2 * Copyright (c) 2015 IBM Corporation. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
8 module neutron-vpnaas {
12 namespace "urn:opendaylight:neutron-vpnaas";
14 prefix neutron-vpnaas;
16 import ietf-yang-types { prefix "yang"; }
17 import neutron-attrs { prefix "attrs"; }
19 organization "OpenDaylight Neutron Group";
21 contact "R. Moats <rmoats@us.ibm.com>";
23 description "This YANG module defines Openstack Neutron VPNaaS model";
25 revision "2015-07-12" {
27 "OpenDaylight Beryllium release";
30 grouping vpnservice-attributes {
32 description "Contains the Router ID for the vpn service.";
36 description "Contains the Subnet ID for the vpn service.";
41 grouping ikepolicy-attributes {
44 description "Authentication hash algorithm.";
46 leaf encryption-algorithm {
47 description "Encryption algorithm";
50 leaf phase-negotiation-mode {
51 description "IKE mode";
55 description "Perfect Forward Secrecy";
59 description "IKE Version";
63 description "Security Association Lifetime";
65 description "Units for lifetime of the security association";
69 description "Lifetime value, as a positive integer";
75 grouping ipsecpolicy-attributes {
76 leaf transform-protocol {
78 description "Transform protocol.";
80 leaf encapsulation-mode {
81 description "Encapsulation mode";
86 description "Authentication hash algorithm.";
88 leaf encryption-algorithm {
89 description "Encryption algorithm";
93 description "Perfect Forward Secrecy";
97 description "Security Association Lifetime";
99 description "Units for lifetime of the security association";
103 description "Lifetime value, as a positive integer";
109 grouping ipsecconnection-attributes {
112 description "Peer gateway public IPv4/IPv6 address or FQDN";
116 description "Peer router identity for authentication";
118 leaf-list peer_cidrs {
120 description "Unique list of valid peer private CIDRs in the form <net_address>/<prefix>";
124 description "Route mode";
128 description "Maximum Transmission Unit to address fragmentation";
132 description "Authentication mode";
136 description "Pre Shared Key";
140 description "Whether this VPN can only respond to connections, response-only, or can initiate as well, bi-directional(default).";
143 description "Unique identifier of IKE policy.";
146 leaf ipsecpolicy-id {
147 description "Unique identifier of IPSec policy.";
151 description "Unique identifier of VPN service.";
155 description "Dead Peer Detection protocol controls";
157 description "DPD action";
161 description "DPD interval in seconds";
165 description "DPD timeout in seconds";
171 grouping vpnservices-attributes {
172 container vpn-services {
175 uses attrs:base-attributes;
176 uses attrs:admin-attributes;
177 uses vpnservice-attributes;
181 grouping ikepolicies-attributes {
182 container ike-policies {
185 uses attrs:base-attributes;
186 uses ikepolicy-attributes;
190 grouping ipsecpolicies-attributes {
191 container ipsec-policies {
194 uses attrs:base-attributes;
195 uses ipsecpolicy-attributes;
199 grouping ipsecconnections-attributes {
200 container ipsec-site-connections {
201 list ipsecsiteconnection {
203 uses attrs:base-attributes;
204 uses attrs:admin-attributes;
205 uses ipsecconnection-attributes;