-
Notifications
You must be signed in to change notification settings - Fork 1.5k
/
Copy pathsonic-dash.yang
476 lines (375 loc) · 14.5 KB
/
sonic-dash.yang
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
module sonic-dash {
yang-version 1.1;
namespace "http://github.com/Azure/sonic-dash";
prefix dash;
import ietf-yang-types {
prefix yang;
}
import ietf-inet-types {
prefix inet;
}
import sonic-types {
prefix stypes;
}
organization
"SONiC";
contact
"SONiC";
description
"SONIC DASH YANG Module for SONiC OS";
revision 2022-12-07 {
description
"Initial revision.";
}
container sonic-dash {
container DASH_VNET {
description "DASH VNET configuration, part of APP_DB. Used for gNMI clients to configure SONiC";
list DASH_VNET_LIST {
key "name";
leaf name {
type string {
pattern "Vnet[a-zA-Z0-9_-]+" {
error-message "Invalid Vnet name";
error-app-tag vnet-name-invalid;
}
}
}
leaf vni {
type uint32 {
range 1..16777215;
}
}
leaf guid {
description "Guid used for Vnet identification";
type string {
length 1..255;
}
}
leaf-list address_spaces {
type stypes:sonic-ip-prefix;
}
} /* end of list DASH_VNET_LIST */
} /* end of container DASH_VNET */
container DASH_QOS {
description "DASH QOS configs to specify bandwidth, cps, part of APP_DB";
list DASH_QOS_LIST {
key "name";
leaf name{
type string {
length 1..255;
}
}
leaf bw {
description "Bandwidth in kbps";
type uint64 {
range "0..100000000" {
error-message "kbps value out of range";
}
}
}
leaf cps {
description "Max number of connections per second";
type uint64 {
range "0..100000000" {
error-message "cps value out of range";
}
}
}
leaf flows {
description "Number of flows";
type uint64 {
range "0..100000000" {
error-message "flows value out of range";
}
}
}
} /* end of list DASH_QOS_LIST */
} /* end of container DASH_QOS */
container DASH_ENI {
description "DASH ENI object to specify eni params; part of APP_DB";
list DASH_ENI_LIST {
key "name";
leaf name{
type string {
length 1..255;
}
}
leaf eni_id{
description "ENI guid for cross reference and identification";
type string {
length 1..255;
}
}
leaf mac_address {
type yang:mac-address;
}
leaf qos {
type leafref {
path /dash:sonic-dash/dash:DASH_QOS/dash:DASH_QOS_LIST/dash:name;
}
}
leaf vnet {
type leafref {
path /dash:sonic-dash/dash:DASH_VNET/dash:DASH_VNET_LIST/dash:name;
}
}
} /* end of list DASH_ENI_LIST */
} /* end of container DASH_ENI */
container DASH_ACL_IN {
description "DASH Ingress ACL to specify stage and group; part of APP_DB";
list DASH_ACL_IN_LIST {
key "eni stage";
leaf eni {
type leafref {
path /dash:sonic-dash/dash:DASH_ENI/dash:DASH_ENI_LIST/dash:name;
}
}
leaf stage {
type uint8 {
range 1..5;
}
}
leaf acl_group_id {
type leafref {
path /dash:sonic-dash/dash:DASH_ACL_GROUP/dash:DASH_ACL_GROUP_LIST/dash:name;
}
}
} /* end of list DASH_ACL_IN_LIST */
} /* end of container DASH_ACL_IN */
container DASH_ACL_OUT {
description "DASH Egress ACL to specify stage and group; part of APP_DB";
list DASH_ACL_OUT_LIST {
key "eni stage";
leaf eni {
type leafref {
path /dash:sonic-dash/dash:DASH_ENI/dash:DASH_ENI_LIST/dash:name;
}
}
leaf stage {
type uint8 {
range 1..5;
}
}
leaf acl_group_id {
type leafref {
path /dash:sonic-dash/dash:DASH_ACL_GROUP/dash:DASH_ACL_GROUP_LIST/dash:name;
}
}
} /* end of list DASH_ACL_OUT_LIST */
} /* end of container DASH_ACL_OUT */
container DASH_ACL_GROUP {
description "DASH ACL group to specify IP version; part of APP_DB";
list DASH_ACL_GROUP_LIST {
key "name";
leaf name {
type string {
length 1..255;
}
}
leaf ip_version {
type string {
pattern "ipv4|ipv6";
}
}
leaf guid {
description "Guid used for ACL group identification";
type string {
length 1..255;
}
}
} /* end of list DASH_ACL_GROUP_LIST */
} /* end of container DASH_ACL_GROUP */
container DASH_ACL_RULE {
description "DASH ACL rule; part of APP_DB";
list DASH_ACL_RULE_LIST {
key "acl_group_id name";
leaf acl_group_id {
type leafref {
path /dash:sonic-dash/dash:DASH_ACL_GROUP/dash:DASH_ACL_GROUP_LIST/dash:name;
}
}
leaf name {
type string {
length 1..255;
}
}
leaf priority {
type uint32 {
range 0..16777215;
}
}
leaf action {
type string {
pattern "allow|deny";
}
}
leaf terminating {
type boolean;
default false;
description "If set to true, stop processing further rules";
}
leaf-list ip_protocol {
description "IP Protocol (tcp or udp or icmp etc)";
type stypes:ip-protocol-type;
}
leaf-list src_addr {
type stypes:sonic-ip-prefix;
}
leaf-list dst_addr {
type stypes:sonic-ip-prefix;
}
leaf-list src_port {
description "List of L4 source port range as pattern '0-65365'";
type string {
pattern '([0-9]{1,4}|[0-5][0-9]{4}|[6][0-4][0-9]{3}|[6][5][0-2][0-9]{2}|[6][5][3][0-5]{2}|[6][5][3][6][0-5])-([0-9]{1,4}|[0-5][0-9]{4}|[6][0-4][0-9]{3}|[6][5][0-2][0-9]{2}|[6][5][3][0-5]{2}|[6][5][3][6][0-5])';
}
}
leaf-list dst_port {
description "List of L4 dst port range as pattern '0-65365'";
type string {
pattern '([0-9]{1,4}|[0-5][0-9]{4}|[6][0-4][0-9]{3}|[6][5][0-2][0-9]{2}|[6][5][3][0-5]{2}|[6][5][3][6][0-5])-([0-9]{1,4}|[0-5][0-9]{4}|[6][0-4][0-9]{3}|[6][5][0-2][0-9]{2}|[6][5][3][0-5]{2}|[6][5][3][6][0-5])';
}
}
} /* end of list DASH_ACL_RULE_LIST */
} /* end of container DASH_ACL_RULE */
container DASH_APPLIANCE {
description "DASH general appliance configs; part of APP_DB";
list DASH_APPLIANCE_LIST {
key "name";
leaf name {
type string {
length 1..255;
}
}
leaf sip {
type inet:ip-address;
}
leaf vni {
description "VM VNI used for setting direction";
type uint32 {
range 1..16777215;
}
}
} /* end of list DASH_APPLIANCE_LIST */
} /* end of container DASH_APPLIANCE */
container DASH_ROUTING_TYPE {
description "DASH Routing types and actions; part of APP_DB";
list DASH_ROUTING_TYPE_LIST {
key "name";
leaf name {
type string {
pattern "direct|vnet|vnet_direct|vnet_encap|drop|appliance|privatelink|privatelinknsg|servicetunnel";
}
}
leaf action_name {
type string {
length 1..255;
}
}
leaf action_type {
type string {
pattern "none|maprouting|direct|staticencap|appliance|4to6|mapdecap|decap|drop";
}
}
leaf encap_type {
type string {
pattern "vxlan|nvgre";
}
}
leaf vni {
type uint32 {
range 1..16777215;
}
}
} /* end of list DASH_ROUTING_TYPE_LIST */
} /* end of container DASH_ROUTING_TYPE */
container DASH_ROUTE_TABLE {
description "DASH Route table (LPM) associated to an ENI for outbound routing; part of APP_DB";
list DASH_ROUTE_TABLE_LIST {
key "eni prefix";
leaf eni {
type leafref {
path /dash:sonic-dash/dash:DASH_ENI/dash:DASH_ENI_LIST/dash:name;
}
}
leaf prefix {
type stypes:sonic-ip-prefix;
}
leaf action_type {
type leafref {
path /dash:sonic-dash/dash:DASH_ROUTING_TYPE/dash:DASH_ROUTING_TYPE_LIST/dash:name;
}
}
leaf vnet {
when "((current()/../action_type = 'vnet') or (current()/../action_type = 'vnet_direct'))";
type leafref {
path /dash:sonic-dash/dash:DASH_VNET/dash:DASH_VNET_LIST/dash:name;
}
}
leaf appliance {
when "(current()/../action_type = 'appliance')";
type leafref {
path /dash:sonic-dash/dash:DASH_APPLIANCE/dash:DASH_APPLIANCE_LIST/dash:name;
}
}
leaf overlay_ip {
when "((current()/../action_type = 'vnet') or (current()/../action_type = 'vnet_direct'))";
description "Overlay IP to use for mapping lookup, if routing_type is vnet_direct";
type inet:ip-address;
}
leaf overlay_sip {
when "(current()/../action_type = 'servicetunnel')";
description "Overlay src ip for service tunnel";
type inet:ip-address;
}
leaf overlay_dip {
when "(current()/../action_type = 'servicetunnel')";
description "Overlay dst ip for service tunnel";
type inet:ip-address;
}
leaf underlay_sip {
when "(current()/../action_type = 'servicetunnel')";
description "Underlay src ip for service tunnel";
type inet:ip-address;
}
leaf underlay_dip{
when "(current()/../action_type = 'servicetunnel')";
description "Underlay dst ip for service tunnel";
type inet:ip-address;
}
} /* end of list DASH_ROUTE_TABLE_LIST */
} /* end of container DASH_ROUTE_TABLE */
container DASH_VNET_MAPPING_TABLE {
description "DASH Mapping table associated to a Vnet; part of APP_DB";
list DASH_VNET_MAPPING_TABLE_LIST {
key "vnet ip_addr";
leaf vnet {
type leafref {
path /dash:sonic-dash/dash:DASH_VNET/dash:DASH_VNET_LIST/dash:name;
}
}
leaf ip_addr {
description "Overlay CA address";
type inet:ip-address;
}
leaf routing_type {
type leafref {
path /dash:sonic-dash/dash:DASH_ROUTING_TYPE/dash:DASH_ROUTING_TYPE_LIST/dash:name;
}
}
leaf underlay_ip {
description "PA address";
type inet:ip-address;
}
leaf mac_address {
type yang:mac-address;
}
leaf use_dst_vni {
type boolean;
default false;
description "If set to true, use destination VNET VNI for encap";
}
} /* end of list DASH_MAPPING_TABLE_LIST */
} /* end of container DASH_MAPPING_TABLE */
} /* end of container sonic-dash */
} /* end of module sonic-dash */