This module contains a collection of YANG definitions for Cisco IOS-XR tpa package configuration. This YANG module augments the...
Version: 2021-05-10
module Cisco-IOS-XR-um-tpa-cfg { yang-version 1; namespace "http://cisco.com/ns/yang/Cisco-IOS-XR-um-tpa-cfg"; prefix um-tpa-cfg; import Cisco-IOS-XR-types { prefix xr; } import ietf-inet-types { prefix inet; } import cisco-semver { prefix semver; } organization "Cisco Systems, Inc."; contact "Cisco Systems, Inc. Customer Service Postal: 170 West Tasman Drive San Jose, CA 95134 Tel: +1 800 553-NETS E-mail: cs-yang@cisco.com"; description "This module contains a collection of YANG definitions for Cisco IOS-XR tpa package configuration. This YANG module augments the modules with configuration data. Copyright (c) 2021 by Cisco Systems, Inc. All rights reserved."; revision "2021-05-10" { description "Initial release"; } semver:module-version "1.0.0"; feature app_host_is_feature_vrf_namespace_enabled_parser { description "app host is feature vrf namespace enabled parser"; } container tpa { description "Third Party Applications Subcommands"; container statistics { description "Global interface statistics options"; leaf update-frequency { type uint32 { range "1..99999999"; } description "Delay in seconds for XR stats sync to Linux."; } container disable { presence "Indicates a disable node is configured."; description "disable statistics syncing from XR to Linux"; } // container disable leaf max-lpts-events { type uint32 { range "1..99999999"; } description "How many events to allow show kim lpts statistics to record"; } leaf max-intf-events { type uint32 { range "1..99999999"; } description "How many events to allow show kim interface statistics to record"; } } // container statistics container logging { description "Third party application logging options"; container kim { description "KIM logging options"; leaf file-max-size-kb { type uint32 { range "0..999999999"; } description "perform log rotation when the kim log file hits this size"; } leaf rotation-max { type uint32 { range "1..1000"; } description "how many kim log files to keep in log rotation"; } } // container kim } // container logging container vrfs { description "VRF name"; list vrf { if-feature app_host_is_feature_vrf_namespace_enabled_parser; key "vrf-name"; description "Name of VRF"; leaf vrf-name { type union { type string { pattern "default"; } type xr:Cisco-ios-xr-string { length "1..32"; pattern "[a-zA-Z0-9._-]+"; } } description "Name of VRF"; } container east-wests { description "Global interface East-West communication options"; list east-west { key "east-west-interface"; description "Global interface East-West communication options"; leaf east-west-interface { type xr:Interface-name; description "Global interface East-West communication options"; } leaf vrf { type xr:Cisco-ios-xr-string { length "1..32"; pattern "[a-zA-Z0-9._-]+"; } mandatory true; description "VRF name (must be same as ../../../vrf-name)"; } leaf interface { type xr:Interface-name; mandatory true; description "Interface name (must be same as ../east-west-interface)"; } } // list east-west } // container east-wests container disable { presence "Indicates a disable node is configured."; description "Disable KIM route and interface creation"; } // container disable container address-family { description "Address-family configuration subcommands"; container ipv4 { description "IPv4 commands"; container update-source { description "Set the update source addresses for Linux routed traffic"; container dataports { description "Set the update source for all dataports"; container active-management { must "not(../interface)"; presence "Indicates a active-management node is configured."; description "Use the management port on the Active RP"; } // container active-management leaf interface { type xr:Interface-name; must "not(../active-management)"; description "Select an interface to use as source for all dataports"; } } // container dataports container destinations { description "Set the update source for a destination interfaces"; list destination { key "destination-interface"; description "Set the update source for a destination interfaces"; leaf destination-interface { type xr:Interface-name { pattern "MgmtEth.*"; } description "Set the update source for a destination interfaces"; } leaf source { type xr:Interface-name; mandatory true; description "Set the update source for this interface"; } } // list destination } // container destinations } // container update-source container default-route { description "Linux default route configuration"; container mgmt { presence "Indicates a mgmt node is configured."; description "By default all Linux traffic is default routed over the line card ports. Use this option if instead you wish the default to be routed via the RP. This option also makes it possible to default route over the management ports. Note that due to the extra hop via RP performance will be lower for Linux traffic."; } // container mgmt } // container default-route container protection { description "Configure traffic protection for Third Party Applications"; container allow { description "TPA filtering entry to restrict incoming traffic"; container protocols { description "L4 protocol"; list protocol { must "local-port"; key "protocol-name"; description "configure this node"; leaf protocol-name { type enumeration { enum "tcp" { value 6; description "Transmission Control Protocol, RFC 793. (6)"; } enum "udp" { value 17; description "User Datagram Protocol, RFC 768. (17)"; } } description "configure this node"; } list local-port { must "interfaces/interface or local-addresses/local-address or remote-addresses/remote-address or interface-local-addresses/interface-local-address or local-address-remote-addresses/local-address-remote-address or interface-local-address-remote-addresses/interface-local-address-remote-address"; key "port-number"; description "local L4 port"; leaf port-number { type uint32 { range "1..65535"; } description "local L4 port"; } container interfaces { description "Select an interface to restrict traffic to"; list interface { key "interface-name"; description "Select an interface to restrict traffic to"; leaf interface-name { type xr:Interface-name; description "Select an interface to restrict traffic to"; } } // list interface } // container interfaces container local-addresses { description "Local address to filter against"; list local-address { key "local-address local-address-length"; description "Local address to filter against"; leaf local-address { type inet:ipv4-address-no-zone; description "Local address to filter against"; } leaf local-address-length { type uint32 { range "0..32"; } description "Local address to filter against"; } } // list local-address } // container local-addresses container remote-addresses { description "Remote address to filter against"; list remote-address { key "remote-address remote-address-length"; description "Remote address to filter against"; leaf remote-address { type inet:ipv4-address-no-zone; description "Remote address to filter against"; } leaf remote-address-length { type uint32 { range "0..32"; } description "Remote address to filter against"; } } // list remote-address } // container remote-addresses container interface-local-addresses { description "Interface and local address to filter against"; list interface-local-address { key "interface-name local-address local-address-length"; description "Interface and local address to filter against"; leaf interface-name { type xr:Interface-name; description "Select an interface to restrict traffic to"; } leaf local-address { type inet:ipv4-address-no-zone; description "Local address to filter against"; } leaf local-address-length { type uint32 { range "0..32"; } description "Local address to filter against"; } } // list interface-local-address } // container interface-local-addresses container interface-remote-addresses { description "Interface and remote address to filter against"; list interface-remote-address { key "interface-name remote-address remote-address-length"; description "Interface and remote address to filter against"; leaf interface-name { type xr:Interface-name; description "Select an interface to restrict traffic to"; } leaf remote-address { type inet:ipv4-address-no-zone; description "Remote address to filter against"; } leaf remote-address-length { type uint32 { range "0..32"; } description "Remote address to filter against"; } } // list interface-remote-address } // container interface-remote-addresses container local-address-remote-addresses { description "Local and remote address to filter against"; list local-address-remote-address { key "local-address local-address-length remote-address remote-address-length"; description "Local and remote address to filter against"; leaf local-address { type inet:ipv4-address-no-zone; description "Local address to filter against"; } leaf local-address-length { type uint32 { range "0..32"; } description "Local address to filter against"; } leaf remote-address { type inet:ipv4-address-no-zone; description "Remote address to filter against"; } leaf remote-address-length { type uint32 { range "0..32"; } description "Remote address to filter against"; } } // list local-address-remote-address } // container local-address-remote-addresses container interface-local-address-remote-addresses { description "Interface, local and remote address to filter against"; list interface-local-address-remote-address { key "interface-name local-address local-address-length remote-address remote-address-length"; description "Interface, local and remote address to filter against"; leaf interface-name { type xr:Interface-name; description "Select an interface to restrict traffic to"; } leaf local-address { type inet:ipv4-address-no-zone; description "Local address to filter against"; } leaf local-address-length { type uint32 { range "0..32"; } description "Local address to filter against"; } leaf remote-address { type inet:ipv4-address-no-zone; description "Remote address to filter against"; } leaf remote-address-length { type uint32 { range "0..32"; } description "Remote address to filter against"; } } // list interface-local-address-remote-address } // container interface-local-address-remote-addresses } // list local-port } // list protocol } // container protocols } // container allow } // container protection } // container ipv4 container ipv6 { description "IPv6 commands"; container update-source { description "Set the update source addresses for Linux routed traffic"; container dataports { description "Set the update source for all dataports"; container active-management { must "not(../interface)"; presence "Indicates a active-management node is configured."; description "Use the management port on the Active RP"; } // container active-management leaf interface { type xr:Interface-name; must "not(../active-management)"; description "Select an interface to use as source for all dataports"; } } // container dataports container destinations { description "Set the update source for a destination interfaces"; list destination { key "destination-interface"; description "Set the update source for a destination interfaces"; leaf destination-interface { type xr:Interface-name { pattern "MgmtEth.*"; } description "Set the update source for a destination interfaces"; } leaf source { type xr:Interface-name; mandatory true; description "Set the update source for this interface"; } } // list destination } // container destinations } // container update-source container default-route { description "Linux default route configuration"; container mgmt { presence "Indicates a mgmt node is configured."; description "By default all Linux traffic is default routed over the line card ports. Use this option if instead you wish the default to be routed via the RP. This option also makes it possible to default route over the management ports. Note that due to the extra hop via RP performance will be lower for Linux traffic."; } // container mgmt } // container default-route container protection { description "Configure traffic protection for Third Party Applications"; container allow { description "TPA filtering entry to restrict incoming traffic"; container protocols { description "L4 protocol"; list protocol { must "local-port"; key "protocol-name"; description "configure this node"; leaf protocol-name { type enumeration { enum "tcp" { value 6; description "Transmission Control Protocol, RFC 793. (6)"; } enum "udp" { value 17; description "User Datagram Protocol, RFC 768. (17)"; } } description "configure this node"; } list local-port { must "interfaces/interface or local-addresses/local-address or remote-addresses/remote-address or interface-local-addresses/interface-local-address or local-address-remote-addresses/local-address-remote-address or interface-local-address-remote-addresses/interface-local-address-remote-address"; key "port-number"; description "local L4 port"; leaf port-number { type uint32 { range "1..65535"; } description "local L4 port"; } container interfaces { description "Select an interface to restrict traffic to"; list interface { key "interface-name"; description "Select an interface to restrict traffic to"; leaf interface-name { type xr:Interface-name; description "Select an interface to restrict traffic to"; } } // list interface } // container interfaces container local-addresses { description "Local address to filter against"; list local-address { key "local-address local-address-length"; description "Local address to filter against"; leaf local-address { type inet:ipv6-address-no-zone; description "Local address to filter against"; } leaf local-address-length { type uint32 { range "0..128"; } description "Local address to filter against"; } } // list local-address } // container local-addresses container remote-addresses { description "Remote address to filter against"; list remote-address { key "remote-address remote-address-length"; description "Remote address to filter against"; leaf remote-address { type inet:ipv6-address-no-zone; description "Remote address to filter against"; } leaf remote-address-length { type uint32 { range "0..128"; } description "Remote address to filter against"; } } // list remote-address } // container remote-addresses container interface-local-addresses { description "Interface and local address to filter against"; list interface-local-address { key "interface-name local-address local-address-length"; description "Interface and local address to filter against"; leaf interface-name { type xr:Interface-name; description "Select an interface to restrict traffic to"; } leaf local-address { type inet:ipv6-address-no-zone; description "Local address to filter against"; } leaf local-address-length { type uint32 { range "0..128"; } description "Local address to filter against"; } } // list interface-local-address } // container interface-local-addresses container interface-remote-addresses { description "Interface and remote address to filter against"; list interface-remote-address { key "interface-name remote-address remote-address-length"; description "Interface and remote address to filter against"; leaf interface-name { type xr:Interface-name; description "Select an interface to restrict traffic to"; } leaf remote-address { type inet:ipv6-address-no-zone; description "Remote address to filter against"; } leaf remote-address-length { type uint32 { range "0..128"; } description "Remote address to filter against"; } } // list interface-remote-address } // container interface-remote-addresses container local-address-remote-addresses { description "Local and remote address to filter against"; list local-address-remote-address { key "local-address local-address-length remote-address remote-address-length"; description "Local and remote address to filter against"; leaf local-address { type inet:ipv6-address-no-zone; description "Local address to filter against"; } leaf local-address-length { type uint32 { range "0..128"; } description "Local address to filter against"; } leaf remote-address { type inet:ipv6-address-no-zone; description "Remote address to filter against"; } leaf remote-address-length { type uint32 { range "0..128"; } description "Remote address to filter against"; } } // list local-address-remote-address } // container local-address-remote-addresses container interface-local-address-remote-addresses { description "Interface, local and remote address to filter against"; list interface-local-address-remote-address { key "interface-name local-address local-address-length remote-address remote-address-length"; description "Interface, local and remote address to filter against"; leaf interface-name { type xr:Interface-name; description "Select an interface to restrict traffic to"; } leaf local-address { type inet:ipv6-address-no-zone; description "Local address to filter against"; } leaf local-address-length { type uint32 { range "0..128"; } description "Local address to filter against"; } leaf remote-address { type inet:ipv6-address-no-zone; description "Remote address to filter against"; } leaf remote-address-length { type uint32 { range "0..128"; } description "Remote address to filter against"; } } // list interface-local-address-remote-address } // container interface-local-address-remote-addresses } // list local-port } // list protocol } // container protocols } // container allow } // container protection } // container ipv6 } // container address-family } // list vrf } // container vrfs } // container tpa } // module Cisco-IOS-XR-um-tpa-cfg
© 2023 YumaWorks, Inc. All rights reserved.