This module focuses on fundamental TCP functions and basic statistics. The model can be augmented to address more advanced or i...
Version: 2024-10-10
module ietf-tcp { yang-version 1.1; namespace "urn:ietf:params:xml:ns:yang:ietf-tcp"; prefix tcp; import ietf-yang-types { prefix yang; reference "RFC 6991: Common YANG Data Types."; } import ietf-tcp-common { prefix tcpcmn; reference "RFC 9643: YANG Groupings for TCP Clients and TCP Servers."; } import ietf-inet-types { prefix inet; reference "RFC 6991: Common YANG Data Types."; } import ietf-netconf-acm { prefix nacm; reference "RFC 8341: Network Configuration Access Control Model."; } import ietf-key-chain { prefix key-chain; reference "RFC 8177: YANG Data Model for Key Chains."; } organization "IETF TCPM Working Group"; contact "WG Web: https://datatracker.ietf.org/wg/tcpm/about WG List: TCPM WG <tcpm@ietf.org> Authors: Michael Scharf <michael.scharf@hs-esslingen.de> Mahesh Jethanandani <mjethanandani@gmail.com> Vishal Murgai <vmurgai@gmail.com>"; description "This module focuses on fundamental TCP functions and basic statistics. The model can be augmented to address more advanced or implementation-specific TCP features. The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document are to be interpreted as described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, they appear in all capitals, as shown here. Copyright (c) 2024 IETF Trust and the persons identified as authors of the code. All rights reserved. Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Revised BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info). This version of this YANG module is part of RFC 9648 (https://www.rfc-editor.org/info/rfc9648); see the RFC itself for full legal notices."; revision "2024-10-10" { description "Initial version."; reference "RFC 9648: YANG Data Model for TCP."; } typedef mss { type uint16; description "Type definition for the Maximum Segment Size."; } feature statistics { description "This implementation supports statistics reporting."; } feature authentication { description "This implementation supports authentication."; } identity aes-128 { base key-chain:crypto-algorithm; description "AES128 authentication algorithm used by TCP-AO."; reference "RFC 5926: Cryptographic Algorithms for the TCP Authentication Option (TCP-AO)."; } container tcp { presence "The container for TCP configuration."; description "TCP container."; container connections { description "A container of all TCP connections."; list connection { key "local-address remote-address local-port remote-port"; description "List of TCP connections with their parameters. The list is modeled as writable even though only some of the nodes are writable, e.g., keepalive. Connections that are created and match this list SHOULD apply the writable parameters. At the same time, implementations may not allow creation of new TCP connections simply by adding entries to the list. Furthermore, the behavior upon removal is implementation-specific. Implementations may not support closing or resetting a TCP connection upon an operation that removes the entry from the list. The operational state of this list SHOULD reflect connections that have configured but not created and connections that have been created. Connections in the CLOSED state are not reflected on this list."; leaf local-address { type inet:ip-address; description "Identifies the address that is used by the local endpoint for the connection and is one of the four elements that form the connection identifier."; } leaf remote-address { type inet:ip-address; description "Identifies the address that is used by the remote endpoint for the connection and is one of the four elements that form the connection identifier."; } leaf local-port { type inet:port-number; description "Identifies the local TCP port used for the connection and is one of the four elements that form the connection identifier."; } leaf remote-port { type inet:port-number; description "Identifies the remote TCP port used for the connection and is one of the four elements that form the connection identifier."; } leaf mss { type mss; description "Maximum Segment Size (MSS) desired on this connection. Note that the 'effective send MSS' can be smaller than what is configured here."; reference "RFC 9293: Transmission Control Protocol (TCP)."; } leaf pmtud { type boolean; default "false"; description "Turns Path Maximum Transmission Unit Discovery (PMTUD) on (true) or off (false)."; reference "RFC 9293: Transmission Control Protocol (TCP)."; } container keepalives { if-feature keepalives-supported; presence "Indicates that keepalives are enabled, aligning to the requirement in Section 3.8.4 of RFC 9293 that states keepalives are off by default."; description "Configures the keepalive policy to proactively test the aliveness of the TCP peer. An unresponsive TCP peer is dropped after approximately (idle-time + max-probes * probe-interval) seconds. Further guidance can be found in Section 2.1.5 of RFC 9643."; reference "RFC 9293: Transmission Control Protocol (TCP)"; leaf idle-time { type uint16 { range "1..max"; } units "seconds"; default "7200"; description "Sets the amount of time after which a TCP-level probe message will be sent to test the aliveness of the TCP peer if no data has been received from the TCP peer. Two hours (7200 seconds) is a safe value, per Section 3.8.4 of RFC 9293."; reference "RFC 9293: Transmission Control Protocol (TCP)"; } leaf max-probes { type uint16 { range "1..max"; } default "9"; description "Sets the maximum number of sequential keepalive probes that can fail to obtain a response from the TCP peer before assuming the TCP peer is no longer alive."; } leaf probe-interval { type uint16 { range "1..max"; } units "seconds"; default "75"; description "Sets the time interval between failed probes. The interval SHOULD be significantly longer than one second in order to avoid harm on a congested link."; } } // container keepalives leaf state { type enumeration { enum "closed" { value 1; description "Connection is closed. Connections in this state may not appear in this list."; } enum "listen" { value 2; description "Represents waiting for a connection request from any remote TCP peer and port."; } enum "syn-sent" { value 3; description "Represents waiting for a matching connection request after having sent a connection request."; } enum "syn-received" { value 4; description "Represents waiting for a confirming connection request acknowledgment after having both received and sent a connection request."; } enum "established" { value 5; description "Represents an open connection; data received can be delivered to the user. The normal state for the data transfer phase of the connection."; } enum "fin-wait-1" { value 6; description "Represents waiting for a connection termination request from the remote TCP peer or an acknowledgment of the connection termination request previously sent."; } enum "fin-wait-2" { value 7; description "Represents waiting for a connection termination request from the remote TCP peer."; } enum "close-wait" { value 8; description "Represents waiting for a connection termination request from the local user."; } enum "last-ack" { value 9; description "Represents waiting for an acknowledgment of the connection termination request previously sent to the remote TCP peer (this termination request sent to the remote TCP peer already included an acknowledgment of the termination request sent from the remote TCP peer)."; } enum "closing" { value 10; description "Represents waiting for a connection termination request acknowledgment from the remote TCP peer."; } enum "time-wait" { value 11; description "Represents waiting for enough time to pass to be sure the remote TCP peer received the acknowledgment of its connection termination request and to avoid new connections being impacted by delayed segments from previous connections."; } } config false; description "The state of this TCP connection."; } } // list connection } // container connections list tcp-listeners { key "type address port"; config false; description "A table containing information about a particular TCP listener."; leaf type { type inet:ip-version; description "The address type of address. The value should be unspecified (0) if connection initiations to all local IP addresses are accepted."; } leaf address { type union { type inet:ip-address; type string { length "0"; } } description "The local IP address for this TCP connection. The value of this node can be represented in three possible ways, depending on the characteristics of the listening application: 1. For an application willing to accept both IPv4 and IPv6 datagrams, the value of this node must be ''h (a zero-length octet string), with the value of the corresponding 'type' object being unspecified (0). 2. For an application willing to accept only IPv4 or IPv6 datagrams, the value of this node must be '0.0.0.0' or '::' respectively, with 'type' representing the appropriate address type. 3. For an application that is listening for data destined only to a specific IP address, the value of this node is the specific local address, with 'type' representing the appropriate address type."; } leaf port { type inet:port-number; description "The local port number for this TCP connection."; } } // list tcp-listeners container statistics { if-feature statistics; config false; description "Statistics across all connections."; leaf active-opens { type yang:counter64; description "The number of times that TCP connections have made a direct transition to the SYN-SENT state from the CLOSED state."; reference "RFC 9293: Transmission Control Protocol (TCP)."; } leaf passive-opens { type yang:counter64; description "The number of times TCP connections have made a direct transition to the SYN-RCVD state from the LISTEN state."; reference "RFC 9293: Transmission Control Protocol (TCP)."; } leaf attempt-fails { type yang:counter64; description "The number of times that TCP connections have made a direct transition to the CLOSED state from either the SYN-SENT state or the SYN-RCVD state, plus the number of times that TCP connections have made a direct transition to the LISTEN state from the SYN-RCVD state."; reference "RFC 9293: Transmission Control Protocol (TCP)."; } leaf establish-resets { type yang:counter64; description "The number of times that TCP connections have made a direct transition to the CLOSED state from either the ESTABLISHED state or the CLOSE-WAIT state."; reference "RFC 9293: Transmission Control Protocol (TCP)."; } leaf currently-established { type yang:gauge32; description "The number of TCP connections for which the current state is either ESTABLISHED or CLOSE-WAIT."; reference "RFC 9293: Transmission Control Protocol (TCP)."; } leaf in-segments { type yang:counter64; description "The total number of TCP segments received, including those received in error. This count includes TCP segments received on currently established connections."; reference "RFC 9293: Transmission Control Protocol (TCP)."; } leaf out-segments { type yang:counter64; description "The total number of TCP segments sent, including those on current connections but excluding those containing only retransmitted octets."; reference "RFC 9293: Transmission Control Protocol (TCP)."; } leaf retransmitted-segments { type yang:counter64; description "The total number of TCP segments retransmitted; that is, the number of TCP segments transmitted containing one or more previously transmitted octets."; reference "RFC 9293: Transmission Control Protocol (TCP)."; } leaf in-errors { type yang:counter64; description "The total number of TCP segments received in error (e.g., bad TCP checksums)."; reference "RFC 9293: Transmission Control Protocol (TCP)."; } leaf out-resets { type yang:counter64; description "The number of TCP segments sent containing the RST flag."; reference "RFC 9293: Transmission Control Protocol (TCP)."; } leaf auth-failures { if-feature authentication; type yang:counter64; description "The number of times that authentication has failed either with TCP-AO or MD5."; } action reset { nacm:default-deny-all; description "Reset statistics action command."; input { leaf reset-at { type yang:date-and-time; description "Time when the reset action needs to be executed."; } } output { leaf reset-finished-at { type yang:date-and-time; description "Time when the reset action command completed."; } } } // rpc reset } // container statistics } // container tcp } // module ietf-tcp
© 2024 YumaWorks, Inc. All rights reserved.