blob: 8f82bd4d94a00d0e1d16153cec6f7e3f009a1ccd (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
|
submodule openconfig-aaa-radius {
yang-version "1";
belongs-to "openconfig-aaa" {
prefix "oc-aaa";
}
// import some basic types
import openconfig-inet-types { prefix oc-inet; }
import openconfig-extensions { prefix oc-ext; }
import openconfig-aaa-types { prefix oc-aaa-types; }
import openconfig-types { prefix oc-types; }
import openconfig-yang-types { prefix oc-yang; }
// meta
organization "OpenConfig working group";
contact
"OpenConfig working group
www.openconfig.net";
description
"This module defines configuration and operational state data
related to the RADIUS protocol for authentication,
authorization, and accounting.";
oc-ext:openconfig-version "0.3.0";
revision "2017-09-18" {
description
"Updated to use OpenConfig types modules";
reference "0.3.0";
}
revision "2017-07-06" {
description
"Move to oc-inet types, add IETF attribution, add RADIUS
counters, changed password leaf names to indicate hashed";
reference "0.2.0";
}
revision "2017-01-29" {
description
"Initial public release";
reference "0.1.0";
}
// extension statements
// feature statements
// identity statements
identity RADIUS {
base oc-aaa-types:AAA_SERVER_TYPE;
description
"Remote Authentication Dial In User Service (RADIUS) AAA
server";
reference
"RFC 2865 - Remote Authentication Dial In User Service
(RADIUS)";
}
// typedef statements
// grouping statements
grouping aaa-radius-server-config {
description
"Configuration data for a RADIUS server";
leaf auth-port {
type oc-inet:port-number;
default 1812;
description
"Port number for authentication requests";
}
leaf acct-port {
type oc-inet:port-number;
default 1813;
description
"Port number for accounting requests";
}
leaf secret-key {
type oc-types:routing-password;
description
"The unencrypted shared key used between the authentication
server and the device.";
}
leaf source-address {
type oc-inet:ip-address;
description
"Source IP address to use in messages to the RADIUS server";
}
leaf retransmit-attempts {
type uint8;
description
"Number of times the system may resend a request to the
RADIUS server when it is unresponsive";
}
}
grouping aaa-radius-server-state {
description
"Operational state data for a RADIUS server";
container counters {
description
"A collection of RADIUS related state objects.";
leaf retried-access-requests {
type oc-yang:counter64;
description
"Retransmitted Access-Request messages.";
}
leaf access-accepts {
type oc-yang:counter64;
description
"Received Access-Accept messages.";
}
leaf access-rejects {
type oc-yang:counter64;
description
"Received Access-Reject messages.";
}
leaf timeout-access-requests {
type oc-yang:counter64;
description
"Access-Request messages that have timed-out,
requiring retransmission.";
}
}
}
grouping aaa-radius-server-top {
description
"Top-level grouping for RADIUS server data";
container radius {
description
"Top-level container for RADIUS server data";
container config {
description
"Configuration data for RADIUS servers";
uses aaa-radius-server-config;
}
container state {
config false;
description
"Operational state data for RADIUS servers";
uses aaa-radius-server-config;
uses aaa-radius-server-state;
}
}
}
// data definition statements
// augment statements
// rpc statements
// notification statements
}
|
