1Q matching.";
        }

        leaf ipv4-src-prefix {
          type inet:ipv4-prefix;
          description
            "Match on IPv4 src address.";
        }

        leaf ipv4-dst-prefix {
          type inet:ipv4-prefix;
          description
            "Match on IPv4 dst address.";
        }

        leaf l4-src-port {
          type inet:port-number;
          description
            "Match on Layer 4 src port.";
        }

        leaf l4-dst-port {
          type inet:port-number;
          description
            "Match on Layer 4 dst port.";
        }

        leaf ipv6-src-prefix {
          type inet:ipv6-prefix;
          description
            "Match on IPv6 src address.";
        }

        leaf ipv6-dst-prefix {
          type inet:ipv6-prefix;
          description
            "Match on IPv6 dst address.";
        }

        leaf protocol-field {
          type union {
            type uint8;
            type identityref {
              base protocol-type;
            }
          }
          description
            "Match on IPv4 protocol or IPv6 Next Header field.";
        }
      }  // container match-flow
    }  // grouping flow-definition

    grouping application-criteria {
      description
        "This grouping defines QoS parameters for a site.";
      list ac {
        key "name";
        ordered-by user;
        description "List of marking rules.";
        leaf name {
          type string;
          description
            "A description identifying application classification
           criteria.";
        }

        choice match-type {
          default "match-flow";
          description
            "Choice for classification.";
          case match-flow {
            uses flow-definition;
          }  // case match-flow
          leaf match-application {
            type identityref {
              base customer-application;
            }
            description
              "Defines the application to match.";
          }
        }  // choice match-type
      }  // list ac
    }  // grouping application-criteria

    grouping vpn-service {
      description "Grouping of vpn service";
      leaf vpn-id {
        type svc-id;
        description "Identity for VPN.";
      }

      leaf topology {
        type identityref {
          base vpn-topology;
        }
        description
          "vpn topology: hub-and-spoke or any-to-any";
      }

      container performance-objective {
        description
          "The performance objective.";
        leaf start-time {
          type yang:date-and-time;
          description
            "start-time indicates date and time.";
        }

        leaf duration {
          type string;
          description "Time duration.";
        }

        container uptime-objective {
          description "Uptime objective.";
          leaf duration {
            type decimal64 {
              fraction-digits 5;
              range "0..100";
            }
            units "percent";
            description
              "To be used to define the a percentage of the available
             service.";
          }
        }  // container uptime-objective
      }  // container performance-objective

      container reserved-prefixes {
        description
          "ip prefix list reserved for SP management purpose.";
        leaf-list prefix {
          type inet:ip-prefix;
          description
            "ip prefix reserved for SP management purpose.";
        }
      }  // container reserved-prefixes

      list application {
        key "app-id";
        description "list for application";
        leaf app-id {
          type svc-id;
          description "application name";
        }

        uses application-criteria;
      }  // list application

      list application-group {
        key "app-group-id";
        description
          "list for application group";
        leaf app-group-id {
          type svc-id;
          description "application name";
        }

        leaf-list app-id {
          type leafref {
            path "../../application/app-id";
          }
          description
            "application member list in an application group";
        }
      }  // list application-group

      list policy {
        key "policy-id";
        description "List for policy";
        leaf policy-id {
          type svc-id;
          description "Policy names";
        }

        container policy-package {
          description
            "Container for policy package";
          leaf encryption {
            type enumeration {
              enum "yes" {
                value 0;
                description
                  "Indicates whether or not the application flow requires
                 to send over encrypted overlay tunnel.";
              }
              enum "either" {
                value 1;
                description
                  " Either means this policy is not applied";
              }
            }
            description
              "Indicates whether or not the application flow requires
             encryption.";
          }

          leaf public-private {
            type enumeration {
              enum "private-only" {
                value 0;
                description
                  "The private WAN underlay is specified.";
              }
              enum "either" {
                value 1;
                description
                  "Both public WAN or private WAN could be used";
              }
            }
            description
              "Indicates whether the Application Flow can traverse
             Public or Private Underlay Connectivity Services
             (or both).Either means this policy is not applied.";
          }

          leaf local-breakout {
            type boolean;
            description
              "indicates whether the Application Flow should be
             routed directly to the Internet using Local Internet
             Breakout.It can have values Yes and No.";
          }

          leaf billing-method {
            type enumeration {
              enum "flat-only" {
                value 0;
                description
                  "Only flat-rate underlay could be used for the
                 traffic.";
              }
              enum "either" {
                value 1;
                description
                  "Either flat-rate or usage based underlay could
                 be used for the traffic.";
              }
            }
            description "billing policy.";
          }

          leaf backup-path {
            type enumeration {
              enum "yes" {
                value 0;
                description
                  "Only the primary tunnel overlay could be used for
                 the traffic.";
              }
              enum "no" {
                value 1;
                description
                  "Either the primary or backup overlay tunnel could be
                 used for the traffic.";
              }
            }
            description
              "overlay connection as Primary or both Primary and
             Backup.";
          }

          container bandwidth {
            description
              "Container for the bandwidth policy";
            leaf commit {
              type uint32;
              description "CIR";
            }

            leaf max {
              type uint32;
              description "max speed ";
            }
          }  // container bandwidth
        }  // container policy-package
      }  // list policy

      list endpoints {
        key "endpoint-id";
        description "List of endpoints.";
        uses vpn-endpoint;
      }  // list endpoints
    }  // grouping vpn-service

    grouping site-l2-technology {
      description
        "grouping for l2 technology.";
      container l2-technology {
        description
          "Container for l2 technology.";
        leaf l2-type {
          type identityref {
            base eth-inf-type;
          }
          default "untagged";
          description
            "Defines physical properties of an interface. By default, the
            Ethernet interface type is set to 'untagged'.";
        }

        container untagged-interface {
          description
            "Container of Untagged Interface Attributes
           configurations.";
          leaf speed {
            type uint32;
            units "mbps";
            default "10";
            description "Port speed.";
          }

          leaf mode {
            type neg-mode;
            default "auto-neg";
            description "Negotiation mode.";
          }
        }  // container untagged-interface

        container tagged-interface {
          description
            "Container for tagged Interface.";
          leaf type {
            type identityref {
              base tagged-inf-type;
            }
            default "dot1q";
            description
              "Tagged interface type. By default,
             the Tagged interface type is dot1q interface. ";
          }

          container dot1q-vlan-tagged {
            description "Tagged interface.";
            leaf tg-type {
              type identityref {
                base tag-type;
              }
              default "c-vlan";
              description
                "TAG type.By default, Tag type is Customer-VLAN tag.";
            }

            leaf cvlan-id {
              type uint16;
              mandatory true;
              description "VLAN identifier.";
            }
          }  // container dot1q-vlan-tagged

          container priority-tagged {
            description "Priority tagged.";
            leaf tag-type {
              type identityref {
                base tag-type;
              }
              default "c-vlan";
              description
                "TAG type.By default, the TAG type is
               Customer-VLAN tag.";
            }
          }  // container priority-tagged
        }  // container tagged-interface

        leaf l2-mtu {
          type uint32;
          units "bytes";
          description
            " L2 Maximum Frame Size MUST be an integer number of bytes
           >= 1522MTU.";
        }
      }  // container l2-technology
    }  // grouping site-l2-technology

    grouping site-ip-connection {
      description
        "This grouping defines IP connection parameters.";
      container ip-connection {
        description
          "IPv6-specific parameters.";
        container ipv4 {
          description
            "IPv4-specific parameters.";
          leaf address-allocation-type {
            type identityref {
              base address-allocation-type;
            }
            description
              "Defines how addresses are allocated.
             If there is no value for address
             allocation type, then the ipv4 is not enabled.";
          }

          container dhcp {
            description
              "DHCP allocated addresses related parameters.";
            container primary-subnet {
              description
                "Primary Subnet List";
              leaf ip-prefix {
                type inet:ipv4-prefix;
                description
                  "IPv4 address prefix and mask length between 0 and 31,
                 in bits.";
              }

              leaf default-router {
                type inet:ip-address;
                description
                  "Address of default router.";
              }

              leaf-list provider-addresses {
                type inet:ipv4-address;
                description
                  "the Service Provider IPv4 Addresses MUST be within the
                 specified IPv4 Prefix.";
              }

              leaf subscriber-address {
                type inet:ip-address;
                description
                  "subscriber IPv4 Addresses: Non-empty list
                 of IPv4 addresses";
              }

              leaf-list reserved-ip-prefix {
                type inet:ip-prefix;
                description
                  "List of IPv4 Prefixes, possibly empty";
              }
            }  // container primary-subnet

            list secondary-subnet {
              key "ip-prefix";
              description
                "Secondary Subnet List";
              leaf ip-prefix {
                type inet:ipv4-prefix;
                description
                  "IPv4 address prefix and mask length between 0 and 31,
                 in bits";
              }

              leaf-list provider-addresses {
                type inet:ipv4-address;
                description
                  "Service Provider IPv4 Addresses: Non-empty list
                 of IPv4 addresses";
              }

              leaf-list reserved-ip-prefix {
                type inet:ipv4-prefix;
                description
                  "List of IPv4 Prefixes, possibly empty";
              }
            }  // list secondary-subnet
          }  // container dhcp

          container static {
            description
              "Static configuration related parameters.";
            container primary-subnet {
              description
                "Primary Subnet List";
              leaf ip-prefix {
                type inet:ipv4-prefix;
                description
                  "IPv4 address prefix and mask length between 0 and 31,
                 in bits.";
              }

              leaf default-router {
                type inet:ip-address;
                description
                  "Address of default router.";
              }

              leaf-list provider-addresses {
                type inet:ipv4-address;
                description
                  "the Service Provider IPv4 Addresses MUST be within the
                 specified IPv4 Prefix.";
              }

              leaf subscriber-address {
                type inet:ip-address;
                description
                  "subscriber IPv4 Addresses: Non-empty list
                 of IPv4 addresses";
              }

              leaf-list reserved-ip-prefix {
                type inet:ip-prefix;
                description
                  "List of IPv4 Prefixes, possibly empty";
              }
            }  // container primary-subnet

            list secondary-subnet {
              key "ip-prefix";
              description
                "Secondary Subnet List";
              leaf ip-prefix {
                type inet:ipv4-prefix;
                description
                  "IPv4 address prefix and mask length between 0 and 31,
                 in bits";
              }

              leaf-list provider-addresses {
                type inet:ipv4-address;
                description
                  "Service Provider IPv4 Addresses: Non-empty list
                 of IPv4 addresses";
              }

              leaf-list reserved-ip-prefix {
                type inet:ipv4-prefix;
                description
                  "List of IPv4 Prefixes, possibly empty";
              }
            }  // list secondary-subnet
          }  // container static
        }  // container ipv4

        container ipv6 {
          description
            "Describes IPv6 addresses used.";
          leaf address-allocation-type {
            type identityref {
              base address-allocation-type;
            }
            description
              "Defines how addresses are allocated.
             If there is no value for address
             allocation type, then the ipv6 is not enabled.";
          }

          container dhcp {
            description
              "DHCP allocated addresses related parameters.";
            list subnet {
              key "ip-prefix";
              description "Subnet List";
              leaf ip-prefix {
                type inet:ipv6-prefix;
                description
                  "IPv6 address prefix and prefix length between 0 and
                 128";
              }

              leaf-list provider-addresses {
                type inet:ipv6-address;
                description
                  "Non-empty list of IPv6 addresses";
              }

              leaf-list reserved-ip-prefix {
                type inet:ipv6-prefix;
                description
                  "List of IPv6 Prefixes, possibly empty";
              }
            }  // list subnet
          }  // container dhcp

          container slaac {
            description
              "DHCP allocated addresses related parameters.";
            list subnet {
              key "ip-prefix";
              description "Subnet List";
              leaf ip-prefix {
                type inet:ipv6-prefix;
                description
                  "IPv6 address prefix and prefix length of 64 ";
              }

              leaf-list provider-addresses {
                type inet:ipv6-address;
                description
                  "Non-empty list of IPv6 addresses";
              }

              leaf-list reserved-ip-prefix {
                type inet:ipv6-prefix;
                description
                  "List of IPv6 Prefixes, possibly empty";
              }
            }  // list subnet
          }  // container slaac

          container static {
            description
              "Static configuration related parameters.";
            list subnet {
              key "ip-prefix";
              description "Subnet List";
              leaf ip-prefix {
                type inet:ipv6-prefix;
                description
                  "IPv6 address prefix and prefix length between 0 and
                 128";
              }

              leaf-list provider-addresses {
                type inet:ipv6-address;
                description
                  "Non-empty list of IPv6 addresses";
              }

              leaf-list reserved-ip-prefix {
                type inet:ipv6-prefix;
                description
                  "List of IPv6 Prefixes, possibly empty";
              }
            }  // list subnet

            leaf subscriber-address {
              type inet:ipv6-address;
              description
                "IPv6 address or Not Specified.";
            }
          }  // container static
        }  // container ipv6
      }  // container ip-connection
    }  // grouping site-ip-connection

    container sdwan-svc {
      description
        "Top-level container for the SD-WAN services.";
      container vpn-services {
        description
          "Container for SD-WAN VPN service";
        list vpn-service {
          key "vpn-id";
          description "List for SD-WAN";
          uses vpn-service;
        }  // list vpn-service
      }  // container vpn-services

      container sites {
        description "Container for sites";
        list site {
          key "site-id";
          description "List for site";
          leaf site-id {
            type svc-id;
            description "Site Name";
          }

          list device {
            key "name";
            description "List for device";
            leaf name {
              type string;
              description "Device Name";
            }

            leaf type {
              type identityref {
                base device-type;
              }
              description
                "Device Type: virtual or physical CE";
            }
          }  // list device

          list lan-access {
            key "name";
            description
              "container for lan access";
            leaf name {
              type string;
              description
                "lan access link name";
            }

            uses site-l2-technology;

            uses site-ip-connection;
          }  // list lan-access

          list wan-access {
            key "name";
            description
              "container for wan access";
            leaf name {
              type string;
              description
                "wan access link name";
            }

            leaf access-type {
              type identityref {
                base access-type;
              }
              description
                "Access type: Internet, private VPN or cellular";
            }

            leaf access-provider {
              type string;
              description
                "Specifies the name of provider";
            }

            container bandwidth {
              description
                "Container for bandwidth";
              leaf input-bandwidth {
                type uint64;
                description
                  "input bandwidth";
              }

              leaf output-bandwidth {
                type uint64;
                description
                  "output bandwidth";
              }
            }  // container bandwidth

            uses site-l2-technology;

            uses site-ip-connection;
          }  // list wan-access
        }  // list site
      }  // container sites
    }  // container sdwan-svc
  }  // module ietf-sdwan-svc