module ietf-netconf-monitoring {
namespace "urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring";
prefix "ncm";
import ietf-yang-types { prefix yang; }
import ietf-inet-types { prefix inet; }
organization
"IETF NETCONF (Network Configuration) Working Group";
contact
"WG Web:
WG List:
WG Chair: Mehmet Ersue
WG Chair: Bert Wijnen
Editor: Mark Scott
Editor: Martin Bjorklund
";
description
"NETCONF Monitoring Module.
All elements in this module are read-only.
Copyright (c) 2010 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject
to the license terms contained in, the Simplified BSD
License set forth in Section 4.c of the IETF Trust's
Legal Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC 6022; see
the RFC itself for full legal notices.";
revision 2010-10-04 {
description
"Initial revision.";
reference
"RFC 6022: YANG Module for NETCONF Monitoring";
}
typedef tls-fingerprint-type {
type string {
pattern '([0-9a-fA-F]){2}(:([0-9a-fA-F]){2})*';
}
description
"A cryptographic signature (fingerprint) value that can be used to
uniquely reference other data of potentially arbitrary length.";
}
typedef netconf-datastore-type {
type enumeration {
enum running;
enum candidate;
enum startup;
}
description
"Enumeration of possible NETCONF datastore types.";
reference
"RFC 4741: NETCONF Configuration Protocol";
}
container netconf-state {
config false;
description
"The netconf-state container is the root of the monitoring
data model.";
container datastores {
description
"Contains the list of NETCONF configuration datastores.";
list datastore {
key name;
description
"List of NETCONF configuration datastores supported by
the NETCONF server and related information.";
leaf name {
type netconf-datastore-type;
description
"Name of the datastore associated with this list entry.";
}
container locks {
presence
"This container is present only if the datastore
is locked.";
description
"The NETCONF and operations allow
a client to lock specific resources in a datastore. The
NETCONF server will prevent changes to the locked
resources by all sessions except the one that acquired
the lock(s).
Monitoring information is provided for each datastore
entry including details such as the session that acquired
the lock, the type of lock (global or partial) and the
list of locked resources. Multiple locks per datastore
are supported.";
choice lock-type {
description
"Indicates if a global lock or a set of partial locks
are set.";
case global-lock {
container global-lock {
description
"Present if the global lock is set.";
leaf locked-by-session {
type uint32;
mandatory true;
description
"The session ID of the session that has locked
this resource. Both a global lock and a partial
lock MUST contain the NETCONF session-id.
If the lock is held by a session that is not managed
by the NETCONF server (e.g., a CLI session), a session
id of 0 (zero) is reported.";
reference
"RFC 4741: NETCONF Configuration Protocol";
}
leaf locked-time {
type yang:date-and-time;
mandatory true;
description
"The date and time of when the resource was
locked.";
}
container capabilities {
description
"Contains the list of NETCONF capabilities supported by the
server.";
leaf-list capability {
type inet:uri;
description
"List of NETCONF capabilities supported by the server.";
}
}
}
}
case partial-lock {
list partial-lock {
key lock-id;
description
"List of partial locks.";
reference
"RFC 5717: Partial Lock Remote Procedure Call (RPC) for
NETCONF";
leaf lock-id {
type uint32;
description
"This is the lock id returned in the
response.";
}
leaf-list select {
type yang:xpath1.0;
min-elements 1;
description
"The xpath expression that was used to request
the lock. The select expression indicates the
original intended scope of the lock.";
}
leaf-list locked-node {
type string;
description
"The list of instance-identifiers (i.e., the
locked nodes). The scope of the partial lock is defined by the list
of locked nodes.";
}
}
}
case fingerprint {
choice algorithm-and-hash {
mandatory true;
case md5 {
leaf md5 {
type tls-fingerprint-type;
}
}
case sha1 {
leaf sha1 {
type tls-fingerprint-type;
}
}
case sha224 {
leaf sha224 {
type tls-fingerprint-type;
}
}
case sha256 {
leaf sha256 {
type tls-fingerprint-type;
}
}
case sha384 {
leaf sha384 {
type tls-fingerprint-type;
}
}
case sha512 {
leaf sha512 {
type tls-fingerprint-type;
}
}
description
"Specifies the signature algorithm and cryptographic
signature (fingerprint) used to identify an X.509
certificate.
Implementations of this YANG module MAY, but are not
required to, implement all of these cryptographic signature
algorithms. Implementations of this YANG module MUST
implement at least one of these cryptographic signature
algorithms.
The available choices may be extended in the future as
stronger cryptographic signature algorithms become
available and are deemed necessary.";
reference
"RFC 5246: The Transport Layer Security (TLS) Protocol
Version 1.2; Section 7.4.1.4.1, Signature Algorithms";
} // choice algorithm-and-hash
}
}
}
}
}
}
}