Unverified Commit c0a5fbd9 authored by Pavel Spirek's avatar Pavel Spirek

Merged to master

parents c53e5227 b11dd47b
module ietf-yang-library {
namespace "urn:ietf:params:xml:ns:yang:ietf-yang-library";
prefix "yanglib";
import ietf-yang-types { prefix yang; }
import ietf-inet-types { prefix inet; }
organization
"IETF NETCONF (Network Configuration) Working Group";
contact
"WG Web: <http://tools.ietf.org/wg/netconf/>
WG List: <mailto:netconf@ietf.org>
WG Chair: Mehmet Ersue
<mailto:mehmet.ersue@nsn.com>
WG Chair: Mahesh Jethanandani
<mailto:mjethanandani@gmail.com>
Editor: Andy Bierman
<mailto:andy@yumaworks.com>
Editor: Martin Bjorklund
<mailto:mbj@tail-f.com>
Editor: Kent Watsen
<mailto:kwatsen@juniper.net>";
description
"This module contains monitoring information about the YANG
modules and submodules that are used within a YANG-based
server.
Copyright (c) 2015 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject
to the license terms contained in, the Simplified BSD License
set forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(http://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX; see
the RFC itself for full legal notices.";
// RFC Ed.: replace XXXX with actual RFC number and remove this
// note.
// RFC Ed.: remove this note
// Note: extracted from draft-ietf-netconf-yang-library-00.txt
// RFC Ed.: update the date below with the date of RFC publication
// and remove this note.
revision 2015-01-30 {
description
"Initial revision.";
reference
"RFC XXXX: YANG Module Library.";
}
typedef revision-identifier {
type string {
pattern '\d{4}-\d{2}-\d{2}';
}
description
"Represents a specific date in YYYY-MM-DD format.
TBD: make pattern more precise to exclude leading zeros.";
}
grouping module {
description
"The module data structure is represented as a grouping
so it can be reused in configuration or another monitoring
data structure.";
grouping common-leafs {
description
"Common parameters for YANG modules and submodules.";
leaf name {
type yang:yang-identifier;
description "The YANG module or submodule name.";
}
leaf revision {
type union {
type revision-identifier;
type string { length 0; }
}
description
"The YANG module or submodule revision date.
An empty string is used if no revision statement
is present in the YANG module or submodule.";
}
leaf schema {
type inet:uri;
description
"Contains a URL that represents the YANG schema
resource for this module or submodule.
This leaf will only be present if there is a URL
available for retrieval of the schema for this entry.";
}
}
list module {
key "name revision";
description
"Each entry represents one module currently
supported by the server.";
uses common-leafs;
leaf namespace {
type inet:uri;
mandatory true;
description
"The XML namespace identifier for this module.";
}
leaf-list feature {
type yang:yang-identifier;
description
"List of YANG feature names from this module that are
supported by the server.";
}
leaf-list deviation {
type yang:yang-identifier;
description
"List of YANG deviation module names used by this
server to modify the conformance of the module
associated with this entry.";
}
leaf conformance {
type boolean;
mandatory true;
description
"If 'true', then the server is claiming conformance to
the YANG module identified in this entry.
If 'false', then the server is not claiming any
conformance for the YANG module identified by this
entry. The module may be needed for reusable definitions
such as extensions, features, identifies, typedefs,
or groupings.";
}
container submodules {
description
"Contains information about all the submodules used
by the parent module entry";
list submodule {
key "name revision";
description
"Each entry represents one submodule within the
parent module.";
uses common-leafs;
}
}
} // list module
} // grouping module
container modules {
config false;
description
"Contains YANG module monitoring information.";
leaf module-set-id {
type string;
description
"Contains a server-specific identifier representing
the current set of modules and submodules. The
server MUST change the value of this leaf if the
information represented by the 'module' list instances
has changed.";
}
uses module;
}
}
module ietf-yang-library {
namespace "urn:ietf:params:xml:ns:yang:ietf-yang-library";
prefix "yanglib";
import ietf-yang-types {
prefix yang;
}
import ietf-inet-types {
prefix inet;
}
organization
"IETF NETCONF (Network Configuration) Working Group";
contact
"WG Web: <http://tools.ietf.org/wg/netconf/>
"WG Web: <https://datatracker.ietf.org/wg/netconf/>
WG List: <mailto:netconf@ietf.org>
WG Chair: Mehmet Ersue
<mailto:mehmet.ersue@nsn.com>
WG Chair: Mahesh Jethanandani
<mailto:mjethanandani@gmail.com>
Editor: Andy Bierman
<mailto:andy@yumaworks.com>
Editor: Martin Bjorklund
<mailto:mbj@tail-f.com>
Editor: Kent Watsen
<mailto:kwatsen@juniper.net>";
description
"This module contains monitoring information about the YANG
modules and submodules that are used within a YANG-based
server.
Copyright (c) 2016 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject
to the license terms contained in, the Simplified BSD License
set forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(http://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX; see
This version of this YANG module is part of RFC 7895; see
the RFC itself for full legal notices.";
// RFC Ed.: replace XXXX with actual RFC number and remove this
// note.
// RFC Ed.: remove this note
// Note: extracted from draft-ietf-netconf-yang-library-04.txt
// RFC Ed.: update the date below with the date of RFC publication
// and remove this note.
revision 2016-02-01 {
revision 2016-06-21 {
description
"Initial revision.";
reference
"RFC XXXX: YANG Module Library.";
"RFC 7895: YANG Module Library.";
}
/*
* Typedefs
*/
typedef revision-identifier {
type string {
pattern '\d{4}-\d{2}-\d{2}';
......@@ -75,21 +52,17 @@ module ietf-yang-library {
description
"Represents a specific date in YYYY-MM-DD format.";
}
/*
* Groupings
*/
grouping module-list {
description
"The module data structure is represented as a grouping
so it can be reused in configuration or another monitoring
data structure.";
grouping common-leafs {
description
"Common parameters for YANG modules and submodules.";
leaf name {
type yang:yang-identifier;
description
......@@ -106,31 +79,25 @@ module ietf-yang-library {
is present in the YANG module or submodule.";
}
}
grouping schema-leaf {
description
"Common schema leaf parameter for modules and submodules.";
leaf schema {
type inet:uri;
description
"Contains a URL that represents the YANG schema
resource for this module or submodule.
This leaf will only be present if there is a URL
available for retrieval of the schema for this entry.";
}
}
list module {
key "name revision";
description
"Each entry represents one module currently
supported by the server.";
"Each entry represents one revision of one module
currently supported by the server.";
uses common-leafs;
uses schema-leaf;
leaf namespace {
type inet:uri;
mandatory true;
......@@ -141,7 +108,7 @@ module ietf-yang-library {
type yang:yang-identifier;
description
"List of YANG feature names from this module that are
supported by the server, regardless whether they are
supported by the server, regardless of whether they are
defined in the module or any included submodule.";
}
list deviation {
......@@ -153,7 +120,6 @@ module ietf-yang-library {
the same module can be used for deviations for
multiple modules, so the same entry MAY appear
within multiple 'module' entries.
The deviation module MUST be present in the 'module'
list, with the same name and revision values.
The 'conformance-type' value will be 'implement' for
......@@ -168,25 +134,22 @@ module ietf-yang-library {
protocol-accessible objects defined in the YANG module
identified in this entry. This includes deviation
statements defined in the module.
For YANG version 1.1 modules, there is at most one
module entry with conformance type 'implement' for a
particular module name, since YANG 1.1 requires that
at most one revision of a module is implemented.
particular module name, since YANG 1.1 requires that,
at most, one revision of a module is implemented.
For YANG version 1 modules, there SHOULD NOT be more
than one module entry for a particular module name.";
}
enum import {
description
"Indicates that the server imports reusable definitions
from the specified revision of the module, but does
not implement any protocol accessible objects from
from the specified revision of the module but does
not implement any protocol-accessible objects from
this revision.
Multiple module entries for the same module name MAY
exist. This can occur if multiple modules import the
same module, but specify different revision-dates in
exist. This can occur if multiple modules import the
same module but specify different revision dates in
the import statements.";
}
}
......@@ -195,32 +158,23 @@ module ietf-yang-library {
"Indicates the type of conformance the server is claiming
for the YANG module identified by this entry.";
}
container submodules {
list submodule {
key "name revision";
description
"Contains information about all the submodules used
by the parent module entry";
list submodule {
key "name revision";
description
"Each entry represents one submodule within the
parent module.";
uses common-leafs;
uses schema-leaf;
}
"Each entry represents one submodule within the
parent module.";
uses common-leafs;
uses schema-leaf;
}
}
}
/*
* Operational state data nodes
*/
container modules-state {
config false;
description
"Contains YANG module monitoring information.";
leaf module-set-id {
type string;
mandatory true;
......@@ -231,14 +185,11 @@ module ietf-yang-library {
information represented by the 'module' list instances
has changed.";
}
uses module-list;
}
/*
* Notifications
*/
notification yang-library-change {
description
"Generated when the set of modules and submodules supported
......@@ -254,5 +205,4 @@ module ietf-yang-library {
the time the notification is generated.";
}
}
}
module knot-dns {
yang-version "1.1";
namespace "http://www.nic.cz/ns/yang/knot-dns";
prefix "knot";
import ietf-inet-types {
prefix "inet";
}
import ietf-yang-types {
prefix "yang";
}
import dns-server {
prefix "dnss";
}
import dnssec-signing {
prefix "dnssec";
}
organization
"CZ.NIC, z. s. p. o.";
contact
"Editor:   Ladislav Lhotka
          <mailto:lhotka@nic.cz>";
description
"This YANG module augments the 'dns-server' module with
parameters specific for the Knot-DNS server.";
reference
"https://www.knot-dns.cz/docs/2.0/html/";
revision 2016-08-03 {
description
"Initial revision.";
reference
"TODO: put git tag here";
}
/* Identities */
identity dnstap {
base dnss:query-module-type;
description
"Query module of this type performs query and response
logging.";
}
identity synth-record {
base dnss:query-module-type;
description
"Query module of this type is able to synthesize forward or
reverse records.";
}
identity dnsproxy {
base dnss:query-module-type;
description
"Query module of this type catches all unsatisfied queries and
forwards them to another server.";
}
identity rosedb {
base dnss:query-module-type;
description
"Query module of this type allows for overriding responses to
certain queries before they are looked up in a zone.";
}
/* Groupings */
grouping zone-options {
description
"Knot-specific zone options that are added to generic zone
options.";
leaf semantic-checks {
type boolean;
description
"Enable additional checks of zone data semantics (failures
are logged):
- missing NS record at the zone apex,
- missing glue A or AAAA records,
- broken or non-cyclic NSEC(3) chain,
- wrong NSEC(3) type bitmap,
- multiple NSEC records at the same node,
- missing NSEC records at authoritative nodes,
- extra record types under the same name as NSEC3 record
(this is valid but Knot will not serve such a zone
correctly),
- NSEC3-unsecured delegation that is not part of Opt-out
span,
- wrong original TTL value in NSEC3 records,
- wrong RDATA TTL value in RRSIG record.
- signer name in RRSIG RR not the same as in DNSKEY,
- signed RRSIG,
- not all RRs in node are signed,
- wrong key flags or wrong key in RRSIG record (not the same
as ZSK).";
}
}
grouping dnssec-sign-options {
description
"Knot-specific options for automatic DNSSEC signing.";
leaf kasp-db {
type string;
description
"Path to Key and Signing Policy (KASP) database directory.
Default: 'keys' subdirectory of the directory specified in
'zones-dir'.";
}
}
/* State data */
augment "/dnss:dns-server-state/dnss:zone" {
description
"Knot-specific zone state data.";
container next-event {
description
"Information about the next event scheduled for the zone.";
choice next-event {
description
"Next event details or none, if no event is scheduled.";
leaf none {
type empty;
description
"No event scheduled for the zone.";
}
case scheduled-event {
description
"An event is scheduled.";
leaf event-type {
type enumeration {
enum load {
description
"load event";
}
enum refresh {
description
"refresh event";
}
enum transfer {
description
"transfer event";
}
enum update {
description
"update event";
}
enum expiration {
description
"expiration event";
}
enum journal-flush {
description
"journal flush event";
}
enum notify {
description
"notify event";
}
enum dnssec-resign {
description
"dnssec resign event";
}
}
description
"Type of the event.";
}
choice event-time {
description
"Information about scheduled event time, or that it is
already pending.\"";
leaf pending {
type empty;
description
"The event is already pending.";
}
leaf time {
type yang:date-and-time;
description
"Date and time for which the event is scheduled.";
}
}
}
}
}
}
/* Configuration data */
augment "/dnss:dns-server" {
description
"Knot-specific configuration data.";
list log {
key "target";
description
"List of log options.
If no entry is present, messages with severity 'warning' or
higher are logged to syslog and standard error.";
typedef severity {
type enumeration {
enum critical {
description
"critical severity level";
}
enum error {
description
"error severity level";
}
enum warning {
description
"warning severity level";
}
enum notice {
description
"notice severity level";
}
enum info {
description
"info severity level";
}
enum debug {
description
"debug severity level";
}
}
default "warning";
description
"Severity levels.";
}
leaf target {
type string;
description
"Destination of log messages. The value can be either a
file name, or one of the following special strings:
- stdout: log messages are sent to standard output,
- stderr: log messages are sent to standard error,
- syslog: log messages are passed to the syslog
facility.";
}
uses dnss:description;
leaf server {
type severity;
description
"Severity threshold for server-related messages.";
}
leaf zone {
type severity;
description
"Severity threshold for zone-related messages.";
}
leaf any {
type severity;
description
"Severity threshold for all messages.";
}
}
container control-socket {
description
"Configuration of Knot DNS control socket.";
choice socket-type {
default "unix";
description
"The control socket can be either Unix domain socket
(default) or TCP/IP endpoint.";
leaf unix {
type dnss:fs-path;
default "knot.sock";
description
"Filename of the Unix domain socket.
A relative name is prepended with the directory
specified in 'dnss:run-time-dir'.";
}
case network {
description
"Address of the network socket.";
uses dnss:endpoint-address {
refine "port" {
default "5553";
}
}
}
}
uses dnss:acls {
description
"ACLs for the control socket.";
}
}
}
augment "/dnss:dns-server/dnss:server-options/dnss:resources" {
description
"Configuration of Knot-specific server resources.";
leaf tcp-workers {
type uint8 {
range "1..max";
}
description
"Number of workers (threads) handling TCP queries.
Default: auto-selected value based on the number of
available CPU cores.";
}
leaf udp-workers {
type uint8 {
range "1..max";
}
description
"Number of workers (threads) handling UDP queries.
Default: auto-selected value based on the number of
available CPU cores.";
}
leaf background-workers {
type uint8 {
range "1..max";
}