2 namespace "urn:huawei:params:xml:ns:yang:l3vpn";
3 // replace with IANA namespace when assigned
8 //draft-zhdankin-netmod-bgp-cfg
10 import ietf-interfaces {
12 //rfc7223-YANG Interface Management
15 import ietf-inet-types {
17 revision-date "2010-09-24";
21 import ietf-yang-types {
27 "This YANG module defines the generic configuration data for L3VPN service.
31 BGP (bgp): Border Gateway Protocol
32 IPv4 (ipv4):Internet Protocol Version 4
33 IPv6 (ipv6): Internet Protocol Version 6
40 reference "RFC4271, RFC4364, RFC4760";
43 grouping augment-bgp-af-vpn-config {
45 "A set of configuration parameters that is applicable to both BGP-VPNv4
46 and BGP-VPNv6 address family.";
48 leaf apply-label-per-nexthop {
50 "The apply-label per-nexthop command enables the ASBR to allocate
51 labels for IPv4 VPN routes or IPv6 VPN routes based on the next hop.";
62 "Specify peer as UPE.";
72 grouping bgp-af-vpn-instance-config {
76 "The router-id command configures router ID for BGP VPN instance IPv4
77 or IPv6 address family.
78 By default, no router ID is configured for BGP VPN instance IPv4 or
79 IPv6 address family, and the BGP router ID is used as the router ID.";
89 "Specifies the router ID of a BGP VPN instance IPv4 address
90 family. The router ID is expressed in the IPv4 address format.
98 leaf enable-auto-select {
100 "Configures automatic route ID selection for the current BGP VPN
101 instance address family.";
113 "The auto-frr command enables BGP Auto FRR.";
123 max-elements "unbounded";
126 "BGP Peer configure class";
130 "The nerighbor address";
132 type inet:ip-address;
137 description "peerGroupName";
144 description "Specifies the AS number of the peer.";
154 "specifies the description. The description is a string of letters
155 or figures. The value ranges from 1 to 80 characters without
166 "The peer soo command configures the Site of Origin (SoO)
167 attribute for an EBGP peer in a BGP VPN instance. Format is ASN:nn
176 leaf substituteAsEnable {
178 "Using the peer substitute-as command, you can substitute the AS
179 number of the specified peer in the as-path with the local AS
192 grouping vpn-af-config {
194 "A set of configuration parameters that is applicable to both IPv4 and
195 IPv6 address family for a VPN instance .";
197 leaf route-distinguisher {
199 "The route-distinguisher command configures a route distinguisher (RD)
200 for the IPv4 or IPv6 address family of a VPN instance.
202 Format is ASN:nn or IP-address:nn.";
210 container vpnTargets {
212 "The vpn-target command configures the export or import VPN target
213 extended community attribute for the VPN instance IPv4/IPv6 address
215 Format is ASN:nn or IP-address:nn.";
219 max-elements "unbounded";
222 "L3vpn vpntarget configure class";
227 "Vpn-target: adds VPN target extended community attribute to the
228 export or import VPN target extended community list. The
229 vpn-target can be expressed in either of the following formats:
230 (1)16-bit AS number:32-bit user-defined number
231 For example, 1:3. The AS number ranges from 0 to 65535. The
232 user-defined number ranges from 0 to 4294967295. The AS number
233 and the user-defined number cannot be 0s at the same time.
234 That is, a VPN target cannot be 0:0.
235 (2)32-bit IP address:16-bit user-defined number
236 For example, 192.168.122.15:1. The IP address ranges from
237 0.0.0.0 to 255.255.255.255. The user-defined number ranges from
239 (3)32-bit IP address:16-bit user-defined number
240 For example, 192.168.122.15:1. An IP address ranges from
241 0.0.0.0 to 255.255.255.255. A user-defined number ranges from 0
253 "Specifies the vpn target type, export-extcommunity:
254 specifies the extended community attributes carried in routing
255 information to be sent. import-extcommunity: receives routing
256 information carrying specified extended community attributes.";
260 enum export_extcommunity {
262 description "export-extcommunity:";
264 enum import_extcommunity {
266 description "import-extcommunity:";
270 description "export-extcommunity & import-extcommunity:";
277 container apply-label {
279 "Apply one label mode for the VPN instance route.";
281 choice apply-label-mode {
284 "The apply-label per-route command enables the one-label-per-route
285 mode. The VPN instance IPv4/IPv6 address family assigns a unique
286 label to each route to be sent to the peer PE.";
288 leaf apply-label-per-route {
295 "The apply-label per-instance command applies one label to all VPN
296 instance IPv4 address family or IPv6 address family routes to a
299 leaf apply-label-per-instance {
305 }//End of "container apply-label"
307 leaf import-route-policy {
309 "The import route-policy command associates a VPN instance enabled
310 with the IPv4 or IPv6 address family with an import routing policy.
311 Only one import routing policy can be associated with a VPN instance
312 enabled with the IPv4 or IPv6 address family. If the import
313 route-policy command is run more than once, the latest configuration
314 overrides the previous ones.";
322 leaf export-route-policy {
324 "The export route-policy command associates a VPN instance enabled
325 with the IPv4 or IPv6 address family with an export routing policy.
326 Only one export routing policy can be associated with a VPN instance
327 enabled with the IPv4 or IPv6 address family. If the export
328 route-policy command is run more than once, the latest configuration
329 overrides the previous ones.";
338 container prefix-limit {
340 "The prefix limit command sets a limit on the maximum number of
341 prefixes supported in the existing VPN instance, preventing the
342 PE from importing excessive VPN route prefixes.";
344 leaf prefix-limit-number {
346 "Specifies the maximum number of prefixes supported in the VPN
349 instance IPv4 or IPv6 address family.";
352 range "1..4294967295";
356 choice prefix-limit-action {
357 case enable-alert-percent {
358 leaf alert-percent-value {
360 "Specifies the proportion of the alarm threshold to the maximum
361 number of prefixes.";
366 leaf route-unchanged {
368 "Indicates that the routing table remains unchanged. By default,
369 route-unchanged is not configured. When the number of prefixes
370 in the routing table is greater than the value of the parameter
371 number, routes are processed as follows:
372 (1)If route-unchanged is configured, routes in the routing table
374 (2)If route-unchanged is not configured, all routes in the
375 routing table are deleted and then re-added.";
382 case enable-simple-alert {
385 "Indicates that when the number of VPN route prefixes exceeds
386 number, prefixes can still join the VPN routing table and
387 alarms are displayed.";
399 container routing-table-limit {
401 "The routing-table limit command sets a limit on the maximum number of
402 routes that the IPv4 or IPv6 address family of a VPN instance can
404 By default, there is no limit on the maximum number of routes that the
405 IPv4 or IPv6 address family of a VPN instance can support, but the
406 total number of private network and public network routes on a device
407 cannot exceed the allowed maximum number of unicast routes.";
409 leaf routing-table-limit-number {
411 "Specifies the maximum number of routes supported by a VPN instance.
416 range "1..4294967295";
419 choice routing-table-limit-action {
420 case enable-alert-percent {
421 leaf alert-percent-value {
423 "Specifies the percentage of the maximum number of routes. When
424 the maximum number of routes that join the VPN instance is up
425 to the value (number*alert-percent)/100, the system prompts
426 alarms. The VPN routes can be still added to the routing table,
427 but after the number of routes reaches number, the subsequent
428 routes are dropped.";
436 case enable-simple-alert {
439 "Indicates that when VPN routes exceed number, routes can still
440 be added into the routing table, but the system prompts alarms.
441 However, after the total number of VPN routes and network public
442 routes reaches the unicast route limit specified in the License,
443 the subsequent VPN routes are dropped.";
455 "Enable VPN FRR in the VPN instance address family view.
456 If a PE is connected to two other PEs, running the vpn frr command in
457 the VPN instance address family view of the PE enables VPN FRR and
458 improves network reliability. After VPN FRR is configured, traffic can
459 switch to the secondary LSP immediately after the primary LSP becomes
470 container l3vpnVrfPipe {
472 "The diffserv-mode command configures the mode of the MPLS
473 differentiated service (Diff-Serv) for ensuring end-to-end QoS.";
483 "pipe: Indicates that the Pipe MPLS Diff-Serv mode is adopted.";
488 "shortPipe: Indicates that the Short-pipe MPLS Diff-Serv mode
494 "uniform: Indicates that the Uniform MPLS Diff-Serv mode is
504 "Service Class, Specifies the service type when the packet enters the
505 public network from the private network. The values are cs7, cs6, ef,
506 af4, af3, af2, af1, be.";
548 "Specifies a color for marking the discard priority of a packet
549 transferred from a private network to a public network. The values
550 are green, yellow, and red.";
555 description "green:";
559 description "yellow:";
571 "Specifies the DS domain name of the specified Per-Hop Behavior (PHB)
572 applied to the egress in Short pipe mode. It is a string of 1 to 31
580 container l3vpnTtlMode {
582 "The ttl-mode command enables MPLS to process the TTL in a specified
583 mode. By default, MPLS processes the TTL in pipe mode.";
586 description "TTL mode";
592 "pipe: Enables MPLS to process the TTL in pipe mode.";
599 "uniform: Enables MPLS to process the TTL in uniform mode.";
607 "The tnl-policy command associates the IPv4 or IPv6 address family of
608 a VPN instance with a tunnel policy.";
615 container importRibs {
617 "Import route class";
621 "Specifies the protocol from which routes are imported.
622 At present, In the IPv4 unicast address family view, the protocol
623 can be IS-IS,static, direct and BGP.";
632 description "Direct:";
646 description "Static:";
658 description "OSPFV3:";
662 description "RIPNG:";
666 description "INVALID:";
673 "Specifies the process ID if the protocol from routes are imported is
678 range "0..4294967295";
682 leaf bgp-valid-route {
688 "Policy Id for import routes";
696 leaf traffic-statistics {
698 "The traffic-statistics enable command enables traffic statistics
699 for a VPN instance.";
711 container vpn-instances {
713 "VPN instances configuration parameters.
714 VPN instances support both the IPv4 and IPv6 address families.";
717 max-elements "unbounded";
719 key "vpn-instance-name";
721 "Specifies the name of the VPN instance. It is a string of 1 to 31
722 case-sensitive characters.";
724 leaf vpn-instance-name {
728 "The name of the vpn-instance.";
733 "A textual description of VPN instance, the VPN instance description
734 helps users memorize the VPN instance.";
745 container ipv4-family {
747 "The IPv4 address family is enabled for the VPN instance.";
752 container ipv6-family {
754 "The IPv6 address family is enabled for the VPN instance.";
766 * Binding Interfaces to a VPN Instance.
769 container vpn-interfaces {
771 "VPN is enabled on interfaces.";
775 max-elements "unbounded";
779 path "/if:interfaces/if:interface/if:name";
782 leaf vpn-instance-name {
792 "Display the information of the vrf.
795 It is intended that this container may be augmented by vendors to
796 reflect the vendor-specific operational state parameters.";
800 "CreateTime of the vrf.";
807 "UpTime period of the vrf.";
828 description "vrf up.";
832 description "vrf down.";
840 * augment some bgp vpn functions in bgp module.
842 augment "/bgp:bgp-router/bgp:vpnv4/bgp:unicast" {
844 uses augment-bgp-af-vpn-config;
848 augment "/bgp:bgp-router/bgp:vpnv6/bgp:unicast" {
849 uses augment-bgp-af-vpn-config;
853 augment "/bgp:bgp-router" {
855 container bgp-af-ipv4-vpn-instances {
857 "vpn-instances ipv4 address family.";
858 list bgp-af-ipv4-vpn-instance {
859 key "vpn-instance-name";
860 max-elements "unbounded";
862 leaf vpn-instance-name {
865 uses bgp-af-vpn-instance-config;
869 container bgp-af-ipv6-vpn-instances {
871 "vpn-instances ipv6 address family.";
872 list bgp-af-ipv6-vpn-instance {
873 key "vpn-instance-name";
874 max-elements "unbounded";
876 leaf vpn-instance-name {
879 uses bgp-af-vpn-instance-config;