draft-ietf-bfd-unsolicited-07.txt   draft-ietf-bfd-unsolicited-08.txt 
Network Working Group E. Chen Network Working Group E. Chen
Internet-Draft Palo Alto Networks Internet-Draft Palo Alto Networks
Intended status: Standards Track N. Shen Intended status: Standards Track N. Shen
Expires: 27 April 2022 Zededa Expires: 30 May 2022 Zededa
R. Raszuk R. Raszuk
NTT Network Innovations NTT Network Innovations
R. Rahman R. Rahman
24 October 2021 26 November 2021
Unsolicited BFD for Sessionless Applications Unsolicited BFD for Sessionless Applications
draft-ietf-bfd-unsolicited-07 draft-ietf-bfd-unsolicited-08
Abstract Abstract
For operational simplification of "sessionless" applications using For operational simplification of "sessionless" applications using
BFD, in this document we present procedures for "unsolicited BFD" BFD, in this document we present procedures for "unsolicited BFD"
that allow a BFD session to be initiated by only one side, and be that allow a BFD session to be initiated by only one side, and be
established without explicit per-session configuration or established without explicit per-session configuration or
registration by the other side (subject to certain per-interface or registration by the other side (subject to certain per-interface or
per-router policies). per-router policies).
We also introduce a new YANG module to configure and manage
"unsolicited BFD". The YANG module in this document conforms to the
Network Management Datastore Architecture (NMDA) [RFC8342].
Requirements Language Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP "OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
Status of This Memo Status of This Memo
skipping to change at page 1, line 46 skipping to change at page 2, line 4
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 30 May 2022.
This Internet-Draft will expire on 27 April 2022.
Copyright Notice Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components and restrictions with respect to this document. Code Components
extracted from this document must include Simplified BSD License text extracted from this document must include Revised BSD License text as
as described in Section 4.e of the Trust Legal Provisions and are described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Simplified BSD License. provided without warranty as described in the Revised BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Procedures for Unsolicited BFD . . . . . . . . . . . . . . . 3 2. Procedures for Unsolicited BFD . . . . . . . . . . . . . . . 3
3. State Variables . . . . . . . . . . . . . . . . . . . . . . . 4 3. State Variables . . . . . . . . . . . . . . . . . . . . . . . 4
4. YANG Data Model . . . . . . . . . . . . . . . . . . . . . . . 5 4. YANG Data Model . . . . . . . . . . . . . . . . . . . . . . . 5
4.1. Unsolicited BFD Hierarchy . . . . . . . . . . . . . . . . 5 4.1. Unsolicited BFD Hierarchy . . . . . . . . . . . . . . . . 5
4.2. Unsolicited BFD Module . . . . . . . . . . . . . . . . . 5 4.2. Unsolicited BFD Module . . . . . . . . . . . . . . . . . 6
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10
6. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 9 6. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 10
7. Security Considerations . . . . . . . . . . . . . . . . . . . 9 7. Security Considerations . . . . . . . . . . . . . . . . . . . 10
7.1. BFD Protocol Security Considerations . . . . . . . . . . 9 7.1. BFD Protocol Security Considerations . . . . . . . . . . 10
7.2. YANG Module Security Considerations . . . . . . . . . . . 10 7.2. YANG Module Security Considerations . . . . . . . . . . . 11
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 12
8.1. Normative References . . . . . . . . . . . . . . . . . . 11 8.1. Normative References . . . . . . . . . . . . . . . . . . 12
8.2. Informative References . . . . . . . . . . . . . . . . . 12 8.2. Informative References . . . . . . . . . . . . . . . . . 13
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 13 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 14
1. Introduction 1. Introduction
The current implementation and deployment practice for BFD ([RFC5880] The current implementation and deployment practice for BFD ([RFC5880]
and [RFC5881]) usually requires BFD sessions be explicitly configured and [RFC5881]) usually requires BFD sessions be explicitly configured
or registered on both sides. This requirement is not an issue when or registered on both sides. This requirement is not an issue when
an application like BGP [RFC4271] has the concept of a "session" that an application like BGP [RFC4271] has the concept of a "session" that
involves both sides for its establishment. However, this requirement involves both sides for its establishment. However, this requirement
can be operationally challenging when the prerequisite "session" does can be operationally challenging when the prerequisite "session" does
not naturally exist between two endpoints in an application. not naturally exist between two endpoints in an application.
skipping to change at page 5, line 7 skipping to change at page 5, line 7
bfd.UnsolicitedRole bfd.UnsolicitedRole
The operational mode of BFD interface when configured for unsolicited The operational mode of BFD interface when configured for unsolicited
behaviour. Options can be either PASSIVE, ACTIVE or NULL (NULL - not behaviour. Options can be either PASSIVE, ACTIVE or NULL (NULL - not
initialized) for unsolicited BFD sessions. Default (not configured initialized) for unsolicited BFD sessions. Default (not configured
for unsolicited behaviour) MUST be set to NULL if present on the for unsolicited behaviour) MUST be set to NULL if present on the
interface. interface.
4. YANG Data Model 4. YANG Data Model
This section extends the YANG data model for BFD [I-D.ietf-bfd-yang] This section extends the YANG data model for BFD [RFC9127] to cover
to cover the unsolicited BFD. unsolicited BFD. We import [RFC8349] since the "bfd" container in
[RFC9127] is under "control-plane-protocol".
4.1. Unsolicited BFD Hierarchy 4.1. Unsolicited BFD Hierarchy
Configuration for unsolicited BFD parameters for IP single-hop
sessions can be done at 2 levels:
* Globally, i.e. for all interfaces. This requires support for the
"unsolicited-params-global" feature.
* For specific interfaces. This requires support for the
"unsolicited-params-per-interface" feature.
For operational data, a new "unsolicited" container has been added
for BFD IP single-hop sessions.
The tree diagram below uses the graphical representation of data
models, as defined in [RFC8340].
module: ietf-bfd-unsolicited module: ietf-bfd-unsolicited
augment /rt:routing/rt:control-plane-protocols augment /rt:routing/rt:control-plane-protocols
/rt:control-plane-protocol/bfd:bfd/bfd-ip-sh:ip-sh: /rt:control-plane-protocol/bfd:bfd/bfd-ip-sh:ip-sh:
+--rw unsolicited {bfd-unsol:unsolicited-params-global}? +--rw unsolicited {bfd-unsol:unsolicited-params-global}?
+--rw enable? boolean +--rw enabled? boolean
+--rw local-multiplier? multiplier +--rw local-multiplier? multiplier
+--rw (interval-config-type)? +--rw (interval-config-type)?
+--:(tx-rx-intervals) +--:(tx-rx-intervals)
| +--rw desired-min-tx-interval? uint32 | +--rw desired-min-tx-interval? uint32
| +--rw required-min-rx-interval? uint32 | +--rw required-min-rx-interval? uint32
+--:(single-interval) {single-minimum-interval}? +--:(single-interval) {single-minimum-interval}?
+--rw min-interval? uint32 +--rw min-interval? uint32
augment /rt:routing/rt:control-plane-protocols augment /rt:routing/rt:control-plane-protocols
/rt:control-plane-protocol/bfd:bfd/bfd-ip-sh:ip-sh /rt:control-plane-protocol/bfd:bfd/bfd-ip-sh:ip-sh
/bfd-ip-sh:interfaces: /bfd-ip-sh:interfaces:
+--rw unsolicited {bfd-unsol:unsolicited-params-per-interface}? +--rw unsolicited {bfd-unsol:unsolicited-params-per-interface}?
+--rw enable? boolean +--rw enabled boolean
+--rw local-multiplier? multiplier +--rw local-multiplier? multiplier
+--rw (interval-config-type)? +--rw (interval-config-type)?
+--:(tx-rx-intervals) +--:(tx-rx-intervals)
| +--rw desired-min-tx-interval? uint32 | +--rw desired-min-tx-interval? uint32
| +--rw required-min-rx-interval? uint32 | +--rw required-min-rx-interval? uint32
+--:(single-interval) {single-minimum-interval}? +--:(single-interval) {single-minimum-interval}?
+--rw min-interval? uint32 +--rw min-interval? uint32
augment /rt:routing/rt:control-plane-protocols augment /rt:routing/rt:control-plane-protocols
/rt:control-plane-protocol/bfd:bfd/bfd-ip-sh:ip-sh /rt:control-plane-protocol/bfd:bfd/bfd-ip-sh:ip-sh
/bfd-ip-sh:sessions/bfd-ip-sh:session: /bfd-ip-sh:sessions/bfd-ip-sh:session:
+--ro unsolicited +--ro unsolicited
+--ro role? bfd-unsol:unsolicited-role +--ro role? bfd-unsol:unsolicited-role
4.2. Unsolicited BFD Module 4.2. Unsolicited BFD Module
<CODE BEGINS> file "ietf-bfd-unsolicited@2021-10-24.yang" <CODE BEGINS> file "ietf-bfd-unsolicited@2021-11-23.yang"
module ietf-bfd-unsolicited { module ietf-bfd-unsolicited {
yang-version 1.1; yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-bfd-unsolicited"; namespace "urn:ietf:params:xml:ns:yang:ietf-bfd-unsolicited";
prefix "bfd-unsol"; prefix "bfd-unsol";
// RFC Ed.: replace occurences of YYYY with actual RFC numbers // RFC Ed.: replace occurences of YYYY with actual RFC numbers
// and remove this note // and remove this note
import ietf-bfd-types { import ietf-bfd-types {
prefix "bfd-types"; prefix "bfd-types";
reference "RFC 9127: YANG Data Model for BFD"; reference
"RFC 9127: YANG Data Model for Bidirectional Forwarding Detection
(BFD)";
} }
import ietf-bfd { import ietf-bfd {
prefix "bfd"; prefix "bfd";
reference "RFC 9127: YANG Data Model for BFD"; reference
"RFC 9127: YANG Data Model for Bidirectional Forwarding Detection
(BFD)";
} }
import ietf-bfd-ip-sh { import ietf-bfd-ip-sh {
prefix "bfd-ip-sh"; prefix "bfd-ip-sh";
reference "RFC 9127: YANG Data Model for BFD"; reference
"RFC 9127: YANG Data Model for Bidirectional Forwarding Detection
(BFD)";
} }
import ietf-routing { import ietf-routing {
prefix "rt"; prefix "rt";
reference reference
"RFC 8349: A YANG Data Model for Routing Management "RFC 8349: A YANG Data Model for Routing Management
(NMDA version)"; (NMDA version)";
} }
organization "IETF BFD Working Group"; organization "IETF BFD Working Group";
contact contact
"WG Web: <https://tools.ietf.org/wg/bfd> "WG Web: <https://datatracker.ietf.org/wg/bfd/>
WG List: <rtg-bfd@ietf.org> WG List: <rtg-bfd@ietf.org>
Editors: Enke Chen (enchen@paloaltonetworks.com), Editors: Enke Chen (enchen@paloaltonetworks.com),
Naiming Shen (naiming@zededa.com), Naiming Shen (naiming@zededa.com),
Robert Raszuk (robert@raszuk.net), Robert Raszuk (robert@raszuk.net),
Reshad Rahman (reshad@yahoo.com)"; Reshad Rahman (reshad@yahoo.com)";
description description
"This module contains the YANG definition for BFD unsolicited "This module contains the YANG definition for BFD unsolicited
as per RFC YYYY. as per RFC YYYY.
skipping to change at page 7, line 13 skipping to change at page 8, line 12
to the license terms contained in, the Simplified BSD License to the license terms contained in, the Simplified BSD License
set forth in Section 4.c of the IETF Trust's Legal Provisions set forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents Relating to IETF Documents
(http://trustee.ietf.org/license-info). (http://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC YYYY; see This version of this YANG module is part of RFC YYYY; see
the RFC itself for full legal notices."; the RFC itself for full legal notices.";
reference "RFC YYYY"; reference "RFC YYYY";
revision 2021-10-24 { revision 2021-11-23 {
description "Initial revision."; description
reference "RFC YYYY: Unsolicited BFD for Sessionless Applications."; "Initial revision.";
reference
"RFC YYYY: Unsolicited BFD for Sessionless Applications.";
} }
/* /*
* Feature definitions * Feature definitions
*/ */
feature unsolicited-params-global { feature unsolicited-params-global {
description description
"This feature indicates that the server supports global "This feature indicates that the server supports global
parameters for unsolicited sessions."; parameters for unsolicited sessions.";
} reference
"RFC YYYY: Unsolicited BFD for Sessionless Applications.";
}
feature unsolicited-params-per-interface { feature unsolicited-params-per-interface {
description description
"This feature indicates that the server supports per-interface "This feature indicates that the server supports per-interface
parameters for unsolicited sessions."; parameters for unsolicited sessions.";
reference
"RFC YYYY: Unsolicited BFD for Sessionless Applications.";
} }
/* /*
* Type Definitions * Type Definitions
*/ */
typedef unsolicited-role { typedef unsolicited-role {
type enumeration { type enumeration {
enum unsolicited-active { enum unsolicited-active {
description "Active role"; description "Active role";
} }
skipping to change at page 7, line 47 skipping to change at page 9, line 4
type enumeration { type enumeration {
enum unsolicited-active { enum unsolicited-active {
description "Active role"; description "Active role";
} }
enum unsolicited-passive { enum unsolicited-passive {
description "Passive role"; description "Passive role";
} }
} }
description "Unsolicited role"; description "Unsolicited role";
} }
/* /*
* Augments * Augments
*/ */
augment "/rt:routing/rt:control-plane-protocols/" augment "/rt:routing/rt:control-plane-protocols/"
+ "rt:control-plane-protocol/bfd:bfd/bfd-ip-sh:ip-sh" { + "rt:control-plane-protocol/bfd:bfd/bfd-ip-sh:ip-sh" {
if-feature bfd-unsol:unsolicited-params-global;
description description
"Augmentation for BFD unsolicited parameters"; "Augmentation for BFD unsolicited parameters";
container unsolicited { container unsolicited {
if-feature bfd-unsol:unsolicited-params-global;
description description
"BFD unsolicited top level container"; "BFD unsolicited top level container";
leaf enable { leaf enabled {
type boolean; type boolean;
default false; default false;
description description
"Enable BFD unsolicited globally for IP single-hop."; "BFD unsolicited enabled globally for IP single-hop.";
} }
uses bfd-types:base-cfg-parms; uses bfd-types:base-cfg-parms;
} }
} }
augment "/rt:routing/rt:control-plane-protocols/" augment "/rt:routing/rt:control-plane-protocols/"
+ "rt:control-plane-protocol/bfd:bfd/bfd-ip-sh:ip-sh/" + "rt:control-plane-protocol/bfd:bfd/bfd-ip-sh:ip-sh/"
+ "bfd-ip-sh:interfaces" { + "bfd-ip-sh:interfaces" {
if-feature bfd-unsol:unsolicited-params-per-interface;
description description
"Augmentation for BFD unsolicited on IP single-hop interface"; "Augmentation for BFD unsolicited on IP single-hop interface";
container unsolicited { container unsolicited {
if-feature bfd-unsol:unsolicited-params-per-interface;
description description
"BFD IP single-hop interface unsolicited top level "BFD IP single-hop interface unsolicited top level
container"; container";
leaf enable { leaf enabled {
type boolean; type boolean;
default false; default false;
description "Enable BFD unsolicited on this interface."; description
"BFD unsolicited enabled on this interface.";
} }
uses bfd-types:base-cfg-parms; uses bfd-types:base-cfg-parms;
} }
} }
augment "/rt:routing/rt:control-plane-protocols/" augment "/rt:routing/rt:control-plane-protocols/"
+ "rt:control-plane-protocol/bfd:bfd/bfd-ip-sh:ip-sh/" + "rt:control-plane-protocol/bfd:bfd/bfd-ip-sh:ip-sh/"
+ "bfd-ip-sh:sessions/bfd-ip-sh:session" { + "bfd-ip-sh:sessions/bfd-ip-sh:session" {
description description
"Augmentation for BFD unsolicited on IP single-hop session"; "Augmentation for BFD unsolicited on IP single-hop session";
skipping to change at page 9, line 29 skipping to change at page 10, line 33
XML: N/A; the requested URI is an XML namespace. XML: N/A; the requested URI is an XML namespace.
This document registers the following YANG module in the "YANG Module This document registers the following YANG module in the "YANG Module
Names" registry [RFC6020]: Names" registry [RFC6020]:
Name: ietf-bfd-unsolicited Name: ietf-bfd-unsolicited
Namespace: urn:ietf:params:xml:ns:yang:ietf-bfd-unsolicited Namespace: urn:ietf:params:xml:ns:yang:ietf-bfd-unsolicited
Prefix: ietf-bfd-unsolicited Prefix: bfd-unsol
Reference: RFC YYYY Reference: RFC YYYY
6. Acknowledgments 6. Acknowledgments
Authors would like to thank Acee Lindem, Greg Mirsky, Jeffrey Haas Authors would like to thank Acee Lindem, Greg Mirsky, Jeffrey Haas,
and Raj Chetan for their review and valuable input. Raj Chetan and Tom Petch for their review and valuable input.
7. Security Considerations 7. Security Considerations
7.1. BFD Protocol Security Considerations 7.1. BFD Protocol Security Considerations
The same security considerations and protection measures as those The same security considerations and protection measures as those
described in [RFC5880] and [RFC5881] normatively apply to this described in [RFC5880] and [RFC5881] normatively apply to this
document. With "unsolicited BFD" there is potential risk for document. With "unsolicited BFD" there is potential risk for
excessive resource usage by BFD from "unexpected" remote systems. To excessive resource usage by BFD from "unexpected" remote systems. To
mitigate such risks, the following measures are mandatory: mitigate such risks, the following measures are mandatory:
* Limit the feature to specific interfaces, and to a single-hop BFD * Limit the feature to specific interfaces, and to a single-hop BFD
with "TTL=255" [RFC5082]. For numbered interfaces source address with "TTL=255" [RFC5082]. For numbered interfaces, the source
of an incoming BFD packet should belongs to the subnet of the address of an incoming BFD packet should belong to the subnet of
interface from which the BFD packet is received. For unnumbered the interface on which the BFD packet is received. For unnumbered
interfaces the above check should be aligned with routing protocol interfaces the above check should be aligned with routing protocol
addresses running on such pair of interfaces. addresses running on such pair of interfaces.
* Apply "access control" to allow BFD packets only from certain * Apply "policy" to allow BFD packets only from certain subnets or
subnets or hosts. hosts.
* Deploy the feature only in certain "trustworthy" environment, * Deploy the feature only in certain "trustworthy" environment,
e.g., at an IXP, or between a provider and its customers. e.g., at an IXP, or between a provider and its customers.
* Adjust BFD parameters as needed for the particular deployment and * Adjust BFD parameters as needed for the particular deployment and
scale. scale.
* Use BFD authentication. * Use BFD authentication.
7.2. YANG Module Security Considerations 7.2. YANG Module Security Considerations
The YANG module specified in this document defines a schema for data The YANG module specified in this document defines a schema for data
that is designed to be accessed via network management protocols such that is designed to be accessed via network management protocols such
as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer
is the secure transport layer, and the mandatory-to-implement secure is the secure transport layer, and the mandatory-to-implement secure
transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer
is HTTPS, and the mandatory-to-implement secure transport is TLS is HTTPS, and the mandatory-to-implement secure transport is TLS
[RFC5246]. [RFC8446].
The NETCONF access control model [RFC6536] provides the means to The NETCONF access control model [RFC8341] provides the means to
restrict access for particular NETCONF or RESTCONF users to a restrict access for particular NETCONF or RESTCONF users to a
preconfigured subset of all available NETCONF or RESTCONF protocol preconfigured subset of all available NETCONF or RESTCONF protocol
operations and content. operations and content.
There are a number of data nodes defined in this YANG module that are There are a number of data nodes defined in this YANG module that are
writable/creatable/deletable (i.e., config true, which is the writable/creatable/deletable (i.e., config true, which is the
default). These data nodes may be considered sensitive or vulnerable default). These data nodes may be considered sensitive or vulnerable
in some network environments. Write operations (e.g., edit-config) in some network environments. Write operations (e.g., edit-config)
to these data nodes without proper protection can have a negative to these data nodes without proper protection can have a negative
effect on network operations. These are the subtrees and data nodes effect on network operations. These are the subtrees and data nodes
and their sensitivity/vulnerability: and their sensitivity/vulnerability:
/routing/control-plane-protocols/control-plane-protocol/bfd/ip-sh /routing/control-plane-protocols/control-plane-protocol/bfd/ip-sh
/unsolicited: /unsolicited:
* data node "enable" enables creation of unsolicited BFD IP single- * data node "enabled" enables creation of unsolicited BFD IP single-
hop sessions globally, i.e. on all interfaces. See Section 7.1. hop sessions globally, i.e. on all interfaces. See Section 7.1.
* data nodes local-multiplier, desired-min-tx-interval, required- * data nodes local-multiplier, desired-min-tx-interval, required-
min-rx-interval and min-interval all impact the parameters of the min-rx-interval and min-interval all impact the parameters of the
unsolicited BFD IP single-hop sessions. unsolicited BFD IP single-hop sessions.
/routing/control-plane-protocols/control-plane-protocol/bfd/ip-sh /routing/control-plane-protocols/control-plane-protocol/bfd/ip-sh
/interfaces/interface/unsolicited: /interfaces/interface/unsolicited:
* data node "enable" enables creation of unsolicited BFD IP single- * data node "enabled" enables creation of unsolicited BFD IP single-
hop sessions on a specific interface. See Section 7.1. hop sessions on a specific interface. See Section 7.1.
* data nodes local-multiplier, desired-min-tx-interval, required- * data nodes local-multiplier, desired-min-tx-interval, required-
min-rx-interval and min-interval all impact the parameters of the min-rx-interval and min-interval all impact the parameters of the
unsolicited BFD IP single-hop sessions on the interface. unsolicited BFD IP single-hop sessions on the interface.
Some of the readable data nodes in this YANG module may be considered Some of the readable data nodes in this YANG module may be considered
sensitive or vulnerable in some network environments. It is thus sensitive or vulnerable in some network environments. It is thus
important to control read access (e.g., via get, get-config, or important to control read access (e.g., via get, get-config, or
notification) to these data nodes. These are the subtrees and data notification) to these data nodes. These are the subtrees and data
nodes and their sensitivity/vulnerability: nodes and their sensitivity/vulnerability:
/routing/control-plane-protocols/control-plane-protocol/bfd/ip-sh /routing/control-plane-protocols/control-plane-protocol/bfd/ip-sh
/sessions/session/unsolicited: access to this information discloses /sessions/session/unsolicited: access to this information discloses
the role of the local system in the creation of the unsolicited BFD the role of the local system in the creation of the unsolicited BFD
session. session.
8. References 8. References
8.1. Normative References 8.1. Normative References
[I-D.ietf-bfd-yang]
Rahman, R., Zheng, L., Jethanandani, M., Pallagatti, S.,
and G. Mirsky, "YANG Data Model for Bidirectional
Forwarding Detection (BFD)", Work in Progress, Internet-
Draft, draft-ietf-bfd-yang-17, 2 August 2018,
<https://www.ietf.org/archive/id/draft-ietf-bfd-yang-
17.txt>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
DOI 10.17487/RFC3688, January 2004, DOI 10.17487/RFC3688, January 2004,
<https://www.rfc-editor.org/info/rfc3688>. <https://www.rfc-editor.org/info/rfc3688>.
[RFC5082] Gill, V., Heasley, J., Meyer, D., Savola, P., Ed., and C. [RFC5082] Gill, V., Heasley, J., Meyer, D., Savola, P., Ed., and C.
Pignataro, "The Generalized TTL Security Mechanism Pignataro, "The Generalized TTL Security Mechanism
(GTSM)", RFC 5082, DOI 10.17487/RFC5082, October 2007, (GTSM)", RFC 5082, DOI 10.17487/RFC5082, October 2007,
<https://www.rfc-editor.org/info/rfc5082>. <https://www.rfc-editor.org/info/rfc5082>.
[RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security
(TLS) Protocol Version 1.2", RFC 5246,
DOI 10.17487/RFC5246, August 2008,
<https://www.rfc-editor.org/info/rfc5246>.
[RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection [RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection
(BFD)", RFC 5880, DOI 10.17487/RFC5880, June 2010, (BFD)", RFC 5880, DOI 10.17487/RFC5880, June 2010,
<https://www.rfc-editor.org/info/rfc5880>. <https://www.rfc-editor.org/info/rfc5880>.
[RFC5881] Katz, D. and D. Ward, "Bidirectional Forwarding Detection [RFC5881] Katz, D. and D. Ward, "Bidirectional Forwarding Detection
(BFD) for IPv4 and IPv6 (Single Hop)", RFC 5881, (BFD) for IPv4 and IPv6 (Single Hop)", RFC 5881,
DOI 10.17487/RFC5881, June 2010, DOI 10.17487/RFC5881, June 2010,
<https://www.rfc-editor.org/info/rfc5881>. <https://www.rfc-editor.org/info/rfc5881>.
[RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for
skipping to change at page 12, line 28 skipping to change at page 13, line 14
[RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed.,
and A. Bierman, Ed., "Network Configuration Protocol and A. Bierman, Ed., "Network Configuration Protocol
(NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011,
<https://www.rfc-editor.org/info/rfc6241>. <https://www.rfc-editor.org/info/rfc6241>.
[RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure
Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011,
<https://www.rfc-editor.org/info/rfc6242>. <https://www.rfc-editor.org/info/rfc6242>.
[RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration
Protocol (NETCONF) Access Control Model", RFC 6536,
DOI 10.17487/RFC6536, March 2012,
<https://www.rfc-editor.org/info/rfc6536>.
[RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF
Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017,
<https://www.rfc-editor.org/info/rfc8040>. <https://www.rfc-editor.org/info/rfc8040>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>. May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams",
BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018,
<https://www.rfc-editor.org/info/rfc8340>.
[RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration
Access Control Model", STD 91, RFC 8341,
DOI 10.17487/RFC8341, March 2018,
<https://www.rfc-editor.org/info/rfc8341>.
[RFC8349] Lhotka, L., Lindem, A., and Y. Qu, "A YANG Data Model for
Routing Management (NMDA Version)", RFC 8349,
DOI 10.17487/RFC8349, March 2018,
<https://www.rfc-editor.org/info/rfc8349>.
[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
<https://www.rfc-editor.org/info/rfc8446>.
[RFC9127] Rahman, R., Ed., Zheng, L., Ed., Jethanandani, M., Ed.,
Pallagatti, S., and G. Mirsky, "YANG Data Model for
Bidirectional Forwarding Detection (BFD)", RFC 9127,
DOI 10.17487/RFC9127, October 2021,
<https://www.rfc-editor.org/info/rfc9127>.
8.2. Informative References 8.2. Informative References
[I-D.ietf-idr-rs-bfd] [I-D.ietf-idr-rs-bfd]
Bush, R., Haas, J., Scudder, J. G., Nipper, A., and C. Bush, R., Haas, J., Scudder, J. G., Nipper, A., and C.
Dietzel, "Making Route Servers Aware of Data Link Failures Dietzel, "Making Route Servers Aware of Data Link Failures
at IXPs", Work in Progress, Internet-Draft, draft-ietf- at IXPs", Work in Progress, Internet-Draft, draft-ietf-
idr-rs-bfd-09, 21 September 2020, idr-rs-bfd-09, 21 September 2020,
<https://www.ietf.org/archive/id/draft-ietf-idr-rs-bfd- <https://www.ietf.org/archive/id/draft-ietf-idr-rs-bfd-
09.txt>. 09.txt>.
skipping to change at page 13, line 25 skipping to change at page 14, line 33
[RFC7911] Walton, D., Retana, A., Chen, E., and J. Scudder, [RFC7911] Walton, D., Retana, A., Chen, E., and J. Scudder,
"Advertisement of Multiple Paths in BGP", RFC 7911, "Advertisement of Multiple Paths in BGP", RFC 7911,
DOI 10.17487/RFC7911, July 2016, DOI 10.17487/RFC7911, July 2016,
<https://www.rfc-editor.org/info/rfc7911>. <https://www.rfc-editor.org/info/rfc7911>.
[RFC7947] Jasinska, E., Hilliard, N., Raszuk, R., and N. Bakker, [RFC7947] Jasinska, E., Hilliard, N., Raszuk, R., and N. Bakker,
"Internet Exchange BGP Route Server", RFC 7947, "Internet Exchange BGP Route Server", RFC 7947,
DOI 10.17487/RFC7947, September 2016, DOI 10.17487/RFC7947, September 2016,
<https://www.rfc-editor.org/info/rfc7947>. <https://www.rfc-editor.org/info/rfc7947>.
[RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K.,
and R. Wilton, "Network Management Datastore Architecture
(NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018,
<https://www.rfc-editor.org/info/rfc8342>.
Authors' Addresses Authors' Addresses
Enke Chen Enke Chen
Palo Alto Networks Palo Alto Networks
Email: enchen@paloaltonetworks.com Email: enchen@paloaltonetworks.com
Naiming Shen Naiming Shen
Zededa Zededa
skipping to change at page 13, line 36 skipping to change at page 15, line 4
Enke Chen Enke Chen
Palo Alto Networks Palo Alto Networks
Email: enchen@paloaltonetworks.com Email: enchen@paloaltonetworks.com
Naiming Shen Naiming Shen
Zededa Zededa
Email: naiming@zededa.com Email: naiming@zededa.com
Robert Raszuk Robert Raszuk
NTT Network Innovations NTT Network Innovations
940 Stewart Dr 940 Stewart Dr
Sunnyvale, CA 94085 Sunnyvale, CA 94085
United States of America United States of America
Email: robert@raszuk.net Email: robert@raszuk.net
Reshad Rahman Reshad Rahman
Canada
Email: reshad@yahoo.com Email: reshad@yahoo.com
 End of changes. 44 change blocks. 
73 lines changed or deleted 115 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/