From 5655e98920455deb9e5dc1ff636fe031ae1d31d7 Mon Sep 17 00:00:00 2001 From: Dan Ameme Date: Thu, 24 Oct 2024 22:04:18 +0000 Subject: [PATCH 1/4] Add policy forwarding for next hop match and GUE encapsulation action --- release/models/aft/.spec.yml | 1 - release/models/aft/openconfig-aft-common.yang | 32 +-- .../models/aft/openconfig-aft-ethernet.yang | 8 +- release/models/aft/openconfig-aft-ipv4.yang | 8 +- release/models/aft/openconfig-aft-ipv6.yang | 8 +- release/models/aft/openconfig-aft-mpls.yang | 8 +- release/models/aft/openconfig-aft-pf.yang | 8 +- .../aft/openconfig-aft-state-synced.yang | 8 +- release/models/aft/openconfig-aft-types.yang | 107 --------- release/models/aft/openconfig-aft.yang | 8 +- .../openconfig-pf-forwarding-policies.yang | 209 +++++++++++++++++- .../openconfig-pf-interfaces.yang | 8 +- .../openconfig-pf-path-groups.yang | 8 +- .../openconfig-policy-forwarding.yang | 8 +- release/models/types/openconfig-types.yang | 50 ++++- 15 files changed, 346 insertions(+), 133 deletions(-) delete mode 100644 release/models/aft/openconfig-aft-types.yang diff --git a/release/models/aft/.spec.yml b/release/models/aft/.spec.yml index fd1079c0b..8a739de04 100644 --- a/release/models/aft/.spec.yml +++ b/release/models/aft/.spec.yml @@ -1,7 +1,6 @@ - name: openconfig-aft docs: - yang/aft/openconfig-aft.yang - - yang/aft/openconfig-aft-types.yang - yang/aft/openconfig-aft-summary.yang build: - yang/network-instance/openconfig-network-instance.yang diff --git a/release/models/aft/openconfig-aft-common.yang b/release/models/aft/openconfig-aft-common.yang index ee27c1bb8..989fa0ecc 100644 --- a/release/models/aft/openconfig-aft-common.yang +++ b/release/models/aft/openconfig-aft-common.yang @@ -9,7 +9,7 @@ submodule openconfig-aft-common { import openconfig-inet-types { prefix "oc-inet"; } import openconfig-mpls-types { prefix "oc-mplst"; } import openconfig-policy-types { prefix "oc-pol-types"; } - import openconfig-aft-types { prefix "oc-aftt"; } + import openconfig-types { prefix oc-types; } import openconfig-evpn-types { prefix "oc-evpn-types"; } organization @@ -23,7 +23,13 @@ submodule openconfig-aft-common { "Submodule containing definitions of groupings that are re-used across multiple contexts within the AFT model."; - oc-ext:openconfig-version "2.8.0"; + oc-ext:openconfig-version "2.9.0"; + + revision "2024-10-20" { + description + "Add support for policy forwarding match on next hop and GUE encapsulation action."; + reference "2.9.0"; + } revision "2024-09-19" { description @@ -309,7 +315,7 @@ submodule openconfig-aft-common { } container gre { - when "../state/type = 'oc-aftt:GRE'"; + when "../state/type = 'oc-types:GRE'"; description "Container of nodes for GRE encapsulation."; @@ -322,7 +328,7 @@ submodule openconfig-aft-common { } container ipv4 { - when "../state/type = 'oc-aftt:IPV4'"; + when "../state/type = 'oc-types:IPV4'"; description "Container of nodes for UDP in IPv4 encapsulation. When this container is used, an IPv4 packet with no transport header @@ -337,7 +343,7 @@ submodule openconfig-aft-common { } container ipv6 { - when "../state/type = 'oc-aftt:IPV6'"; + when "../state/type = 'oc-types:IPV6'"; description "Container of nodes for UDP in IPv6 encapsulation. When this container is used, an IPv6 packet with no transport header @@ -352,7 +358,7 @@ submodule openconfig-aft-common { } container mpls { - when "../state/type = 'oc-aftt:MPLS'"; + when "../state/type = 'oc-types:MPLS'"; description "Container of nodes for MPLS encapsulation."; @@ -365,7 +371,7 @@ submodule openconfig-aft-common { } container udp-v4 { - when "../state/type = 'oc-aftt:UDPV4'"; + when "../state/type = 'oc-types:UDPV4'"; description "Container of nodes for UDP in IPv4 encapsulation. When this container is used, an IPv4 header with a UDP header is added @@ -381,7 +387,7 @@ submodule openconfig-aft-common { } container udp-v6 { - when "../state/type = 'oc-aftt:UDPV6'"; + when "../state/type = 'oc-types:UDPV6'"; description "Container of nodes for UDP in IPv6 encapsulation. When this container is used, an IPv6 header with a UDP header is added @@ -397,7 +403,7 @@ submodule openconfig-aft-common { } container vxlan { - when "../state/type = 'oc-aftt:VXLAN'"; + when "../state/type = 'oc-types:VXLAN'"; description "Container of nodes for VXLAN encapsulation."; @@ -428,7 +434,7 @@ submodule openconfig-aft-common { } leaf type { - type oc-aftt:encapsulation-header-type; + type oc-types:encapsulation-header-type; description "Defines which type of packet header should be used."; } @@ -577,7 +583,7 @@ submodule openconfig-aft-common { } leaf encapsulate-header { - type oc-aftt:encapsulation-header-type; + type oc-types:encapsulation-header-type; description "When forwarding a packet to the specified next-hop the local system performs an encapsulation of the packet - adding the @@ -590,7 +596,7 @@ submodule openconfig-aft-common { } leaf decapsulate-header { - type oc-aftt:encapsulation-header-type; + type oc-types:encapsulation-header-type; description "When forwarding a packet to the specified next-hop, the local system performs a decapsulation of the packet - removing the @@ -780,7 +786,7 @@ submodule openconfig-aft-common { uses aft-common-install-protocol; leaf decapsulate-header { - type oc-aftt:encapsulation-header-type; + type oc-types:encapsulation-header-type; description "When forwarding a packet to the specified next-hop, the local system performs a decapsulation of the packet - removing the diff --git a/release/models/aft/openconfig-aft-ethernet.yang b/release/models/aft/openconfig-aft-ethernet.yang index 52d038a62..79ba11af8 100644 --- a/release/models/aft/openconfig-aft-ethernet.yang +++ b/release/models/aft/openconfig-aft-ethernet.yang @@ -20,7 +20,13 @@ submodule openconfig-aft-ethernet { "Submodule containing definitions of groupings for the abstract forwarding tables for Ethernet."; - oc-ext:openconfig-version "2.8.0"; + oc-ext:openconfig-version "2.9.0"; + + revision "2024-10-20" { + description + "Add support for policy forwarding match on next hop and GUE encapsulation action."; + reference "2.9.0"; + } revision "2024-09-19" { description diff --git a/release/models/aft/openconfig-aft-ipv4.yang b/release/models/aft/openconfig-aft-ipv4.yang index 43c19f6a5..8a1554baa 100644 --- a/release/models/aft/openconfig-aft-ipv4.yang +++ b/release/models/aft/openconfig-aft-ipv4.yang @@ -20,7 +20,13 @@ submodule openconfig-aft-ipv4 { "Submodule containing definitions of groupings for the abstract forwarding tables for IPv4."; - oc-ext:openconfig-version "2.8.0"; + oc-ext:openconfig-version "2.9.0"; + + revision "2024-10-20" { + description + "Add support for policy forwarding match on next hop and GUE encapsulation action."; + reference "2.9.0"; + } revision "2024-09-19" { description diff --git a/release/models/aft/openconfig-aft-ipv6.yang b/release/models/aft/openconfig-aft-ipv6.yang index f68138234..fb76a2054 100644 --- a/release/models/aft/openconfig-aft-ipv6.yang +++ b/release/models/aft/openconfig-aft-ipv6.yang @@ -20,7 +20,13 @@ submodule openconfig-aft-ipv6 { "Submodule containing definitions of groupings for the abstract forwarding tables for IPv6."; - oc-ext:openconfig-version "2.8.0"; + oc-ext:openconfig-version "2.9.0"; + + revision "2024-10-20" { + description + "Add support for policy forwarding match on next hop and GUE encapsulation action."; + reference "2.9.0"; + } revision "2024-09-19" { description diff --git a/release/models/aft/openconfig-aft-mpls.yang b/release/models/aft/openconfig-aft-mpls.yang index add842110..0f72cd2b5 100644 --- a/release/models/aft/openconfig-aft-mpls.yang +++ b/release/models/aft/openconfig-aft-mpls.yang @@ -21,7 +21,13 @@ submodule openconfig-aft-mpls { "Submodule containing definitions of groupings for the abstract forwarding table for MPLS label forwarding."; - oc-ext:openconfig-version "2.8.0"; + oc-ext:openconfig-version "2.9.0"; + + revision "2024-10-20" { + description + "Add support for policy forwarding match on next hop and GUE encapsulation action."; + reference "2.9.0"; + } revision "2024-09-19" { description diff --git a/release/models/aft/openconfig-aft-pf.yang b/release/models/aft/openconfig-aft-pf.yang index 8534f84fa..bba441a5a 100644 --- a/release/models/aft/openconfig-aft-pf.yang +++ b/release/models/aft/openconfig-aft-pf.yang @@ -28,7 +28,13 @@ submodule openconfig-aft-pf { fields other than the destination address that is used in other forwarding tables."; - oc-ext:openconfig-version "2.8.0"; + oc-ext:openconfig-version "2.9.0"; + + revision "2024-10-20" { + description + "Add support for policy forwarding match on next hop and GUE encapsulation action."; + reference "2.9.0"; + } revision "2024-09-19" { description diff --git a/release/models/aft/openconfig-aft-state-synced.yang b/release/models/aft/openconfig-aft-state-synced.yang index 5901b2c1e..881849ec3 100644 --- a/release/models/aft/openconfig-aft-state-synced.yang +++ b/release/models/aft/openconfig-aft-state-synced.yang @@ -16,7 +16,13 @@ submodule openconfig-aft-state-synced { "Submodule containing definitions of groupings for the state synced signals corresponding to various abstract forwarding tables."; - oc-ext:openconfig-version "2.8.0"; + oc-ext:openconfig-version "2.9.0"; + + revision "2024-10-20" { + description + "Add support for policy forwarding match on next hop and GUE encapsulation action."; + reference "2.9.0"; + } revision "2024-09-19" { description diff --git a/release/models/aft/openconfig-aft-types.yang b/release/models/aft/openconfig-aft-types.yang deleted file mode 100644 index 56d920b5f..000000000 --- a/release/models/aft/openconfig-aft-types.yang +++ /dev/null @@ -1,107 +0,0 @@ -module openconfig-aft-types { - - namespace "http://openconfig.net/yang/fib-types"; - prefix "oc-aftt"; - - import openconfig-extensions { prefix "oc-ext"; } - - organization - "OpenConfig Working Group"; - - contact - "OpenConfig Working Group - www.openconfig.net"; - - description - "Types related to the OpenConfig Abstract Forwarding - Table (AFT) model"; - - oc-ext:openconfig-version "1.2.0"; - - revision "2024-07-18" { - description - "Add MPLS in UDP enums for encapsulate-header."; - reference "1.2.0"; - } - - revision "2022-05-05" { - description - "Add network-instance and decapsulate-header in NH AFT entry state"; - reference "1.1.0"; - } - - revision "2021-08-24" { - description - "Add vxlan to next-hops encapsulation-header-type."; - reference "0.3.5"; - } - - revision "2019-11-07" { - description - "Move lsp-name leaf out of aft-common-entry-nexthop-state group."; - reference "0.3.4"; - } - - revision "2019-08-01" { - description - "Add lsp-name leaf to AFT next-hop."; - reference "0.3.3"; - } - - revision "2018-11-21" { - description - "Add OpenConfig module metadata extensions."; - reference "0.3.2"; - } - - revision 2017-08-24 { - description - "Formatting fixes"; - reference "0.3.1"; - } - - revision 2017-05-10 { - description - "Refactor to provide concretised per-AF schemas per AFT."; - reference "0.3.0"; - } - - // OpenConfig specific extensions for module metadata. - oc-ext:regexp-posix; - oc-ext:catalog-organization "openconfig"; - oc-ext:origin "openconfig"; - - typedef encapsulation-header-type { - type enumeration { - enum GRE { - description - "The encapsulation header is a Generic Routing Encapsulation - header."; - } - enum IPV4 { - description - "The encapsulation header is an IPv4 packet header"; - } - enum IPV6 { - description - "The encapsulation header is an IPv6 packet header"; - } - enum MPLS { - description - "The encapsulation header is one or more MPLS labels indicated - by the pushed and popped label stack lists."; - } - enum VXLAN { - description - "The encapsulation header is a VXLAN packet header"; - } - enum UDP { - description - "The encapsulation header is UDP packet header."; - } - } - description - "Types of tunnel encapsulation that are supported by systems as either - head- or tail-end."; - } -} diff --git a/release/models/aft/openconfig-aft.yang b/release/models/aft/openconfig-aft.yang index d00303963..d72bcceef 100644 --- a/release/models/aft/openconfig-aft.yang +++ b/release/models/aft/openconfig-aft.yang @@ -42,7 +42,13 @@ module openconfig-aft { is referred to as an Abstract Forwarding Table (AFT), rather than the FIB."; - oc-ext:openconfig-version "2.8.0"; + oc-ext:openconfig-version "2.9.0"; + + revision "2024-10-20" { + description + "Add support for policy forwarding match on next hop and GUE encapsulation action."; + reference "2.9.0"; + } revision "2024-09-19" { description diff --git a/release/models/policy-forwarding/openconfig-pf-forwarding-policies.yang b/release/models/policy-forwarding/openconfig-pf-forwarding-policies.yang index 9485ab3c4..04622f798 100644 --- a/release/models/policy-forwarding/openconfig-pf-forwarding-policies.yang +++ b/release/models/policy-forwarding/openconfig-pf-forwarding-policies.yang @@ -7,6 +7,7 @@ submodule openconfig-pf-forwarding-policies { import openconfig-packet-match { prefix "oc-pmatch"; } import openconfig-yang-types { prefix "oc-yang"; } import openconfig-inet-types { prefix "oc-inet"; } + import openconfig-types { prefix oc-types; } include openconfig-pf-path-groups; @@ -21,7 +22,13 @@ submodule openconfig-pf-forwarding-policies { "This submodule contains configuration and operational state relating to the definition of policy-forwarding policies."; - oc-ext:openconfig-version "0.6.1"; + oc-ext:openconfig-version "0.7.0"; + + revision "2024-10-20" { + description + "Add support for policy forwarding match on next hop and GUE encapsulation action."; + reference "0.7.0"; + } revision "2023-04-25" { description @@ -162,6 +169,7 @@ submodule openconfig-pf-forwarding-policies { uses oc-pmatch:ipv4-protocol-fields-top; uses oc-pmatch:ipv6-protocol-fields-top; uses oc-pmatch:transport-fields-top; + uses pf-match-next-hop-groups-config; container action { description @@ -184,6 +192,7 @@ submodule openconfig-pf-forwarding-policies { } uses pf-forwarding-policy-action-encapsulate-gre; + uses pf-forwarding-policy-action-encapsulate; } } } @@ -518,4 +527,202 @@ submodule openconfig-pf-forwarding-policies { encapsulating the packet matching the rule."; } } + + grouping pf-forwarding-policy-action-encapsulate { + description + "Configuration parameters for the encapsulate forwarding + policy action."; + + container encap-headers { + description + "Container for packet encapsulation headers. When leaves in this + container are populated, packets matching the policy rule indicates + encapsulation of the packet is performed using a stack of one or more + headers defined in the list encap-header. + + Each entry in the list must indicate an encapsulation type and + populate a container with the parameters for that encapsulation + header."; + + list encap-header { + description + "A list of headers added on top of a packet ordered by the + index value. The inner-most header is the 0th value and is + adjacent to the original packet. Additional headers may be + added in index order. + + For example, in an encapsulation stack for MPLS in UDPv4, the + first index in the list is the MPLS header and the second + index is a UDPv4 header."; + + key "index"; + + leaf index { + type leafref { + path "../config/index"; + } + description + "A unique index identifying an encapsulation header in a stack + of encapsulation headers."; + } + + container config { + description + "Config parameters relating to encapsulation headers."; + + uses pf-encap-headers-config; + } + + container state { + config false; + description + "State parameters relating to encapsulation headers."; + + uses pf-encap-headers-config; + } + + container udp-v4 { + when "../config/type = 'oc-types:UDP'"; + description + "Container of nodes for UDP in IPv4 encapsulation. When this + container is used, an IPv4 header with a UDP header is added + to the encapsulation list."; + + container config { + description + "Config parameters relating to UDP in IPv4 encapsulation + headers."; + + uses pf-encap-udp-v4-config; + } + + container state { + config false; + description + "State parameters relating to UDP in IPv4 encapsulation + headers."; + + uses pf-encap-udp-v4-config; + } + } + } + } + } + + grouping pf-encap-headers-config { + description + "Configuration parameters parameters relating to encapsulation headers."; + + leaf index { + type uint8; + description + "A pointer to an entry in an ordered list of encapsulation headers."; + } + + leaf type { + type oc-types:encapsulation-header-type; + description + "Defines which type of packet header should be used."; + } + } + + grouping pf-encap-udp-v4-config { + description + "Configuration parameters relating to UDP in IPv4 encapsulation headers."; + + leaf src-ip { + type oc-inet:ipv4-prefix; + description + "The source IPv4 address to use for the UDP header."; + } + + leaf dst-ip { + type oc-inet:ipv4-prefix; + description + "The destination IPv4 address to use for the UDP header."; + } + + leaf dscp { + type oc-inet:dscp; + description + "Value of diffserv codepoint to use for the UDP header."; + } + + leaf ip-ttl { + type uint8; + description + "The TTL value to use for the UDP header."; + } + + leaf src-udp-port { + type uint16; + description + "The source port to use for the UDP header."; + } + + leaf dst-udp-port { + type uint16; + description + "The destination port to use for the UDP header."; + } + } + + grouping pf-match-next-hop-groups-config { + description + "Configuration parameters relating matching next-hop of a packet."; + + container next-hop-groups { + description + "Container for groups of next-hops."; + + list next-hop-group { + description + "A next-hop that a packet can be sent to. This is used when + a match needs to be made of the next hop of a prefix instead of a + field in a packet header."; + + key "index"; + + leaf index { + type leafref { + path "../config/index"; + } + description + "A unique index identifying a next-hop-group entry."; + } + + container config { + description + "Config parameters relating to a next-hop-group."; + + uses pf-next-hop-groups-config; + } + + container state { + config false; + description + "State parameters relating to a next-hop-group."; + + uses pf-next-hop-groups-config; + } + } + } + } + + grouping pf-next-hop-groups-config { + description + "Configuration parameters relating to next-hop groups."; + + leaf index { + type uint8; + description + "A pointer to an entry in an ordered list of next-hop-groups."; + } + + leaf ip-address { + type oc-inet:ip-address; + description + "The next-hop IP address to send the packet to."; + } + } } diff --git a/release/models/policy-forwarding/openconfig-pf-interfaces.yang b/release/models/policy-forwarding/openconfig-pf-interfaces.yang index 705e7f795..602eaee82 100644 --- a/release/models/policy-forwarding/openconfig-pf-interfaces.yang +++ b/release/models/policy-forwarding/openconfig-pf-interfaces.yang @@ -19,7 +19,13 @@ submodule openconfig-pf-interfaces { "This submodule contains groupings related to the association between interfaces and policy forwarding rules."; - oc-ext:openconfig-version "0.6.1"; + oc-ext:openconfig-version "0.7.0"; + + revision "2024-10-20" { + description + "Add support for policy forwarding match on next hop and GUE encapsulation action."; + reference "0.7.0"; + } revision "2023-04-25" { description diff --git a/release/models/policy-forwarding/openconfig-pf-path-groups.yang b/release/models/policy-forwarding/openconfig-pf-path-groups.yang index c1c9283cb..84cff914c 100644 --- a/release/models/policy-forwarding/openconfig-pf-path-groups.yang +++ b/release/models/policy-forwarding/openconfig-pf-path-groups.yang @@ -18,7 +18,13 @@ submodule openconfig-pf-path-groups { forwarding entities together to be used as policy forwarding targets."; - oc-ext:openconfig-version "0.6.1"; + oc-ext:openconfig-version "0.7.0"; + + revision "2024-10-20" { + description + "Add support for policy forwarding match on next hop and GUE encapsulation action."; + reference "0.7.0"; + } revision "2023-04-25" { description diff --git a/release/models/policy-forwarding/openconfig-policy-forwarding.yang b/release/models/policy-forwarding/openconfig-policy-forwarding.yang index c6d37209a..f46f364b9 100644 --- a/release/models/policy-forwarding/openconfig-policy-forwarding.yang +++ b/release/models/policy-forwarding/openconfig-policy-forwarding.yang @@ -81,7 +81,13 @@ module openconfig-policy-forwarding { The forwarding action of the corresponding policy is set to PATH_GROUP and references the configured group of LSPs."; - oc-ext:openconfig-version "0.6.1"; + oc-ext:openconfig-version "0.7.0"; + + revision "2024-10-20" { + description + "Add support for policy forwarding match on next hop and GUE encapsulation action."; + reference "0.7.0"; + } revision "2023-04-25" { description diff --git a/release/models/types/openconfig-types.yang b/release/models/types/openconfig-types.yang index a146b9b76..c7346f966 100644 --- a/release/models/types/openconfig-types.yang +++ b/release/models/types/openconfig-types.yang @@ -21,7 +21,13 @@ module openconfig-types { are used across OpenConfig models. It can be imported by modules that make use of these types."; - oc-ext:openconfig-version "1.0.0"; + oc-ext:openconfig-version "1.1.0"; + + revision "2024-10-20" { + description + "Add support for policy forwarding match on next hop and GUE encapsulation action."; + reference "1.1.0"; + } revision "2024-01-31" { description @@ -164,6 +170,48 @@ module openconfig-types { avg/min/max stats are computed and reported."; } + typedef encapsulation-header-type { + type enumeration { + enum GRE { + description + "The encapsulation header is a Generic Routing Encapsulation + header."; + } + enum IPV4 { + description + "The encapsulation header is an IPv4 packet header"; + } + enum IPV6 { + description + "The encapsulation header is an IPv6 packet header"; + } + enum MPLS { + description + "The encapsulation header is one or more MPLS labels indicated + by the pushed and popped label stack lists."; + } + enum VXLAN { + description + "The encapsulation header is a VXLAN packet header"; + } + enum UDP { + description + "The encapsulation header is UDP packet header."; + } + enum UDPV4 { + description + "The encapsulation header is UDP packet header followed by IPv4 packet header."; + } + enum UDPV6 { + description + "The encapsulation header is UDP packet header followed by IPv6 packet header."; + } + } + description + "Types of tunnel encapsulation that are supported by systems as either + head- or tail-end."; + } + grouping stat-interval-state { description "Reusable leaf definition for stats computation interval"; From 927341a100b086c47e2ba7ff2fb19c19457c8d4f Mon Sep 17 00:00:00 2001 From: Dan Ameme Date: Tue, 29 Oct 2024 14:54:44 +0000 Subject: [PATCH 2/4] Add policy forwarding for next hop match and GUE encapsulation action --- .../openconfig-pf-forwarding-policies.yang | 269 +++++++++++++++++- 1 file changed, 254 insertions(+), 15 deletions(-) diff --git a/release/models/policy-forwarding/openconfig-pf-forwarding-policies.yang b/release/models/policy-forwarding/openconfig-pf-forwarding-policies.yang index 04622f798..352eb526f 100644 --- a/release/models/policy-forwarding/openconfig-pf-forwarding-policies.yang +++ b/release/models/policy-forwarding/openconfig-pf-forwarding-policies.yang @@ -581,6 +581,94 @@ submodule openconfig-pf-forwarding-policies { uses pf-encap-headers-config; } + container gre { + when "../config/type = 'oc-types:GRE'"; + description + "Container of nodes for GRE encapsulation."; + + container config { + description + "Config parameters relating to GRE encapsulation headers."; + + uses pf-encap-gre-config; + } + + container state { + config false; + description + "State parameters relating to GRE encapsulation headers."; + + uses pf-encap-gre-config; + } + } + + container ipv4 { + when "../config/type = 'oc-types:IPV4'"; + description + "Container of nodes for IPv4 encapsulation. When this + container is used, an IPv4 packet with no transport header + is added to the encapsulation list."; + + container config { + description + "Config parameters relating to IP encapsulation headers."; + + uses pf-encap-ip-config; + } + + container state { + config false; + description + "State parameters relating to IP encapsulation headers."; + + uses pf-encap-ip-config; + } + } + + container ipv6 { + when "../config/type = 'oc-types:IPV6'"; + description + "Container of nodes for IPv6 encapsulation. When this + container is used, an IPv6 packet with no transport header + is added to the encapsulation list."; + + container config { + description + "Config parameters relating to IP encapsulation headers."; + + uses pf-encap-ip-config; + } + + container state { + config false; + description + "State parameters relating to IP encapsulation headers."; + + uses pf-encap-ip-config; + } + } + + container mpls { + when "../config/type = 'oc-types:MPLS'"; + description + "Container of nodes for MPLS encapsulation."; + + container config { + description + "Config parameters relating to MPLS encapsulation headers."; + + uses pf-encap-mpls-config; + } + + container state { + config false; + description + "State parameters relating to MPLS encapsulation headers."; + + uses pf-encap-mpls-config; + } + } + container udp-v4 { when "../config/type = 'oc-types:UDP'"; description @@ -593,7 +681,7 @@ submodule openconfig-pf-forwarding-policies { "Config parameters relating to UDP in IPv4 encapsulation headers."; - uses pf-encap-udp-v4-config; + uses pf-encap-udp-config; } container state { @@ -602,7 +690,53 @@ submodule openconfig-pf-forwarding-policies { "State parameters relating to UDP in IPv4 encapsulation headers."; - uses pf-encap-udp-v4-config; + uses pf-encap-udp-config; + } + } + + container udp-v6 { + when "../config/type = 'oc-types:UDP'"; + description + "Container of nodes for UDP in IPv6 encapsulation. When this + container is used, an IPv6 header with a UDP header is added + to the encapsulation list."; + + container config { + description + "Config parameters relating to UDP in IPv6 encapsulation + headers."; + + uses pf-encap-udp-config; + } + + container state { + config false; + description + "State parameters relating to UDP in IPv6 encapsulation + headers."; + + uses pf-encap-udp-config; + } + } + + container vxlan { + when "../config/type = 'oc-types:VXLAN'"; + description + "Container of nodes for VXLAN encapsulation."; + + container config { + description + "Config parameters relating to VXLAN encapsulation headers."; + + uses pf-encap-vxlan-config; + } + + container state { + config false; + description + "State parameters relating to VXLAN encapsulation headers."; + + uses pf-encap-vxlan-config; } } } @@ -626,44 +760,149 @@ submodule openconfig-pf-forwarding-policies { } } - grouping pf-encap-udp-v4-config { + grouping pf-encap-gre-config { + description + "Configuration parameters relating to GRE encapsulation headers."; + + leaf src-ip { + type oc-inet:ip-address; + description + "The source IP address to use for the GRE encapsulated packet."; + } + + leaf dst-ip { + type oc-inet:ip-address; + description + "The destination IP address to use for the GRE encapsulated packet."; + } + + leaf ip-ttl { + type uint8; + description + "This leaf reflects the configured/default TTL value that is used in the + outer header during packet encapsulation. When this leaf is not set, + the TTL value of the inner packet is copied over as the outer packet's + TTL value during encapsulation."; + } + } + + grouping pf-encap-ip-config { + description + "Configuration parameters relating to IP encapsulation headers."; + + leaf src-ip { + type oc-inet:ip-address; + description + "Source IP address to use for the encapsulated packet."; + } + + leaf dst-ip { + type oc-inet:ip-address; + description + "Destination IP address to use for the encapsulated packet."; + } + } + + grouping pf-encap-mpls-config { + description + "MPLS encapsulation of a packet."; + + leaf traffic-class { + type oc-mplst:mpls-tc; + description + "The value of the MPLS traffic class (TC) bits, formerly known as the + EXP bits."; + } + + leaf label { + type oc-mplst:mpls-label; + description + "The value of the MPLS label."; + } + + leaf mpls-ttl { + type uint8; + description + "The TTL value to use for the MPLS header."; + } + } + + grouping pf-encap-udp-config { description "Configuration parameters relating to UDP in IPv4 encapsulation headers."; leaf src-ip { - type oc-inet:ipv4-prefix; + type oc-inet:ip-address; description - "The source IPv4 address to use for the UDP header."; + "The source IP address for IP/UDP encapsulation."; } leaf dst-ip { - type oc-inet:ipv4-prefix; + type oc-inet:ip-address; description - "The destination IPv4 address to use for the UDP header."; + "The destination IP address for IP/UDP encapsulation."; } leaf dscp { type oc-inet:dscp; description - "Value of diffserv codepoint to use for the UDP header."; + "DSCP value to use for the UDP header of the encapsulated + packet."; + } + + leaf src-udp-port { + type oc-inet:port-number; + description + "Source UDP port number to use for the UDP header of the encapsulated + packet. The source UDP port should be derived from the payload + packet entropy. The exact methodology is implementation dependent, + but for example, the port could be derived from an entropy hash of + the payload or the source port (if present) of the payload."; + } + + leaf dst-udp-port { + type oc-inet:port-number; + description + "Destination UDP port number to use for the UDP header of the + encapsulated packet. + + When the payload packet is MPLS, then RFC 7510 - Encapsulating MPLS + in UDP should be followed."; + reference + "RFC 7510 - Encapsulating MPLS in UDP specifies that 6635 must be + used for MPLS-in-UDP and 6636 must be used for MPLS-in-UDP with DTLS. + Because of this condition, no default is defined in OpenConfig. The + system is expected to utilize the appropriate port."; } leaf ip-ttl { type uint8; description - "The TTL value to use for the UDP header."; + "This leaf reflects the configured/default IP TTL value that is used + in the outer header during packet encapsulation. When this leaf is + not set, the TTL value of the inner packet is copied over as the + outer packet's IP TTL value during encapsulation."; } + } - leaf src-udp-port { - type uint16; + grouping pf-encap-vxlan-config { + description + "VXLAN encapsulation applied on top of a packet."; + + leaf vni-label { + type oc-evpn-types:evi-id; description - "The source port to use for the UDP header."; + "Where applicable, the next hop label representing the virtual + network identifier (VNI) for the forwarding entry. This leaf is + applicable only to next-hops which include VXLAN encapsulation + header information"; } - leaf dst-udp-port { - type uint16; + leaf tunnel-src-ip-address { + type oc-inet:ip-address; description - "The destination port to use for the UDP header."; + "Where applicable this represents the vxlan tunnel source ip address. + For VXLAN this represents the source VTEP ip address"; } } From 02ea2bec110c6cb74ba50b91705b3ae46fe60179 Mon Sep 17 00:00:00 2001 From: Dan Ameme Date: Wed, 30 Oct 2024 12:22:10 -0700 Subject: [PATCH 3/4] Add policy forwarding for next hop match and GUE encapsulation action --- .../openconfig-pf-forwarding-policies.yang | 44 +------------------ 1 file changed, 2 insertions(+), 42 deletions(-) diff --git a/release/models/policy-forwarding/openconfig-pf-forwarding-policies.yang b/release/models/policy-forwarding/openconfig-pf-forwarding-policies.yang index 352eb526f..593fa2d47 100644 --- a/release/models/policy-forwarding/openconfig-pf-forwarding-policies.yang +++ b/release/models/policy-forwarding/openconfig-pf-forwarding-policies.yang @@ -8,6 +8,8 @@ submodule openconfig-pf-forwarding-policies { import openconfig-yang-types { prefix "oc-yang"; } import openconfig-inet-types { prefix "oc-inet"; } import openconfig-types { prefix oc-types; } + import openconfig-mpls-types { prefix "oc-mplst"; } + import openconfig-evpn-types { prefix "oc-evpn-types"; } include openconfig-pf-path-groups; @@ -718,27 +720,6 @@ submodule openconfig-pf-forwarding-policies { uses pf-encap-udp-config; } } - - container vxlan { - when "../config/type = 'oc-types:VXLAN'"; - description - "Container of nodes for VXLAN encapsulation."; - - container config { - description - "Config parameters relating to VXLAN encapsulation headers."; - - uses pf-encap-vxlan-config; - } - - container state { - config false; - description - "State parameters relating to VXLAN encapsulation headers."; - - uses pf-encap-vxlan-config; - } - } } } } @@ -885,27 +866,6 @@ submodule openconfig-pf-forwarding-policies { } } - grouping pf-encap-vxlan-config { - description - "VXLAN encapsulation applied on top of a packet."; - - leaf vni-label { - type oc-evpn-types:evi-id; - description - "Where applicable, the next hop label representing the virtual - network identifier (VNI) for the forwarding entry. This leaf is - applicable only to next-hops which include VXLAN encapsulation - header information"; - } - - leaf tunnel-src-ip-address { - type oc-inet:ip-address; - description - "Where applicable this represents the vxlan tunnel source ip address. - For VXLAN this represents the source VTEP ip address"; - } - } - grouping pf-match-next-hop-groups-config { description "Configuration parameters relating matching next-hop of a packet."; From dc39a8e6144a45a3c336330ee475c4c1d838cb83 Mon Sep 17 00:00:00 2001 From: Dan Ameme Date: Fri, 1 Nov 2024 00:18:56 +0000 Subject: [PATCH 4/4] Add policy forwarding for next hop match and GUE encapsulation action --- .../policy-forwarding/openconfig-pf-forwarding-policies.yang | 1 - 1 file changed, 1 deletion(-) diff --git a/release/models/policy-forwarding/openconfig-pf-forwarding-policies.yang b/release/models/policy-forwarding/openconfig-pf-forwarding-policies.yang index 593fa2d47..e1bab4bff 100644 --- a/release/models/policy-forwarding/openconfig-pf-forwarding-policies.yang +++ b/release/models/policy-forwarding/openconfig-pf-forwarding-policies.yang @@ -9,7 +9,6 @@ submodule openconfig-pf-forwarding-policies { import openconfig-inet-types { prefix "oc-inet"; } import openconfig-types { prefix oc-types; } import openconfig-mpls-types { prefix "oc-mplst"; } - import openconfig-evpn-types { prefix "oc-evpn-types"; } include openconfig-pf-path-groups;