yang/frr-bgp-rpki.yang

   1 module frr-bgp-rpki {
   2   yang-version 1.1;
   3   namespace "http://frrouting.org/yang/frr-bgp-rpki";
   4   prefix frr-bgp-rpki;
   5
   6   import ietf-inet-types {
   7     prefix inet;
   8   }
   9
  10   import frr-vrf {
  11     prefix frr-vrf;
  12   }
  13
  14   organization
  15     "FRRouting";
  16   contact
  17     "FRR Users List: <mailto:frog@lists.frrouting.org> FRR Development
  18      List: <mailto:dev@lists.frrouting.org>";
  19   description
  20     "This module defines a model for managing FRR BGP RPKI.
  21
  22      Copyright 2020 FRRouting
  23
  24      Redistribution and use in source and binary forms, with or without
  25      modification, are permitted provided that the following conditions
  26      are met:
  27
  28      1. Redistributions of source code must retain the above copyright notice,
  29      this list of conditions and the following disclaimer.
  30
  31      2. Redistributions in binary form must reproduce the above copyright
  32      notice, this list of conditions and the following disclaimer in the
  33      documentation and/or other materials provided with the distribution.
  34
  35      THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  36      \"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  37      LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  38      A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  39      HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  40      SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  41      LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  42      DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  43      THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  44      (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  45      OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.";
  46
  47   revision 2019-12-03 {
  48     description
  49       "Initial revision.";
  50   }
  51
  52   typedef transport-type {
  53     type enumeration {
  54       enum "TCP" {
  55         value 1;
  56         description
  57           "Connection to server is TCP based.";
  58       }
  59       enum "SSH" {
  60         value 2;
  61         description
  62           "Connection to server is SSH based.";
  63       }
  64     }
  65   }
  66
  67   grouping bgp-rpki-timers {
  68     container rpki-timers {
  69       description
  70         "RPKI timers config.";
  71       leaf polling-time {
  72         type uint32 {
  73           range "1..86400";
  74         }
  75         units "seconds";
  76         default "3600";
  77         description
  78           "Set the number of seconds the router waits until the
  79            router asks the cache again for updated data.";
  80       }
  81
  82       leaf expire-time {
  83         type uint32 {
  84           range "600..172800";
  85         }
  86         units "seconds";
  87         default "7200";
  88         description
  89           "Set the expire interval.";
  90       }
  91
  92       leaf retry-time {
  93         type uint16 {
  94           range "1..7200";
  95         }
  96         units "seconds";
  97         default "600";
  98         description
  99           "Set the retry interval.";
 100       }
 101     }
 102   }
 103
 104   grouping bgp-rpki-cache-server {
 105     container rpki-cache-server {
 106       description
 107         "Add a cache server to the socket.";
 108       list cache-list {
 109         key "preference";
 110         leaf preference {
 111           type uint8 {
 112             range "1..255";
 113           }
 114           description
 115             "Preference of the cache server.";
 116         }
 117
 118         leaf cache-type {
 119           type transport-type;
 120           mandatory true;
 121           description
 122             "Specifies a transport method for the RPKI cache.";
 123         }
 124
 125         choice server {
 126           case ip-address {
 127             leaf ip-address {
 128               type inet:ip-address;
 129               mandatory true;
 130             }
 131           }
 132
 133           case host-name {
 134             leaf ip-host-address {
 135               type inet:host;
 136               mandatory true;
 137             }
 138           }
 139         }
 140
 141         container transport {
 142           container tcp {
 143             when "../../cache-type = 'TCP'";
 144             description
 145               "TCP server details.";
 146             leaf tcp-port {
 147               type uint32;
 148             }
 149           }
 150
 151           container ssh {
 152             when "../../cache-type = 'SSH'";
 153             description
 154               "SSH login details";
 155             leaf ssh-port {
 156               type uint32 {
 157                 range "1..65535";
 158               }
 159               description
 160                 "SSH port on which session gets opened.";
 161             }
 162
 163             leaf user-name {
 164               type string;
 165               description
 166                 "SSH username to establish an SSH connection to the
 167                  cache server.";
 168             }
 169
 170             leaf private-key {
 171               type string;
 172               description
 173                 "Local path that includes the private key file of the router.";
 174             }
 175
 176             leaf public-key {
 177               type string;
 178               description
 179                 "Local path that includes the public key file of the router.";
 180             }
 181
 182             leaf server-public-ley {
 183               type string;
 184               description
 185                 "Server public key.";
 186             }
 187           }
 188         }
 189       }
 190     }
 191   }
 192
 193   augment "/frr-vrf:lib/frr-vrf:vrf" {
 194     container bgp-rpki {
 195       description
 196         "RPKI configuration parameters.";
 197       leaf enable {
 198         type boolean;
 199         default "false";
 200         description
 201           "When set to 'true' it enables the RPKI.";
 202       }
 203
 204       uses bgp-rpki-timers;
 205
 206       uses bgp-rpki-cache-server;
 207     }
 208   }
 209 }