rfc9648v4.txt   rfc9648.txt 
Internet Engineering Task Force (IETF) M. Scharf Internet Engineering Task Force (IETF) M. Scharf
Request for Comments: 9648 Hochschule Esslingen Request for Comments: 9648 Hochschule Esslingen
Category: Standards Track M. Jethanandani Category: Standards Track M. Jethanandani
ISSN: 2070-1721 Kloud Services ISSN: 2070-1721 Kloud Services
V. Murgai V. Murgai
F5, Inc. F5, Inc.
September 2024 October 2024
YANG Data Model for TCP YANG Data Model for TCP
Abstract Abstract
This document specifies a minimal YANG data model for TCP on devices This document specifies a minimal YANG data model for TCP on devices
that are configured and managed by network management protocols. The that are configured and managed by network management protocols. The
YANG data model defines a container for all TCP connections and YANG data model defines a container for all TCP connections and
groupings of authentication parameters that can be imported and used groupings of authentication parameters that can be imported and used
in TCP implementations or by other models that need to configure TCP in TCP implementations or by other models that need to configure TCP
skipping to change at line 55 skipping to change at line 55
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Revised BSD License text as described in Section 4.e of the include Revised BSD License text as described in Section 4.e of the
Trust Legal Provisions and are provided without warranty as described Trust Legal Provisions and are provided without warranty as described
in the Revised BSD License. in the Revised BSD License.
Table of Contents Table of Contents
1. Introduction 1. Introduction
1.1. Conventions
2. Requirements Language 2. Requirements Language
3. YANG Module Overview 3. YANG Module Overview
3.1. Scope 3.1. Scope
3.2. Model Design 3.2. Model Design
3.3. Tree Diagram 3.3. Tree Diagram
4. TCP YANG Data Model 4. TCP YANG Data Model
5. IANA Considerations 5. IANA Considerations
5.1. The IETF XML Registry 5.1. The IETF XML Registry
5.2. The YANG Module Names Registry 5.2. The YANG Module Names Registry
6. Security Considerations 6. Security Considerations
skipping to change at line 139 skipping to change at line 140
* TCP-related configuration of a NAT (e.g., NAT44, NAT64, or * TCP-related configuration of a NAT (e.g., NAT44, NAT64, or
Destination NAT) is defined in "A YANG Module for Network Address Destination NAT) is defined in "A YANG Module for Network Address
Translation (NAT) and Network Prefix Translation (NPT)" [RFC8512] Translation (NAT) and Network Prefix Translation (NPT)" [RFC8512]
and "A YANG Data Model for Dual-Stack Lite (DS-Lite)" [RFC8513]. and "A YANG Data Model for Dual-Stack Lite (DS-Lite)" [RFC8513].
* TCP-AO and TCP MD5 configuration for Layer 3 VPNs is modeled in "A * TCP-AO and TCP MD5 configuration for Layer 3 VPNs is modeled in "A
YANG Network Data Model for Layer 3 VPNs" [RFC9182]. This model YANG Network Data Model for Layer 3 VPNs" [RFC9182]. This model
assumes that TCP-AO-specific parameters are preconfigured in assumes that TCP-AO-specific parameters are preconfigured in
addition to the key chain parameters. addition to the key chain parameters.
1.1. Conventions
Various examples in this document use the XML [W3C.REC-xml-20081126]
encoding. Other encodings, such as JSON [RFC8259], could
alternatively be used.
Various examples in this document contain long lines that may be
folded, as described in [RFC8792].
2. Requirements Language 2. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in "OPTIONAL" in this document are to be interpreted as described in
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
3. YANG Module Overview 3. YANG Module Overview
skipping to change at line 871 skipping to change at line 881
<CODE ENDS> <CODE ENDS>
5. IANA Considerations 5. IANA Considerations
5.1. The IETF XML Registry 5.1. The IETF XML Registry
IANA has registered the following URI in the "ns" registry defined in IANA has registered the following URI in the "ns" registry defined in
the "IETF XML Registry" [RFC3688]. the "IETF XML Registry" [RFC3688].
URI: urn:ietf:params:xml:ns:yang:ietf-tcp URI: urn:ietf:params:xml:ns:yang:ietf-tcp
Registrant Contact: The IESG. Registrant Contact: The IESG
XML: N/A; the requested URI is an XML namespace. XML: N/A; the requested URI is an XML namespace.
5.2. The YANG Module Names Registry 5.2. The YANG Module Names Registry
IANA has registered the following in the "YANG Module Names" registry IANA has registered the following in the "YANG Module Names" registry
created by "YANG - A Data Modeling Language for the Network created by "YANG - A Data Modeling Language for the Network
Configuration Protocol (NETCONF)" [RFC6020]. Configuration Protocol (NETCONF)" [RFC6020].
Name: ietf-tcp Name: ietf-tcp
Namespace: urn:ietf:params:xml:ns:yang:ietf-tcp Namespace: urn:ietf:params:xml:ns:yang:ietf-tcp
skipping to change at line 893 skipping to change at line 903
Reference: RFC 9648 Reference: RFC 9648
This is not an IANA maintained module; however, the URI and other This is not an IANA maintained module; however, the URI and other
details of the module are maintained by IANA. details of the module are maintained by IANA.
6. Security Considerations 6. Security Considerations
This section is modeled after the template defined in Section 3.7.1 This section is modeled after the template defined in Section 3.7.1
of [RFC8407]. of [RFC8407].
The YANG module specified in this document defines a schema for data The "ietf-tcp" YANG module defines a schema for data that is designed
that is designed to be accessed via YANG-based management protocols, to be accessed via YANG-based management protocols, such as NETCONF
such as NETCONF [RFC6241] and RESTCONF [RFC8040]. These protocols [RFC6241] and RESTCONF [RFC8040]. These protocols have mandatory-to-
have mandatory-to-implement secure transport layers (e.g., Secure implement secure transport layers (e.g., Secure Shell (SSH)
Shell (SSH) [RFC4252], TLS [RFC8446], and QUIC [RFC9000]) and [RFC4252], TLS [RFC8446], and QUIC [RFC9000]) and mandatory-to-
mandatory-to-implement mutual authentication. implement mutual authentication.
The Network Configuration Access Control Model (NACM) [RFC8341] The Network Configuration Access Control Model (NACM) [RFC8341]
provides the means to restrict access for particular NETCONF or provides the means to restrict access for particular NETCONF or
RESTCONF users to a preconfigured subset of all available NETCONF or RESTCONF users to a preconfigured subset of all available NETCONF or
RESTCONF protocol operations and content. RESTCONF protocol operations and content.
There are a number of data nodes defined in this YANG module that are There are a number of data nodes defined in this YANG module that are
writable/creatable/deletable (i.e., "config true", which is the writable/creatable/deletable (i.e., "config true", which is the
default). These data nodes may be considered sensitive or vulnerable default). These data nodes may be considered sensitive or vulnerable
in some network environments. Write operations (e.g., edit-config) in some network environments. Write operations (e.g., edit-config)
skipping to change at line 1040 skipping to change at line 1050
[RFC9000] Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based [RFC9000] Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based
Multiplexed and Secure Transport", RFC 9000, Multiplexed and Secure Transport", RFC 9000,
DOI 10.17487/RFC9000, May 2021, DOI 10.17487/RFC9000, May 2021,
<https://www.rfc-editor.org/info/rfc9000>. <https://www.rfc-editor.org/info/rfc9000>.
[RFC9293] Eddy, W., Ed., "Transmission Control Protocol (TCP)", [RFC9293] Eddy, W., Ed., "Transmission Control Protocol (TCP)",
STD 7, RFC 9293, DOI 10.17487/RFC9293, August 2022, STD 7, RFC 9293, DOI 10.17487/RFC9293, August 2022,
<https://www.rfc-editor.org/info/rfc9293>. <https://www.rfc-editor.org/info/rfc9293>.
[RFC9643] Watsen, K. and M. Scharf, "YANG Groupings for TCP Clients [RFC9643] Watsen, K. and M. Scharf, "YANG Groupings for TCP Clients
and TCP Servers", RFC 9643, DOI 10.17487/RFC9643, and TCP Servers", RFC 9643, DOI 10.17487/RFC9643, October
September 2024, <https://www.rfc-editor.org/info/rfc9643>. 2024, <https://www.rfc-editor.org/info/rfc9643>.
7.2. Informative References 7.2. Informative References
[BGP-MODEL] [BGP-MODEL]
Jethanandani, M., Patel, K., Hares, S., and J. Haas, "YANG Jethanandani, M., Patel, K., Hares, S., and J. Haas, "YANG
Model for Border Gateway Protocol (BGP-4)", Work in Model for Border Gateway Protocol (BGP-4)", Work in
Progress, Internet-Draft, draft-ietf-idr-bgp-model-17, 5 Progress, Internet-Draft, draft-ietf-idr-bgp-model-17, 5
July 2023, <https://datatracker.ietf.org/doc/html/draft- July 2023, <https://datatracker.ietf.org/doc/html/draft-
ietf-idr-bgp-model-17>. ietf-idr-bgp-model-17>.
skipping to change at line 1097 skipping to change at line 1107
Information Version 2 (SMIv2) MIB Modules to YANG Information Version 2 (SMIv2) MIB Modules to YANG
Modules", RFC 6643, DOI 10.17487/RFC6643, July 2012, Modules", RFC 6643, DOI 10.17487/RFC6643, July 2012,
<https://www.rfc-editor.org/info/rfc6643>. <https://www.rfc-editor.org/info/rfc6643>.
[RFC6952] Jethanandani, M., Patel, K., and L. Zheng, "Analysis of [RFC6952] Jethanandani, M., Patel, K., and L. Zheng, "Analysis of
BGP, LDP, PCEP, and MSDP Issues According to the Keying BGP, LDP, PCEP, and MSDP Issues According to the Keying
and Authentication for Routing Protocols (KARP) Design and Authentication for Routing Protocols (KARP) Design
Guide", RFC 6952, DOI 10.17487/RFC6952, May 2013, Guide", RFC 6952, DOI 10.17487/RFC6952, May 2013,
<https://www.rfc-editor.org/info/rfc6952>. <https://www.rfc-editor.org/info/rfc6952>.
[RFC8259] Bray, T., Ed., "The JavaScript Object Notation (JSON) Data
Interchange Format", STD 90, RFC 8259,
DOI 10.17487/RFC8259, December 2017,
<https://www.rfc-editor.org/info/rfc8259>.
[RFC8407] Bierman, A., "Guidelines for Authors and Reviewers of [RFC8407] Bierman, A., "Guidelines for Authors and Reviewers of
Documents Containing YANG Data Models", BCP 216, RFC 8407, Documents Containing YANG Data Models", BCP 216, RFC 8407,
DOI 10.17487/RFC8407, October 2018, DOI 10.17487/RFC8407, October 2018,
<https://www.rfc-editor.org/info/rfc8407>. <https://www.rfc-editor.org/info/rfc8407>.
[RFC8512] Boucadair, M., Ed., Sivakumar, S., Jacquenet, C., [RFC8512] Boucadair, M., Ed., Sivakumar, S., Jacquenet, C.,
Vinapamula, S., and Q. Wu, "A YANG Module for Network Vinapamula, S., and Q. Wu, "A YANG Module for Network
Address Translation (NAT) and Network Prefix Translation Address Translation (NAT) and Network Prefix Translation
(NPT)", RFC 8512, DOI 10.17487/RFC8512, January 2019, (NPT)", RFC 8512, DOI 10.17487/RFC8512, January 2019,
<https://www.rfc-editor.org/info/rfc8512>. <https://www.rfc-editor.org/info/rfc8512>.
skipping to change at line 1165 skipping to change at line 1180
Recommendation REC-xml-20081126, November 2008, Recommendation REC-xml-20081126, November 2008,
<https://www.w3.org/TR/2008/REC-xml-20081126/>. <https://www.w3.org/TR/2008/REC-xml-20081126/>.
Appendix A. Examples Appendix A. Examples
A.1. Keepalive Configuration A.1. Keepalive Configuration
This particular example demonstrates how a particular connection can This particular example demonstrates how a particular connection can
be configured for keepalives. be configured for keepalives.
The following example uses the XML [W3C.REC-xml-20081126] encoding.
Note that long lines in examples are wrapped as described in
[RFC8792].
NOTE: '\' line wrapping per RFC 8792 NOTE: '\' line wrapping per RFC 8792
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!-- <!--
This example shows how TCP keepalive, MSS, and PMTU can be configure\ This example shows how TCP keepalive, MSS, and PMTU can be configure\
d for a given connection. An idle connection is dropped after d for a given connection. An idle connection is dropped after
idle-time + (max-probes * probe-interval). idle-time + (max-probes * probe-interval).
--> -->
<tcp <tcp
xmlns="urn:ietf:params:xml:ns:yang:ietf-tcp"> xmlns="urn:ietf:params:xml:ns:yang:ietf-tcp">
skipping to change at line 1204 skipping to change at line 1214
</connections> </connections>
</tcp> </tcp>
A.2. TCP-AO Configuration A.2. TCP-AO Configuration
The following example demonstrates how to model a TCP-AO [RFC5925] The following example demonstrates how to model a TCP-AO [RFC5925]
configuration for the example in "TCP Authentication Option (TCP-AO) configuration for the example in "TCP Authentication Option (TCP-AO)
Test Vectors" [RFC9235]. The IP addresses and other parameters are Test Vectors" [RFC9235]. The IP addresses and other parameters are
taken from the test vectors. taken from the test vectors.
The following example uses the XML [W3C.REC-xml-20081126] encoding.
NOTE: '\' line wrapping per RFC 8792 NOTE: '\' line wrapping per RFC 8792
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!-- <!--
This example sets TCP-AO configuration parameters similarly to This example sets TCP-AO configuration parameters similarly to
the examples in RFC 9235. the examples in RFC 9235.
--> -->
<key-chains <key-chains
xmlns="urn:ietf:params:xml:ns:yang:ietf-key-chain"> xmlns="urn:ietf:params:xml:ns:yang:ietf-key-chain">
 End of changes. 9 change blocks. 
17 lines changed or deleted 25 lines changed or added

This html diff was produced by rfcdiff 1.48.