PIM Working Group H. Zhao Internet Draft Ericsson Intended status: Standards Track Y. Liu Expires: March 20, 2023 China Mobile X. Liu IBM Corporation M. Panchanathan Cisco M. Sivakumar Juniper September 21, 2022 Yang Data Model for EVPN multicast draft-zhao-pim-evpn-multicast-yang-00.txt Abstract This document describes a YANG data model for EVPN multicast services. The model is agnostic of the underlay as well as RFC 9251. This document mainly focuses on EVPN instance framework. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html Zhao & Liu, etc Expires March 20, 2023 [Page 1] Internet-Draft draft-zhao-pim-evpn-multicast-yang-00 September 21, 2022 This Internet-Draft will expire on March 20, 2023. Copyright Notice Copyright (c) 2022 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction...................................................3 1.1. Terminology...............................................3 1.2. Tree Diagrams.............................................3 1.3. Prefixes in Data Node Names...............................3 2. Module Structure...............................................4 2.1. Attributes to control new BGP EVPN routes.................4 2.2. New BGP EVPN routes.......................................4 3. EVPN Multicast Yang Module.....................................5 4. Security Considerations........................................9 5. IANA Considerations...........................................10 5.1. XML Registry.............................................10 5.2. YANG Module Names Registry...............................10 6. References....................................................11 6.1. Normative References.....................................11 6.2. Informative References...................................12 Authors' Addresses...............................................12 Zhao & Liu, etc Expires March 20, 2023 [Page 2] Internet-Draft draft-zhao-pim-evpn-multicast-yang-00 September 21, 2022 1. Introduction This document describes a YANG data model for EVPN multicast services. Its name is ietf-evpn-multicast. [RFC9251] introduces three new BGP EVPN routes to carry IGMP Membership Reports. The module ietf-evpn-multicast defines the three new BGP EVPN routes in it. It also defines other attributes for EVPN multicast services. 1.1. Terminology The terminology for describing YANG data models is found in [RFC6020] and [RFC7950], including: * augment * data model * data node * module 1.2. Tree Diagrams Tree diagrams used in this document follow the notation defined in [RFC8340]. 1.3. Prefixes in Data Node Names In this document, names of data nodes, actions, and other data model objects are often used without a prefix, as long as it is clear from the context in which YANG module each name is defined. Otherwise, names are prefixed using the standard prefix associated with the corresponding YANG module, as shown in Table 1. +----------+-----------------------+----------------------------------------+ | Prefix | YANG module | Reference | +==========+=======================+========================================+ | inet | ietf-inet-types | [RFC6991] | +----------+-----------------------+----------------------------------------+ | rt-types | ietf-routing-types | [RFC8294] | +----------+-----------------------+----------------------------------------+ | evpn | ietf-evpn | [draft-ietf-bess-evpn-yang] | +----------+-----------------------+----------------------------------------+ | es | ietf-ethernet-segment | [draft-ietf-bess-evpn-yang] | Zhao & Liu, etc Expires March 20, 2023 [Page 3] Internet-Draft draft-zhao-pim-evpn-multicast-yang-00 September 21, 2022 +----------+-----------------------+----------------------------------------+ Table 1: Prefixes and Corresponding YANG Modules 2. Module Structure This module extends ietf-evpn data model specified in [draft-ietf-bess- evpn-yang] to configure and show EVPN multicast service. This module conforms to the Network Management Datastore Architecture (NMDA) [RFC8342]. The operational state data is combined with the associated configuration data in the same hierarchy [RFC8407]. 2.1. Attributes to control new BGP EVPN routes This module augments /evpn:evpn/evpn:evpn-instances/evpn:evpn-instance to add some attributes to control the three new BGP EVPN routes to carry IGMP Membership Reports. If sel-mcast-advertisement is enabled, BGP could publish Selective Multicast Ethernet Tag Route [RFC 9251]. If evpn-igmp-proxy is enabled, Trigger an IMET route update with Multicast Flags Extended Community and IGMP proxy bit is set [RFC 9251]. If evpn-mld-proxy is enabled, Trigger an IMET route update with Multicast Flags Extended Community and MLD proxy bit is set [RFC 9251]. augment /evpn:evpn/evpn:evpn-instances/evpn:evpn-instance: +--rw sel-mcast-advertisement? boolean +--rw evpn-igmp-proxy? boolean +--rw evpn-mld-proxy? Boolean 2.2. New BGP EVPN routes This module augments /evpn:evpn/evpn:evpn-instances/evpn:evpn- instance/evpn:routes to add three new BGP EVPN routes to carry IGMP Membership Reports [RFC 9251]. The route types are known as: 6 - Selective Multicast Ethernet Tag Route 7 - Multicast Membership Report Synch Route 8 - Multicast Leave Synch Route Zhao & Liu, etc Expires March 20, 2023 [Page 4] Internet-Draft draft-zhao-pim-evpn-multicast-yang-00 September 21, 2022 augment /evpn:evpn/evpn:evpn-instances/evpn:evpn-instance/evpn:routes: +--ro selective-multicast-ethernet-tag-route* [] | +--ro rd-rt* [route-distinguisher] | | +--ro route-distinguisher rt-types:route-distinguisher | | +--ro vpn-target* [route-target] | | +--ro route-target rt-types:route-target | +--ro ethernet-tag? uint32 | +--ro multicast-source-address? inet:ipv4-address | +--ro multicast-group-address? rt-types:ipv4-multicast-group-address | +--ro originator-ip-prefix? inet:ip-prefix +--ro multicast-membership-report-synch-route* [] | +--ro rd-rt* [route-distinguisher] | | +--ro route-distinguisher rt-types:route-distinguisher | | +--ro vpn-target* [route-target] | | +--ro route-target rt-types:route-target | +--ro ethernet-segment-identifier? es:ethernet-segment-identifier-type | +--ro ethernet-tag? uint32 | +--ro multicast-source-address? inet:ipv4-address | +--ro multicast-group-address? rt-types:ipv4-multicast-group-address | +--ro originator-ip-prefix? inet:ip-prefix +--ro multicast-leave-synch-route* [] +--ro rd-rt* [route-distinguisher] | +--ro route-distinguisher rt-types:route-distinguisher | +--ro vpn-target* [route-target] | +--ro route-target rt-types:route-target +--ro ethernet-segment-identifier? es:ethernet-segment-identifier-type +--ro ethernet-tag? uint32 +--ro multicast-source-address? inet:ipv4-address +--ro multicast-group-address? rt-types:ipv4-multicast-group-address +--ro originator-ip-prefix? inet:ip-prefix +--ro maximum-response-time? uint32 3. EVPN Multicast Yang Module This module references [RFC6991],[RFC8294],[draft-ietf-bess-evpn-yang]. file ietf-evpn-multicast@2022-09-02.yang module ietf-evpn-multicast { namespace "urn:ietf:params:xml:ns:yang:ietf-evpn-multicast"; prefix "evpn-multicast"; import ietf-inet-types { prefix "inet"; } import ietf-routing-types { prefix "rt-types"; } import ietf-ethernet-segment { Zhao & Liu, etc Expires March 20, 2023 [Page 5] Internet-Draft draft-zhao-pim-evpn-multicast-yang-00 September 21, 2022 prefix "es"; } import ietf-evpn { prefix "evpn"; } organization "ietf"; contact "ietf"; description "evpn multicast"; revision "2022-09-02" { description "Initial draft"; reference ""; } /* Groupings */ grouping route-rd-rt-grp { description "A grouping for a route's route distinguishers " + "and route targets"; list rd-rt { key "route-distinguisher"; leaf route-distinguisher { type rt-types:route-distinguisher; description "Route distinguisher"; } list vpn-target { key "route-target"; leaf route-target { type rt-types:route-target; description "BGP route target"; } description "A list of route targets"; } description "A list of route distinguishers and " + "corresponding VPN route targets"; } } /* augments */ augment "/evpn:evpn/evpn:evpn-instances/evpn:evpn-instance" { description ""; leaf sel-mcast-advertisement { type boolean; description "Whether to publish SMET route"; } leaf evpn-igmp-proxy { Zhao & Liu, etc Expires March 20, 2023 [Page 6] Internet-Draft draft-zhao-pim-evpn-multicast-yang-00 September 21, 2022 type boolean; description "Trigger an IMET route update with Multicast Flags Extended Community and IGMP proxy bit is set."; } leaf evpn-mld-proxy { type boolean; description "Trigger an IMET route update with Multicast Flags Extended Community and MLD proxy bit is set."; } } augment "/evpn:evpn/evpn:evpn-instances/evpn:evpn- instance/evpn:routes" { description "Add type6~8 route"; list selective-multicast-ethernet-tag-route { uses route-rd-rt-grp; leaf ethernet-tag { type uint32; description "An ethernet tag (etag) indentifying a " + "broadcast domain"; } leaf multicast-source-address { type inet:ipv4-address; description ""; } leaf multicast-group-address { type rt-types:ipv4-multicast-group-address; description "Multicast group IPv4 address."; } leaf originator-ip-prefix { type inet:ip-prefix; description "originator-ip-prefix"; } description "SMET route (type6)"; } list multicast-membership-report-synch-route { uses route-rd-rt-grp; leaf ethernet-segment-identifier { type es:ethernet-segment-identifier-type; description "Ethernet segment identifier (esi)"; } leaf ethernet-tag { type uint32; description "An ethernet tag (etag) indentifying a " + "broadcast domain"; } leaf multicast-source-address { type inet:ipv4-address; description Zhao & Liu, etc Expires March 20, 2023 [Page 7] Internet-Draft draft-zhao-pim-evpn-multicast-yang-00 September 21, 2022 ""; } leaf multicast-group-address { type rt-types:ipv4-multicast-group-address; description "Multicast group IPv4 address."; } leaf originator-ip-prefix { type inet:ip-prefix; description "originator-ip-prefix"; } description "type7 route"; } list multicast-leave-synch-route { uses route-rd-rt-grp; leaf ethernet-segment-identifier { type es:ethernet-segment-identifier-type; description "Ethernet segment identifier (esi)"; } leaf ethernet-tag { type uint32; description "An ethernet tag (etag) indentifying a " + "broadcast domain"; } leaf multicast-source-address { type inet:ipv4-address; description ""; } leaf multicast-group-address { type rt-types:ipv4-multicast-group-address; description "Multicast group IPv4 address."; } leaf originator-ip-prefix { type inet:ip-prefix; description "originator-ip-prefix"; } leaf maximum-response-time { type uint32; description "max response time"; } description "type8 route"; } } } Zhao & Liu, etc Expires March 20, 2023 [Page 8] Internet-Draft draft-zhao-pim-evpn-multicast-yang-00 September 21, 2022 4. Security Considerations The YANG module specified in this document defines a schema for data that is designed to be accessed via network management protocols such as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer is the secure transport layer, and the mandatory-to-implement secure transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer is HTTPS, and the mandatory-to-implement secure transport is TLS [RFC8446]. The Network Configuration Access Control Model (NACM) [RFC8341] provides the means to restrict access for particular NETCONF or RESTCONF users to a preconfigured subset of all available NETCONF or RESTCONF protocol operations and content. There are a number of data nodes defined in this YANG module that are writable/creatable/deletable (i.e., config true, which is the default). These data nodes may be considered sensitive or vulnerable in some network environments. Write operations (e.g., edit-config) to these data nodes without proper protection can have a negative effect on network operations. These are the subtrees and data nodes and their sensitivity/vulnerability: Under /evpn:evpn/evpn:evpn-instances/evpn:evpn-instance:/ evpn-multicast:sel-mcast-advertisement evpn-multicast:evpn-igmp-proxy evpn-multicast:evpn-mld-proxy Unauthorized access to any data node of these subtrees can adversely affect the EVPN multicast service of both the local device and the network. This may lead to network malfunctions, delivery of packets to inappropriate destinations, and other problems. Some of the readable data nodes in this YANG module may be considered sensitive or vulnerable in some network environments. It is thus important to control read access (e.g., via get, get-config, or notification) to these data nodes. These are the subtrees and data nodes and their sensitivity/vulnerability: Under /evpn:evpn/evpn:evpn-instances/evpn:evpn-instance:/ evpn-multicast:sel-mcast-advertisement evpn-multicast:evpn-igmp-proxy evpn-multicast:evpn-mld-proxy Zhao & Liu, etc Expires March 20, 2023 [Page 9] Internet-Draft draft-zhao-pim-evpn-multicast-yang-00 September 21, 2022 Under augment /evpn:evpn/evpn:evpn-instances/evpn:evpn- instance/evpn:routes:/ evpn-multicast:selective-multicast-ethernet-tag-route evpn-multicast:multicast-membership-report-synch-route evpn-multicast:multicast-leave-synch-route Unauthorized access to any data node of these subtrees can disclose the operational state information of EVPN multicast service on this device. 5. IANA Considerations RFC Ed.: In this section, replace all occurrences of 'XXXX' with the actual RFC number (and remove this note). 5.1. XML Registry This document registers the following namespace URIs in the IETF XML registry [RFC3688]: -------------------------------------------------------------------- URI: urn:ietf:params:xml:ns:yang:ietf-evpn-multicast Registrant Contact: The IETF. XML: N/A, the requested URI is an XML namespace. -------------------------------------------------------------------- 5.2. YANG Module Names Registry This document registers the following YANG modules in the YANG Module Names registry [RFC7950]: -------------------------------------------------------------------- name: ietf-evpn-multicast namespace: urn:ietf:params:xml:ns:yang:ietf-evpn-multicast prefix: evpn-multicast reference: RFC XXXX -------------------------------------------------------------------- Zhao & Liu, etc Expires March 20, 2023 [Page 10] Internet-Draft draft-zhao-pim-evpn-multicast-yang-00 September 21, 2022 6. References 6.1. Normative References [RFC3688] Mealling, M., "The IETF XML Registry", RFC 3688, January 2004. [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for the Network Configuration Protocol (NETCONF)", RFC 6020, October 2010. [RFC6241] R. Enns, Ed., M. Bjorklund, Ed., J. Schoenwaelder, Ed., A. Bierman, Ed., "Network Configuration Protocol (NETCONF)", RFC 6241, June 2011. [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure Shell (SSH)", RFC 6242, June 2011. [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", RFC 6991, July 2013. [RFC7950] M. Bjorklund, Ed., "The YANG 1.1 Data Modeling Language", RFC 7950, August 2016. [RFC8040] A. Bierman, M. Bjorklund, K. Watsen, "RESTCONF Protocol", RFC 8040, January 2017. [RFC8294] X. Liu, Y. Qu, A. Lindem, C. Hopps, L. Berger, "Common YANG Data Types for the Routing Area", RFC 8294, December 2017. [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration Access Control Model", RFC 8341, March 2018. [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol Version 1.3", RFC 8446, August 2018. [RFC9251] A. Sajassi, S. Thoria, M. Mishra, K. Patel, J. Drake, W. Lin, "Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Proxies for Ethernet VPN (EVPN)", RFC 9251, June 2022. [draft-ietf-bess-evpn-yang] P. Brissette, H. Shah, I. Chen, I. Hussain, K. Tiruveedhula, J. Rabadan, "Yang Data Model for EVPN", draft-ietf-bess-evpn-yang-07, March 2019. Zhao & Liu, etc Expires March 20, 2023 [Page 11] Internet-Draft draft-zhao-pim-evpn-multicast-yang-00 September 21, 2022 6.2. Informative References [RFC8407] A. Bierman, "Guidelines for Authors and Reviewers of Documents Containing YANG Data Models", RFC 8407, October 2018. Authors' Addresses Hongji Zhao Ericsson (China) Communications Company Ltd. Ericsson Tower, No. 5 Lize East Street, Chaoyang District Beijing 100102, China Email: hongji.zhao@ericsson.com Yisong Liu China Mobile China Email: liuyisong@chinamobile.com Xufeng Liu Volta Networks USA EMail: xufeng.liu.ietf@gmail.com Mani Panchanathan Cisco India Email: mapancha@cisco.com Mahesh Sivakumar Juniper Networks 1133 Innovation Way Sunnyvale, California USA EMail: sivakumar.mahesh@gmail.com Zhao & Liu, etc Expires March 20, 2023 [Page 12]