/* * Copyright (c) 2015 IBM Corporation. All rights reserved. * * This program and the accompanying materials are made available under the * terms of the Eclipse Public License v1.0 which accompanies this distribution, * and is available at http://www.eclipse.org/legal/epl-v10.html */ module neutron-vpnaas { yang-version 1; namespace "urn:opendaylight:neutron-vpnaas"; prefix neutron-vpnaas; import ietf-yang-types { prefix "yang"; } import neutron-attrs { prefix "attrs"; } organization "OpenDaylight Neutron Group"; contact "R. Moats "; description "This YANG module defines Openstack Neutron VPNaaS model"; revision "2015-07-12" { description "OpenDaylight Beryllium release"; } grouping vpnservice-attributes { leaf router-id { description "Contains the Router ID for the vpn service."; type yang:uuid; } leaf subnet-id { description "Contains the Subnet ID for the vpn service."; type yang:uuid; } } grouping ikepolicy-attributes { leaf auth-algorithm { type string; description "Authentication hash algorithm."; } leaf encryption-algorithm { description "Encryption algorithm"; type string; } leaf phase-negotiation-mode { description "IKE mode"; type string; } leaf pfs { description "Perfect Forward Secrecy"; type string; } leaf ike-version { description "IKE Version"; type string; } container lifetime { description "Security Association Lifetime"; leaf units { description "Units for lifetime of the security association"; type string; } leaf value { description "Lifetime value, as a positive integer"; type int32; } } } grouping ipsecpolicy-attributes { leaf transform-protocol { type string; description "Transform protocol."; } leaf encapsulation-mode { description "Encapsulation mode"; type string; } leaf auth-algorithm { type string; description "Authentication hash algorithm."; } leaf encryption-algorithm { description "Encryption algorithm"; type string; } leaf pfs { description "Perfect Forward Secrecy"; type string; } container lifetime { description "Security Association Lifetime"; leaf units { description "Units for lifetime of the security association"; type string; } leaf value { description "Lifetime value, as a positive integer"; type int32; } } } grouping ipsecconnection-attributes { leaf peer_address { type string; description "Peer gateway public IPv4/IPv6 address or FQDN"; } leaf peer_id { type string; description "Peer router identity for authentication"; } leaf-list peer_cidrs { type string; description "Unique list of valid peer private CIDRs in the form /"; } leaf route_mode { type string; description "Route mode"; } leaf mtu { type int16; description "Maximum Transmission Unit to address fragmentation"; } leaf auth_mode { type string; description "Authentication mode"; } leaf psk { type string; description "Pre Shared Key"; } leaf initiator { type string; description "Whether this VPN can only respond to connections, response-only, or can initiate as well, bi-directional(default)."; } leaf ikepolicy-id { description "Unique identifier of IKE policy."; type yang:uuid; } leaf ipsecpolicy-id { description "Unique identifier of IPSec policy."; type yang:uuid; } leaf vpnservice-id { description "Unique identifier of VPN service."; type yang:uuid; } container dpd { description "Dead Peer Detection protocol controls"; leaf action { description "DPD action"; type string; } leaf interval { description "DPD interval in seconds"; type int32; } leaf timeout { description "DPD timeout in seconds"; type int32; } } } grouping vpnservices-attributes { container vpn-services { list vpnservice { key "uuid"; uses attrs:base-attributes; uses attrs:admin-attributes; uses vpnservice-attributes; } } } grouping ikepolicies-attributes { container ike-policies { list ikepolicy { key "uuid"; uses attrs:base-attributes; uses ikepolicy-attributes; } } } grouping ipsecpolicies-attributes { container ipsec-policies { list ipsecpolicy { key "uuid"; uses attrs:base-attributes; uses ipsecpolicy-attributes; } } } grouping ipsecconnections-attributes { container ipsec-site-connections { list ipsecsiteconnection { key "uuid"; uses attrs:base-attributes; uses attrs:admin-attributes; uses ipsecconnection-attributes; } } } }