2 namespace "urn:huawei:params:xml:ns:yang:l3vpn";
3 // replace with IANA namespace when assigned
8 //draft-zhdankin-netmod-bgp-cfg
10 import ietf-interfaces {
12 //rfc7223-YANG Interface Management
15 import ietf-inet-types {
17 revision-date "2013-07-15";
21 import ietf-yang-types {
28 revision-date "2015-06-02";
32 "This YANG module defines the generic configuration data for L3VPN service.
36 BGP (bgp): Border Gateway Protocol
37 IPv4 (ipv4):Internet Protocol Version 4
38 IPv6 (ipv6): Internet Protocol Version 6
45 reference "RFC4271, RFC4364, RFC4760";
48 grouping augment-bgp-af-vpn-config {
50 "A set of configuration parameters that is applicable to both BGP-VPNv4
51 and BGP-VPNv6 address family.";
53 leaf apply-label-per-nexthop {
55 "The apply-label per-nexthop command enables the ASBR to allocate
56 labels for IPv4 VPN routes or IPv6 VPN routes based on the next hop.";
67 "Specify peer as UPE.";
77 grouping bgp-af-vpn-instance-config {
81 "The router-id command configures router ID for BGP VPN instance IPv4
82 or IPv6 address family.
83 By default, no router ID is configured for BGP VPN instance IPv4 or
84 IPv6 address family, and the BGP router ID is used as the router ID.";
94 "Specifies the router ID of a BGP VPN instance IPv4 address
95 family. The router ID is expressed in the IPv4 address format.
103 leaf enable-auto-select {
105 "Configures automatic route ID selection for the current BGP VPN
106 instance address family.";
118 "The auto-frr command enables BGP Auto FRR.";
128 max-elements "unbounded";
131 "BGP Peer configure class";
135 "The nerighbor address";
137 type inet:ip-address;
142 description "peerGroupName";
149 description "Specifies the AS number of the peer.";
159 "specifies the description. The description is a string of letters
160 or figures. The value ranges from 1 to 80 characters without
171 "The peer soo command configures the Site of Origin (SoO)
172 attribute for an EBGP peer in a BGP VPN instance. Format is ASN:nn
181 leaf substituteAsEnable {
183 "Using the peer substitute-as command, you can substitute the AS
184 number of the specified peer in the as-path with the local AS
197 grouping vpn-af-config {
199 "A set of configuration parameters that is applicable to both IPv4 and
200 IPv6 address family for a VPN instance .";
202 leaf-list route-distinguisher {
204 "The route-distinguisher command configures a route distinguisher (RD)
205 for the IPv4 or IPv6 address family of a VPN instance.
207 Format is ASN:nn or IP-address:nn.";
215 container vpnTargets {
217 "The vpn-target command configures the export or import VPN target
218 extended community attribute for the VPN instance IPv4/IPv6 address
220 Format is ASN:nn or IP-address:nn.";
224 max-elements "unbounded";
227 "L3vpn vpntarget configure class";
232 "Vpn-target: adds VPN target extended community attribute to the
233 export or import VPN target extended community list. The
234 vpn-target can be expressed in either of the following formats:
235 (1)16-bit AS number:32-bit user-defined number
236 For example, 1:3. The AS number ranges from 0 to 65535. The
237 user-defined number ranges from 0 to 4294967295. The AS number
238 and the user-defined number cannot be 0s at the same time.
239 That is, a VPN target cannot be 0:0.
240 (2)32-bit IP address:16-bit user-defined number
241 For example, 192.168.122.15:1. The IP address ranges from
242 0.0.0.0 to 255.255.255.255. The user-defined number ranges from
244 (3)32-bit IP address:16-bit user-defined number
245 For example, 192.168.122.15:1. An IP address ranges from
246 0.0.0.0 to 255.255.255.255. A user-defined number ranges from 0
258 "Specifies the vpn target type, export-extcommunity:
259 specifies the extended community attributes carried in routing
260 information to be sent. import-extcommunity: receives routing
261 information carrying specified extended community attributes.";
265 enum export_extcommunity {
267 description "export-extcommunity:";
269 enum import_extcommunity {
271 description "import-extcommunity:";
275 description "export-extcommunity & import-extcommunity:";
282 container apply-label {
284 "Apply one label mode for the VPN instance route.";
286 choice apply-label-mode {
289 "The apply-label per-route command enables the one-label-per-route
290 mode. The VPN instance IPv4/IPv6 address family assigns a unique
291 label to each route to be sent to the peer PE.";
293 leaf apply-label-per-route {
300 "The apply-label per-instance command applies one label to all VPN
301 instance IPv4 address family or IPv6 address family routes to a
304 leaf apply-label-per-instance {
310 }//End of "container apply-label"
312 leaf import-route-policy {
314 "The import route-policy command associates a VPN instance enabled
315 with the IPv4 or IPv6 address family with an import routing policy.
316 Only one import routing policy can be associated with a VPN instance
317 enabled with the IPv4 or IPv6 address family. If the import
318 route-policy command is run more than once, the latest configuration
319 overrides the previous ones.";
327 leaf export-route-policy {
329 "The export route-policy command associates a VPN instance enabled
330 with the IPv4 or IPv6 address family with an export routing policy.
331 Only one export routing policy can be associated with a VPN instance
332 enabled with the IPv4 or IPv6 address family. If the export
333 route-policy command is run more than once, the latest configuration
334 overrides the previous ones.";
343 container prefix-limit {
345 "The prefix limit command sets a limit on the maximum number of
346 prefixes supported in the existing VPN instance, preventing the
347 PE from importing excessive VPN route prefixes.";
349 leaf prefix-limit-number {
351 "Specifies the maximum number of prefixes supported in the VPN
354 instance IPv4 or IPv6 address family.";
357 range "1..4294967295";
361 choice prefix-limit-action {
362 case enable-alert-percent {
363 leaf alert-percent-value {
365 "Specifies the proportion of the alarm threshold to the maximum
366 number of prefixes.";
371 leaf route-unchanged {
373 "Indicates that the routing table remains unchanged. By default,
374 route-unchanged is not configured. When the number of prefixes
375 in the routing table is greater than the value of the parameter
376 number, routes are processed as follows:
377 (1)If route-unchanged is configured, routes in the routing table
379 (2)If route-unchanged is not configured, all routes in the
380 routing table are deleted and then re-added.";
387 case enable-simple-alert {
390 "Indicates that when the number of VPN route prefixes exceeds
391 number, prefixes can still join the VPN routing table and
392 alarms are displayed.";
404 container routing-table-limit {
406 "The routing-table limit command sets a limit on the maximum number of
407 routes that the IPv4 or IPv6 address family of a VPN instance can
409 By default, there is no limit on the maximum number of routes that the
410 IPv4 or IPv6 address family of a VPN instance can support, but the
411 total number of private network and public network routes on a device
412 cannot exceed the allowed maximum number of unicast routes.";
414 leaf routing-table-limit-number {
416 "Specifies the maximum number of routes supported by a VPN instance.
421 range "1..4294967295";
424 choice routing-table-limit-action {
425 case enable-alert-percent {
426 leaf alert-percent-value {
428 "Specifies the percentage of the maximum number of routes. When
429 the maximum number of routes that join the VPN instance is up
430 to the value (number*alert-percent)/100, the system prompts
431 alarms. The VPN routes can be still added to the routing table,
432 but after the number of routes reaches number, the subsequent
433 routes are dropped.";
441 case enable-simple-alert {
444 "Indicates that when VPN routes exceed number, routes can still
445 be added into the routing table, but the system prompts alarms.
446 However, after the total number of VPN routes and network public
447 routes reaches the unicast route limit specified in the License,
448 the subsequent VPN routes are dropped.";
460 "Enable VPN FRR in the VPN instance address family view.
461 If a PE is connected to two other PEs, running the vpn frr command in
462 the VPN instance address family view of the PE enables VPN FRR and
463 improves network reliability. After VPN FRR is configured, traffic can
464 switch to the secondary LSP immediately after the primary LSP becomes
475 container l3vpnVrfPipe {
477 "The diffserv-mode command configures the mode of the MPLS
478 differentiated service (Diff-Serv) for ensuring end-to-end QoS.";
488 "pipe: Indicates that the Pipe MPLS Diff-Serv mode is adopted.";
493 "shortPipe: Indicates that the Short-pipe MPLS Diff-Serv mode
499 "uniform: Indicates that the Uniform MPLS Diff-Serv mode is
509 "Service Class, Specifies the service type when the packet enters the
510 public network from the private network. The values are cs7, cs6, ef,
511 af4, af3, af2, af1, be.";
553 "Specifies a color for marking the discard priority of a packet
554 transferred from a private network to a public network. The values
555 are green, yellow, and red.";
560 description "green:";
564 description "yellow:";
576 "Specifies the DS domain name of the specified Per-Hop Behavior (PHB)
577 applied to the egress in Short pipe mode. It is a string of 1 to 31
585 container l3vpnTtlMode {
587 "The ttl-mode command enables MPLS to process the TTL in a specified
588 mode. By default, MPLS processes the TTL in pipe mode.";
591 description "TTL mode";
597 "pipe: Enables MPLS to process the TTL in pipe mode.";
604 "uniform: Enables MPLS to process the TTL in uniform mode.";
612 "The tnl-policy command associates the IPv4 or IPv6 address family of
613 a VPN instance with a tunnel policy.";
620 container importRibs {
622 "Import route class";
626 "Specifies the protocol from which routes are imported.
627 At present, In the IPv4 unicast address family view, the protocol
628 can be IS-IS,static, direct and BGP.";
637 description "Direct:";
651 description "Static:";
663 description "OSPFV3:";
667 description "RIPNG:";
671 description "INVALID:";
678 "Specifies the process ID if the protocol from routes are imported is
683 range "0..4294967295";
687 leaf bgp-valid-route {
693 "Policy Id for import routes";
701 leaf traffic-statistics {
703 "The traffic-statistics enable command enables traffic statistics
704 for a VPN instance.";
716 container vpn-instances {
718 "VPN instances configuration parameters.
719 VPN instances support both the IPv4 and IPv6 address families.";
722 max-elements "unbounded";
724 key "vpn-instance-name";
726 "Specifies the name of the VPN instance. It is a string of 1 to 31
727 case-sensitive characters.";
729 leaf vpn-instance-name {
733 "The name of the vpn-instance.";
737 "The type of the VPN Instance.
738 L3 indicates it is an L3VPN.
739 L2 indicates it is an EVPN";
761 "A textual description of VPN instance, the VPN instance description
762 helps users memorize the VPN instance.";
773 container ipv4-family {
775 "The IPv4 address family is enabled for the VPN instance.";
780 container ipv6-family {
782 "The IPv6 address family is enabled for the VPN instance.";
794 * Binding Interfaces to a VPN Instance.
797 container vpn-interfaces {
799 "VPN is enabled on interfaces.";
803 max-elements "unbounded";
807 path "/if:interfaces/if:interface/if:name";
810 list vpn-instance-names {
817 leaf associated-subnet-type {
821 description "V4 Router Internal VPN";
825 description "V6 Router Internal VPN";
829 description "BGPVPN Internet";
831 enum V4AndV6Subnets {
833 description "BGPVPN dual stack or V6/V4 Router or undefined";
841 leaf router-interface {
844 uses nvpn:network-attributes;
850 "Display the information of the vrf.
853 It is intended that this container may be augmented by vendors to
854 reflect the vendor-specific operational state parameters.";
858 "CreateTime of the vrf.";
865 "UpTime period of the vrf.";
886 description "vrf up.";
890 description "vrf down.";
898 * augment some bgp vpn functions in bgp module.
900 augment "/bgp:bgp-router/bgp:vpnv4/bgp:unicast" {
902 uses augment-bgp-af-vpn-config;
906 augment "/bgp:bgp-router/bgp:vpnv6/bgp:unicast" {
907 uses augment-bgp-af-vpn-config;
911 augment "/bgp:bgp-router" {
913 container bgp-af-ipv4-vpn-instances {
915 "vpn-instances ipv4 address family.";
916 list bgp-af-ipv4-vpn-instance {
917 key "vpn-instance-name";
918 max-elements "unbounded";
920 leaf vpn-instance-name {
923 uses bgp-af-vpn-instance-config;
927 container bgp-af-ipv6-vpn-instances {
929 "vpn-instances ipv6 address family.";
930 list bgp-af-ipv6-vpn-instance {
931 key "vpn-instance-name";
932 max-elements "unbounded";
934 leaf vpn-instance-name {
937 uses bgp-af-vpn-instance-config;