Presentation is loading. Please wait.

Presentation is loading. Please wait.

Access Control List Model draft-ietf-netmod-acl-model (draft-bogdanovic-netmod-acl-model-02) IETF 91 Honolulu Lisa Huang, Dana Blair, Kiran Koushik, Dean.

Published byJeremy Green Modified over 8 years ago

Similar presentations

Presentation on theme: "Access Control List Model draft-ietf-netmod-acl-model (draft-bogdanovic-netmod-acl-model-02) IETF 91 Honolulu Lisa Huang, Dana Blair, Kiran Koushik, Dean."— Presentation transcript:

1 Access Control List Model draft-ietf-netmod-acl-model (draft-bogdanovic-netmod-acl-model-02) IETF 91 Honolulu Lisa Huang, Dana Blair, Kiran Koushik, Dean Bogdanovic

2 Agenda Status Philosophy Design Models How can you contribute ?

3 Draft Status https://datatracker.ietf.org/doc/draft-ietf- netmod-acl-model/ https://datatracker.ietf.org/doc/draft-ietf- netmod-acl-model/ Brocade, Juniper, Cisco Adopted as NETMOD Working group Item

4 Philosophy Simple, Short Limited YANG Features Allows proprietary augmentations Proprietary augmentations are considered for standard model Address ACL management issues – ace insertion Mappable to existing implementations – In some cases, may need to update implementations

5 Design ietf-acl – base model ACL container – ACL oper data container – ACE List » Match container » Action container packet-fields – Used in ACE Match container newco-acl – Example of vendor specific extensions of base model – augments the base model route-filter – Example of route-filter augmentation

6 Design cont’d module: ietf-acl +--rw access-list +--rw acl-name +--rw acl-oper-data |... +--rw access-list-entries | | +--rw matches | | +--rw (ace-type) | |... | +--rw actions | |... +--rw default-actions +--rw deny? empty Operation data: counter, targets, etc Matches container: packet-header-fields meta data filters Actions container

7 ACL YANG Model Git repository https://github.com/YangModels/yang/tree/master/experimental/ietf/ Base Model https://github.com/YangModels/yang/blob/master/experimental/ietf/ ACL-MODEL/ietf-acl.yang Proprietary augmentation example https://github.com/YangModels/yang/blob/master/experimental/ietf/ ACL-MODEL/newco-acl.yang

8 How can you contribute ? Read the draft Comment on the netmod alias Map to existing acl implementations Create proprietary augmentations Submit pyang --ietf compilable augmentation to netmod alias – Is augmentation common among vendors ? – Is augmentation needed by customers ? Target – type string – Where is the ACL applied ? Interface + direction, qos, … – Explore common targets – Propose target augmentation

Download ppt "Access Control List Model draft-ietf-netmod-acl-model (draft-bogdanovic-netmod-acl-model-02) IETF 91 Honolulu Lisa Huang, Dana Blair, Kiran Koushik, Dean."

Similar presentations

Draft-bogdanovic-netmod-yang- model-classification-03 IETF 92 Dallas NETMOD WG B. Claise, C. Moberg, Cisco Systems D. Bogdanovic Juniper Networks.

Draft-bogdanovic-netmod-yang- model-classification-03 IETF 92 Dallas NETMOD WG B. Claise, C. Moberg, Cisco Systems D. Bogdanovic Juniper Networks.
Draft-ietf-netmod-acl-model-03 IETF 92 Dallas NETMOD WG D.Blair, Cisco Systems K.Koushik, Brocade Comm L. Huang, D.Bogdanovic Juniper Ntwks.

Draft-ietf-netmod-acl-model-03 IETF 92 Dallas NETMOD WG D.Blair, Cisco Systems K.Koushik, Brocade Comm L. Huang, D.Bogdanovic Juniper Ntwks.
© 2009 Cisco Systems, Inc. All rights reserved. Cisco Public Presentation_ID 1 Diffserv Yang Model

© 2009 Cisco Systems, Inc. All rights reserved. Cisco Public Presentation_ID 1 Diffserv Yang Model
1 © 2004 Cisco Systems, Inc. All rights reserved. CCNA 2 v3.1 Module 11 Access Control Lists (ACLs)

1 © 2004 Cisco Systems, Inc. All rights reserved. CCNA 2 v3.1 Module 11 Access Control Lists (ACLs)
Augmenting the IETF processing with Open Source Development of Yang Modules Tom Nadeau, Andy Bierman, Kiran Koushik 1 IETF #90, Toronto.

Augmenting the IETF processing with Open Source Development of Yang Modules Tom Nadeau, Andy Bierman, Kiran Koushik 1 IETF #90, Toronto.
YANG in a Nutshell The YANG Gang IETF 71. YANG has... A reasonable self-contained specification A focus on readers and reviewers Text-based Email, patch,

YANG in a Nutshell The YANG Gang IETF 71. YANG has... A reasonable self-contained specification A focus on readers and reviewers Text-based , patch,
Models to manage G.698.2 parameters 1.draft-galikunze-ccamp-g-698-2-snmp-mib-09.txt 2.draft-dharinigert-ccamp-g-698-2-lmp-08.txt 3.draft-dharini-netmod-g-698-2-yang-01.txt.

Models to manage G parameters 1.draft-galikunze-ccamp-g snmp-mib-09.txt 2.draft-dharinigert-ccamp-g lmp-08.txt 3.draft-dharini-netmod-g yang-01.txt.
Models to manage G.698.2 parameters draft-galikunze-ccamp-g-698-2-snmp-mib-11.txt Gabriele Galimberti Cisco Systems Ruediger KunzeDeutsche Telekom Lam,

Models to manage G parameters draft-galikunze-ccamp-g snmp-mib-11.txt Gabriele Galimberti Cisco Systems Ruediger KunzeDeutsche Telekom Lam,
BLISS Problem Statement Jonathan Rosenberg Cisco.

BLISS Problem Statement Jonathan Rosenberg Cisco.
IETF 90 Toronto Yang Data Model for OSPF Protocol draft-yeung-netmod-ospf-01 and beyond Derek Yeung Derek Yeung Dean Bogdanovic

IETF 90 Toronto Yang Data Model for OSPF Protocol draft-yeung-netmod-ospf-01 and beyond Derek Yeung Derek Yeung Dean Bogdanovic
YANG Data Model for Access Control List Configuration draft-huang-netmod-acl-02 Lisa Huang, Alexander Clemm,

YANG Data Model for Access Control List Configuration draft-huang-netmod-acl-02 Lisa Huang, Alexander Clemm,
MPLS YANG Data Models IETF91 Submitted I-Ds: draft-chen-mpls-ldp-yang-cfg X. Chen, and Z. Li draft-chen-mpls-te-yang-cfg X. Chen, Z. Li, and X. Zeng draft-gandhi-mpls-te-yang-model.

MPLS YANG Data Models IETF91 Submitted I-Ds: draft-chen-mpls-ldp-yang-cfg X. Chen, and Z. Li draft-chen-mpls-te-yang-cfg X. Chen, Z. Li, and X. Zeng draft-gandhi-mpls-te-yang-model.
Abierman-netconf-mar07 1 NETCONF WG 68 th IETF Prague, CZ March 19, 2007.

Abierman-netconf-mar07 1 NETCONF WG 68 th IETF Prague, CZ March 19, 2007.
IETF 92 Dallas, TX Yang Data Model for OSPF Protocol draft-ietf-ospf-yang-00 Yingzhen Qu Derek Yeung YingZhen Qu

IETF 92 Dallas, TX Yang Data Model for OSPF Protocol draft-ietf-ospf-yang-00 Yingzhen Qu Derek Yeung YingZhen Qu
Pim wg multicast YANG team Meeting 20160224 https://www.ietf.org/mailman/listinfo/yang-multicast https://github.com/mcallisterjp/pim-yang.

Pim wg multicast YANG team Meeting
Draft-wilton-netmod-intf-ext-yang-01 draft-wilton-netmod-intf-vlan-yang-01 Rob Wilton IETF 94 – Yokohama, NETMOD WG.

Draft-wilton-netmod-intf-ext-yang-01 draft-wilton-netmod-intf-vlan-yang-01 Rob Wilton IETF 94 – Yokohama, NETMOD WG.
Network Device YANG Organizational Model draft-rtgyangdt-rtgwg-device-model-03 Authors: Acee Lindem, Christian Hopps, Dean Bogdanovic, Lou Berger (Ed.)

Network Device YANG Organizational Model draft-rtgyangdt-rtgwg-device-model-03 Authors: Acee Lindem, Christian Hopps, Dean Bogdanovic, Lou Berger (Ed.)
Draft-ietf-isis-yang-isis-cfg-01 IETF 91 S. Litkowski, Orange D. Yeung, Cisco A. Lindem, Cisco J. Zhang, Juniper L. Lhotka.

Draft-ietf-isis-yang-isis-cfg-01 IETF 91 S. Litkowski, Orange D. Yeung, Cisco A. Lindem, Cisco J. Zhang, Juniper L. Lhotka.
Subscriptions for Event Notification + Yang-push IETF NETCONF WG Contributors Call 26 - May

Subscriptions for Event Notification + Yang-push IETF NETCONF WG Contributors Call 26 - May
Cisco implementation of ACL yang model

Cisco implementation of ACL yang model

Similar presentations

Ads by Google