Skip to content

RFC 9243: A YANG Data Model for DHCPv6 Configuration

  • I. Farrer, Ed.
Proposed Standard

Abstract

This document describes YANG data models for the configuration and management of Dynamic Host Configuration Protocol for IPv6 (DHCPv6) (RFC 8415) servers, relays, and clients.

Status of This Memo

This is an Internet Standards Track document.

This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 7841.

Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at https://www.rfc-editor.org/info/rfc9243.

1. Introduction

DHCPv6 [RFC8415] is used for supplying configuration and other relevant parameters to clients in IPv6 networks. This document defines YANG [RFC7950] modules for the configuration and management of DHCPv6 'elements' (servers, relays, and clients), using the Network Configuration Protocol (NETCONF) [RFC6241] or RESTCONF [RFC8040].

Separate modules are defined for each element. Additionally, a 'common' module contains typedefs and groupings used by all of the element modules. Appendix A provides XML examples for each of the element modules and shows their interaction.

The relay and client modules provide configuration that is applicable to devices' interfaces. This is done by importing the 'ietf-interfaces' YANG module [RFC8343] and using interface-refs to the relevant interface(s).

It is worth noting that as DHCPv6 is itself a client configuration protocol, it is not the intention of this document to provide a replacement for the allocation of DHCPv6-assigned addressing and parameters by using NETCONF/YANG. The DHCPv6 client module is intended for the configuration and monitoring of the DHCPv6 client function and does not replace DHCPv6 address and parameter configuration.

The YANG modules in this document adopt the Network Management Datastore Architecture (NMDA) [RFC8342].

1.1. Scope

[RFC8415] describes the current version of the DHCPv6 base protocol specification. A large number of additional specifications have also been published, extending DHCPv6 element functionality and adding new options. The YANG modules contained in this document do not attempt to capture all of these extensions and additions; rather, they model the DHCPv6 functions and options covered in [RFC8415]. A focus has also been given on the extensibility of the modules so that they are easy to augment to add additional functionality as required by a particular implementation or deployment scenario.

1.2. Extensibility of the DHCPv6 Server YANG Module

The modules in this document only attempt to model DHCPv6-specific behavior and do not cover the configuration and management of functionality relevant for specific server implementations. The level of variance between implementations is too great to attempt to standardize them in a way that is useful without being restrictive.

However, it is recognized that implementation-specific configuration and management is also an essential part of DHCP deployment and operations. To resolve this, Appendix C contains an example YANG module for the configuration of implementation-specific functions, illustrating how this functionality can be augmented into the main 'ietf-dhcpv6-server.yang' module.

In DHCPv6, the concept of 'class selection' for messages received by the server is common. This is the identification and classification of messages based on a number of parameters so that the correct provisioning information can be supplied, for example, by allocating a prefix from the correct pool or supplying a set of options relevant for a specific vendor's client implementation. During the development of this document, implementations were researched and the findings were that while this function is common to all, the method for configuring and implementing this function differs greatly. Therefore, configuration of the class selection function has been omitted from the DHCPv6 server module to allow implementors to define their own suitable YANG modules. Appendix D provides an example of this, which demonstrates how this can be integrated with the main 'ietf-dhcpv6-server.yang' module.

1.2.1. DHCPv6 Option Definitions

A large number of DHCPv6 options have been created in addition to those defined in [RFC8415]. As implementations differ widely as to which DHCPv6 options they support, the following approach has been taken to defining options: only the DHCPv6 options defined in [RFC8415] are included in this document.

Of these, only the options that require operator configuration are modeled. For example, OPTION_IA_NA (3) is created by the DHCP server when requested by the client. The contents of the fields in the option are based on a number of input configuration parameters that the server will apply when it receives the request (e.g., the T1/T2 timers that are relevant for the pool of addresses). As a result, there are no fields that are directly configurable for the option, so it is not modeled.

The following table shows the DHCPv6 options that are modeled, the element(s) they are modeled for, and the relevant YANG module names:

Table 1: Modeled DHCPv6 Options
Name Server Relay Client Module Name
OPTION_ORO (6) Option Request Option X ietf-dhcpv6-client.yang
OPTION_PREFERENCE (7) Preference Option X ietf-dhcpv6-server.yang
OPTION_AUTH (11) Authentication Option X X ietf-dhcpv6-common.yang
OPTION_UNICAST (12) Server Unicast Option X ietf-dhcpv6-server.yang
OPTION_RAPID_COMMIT (14) Rapid Commit Option X X ietf-dhcpv6-common.yang
OPTION_USER_CLASS (15) User Class Option X ietf-dhcpv6-client.yang
OPTION_VENDOR_CLASS (16) Vendor Class Option X ietf-dhcpv6-client.yang
OPTION_VENDOR_OPTS (17) Vendor-specific Information Option X X ietf-dhcpv6-common.yang
OPTION_INTERFACE_ID (18) Interface-Id Option X ietf-dhcpv6-relay.yang
OPTION_RECONF_MSG (19) Reconfigure Message Option X ietf-dhcpv6-server.yang
OPTION_RECONF_ACCEPT (20) Reconfigure Accept Option X X ietf-dhcpv6-client.yang
OPTION_INFORMATION _REFRESH_TIME (32) Information Refresh Time Option X ietf-dhcpv6-server.yang
OPTION_SOL_MAX_RT (82) sol max rt Option X ietf-dhcpv6-server.yang
OPTION_INF_MAX_RT (83) inf max rt Option X ietf-dhcpv6-server.yang

Further option definitions can be added using additional YANG modules via augmentation of the relevant element modules from this document. Appendix B contains an example module showing how the DHCPv6 option definitions can be extended in this manner. Some guidance on how to write YANG modules for additional DHCPv6 options is also provided.

2. Terminology

The reader should be familiar with the YANG data modeling language defined in [RFC7950].

The YANG modules in this document adopt NMDA [RFC8342]. The meanings of the symbols used in tree diagrams are defined in [RFC8340].

The reader should be familiar with DHCPv6-relevant terminology defined in [RFC8415] and other relevant documents.

2.1. Requirements Language

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.

3. DHCPv6 Tree Diagrams

3.1. DHCPv6 Server Tree Diagram

The tree diagram in Figure 1 provides an overview of the DHCPv6 server module. The tree also includes the common functions module defined in Section 4.1.

module: ietf-dhcpv6-server
  +--rw dhcpv6-server
     +--rw enabled?             boolean
     +--rw server-duid?         dhc6:duid
     +--rw vendor-config
     +--rw option-sets
     |  +--rw option-set* [option-set-id]
     |     +--rw option-set-id                          string
     |     +--rw description?                           string
     |     +--rw preference-option
     |     |  +--rw pref-value?   uint8
     |     +--rw auth-option
     |     |  +--rw algorithm?                      uint8
     |     |  +--rw rdm?                            uint8
     |     |  +--rw replay-detection?               uint64
     |     |  +--rw (protocol)?
     |     |     +--:(conf-token)
     |     |     |  +--rw token-auth-information?   binary
     |     |     +--:(rkap)
     |     |        +--rw datatype?                 uint8
     |     |        +--rw auth-info-value?          binary
     |     +--rw server-unicast-option
     |     |  +--rw server-address?   inet:ipv6-address
     |     +--rw rapid-commit-option!
     |     +--rw vendor-specific-information-options
     |     |  +--rw vendor-specific-information-option*
     |     |          [enterprise-number]
     |     |     +--rw enterprise-number     uint32
     |     |     +--rw vendor-option-data* [sub-option-code]
     |     |        +--rw sub-option-code    uint16
     |     |        +--rw sub-option-data?   binary
     |     +--rw reconfigure-message-option
     |     |  +--rw msg-type?   uint8
     |     +--rw reconfigure-accept-option!
     |     +--rw info-refresh-time-option
     |     |  +--rw info-refresh-time?   dhc6:timer-seconds32
     |     +--rw sol-max-rt-option
     |     |  +--rw sol-max-rt-value?   dhc6:timer-seconds32
     |     +--rw inf-max-rt-option
     |        +--rw inf-max-rt-value?   dhc6:timer-seconds32
     +--rw class-selector
     +--rw allocation-ranges
        +--rw option-set-id*        leafref
        +--rw valid-lifetime?       dhc6:timer-seconds32
        +--rw renew-time?           dhc6:timer-seconds32
        +--rw rebind-time?          dhc6:timer-seconds32
        +--rw preferred-lifetime?   dhc6:timer-seconds32
        +--rw rapid-commit?         boolean
        +--rw allocation-range* [id]
        |  +--rw id                    string
        |  +--rw description?          string
        |  +--rw network-prefix        inet:ipv6-prefix
        |  +--rw option-set-id*        leafref
        |  +--rw valid-lifetime?       dhc6:timer-seconds32
        |  +--rw renew-time?           dhc6:timer-seconds32
        |  +--rw rebind-time?          dhc6:timer-seconds32
        |  +--rw preferred-lifetime?   dhc6:timer-seconds32
        |  +--rw rapid-commit?         boolean
        |  +--rw address-pools {na-assignment}?
        |  |  +--rw address-pool* [pool-id]
        |  |     +--rw pool-id                    string
        |  |     +--rw pool-prefix
        |  |     |       inet:ipv6-prefix
        |  |     +--rw start-address
        |  |     |       inet:ipv6-address-no-zone
        |  |     +--rw end-address
        |  |     |       inet:ipv6-address-no-zone
        |  |     +--rw max-address-utilization?   dhc6:threshold
        |  |     +--rw option-set-id*             leafref
        |  |     +--rw valid-lifetime?
        |  |     |       dhc6:timer-seconds32
        |  |     +--rw renew-time?
        |  |     |       dhc6:timer-seconds32
        |  |     +--rw rebind-time?
        |  |     |       dhc6:timer-seconds32
        |  |     +--rw preferred-lifetime?
        |  |     |       dhc6:timer-seconds32
        |  |     +--rw rapid-commit?              boolean
        |  |     +--rw host-reservations
        |  |     |  +--rw host-reservation* [reserved-addr]
        |  |     |     +--rw client-duid?          dhc6:duid
        |  |     |     +--rw reserved-addr
        |  |     |     |       inet:ipv6-address
        |  |     |     +--rw option-set-id*        leafref
        |  |     |     +--rw valid-lifetime?
        |  |     |     |       dhc6:timer-seconds32
        |  |     |     +--rw renew-time?
        |  |     |     |       dhc6:timer-seconds32
        |  |     |     +--rw rebind-time?
        |  |     |     |       dhc6:timer-seconds32
        |  |     |     +--rw preferred-lifetime?
        |  |     |     |       dhc6:timer-seconds32
        |  |     |     +--rw rapid-commit?         boolean
        |  |     +--ro active-leases
        |  |        +--ro total-count        uint64
        |  |        +--ro allocated-count    uint64
        |  |        +--ro active-lease* [leased-address]
        |  |           +--ro leased-address
        |  |           |       inet:ipv6-address
        |  |           +--ro client-duid?          dhc6:duid
        |  |           +--ro ia-id                 uint32
        |  |           +--ro allocation-time?
        |  |           |       yang:date-and-time
        |  |           +--ro last-renew-rebind?
        |  |           |       yang:date-and-time
        |  |           +--ro preferred-lifetime?
        |  |           |       dhc6:timer-seconds32
        |  |           +--ro valid-lifetime?
        |  |           |       dhc6:timer-seconds32
        |  |           +--ro lease-t1?
        |  |           |       dhc6:timer-seconds32
        |  |           +--ro lease-t2?
        |  |           |       dhc6:timer-seconds32
        |  |           +--ro status
        |  |              +--ro code?      uint16
        |  |              +--ro message?   string
        |  +--rw prefix-pools {prefix-delegation}?
        |     +--rw prefix-pool* [pool-id]
        |        +--rw pool-id                     string
        |        +--rw pool-prefix
        |        |       inet:ipv6-prefix
        |        +--rw client-prefix-length        uint8
        |        +--rw max-pd-space-utilization?   dhc6:threshold
        |        +--rw option-set-id*              leafref
        |        +--rw valid-lifetime?
        |        |       dhc6:timer-seconds32
        |        +--rw renew-time?
        |        |       dhc6:timer-seconds32
        |        +--rw rebind-time?
        |        |       dhc6:timer-seconds32
        |        +--rw preferred-lifetime?
        |        |       dhc6:timer-seconds32
        |        +--rw rapid-commit?               boolean
        |        +--rw host-reservations
        |        |  +--rw prefix-reservation* [reserved-prefix]
        |        |  |  +--rw client-duid?           dhc6:duid
        |        |  |  +--rw reserved-prefix
        |        |  |  |       inet:ipv6-prefix
        |        |  |  +--rw reserved-prefix-len?   uint8
        |        |  +--rw option-set-id*        leafref
        |        |  +--rw valid-lifetime?
        |        |  |       dhc6:timer-seconds32
        |        |  +--rw renew-time?
        |        |  |       dhc6:timer-seconds32
        |        |  +--rw rebind-time?
        |        |  |       dhc6:timer-seconds32
        |        |  +--rw preferred-lifetime?
        |        |  |       dhc6:timer-seconds32
        |        |  +--rw rapid-commit?         boolean
        |        +--ro active-leases
        |           +--ro total-count        uint64
        |           +--ro allocated-count    uint64
        |           +--ro active-lease* [leased-prefix]
        |              +--ro leased-prefix
        |              |       inet:ipv6-prefix
        |              +--ro client-duid?          dhc6:duid
        |              +--ro ia-id                 uint32
        |              +--ro allocation-time?
        |              |       yang:date-and-time
        |              +--ro last-renew-rebind?
        |              |       yang:date-and-time
        |              +--ro preferred-lifetime?
        |              |       dhc6:timer-seconds32
        |              +--ro valid-lifetime?
        |              |       dhc6:timer-seconds32
        |              +--ro lease-t1?
        |              |       dhc6:timer-seconds32
        |              +--ro lease-t2?
        |              |       dhc6:timer-seconds32
        |              +--ro status
        |                 +--ro code?      uint16
        |                 +--ro message?   string
        +--rw statistics
           +--rw discontinuity-time?          yang:date-and-time
           +--ro solicit-count?               yang:counter32
           +--ro advertise-count?             yang:counter32
           +--ro request-count?               yang:counter32
           +--ro confirm-count?               yang:counter32
           +--ro renew-count?                 yang:counter32
           +--ro rebind-count?                yang:counter32
           +--ro reply-count?                 yang:counter32
           +--ro release-count?               yang:counter32
           +--ro decline-count?               yang:counter32
           +--ro reconfigure-count?           yang:counter32
           +--ro information-request-count?   yang:counter32
           +--ro discarded-message-count?     yang:counter32

  rpcs:
    +---x delete-address-lease {na-assignment}?
    |  +---w input
    |  |  +---w lease-address-to-delete    leafref
    |  +--ro output
    |     +--ro return-message?   string
    +---x delete-prefix-lease {prefix-delegation}?
       +---w input
       |  +---w lease-prefix-to-delete    leafref
       +--ro output
          +--ro return-message?   string

  notifications:
    +---n address-pool-utilization-threshold-exceeded
    |       {na-assignment}?
    |  +--ro pool-id                    leafref
    |  +--ro total-pool-addresses       uint64
    |  +--ro max-allocated-addresses    uint64
    |  +--ro allocated-address-count    uint64
    +---n prefix-pool-utilization-threshold-exceeded
    |       {prefix-delegation}?
    |  +--ro pool-id                     leafref
    |  +--ro total-pool-prefixes         uint64
    |  +--ro max-allocated-prefixes      uint64
    |  +--ro allocated-prefixes-count    uint64
    +---n invalid-client-detected
    |  +--ro message-type?   enumeration
    |  +--ro duid?           dhc6:duid
    |  +--ro description?    string
    +---n decline-received {na-assignment}?
    |  +--ro duid?                 dhc6:duid
    |  +--ro declined-resources* []
    |     +--ro (resource-type)?
    |        +--:(declined-address)
    |        |  +--ro address?   inet:ipv6-address
    |        +--:(declined-prefix)
    |           +--ro prefix?    inet:ipv6-prefix
    +---n non-success-code-sent
       +--ro duid?     dhc6:duid
       +--ro status
          +--ro code?      uint16
          +--ro message?   string
Figure 1: DHCPv6 Server Data Module Structure
Descriptions of important nodes:
enabled:
This enables/disables the function of the DHCPv6 server.
dhcpv6-server:
This container holds the server's DHCPv6-specific configuration.
server-duid:
Each server must have a DHCP Unique Identifier (DUID) to identify itself to clients. A DUID consists of a 2-octet type field and an arbitrary length (of no more than 128 octets) content field. Currently, there are four DUID types defined in [RFC8415] and [RFC6355]. The DUID may be configured using the format for one of these types or using the 'unstructured' format. The DUID type definitions are imported from the 'ietf-dhcpv6-common.yang' module. [IANA-HARDWARE-TYPES] and [IANA-PEN] are referenced for the relevant DUID types.
vendor-config:
This container is provided as a location for additional implementation-specific YANG nodes for the configuration of the device to be augmented. See Appendix C for an example of such a module.
option-sets:
The server can be configured with multiple option-sets. These are groups of DHCPv6 options with common parameters that may be supplied to clients on request. The 'option-set-id' field is used to reference an option-set elsewhere in the server's configuration.
option-set:
This holds configuration parameters for DHCPv6 options. The initial set of applicable option definitions are defined here, and additional options that are also relevant to the relay and/or client are imported from the 'ietf-dhcpv6-common' module. Where needed, other DHCPv6 option modules can be augmented as they are defined. The complete list of DHCPV6 options is located at [IANA-DHCPV6-OPTION-CODES].
class-selector:
This is provided as a location for additional implementation-specific YANG nodes for vendor-specific class selector nodes to be augmented. See Appendix D for an example of this.
allocation-ranges:
A hierarchical model is used for the allocation of addresses and prefixes. The top-level 'allocation-ranges' container holds global configuration parameters. Under this, the 'allocation-range' list is used for specifying IPv6 prefixes and additional prefix-specific parameters.
address-pools:
This is used for Identity Association for Non-temporary Addresses (IA_NA) and Identity Association for Temporary Addresses (IA_TA) pool allocations with a container for defining host reservations. State information about active leases from each pool is also located here.
prefix-pools:
This defines pools to be used for prefix delegation to clients. Static host reservations can also be configured. As prefix delegation is not supported by all DHCPv6 server implementations, it is enabled by a feature statement.
Information about RPCs:
delete-address-lease:
This allows the deletion of a lease for an individual IPv6 address from the server's lease database. Per [BCP18], if available, a language identifier should be included in the output message.
delete-prefix-lease:
This allows the deletion of a lease for an individual IPv6 prefix from the server's lease database. Per [BCP18], if available, a language identifier should be included in the output message.
Information about notifications:
address/prefix-pool-utilization-threshold-exceeded:
This is raised when the number of leased addresses or prefixes in a pool exceeds the configured usage threshold.
invalid-client-detected:
This is raised when the server detects an invalid client. A description of the error and message type that has generated the notification can be included.
decline-received:
This is raised when a DHCPv6 Decline message is received from a client.
non-success-code-sent:
This is raised when there is a status message for a failure. Status codes are drawn from [IANA-DHCPV6-STATUS-CODES].

3.2. DHCPv6 Relay Tree Diagram

The tree diagram in Figure 2 provides an overview of the DHCPv6 relay module. The tree also includes the common functions module defined in Section 4.1.

The RPCs in the module are taken from requirements defined in [RFC8987].

module: ietf-dhcpv6-relay
  +--rw dhcpv6-relay
     +--rw enabled?      boolean
     +--rw relay-if* [if-name]
     |  +--rw if-name                if:interface-ref
     |  +--rw enabled?               boolean
     |  +--rw destination-address*   inet:ipv6-address
     |  +--rw link-address?          inet:ipv6-address
     |  +--rw relay-options
     |  |  +--rw auth-option
     |  |  |  +--rw algorithm?                      uint8
     |  |  |  +--rw rdm?                            uint8
     |  |  |  +--rw replay-detection?               uint64
     |  |  |  +--rw (protocol)?
     |  |  |     +--:(conf-token)
     |  |  |     |  +--rw token-auth-information?   binary
     |  |  |     +--:(rkap)
     |  |  |        +--rw datatype?                 uint8
     |  |  |        +--rw auth-info-value?          binary
     |  |  +--rw interface-id-option
     |  |     +--rw interface-id?   binary
     |  +--rw statistics
     |  |  +--rw discontinuity-time?
     |  |  |       yang:date-and-time
     |  |  +--ro solicit-received-count?
     |  |  |       yang:counter32
     |  |  +--ro advertise-sent-count?
     |  |  |       yang:counter32
     |  |  +--ro request-received-count?
     |  |  |       yang:counter32
     |  |  +--ro confirm-received-count?
     |  |  |       yang:counter32
     |  |  +--ro renew-received-count?
     |  |  |       yang:counter32
     |  |  +--ro rebind-received-count?
     |  |  |       yang:counter32
     |  |  +--ro reply-sent-count?
     |  |  |       yang:counter32
     |  |  +--ro release-received-count?
     |  |  |       yang:counter32
     |  |  +--ro decline-received-count?
     |  |  |       yang:counter32
     |  |  +--ro reconfigure-sent-count?
     |  |  |       yang:counter32
     |  |  +--ro information-request-received-count?
     |  |  |       yang:counter32
     |  |  +--ro unknown-message-received-count?
     |  |  |       yang:counter32
     |  |  +--ro unknown-message-sent-count?
     |  |  |       yang:counter32
     |  |  +--ro discarded-message-count?
     |  |          yang:counter32
     |  +--rw prefix-delegation! {prefix-delegation}?
     |     +--ro pd-leases* [ia-pd-prefix]
     |        +--ro ia-pd-prefix           inet:ipv6-prefix
     |        +--ro last-renew?            yang:date-and-time
     |        +--ro client-peer-address?   inet:ipv6-address
     |        +--ro client-duid?           dhc6:duid
     |        +--ro server-duid?           dhc6:duid
     +--rw statistics
        +--ro relay-forward-sent-count?
        |       yang:counter32
        +--ro relay-forward-received-count?
        |       yang:counter32
        +--ro relay-reply-received-count?
        |       yang:counter32
        +--ro relay-forward-unknown-sent-count?
        |       yang:counter32
        +--ro relay-forward-unknown-received-count?
        |       yang:counter32
        +--ro discarded-message-count?
                yang:counter32

  rpcs:
    +---x clear-prefix-entry {prefix-delegation}?
    |  +---w input
    |  |  +---w lease-prefix    leafref
    |  +--ro output
    |     +--ro return-message?   string
    +---x clear-client-prefixes {prefix-delegation}?
    |  +---w input
    |  |  +---w client-duid    dhc6:duid
    |  +--ro output
    |     +--ro return-message?   string
    +---x clear-interface-prefixes {prefix-delegation}?
       +---w input
       |  +---w interface    -> /dhcpv6-relay/relay-if/if-name
       +--ro output
          +--ro return-message?   string

  notifications:
    +---n relay-event
       +--ro topology-change
          +--ro relay-if-name?
          |       -> /dhcpv6-relay/relay-if/if-name
          +--ro last-ipv6-addr?   inet:ipv6-address
Figure 2: DHCPv6 Relay Data Module Structure
Descriptions of important nodes:
enabled:
This globally enables/disables all DHCPv6 relay functions.
dhcpv6-relay:
This container holds the relay's DHCPv6-specific configuration.
relay-if:
As a relay may have multiple client-facing interfaces, they are configured in a list. The 'if-name' leaf is the key and is an interface-ref to the applicable interface defined by the 'ietf-interfaces' YANG module.
enabled:
This enables/disables all DHCPv6 relay functions for the specific interface.
destination-addresses:
This defines a list of IPv6 addresses that client messages will be relayed to, which may include unicast or multicast addresses.
link-address:
This configures the value that the relay will put into the link-address field of Relay-Forward messages.
prefix-delegation:
As prefix delegation is not supported by all DHCPv6 relay implementations, it is enabled by this feature statement where required.
pd-leases:
This contains read-only nodes for holding information about active delegated prefix leases.
relay-options:
This holds configuration parameters for DHCPv6 options that can be sent by the relay. The initial set of applicable option definitions are defined here, and additional options that are also relevant to the server and/or client are imported from the 'ietf-dhcpv6-common' module. Information for the Authentication Option (OPTION_AUTH (11)) is drawn from [IANA-DHCPV6-AUTH-NAMESPACES] and [RFC3118]. Where needed, other DHCPv6 option modules can be augmented as they are defined. The complete list of DHCPV6 options is located at [IANA-DHCPV6-OPTION-CODES].
Information about RPCs:
clear-prefix-entry:
This allows the removal of a delegated lease entry from the relay. Per [BCP18], if available, a language identifier should be included in the output message.
clear-client-prefixes:
This allows the removal of all of the delegated lease entries for a single client (referenced by client DUID) from the relay. Per [BCP18], if available, a language identifier should be included in the output message.
clear-interface-prefixes:
This allows the removal of all of the delegated lease entries from an interface on the relay. Per [BCP18], if available, a language identifier should be included in the output message.
Information about notifications:
topology-change:
This is raised when the topology of the relay agent is changed, e.g., a client-facing interface is reconfigured.

3.3. DHCPv6 Client Tree Diagram

The tree diagram in Figure 3 provides an overview of the DHCPv6 client module. The tree also includes the common functions module defined in Section 4.1.

module: ietf-dhcpv6-client
  +--rw dhcpv6-client
     +--rw enabled?     boolean
     +--rw client-if* [if-name]
        +--rw if-name                      if:interface-ref
        +--rw enabled?                     boolean
        +--rw interface-duid?              dhc6:duid
        |       {(non-temp-addr or prefix-delegation or temp-addr)
                  and anon-profile}?
        +--rw client-configured-options
        |  +--rw option-request-option
        |  |  +--rw oro-option*   uint16
        |  +--rw rapid-commit-option!
        |  +--rw user-class-option!
        |  |  +--rw user-class-data-instance*
        |  |          [user-class-data-id]
        |  |     +--rw user-class-data-id    uint8
        |  |     +--rw user-class-data?      binary
        |  +--rw vendor-class-option
        |  |  +--rw vendor-class-option-instances*
        |  |          [enterprise-number]
        |  |     +--rw enterprise-number            uint32
        |  |     +--rw vendor-class-data-element*
        |  |             [vendor-class-data-id]
        |  |        +--rw vendor-class-data-id    uint8
        |  |        +--rw vendor-class-data?      binary
        |  +--rw vendor-specific-information-options
        |  |  +--rw vendor-specific-information-option*
        |  |          [enterprise-number]
        |  |     +--rw enterprise-number     uint32
        |  |     +--rw vendor-option-data* [sub-option-code]
        |  |        +--rw sub-option-code    uint16
        |  |        +--rw sub-option-data?   binary
        |  +--rw reconfigure-accept-option!
        +--rw ia-na* [ia-id] {non-temp-addr}?
        |  +--rw ia-id            uint32
        |  +--rw ia-na-options
        |  +--ro lease-state
        |     +--ro ia-na-address?        inet:ipv6-address
        |     +--ro lease-t1?             dhc6:timer-seconds32
        |     +--ro lease-t2?             dhc6:timer-seconds32
        |     +--ro preferred-lifetime?   dhc6:timer-seconds32
        |     +--ro valid-lifetime?       dhc6:timer-seconds32
        |     +--ro allocation-time?      yang:date-and-time
        |     +--ro last-renew-rebind?    yang:date-and-time
        |     +--ro server-duid?          dhc6:duid
        |     +--ro status
        |        +--ro code?      uint16
        |        +--ro message?   string
        +--rw ia-ta* [ia-id] {temp-addr}?
        |  +--rw ia-id            uint32
        |  +--rw ia-ta-options
        |  +--ro lease-state
        |     +--ro ia-ta-address?        inet:ipv6-address
        |     +--ro preferred-lifetime?   dhc6:timer-seconds32
        |     +--ro valid-lifetime?       dhc6:timer-seconds32
        |     +--ro allocation-time?      yang:date-and-time
        |     +--ro last-renew-rebind?    yang:date-and-time
        |     +--ro server-duid?          dhc6:duid
        |     +--ro status
        |        +--ro code?      uint16
        |        +--ro message?   string
        +--rw ia-pd* [ia-id] {prefix-delegation}?
        |  +--rw ia-id                 uint32
        |  +--rw prefix-length-hint?   uint8
        |  +--rw ia-pd-options
        |  +--ro lease-state
        |     +--ro ia-pd-prefix?         inet:ipv6-prefix
        |     +--ro lease-t1?             dhc6:timer-seconds32
        |     +--ro lease-t2?             dhc6:timer-seconds32
        |     +--ro preferred-lifetime?   dhc6:timer-seconds32
        |     +--ro valid-lifetime?       dhc6:timer-seconds32
        |     +--ro allocation-time?      yang:date-and-time
        |     +--ro last-renew-rebind?    yang:date-and-time
        |     +--ro server-duid?          dhc6:duid
        |     +--ro status
        |        +--ro code?      uint16
        |        +--ro message?   string
        +--rw statistics
           +--rw discontinuity-time?          yang:date-and-time
           +--ro solicit-count?               yang:counter32
           +--ro advertise-count?             yang:counter32
           +--ro request-count?               yang:counter32
           +--ro confirm-count?               yang:counter32
           +--ro renew-count?                 yang:counter32
           +--ro rebind-count?                yang:counter32
           +--ro reply-count?                 yang:counter32
           +--ro release-count?               yang:counter32
           +--ro decline-count?               yang:counter32
           +--ro reconfigure-count?           yang:counter32
           +--ro information-request-count?   yang:counter32
           +--ro discarded-message-count?     yang:counter32

  notifications:
    +---n invalid-ia-address-detected
    |       {non-temp-addr or temp-addr}?
    |  +--ro ia-id                 uint32
    |  +--ro ia-na-t1-timer?       uint32
    |  +--ro ia-na-t2-timer?       uint32
    |  +--ro invalid-address?      inet:ipv6-address
    |  +--ro preferred-lifetime?   uint32
    |  +--ro valid-lifetime?       uint32
    |  +--ro ia-options?           binary
    |  +--ro description?          string
    +---n transmission-failed
    |  +--ro failure-type    enumeration
    |  +--ro description?    string
    +---n unsuccessful-status-code
    |  +--ro server-duid    dhc6:duid
    |  +--ro status
    |     +--ro code?      uint16
    |     +--ro message?   string
    +---n server-duid-changed
            {non-temp-addr or prefix-delegation or temp-addr}?
       +--ro new-server-duid         dhc6:duid
       +--ro previous-server-duid    dhc6:duid
       +--ro lease-ia-na?
       |       -> /dhcpv6-client/client-if/ia-na/ia-id
       |       {non-temp-addr}?
       +--ro lease-ia-ta?
       |       -> /dhcpv6-client/client-if/ia-ta/ia-id
       |       {temp-addr}?
       +--ro lease-ia-pd?
               -> /dhcpv6-client/client-if/ia-pd/ia-id
               {prefix-delegation}?
Figure 3: DHCPv6 Client Data Module Structure
Descriptions of important nodes:
enabled:
This globally enables/disables all DHCPv6 client functions.
dhcpv6-client:
This container holds the client's DHCPv6-specific configuration.
client-if:
As a client may have multiple interfaces requesting configuration over DHCP, they are configured in a list. The 'if-name' leaf is the key and is an interface-ref to the applicable interface defined by the 'ietf-interfaces' YANG module.
enabled:
This enables/disables all DHCPv6 client function for the specific interface.
client-duid/interface-duid:
The DUID is used to identify the client to servers and relays. A DUID consists of a 2-octet type field and an arbitrary length (1-128 octets) content field. Currently, there are four DUID types defined in [RFC8415] and [RFC6355]. The DUID may be configured using the format for one of these types or using the 'unstructured' format. The DUID type definitions are imported from the 'ietf-dhcpv6-common.yang' module. [IANA-HARDWARE-TYPES] and [IANA-PEN] are referenced for the relevant DUID types. A DUID only needs to be configured if the client is requesting addresses and/or prefixes from the server. Presence of the 'client-duid' or 'interface-duid' leaves is conditional on at least one of the 'non-temp-addr', 'temp-addr', or 'prefix-delegation' features being enabled. Additionally, if the 'anon-profile' [RFC7844] feature is enabled, a unique DUID can be configured per a DHCP-enabled interface using the 'interface-duid' leaf; otherwise, there is a global 'client-duid' leaf.
client-configured-options:
This holds configuration parameters for DHCPv6 options that can be sent by the client. The initial set of applicable option definitions are defined here, and additional options that are also relevant to the relay and/or server are imported from the 'ietf-dhcpv6-common' module. Where needed, other DHCPv6 option modules can be augmented as they are defined. The complete list of DHCPV6 options is located at [IANA-DHCPV6-OPTION-CODES].
ia-na, ia-ta, ia-pd:
These contain configuration nodes relevant for requesting one or more of each of the lease types. Read-only nodes related to the active leases for each type are also located here, drawing the status codes from [IANA-DHCPV6-STATUS-CODES]. As these lease types may not be supported by all DHCPv6 client implementations, they are enabled via individual feature statements. Stateless DHCP (Section 6.1 of [RFC8415]) is configured when all address and prefix features are disabled.
Information about notifications:
invalid-ia-detected:
This is raised when the identity association of the client can be proved to be invalid. Possible conditions include duplicated address, illegal address, etc.
retransmission-failed:
This is raised when the retransmission mechanism defined in [RFC8415] has failed.

4. DHCPv6 YANG Modules

4.1. DHCPv6 Common YANG Module 

<CODE BEGINS> file "ietf-dhcpv6-common@2022-06-20.yang"

module ietf-dhcpv6-common {
  yang-version 1.1;
  namespace "urn:ietf:params:xml:ns:yang:ietf-dhcpv6-common";
  prefix dhc6;

  organization
    "IETF Dynamic Host Configuration (DHC) Working Group";
  contact
    "WG Web:   <https://datatracker.ietf.org/wg/dhc/>
     WG List:  <mailto:dhcwg@ietf.org>
     Author:   Yong Cui <yong@csnet1.cs.tsinghua.edu.cn>
     Author:   Linhui Sun <lh.sunlinh@gmail.com>
     Editor:   Ian Farrer <ian.farrer@telekom.de>
     Author:   Sladjana Zeichlin <sladjana.zechlin@telekom.de>
     Author:   Zihao He <hezihao9512@gmail.com>
     Author:   Michal Nowikowski <godfryd@isc.org>";
  description
    "This YANG module defines common components used for the
     configuration and management of DHCPv6.

     The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
     'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
     'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document
     are to be interpreted as described in BCP 14 (RFC 2119)
     (RFC 8174) when, and only when, they appear in all
     capitals, as shown here.

     Copyright (c) 2022 IETF Trust and the persons identified as
     authors of the code.  All rights reserved.

     Redistribution and use in source and binary forms, with or
     without modification, is permitted pursuant to, and subject to
     the license terms contained in, the Revised BSD License set
     forth in Section 4.c of the IETF Trust's Legal Provisions
     Relating to IETF Documents
     (https://trustee.ietf.org/license-info).

     This version of this YANG module is part of RFC 9243
     (https://www.rfc-editor.org/info/rfc9243); see the RFC itself
     for full legal notices.";

  revision 2022-06-20 {
    description
      "Initial revision.";
    reference
      "RFC 9243: A YANG Data Model for DHCPv6 Configuration";
  }

  typedef threshold {
    type uint8 {
      range "1..100";
    }
    description
      "Threshold value in percent.";
  }

  typedef timer-seconds32 {
    type uint32;
    units "seconds";
    description
      "Timer value type in seconds (32-bit range).";
  }

  typedef duid-base {
    type string {
      pattern '([0-9a-fA-F]{2}){3,130}';
    }
    description
      "Each DHCP server and client has a DHCP Unique Identifier
       (DUID).  The DUID consists of a 2-octet type field
       and an arbitrary length (1-128 octets) content field.
       The duid-base type is used by other duid types with
       additional pattern constraints.

       Currently, there are four defined types of DUIDs
       in RFCs 8415 and 6355 -- DUID-LLT, DUID-EN, DUID-LL, and
       DUID-UUID.  DUID-unstructured represents DUIDs that do not
       follow any of the defined formats.

       Type 'string' is used to represent the hexadecimal DUID value
       so that pattern constraints can be applied.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 11
       RFC 6355: Definition of the UUID-Based DHCPv6 Unique
       Identifier (DUID-UUID), Section 4";
  }

  typedef duid-llt {
    type duid-base {
      pattern '0001'
            + '[0-9a-fA-F]{12,}';
    }
    description
      "DUID type 1, based on Link-Layer Address Plus Time
       (DUID-LLT).  Constructed with a 2-octet hardware type assigned
       by IANA,  4 octets containing the time the DUID is generated
       (represented in seconds since midnight (UTC), January 1, 2000,
       modulo 2^32), and a link-layer address. The address is encoded
       without separator characters.  For example:

       +------+------+----------+--------------+
       | 0001 | 0006 | 28490058 | 00005E005300 |
       +------+------+----------+--------------+

       This example includes the 2-octet DUID type of 1 (0x01); the
       hardware type is 0x06 (IEEE Hardware Types), and the creation
       time is 0x28490058 (constructed as described above).  Finally,
       the link-layer address is 0x5E005300 (EUI-48 address
       00-00-5E-00-53-00).";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 11.2
       IANA 'Hardware Types' registry
       <https://www.iana.org/assignments/arp-parameters>";
  }

  typedef duid-en {
    type duid-base {
      pattern '0002'
            + '[0-9a-fA-F]{8,}';
    }
    description
      "DUID type 2, assigned by vendor based on Enterprise
       Number (DUID-EN).  This DUID consists of the 4-octet vendor's
       registered Private Enterprise Number, as maintained by IANA,
       followed by a unique identifier assigned by the vendor.  For
       example:

       +------+----------+------------------+
       | 0002 | 00007ED9 | 0CC084D303000912 |
       +------+----------+------------------+

       This example includes the 2-octet DUID type of 2 (0x02),
       4 octets for the Enterprise Number (0x7ED9), followed by
       8 octets of identifier data (0x0CC084D303000912).";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 11.3
       IANA 'Private Enterprise Numbers' registry
       <https://www.iana.org/assignments/enterprise-numbers>";
  }

  typedef duid-ll {
    type duid-base {
      pattern '0003'
            + '([0-9a-fA-F]){4,}';
    }
    description
      "DUID type 3, based on Link-Layer Address (DUID-LL).
       Constructed with a 2-octet hardware type assigned
       by IANA and a link-layer address.  The address is encoded
       without separator characters.  For example:

       +------+------+--------------+
       | 0003 | 0006 | 00005E005300 |
       +------+------+--------------+

       This example includes the 2-octet DUID type of 3 (0x03); the
       hardware type is 0x06 (IEEE Hardware Types), and the
       link-layer address is 0x5E005300 (EUI-48 address
       00-00-5E-00-53-00).";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 11.4
       IANA 'Hardware Types' registry
       <https://www.iana.org/assignments/arp-parameters>";
  }

  typedef duid-uuid {
    type duid-base {
      pattern '0004'
            + '[0-9a-fA-F]{32}';
    }
    description
      "DUID type 4, based on Universally Unique Identifier
       (DUID-UUID).  This type of DUID consists of 16 octets
       containing a 128-bit UUID.  For example:

       +------+----------------------------------+
       | 0004 | 9f03b182705747e38a1e422910078642 |
       +------+----------------------------------+

       This example includes the 2-octet DUID type of 4 (0x04) and
       the UUID 9f03b182-7057-47e3-8a1e-422910078642.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 11.5
       RFC 6355: Definition of the UUID-Based DHCPv6 Unique
       Identifier (DUID-UUID)";
  }

  typedef duid-unstructured {
    type duid-base {
      pattern '(000[1-4].*)' {
        modifier "invert-match";
      }
    }
    description
      "Used for DUIDs following any formats other than DUID
       types 1-4.  For example:

       +----------------------------------+
       | 7b6a164d325946539dc540fb539bc430 |
       +----------------------------------+

       Here, an arbitrary 16-octet value is used.  The only
       constraint placed on this is that the first 2 octets
       are not 0x01-0x04 to avoid collision with the other
       defined DUID types (duid-llt, duid-en, duid-ll,
       or duid-uuid).";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 11";
  }

  typedef duid {
    type union {
      type duid-llt;
      type duid-en;
      type duid-ll;
      type duid-uuid;
      type duid-unstructured;
    }
    description
      "Represents the DUID and is neutral to the DUID's construction
       format.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 11";
  }

  /*
   * Groupings
   */

  grouping status {
    description
      "Holds information about the most recent status code that
       has been sent by the server or received by the client.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol
       for IPv6 (DHCPv6), Section 7.5.";
    container status {
      description
        "Status code information, relating to the success or failure
         of operations requested in messages.";
      leaf code {
        type uint16;
        description
          "The numeric code for the status encoded in this option.
           See the 'Status Codes' registry at
           <https://www.iana.org/assignments/dhcpv6-parameters>
           for the current list of status codes.";
      }
      leaf message {
        type string;
        description
          "A UTF-8-encoded text string suitable for display to an
           end user.  It MUST NOT be null terminated.";
      }
    }
  }

  grouping auth-option-group {
    description
      "OPTION_AUTH (11) Authentication Option.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol
       for IPv6 (DHCPv6), Section 21.11
       RFC 3118: Authentication for DHCP Messages
       IANA 'Dynamic Host Configuration Protocol (DHCP)
       Authentication Option Name Spaces' registry
       <https://www.iana.org/assignments/auth-namespaces>";
    container auth-option {
      description
        "OPTION_AUTH (11) Authentication Option.";
      leaf algorithm {
        type uint8;
        description
          "The algorithm used in the authentication protocol.";
      }
      leaf rdm {
        type uint8;
        description
          "The Replay Detection Method (RDM) used in this
           Authentication option.";
      }
      leaf replay-detection {
        type uint64;
        description
          "The replay detection information for the RDM.";
      }
      choice protocol {
        description
          "The authentication protocol used in the option.  Protocol
           Namespace Values 1 (delayed authentication) and 2 (Delayed
           Authentication (Obsolete)) are not applicable and so are
           not modeled.";
        case conf-token {
          leaf token-auth-information {
            type binary;
            description
              "Protocol Namespace Value 0.  The authentication
               information, as specified by the protocol and
               algorithm used in this Authentication option.";
          }
        }
        case rkap {
          description
            "Protocol Namespace Value 3.  The Reconfigure Key
             Authentication Protocol (RKAP) provides protection
             against misconfiguration of a client caused by a
             Reconfigure message sent by a malicious DHCP
             server.";
          leaf datatype {
            type uint8 {
              range "1 .. 2";
            }
            description
              "Type of data in the Value field carried in this
               option.
                1  Reconfigure key value (used in the Reply
                   message).
                2  HMAC-MD5 digest of the message (used in
                   the Reconfigure message).";
          }
          leaf auth-info-value {
            type binary {
              length "16";
            }
            description
              "Data, as defined by the Type field.  A 16-octet
               field.";
          }
        }
      }
    }
  }

  grouping rapid-commit-option-group {
    description
      "OPTION_RAPID_COMMIT (14) Rapid Commit Option.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 21.14";
    container rapid-commit-option {
      presence "Enable sending of this option";
      description
        "OPTION_RAPID_COMMIT (14) Rapid Commit Option.";
    }
  }

  grouping vendor-specific-information-option-group {
    description
      "OPTION_VENDOR_OPTS (17) Vendor-specific Information
       Option.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol
       for IPv6 (DHCPv6), Section 21.17";
    container vendor-specific-information-options {
      description
        "OPTION_VENDOR_OPTS (17) Vendor-specific Information
         Option.";
      list vendor-specific-information-option {
        key "enterprise-number";
        description
          "The Vendor-specific Information option allows for
           multiple instances in a single message.  Each list entry
           defines the contents of an instance of the option.";
        leaf enterprise-number {
          type uint32;
          description
            "The vendor's registered Enterprise Number, as
             maintained by IANA.";
          reference
            "IANA 'Private Enterprise Numbers' registry
             <https://www.iana.org/assignments/enterprise-numbers>";
        }
        list vendor-option-data {
          key "sub-option-code";
          description
            "Vendor options, interpreted by vendor-specific
             client/server functions.";
          leaf sub-option-code {
            type uint16;
            description
              "The code for the sub-option.";
          }
          leaf sub-option-data {
            type binary;
            description
              "The data area for the sub-option.";
          }
        }
      }
    }
  }

  grouping reconfigure-accept-option-group {
    description
      "OPTION_RECONF_ACCEPT (20) Reconfigure Accept Option.
       A client uses the Reconfigure Accept option to announce to
       the server whether or not the client is willing to accept
       Reconfigure messages, and a server uses this option to tell
       the client whether or not to accept Reconfigure messages.  In
       the absence of this option, the default behavior is that the
       client is unwilling to accept Reconfigure messages.  The
       presence node is used to enable the option.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol
       for IPv6 (DHCPv6), Section 21.20";
    container reconfigure-accept-option {
      presence "Enable sending of this option";
      description
        "OPTION_RECONF_ACCEPT (20) Reconfigure Accept Option.";
    }
  }
}

<CODE ENDS>

4.2. DHCPv6 Server YANG Module

This module imports typedefs from [RFC6991] and the module defined in [RFC8343].

<CODE BEGINS> file "ietf-dhcpv6-server@2022-06-20.yang"

module ietf-dhcpv6-server {
  yang-version 1.1;
  namespace "urn:ietf:params:xml:ns:yang:ietf-dhcpv6-server";
  prefix dhc6-srv;

  import ietf-inet-types {
    prefix inet;
    reference
      "RFC 6991: Common YANG Data Types";
  }
  import ietf-yang-types {
    prefix yang;
    reference
      "RFC 6991: Common YANG Data Types";
  }
  import ietf-dhcpv6-common {
    prefix dhc6;
    reference
      "RFC 9243: A YANG Data Model for DHCPv6 Configuration";
  }
  import ietf-netconf-acm {
    prefix nacm;
    reference
      "RFC 8341: Network Configuration Access Control Model";
  }

  organization
    "IETF Dynamic Host Configuration (DHC) Working Group";
  contact
    "WG Web:   <https://datatracker.ietf.org/wg/dhc/>
     WG List:  <mailto:dhcwg@ietf.org>
     Author:   Yong Cui <yong@csnet1.cs.tsinghua.edu.cn>
     Author:   Linhui Sun <lh.sunlinh@gmail.com>
     Editor:   Ian Farrer <ian.farrer@telekom.de>
     Author:   Sladjana Zeichlin <sladjana.zechlin@telekom.de>
     Author:   Zihao He <hezihao9512@gmail.com>
     Author:   Michal Nowikowski <godfryd@isc.org>";
  description
    "This YANG module defines components for the configuration
     and management of DHCPv6 servers.

     Copyright (c) 2022 IETF Trust and the persons identified as
     authors of the code.  All rights reserved.

     Redistribution and use in source and binary forms, with or
     without modification, is permitted pursuant to, and subject to
     the license terms contained in, the Revised BSD License set
     forth in Section 4.c of the IETF Trust's Legal Provisions
     Relating to IETF Documents
     (https://trustee.ietf.org/license-info).

     This version of this YANG module is part of RFC 9243
     (https://www.rfc-editor.org/info/rfc9243); see the RFC itself
     for full legal notices.";

  revision 2022-06-20 {
    description
      "Initial revision.";
    reference
      "RFC 9243: A YANG Data Model for DHCPv6 Configuration";
  }

  /*
   * Features
   */

  feature na-assignment {
    description
      "Denotes that the server implements DHCPv6 non-temporary
       address assignment.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 6.2";
  }

  feature prefix-delegation {
    description
      "Denotes that the server implements DHCPv6 prefix
       delegation.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 6.3";
  }

  /*
   * Groupings
   */

  grouping resource-config {
    description
      "Nodes that are reused at multiple levels in the DHCPv6
       server's addressing hierarchy.";
    leaf-list option-set-id {
      type leafref {
        path "/dhcpv6-server/option-sets/option-set/option-set-id";
      }
      description
        "The ID field of the relevant set of DHCPv6 options
         (option-set) to be provisioned to clients using the
         allocation-range.";
    }
    leaf valid-lifetime {
      type dhc6:timer-seconds32;
      description
        "Valid lifetime for the Identity Association (IA).";
      reference
        "RFC 8415: Dynamic Host Configuration Protocol for
         IPv6 (DHCPv6), Section 12.1";
    }
    leaf renew-time {
      type dhc6:timer-seconds32;
      description
        "Renew (T1) time.";
      reference
        "RFC 8415: Dynamic Host Configuration Protocol for
         IPv6 (DHCPv6), Section 4.2";
    }
    leaf rebind-time {
      type dhc6:timer-seconds32;
      description
        "Rebind (T2) time.";
      reference
        "RFC 8415: Dynamic Host Configuration Protocol for
         IPv6 (DHCPv6), Section 4.2";
    }
    leaf preferred-lifetime {
      type dhc6:timer-seconds32;
      description
        "Preferred lifetime for the IA.";
      reference
        "RFC 8415: Dynamic Host Configuration Protocol for
         IPv6 (DHCPv6), Section 12.1";
    }
    leaf rapid-commit {
      type boolean;
      description
        "When set to 'true', specifies that client-server exchanges
         involving two messages is supported.";
      reference
        "RFC 8415: Dynamic Host Configuration Protocol for
         IPv6 (DHCPv6), Section 5.1";
    }
  }

  grouping lease-information {
    description
      "Binding information for each client that has been allocated
       an IPv6 address or prefix.";
    leaf client-duid {
      type dhc6:duid;
      description
        "Client DUID.";
      reference
        "RFC 8415: Dynamic Host Configuration Protocol for
         IPv6 (DHCPv6), Section 11";
    }
    leaf ia-id {
      type uint32;
      mandatory true;
      description
        "Client's Identity Association IDentifier (IAID).";
      reference
        "RFC 8415: Dynamic Host Configuration Protocol for
         IPv6 (DHCPv6), Section 12";
    }
    leaf allocation-time {
      type yang:date-and-time;
      description
        "Time and date that the lease was made.";
      reference
        "RFC 8415: Dynamic Host Configuration Protocol for
         IPv6 (DHCPv6), Section 18";
    }
    leaf last-renew-rebind {
      type yang:date-and-time;
      description
        "Time of the last successful renew or rebind.";
      reference
        "RFC 8415: Dynamic Host Configuration Protocol for
         IPv6 (DHCPv6), Section 18";
    }
    leaf preferred-lifetime {
      type dhc6:timer-seconds32;
      description
        "The preferred lifetime expressed in seconds.";
      reference
        "RFC 8415: Dynamic Host Configuration Protocol for
         IPv6 (DHCPv6), Section 6";
    }
    leaf valid-lifetime {
      type dhc6:timer-seconds32;
      description
        "The valid lifetime for the lease expressed in seconds.";
      reference
        "RFC 8415: Dynamic Host Configuration Protocol for
         IPv6 (DHCPv6), Section 6";
    }
    leaf lease-t1 {
      type dhc6:timer-seconds32;
      description
        "The time interval after which the client should contact
         the server from which the addresses in the IA_NA were
         obtained to extend the lifetimes of the addresses assigned
         to the Identity Association for Prefix Delegation (IA_PD).";
      reference
        "RFC 8415: Dynamic Host Configuration Protocol for
         IPv6 (DHCPv6), Section 4.2";
    }
    leaf lease-t2 {
      type dhc6:timer-seconds32;
      description
        "The time interval after which the client should contact
         any available server to extend the lifetimes of the
         addresses assigned to the IA_PD.";
      reference
        "RFC 8415: Dynamic Host Configuration Protocol for
         IPv6 (DHCPv6), Section 4.2";
    }
    uses dhc6:status;
  }

  grouping message-statistics {
    description
      "Counters for DHCPv6 messages.";
    leaf discontinuity-time {
      type yang:date-and-time;
      description
        "The time on the most recent occasion at which any one or
         more of DHCPv6 server's counters suffered a discontinuity.
         If no such discontinuities have occurred since the last
         re-initialization of the local management subsystem, then
         this node contains the time the local management subsystem
         re-initialized itself.";
    }
    leaf solicit-count {
      type yang:counter32;
      config false;
      description
        "Number of Solicit (1) messages received.";
    }
    leaf advertise-count {
      type yang:counter32;
      config false;
      description
        "Number of Advertise (2) messages sent.";
    }
    leaf request-count {
      type yang:counter32;
      config false;
      description
        "Number of Request (3) messages received.";
    }
    leaf confirm-count {
      type yang:counter32;
      config false;
      description
        "Number of Confirm (4) messages received.";
    }
    leaf renew-count {
      type yang:counter32;
      config false;
      description
        "Number of Renew (5) messages received.";
    }
    leaf rebind-count {
      type yang:counter32;
      config false;
      description
        "Number of Rebind (6) messages received.";
    }
    leaf reply-count {
      type yang:counter32;
      config false;
      description
        "Number of Reply (7) messages sent.";
    }
    leaf release-count {
      type yang:counter32;
      config false;
      description
        "Number of Release (8) messages received.";
    }
    leaf decline-count {
      type yang:counter32;
      config false;
      description
        "Number of Decline (9) messages received.";
    }
    leaf reconfigure-count {
      type yang:counter32;
      config false;
      description
        "Number of Reconfigure (10) messages sent.";
    }
    leaf information-request-count {
      type yang:counter32;
      config false;
      description
        "Number of Information-request (11) messages
         received.";
    }
    leaf discarded-message-count {
      type yang:counter32;
      config false;
      description
        "Number of messages that have been discarded for any
         reason.";
    }
  }

  grouping preference-option-group {
    description
      "OPTION_PREFERENCE (7) Preference Option.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 21.8";
    container preference-option {
      description
        "OPTION_PREFERENCE (7) Preference Option.";
      leaf pref-value {
        type uint8;
        description
          "The preference value for the server in this message.  A
           1-octet unsigned integer.";
      }
    }
  }

  grouping server-unicast-option-group {
    description
      "OPTION_UNICAST (12) Server Unicast Option.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 21.12";
    container server-unicast-option {
      description
        "OPTION_UNICAST (12) Server Unicast Option.";
      leaf server-address {
        type inet:ipv6-address;
        description
          "The 128-bit address to which the client should send
           messages delivered using unicast.";
      }
    }
  }

  grouping reconfigure-message-option-group {
    description
      "OPTION_RECONF_MSG (19) Reconfigure Message Option.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 21.19";
    container reconfigure-message-option {
      description
        "OPTION_RECONF_MSG (19) Reconfigure Message Option.";
      leaf msg-type {
        type uint8;
        description
          "5 for Renew message, 6 for Rebind message, and 11 for
           Information-request message.";
      }
    }
  }

  grouping info-refresh-time-option-group {
    description
      "OPTION_INFORMATION_REFRESH_TIME (32) Information Refresh
       Time Option.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 21.23";
    container info-refresh-time-option {
      description
        "OPTION_INFORMATION_REFRESH_TIME (32) Information Refresh
         Time Option.";
      leaf info-refresh-time {
        type dhc6:timer-seconds32;
        description
          "Time duration specifying an upper bound for how long a
           client should wait before refreshing information retrieved
           from a DHCP server.";
      }
    }
  }

  grouping sol-max-rt-option-group {
    description
      "OPTION_SOL_MAX_RT (82) SOL_MAX_RT Option (Max Solicit timeout
        value).";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 21.24";
    container sol-max-rt-option {
      description
        "OPTION_SOL_MAX_RT (82) SOL_MAX_RT Option.";
      leaf sol-max-rt-value {
        type dhc6:timer-seconds32;
        description
          "Maximum Solicit timeout value.";
      }
    }
  }

  grouping inf-max-rt-option-group {
    description
      "OPTION_INF_MAX_RT (83) INF_MAX_RT Option (Max
        Information-request timeout value).";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 21.25";
    container inf-max-rt-option {
      description
        "OPTION_INF_MAX_RT (83) INF_MAX_RT Option.";
      leaf inf-max-rt-value {
        type dhc6:timer-seconds32;
        description
          "Maximum Information-request timeout value.";
      }
    }
  }

  /*
   * Data Nodes
   */

  container dhcpv6-server {
    description
      "Configuration nodes for the DHCPv6 server.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 18.3";
    leaf enabled {
      type boolean;
      description
        "Enables the DHCP server function.";
    }
    leaf server-duid {
      type dhc6:duid;
      description
        "DUID of the server.";
      reference
        "RFC 8415: Dynamic Host Configuration Protocol for
         IPv6 (DHCPv6), Section 11";
    }
    container vendor-config {
      description
        "This container provides a location for augmenting vendor
         or implementation-specific configuration nodes.";
    }
    container option-sets {
      description
        "A server may allow different option sets to be configured
         for clients matching specific parameters, such as
         topological location or client type.  The 'option-set' list
         is a set of options and their contents that will be
         returned to clients.";
      reference
        "RFC 8415: Dynamic Host Configuration Protocol for
         IPv6 (DHCPv6), Section 21";
      list option-set {
        key "option-set-id";
        description
          "YANG definitions for DHCPv6 options are contained in
           separate YANG modules and augmented to this container as
           required.";
        leaf option-set-id {
          type string;
          description
            "Option set identifier.";
        }
        leaf description {
          type string;
          description
            "An optional field for storing additional information
             relevant to the option set.";
        }
        uses preference-option-group;
        uses dhc6:auth-option-group;
        uses server-unicast-option-group;
        uses dhc6:rapid-commit-option-group;
        uses dhc6:vendor-specific-information-option-group;
        uses reconfigure-message-option-group;
        uses dhc6:reconfigure-accept-option-group;
        uses info-refresh-time-option-group;
        uses sol-max-rt-option-group;
        uses inf-max-rt-option-group;
      }
    }
    container class-selector {
      description
        "DHCPv6 servers use a 'class-selector' function in order
         to identify and classify incoming client messages
         so that they can be given the correct configuration.
         The mechanisms used for implementing this function vary
         greatly between different implementations; as such, it is
         not possible to include them in this module.  This container
         provides a location for server implementors to augment their
         own class-selector YANG.";
    }
    container allocation-ranges {
      description
        "This model is based on an address and parameter
         allocation hierarchy.  The top level is 'global' -- which
         is defined as the container for all allocation-ranges.
         Under this are the individual allocation-ranges.";
      uses resource-config;
      list allocation-range {
        key "id";
        description
          "Network ranges are identified by the 'id' key.";
        leaf id {
          type string;
          mandatory true;
          description
            "Unique identifier for the allocation range.";
        }
        leaf description {
          type string;
          description
            "Description for the allocation range.";
        }
        leaf network-prefix {
          type inet:ipv6-prefix;
          mandatory true;
          description
            "Network prefix.";
        }
        uses resource-config;
        container address-pools {
          if-feature "na-assignment";
          description
            "Configuration for the DHCPv6 server's
             address pools.";
          list address-pool {
            key "pool-id";
            description
              "List of address pools for allocation to clients,
               distinguished by 'pool-id'.";
            leaf pool-id {
              type string;
              mandatory true;
              description
                "Unique identifier for the pool.";
            }
            leaf pool-prefix {
              type inet:ipv6-prefix;
              mandatory true;
              description
                "IPv6 prefix for the pool.  Should be contained
                 within the network-prefix if configured.";
            }
            leaf start-address {
              type inet:ipv6-address-no-zone;
              mandatory true;
              description
                "Starting IPv6 address for the pool.";
            }
            leaf end-address {
              type inet:ipv6-address-no-zone;
              mandatory true;
              description
                "Ending IPv6 address for the pool.";
            }
            leaf max-address-utilization {
              type dhc6:threshold;
              description
                "Maximum amount of the addresses in the
                 pool that can be simultaneously allocated,
                 calculated as a percentage of the available
                 addresses (end-address minus start-address plus
                 one), and rounded up. Used to set the value for
                 the address-pool-utilization-threshold-exceeded
                 notification.";
            }
            uses resource-config;
            container host-reservations {
              description
                "Configuration for host reservations from the
                 address pool.";
              list host-reservation {
                key "reserved-addr";
                description
                  "List of host reservations.";
                leaf client-duid {
                  type dhc6:duid;
                  description
                    "Client DUID for the reservation.";
                }
                leaf reserved-addr {
                  type inet:ipv6-address;
                  description
                    "Reserved IPv6 address.";
                }
                uses resource-config;
              }
            }
            container active-leases {
              config false;
              description
                "Holds state related to active client
                 leases.";
              leaf total-count {
                type uint64;
                mandatory true;
                description
                  "The total number of addresses in the pool.";
              }
              leaf allocated-count {
                type uint64;
                mandatory true;
                description
                  "The number of addresses or prefixes in the pool
                   that are currently allocated.";
              }
              list active-lease {
                key "leased-address";
                description
                  "List of active address leases.";
                leaf leased-address {
                  type inet:ipv6-address;
                  description
                    "Active address lease entry.";
                }
                uses lease-information;
              }
            }
          }
        }
        container prefix-pools {
          if-feature "prefix-delegation";
          description
            "Configuration for the DHCPv6 server's prefix pools.";
          list prefix-pool {
            key "pool-id";
            description
              "List of prefix pools for allocation to clients,
               distinguished by 'pool-id'.";
            leaf pool-id {
              type string;
              mandatory true;
              description
                "Unique identifier for the pool.";
            }
            leaf pool-prefix {
              type inet:ipv6-prefix;
              mandatory true;
              description
                "IPv6 prefix for the pool.  Should be contained
                 within the network-prefix if configured.";
            }
            leaf client-prefix-length {
              type uint8 {
                range "1 .. 128";
              }
              mandatory true;
              description
                "Length of the prefixes that will be delegated
                 to clients.";
            }
            leaf max-pd-space-utilization {
              type dhc6:threshold;
              description
                "Maximum amount of the prefixes in the pool that
                 can be simultaneously allocated, calculated as a
                 percentage of the available prefixes, and rounded
                 up.  Used to set the value for the
                 prefix-pool-utilization-threshold-exceeded
                 notification.";
            }
            uses resource-config;
            container host-reservations {
              description
                "Configuration for host reservations from the
                 prefix pool.";
              list prefix-reservation {
                key "reserved-prefix";
                description
                  "Reserved prefix reservation.";
                leaf client-duid {
                  type dhc6:duid;
                  description
                    "Client DUID for the reservation.";
                }
                leaf reserved-prefix {
                  type inet:ipv6-prefix;
                  description
                    "Reserved IPv6 prefix.";
                }
                leaf reserved-prefix-len {
                  type uint8;
                  description
                    "Reserved IPv6 prefix length.";
                }
              }
              uses resource-config;
            }
            container active-leases {
              config false;
              description
                "Holds state related to active client prefix
                 leases.";
              leaf total-count {
                type uint64;
                mandatory true;
                description
                  "The total number of prefixes in the pool.";
              }
              leaf allocated-count {
                type uint64;
                mandatory true;
                description
                  "The number of prefixes in the pool that are
                   currently allocated.";
              }
              list active-lease {
                key "leased-prefix";
                description
                  "List of active prefix leases.";
                leaf leased-prefix {
                  type inet:ipv6-prefix;
                  description
                    "Active leased prefix entry.";
                }
                uses lease-information;
              }
            }
          }
        }
      }
      container statistics {
        description
          "DHCPv6 message counters for the server.";
        uses message-statistics;
      }
    }
  }

  /*
   * RPCs
   */

  rpc delete-address-lease {
    nacm:default-deny-all;
    if-feature "na-assignment";
    description
      "Deletes a client's active address lease from the server's
       lease database.  Note that this will not cause the address
       to be revoked from the client, and the lease may be refreshed
       or renewed by the client.";
    input {
      leaf lease-address-to-delete {
        type leafref {
          path "/dhcpv6-server/allocation-ranges/"
             + "allocation-range/address-pools/address-pool"
             + "/active-leases/active-lease/leased-address";
        }
        mandatory true;
        description
          "IPv6 address of an active lease that will be
           deleted from the server.";
      }
    }
    output {
      leaf return-message {
        type string;
        description
          "Response message from the server.  If available, a
           language identifier should be included in the message.";
        reference
          "BCP 18 (RFC 2277) IETF Policy on Character Sets
           and Languages, Section 4.2";
      }
    }
  }

  rpc delete-prefix-lease {
    nacm:default-deny-all;
    if-feature "prefix-delegation";
    description
      "Deletes a client's active prefix lease from the server's
       lease database.  Note that this will not cause the prefix
       to be revoked from the client, and the lease may be refreshed
       or renewed by the client.";
    input {
      leaf lease-prefix-to-delete {
        type leafref {
          path "/dhcpv6-server/allocation-ranges/"
             + "allocation-range/prefix-pools/prefix-pool"
             + "/active-leases/active-lease/leased-prefix";
        }
        mandatory true;
        description
          "IPv6 prefix of an active lease that will be deleted
           from the server.";
      }
    }
    output {
      leaf return-message {
        type string;
        description
          "Response message from the server.  If available, a
           language identifier should be included in the message.";
        reference
          "BCP 18 (RFC 2277) IETF Policy on Character Sets
           and Languages, Section 4.2";
      }
    }
  }

  /*
   * Notifications
   */

  notification address-pool-utilization-threshold-exceeded {
    if-feature "na-assignment";
    description
      "Notification sent when the address pool
       utilization exceeds the threshold configured in
       max-address-utilization.";
    leaf pool-id {
      type leafref {
        path "/dhcpv6-server/allocation-ranges/"
           + "allocation-range/address-pools/address-pool"
           + "/pool-id";
      }
      mandatory true;
      description
        "Leafref to the address pool that the notification is being
         generated for.";
    }
    leaf total-pool-addresses {
      type uint64;
      mandatory true;
      description
        "Total number of addresses in the pool (end-address minus
         start-address plus one).";
    }
    leaf max-allocated-addresses {
      type uint64;
      mandatory true;
      description
        "Maximum number of addresses that can be simultaneously
         allocated from the pool.  This value may be less than the
         count of total addresses.  Calculated as the
         max-address-utilization (percentage) of the
         total-pool-addresses and rounded up.";
    }
    leaf allocated-address-count {
      type uint64;
      mandatory true;
      description
        "Number of addresses allocated from the pool.";
    }
  }

  notification prefix-pool-utilization-threshold-exceeded {
    if-feature "prefix-delegation";
    description
      "Notification sent when the prefix pool utilization
       exceeds the threshold configured in
       max-pd-space-utilization.";
    leaf pool-id {
      type leafref {
        path "/dhcpv6-server/allocation-ranges"
           + "/allocation-range/prefix-pools/prefix-pool/pool-id";
      }
      mandatory true;
      description
        "Unique identifier for the pool.";
    }
    leaf total-pool-prefixes {
      type uint64;
      mandatory true;
      description
        "Total number of prefixes in the pool.";
    }
    leaf max-allocated-prefixes {
      type uint64;
      mandatory true;
      description
        "Maximum number of prefixes that can be simultaneously
         allocated from the pool.  This value may be less than
         the count of total prefixes.  Calculated as the
         max-prefix-utilization (percentage) of the
         total-pool-prefixes and rounded up.";
    }
    leaf allocated-prefixes-count {
      type uint64;
      mandatory true;
      description
        "Number of prefixes allocated from the pool.";
    }
  }

  notification invalid-client-detected {
    description
      "Notification sent when the server detects an invalid
       client.";
    leaf message-type {
      type enumeration {
        enum solicit {
          description
            "Solicit (1) message.";
        }
        enum request {
          description
            "Request (3) message.";
        }
        enum confirm {
          description
            "Confirm (4) message.";
        }
        enum renew {
          description
            "Renew (5) message.";
        }
        enum rebind {
          description
            "Rebind (6) message.";
        }
        enum release {
          description
            "Release (8) message.";
        }
        enum decline {
          description
            "Decline (9) message.";
        }
        enum info-request {
          description
            "Information request (11) message.";
        }
      }
      description
        "The message type received by the server that has caused
         the error.";
    }
    leaf duid {
      type dhc6:duid;
      description
        "Client DUID.";
    }
    leaf description {
      type string;
      description
        "Description of the event (e.g., an error code or log
         message).";
    }
  }

  notification decline-received {
    if-feature "na-assignment";
    description
      "Notification sent when the server has received a Decline (9)
       message from a client.";
    leaf duid {
      type dhc6:duid;
      description
        "Client DUID.";
    }
    list declined-resources {
      description
        "List of declined addresses and/or prefixes.";
      choice resource-type {
        description
          "Type of resource that has been declined.";
        case declined-address {
          leaf address {
            type inet:ipv6-address;
            description
              "Address that has been declined.";
          }
        }
        case declined-prefix {
          leaf prefix {
            type inet:ipv6-prefix;
            description
              "Prefix that has been declined.";
          }
        }
      }
    }
  }

  notification non-success-code-sent {
    description
      "Notification sent when the server responded to a client with
       a non-success status code.";
    leaf duid {
      type dhc6:duid;
      description
        "Client DUID.";
    }
    uses dhc6:status;
  }
}

<CODE ENDS>

4.3. DHCPv6 Relay YANG Module

This module imports typedefs from [RFC6991] and modules defined in [RFC8341] and [RFC8343].

<CODE BEGINS> file "ietf-dhcpv6-relay@2022-06-20.yang"

module ietf-dhcpv6-relay {
  yang-version 1.1;
  namespace "urn:ietf:params:xml:ns:yang:ietf-dhcpv6-relay";
  prefix dhc6-rly;

  import ietf-inet-types {
    prefix inet;
    reference
      "RFC 6991: Common YANG Data Types";
  }
  import ietf-yang-types {
    prefix yang;
    reference
      "RFC 6991: Common YANG Data Types";
  }
  import ietf-dhcpv6-common {
    prefix dhc6;
    reference
      "RFC 9243: A YANG Data Model for DHCPv6 Configuration";
  }
  import ietf-interfaces {
    prefix if;
    reference
      "RFC 8343: A YANG Data Model for Interface Management";
  }
  import ietf-netconf-acm {
    prefix nacm;
    reference
      "RFC 8341: Network Configuration Access Control Model";
  }

  organization
    "IETF Dynamic Host Configuration (DHC) Working Group";
  contact
    "WG Web:   <https://datatracker.ietf.org/wg/dhc/>
     WG List:  <mailto:dhcwg@ietf.org>
     Author:   Yong Cui <yong@csnet1.cs.tsinghua.edu.cn>
     Author:   Linhui Sun <lh.sunlinh@gmail.com>
     Editor:   Ian Farrer <ian.farrer@telekom.de>
     Author:   Sladjana Zeichlin <sladjana.zechlin@telekom.de>
     Author:   Zihao He <hezihao9512@gmail.com>
     Author:   Michal Nowikowski <godfryd@isc.org>";
  description
    "This YANG module defines components necessary for the
     configuration and management of DHCPv6 relays.

     The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
     NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
     'MAY', and 'OPTIONAL' in this document are to be interpreted as
     described in BCP 14 (RFC 2119) (RFC 8174) when, and only when,
     they appear in all capitals, as shown here.

     Copyright (c) 2022 IETF Trust and the persons identified as
     authors of the code.  All rights reserved.

     Redistribution and use in source and binary forms, with or
     without modification, is permitted pursuant to, and subject to
     the license terms contained in, the Revised BSD License set
     forth in Section 4.c of the IETF Trust's Legal Provisions
     Relating to IETF Documents
     (https://trustee.ietf.org/license-info).

     This version of this YANG module is part of RFC 9243
     (https://www.rfc-editor.org/info/rfc9243); see the RFC itself
     for full legal notices.";

  revision 2022-06-20 {
    description
      "Initial revision.";
    reference
      "RFC 9243: A YANG Data Model for DHCPv6 Configuration";
  }

  /*
   * Features
   */

  feature prefix-delegation {
    description
      "Enable if the relay functions as a delegating router for
       DHCPv6 prefix delegation.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 6.3";
  }

  /*
   * Groupings
   */

  grouping pd-lease-state {
    description
      "State data for the relay.";
    list pd-leases {
      key "ia-pd-prefix";
      config false;
      description
        "Information about an active IA_PD prefix delegation.";
      leaf ia-pd-prefix {
        type inet:ipv6-prefix;
        description
          "Prefix that is delegated.";
      }
      leaf last-renew {
        type yang:date-and-time;
        description
          "Time of the last successful refresh or renew of the
           delegated prefix.";
      }
      leaf client-peer-address {
        type inet:ipv6-address;
        description
          "Peer-address of the leasing client.";
      }
      leaf client-duid {
        type dhc6:duid;
        description
          "DUID of the leasing client.";
      }
      leaf server-duid {
        type dhc6:duid;
        description
          "DUID of the delegating server.";
      }
    }
  }

  grouping message-statistics {
    description
      "Contains counters for the different DHCPv6 message types.";
    leaf discontinuity-time {
      type yang:date-and-time;
      description
        "The time on the most recent occasion at which any one or
         more of DHCPv6 relay's counters suffered a discontinuity.
         If no such discontinuities have occurred since the last
         re-initialization of the local management subsystem, then
         this node contains the time the local management subsystem
         re-initialized itself.";
    }
    leaf solicit-received-count {
      type yang:counter32;
      config false;
      description
        "Number of Solicit (1) messages received.";
    }
    leaf advertise-sent-count {
      type yang:counter32;
      config false;
      description
        "Number of Advertise (2) messages sent.";
    }
    leaf request-received-count {
      type yang:counter32;
      config false;
      description
        "Number of Request (3) messages received.";
    }
    leaf confirm-received-count {
      type yang:counter32;
      config false;
      description
        "Number of Confirm (4) messages received.";
    }
    leaf renew-received-count {
      type yang:counter32;
      config false;
      description
        "Number of Renew (5) messages received.";
    }
    leaf rebind-received-count {
      type yang:counter32;
      config false;
      description
        "Number of Rebind (6) messages received.";
    }
    leaf reply-sent-count {
      type yang:counter32;
      config false;
      description
        "Number of Reply (7) messages sent.";
    }
    leaf release-received-count {
      type yang:counter32;
      config false;
      description
        "Number of Release (8) messages received.";
    }
    leaf decline-received-count {
      type yang:counter32;
      config false;
      description
        "Number of Decline (9) messages received.";
    }
    leaf reconfigure-sent-count {
      type yang:counter32;
      config false;
      description
        "Number of Reconfigure (10) messages sent.";
    }
    leaf information-request-received-count {
      type yang:counter32;
      config false;
      description
        "Number of Information-request (11) messages
         received.";
    }
    leaf unknown-message-received-count {
      type yang:counter32;
      config false;
      description
        "Number of messages of unknown type that have
         been received.";
    }
    leaf unknown-message-sent-count {
      type yang:counter32;
      config false;
      description
        "Number of messages of unknown type that have
         been sent.";
    }
    leaf discarded-message-count {
      type yang:counter32;
      config false;
      description
        "Number of messages that have been discarded
         for any reason.";
    }
  }

  grouping global-statistics {
    description
      "Global statistics for the device.";
    leaf relay-forward-sent-count {
      type yang:counter32;
      config false;
      description
        "Number of Relay-forward (12) messages sent.";
    }
    leaf relay-forward-received-count {
      type yang:counter32;
      config false;
      description
        "Number of Relay-forward (12) messages received.";
    }
    leaf relay-reply-received-count {
      type yang:counter32;
      config false;
      description
        "Number of Relay-reply (13) messages received.";
    }
    leaf relay-forward-unknown-sent-count {
      type yang:counter32;
      config false;
      description
        "Number of Relay-forward (12) messages containing
         a message of unknown type sent.";
    }
    leaf relay-forward-unknown-received-count {
      type yang:counter32;
      config false;
      description
        "Number of Relay-forward (12) messages containing
         a message of unknown type received.";
    }
    leaf discarded-message-count {
      type yang:counter32;
      config false;
      description
        "Number of messages that have been discarded
         for any reason.";
    }
  }

  grouping interface-id-option-group {
    description
      "OPTION_INTERFACE_ID (18) Interface-Id Option.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 21.18";
    container interface-id-option {
      description
        "OPTION_INTERFACE_ID (18) Interface-Id Option.";
      leaf interface-id {
        type binary;
        description
          "An opaque value of arbitrary length generated by the
           relay agent to identify one of the relay agent's
           interfaces.";
      }
    }
  }

  /*
   * Data Nodes
   */

  container dhcpv6-relay {
    description
      "This container contains the configuration data nodes
       for the relay.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 19";
    leaf enabled {
      type boolean;
      description
        "Globally enables the DHCP relay function.";
    }
    list relay-if {
      key "if-name";
      description
        "List of interfaces configured for DHCPv6 relaying.";
      leaf if-name {
        type if:interface-ref;
        description
          "interface-ref to the relay interface.";
      }
      leaf enabled {
        type boolean;
        description
          "Enables the DHCP relay function for this interface.";
      }
      leaf-list destination-address {
        type inet:ipv6-address;
        description
          "Each DHCPv6 relay agent may be configured with a list
           of destination addresses for relayed messages.
           The list may include unicast addresses, multicast
           addresses, or other valid addresses.";
      }
      leaf link-address {
        type inet:ipv6-address;
        description
          "An address that may be used by the server to identify
           the link on which the client is located.";
      }
      container relay-options {
        description
          "Definitions for DHCPv6 options that can be sent
           by the relay are augmented to this location from other
           YANG modules as required.";
        uses dhc6:auth-option-group;
        uses interface-id-option-group;
      }
      container statistics {
        description
          "DHCPv6 message counters for the relay's interface.";
        uses message-statistics;
      }
      container prefix-delegation {
        if-feature "prefix-delegation";
        presence "Enables prefix delegation for this interface.";
        description
          "Controls and holds state information for prefix
           delegation.";
        uses pd-lease-state;
      }
    }
    container statistics {
      description
        "Global DHCPv6 message counters for the relay.";
      uses global-statistics;
    }
  }

  /*
   * RPCs
   */

  rpc clear-prefix-entry {
    nacm:default-deny-all;
    if-feature "prefix-delegation";
    description
      "Clears an entry for an active delegated prefix
       from the relay.";
    reference
      "RFC 8987: DHCPv6 Prefix Delegating Relay Requirements,
       Section 4.4";
    input {
      leaf lease-prefix {
        type leafref {
          path "/dhcpv6-relay/relay-if/prefix-delegation"
             + "/pd-leases/ia-pd-prefix";
        }
        mandatory true;
        description
          "IPv6 prefix of an active lease entry that will
           be deleted from the relay.";
      }
    }
    output {
      leaf return-message {
        type string;
        description
          "Response message from the server.  If available, a
           language identifier should be included in the message.";
        reference
          "BCP 18 (RFC 2277) IETF Policy on Character Sets
           and Languages, Section 4.2";
      }
    }
  }

  rpc clear-client-prefixes {
    nacm:default-deny-all;
    if-feature "prefix-delegation";
    description
      "Clears all active prefix entries for a single client.";
    reference
      "RFC 8987: DHCPv6 Prefix Delegating Relay Requirements,
       Section 4.4";
    input {
      leaf client-duid {
        type dhc6:duid;
        mandatory true;
        description
          "DUID of the client.";
      }
    }
    output {
      leaf return-message {
        type string;
        description
          "Response message from the server.  If available, a
           language identifier should be included in the message.";
        reference
          "BCP 18 (RFC 2277) IETF Policy on Character Sets
           and Languages, Section 4.2";
      }
    }
  }

  rpc clear-interface-prefixes {
    nacm:default-deny-all;
    if-feature "prefix-delegation";
    description
      "Clears all delegated prefix bindings from an
       interface on the relay.";
    reference
      "RFC 8987: DHCPv6 Prefix Delegating Relay Requirements,
       Section 4.4";
    input {
      leaf interface {
        type leafref {
          path "/dhcpv6-relay/relay-if/if-name";
        }
        mandatory true;
        description
          "Reference to the relay interface that will have all
           active prefix delegation bindings deleted.";
      }
    }
    output {
      leaf return-message {
        type string;
        description
          "Response message from the server.  If available, a
           language identifier should be included in the message.";
        reference
          "BCP 18 (RFC 2277) IETF Policy on Character Sets
           and Languages, Section 4.2";
      }
    }
  }

  /*
   * Notifications
   */

  notification relay-event {
    description
      "DHCPv6 relay event notifications.";
    container topology-change {
      description
        "Raised if the entry for an interface with DHCPv6-related
         configuration or state is removed from if:interface-refs.";
      leaf relay-if-name {
        type leafref {
          path "/dhcpv6-relay/relay-if/if-name";
        }
        description
          "Name of the interface that has been removed.";
      }
      leaf last-ipv6-addr {
        type inet:ipv6-address;
        description
          "Last IPv6 address configured on the interface.";
      }
    }
  }
}

<CODE ENDS>

4.4. DHCPv6 Client YANG Module

This module imports typedefs from [RFC6991] and the module defined in [RFC8343].

<CODE BEGINS> file "ietf-dhcpv6-client@2022-06-20.yang"

module ietf-dhcpv6-client {
  yang-version 1.1;
  namespace "urn:ietf:params:xml:ns:yang:ietf-dhcpv6-client";
  prefix dhc6-clnt;

  import ietf-inet-types {
    prefix inet;
    reference
      "RFC 6991: Common YANG Data Types";
  }
  import ietf-yang-types {
    prefix yang;
    reference
      "RFC 6991: Common YANG Data Types";
  }
  import ietf-dhcpv6-common {
    prefix dhc6;
    reference
      "RFC 9243: A YANG Data Model for DHCPv6 Configuration";
  }
  import ietf-interfaces {
    prefix if;
    reference
      "RFC 8343: A YANG Data Model for Interface Management";
  }

  organization
    "IETF Dynamic Host Configuration (DHC) Working Group";
  contact
    "WG Web:   <https://datatracker.ietf.org/wg/dhc/>
     WG List:  <mailto:dhcwg@ietf.org>
     Author:   Yong Cui <yong@csnet1.cs.tsinghua.edu.cn>
     Author:   Linhui Sun <lh.sunlinh@gmail.com>
     Editor:   Ian Farrer <ian.farrer@telekom.de>
     Author:   Sladjana Zeichlin <sladjana.zechlin@telekom.de>
     Author:   Zihao He <hezihao9512@gmail.com>
     Author:   Michal Nowikowski <godfryd@isc.org>";
  description
    "This YANG module defines components necessary for the
     configuration and management of DHCPv6 clients.

     The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
     'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
     'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document
     are to be interpreted as described in BCP 14 (RFC 2119)
     (RFC 8174) when, and only when, they appear in all
     capitals, as shown here.

     Copyright (c) 2022 IETF Trust and the persons identified as
     authors of the code.  All rights reserved.

     Redistribution and use in source and binary forms, with or
     without modification, is permitted pursuant to, and subject to
     the license terms contained in, the Revised BSD License set
     forth in Section 4.c of the IETF Trust's Legal Provisions
     Relating to IETF Documents
     (https://trustee.ietf.org/license-info).

     This version of this YANG module is part of RFC 9243
     (https://www.rfc-editor.org/info/rfc9243); see the RFC itself
     for full legal notices.";

  revision 2022-06-20 {
    description
      "Initial revision.";
    reference
      "RFC 9243: A YANG Data Model for DHCPv6 Configuration";
  }

  /*
   * Features
   */

  feature non-temp-addr {
    description
      "Denotes that the client supports DHCPv6 non-temporary address
       allocations.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 6.2";
  }

  feature temp-addr {
    description
      "Denotes that the client supports DHCPv6 temporary address
       allocations.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 6.5";
  }

  feature prefix-delegation {
    description
      "Denotes that the client implements DHCPv6 prefix
       delegation.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 6.3";
  }

  feature anon-profile {
    description
      "Denotes that the client supports DHCP anonymity profiles.";
    reference
      "RFC 7844: Anonymity Profiles for DHCP Clients";
  }

  /*
   * Groupings
   */

  grouping message-statistics {
    description
      "Counters for DHCPv6 messages.";
    leaf discontinuity-time {
      type yang:date-and-time;
      description
        "The time on the most recent occasion at which any one or
         more of DHCPv6 client's counters suffered a discontinuity.
         If no such discontinuities have occurred since the last
         re-initialization of the local management subsystem, then
         this node contains the time the local management subsystem
         re-initialized itself.";
    }
    leaf solicit-count {
      type yang:counter32;
      config false;
      description
        "Number of Solicit (1) messages sent.";
    }
    leaf advertise-count {
      type yang:counter32;
      config false;
      description
        "Number of Advertise (2) messages received.";
    }
    leaf request-count {
      type yang:counter32;
      config false;
      description
        "Number of Request (3) messages sent.";
    }
    leaf confirm-count {
      type yang:counter32;
      config false;
      description
        "Number of Confirm (4) messages sent.";
    }
    leaf renew-count {
      type yang:counter32;
      config false;
      description
        "Number of Renew (5) messages sent.";
    }
    leaf rebind-count {
      type yang:counter32;
      config false;
      description
        "Number of Rebind (6) messages sent.";
    }
    leaf reply-count {
      type yang:counter32;
      config false;
      description
        "Number of Reply (7) messages received.";
    }
    leaf release-count {
      type yang:counter32;
      config false;
      description
        "Number of Release (8) messages sent.";
    }
    leaf decline-count {
      type yang:counter32;
      config false;
      description
        "Number of Decline (9) messages sent.";
    }
    leaf reconfigure-count {
      type yang:counter32;
      config false;
      description
        "Number of Reconfigure (10) messages received.";
    }
    leaf information-request-count {
      type yang:counter32;
      config false;
      description
        "Number of Information-request (11) messages sent.";
    }
    leaf discarded-message-count {
      type yang:counter32;
      config false;
      description
        "Number of messages that have been discarded for any
         reason.";
    }
  }

  grouping lease-state {
    description
      "Information about the active IA_NA lease.";
    leaf preferred-lifetime {
      type dhc6:timer-seconds32;
      description
        "The preferred lifetime for the leased address
         expressed in seconds.";
    }
    leaf valid-lifetime {
      type dhc6:timer-seconds32;
      description
        "The valid lifetime for the leased address expressed
         in seconds.";
    }
    leaf allocation-time {
      type yang:date-and-time;
      description
        "Time and date that the address was first leased.";
    }
    leaf last-renew-rebind {
      type yang:date-and-time;
      description
        "Time of the last successful renew or rebind of the
         leased address.";
    }
    leaf server-duid {
      type dhc6:duid;
      description
        "DUID of the leasing server.";
    }
    uses dhc6:status;
  }

  grouping option-request-option-group {
    description
      "OPTION_ORO (6) Option Request Option.  A client MUST include
       an Option Request option in a Solicit, Request, Renew,
       Rebind, or Information-request message to inform the server
       about options the client wants the server to send to the
       client.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Sections 21.23, 21.24, 21.25, & 21.7";
    container option-request-option {
      description
        "OPTION_ORO (6) Option Request Option.";
      leaf-list oro-option {
        type uint16;
        description
          "List of options that the client is requesting,
           identified by option code.  This list MUST include the
           code for option SOL_MAX_RT (82) when included in a
           Solicit message.  If this option is being sent in an
           Information-request message, then the code for option
           OPTION_INFORMATION_REFRESH_TIME (32) and INF_MAX_RT (83)
           MUST be included.";
      }
    }
  }

  grouping user-class-option-group {
    description
      "OPTION_USER_CLASS (15) User Class Option";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 21.15";
    container user-class-option {
      presence "Configures the option";
      description
        "OPTION_USER_CLASS (15) User Class Option.";
      list user-class-data-instance {
        key "user-class-data-id";
        min-elements 1;
        description
          "The user classes of which the client is a member.";
        leaf user-class-data-id {
          type uint8;
          description
            "User class data ID.";
        }
        leaf user-class-data {
          type binary;
          description
            "Opaque field representing a User Class of which the
             client is a member.";
        }
      }
    }
  }

  grouping vendor-class-option-group {
    description
      "OPTION_VENDOR_CLASS (16) Vendor Class Option.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol
       for IPv6 (DHCPv6), Section 21.16";
    container vendor-class-option {
      description
        "OPTION_VENDOR_CLASS (16) Vendor Class Option.";
      list vendor-class-option-instances {
        key "enterprise-number";
        description
          "The vendor class option allows for multiple instances
           in a single message.  Each list entry defines the contents
           of an instance of the option.";
        leaf enterprise-number {
          type uint32;
          description
            "The vendor's registered Enterprise Number, as
             maintained by IANA.";
        }
        list vendor-class-data-element {
          key "vendor-class-data-id";
          description
            "The vendor classes of which the client is a member.";
          leaf vendor-class-data-id {
            type uint8;
            description
              "Vendor class data ID.";
          }
          leaf vendor-class-data {
            type binary;
            description
              "Opaque field representing a vendor class of which
               the client is a member.";
          }
        }
      }
    }
  }

  /*
   * Data Nodes
   */

  container dhcpv6-client {
    description
      "DHCPv6 client configuration and state.";
    leaf enabled {
      type boolean;
      default "true";
      description
        "Globally enables the DHCP client function.";
    }
    leaf client-duid {
      if-feature "(non-temp-addr or prefix-delegation "
               + "or temp-addr) and not anon-profile";
      type dhc6:duid;
      description
        "A single client DUID that will be used by all of the
         client's DHCPv6-enabled interfaces.";
      reference
        "RFC 8415: Dynamic Host Configuration Protocol for
         IPv6 (DHCPv6), Section 11";
    }
    list client-if {
      key "if-name";
      description
        "The list of interfaces for which the client will
         be requesting DHCPv6 configuration.";
      leaf if-name {
        type if:interface-ref;
        mandatory true;
        description
          "Reference to the interface entry that the requested
           configuration is relevant to.";
      }
      leaf enabled {
        type boolean;
        default "true";
        description
          "Enables the DHCP client function for this interface.";
      }
      leaf interface-duid {
        if-feature "(non-temp-addr or prefix-delegation "
                 + "or temp-addr) and anon-profile";
        type dhc6:duid;
        description
          "Per-interface client DUIDs for use with DHCP anonymity
           profiles.";
        reference
          "RFC 7844: Anonymity Profiles for DHCP Clients,
           Section 3";
      }
      container client-configured-options {
        description
          "Definitions for DHCPv6 options that can be sent by
           the client.  Additional option definitions can be
           augmented to this location from other YANG modules as
           required.";
        uses option-request-option-group;
        uses dhc6:rapid-commit-option-group;
        uses user-class-option-group;
        uses vendor-class-option-group;
        uses dhc6:vendor-specific-information-option-group;
        uses dhc6:reconfigure-accept-option-group;
      }
      list ia-na {
        if-feature "non-temp-addr";
        key "ia-id";
        description
          "Configuration relevant for an Identity Association
           for Non-temporary Addresses (IA_NA).";
        reference
          "RFC 8415: Dynamic Host Configuration Protocol
           for IPv6 (DHCPv6), Section 13.1";
        leaf ia-id {
          type uint32;
          description
            "A unique identifier for this IA_NA.";
          reference
            "RFC 8415: Dynamic Host Configuration Protocol
             for IPv6 (DHCPv6), Section 12";
        }
        container ia-na-options {
          description
            "An augmentation point for additional options
             that the client may send in the IA_NA-options field
             of OPTION_IA_NA.";
        }
        container lease-state {
          config false;
          description
            "Information about the active IA_NA lease.";
          leaf ia-na-address {
            type inet:ipv6-address;
            description
              "Address that is currently leased.";
          }
          leaf lease-t1 {
            type dhc6:timer-seconds32;
            description
              "The time interval after which the client should
               contact the server from which the addresses in the
               IA_NA were obtained to extend the lifetimes of the
               addresses assigned to the IA_NA.";
          }
          leaf lease-t2 {
            type dhc6:timer-seconds32;
            description
              "The time interval after which the client should
               contact any available server to extend the lifetimes
               of the addresses assigned to the IA_NA.";
          }
          uses lease-state;
        }
      }
      list ia-ta {
        if-feature "temp-addr";
        key "ia-id";
        description
          "Configuration relevant for an Identity Association
           for Temporary Addresses (IA_TA).";
        reference
          "RFC 8415: Dynamic Host Configuration Protocol for
           IPv6 (DHCPv6), Section 13.2";
        leaf ia-id {
          type uint32;
          description
            "The unique identifier for this IA_TA.";
          reference
            "RFC 8415: Dynamic Host Configuration Protocol
             for IPv6 (DHCPv6), Section 12";
        }
        container ia-ta-options {
          description
            "An augmentation point for additional options
             that the client may send in the IA_TA-options field
             of OPTION_IA_TA.";
        }
        container lease-state {
          config false;
          description
            "Information about an active IA_TA lease.";
          leaf ia-ta-address {
            type inet:ipv6-address;
            description
              "Address that is currently leased.";
          }
          uses lease-state;
        }
      }
      list ia-pd {
        if-feature "prefix-delegation";
        key "ia-id";
        description
          "Configuration relevant for an Identity Association
           for Prefix Delegation (IA_PD).";
        reference
          "RFC 8415: Dynamic Host Configuration Protocol for
           IPv6 (DHCPv6), Section 13.3";
        leaf ia-id {
          type uint32;
          description
            "The unique identifier for this IA_PD.";
          reference
            "RFC 8415: Dynamic Host Configuration Protocol
             for IPv6 (DHCPv6), Section 12";
        }
        leaf prefix-length-hint {
          type uint8 {
            range "1..128";
          }
          description
            "Prefix-length hint value included in the messages sent
             to the server to indicate a preference for the size of
             the prefix to be delegated.";
          reference
            "RFC 8415: Dynamic Host Configuration Protocol
             for IPv6 (DHCPv6), Section 18.2.1";
        }
        container ia-pd-options {
          description
            "An augmentation point for additional options that the
             client will send in the IA_PD-options field of
             OPTION_IA_TA.";
        }
        container lease-state {
          config false;
          description
            "Information about an active IA_PD-delegated prefix.";
          leaf ia-pd-prefix {
            type inet:ipv6-prefix;
            description
              "Delegated prefix that is currently leased.";
          }
          leaf lease-t1 {
            type dhc6:timer-seconds32;
            description
              "The time interval after which the client should
               contact the server from which the addresses in the
               IA_NA were obtained to extend the lifetimes of the
               addresses assigned to the IA_PD.";
          }
          leaf lease-t2 {
            type dhc6:timer-seconds32;
            description
              "The time interval after which the client should
               contact any available server to extend the lifetimes
               of the addresses assigned to the IA_PD.";
          }
          uses lease-state;
        }
      }
      container statistics {
        description
          "DHCPv6 message counters for the client.";
        uses message-statistics;
      }
    }
  }

  /*
   * Notifications
   */

  notification invalid-ia-address-detected {
    if-feature "non-temp-addr or temp-addr";
    description
      "Notification sent when an address received in an identity
       association option is determined invalid.  Possible conditions
       include a duplicate or otherwise illegal address.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 18.2.10.1";
    leaf ia-id {
      type uint32;
      mandatory true;
      description
        "IAID.";
    }
    leaf ia-na-t1-timer {
      type uint32;
      description
        "The value of the T1 time field for non-temporary address
         allocations (OPTION_IA_NA).";
    }
    leaf ia-na-t2-timer {
      type uint32;
      description
        "The value of the preferred-lifetime field for non-temporary
         address allocations (OPTION_IA_NA).";
    }
    leaf invalid-address {
      type inet:ipv6-address;
      description
        "The IP address that has been detected to be invalid.";
    }
    leaf preferred-lifetime {
      type uint32;
      description
        "The value of the preferred-lifetime field in
         OPTION_IAADDR.";
    }
    leaf valid-lifetime {
      type uint32;
      description
        "The value of the valid-lifetime field in OPTION_IAADDR.";
    }
    leaf ia-options {
      type binary;
      description
        "A copy of the contents of the IAaddr-options field.";
    }
    leaf description {
      type string;
      description
        "Description of the invalid Identity Association (IA)
         detection error.";
    }
  }

  notification transmission-failed {
    description
      "Notification sent when the transmission or retransmission
       of a message fails.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 7.6";
    leaf failure-type {
      type enumeration {
        enum solicit-timeout {
          description
            "Max Solicit timeout value (SOL_MAX_RT) exceeded.";
        }
        enum request-timeout {
          description
            "Max Request timeout value (REQ_MAX_RT) exceeded.";
        }
        enum request-retries-exceeded {
          description
            "Max Request retry attempts (REC_MAX_RC) exceeded.";
        }
        enum confirm-duration-exceeded {
          description
            "Max Confirm duration (CNF_MAX_RD) exceeded.";
        }
        enum renew-timeout {
          description
            "Max Renew timeout value (REN_MAX_RT) exceeded.";
        }
        enum rebind-timeout {
          description
            "Max Rebind timeout value (REB_MAX_RT)
             exceeded.";
        }
        enum info-request-timeout {
          description
            "Max Information-request timeout value (INF_MAX_RT)
             exceeded.";
        }
        enum release-retries-exceeded {
          description
            "Max Release retry attempts (REL_MAX_RC) exceeded.";
        }
        enum decline-retries-exceeded {
          description
            "Max Decline retry attempts (DEC_MAX_RT) exceeded.";
        }
      }
      mandatory true;
      description
        "Description of the failure.";
    }
    leaf description {
      type string;
      description
        "Information related to the failure, such as number of
         retries and timer values.";
    }
  }

  notification unsuccessful-status-code {
    description
      "Notification sent when the client receives a message that
       includes an unsuccessful Status Code option.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 21.13";
    leaf server-duid {
      type dhc6:duid;
      mandatory true;
      description
        "DUID of the server sending the unsuccessful error code.";
    }
    uses dhc6:status;
  }

  notification server-duid-changed {
    if-feature "non-temp-addr or prefix-delegation or "
             + "temp-addr";
    description
      "Notification sent when the client receives a lease from a
       server with different DUID to the one currently stored by the
       client, e.g., in response to a Rebind message.";
    reference
      "RFC 8415: Dynamic Host Configuration Protocol for
       IPv6 (DHCPv6), Section 18.2.5";
    leaf new-server-duid {
      type dhc6:duid;
      mandatory true;
      description
        "DUID of the new server.";
    }
    leaf previous-server-duid {
      type dhc6:duid;
      mandatory true;
      description
        "DUID of the previous server.";
    }
    leaf lease-ia-na {
      if-feature "non-temp-addr";
      type leafref {
        path "/dhcpv6-client/client-if/ia-na/ia-id";
      }
      description
        "Reference to the IA_NA lease.";
    }
    leaf lease-ia-ta {
      if-feature "temp-addr";
      type leafref {
        path "/dhcpv6-client/client-if/ia-ta/ia-id";
      }
      description
        "Reference to the IA_TA lease.";
    }
    leaf lease-ia-pd {
      if-feature "prefix-delegation";
      type leafref {
        path "/dhcpv6-client/client-if/ia-pd/ia-id";
      }
      description
        "Reference to the IA_PD lease.";
    }
  }
}

<CODE ENDS>

5. Security Considerations

The YANG modules specified in this document define schemas for data that is designed to be accessed via network management protocols such as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer is the secure transport layer, and the mandatory-to-implement secure transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer is HTTPS, and the mandatory-to-implement secure transport is TLS [RFC8446].

The Network Configuration Access Control Model (NACM) [RFC8341] provides the means to restrict access for particular NETCONF or RESTCONF users to a preconfigured subset of all available NETCONF or RESTCONF protocol operations and content.

There are a number of data nodes defined in these YANG modules that are writable/creatable/deletable (i.e., config true, which is the default). These data nodes may be considered sensitive or vulnerable in some network environments. Write operations (e.g., edit-config) to these data nodes without proper protection can have a negative effect on network operations. These are the subtrees and data nodes in the 'ieft-dhcpv6-server.yang' module and their sensitivity/vulnerability:

  • Denial-of-Service (DoS) attacks, such as disabling the DHCP server service or removing address/prefix pool configuration:

    • (dhc6-srv/vendor-config)
    • (dhc6-srv/allocation-ranges)

  • Various attacks based on reconfiguring the contents of DHCPv6 options, leading to several types of security or privacy threats. These options could redirect clients to services under an attacker's control, for example, by changing the address of a DNS server supplied in a DHCP option to point to a rogue server.

    • (dhc6-srv/option-sets)

These are the subtrees and data nodes in the 'ieft-dhcpv6-relay.yang' module and their sensitivity/vulnerability:

  • DoS attacks, based on disabling the DHCP relay function or modifying the relay's "destination-address" to a non-existent address.

    • (dhc6-rly/relay-if)

  • Modifying the relay's "destination-address" to send messages to a rogue DHCPv6 server.

    • (dhc6-rly/relay-if)

Some of the RPC operations in these YANG modules may be considered sensitive or vulnerable in some network environments. It is thus important to control access to these operations. These RPCs use 'nacm:default-deny-all'.

These are the operations in the 'ieft-dhcpv6-relay.yang' module and their sensitivity/vulnerability:

  • Deleting/clearing active address and prefix leases causing a DoS attack, as traffic will no longer be routed to the client.

    • (dhc6-rly/clear-prefix-entry)
    • (dhc6-rly/clear-client-prefixes)
    • (dhc6-rly/clear-interface-prefixes)

An attacker sending DHCPv6 messages that cause the server to generate 'invalid-client-detected' and 'decline-received' notifications could result in a DoS attack. Such an attack could be mitigated by the NETCONF client unsubscribing from the affected notifications.

Some of the readable data nodes in this YANG module may be considered sensitive or vulnerable in some network environments. It is thus important to control read access (e.g., via get, get-config, or notification) to these data nodes. These are the subtrees and data nodes and their sensitivity/vulnerability:

The following subtrees and data nodes can be misused to track the activity or fingerprint the device type of the host:

  • Information the server holds about clients with active leases:

    • (dhc6-srv/allocation-ranges/allocation-range/address-pools/ address-pool/active-leases)

  • Information the relay holds about clients with active leases:

    • (dhc6-rly/relay-if/prefix-delegation/)

Information about a server's configured address and prefix pools may be used by an attacker for network reconnaissance [RFC7707]. The following subtrees and data nodes could be used for this purpose:

  • Information about client address allocation ranges:

    • (dhc6-srv/allocation-ranges/allocation-range/address-pools/ address-pool/pool-prefix)

  • Information about client prefix allocation ranges:

    • (dhc6-srv/allocation-ranges/allocation-range/prefix-pools/ prefix-pool/pool-prefix)

[RFC7844] describes anonymity profiles for DHCP clients. These can be used to prevent client tracking on a visited network. Support for this can be enabled by implementing the 'anon-profile' feature in the client module.

[RFC7824] covers privacy considerations for DHCPv6 and is applicable here.

Security considerations related to DHCPv6 are discussed in [RFC8415].

Security considerations given in [RFC7950] are also applicable here.

6. IANA Considerations

This document registers four URIs and four YANG modules.

6.1. URI Registration

Per this document, IANA has registered the following four URIs in the "ns" subregistry within the "IETF XML Registry" [RFC3688]:

URI:
urn:ietf:params:xml:ns:yang:ietf-dhcpv6-server
Registrant Contact:
The IESG.
XML:
N/A; the requested URI is an XML namespace.
URI:
urn:ietf:params:xml:ns:yang:ietf-dhcpv6-relay
Registrant Contact:
The IESG.
XML:
N/A; the requested URI is an XML namespace.
URI:
urn:ietf:params:xml:ns:yang:ietf-dhcpv6-client
Registrant Contact:
The IESG.
XML:
N/A; the requested URI is an XML namespace.
URI:
urn:ietf:params:xml:ns:yang:ietf-dhcpv6-common
Registrant Contact:
The IESG.
XML:
N/A; the requested URI is an XML namespace.

6.2. YANG Module Name Registration

Per this document, IANA has registered the following four YANG modules in the "YANG Module Names" subregistry [RFC6020] within the "YANG Parameters" registry.

name:
ietf-dhcpv6-server
namespace:
urn:ietf:params:xml:ns:yang:ietf-dhcpv6-server
maintained by IANA:
N
prefix:
dhc6-srv
reference:
RFC 9243
name:
ietf-dhcpv6-relay
namespace:
urn:ietf:params:xml:ns:yang:ietf-dhcpv6-relay
maintained by IANA:
N
prefix:
dhc6-rly
reference:
RFC 9243
name:
ietf-dhcpv6-client
namespace:
urn:ietf:params:xml:ns:yang:ietf-dhcpv6-client
maintained by IANA:
N
prefix:
dhc6-clnt
reference:
RFC 9243
name:
ietf-dhcpv6-common
namespace:
urn:ietf:params:xml:ns:yang:ietf-dhcpv6-common
maintained by IANA:
N
prefix:
dhc6
reference:
RFC 9243

7. References

7.1. Normative References

[BCP18]
Alvestrand, H., "IETF Policy on Character Sets and Languages", BCP 18, RFC 2277, .
<https://www.rfc-editor.org/info/bcp18>
[IANA-DHCPV6-AUTH-NAMESPACES]
IANA, "Dynamic Host Configuration Protocol (DHCP) Authentication Option Name Spaces", <https://www.iana.org/assignments/auth-namespaces>.
[IANA-DHCPV6-OPTION-CODES]
IANA, "Option Codes", <https://www.iana.org/assignments/dhcpv6-parameters>.
[IANA-DHCPV6-STATUS-CODES]
IANA, "DHCPv6 Status Codes", <https://www.iana.org/assignments/dhcpv6-parameters>.
[IANA-HARDWARE-TYPES]
IANA, "Hardware Types", <https://www.iana.org/assignments/arp-parameters>.
[IANA-PEN]
IANA, "Private Enterprise Numbers", <https://www.iana.org/assignments/enterprise-numbers>.
[RFC2119]
Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, , <https://www.rfc-editor.org/info/rfc2119>.
[RFC3118]
Droms, R., Ed. and W. Arbaugh, Ed., "Authentication for DHCP Messages", RFC 3118, DOI 10.17487/RFC3118, , <https://www.rfc-editor.org/info/rfc3118>.
[RFC3688]
Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, DOI 10.17487/RFC3688, , <https://www.rfc-editor.org/info/rfc3688>.
[RFC6020]
Bjorklund, M., Ed., "YANG - A Data Modeling Language for the Network Configuration Protocol (NETCONF)", RFC 6020, DOI 10.17487/RFC6020, , <https://www.rfc-editor.org/info/rfc6020>.
[RFC6241]
Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., and A. Bierman, Ed., "Network Configuration Protocol (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, , <https://www.rfc-editor.org/info/rfc6241>.
[RFC6242]
Wasserman, M., "Using the NETCONF Protocol over Secure Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, , <https://www.rfc-editor.org/info/rfc6242>.
[RFC6355]
Narten, T. and J. Johnson, "Definition of the UUID-Based DHCPv6 Unique Identifier (DUID-UUID)", RFC 6355, DOI 10.17487/RFC6355, , <https://www.rfc-editor.org/info/rfc6355>.
[RFC6991]
Schoenwaelder, J., Ed., "Common YANG Data Types", RFC 6991, DOI 10.17487/RFC6991, , <https://www.rfc-editor.org/info/rfc6991>.
[RFC7844]
Huitema, C., Mrugalski, T., and S. Krishnan, "Anonymity Profiles for DHCP Clients", RFC 7844, DOI 10.17487/RFC7844, , <https://www.rfc-editor.org/info/rfc7844>.
[RFC7950]
Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", RFC 7950, DOI 10.17487/RFC7950, , <https://www.rfc-editor.org/info/rfc7950>.
[RFC8040]
Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF Protocol", RFC 8040, DOI 10.17487/RFC8040, , <https://www.rfc-editor.org/info/rfc8040>.
[RFC8174]
Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, , <https://www.rfc-editor.org/info/rfc8174>.
[RFC8340]
Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", BCP 215, RFC 8340, DOI 10.17487/RFC8340, , <https://www.rfc-editor.org/info/rfc8340>.
[RFC8341]
Bierman, A. and M. Bjorklund, "Network Configuration Access Control Model", STD 91, RFC 8341, DOI 10.17487/RFC8341, , <https://www.rfc-editor.org/info/rfc8341>.
[RFC8342]
Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., and R. Wilton, "Network Management Datastore Architecture (NMDA)", RFC 8342, DOI 10.17487/RFC8342, , <https://www.rfc-editor.org/info/rfc8342>.
[RFC8343]
Bjorklund, M., "A YANG Data Model for Interface Management", RFC 8343, DOI 10.17487/RFC8343, , <https://www.rfc-editor.org/info/rfc8343>.
[RFC8415]
Mrugalski, T., Siodelski, M., Volz, B., Yourtchenko, A., Richardson, M., Jiang, S., Lemon, T., and T. Winters, "Dynamic Host Configuration Protocol for IPv6 (DHCPv6)", RFC 8415, DOI 10.17487/RFC8415, , <https://www.rfc-editor.org/info/rfc8415>.
[RFC8446]
Rescorla, E., "The Transport Layer Security (TLS) Protocol Version 1.3", RFC 8446, DOI 10.17487/RFC8446, , <https://www.rfc-editor.org/info/rfc8446>.
[RFC8987]
Farrer, I., Kottapalli, N., Hunek, M., and R. Patterson, "DHCPv6 Prefix Delegating Relay Requirements", RFC 8987, DOI 10.17487/RFC8987, , <https://www.rfc-editor.org/info/rfc8987>.

7.2. Informative References

[GROUPINGS-TLS]
Watsen, K., "YANG Groupings for TLS Clients and TLS Servers", Work in Progress, Internet-Draft, draft-ietf-netconf-tls-client-server-28, , <https://datatracker.ietf.org/doc/html/draft-ietf-netconf-tls-client-server-28>.
[RFC3319]
Schulzrinne, H. and B. Volz, "Dynamic Host Configuration Protocol (DHCPv6) Options for Session Initiation Protocol (SIP) Servers", RFC 3319, DOI 10.17487/RFC3319, , <https://www.rfc-editor.org/info/rfc3319>.
[RFC7707]
Gont, F. and T. Chown, "Network Reconnaissance in IPv6 Networks", RFC 7707, DOI 10.17487/RFC7707, , <https://www.rfc-editor.org/info/rfc7707>.
[RFC7824]
Krishnan, S., Mrugalski, T., and S. Jiang, "Privacy Considerations for DHCPv6", RFC 7824, DOI 10.17487/RFC7824, , <https://www.rfc-editor.org/info/rfc7824>.

Appendix A. Data Tree Examples

This section contains XML examples of data trees for the different DHCPv6 elements.

A.1. DHCPv6 Server Configuration Examples

The following example shows a basic configuration for a server. The configuration defines:

  • enabling the DHCP server function,
  • the server's DUID,
  • an option set (id=1) with configuration for the Solicit Max Retry Timeout (SOL_MAX_RT (82)) option,
  • a single network range (2001:db8::/32), and
  • a single address pool, with start and end addresses, relevant lease timers, and an 'option-set-id' of "1" referencing the option set configured above. 
<dhcpv6-server
    xmlns="urn:ietf:params:xml:ns:yang:ietf-dhcpv6-server">
  <enabled>true</enabled>
  <server-duid>000200090CC084D303000912</server-duid>
  <vendor-config/>
  <option-sets>
    <option-set>
      <option-set-id>1</option-set-id>
      <description>Example DHCP option set</description>
      <sol-max-rt-option>
        <sol-max-rt-value>3600</sol-max-rt-value>
      </sol-max-rt-option>
    </option-set>
  </option-sets>
  <class-selector/>
  <allocation-ranges>
    <valid-lifetime>54000</valid-lifetime>
    <renew-time>7200</renew-time>
    <rebind-time>32400</rebind-time>
    <preferred-lifetime>43200</preferred-lifetime>
    <allocation-range>
      <id>1</id>
      <description>example-allocation-range</description>
      <network-prefix>2001:db8::/32</network-prefix>
      <option-set-id>1</option-set-id>
      <address-pools>
        <address-pool>
          <pool-id>1</pool-id>
          <pool-prefix>2001:db8:1:1::/64</pool-prefix>
          <start-address>2001:db8:1:1::1000</start-address>
          <end-address>2001:db8:1:1::2000</end-address>
          <max-address-utilization>50</max-address-utilization>
          <option-set-id>1</option-set-id>
        </address-pool>
      </address-pools>
    </allocation-range>
  </allocation-ranges>
</dhcpv6-server>
Figure 4: Basic Server Configuration Example XML

The following example configuration snippet shows a static host reservation within an address pool. The host's lease timers are configured to be longer than hosts from the pool with dynamically assigned addresses.

<address-pools>
  <address-pool>
    <pool-id>1</pool-id>
    <pool-prefix>2001:db8:1:1::/64</pool-prefix>
    <start-address>2001:db8:1:1::1000</start-address>
    <end-address>2001:db8:1:1::2000</end-address>
    <max-address-utilization>50</max-address-utilization>
    <option-set-id>1</option-set-id>
    <host-reservations>
      <host-reservation>
        <reserved-addr>2001:db8:1:1::1001</reserved-addr>
        <client-duid>00052001db81</client-duid>
        <option-set-id>1</option-set-id>
        <valid-lifetime>604800</valid-lifetime>
        <renew-time>86400</renew-time>
        <rebind-time>172800</rebind-time>
        <preferred-lifetime>345600</preferred-lifetime>
      </host-reservation>
    </host-reservations>
  </address-pool>
</address-pools>
Figure 5: Server Host Reservation Configuration Example XML Snippet

The following example configuration snippet shows a network range and pool to be used for delegating prefixes to clients. In this example, each client will receive a /56 prefix.

The 'max-pd-space-utilization' is set to 80 percent so that a 'prefix-pool-utilization-threshold-exceeded' notification will be raised if the number of prefix allocations exceeds this.

<allocation-ranges>
  <allocation-range>
    <id>1</id>
    <description>prefix-pool-example</description>
    <network-prefix>2001:db8::/32</network-prefix>
    <prefix-pools>
      <valid-lifetime>54000</valid-lifetime>
      <renew-time>7200</renew-time>
      <rebind-time>32400</rebind-time>
      <preferred-lifetime>43200</preferred-lifetime>
      <prefix-pool>
        <pool-id>0</pool-id>
        <option-set-id>1</option-set-id>
        <pool-prefix>2001:db8:1::/48</pool-prefix>
        <client-prefix-length>56</client-prefix-length>
        <max-pd-space-utilization>80</max-pd-space-utilization>
      </prefix-pool>
    </prefix-pools>
  </allocation-range>
</allocation-ranges>
Figure 6: Server Prefix Delegation Configuration Example XML Snippet

The next example configuration snippet shows a set of options that may be returned to clients, depending on the contents of a received DHCP request message. The option set ID is '1', which will be referenced by other places in the configuration (e.g., address pool configuration) as the available options for clients that request them.

The example shows how the option definitions can be extended via augmentation. In this case, "OPTION_SIP_SERVER_D (21) SIP Servers Domain-Name List" from the example module in Appendix B has been augmented to the server's option set.

<option-sets>
  <option-set>
    <option-set-id>1</option-set-id>
    <description>Example DHCP option set</description>
    <vendor-specific-information-options>
      <vendor-specific-information-option>
        <enterprise-number>32473</enterprise-number>
        <vendor-option-data>
          <sub-option-code>01</sub-option-code>
          <sub-option-data>1234abcd</sub-option-data>
        </vendor-option-data>
        <vendor-option-data>
          <sub-option-code>02</sub-option-code>
          <sub-option-data>abcd1234</sub-option-data>
        </vendor-option-data>
      </vendor-specific-information-option>
    </vendor-specific-information-options>
    <sol-max-rt-option>
      <sol-max-rt-value>3600</sol-max-rt-value>
    </sol-max-rt-option>
    <sip-server-domain-name-list-option
      xmlns="https://example.com/ns/example-dhcpv6-opt-sip-serv">
      <sip-server>
        <sip-serv-id>0</sip-serv-id>
        <sip-serv-domain-name>sip1.example.org</sip-serv-domain-name>
      </sip-server>
      <sip-server>
        <sip-serv-id>1</sip-serv-id>
        <sip-serv-domain-name>sip2.example.org</sip-serv-domain-name>
      </sip-server>
    </sip-server-domain-name-list-option>
  </option-set>
</option-sets>
Figure 7: Server Option Set Configuration Example XML Snippet

A.2. DHCPv6 Relay Configuration Example

The following example shows a basic configuration for a single DHCP relay interface and its interaction with the ietf-interfaces module. The configuration shows two XML documents, one for ietf-interfaces and a second for ietf-dhcpv6-relay, defining:

  • configuring an interface using the ietf-interfaces module that the relay configuration will be applied to,
  • enabling the DHCP relay function globally and for the relevant interface,
  • referencing the interface that the relay configuration is relevant for via an interface-ref to the ietf-interfaces module,
  • defining two destination addresses that incoming DHCP messages will be relayed to,
  • configuring the link-address value that will be sent in the relay-forward message, and
  • configuring a value for the Interface ID Option (OPTION_INTERFACE_ID (18)), which will be included in the relay forward message. 
<interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"
  xmlns:ianaift="urn:ietf:params:xml:ns:yang:iana-if-type">
  <interface>
    <name>eth0</name>
    <type>ianaift:ethernetCsmacd</type>
    <description>DHCPv6 Relay Interface</description>
    <enabled>true</enabled>
  </interface>
</interfaces>

<dhcpv6-relay xmlns="urn:ietf:params:xml:ns:yang:ietf-dhcpv6-relay">
  <enabled>true</enabled>
  <relay-if>
    <if-name>eth0</if-name>
    <enabled>true</enabled>
    <destination-address>2001:db8:2::1</destination-address>
    <destination-address>2001:db8:2::2</destination-address>
    <link-address>2001:db8:3::1</link-address>
    <relay-options>
      <interface-id-option>
        <interface-id>EXAMPLEINTERFACEID01</interface-id>
      </interface-id-option>
    </relay-options>
  </relay-if>
</dhcpv6-relay>
Figure 8: Basic Relay Configuration Example XML

A.3. DHCPv6 Client Configuration Example

The following example shows a basic configuration for a DHCP client and its interaction with the ietf-interfaces module. The configuration shows two XML documents, one for ietf-interfaces and a second for ietf-dhcpv6-client, defining:

  • configuring an interface using the ietf-interfaces module that the client configuration will be applied to,
  • enabling the DHCP client function globally and for the relevant interface,
  • referencing the interface that the client configuration is relevant for via an interface-ref to the ietf-interfaces module,
  • setting the DUID for the DHCPv6-enabled interface,
  • configuring a list of option codes that will be requested by the client in its Option Request Option (OPTION_ORO (6)),
  • configuring a single instance of the Vendor-specific Information Option (OPTION_VENDOR_OPTS (17)) with a single sub-option data item,
  • requesting a non-temporary IPv6 address (IA_NA) with an identity association interface identifier of 1, and
  • requesting an IPv6 delegated prefix address (IA_PD) with an identity association interface identifier of 2. 
<interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"
  xmlns:ianaift="urn:ietf:params:xml:ns:yang:iana-if-type">
  <interface>
    <name>eth0</name>
    <type>ianaift:ethernetCsmacd</type>
    <description>DHCPv6 Relay Interface</description>
    <enabled>true</enabled>
  </interface>
</interfaces>

<dhcpv6-client
  xmlns="urn:ietf:params:xml:ns:yang:ietf-dhcpv6-client">
  <enabled>true</enabled>
  <client-if>
    <if-name>eth0</if-name>
    <enabled>true</enabled>
    <interface-duid>000200090CC084D303000913</interface-duid>
    <client-configured-options>
      <option-request-option>
        <oro-option>17</oro-option>
        <oro-option>23</oro-option>
        <oro-option>24</oro-option>
        <oro-option>82</oro-option>
      </option-request-option>
      <vendor-specific-information-options>
        <vendor-specific-information-option>
          <enterprise-number>32473</enterprise-number>
          <vendor-option-data>
            <sub-option-code>1</sub-option-code>
            <sub-option-data>abcd1234</sub-option-data>
          </vendor-option-data>
        </vendor-specific-information-option>
      </vendor-specific-information-options>
    </client-configured-options>
    <ia-na>
      <ia-id>1</ia-id>
    </ia-na>
    <ia-pd>
      <ia-id>2</ia-id>
    </ia-pd>
  </client-if>
</dhcpv6-client>
Figure 9: Basic Client Configuration Example XML

Appendix B. Example of Augmenting Additional DHCPv6 Option Definitions

The following section provides an example of how the DHCPv6 option definitions can be extended to include additional options. It is expected that additional specification documents will be published for this in the future.

The example defines YANG modules for OPTION_SIP_SERVER_D (21) and OPTION_SIP_SERVER_D (22) as specified in [RFC3319]. An example XML configuration, showing the interworking with other modules, is provided in Figure 7.

The module is constructed as follows:

  • The module is named using a meaningful, shortened version of the document name in which the DHCP option format is specified.
  • A separate grouping is used to define each option.
  • The name of the option is taken from the registered IANA name for the option, with an '-option' suffix added.
  • The description field is taken from the relevant option code name and number.
  • The reference section is the number and name of the RFC in which the DHCPv6 option is defined.
  • The remaining fields match the fields in the DHCP option. They are in the same order as defined in the DHCP option. Wherever possible, the format that is defined for the DHCP field should be matched by the relevant YANG type.
  • Fields that can have multiple entries or instances are defined using list or leaf-list nodes.

Below the groupings for option definitions, augment statements are used to add the option definitions for use in the relevant DHCP element's module (server, relay, and/or client).

<CODE BEGINS>
module example-dhcpv6-opt-sip-serv {
  yang-version 1.1;
  namespace "https://example.com/ns/"
          + "example-dhcpv6-opt-sip-serv";
  prefix sip-srv;

  import ietf-inet-types {
    prefix inet;
  }
  import ietf-dhcpv6-server {
    prefix dhc6-srv;
  }

  organization
    "IETF Dynamic Host Configuration (DHC) Working Group";
  contact
    "WG Web:   <https://datatracker.ietf.org/wg/dhc/>
     WG List:  <mailto:dhcwg@ietf.org>
     Author:   Yong Cui <yong@csnet1.cs.tsinghua.edu.cn>
     Author:   Linhui Sun <lh.sunlinh@gmail.com>
     Editor:   Ian Farrer <ian.farrer@telekom.de>
     Author:   Sladjana Zeichlin <sladjana.zechlin@telekom.de>
     Author:   Zihao He <hezihao9512@gmail.com>
     Author:   Michal Nowikowski <godfryd@isc.org>";
  description
    "This YANG module contains DHCPv6 options defined in RFC 8415
     that can be used by DHCPv6 servers.

     Copyright (c) 2022 IETF Trust and the persons identified as
     authors of the code.  All rights reserved.

     Redistribution and use in source and binary forms, with or
     without modification, is permitted pursuant to, and subject to
     the license terms contained in, the Revised BSD License set
     forth in Section 4.c of the IETF Trust's Legal Provisions
     Relating to IETF Documents
     (https://trustee.ietf.org/license-info).

     This version of this YANG module is part of RFC 9243
     (https://www.rfc-editor.org/info/rfc9243); see the RFC itself
     for full legal notices.";

  revision 2022-06-20 {
    description
      "Initial revision.";
    reference
      "RFC 9243: A YANG Data Model for DHCPv6 Configuration";
  }

  /*
   * Groupings
   */

  grouping sip-server-domain-name-list-option-group {
    description
      "OPTION_SIP_SERVER_D (21) SIP Servers Domain-Name List.";
    reference
      "RFC 3319: Dynamic Host Configuration Protocol
       (DHCPv6) Options for Session Initiation Protocol (SIP)
       Servers";
    container sip-server-domain-name-list-option {
      description
        "OPTION_SIP_SERVER_D (21) SIP Servers Domain Name List
         Option.";
      list sip-server {
        key "sip-serv-id";
        description
          "SIP server information.";
        leaf sip-serv-id {
          type uint8;
          description
            "SIP server list identifier.";
        }
        leaf sip-serv-domain-name {
          type inet:domain-name;
          description
            "SIP server domain name.";
        }
      }
    }
  }

  grouping sip-server-address-list-option-group {
    description
      "OPTION_SIP_SERVER_A (22) SIP Servers IPv6 Address List.";
    reference
      "RFC 3319: Dynamic Host Configuration Protocol
       (DHCPv6) Options for Session Initiation Protocol (SIP)
       Servers";
    container sip-server-address-list-option {
      description
        "OPTION_SIP_SERVER_A (22) SIP Servers IPv6 Address List
         Option.";
      list sip-server {
        key "sip-serv-id";
        description
          "SIP server information.";
        leaf sip-serv-id {
          type uint8;
          description
            "SIP server list entry identifier.";
        }
        leaf sip-serv-addr {
          type inet:ipv6-address;
          description
            "SIP server IPv6 address.";
        }
      }
    }
  }

  /*
   * Augmentations
   */

  augment "/dhc6-srv:dhcpv6-server/dhc6-srv:option-sets/"
        + "dhc6-srv:option-set" {
    description
      "Augment the option definition groupings to the server
       module.";
    uses sip-server-domain-name-list-option-group;
    uses sip-server-address-list-option-group;
  }
}

<CODE ENDS>

The correct location to augment the new option definition(s) will vary according to the specific rules defined for the use of that specific option. For example, for options that will be augmented into the ietf-dhcpv6-server module, in many cases, these will be augmented to:

'/dhc6-srv:dhc6-srv/dhc6-srv:option-sets/dhc6-srv:option-set'

so that they can be defined within option sets. However, there are some options that are only applicable for specific deployment scenarios, and in these cases, it may be more logical to augment the option group to a location relevant for the option.

One example for this could be OPTION_PD_EXCLUDE (67). This option is only relevant in combination with a delegated prefix that contains a specific prefix. In this case, the following location for the augmentation may be more suitable:

'/dhc6-srv:dhc6-srv/dhc6-srv:allocation-ranges/dhc6-srv:allocation-range/dhc6-srv:prefix-pools/dhc6-srv:prefix-pool'

Appendix C. Example Vendor-Specific Server Configuration Module

This section shows how to extend the server YANG module defined in this document with vendor-specific configuration nodes, e.g., configuring access to a lease storage database.

The example module defines additional server attributes, such as name and description. Storage for leases is configured using a lease-storage container. It allows storing leases in one of three options: memory (memfile), MySQL, and PostgreSQL. For each case, the necessary configuration parameters are provided.

For simplicity, this example module assumes that the DHCPv6 server is colocated with the MySQL or PostgreSQL database server and can serve traffic securely on the localhost without additional cryptographic protection. In a production deployment, these functions would likely not be colocated and thus use TLS to secure the database connection between the DHCPv6 server and database server. A YANG module for configuring TLS is defined in [GROUPINGS-TLS].

At the end, there is an augment statement that adds the vendor-specific configuration defined in "dhcpv6-server-config:config" under the "/dhcpv6-server:config/dhcpv6-server:vendor-config" mount point.

<CODE BEGINS>
module example-dhcpv6-server-conf {
  yang-version 1.1;
  namespace "https://example.com/ns/"
          + "example-dhcpv6-server-conf";
  prefix dhc6-srv-conf;

  import ietf-inet-types {
    prefix inet;
  }
  import ietf-interfaces {
    prefix if;
  }
  import ietf-dhcpv6-server {
    prefix dhc6-srv;
  }

  organization
    "IETF Dynamic Host Configuration (DHC) Working Group";
  contact
    "WG Web:   <https://datatracker.ietf.org/wg/dhc/>
     WG List:  <mailto:dhcwg@ietf.org>
     Author:   Yong Cui <yong@csnet1.cs.tsinghua.edu.cn>
     Author:   Linhui Sun <lh.sunlinh@gmail.com>
     Editor:   Ian Farrer <ian.farrer@telekom.de>
     Author:   Sladjana Zeichlin <sladjana.zechlin@telekom.de>
     Author:   Zihao He <hezihao9512@gmail.com>
     Author:   Michal Nowikowski <godfryd@isc.org>";
  description
    "This YANG module defines components for the configuration and
     management of vendor-/implementation-specific DHCPv6 server
     functionality.  As this functionality varies greatly between
     different implementations, the module is provided as an example
     only.

     Copyright (c) 2022 IETF Trust and the persons identified as
     authors of the code.  All rights reserved.

     Redistribution and use in source and binary forms, with or
     without modification, is permitted pursuant to, and subject to
     the license terms contained in, the Revised BSD License set
     forth in Section 4.c of the IETF Trust's Legal Provisions
     Relating to IETF Documents
     (https://trustee.ietf.org/license-info).

     This version of this YANG module is part of RFC 9243
     (https://www.rfc-editor.org/info/rfc9243); see the RFC itself
     for full legal notices.";

  revision 2022-06-20 {
    description
      "Initial revision.";
    reference
      "RFC 9243: A YANG Data Model for DHCPv6 Configuration";
  }

  /*
   * Groupings
   */

  grouping config {
    description
      "Parameters necessary for the configuration of a DHCPv6
       server.";
    container serv-attributes {
      description
        "Contains basic attributes necessary for running a DHCPv6
         server.";
      leaf name {
        type string;
        description
          "Name of the DHCPv6 server.";
      }
      leaf description {
        type string;
        description
          "Description of the DHCPv6 server.";
      }
      leaf ipv6-listen-port {
        type uint16;
        default "547";
        description
          "UDP port that the server will listen on.";
      }
      choice listening-interfaces {
        default "all-interfaces";
        description
          "Configures which interface or addresses the server will
           listen for incoming messages on.";
        case all-interfaces {
          container all-interfaces {
            presence "true";
            description
              "Configures the server to listen for incoming messages
               on all IPv6 addresses (unicast and multicast) on all
               of its network interfaces.";
          }
        }
        case interface-list {
          leaf-list interfaces {
            type if:interface-ref;
            description
              "List of interfaces on which the server will listen
               for incoming messages.  Messages addressed to any
               valid IPv6 address (unicast and multicast) will be
               received.";
          }
        }
        case address-list {
          leaf-list address-list {
            type inet:ipv6-address;
            description
              "List of IPv6 address(es) on which the server will
               listen for incoming DHCPv6 messages.";
          }
        }
      }
      leaf-list interfaces-config {
        type if:interface-ref;
        default "if:interfaces/if:interface/if:name";
        description
          "A leaf list of interfaces on which the server should
           listen.";
      }
      container lease-storage {
        description
          "Configures how the server will store leases.";
        choice storage-type {
          description
            "The type of storage that will be used for lease
             information.";
          case memfile {
            description
              "Configuration for storing leases information in a
               Comma-Separated Value (CSV) file.";
            leaf memfile-name {
              type string;
              description
                "Specifies the absolute location of the lease file.
                 The format of the string follows the semantics of
                 the relevant operating system.";
            }
            leaf memfile-lfc-interval {
              type uint64;
              description
                "Specifies the interval in seconds, at which the
                 server will perform a lease file cleanup (LFC).";
            }
          }
          case mysql {
            leaf mysql-name {
              type string;
              description
                "Name of the MySQL database, running on the
                 localhost.";
            }
            leaf mysql-username {
              type string;
              description
                "User name of the account under which the server
                 will access the database.";
            }
            leaf mysql-password {
              type string;
              description
                "Password of the account under which the server
                 will access the database.";
            }
            leaf mysql-port {
              type inet:port-number;
              default "3306";
              description
                "If the database is located on a different system,
                 the port number may be specified.";
            }
            leaf mysql-lfc-interval {
              type uint64;
              description
                "Specifies the interval in seconds, at which the
                 server will perform a lease file cleanup (LFC).";
            }
            leaf mysql-connect-timeout {
              type uint64;
              description
                "Defines the timeout interval for connecting to the
                 database.  A longer interval can be specified if the
                 database is remote.";
            }
          }
          case postgresql {
            leaf postgresql-name {
              type string;
              description
                "Name of the PostgreSQL database, running on the
                 localhost.";
            }
            leaf postgresql-username {
              type string;
              description
                "User name of the account under which the server
                 will access the database.";
            }
            leaf postgresql-password {
              type string;
              description
                "Password of the account under which the server
                 will access the database.";
            }
            leaf postgresql-port {
              type inet:port-number;
              default "5432";
              description
                "If the database is located on a different system,
                 the port number may be specified.";
            }
            leaf postgresql-lfc-interval {
              type uint64;
              description
                "Specifies the interval in seconds, at which the
                 server will perform a lease file cleanup (LFC).";
            }
            leaf postgresql-connect-timeout {
              type uint64;
              description
                "Defines the timeout interval for connecting to the
                 database.  A longer interval can be specified if the
                 database is remote.";
            }
          }
        }
      }
    }
  }

  /*
   * Augmentations
   */

  augment "/dhc6-srv:dhcpv6-server/dhc6-srv:vendor-config" {
    description
      "Augment the server-specific YANG module to the
       ietf-dhcpv6-server module.";
    uses config;
  }
}

<CODE ENDS>

Appendix D. Example Definition of Class-Selector Configuration

The module "ietf-example-dhcpv6-class-selector" provides an example of how vendor-specific class selection configuration can be modeled and integrated with the "ietf-dhcpv6-server" module defined in this document.

The example module defines "client-class-names" with associated matching rules. A client can be classified based on the "client-id", "interface-id" (ingress interface of the client's messages), packet's source or destination address, relay link address, relay link interface-id, and more. Actually, there are endless methods for classifying clients. So this standard does not try to provide full specification for class selection; it only shows an example of how it could be defined.

At the end of the example, augment statements are used to add the defined class selector rules into the overall DHCPv6 addressing hierarchy. This is done in two main parts:

  • the augmented class-selector configuration in the main DHCPv6 Server configuration
  • client-class leafrefs augmented to "allocation-range", "address-pool", and "pd-pool", pointing to the "client-class-name" that is required

The mechanism is as follows: class is associated to a client based on rules, and then a client is allowed to get an address(es) or a prefix(es) from a given allocation-range/pool if the class name matches.

<CODE BEGINS>
module example-dhcpv6-class-select {
  yang-version 1.1;
  namespace "https://example.com/ns/"
          + "example-dhcpv6-class-select";
  prefix dhc6-class-sel;

  import ietf-inet-types {
    prefix inet;
  }
  import ietf-interfaces {
    prefix if;
  }
  import ietf-dhcpv6-common {
    prefix dhc6;
  }
  import ietf-dhcpv6-server {
    prefix dhc6-srv;
  }

  organization
    "IETF Dynamic Host Configuration (DHC) Working Group";
  contact
    "WG Web:   <https://datatracker.ietf.org/wg/dhc/>
     WG List:  <mailto:dhcwg@ietf.org>
     Author:   Yong Cui <yong@csnet1.cs.tsinghua.edu.cn>
     Author:   Linhui Sun <lh.sunlinh@gmail.com>
     Editor:   Ian Farrer <ian.farrer@telekom.de>
     Author:   Sladjana Zeichlin <sladjana.zechlin@telekom.de>
     Author:   Zihao He <hezihao9512@gmail.com>
     Author:   Michal Nowikowski <godfryd@isc.org>";
  description
    "This YANG module defines components for the definition and
     configuration of the client class selector function for a
     DHCPv6 server.  As this functionality varies greatly between
     different implementations, the module provided as an example
     only.

     Copyright (c) 2022 IETF Trust and the persons identified as
     authors of the code.  All rights reserved.

     Redistribution and use in source and binary forms, with or
     without modification, is permitted pursuant to, and subject to
     the license terms contained in, the Revised BSD License set
     forth in Section 4.c of the IETF Trust's Legal Provisions
     Relating to IETF Documents
     (https://trustee.ietf.org/license-info).

     This version of this YANG module is part of RFC 9243
     (https://www.rfc-editor.org/info/rfc9243); see the RFC itself
     for full legal notices.";

  revision 2022-06-20 {
    description
      "Initial revision.";
    reference
      "RFC 9243: A YANG Data Model for DHCPv6 Configuration";
  }

  /*
   * Groupings
   */

  grouping client-class-id {
    description
      "Definitions of client message classification for
       authorization and assignment purposes.";
    leaf client-class-name {
      type string;
      mandatory true;
      description
        "Unique identifier for client class identification list
         entries.";
    }
    choice id-type {
      mandatory true;
      description
        "Definitions for different client identifier types.";
      case client-id-id {
        leaf client-id {
          type string;
          mandatory true;
          description
            "String literal client identifier.";
        }
        description
          "Client class selection based on a string literal client
           identifier.";
      }
      case received-interface-id {
        description
          "Client class selection based on the incoming interface
           of the DHCPv6 message.";
        leaf received-interface {
          type if:interface-ref;
          description
            "Reference to the interface entry for the incoming
             DHCPv6 message.";
        }
      }
      case packet-source-address-id {
        description
          "Client class selection based on the source address of
           the DHCPv6 message.";
        leaf packet-source-address {
          type inet:ipv6-address;
          mandatory true;
          description
            "Source address of the DHCPv6 message.";
        }
      }
      case packet-destination-address-id {
        description
          "Client class selection based on the destination address
           of the DHCPv6 message.";
        leaf packet-destination-address {
          type inet:ipv6-address;
          mandatory true;
          description
            "Destination address of the DHCPv6 message.";
        }
      }
      case relay-link-address-id {
        description
          "Client class selection based on the prefix of the
           link-address field in the relay agent message header.";
        leaf relay-link-address {
          type inet:ipv6-prefix;
          mandatory true;
          description
            "Prefix of the link-address field in the relay agent
             message header.";
        }
      }
      case relay-peer-address-id {
        description
          "Client class selection based on the value of the
           peer-address field in the relay agent message header.";
        leaf relay-peer-address {
          type inet:ipv6-prefix;
          mandatory true;
          description
            "Prefix of the peer-address field in the relay agent
             message header.";
        }
      }
      case relay-interface-id {
        description
          "Client class selection based on a received instance of
           OPTION_INTERFACE_ID (18).";
        leaf relay-interface {
          type string;
          description
            "An opaque value of arbitrary length generated by the
             relay agent to identify one of the relay agent's
             interfaces.";
        }
      }
      case user-class-option-id {
        description
          "Client class selection based on the value of the
           OPTION_USER_CLASS (15) and its user-class-data field.";
        leaf user-class-data {
          type string;
          mandatory true;
          description
            "User Class value to match.";
        }
      }
      case vendor-class-present-id {
        description
          "Client class selection based on the presence of
           OPTION_VENDOR_CLASS (16) in the received message.";
        leaf vendor-class-present {
          type boolean;
          mandatory true;
          description
            "Presence of OPTION_VENDOR_CLASS (16) in the received
             message.";
        }
      }
      case vendor-class-option-enterprise-number-id {
        description
          "Client class selection based on the value of the
           enterprise-number field in OPTION_VENDOR_CLASS (16).";
        leaf vendor-class-option-enterprise-number {
          type uint32;
          mandatory true;
          description
            "Value of the enterprise-number field.";
        }
      }
      case vendor-class-option-data {
        description
          "Client class selection based on the value of a data
           field within a vendor-class-data entry for a matching
           enterprise-number field in OPTION_VENDOR_CLASS (16).";
        container vendor-class-option-data {
          description
            "Vendor class option data container.";
          leaf enterprise-number {
            type uint32;
            description
              "The vendor's registered Enterprise Number, as
               maintained by IANA.";
          }
          leaf vendor-class-data-id {
            type uint8;
            description
              "Vendor class data ID.";
          }
          leaf vendor-class-data {
            type string;
            description
              "Opaque field for matching the client's vendor class
               data.";
          }
        }
      }
      case client-duid-id {
        description
          "Client class selection based on the value of the
           received client DUID.";
        leaf duid {
          type dhc6:duid;
          description
            "Client DUID.";
        }
      }
    }
  }

  /*
   * Augmentations
   */

  augment "/dhc6-srv:dhcpv6-server/dhc6-srv:class-selector" {
    description
      "Augment class selector functions to the DHCPv6 server
       module.";
    container client-classes {
      description
        "Client classes to augment.";
      list class {
        key "client-class-name";
        description
          "List of the client class identifiers applicable to
           clients served by this address pool.";
        uses client-class-id;
      }
    }
  }

  augment "/dhc6-srv:dhcpv6-server/"
        + "dhc6-srv:allocation-ranges/dhc6-srv:allocation-range" {
    description
      "Augment class selector functions to the DHCPv6 server
       allocation-ranges.";
    leaf-list client-class {
      type leafref {
        path "/dhc6-srv:dhcpv6-server/dhc6-srv:"
           + "class-selector/client-classes/class/client-class-name";
      }
      description
        "Leafrefs to client classes.";
    }
  }

  augment "/dhc6-srv:dhcpv6-server/dhc6-srv:"
        + "allocation-ranges/dhc6-srv:allocation-range/dhc6-srv:"
        + "address-pools/dhc6-srv:address-pool" {
    description
      "Augment class selector functions to the DHCPv6 server
       address-pools.";
    leaf-list client-class {
      type leafref {
        path "/dhc6-srv:dhcpv6-server/dhc6-srv:"
           + "class-selector/client-classes/class/client-class-name";
      }
      description
        "Leafrefs to client classes.";
    }
  }

  augment "/dhc6-srv:dhcpv6-server/dhc6-srv:"
        + "allocation-ranges/dhc6-srv:allocation-range/dhc6-srv:"
        + "prefix-pools/dhc6-srv:prefix-pool" {
    description
      "Augment class selector functions to the DHCPv6
       server prefix-pools.";
    leaf-list client-class {
      type leafref {
        path "/dhc6-srv:dhcpv6-server/dhc6-srv:"
           + "class-selector/client-classes/class/client-class-name";
      }
      description
        "Leafrefs to client classes.";
    }
  }
}

<CODE ENDS>

Acknowledgments

The authors would like to thank Qi Sun, Lishan Li, Hao Wang, Tomek Mrugalski, Marcin Siodelski, Bernie Volz, Ted Lemon, Bing Liu, Tom Petch, Acee Lindem, Benjamin Kaduk, Kris Lambrechts, and Paul Dumitru for their valuable comments and contributions to this work.

Contributors

The following individuals are coauthors of this document:

Yong Cui
Tsinghua University
Beijing,
100084
China
Linhui Sun
Tsinghua University
Beijing,
100084
China
Sladjana Zechlin
Deutsche Telekom AG
CTO-IPT, Landgrabenweg 151
53227, Bonn
Germany
Zihao He
Tsinghua University
Beijing,
100084
China
Michal Nowikowski
Internet Systems Consortium
Gdansk
Poland

Author's Address

Ian Farrer (editor)
Deutsche Telekom AG
S&TI, Landgrabenweg 151
53227 Bonn
Germany
RFC 9243: A YANG Data Model for DHCPv6 Configuration
Proposed Standard