2 * Copyright (c) 2015 IBM Corporation. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
8 module neutron-vpnaas {
12 namespace "urn:opendaylight:neutron-vpnaas";
14 prefix neutron-vpnaas;
16 import ietf-yang-types { prefix "yang"; }
17 import ietf-inet-types { prefix "inet"; revision-date 2010-09-24; }
18 import neutron-attrs { prefix "attrs"; }
20 organization "OpenDaylight Neutron Group";
22 contact "R. Moats <rmoats@us.ibm.com>";
24 description "This YANG module defines Openstack Neutron VPNaaS model";
26 revision "2015-07-12" {
28 "OpenDaylight Beryllium release";
31 grouping vpnservice-attributes {
34 description "Detailed description of the vpn service.";
37 description "Contains the Router ID for the vpn service.";
41 description "Contains the Subnet ID for the vpn service.";
46 grouping ikepolicy-attributes {
49 description "Detailed description of the ike policy.";
53 description "Authentication hash algorithm.";
55 leaf encryption-algorithm {
56 description "Encryption algorithm";
59 leaf phase-negotiation-mode {
60 description "IKE mode";
64 description "Perfect Forward Secrecy";
68 description "IKE Version";
72 description "Security Association Lifetime";
74 description "Units for lifetime of the security association";
78 description "Lifetime value, as a positive integer";
84 grouping ipsecpolicy-attributes {
87 description "Detailed description of the ipsec policy.";
89 leaf transform-protocol {
91 description "Transform protocol.";
93 leaf encapsulation-mode {
94 description "Encapsulation mode";
99 description "Authentication hash algorithm.";
101 leaf encryption-algorithm {
102 description "Encryption algorithm";
106 description "Perfect Forward Secrecy";
110 description "Security Association Lifetime";
112 description "Units for lifetime of the security association";
116 description "Lifetime value, as a positive integer";
122 grouping ipsecconnection-attributes {
125 description "Detailed description of the ipsec policy.";
129 description "Peer gateway public IPv4/IPv6 address or FQDN";
133 description "Peer router identity for authentication";
135 leaf-list peer_cidrs {
137 description "Unique list of valid peer private CIDRs in the form <net_address>/<prefix>";
141 description "Route mode";
145 description "Maximum Transmission Unit to address fragmentation";
149 description "Authentication mode";
153 description "Pre Shared Key";
157 description "Whether this VPN can only respond to connections, response-only, or can initiate as well, bi-directional(default).";
160 description "Unique identifier of IKE policy.";
163 leaf ipsecpolicy-id {
164 description "Unique identifier of IPSec policy.";
168 description "Unique identifier of VPN service.";
172 description "Dead Peer Detection protocol controls";
174 description "DPD action";
178 description "DPD interval in seconds";
182 description "DPD timeout in seconds";
188 grouping vpnservices-attributes {
189 container vpn-services {
192 uses attrs:base-attributes;
193 uses attrs:admin-attributes;
194 uses vpnservice-attributes;
198 grouping ikepolicies-attributes {
199 container ike-policies {
202 uses attrs:base-attributes;
203 uses ikepolicy-attributes;
207 grouping ipsecpolicies-attributes {
208 container ipsec-policies {
211 uses attrs:base-attributes;
212 uses ipsecpolicy-attributes;
216 grouping ipsecconnections-attributes {
217 container ipsec-site-connections {
218 list ipsecsiteconnection {
220 uses attrs:base-attributes;
221 uses attrs:admin-attributes;
222 uses ipsecconnection-attributes;