module yuma-netconf {
yang-version 1;
namespace
"urn:ietf:params:xml:ns:netconf:base:1.0";
prefix "nc";
import ietf-inet-types {
prefix "inet";
}
import ietf-yang-types {
prefix "yang";
}
import yuma-ncx {
prefix "ncx";
}
import yuma-nacm {
prefix "nacm";
}
contact
"Translated by Andy Bierman.
Send comments to <andy@netconfcentral.org>.";
description
"NETCONF Protocol
* Data Types
* Abstract object for PDU components
* RPCs
Translated from RFC 4741.";
revision "2010-05-24" {
description
"Align rpc statements with ietf-netconf.yang";
}
revision "2010-05-06" {
description
"Remove nacm:secure on delete-config;
Fix bugs in parameters that did not match ietf-netconf.yang.";
}
revision "2009-04-10" {
description "Remove rpc-type extension usage.";
}
revision "2009-02-24" {
description
"Change yang:uri to inet:uri (import moved).";
}
revision "2008-08-30" {
description
"Add some NCX extensions to automate some server processing.";
}
revision "2008-04-26" {
description
"Change get-config and get output from 'config' to 'data'.";
}
revision "2008-04-16" {
description
"Initial conversion from netconf.ncx version 0.6.";
}
extension get-filter-element-attributes {
description
"If this extension is present within the
an 'anyxml' statement named 'filter', which must be
conceptually defined within the RPC input section
for the 'get' and 'get-config' RPC operations,
then the following unqualified XML attribute is
supported within the 'filter' element, within
a 'get' or 'get-config' protocol operation:
type : optional attribute with allowed
value strings 'subtree' and 'xpath'.
If missing, the default value is 'subtree'.
If the 'xpath' feature is supported, then the
following unqualified XML attribute is
also supported:
select: optional attribute containing a
string representing an XPath expression.
The 'type' attribute must be equal to 'xpath'
if this attribute is present.";
}
feature writable-running {
description "NETCONF :writable-running capability";
reference
"RFC 4741, section 8.2";
}
feature candidate {
description "NETCONF :candidate capability";
reference
"RFC 4741, section 8.3";
}
feature confirmed-commit {
if-feature candidate;
description "NETCONF :confirmed-commit capability";
reference
"RFC 4741, section 8.4";
}
feature rollback-on-error {
description "NETCONF :rollback-on-error capability";
reference
"RFC 4741, section 8.5";
}
feature validate {
description "NETCONF :validate.1.0 capability";
reference
"RFC 4741, section 8.6";
}
feature validate-1.1 {
description "NETCONF :validate.1.1 capability";
reference
"RFC 4741bis, section x.x";
}
feature startup {
description "NETCONF :startup capability";
reference
"RFC 4741, section 8.7";
}
feature url {
description "NETCONF :url capability";
reference
"RFC 4741, section 8.8";
}
feature xpath {
description "NETCONF :xpath capability";
reference
"RFC 4741, section 8.9";
}
typedef Language {
type string;
description "XML language type for LangString";
}
typedef session-id-type {
type uint32 {
range "1..max";
}
description "NETCONF Session Id";
}
typedef session-id-or-zero-type {
type uint32;
description
"NETCONF Session Id or Zero to indicate none";
}
typedef ConfigURIType {
type inet:uri;
}
typedef LangString {
type string {
ncx:metadata "Language lang";
}
description "XML string with a language attribute.";
}
typedef MessageId {
type string {
length "1..4095";
}
description "NETCONF message-id attribute";
}
typedef ErrorType {
type enumeration {
enum "transport" {
value 0;
}
enum "rpc" {
value 1;
}
enum "protocol" {
value 2;
}
enum "application" {
value 3;
}
}
description "NETCONF Error Type";
}
typedef ErrorTag {
type enumeration {
enum "in-use" {
value 0;
}
enum "invalid-value" {
value 1;
}
enum "too-big" {
value 2;
}
enum "missing-attribute" {
value 3;
}
enum "bad-attribute" {
value 4;
}
enum "unknown-attribute" {
value 5;
}
enum "missing-element" {
value 6;
}
enum "bad-element" {
value 7;
}
enum "unknown-element" {
value 8;
}
enum "unknown-namespace" {
value 9;
}
enum "access-denied" {
value 10;
}
enum "lock-denied" {
value 11;
}
enum "resource-denied" {
value 12;
}
enum "rollback-failed" {
value 13;
}
enum "data-exists" {
value 14;
}
enum "data-missing" {
value 15;
}
enum "operation-not-supported" {
value 16;
}
enum "operation-failed" {
value 17;
}
enum "partial-operation" {
value 18;
}
}
description "NETCONF Error Tag";
}
typedef ErrorSeverity {
type enumeration {
enum "error" {
value 0;
}
enum "warning" {
value 1;
}
}
description "NETCONF Error Severity";
}
typedef TestOptionType {
type enumeration {
enum "test-then-set" {
value 0;
}
enum "set" {
value 1;
}
enum "test-only" {
value 2;
}
}
description "NETCONF 'test-option' Element Content.";
}
typedef ErrorOptionType {
type enumeration {
enum "stop-on-error" {
value 0;
}
enum "continue-on-error" {
value 1;
}
enum "rollback-on-error" {
value 2;
}
}
default "stop-on-error";
description "NETCONF 'error-option' Element Content";
}
typedef FilterType {
type enumeration {
enum "subtree" {
value 0;
}
enum "xpath" {
value 1;
}
}
default "subtree";
description "NETCONF 'filter' Attribute Content";
}
typedef SelectString {
type string {
ncx:xpath;
}
description
"XPath string used in the select attribute.";
}
typedef EditOperationType {
type enumeration {
enum "merge" {
value 0;
}
enum "replace" {
value 1;
}
enum "create" {
value 2;
}
enum "delete" {
value 3;
}
}
default "merge";
description "NETCONF 'operation' Attribute Content";
}
typedef DefaultOperationType {
type enumeration {
enum "merge" {
value 0;
}
enum "replace" {
value 1;
}
enum "none" {
value 2;
}
}
default "merge";
description
"NETCONF 'default-operation' Element Content";
}
typedef ConfirmTimeoutType {
type uint32 {
range "1..max";
}
units "seconds";
default "600";
description
"NETCONF 'confirm-timeout' Element Content";
}
grouping NcCapabilities {
description "Generic Capabilities List.";
container capabilities {
config "false";
leaf-list capability {
type inet:uri;
description "One Generic Capability URI.";
}
} // container capabilities
} // grouping NcCapabilities
container server-hello {
description
"Generic Server Hello Message Parameters.";
uses NcCapabilities;
leaf session-id {
type session-id-type;
config "false";
}
ncx:hidden;
ncx:abstract;
} // container server-hello
container client-hello {
description
"Generic Client Hello Message Parameters.";
uses NcCapabilities;
ncx:hidden;
ncx:abstract;
} // container client-hello
grouping ErrorInfoContent {
description
"NETCONF standard 'error-info' Element Content;";
leaf-list bad-attribute {
type string;
config "false";
description
"Name of the missing or invalid XSD attribute.
Used with missing-attribute, bad-attribute, and
unknown-attribute error-tag values.";
}
leaf-list bad-element {
type string;
config "false";
description
"Name of the element that contains (or should contain)
an invalid XSD attribute when used with missing-attribute,
bad-attribute, unknown-attribute, error-tag values.
Name of an invalid or missing element when used with
then missing-element, bad-element, unknown-element,
and unknown-namespace error-tag values.";
}
leaf-list ok-element {
type string;
config "false";
description
"Identifies an element in the data model
for which the requested operation has been completed
for that node and all its child nodes. This element
can appear zero or more times in the 'error-info'
container. Used with the partial-operation error-tag
value.";
}
leaf-list err-element {
type string;
config "false";
description
"Identifies an element in the data model
for which the requested operation has failed for that
node and all its child nodes. This element
can appear zero or more times in the 'error-info'
container. Used with the partial-operation error-tag
value.";
}
leaf-list noop-element {
type string;
config "false";
description
"Identifies an element in the data model
for which the requested operation was not attempted for
that node and all its child nodes. This element
can appear zero or more times in the <error-info>
container. Used with the partial-operation error-tag
value.";
}
leaf session-id {
type session-id-or-zero-type;
config "false";
description
"Session ID of session holding the
requested lock, or zero to indicate a non-NETCONF
entity holds the lock.";
}
} // grouping ErrorInfoContent
grouping RpcErrorType {
description "NETCONF 'rpc-error' Element Content";
leaf error-type {
type ErrorType;
mandatory "true";
description
"Defines the conceptual layer that the error occurred.";
}
leaf error-tag {
type ErrorTag;
mandatory "true";
description
"Contains a string identifying the error condition.";
}
leaf error-severity {
type ErrorSeverity;
mandatory "true";
description
"Contains a string identifying the error severity, as
determined by the device.";
}
leaf error-app-tag {
type string;
description
"Contains a string identifying the data-model-specific
or implementation-specific error condition, if one exists.
This element will not be present if no appropriate
application error tag can be associated with a particular
error condition.";
}
leaf error-path {
type yang:xpath1.0;
description
"Contains the absolute XPath [2] expression identifying
the element path to the node that is associated with the error
being reported in a particular rpc-error element. This element
will not be present if no appropriate payload element can be
associated with a particular error condition, or if the
'bad-element' QString returned in the 'error-info' container is
sufficient to identify the node associated with the error. When
the XPath expression is interpreted, the set of namespace
declarations are those in scope on the rpc-error element,
including the default namespace.";
}
leaf error-message {
type LangString;
description
"Contains a string suitable for human display that
describes the error condition. This element will not be present
if no appropriate message is provided for a particular error
condition. This element SHOULD include an xml:lang attribute.";
}
anyxml error-info {
description
"Contains protocol- or data-model-specific error content.
This element will not be present if no such error content is
provided for a particular error condition. The list in
RFC 4741, Appendix A, defines any mandatory error-info content
for each error. After any protocol-mandated content, a
data model definition may mandate that certain application-layer
error information be included in the error-info container.
An implementation may include additional elements to
provide extended and/or implementation-specific debugging
information.";
}
} // grouping RpcErrorType
grouping RpcDataReplyType {
description
"NETCONF 'rpc-reply' Error and/or Data Content";
list rpc-error {
config "false";
uses RpcErrorType;
} // list rpc-error
} // grouping RpcDataReplyType
grouping RpcOkReplyType {
description "NETCONF 'rpc-reply' OK Content.";
choice ok-or-error {
leaf ok {
type empty;
config "false";
description
"Sent in 'rpc-reply' messages if no errors or
warnings occurred during the processing of an 'rpc' request.";
}
list rpc-error {
config "false";
uses RpcErrorType;
} // list rpc-error
} // choice ok-or-error
} // grouping RpcOkReplyType
grouping RpcReplyType {
description "Generic NETCONF 'rpc-reply' content. ";
choice ok-or-data-error {
leaf ok {
type empty;
description
"Sent in 'rpc-reply' messages if no errors or
warnings occurred during the processing of an 'rpc' request.";
}
case data-error {
uses RpcDataReplyType;
} // case data-error
} // choice ok-or-data-error
} // grouping RpcReplyType
leaf operation {
type EditOperationType;
description
"Internal object for the nc:operation attribute.";
ncx:abstract;
ncx:hidden;
}
container rpc {
description "Remote Procedure Call request message";
reference
"RFC 4741, section 4.1";
ncx:metadata "MessageId message-id";
ncx:abstract;
} // container rpc
container rpc-reply {
description "Remote Procedure Call response message";
reference
"RFC 4741, section 4.2";
uses RpcReplyType;
ncx:metadata "MessageId message-id";
ncx:abstract;
} // container rpc-reply
rpc get-config {
description
"Retrieve all or part of a specified configuration.";
reference
"RFC 4741, section 7.2";
input {
container source {
description "Particular configuration to retrieve.";
choice config-source {
mandatory "true";
leaf candidate {
if-feature candidate;
type empty;
}
leaf running {
type empty;
}
leaf startup {
if-feature startup;
type empty;
description
"This is optional-to-implement on the server because
not all servers will support filtering for this
database.";
}
} // choice config-source
} // container source
anyxml filter {
description "Subtree or Xpath filter to use.";
nc:get-filter-element-attributes;
ncx:metadata "FilterType type";
ncx:metadata "SelectString select";
}
}
output {
container data {
presence
"An empty data container indicates that the
request did not produce any results.";
description
"Copy of the source database subset which matched
the filter criteria (if any).";
ncx:root;
} // container data
}
} // rpc get-config
rpc edit-config {
description
"The 'edit-config' operation loads all or part of a specified
configuration to the specified target configuration. This
operation allows the new configuration to be expressed in several
ways, such as using a local file, a remote file, or inline. If
the target configuration does not exist, it will be created. If a
NETCONF peer supports the :url capability (Section 8.8), the <url>
element can appear instead of the <config> parameter and should
identify a local configuration file.
The device analyzes the source and target configurations and
performs the requested changes. The target configuration is not
necessarily replaced, as with the <copy-config> message. Instead,
the target configuration is changed in accordance with the
source's data and requested operations.";
reference
"RFC 4741, section 7.2";
input {
container target {
description "Particular configuration to edit.";
choice config-target {
mandatory "true";
leaf candidate {
if-feature candidate;
type empty;
}
leaf running {
if-feature writable-running;
type empty;
}
} // choice config-target
} // container target
leaf default-operation {
type DefaultOperationType;
default "merge";
description
"Default operation to apply if not explicitly set.";
}
leaf test-option {
if-feature validate;
type TestOptionType;
description
"Test option if validate capability supported.
The 'validate' capability must be present to set
this object to 'test-then-set'.";
}
leaf error-option {
type ErrorOptionType;
default "stop-on-error";
description "Error recovery option.";
}
choice edit-content {
mandatory "true";
container config {
description
"Inline Config content: 'config' element.";
ncx:root;
} // container config
leaf url {
if-feature url;
type inet:uri;
description
"Pointer to Config content: 'url' element.";
}
} // choice edit-content
}
} // rpc edit-config
rpc copy-config {
description
"Create or replace an entire configuration datastore with the
contents of another complete configuration datastore. If the
target datastore exists, it is overwritten. Otherwise, a new one
is created, if allowed.
If a NETCONF peer supports the :url capability (Section 8.8), the
'url' element can appear as the <source> or <target> parameter.
Even if it advertises the :writable-running capability, a device
may choose not to support the <running/> configuration datastore
as the <target> parameter of a <copy-config> operation. A device
may choose not to support remote-to-remote copy operations, where
both the <source> and <target> parameters use the <url> element.
If the source and target parameters identify the same URL or
configuration datastore, an error MUST be returned with an error-
tag containing invalid-value.";
reference
"RFC 4741, section 7.3";
input {
container target {
description "Particular configuration to copy to.";
choice config-target {
mandatory "true";
leaf candidate {
if-feature candidate;
type empty;
}
leaf running {
if-feature writable-running;
type empty;
description
"This is optional-to-implement on the server.";
}
leaf startup {
if-feature startup;
type empty;
}
leaf url {
if-feature url;
type inet:uri;
}
} // choice config-target
} // container target
container source {
description "Particular configuration to copy from.";
choice config-source {
mandatory "true";
leaf candidate {
if-feature candidate;
type empty;
}
leaf running {
type empty;
}
leaf startup {
if-feature startup;
type empty;
}
leaf url {
if-feature url;
type inet:uri;
}
container config {
description
"Inline Config content: 'config' element.
Represents an entire 'stand-alone'
configuration database, not a subset of
the running database.";
ncx:root;
} // container config
} // choice config-source
} // container source
}
} // rpc copy-config
rpc delete-config {
description
"Delete a configuration datastore. The 'running' configuration
datastore cannot be deleted.
If a NETCONF peer supports the :url capability (Section 8.8), the
'url' element can appear as the <target> parameter.";
reference
"RFC 4741, section 7.4";
input {
container target {
description "Particular configuration to delete.";
choice config-target {
mandatory "true";
leaf startup {
if-feature startup;
type empty;
}
leaf url {
if-feature url;
type inet:uri;
}
} // choice config-target
} // container target
}
} // rpc delete-config
rpc lock {
description
"The lock operation allows the client to lock the configuration
system of a device. Such locks are intended to be short-lived and
allow a client to make a change without fear of interaction with
other NETCONF clients, non-NETCONF clients (e.g., SNMP and command
line interface (CLI) scripts), and human users. ...";
reference
"RFC 4741, section 7.5";
input {
container target {
description "Particular configuration to lock";
choice config-target {
mandatory "true";
leaf candidate {
if-feature candidate;
type empty;
}
leaf running {
type empty;
}
leaf startup {
if-feature startup;
type empty;
}
} // choice config-target
} // container target
}
} // rpc lock
rpc unlock {
description
"The unlock operation is used to release a configuration lock,
previously obtained with the 'lock' operation.
An unlock operation will not succeed if any of the following
conditions are true:
* the specified lock is not currently active
* the session issuing the <unlock> operation is not the same
session that obtained the lock
The server MUST respond with either an <ok> element or an
'rpc-error'.";
reference
"RFC 4741, section 7.6";
input {
container target {
description "Particular configuration to unlock.";
choice config-target {
mandatory "true";
leaf candidate {
if-feature candidate;
type empty;
}
leaf running {
type empty;
}
leaf startup {
if-feature startup;
type empty;
}
} // choice config-target
} // container target
}
} // rpc unlock
rpc get {
description
"Retrieve running configuration and device state information.";
reference
"RFC 4741, section 7.7";
input {
anyxml filter {
description
"This parameter specifies the portion of the system
configuration and state data to retrieve. If this parameter is
empty, all the device configuration and state information is
returned.
The filter element may optionally contain a 'type' attribute.
This attribute indicates the type of filtering syntax used
within the filter element. The default filtering mechanism in
NETCONF is referred to as subtree filtering and is described in
Section 6. The value 'subtree' explicitly identifies this type
of filtering.
If the NETCONF peer supports the :xpath capability
(Section 8.9), the value 'xpath' may be used to indicate that
the select attribute of the filter element contains an XPath
expression.";
nc:get-filter-element-attributes;
ncx:metadata "FilterType type";
ncx:metadata "string select";
}
}
output {
container data {
presence
"An empty data container indicates that the filter
request did not match any results.";
description
"Copy of the 'running' database subset and/or state
data which matched the filter criteria (if any).";
ncx:root;
} // container data
}
} // rpc get
rpc close-session {
description
"Request graceful termination of a NETCONF session.
When a NETCONF server receives a <close-session> request, it will
gracefully close the session. The server will release any locks
and resources associated with the session and gracefully close any
associated connections. Any NETCONF requests received after a
'close-session' request will be ignored.";
reference
"RFC 4741, section 7.8";
} // rpc close-session
rpc kill-session {
description
"Force the termination of a NETCONF session.
When a NETCONF entity receives a <kill-session> request for an
open session, it will abort any operations currently in process,
release any locks and resources associated with the session, and
close any associated connections.
If a NETCONF server receives a <kill-session> request while
processing a confirmed commit (Section 8.4), it must restore the
configuration to its state before the confirmed commit was issued.
Otherwise, the <kill-session> operation does not roll back
configuration or other device state modifications made by the
entity holding the lock.";
reference
"RFC 4741, section 7.9";
input {
leaf session-id {
type session-id-type;
mandatory "true";
description "Particular session to kill.";
}
}
} // rpc kill-session
rpc commit {
if-feature candidate;
description
"When a candidate configuration's content is complete, the
configuration data can be committed, publishing the data set to
the rest of the device and requesting the device to conform to
the behavior described in the new configuration.
To commit the candidate configuration as the device's new
current configuration, use the <commit> operation.
The 'commit' operation instructs the device to implement the
configuration data contained in the candidate configuration.
If the device is unable to commit all of the changes in the
candidate configuration datastore, then the running
configuration MUST remain unchanged. If the device does
succeed in committing, the running configuration MUST be
updated with the contents of the candidate configuration.
If the system does not have the :candidate capability, the
'commit' operation is not available.";
reference
"RFC 4741, section 8.3.4.1";
input {
leaf confirmed {
if-feature confirmed-commit;
type empty;
description "Request a confirmed commit.";
reference
"RFC 4741, section 8.4.5.1";
}
leaf confirm-timeout {
if-feature confirmed-commit;
type ConfirmTimeoutType;
description
"Request a specific timeout period for a confirmed commit
if 'confirmed-commit' capability supported.";
reference
"RFC 4741, section 8.4.5.1";
}
}
} // rpc commit
rpc discard-changes {
if-feature candidate;
description
"If the client decides that the candidate configuration should
not be committed, the 'discard-changes' operation can be used
to revert the candidate configuration to the current running
configuration.
This operation discards any uncommitted changes by resetting
the candidate configuration with the content of the running
configuration.";
reference
"RFC 4741, section 8.3.4.2";
} // rpc discard-changes
rpc validate {
if-feature validate;
description
"Validates the contents of the specified configuration.";
reference
"RFC 4741, section 8.6.4.1";
input {
container source {
description "Particular configuration to validate.";
choice config-source {
mandatory "true";
leaf candidate {
if-feature candidate;
type empty;
}
leaf running {
type empty;
}
leaf startup {
if-feature startup;
type empty;
}
leaf url {
if-feature url;
type inet:uri;
}
container config {
description
"Inline Config content: 'config' element.
Represents an entire 'stand-alone'
configuration database, not a subset of
the running database.";
ncx:root;
} // container config
} // choice config-source
} // container source
}
} // rpc validate
rpc load-config {
description
"NCX internal load-config operation.
The config database can be loaded dynamically
only if the startup config phase was skipped
via the 'no-startup' option.
An operation-failed error will be returned and
any startup config file was loaded (even partially)
successfully.";
input {
container config {
description "XML Config contents.";
ncx:root;
} // container config
}
ncx:hidden;
ncx:abstract;
nacm:very-secure;
} // rpc load-config
container config {
description
"Used as the container for NETCONF object definitions.";
ncx:root;
ncx:abstract;
} // container config
} // module yuma-netconf
