This module contains a collection of YANG definitions for Cisco IOS-XR crypto-macsec-mka package operational data. This module ...
Version: 2021-04-15
module Cisco-IOS-XR-crypto-macsec-mka-oper { yang-version 1; namespace "http://cisco.com/ns/yang/Cisco-IOS-XR-crypto-macsec-mka-oper"; prefix crypto-macsec-mka-oper; import Cisco-IOS-XR-types { prefix xr; } import cisco-semver { prefix semver; } include Cisco-IOS-XR-crypto-macsec-mka-oper-sub1 { revision-date "2021-04-15"; } organization "Cisco Systems, Inc."; contact "Cisco Systems, Inc. Customer Service Postal: 170 West Tasman Drive San Jose, CA 95134 Tel: +1 800 553-NETS E-mail: cs-yang@cisco.com"; description "This module contains a collection of YANG definitions for Cisco IOS-XR crypto-macsec-mka package operational data. This module contains definitions for the following management objects: macsec: Macsec operational data Copyright (c) 2013-2021 by Cisco Systems, Inc. All rights reserved."; revision "2021-04-15" { description "Modified to display session stats 2021-02-17 Modified to display port power status 2021-01-19 show_mka.bag dormant entry remove 2020-08-24 MKA PPK"; } revision "2019-05-27" { description "MKA ISSU"; } revision "2019-04-05" { description "MKA ISSU"; } revision "2015-11-09" { description "IOS XR 6.0 revision."; } semver:module-version "2.0.0"; semver:module-version "1.1.0"; semver:module-version "1.1.0"; container macsec { config false; description "Macsec operational data"; container mka { description "MKA Data"; container interfaces { description "MKA Data"; list interface { key "name"; description "MKA Data for the Interface"; container session { description "MKA Session Data"; container session-summary { description "Session summary"; container outer-tag { description "VLAN Outer TAG"; leaf ether-type { type uint16; description "EtherType"; } leaf priority { type uint8; description "Priority"; } leaf cfi { type uint8; description "Cannonical Format Identifier"; } leaf vlan-id { type uint16; description "Vlan Id"; } } // container outer-tag container inner-tag { description "VLAN Inner TAG"; leaf ether-type { type uint16; description "EtherType"; } leaf priority { type uint8; description "Priority"; } leaf cfi { type uint8; description "Cannonical Format Identifier"; } leaf vlan-id { type uint16; description "Vlan Id"; } } // container inner-tag leaf interface-name { type string; description "macsec configured interface"; } leaf inherited-policy { type boolean; description "Is Inherited Policy"; } leaf policy { type string; description "Policy Name"; } leaf priority { type uint32; description "Key Server Priority"; } leaf my-mac { type string; description "My MAC"; } leaf delay-protection { type boolean; description "Delay Protect"; } leaf replay-protect { type boolean; description "Replay Protect"; } leaf window-size { type uint32; description "Replay Window Size"; } leaf include-icv-indicator { type boolean; description "IncludeICVIndicator"; } leaf confidentiality-offset { type uint32; description "Confidentiality Offset"; } leaf algo-agility { type uint32; description "Alogorithm Agility"; } leaf capability { type uint32; description "MACSec Capability"; } leaf mka-cipher-suite { type string; description "MKA Cipher Suite"; } leaf configured-mac-sec-cipher-suite { type string; description "configured cipher suite"; } leaf mac-sec-desired { type boolean; description "MACSec Desired"; } } // container session-summary container vp { description "Virtual Pointer Info"; leaf my-sci { type string; description "Local SCI(MAC)"; } leaf virtual-port-id { type uint32; description "Virtual Port ID"; } leaf latest-rx { type boolean; description "Latest Rx status"; } leaf latest-tx { type boolean; description "Latest Tx status"; } leaf latest-an { type uint32; description "Latest SAK AN"; } leaf latest-ki { type string; description "Latest SAK KI"; } leaf latest-kn { type uint32; description "Latest SAK KN"; } leaf old-rx { type boolean; description "Old Rx status"; } leaf old-tx { type boolean; description "Old Tx status"; } leaf old-an { type uint32; description "Old SAK AN"; } leaf old-ki { type string; description "Old SAK KI"; } leaf old-kn { type uint32; description "Old SAK KN"; } leaf wait-time { type uint32; description "SAK Transmit Wait Time"; } leaf retire-time { type uint32; description "SAK Retire time"; } leaf macsec-cipher-suite { type Macsec-cipher-suite; description "SAK Cipher Suite"; } leaf ssci { type uint32; description "SSCI of the Local TxSC"; } leaf time-to-sak-rekey { type string; description "Next SAK Rekey time in Sec"; } leaf time-to-exit-suspension { type string; description "Time to exit suspension"; } leaf sak-gen-mode { type string; description "SAK gen mode"; } list fallback-keepalive { description "Fallback Keepalive"; container peers-status { description "Peers Status"; leaf tx-mkpdu-timestamp { type string { length "0..128"; } description "Tx MKPDU Timestamp"; } leaf peer-count { type uint32; description "Peer Count"; } list peer { description "Peer List"; container peer-data { description "Peer Status Data"; leaf mi { type string { length "0..25"; } description "Member ID"; } leaf icv-status { type string { length "0..10"; } description "ICV Status"; } leaf icv-check-timestamp { type string { length "0..128"; } description "ICV Check Timestamp"; } } // container peer-data leaf sci { type string { length "0..17"; } description "Rx SCI"; } } // list peer } // container peers-status leaf ckn { type string { length "0..65"; } description "CKN"; } leaf mi { type string { length "0..25"; } description "Member Identifier"; } leaf mn { type uint32; description "Message Number"; } } // list fallback-keepalive } // container vp list ca { description "CA List for a Session"; container peers-status { description "Peers Status"; leaf tx-mkpdu-timestamp { type string { length "0..128"; } description "Tx MKPDU Timestamp"; } leaf peer-count { type uint32; description "Peer Count"; } list peer { description "Peer List"; container peer-data { description "Peer Status Data"; leaf mi { type string { length "0..25"; } description "Member ID"; } leaf icv-status { type string { length "0..10"; } description "ICV Status"; } leaf icv-check-timestamp { type string { length "0..128"; } description "ICV Check Timestamp"; } } // container peer-data leaf sci { type string { length "0..17"; } description "Rx SCI"; } } // list peer } // container peers-status leaf is-key-server { type boolean; description "Is Key Server"; } leaf status { type string; description "Session Status [Secured/Not Secured]"; } leaf num-live-peers { type uint32; description "Number of Live Peers"; } leaf first-ca { type boolean; description "Is First CA"; } leaf peer-sci { type string; description "Peer SCI(MAC)"; } leaf num-live-peers-responded { type uint32; description "Number of Live Peers responded"; } leaf ckn { type string; description "CKN"; } leaf my-mi { type string; description "Member Identifier"; } leaf my-mn { type uint32; description "Message Number"; } leaf authenticator { type boolean; description "authenticator"; } leaf num-suspend-request { type uint32; description "Number of Suspend Request"; } leaf status-description { type string; description "Status Description"; } leaf authentication-mode { type string; description "CA Authentication Mode :PRIMARY-PSK/FALLBACK-PSK/EAP"; } leaf key-chain { type string; description "Key Chain name"; } list live-peer { description "Live Peer List"; leaf mi { type string; description "Member ID"; } leaf sci { type string; description "Rx SCI"; } leaf mn { type uint32; description "Message Number"; } leaf priority { type uint32; description "KS Priority"; } leaf ssci { type uint32; description "Peer SSCI"; } } // list live-peer list potential-peer { description "Potential Peer List"; leaf mi { type string; description "Member ID"; } leaf sci { type string; description "Rx SCI"; } leaf mn { type uint32; description "Message Number"; } leaf priority { type uint32; description "KS Priority"; } leaf ssci { type uint32; description "Peer SSCI"; } } // list potential-peer list suspend-peer { description "Suspend Peer List"; leaf rx-sci { type uint64; description "RX SCI"; } leaf rx-ssci { type uint32; description "RX SSCI"; } } // list suspend-peer } // list ca } // container session container statistics { description "MKA Statistics Data"; container session-stats { description "Session Stats for interface"; container sak-data { description "Last SAK Data"; leaf an { type string; description "AN"; } leaf sa-install-time { type string; description "SA Install Time"; } } // container sak-data leaf link-secure-up-time { type string; description "Link Secure Uptime"; } leaf session-up-time { type string; description "Session Uptime"; } leaf sak-rekey-count-ha { type uint32; description "Number of SAK Rekeys (since link secured)"; } leaf sak-rekey-count { type uint32; description "Number of SAK Rekeys"; } } // container session-stats container idb-stats { description "IDB stats for interface"; container mkpdu-stats { description "MKPDU Stats"; leaf tx-success { type uint32; description "MKPDU Tx Success"; } leaf rx-success { type uint32; description "MKPDU Rx Success"; } leaf tx-force-suspended { type uint32; description "MKPDU Tx force suspended"; } leaf rx-force-suspended { type uint32; description "MKPDU Rx force suspended"; } leaf no-tx-on-intf-down { type uint32; description "No Tx on intf down"; } leaf no-rx-on-intf-down { type uint32; description "No Rx on intf down"; } leaf tx-fail { type uint32; description "Tx Fail"; } leaf tx-pkt-build-fail { type uint32; description "Tx Pkt Build Fail"; } leaf rx-ca-not-found { type uint32; description "Rx CA not found"; } leaf rx-error { type uint32; description "Rx Error"; } leaf rx-invalid-length { type uint32; description "Rx Invalid length"; } leaf rx-invalid-ckn { type uint32; description "Rx invalid ckn"; } leaf rx-icv-validation-fail { type uint32; description "Rx ICV validation fail"; } leaf rx-bad-peer-mn { type uint32; description "Rx Bad Peer MN"; } leaf rx-non-recent-peerlist-mn { type uint32; description "Rx non-recent peerlist MN"; } leaf rx-sak-use-kn-mismatch { type uint32; description "Rx SAK USE KN mismatch"; } leaf rx-sak-use-rx-not-set { type uint32; description "Rx SAK USE rx not set"; } leaf rx-sak-use-key-mi-mismatch { type uint32; description "Rx SAK USE Key MI mismatch"; } leaf rx-sak-use-an-not-in-use { type uint32; description "Rx SAK USE AN not in use"; } leaf rx-sak-use-ks-rx-tx-not-set { type uint32; description "Rx SAK USE KS RX/TX not set"; } leaf rx-pkt-sak-use-ethertype-mismatch { type uint32; description "RX Packet ethertype mismatch"; } leaf rx-pkt-source-mac-null { type uint32; description "Rx Packet Source mac null"; } leaf rx-pkt-dest-mac-null { type uint32; description "Rx Packet dest mac null"; } leaf rx-pkt-pyld-null { type uint32; description "Rx Packet Payload Null"; } leaf ppk-id-nak { type uint32; description "PPK ID NAK"; } leaf ppk-id-not-found { type uint32; description "PPK id not found"; } } // container mkpdu-stats container failure-stats { description "MKA IDB Failure Stats"; container sak-failure { description "MKA IDB SAK Failure"; leaf sak-gen { type uint32; description "SAK gen failure"; } leaf hash-key-gen { type uint32; description "Hash key gen failure"; } leaf sak-encr-wrap { type uint32; description "SAK Encryption/Wrap Failure"; } leaf sak-decr-unwrap { type uint32; description "SAK Decryption/Unwrap Failure"; } } // container sak-failure container ppk-failure { description "MKA IDB PPK Failure"; leaf ppk-id-null-recv { type uint32; description "PPK ID NULL recv"; } leaf ppk-id-mismatch { type uint32; description "PPK ID mismatch"; } leaf ppk-req-timeout { type uint32; description "PPK Request timeout"; } leaf ppk-tuple-fail { type uint32; description "PPK Tuple Fail"; } leaf ppk-retrieval-fail { type uint32; description "PPK retrieval fail"; } leaf ppk-retry-fail { type uint32; description "PPK retry fail"; } leaf ppk-tid-mismatch { type uint32; description "PPK TID mismatch"; } leaf ppk-hash-key-gen { type uint32; description "PPK Hash key generation fail"; } leaf ppk-id-encr-wrap { type uint32; description "PPK Id encryption/Wrap fail"; } leaf ppk-id-decr-unwrap { type uint32; description "PPK id decryption/unwrap fail"; } leaf ppk-aipc-conn-down { type uint32; description "PPK Aipc conn down"; } } // container ppk-failure container macsec-failure { description "MKA IDB MACsec Failure"; leaf rx-sc-creation { type uint32; description "Rx SC creation failure"; } leaf tx-sc-creation { type uint32; description "Tx SC creation failure"; } leaf rx-sa-install { type uint32; description "Rx SA install failure"; } leaf tx-sa-install { type uint32; description "Tx SA install failure"; } } // container macsec-failure } // container failure-stats } // container idb-stats leaf interface-name { type string; description "Interface Name"; } list ca-stat { description "List of CA stats"; container key-derivation-stats { description "MKA Key derivation stats"; leaf sak-generated { type uint32; description "SAK Generated"; } leaf sak-rekeyed { type uint32; description "SAK Rekeyed"; } leaf sak-received { type uint32; description "SAK Received"; } leaf sak-resp-rvcd { type uint32; description "SAK Respone Received"; } leaf ppk-tuple-generated { type uint32; description "PPK Tuple Generated"; } leaf ppk-retrieved { type uint32; description "PPK Retrieved"; } leaf pairwise-cak-derived { type uint32; description "Pairwise CAK derived"; } leaf pairwise-cak-rekey { type uint32; description "Pairwise CAK rekey"; } } // container key-derivation-stats container mkpdu-stats { description "MKA MKPDU CA stats"; container ca-tx { description "MKPDU CA tx stats"; leaf mkpdu-transmitted { type uint32; description "MKPDU Transmitted"; } leaf dist-sak { type uint32; description "Distributed SAK"; } leaf dist-ppk { type uint32; description "Distributed PPK"; } leaf dist-cak { type uint32; description "Distributed CAK"; } leaf ppk-capable { type uint32; description "PPK Cabable"; } } // container ca-tx container ca-rx { description "MKPDU CA rx stats"; leaf mkpdu-received { type uint32; description "MKPDU Received"; } leaf dist-sak { type uint32; description "Distributed SAK"; } leaf dist-ppk { type uint32; description "Distributed PPK"; } leaf dist-cak { type uint32; description "Distributed CAK"; } leaf ppk-capable { type uint32; description "PPK Cabable"; } } // container ca-rx container ca-rx-fail { description "CA Rx Fail"; leaf rx-icv-validation-fail { type uint32; description "Rx ICV validation fail"; } leaf rx-bad-peer-mn { type uint32; description "Rx Bad Peer MN"; } leaf rx-non-recent-peerlist-mn { type uint32; description "Rx non-recent peerlist MN"; } leaf rx-sak-use-kn-mismatch { type uint32; description "Rx SAK USE KN mismatch"; } leaf rx-sak-use-rx-not-set { type uint32; description "Rx SAK USE rx not set"; } leaf rx-sak-use-key-mi-mismatch { type uint32; description "Rx SAK USE Key MI mismatch"; } leaf rx-sak-use-an-not-in-use { type uint32; description "Rx SAK USE AN not in use"; } leaf rx-sak-use-ks-rx-tx-not-set { type uint32; description "Rx SAK USE KS RX/TX not set"; } leaf ppk-id-nak { type uint32; description "PPK ID NAK"; } leaf ppk-id-not-found { type uint32; description "PPK id not found"; } } // container ca-rx-fail } // container mkpdu-stats container ppk-failure { description "CA PPK Failure"; leaf ppk-id-null-recv { type uint32; description "PPK ID NULL recv"; } leaf ppk-id-mismatch { type uint32; description "PPK ID mismatch"; } leaf ppk-req-timeout { type uint32; description "PPK Request timeout"; } leaf ppk-tuple-fail { type uint32; description "PPK Tuple Fail"; } leaf ppk-retrieval-fail { type uint32; description "PPK retrieval fail"; } leaf ppk-retry-fail { type uint32; description "PPK retry fail"; } leaf ppk-tid-mismatch { type uint32; description "PPK TID mismatch"; } leaf ppk-aipc-conn-down { type uint32; description "PPK Aipc conn down"; } } // container ppk-failure leaf ckn { type string; description "CKN"; } leaf ca-type { type string; description "CA type"; } } // list ca-stat } // container statistics container info { description "MKA Interface Summary Data"; container interface-summary { description "MKA Interface Summary"; leaf interface-name { type string; description "macsec configured interface"; } leaf short-name { type string; description "Short Name String"; } leaf key-chain { type string; description "Name of the Key chain"; } leaf policy { type string; description "Policy name"; } leaf macsec-svc-port { type boolean; description "Is macsec-service port or not"; } leaf macsec-svc-port-type { type Macsec-service-port; description "Macsec-service Encryption / Decryption port"; } leaf svcport-short-name { type string; description "Macsec Service paired port Short Name String"; } leaf mka-mode { type Mka-authentication-mode; description "MKA authentication mode"; } leaf fallback-keychain { type string; description "fallback Keychain name"; } leaf macsec-shutdown { type boolean; description "MacsecShutdown"; } } // container interface-summary } // container info leaf name { type xr:Interface-name; description "Interface Name"; } } // list interface } // container interfaces } // container mka } // container macsec } // module Cisco-IOS-XR-crypto-macsec-mka-oper
© 2023 YumaWorks, Inc. All rights reserved.