module l3vpn { namespace "urn:huawei:params:xml:ns:yang:l3vpn"; // replace with IANA namespace when assigned prefix "l3vpn"; import bgp { prefix bgp; //draft-zhdankin-netmod-bgp-cfg } import ietf-interfaces { prefix if; //rfc7223-YANG Interface Management } import ietf-inet-types { prefix inet; revision-date "2013-07-15"; //RFC6991 } import ietf-yang-types { prefix yang; //RFC6991 } description "This YANG module defines the generic configuration data for L3VPN service. Terms and Acronyms BGP (bgp): Border Gateway Protocol IPv4 (ipv4):Internet Protocol Version 4 IPv6 (ipv6): Internet Protocol Version 6 "; revision 2014-08-15 { description "Initial revision."; reference "RFC4271, RFC4364, RFC4760"; } grouping augment-bgp-af-vpn-config { description "A set of configuration parameters that is applicable to both BGP-VPNv4 and BGP-VPNv6 address family."; leaf apply-label-per-nexthop { description "The apply-label per-nexthop command enables the ASBR to allocate labels for IPv4 VPN routes or IPv6 VPN routes based on the next hop."; config "true"; type boolean; default "false"; } leaf upeEnable { description "Specify peer as UPE."; config "true"; type boolean; default "false"; } } grouping bgp-af-vpn-instance-config { container router-id { description "The router-id command configures router ID for BGP VPN instance IPv4 or IPv6 address family. By default, no router ID is configured for BGP VPN instance IPv4 or IPv6 address family, and the BGP router ID is used as the router ID."; leaf enable { type boolean; } choice config-type { case static { leaf ip-address { description "Specifies the router ID of a BGP VPN instance IPv4 address family. The router ID is expressed in the IPv4 address format. "; config "true"; type inet:ip-address; } } case auto-select { leaf enable-auto-select { description "Configures automatic route ID selection for the current BGP VPN instance address family."; config "true"; type boolean; } } } } leaf auto-frr { description "The auto-frr command enables BGP Auto FRR."; config "true"; type boolean; default "false"; } container bgpPeers { list bgpPeer { key "peerAddr"; max-elements "unbounded"; min-elements "0"; description "BGP Peer configure class"; leaf peerAddr { description "The nerighbor address"; config "true"; type inet:ip-address; mandatory true; } leaf groupName { description "peerGroupName"; config "true"; type string { length "1..47"; } } leaf remoteAs { description "Specifies the AS number of the peer."; config "true"; type string { length "1..11"; } } leaf description { description "specifies the description. The description is a string of letters or figures. The value ranges from 1 to 80 characters without spaces."; config "true"; type string { length "1..80"; pattern "([^?]*)"; } } leaf soo { description "The peer soo command configures the Site of Origin (SoO) attribute for an EBGP peer in a BGP VPN instance. Format is ASN:nn or IP-address:nn."; config "true"; type string { length "3..21"; } } leaf substituteAsEnable { description "Using the peer substitute-as command, you can substitute the AS number of the specified peer in the as-path with the local AS number."; config "true"; type boolean; default "false"; } } } } grouping vpn-af-config { description "A set of configuration parameters that is applicable to both IPv4 and IPv6 address family for a VPN instance ."; leaf route-distinguisher { description "The route-distinguisher command configures a route distinguisher (RD) for the IPv4 or IPv6 address family of a VPN instance. Format is ASN:nn or IP-address:nn."; config "true"; type string { length "3..21"; } } container vpnTargets { description "The vpn-target command configures the export or import VPN target extended community attribute for the VPN instance IPv4/IPv6 address family. Format is ASN:nn or IP-address:nn."; list vpnTarget { key "vrfRTValue"; max-elements "unbounded"; min-elements "0"; description "L3vpn vpntarget configure class"; leaf vrfRTValue { description "Vpn-target: adds VPN target extended community attribute to the export or import VPN target extended community list. The vpn-target can be expressed in either of the following formats: (1)16-bit AS number:32-bit user-defined number For example, 1:3. The AS number ranges from 0 to 65535. The user-defined number ranges from 0 to 4294967295. The AS number and the user-defined number cannot be 0s at the same time. That is, a VPN target cannot be 0:0. (2)32-bit IP address:16-bit user-defined number For example, 192.168.122.15:1. The IP address ranges from 0.0.0.0 to 255.255.255.255. The user-defined number ranges from 0 to 65535. (3)32-bit IP address:16-bit user-defined number For example, 192.168.122.15:1. An IP address ranges from 0.0.0.0 to 255.255.255.255. A user-defined number ranges from 0 to 65535."; config "true"; mandatory "true"; type string { length "3..21"; } } leaf vrfRTType { description "Specifies the vpn target type, export-extcommunity: specifies the extended community attributes carried in routing information to be sent. import-extcommunity: receives routing information carrying specified extended community attributes."; mandatory "true"; type enumeration { enum export_extcommunity { value "0"; description "export-extcommunity:"; } enum import_extcommunity { value "1"; description "import-extcommunity:"; } enum both { value "2"; description "export-extcommunity & import-extcommunity:"; } } } } } container apply-label { description "Apply one label mode for the VPN instance route."; choice apply-label-mode { case per-route { description "The apply-label per-route command enables the one-label-per-route mode. The VPN instance IPv4/IPv6 address family assigns a unique label to each route to be sent to the peer PE."; leaf apply-label-per-route { type boolean; default "true"; } } case per-instance { description "The apply-label per-instance command applies one label to all VPN instance IPv4 address family or IPv6 address family routes to a peer PE."; leaf apply-label-per-instance { type boolean; default "false"; } } } }//End of "container apply-label" leaf import-route-policy { description "The import route-policy command associates a VPN instance enabled with the IPv4 or IPv6 address family with an import routing policy. Only one import routing policy can be associated with a VPN instance enabled with the IPv4 or IPv6 address family. If the import route-policy command is run more than once, the latest configuration overrides the previous ones."; config "true"; type string { length "1..40"; } } leaf export-route-policy { description "The export route-policy command associates a VPN instance enabled with the IPv4 or IPv6 address family with an export routing policy. Only one export routing policy can be associated with a VPN instance enabled with the IPv4 or IPv6 address family. If the export route-policy command is run more than once, the latest configuration overrides the previous ones."; config "true"; type string { length "1..40"; } } container prefix-limit { description "The prefix limit command sets a limit on the maximum number of prefixes supported in the existing VPN instance, preventing the PE from importing excessive VPN route prefixes."; leaf prefix-limit-number { description "Specifies the maximum number of prefixes supported in the VPN instance IPv4 or IPv6 address family."; type uint32 { range "1..4294967295"; } } choice prefix-limit-action { case enable-alert-percent { leaf alert-percent-value { description "Specifies the proportion of the alarm threshold to the maximum number of prefixes."; type uint8 { range "1..100"; } } leaf route-unchanged { description "Indicates that the routing table remains unchanged. By default, route-unchanged is not configured. When the number of prefixes in the routing table is greater than the value of the parameter number, routes are processed as follows: (1)If route-unchanged is configured, routes in the routing table remain unchanged. (2)If route-unchanged is not configured, all routes in the routing table are deleted and then re-added."; config "true"; type boolean; default "false"; } } case enable-simple-alert { leaf simple-alert { description "Indicates that when the number of VPN route prefixes exceeds number, prefixes can still join the VPN routing table and alarms are displayed."; config "true"; type boolean; default "false"; } } } } container routing-table-limit { description "The routing-table limit command sets a limit on the maximum number of routes that the IPv4 or IPv6 address family of a VPN instance can support. By default, there is no limit on the maximum number of routes that the IPv4 or IPv6 address family of a VPN instance can support, but the total number of private network and public network routes on a device cannot exceed the allowed maximum number of unicast routes."; leaf routing-table-limit-number { description "Specifies the maximum number of routes supported by a VPN instance. "; config "true"; type uint32 { range "1..4294967295"; } } choice routing-table-limit-action { case enable-alert-percent { leaf alert-percent-value { description "Specifies the percentage of the maximum number of routes. When the maximum number of routes that join the VPN instance is up to the value (number*alert-percent)/100, the system prompts alarms. The VPN routes can be still added to the routing table, but after the number of routes reaches number, the subsequent routes are dropped."; config "true"; type uint8 { range "1..100"; } } } case enable-simple-alert { leaf simple-alert { description "Indicates that when VPN routes exceed number, routes can still be added into the routing table, but the system prompts alarms. However, after the total number of VPN routes and network public routes reaches the unicast route limit specified in the License, the subsequent VPN routes are dropped."; config "true"; type boolean; } } } } leaf vpn-frr { description "Enable VPN FRR in the VPN instance address family view. If a PE is connected to two other PEs, running the vpn frr command in the VPN instance address family view of the PE enables VPN FRR and improves network reliability. After VPN FRR is configured, traffic can switch to the secondary LSP immediately after the primary LSP becomes faulty."; type boolean; default "false"; } /* * VPN QoS. */ container l3vpnVrfPipe { description "The diffserv-mode command configures the mode of the MPLS differentiated service (Diff-Serv) for ensuring end-to-end QoS."; leaf pipeMode { description "Pipe mode"; type enumeration { enum pipe { value "0"; description "pipe: Indicates that the Pipe MPLS Diff-Serv mode is adopted."; } enum shortPipe { value "1"; description "shortPipe: Indicates that the Short-pipe MPLS Diff-Serv mode is adopted."; } enum uniform { value "2"; description "uniform: Indicates that the Uniform MPLS Diff-Serv mode is adopted."; } } default "uniform"; } leaf serviceClass { description "Service Class, Specifies the service type when the packet enters the public network from the private network. The values are cs7, cs6, ef, af4, af3, af2, af1, be."; type enumeration { enum be { value "0"; description "be:"; } enum af1 { value "1"; description "af1:"; } enum af2 { value "2"; description "af2:"; } enum af3 { value "3"; description "af3:"; } enum af4 { value "4"; description "af4:"; } enum ef { value "5"; description "ef:"; } enum cs6 { value "6"; description "cs6:"; } enum cs7 { value "7"; description "cs7:"; } } default "be"; } leaf color { description "Specifies a color for marking the discard priority of a packet transferred from a private network to a public network. The values are green, yellow, and red."; type enumeration { enum green { value "0"; description "green:"; } enum yellow { value "1"; description "yellow:"; } enum red { value "2"; description "red:"; } } default "green"; } leaf dsName { description "Specifies the DS domain name of the specified Per-Hop Behavior (PHB) applied to the egress in Short pipe mode. It is a string of 1 to 31 characters."; type string; default "default"; } } container l3vpnTtlMode { description "The ttl-mode command enables MPLS to process the TTL in a specified mode. By default, MPLS processes the TTL in pipe mode."; leaf ttlMode { description "TTL mode"; default "pipe"; type enumeration { enum pipe { value "0"; description "pipe: Enables MPLS to process the TTL in pipe mode."; } enum uniform { value "1"; description "uniform: Enables MPLS to process the TTL in uniform mode."; } } } } leaf tunnel-policy { description "The tnl-policy command associates the IPv4 or IPv6 address family of a VPN instance with a tunnel policy."; type string { length "1..39"; } } container importRibs { description "Import route class"; leaf protocol { description "Specifies the protocol from which routes are imported. At present, In the IPv4 unicast address family view, the protocol can be IS-IS,static, direct and BGP."; type enumeration { enum ALL { value "0"; description "ALL:"; } enum Direct { value "1"; description "Direct:"; } enum OSPF { value "2"; description "OSPF:"; } enum ISIS { value "3"; description "ISIS:"; } enum Static { value "4"; description "Static:"; } enum RIP { value "5"; description "RIP:"; } enum BGP { value "6"; description "BGP:"; } enum OSPFV3 { value "7"; description "OSPFV3:"; } enum RIPNG { value "8"; description "RIPNG:"; } enum INVALID { value "9"; description "INVALID:"; } } } leaf processId { description "Specifies the process ID if the protocol from routes are imported is IS-IS."; default "0"; type uint32 { range "0..4294967295"; } } leaf bgp-valid-route { type boolean; } leaf policyName { description "Policy Id for import routes"; type string { } } } leaf traffic-statistics { description "The traffic-statistics enable command enables traffic statistics for a VPN instance."; type boolean; default "false"; } } /* * VPN instance view. */ container vpn-instances { description "VPN instances configuration parameters. VPN instances support both the IPv4 and IPv6 address families."; list vpn-instance { max-elements "unbounded"; min-elements "0"; key "vpn-instance-name"; description "Specifies the name of the VPN instance. It is a string of 1 to 31 case-sensitive characters."; leaf vpn-instance-name { mandatory "true"; type string; description "The name of the vpn-instance."; } leaf description { description "A textual description of VPN instance, the VPN instance description helps users memorize the VPN instance."; type string { length "1..242"; pattern "([^?]*)"; } } container ipv4-family { description "The IPv4 address family is enabled for the VPN instance."; uses vpn-af-config; } container ipv6-family { description "The IPv6 address family is enabled for the VPN instance."; uses vpn-af-config; } } } /* * Binding Interfaces to a VPN Instance. */ container vpn-interfaces { description "VPN is enabled on interfaces."; list vpn-interface { key "name"; max-elements "unbounded"; min-elements "0"; leaf name { type leafref { path "/if:interfaces/if:interface/if:name"; } } leaf vpn-instance-name { type string { length "1..40"; } } } } container vrfInfo { description "Display the information of the vrf. It is intended that this container may be augmented by vendors to reflect the vendor-specific operational state parameters."; leaf vrfCreateTime { description "CreateTime of the vrf."; config "false"; type yang:timestamp; } leaf vrfUpTime { description "UpTime period of the vrf."; config "false"; type yang:timeticks; } leaf label { description "Label of the vrf."; config "false"; type uint32 { range "16..1048574"; } } leaf vrfStatus { description "vrf status."; config "false"; type enumeration { enum up { value "0"; description "vrf up."; } enum down { value "1"; description "vrf down."; } } } } /* * augment some bgp vpn functions in bgp module. */ augment "/bgp:bgp-router/bgp:vpnv4/bgp:unicast" { uses augment-bgp-af-vpn-config; } augment "/bgp:bgp-router/bgp:vpnv6/bgp:unicast" { uses augment-bgp-af-vpn-config; } augment "/bgp:bgp-router" { container bgp-af-ipv4-vpn-instances { description "vpn-instances ipv4 address family."; list bgp-af-ipv4-vpn-instance { key "vpn-instance-name"; max-elements "unbounded"; min-elements "0"; leaf vpn-instance-name { type string; } uses bgp-af-vpn-instance-config; } } container bgp-af-ipv6-vpn-instances { description "vpn-instances ipv6 address family."; list bgp-af-ipv6-vpn-instance { key "vpn-instance-name"; max-elements "unbounded"; min-elements "0"; leaf vpn-instance-name { type string; } uses bgp-af-vpn-instance-config; } } } }