1 module ietf-tcp-client {
3 namespace "urn:ietf:params:xml:ns:yang:ietf-tcp-client";
6 import ietf-inet-types {
9 "RFC 6991: Common YANG Data Types";
12 import ietf-crypto-types {
15 "RFC AAAA: YANG Data Types and Groupings for Cryptography";
18 import ietf-tcp-common {
21 "RFC DDDD: YANG Groupings for TCP Clients and TCP Servers";
25 "IETF NETCONF (Network Configuration) Working Group and the
26 IETF TCP Maintenance and Minor Extensions (TCPM) Working Group";
29 "WG Web: https://datatracker.ietf.org/wg/netconf
30 https://datatracker.ietf.org/wg/tcpm
31 WG List: NETCONF WG list <mailto:netconf@ietf.org>
32 TCPM WG list <mailto:tcpm@ietf.org>
33 Authors: Kent Watsen <mailto:kent+ietf@watsen.net>
35 <mailto:michael.scharf@hs-esslingen.de>";
38 "This module defines reusable groupings for TCP clients that
39 can be used as a basis for specific TCP client instances.
41 Copyright (c) 2022 IETF Trust and the persons identified
42 as authors of the code. All rights reserved.
44 Redistribution and use in source and binary forms, with
45 or without modification, is permitted pursuant to, and
46 subject to the license terms contained in, the Revised
47 BSD License set forth in Section 4.c of the IETF Trust's
48 Legal Provisions Relating to IETF Documents
49 (https://trustee.ietf.org/license-info).
51 This version of this YANG module is part of RFC DDDD
52 (https://www.rfc-editor.org/info/rfcDDDD); see the RFC
53 itself for full legal notices.
55 The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
56 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
57 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document
58 are to be interpreted as described in BCP 14 (RFC 2119)
59 (RFC 8174) when, and only when, they appear in all
60 capitals, as shown here.";
66 "RFC DDDD: YANG Groupings for TCP Clients and TCP Servers";
71 feature local-binding-supported {
73 "Indicates that the server supports configuring local
74 bindings (i.e., the local address and local port) for
78 feature tcp-client-keepalives {
80 "Per socket TCP keepalive parameters are configurable for
81 TCP clients on the server implementing this feature.";
84 feature proxy-connect {
86 "Proxy connection configuration is configurable for
87 TCP clients on the server implementing this feature.";
90 feature socks5-gss-api {
92 "Indicates that the server supports authenticating
93 using GSSAPI when initiating TCP connections via
94 and SOCKS Version 5 proxy server.";
96 "RFC 1928: SOCKS Protocol Version 5";
99 feature socks5-username-password {
101 "Indicates that the server supports authenticating using
102 username/password when initiating TCP connections via
103 and SOCKS Version 5 proxy server.";
105 "RFC 1928: SOCKS Protocol Version 5";
110 grouping tcp-client-grouping {
112 "A reusable grouping for configuring a TCP client.
114 Note that this grouping uses fairly typical descendant
115 node names such that a stack of 'uses' statements will
116 have name conflicts. It is intended that the consuming
117 data model will resolve the issue (e.g., by wrapping
118 the 'uses' statement in a container called
119 'tcp-client-parameters'). This model purposely does
120 not do this itself so as to provide maximum flexibility
121 to consuming models.";
123 leaf remote-address {
127 "The IP address or hostname of the remote peer to
128 establish a connection with. If a domain name is
129 configured, then the DNS resolution should happen on
130 each connection attempt. If the DNS resolution
131 results in multiple IP addresses, the IP addresses
132 are tried according to local preference order until
133 a connection has been established or until all IP
134 addresses have failed.";
137 type inet:port-number;
140 "The IP port number for the remote peer to establish a
141 connection with. An invalid default value (0) is used
142 (instead of 'mandatory true') so that as application
143 level data model may 'refine' it with an application
144 specific default port number value.";
147 if-feature "local-binding-supported";
148 type inet:ip-address;
150 "The local IP address/interface (VRF?) to bind to for when
151 connecting to the remote peer. INADDR_ANY ('0.0.0.0') or
152 INADDR6_ANY ('0:0:0:0:0:0:0:0' a.k.a. '::') MAY be used to
153 explicitly indicate the implicit default, that the server
154 can bind to any IPv4 or IPv6 addresses, respectively.";
157 if-feature "local-binding-supported";
158 type inet:port-number;
161 "The local IP port number to bind to for when connecting
162 to the remote peer. The port number '0', which is the
163 default value, indicates that any available local port
164 number may be used.";
166 container proxy-server {
167 if-feature "proxy-connect";
169 "Indicates that a proxy connection has been configured.
170 Present so that the mandatory descendant nodes do not
171 imply that this node must be configured.";
175 "Selects a proxy connection protocol.";
177 container socks4-parameters {
178 leaf remote-address {
179 type inet:ip-address;
182 "The IP address of the proxy server.";
185 type inet:port-number;
188 "The IP port number for the proxy server.";
191 "Parameters for connecting to a TCP-based proxy
192 server using the SOCKS4 protocol.";
194 "SOCKS, Proceedings: 1992 Usenix Security Symposium.";
198 container socks4a-parameters {
199 leaf remote-address {
203 "The IP address or hostname of the proxy server.";
206 type inet:port-number;
209 "The IP port number for the proxy server.";
212 "Parameters for connecting to a TCP-based proxy
213 server using the SOCKS4a protocol.";
216 1992 Usenix Security Symposium.
218 SOCKS 4A: A Simple Extension to SOCKS 4 Protocol
219 https://www.openssh.com/txt/socks4a.protocol";
223 container socks5-parameters {
224 leaf remote-address {
228 "The IP address or hostname of the proxy server.";
231 type inet:port-number;
234 "The IP port number for the proxy server.";
236 container authentication-parameters {
238 "Indicates that an authentication mechanism
239 has been configured. Present so that the
240 mandatory descendant nodes do not imply that
241 this node must be configured.";
243 "A container for SOCKS Version 5 authentication
246 A complete list of methods is defined at:
247 https://www.iana.org/assignments/socks-methods
248 /socks-methods.xhtml.";
250 "RFC 1928: SOCKS Protocol Version 5";
254 "A choice amongst supported SOCKS Version 5
255 authentication mechanisms.";
257 if-feature "socks5-gss-api";
260 "Contains GSS-API configuration. Defines
261 as an empty container to enable specific
262 GSS-API configuration to be augmented in
265 "RFC 1928: SOCKS Protocol Version 5
266 RFC 2743: Generic Security Service
267 Application Program Interface
268 Version 2, Update 1";
271 case username-password {
272 if-feature "socks5-username-password";
273 container username-password {
278 "The 'username' value to use for client
281 uses ct:password-grouping {
283 "The password to be used for client
287 "Contains Username/Password configuration.";
289 "RFC 1929: Username/Password Authentication
296 "Parameters for connecting to a TCP-based proxy server
297 using the SOCKS5 protocol.";
299 "RFC 1928: SOCKS Protocol Version 5";
304 "Proxy server settings.";
307 uses tcpcmn:tcp-common-grouping {
308 augment "keepalives" {
309 if-feature "tcp-client-keepalives";
311 "Add an if-feature statement so that implementations
312 can choose to support TCP client keepalives.";