--- 1/draft-ietf-opsawg-model-automation-framework-06.txt 2020-10-12 00:19:04.194938196 -0700 +++ 2/draft-ietf-opsawg-model-automation-framework-07.txt 2020-10-12 00:19:04.286940528 -0700 @@ -1,61 +1,61 @@ OPSAWG Q. Wu, Ed. Internet-Draft Huawei Intended status: Informational M. Boucadair, Ed. -Expires: March 26, 2021 Orange +Expires: April 14, 2021 Orange D. Lopez Telefonica I+D C. Xie China Telecom L. Geng China Mobile - September 22, 2020 + October 11, 2020 A Framework for Automating Service and Network Management with YANG - draft-ietf-opsawg-model-automation-framework-06 + draft-ietf-opsawg-model-automation-framework-07 Abstract Data models provide a programmatic approach to represent services and networks. Concretely, they can be used to derive configuration information for network and service components, and state information that will be monitored and tracked. Data models can be used during the service and network management life cycle, such as service instantiation, provisioning, optimization, monitoring, diagnostic, and assurance. Data models are also instrumental in the automation of network management, and they can provide closed-loop control for adaptive and deterministic service creation, delivery, and maintenance. This document describes an architecture for service and network management automation that takes advantage of YANG modeling technologies. This architecture is drawn from a network operator - perspective irrespective of the origin of a data module; it can thus + perspective irrespective of the origin of a data model; it can thus accommodate modules that are developed outside the IETF. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on March 26, 2021. + This Internet-Draft will expire on April 14, 2021. Copyright Notice Copyright (c) 2020 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents @@ -63,73 +63,78 @@ to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology and Acronyms . . . . . . . . . . . . . . . . . . 5 2.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 5 - 2.2. Acronyms . . . . . . . . . . . . . . . . . . . . . . . . 6 - 3. Architectural Concepts and Goals . . . . . . . . . . . . . . 6 - 3.1. Data Models: Layering and Representation . . . . . . . . 6 - 3.2. Automation of Service Delivery Procedures . . . . . . . . 10 - 3.3. Service Fullfillment Automation . . . . . . . . . . . . . 10 - 3.4. YANG Modules Integration . . . . . . . . . . . . . . . . 11 - 4. Functional Blocks and Interactions . . . . . . . . . . . . . 11 - 4.1. Service Lifecycle Management Procedure . . . . . . . . . 12 - 4.1.1. Service Exposure . . . . . . . . . . . . . . . . . . 13 - 4.1.2. Service Creation/Modification . . . . . . . . . . . . 13 - 4.1.3. Service Optimization . . . . . . . . . . . . . . . . 13 - 4.1.4. Service Diagnosis . . . . . . . . . . . . . . . . . . 14 - 4.1.5. Service Decommission . . . . . . . . . . . . . . . . 14 - 4.2. Service Fullfillment Management Procedure . . . . . . . . 14 - 4.2.1. Intended Configuration Provision . . . . . . . . . . 15 - 4.2.2. Configuration Validation . . . . . . . . . . . . . . 15 - 4.2.3. Performance Monitoring/Model-driven Telemetry . . . . 16 - 4.2.4. Fault Diagnostic . . . . . . . . . . . . . . . . . . 16 - 4.3. Multi-Layer/Multi-Domain Service Mapping . . . . . . . . 16 - 4.4. Service Decomposing . . . . . . . . . . . . . . . . . . . 17 - 5. YANG Data Model Integration Examples . . . . . . . . . . . . 17 - 5.1. L2VPN/L3VPN Service Delivery . . . . . . . . . . . . . . 17 - 5.2. VN Lifecycle Management . . . . . . . . . . . . . . . . . 19 - 5.3. Event-based Telemetry in the Device Self Management . . . 20 - 6. Security Considerations . . . . . . . . . . . . . . . . . . . 21 - 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 22 - 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 22 - 9. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 22 - 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 23 - 10.1. Normative References . . . . . . . . . . . . . . . . . . 23 - 10.2. Informative References . . . . . . . . . . . . . . . . . 24 - Appendix A. Layered YANG Modules Examples Overview . . . . . . . 32 - A.1. Service Models: Definition and Samples . . . . . . . . . 32 - A.2. Schema Mount . . . . . . . . . . . . . . . . . . . . . . 33 - A.3. Network Models: Samples . . . . . . . . . . . . . . . . . 33 - A.4. Device Models: Samples . . . . . . . . . . . . . . . . . 36 - A.4.1. Model Composition . . . . . . . . . . . . . . . . . . 38 - A.4.2. Device Management . . . . . . . . . . . . . . . . . . 38 - A.4.3. Interface Management . . . . . . . . . . . . . . . . 38 - A.4.4. Some Device Model Examples . . . . . . . . . . . . . 38 - Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 41 + 2.2. Acronyms . . . . . . . . . . . . . . . . . . . . . . . . 7 + 3. Architectural Concepts and Goals . . . . . . . . . . . . . . 7 + 3.1. Data Models: Layering and Representation . . . . . . . . 7 + 3.2. Automation of Service Delivery Procedures . . . . . . . . 11 + 3.3. Service Fullfillment Automation . . . . . . . . . . . . . 12 + 3.4. YANG Modules Integration . . . . . . . . . . . . . . . . 12 + 4. Functional Blocks and Interactions . . . . . . . . . . . . . 13 + 4.1. Service Lifecycle Management Procedure . . . . . . . . . 13 + 4.1.1. Service Exposure . . . . . . . . . . . . . . . . . . 14 + 4.1.2. Service Creation/Modification . . . . . . . . . . . . 14 + 4.1.3. Service Assurance . . . . . . . . . . . . . . . . . . 15 + 4.1.4. Service Optimization . . . . . . . . . . . . . . . . 15 + 4.1.5. Service Diagnosis . . . . . . . . . . . . . . . . . . 15 + 4.1.6. Service Decommission . . . . . . . . . . . . . . . . 16 + 4.2. Service Fullfillment Management Procedure . . . . . . . . 16 + 4.2.1. Intended Configuration Provision . . . . . . . . . . 16 + 4.2.2. Configuration Validation . . . . . . . . . . . . . . 17 + 4.2.3. Performance Monitoring/Model-driven Telemetry . . . . 17 + 4.2.4. Fault Diagnostic . . . . . . . . . . . . . . . . . . 17 + 4.3. Multi-Layer/Multi-Domain Service Mapping . . . . . . . . 18 + 4.4. Service Decomposing . . . . . . . . . . . . . . . . . . . 18 + 5. YANG Data Model Integration Examples . . . . . . . . . . . . 18 + 5.1. L2VPN/L3VPN Service Delivery . . . . . . . . . . . . . . 18 + 5.2. VN Lifecycle Management . . . . . . . . . . . . . . . . . 21 + 5.3. Event-based Telemetry in the Device Self Management . . . 22 + 6. Security Considerations . . . . . . . . . . . . . . . . . . . 23 + 6.1. Service Level . . . . . . . . . . . . . . . . . . . . . . 24 + 6.2. Network Level . . . . . . . . . . . . . . . . . . . . . . 24 + 6.3. Device Level . . . . . . . . . . . . . . . . . . . . . . 25 + 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 25 + 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 25 + 9. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 25 + 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 26 + 10.1. Normative References . . . . . . . . . . . . . . . . . . 26 + 10.2. Informative References . . . . . . . . . . . . . . . . . 27 + Appendix A. Layered YANG Modules Examples Overview . . . . . . . 35 + A.1. Service Models: Definition and Samples . . . . . . . . . 36 + A.2. Schema Mount . . . . . . . . . . . . . . . . . . . . . . 36 + A.3. Network Models: Samples . . . . . . . . . . . . . . . . . 37 + A.4. Device Models: Samples . . . . . . . . . . . . . . . . . 39 + A.4.1. Model Composition . . . . . . . . . . . . . . . . . . 41 + A.4.2. Device Management . . . . . . . . . . . . . . . . . . 41 + A.4.3. Interface Management . . . . . . . . . . . . . . . . 41 + A.4.4. Some Device Model Examples . . . . . . . . . . . . . 41 + Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 44 1. Introduction Service management systems usually comprise service activation/ provision and service operation. Current service delivery procedures, from the processing of customer's requirements and orders to service delivery and operation, typically assume the manipulation - of data sequentially into multiple OSS/BSS applications that may be - managed by different departments within the service provider's - organization (e.g., billing factory, design factory, network - operation center). In addition, many of these applications have been - developed in-house over the years and operate in a silo mode: + of data sequentially into multiple Operations Support System (OSS) or + Business Support System (BSS) applications that may be managed by + different departments within the service provider's organization + (e.g., billing factory, design factory, network operation center). + In addition, many of these applications have been developed in-house + over the years and operate in a silo mode: o The lack of standard data input/output (i.e., data model) raises many challenges in system integration and often results in manual configuration tasks. o Service fulfillment systems might have a limited visibility on the network state and therefore have slow response to network changes. Software Defined Networking (SDN) becomes crucial to address these challenges. SDN techniques are meant to automate the overall service @@ -161,51 +166,83 @@ Models are key for each of the aforementioned four technical items. Service and network management automation is an important step to improve the agility of network operations. Models are also important to ease integrating multi-vendor solutions. YANG [RFC7950] module developers have taken both top-down and bottom- up approaches to develop modules [RFC8199] and to establish a mapping between a network technology and customer requirements at the top or abstracting common constructs from various network technologies at the bottom. At the time of writing this document (2020), there are - many YANG data models including configuration and service models that + many YANG data models including configuration and Service Models that have been specified or are being specified by the IETF. They cover many of the networking protocols and techniques. However, how these - models work together to configure a device, manage a set of devices + models work together to configure a function, manage a set of devices involved in a service, or provide a service is something that is not currently documented either within the IETF or other Standards Development Organizations (SDOs). + Many of the YANG modules listed in this document are used to exchange + data between a NETCONF/RESTCONF clients and servers + [RFC6241][RFC8040]. Nevertheless, YANG is transport independent data + modeling language. It can thus be used independently of NETCONF/ + RESTOCNF. For example, YANG can be used to define abstract data + structures [RFC8791] that can be manipulated by other protocols + (e.g., [I-D.ietf-dots-rfc8782-bis]). + This document describes an architectural framework for service and network management automation (Section 3) that takes advantage of YANG modeling technologies and investigates how different layer YANG data models interact with each other (e.g., service mapping, model composing) in the context of service delivery and fulfillment - (Section 4). + (Section 4). Concretely, the following benefits can be provided: + + o Allow for vendor-agnostic interfaces to manage a service and the + underlying network. + + o Move from deployment schemes where vendor-specific network + managers are required to a scheme where the entities that are + responsible for orchestrating and controlling services and network + resources provided by multi-vendor devices are unified. + + o Ease data inheritance and reusability among the various + architecture layers promoting thus a network-wise provisioning + instead of device-specific configuration. + + o Dynamically fed a decision-making process (e.g., Controllers, + Orchestrators) with notifications that will trigger appropriate + actions allowing thus to continuously adjust a network (and thus + involved resources) to comply the intended service to deliver. This framework is drawn from a network operator perspective - irrespective of the origin of a data module; it can also accommodate - modules that are developed outside the IETF. + irrespective of the origin of a data model; it can also accommodate + modules that are developed outside the IETF. The document covers + Service Models that are used by an operator to expose its services + and capture service requirements from the customers (including other + operators). Nevertheless, the document does not elaborate on the + communication protocol(s) that makes use of these Service Models in + order to request and deliver a service. Such considerations are out + of the scope. The document identifies a list of use cases to exemplify the proposed approach (Section 5), but it does not claim nor aim to be exhaustive. + Appendix A lists some examples to illustrate the layered YANG modules + view. 2. Terminology and Acronyms 2.1. Terminology The following terms are defined in [RFC8309][RFC8199] and are not redefined here: o Network Operator - o Customer o Service o Data Model o Service Model o Network Element Module @@ -215,20 +252,25 @@ aspects of a network infrastructure), including devices and their subsystems, and relevant protocols operating at the link and network layers across multiple devices. This model corresponds to the Network Configuration Model discussed in [RFC8309]. It can be used by a network operator to allocate resources (e.g., tunnel resource, topology resource) for the service or schedule resources to meet the service requirements defined in a Service Model. + Network Domain: Refers to a network partitioning that is usually + followed by network operators to delimit parts of their network. + "access network" and "core network" are examples of network + domains. + Device Model: Refers to the Network Element YANG data model described in [RFC8199] or the Device Configuration Model discussed in [RFC8309]. Device Models are also used to refer to model a function embedded in a device (e.g., Network Address Translation (NAT) [RFC8512], Access Control Lists (ACLs) [RFC8519]). Pipe: Refers to a communication scope where only one-to-one (1:1) communications are allowed. The scope can be identified between @@ -238,75 +280,83 @@ communications are allowed (e.g., one site to multiple sites). Funnel: Refers to a communication scope where many-to-one (N:1) communications are allowed. 2.2. Acronyms The following acronyms are used in the document: ACL Access Control List + AS Autonomous System CE Customer Edge + DBE Data Border Element + E2E End-to-End ECA Event Condition Action L2VPN Layer 2 Virtual Private Network L3VPN Layer 3 Virtual Private Network + L3SM L3VPN Service Model + L3NM L3VPN Network Model NAT Network Address Translation OAM Operations, Administration, and Maintenance OWD One-Way Delay PE Provider Edge QoS Quality of Service RD Route Distinguisher RT Route Target + SBE Session Border Element SDN Software Defined Networking + SP Service Provider TE Traffic Engineering VN Virtual Network VPN Virtual Private Network VRF Virtual Routing and Forwarding 3. Architectural Concepts and Goals 3.1. Data Models: Layering and Representation As described in Section 2 of [RFC8199], layering of modules allows for better reusability of lower-layer modules by higher-level modules while limiting duplication of features across layers. - Data models can be classified into Service, Network, and Device - Models. Different Service Models may rely on the same set of Network - and/or Device Models. + Data models in the context of network management can be classified + into Service, Network, and Device Models. Different Service Models + may rely on the same set of Network and/or Device Models. Service Models traditionally follow a top-down approach and are mostly customer-facing YANG modules providing a common model construct for higher level network services (e.g., Layer 3 Virtual Private Network (L3VPN)). Such modules can be mapped to network technology-specific modules at lower layers (e.g., tunnel, routing, - Quality of Service (QoS), security). For example, the service level - can be used to characterise the network service(s) to be ensured - between service nodes (ingress/egress) such as: + Quality of Service (QoS), security). For example, Service Models can + be used to characterise the network service(s) to be ensured between + service nodes (ingress/egress) such as: o the communication scope (pipe, hose, funnel, ...), o the directionality (inbound/outbound), - o the traffic performance guarantees (One-Way Delay (OWD) [RFC7679], - One-Way Loss [RFC7680], ...), + o the traffic performance guarantees expressed using metrics such as + One-Way Delay (OWD) [RFC7679] or One-Way Loss [RFC7680]; a summary + of performance metrics maintained by IANA can be found in [IPPM], o link capacity [RFC5136][I-D.ietf-ippm-capacity-metric-method], o etc. Figure 1 depicts the example of a VoIP service that relies upon connectivity services offered by a network operator. In this example, the VoIP service is offered to the network operator's customers by Service Provider (SP1). In order to provide global VoIP reachability, SP1 service site interconnects with other Service Providers service sites typically by interconnecting Session Border Elements (SBEs) and Data Border Elements (DBEs) [RFC5486][RFC6406]. For other VoIP destinations, sessions are forwarded over the Internet. These connectivity services can be captured in a YANG - Service Module that reflects the service attributes that are shown in + Service Model that reflects the service attributes that are shown in Figure 2. This example follows the IP Connectivity Provisioning Profile template defined in [RFC7297]. ,--,--,--. ,--,--,--. ,-' SP1 `-. ,-' SP2 `-. ( Service Site ) ( Service Site ) `-. ,-' `-. ,-' `--'--'--' `--'--'--' x | o * * | (2)x | o * * | @@ -360,71 +410,83 @@ Device (and function) Models usually follow a bottom-up approach and are mostly technology-specific modules used to realize a service (e.g., BGP, NAT). Each level maintains a view of the supported YANG modules provided by low-levels (see for example, Appendix A). Figure 3 illustrates the overall layering model. The reader may refer to Section 4 of [RFC8309] for an overview of "Orchestrator" and - "Controller" elements. + "Controller" elements. All these elements (i.e., Orchestrator(s), + Controller(s), device(s)) are under the responsibility of the same + operator. +-----------------------------------------------------------------+ - | +-----------------------+ | - | | Orchestrator | Hierarchy Abstraction | + | Hierarchy Abstraction | + | | + | +-----------------------+ Service Model | + | | Orchestrator | (Customer Oriented) | + | |+---------------------+| Scope: "1:1" Pipe model | + | || Service Modeling || | | |+---------------------+| | - | || Service Modeling || Service Model | - | |+---------------------+| (Customer Oriented) | - | | | Scope: "1:1" Pipe model | | | | Bidirectional | | |+---------------------+| +-+ Capacity,OWD +-+ | | ||Service Orchestration|| | +----------------+ | | | |+---------------------+| +-+ +-+ | - | +-----------------------+ 1. Ingress 2. Egress | - | | + | +-----------------------+ Ingress Egress | | | | | | +-----------------------+ Network Model | | | Controller | (Operator Oriented) | | |+---------------------+| +-+ +--+ +---+ +-+ | | || Network Modeling || | | | | | | | | | | |+---------------------+| | o----o--o----o---o---o | | - | |+---------------------+| +-+ +--+ +---+ +-+ | - | ||Network Orchestration|| src dst | - | |+---------------------+| L3VPN over TE | - | | | Instance Name/Access Interface | + | | | +-+ +--+ +---+ +-+ | + | |+---------------------+| src dst | + | ||Network Orchestration|| L3VPN over TE | + | |+---------------------+| Instance Name/Access Interface | | +-----------------------+ Protocol Type/Capacity/RD/RT/... | - | mapping for hop | | | | | - | +-----------------------+ | - | | Device | Device Model | + | +-----------------------+ Device Model | + | | Device | | | |+--------------------+ | | | || Device Modeling | | Interface add, BGP Peer, | | |+--------------------+ | Tunnel ID, QoS/TE, ... | | +-----------------------+ | +-----------------------------------------------------------------+ - Figure 3: Layering and Representation + Figure 3: Layering and Representation Within a Network Operator + + A composite service offered by a network operator may rely on + services from other operators. In such case, the network operator + acts as a customer to request services from other networks. The + operators providing these services will then follow the layering + depicted in Figure 3. The mapping between a composite service and a + third-party service is maintained at the orchestration level. From a + data plane perspective, appropriate traffic steering policies (e.g., + Service Function Chaining [RFC7665]) are managed by the network + controllers to guide how/when a third party service is invoked for + flows bound to a composite service. The layering model depicted in Figure 3 does not make any assumption about the location of the various entities (e.g., controller, orchestrator) within the network. As such, the architecture does not preclude deployments where, for example, the controller is embedded on a device that hosts other functions that are controlled via YANG modules. In order to ease the mapping between layers and data reuse, this - document focuses on service models that are modelled using YANG. + document focuses on Service Models that are modelled using YANG. Nevertheless, fully compliant with Section 3 of [RFC8309], Figure 3 - does not preclude service models to be modelled using other data + does not preclude Service Models to be modelled using other data modelling languages than YANG. 3.2. Automation of Service Delivery Procedures Service Models can be used by a network operator to expose its services to its customers. Exposing such models allows to automate the activation of service orders and thus the service delivery. One or more monolithic Service Models can be used in the context of a composite service activation request (e.g., delivery of a caching infrastructure over a VPN). Such models are used to feed a decision- @@ -443,20 +505,25 @@ management of network resources. Doing so is meant to: o expose network resources to customers (including other network operators) to provide service fulfillment and assurance. o allow customers (or network operators) to dynamically adjust the network resources based on service requirements as described in Service Models (e.g., Figure 2) and the current network performance information described in the telemetry modules. + Note that it is out of the scope of this document to elaborate on the + communication protocols that are used to implement the interface + between the service ordering (customer) and service order handling + (provider). + 3.3. Service Fullfillment Automation To operate a service, the settings of the parameters in the Device Models are derived from Service Models and/or Network Models and are used to: o Provision each involved network function/device with the proper configuration information. o Operate the network based on service requirements as described in @@ -483,36 +550,31 @@ service delivery (including, proper network setup). For example, the service parameters captured in Service Models need to be decomposed into a set of configuration/notification parameters that may be specific to one or more technologies; these technology-specific parameters are grouped together to define technology-specific device level models or network level models. In addition, these technology-specific Device or Network Models can be further integrated with each other using the schema mount mechanism [RFC8528] to provision each involved network function/ - device or each involved administrative domain to support newly added - module or features. A collection of Device Models integrated - together can be loaded and validated during implementation. + device or each involved network domain to support newly added module + or features. A collection of Device Models integrated together can + be loaded and validated during implementation. High-level policies can be defined at Service or Network Models (e.g., "Autonomous System Number (ASN) Exclude" in the example depicted in Figure 2). Device Models will be tweaked accordingly to provide policy-based management. Policies can also be used for - telemetry automation, e.g., policies that contain conditions can + telemetry automation, e.g., policies that contain conditions to trigger the generation and pushing of new telemetry data. - Performance measurement telemetry can be used to provide service - assurance at Service and/or Network levels. Performance measurement - telemetry model can tie with Service or Network Models to monitor - network performance or Service Level Agreement. - 4. Functional Blocks and Interactions The architectural considerations described in Section 3 lead to the architecture described in this section and illustrated in Figure 4. +------------------+ ................. | | Service level | | V | E2E E2E E2E E2E @@ -545,21 +607,21 @@ Figure 4: Service and Network Lifecycle Management 4.1. Service Lifecycle Management Procedure Service lifecycle management includes end-to-end service lifecycle management at the service level and technology specific network lifecycle management at the network level. The end-to-end service lifecycle management is technology-independent - service management and spans across multiple administrative domain or + service management and spans across multiple network domains and/or multiple layers while technology specific service lifecycle management is technology domain specific or layer specific service lifecycle management. 4.1.1. Service Exposure A service in the context of this document (sometimes called, Network Service) is some form of connectivity between customer sites and the Internet or between customer sites across the operator's network and across the Internet. @@ -572,58 +634,70 @@ Service Model catalogs can be created along to expose the various services and the information needed to invoke/order a given service. 4.1.2. Service Creation/Modification A customer is usually unaware of the technology that the network operator has available to deliver the service, so the customer does not make requests specific to the underlying technology but is limited to making requests specific to the service that is to be - delivered. This service request can be issued using a Service Model. + delivered. This service request can be filled using a Service Model. Upon receiving a service request, and assuming that appropriate - authentication and authorization checks have been made, the service - orchestrator/management system should verify whether the service - requirements in the service request can be met (i.e., whether there - is sufficient resources that can be allocated with the requested - guarantees). + authentication and authorization checks have been made with success, + the service orchestrator/management system should verify whether the + service requirements in the service request can be met (i.e., whether + there is sufficient resources that can be allocated with the + requested guarantees). If the request is accepted, the service orchestrator/management system maps such service request to its view. This view can be - described as a technology specific network model or a set of + described as a technology specific Network Model or a set of technology specific Device Models and this mapping may include a choice of which networks and technologies to use depending on which service features have been requested. In addition, a customer may require to change the underlying network infrastructure to adapt to new customer's needs and service requirements. This service modification can be issued following the same Service Model used by the service request. -4.1.3. Service Optimization +4.1.3. Service Assurance + + Performance measurement telemetry (Section 4.2) can be used to + provide service assurance at Service and/or Network levels. + Performance measurement telemetry model can tie with Service or + Network Models to monitor network performance or Service Level + Agreement. + +4.1.4. Service Optimization Service optimization is a technique that gets the configuration of the network updated due to network changes, incidents mitigation, or new service requirements. One typical example is once a tunnel or a VPN is setup, Performance monitoring information or telemetry information per tunnel (or per VPN) can be collected and fed into the management system. If the network performance doesn't meet the service requirements, the management system can create new VPN policies capturing network service requirements and populate them into the network. Both network performance information and policies can be modelled using YANG. With Policy-based management, self-configuration and self-optimization behavior can be specified and implemented. -4.1.4. Service Diagnosis + The overall service optimization is managed at the service level, + while the network level is responsible for the optimization of the + specific network services it provides. + +4.1.5. Service Diagnosis Operations, Administration, and Maintenance (OAM) are important networking functions for service diagnosis that allow network operators to: o monitor network communications (i.e., reachability verification and Continuity Check) o troubleshoot failures (i.e., fault verification and localization) @@ -634,38 +708,39 @@ pinpoint the problem and provide recommendations (or instructions) for the network recovery. The service diagnosis information can be modelled as technology- independent Remote Procedure Call (RPC) operations for OAM protocols and technology-independent abstraction of key OAM constructs for OAM protocols [RFC8531][RFC8533]. These models can be used to provide consistent configuration, reporting, and presentation for the OAM mechanisms used to manage the network. -4.1.5. Service Decommission +4.1.6. Service Decommission Service decommission allows a customer to stop the service by removing the service from active status and thus releasing the network resources that were allocated to the service. Customers can also use the Service Model to withdraw the registration to a service. 4.2. Service Fullfillment Management Procedure + 4.2.1. Intended Configuration Provision Intended configuration at the device level is derived from Network Models at the network level or Service Model at the service level and represents the configuration that the system attempts to apply. Take - L3SM as a Service Model example to deliver a L3VPN service, we need - to map the L3VPN service view defined in the Service Model into - detailed intended configuration view defined by specific - configuration models for network elements, configuration information - includes: + L3SM as a Service Model example to deliver a L3VPN service, there is + a need to map the L3VPN service view defined in the Service Model + into a detailed intended configuration view defined by specific + configuration models for network elements; the configuration + information includes: o Virtual Routing and Forwarding (VRF) definition, including VPN policy expression o Physical Interface(s) o IP layer (IPv4, IPv6) o QoS features such as classification, profiles, etc. @@ -677,126 +752,129 @@ o Address sharing (e.g., NAT) o Security These specific configuration models can be used to configure Provider Edge (PE) and Customer Edge (CE) devices within a site, e.g., a BGP policy model can be used to establish VPN membership between sites and VPN Service Topology. + Note that in networks with legacy devices (that support proprietary + modules or do not support YANG at all), an adaptation layer is likely + to be required at the network level so that these devices can be + involved in the delivery of the network services. + 4.2.2. Configuration Validation Configuration validation is used to validate intended configuration and ensure the configuration take effect. For example, a customer creates an interface "eth-0/0/0" but the interface does not physically exist at this point, then configuration data appears in the status but does not appear in datastore. 4.2.3. Performance Monitoring/Model-driven Telemetry - When configuration is in effect in the device, + When a configuration is in effect in a device, datastore holds the complete operational state of the device including learned, system, default configuration, and system state. However, the configurations and state of a particular device does not - have the visibility to the whole network or information of the flow - packets are going to take through the entire network. Therefore it - becomes more difficult to operate the network without understanding - the current status of the network. + have the visibility on the whole network or how packets are going to + be forwarded through the entire network. Therefore, it becomes more + difficult to operate the entire network without understanding the + current status of the network. The management system should subscribe to updates of a YANG datastore - in all the network devices for performance monitoring purpose and + in all the network devices for performance monitoring purposes and build a full topological visibility of the network by aggregating (and filtering) these operational state from different sources. 4.2.4. Fault Diagnostic - When configuration is in effect in the device, some devices may be - mis-configured (e.g.,device links are not consistent in both sides of - the network connection), network resources be mis-allocated and - services may be negatively affected without knowing what is going on - in the network. + When configuration is in effect in a device, some devices may be mis- + configured (e.g., device links are not consistent in both sides of + the network connection) or network resources be mis-allocated. + Therefore, services may be negatively affected without knowing the + root cause in the network. Technology-dependent nodes and RPC commands are defined in technology-specific YANG data models which can use and extend the - base model described in Section 4.1.4 to deal with these issues. + base model described in Section 4.1.5 to deal with these issues. These RPC commands received in the technology-dependent node can be used to trigger technology-specific OAM message exchanges for fault - verification and fault isolation For example, TRILL Multicast Tree + verification and fault isolation. For example, TRILL Multicast Tree Verification (MTV) RPC command [I-D.ietf-trill-yang-oam] can be used to trigger Multi-Destination Tree Verification Message defined in [RFC7455] to verify TRILL distribution tree integrity. 4.3. Multi-Layer/Multi-Domain Service Mapping Multi-layer/Multi-domain Service Mapping allows to map an end-to-end - abstract view of the service segmented at different layers or - different administrative domains into domain-specific view. + abstract view of the service segmented at different layers and/or + different network domains into domain-specific views. - One example is to map service parameters in L3VPN service model into + One example is to map service parameters in the L3SM into configuration parameters such as Route Distinguisher (RD), Route - Target (RT), and VRF in L3VPN network model. + Target (RT), and VRF in the L3VPN Network Model (L3NM). - Another example is to map service parameters in L3VPN service model - into Traffic Engineered (TE) tunnel parameter (e.g., Tunnel ID) in TE - model and Virtual Network (VN) parameters (e.g., Access Point (AP) - list, VN members) in the YANG data model for VN operation + Another example is to map service parameters in the L3SM into Traffic + Engineered (TE) tunnel parameter (e.g., Tunnel ID) in TE model and + Virtual Network (VN) parameters (e.g., Access Point (AP) list, VN + members) in the YANG data model for VN operation [I-D.ietf-teas-actn-vn-yang]. 4.4. Service Decomposing - Service Decomposing allows to decompose service model at the service - level or network model at the network level into a set of device/ - function models at the device level. These Device Models may be tied - to specific device types or classified into a collection of related - YANG modules based on service types and features offered, and load at - the implementation time before configuration is loaded and validated. + Service Decomposing allows to decompose Service Models at the service + level or Network Models at the network level into a set of Device + Models at the device level. These Device Models may be tied to + specific device types or classified into a collection of related YANG + modules based on service types and features offered, and load at the + implementation time before configuration is loaded and validated. 5. YANG Data Model Integration Examples - The following subsections provides some YANG data models integration + The following subsections provide some YANG data models integration examples. 5.1. L2VPN/L3VPN Service Delivery In reference to Figure 5, the following steps are performed to deliver the L3VPN service within the network management automation - architecture defined in this document: + architecture defined in Section 4: - 1. The Customer requests to create two sites (as per service - creation operation in Section 4.2.1) relying upon a L3SM Service - model with each having one network access connectivity, for - example: + 1. The Customer requests to create two sites (as per Service + Creation in Section 4.2.1) relying upon L3SM with each site + having one network access connectivity, for example: - * Site A: Network-Access A, Link Capacity = 20 Mbps, for class - "foo", guaranteed-capacity-percent = 10, average-One-Way-Delay + * Site A: network-access A, link-capacity = 20 Mbps, class + "foo", guaranteed-capacity-percent = 10, average-one-way-delay = 70 ms. - * Site B: Network-Access B, Link Capacity = 30 Mbps, for class - "foo1", guaranteed-capacity-percent = 15, average-One-Way- - Delay = 60 ms. + * Site B: network-access B, link-capacity = 30 Mbps, class + "foo1", guaranteed-capacity-percent = 15, average-one-way- + delay = 60 ms. - 2. The Orchestrator extracts the service parameters from the L3SM - model. Then, it uses them as input to translate ("service - mapping operation" in Section 4.4) them into an orchestrated - configuration of network elements (e.g., RD, RT, VRF) that are - part of the L3VPN Network YANG Model specified in + 2. The Orchestrator extracts the service parameters from the L3SM. + Then, it uses them as input to the Service Mapping in Section 4.3 + to translate them into an orchestrated configuration parameters + (e.g., RD, RT, VRF) that are part of the L3NM specified in [I-D.ietf-opsawg-l3sm-l3nm]. - 3. The Controller takes orchestrated configuration parameters in the - L3NM network model and translates them into orchestrated - ("service decomposing operation" in ) configuration of network - elements that are part of, e.g., BGP, QoS, Network Instance - model, IP management, and interface models. + 3. The Controller takes the orchestrated configuration parameters in + the L3NM and translates them into orchestrated (Service + Decomposing in Section 4.4) configuration of network elements + that are part of, e.g., BGP, QoS, Network Instance, IP + management, and interface models. [I-D.ogondio-opsawg-uni-topology] can be used for representing, managing, and controlling the User Network Interface (UNI) topology. L3SM | Service | Model | +----------------------+--------------------------+ | +--------V--------+ | | | Service Mapping | | @@ -867,93 +945,94 @@ Note that a similar analysis can be performed for Layer 2 VPNs (L2VPNs). A L2VPN Service Model (L2SM) is defined in [RFC8466], while the L2VPN Network YANG Model (L2NM) is specified in [I-D.ietf-opsawg-l2nm]. 5.2. VN Lifecycle Management In reference to Figure 7, the following steps are performed to deliver the VN service within the network management automation - architecture defined in this document: + architecture defined in Section 4: - 1. Customer requests (service exposure operation in Section 4.1.1) - to create 'VN' based on Access point, association between VN and - Access point, VN member defined in the VN YANG module. + 1. A customer makes a request (Service Exposure in Section 4.1.1) to + create a VN. The association between the VN, APs, and VN members + is defined in the VN YANG module [I-D.ietf-teas-actn-vn-yang]. - 2. The orchestrator creates the single abstract node topology based - on the information captured in an VN YANG module. + 2. The Orchestrator creates the single abstract node topology based + on the information captured in the request. - 3. The Customer exchanges connectivity-matrix on abstract node and - explicit path using TE topology model with the orchestrator. - This information can be used to instantiate VN and setup tunnels - between source and destination endpoints (service creation - operation in Section 4.1.2). + 3. The customer exchanges with the Orchestrator the connectivity + matrix on the abstract node and explicit paths using the TE + topology model [RFC8795]. This information can be used to + instantiate the VN and setup tunnels between source and + destination endpoints (Service Creation in Section 4.1.2). 4. The telemetry model which augments the VN model and corresponding TE tunnel model can be used to subscribe to performance measurement data and notify all the parameter changes and network - performance change related to VN topology or Tunnel + performance changes related to VN topology or Tunnel [I-D.ietf-teas-actn-pm-telemetry-autonomics] and provide service - assurance (service optimization operation in Section 4.1.3). + assurance (Service Optimization in Section 4.1.4). | VN | Service | Model | +----------------------|--------------------------+ | Orchestrator | | | +--------V--------+ | | | Service Mapping | | | +-----------------+ | +----------------------+--------------------^-----+ - TE | Telemetry - Tunnel | Model + TE | Telemetry | + Tunnel | Model | Model | | +----------------------V--------------------+-----+ | Controller | | | +-------------------------------------------------+ +-----+ +-----+ +-----+ +-----+ | CE1 +------+ PE1 | | PE2 +------+ CE2 | +-----+ +-----+ +-----+ +-----+ Figure 7: A VN Service Delivery Example 5.3. Event-based Telemetry in the Device Self Management In reference to Figure 8, the following steps are performed to - monitor state changes of managed objects or resources in a network - device and provide device self-management within the network - management automation architecture defined in this document: + monitor state changes of managed resources in a network device and + provide device self-management within the network management + automation architecture defined in Section 4: 1. To control which state a network device should be in or is allowed to be in at any given time, a set of conditions and actions are defined and correlated with network events (e.g., allow the NETCONF server to send updates only when the value exceeds a certain threshold for the first time, but not again - until the threshold is cleared), which constitute ECA policy or - an event-driven policy control logic that can be executed on the - device (e.g., [I-D.wwx-netmod-event-yang]). + until the threshold is cleared), which constitute an + Event/Condition/Action (ECA) policy or an event-driven policy + control logic that can be executed on the device (e.g., + [I-D.wwx-netmod-event-yang]). 2. To provide rapid autonomic response that can exhibit self- - management properties, the controller pushes the ECA policy to - the network device and delegates network control logic to the + management properties, the Controller pushes the ECA policy to + the network device and delegates the network control logic to the network device. 3. The network device uses the ECA model to subscribe to the event source, e.g., an event stream or datastore state data conveyed to - the server via YANG Push subscription, monitors state parameters, - and takes simple and instant actions when associated event - condition on state parameters is met. ECA notifications can be - generated as the result of actions based on event stream + the server via YANG Push subscription [RFC8641], monitors state + parameters, and takes simple and instant actions when associated + event condition on state parameters is met. ECA notifications + can be generated as the result of actions based on event stream subscription or datastore subscription (model-driven telemetry operation discussed in Section 4.2.3). +----------------+ | <----+ | Controller | | +-------+--------+ | | | | | ECA | | ECA @@ -982,42 +1061,80 @@ The NETCONF access control model [RFC8341] provides the means to restrict access for particular NETCONF or RESTCONF users to a preconfigured subset of all available NETCONF or RESTCONF protocol operations and content. Security considerations specific to each of the technologies and protocols listed in the document are discussed in the specification documents of each of these protocols. - Security considerations specific to this document are listed below: + In order to prevent leaking sensitive information, special care + should be considered when translating between the various layers in + Section 4 or when aggregating data retrieved from various sources. + The network operator must enforce means to protect privacy-related + information included in customer-facing models. - o Create forwarding loops by mis-configuring the underlying network. + To detect misalignment between layers that might be induced by + misbehaving nodes, upper layers should continuously monitor the + perceived service (Section 4.1.4) and should proceed with checks to + assess that the provided service complies with the expected service + and that the data reported by an underlying layer is matching the + perceived service by the above layer. Typically, such checks are the + responsibility of the service diagnosis (Section 4.1.5). - o Leak sensitive information: special care should be considered when - translating between the various layers in Section 4 or when - aggregating data retrieved from various sources. The network - operator must enforce means to protect privacy-related information - included in cutsomer-facing models. + Additional considerations are discussed in the following subsections. + +6.1. Service Level + + A provider may rely on services offered by other providers to build + composite services. Appropriate mechanisms should be enabled by the + provider to monitor and detect a service disruption from these + providers. The characterization of a service disruption (including, + mean time between failures, mean time to repair), the escalation + procedure, and penalties are usually documented in contractual + agreements (e.g., Section 2.1 of [RFC4176]). Misbehaving peer + providers will thus be identified and appropriate countermeasures + will be applied. + +6.2. Network Level + + Security considerations specific to the network level are listed + below: + + o A controller may create forwarding loops by mis-configuring the + underlying network nodes. It is recommended to proceed with tests + to check the status of forwarding paths regularly or whenever + changes are made to routing or forwarding processes. Such checks + may be triggered from the service level owing to the means + discussed in Section 4.1.5. o Some Service Models may include a traffic isolation clause, - appropriate technology-specific actions must be enforced to avoid - that traffic is accessible to non-authorized parties. + appropriate technology-specific actions must be enforced at the + underlying network (and thus involved network devices) to avoid + that such traffic is accessible to non-authorized parties. + +6.3. Device Level + + Network operators should monitor and audit their networks to detect + misbehaving nodes and abnormal behaviors. For example, OAM discussed + in Section 4.1.5 can be used for that purpose. 7. IANA Considerations There are no IANA requests or assignments included in this document. 8. Acknowledgements Thanks to Joe Clark, Greg Mirsky, Shunsuke Homma, Brian Carpenter, - and Adrian Farrel for the review. + Adrian Farrel, Christian Huitema, Tommy Pauly, Ines Robles, and + Olivier Augizeau for the review. Many thanks to Robert Wilton for the detailed AD review. 9. Contributors Christian Jacquenet Orange Rennes, 35000 France Email: Christian.jacquenet@orange.com @@ -1102,40 +1219,47 @@ M. Sivakumar, "Yang Data Model for Multicast in MPLS/BGP IP VPNs", draft-ietf-bess-mvpn-yang-04 (work in progress), June 2020. [I-D.ietf-bfd-yang] Rahman, R., Zheng, L., Jethanandani, M., Pallagatti, S., and G. Mirsky, "YANG Data Model for Bidirectional Forwarding Detection (BFD)", draft-ietf-bfd-yang-17 (work in progress), August 2018. + [I-D.ietf-dots-rfc8782-bis] + Boucadair, M., Shallow, J., and T. Reddy.K, "Distributed + Denial-of-Service Open Threat Signaling (DOTS) Signal + Channel Specification", draft-ietf-dots-rfc8782-bis-01 + (work in progress), September 2020. + [I-D.ietf-i2rs-yang-l2-network-topology] Dong, J., Wei, X., WU, Q., Boucadair, M., and A. Liu, "A YANG Data Model for Layer 2 Network Topologies", draft- - ietf-i2rs-yang-l2-network-topology-17 (work in progress), - August 2020. + ietf-i2rs-yang-l2-network-topology-18 (work in progress), + September 2020. [I-D.ietf-idr-bgp-model] Jethanandani, M., Patel, K., Hares, S., and J. Haas, "BGP YANG Model for Service Provider Networks", draft-ietf-idr- bgp-model-09 (work in progress), June 2020. [I-D.ietf-ippm-capacity-metric-method] Morton, A., Geib, R., and L. Ciavattone, "Metrics and - Methods for IP Capacity", draft-ietf-ippm-capacity-metric- - method-03 (work in progress), August 2020. + Methods for One-way IP Capacity", draft-ietf-ippm- + capacity-metric-method-04 (work in progress), September + 2020. [I-D.ietf-ippm-stamp-yang] - Mirsky, G., Xiao, M., and W. Luo, "Simple Two-way Active + Mirsky, G., Min, X., and W. Luo, "Simple Two-way Active Measurement Protocol (STAMP) Data Model", draft-ietf-ippm- - stamp-yang-05 (work in progress), October 2019. + stamp-yang-06 (work in progress), October 2020. [I-D.ietf-ippm-twamp-yang] Civil, R., Morton, A., Rahman, R., Jethanandani, M., and K. Pentikousis, "Two-Way Active Measurement Protocol (TWAMP) Data Model", draft-ietf-ippm-twamp-yang-13 (work in progress), July 2018. [I-D.ietf-mpls-base-yang] Saad, T., Raza, K., Gandhi, R., Liu, X., and V. Beeram, "A YANG Data Model for MPLS Base", draft-ietf-mpls-base- @@ -1147,38 +1271,38 @@ progress), February 2020. [I-D.ietf-opsawg-l2nm] barguil, s., Dios, O., Boucadair, M., Munoz, L., Jalil, L., and J. Ma, "A Layer 2 VPN Network YANG Model", draft- ietf-opsawg-l2nm-00 (work in progress), July 2020. [I-D.ietf-opsawg-l3sm-l3nm] barguil, s., Dios, O., Boucadair, M., Munoz, L., and A. Aguado, "A Layer 3 VPN Network YANG Model", draft-ietf- - opsawg-l3sm-l3nm-03 (work in progress), April 2020. + opsawg-l3sm-l3nm-04 (work in progress), October 2020. [I-D.ietf-pim-igmp-mld-snooping-yang] Zhao, H., Liu, X., Liu, Y., Sivakumar, M., and A. Peter, "A Yang Data Model for IGMP and MLD Snooping", draft-ietf- pim-igmp-mld-snooping-yang-18 (work in progress), August 2020. [I-D.ietf-pim-yang] Liu, X., McAllister, P., Peter, A., Sivakumar, M., Liu, Y., and f. hu, "A YANG Data Model for Protocol Independent Multicast (PIM)", draft-ietf-pim-yang-17 (work in progress), May 2018. [I-D.ietf-rtgwg-policy-model] Qu, Y., Tantsura, J., Lindem, A., and X. Liu, "A YANG Data Model for Routing Policy Management", draft-ietf-rtgwg- - policy-model-21 (work in progress), September 2020. + policy-model-26 (work in progress), October 2020. [I-D.ietf-rtgwg-qos-model] Choudhary, A., Jethanandani, M., Strahle, N., Aries, E., and I. Chen, "YANG Model for QoS", draft-ietf-rtgwg-qos- model-02 (work in progress), July 2020. [I-D.ietf-spring-sr-yang] Litkowski, S., Qu, Y., Lindem, A., Sarkar, P., and J. Tantsura, "YANG Data Model for Segment Routing", draft- ietf-spring-sr-yang-22 (work in progress), August 2020. @@ -1189,24 +1313,24 @@ Monitoring Telemetry and Scaling Intent Autonomics", draft-ietf-teas-actn-pm-telemetry-autonomics-03 (work in progress), July 2020. [I-D.ietf-teas-actn-vn-yang] Lee, Y., Dhody, D., Ceccarelli, D., Bryskin, I., and B. Yoon, "A YANG Data Model for VN Operation", draft-ietf- teas-actn-vn-yang-09 (work in progress), July 2020. [I-D.ietf-teas-yang-path-computation] - Busi, I., Belotti, S., Lopezalvarez, V., Sharma, A., and - Y. Shi, "Yang model for requesting Path Computation", - draft-ietf-teas-yang-path-computation-10 (work in - progress), July 2020. + Busi, I., Belotti, S., Lopez, V., Sharma, A., and Y. Shi, + "Yang model for requesting Path Computation", draft-ietf- + teas-yang-path-computation-10 (work in progress), July + 2020. [I-D.ietf-teas-yang-rsvp-te] Beeram, V., Saad, T., Gandhi, R., Liu, X., Bryskin, I., and H. Shah, "A YANG Data Model for RSVP-TE Protocol", draft-ietf-teas-yang-rsvp-te-08 (work in progress), March 2020. [I-D.ietf-teas-yang-te] Saad, T., Gandhi, R., Liu, X., Beeram, V., and I. Bryskin, "A YANG Data Model for Traffic Engineering Tunnels, Label @@ -1230,20 +1354,30 @@ Xu, "A YANG Model for Network and VPN Service Performance Monitoring", draft-www-bess-yang-vpn-service-pm-06 (work in progress), April 2020. [I-D.wwx-netmod-event-yang] Bierman, A., WU, Q., Bryskin, I., Birkholz, H., Liu, X., and B. Claise, "A YANG Data model for ECA Policy Management", draft-wwx-netmod-event-yang-09 (work in progress), July 2020. + [IPPM] IANA, "Performance Metrics", March 2020, + . + + [RFC4176] El Mghazli, Y., Ed., Nadeau, T., Boucadair, M., Chan, K., + and A. Gonguet, "Framework for Layer 3 Virtual Private + Networks (L3VPN) Operations and Management", RFC 4176, + DOI 10.17487/RFC4176, October 2005, + . + [RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February 2006, . [RFC4664] Andersson, L., Ed. and E. Rosen, Ed., "Framework for Layer 2 Virtual Private Networks (L2VPNs)", RFC 4664, DOI 10.17487/RFC4664, September 2006, . [RFC4761] Kompella, K., Ed. and Y. Rekhter, Ed., "Virtual Private @@ -1297,20 +1431,25 @@ [RFC7317] Bierman, A. and M. Bjorklund, "A YANG Data Model for System Management", RFC 7317, DOI 10.17487/RFC7317, August 2014, . [RFC7455] Senevirathne, T., Finn, N., Salam, S., Kumar, D., Eastlake 3rd, D., Aldrin, S., and Y. Li, "Transparent Interconnection of Lots of Links (TRILL): Fault Management", RFC 7455, DOI 10.17487/RFC7455, March 2015, . + [RFC7665] Halpern, J., Ed. and C. Pignataro, Ed., "Service Function + Chaining (SFC) Architecture", RFC 7665, + DOI 10.17487/RFC7665, October 2015, + . + [RFC7679] Almes, G., Kalidindi, S., Zekauskas, M., and A. Morton, Ed., "A One-Way Delay Metric for IP Performance Metrics (IPPM)", STD 81, RFC 7679, DOI 10.17487/RFC7679, January 2016, . [RFC7680] Almes, G., Kalidindi, S., Zekauskas, M., and A. Morton, Ed., "A One-Way Loss Metric for IP Performance Metrics (IPPM)", STD 82, RFC 7680, DOI 10.17487/RFC7680, January 2016, . @@ -1412,20 +1551,24 @@ Raghavan, "A YANG Data Model for Retrieval Methods for the Management of Operations, Administration, and Maintenance (OAM) Protocols That Use Connectionless Communications", RFC 8533, DOI 10.17487/RFC8533, April 2019, . [RFC8632] Vallin, S. and M. Bjorklund, "A YANG Data Model for Alarm Management", RFC 8632, DOI 10.17487/RFC8632, September 2019, . + [RFC8641] Clemm, A. and E. Voit, "Subscription to YANG Notifications + for Datastore Updates", RFC 8641, DOI 10.17487/RFC8641, + September 2019, . + [RFC8652] Liu, X., Guo, F., Sivakumar, M., McAllister, P., and A. Peter, "A YANG Data Model for the Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD)", RFC 8652, DOI 10.17487/RFC8652, November 2019, . [RFC8675] Boucadair, M., Farrer, I., and R. Asati, "A YANG Data Model for Tunnel Interface Types", RFC 8675, DOI 10.17487/RFC8675, November 2019, . @@ -1433,20 +1576,24 @@ [RFC8676] Farrer, I., Ed. and M. Boucadair, Ed., "YANG Modules for IPv4-in-IPv6 Address plus Port (A+P) Softwires", RFC 8676, DOI 10.17487/RFC8676, November 2019, . [RFC8783] Boucadair, M., Ed. and T. Reddy.K, Ed., "Distributed Denial-of-Service Open Threat Signaling (DOTS) Data Channel Specification", RFC 8783, DOI 10.17487/RFC8783, May 2020, . + [RFC8791] Bierman, A., Bjoerklund, M., and K. Watsen, "YANG Data + Structure Extensions", RFC 8791, DOI 10.17487/RFC8791, + June 2020, . + [RFC8795] Liu, X., Bryskin, I., Beeram, V., Saad, T., Shah, H., and O. Gonzalez de Dios, "YANG Data Model for Traffic Engineering (TE) Topologies", RFC 8795, DOI 10.17487/RFC8795, August 2020, . Appendix A. Layered YANG Modules Examples Overview This appendix lists a set of YANG data models that can be used for the delivery of connectivity services. These models can be @@ -1474,30 +1622,30 @@ transfer capability characterized by a (Source Nets, Destination Nets, Guarantees, Scope) tuple where "Source Nets" is a group of unicast IP addresses, "Destination Nets" is a group of IP unicast and/or multicast addresses, and "Guarantees" reflects the guarantees (expressed in terms of QoS, performance, and availability, for example) to properly forward traffic to the said "Destination" [RFC7297]. For example: - o The L3SM model [RFC8299] defines the L3VPN service ordered by a - customer from a network operator. + o The L3SM [RFC8299] defines the L3VPN service ordered by a customer + from a network operator. - o The L2SM model [RFC8466] defines the L2VPN service ordered by a - customer from a network operator. + o The L2SM [RFC8466] defines the L2VPN service ordered by a customer + from a network operator. o The Virtual Network (VN) model [I-D.ietf-teas-actn-vn-yang] provides a YANG data model applicable to any mode of VN operation. - L2SM and L3SM are customer service models as per [RFC8309]. + L2SM and L3SM are customer Service Models as per [RFC8309]. A.2. Schema Mount Modularity and extensibility were among the leading design principles of the YANG data modeling language. As a result, the same YANG module can be combined with various sets of other modules and thus form a data model that is tailored to meet the requirements of a specific use case. [RFC8528] defines a mechanism, denoted schema mount, that allows for mounting one data model consisting of any number of YANG modules at a specified location of another (parent)