+++ /dev/null
-module l3vpn {
- namespace "urn:huawei:params:xml:ns:yang:l3vpn";
-// replace with IANA namespace when assigned
- prefix "l3vpn";
-
- import bgp {
- prefix bgp;
- //draft-zhdankin-netmod-bgp-cfg
- }
- import ietf-interfaces {
- prefix if;
- //rfc7223-YANG Interface Management
- }
-
- import ietf-inet-types {
- prefix inet;
- //RFC6991
- }
-
- import ietf-yang-types {
- prefix yang;
- //RFC6991
- }
-
- description
- "This YANG module defines the generic configuration data for L3VPN service.
-
- Terms and Acronyms
-
- BGP (bgp): Border Gateway Protocol
- IPv4 (ipv4):Internet Protocol Version 4
- IPv6 (ipv6): Internet Protocol Version 6
-
- ";
-
- revision 2014-08-15 {
- description
- "Initial revision.";
- reference "RFC4271, RFC4364, RFC4760";
- }
-
- grouping augment-bgp-af-vpn-config {
- description
- "A set of configuration parameters that is applicable to both BGP-VPNv4
- and BGP-VPNv6 address family.";
-
- leaf apply-label-per-nexthop {
- description
- "The apply-label per-nexthop command enables the ASBR to allocate
- labels for IPv4 VPN routes or IPv6 VPN routes based on the next hop.";
-
-
-
- config "true";
- type boolean;
- default "false";
- }
-
- leaf upeEnable {
- description
- "Specify peer as UPE.";
-
- config "true";
- type boolean;
- default "false";
- }
-
- }
-
-
- grouping bgp-af-vpn-instance-config {
-
- container router-id {
- description
- "The router-id command configures router ID for BGP VPN instance IPv4
- or IPv6 address family.
- By default, no router ID is configured for BGP VPN instance IPv4 or
- IPv6 address family, and the BGP router ID is used as the router ID.";
-
- leaf enable {
- type boolean;
- }
-
- choice config-type {
- case static {
- leaf ip-address {
- description
- "Specifies the router ID of a BGP VPN instance IPv4 address
- family. The router ID is expressed in the IPv4 address format.
- ";
-
- config "true";
- type inet:ip-address;
- }
- }
- case auto-select {
- leaf enable-auto-select {
- description
- "Configures automatic route ID selection for the current BGP VPN
- instance address family.";
-
-
- config "true";
- type boolean;
- }
- }
- }
- }
-
- leaf auto-frr {
- description
- "The auto-frr command enables BGP Auto FRR.";
-
- config "true";
- type boolean;
- default "false";
- }
-
- container bgpPeers {
- list bgpPeer {
- key "peerAddr";
- max-elements "unbounded";
- min-elements "0";
- description
- "BGP Peer configure class";
-
- leaf peerAddr {
- description
- "The nerighbor address";
- config "true";
- type inet:ip-address;
- mandatory true;
- }
-
- leaf groupName {
- description "peerGroupName";
- config "true";
- type string {
- length "1..47";
- }
- }
- leaf remoteAs {
- description "Specifies the AS number of the peer.";
- config "true";
- type string {
- length "1..11";
- }
- }
-
- leaf description {
-
- description
- "specifies the description. The description is a string of letters
- or figures. The value ranges from 1 to 80 characters without
- spaces.";
- config "true";
- type string {
- length "1..80";
- pattern "([^?]*)";
- }
- }
-
- leaf soo {
- description
- "The peer soo command configures the Site of Origin (SoO)
- attribute for an EBGP peer in a BGP VPN instance. Format is ASN:nn
- or IP-address:nn.";
-
- config "true";
- type string {
- length "3..21";
- }
- }
-
- leaf substituteAsEnable {
- description
- "Using the peer substitute-as command, you can substitute the AS
- number of the specified peer in the as-path with the local AS
- number.";
-
- config "true";
- type boolean;
- default "false";
- }
-
- }
- }
-
- }
-
- grouping vpn-af-config {
- description
- "A set of configuration parameters that is applicable to both IPv4 and
- IPv6 address family for a VPN instance .";
-
- leaf route-distinguisher {
- description
- "The route-distinguisher command configures a route distinguisher (RD)
- for the IPv4 or IPv6 address family of a VPN instance.
-
- Format is ASN:nn or IP-address:nn.";
-
- config "true";
- type string {
- length "3..21";
- }
- }
-
- container vpnTargets {
- description
- "The vpn-target command configures the export or import VPN target
- extended community attribute for the VPN instance IPv4/IPv6 address
- family.
- Format is ASN:nn or IP-address:nn.";
-
- list vpnTarget {
- key "vrfRTValue";
- max-elements "unbounded";
- min-elements "0";
- description
- "L3vpn vpntarget configure class";
-
- leaf vrfRTValue {
-
- description
- "Vpn-target: adds VPN target extended community attribute to the
- export or import VPN target extended community list. The
- vpn-target can be expressed in either of the following formats:
- (1)16-bit AS number:32-bit user-defined number
- For example, 1:3. The AS number ranges from 0 to 65535. The
- user-defined number ranges from 0 to 4294967295. The AS number
- and the user-defined number cannot be 0s at the same time.
- That is, a VPN target cannot be 0:0.
- (2)32-bit IP address:16-bit user-defined number
- For example, 192.168.122.15:1. The IP address ranges from
- 0.0.0.0 to 255.255.255.255. The user-defined number ranges from
- 0 to 65535.
- (3)32-bit IP address:16-bit user-defined number
- For example, 192.168.122.15:1. An IP address ranges from
- 0.0.0.0 to 255.255.255.255. A user-defined number ranges from 0
- to 65535.";
-
- config "true";
- mandatory "true";
- type string {
- length "3..21";
- }
- }
-
- leaf vrfRTType {
- description
- "Specifies the vpn target type, export-extcommunity:
- specifies the extended community attributes carried in routing
- information to be sent. import-extcommunity: receives routing
- information carrying specified extended community attributes.";
-
- mandatory "true";
- type enumeration {
- enum export_extcommunity {
- value "0";
- description "export-extcommunity:";
- }
- enum import_extcommunity {
- value "1";
- description "import-extcommunity:";
- }
- enum both {
- value "2";
- description "export-extcommunity & import-extcommunity:";
- }
- }
- }
- }
- }
-
- container apply-label {
- description
- "Apply one label mode for the VPN instance route.";
-
- choice apply-label-mode {
- case per-route {
- description
- "The apply-label per-route command enables the one-label-per-route
- mode. The VPN instance IPv4/IPv6 address family assigns a unique
- label to each route to be sent to the peer PE.";
-
- leaf apply-label-per-route {
- type boolean;
- default "true";
- }
- }
- case per-instance {
- description
- "The apply-label per-instance command applies one label to all VPN
- instance IPv4 address family or IPv6 address family routes to a
- peer PE.";
-
- leaf apply-label-per-instance {
- type boolean;
- default "false";
- }
- }
- }
- }//End of "container apply-label"
-
- leaf import-route-policy {
- description
- "The import route-policy command associates a VPN instance enabled
- with the IPv4 or IPv6 address family with an import routing policy.
- Only one import routing policy can be associated with a VPN instance
- enabled with the IPv4 or IPv6 address family. If the import
- route-policy command is run more than once, the latest configuration
- overrides the previous ones.";
-
- config "true";
- type string {
- length "1..40";
- }
- }
-
- leaf export-route-policy {
- description
- "The export route-policy command associates a VPN instance enabled
- with the IPv4 or IPv6 address family with an export routing policy.
- Only one export routing policy can be associated with a VPN instance
- enabled with the IPv4 or IPv6 address family. If the export
- route-policy command is run more than once, the latest configuration
- overrides the previous ones.";
-
- config "true";
- type string {
- length "1..40";
- }
- }
-
-
- container prefix-limit {
- description
- "The prefix limit command sets a limit on the maximum number of
- prefixes supported in the existing VPN instance, preventing the
- PE from importing excessive VPN route prefixes.";
-
- leaf prefix-limit-number {
- description
- "Specifies the maximum number of prefixes supported in the VPN
-
-
- instance IPv4 or IPv6 address family.";
-
- type uint32 {
- range "1..4294967295";
- }
- }
-
- choice prefix-limit-action {
- case enable-alert-percent {
- leaf alert-percent-value {
- description
- "Specifies the proportion of the alarm threshold to the maximum
- number of prefixes.";
- type uint8 {
- range "1..100";
- }
- }
- leaf route-unchanged {
- description
- "Indicates that the routing table remains unchanged. By default,
- route-unchanged is not configured. When the number of prefixes
- in the routing table is greater than the value of the parameter
- number, routes are processed as follows:
- (1)If route-unchanged is configured, routes in the routing table
- remain unchanged.
- (2)If route-unchanged is not configured, all routes in the
- routing table are deleted and then re-added.";
-
- config "true";
- type boolean;
- default "false";
- }
- }
- case enable-simple-alert {
- leaf simple-alert {
- description
- "Indicates that when the number of VPN route prefixes exceeds
- number, prefixes can still join the VPN routing table and
- alarms are displayed.";
-
- config "true";
- type boolean;
- default "false";
- }
- }
- }
- }
-
-
-
- container routing-table-limit {
- description
- "The routing-table limit command sets a limit on the maximum number of
- routes that the IPv4 or IPv6 address family of a VPN instance can
- support.
- By default, there is no limit on the maximum number of routes that the
- IPv4 or IPv6 address family of a VPN instance can support, but the
- total number of private network and public network routes on a device
- cannot exceed the allowed maximum number of unicast routes.";
-
- leaf routing-table-limit-number {
- description
- "Specifies the maximum number of routes supported by a VPN instance.
- ";
-
- config "true";
- type uint32 {
- range "1..4294967295";
- }
- }
- choice routing-table-limit-action {
- case enable-alert-percent {
- leaf alert-percent-value {
- description
- "Specifies the percentage of the maximum number of routes. When
- the maximum number of routes that join the VPN instance is up
- to the value (number*alert-percent)/100, the system prompts
- alarms. The VPN routes can be still added to the routing table,
- but after the number of routes reaches number, the subsequent
- routes are dropped.";
-
- config "true";
- type uint8 {
- range "1..100";
- }
- }
- }
- case enable-simple-alert {
- leaf simple-alert {
- description
- "Indicates that when VPN routes exceed number, routes can still
- be added into the routing table, but the system prompts alarms.
- However, after the total number of VPN routes and network public
- routes reaches the unicast route limit specified in the License,
- the subsequent VPN routes are dropped.";
-
- config "true";
- type boolean;
-
- }
- }
- }
- }
-
- leaf vpn-frr {
- description
- "Enable VPN FRR in the VPN instance address family view.
- If a PE is connected to two other PEs, running the vpn frr command in
- the VPN instance address family view of the PE enables VPN FRR and
- improves network reliability. After VPN FRR is configured, traffic can
- switch to the secondary LSP immediately after the primary LSP becomes
- faulty.";
-
- type boolean;
- default "false";
- }
-
-
- /*
- * VPN QoS.
- */
- container l3vpnVrfPipe {
- description
- "The diffserv-mode command configures the mode of the MPLS
- differentiated service (Diff-Serv) for ensuring end-to-end QoS.";
-
- leaf pipeMode {
- description
- "Pipe mode";
-
- type enumeration {
- enum pipe {
- value "0";
- description
- "pipe: Indicates that the Pipe MPLS Diff-Serv mode is adopted.";
- }
- enum shortPipe {
- value "1";
- description
- "shortPipe: Indicates that the Short-pipe MPLS Diff-Serv mode
- is adopted.";
- }
- enum uniform {
- value "2";
- description
- "uniform: Indicates that the Uniform MPLS Diff-Serv mode is
- adopted.";
- }
- }
- default "uniform";
-
- }
-
- leaf serviceClass {
- description
- "Service Class, Specifies the service type when the packet enters the
- public network from the private network. The values are cs7, cs6, ef,
- af4, af3, af2, af1, be.";
-
- type enumeration {
- enum be {
- value "0";
- description "be:";
- }
- enum af1 {
- value "1";
- description "af1:";
- }
- enum af2 {
- value "2";
- description "af2:";
- }
- enum af3 {
- value "3";
- description "af3:";
- }
- enum af4 {
- value "4";
- description "af4:";
- }
- enum ef {
- value "5";
- description "ef:";
- }
- enum cs6 {
- value "6";
- description "cs6:";
- }
- enum cs7 {
- value "7";
- description "cs7:";
- }
- }
- default "be";
- }
-
-
- leaf color {
- description
- "Specifies a color for marking the discard priority of a packet
- transferred from a private network to a public network. The values
- are green, yellow, and red.";
-
- type enumeration {
- enum green {
- value "0";
- description "green:";
- }
- enum yellow {
- value "1";
- description "yellow:";
- }
- enum red {
- value "2";
- description "red:";
- }
- }
- default "green";
- }
-
- leaf dsName {
- description
- "Specifies the DS domain name of the specified Per-Hop Behavior (PHB)
- applied to the egress in Short pipe mode. It is a string of 1 to 31
- characters.";
-
- type string;
- default "default";
- }
- }
-
- container l3vpnTtlMode {
- description
- "The ttl-mode command enables MPLS to process the TTL in a specified
- mode. By default, MPLS processes the TTL in pipe mode.";
-
- leaf ttlMode {
- description "TTL mode";
- default "pipe";
- type enumeration {
- enum pipe {
- value "0";
- description
- "pipe: Enables MPLS to process the TTL in pipe mode.";
- }
-
-
- enum uniform {
- value "1";
- description
- "uniform: Enables MPLS to process the TTL in uniform mode.";
- }
- }
- }
- }
-
- leaf tunnel-policy {
- description
- "The tnl-policy command associates the IPv4 or IPv6 address family of
- a VPN instance with a tunnel policy.";
-
- type string {
- length "1..39";
- }
- }
-
- container importRibs {
- description
- "Import route class";
-
- leaf protocol {
- description
- "Specifies the protocol from which routes are imported.
- At present, In the IPv4 unicast address family view, the protocol
- can be IS-IS,static, direct and BGP.";
-
- type enumeration {
- enum ALL {
- value "0";
- description "ALL:";
- }
- enum Direct {
- value "1";
- description "Direct:";
- }
- enum OSPF {
- value "2";
- description "OSPF:";
- }
- enum ISIS {
- value "3";
- description "ISIS:";
- }
- enum Static {
- value "4";
-
-
- description "Static:";
- }
- enum RIP {
- value "5";
- description "RIP:";
- }
- enum BGP {
- value "6";
- description "BGP:";
- }
- enum OSPFV3 {
- value "7";
- description "OSPFV3:";
- }
- enum RIPNG {
- value "8";
- description "RIPNG:";
- }
- enum INVALID {
- value "9";
- description "INVALID:";
- }
- }
- }
-
- leaf processId {
- description
- "Specifies the process ID if the protocol from routes are imported is
- IS-IS.";
-
- default "0";
- type uint32 {
- range "0..4294967295";
- }
- }
-
- leaf bgp-valid-route {
- type boolean;
- }
-
- leaf policyName {
- description
- "Policy Id for import routes";
- type string {
- }
- }
-
- }
-
-
- leaf traffic-statistics {
- description
- "The traffic-statistics enable command enables traffic statistics
- for a VPN instance.";
-
- type boolean;
- default "false";
- }
-
- }
-
-
- /*
- * VPN instance view.
- */
- container vpn-instances {
- description
- "VPN instances configuration parameters.
- VPN instances support both the IPv4 and IPv6 address families.";
-
- list vpn-instance {
- max-elements "unbounded";
- min-elements "0";
- key "vpn-instance-name";
- description
- "Specifies the name of the VPN instance. It is a string of 1 to 31
- case-sensitive characters.";
-
- leaf vpn-instance-name {
- mandatory "true";
- type string {
- length "1..31";
- }
- description
- "The name of the vpn-instance.";
- }
-
- leaf description {
- description
- "A textual description of VPN instance, the VPN instance description
- helps users memorize the VPN instance.";
-
- type string {
- length "1..242";
- pattern "([^?]*)";
- }
- }
-
-
-
-
- container ipv4-family {
- description
- "The IPv4 address family is enabled for the VPN instance.";
-
- uses vpn-af-config;
- }
-
- container ipv6-family {
- description
- "The IPv6 address family is enabled for the VPN instance.";
-
- uses vpn-af-config;
- }
-
-
- }
- }
-
-
-
- /*
- * Binding Interfaces to a VPN Instance.
- */
-
- container vpn-interfaces {
- description
- "VPN is enabled on interfaces.";
-
- list vpn-interface {
- key "name";
- max-elements "unbounded";
- min-elements "0";
- leaf name {
- type leafref {
- path "/if:interfaces/if:interface/if:name";
- }
- }
- leaf vpn-instance-name {
- type string {
- length "1..40";
- }
- }
- }
- }
-
- container vrfInfo {
- description
- "Display the information of the vrf.
-
-
- It is intended that this container may be augmented by vendors to
- reflect the vendor-specific operational state parameters.";
-
- leaf vrfCreateTime {
- description
- "CreateTime of the vrf.";
- config "false";
- type yang:timestamp;
- }
-
- leaf vrfUpTime {
- description
- "UpTime period of the vrf.";
- config "false";
- type yang:timeticks;
- }
-
- leaf label {
- description
- "Label of the vrf.";
- config "false";
- type uint32 {
- range "16..1048574";
- }
- }
-
- leaf vrfStatus {
- description
- "vrf status.";
- config "false";
- type enumeration {
- enum up {
- value "0";
- description "vrf up.";
- }
- enum down {
- value "1";
- description "vrf down.";
- }
- }
- }
- }
-
-
- /*
- * augment some bgp vpn functions in bgp module.
- */
- augment "/bgp:bgp-router/bgp:vpnv4/bgp:unicast" {
-
- uses augment-bgp-af-vpn-config;
-
- }
-
- augment "/bgp:bgp-router/bgp:vpnv6/bgp:unicast" {
- uses augment-bgp-af-vpn-config;
-
- }
-
- augment "/bgp:bgp-router" {
-
- container bgp-af-ipv4-vpn-instances {
- description
- "vpn-instances ipv4 address family.";
- list bgp-af-ipv4-vpn-instance {
- key "vpn-instance-name";
- max-elements "unbounded";
- min-elements "0";
- leaf vpn-instance-name {
- type string;
- }
- uses bgp-af-vpn-instance-config;
- }
- }
-
- container bgp-af-ipv6-vpn-instances {
- description
- "vpn-instances ipv6 address family.";
- list bgp-af-ipv6-vpn-instance {
- key "vpn-instance-name";
- max-elements "unbounded";
- min-elements "0";
- leaf vpn-instance-name {
- type string;
- }
- uses bgp-af-vpn-instance-config;
- }
- }
-
- }
-
-
-}
Code Review / vpnservice.git / blobdiff