From b4581d183065af6b82026003959b96fbe6850dd1 Mon Sep 17 00:00:00 2001 From: Marek Gradzki Date: Fri, 16 Jun 2017 14:36:52 +0200 Subject: Rename yang files to match model revision Also order of revisions was sorted starting from most current. Change-Id: I21fd35cfdb1cc5601b3fb40c9f3755bd3b995b14 Signed-off-by: Marek Gradzki --- nat/nat-api/src/main/yang/ietf-nat.yang | 1074 -------------------- nat/nat-api/src/main/yang/ietf-nat@2015-09-08.yang | 1074 ++++++++++++++++++++ nat/nat-api/src/main/yang/interface-nat.yang | 44 - .../src/main/yang/interface-nat@2016-12-14.yang | 44 + nat/nat-api/src/main/yang/nat-context.yang | 64 -- .../src/main/yang/nat-context@2016-12-14.yang | 64 ++ nat/nat-api/src/main/yang/subinterface-nat.yang | 36 - .../src/main/yang/subinterface-nat@2017-06-15.yang | 36 + 8 files changed, 1218 insertions(+), 1218 deletions(-) delete mode 100644 nat/nat-api/src/main/yang/ietf-nat.yang create mode 100644 nat/nat-api/src/main/yang/ietf-nat@2015-09-08.yang delete mode 100644 nat/nat-api/src/main/yang/interface-nat.yang create mode 100644 nat/nat-api/src/main/yang/interface-nat@2016-12-14.yang delete mode 100644 nat/nat-api/src/main/yang/nat-context.yang create mode 100644 nat/nat-api/src/main/yang/nat-context@2016-12-14.yang delete mode 100644 nat/nat-api/src/main/yang/subinterface-nat.yang create mode 100644 nat/nat-api/src/main/yang/subinterface-nat@2017-06-15.yang (limited to 'nat') diff --git a/nat/nat-api/src/main/yang/ietf-nat.yang b/nat/nat-api/src/main/yang/ietf-nat.yang deleted file mode 100644 index 54707708c..000000000 --- a/nat/nat-api/src/main/yang/ietf-nat.yang +++ /dev/null @@ -1,1074 +0,0 @@ -module ietf-nat { - - namespace "urn:ietf:params:xml:ns:yang:ietf-nat"; - //namespace to be assigned by IANA - prefix "nat"; - import ietf-inet-types { - prefix "inet"; - } - - organization "IETF NetMod Working Group"; - contact - "Senthil Sivakumar - Mohamed Boucadair - Suresh Vinapamula "; - - description - "This module is a YANG module for NAT implementations - (including both NAT44 and NAT64 flavors. - - Copyright (c) 2015 IETF Trust and the persons identified as - authors of the code. All rights reserved. - - Redistribution and use in source and binary forms, with or - without modification, is permitted pursuant to, and subject - to the license terms contained in, the Simplified BSD License - set forth in Section 4.c of the IETF Trust's Legal Provisions - Relating to IETF Documents - (http://trustee.ietf.org/license-info). - - This version of this YANG module is part of RFC XXXX; see - the RFC itself for full legal notices."; - - revision 2015-09-08 { - description "Fixes few YANG errors."; - reference "-02"; - } - - revision 2015-09-07 { - description "Completes the NAT64 model."; - reference "01"; - } - - revision 2015-08-29 { - description "Initial version."; - reference "00"; - } - - typedef percent { - type uint8 { - range "0 .. 100"; - } - description - "Percentage"; - } - - /* - * Grouping - */ - - grouping timeouts { - description - "Configure values of various timeouts."; - - leaf udp-timeouts { - type uint32; - default 300; - description - "UDP inactivity timeout."; - } - - leaf tcp-idle-timeout { - type uint32; - default 7440; - description - "TCP Idle timeout, as per RFC 5382 should be no - 2 hours and 4 minutes."; - } - - leaf tcp-trans-open-timeout { - type uint32; - default 240; - description - "The value of the transitory open connection - idle-timeout."; - } - - leaf tcp-trans-close-timeout { - type uint32; - default 240; - description - "The value of the transitory close connection - idle-timeout."; - } - - leaf tcp-in-syn-timeout { - type uint32; - default 6; - description - "6 seconds, as defined in [RFC5382]."; - } - - leaf fragment-min-timeout { - type uint32; - default 2; - description - "As long as the NAT has available resources, - the NAT allows the fragments to arrive - over fragment-min-timeout interval. - The default value is inspired from RFC6146."; - } - - leaf icmp-timeout { - type uint32; - default 60; - description - "60 seconds, as defined in [RFC5508]."; - } - } - - // port numbers: single or port range - - grouping port-number { - description - "Individual port or a range of ports."; - - choice port-type { - default single-port-number; - description - "Port type: single or port-range."; - - case single-port-number { - leaf single-port-number { - type inet:port-number; - description - "Used for single port numbers."; - } - } - - case port-range { - leaf start-port-number { - type inet:port-number; - description - "Begining of the port range."; - } - - leaf end-port-number { - type inet:port-number; - description - "End of the port range."; - } - } - } - } - - grouping mapping-entry { - description - "NAT mapping entry."; - - leaf index { - type uint32; - description - "A unique identifier of a mapping entry."; - } - - leaf type { - type enumeration { - enum "static" { - description - "The mapping entry is manually configured."; - } - - enum "dynamic" { - description - "This mapping is created by an outgoing - packet."; - } - } - description - "Indicates the type of a mapping entry. E.g., - a mapping can be: static or dynamic"; - } - - leaf internal-src-address { - type inet:ip-address; - mandatory true; - description - "Corresponds to the source IPv4/IPv6 address - of the IPv4 packet"; - } - - container internal-src-port { - description - "Corresponds to the source port of the - IPv4 packet."; - uses port-number; - } - - leaf external-src-address { - type inet:ipv4-address; - mandatory true; - description - "External IPv4 address assigned by NAT"; - } - - container external-src-port { - description - "External source port number assigned by NAT."; - uses port-number; - } - - leaf transport-protocol { - type uint8; - // mandatory true; - description - "Upper-layer protocol associated with this mapping. - Values are taken from the IANA protocol registry. - For example, this field contains 6 (TCP) for a TCP - mapping or 17 (UDP) for a UDP mapping."; - } - - leaf internal-dst-address { - type inet:ipv4-prefix; - description - "Corresponds to the destination IPv4 address - of the IPv4 packet, for example, some NAT - implementation support translating both source - and destination address and ports referred to as - Twice NAT"; - } - - container internal-dst-port { - description - "Corresponds to the destination port of the - IPv4 packet."; - uses port-number; - } - - leaf external-dst-address { - type inet:ipv4-address; - description - "External destination IPv4 address"; - } - - container external-dst-port { - description - "External source port number."; - uses port-number; - } - - leaf lifetime { - type uint32; - // mandatory true; - description - "Lifetime of the mapping."; - } - } - - grouping nat-parameters { - description - "NAT parameters for a given instance"; - - list external-ip-address-pool { - key pool-id; - - - description - "Pool of external IP addresses used to service - internal hosts. - Both contiguous and non-contiguous pools - can be configured for NAT."; - - leaf pool-id { - type uint32; - description - "An identifier of the address pool."; - } - - leaf external-ip-pool { - type inet:ipv4-prefix; - description - "An IPv4 prefix used for NAT purposes."; - } - } - - - leaf subscriber-mask-v6 { - type uint8 { - range "0 .. 128"; - } - description - "The subscriber-mask is an integer that indicates - the length of significant bits to be applied on - the source IP address (internal side) to - unambiguously identify a CPE. - - Subscriber-mask is a system-wide configuration - parameter that is used to enforce generic - per-subscriberpolicies (e.g., port-quota). - - The enforcement of these generic policies does not - require the configuration of every subscriber's - prefix. - - Example: suppose the 2001:db8:100:100::/56 prefix - is assigned to a NAT64 serviced CPE. Suppose also - that 2001:db8:100:100::1 is the IPv6 address used - by the client that resides in that CPE. When the - NAT64 receives a packet from this client, - it applies the subscriber-mask (e.g., 56) on - the source IPv6 address to compute the associated - prefix for this client (2001:db8:100:100::/56). - Then, the NAT64 enforces policies based on that - prefix (2001:db8:100:100::/56), not on the exact - source IPv6 address."; - } - - - list subscriber-mask-v4 { - - key sub-mask-id; - - description - "IPv4 subscriber mask."; - - leaf sub-mask-id { - type uint32; - description - "An identifier of the subscriber masks."; - } - leaf sub-mask { - type inet:ipv4-prefix; - // mandatory true; - description - "The IP address subnets that matches - should be translated. E.g., If the - private realms that are to be translated - by NAT would be 192.0.2.0/24"; - } - } - - leaf paired-address-pooling { - type boolean; - default true; - description - "Paired address pooling is indicating to NAT - that all the flows from an internal IP - address must be assigned the same external - address. This is defined in RFC 4007."; - } - - leaf nat-mapping-type { - type enumeration { - enum "eim" { - description - "endpoint-independent-mapping. - Refer section 4 of RFC 4787."; - } - - enum "adm" { - description - "address-dependent-mapping. - Refer section 4 of RFC 4787."; - } - - enum "edm" { - description - "address-and-port-dependent-mapping. - Refer section 4 of RFC 4787."; - } - } - description - "Indicates the type of a NAT mapping."; - } - leaf nat-filtering-type { - type enumeration { - enum "eif" { - description - "endpoint-independent- filtering. - Refer section 5 of RFC 4787."; - } - - enum "adf" { - description - "address-dependent- filtering. - Refer section 5 of RFC 4787."; - } - - enum "edf" { - description - "address-and-port-dependent- filtering. - Refer section 5 of RFC 4787."; - } - } - description - "Indicates the type of a NAT filtering."; - } - - leaf port-quota { - type uint16; - description - "Configures a port quota to be assigned per - subscriber."; - } - - container port-set { - description - "Manages port-set assignments."; - - leaf port-set-enable { - type boolean; - description - "Enable/Disable port set assignment."; - } - - leaf port-set-size { - type uint16; - description - "Indicates the size of assigned port - sets."; - } - - leaf port-set-timeout { - type uint32; - description - "Inactivty timeout for port sets."; - } - } - - leaf port-randomization-enable { - type boolean; - description - "Enable/disable port randomization - feature."; - } - - leaf port-preservation-enable { - type boolean; - description - "Indicates whether the PCP server should - preserve the internal port number."; - } - - leaf port-range-preservation-enable { - type boolean; - description - "Indicates whether the NAT device should - preserve the internal port range."; - } - - leaf port-parity-preservation-enable { - type boolean; - description - "Indicates whether the PCP server should - preserve the port parity of the - internal port number."; - } - leaf address-roundrobin-enable { - type boolean; - description - "Enable/disable address allocation - round robin."; - } - - uses timeouts; - container logging-info { - description - "Information about Logging NAT events"; - - leaf destination-address { - type inet:ipv4-prefix; - // mandatory true; - description - "Address of the collector that receives - the logs"; - } - leaf destination-port { - type inet:port-number; - // mandatory true; - description - "Destination port of the collector."; - } - - } - container connection-limit { - description - "Information on the config parameters that - rate limit the translations based on various - criteria"; - - leaf limit-per-subscriber { - type uint32; - description - "Maximum number of NAT mappings per - subscriber."; - } - leaf limit-per-vrf { - type uint32; - description - "Maximum number of NAT mappings per - VLAN/VRF."; - } - leaf limit-per-subnet { - type inet:ipv4-prefix; - description - "Maximum number of NAT mappings per - subnet."; - } - leaf limit-per-instance { - type uint32; - // mandatory true; - description - "Maximum number of NAT mappings per - instance."; - } - } - container mapping-limit { - description - "Information on the config parameters that - rate limit the mappings based on various - criteria"; - - leaf limit-per-subscriber { - type uint32; - description - "Maximum number of NAT mappings per - subscriber."; - } - leaf limit-per-vrf { - type uint32; - description - "Maximum number of NAT mappings per - VLAN/VRF."; - } - leaf limit-per-subnet { - type inet:ipv4-prefix; - description - "Maximum number of NAT mappings per - subnet."; - } - leaf limit-per-instance { - type uint32; - // mandatory true; - description - "Maximum number of NAT mappings per - instance."; - } - } - leaf ftp-alg-enable { - type boolean; - description - "Enable/Disable FTP ALG"; - } - - leaf dns-alg-enable { - type boolean; - description - "Enable/Disable DNSALG"; - } - - leaf tftp-alg-enable { - type boolean; - description - "Enable/Disable TFTP ALG"; - } - - leaf msrpc-alg-enable { - type boolean; - description - "Enable/Disable MS-RPC ALG"; - } - - leaf netbios-alg-enable { - type boolean; - description - "Enable/Disable NetBIOS ALG"; - } - - leaf rcmd-alg-enable { - type boolean; - description - "Enable/Disable rcmd ALG"; - } - - leaf ldap-alg-enable { - type boolean; - description - "Enable/Disable LDAP ALG"; - } - - leaf sip-alg-enable { - type boolean; - description - "Enable/Disable SIP ALG"; - } - - leaf rtsp-alg-enable { - type boolean; - description - "Enable/Disable RTSP ALG"; - } - - leaf h323-alg-enable { - type boolean; - description - "Enable/Disable H323 ALG"; - } - - leaf all-algs-enable { - type boolean; - description - "Enable/Disable all the ALGs"; - } - - container notify-pool-usage { - description - "Notification of Pool usage when certain criteria - is met"; - - leaf pool-id { - type uint32; - description - "Pool-ID for which the notification - criteria is defined"; - } - - leaf notify-pool-hi-threshold { - type percent; - // mandatory true; - description - "Notification must be generated when the - defined high threshold is reached. - For example, if a notification is - required when the pool utilization reaches - 90%, this configuration parameter must - be set to 90%"; - } - - leaf notify-pool-low-threshold { - type percent; - description - "Notification must be generated when the defined - low threshold is reached. - For example, if a notification is required when - the pool utilization reaches below 10%, - this configuration parameter must be set to - 10%"; - } - } - list nat64-prefixes { - key nat64-prefix-id; - - description - "Provides one or a list of NAT64 prefixes - With or without a list of destination IPv4 prefixes. - - Destination-based Pref64::/n is discussed in - Section 5.1 of [RFC7050]). For example: - 192.0.2.0/24 is mapped to 2001:db8:122:300::/56. - 198.51.100.0/24 is mapped to 2001:db8:122::/48."; - - leaf nat64-prefix-id { - type uint32; - description - "An identifier of the NAT64 prefix."; - } - - leaf nat64-prefix { - type inet:ipv6-prefix; - default "64:ff9b::/96"; - description - "A NAT64 prefix. Can be NSP or WKP [RFC6052]."; - } - - list destination-ipv4-prefix { - - key ipv4-prefix-id; - - description - "An IPv4 prefix/address."; - - leaf ipv4-prefix-id { - type uint32; - description - "An identifier of the IPv4 prefix/address."; - } - - leaf ipv4-prefix { - type inet:ipv4-prefix; - description - "An IPv4 address/prefix. "; - } - } - } - } //nat-parameters group - - container nat-config { - description - "NAT"; - - container nat-instances { - description - "nat instances"; - - list nat-instance { - - key "id"; - - description - "A NAT instance."; - - leaf id { - type uint32; - description - "NAT instance identifier."; - } - - leaf enable { - type boolean; - description - "Status of the the NAT instance."; - } - - uses nat-parameters; - - container mapping-table { - description - "NAT dynamic mapping table used to track - sessions"; - - list mapping-entry { - key "index"; - description - "NAT mapping entry."; - uses mapping-entry; - } - } - } - } - } - - /* - * NAT State - */ - - container nat-state { - - config false; - - description - "nat-state"; - - container nat-instances { - description - "nat instances"; - - list nat-instance { - key "id"; - - description - "nat instance"; - - leaf id { - // FIXME changed int32 to uint32 to align with nat-config (authors of draft notified) - type uint32; - description - "The identifier of the nat instance."; - } - - container nat-capabilities { - description - "NAT Capabilities"; - - leaf nat44-support { - type boolean; - description - "Indicates NAT44 support"; - } - - leaf nat64-support { - type boolean; - description - "Indicates NAT64 support"; - } - - leaf static-mapping-support { - type boolean; - description - "Indicates whether static mappings are - supported."; - } - - leaf port-set-support { - type boolean; - description - "Indicates port set assignment - support "; - } - - leaf port-randomization-support { - type boolean; - description - "Indicates whether port randomization is - supported."; - } - - leaf port-range-preservation-support { - type boolean; - description - "Indicates whether port range - preservation is supported."; - } - - leaf port-preservation-suport { - type boolean; - description - "Indicates whether port preservation - is supported."; - } - - leaf port-parity-preservation-support { - type boolean; - description - "Indicates whether port parity - preservation is supported."; - } - - leaf address-roundrobin-support { - type boolean; - description - "Indicates whether address allocation - round robin is supported."; - } - - leaf ftp-alg-support { - type boolean; - description - "Indicates whether FTP ALG is supported"; - } - - leaf dns-alg-support { - type boolean; - description - "Indicates whether DNSALG is supported"; - } - - leaf tftp-support { - type boolean; - description - "Indicates whether TFTP ALG is supported"; - } - - leaf msrpc-alg-support { - type boolean; - description - "Indicates whether MS-RPC ALG is supported"; - } - - leaf netbios-alg-support { - type boolean; - description - "Indicates whether NetBIOS ALG is supported"; - } - - leaf rcmd-alg-support { - type boolean; - description - "Indicates whether rcmd ALG is supported"; - } - - leaf ldap-alg-support { - type boolean; - description - "Indicates whether LDAP ALG is supported"; - } - - leaf sip-alg-support { - type boolean; - description - "Indicates whether SIP ALG is supported"; - } - - leaf rtsp-alg-support { - type boolean; - description - "Indicates whether RTSP ALG is supported"; - } - - leaf h323-alg-support { - type boolean; - description - "Indicates whether H323 ALG is supported"; - } - - leaf paired-address-pooling-support { - type boolean; - description - "Indicates whether paired-address-pooling is - supported"; - } - - leaf endpoint-independent-mapping-support { - type boolean; - description - "Indicates whether endpoint-independent-mapping - in Section 4 of RFC 4787 is supported."; - } - - leaf address-dependent-mapping-support { - type boolean; - description - "Indicates whether endpoint-independent-mapping - in Section 4 of RFC 4787 is supported."; - } - - leaf address-and-port-dependent-mapping-support { - type boolean; - description - "Indicates whether endpoint-independent-mapping in - section 4 of RFC 4787 is supported."; - } - - leaf endpoint-independent-filtering-support { - type boolean; - description - "Indicates whether endpoint-independent-mapping in - section 5 of RFC 4787 is supported."; - } - - leaf address-dependent-filtering { - type boolean; - description - "Indicates whether endpoint-independent-mapping in - section 5 of RFC 4787 is supported."; - } - - leaf address-and-port-dependent-filtering { - type boolean; - description - "Indicates whether endpoint-independent-mapping in - section 5 of RFC 4787 is supported."; - } - - leaf stealth-mode-support { - type boolean; - description - "Indicates whether to respond for unsolicited - traffic."; - } - - } - - container nat-current-config { - description - "current config"; - - uses nat-parameters; - } - - container mapping-table { - description - "Mapping table"; - list mapping-entry { - key "index"; - description - "mapping entry"; - uses mapping-entry; - } - } - - container statistics { - description - "Statistics related to the NAT instance"; - - leaf total-mappings { - type uint32; - description - "Total number of NAT Mappings present - at the time. This includes all the - static and dynamic mappings"; - } - leaf total-tcp-mappings { - type uint32; - description - "Total number of TCP Mappings present - at the time."; - } - leaf total-udp-mappings { - type uint32; - description - "Total number of UDP Mappings present - at the time."; - } - leaf total-icmp-mappings { - type uint32; - description - "Total number of ICMP Mappings present - at the time."; - } - container pool-stats { - description - "Statistics related to Pool usage"; - leaf pool-id { - type uint32; - description - "Unique Identifier that represents - a pool"; - } - leaf address-allocated { - type uint32; - description - "Number of allocated addresses in - the pool"; - } - leaf address-free { - type uint32; - description - "Number of free addresses in - the pool.The sum of free - addresses and allocated - addresses are the total - addresses in the pool"; - } - container port-stats { - description - "Statistics related to port - usage."; - - leaf ports-allocated { - type uint32; - description - "Number of allocated ports - in the pool"; - } - - leaf ports-free { - type uint32; - description - "Number of free addresses - in the pool"; - } - } - } - } //statistics - } //nat-instance - } //nat-instances - } //nat-state - /* - * Notifications - */ - notification nat-event { - description - "Notifications must be generated when the defined - high/low threshold is reached. Related configuration - parameters must be provided to trigger - the notifications."; - - leaf id { - type leafref { - path - "/nat-state/nat-instances/" - + "nat-instance/id"; - } - description - "NAT instance ID."; - } - - leaf notify-pool-threshold { - type percent; - // mandatory true; - description - "A treshhold has been fired."; - } - } -} //module nat \ No newline at end of file diff --git a/nat/nat-api/src/main/yang/ietf-nat@2015-09-08.yang b/nat/nat-api/src/main/yang/ietf-nat@2015-09-08.yang new file mode 100644 index 000000000..54707708c --- /dev/null +++ b/nat/nat-api/src/main/yang/ietf-nat@2015-09-08.yang @@ -0,0 +1,1074 @@ +module ietf-nat { + + namespace "urn:ietf:params:xml:ns:yang:ietf-nat"; + //namespace to be assigned by IANA + prefix "nat"; + import ietf-inet-types { + prefix "inet"; + } + + organization "IETF NetMod Working Group"; + contact + "Senthil Sivakumar + Mohamed Boucadair + Suresh Vinapamula "; + + description + "This module is a YANG module for NAT implementations + (including both NAT44 and NAT64 flavors. + + Copyright (c) 2015 IETF Trust and the persons identified as + authors of the code. All rights reserved. + + Redistribution and use in source and binary forms, with or + without modification, is permitted pursuant to, and subject + to the license terms contained in, the Simplified BSD License + set forth in Section 4.c of the IETF Trust's Legal Provisions + Relating to IETF Documents + (http://trustee.ietf.org/license-info). + + This version of this YANG module is part of RFC XXXX; see + the RFC itself for full legal notices."; + + revision 2015-09-08 { + description "Fixes few YANG errors."; + reference "-02"; + } + + revision 2015-09-07 { + description "Completes the NAT64 model."; + reference "01"; + } + + revision 2015-08-29 { + description "Initial version."; + reference "00"; + } + + typedef percent { + type uint8 { + range "0 .. 100"; + } + description + "Percentage"; + } + + /* + * Grouping + */ + + grouping timeouts { + description + "Configure values of various timeouts."; + + leaf udp-timeouts { + type uint32; + default 300; + description + "UDP inactivity timeout."; + } + + leaf tcp-idle-timeout { + type uint32; + default 7440; + description + "TCP Idle timeout, as per RFC 5382 should be no + 2 hours and 4 minutes."; + } + + leaf tcp-trans-open-timeout { + type uint32; + default 240; + description + "The value of the transitory open connection + idle-timeout."; + } + + leaf tcp-trans-close-timeout { + type uint32; + default 240; + description + "The value of the transitory close connection + idle-timeout."; + } + + leaf tcp-in-syn-timeout { + type uint32; + default 6; + description + "6 seconds, as defined in [RFC5382]."; + } + + leaf fragment-min-timeout { + type uint32; + default 2; + description + "As long as the NAT has available resources, + the NAT allows the fragments to arrive + over fragment-min-timeout interval. + The default value is inspired from RFC6146."; + } + + leaf icmp-timeout { + type uint32; + default 60; + description + "60 seconds, as defined in [RFC5508]."; + } + } + + // port numbers: single or port range + + grouping port-number { + description + "Individual port or a range of ports."; + + choice port-type { + default single-port-number; + description + "Port type: single or port-range."; + + case single-port-number { + leaf single-port-number { + type inet:port-number; + description + "Used for single port numbers."; + } + } + + case port-range { + leaf start-port-number { + type inet:port-number; + description + "Begining of the port range."; + } + + leaf end-port-number { + type inet:port-number; + description + "End of the port range."; + } + } + } + } + + grouping mapping-entry { + description + "NAT mapping entry."; + + leaf index { + type uint32; + description + "A unique identifier of a mapping entry."; + } + + leaf type { + type enumeration { + enum "static" { + description + "The mapping entry is manually configured."; + } + + enum "dynamic" { + description + "This mapping is created by an outgoing + packet."; + } + } + description + "Indicates the type of a mapping entry. E.g., + a mapping can be: static or dynamic"; + } + + leaf internal-src-address { + type inet:ip-address; + mandatory true; + description + "Corresponds to the source IPv4/IPv6 address + of the IPv4 packet"; + } + + container internal-src-port { + description + "Corresponds to the source port of the + IPv4 packet."; + uses port-number; + } + + leaf external-src-address { + type inet:ipv4-address; + mandatory true; + description + "External IPv4 address assigned by NAT"; + } + + container external-src-port { + description + "External source port number assigned by NAT."; + uses port-number; + } + + leaf transport-protocol { + type uint8; + // mandatory true; + description + "Upper-layer protocol associated with this mapping. + Values are taken from the IANA protocol registry. + For example, this field contains 6 (TCP) for a TCP + mapping or 17 (UDP) for a UDP mapping."; + } + + leaf internal-dst-address { + type inet:ipv4-prefix; + description + "Corresponds to the destination IPv4 address + of the IPv4 packet, for example, some NAT + implementation support translating both source + and destination address and ports referred to as + Twice NAT"; + } + + container internal-dst-port { + description + "Corresponds to the destination port of the + IPv4 packet."; + uses port-number; + } + + leaf external-dst-address { + type inet:ipv4-address; + description + "External destination IPv4 address"; + } + + container external-dst-port { + description + "External source port number."; + uses port-number; + } + + leaf lifetime { + type uint32; + // mandatory true; + description + "Lifetime of the mapping."; + } + } + + grouping nat-parameters { + description + "NAT parameters for a given instance"; + + list external-ip-address-pool { + key pool-id; + + + description + "Pool of external IP addresses used to service + internal hosts. + Both contiguous and non-contiguous pools + can be configured for NAT."; + + leaf pool-id { + type uint32; + description + "An identifier of the address pool."; + } + + leaf external-ip-pool { + type inet:ipv4-prefix; + description + "An IPv4 prefix used for NAT purposes."; + } + } + + + leaf subscriber-mask-v6 { + type uint8 { + range "0 .. 128"; + } + description + "The subscriber-mask is an integer that indicates + the length of significant bits to be applied on + the source IP address (internal side) to + unambiguously identify a CPE. + + Subscriber-mask is a system-wide configuration + parameter that is used to enforce generic + per-subscriberpolicies (e.g., port-quota). + + The enforcement of these generic policies does not + require the configuration of every subscriber's + prefix. + + Example: suppose the 2001:db8:100:100::/56 prefix + is assigned to a NAT64 serviced CPE. Suppose also + that 2001:db8:100:100::1 is the IPv6 address used + by the client that resides in that CPE. When the + NAT64 receives a packet from this client, + it applies the subscriber-mask (e.g., 56) on + the source IPv6 address to compute the associated + prefix for this client (2001:db8:100:100::/56). + Then, the NAT64 enforces policies based on that + prefix (2001:db8:100:100::/56), not on the exact + source IPv6 address."; + } + + + list subscriber-mask-v4 { + + key sub-mask-id; + + description + "IPv4 subscriber mask."; + + leaf sub-mask-id { + type uint32; + description + "An identifier of the subscriber masks."; + } + leaf sub-mask { + type inet:ipv4-prefix; + // mandatory true; + description + "The IP address subnets that matches + should be translated. E.g., If the + private realms that are to be translated + by NAT would be 192.0.2.0/24"; + } + } + + leaf paired-address-pooling { + type boolean; + default true; + description + "Paired address pooling is indicating to NAT + that all the flows from an internal IP + address must be assigned the same external + address. This is defined in RFC 4007."; + } + + leaf nat-mapping-type { + type enumeration { + enum "eim" { + description + "endpoint-independent-mapping. + Refer section 4 of RFC 4787."; + } + + enum "adm" { + description + "address-dependent-mapping. + Refer section 4 of RFC 4787."; + } + + enum "edm" { + description + "address-and-port-dependent-mapping. + Refer section 4 of RFC 4787."; + } + } + description + "Indicates the type of a NAT mapping."; + } + leaf nat-filtering-type { + type enumeration { + enum "eif" { + description + "endpoint-independent- filtering. + Refer section 5 of RFC 4787."; + } + + enum "adf" { + description + "address-dependent- filtering. + Refer section 5 of RFC 4787."; + } + + enum "edf" { + description + "address-and-port-dependent- filtering. + Refer section 5 of RFC 4787."; + } + } + description + "Indicates the type of a NAT filtering."; + } + + leaf port-quota { + type uint16; + description + "Configures a port quota to be assigned per + subscriber."; + } + + container port-set { + description + "Manages port-set assignments."; + + leaf port-set-enable { + type boolean; + description + "Enable/Disable port set assignment."; + } + + leaf port-set-size { + type uint16; + description + "Indicates the size of assigned port + sets."; + } + + leaf port-set-timeout { + type uint32; + description + "Inactivty timeout for port sets."; + } + } + + leaf port-randomization-enable { + type boolean; + description + "Enable/disable port randomization + feature."; + } + + leaf port-preservation-enable { + type boolean; + description + "Indicates whether the PCP server should + preserve the internal port number."; + } + + leaf port-range-preservation-enable { + type boolean; + description + "Indicates whether the NAT device should + preserve the internal port range."; + } + + leaf port-parity-preservation-enable { + type boolean; + description + "Indicates whether the PCP server should + preserve the port parity of the + internal port number."; + } + leaf address-roundrobin-enable { + type boolean; + description + "Enable/disable address allocation + round robin."; + } + + uses timeouts; + container logging-info { + description + "Information about Logging NAT events"; + + leaf destination-address { + type inet:ipv4-prefix; + // mandatory true; + description + "Address of the collector that receives + the logs"; + } + leaf destination-port { + type inet:port-number; + // mandatory true; + description + "Destination port of the collector."; + } + + } + container connection-limit { + description + "Information on the config parameters that + rate limit the translations based on various + criteria"; + + leaf limit-per-subscriber { + type uint32; + description + "Maximum number of NAT mappings per + subscriber."; + } + leaf limit-per-vrf { + type uint32; + description + "Maximum number of NAT mappings per + VLAN/VRF."; + } + leaf limit-per-subnet { + type inet:ipv4-prefix; + description + "Maximum number of NAT mappings per + subnet."; + } + leaf limit-per-instance { + type uint32; + // mandatory true; + description + "Maximum number of NAT mappings per + instance."; + } + } + container mapping-limit { + description + "Information on the config parameters that + rate limit the mappings based on various + criteria"; + + leaf limit-per-subscriber { + type uint32; + description + "Maximum number of NAT mappings per + subscriber."; + } + leaf limit-per-vrf { + type uint32; + description + "Maximum number of NAT mappings per + VLAN/VRF."; + } + leaf limit-per-subnet { + type inet:ipv4-prefix; + description + "Maximum number of NAT mappings per + subnet."; + } + leaf limit-per-instance { + type uint32; + // mandatory true; + description + "Maximum number of NAT mappings per + instance."; + } + } + leaf ftp-alg-enable { + type boolean; + description + "Enable/Disable FTP ALG"; + } + + leaf dns-alg-enable { + type boolean; + description + "Enable/Disable DNSALG"; + } + + leaf tftp-alg-enable { + type boolean; + description + "Enable/Disable TFTP ALG"; + } + + leaf msrpc-alg-enable { + type boolean; + description + "Enable/Disable MS-RPC ALG"; + } + + leaf netbios-alg-enable { + type boolean; + description + "Enable/Disable NetBIOS ALG"; + } + + leaf rcmd-alg-enable { + type boolean; + description + "Enable/Disable rcmd ALG"; + } + + leaf ldap-alg-enable { + type boolean; + description + "Enable/Disable LDAP ALG"; + } + + leaf sip-alg-enable { + type boolean; + description + "Enable/Disable SIP ALG"; + } + + leaf rtsp-alg-enable { + type boolean; + description + "Enable/Disable RTSP ALG"; + } + + leaf h323-alg-enable { + type boolean; + description + "Enable/Disable H323 ALG"; + } + + leaf all-algs-enable { + type boolean; + description + "Enable/Disable all the ALGs"; + } + + container notify-pool-usage { + description + "Notification of Pool usage when certain criteria + is met"; + + leaf pool-id { + type uint32; + description + "Pool-ID for which the notification + criteria is defined"; + } + + leaf notify-pool-hi-threshold { + type percent; + // mandatory true; + description + "Notification must be generated when the + defined high threshold is reached. + For example, if a notification is + required when the pool utilization reaches + 90%, this configuration parameter must + be set to 90%"; + } + + leaf notify-pool-low-threshold { + type percent; + description + "Notification must be generated when the defined + low threshold is reached. + For example, if a notification is required when + the pool utilization reaches below 10%, + this configuration parameter must be set to + 10%"; + } + } + list nat64-prefixes { + key nat64-prefix-id; + + description + "Provides one or a list of NAT64 prefixes + With or without a list of destination IPv4 prefixes. + + Destination-based Pref64::/n is discussed in + Section 5.1 of [RFC7050]). For example: + 192.0.2.0/24 is mapped to 2001:db8:122:300::/56. + 198.51.100.0/24 is mapped to 2001:db8:122::/48."; + + leaf nat64-prefix-id { + type uint32; + description + "An identifier of the NAT64 prefix."; + } + + leaf nat64-prefix { + type inet:ipv6-prefix; + default "64:ff9b::/96"; + description + "A NAT64 prefix. Can be NSP or WKP [RFC6052]."; + } + + list destination-ipv4-prefix { + + key ipv4-prefix-id; + + description + "An IPv4 prefix/address."; + + leaf ipv4-prefix-id { + type uint32; + description + "An identifier of the IPv4 prefix/address."; + } + + leaf ipv4-prefix { + type inet:ipv4-prefix; + description + "An IPv4 address/prefix. "; + } + } + } + } //nat-parameters group + + container nat-config { + description + "NAT"; + + container nat-instances { + description + "nat instances"; + + list nat-instance { + + key "id"; + + description + "A NAT instance."; + + leaf id { + type uint32; + description + "NAT instance identifier."; + } + + leaf enable { + type boolean; + description + "Status of the the NAT instance."; + } + + uses nat-parameters; + + container mapping-table { + description + "NAT dynamic mapping table used to track + sessions"; + + list mapping-entry { + key "index"; + description + "NAT mapping entry."; + uses mapping-entry; + } + } + } + } + } + + /* + * NAT State + */ + + container nat-state { + + config false; + + description + "nat-state"; + + container nat-instances { + description + "nat instances"; + + list nat-instance { + key "id"; + + description + "nat instance"; + + leaf id { + // FIXME changed int32 to uint32 to align with nat-config (authors of draft notified) + type uint32; + description + "The identifier of the nat instance."; + } + + container nat-capabilities { + description + "NAT Capabilities"; + + leaf nat44-support { + type boolean; + description + "Indicates NAT44 support"; + } + + leaf nat64-support { + type boolean; + description + "Indicates NAT64 support"; + } + + leaf static-mapping-support { + type boolean; + description + "Indicates whether static mappings are + supported."; + } + + leaf port-set-support { + type boolean; + description + "Indicates port set assignment + support "; + } + + leaf port-randomization-support { + type boolean; + description + "Indicates whether port randomization is + supported."; + } + + leaf port-range-preservation-support { + type boolean; + description + "Indicates whether port range + preservation is supported."; + } + + leaf port-preservation-suport { + type boolean; + description + "Indicates whether port preservation + is supported."; + } + + leaf port-parity-preservation-support { + type boolean; + description + "Indicates whether port parity + preservation is supported."; + } + + leaf address-roundrobin-support { + type boolean; + description + "Indicates whether address allocation + round robin is supported."; + } + + leaf ftp-alg-support { + type boolean; + description + "Indicates whether FTP ALG is supported"; + } + + leaf dns-alg-support { + type boolean; + description + "Indicates whether DNSALG is supported"; + } + + leaf tftp-support { + type boolean; + description + "Indicates whether TFTP ALG is supported"; + } + + leaf msrpc-alg-support { + type boolean; + description + "Indicates whether MS-RPC ALG is supported"; + } + + leaf netbios-alg-support { + type boolean; + description + "Indicates whether NetBIOS ALG is supported"; + } + + leaf rcmd-alg-support { + type boolean; + description + "Indicates whether rcmd ALG is supported"; + } + + leaf ldap-alg-support { + type boolean; + description + "Indicates whether LDAP ALG is supported"; + } + + leaf sip-alg-support { + type boolean; + description + "Indicates whether SIP ALG is supported"; + } + + leaf rtsp-alg-support { + type boolean; + description + "Indicates whether RTSP ALG is supported"; + } + + leaf h323-alg-support { + type boolean; + description + "Indicates whether H323 ALG is supported"; + } + + leaf paired-address-pooling-support { + type boolean; + description + "Indicates whether paired-address-pooling is + supported"; + } + + leaf endpoint-independent-mapping-support { + type boolean; + description + "Indicates whether endpoint-independent-mapping + in Section 4 of RFC 4787 is supported."; + } + + leaf address-dependent-mapping-support { + type boolean; + description + "Indicates whether endpoint-independent-mapping + in Section 4 of RFC 4787 is supported."; + } + + leaf address-and-port-dependent-mapping-support { + type boolean; + description + "Indicates whether endpoint-independent-mapping in + section 4 of RFC 4787 is supported."; + } + + leaf endpoint-independent-filtering-support { + type boolean; + description + "Indicates whether endpoint-independent-mapping in + section 5 of RFC 4787 is supported."; + } + + leaf address-dependent-filtering { + type boolean; + description + "Indicates whether endpoint-independent-mapping in + section 5 of RFC 4787 is supported."; + } + + leaf address-and-port-dependent-filtering { + type boolean; + description + "Indicates whether endpoint-independent-mapping in + section 5 of RFC 4787 is supported."; + } + + leaf stealth-mode-support { + type boolean; + description + "Indicates whether to respond for unsolicited + traffic."; + } + + } + + container nat-current-config { + description + "current config"; + + uses nat-parameters; + } + + container mapping-table { + description + "Mapping table"; + list mapping-entry { + key "index"; + description + "mapping entry"; + uses mapping-entry; + } + } + + container statistics { + description + "Statistics related to the NAT instance"; + + leaf total-mappings { + type uint32; + description + "Total number of NAT Mappings present + at the time. This includes all the + static and dynamic mappings"; + } + leaf total-tcp-mappings { + type uint32; + description + "Total number of TCP Mappings present + at the time."; + } + leaf total-udp-mappings { + type uint32; + description + "Total number of UDP Mappings present + at the time."; + } + leaf total-icmp-mappings { + type uint32; + description + "Total number of ICMP Mappings present + at the time."; + } + container pool-stats { + description + "Statistics related to Pool usage"; + leaf pool-id { + type uint32; + description + "Unique Identifier that represents + a pool"; + } + leaf address-allocated { + type uint32; + description + "Number of allocated addresses in + the pool"; + } + leaf address-free { + type uint32; + description + "Number of free addresses in + the pool.The sum of free + addresses and allocated + addresses are the total + addresses in the pool"; + } + container port-stats { + description + "Statistics related to port + usage."; + + leaf ports-allocated { + type uint32; + description + "Number of allocated ports + in the pool"; + } + + leaf ports-free { + type uint32; + description + "Number of free addresses + in the pool"; + } + } + } + } //statistics + } //nat-instance + } //nat-instances + } //nat-state + /* + * Notifications + */ + notification nat-event { + description + "Notifications must be generated when the defined + high/low threshold is reached. Related configuration + parameters must be provided to trigger + the notifications."; + + leaf id { + type leafref { + path + "/nat-state/nat-instances/" + + "nat-instance/id"; + } + description + "NAT instance ID."; + } + + leaf notify-pool-threshold { + type percent; + // mandatory true; + description + "A treshhold has been fired."; + } + } +} //module nat \ No newline at end of file diff --git a/nat/nat-api/src/main/yang/interface-nat.yang b/nat/nat-api/src/main/yang/interface-nat.yang deleted file mode 100644 index c1967cf24..000000000 --- a/nat/nat-api/src/main/yang/interface-nat.yang +++ /dev/null @@ -1,44 +0,0 @@ -module interface-nat { - yang-version 1; - namespace "urn:opendaylight:params:xml:ns:yang:interface:nat"; - prefix "ifc-nat"; - - revision "2016-12-14" { - description "Initial revision of interface-nat model"; - } - - import ietf-interfaces { - prefix "if"; - } - import ietf-nat { - prefix "nat"; - } - import yang-ext { - prefix "ext"; - } - - description "Augmentations to interfaces model to connect interfaces with nat configuration"; - - grouping interface-nat-attributes { - container nat { - container inbound { - presence "Enables inbound NAT"; - } - container outbound { - presence "Enables outbound NAT"; - } - } - } - - augment /if:interfaces/if:interface { - ext:augment-identifier "nat-interface-augmentation"; - - uses interface-nat-attributes; - } - - augment /if:interfaces-state/if:interface { - ext:augment-identifier "nat-interface-state-augmentation"; - - uses interface-nat-attributes; - } -} \ No newline at end of file diff --git a/nat/nat-api/src/main/yang/interface-nat@2016-12-14.yang b/nat/nat-api/src/main/yang/interface-nat@2016-12-14.yang new file mode 100644 index 000000000..c1967cf24 --- /dev/null +++ b/nat/nat-api/src/main/yang/interface-nat@2016-12-14.yang @@ -0,0 +1,44 @@ +module interface-nat { + yang-version 1; + namespace "urn:opendaylight:params:xml:ns:yang:interface:nat"; + prefix "ifc-nat"; + + revision "2016-12-14" { + description "Initial revision of interface-nat model"; + } + + import ietf-interfaces { + prefix "if"; + } + import ietf-nat { + prefix "nat"; + } + import yang-ext { + prefix "ext"; + } + + description "Augmentations to interfaces model to connect interfaces with nat configuration"; + + grouping interface-nat-attributes { + container nat { + container inbound { + presence "Enables inbound NAT"; + } + container outbound { + presence "Enables outbound NAT"; + } + } + } + + augment /if:interfaces/if:interface { + ext:augment-identifier "nat-interface-augmentation"; + + uses interface-nat-attributes; + } + + augment /if:interfaces-state/if:interface { + ext:augment-identifier "nat-interface-state-augmentation"; + + uses interface-nat-attributes; + } +} \ No newline at end of file diff --git a/nat/nat-api/src/main/yang/nat-context.yang b/nat/nat-api/src/main/yang/nat-context.yang deleted file mode 100644 index dd17ed58c..000000000 --- a/nat/nat-api/src/main/yang/nat-context.yang +++ /dev/null @@ -1,64 +0,0 @@ -module nat-context { - yang-version 1; - namespace "urn:honeycomb:params:xml:ns:yang:nat:context"; - prefix "nc"; - - description "Context for nat mapping"; - - revision "2016-12-14" { - description "Initial revision."; - } - - import ietf-inet-types { - prefix "inet"; - } - - import naming-context { - prefix "nc"; - } - - import yang-ext { - prefix "ext"; - } - - grouping mapping-entry-context-attributes { - container nat-mapping-entry-context { - list nat-instance { - key "id"; - - leaf id { - type uint32; - description "ID of the NAT instance from ietf-nat. Maps to VRF-ID in VPP"; - } - - container mapping-table { - list mapping-entry { - - key "internal external"; - unique "index"; - - leaf internal { - type inet:ip-address; - description "Local IP address set in VPP"; - } - - leaf external { - type inet:ip-address; - description "Extarnal IP address set in VPP"; - } - - leaf index { - type uint32; - description "ID of the NAT's mapping entry from ietf-nat"; - } - } - } - } - } - } - - augment /nc:contexts { - ext:augment-identifier "nat-mapping-entry-ctx-augmentation"; - uses mapping-entry-context-attributes; - } -} \ No newline at end of file diff --git a/nat/nat-api/src/main/yang/nat-context@2016-12-14.yang b/nat/nat-api/src/main/yang/nat-context@2016-12-14.yang new file mode 100644 index 000000000..dd17ed58c --- /dev/null +++ b/nat/nat-api/src/main/yang/nat-context@2016-12-14.yang @@ -0,0 +1,64 @@ +module nat-context { + yang-version 1; + namespace "urn:honeycomb:params:xml:ns:yang:nat:context"; + prefix "nc"; + + description "Context for nat mapping"; + + revision "2016-12-14" { + description "Initial revision."; + } + + import ietf-inet-types { + prefix "inet"; + } + + import naming-context { + prefix "nc"; + } + + import yang-ext { + prefix "ext"; + } + + grouping mapping-entry-context-attributes { + container nat-mapping-entry-context { + list nat-instance { + key "id"; + + leaf id { + type uint32; + description "ID of the NAT instance from ietf-nat. Maps to VRF-ID in VPP"; + } + + container mapping-table { + list mapping-entry { + + key "internal external"; + unique "index"; + + leaf internal { + type inet:ip-address; + description "Local IP address set in VPP"; + } + + leaf external { + type inet:ip-address; + description "Extarnal IP address set in VPP"; + } + + leaf index { + type uint32; + description "ID of the NAT's mapping entry from ietf-nat"; + } + } + } + } + } + } + + augment /nc:contexts { + ext:augment-identifier "nat-mapping-entry-ctx-augmentation"; + uses mapping-entry-context-attributes; + } +} \ No newline at end of file diff --git a/nat/nat-api/src/main/yang/subinterface-nat.yang b/nat/nat-api/src/main/yang/subinterface-nat.yang deleted file mode 100644 index 03773ab5f..000000000 --- a/nat/nat-api/src/main/yang/subinterface-nat.yang +++ /dev/null @@ -1,36 +0,0 @@ -module subinterface-nat { - yang-version 1; - namespace "urn:opendaylight:params:xml:ns:yang:subinterface:nat"; - prefix "ifc-nat"; - - revision "2017-06-15" { - description "Initial revision of subinterface-nat model"; - } - - import ietf-interfaces { - prefix "if"; - } - import vpp-vlan { - prefix "vpp-vlan"; - } - import interface-nat { - prefix "ifc-nat"; - } - import yang-ext { - prefix "ext"; - } - - description "Augmentations to subinterfaces model to connect subinterfaces with nat configuration"; - - augment /if:interfaces/if:interface/vpp-vlan:sub-interfaces/vpp-vlan:sub-interface { - ext:augment-identifier "nat-subinterface-augmentation"; - - uses ifc-nat:interface-nat-attributes; - } - - augment /if:interfaces-state/if:interface/vpp-vlan:sub-interfaces/vpp-vlan:sub-interface { - ext:augment-identifier "nat-subinterface-state-augmentation"; - - uses ifc-nat:interface-nat-attributes; - } -} \ No newline at end of file diff --git a/nat/nat-api/src/main/yang/subinterface-nat@2017-06-15.yang b/nat/nat-api/src/main/yang/subinterface-nat@2017-06-15.yang new file mode 100644 index 000000000..03773ab5f --- /dev/null +++ b/nat/nat-api/src/main/yang/subinterface-nat@2017-06-15.yang @@ -0,0 +1,36 @@ +module subinterface-nat { + yang-version 1; + namespace "urn:opendaylight:params:xml:ns:yang:subinterface:nat"; + prefix "ifc-nat"; + + revision "2017-06-15" { + description "Initial revision of subinterface-nat model"; + } + + import ietf-interfaces { + prefix "if"; + } + import vpp-vlan { + prefix "vpp-vlan"; + } + import interface-nat { + prefix "ifc-nat"; + } + import yang-ext { + prefix "ext"; + } + + description "Augmentations to subinterfaces model to connect subinterfaces with nat configuration"; + + augment /if:interfaces/if:interface/vpp-vlan:sub-interfaces/vpp-vlan:sub-interface { + ext:augment-identifier "nat-subinterface-augmentation"; + + uses ifc-nat:interface-nat-attributes; + } + + augment /if:interfaces-state/if:interface/vpp-vlan:sub-interfaces/vpp-vlan:sub-interface { + ext:augment-identifier "nat-subinterface-state-augmentation"; + + uses ifc-nat:interface-nat-attributes; + } +} \ No newline at end of file -- cgit 1.2.3-korg