netconfcentral logo

ietf-pcp@2017-10-17



  module ietf-pcp {

    yang-version 1.1;

    namespace
      "urn:ietf:params:xml:ns:yang:ietf-pcp";

    prefix pcp;

    import ietf-inet-types {
      prefix inet;
    }
    import ietf-yang-types {
      prefix yang;
    }

    organization "xxx Working Group";

    contact
      "Mohamed Boucadair <mohamed.boucadair@orange.com>
     Christian Jacquenet <christian.jacquenet@orange.com>";

    description
      "This module embeds the core PCP characteristics, including
     the description of PCP operations, options and mapping entries.

     Copyright (c) 2017 IETF Trust and the persons identified as
     authors of the code.  All rights reserved.

     Redistribution and use in source and binary forms, with or
     without modification, is permitted pursuant to, and subject
     to the license terms contained in, the Simplified BSD License
     set forth in Section 4.c of the IETF Trust's Legal Provisions
     Relating to IETF Documents
     (http://trustee.ietf.org/license-info).

    This version of this YANG module is part of RFC XXXX; see
    the RFC itself for full legal notices.";

    revision "2017-10-17" {
      description "Align with NMDA";
      reference
        "-05";

    }

    revision "2015-08-05" {
      description "Changes tbc.";
      reference
        "-00";

    }


    identity c_function {
      base 
      description
        "Base identity for controlled function.";
      reference
        "RFC 3022.";

    }

    identity nat44 {
      base pcp:c_function;
      description
        "Base identity for NAT44 type.";
      reference
        "RFC 3022.";

    }

    identity nat64 {
      base pcp:c_function;
      description
        "Base identity for NAT64 type.";
      reference
        "RFC 6146.";

    }

    identity dslite {
      base pcp:c_function;
      description
        "Base identity for DS-Lite type.";
      reference
        "RFC 6333.";

    }

    identity nptv6 {
      base pcp:c_function;
      description
        "Base identity for NPTv6 type.";
      reference
        "RFC 6296.";

    }

    identity ipv4-firewall {
      base pcp:c_function;
      description
        "Base identity for IPv4 firewall type.";
    }

    identity ipv6-firewall {
      base pcp:c_function;
      description
        "Base identity for IPv6 firewall type.";
    }

    identity port-range-router {
      base pcp:c_function;
      description
        "Base identity for Port Range Router type.";
      reference
        "RFC 6346.";

    }

    grouping description-option {
      description
        "used to configure DESCRIPTION option.";
      leaf description-enabled {
        type boolean;
        description
          "Enable/disable DESCRIPTION option.";
        reference
          "RFC 7220";

      }

      leaf max-description {
        type uint32;
        description
          "Indicates the maximum length of the description
       associated with a mapping.";
        reference
          "RFC 7220";

      }
    }  // grouping description-option

    grouping filter-option {
      description "FILTER option";
      leaf filter-enabled {
        type boolean;
        description
          "Enable/disable FILTER option.";
        reference
          "RFC 6887";

      }

      leaf max-filters {
        type uint32;
        description
          "Indicates the maximum number of filters
       associated with a mapping.";
        reference
          "RFC 6887";

      }
    }  // grouping filter-option

    grouping port-set-option {
      description "PORT_SET option.";
      leaf port-set-enable {
        type boolean;
        description
          "Enable/disable PORT_SET option.";
        reference
          "RFC 7753";

      }

      leaf default-port-set-size {
        type uint16;
        description
          "Indicates the default size of a port set.";
        reference
          "RFC 7753";

      }

      leaf maximum-port-set-size {
        type uint16;
        description
          "Indicates the maximum size of a port set.";
        reference
          "RFC 7753";

      }
    }  // grouping port-set-option

    grouping opcode {
      description
        "Indicates the set of supported/enabled PCP opcodes.";
      leaf map {
        type boolean;
        description "MAP opcode";
        reference
          "RFC 6887";

      }

      leaf peer {
        type boolean;
        description "PEER opcode";
        reference
          "RFC 6887";

      }

      leaf announce {
        type boolean;
        description "ANNOUNCE opcode.";
        reference
          "RFC 6887";

      }
    }  // grouping opcode

    grouping option {
      description "a set of PCP options.";
      leaf third-party {
        type boolean;
        description
          "THIRD_PARTY option is used when a PCP client wants
       to control a mapping to an internal host other
       than itself.";
        reference
          "RFC 6887";

      }

      leaf prefer-failure {
        type boolean;
        description
          "This option indicates that if the PCP server is unable
       to map both the suggested external port and suggested
       external address, the PCP server should not create
       a mapping.  This differs from the behavior without this
       option, which is to create a mapping.

       PREFER_FAILURE is never necessary for a PCP client to
       manage mappings for itself, and its use causes
       additional work in the PCP client and in the PCP
       server. See Section 13.2 of [RFC6887].";
        reference
          "Section 13.2 ofRFC 6887";

      }

      container filter {
        description
          "This option indicates that filtering incoming packets
       is desired.";
        uses filter-option;
      }  // container filter

      leaf port-set {
        type boolean;
        description
          "Indicates whether PORT_SET is supported/enabled.";
      }

      container description {
        description
          "Associates a description with a mapping.";
        reference
          "RFC 7220";

        uses description-option;
      }  // container description

      leaf prefix64 {
        type boolean;
        description "PREFIX64 PCP option.";
        reference
          "RFC 7225";

      }
    }  // grouping option

    grouping port-number {
      description
        "Individual port or a range of ports.
     When only start-port-numbert is present,
     it represents a single port.";
      leaf start-port-number {
        type inet:port-number;
        description
          "Begining of the port range.";
        reference
          "Section 3.2.9 of RFC 8045.";

      }

      leaf end-port-number {
        type inet:port-number;
        must ". >= ../start-port-number" {
          error-message
            "The end-port-number must be greater than or
            equal to start-port-number.";
        }
        description "End of the port range.";
        reference
          "Section 3.2.10 of RFC 8045.";

      }
    }  // grouping port-number

    grouping filter {
      description
        "The remote peer IP address and remote peer port of
     the FILTER option indicate the permitted remote peer's
     source IP address and source port for packets from
     the Internet; other traffic from other addresses
     is blocked.";
      leaf filter-id {
        type uint32;
        description
          "An identifier of the filter.";
      }

      leaf remote-ip-prefix {
        type inet:ipv6-prefix;
        description
          "The IP address of the remote peer.";
      }

      leaf remote-port-number {
        type inet:port-number;
        description
          "The port number of the remote peer. Value 0
       indicates 'all ports'.";
      }
    }  // grouping filter

    grouping mapping-entry {
      description "A PCP mapping entry.";
      leaf index {
        type uint32;
        description
          "A unique identifier of a mapping entry.";
      }

      leaf status {
        type enumeration {
          enum "disabled" {
            value 0;
            description
              "The mapping entry is not in use (Disabled).";
          }
          enum "requested" {
            value 1;
            description
              "A PCP request has been sent for this mapping.
           Still waiting for a response from the server.";
          }
          enum "assigned" {
            value 2;
            description
              "This mapping has been granted by the server.";
          }
          enum "stale" {
            value 3;
            description
              "This is a stale mapping (case of reboot).";
          }
        }
        description
          "Indicates the status of a mapping entry.";
      }

      leaf mapping-nonce {
        type string;
        description
          "A random value chosen by the PCP client";
      }

      leaf internal-ip-address {
        type inet:ipv6-prefix;
        description
          "Corresponds to the PCP Client's IP Address
       defined in [RFC6887].";
      }

      container internal-port {
        description
          "Internal port for the mapping. Value 0 indicates
       'all ports', and is legal when the lifetime is zero
       (a delete request), if the protocol does not use
       16-bit port numbers, or the client is requesting
       'all ports'.  If the protocol is zero
       (meaning 'all protocols'), then internal port
       is set to zero.";
        uses port-number;
      }  // container internal-port

      leaf external-ip-address {
        type inet:ipv6-prefix;
        description
          "External IP address. Can be 'Suggested' or 'Assigned'.

       It can be set by a client to stale-ip-address, if available
       or to (::) (for requesting external IPv6 addresses)
       or (::ffff:0:0) (for requesting external IPv4 addresses).";
      }

      container external-port {
        description
          "External port number. Can be 'Suggested' or 'Assigned'.";
        uses port-number;
      }  // container external-port

      leaf protocol {
        type uint8;
        description
          "Upper-layer protocol associated with this Opcode.
       Values are taken from the IANA protocol registry.
       For example, this field contains 6 (TCP) if the Opcode
       is intended to create a TCP mapping.  This field contains
       17 (UDP) if the Opcode is intended to create a UDP mapping.

       The value 0 has a special meaning for 'all protocols'.";
      }

      leaf lifetime {
        type uint32;
        description
          "Lifetime of the mapping.

       Can be requested/assigned/remaining";
      }

      leaf third-party-address {
        type inet:ipv6-prefix;
        description
          "used to indicate the internal IP address
        when THIRD_PARTY is in use.";
      }

      list filter {
        key "filter-id";
        description
          "a list of filters associated with the mapping.";
        uses filter;
      }  // list filter

      leaf description {
        type string;
        description
          "a description string associated with the mapping.";
      }

      leaf prefer-failure-tagged {
        type boolean;
        description
          "a tag which indicates whether PREFER_FAILURE
       is (to be) used.";
      }
    }  // grouping mapping-entry

    grouping status-code {
      description
        "stores the result status code";
      leaf status-code {
        type enumeration {
          enum "SUCCESS" {
            value 0;
            description "Success";
          }
          enum "unsupported-version" {
            value 1;
            description
              "The version number at the start of the PCP Request
            header is not recognized by this PCP server.
            This is a long lifetime error.";
          }
          enum "not-authorized" {
            value 2;
            description
              "The requested operation is disabled for this PCP
            client, or the PCP client requested an operation
            that cannot be fulfilled by the PCP server's
            security policy.

            This is a long lifetime error.";
          }
          enum "malformed-request" {
            value 3;
            description
              "The request could not be successfully parsed.

            This is a long lifetime error.";
          }
          enum "unsupported-opcode" {
            value 4;
            description
              "Unsupported Opcode.
           This is a long lifetime error.";
          }
          enum "unsupported-option" {
            value 5;
            description
              "Unsupported option.  This error only occurs if
           the option is in the mandatory-to-process range.

           This is a long lifetime error.";
          }
          enum "malformed-option" {
            value 6;
            description
              "Malformed option (e.g., appears too many times,
           invalid length).

           This is a long lifetime error.";
          }
          enum "network-failure" {
            value 7;
            description
              "The PCP server or the device it controls is
           experiencing a network failure of some sort
           (e.g., has not yet obtained an external
           IP address).

           This is a short lifetime error.";
          }
          enum "no-resources" {
            value 8;
            description
              "Request is well-formed and valid, but the server
           has insufficient resources to complete
           the requested operation at this time.

           For example, the NAT device cannot create more
           mappings at this time, is short of CPU cycles
           or memory, or is unable to handle the request
           due to some other temporary condition.

           The same request may succeed in the future.
           This is a system-wide error, different from
           USER_EX_QUOTA.  This can be used as a
           catch-all error, should no other error
           message be suitable.

           This is a short lifetime error.";
          }
          enum "unsupported-protocol" {
            value 9;
            description
              "Unsupported transport protocol, e.g.,
           SCTP in a  NAT that handles only UDP and TCP.

           This is a long lifetime error.";
          }
          enum "ex-quota" {
            value 10;
            description
              "This attempt to create a new mapping would
                    exceed this subscriber's port quota.

                    This is a short lifetime error.";
          }
          enum "cannot-provide-external" {
            value 11;
            description
              "The suggested external port and/or
                     external address cannot be provided.
                     This error must only be returned for:
                      *  MAP requests that included the
                         PREFER_FAILURE option
                      *  MAP requests for the SCTP protocol
                        (PREFER_FAILURE is implied)
                      *  PEER requests.";
          }
          enum "address-mismatch" {
            value 12;
            description
              "The source IP address of the request
                   packet does not match the contents of the
                   PCP Client's IP Address field, due to an
                   unexpected NAT on the path between the PCP
                   client and the PCP-controlled NAT or firewall.

                   This is a long lifetime error.";
          }
          enum "extensive-remote-peer" {
            value 13;
            description
              "The PCP server was not able to create the
                    filters in this request.  This result code must
                    only be returned if the MAP request contained
                    the FILTER option.

                    This is a long lifetime error.";
          }
        }
        description "result status code.";
      }
    }  // grouping status-code

    grouping pcp-server-address {
      description
        "A list of PCP servers. Each PCP server can be identified
           by one or multiple IP addresses.";
      leaf pcp-server-id {
        type uint32;
        description "A unique identifier.";
      }

      list pcp-server-ip-address {
        key "address-id";
        description
          "a list of IP addresses of a PCP server";
        leaf address-id {
          type uint32;
          description "An identifier";
        }

        leaf ip-address {
          type inet:ipv6-address;
          description
            "An IP address of a PCP server.";
        }
      }  // list pcp-server-ip-address

      leaf external-address-familly {
        type inet:ip-version;
        description
          "The address family of the external address(es)
                 managed by the PCP server.
                 Can be IPv4, IPv6 or both.";
      }

      leaf stale-external-ip-address {
        type inet:ipv6-prefix;
        description
          "A stale address that can be used by the PCP client
               to be assigned the same address upon reboot
               or other failure events.";
      }
    }  // grouping pcp-server-address

    grouping pcp-server-address-status {
      description
        "Groups the status of the communication between
         a PCP client a server.";
      uses pcp-server-address;

      leaf source {
        type enumeration {
          enum "manual-configuration" {
            value 0;
            description
              "The server has been manually configured.";
          }
          enum "dhcpv6" {
            value 1;
            description
              "Retrieved from DHCPv6 [RFC7291].";
          }
          enum "dhcpv4" {
            value 2;
            description
              "Retrieved from DHCPv4 [RFC7291].";
          }
          enum "else" {
            value 3;
            description
              "Else (e.g., TR-96.)";
          }
        }
        description
          "source of the PCP server reachability information.";
      }

      leaf in-use {
        type boolean;
        description
          "Indicates whether this in-use instance of the server
         is the result of the selection
         process defined in [RFC7488].";
      }

      leaf server-epoch {
        type uint32;
        description
          "The PCP server's Epoch.";
      }

      leaf client-epoch {
        type uint32;
        description
          "The PCP client's Epoch.";
      }

      leaf current-version {
        type uint8;
        description
          "The version that is selected as per the version negotiation
         procedure specified in Section 9 of [RFC6877].";
      }
    }  // grouping pcp-server-address-status

    grouping pcp-controlled-function {
      description
        "A set of PCP-controlled functions.
        One or multiple functions can be controlled
        by the same PCP server. ";
      leaf-list pcp-controlled-function {
        type identityref {
          base c_function;
        }
        description "Type of NAT.";
      }
    }  // grouping pcp-controlled-function

    grouping traffic-stat {
      description
        "Groups a set of statistics.";
      container traffic-statistics {
        description
          "Generic traffic statistics.";
        leaf sent-packet {
          type yang:zero-based-counter64;
          description "Packets sent";
        }

        leaf sent-byte {
          type yang:zero-based-counter64;
          description
            "Counter for sent traffic in bytes.";
        }

        leaf rcvd-packet {
          type yang:zero-based-counter64;
          description
            "Counter for received packets.";
        }

        leaf rcvd-byte {
          type yang:zero-based-counter64;
          description
            "Counter for received traffic in bytes.";
        }

        leaf dropped-packet {
          type yang:zero-based-counter64;
          description
            "Counter for dropped packets.";
        }

        leaf dropped-byte {
          type yang:zero-based-counter64;
          description
            "Counter for dropped traffic in bytes.";
        }
      }  // container traffic-statistics

      container opcode-statistics {
        description
          "Opcode-related statistics.";
        leaf sent-map {
          type yang:zero-based-counter64;
          description
            "Counter for sent MAP messages";
        }

        leaf rcvd-map {
          type yang:zero-based-counter64;
          description
            "Counter for received MAP messages";
        }

        leaf sent-peer {
          type yang:zero-based-counter64;
          description
            "Counter for sent PEER messages";
        }

        leaf rcvd-peer {
          type yang:zero-based-counter64;
          description
            "Counter for received PEER messages";
        }

        leaf sent-annonce {
          type yang:zero-based-counter64;
          description
            "Counter for sent ANNOUNCE messages";
        }

        leaf rcvd-announce {
          type yang:zero-based-counter64;
          description
            "Counter for received ANNOUNCED messages";
        }

        leaf rcvd-unknown {
          type yang:zero-based-counter64;
          description
            "Counter for received unknown opcodes";
        }

        leaf rcvd-malformed {
          type yang:zero-based-counter64;
          description
            "Counter for received malformed opcodes";
        }
      }  // container opcode-statistics
    }  // grouping traffic-stat

    grouping mapping-table-stats {
      description
        "PCP mapping table related statistics.";
      leaf current-mt-size {
        type yang:zero-based-counter64;
        description
          "Size of the mapping table";
      }

      leaf max-mt-size {
        type uint32;
        description
          "Maximum configured size of the mapping table.";
      }
    }  // grouping mapping-table-stats

    grouping pcp-version {
      description "PCP version(s)";
      leaf version {
        type uint8;
        description
          "Indicates a PCP server.
           Current versions are: 0, 1, and 2.";
      }
    }  // grouping pcp-version
  }  // module ietf-pcp