rfc9647.original   rfc9647.txt 
Babel Working Group M. Jethanandani Internet Engineering Task Force (IETF) M. Jethanandani
Internet-Draft Kloud Services Request for Comments: 9647 Kloud Services
Intended status: Standards Track B. Stark Category: Standards Track B. Stark
Expires: 26 March 2022 AT&T ISSN: 2070-1721 AT&T
22 September 2021 October 2024
YANG Data Model for Babel A YANG Data Model for Babel
draft-ietf-babel-yang-model-13
Abstract Abstract
This document defines a data model for the Babel routing protocol. This document defines a data model for the Babel routing protocol.
The data model is defined using the YANG data modeling language. The data model is defined using the YANG data modeling language.
Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119][RFC8174] when, and only when, they appear in all
capitals, as shown here.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This is an Internet Standards Track document.
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document is a product of the Internet Engineering Task Force
and may be updated, replaced, or obsoleted by other documents at any (IETF). It represents the consensus of the IETF community. It has
time. It is inappropriate to use Internet-Drafts as reference received public review and has been approved for publication by the
material or to cite them other than as "work in progress." Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 7841.
This Internet-Draft will expire on 26 March 2022. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
https://www.rfc-editor.org/info/rfc9647.
Copyright Notice Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the Copyright (c) 2024 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents
license-info) in effect on the date of publication of this document. (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
Please review these documents carefully, as they describe your rights carefully, as they describe your rights and restrictions with respect
and restrictions with respect to this document. Code Components to this document. Code Components extracted from this document must
extracted from this document must include Simplified BSD License text include Revised BSD License text as described in Section 4.e of the
as described in Section 4.e of the Trust Legal Provisions and are Trust Legal Provisions and are provided without warranty as described
provided without warranty as described in the Simplified BSD License. in the Revised BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction
1.1. Note to RFC Editor . . . . . . . . . . . . . . . . . . . 2 1.1. Requirements Language
1.2. Tree Diagram Annotations . . . . . . . . . . . . . . . . 3 1.2. Tree Diagram Annotations
2. Babel Module . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Babel Module
2.1. Information Model . . . . . . . . . . . . . . . . . . . . 3 2.1. Information Model
2.2. Tree Diagram . . . . . . . . . . . . . . . . . . . . . . 3 2.2. Tree Diagram
2.3. YANG Module . . . . . . . . . . . . . . . . . . . . . . . 5 2.3. YANG Module
3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 32 3. IANA Considerations
3.1. URI Registrations . . . . . . . . . . . . . . . . . . . . 32 3.1. URI Registration
3.2. YANG Module Name Registration . . . . . . . . . . . . . . 32 3.2. YANG Module Name Registration
4. Security Considerations . . . . . . . . . . . . . . . . . . . 32 4. Security Considerations
5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 34 5. References
6. References . . . . . . . . . . . . . . . . . . . . . . . . . 34 5.1. Normative References
6.1. Normative References . . . . . . . . . . . . . . . . . . 34 5.2. Informative References
6.2. Informative References . . . . . . . . . . . . . . . . . 35 Appendix A. Tree Diagram and Example Configurations
Appendix A. Tree Diagram and Example Configurations . . . . . . 36 A.1. Complete Tree Diagram
A.1. Complete Tree Diagram . . . . . . . . . . . . . . . . . . 36 A.2. Statistics Gathering Enabled
A.2. Statistics Gathering Enabled . . . . . . . . . . . . . . 38 A.3. Automatic Detection of Properties
A.3. Automatic Detection of Properties . . . . . . . . . . . . 39 A.4. Override Default Properties
A.4. Override Default Properties . . . . . . . . . . . . . . . 41 A.5. Configuring Other Properties
A.5. Configuring other Properties . . . . . . . . . . . . . . 42 Acknowledgements
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 43 Authors' Addresses
1. Introduction 1. Introduction
This document defines a data model for The Babel Routing Protocol This document defines a data model for the Babel routing protocol
[RFC8966]. The data model is defined using YANG 1.1 [RFC7950] and is [RFC8966]. The data model is defined using YANG 1.1 [RFC7950] and is
Network Management Datastore Architecture (NDMA) [RFC8342] compatible with Network Management Datastore Architecture (NMDA)
compatible. It is based on the Babel Information Model [RFC9046]. [RFC8342]. It is based on the Babel information model [RFC9046].
The data model only includes data nodes that are useful for managing The data model only includes data nodes that are useful for managing
Babel over IPv6. Babel over IPv6.
1.1. Note to RFC Editor 1.1. Requirements Language
Artwork in this document contains shorthand references to drafts in
progress. Please apply the following replacements and remove this
note before publication.
* "XXXX" --> the assigned RFC value for this draft both in this
draft and in the YANG models under the revision statement.
* Revision date in model, in the format 2021-09-20 needs to get The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
updated with the date the draft gets approved. The date also "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
needs to get reflected on the line with <CODE BEGINS>. "OPTIONAL" in this document are to be interpreted as described in
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
1.2. Tree Diagram Annotations 1.2. Tree Diagram Annotations
For a reference to the annotations used in tree diagrams included in For a reference to the annotations used in tree diagrams included in
this draft, please see YANG Tree Diagrams [RFC8340]. this document, please see "YANG Tree Diagrams" [RFC8340].
2. Babel Module 2. Babel Module
This document defines a YANG 1.1 [RFC7950] data model for the This document defines a YANG 1.1 [RFC7950] data model for the
configuration and management of Babel. The YANG module is based on configuration and management of Babel. The YANG module is based on
the Babel Information Model [RFC9046]. the Babel information model [RFC9046].
2.1. Information Model 2.1. Information Model
There are a few things that should be noted between the Babel It's worth noting a few differences between the Babel information
Information Model and this data module. The information model model and this data module. The information model mandates the
mandates the definition of some of the attributes, e.g., 'babel- definition of some of the attributes, e.g., "babel-implementation-
implementation-version' or the 'babel-self-router-id'. These version" or the "babel-self-router-id". These attributes are marked
attributes are marked as read-only objects in the information module as read-only objects in the information module as well as in this
as well as in this data module. However, there is no way in the data data module. However, there is no way in the data module to mandate
module to mandate that a read-only attribute be present. It is up to that a read-only attribute be present. It is up to the
the implementation of this data module to make sure that the implementation of this data module to make sure that the attributes
attributes that are marked read-only and are mandatory are indeed that are marked "read only" and are mandatory are indeed present.
present.
2.2. Tree Diagram 2.2. Tree Diagram
The following diagram illustrates a top level hierarchy of the model. The following diagram illustrates a top-level hierarchy of the model.
In addition to the version implemented by this device, the model In addition to the version implemented by this device, the model
contains subtrees on 'constants', 'interfaces', 'mac-key-set', contains subtrees on "constants", "interfaces", "mac-key-set",
'dtls', and 'routes'. "dtls", and "routes".
module: ietf-babel module: ietf-babel
augment /rt:routing/rt:control-plane-protocols augment /rt:routing/rt:control-plane-protocols
/rt:control-plane-protocol: /rt:control-plane-protocol:
+--rw babel! +--rw babel!
+--ro version? string +--ro version? string
+--rw enable boolean +--rw enable boolean
+--ro router-id? binary +--ro router-id? binary
+--ro seqno? uint16 +--ro seqno? uint16
skipping to change at page 4, line 26 skipping to change at line 137
| ... | ...
+--rw interfaces* [reference] +--rw interfaces* [reference]
| ... | ...
+--rw mac-key-set* [name] +--rw mac-key-set* [name]
| ... | ...
+--rw dtls* [name] +--rw dtls* [name]
| ... | ...
+--ro routes* [prefix] +--ro routes* [prefix]
... ...
The 'interfaces' subtree describes attributes such as the 'interface' The "interfaces" subtree describes attributes such as the "interface"
object that is being referenced, the type of link, e.g., wired, object that is being referenced; the type of link, e.g., wired,
wireless or tunnel, as enumerated by 'metric-algorithm' and 'split- wireless, or tunnel, as enumerated by "metric-algorithm" and "split-
horizon' and whether the interface is enabled or not. horizon"; and whether the interface is enabled or not.
The 'constants' subtree describes the UDP port used for sending and The "constants" subtree describes the UDP port used for sending and
receiving Babel messages, and the multicast group used to send and receiving Babel messages and the multicast group used to send and
receive announcements on IPv6. receive announcements on IPv6.
The 'routes' subtree describes objects such as the prefix for which The "routes" subtree describes objects such as the prefix for which
the route is advertised, a reference to the neighboring route, and the route is advertised, a reference to the neighboring route, and
'next-hop' address. the "next-hop" address.
Finally, for security two subtrees are defined to contain MAC keys Finally, for security, two subtrees are defined to contain Message
and DTLS certificates. The 'mac-key-set' subtree contains keys used Authentication Code (MAC) keys and DTLS certificates. The "mac-key-
with the MAC security mechanism. The boolean flag 'default-apply' set" subtree contains keys used with the MAC security mechanism. The
indicates whether the set of MAC keys is automatically applied to new boolean flag "default-apply" indicates whether the set of MAC keys is
interfaces. The 'dtls' subtree contains certificates used with DTLS automatically applied to new interfaces. The "dtls" subtree contains
security mechanism. Similar to the MAC mechanism, the boolean flag certificates used with the DTLS security mechanism. Similar to the
'default-apply' indicates whether the set of DTLS certificates is MAC mechanism, the boolean flag "default-apply" indicates whether the
automatically applied to new interfaces. set of DTLS certificates is automatically applied to new interfaces.
2.3. YANG Module 2.3. YANG Module
This YANG module augments the YANG Routing Management [RFC8349] This YANG module augments the YANG routing management module
module to provide a common framework for all routing subsystems. By [RFC8349] to provide a common framework for all routing subsystems.
augmenting the module it provides a common building block for routes, By augmenting the module, it provides a common building block for
and Routing Information Bases (RIBs). It also has a reference to an routes and Routing Information Bases (RIBs). It also has a reference
interface defined by A YANG Data Model for Interface Management to an interface defined by "A YANG Data Model for Interface
[RFC8343]. Management" [RFC8343].
A router running Babel routing protocol can sometimes determine the A router running the Babel routing protocol can sometimes determine
parameters it needs to use for an interface based on the interface the parameters it needs to use for an interface based on the
name. For example, it can detect that eth0 is a wired interface, and interface name. For example, it can detect that eth0 is a wired
that wlan0 is a wireless interface. This is not true for a tunnel interface and that wlan0 is a wireless interface. This is not true
interface, where the link parameters need to be configured for a tunnel interface, where the link parameters need to be
explicitly. configured explicitly.
For a wired interface, it will assume 'two-out-of-three' for 'metric- For a wired interface, it will assume "two-out-of-three" is set for
algorithm', and 'split-horizon' set to true. On the other hand, for "metric-algorithm" and "split-horizon" is set to true. On the other
a wireless interface it will assume 'etx' for 'metric-algorithm', and hand, for a wireless interface, it will assume "etx" is set for
'split-horizon' set to false. However, if the wired link is "metric-algorithm" and "split-horizon" is set to false. However, if
connected to a wireless radio, the values can be overriden by setting the wired link is connected to a wireless radio, the values can be
'metric-algorithm' to 'etx', and 'split-horizon' to false. overridden by setting "metric-algorithm" to "etx" and "split-horizon"
Similarly, an interface that is a metered 3G link, and used for to false. Similarly, an interface that is a metered 3G link and is
fallback connectivity needs much higher default time constants, e.g., used for fallback connectivity needs much higher default time
'mcast-hello-interval', and 'update-interval', in order to avoid constants, e.g., "mcast-hello-interval" and "update-interval", in
carrying control traffic as much as possible. order to avoid carrying control traffic as much as possible.
In addition to the modules used above, this module imports In addition to the modules used above, this module imports
definitions from Common YANG Data Types [RFC6991], and references definitions from "Common YANG Data Types" [RFC6991] and references
HMAC: Keyed-Hashing for Message Authentication [RFC2104], Using "HMAC: Keyed-Hashing for Message Authentication" [RFC2104], "Using
HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 with IPsec [RFC4868], HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 with IPsec" [RFC4868],
The Datagram Transport Layer Security (DTLS) Version 1.3 "Textual Encodings of PKIX, PKCS, and CMS Structures" [RFC7468], "The
[I-D.ietf-tls-dtls13], The Blake2 Cryptographic Hash and Message BLAKE2 Cryptographic Hash and Message Authentication Code (MAC)"
Authentication Code (MAC) [RFC7693], Babel Information Model [RFC7693], "Network Configuration Access Control Model" [RFC8341],
[RFC9046], The Babel Routing Protocol [RFC8966], YANG Data Types and "The Babel Routing Protocol" [RFC8966], "MAC Authentication for the
Groupings for Cryptography [I-D.ietf-netconf-crypto-types], Network Babel Routing Protocol" [RFC8967], "Babel Information Model"
Configuration Access Control Model [RFC8341] and MAC Authentication [RFC9046], "The Datagram Transport Layer Security (DTLS) Protocol
for Babel [RFC8967]. Version 1.3" [RFC9147], and "YANG Data Types and Groupings for
Cryptography" [RFC9640].
<CODE BEGINS> file "ietf-babel@2021-09-20.yang" <CODE BEGINS> file "ietf-babel@2021-09-20.yang"
module ietf-babel { module ietf-babel {
yang-version 1.1; yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-babel"; namespace "urn:ietf:params:xml:ns:yang:ietf-babel";
prefix babel; prefix babel;
import ietf-yang-types { import ietf-yang-types {
prefix yang; prefix yang;
reference reference
"RFC 6991: Common YANG Data Types."; "RFC 6991: Common YANG Data Types";
} }
import ietf-inet-types { import ietf-inet-types {
prefix inet; prefix inet;
reference reference
"RFC 6991: Common YANG Data Types."; "RFC 6991: Common YANG Data Types";
} }
import ietf-interfaces { import ietf-interfaces {
prefix if; prefix if;
reference reference
"RFC 8343: A YANG Data Model for Interface Management"; "RFC 8343: A YANG Data Model for Interface Management";
} }
import ietf-routing { import ietf-routing {
prefix rt; prefix rt;
reference reference
"RFC 8349: YANG Routing Management"; "RFC 8349: A YANG Data Model for Routing Management (NMDA
Version)";
} }
import ietf-crypto-types { import ietf-crypto-types {
prefix ct; prefix ct;
reference reference
"I-D.ietf-netconf-crypto-types: YANG Data Types and Groupings "RFC 9640: YANG Data Types and Groupings
for Cryptographay."; for Cryptography";
} }
import ietf-netconf-acm { import ietf-netconf-acm {
prefix nacm; prefix nacm;
reference reference
"RFC 8341: Network Configuration Access Control Model"; "RFC 8341: Network Configuration Access Control Model";
} }
organization organization
"IETF Babel routing protocol Working Group"; "IETF Babel routing protocol Working Group";
contact contact
"WG Web: http://tools.ietf.org/wg/babel/ "WG Web: https://datatracker.ietf.org/wg/babel/
WG List: babel@ietf.org WG List: babel@ietf.org
Editor: Mahesh Jethanandani Editor: Mahesh Jethanandani
mjethanandani@gmail.com mjethanandani@gmail.com
Editor: Barbara Stark Editor: Barbara Stark
bs7652@att.com"; bs7652@att.com";
description description
"This YANG module defines a model for the Babel routing "This YANG module defines a model for the Babel routing
protocol. protocol.
The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
'MAY', and 'OPTIONAL' in this document are to be interpreted as 'MAY', and 'OPTIONAL' in this document are to be interpreted as
described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, described in BCP 14 (RFC 2119) (RFC 8174) when, and only when,
they appear in all capitals, as shown here. they appear in all capitals, as shown here.
Copyright (c) 2021 IETF Trust and the persons identified as Copyright (c) 2024 IETF Trust and the persons identified as
authors of the code. All rights reserved. authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject to without modification, is permitted pursuant to, and subject to
the license terms contained in, the Simplified BSD License set the license terms contained in, the Revised BSD License set
forth in Section 4.c of the IETF Trust's Legal Provisions forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents Relating to IETF Documents
(https://trustee.ietf.org/license-info). (https://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX This version of this YANG module is part of RFC 9647
(https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself (https://www.rfc-editor.org/info/rfc9647); see the RFC itself
for full legal notices."; for full legal notices.";
revision 2021-09-20 { revision 2021-09-20 {
description description
"Initial version."; "Initial version.";
reference reference
"RFC XXXX: Babel YANG Data Model."; "RFC 9647: A YANG Data Model for Babel";
} }
/* /*
* Features * Features
*/ */
feature two-out-of-three-supported { feature two-out-of-three-supported {
description description
"This implementation supports the '2-out-of-3' "This implementation supports the '2-out-of-3'
computation algorithm."; computation algorithm.";
skipping to change at page 7, line 48 skipping to change at line 301
feature etx-supported { feature etx-supported {
description description
"This implementation supports the Expected Transmission Count "This implementation supports the Expected Transmission Count
(ETX) metric computation algorithm."; (ETX) metric computation algorithm.";
} }
feature mac-supported { feature mac-supported {
description description
"This implementation supports MAC-based security."; "This implementation supports MAC-based security.";
reference reference
"RFC 8967: MAC authentication for Babel Routing "RFC 8967: MAC Authentication for the Babel Routing
Protocol."; Protocol";
} }
feature dtls-supported { feature dtls-supported {
description description
"This implementation supports DTLS based security."; "This implementation supports DTLS-based security.";
reference reference
"RFC 8968: Babel Routing Protocol over Datagram "RFC 8968: Babel Routing Protocol over Datagram
Transport Layer Security."; Transport Layer Security";
} }
feature hmac-sha256-supported { feature hmac-sha256-supported {
description description
"This implementation supports the HMAC-SHA256 MAC algorithm."; "This implementation supports the HMAC-SHA256 MAC algorithm.";
reference reference
"RFC 8967: MAC authentication for Babel Routing "RFC 8967: MAC Authentication for the Babel Routing
Protocol."; Protocol";
} }
feature blake2s-supported { feature blake2s-supported {
description description
"This implementation supports BLAKE2s MAC algorithms."; "This implementation supports BLAKE2s MAC algorithms.";
reference reference
"RFC 8967: MAC authentication for Babel Routing "RFC 8967: MAC Authentication for the Babel Routing
Protocol."; Protocol";
} }
feature x-509-supported { feature x-509-supported {
description description
"This implementation supports the X.509 certificate type."; "This implementation supports the X.509 certificate type.";
reference reference
"RFC 8968: Babel Routing Protocol over Datagram "RFC 8968: Babel Routing Protocol over Datagram
Transport Layer Security."; Transport Layer Security";
} }
feature raw-public-key-supported { feature raw-public-key-supported {
description description
"This implementation supports the Raw Public Key certificate "This implementation supports the raw public key certificate
type."; type.";
reference reference
"RFC 8968: Babel Routing Protocol over Datagram "RFC 8968: Babel Routing Protocol over Datagram
Transport Layer Security."; Transport Layer Security";
} }
/* /*
* Identities * Identities
*/ */
identity metric-comp-algorithms { identity metric-comp-algorithms {
description description
"Base identity from which all Babel metric computation "Base identity from which all Babel metric computation
algorithms MUST be derived."; algorithms MUST be derived.";
} }
identity two-out-of-three { identity two-out-of-three {
if-feature "two-out-of-three-supported"; if-feature "two-out-of-three-supported";
base metric-comp-algorithms; base metric-comp-algorithms;
description description
"2-out-of-3 algorithm."; "2-out-of-3 algorithm.";
reference reference
"RFC 8966: The Babel Routing Protocol, Section A.2.1."; "RFC 8966: The Babel Routing Protocol, Section A.2.1";
} }
identity etx { identity etx {
if-feature "etx-supported"; if-feature "etx-supported";
base metric-comp-algorithms; base metric-comp-algorithms;
description description
"Expected Transmission Count (ETX) metric computation "Expected Transmission Count (ETX) metric computation
algorithm."; algorithm.";
reference reference
"RFC 8966: The Babel Routing Protocol, Section A.2.2."; "RFC 8966: The Babel Routing Protocol, Section A.2.2";
} }
/* /*
* Babel MAC algorithms identities. * Babel MAC algorithms identities.
*/ */
identity mac-algorithms { identity mac-algorithms {
description description
"Base identity for all Babel MAC algorithms."; "Base identity for all Babel MAC algorithms.";
} }
identity hmac-sha256 { identity hmac-sha256 {
if-feature "mac-supported"; if-feature "mac-supported";
if-feature "hmac-sha256-supported"; if-feature "hmac-sha256-supported";
base mac-algorithms; base mac-algorithms;
description description
"HMAC-SHA256 algorithm supported."; "HMAC-SHA256 algorithm supported.";
reference reference
"RFC 4868: Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 "RFC 4868: Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512
with IPsec."; with IPsec";
} }
identity blake2s { identity blake2s {
if-feature "mac-supported"; if-feature "mac-supported";
if-feature "blake2s-supported"; if-feature "blake2s-supported";
base mac-algorithms; base mac-algorithms;
description description
"BLAKE2s algorithms supported. Specifically, BLAKE2-128 is "BLAKE2s algorithms supported. Specifically, BLAKE2-128 is
supported."; supported.";
reference reference
"RFC 7693: The BLAKE2 Cryptographic Hash and Message "RFC 7693: The BLAKE2 Cryptographic Hash and Message
Authentication Code (MAC)."; Authentication Code (MAC)";
} }
/* /*
* Babel Cert Types * Babel Cert Types
*/ */
identity dtls-cert-types { identity dtls-cert-types {
description description
"Base identity for Babel DTLS certificate types."; "Base identity for Babel DTLS certificate types.";
} }
skipping to change at page 10, line 32 skipping to change at line 429
base dtls-cert-types; base dtls-cert-types;
description description
"X.509 certificate type."; "X.509 certificate type.";
} }
identity raw-public-key { identity raw-public-key {
if-feature "dtls-supported"; if-feature "dtls-supported";
if-feature "raw-public-key-supported"; if-feature "raw-public-key-supported";
base dtls-cert-types; base dtls-cert-types;
description description
"Raw Public Key certificate type."; "Raw public key certificate type.";
} }
/* /*
* Babel routing protocol identity. * Babel routing protocol identity.
*/ */
identity babel { identity babel {
base rt:routing-protocol; base rt:routing-protocol;
description description
"Babel routing protocol"; "Babel routing protocol";
skipping to change at page 11, line 12 skipping to change at line 457
list routes { list routes {
key "prefix"; key "prefix";
config false; config false;
leaf prefix { leaf prefix {
type inet:ip-prefix; type inet:ip-prefix;
description description
"Prefix (expressed in ip-address/prefix-length format) for "Prefix (expressed in ip-address/prefix-length format) for
which this route is advertised."; which this route is advertised.";
reference reference
"RFC 9046: Babel Information Model, Section 3.6."; "RFC 9046: Babel Information Model, Section 3.6";
} }
leaf router-id { leaf router-id {
type binary { type binary {
length 8; length "8";
} }
description description
"router-id of the source router for which this route is "router-id of the source router for which this route is
advertised."; advertised.";
reference reference
"RFC 9046: Babel Information Model, Section 3.6."; "RFC 9046: Babel Information Model, Section 3.6";
} }
leaf neighbor { leaf neighbor {
type leafref { type leafref {
path "/rt:routing/rt:control-plane-protocols/" path "/rt:routing/rt:control-plane-protocols/"
+ "rt:control-plane-protocol/babel/interfaces/" + "rt:control-plane-protocol/babel/interfaces/"
+ "neighbor-objects/neighbor-address"; + "neighbor-objects/neighbor-address";
} }
description description
"Reference to the neighbor-objects entry for the neighbor "Reference to the neighbor-objects entry for the neighbor
that advertised this route."; that advertised this route.";
reference reference
"RFC 9046: Babel Information Model, Section 3.6."; "RFC 9046: Babel Information Model, Section 3.6";
} }
leaf received-metric { leaf received-metric {
type union { type union {
type enumeration { type enumeration {
enum null { enum null {
description description
"Route was not received from a neighbor."; "Route was not received from a neighbor.";
} }
} }
skipping to change at page 12, line 11 skipping to change at line 504
description description
"The metric with which this route was advertised by the "The metric with which this route was advertised by the
neighbor, or maximum value (infinity) to indicate the neighbor, or maximum value (infinity) to indicate the
route was recently retracted and is temporarily route was recently retracted and is temporarily
unreachable. This metric will be NULL if the unreachable. This metric will be NULL if the
route was not received from a neighbor but instead was route was not received from a neighbor but instead was
injected through means external to the Babel routing injected through means external to the Babel routing
protocol. At least one of calculated-metric or protocol. At least one of calculated-metric or
received-metric MUST be non-NULL."; received-metric MUST be non-NULL.";
reference reference
"RFC 9046: Babel Information Model, Section 3.6, "RFC 9046: Babel Information Model, Section 3.6
RFC 8966: The Babel Routing Protocol, Section 2.1."; RFC 8966: The Babel Routing Protocol, Section 2.1";
} }
leaf calculated-metric { leaf calculated-metric {
type union { type union {
type enumeration { type enumeration {
enum null { enum null {
description description
"Route has not been calculated."; "Route has not been calculated.";
} }
} }
type uint16; type uint16;
} }
description description
"A calculated metric for this route. How the metric is "A calculated metric for this route. How the metric is
calculated is implementation-specific. Maximum value calculated is implementation specific. Maximum value
(infinity) indicates the route was recently retracted (infinity) indicates the route was recently retracted
and is temporarily unreachable. At least one of and is temporarily unreachable. At least one of
calculated-metric or received-metric MUST be non-NULL."; calculated-metric or received-metric MUST be non-NULL.";
reference reference
"RFC 9046: Babel Information Model, Section 3.6, "RFC 9046: Babel Information Model, Section 3.6
RFC 8966: The Babel Routing Protocol, Section 2.1."; RFC 8966: The Babel Routing Protocol, Section 2.1";
} }
leaf seqno { leaf seqno {
type uint16; type uint16;
description description
"The sequence number with which this route was "The sequence number with which this route was
advertised."; advertised.";
reference reference
"RFC 9046: Babel Information Model, Section 3.6."; "RFC 9046: Babel Information Model, Section 3.6";
} }
leaf next-hop { leaf next-hop {
type union { type union {
type enumeration { type enumeration {
enum null { enum null {
description description
"Route has no next-hop address."; "Route has no next-hop address.";
} }
} }
type inet:ip-address; type inet:ip-address;
} }
description description
"The next-hop address of this route. This will be NULL "The next-hop address of this route. This will be NULL
if this route has no next-hop address."; if this route has no next-hop address.";
reference reference
"RFC 9046: Babel Information Model, Section 3.6."; "RFC 9046: Babel Information Model, Section 3.6";
} }
leaf feasible { leaf feasible {
type boolean; type boolean;
description description
"A boolean flag indicating whether this route is "A boolean flag indicating whether this route is
feasible."; feasible.";
reference reference
"RFC 9046: Babel Information Model, Section 3.6, "RFC 9046: Babel Information Model, Section 3.6
RFC 8966, The Babel Routing Protocol, Section 3.5.1."; RFC 8966, The Babel Routing Protocol, Section 3.5.1";
} }
leaf selected { leaf selected {
type boolean; type boolean;
description description
"A boolean flag indicating whether this route is selected, "A boolean flag indicating whether this route is selected,
i.e., whether it is currently being used for forwarding i.e., whether it is currently being used for forwarding
and is being advertised."; and is being advertised.";
reference reference
"RFC 9046: Babel Information Model, Section 3.6."; "RFC 9046: Babel Information Model, Section 3.6";
} }
description description
"A set of babel-route-obj objects. Contains routes known to "A set of babel-route-obj objects. Contains routes known to
this node."; this node.";
reference reference
"RFC 9046: Babel Information Model, Section 3.1."; "RFC 9046: Babel Information Model, Section 3.6";
} }
description description
"Common grouping for routing used in RIB."; "Common grouping for routing used in RIB.";
} }
/* /*
* Data model * Data model
*/ */
augment "/rt:routing/rt:control-plane-protocols/" augment "/rt:routing/rt:control-plane-protocols/"
+ "rt:control-plane-protocol" { + "rt:control-plane-protocol" {
when "derived-from-or-self(rt:type, 'babel')" { when "derived-from-or-self(rt:type, 'babel')" {
description description
"Augmentation is valid only when the instance of routing type "Augmentation is valid only when the instance of the routing
is of type 'babel'."; type is of type 'babel'.";
} }
description description
"Augment the routing module to support a common structure "Augments the routing module to support a common structure
between routing protocols."; between routing protocols.";
reference reference
"YANG Routing Management, RFC 8349, Lhotka & Lindem, March "RFC 8349: A YANG Data Model for Routing Management (NMDA
2018."; Version)";
container babel { container babel {
presence "A Babel container."; presence "A Babel container.";
description description
"Babel Information Objects."; "Babel information objects.";
reference reference
"RFC 9046: Babel Information Model, Section 3."; "RFC 9046: Babel Information Model, Section 3";
leaf version { leaf version {
type string; type string;
config false; config false;
description description
"The name and version of this implementation of the Babel "The name and version of this implementation of the Babel
protocol."; protocol.";
reference reference
"RFC 9046: Babel Information Model, Section 3.1."; "RFC 9046: Babel Information Model, Section 3.1";
} }
leaf enable { leaf enable {
type boolean; type boolean;
mandatory true; mandatory true;
description description
"When written, it configures whether the protocol should be "When written, it configures whether the protocol should be
enabled. A read from the <running> or <intended> datastore enabled. A read from the <running> or <intended> datastore
therefore indicates the configured administrative value of therefore indicates the configured administrative value of
whether the protocol is enabled or not. whether the protocol is enabled or not.
A read from the <operational> datastore indicates whether A read from the <operational> datastore indicates whether
the protocol is actually running or not, i.e. it indicates the protocol is actually running or not, i.e., it
the operational state of the protocol."; indicates the operational state of the protocol.";
reference reference
"RFC 9046: Babel Information Model, Section 3.1."; "RFC 9046: Babel Information Model, Section 3.1";
} }
leaf router-id { leaf router-id {
type binary; type binary;
must '../enable = "true"'; must '../enable = "true"';
config false; config false;
description description
"Every Babel speaker is assigned a router-id, which is an "Every Babel speaker is assigned a router-id, which is an
arbitrary string of 8 octets that is assumed to be unique arbitrary string of 8 octets that is assumed to be unique
across the routing domain. across the routing domain.
The router-id is valid only if the protocol is enabled, The router-id is valid only if the protocol is enabled,
at which time a non-zero value is assigned."; at which time a non-zero value is assigned.";
reference reference
"RFC 9046: Babel Information Model, Section 3.1, "RFC 9046: Babel Information Model, Section 3.1
RFC 8966: The Babel Routing Protocol, RFC 8966: The Babel Routing Protocol, Section 3";
Section 3.";
} }
leaf seqno { leaf seqno {
type uint16; type uint16;
config false; config false;
description description
"Sequence number included in route updates for routes "Sequence number included in route updates for routes
originated by this node."; originated by this node.";
reference reference
"RFC 9046: Babel Information Model, Section 3.1."; "RFC 9046: Babel Information Model, Section 3.1";
} }
leaf statistics-enabled { leaf statistics-enabled {
type boolean; type boolean;
description description
"Indicates whether statistics collection is enabled (true) "Indicates whether statistics collection is enabled
or disabled (false) on all interfaces. On transition to ('true') or disabled ('false') on all interfaces.
enabled, existing statistics values are not cleared and On transition to enabled, existing statistics
will be incremented as new packets are counted."; values are not cleared and will be incremented as
new packets are counted.";
} }
container constants { container constants {
description description
"Babel Constants object."; "Babel constants object.";
reference reference
"RFC 9046: Babel Information Model, Section 3.1."; "RFC 9046: Babel Information Model, Section 3.1";
leaf udp-port { leaf udp-port {
type inet:port-number; type inet:port-number;
default "6696"; default "6696";
description description
"UDP port for sending and receiving Babel messages. The "UDP port for sending and receiving Babel messages. The
default port is 6696."; default port is 6696.";
reference reference
"RFC 9046: Babel Information Model, Section 3.2."; "RFC 9046: Babel Information Model, Section 3.2";
} }
leaf mcast-group { leaf mcast-group {
type inet:ip-address; type inet:ip-address;
default "ff02::1:6"; default "ff02::1:6";
description description
"Multicast group for sending and receiving multicast "Multicast group for sending and receiving multicast
announcements on IPv6."; announcements on IPv6.";
reference reference
"RFC 9046: Babel Information Model, Section 3.2."; "RFC 9046: Babel Information Model, Section 3.2";
} }
} }
list interfaces { list interfaces {
key "reference"; key "reference";
description description
"A set of Babel Interface objects."; "A set of Babel interface objects.";
reference reference
"RFC 9046: Babel Information Model, Section 3.3."; "RFC 9046: Babel Information Model, Section 3.3";
leaf reference { leaf reference {
type if:interface-ref; type if:interface-ref;
description description
"References the name of the interface over which Babel "References the name of the interface over which Babel
packets are sent and received."; packets are sent and received.";
reference reference
"RFC 9046: Babel Information Model, Section 3.3."; "RFC 9046: Babel Information Model, Section 3.3";
} }
leaf enable { leaf enable {
type boolean; type boolean;
default "true"; default "true";
description description
"If true, babel sends and receives messages on this "If 'true', Babel sends and receives messages on this
interface. If false, babel messages received on this interface. If 'false', Babel messages received on
interface are ignored and none are sent."; this interface are ignored and none are sent.";
reference reference
"RFC 9046: Babel Information Model, Section 3.3."; "RFC 9046: Babel Information Model, Section 3.3";
} }
leaf metric-algorithm { leaf metric-algorithm {
type identityref { type identityref {
base metric-comp-algorithms; base metric-comp-algorithms;
} }
mandatory true; mandatory true;
description description
"Indicates the metric computation algorithm used on this "Indicates the metric computation algorithm used on this
interface. The value MUST be one of those identities interface. The value MUST be one of those identities
based on 'metric-comp-algorithms'."; based on 'metric-comp-algorithms'.";
reference reference
"RFC 9046: Babel Information Model, Section 3.3."; "RFC 9046: Babel Information Model, Section 3.3";
} }
leaf split-horizon { leaf split-horizon {
type boolean; type boolean;
description description
"Indicates whether or not the split horizon optimization "Indicates whether or not the split-horizon optimization
is used when calculating metrics on this interface. is used when calculating metrics on this interface.
A value of true indicates the split horizon optimization A value of 'true' indicates the split-horizon
is used."; optimization is used.";
reference reference
"RFC 9046: Babel Information Model, Section 3.3."; "RFC 9046: Babel Information Model, Section 3.3";
} }
leaf mcast-hello-seqno { leaf mcast-hello-seqno {
type uint16; type uint16;
config false; config false;
description description
"The current sequence number in use for multicast hellos "The current sequence number in use for multicast Hellos
sent on this interface."; sent on this interface.";
reference reference
"RFC 9046: Babel Information Model, Section 3.3."; "RFC 9046: Babel Information Model, Section 3.3";
} }
leaf mcast-hello-interval { leaf mcast-hello-interval {
type uint16; type uint16;
units "centiseconds"; units "centiseconds";
description description
"The current multicast hello interval in use for hellos "The current multicast Hello interval in use for Hellos
sent on this interface."; sent on this interface.";
reference reference
"RFC 9046: Babel Information Model, Section 3.3."; "RFC 9046: Babel Information Model, Section 3.3";
} }
leaf update-interval { leaf update-interval {
type uint16; type uint16;
units "centiseconds"; units "centiseconds";
description description
"The current update interval in use for this interface. "The current update interval in use for this interface.
Units are centiseconds."; Units are centiseconds.";
reference reference
"RFC 9046: Babel Information Model, Section 3.3."; "RFC 9046: Babel Information Model, Section 3.3";
} }
leaf mac-enable { leaf mac-enable {
type boolean; type boolean;
description description
"Indicates whether the MAC security mechanism is enabled "Indicates whether the MAC security mechanism is enabled
(true) or disabled (false)."; ('true') or disabled ('false').";
reference reference
"RFC 9046: Babel Information Model, Section 3.3."; "RFC 9046: Babel Information Model, Section 3.3";
} }
leaf-list mac-key-sets { leaf-list mac-key-sets {
type leafref { type leafref {
path "../../mac-key-set/name"; path "../../mac-key-set/name";
} }
description description
"List of references to the MAC entries that apply "List of references to the MAC entries that apply
to this interface. When an interface instance is to this interface. When an interface instance is
created, all MAC instances with default-apply 'true' created, all MAC instances with default-apply 'true'
will be included in this list."; will be included in this list.";
reference reference
"RFC 9046: Babel Information Model, Section 3.3."; "RFC 9046: Babel Information Model, Section 3.3";
} }
leaf mac-verify { leaf mac-verify {
type boolean; type boolean;
description description
"A Boolean flag indicating whether MACs in "A boolean flag indicating whether MACs in
incoming Babel packets are required to be present and incoming Babel packets are required to be present and
are verified. If this parameter is 'true', incoming are verified. If this parameter is 'true', incoming
packets are required to have a valid MAC."; packets are required to have a valid MAC.";
reference reference
"RFC 9046: Babel Information Model, Section 3.3."; "RFC 9046: Babel Information Model, Section 3.3";
} }
leaf dtls-enable { leaf dtls-enable {
type boolean; type boolean;
description description
"Indicates whether the DTLS security mechanism is enabled "Indicates whether the DTLS security mechanism is enabled
(true) or disabled (false)."; ('true') or disabled ('false').";
reference reference
"RFC 9046: Babel Information Model, Section 3.3."; "RFC 9046: Babel Information Model, Section 3.3";
} }
leaf-list dtls-certs { leaf-list dtls-certs {
type leafref { type leafref {
path "../../dtls/name"; path "../../dtls/name";
} }
description description
"List of references to the dtls entries that apply to "List of references to the dtls entries that apply to
this interface. When an interface instance this interface. When an interface instance
is created, all dtls instances with default-apply is created, all dtls instances with default-apply
'true' will be included in this list."; 'true' will be included in this list.";
reference reference
"RFC 9046: Babel Information Model, Section 3.3."; "RFC 9046: Babel Information Model, Section 3.3";
} }
leaf dtls-cached-info { leaf dtls-cached-info {
type boolean; type boolean;
description description
"Indicates whether the cached_info extension is enabled. "Indicates whether the cached_info extension is enabled.
The extension is enabled for inclusion in ClientHello The extension is enabled for inclusion in ClientHello
and ServerHello messages if the value is 'true'."; and ServerHello messages if the value is 'true'.";
reference reference
"RFC 9046: Babel Information Model, Section 3.3. "RFC 9046: Babel Information Model, Section 3.3
RFC 8968: Babel Routing Protocol over RFC 8968: Babel Routing Protocol over
Datagram Transport Layer Security, Appendix A."; Datagram Transport Layer Security, Appendix A";
} }
leaf-list dtls-cert-prefer { leaf-list dtls-cert-prefer {
type leafref { type leafref {
path "../../dtls/certs/type"; path "../../dtls/certs/type";
} }
ordered-by user; ordered-by user;
description description
"List of supported certificate types, in order of "List of supported certificate types, in order of
preference. The values MUST be the 'type' attribute preference. The values MUST be the 'type' attribute
in the list 'certs' of the list 'dtls' in the list 'certs' of the list 'dtls'
(../../dtls/certs/type). This list is used to populate (../../dtls/certs/type). This list is used to populate
the server_certificate_type extension in a ClientHello. the server_certificate_type extension in a ClientHello.
Values that are present in at least one instance in the Values that are present in at least one instance in the
certs object under dtls of a referenced dtls instance certs object under dtls of a referenced dtls instance
and that have a non-empty private-key will be used to and that have a non-empty private key will be used to
populate the client_certificate_type extension in a populate the client_certificate_type extension in a
ClientHello."; ClientHello.";
reference reference
"RFC 9046: Babel Information Model, Section 3.3 "RFC 9046: Babel Information Model, Section 3.3
RFC 8968: Babel Routing Protocol over RFC 8968: Babel Routing Protocol over
Datagram Transport Layer Security, Appendix A."; Datagram Transport Layer Security, Appendix A";
} }
leaf packet-log-enable { leaf packet-log-enable {
type boolean; type boolean;
description description
"If true, logging of babel packets received on this "If 'true', logging of babel packets received on this
interface is enabled; if false, babel packets are not interface is enabled; if 'false', babel packets are
logged."; not logged.";
reference reference
"RFC 9046: Babel Information Model, Section 3.3."; "RFC 9046: Babel Information Model, Section 3.3";
} }
leaf packet-log { leaf packet-log {
type inet:uri; type inet:uri;
config false; config false;
description description
"A reference or url link to a file that contains a "A reference or url link to a file that contains a
timestamped log of packets received and sent on timestamped log of packets received and sent on
udp-port on this interface. The [libpcap] file udp-port on this interface. The [libpcap] file
format with .pcap file extension SHOULD be supported for format with .pcap file extension SHOULD be supported for
packet log files. Logging is enabled / disabled by packet log files. Logging is enabled / disabled by
packet-log-enable."; packet-log-enable.";
reference reference
"RFC 9046: Babel Information Model, Section 3.3."; "RFC 9046: Babel Information Model, Section 3.3
libpcap: Libpcap File Format, Wireshark Foundation";
} }
container statistics { container statistics {
config false; config false;
description description
"Statistics collection object for this interface."; "Statistics collection object for this interface.";
reference reference
"RFC 9046: Babel Information Model, Section 3.3."; "RFC 9046: Babel Information Model, Section 3.4";
leaf discontinuity-time { leaf discontinuity-time {
type yang:date-and-time; type yang:date-and-time;
mandatory true; mandatory true;
description description
"The time on the most recent occasion at which any one "The time on the most recent occasion at which any one
or more of counters suffered a discontinuity. If no or more of counters suffered a discontinuity. If no
such discontinuities have occurred since the last such discontinuities have occurred since the last
re-initialization of the local management subsystem, re-initialization of the local management subsystem,
then this node contains the time the local management then this node contains the time the local management
subsystem re-initialized itself."; subsystem re-initialized itself.";
} }
leaf sent-mcast-hello { leaf sent-mcast-hello {
type yang:counter32; type yang:counter32;
description description
"A count of the number of multicast Hello packets sent "A count of the number of multicast Hello packets sent
on this interface."; on this interface.";
reference reference
"RFC 9046: Babel Information Model, Section 3.4."; "RFC 9046: Babel Information Model, Section 3.4";
} }
leaf sent-mcast-update { leaf sent-mcast-update {
type yang:counter32; type yang:counter32;
description description
"A count of the number of multicast update packets sent "A count of the number of multicast update packets sent
on this interface."; on this interface.";
reference reference
"RFC 9046: Babel Information Model, Section 3.4."; "RFC 9046: Babel Information Model, Section 3.4";
} }
leaf sent-ucast-hello { leaf sent-ucast-hello {
type yang:counter32; type yang:counter32;
description description
"A count of the number of unicast Hello packets sent "A count of the number of unicast Hello packets sent
on this interface."; on this interface.";
reference reference
"RFC 9046: Babel Information Model, Section 3.6."; "RFC 9046: Babel Information Model, Section 3.4";
} }
leaf sent-ucast-update { leaf sent-ucast-update {
type yang:counter32; type yang:counter32;
description description
"A count of the number of unicast update packets sent "A count of the number of unicast update packets sent
on this interface."; on this interface.";
reference reference
"RFC 9046: Babel Information Model, Section 3.6."; "RFC 9046: Babel Information Model, Section 3.4";
} }
leaf sent-ihu { leaf sent-ihu {
type yang:counter32; type yang:counter32;
description description
"A count of the number of IHU packets sent on this "A count of the number of 'I Heard You' (IHU) packets
interface."; sent on this interface.";
reference reference
"RFC 9046: Babel Information Model, Section 3.6."; "RFC 9046: Babel Information Model, Section 3.4";
} }
leaf received-packets { leaf received-packets {
type yang:counter32; type yang:counter32;
description description
"A count of the number of Babel packets received on "A count of the number of Babel packets received on
this interface."; this interface.";
reference reference
"RFC 9046: Babel Information Model, Section 3.4."; "RFC 9046: Babel Information Model, Section 3.4";
} }
action reset { action reset {
description description
"The information model [RFC 9046] defines reset "The information model (RFC 9046) defines reset
action as a system-wide reset of Babel statistics. action as a system-wide reset of Babel statistics.
In YANG the reset action is associated with the In YANG, the reset action is associated with the
container where the action is defined. In this case container where the action is defined. In this case,
the action is associated with the statistics container the action is associated with the statistics container
inside an interface. The action will therefore inside an interface. The action will therefore
reset statistics at an interface level. reset statistics at an interface level.
Implementations that want to support a system-wide Implementations that want to support a system-wide
reset of Babel statistics need to call this action reset of Babel statistics need to call this action
for every instance of the interface."; for every instance of the interface.";
reference
"RFC 9046: Babel Information Model";
input { input {
leaf reset-at { leaf reset-at {
type yang:date-and-time; type yang:date-and-time;
description description
"The time when the reset was issued."; "The time when the reset was issued.";
} }
} }
output { output {
skipping to change at page 22, line 28 skipping to change at line 1005
"The time when the reset finished."; "The time when the reset finished.";
} }
} }
} }
} }
list neighbor-objects { list neighbor-objects {
key "neighbor-address"; key "neighbor-address";
config false; config false;
description description
"A set of Babel Neighbor Object."; "A set of babel neighbor objects.";
reference reference
"RFC 9046: Babel Information Model, Section 3.5."; "RFC 9046: Babel Information Model, Section 3.5";
leaf neighbor-address { leaf neighbor-address {
type inet:ip-address; type inet:ip-address;
description description
"IPv4 or v6 address the neighbor sends packets from."; "The IPv4 or IPv6 address from which the neighbor sends
packets.";
reference reference
"RFC 9046: Babel Information Model, Section 3.5."; "RFC 9046: Babel Information Model, Section 3.5";
} }
leaf hello-mcast-history { leaf hello-mcast-history {
type string; type string;
description description
"The multicast Hello history of whether or not the "The multicast Hello history of whether or not the
multicast Hello packets prior to exp-mcast- multicast Hello packets prior to exp-mcast-
hello-seqno were received, with a '1' for the most hello-seqno were received, with a '1' for the most
recent Hello placed in the most significant bit and recent Hello placed in the most significant bit and
prior Hellos shifted right (with '0' bits placed prior Hellos shifted right (with '0' bits placed
between prior Hellos and most recent Hello for any between prior Hellos and the most recent Hello for any
not-received Hellos); represented as a string of Hellos not received); represented as a string of
utf-8 encoded hex digits. A bit that is set indicates hex digits encoded in utf-8. A bit that is set
that the corresponding Hello was received, and a bit indicates that the corresponding Hello was received,
that is cleared indicates that the corresponding Hello and a bit that is cleared indicates that the
was not received."; corresponding Hello was not received.";
reference reference
"RFC 9046: Babel Information Model, Section 3.5."; "RFC 9046: Babel Information Model, Section 3.5";
} }
leaf hello-ucast-history { leaf hello-ucast-history {
type string; type string;
description description
"The unicast Hello history of whether or not the "The unicast Hello history of whether or not the
unicast Hello packets prior to exp-ucast-hello-seqno unicast Hello packets prior to exp-ucast-hello-seqno
were received, with a '1' for the most were received, with a '1' for the most
recent Hello placed in the most significant bit and recent Hello placed in the most significant bit and
prior Hellos shifted right (with '0' bits placed prior Hellos shifted right (with '0' bits placed
between prior Hellos and most recent Hello for any between prior Hellos and the most recent Hello for any
not-received Hellos); represented as a string using Hellos not received); represented as a string using
utf-8 encoded hex digits where a '1' bit = Hello hex digits encoded in utf-8 where a '1' bit = Hello
received and a '0' bit = Hello not received."; received and a '0' bit = Hello not received.";
reference reference
"RFC 9046: Babel Information Model, Section 3.5."; "RFC 9046: Babel Information Model, Section 3.5";
} }
leaf txcost { leaf txcost {
type int32; type int32;
default "0"; default "0";
description description
"Transmission cost value from the last IHU packet "Transmission cost value from the last IHU packet
received from this neighbor, or maximum value received from this neighbor, or maximum value
(infinity) to indicate the IHU hold timer for this (infinity) to indicate the IHU hold timer for this
neighbor has expired description."; neighbor has an expired description.";
reference reference
"RFC 9046: Babel Information Model, Section 3.5."; "RFC 9046: Babel Information Model, Section 3.5";
} }
leaf exp-mcast-hello-seqno { leaf exp-mcast-hello-seqno {
type union { type union {
type enumeration { type enumeration {
enum null { enum null {
description description
"Multicast Hello packets are not expected, or "Multicast Hello packets are not expected, or
processing of multicast packets is not processing of multicast packets is not
enabled."; enabled.";
} }
} }
type uint16; type uint16;
} }
description description
"Expected multicast Hello sequence number of next Hello "Expected multicast Hello sequence number of next Hello
to be received from this neighbor; if multicast Hello to be received from this neighbor; if multicast Hello
packets are not expected, or processing of multicast packets are not expected, or processing of multicast
packets is not enabled, this MUST be NULL."; packets is not enabled, this MUST be NULL.";
reference reference
"RFC 9046: Babel Information Model, Section 3.5."; "RFC 9046: Babel Information Model, Section 3.5";
} }
leaf exp-ucast-hello-seqno { leaf exp-ucast-hello-seqno {
type union { type union {
type enumeration { type enumeration {
enum null { enum null {
description description
"Unicast Hello packets are not expected, or "Unicast Hello packets are not expected, or
processing of unicast packets is not enabled."; processing of unicast packets is not enabled.";
} }
} }
type uint16; type uint16;
} }
default null; default "null";
description description
"Expected unicast Hello sequence number of next Hello "Expected unicast Hello sequence number of next Hello
to be received from this neighbor; if unicast Hello to be received from this neighbor; if unicast Hello
packets are not expected, or processing of unicast packets are not expected, or processing of unicast
packets is not enabled, this MUST be NULL."; packets is not enabled, this MUST be NULL.";
reference reference
"RFC 9046: Babel Information Model, Section 3.5."; "RFC 9046: Babel Information Model, Section 3.5";
} }
leaf ucast-hello-seqno { leaf ucast-hello-seqno {
type union { type union {
type enumeration { type enumeration {
enum null { enum null {
description description
"Unicast Hello packets are not being sent."; "Unicast Hello packets are not being sent.";
} }
} }
type uint16; type uint16;
} }
default null; default "null";
description description
"The current sequence number in use for unicast Hellos "The current sequence number in use for unicast Hellos
sent to this neighbor. If unicast Hellos are not being sent to this neighbor. If unicast Hellos are not being
sent, this MUST be NULL."; sent, this MUST be NULL.";
reference reference
"RFC 9046: Babel Information Model, Section 3.5."; "RFC 9046: Babel Information Model, Section 3.5";
} }
leaf ucast-hello-interval { leaf ucast-hello-interval {
type uint16; type uint16;
units "centiseconds"; units "centiseconds";
description description
"The current interval in use for unicast hellos sent to "The current interval in use for unicast Hellos sent to
this neighbor. Units are centiseconds."; this neighbor. Units are centiseconds.";
reference reference
"RFC 9046: Babel Information Model, Section 3.5."; "RFC 9046: Babel Information Model, Section 3.5";
} }
leaf rxcost { leaf rxcost {
type uint16; type uint16;
description description
"Reception cost calculated for this neighbor. This "Reception cost calculated for this neighbor. This
value is usually derived from the Hello history, which value is usually derived from the Hello history, which
may be combined with other data, such as statistics may be combined with other data, such as statistics
maintained by the link layer. The rxcost is sent to a maintained by the link layer. The rxcost is sent to a
neighbor in each IHU."; neighbor in each IHU.";
reference reference
"RFC 9046: Babel Information Model, Section 3.5."; "RFC 9046: Babel Information Model, Section 3.5";
} }
leaf cost { leaf cost {
type int32; type int32;
description description
"Link cost is computed from the values maintained in "Link cost is computed from the values maintained in
the neighbor table. The statistics kept in the the neighbor table. The statistics are kept in the
neighbor table about the reception of Hellos, and the neighbor table about the reception of Hellos, and the
txcost computed from received IHU packets."; txcost is computed from received IHU packets.";
reference reference
"RFC 9046: Babel Information Model, Section 3.5."; "RFC 9046: Babel Information Model, Section 3.5";
} }
} }
} }
list mac-key-set { list mac-key-set {
key "name"; key "name";
description description
"A MAC key set object. If this object is implemented, it "A MAC key set object. If this object is implemented, it
provides access to parameters related to the MAC security provides access to parameters related to the MAC security
mechanism."; mechanism.";
reference reference
"RFC 9046: Babel Information Model, Section 3.7."; "RFC 9046: Babel Information Model, Section 3.7";
leaf name { leaf name {
type string; type string;
description description
"A string that uniquely identifies the MAC object."; "A string that uniquely identifies the MAC object.";
} }
leaf default-apply { leaf default-apply {
type boolean; type boolean;
description description
"A Boolean flag indicating whether this object "A boolean flag indicating whether this object
instance is applied to all new interfaces, by default. instance is applied to all new interfaces, by default.
If 'true', this instance is applied to new babel- If 'true', this instance is applied to new babel-
interfaces instances at the time they are created, interfaces instances at the time they are created
by including it in the mac-key-sets list under by including it in the mac-key-sets list under
the interface. If 'false', this instance is not applied the interface. If 'false', this instance is not applied
to new interface instances when they are created."; to new interface instances when they are created.";
reference reference
"RFC 9046: Babel Information Model, Section 3.7."; "RFC 9046: Babel Information Model, Section 3.7";
} }
list keys { list keys {
key "name"; key "name";
min-elements 1; min-elements 1;
description description
"A set of keys objects."; "A set of keys objects.";
reference reference
"RFC 9046: Babel Information Model, Section 3.8."; "RFC 9046: Babel Information Model, Section 3.8";
leaf name { leaf name {
type string; type string;
description description
"A unique name for this MAC key that can be used to "A unique name for this MAC key that can be used to
identify the key in this object instance, since the identify the key in this object instance since the
key value is not allowed to be read. This value can key value is not allowed to be read. This value can
only be provided when this instance is created, and is only be provided when this instance is created and is
not subsequently writable."; not subsequently writable.";
reference reference
"RFC 9046: Babel Information Model, Section 3.8."; "RFC 9046: Babel Information Model, Section 3.8";
} }
leaf use-send { leaf use-send {
type boolean; type boolean;
mandatory true; mandatory true;
description description
"Indicates whether this key value is used to compute a "Indicates whether this key value is used to compute a
MAC and include that MAC in the sent Babel packet. A MAC and include that MAC in the sent Babel packet. A
MAC for sent packets is computed using this key if the MAC for sent packets is computed using this key if the
value is 'true'. If the value is 'false', this key is value is 'true'. If the value is 'false', this key is
not used to compute a MAC to include in sent Babel not used to compute a MAC to include in sent Babel
packets."; packets.";
reference reference
"RFC 9046: Babel Information Model, Section 3.8."; "RFC 9046: Babel Information Model, Section 3.8";
} }
leaf use-verify { leaf use-verify {
type boolean; type boolean;
mandatory true; mandatory true;
description description
"Indicates whether this key value is used to verify "Indicates whether this key value is used to verify
incoming Babel packets. This key is used to verify incoming Babel packets. This key is used to verify
incoming packets if the value is 'true'. If the value incoming packets if the value is 'true'. If the value
is 'false', no MAC is computed from this key for is 'false', no MAC is computed from this key for
comparing an incoming packet."; comparing an incoming packet.";
reference reference
"RFC 9046: Babel Information Model, Section 3.8."; "RFC 9046: Babel Information Model, Section 3.8";
} }
leaf value { leaf value {
nacm:default-deny-all; nacm:default-deny-all;
type binary; type binary;
mandatory true; mandatory true;
description description
"The value of the MAC key. "The value of the MAC key.
This value is of a length suitable for the associated This value is of a length suitable for the associated
babel-mac-key-algorithm. If the algorithm is based on babel-mac-key-algorithm. If the algorithm is based on
the HMAC construction [RFC2104], the length MUST be the Hashed Message Authentication Code (HMAC)
between 0 and an upper limit that is at least the size construction (RFC 2104), the length MUST be between 0
of the output length (where 'HMAC-SHA256' output and an upper limit that is at least the size of the
length is 32 octets as described in [RFC4868]). Longer output length (where the 'HMAC-SHA256' output length
lengths MAY be supported but are not necessary if the is 32 octets as described in RFC 4868). Longer lengths
MAY be supported but are not necessary if the
management system has the ability to generate a management system has the ability to generate a
suitably random value (e.g., by randomly generating a suitably random value (e.g., by randomly generating a
value or by using a key derivation technique as value or by using a key derivation technique as
recommended in [RFC8967] Security Considerations). If recommended in the security considerations of RFC
the algorithm is 'BLAKE2s-128', the length MUST be 8967. If the algorithm is 'BLAKE2s-128', the length
between 0 and 32 bytes inclusive as specified by MUST be between 0 and 32 bytes inclusive as specified
[RFC7693]."; by RFC 7693.";
reference reference
"RFC 9046: Babel Information Model, Section 3.8, "RFC 9046: Babel Information Model, Section 3.8
RFC 2104: HMAC: Keyed-Hashing for Message RFC 2104: HMAC: Keyed-Hashing for Message
Authentication Authentication
RFC 4868: Using HMAC-SHA-256, HMAC-SHA-384, and RFC 4868: Using HMAC-SHA-256, HMAC-SHA-384, and
HMAC-SHA-512 with IPsec, HMAC-SHA-512 with IPsec
RFC 7693: The BLAKE2 Cryptographic Hash and Message RFC 7693: The BLAKE2 Cryptographic Hash and Message
Authentication Code (MAC). Authentication Code (MAC)
RFC 8967: MAC Authentication for Babel."; RFC 8967: MAC Authentication for Babel";
} }
leaf algorithm { leaf algorithm {
type identityref { type identityref {
base mac-algorithms; base mac-algorithms;
} }
mandatory true; mandatory true;
description description
"The MAC algorithm used with this key. The "The MAC algorithm used with this key. The
value MUST be one of the identities value MUST be one of the identities
listed with the base of 'mac-algorithms'."; listed with the base of 'mac-algorithms'.";
reference reference
"RFC 9046: Babel Information Model, Section 3.8."; "RFC 9046: Babel Information Model, Section 3.8";
} }
action test { action test {
description description
"An operation that allows the MAC key and MAC "An operation that allows the MAC key and MAC
algorithm to be tested to see if they produce an algorithm to be tested to see if they produce an
expected outcome. Input to this operation are a expected outcome. Input to this operation is a
binary string and a calculated MAC (also in the binary string and a calculated MAC (also in the
format of a binary string) for the binary string. format of a binary string) for the binary string.
The implementation is expected to create a MAC over The implementation is expected to create a MAC over
the binary string using the value and algorithm. the binary string using the value and algorithm.
The output of this operation is a binary indication The output of this operation is a binary indication
that the calculated MAC matched the input MAC (true) that the calculated MAC matched the input MAC
or the MACs did not match (false)."; ('true') or the MACs did not match ('false').";
reference reference
"RFC 9046: Babel Information Model, Section 3.8."; "RFC 9046: Babel Information Model, Section 3.8";
input { input {
leaf test-string { leaf test-string {
type binary; type binary;
mandatory true; mandatory true;
description description
"Input to this operation is a binary string. "Input to this operation is a binary string.
The implementation is expected to create The implementation is expected to create
a MAC over this string using the value and a MAC over this string using the value and
the algorithm defined as part of the the algorithm defined as part of the
mac-key-set."; mac-key-set.";
reference reference
"RFC 9046: Babel Information Model, Section 3.8."; "RFC 9046: Babel Information Model, Section 3.8";
} }
leaf mac { leaf mac {
type binary; type binary;
mandatory true; mandatory true;
description description
"Input to this operation includes a MAC. "Input to this operation includes a MAC.
The implementation is expected to calculate a MAC The implementation is expected to calculate a MAC
over the string using the value and algorithm of over the string using the value and algorithm of
this key object and compare its calculated MAC to this key object and compare its calculated MAC to
this input MAC."; this input MAC.";
reference reference
"RFC 9046: Babel Information Model, Section 3.8."; "RFC 9046: Babel Information Model, Section 3.8";
} }
} }
output { output {
leaf indication { leaf indication {
type boolean; type boolean;
mandatory true; mandatory true;
description description
"The output of this operation is a binary "The output of this operation is a binary
indication that the calculated MAC matched the indication that the calculated MAC matched the
input MAC (true) or the MACs did not match input MAC ('true') or the MACs did not match
(false)."; ('false').";
reference reference
"RFC 9046: Babel Information Model, Section 3.8."; "RFC 9046: Babel Information Model, Section 3.8";
} }
} }
} }
} }
} }
list dtls { list dtls {
key "name"; key "name";
description description
skipping to change at page 29, line 48 skipping to change at line 1363
leaf name { leaf name {
type string; type string;
description description
"A string that uniquely identifies a dtls object."; "A string that uniquely identifies a dtls object.";
} }
leaf default-apply { leaf default-apply {
type boolean; type boolean;
mandatory true; mandatory true;
description description
"A Boolean flag indicating whether this object "A boolean flag indicating whether this object
instance is applied to all new interfaces, by default. instance is applied to all new interfaces, by default.
If 'true', this instance is applied to new interfaces If 'true', this instance is applied to new interface
instances at the time they are created, by including it instances at the time they are created by including it
in the dtls-certs list under the interface. If 'false', in the dtls-certs list under the interface. If 'false',
this instance is not applied to new interface this instance is not applied to new interface
instances when they are created."; instances when they are created.";
reference reference
"RFC 9046: Babel Information Model, Section 3.9."; "RFC 9046: Babel Information Model, Section 3.9";
} }
list certs { list certs {
key "name"; key "name";
min-elements 1; min-elements 1;
description description
"A set of cert objects. This contains "A set of cert objects. This contains
both certificates for this implementation to present both certificates for this implementation to present
for authentication, and to accept from others. for authentication and to accept from others.
Certificates with a non-empty private-key Certificates with a non-empty private key
can be presented by this implementation for can be presented by this implementation for
authentication."; authentication.";
reference reference
"RFC 9046: Babel Information Model, Section 3.10."; "RFC 9046: Babel Information Model, Section 3.10";
leaf name { leaf name {
type string; type string;
description description
"A unique name for this certificate that can be "A unique name for this certificate that can be
used to identify the certificate in this object used to identify the certificate in this object
instance, since the value is too long to be useful instance, since the value is too long to be useful
for identification. This value MUST NOT be empty for identification. This value MUST NOT be empty
and can only be provided when this instance is created and can only be provided when this instance is created
(i.e., it is not subsequently writable)."; (i.e., it is not subsequently writable).";
reference reference
"RFC 9046: Babel Information Model, Section 3.10."; "RFC 9046: Babel Information Model, Section 3.10";
} }
leaf value { leaf value {
nacm:default-deny-write; nacm:default-deny-write;
type string; type string;
mandatory true; mandatory true;
description description
"The certificate in PEM format [RFC7468]. This "The certificate in Privacy-Enhanced Mail (PEM) format
value can only be provided when this instance is (RFC 7468). This value can only be provided when this
created, and is not subsequently writable."; instance is created and is not subsequently
writable.";
reference reference
"RFC 9046: Babel Information Model, Section 3.10."; "RFC 9046: Babel Information Model, Section 3.10
RFC 7468: Textual Encodings of PKIX, PKCS, and CMS
Structures";
} }
leaf type { leaf type {
nacm:default-deny-write; nacm:default-deny-write;
type identityref { type identityref {
base dtls-cert-types; base dtls-cert-types;
} }
mandatory true; mandatory true;
description description
"The certificate type of this object instance. "The certificate type of this object instance.
The value MUST be the same as one of the The value MUST be the same as one of the
identities listed with the base 'dtls-cert-types'. identities listed with the base 'dtls-cert-types'.
This value can only be provided when this This value can only be provided when this
instance is created, and is not subsequently instance is created and is not subsequently
writable."; writable.";
reference reference
"RFC 9046: Babel Information Model, Section 3.10."; "RFC 9046: Babel Information Model, Section 3.10";
} }
leaf private-key { leaf private-key {
nacm:default-deny-all; nacm:default-deny-all;
type binary; type binary;
mandatory true; mandatory true;
description description
"The value of the private key. If this is non-empty, "The value of the private key. If this is non-empty,
this certificate can be used by this implementation to this certificate can be used by this implementation to
provide a certificate during DTLS handshaking."; provide a certificate during DTLS handshaking.";
reference reference
"RFC 9046: Babel Information Model, Section 3.10."; "RFC 9046: Babel Information Model, Section 3.10";
} }
leaf algorithm { leaf algorithm {
nacm:default-deny-write; nacm:default-deny-write;
type identityref { type identityref {
base ct:private-key-format; base ct:private-key-format;
} }
mandatory true; mandatory true;
description description
"Identifies the algorithm identity with which the "Identifies the algorithm identity with which the
private-key has been encoded. This value can only be private key has been encoded. This value can only be
provided when this instance is created, and is not provided when this instance is created and is not
subsequently writable."; subsequently writable.";
} }
} }
} }
uses routes; uses routes;
} }
} }
} }
<CODE ENDS> <CODE ENDS>
3. IANA Considerations 3. IANA Considerations
This document registers a URI and a YANG module. 3.1. URI Registration
3.1. URI Registrations IANA has registered the following URI in the "ns" registry of the
"IETF XML Registry" [RFC3688].
URI: urn:ietf:params:xml:ns:yang:ietf-babel URI: urn:ietf:params:xml:ns:yang:ietf-babel
Registrant Contact: The IESG
XML: N/A; the requested URI is an XML namespace.
3.2. YANG Module Name Registration 3.2. YANG Module Name Registration
This document registers a YANG module in the YANG Module Names IANA has registered the following in the "YANG Module Names" registry
registry YANG [RFC6020]. [RFC6020].
Name:ietf-babel Name: ietf-babel
Namespace: urn:ietf:params:xml:ns:yang:ietf-babel Namespace: urn:ietf:params:xml:ns:yang:ietf-babel
prefix: babel Prefix: babel
reference: RFC XXXX Reference: RFC 9647
4. Security Considerations 4. Security Considerations
The YANG module specified in this document defines a schema for data This section is modeled after the template defined in Section 3.7.1
that is designed to be accessed via network management protocol such of [RFC8407].
as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer
is the secure transport layer and the mandatory-to-implement secure
transport is SSH [RFC6242]. The lowest RESTCONF layer is HTTPS, and
the mandatory-to-implement secure transport is TLS [RFC8446].
The NETCONF Access Control Model (NACM [RFC8341]) provides the means The "ietf-babel" YANG module defines a data model that is designed to
to restrict access for particular NETCONF users to a pre-configured be accessed via YANG-based management protocols, such as NETCONF
subset of all available NETCONF protocol operations and content. [RFC6241] and RESTCONF [RFC8040]. These protocols have mandatory-to-
implement secure transport layers (e.g., Secure Shell (SSH)
[RFC4252], TLS [RFC8446], and QUIC [RFC9000]) and mandatory-to-
implement mutual authentication.
The Network Configuration Access Control Model (NACM) [RFC8341]
provides the means to restrict access for particular NETCONF users to
a preconfigured subset of all available NETCONF protocol operations
and content.
The security considerations outlined here are specific to the YANG The security considerations outlined here are specific to the YANG
data model, and do not cover security considerations of the Babel data model and do not cover security considerations of the Babel
protocol or its security mechanisms in The Babel Routing Protocol protocol or its security mechanisms in "The Babel Routing Protocol"
[RFC8966], MAC Authentication for the Babel Routing Protocol [RFC8966], "MAC Authentication for the Babel Routing Protocol"
[RFC8967], and Babel Routing Protocol over Data Transport Layer [RFC8967], and "Babel Routing Protocol over Datagram Transport Layer
Security [RFC8968]. Each of these has its own Security Security" [RFC8968]. Each of these has its own Security
Considerations section for considerations that are specific to it. Considerations section for considerations that are specific to it.
There are a number of data nodes defined in the YANG module which are There are a number of data nodes defined in the YANG module that are
writable/created/deleted (i.e., config true, which is the default). writable/created/deleted (i.e., config true, which is the default).
These data nodes may be considered sensitive or vulnerable in some These data nodes may be considered sensitive or vulnerable in some
network environments. Write operations (e.g., <edit-config>) to network environments. Write operations (e.g., <edit-config>) to
these data nodes without proper protection can have a negative effect these data nodes without proper protection can have a negative effect
on network operations. These are the subtrees and data nodes and on network operations. These are the subtrees and data nodes and
their sensitivity/vulnerability from a config true perspective: their sensitivity/vulnerability from a config true perspective:
'babel': This container includes an 'enable' parameter that can be 'babel': This container includes an 'enable' parameter that can be
used to enable or disable use of Babel on a router used to enable or disable use of Babel on a router.
'babel/constants': This container includes configuration parameters 'babel/constants': This container includes configuration parameters
that can prevent reachability if misconfigured. that can prevent reachability if misconfigured.
'babel/interfaces': This leaf-list has configuration parameters that 'babel/interfaces': This leaf-list has configuration parameters that
can enable/disable security mechanisms and change performance can enable/disable security mechanisms and change performance
characteristics of the Babel protocol. For example, enabling logging characteristics of the Babel protocol. For example, enabling
of packets and giving unintended access to the log files gives an logging of packets and giving unintended access to the log files
attacker detailed knowledge of the network, and allows it to launch gives an attacker detailed knowledge of the network and allows it
an attack on the traffic traversing the network device. to launch an attack on the traffic traversing the network device.
'babel/hmac' and 'babel/dtls': These contain security credentials 'babel/hmac' and 'babel/dtls': These contain security credentials
that influence whether incoming packets are trusted, and whether that influence whether incoming packets are trusted and whether
outgoing packets are produced in a way such that the receiver will outgoing packets are produced in such a way that the receiver will
treat them as trusted. treat them as trusted.
Some of the readable data or config false nodes in this YANG module Some of the readable data or config false nodes in this YANG module
may be considered sensitive or vulnerable in some network may be considered sensitive or vulnerable in some network
environments. It is thus important to control read access (e.g., via environments. It is thus important to control read access (e.g., via
get, get-config, or notification) to these data nodes. These are the get, get-config, or notification) to these data nodes. These are the
subtrees and data nodes and their sensitivity/vulnerability from a subtrees and data nodes and their sensitivity/vulnerability from a
config false perpective: config false perspective:
'babel': Access to the information in the various nodes can disclose 'babel': Access to the information in the various nodes can disclose
the network topology. Additionally, the routes used by a network the network topology. Additionally, the routes used by a network
device may be used to mount a subsequent attack on traffic traversing device may be used to mount a subsequent attack on traffic
the network device. traversing the network device.
'babel/hmac' and 'babel/dtls': These contain security credentials, 'babel/hmac' and 'babel/dtls': These contain security credentials,
including private credentials of the router; however it is required including private credentials of the router; however, it is
that these values not be readable. required that these values not be readable.
Some of the RPC operations in this YANG module may be considered Some of the RPC operations in this YANG module may be considered
sensitive or vulnerable in some network environments. It is thus sensitive or vulnerable in some network environments. It is thus
important to control access to these operations. These are the important to control access to these operations. These are the
operations and their sensitivity/vulnerability from a RPC operation operations and their sensitivity/vulnerability from an RPC operation
perspective: perspective:
This model defines two actions. Resetting the statistics within an This model defines two actions. Resetting the statistics within an
interface container would be visible to any monitoring processes, interface container would be visible to any monitoring processes,
which should be designed to account for the possibility of such a which should be designed to account for the possibility of such a
reset. The "test" action allows for validation that a MAC key and reset. The "test" action allows for validation that a MAC key and
MAC algorithm have been properly configured. The MAC key is a MAC algorithm have been properly configured. The MAC key is a
sensitive piece of information, and it is important to prevent an sensitive piece of information, and it is important to prevent an
attacker that does not know the MAC key from being able to determine attacker that does not know the MAC key from being able to determine
the MAC value by trying different input parameters. The "test" the MAC value by trying different input parameters. The "test"
action has been designed to not reveal such information directly. action has been designed to not reveal such information directly.
Such information might also be revealed indirectly, due to side Such information might also be revealed indirectly due to side
channels such as the time it takes to produce a response to the channels such as the time it takes to produce a response to the
action. Implementations SHOULD use a constant-time comparison action. Implementations SHOULD use a constant-time comparison
between the input mac and the locally generated MAC value for between the input MAC and the locally generated MAC value for
comparison, in order to avoid such side channel leakage. comparison in order to avoid such side channel leakage.
5. Acknowledgements
Juliusz Chroboczek provided most of the example configurations for
babel that are shown in the Appendix.
6. References
6.1. Normative References
[I-D.ietf-netconf-crypto-types] 5. References
Watsen, K., "YANG Data Types and Groupings for
Cryptography", Work in Progress, Internet-Draft, draft-
ietf-netconf-crypto-types-21, 14 September 2021,
<https://www.ietf.org/archive/id/draft-ietf-netconf-
crypto-types-21.txt>.
[I-D.ietf-tls-dtls13] 5.1. Normative References
Rescorla, E., Tschofenig, H., and N. Modadugu, "The
Datagram Transport Layer Security (DTLS) Protocol Version
1.3", Work in Progress, Internet-Draft, draft-ietf-tls-
dtls13-43, 30 April 2021, <https://www.ietf.org/internet-
drafts/draft-ietf-tls-dtls13-43.txt>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC4252] Ylonen, T. and C. Lonvick, Ed., "The Secure Shell (SSH)
Authentication Protocol", RFC 4252, DOI 10.17487/RFC4252,
January 2006, <https://www.rfc-editor.org/info/rfc4252>.
[RFC4868] Kelly, S. and S. Frankel, "Using HMAC-SHA-256, HMAC-SHA- [RFC4868] Kelly, S. and S. Frankel, "Using HMAC-SHA-256, HMAC-SHA-
384, and HMAC-SHA-512 with IPsec", RFC 4868, 384, and HMAC-SHA-512 with IPsec", RFC 4868,
DOI 10.17487/RFC4868, May 2007, DOI 10.17487/RFC4868, May 2007,
<https://www.rfc-editor.org/info/rfc4868>. <https://www.rfc-editor.org/info/rfc4868>.
[RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed.,
and A. Bierman, Ed., "Network Configuration Protocol
(NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011,
<https://www.rfc-editor.org/info/rfc6241>.
[RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types",
RFC 6991, DOI 10.17487/RFC6991, July 2013, RFC 6991, DOI 10.17487/RFC6991, July 2013,
<https://www.rfc-editor.org/info/rfc6991>. <https://www.rfc-editor.org/info/rfc6991>.
[RFC7693] Saarinen, M-J., Ed. and J-P. Aumasson, "The BLAKE2 [RFC7693] Saarinen, M., Ed. and J. Aumasson, "The BLAKE2
Cryptographic Hash and Message Authentication Code (MAC)", Cryptographic Hash and Message Authentication Code (MAC)",
RFC 7693, DOI 10.17487/RFC7693, November 2015, RFC 7693, DOI 10.17487/RFC7693, November 2015,
<https://www.rfc-editor.org/info/rfc7693>. <https://www.rfc-editor.org/info/rfc7693>.
[RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language",
RFC 7950, DOI 10.17487/RFC7950, August 2016, RFC 7950, DOI 10.17487/RFC7950, August 2016,
<https://www.rfc-editor.org/info/rfc7950>. <https://www.rfc-editor.org/info/rfc7950>.
[RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF
Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017,
<https://www.rfc-editor.org/info/rfc8040>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>. May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration
Access Control Model", STD 91, RFC 8341, Access Control Model", STD 91, RFC 8341,
DOI 10.17487/RFC8341, March 2018, DOI 10.17487/RFC8341, March 2018,
<https://www.rfc-editor.org/info/rfc8341>. <https://www.rfc-editor.org/info/rfc8341>.
[RFC8343] Bjorklund, M., "A YANG Data Model for Interface [RFC8343] Bjorklund, M., "A YANG Data Model for Interface
Management", RFC 8343, DOI 10.17487/RFC8343, March 2018, Management", RFC 8343, DOI 10.17487/RFC8343, March 2018,
<https://www.rfc-editor.org/info/rfc8343>. <https://www.rfc-editor.org/info/rfc8343>.
[RFC8349] Lhotka, L., Lindem, A., and Y. Qu, "A YANG Data Model for [RFC8349] Lhotka, L., Lindem, A., and Y. Qu, "A YANG Data Model for
Routing Management (NMDA Version)", RFC 8349, Routing Management (NMDA Version)", RFC 8349,
DOI 10.17487/RFC8349, March 2018, DOI 10.17487/RFC8349, March 2018,
<https://www.rfc-editor.org/info/rfc8349>. <https://www.rfc-editor.org/info/rfc8349>.
[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
<https://www.rfc-editor.org/info/rfc8446>.
[RFC8966] Chroboczek, J. and D. Schinazi, "The Babel Routing [RFC8966] Chroboczek, J. and D. Schinazi, "The Babel Routing
Protocol", RFC 8966, DOI 10.17487/RFC8966, January 2021, Protocol", RFC 8966, DOI 10.17487/RFC8966, January 2021,
<https://www.rfc-editor.org/info/rfc8966>. <https://www.rfc-editor.org/info/rfc8966>.
[RFC8967] Do, C., Kolodziejak, W., and J. Chroboczek, "MAC [RFC8967] Dô, C., Kolodziejak, W., and J. Chroboczek, "MAC
Authentication for the Babel Routing Protocol", RFC 8967, Authentication for the Babel Routing Protocol", RFC 8967,
DOI 10.17487/RFC8967, January 2021, DOI 10.17487/RFC8967, January 2021,
<https://www.rfc-editor.org/info/rfc8967>. <https://www.rfc-editor.org/info/rfc8967>.
[RFC8968] Decimo, A., Schinazi, D., and J. Chroboczek, "Babel [RFC8968] Décimo, A., Schinazi, D., and J. Chroboczek, "Babel
Routing Protocol over Datagram Transport Layer Security", Routing Protocol over Datagram Transport Layer Security",
RFC 8968, DOI 10.17487/RFC8968, January 2021, RFC 8968, DOI 10.17487/RFC8968, January 2021,
<https://www.rfc-editor.org/info/rfc8968>. <https://www.rfc-editor.org/info/rfc8968>.
[RFC9000] Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based
Multiplexed and Secure Transport", RFC 9000,
DOI 10.17487/RFC9000, May 2021,
<https://www.rfc-editor.org/info/rfc9000>.
[RFC9046] Stark, B. and M. Jethanandani, "Babel Information Model", [RFC9046] Stark, B. and M. Jethanandani, "Babel Information Model",
RFC 9046, DOI 10.17487/RFC9046, June 2021, RFC 9046, DOI 10.17487/RFC9046, June 2021,
<https://www.rfc-editor.org/info/rfc9046>. <https://www.rfc-editor.org/info/rfc9046>.
6.2. Informative References [RFC9147] Rescorla, E., Tschofenig, H., and N. Modadugu, "The
Datagram Transport Layer Security (DTLS) Protocol Version
1.3", RFC 9147, DOI 10.17487/RFC9147, April 2022,
<https://www.rfc-editor.org/info/rfc9147>.
[RFC9640] Watsen, K., "YANG Data Types and Groupings for
Cryptography", RFC 9640, DOI 10.17487/RFC9640, October
2024, <https://www.rfc-editor.org/info/rfc9640>.
5.2. Informative References
[RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed- [RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed-
Hashing for Message Authentication", RFC 2104, Hashing for Message Authentication", RFC 2104,
DOI 10.17487/RFC2104, February 1997, DOI 10.17487/RFC2104, February 1997,
<https://www.rfc-editor.org/info/rfc2104>. <https://www.rfc-editor.org/info/rfc2104>.
[RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
DOI 10.17487/RFC3688, January 2004,
<https://www.rfc-editor.org/info/rfc3688>.
[RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for
the Network Configuration Protocol (NETCONF)", RFC 6020, the Network Configuration Protocol (NETCONF)", RFC 6020,
DOI 10.17487/RFC6020, October 2010, DOI 10.17487/RFC6020, October 2010,
<https://www.rfc-editor.org/info/rfc6020>. <https://www.rfc-editor.org/info/rfc6020>.
[RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., [RFC7468] Josefsson, S. and S. Leonard, "Textual Encodings of PKIX,
and A. Bierman, Ed., "Network Configuration Protocol PKCS, and CMS Structures", RFC 7468, DOI 10.17487/RFC7468,
(NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, April 2015, <https://www.rfc-editor.org/info/rfc7468>.
<https://www.rfc-editor.org/info/rfc6241>.
[RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure
Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011,
<https://www.rfc-editor.org/info/rfc6242>.
[RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF
Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017,
<https://www.rfc-editor.org/info/rfc8040>.
[RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams",
BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018,
<https://www.rfc-editor.org/info/rfc8340>. <https://www.rfc-editor.org/info/rfc8340>.
[RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K.,
and R. Wilton, "Network Management Datastore Architecture and R. Wilton, "Network Management Datastore Architecture
(NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018,
<https://www.rfc-editor.org/info/rfc8342>. <https://www.rfc-editor.org/info/rfc8342>.
[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol [RFC8407] Bierman, A., "Guidelines for Authors and Reviewers of
Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, Documents Containing YANG Data Models", BCP 216, RFC 8407,
<https://www.rfc-editor.org/info/rfc8446>. DOI 10.17487/RFC8407, October 2018,
<https://www.rfc-editor.org/info/rfc8407>.
[W3C.REC-xml-20081126]
Bray, T., Paoli, J., Sperberg-McQueen, C. M., Maler, E.,
and F. Yergeau, "Extensible Markup Language (XML) 1.0
(Fifth Edition)", W3C Recommendation REC-xml-20081126,
November 2008, <https://www.w3.org/TR/xml/>.
Appendix A. Tree Diagram and Example Configurations Appendix A. Tree Diagram and Example Configurations
This section is devoted to including a complete tree diagram and This section is devoted to including a complete tree diagram and
examples that demonstrate how Babel can be configured. examples that demonstrate how Babel can be configured.
Note that various examples are encoded using Extensible Markup
Language (XML) [W3C.REC-xml-20081126].
A.1. Complete Tree Diagram A.1. Complete Tree Diagram
This section includes the complete tree diagram for the Babel YANG This section includes the complete tree diagram for the Babel YANG
module. module.
module: ietf-babel module: ietf-babel
augment /rt:routing/rt:control-plane-protocols augment /rt:routing/rt:control-plane-protocols
/rt:control-plane-protocol: /rt:control-plane-protocol:
+--rw babel! +--rw babel!
skipping to change at page 38, line 42 skipping to change at line 1814
+--ro calculated-metric? union +--ro calculated-metric? union
+--ro seqno? uint16 +--ro seqno? uint16
+--ro next-hop? union +--ro next-hop? union
+--ro feasible? boolean +--ro feasible? boolean
+--ro selected? boolean +--ro selected? boolean
A.2. Statistics Gathering Enabled A.2. Statistics Gathering Enabled
In this example, interface eth0 is being configured for routing In this example, interface eth0 is being configured for routing
protocol Babel, and statistics gathering is enabled. For security, protocol Babel, and statistics gathering is enabled. For security,
HMAC-SHA256 is supported. Every sent Babel packets is signed with HMAC-SHA256 is supported. Every sent Babel packet is signed with the
the key value provided, and every received Babel packet is verified key value provided, and every received Babel packet is verified with
with the same key value. the same key value.
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces" <interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"
xmlns:ianaift="urn:ietf:params:xml:ns:yang:iana-if-type"> xmlns:ianaift="urn:ietf:params:xml:ns:yang:iana-if-type">
<interface> <interface>
<name>eth0</name> <name>eth0</name>
<type>ianaift:ethernetCsmacd</type> <type>ianaift:ethernetCsmacd</type>
<enabled>true</enabled> <enabled>true</enabled>
</interface> </interface>
</interfaces> </interfaces>
skipping to change at page 40, line 4 skipping to change at line 1860
<value>base64encodedvalue==</value> <value>base64encodedvalue==</value>
<algorithm>hmac-sha256</algorithm> <algorithm>hmac-sha256</algorithm>
</keys> </keys>
</mac-key-set> </mac-key-set>
</babel> </babel>
</control-plane-protocol> </control-plane-protocol>
</control-plane-protocols> </control-plane-protocols>
</routing> </routing>
A.3. Automatic Detection of Properties A.3. Automatic Detection of Properties
<!-- In this example, babeld is configured on two interfaces
In this example, babeld is configured on two interfaces:
interface eth0 interface eth0
interface wlan0 interface wlan0
This says to run Babel on interfaces eth0 and wlan0. Babeld will This says to run Babel on interfaces eth0 and wlan0. Babeld will
automatically detect that eth0 is wired and wlan0 is wireless, and automatically detect that eth0 is wired and wlan0 is wireless and
will configure the right parameters automatically. will configure the right parameters automatically.
-->
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces" <interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"
xmlns:ianaift="urn:ietf:params:xml:ns:yang:iana-if-type"> xmlns:ianaift="urn:ietf:params:xml:ns:yang:iana-if-type">
<interface> <interface>
<name>eth0</name> <name>eth0</name>
<type>ianaift:ethernetCsmacd</type> <type>ianaift:ethernetCsmacd</type>
<enabled>true</enabled> <enabled>true</enabled>
</interface> </interface>
<interface> <interface>
skipping to change at page 41, line 4 skipping to change at line 1908
<metric-algorithm>two-out-of-three</metric-algorithm> <metric-algorithm>two-out-of-three</metric-algorithm>
<split-horizon>true</split-horizon> <split-horizon>true</split-horizon>
</interfaces> </interfaces>
<interfaces> <interfaces>
<reference>wlan0</reference> <reference>wlan0</reference>
<enable>true</enable> <enable>true</enable>
<metric-algorithm>etx</metric-algorithm> <metric-algorithm>etx</metric-algorithm>
<split-horizon>false</split-horizon> <split-horizon>false</split-horizon>
</interfaces> </interfaces>
</babel> </babel>
</control-plane-protocol> </control-plane-protocol>
</control-plane-protocols> </control-plane-protocols>
</routing> </routing>
A.4. Override Default Properties A.4. Override Default Properties
<!-- In this example, babeld is configured on three interfaces In this example, babeld is configured on three interfaces:
interface eth0 interface eth0
interface eth1 type wireless interface eth1 type wireless
interface tun0 type tunnel interface tun0 type tunnel
Here, interface eth1 is an Ethernet bridged to a wireless radio, so Here, interface eth1 is an Ethernet bridged to a wireless radio, so
babeld's autodetection fails, and the interface type needs to be babeld's autodetection fails, and the interface type needs to be
configured manually. Tunnels are not detected automatically, so this configured manually. Tunnels are not detected automatically, so this
needs to be specified. needs to be specified.
This is equivalent to the following: This is equivalent to the following:
interface eth0 metric-algorithm 2-out-of-3 split-horizon true interface eth0 metric-algorithm 2-out-of-3 split-horizon true
interface eth1 metric-algorithm etx split-horizon false interface eth1 metric-algorithm etx split-horizon false
interface tun0 metric-algorithm 2-out-of-3 split-horizon true interface tun0 metric-algorithm 2-out-of-3 split-horizon true
-->
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces" <interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"
xmlns:ianaift="urn:ietf:params:xml:ns:yang:iana-if-type"> xmlns:ianaift="urn:ietf:params:xml:ns:yang:iana-if-type">
<interface> <interface>
<name>eth0</name> <name>eth0</name>
<type>ianaift:ethernetCsmacd</type> <type>ianaift:ethernetCsmacd</type>
<enabled>true</enabled> <enabled>true</enabled>
</interface> </interface>
<interface> <interface>
<name>eth1</name> <name>eth1</name>
<type>ianaift:ethernetCsmacd</type> <type>ianaift:ethernetCsmacd</type>
<enabled>true</enabled> <enabled>true</enabled>
</interface> </interface>
<interface> <interface>
<name>tun0</name> <name>tun0</name>
<type>ianaift:tunnel</type> <type>ianaift:tunnel</type>
<enabled>true</enabled> <enabled>true</enabled>
</interface> </interface>
</interfaces> </interfaces>
<routing <routing
xmlns="urn:ietf:params:xml:ns:yang:ietf-routing"> xmlns="urn:ietf:params:xml:ns:yang:ietf-routing">
<control-plane-protocols> <control-plane-protocols>
<control-plane-protocol> <control-plane-protocol>
<type <type
xmlns:babel= xmlns:babel=
"urn:ietf:params:xml:ns:yang:ietf-babel">babel:babel</type> "urn:ietf:params:xml:ns:yang:ietf-babel">babel:babel</type>
<name>name:babel</name> <name>name:babel</name>
<babel <babel
xmlns="urn:ietf:params:xml:ns:yang:ietf-babel"> xmlns="urn:ietf:params:xml:ns:yang:ietf-babel">
<enable>true</enable> <enable>true</enable>
<interfaces> <interfaces>
<reference>eth0</reference> <reference>eth0</reference>
<enable>true</enable> <enable>true</enable>
<metric-algorithm>two-out-of-three</metric-algorithm> <metric-algorithm>two-out-of-three</metric-algorithm>
<split-horizon>true</split-horizon> <split-horizon>true</split-horizon>
</interfaces> </interfaces>
<interfaces> <interfaces>
<reference>eth1</reference> <reference>eth1</reference>
<enable>true</enable> <enable>true</enable>
<metric-algorithm>etx</metric-algorithm> <metric-algorithm>etx</metric-algorithm>
<split-horizon>false</split-horizon> <split-horizon>false</split-horizon>
</interfaces> </interfaces>
<interfaces> <interfaces>
<reference>tun0</reference> <reference>tun0</reference>
<enable>true</enable> <enable>true</enable>
<metric-algorithm>two-out-of-three</metric-algorithm> <metric-algorithm>two-out-of-three</metric-algorithm>
<split-horizon>true</split-horizon> <split-horizon>true</split-horizon>
</interfaces> </interfaces>
</babel> </babel>
</control-plane-protocol> </control-plane-protocol>
</control-plane-protocols> </control-plane-protocols>
</routing> </routing>
A.5. Configuring other Properties A.5. Configuring Other Properties
<!-- In this example, two interfaces are configured for babeld In this example, two interfaces are configured for babeld:
interface eth0 interface eth0
interface ppp0 hello-interval 30 update-interval 120 interface ppp0 hello-interval 30 update-interval 120
Here, ppp0 is a metered 3G link used for fallback connectivity. It runs Here, ppp0 is a metered 3G link used for fallback connectivity. It
with much higher than default time constants in order to avoid control runs with much higher than default time constants in order to avoid
traffic as much as possible. control traffic as much as possible.
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces" <interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"
xmlns:ianaift="urn:ietf:params:xml:ns:yang:iana-if-type"> xmlns:ianaift="urn:ietf:params:xml:ns:yang:iana-if-type">
<interface> <interface>
<name>eth0</name> <name>eth0</name>
<type>ianaift:ethernetCsmacd</type> <type>ianaift:ethernetCsmacd</type>
<enabled>true</enabled> <enabled>true</enabled>
</interface>
<interface>
<name>ppp0</name>
<type>ianaift:ppp</type>
<enabled>true</enabled>
</interface>
</interfaces>
<routing
xmlns="urn:ietf:params:xml:ns:yang:ietf-routing">
<control-plane-protocols>
<control-plane-protocol>
<type
xmlns:babel=
"urn:ietf:params:xml:ns:yang:ietf-babel">babel:babel</type>
<name>name:babel</name>
<babel
xmlns="urn:ietf:params:xml:ns:yang:ietf-babel">
<enable>true</enable>
<interfaces>
<reference>eth0</reference>
<enable>true</enable>
<metric-algorithm>two-out-of-three</metric-algorithm>
<split-horizon>true</split-horizon>
</interfaces>
<interfaces>
<reference>ppp0</reference>
<enable>true</enable>
<mcast-hello-interval>30</mcast-hello-interval>
<update-interval>120</update-interval>
<metric-algorithm>two-out-of-three</metric-algorithm>
</interfaces>
</babel>
</control-plane-protocol>
</control-plane-protocols>
</routing>
</interface> Acknowledgements
<interface>
<name>ppp0</name> Juliusz Chroboczek provided most of the example configurations for
<type>ianaift:ppp</type> babel that are shown in Appendix A.
<enabled>true</enabled>
</interface>
</interfaces>
<routing
xmlns="urn:ietf:params:xml:ns:yang:ietf-routing">
<control-plane-protocols>
<control-plane-protocol>
<type
xmlns:babel=
"urn:ietf:params:xml:ns:yang:ietf-babel">babel:babel</type>
<name>name:babel</name>
<babel
xmlns="urn:ietf:params:xml:ns:yang:ietf-babel">
<enable>true</enable>
<interfaces>
<reference>eth0</reference>
<enable>true</enable>
<metric-algorithm>two-out-of-three</metric-algorithm>
<split-horizon>true</split-horizon>
</interfaces>
<interfaces>
<reference>ppp0</reference>
<enable>true</enable>
<mcast-hello-interval>30</mcast-hello-interval>
<update-interval>120</update-interval>
<metric-algorithm>two-out-of-three</metric-algorithm>
</interfaces>
</babel>
</control-plane-protocol>
</control-plane-protocols>
</routing>
Authors' Addresses Authors' Addresses
Mahesh Jethanandani Mahesh Jethanandani
Kloud Services Kloud Services
California California
United States of America United States of America
Email: mjethanandani@gmail.com Email: mjethanandani@gmail.com
Barbara Stark Barbara Stark
AT&T AT&T
Atlanta, GA Atlanta, GA
United States of America United States of America
Email: barbara.stark@att.com Email: barbara.stark@att.com
 End of changes. 227 change blocks. 
541 lines changed or deleted 554 lines changed or added

This html diff was produced by rfcdiff 1.48.