NETCONF Protocol * Data Types * Abstract object for PDU components * RPCs Translated from RFC 4741 and RFC 6241. Copyright (...
Version: 2015-04-30
module yuma-netconf { yang-version 1; namespace "urn:ietf:params:xml:ns:netconf:base:1.0"; prefix nc; import ietf-inet-types { prefix inet; } import ietf-yang-types { prefix yang; } import ietf-netconf-acm { prefix nacm; } import yuma-ncx { prefix ncx; } contact "Translated by Andy Bierman. Send comments to <support@yumaworks.com>."; description "NETCONF Protocol * Data Types * Abstract object for PDU components * RPCs Translated from RFC 4741 and RFC 6241. Copyright (c) 2008 - 2015 Andy Bierman and the persons identified as authors of the code. All rights reserved. Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the BSD 3-Clause License http://opensource.org/licenses/BSD-3-Clause"; revision "2015-04-30" { description "Added last-modified and etag to some operations"; } revision "2013-09-28" { description "Added nacm:default-deny-all to some operations."; } revision "2013-09-23" { description "Added ncx:last-modifed and ncx:etag support to <load-config> operation and <config> node"; } revision "2013-07-07" { description "Added support for trace-id attribute in <rpc> element"; } revision "2012-10-05" { description "Updated typedefs to RFC versions where they overlapped. Remove nacm extension usage; not needed due to server code which not not allow any client session to invoke this operation, even superuser."; } revision "2011-05-30" { description "Update for NETCONF base:1.1 version"; } revision "2010-05-24" { description "Align rpc statements with ietf-netconf.yang"; } revision "2010-05-06" { description "Remove nacm:secure on delete-config; Fix bugs in parameters that did not match ietf-netconf.yang."; } revision "2009-04-10" { description "Remove rpc-type extension usage."; } revision "2009-02-24" { description "Change yang:uri to inet:uri (import moved)."; } revision "2008-08-30" { description "Add some NCX extensions to automate some server processing."; } revision "2008-04-26" { description "Change get-config and get output from 'config' to 'data'."; } revision "2008-04-16" { description "Initial conversion from netconf.ncx version 0.6."; } extension get-filter-element-attributes { description "If this extension is present within the an 'anyxml' statement named 'filter', which must be conceptually defined within the RPC input section for the 'get' and 'get-config' RPC operations, then the following unqualified XML attribute is supported within the 'filter' element, within a 'get' or 'get-config' protocol operation: type : optional attribute with allowed value strings 'subtree' and 'xpath'. If missing, the default value is 'subtree'. If the 'xpath' feature is supported, then the following unqualified XML attribute is also supported: select: optional attribute containing a string representing an XPath expression. The 'type' attribute must be equal to 'xpath' if this attribute is present."; } feature writable-running { description "NETCONF :writable-running capability; If the server advertises the :writable-running capability for a session, then this feature must also be enabled for that session. Otherwise, this feature must not be enabled."; reference "RFC 6241, section 8.2."; } feature candidate { description "NETCONF :candidate capability; If the server advertises the :candidate capability for a session, then this feature must also be enabled for that session. Otherwise, this feature must not be enabled."; reference "RFC 6241, section 8.3."; } feature confirmed-commit { if-feature candidate; description "NETCONF :confirmed-commit:1.1 capability; If the server advertises the :confirmed-commit:1.1 capability for a session, then this feature must also be enabled for that session. Otherwise, this feature must not be enabled."; reference "RFC 6241, section 8.4."; } feature rollback-on-error { description "NETCONF :rollback-on-error capability; If the server advertises the :rollback-on-error capability for a session, then this feature must also be enabled for that session. Otherwise, this feature must not be enabled."; reference "RFC 6241, section 8.5."; } feature validate { description "NETCONF :validate:1.1 capability; If the server advertises the :validate:1.1 capability for a session, then this feature must also be enabled for that session. Otherwise, this feature must not be enabled."; reference "RFC 6241, section 8.6."; } feature startup { description "NETCONF :startup capability; If the server advertises the :startup capability for a session, then this feature must also be enabled for that session. Otherwise, this feature must not be enabled."; reference "RFC 6241, section 8.7."; } feature url { description "NETCONF :url capability; If the server advertises the :url capability for a session, then this feature must also be enabled for that session. Otherwise, this feature must not be enabled."; reference "RFC 6241, section 8.8."; } feature xpath { description "NETCONF :xpath capability; If the server advertises the :xpath capability for a session, then this feature must also be enabled for that session. Otherwise, this feature must not be enabled."; reference "RFC 6241, section 8.9."; } typedef Language { type string { pattern '[a-zA-Z]{1,8}(-[a-zA-Z0-9]{1,8})*'; } description "XML language type for LangString"; } typedef session-id-type { type uint32 { range "1..max"; } description "NETCONF Session Id"; } typedef session-id-or-zero-type { type uint32; description "NETCONF Session Id or Zero to indicate none"; } typedef ConfigURIType { type inet:uri; } typedef LangString { type string { ncx:metadata "Language lang"; } description "XML string with a language attribute."; } typedef MessageId { type string { length "1..4095"; } description "NETCONF message-id attribute"; } typedef ErrorType { type enumeration { enum "transport" { value 0; } enum "rpc" { value 1; } enum "protocol" { value 2; } enum "application" { value 3; } } description "NETCONF Error Type"; } typedef error-tag-type { type enumeration { enum "in-use" { value 0; description "The request requires a resource that already is in use."; } enum "invalid-value" { value 1; description "The request specifies an unacceptable value for one or more parameters."; } enum "too-big" { value 2; description "The request or response (that would be generated) is too large for the implementation to handle."; } enum "missing-attribute" { value 3; description "An expected attribute is missing."; } enum "bad-attribute" { value 4; description "An attribute value is not correct; e.g., wrong type, out of range, pattern mismatch."; } enum "unknown-attribute" { value 5; description "An unexpected attribute is present."; } enum "missing-element" { value 6; description "An expected element is missing."; } enum "bad-element" { value 7; description "An element value is not correct; e.g., wrong type, out of range, pattern mismatch."; } enum "unknown-element" { value 8; description "An unexpected element is present."; } enum "unknown-namespace" { value 9; description "An unexpected namespace is present."; } enum "access-denied" { value 10; description "Access to the requested protocol operation, or data model is denied because authorization failed."; } enum "lock-denied" { value 11; description "Access to the requested lock is denied because the lock is currently held by another entity."; } enum "resource-denied" { value 12; description "Request could not be completed because of insufficient resources."; } enum "rollback-failed" { value 13; description "Request to rollback some configuration change (via rollback-on-error or discard-changes operations) was not completed for some reason."; } enum "data-exists" { value 14; description "Request could not be completed because the relevant data model content already exists. For example, a 'create' operation was attempted on data that already exists."; } enum "data-missing" { value 15; description "Request could not be completed because the relevant data model content does not exist. For example, a 'delete' operation was attempted on data that does not exist."; } enum "operation-not-supported" { value 16; description "Request could not be completed because the requested operation is not supported by this implementation."; } enum "operation-failed" { value 17; description "Request could not be completed because the requested operation failed for some reason not covered by any other error condition."; } enum "partial-operation" { value 18; description "This error-tag is obsolete, and SHOULD NOT be sent by servers conforming to this document."; } enum "malformed-message" { value 19; description "A message could not be handled because it failed to be parsed correctly. For example, the message is not well-formed XML or it uses an invalid character set."; } } description "NETCONF Error Tag"; reference "RFC 6241, Appendix A."; } typedef error-severity-type { type enumeration { enum "error" { value 0; description "Error severity"; } enum "warning" { value 1; description "Warning severity"; } } description "NETCONF Error Severity"; reference "RFC XXXX, section 4.3."; } typedef TestOptionType { type enumeration { enum "test-then-set" { value 0; } enum "set" { value 1; } enum "test-only" { value 2; } } description "NETCONF 'test-option' Element Content."; } typedef ErrorOptionType { type enumeration { enum "stop-on-error" { value 0; } enum "continue-on-error" { value 1; } enum "rollback-on-error" { value 2; } } default "stop-on-error"; description "NETCONF 'error-option' Element Content"; } typedef FilterType { type enumeration { enum "subtree" { value 0; } enum "xpath" { value 1; } } default "subtree"; description "NETCONF 'filter' Attribute Content"; } typedef SelectString { type string { ncx:xpath; } description "XPath string used in the select attribute."; } typedef edit-operation-type { type enumeration { enum "merge" { value 0; description "The configuration data identified by the element containing this attribute is merged with the configuration at the corresponding level in the configuration datastore identified by the target parameter."; } enum "replace" { value 1; description "The configuration data identified by the element containing this attribute replaces any related configuration in the configuration datastore identified by the target parameter. If no such configuration data exists in the configuration datastore, it is created. Unlike a <copy-config> operation, which replaces the entire target configuration, only the configuration actually present in the config parameter is affected."; } enum "create" { value 2; description "The configuration data identified by the element containing this attribute is added to the configuration if and only if the configuration data does not already exist in the configuration datastore. If the configuration data exists, an <rpc-error> element is returned with an <error-tag> value of 'data-exists'."; } enum "delete" { value 3; description "The configuration data identified by the element containing this attribute is deleted from the configuration if and only if the configuration data currently exists in the configuration datastore. If the configuration data does not exist, an <rpc-error> element is returned with an <error-tag> value of 'data-missing'."; } enum "delete-all" { value 4; description "Delete all instances of a the data node. If at least one instance of the configuration data does not exist, an <rpc-error> element is returned with an <error-tag> value of 'data-missing'. YumaPro Server ONLY!"; } enum "remove" { value 5; description "The configuration data identified by the element containing this attribute is deleted from the configuration if the configuration data currently exists in the configuration datastore. If the configuration data does not exist, the 'remove' operation is silently ignored by the server."; } enum "remove-all" { value 6; description "Remove all instances of a the data node. YumaPro Server ONLY!"; } } default "merge"; description "NETCONF 'operation' attribute values"; reference "RFC XXXX, section 7.2."; } typedef DefaultOperationType { type enumeration { enum "merge" { value 0; } enum "replace" { value 1; } enum "none" { value 2; } } default "merge"; description "NETCONF 'default-operation' Element Content"; } typedef ConfirmTimeoutType { type uint32 { range "1..max"; } units "seconds"; default "600"; description "NETCONF 'confirm-timeout' Element Content"; } container server-hello { ncx:hidden; ncx:abstract; description "Generic Server Hello Message Parameters."; container capabilities { config false; leaf-list capability { type inet:uri; description "One Generic Capability URI."; } } // container capabilities leaf session-id { type session-id-type; config false; } } // container server-hello container client-hello { ncx:hidden; ncx:abstract; description "Generic Client Hello Message Parameters."; container capabilities { config false; leaf-list capability { type inet:uri; description "One Generic Capability URI."; } } // container capabilities } // container client-hello leaf operation { ncx:abstract; ncx:hidden; type edit-operation-type; description "Internal object for the nc:operation attribute."; } container rpc { ncx:metadata "MessageId message-id"; ncx:abstract; description "Remote Procedure Call request message"; reference "RFC 4741, section 4.1"; } // container rpc container rpc-reply { ncx:metadata "MessageId message-id"; ncx:metadata "string trace-id"; ncx:abstract; description "Remote Procedure Call response message"; reference "RFC 4741, section 4.2"; choice ok-or-data-error { mandatory true; leaf ok { type empty; description "Sent in 'rpc-reply' messages if no errors or warnings occurred during the processing of an 'rpc' request."; } list rpc-error { config false; leaf error-type { type ErrorType; mandatory true; description "Defines the conceptual layer that the error occurred."; } leaf error-tag { type error-tag-type; mandatory true; description "Contains a string identifying the error condition."; } leaf error-severity { type error-severity-type; mandatory true; description "Contains a string identifying the error severity, as determined by the device."; } leaf error-app-tag { type string; description "Contains a string identifying the data-model-specific or implementation-specific error condition, if one exists. This element will not be present if no appropriate application error tag can be associated with a particular error condition."; } leaf error-path { type yang:xpath1.0; description "Contains the absolute XPath [2] expression identifying the element path to the node that is associated with the error being reported in a particular rpc-error element. This element will not be present if no appropriate payload element can be associated with a particular error condition, or if the 'bad-element' QString returned in the 'error-info' container is sufficient to identify the node associated with the error. When the XPath expression is interpreted, the set of namespace declarations are those in scope on the rpc-error element, including the default namespace."; } leaf error-message { type LangString; description "Contains a string suitable for human display that describes the error condition. This element will not be present if no appropriate message is provided for a particular error condition. This element SHOULD include an xml:lang attribute."; } anyxml error-info { description "Contains protocol- or data-model-specific error content. This element will not be present if no such error content is provided for a particular error condition. The list in RFC 4741, Appendix A, defines any mandatory error-info content for each error. After any protocol-mandated content, a data model definition may mandate that certain application-layer error information be included in the error-info container. An implementation may include additional elements to provide extended and/or implementation-specific debugging information."; } } // list rpc-error } // choice ok-or-data-error } // container rpc-reply rpc get-config { description "Retrieve all or part of a specified configuration."; reference "RFC 4741, section 7.2"; input { container source { description "Particular configuration to retrieve."; choice config-source { mandatory true; leaf candidate { if-feature candidate; type empty; } leaf running { type empty; } leaf startup { if-feature startup; type empty; description "This is optional-to-implement on the server because not all servers will support filtering for this database."; } } // choice config-source } // container source anyxml filter { nc:get-filter-element-attributes; ncx:metadata "FilterType type"; ncx:metadata "SelectString select"; description "Subtree or Xpath filter to use."; } } output { container data { ncx:root; presence "An empty data container indicates that the request did not produce any results."; description "Copy of the source database subset which matched the filter criteria (if any)."; } // container data } } // rpc get-config rpc edit-config { description "The 'edit-config' operation loads all or part of a specified configuration to the specified target configuration. This operation allows the new configuration to be expressed in several ways, such as using a local file, a remote file, or inline. If the target configuration does not exist, it will be created. If a NETCONF peer supports the :url capability (Section 8.8), the <url> element can appear instead of the <config> parameter and should identify a local configuration file. The device analyzes the source and target configurations and performs the requested changes. The target configuration is not necessarily replaced, as with the <copy-config> message. Instead, the target configuration is changed in accordance with the source's data and requested operations."; reference "RFC 4741, section 7.2"; input { container target { description "Particular configuration to edit."; choice config-target { mandatory true; leaf candidate { if-feature candidate; type empty; } leaf running { if-feature writable-running; type empty; } } // choice config-target } // container target leaf default-operation { type DefaultOperationType; default "merge"; description "Default operation to apply if not explicitly set."; } leaf test-option { if-feature validate; type TestOptionType; default "test-then-set"; description "Test option if validate capability supported. The 'validate' capability must be present to set this object to 'test-then-set'."; } leaf error-option { type ErrorOptionType; default "stop-on-error"; description "Error recovery option."; } choice edit-content { mandatory true; container config { ncx:root; ncx:metadata "string last-modified"; ncx:metadata "string etag"; description "Inline Config content: 'config' element."; } // container config leaf url { if-feature url; type inet:uri; description "Pointer to Config content: 'url' element."; } } // choice edit-content } } // rpc edit-config rpc copy-config { description "Create or replace an entire configuration datastore with the contents of another complete configuration datastore. If the target datastore exists, it is overwritten. Otherwise, a new one is created, if allowed. If a NETCONF peer supports the :url capability (Section 8.8), the 'url' element can appear as the <source> or <target> parameter. Even if it advertises the :writable-running capability, a device may choose not to support the <running/> configuration datastore as the <target> parameter of a <copy-config> operation. A device may choose not to support remote-to-remote copy operations, where both the <source> and <target> parameters use the <url> element. If the source and target parameters identify the same URL or configuration datastore, an error MUST be returned with an error- tag containing invalid-value."; reference "RFC 4741, section 7.3"; input { container target { description "Particular configuration to copy to."; choice config-target { mandatory true; leaf candidate { if-feature candidate; type empty; } leaf running { if-feature writable-running; type empty; description "This is optional-to-implement on the server."; } leaf startup { if-feature startup; type empty; } leaf url { if-feature url; type inet:uri; } } // choice config-target } // container target container source { description "Particular configuration to copy from."; choice config-source { mandatory true; leaf candidate { if-feature candidate; type empty; } leaf running { type empty; } leaf startup { if-feature startup; type empty; } leaf url { if-feature url; type inet:uri; } container config { ncx:root; ncx:metadata "string last-modified"; ncx:metadata "string etag"; description "Inline Config content: 'config' element. Represents an entire 'stand-alone' configuration database, not a subset of the running database."; } // container config } // choice config-source } // container source } } // rpc copy-config rpc delete-config { nacm:default-deny-all; description "Delete a configuration datastore. The 'running' configuration datastore cannot be deleted. If a NETCONF peer supports the :url capability (Section 8.8), the 'url' element can appear as the <target> parameter."; reference "RFC 4741, section 7.4"; input { container target { description "Particular configuration to delete."; choice config-target { mandatory true; leaf startup { if-feature startup; type empty; } leaf url { if-feature url; type inet:uri; } } // choice config-target } // container target } } // rpc delete-config rpc lock { description "The lock operation allows the client to lock the configuration system of a device. Such locks are intended to be short-lived and allow a client to make a change without fear of interaction with other NETCONF clients, non-NETCONF clients (e.g., SNMP and command line interface (CLI) scripts), and human users. ..."; reference "RFC 4741, section 7.5"; input { container target { description "Particular configuration to lock"; choice config-target { mandatory true; leaf candidate { if-feature candidate; type empty; } leaf running { type empty; } leaf startup { if-feature startup; type empty; } } // choice config-target } // container target } } // rpc lock rpc unlock { description "The unlock operation is used to release a configuration lock, previously obtained with the 'lock' operation. An unlock operation will not succeed if any of the following conditions are true: * the specified lock is not currently active * the session issuing the <unlock> operation is not the same session that obtained the lock The server MUST respond with either an <ok> element or an 'rpc-error'."; reference "RFC 4741, section 7.6"; input { container target { description "Particular configuration to unlock."; choice config-target { mandatory true; leaf candidate { if-feature candidate; type empty; } leaf running { type empty; } leaf startup { if-feature startup; type empty; } } // choice config-target } // container target } } // rpc unlock rpc get { description "Retrieve running configuration and device state information."; reference "RFC 4741, section 7.7"; input { anyxml filter { nc:get-filter-element-attributes; ncx:metadata "FilterType type"; ncx:metadata "string select"; description "This parameter specifies the portion of the system configuration and state data to retrieve. If this parameter is empty, all the device configuration and state information is returned. The filter element may optionally contain a 'type' attribute. This attribute indicates the type of filtering syntax used within the filter element. The default filtering mechanism in NETCONF is referred to as subtree filtering and is described in Section 6. The value 'subtree' explicitly identifies this type of filtering. If the NETCONF peer supports the :xpath capability (Section 8.9), the value 'xpath' may be used to indicate that the select attribute of the filter element contains an XPath expression."; } } output { container data { ncx:root; presence "An empty data container indicates that the filter request did not match any results."; description "Copy of the 'running' database subset and/or state data which matched the filter criteria (if any)."; } // container data } } // rpc get rpc close-session { description "Request graceful termination of a NETCONF session. When a NETCONF server receives a <close-session> request, it will gracefully close the session. The server will release any locks and resources associated with the session and gracefully close any associated connections. Any NETCONF requests received after a 'close-session' request will be ignored."; reference "RFC 4741, section 7.8"; } // rpc close-session rpc kill-session { nacm:default-deny-all; description "Force the termination of a NETCONF session. When a NETCONF entity receives a <kill-session> request for an open session, it will abort any operations currently in process, release any locks and resources associated with the session, and close any associated connections. If a NETCONF server receives a <kill-session> request while processing a confirmed commit (Section 8.4), it must restore the configuration to its state before the confirmed commit was issued. Otherwise, the <kill-session> operation does not roll back configuration or other device state modifications made by the entity holding the lock."; reference "RFC 4741, section 7.9"; input { leaf session-id { type session-id-type; mandatory true; description "Particular session to kill."; } } } // rpc kill-session rpc commit { if-feature candidate; description "When a candidate configuration's content is complete, the configuration data can be committed, publishing the data set to the rest of the device and requesting the device to conform to the behavior described in the new configuration. To commit the candidate configuration as the device's new current configuration, use the <commit> operation. The 'commit' operation instructs the device to implement the configuration data contained in the candidate configuration. If the device is unable to commit all of the changes in the candidate configuration datastore, then the running configuration MUST remain unchanged. If the device does succeed in committing, the running configuration MUST be updated with the contents of the candidate configuration. If the system does not have the :candidate capability, the 'commit' operation is not available."; reference "RFC 4741, section 8.3.4.1"; input { leaf confirmed { if-feature confirmed-commit; type empty; description "Request a confirmed commit."; reference "RFC 4741, section 8.4.5.1"; } leaf confirm-timeout { if-feature confirmed-commit; type ConfirmTimeoutType; description "Request a specific timeout period for a confirmed commit if 'confirmed-commit' capability supported."; reference "RFC 4741, section 8.4.5.1"; } leaf persist { if-feature confirmed-commit; type string; description "This parameter is used to make a confirmed commit persistent. A persistent confirmed commit is not aborted if the NETCONF session terminates. The only way to abort a persistent confirmed commit it to let the timer expire, or to use the cancel-commit operation. The value of this parameter is a token that must be given in the 'persist-id' parameter of commit or cancel-commit in order to confirm or cancel the persistent confirmed commit. The token should be a random string."; reference "RFC 6241, section 8.3.4.1."; } leaf persist-id { if-feature confirmed-commit; type string; description "This parameter is given in order to commit a persistent confirmed commit. The value must be equal to the value given in the 'persist' parameter to the commit operation. If it does not match, the operation fails with an 'invalid-value' error."; reference "RFC 6241, section 8.3.4.1."; } } } // rpc commit rpc discard-changes { if-feature candidate; description "If the client decides that the candidate configuration should not be committed, the 'discard-changes' operation can be used to revert the candidate configuration to the current running configuration. This operation discards any uncommitted changes by resetting the candidate configuration with the content of the running configuration."; reference "RFC 4741, section 8.3.4.2"; } // rpc discard-changes rpc cancel-commit { if-feature confirmed-commit; description "This operation is used to cancel an ongoing confirmed commit. If the confirmed commit is persistent, the parameter 'persist-id' must be given, and it must match the value of the 'persist' parameter."; reference "RFC 6241, section 8.4.4.1."; input { leaf persist-id { type string; description "This parameter is given in order to cancel a persistent confirmed commit. The value must be equal to the value given in the 'persist' parameter to the commit operation. If it does not match, the operation fails with an 'invalid-value' error."; } } } // rpc cancel-commit rpc validate { if-feature validate; description "Validates the contents of the specified configuration."; reference "RFC 4741, section 8.6.4.1"; input { container source { description "Particular configuration to validate."; choice config-source { mandatory true; leaf candidate { if-feature candidate; type empty; } leaf running { type empty; } leaf startup { if-feature startup; type empty; } leaf url { if-feature url; type inet:uri; } container config { ncx:root; ncx:metadata "string last-modified"; ncx:metadata "string etag"; description "Inline Config content: 'config' element. Represents an entire 'stand-alone' configuration database, not a subset of the running database."; } // container config } // choice config-source } // container source } } // rpc validate rpc load-config { ncx:hidden; ncx:abstract; description "NCX internal load-config operation. The config database can be loaded dynamically only if the startup config phase was skipped via the 'no-startup' option. An operation-failed error will be returned and any startup config file was loaded (even partially) successfully."; input { container config { ncx:root; ncx:metadata "string last-modified"; ncx:metadata "string etag"; description "XML Config contents."; } // container config } } // rpc load-config container config { ncx:root; ncx:abstract; ncx:metadata "string last-modified"; ncx:metadata "string etag"; description "Used as the container for NETCONF object definitions."; } // container config } // module yuma-netconf
© 2023 YumaWorks, Inc. All rights reserved.