Access Control List Model draft-ietf-netmod-acl-model (draft-bogdanovic-netmod-acl-model-02) IETF 91 Honolulu Lisa Huang, Dana Blair, Kiran Koushik, Dean.

Slides:



Advertisements
Similar presentations
Draft-bogdanovic-netmod-yang- model-classification-03 IETF 92 Dallas NETMOD WG B. Claise, C. Moberg, Cisco Systems D. Bogdanovic Juniper Networks.
Advertisements

Draft-ietf-netmod-acl-model-03 IETF 92 Dallas NETMOD WG D.Blair, Cisco Systems K.Koushik, Brocade Comm L. Huang, D.Bogdanovic Juniper Ntwks.
© 2009 Cisco Systems, Inc. All rights reserved. Cisco Public Presentation_ID 1 Diffserv Yang Model
1 © 2004 Cisco Systems, Inc. All rights reserved. CCNA 2 v3.1 Module 11 Access Control Lists (ACLs)
Augmenting the IETF processing with Open Source Development of Yang Modules Tom Nadeau, Andy Bierman, Kiran Koushik 1 IETF #90, Toronto.
YANG in a Nutshell The YANG Gang IETF 71. YANG has... A reasonable self-contained specification A focus on readers and reviewers Text-based , patch,
Models to manage G parameters 1.draft-galikunze-ccamp-g snmp-mib-09.txt 2.draft-dharinigert-ccamp-g lmp-08.txt 3.draft-dharini-netmod-g yang-01.txt.
Models to manage G parameters draft-galikunze-ccamp-g snmp-mib-11.txt Gabriele Galimberti Cisco Systems Ruediger KunzeDeutsche Telekom Lam,
BLISS Problem Statement Jonathan Rosenberg Cisco.
IETF 90 Toronto Yang Data Model for OSPF Protocol draft-yeung-netmod-ospf-01 and beyond Derek Yeung Derek Yeung Dean Bogdanovic
YANG Data Model for Access Control List Configuration draft-huang-netmod-acl-02 Lisa Huang, Alexander Clemm,
MPLS YANG Data Models IETF91 Submitted I-Ds: draft-chen-mpls-ldp-yang-cfg X. Chen, and Z. Li draft-chen-mpls-te-yang-cfg X. Chen, Z. Li, and X. Zeng draft-gandhi-mpls-te-yang-model.
Abierman-netconf-mar07 1 NETCONF WG 68 th IETF Prague, CZ March 19, 2007.
IETF 92 Dallas, TX Yang Data Model for OSPF Protocol draft-ietf-ospf-yang-00 Yingzhen Qu Derek Yeung YingZhen Qu
Pim wg multicast YANG team Meeting
Draft-wilton-netmod-intf-ext-yang-01 draft-wilton-netmod-intf-vlan-yang-01 Rob Wilton IETF 94 – Yokohama, NETMOD WG.
Network Device YANG Organizational Model draft-rtgyangdt-rtgwg-device-model-03 Authors: Acee Lindem, Christian Hopps, Dean Bogdanovic, Lou Berger (Ed.)
Draft-ietf-isis-yang-isis-cfg-01 IETF 91 S. Litkowski, Orange D. Yeung, Cisco A. Lindem, Cisco J. Zhang, Juniper L. Lhotka.
Subscriptions for Event Notification + Yang-push IETF NETCONF WG Contributors Call 26 - May
Cisco implementation of ACL yang model
Interface extensions YANG & VLAN sub-interface YANG Status update
A use case for Schema Mount
YANG Data Model For RIB Extensions IETF 97, Seoul
YANG Hackathon Achievements
YANG Data Model for RIP draft-liu-rtgwg-yang-rip-01
draft-litkowski-isis-yang-isis-cfg IETF 90 - Toronto
Interface extensions YANG & VLAN sub-interface YANG Status update
ietf-syslog Model Status
Routing Area Yang Architecture Design Team Update
IETF 95 – Buenos Aires April 2016
OpState & Schema Mount Update NETMOD WG Chairs IETF 95 Buenos Aires
pim wg multicast YANG team
Routing Area Yang Architecture Design Team Update
YANG Data Models for TE and RSVP draft-ietf-teas-yang-rsvp-06 draft-ietf-teas-yang-te-05 Tarek Saad and Rakesh Gandhi.
YANG Data Models for TE and RSVP draft-ietf-teas-yang-te-03 draft-ietf-teas-yang-rsvp-03 Tarek Saad (Presenter)
draft-clacla-netmod-yang-model-update-02
Subscribing to YANG datastore push updates draft-ietf-netconf-yang-push-02 NETMOD WG IETF #95 Buenos Aires 4-April-2015 Alexander Clemm Alberto Gonzalez.
draft-ietf-teas-yang-te-topo-04
IGMP & MLD Snooping YANG Model
پروتكل آموزش سلامت به مددجو
YANG Data Models for TE and RSVP draft-ietf-teas-yang-rsvp-06 draft-ietf-teas-yang-te-05 Tarek Saad and Rakesh Gandhi.
Yang-Push On-change Notification Capability
Balazs Lengyel, Ericsson
Comparison of NMDA datastores draft-ietf-netmod-nmda-diff-00
IETF 103 NETMOD BBF YANG Update
draft-ietf-rtgwg-ni-model-03 Impact on LxVPN device models
Manufacturer Usage Descriptions draft-ietf-opsawg-mud-07
Interface extensions YANG & VLAN sub-interface YANG Status update
ietf-syslog Model Status
NMDA Q & A draft-dsdt-nmda-guidelines &
draft-ding-netmod-arp-yang-model-00 Xiaojian Ding, Feng Zheng
YANG Mount draft-clemm-netmod-mount IETF 98 Chicago, 30 March 2017
IGMP & MLD Snooping YANG Model
Post WG LC NMDA datastore architecture draft
draft-liu-netmod-yang-schedule-02
YANG Data Models for TE and RSVP draft-ietf-teas-yang-te-08 draft-ietf-teas-yang-rsvp-07 draft-ietf-teas-yang-rsvp-te-01
YANG Data Models for TE and RSVP draft-ietf-teas-yang-te-06 draft-ietf-teas-yang-rsvp-07 draft-ietf-teas-yang-rsvp-te-00 draft-ietf-mpls-base-yang-04 code.
NETMOD Agenda and WG Status
ietf-syslog Model Status
QoS Yang Model Aseem Choudhary, Norm Strahle, Ing-Whar Chen,
YANG Data Models for TE and RSVP draft-ietf-teas-yang-te-19 draft-ietf-teas-yang-rsvp-10 draft-ietf-teas-yang-rsvp-te-05 draft-ietf-teas-yang-te-mpls-01.
IETF 100 – Singapore November 2017
QoS Yang Model Aseem Choudhary, Norm Strahle, Ing-Whar Chen,
YANG Data Models for TE and RSVP draft-ietf-teas-yang-te-21 draft-ietf-teas-yang-rsvp-11 draft-ietf-teas-yang-rsvp-te-07 Tarek Saad, Juniper Networks Rakesh.
Interface extensions YANG & VLAN sub-interface YANG Status update
Schema version selection Reshad Rahman (presenting), Rob Wilton
An HTTPS-based Transport for Subscribed Notifications
YANG Data Models for TE and RSVP draft-ietf-teas-yang-te-21 draft-ietf-teas-yang-rsvp-11 draft-ietf-teas-yang-rsvp-te-07 Tarek Saad, Juniper Networks Rakesh.
Interface extensions YANG & VLAN sub-interface YANG Status update
Comparison of NMDA datastores draft-ietf-netmod-nmda-diff-02
Presentation transcript:

Access Control List Model draft-ietf-netmod-acl-model (draft-bogdanovic-netmod-acl-model-02) IETF 91 Honolulu Lisa Huang, Dana Blair, Kiran Koushik, Dean Bogdanovic

Agenda Status Philosophy Design Models How can you contribute ?

Draft Status netmod-acl-model/ netmod-acl-model/ Brocade, Juniper, Cisco Adopted as NETMOD Working group Item

Philosophy Simple, Short Limited YANG Features Allows proprietary augmentations Proprietary augmentations are considered for standard model Address ACL management issues – ace insertion Mappable to existing implementations – In some cases, may need to update implementations

Design ietf-acl – base model ACL container – ACL oper data container – ACE List » Match container » Action container packet-fields – Used in ACE Match container newco-acl – Example of vendor specific extensions of base model – augments the base model route-filter – Example of route-filter augmentation

Design cont’d module: ietf-acl +--rw access-list +--rw acl-name +--rw acl-oper-data | rw access-list-entries | | +--rw matches | | +--rw (ace-type) | |... | +--rw actions | | rw default-actions +--rw deny? empty Operation data: counter, targets, etc Matches container: packet-header-fields meta data filters Actions container

ACL YANG Model Git repository Base Model ACL-MODEL/ietf-acl.yang Proprietary augmentation example ACL-MODEL/newco-acl.yang

How can you contribute ? Read the draft Comment on the netmod alias Map to existing acl implementations Create proprietary augmentations Submit pyang --ietf compilable augmentation to netmod alias – Is augmentation common among vendors ? – Is augmentation needed by customers ? Target – type string – Where is the ACL applied ? Interface + direction, qos, … – Explore common targets – Propose target augmentation

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.