module ietf-dots-call-home {
yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-dots-call-home";
prefix dots-call-home;
import ietf-inet-types {
prefix inet;
reference
"Section 4 of RFC 6991";
}
import ietf-dots-signal-channel {
prefix dots-signal;
reference
"RFC 9132: Distributed Denial-of-Service Open Threat
Signaling (DOTS) Signal Channel Specification";
}
import ietf-yang-structure-ext {
prefix sx;
reference
"RFC 8791: YANG Data Structure Extensions";
}
organization
"IETF DDoS Open Threat Signaling (DOTS) Working Group";
contact
"WG Web:
WG List:
Author: Konda, Tirumaleswar Reddy
;
Author: Mohamed Boucadair
;
Author: Jon Shallow
";
description
"This module contains YANG definitions for the signaling
messages exchanged between a DOTS client and a DOTS server
for the Call Home deployment scenario.
Copyright (c) 2021 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject
to the license terms contained in, the Simplified BSD License
set forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(http://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC 9066; see
the RFC itself for full legal notices.";
revision 2021-12-09 {
description
"Initial revision.";
reference
"RFC 9066: Distributed Denial-of-Service Open Threat
Signaling (DOTS) Signal Channel Call Home";
}
sx:augment-structure "/dots-signal:dots-signal"
+ "/dots-signal:message-type"
+ "/dots-signal:mitigation-scope"
+ "/dots-signal:scope" {
description
"Attack source details.";
leaf-list source-prefix {
type inet:ip-prefix;
description
"IPv4 or IPv6 prefix identifying the attack source(s).";
}
list source-port-range {
key "lower-port";
description
"Port range. When only lower-port is
present, it represents a single port number.";
leaf lower-port {
type inet:port-number;
description
"Lower port number of the port range.";
}
leaf upper-port {
type inet:port-number;
must '. >= ../lower-port' {
error-message
"The upper port number must be greater than
or equal to the lower port number.";
}
description
"Upper port number of the port range.";
}
}
list source-icmp-type-range {
key "lower-type";
description
"ICMP/ICMPv6 type range. When only lower-type is
present, it represents a single ICMP/ICMPv6 type.
The address family of the target-prefix is used
to determine whether ICMP or ICMPv6 is used.";
leaf lower-type {
type uint8;
description
"Lower ICMP/ICMPv6 type of the ICMP type range.";
reference
"RFC 792: Internet Control Message Protocol
RFC 4443: Internet Control Message Protocol (ICMPv6)
for the Internet Protocol Version 6 (IPv6)
Specification.";
}
leaf upper-type {
type uint8;
must '. >= ../lower-type' {
error-message
"The upper ICMP/ICMPv6 type must be greater than
or equal to the lower ICMP type.";
}
description
"Upper type of the ICMP type range.";
reference
"RFC 792: Internet Control Message Protocol
RFC 4443: Internet Control Message Protocol (ICMPv6)
for the Internet Protocol Version 6 (IPv6)
Specification.";
}
}
}
sx:augment-structure "/dots-signal:dots-signal"
+ "/dots-signal:message-type"
+ "/dots-signal:redirected-signal" {
description
"Augments the redirected signal to communicate an
alternate Call Home DOTS client.";
choice type {
description
"Indicates the type of the DOTS session (e.g., base
DOTS signal channel, DOTS Call Home).";
case call-home-only {
description
"These attributes appear only in a signal Call Home
channel message from a Call Home DOTS client
to a Call Home DOTS server.";
leaf alt-ch-client {
type inet:domain-name;
mandatory true;
description
"FQDN of an alternate Call Home DOTS client.
This name is also presented as a reference
identifier for authentication purposes.";
}
leaf-list alt-ch-client-record {
type inet:ip-address;
description
"List of IP addresses for the alternate Call
Home DOTS client.
If this data node is not present, a Call Home
DOTS server resolves the alt-ch-client into
one or more IP addresses.";
}
leaf ttl {
type uint32;
units "seconds";
description
"The Time To Live (TTL) of the alternate Call Home
DOTS client.";
reference
"Section 4.6 of RFC 9132";
}
}
}
}
}