SAVNET D. Li Internet Draft Tsinghua University Intended status: Standards Track L. Liu Expires: September 3, 2024 Zhongguancun Laboratory C. Lin New H3C Technologies J. Wu Tsinghua University T. Wu Huawei W. Cheng China Mobile March 3, 2024 YANG Data Model for Intra-domain and Inter-domain Source Address Validation (SAVNET) draft-li-savnet-sav-yang-04 Abstract This document describes a YANG data model for Intra-domain and Inter-domain Source Address Validation (SAVNET). The model serves as a base framework for configuring and managing an SAV subsystem, including SAV rule and SAV Tables, and expected to be augmented by other SAV technology models accordingly. Additionally, this document also specifies the model for the SAV Static application. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on September 3, 2024. Li, et al. Expires September 3, 2024 [Page 1] Internet-Draft YANG Data Model for Source Address Validation 4 Copyright Notice Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction...................................................3 2. Terminology and Notation.......................................3 2.1. Tree Diagrams.............................................5 2.2. Prefixes in Data Node Names...............................5 3. Model Overview.................................................5 3.1. SAV Configuration.........................................8 3.2. SAV State................................................10 3.3. SAV Notifications........................................10 4. Basic Building Blocks.........................................11 4.1. SAV Rules................................................11 4.2. SAV Table................................................11 5. Structure of YANG modules.....................................12 5.1. SAV Management YANG Module...............................12 5.2. IPv4 SAV Management YANG Module..........................26 5.3. IPv6 SAV Management YANG Module..........................30 6. Security Considerations.......................................34 7. IANA Considerations...........................................34 8. References....................................................34 8.1. Normative References.....................................34 8.2. Informative References...................................35 Appendix A. The Complete Schema Tree.............................35 Appendix B. Data Tree Example....................................39 Authors' Addresses...............................................45 Li, et al. Expires September 3, 2024 [Page 2] Internet-Draft YANG Data Model for Source Address Validation 4 1. Introduction This document defines three YANG [RFC7950] data modules for configuring and managing Source Address Validation. 1) The "ietf-sav" provides generic components of SAV data model. 2) The "ietf-ipv4-sav-rule" module augments the "ietf-sav" module with additional data specific to IPv4 SAV. 3) The "ietf-ipv6-sav-rule" module augments the "ietf-sav" module with additional data specific to IPv6 SAV. They form the core SAV data module and together serve as a framework for configuring and managing a SAV subsystem. The data modules provide common building blocks of Source address validation- SAV rules and SAV Tables. This model is vendor neutral in order to allow operators to manage SAV configuration in a heterogeneous environment with routers supplied by multiple vendors. The YANG modules in this document conform to the Network Management Datastore Architecture (NMDA) [RFC8342]. 2. Terminology and Notation The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. The following terms are defined in [RFC8342]: o client o server o configuration o system state o operational state o intended configuration Li, et al. Expires September 3, 2024 [Page 3] Internet-Draft YANG Data Model for Source Address Validation 4 The following terms are defined in [RFC7950]: o action o augment o container o data model o data node o feature o leaf o leaf-list o list o mandatory node o module o schema tree o RPC (Remote Procedure Call) operation The new term is defined as follows: core SAV data model: YANG data model comprising "ietf-sav", "ietf-ipv4-sav-rule", and "ietf-ipv6-sav-rule" modules. SAV Table: An object containing a list of SAV rules, together with other information. See Section 4.2 for details. system-controlled entry: An entry in a list in the operational state("config false") that is created by the system independently of what has been explicitly configured. See Section 3 for details. user-controlled entry: An entry in a list in the operational Li, et al. Expires September 3, 2024 [Page 4] Internet-Draft YANG Data Model for Source Address Validation 4 state("config false") that is created and deleted as a direct consequence of certain configuration changes. See Section 3 for details. 2.1. Tree Diagrams Tree diagrams used in this document follow the notation defined in [RFC8340]. 2.2. Prefixes in Data Node Names In this document, names of data nodes, actions, and other data model objects are often used without a prefix, as long as it is clear from the context in which YANG module each name is defined. Otherwise, names are prefixed using the standard prefix associated with the corresponding YANG module, as shown in Table 1. +--------+-------------------------+-------------+ | Prefix | YANG module | Reference | +--------+-------------------------+-------------+ | if | ietf-interfaces | [RFC8343] | | ip | ietf-ip | [RFC8344] | | sav | ietf-sav | Section 5.1 | | v4sav | ietf-ipv4-sav-rule | Section 5.2 | | v6sav | ietf-ipv6-sav-rule | Section 5.3 | | yang | ietf-yang-types | [RFC6991] | | inet | ietf-inet-types | [RFC6991] | +--------+-------------------------+-------------+ Table 1: Prefixes and Corresponding YANG Modules 3. Model Overview The core SAV data model consists of three YANG modules, namely "ietf-sav", "ietf-ipv4-sav-rule" and "ietf-ipv6-sav-rule". The "ietf-sav" module defines the generic components of a SAV framework. The other two modules -- "ietf-ipv4-sav-rule" and "ietf-ipv6-sav- rule" - augment "ietf-sav" module with additional data nodes that are needed for IPv4 and IPv6 SAV. Figure1 shows abridged view of the yang organization and hierarchy for SAV, and the complete data tree is listed in Appendix A. As can be seen in Figure 1, the core SAV data model introduces several generic components of a SAV framework: rules, SAV tables containing lists of rules, and SAV event. Section 4 describes some core components in more detail. Li, et al. Expires September 3, 2024 [Page 5] Internet-Draft YANG Data Model for Source Address Validation 4 The core SAV data model defines several lists in the schema tree, such as "sav-table", that could be populated with its entries in any properly functioning device, and additional entries may be configured by a client. In such a list, the server creates the required item as a "system-controlled entry" in the operational state, i.e., inside read-only lists in the "sav" container. Additional entries called "user-controlled entries" may be created in the configuration by a client, e.g., via the Network Configuration Protocol (NETCONF). Li, et al. Expires September 3, 2024 [Page 6] Internet-Draft YANG Data Model for Source Address Validation 4 module: ietf-sav +--rw sav | +--rw router-id? yang:dotted-quad | +--ro interfaces | | +--ro interface* [name] | | | ... | +--rw v4sav-entry-limits | | ... | +--rw v6sav-entry-limits | | ... | +--rw source-protocol-priorities | | +--rw source-protocol-priority* [type] | | | ... | +--rw sav-controls | | ... | +--rw static-savs | | +--rw v4sav:ipv4 | | | ... | | +--rw v6sav:ipv6 | | ... | +--rw sav-tables | | +--rw sav-table* [name] | | +--ro name string | | +--ro address-family? identityref | | +--ro description? string | | +--ro sav-rules | | | +--ro sav-rule* | | | ... | | +---x active-sav-rule | | +---w input | | | +---w v4sav:source-address? inet:ipv4-address | | | +---w v6sav:source-address? inet:ipv6-address | | +--ro output | | | ... | +--ro sav-block-flow-infos | | +--ro sav-block-flow-info* | | | ... +---n sav-event | +--ro router-id? yang:dotted-quad | | ... augment /if:interfaces/if:interface: | +--rw sav-control | | ... Figure 1: Yang Organization and Hierarchy A client may also provide supplemental configuration of system- controlled entries. To do so, the client creates a new entry in the Li, et al. Expires September 3, 2024 [Page 7] Internet-Draft YANG Data Model for Source Address Validation 4 configuration with the desired contents. In order to bind this entry to the corresponding entry in the operational state, the key of the configuration entry has to be set to the same value as the key of the operational state entry. Deleting a user-controlled entry from the intended configuration results in the removal of the corresponding entry in the operational state list. In contrast, if a client deletes a system-controlled entry from the intended configuration, only the extra configuration specified in that entry is removed; the corresponding operational state entry is not removed. 3.1. SAV Configuration The SAV configuration is defined in sav container of the module ietf-sav and augment of the module ietf-interfaces. As can be seen from Figure 2, the SAV configuration includes: "v4sav-entry-limits", "v6sav-entry-limits", "source-protocol-priorities", "sav-controls", "static-savs", and "sav-control" of specified interface. module: ietf-sav +--rw sav | +--rw v4sav-entry-limits | | ... | +--rw v6sav-entry-limits | | ... | +--rw source-protocol-priorities | | +--rw source-protocol-priority* [type] | | | ... | +--rw sav-controls | | ... | +--rw static-savs | | +--rw v4sav:ipv4 | | | ... | | +--rw v6sav:ipv6 | | ... augment /if:interfaces/if:interface: | +--rw sav-control | | ... Figure 2: SAV Configuration Tree V4sav-entry-limits: Specified limits for IPv4 SAV rules can be configured. V6sav-entry-limits: Specified limits for IPv6 SAV rules can be configured. Li, et al. Expires September 3, 2024 [Page 8] Internet-Draft YANG Data Model for Source Address Validation 4 Source-protocol-priorities: The source protocol priority can be configured for SAV rule. This attribute allows for selecting the preferred SAV-rule among SAV-rules from the different source protocol. A smaller value indicates a SAV-rule that is more preferred. Sav-controls: The SAV function and mode can be controlled globally. The packet operation can be configured globally when the SAV entry is hit or miss, such as dropping the packet and passing the packet. The SAV statistics of all interface can be cleared. It also can be controlled globally to report the top few SAV rules with the highest number of filtered counterfeit packets, and to view the information of data flow blocked by SAVNET. Static-savs: The SAV rules of static protocol can be configured manually. Sav-control of specified interface: Defines some SAV configurations under the ingress interface. The SAV enable-switch and mode under the interface is controlled. The SAV statistics of the interface can be cleared. It can be controlled under specified interface to report the top few SAV rules with the highest number of filtered counterfeit packets, and to view the information of data flow blocked by SAVNET. Li, et al. Expires September 3, 2024 [Page 9] Internet-Draft YANG Data Model for Source Address Validation 4 3.2. SAV State module: ietf-sav +--rw sav | +--ro interfaces | | +--ro interface* [name] | | | ... | ... | +--rw sav-tables | | +--rw sav-table* [name] | | +--ro name string | | +--ro address-family? identityref | | +--ro description? string | | +--ro sav-rules | | | +--ro sav-rule* | | | ... | | +---x active-sav-rule | | +---w input | | | +---w v4sav:source-address? inet:ipv4-address | | | +---w v6sav:source-address? inet:ipv6-address | | +--ro output | | | ... | +--ro sav-block-flow-infos | | +--ro sav-block-flow-info* | | | ... Figure 3: SAV State Tree As can be seen from Figure 3, the SAV state includes "interfaces", "sav-tables" [SAV Table] and "sav-block-flow-infos" in sav container of the module ietf-sav. The "interfaces" contains SAV statistics under the interface, such as statistics of dropping packets. The "sav-tables" contains the details of SAV rules for the specified address family. The "sav-block-flow-infos" includes the information of data flow blocked by SAVNET. 3.3. SAV Notifications module: ietf-sav +---n sav-event | +--ro router-id? yang:dotted-quad | | ... Figure 4: SAV Notifications tree As can be seen from Figure 4, the SAV notification is defined in sav-event model of the module ietf-sav. It includes a series of SAV Li, et al. Expires September 3, 2024 [Page 10] Internet-Draft YANG Data Model for Source Address Validation 4 anomalous and warning events, for example, the SAV entry has reached the upper limit. 4. Basic Building Blocks 4.1. SAV Rules SAV Rules are the filtering rules generated by SAV mechanisms that determines valid incoming interfaces for specific source prefixes. The SAV data model defines only the following minimal set of attributes: o "source-prefix": address prefix specifying the set of source addresses for which the SAV rules may be used. This attribute is mandatory. o "incoming-interface": determines the valid incoming interfaces for the packets from specific source addresses. SAV Rules are primarily system state and appear as entries in SAV tables (Section 4.2), but they may also be found in configuration data --for example, as manually configured static SAVs. In the latter case, configurable SAV rule attributes are generally a subset of attributes defined for rules of SAV table. 4.2. SAV Table An implementation of the SAV data model manages one or more SAV tables. A SAV table is a list of SAV rules complemented with administrative data. Each SAV table contains only SAV rules of one address family. The contents of SAV tables are controlled and manipulated by source protocol operations that may result in SAV rule additions, removals, and modifications. The following action is defined for the "sav-table" list: o active-sav-rule: return the active SAV rule for the source address that is specified as the action's input parameter. Li, et al. Expires September 3, 2024 [Page 11] Internet-Draft YANG Data Model for Source Address Validation 4 5. Structure of YANG modules 5.1. SAV Management YANG Module file "ietf-sav@2023-05-20.yang" module ietf-sav { yang-version "1.1"; namespace "urn:ietf:params:xml:ns:yang:ietf-sav"; prefix "sav"; import ietf-yang-types { prefix "yang"; } import ietf-interfaces { prefix "if"; } import ietf-inet-types { prefix "inet"; } organization "IETF SAVNET Working Group"; contact "TBD"; description "This YANG module defines the essential elements for the management of Source address validation (SAV). The model fully conforms to the Network Management Datastore Architecture (NMDA). The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document are to be interpreted as described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, they appear in all capitals, as shown here. Copyright (c) 2023 IETF Trust and the persons identified as authors of the code. All rights reserved. Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Revised BSD License set Li, et al. Expires September 3, 2024 [Page 12] Internet-Draft YANG Data Model for Source Address Validation 4 forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info). This version of this YANG module is part of RFC XXXX (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself for full legal notices."; reference "RFC XXXX: A YANG Data Model For SAV Management."; revision 2023-05-20 { description "Initial revision."; reference "RFC XXXX: A YANG Data Model for SAV Management."; } /* Features */ feature router-id { description "This feature indicates that the server supports an explicit 32-bit router ID that is used by some control-plane protocols. Servers that do not advertise this feature set a router ID algorithmically, usually to one of the configured IPv4 addresses. However, this algorithm is implementation specific."; } /* Identities */ identity address-family { description "Base identity from which identities describing address families are derived."; } identity ipv4 { base address-family; description "This identity represents an IPv4 address family."; } identity ipv6 { base address-family; Li, et al. Expires September 3, 2024 [Page 13] Internet-Draft YANG Data Model for Source Address Validation 4 description "This identity represents an IPv6 address family."; } identity source-protocol { description "Base identity from which source protocol identities are derived."; } identity static { base source-protocol; description "'Static' pseudo-protocol."; } identity sav-mode { description "Base identity from which identities describing SAV modes of the specified interface are derived."; } identity sav-im { base sav-mode; description "This identity represents an SAV incomplete mode."; } identity sav-cm { base sav-mode; description "This identity represents an SAV complete mode."; } identity sav-check-type { description "Base identity from which identities describing SAV check types of the specified interface are derived."; } identity sav-allow-list { base sav-check-type; description "This identity represents an SAV allow list type."; } identity sav-block-list { base sav-check-type; Li, et al. Expires September 3, 2024 [Page 14] Internet-Draft YANG Data Model for Source Address Validation 4 description "This identity represents an SAV block list type."; } /* Type Definitions */ typedef rule-preference { type uint32; description "This type is used for SAV-rule preferences."; } /* Groupings */ grouping address-family { description "This grouping provides a leaf identifying an address family."; leaf address-family { type identityref { base address-family; } mandatory true; description "Address family."; } } grouping router-id { description "This grouping provides a router ID."; leaf router-id { type yang:dotted-quad; description "A 32-bit number in the form of a dotted quad that is used by some control-plane protocols identifying a router."; reference "RFC 2328: OSPF Version 2"; } } grouping rule-metadata { description "Common SAV-rule metadata."; leaf source-protocol { type identityref { base source-protocol; } Li, et al. Expires September 3, 2024 [Page 15] Internet-Draft YANG Data Model for Source Address Validation 4 mandatory true; description "Type of the source protocol from which the SAV-rule originated."; } leaf active { type empty; description "The presence of this leaf indicates that the rule is preferred among all rules in the same SAV table that have the same source prefix."; } leaf last-updated { type yang:date-and-time; description "Timestamp of the last modification of the rule. If the rule was never modified, it is the time when the SAV rule was inserted into the SAV table."; } leaf total-packets { type uint64; description "Number of the total packets checked by a SAV rule."; } leaf total-bytes { type uint64; description "Number of the total bytes checked by a SAV rule."; } leaf drop-packets { type uint64; description "Number of the drop packets by a SAV rule."; } leaf drop-bytes { type uint64; description "Number of the drop bytes by a SAV rule."; } leaf sav-invalid-packets { type uint64; description "Number of the packets with invalid SAV result."; } leaf sav-invalid-bytes { type uint64; description "Number of the packet bytes with invalid SAV result."; Li, et al. Expires September 3, 2024 [Page 16] Internet-Draft YANG Data Model for Source Address Validation 4 } leaf sav-valid-packets { type uint64; description "Number of the packets with valid SAV result."; } leaf sav-valid-bytes { type uint64; description "Number of the packet bytes with valid SAV result."; } } grouping limit-metadata { description "Common SAV-rule limit metadata."; leaf number { type uint32; description "This attribute allows for controlling number limit."; } leaf threshold-percent { type uint8 { range "0..100"; } description "This attribute allows for controlling threshold percentage limit."; } leaf threshold-number { type uint32; description "This attribute allows for controlling threshold number limit."; } } /* Augments */ augment "/if:interfaces/if:interface" { description "SAV configuration of incoming interfaces."; container sav-control { description "Support for SAV interface configuration."; leaf sav-enabled { type boolean; description Li, et al. Expires September 3, 2024 [Page 17] Internet-Draft YANG Data Model for Source Address Validation 4 "This attribute allows for controlling the SAV function of the incoming interface."; } leaf sav-mode { type identityref { base sav-mode; } description "This attribute allows for controlling the SAV mode of the incoming interface."; } action sav-reset { description "Reset action of a SAV incoming interface"; input { leaf reset-statistics { type boolean; description "This attribute allows for clearing the SAV statistics of the incoming interface."; } } } container sav-spoof-top { description "Support for reporting the top few SAV rules with the highest number of filtered counterfeit packets under specified interface."; leaf enabled { type boolean; description "This attribute allows for controlling the function of reporting the top few SAV rules with the highest number of filtered counterfeit packets under specified interface."; } leaf top-number { type uint32; description "This attribute allows for setting the top number of the SAV rules with the highest number of filtered counterfeit packets under specified interface."; } } container sav-block-flow-report { description "Support for viewing the information of data flow blocked by SAVNET under specified interface."; Li, et al. Expires September 3, 2024 [Page 18] Internet-Draft YANG Data Model for Source Address Validation 4 leaf enabled { type boolean; description "This attribute allows for controlling the function of viewing the information of data flow blocked by SAVNET under specified interface."; } } } } /* Data nodes */ container sav { description "Configuration parameters for the SAV subsystem."; uses router-id { if-feature "router-id"; description "Support for the global router ID. Control-plane protocols that use a router ID can use this parameter or override it with another value."; } container interfaces { config false; description "Network-layer interfaces used for SAV."; list interface { key "name"; description "Each entry contains the SAV statistics of a interface"; leaf name { type if:interface-ref; description "The name of an interface."; } leaf total-packets { type uint64; description "The number of total packets for specified interface."; } leaf total-bytes { type uint64; description "The byte number of total packets for specified interface."; } leaf drop-packets { Li, et al. Expires September 3, 2024 [Page 19] Internet-Draft YANG Data Model for Source Address Validation 4 type uint64; description "The number of drop packets for SAV function."; } leaf drop-bytes { type uint64; description "The byte number of drop packets for SAV function."; } leaf sav-invalid-packets { type uint64; description "The number of the packets with invalid SAV result."; } leaf sav-invalid-bytes { type uint64; description "The byte number of the packets with invalid SAV result."; } leaf sav-valid-packets { type uint64; description "The number of the packets with valid SAV result"; } leaf sav-valid-bytes { type uint64; description "The byte number of the packets with valid SAV result."; } } } container v4sav-entry-limits { description "Specification limit of ipv4 SAV table."; uses limit-metadata; } container v6sav-entry-limits { description "Specification limit of ipv6 SAV table."; uses limit-metadata; } container source-protocol-priorities { description "Support for SAV source protocol priorities."; list source-protocol-priority { key "type"; Li, et al. Expires September 3, 2024 [Page 20] Internet-Draft YANG Data Model for Source Address Validation 4 description "Each entry contains a SAV source protocol priority."; leaf type { type identityref { base source-protocol; } description "Type of the source protocol -- an identity derived from the 'source-protocol' base identity."; } leaf preference { type rule-preference; description "This attribute allows for selecting the preferred SAV-rule among SAV-rules from the different source protocol. A smaller value indicates a SAV-rule that is more preferred."; } } } container sav-controls { description "Support for SAV global configuration."; leaf sav-enabled { type boolean; description "This attribute allows for controlling the SAV function."; } leaf sav-mode { type identityref { base sav-mode; } description "This attribute allows for controlling the SAV mode."; } action sav-interface-reset { description "Global reset action of SAV interface"; input { leaf reset-statistics { type boolean; description "This attribute allows for clearing the SAV statistics of all interfaces."; } Li, et al. Expires September 3, 2024 [Page 21] Internet-Draft YANG Data Model for Source Address Validation 4 } } container sav-spoof-top { description "Support for reporting the top few SAV rules with the highest number of filtered counterfeit packets."; leaf enabled { type boolean; description "This attribute allows for globally controlling the function of reporting the top few SAV rules with the highest number of filtered counterfeit packets."; } leaf top-number { type uint32; description "This attribute allows for globally setting the top number of the SAV rules with the highest number of filtered counterfeit packets."; } } container sav-block-flow-report { description "Support for viewing the information of data flow blocked by SAVNET."; leaf enabled { type boolean; description "This attribute allows for globally controlling the function of viewing the information of data flow blocked by SAVNET."; } } } container static-savs { description "Support for the 'static' pseudo-protocol. Address-family-specific modules augment this node with their lists of SAV rules."; } container sav-tables { description "Support for SAV tables."; list sav-table { key "name"; description "Each entry contains a configuration for a SAV Li, et al. Expires September 3, 2024 [Page 22] Internet-Draft YANG Data Model for Source Address Validation 4 table identified by the 'name' key."; leaf name { type string; description "The name of the SAV table."; } uses address-family { description "The address family of the SAV table."; } leaf description { type string; description "Textual description of the SAV table."; } container sav-rules { config false; description "Current contents of the SAV table."; list sav-rule { description "A SAV table rule entry. This data node MUST be augmented with information specific to SAV-rule of each address family."; leaf rule-preference { type rule-preference; description "This attribute allows for selecting the preferred SAV-rule among SAV-rules with the same source prefix. A smaller value indicates a SAV-rule that is more preferred."; } container incoming-interfaces { description "Network-layer incoming interfaces of a SAV rule."; leaf-list incoming-interface { type if:interface-ref; description "Each entry is the name of a SAV incoming interface"; } } uses rule-metadata; } } action active-sav-rule { description "Return the active SAV rule that is used for the Li, et al. Expires September 3, 2024 [Page 23] Internet-Draft YANG Data Model for Source Address Validation 4 source address. Address-family-specific modules MUST augment input parameters with a leaf named 'source-address'."; output { container sav-rule { description "The active SAV rule for the specified source. If no rule exists in the SAV table for the source address, no output is returned. Address-family-specific modules MUST augment this container with appropriate contents."; container incoming-interfaces { description "Network-layer incoming interfaces of a SAV rule."; leaf-list incoming-interface { type if:interface-ref; description "Each entry is the name of a SAV incoming interface"; } } uses rule-metadata; } } } } } container sav-block-flow-infos { config false; description "The information of data flow blocked by SAVNET."; list sav-block-flow-info { description "The information of a data stream blocked by SAVNET."; leaf source-ip-address { type inet:ip-address; description "Source address of the data stream blocked by SAVNET."; } leaf source-port { type uint16; description "Source port of the data stream blocked by SAVNET."; } Li, et al. Expires September 3, 2024 [Page 24] Internet-Draft YANG Data Model for Source Address Validation 4 leaf destination-ip-address { type inet:ip-address; description "Destination address of the data stream blocked by SAVNET."; } leaf destination-port { type uint16; description "Destination port of the data stream blocked by SAVNET."; } leaf arrival-time { type yang:date-and-time; description "Arrival time of the data stream blocked by SAVNET."; } } } } notification sav-event { description "This notification is sent when there is an abnormality in SAV table."; uses router-id { if-feature "router-id"; description "the router ID of the server corresponding to the SAV table."; } uses address-family { description "The address family of the SAV table."; } leaf sav-limit-reached { type boolean; description "Indicates that the number of SAV table entries reached the upper limit."; } container top-spoof-sav-rules { description "The top few SAV rules with the highest number of filtered counterfeit packets."; list sav-rule { description "A SAV rule entry. This data node MUST be augmented with information specific to SAV-rule of each address Li, et al. Expires September 3, 2024 [Page 25] Internet-Draft YANG Data Model for Source Address Validation 4 family."; leaf rule-preference { type rule-preference; description "This attribute allows for selecting the preferred SAV-rule among SAV-rules with the same source prefix. A smaller value indicates a SAV-rule that is more preferred."; } container incoming-interfaces { description "Network-layer incoming interfaces of a SAV rule."; leaf-list incoming-interface { type if:interface-ref; description "Each entry is the name of a SAV incoming interface"; } } uses rule-metadata; } } } } 5.2. IPv4 SAV Management YANG Module file "ietf-ipv4-sav-rule@2023-05-20.yang" module ietf-ipv4-sav-rule { yang-version "1.1"; namespace "urn:ietf:params:xml:ns:yang:ietf-ipv4-sav-rule"; prefix "v4sav"; import ietf-sav { prefix "sav"; } import ietf-interfaces { prefix "if"; } import ietf-inet-types { prefix "inet"; } Li, et al. Expires September 3, 2024 [Page 26] Internet-Draft YANG Data Model for Source Address Validation 4 organization "IETF SAVNET Working Group"; contact "TBD"; description "This YANG module defines the essential elements for the management of IPv4 SAV rule. Copyright (c) 2023 IETF Trust and the persons identified as authors of the code. All rights reserved. Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Revised BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info). This version of this YANG module is part of RFC XXXX (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself for full legal notices."; revision 2023-05-20 { description "Initial revision."; reference "RFC XXXX: A YANG Data Model for SAV Management"; } /* Identities */ identity ipv4 { base sav:ipv4; description "This identity represents the IPv4 address family."; } /* Groupings */ grouping limit-metadata { description "Common SAV-rule limit metadata."; leaf number { type uint32; description "This attribute allows for controlling number limit."; } Li, et al. Expires September 3, 2024 [Page 27] Internet-Draft YANG Data Model for Source Address Validation 4 leaf threshold-percent { type uint8 { range "0..100"; } description "This attribute allows for controlling threshold percentage limit."; } leaf threshold-number { type uint32; description "This attribute allows for controlling threshold number limit."; } } augment "/sav:sav/sav:sav-tables/sav:sav-table/" + "sav:sav-rules/sav:sav-rule" { when "derived-from-or-self(../../sav:address-family, " + "'v4sav:ipv4')" { description "This augment is valid only for IPv4."; } description "This leaf augments an IPv4 SAV rule."; leaf source-prefix { type inet:ipv4-prefix; description "IPv4 source prefix."; } } augment "/sav:sav/sav:sav-tables/sav:sav-table/" + "sav:active-sav-rule/sav:input" { when "derived-from-or-self(../sav:address-family, " + "'v4sav:ipv4')" { description "This augment is valid only for IPv4."; } description "This augment adds the input parameter of the 'active-sav-rule' action."; leaf source-address { type inet:ipv4-address; description "IPv4 source address."; } } Li, et al. Expires September 3, 2024 [Page 28] Internet-Draft YANG Data Model for Source Address Validation 4 augment "/sav:sav/sav:sav-tables/sav:sav-table/" + "sav:active-sav-rule/sav:output/sav:sav-rule" { when "derived-from-or-self(../../sav:address-family, " + "'v4sav:ipv4')" { description "This augment is valid only for IPv4."; } description "This augment adds the source prefix to the reply of the 'active-sav-rule' action."; leaf source-prefix { type inet:ipv4-prefix; description "IPv4 source prefix."; } } augment "/sav:sav/sav:static-savs" { description "This augment defines the 'static' pseudo-protocol with data specific to IPv4."; container ipv4 { description "Support for a 'static' pseudo-protocol instance consists of a list of SAV rules."; container sav-entry-limits { description "Specification limit of ipv4 SAV table."; uses limit-metadata; } list sav-rule { key "source-prefix"; description "A list of static SAV rules."; leaf source-prefix { type inet:ipv4-prefix; mandatory true; description "IPv4 source prefix."; } leaf description { type string; description "Textual description of the SAV rule."; } container incoming-interfaces { description Li, et al. Expires September 3, 2024 [Page 29] Internet-Draft YANG Data Model for Source Address Validation 4 "Support for incoming interfaces."; list incoming-interface { key "name"; description "Each entry contains the information of a incoming interface"; leaf name { type if:interface-ref; description "The name of an incoming interface."; } leaf check-type { type identityref { base sav:sav-check-type; } description "The SAV check type of an incoming interface."; } } } } } } } 5.3. IPv6 SAV Management YANG Module file "ietf-ipv6-sav-rule@2023-05-20.yang" module ietf-ipv6-sav-rule { yang-version "1.1"; namespace "urn:ietf:params:xml:ns:yang:ietf-ipv6-sav-rule"; prefix "v6sav"; import ietf-sav { prefix "sav"; } import ietf-interfaces { prefix "if"; } import ietf-inet-types { prefix "inet"; } Li, et al. Expires September 3, 2024 [Page 30] Internet-Draft YANG Data Model for Source Address Validation 4 organization "IETF SAVNET Working Group"; contact "TBD"; description "This YANG module defines the essential elements for the management of IPv6 SAV rule. Copyright (c) 2023 IETF Trust and the persons identified as authors of the code. All rights reserved. Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Revised BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info). This version of this YANG module is part of RFC XXXX (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself for full legal notices."; revision 2023-05-20 { description "Initial revision."; reference "RFC XXXX: A YANG Data Model for SAV Management"; } /* Identities */ identity ipv6 { base sav:ipv6; description "This identity represents the IPv6 address family."; } /* Groupings */ grouping limit-metadata { description "Common SAV-rule limit metadata."; leaf number { type uint32; description "This attribute allows for controlling number limit."; Li, et al. Expires September 3, 2024 [Page 31] Internet-Draft YANG Data Model for Source Address Validation 4 } leaf threshold-percent { type uint8 { range "0..100"; } description "This attribute allows for controlling threshold percentage limit."; } leaf threshold-number { type uint32; description "This attribute allows for controlling threshold number limit."; } } augment "/sav:sav/sav:sav-tables/sav:sav-table/" + "sav:sav-rules/sav:sav-rule" { when "derived-from-or-self(../../sav:address-family, " + "'v6sav:ipv6')" { description "This augment is valid only for IPv6."; } description "This leaf augments an IPv6 SAV rule."; leaf source-prefix { type inet:ipv6-prefix; description "IPv6 source prefix."; } } augment "/sav:sav/sav:sav-tables/sav:sav-table/" + "sav:active-sav-rule/sav:input" { when "derived-from-or-self(../sav:address-family, " + "'v6sav:ipv6')" { description "This augment is valid only for IPv6."; } description "This augment adds the input parameter of the 'active-sav-rule' action."; leaf source-address { type inet:ipv6-address; description "IPv6 source address."; } Li, et al. Expires September 3, 2024 [Page 32] Internet-Draft YANG Data Model for Source Address Validation 4 } augment "/sav:sav/sav:sav-tables/sav:sav-table/" + "sav:active-sav-rule/sav:output/sav:sav-rule" { when "derived-from-or-self(../../sav:address-family, " + "'v6sav:ipv6')" { description "This augment is valid only for IPv6."; } description "This augment adds the source prefix to the reply of the 'active-sav-rule' action."; leaf source-prefix { type inet:ipv6-prefix; description "IPv6 source prefix."; } } augment "/sav:sav/sav:static-savs" { description "This augment defines the 'static' pseudo-protocol with data specific to IPv6."; container ipv6 { description "Support for a 'static' pseudo-protocol instance consists of a list of SAV rules."; container sav-entry-limits { description "Specification limit of ipv6 SAV table."; uses limit-metadata; } list sav-rule { key "source-prefix"; description "A list of static SAV rules."; leaf source-prefix { type inet:ipv6-prefix; mandatory true; description "IPv6 source prefix."; } leaf description { type string; description "Textual description of the SAV rule."; } container incoming-interfaces { Li, et al. Expires September 3, 2024 [Page 33] Internet-Draft YANG Data Model for Source Address Validation 4 description "Support for incoming interfaces."; list incoming-interface { key "name"; description "Each entry contains the information of a incoming interface"; leaf name { type if:interface-ref; description "The name of an incoming interface."; } leaf check-type { type identityref { base sav:sav-check-type; } description "The SAV check type of an incoming interface."; } } } } } } } 6. Security Considerations TBD 7. IANA Considerations TBD 8. References 8.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", RFC 6991, DOI 10.17487/RFC6991, July 2013, . Li, et al. Expires September 3, 2024 [Page 34] Internet-Draft YANG Data Model for Source Address Validation 4 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", RFC 7950, DOI 10.17487/RFC7950, August 2016, . [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., and R. Wilton, "Network Management Datastore Architecture (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, . [RFC8343] Bjorklund, M., "A YANG Data Model for Interface Management", RFC 8343, DOI 10.17487/RFC8343, March 2018, . [RFC8344] Bjorklund, M., "A YANG Data Model for IP Management", RFC 8344, DOI 10.17487/RFC8344, March 2018, . 8.2. Informative References [RFC7895] Bierman, A., Bjorklund, M., and K. Watsen, "YANG Module Library", RFC 7895, DOI 10.17487/RFC7895, June 2016, . [RFC7951] Lhotka, L., "JSON Encoding of Data Modeled with YANG", RFC 7951, DOI 10.17487/RFC7951, August 2016, . [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, . [SAV Table] "Source Address Validation Table Abstraction and Application", 2023, . Appendix A. The Complete Schema Tree This appendix presents the complete tree of the SAV data model. See [RFC8340] for an explanation of the symbols used. Li, et al. Expires September 3, 2024 [Page 35] Internet-Draft YANG Data Model for Source Address Validation 4 module: ietf-sav +--rw sav | +--rw router-id? yang:dotted-quad | +--ro interfaces | | +--ro interface* [name] | | +--ro name if:interface-ref | | +--ro total-packets? uint64 | | +--ro total-bytes? uint64 | | +--ro drop-packets? uint64 | | +--ro drop-bytes? uint64 | | +--ro sav-invalid-packets? uint64 | | +--ro sav-invalid-bytes? uint64 | | +--ro sav-valid-packets? uint64 | | +--ro sav-valid-bytes? uint64 | +--rw v4sav-entry-limits | | +--rw number? uint32 | | +--rw threshold-percent? uint8 | | +--rw threshold-number? uint32 | +--rw v6sav-entry-limits | | +--rw number? uint32 | | +--rw threshold-percent? uint8 | | +--rw threshold-number? uint32 | +--rw source-protocol-priorities | | +--rw source-protocol-priority* [type] | | +--rw type identityref | | +--rw preference? rule-preference | +--rw sav-controls | | +--rw sav-enabled? boolean | | +--rw sav-mode? identityref | | +---x sav-interface-reset | | | +---w input | | | +---w reset-statistics? boolean | | +--rw sav-spoof-top | | +--rw enabled? boolean | | +--rw top-number? uint32 | | +--rw sav-block-flow-report | | +--rw enabled? boolean | +--rw static-savs | | +--rw v4sav:ipv4 | | | +--rw v4sav:sav-entry-limits | | | +--rw v4sav:number? uint32 | | | +--rw v4sav:threshold-percent? uint8 | | | +--rw v4sav:threshold-number? uint32 | | | +--rw v4sav:sav-rule* [source-prefix] | | | +--rw v4sav:source-prefix inet:ipv4-prefix | | | +--rw v4sav:description? string | | | +--rw v4sav:incoming-interfaces | | | +--rw v4sav:incoming-interface* [name] Li, et al. Expires September 3, 2024 [Page 36] Internet-Draft YANG Data Model for Source Address Validation 4 | | | | +--rw v4sav:name if:interface-ref | | | | +--rw v4sav:check-type identityref | | +--rw v6sav:ipv6 | | | +--rw v6sav:sav-entry-limits | | | +--rw v6sav:number? uint32 | | | +--rw v6sav:threshold-percent? uint8 | | | +--rw v6sav:threshold-number? uint32 | | | +--rw v6sav:sav-rule* [source-prefix] | | | +--rw v6sav:source-prefix inet:ipv6-prefix | | | +--rw v6sav:description? string | | | +--rw v6sav:incoming-interfaces | | | +--rw v6sav:incoming-interface* [name] | | | | +--rw v6sav:name if:interface-ref | | | | +--rw v6sav:check-type identityref | +--rw sav-tables | | +--rw sav-table* [name] | | +--ro name string | | +--ro address-family? identityref | | +--ro description? string | | +--ro sav-rules | | | +--ro sav-rule* | | | +--ro rule-preference? rule-preference | | | +--ro incoming-interfaces | | | | +--ro incoming-interface* if:interface-ref | | | +--ro source-protocol identityref | | | +--ro active? empty | | | +--ro last-updated? yang:date-and-time | | | +--ro v4sav:source-prefix? inet:ipv4-prefix | | | +--ro v6sav:source-prefix? inet:ipv6-prefix | | | +--ro total-packets? uint64 | | | +--ro total-bytes? uint64 | | | +--ro drop-packets? uint64 | | | +--ro drop-bytes? uint64 | | | +--ro sav-invalid-packets? uint64 | | | +--ro sav-invalid-bytes? uint64 | | | +--ro sav-valid-packets? uint64 | | | +--ro sav-valid-bytes? uint64 | | +---x active-sav-rule | | +---w input | | | +---w v4sav:source-address? inet:ipv4-address | | | +---w v6sav:source-address? inet:ipv6-address | | +--ro output | | +--ro sav-rule | | +--ro incoming-interfaces | | | +--ro incoming-interface* if:interface-ref | | +--ro source-protocol identityref | | +--ro active empty | | +--ro last-updated? yang:date-and-time Li, et al. Expires September 3, 2024 [Page 37] Internet-Draft YANG Data Model for Source Address Validation 4 | | +--ro v4sav:source-prefix? inet:ipv4-prefix | | +--ro v6sav:source-prefix? inet:ipv6-prefix | | +--ro total-packets? uint64 | | +--ro total-bytes? uint64 | | +--ro drop-packets? uint64 | | +--ro drop-bytes? uint64 | | +--ro sav-invalid-packets? uint64 | | +--ro sav-invalid-bytes? uint64 | | +--ro sav-valid-packets? uint64 | | +--ro sav-valid-bytes? uint64 | +--ro sav-block-flow-infos | | +--ro sav-block-flow-info* | | +--ro source-ip-address inet:ip-address | | +--ro source-port uint16 | | +--ro destination-ip-address inet:ip-address | | +--ro destination-port uint16 | | +--ro arrival-time yang:date-and-time +---n sav-event | +--ro router-id? yang:dotted-quad | +--ro address-family identityref | +--ro sav-limit-reached? Boolean | +--ro top-spoof-sav-rules | | +--ro sav-rule* | | +--ro rule-preference? rule-preference | | +--ro incoming-interfaces | | | +--ro incoming-interface* if:interface-ref | | +--ro source-protocol identityref | | +--ro active? empty | | +--ro last-updated? yang:date-and-time | | +--ro v4sav:source-prefix? inet:ipv4-prefix | | +--ro v6sav:source-prefix? inet:ipv6-prefix | | +--ro total-packets? uint64 | | +--ro total-bytes? uint64 | | +--ro drop-packets? uint64 | | +--ro drop-bytes? uint64 | | +--ro sav-invalid-packets? uint64 | | +--ro sav-invalid-bytes? uint64 | | +--ro sav-valid-packets? uint64 | | +--ro sav-valid-bytes? uint64 augment /if:interfaces/if:interface: | +--rw sav-control | | +--rw sav-enabled? boolean | | +--rw sav-mode? identityref | | +---x sav-reset | | | +---w input | | | +---w reset-statistics? Boolean | | +--rw sav-spoof-top | | +--rw enabled? boolean Li, et al. Expires September 3, 2024 [Page 38] Internet-Draft YANG Data Model for Source Address Validation 4 | | +--rw top-number? uint32 | | +--rw sav-block-flow-report | | +--rw enabled? boolean Appendix B. Data Tree Example This section contains an example of an instance data tree from the operational state, in JSON encoding [RFC7951]. The data conforms to a data model that is defined by the following YANG library specification [RFC7895]: Li, et al. Expires September 3, 2024 [Page 39] Internet-Draft YANG Data Model for Source Address Validation 4 { "ietf-yang-library:modules-state": { "module-set-id": "c2e1f54169aa7f36e1a6e8d0865d441d3600f9c4", "module": [ { "name": "ietf-sav", "revision": "2023-05-20", "feature": [ "router-id" ], "namespace": "urn:ietf:params:xml:ns:yang:ietf-sav", "conformance-type": "implement" }, { "name": "ietf-ipv4-sav-rule", "revision": "2023-05-20", "namespace": "urn:ietf:params:xml:ns:yang:ietf-ipv4-sav-rule", "conformance-type": "implement" }, { "name": "ietf-ipv6-sav-rule", "revision": "2023-05-20", "namespace": "urn:ietf:params:xml:ns:yang:ietf-ipv6-sav-rule", "conformance-type": "implement", }, { "name": "ietf-interfaces", "revision": "2018-02-20", "namespace": "urn:ietf:params:xml:ns:yang:ietf-interfaces", "conformance-type": "implement" }, { "name": "ietf-inet-types", "namespace": "urn:ietf:params:xml:ns:yang:ietf-inet-types", "revision": "2013-07-15", "conformance-type": "import" }, { "name": "ietf-yang-types", "namespace": "urn:ietf:params:xml:ns:yang:ietf-yang-types", "revision": "2013-07-15", "conformance-type": "import" }, { "name": "iana-if-type", "namespace": "urn:ietf:params:xml:ns:yang:iana-if-type", Li, et al. Expires September 3, 2024 [Page 40] Internet-Draft YANG Data Model for Source Address Validation 4 "revision": "2014-05-08", "conformance-type": "implement" }, { "name": "ietf-ip", "revision": "2018-02-22", "namespace": "urn:ietf:params:xml:ns:yang:ietf-ip", "conformance-type": "implement" } ] } } A simple network setup as shown in Figure 2 is assumed: router "A" uses static SAV rule on interface "eth0" to verify traffic message from the subnet attached to "B" router with source address "198.51.100.1" and "2001:db8:0:2::1". +-----------------+ | | | Router A | | | +--------+--------+ eth0 |2000:db8:0:1::2 |193.0.2.2 | | |2000:db8:0:1::1 |193.0.2.1 +--------+--------+ | | | Router B | | | +--------+--------+ |198.51.100.1 |2000:db8:0:2::1 | Figure 2: Example of Network Configuration The instance data tree could then be as follows: { "ietf-interfaces:interfaces": { "interface": [ { "name": "eth0", Li, et al. Expires September 3, 2024 [Page 41] Internet-Draft YANG Data Model for Source Address Validation 4 "type": "iana-if-type:ethernetCsmacd", "description": "Downlink to B.", "phys-address": "10:0C:43:E5:B3:E9", "oper-status": "up", "statistics": { "discontinuity-time": "2023-05-20T17:11:27+02:00" }, "ietf-ip:ipv4": { "forwarding": true, "mtu": 1500, "address": [ { "ip": "193.0.2.2", "prefix-length": 24 } ] }, "ietf-ip:ipv6": { "forwarding": true, "mtu": 1500, "address": [ { "ip": "2000:0db8:0:1::2", "prefix-length": 64 } ], "autoconf": { "create-global-addresses": false }, }, "sav-control": { "sav-enabled": true, "sav-mode": "ietf-sav:sav-cm" } } ] }, "ietf-sav:sav": { "router-id": "193.0.2.2", "static-savs": { "ietf-ipv4-sav-rule:ipv4": { "sav-rule": [ { "source-prefix": "198.51.100.0/24", "incoming-interfaces": { "incoming-interface": "eth0" } Li, et al. Expires September 3, 2024 [Page 42] Internet-Draft YANG Data Model for Source Address Validation 4 } ] }, "ietf-ipv6-sav-rule:ipv6": { "sav-rule": [ { "source-prefix": "2000:db8:0:2::/64", "incoming-interfaces": { "incoming-interface": "eth0" } } ] } }, "sav-tables": { "sav-table": [ { "name": "ipv4-master", "address-family": "ietf-sav:ipv4", "sav-rules": { "sav-rule": [ { "ietf-ipv4-sav-rule:source-prefix": "198.51.100.0/24", "incoming-interfaces": { "incoming-interface": "eth0" }, "rule-preference": 5, "source-protocol": "ietf-sav:static", "last-updated": "2023-5-20T17:11:27+02:00", "total-packets": 10, "total-bytes": 100, "drop-packets": 0, "drop-bytes": 0, "sav-invalid-packets": 0, "sav-invalid-bytes": 0, "sav-valid-packets": 10, "sav-valid-bytes": 100 } ] } }, { "name": "ipv6-master", "address-family": "ietf-sav:ipv6", "sav-rules": { Li, et al. Expires September 3, 2024 [Page 43] Internet-Draft YANG Data Model for Source Address Validation 4 "sav-rule": [ { "ietf-ipv6-sav-rule:source-prefix": "2000:db8:0:2::/64", "incoming-interfaces": { "incoming-interface": "eth0" }, "source-protocol": "ietf-routing:static", "route-preference": 5, "last-updated": "2023-5-20T17:11:27+02:00", "total-packets": 10, "total-bytes": 100, "drop-packets": 0, "drop-bytes": 0, "sav-invalid-packets": 0, "sav-invalid-bytes": 0, "sav-valid-packets": 10, "sav-valid-bytes": 100 } ] } } ] } } } Li, et al. Expires September 3, 2024 [Page 44] Internet-Draft YANG Data Model for Source Address Validation 4 Authors' Addresses Dan Li Tsinghua University Beijing China Email: tolidan@tsinghua.edu.cn Libin Liu Zhongguancun Laboratory Beijing China Email: gaofang@zgclab.edu.cn Changwang Lin New H3C Technologies Beijing China Email: linchangwang.04414@h3c.com Jianping Wu Tsinghua University Beijing China Email: jianping@cernet.edu.cn Tianhao Wu Huawei Technologies Beijing China Email: wutianhao10@huawei.com Li, et al. Expires September 3, 2024 [Page 45] Internet-Draft YANG Data Model for Source Address Validation 4 Weiqiang Cheng China Mobile Beijing China Email: chengweiqiang@chinamobile.com Li, et al. Expires September 3, 2024 [Page 46]