A YANG Data Model for Network Tester ManagementLightside Instruments ASvladimir@lightside-instruments.com
This document introduces new YANG model for use in network interconnect testing containing modules of traffic generator and traffic analyzer.
There is a need for standard mechanism to allow the specification
and implementation of the transactions part of network tests.
The mechanism should allow the control and monitoring of the data plane traffic in a transactional way.
This document defines two YANG modules for test traffic generator and analyzer.
The YANG modules in this document conform to the Network Management Datastore Architecture (NMDA) defined in RFC 8342.
DUT: Device Under TestTA: Traffic AnalyzerTG: Traffic GeneratorFor a reference to the annotations used in tree diagrams included
in this document, please see YANG Tree
Diagrams.
Network interconnect tests require active network
elements part of the tested network that generate
test traffic and network elements that analyze
the test traffic at one or more points of its path.
A network interconnect tester is a device that can either
generate test traffic, analyze test traffic or both.
Here is a figure borrowed from
representing the horseshoe test setup topology consisting
of a single tester and a single DUT connected in a
network interconnect loop.
This document attempts to address the problem of defining YANG
model of a network interconnect tester that can be used for
development of vendor independent network interconnect tests
and utilize the advantages of transactional management using
standard protocols like NETCONF.
This section describes some of the design objectives for the model. It should:
provide means to specify the generated traffic as streams of cyclic sequence of bursts with configurable frame size, frame data, interframe gap and interburst gap.have a mandatory single stream mode and optional multi stream mode.provide means for configuration of traffic streams with static frame data where frames with identical frame data are sent during the lifetime of the stream.provide means for configuration of traffic streams with dynamic frame data where frames contain fields with dynamic data like generation time and sequence number.allow third parties to augment the base module with alternative dynamic fields of frame data extensions.provide means for realtime synchronization and orchestration of the generated streams.provide counters for received test traffic frames and octets.provide latency statistic in the case of test traffic with dynamic frame data that includes timestamp.provide sequence number errors in the case of test traffic with dynamic frame data that includes sequence number.
The proposed model splits the design into 2 modules - 1) Traffic
Generator module (TG), 2) Traffic Analyzer module (TA). The modules are
implemented as augmentations of the ietf-interfaces
module adding configuration and state data that models the
functionality of a network interconnect tester. The TA and TG modules concept is
illustrated with the following diagram of a tester with two interfaces (named e0 and e1) connected in a loop with single DUT:
Basic example of how the model can be used in transactional network test program to control the testers part of a network and report counter statistics and timing measurement data is presented in .
All example cases present the configuration and state data from a single test trial. The search algorithm logic that operates to control the trial configuration is outside the scope of this document.
One of the examples demonstrates the use of the defined testframe packet.
<CODE BEGINS> file "ietf-traffic-generator@2022-06-17.yang"<CODE ENDS><CODE BEGINS> file "ietf-traffic-analyzer@2022-06-17.yang"<CODE ENDS>This document registers two URIs and two YANG modules.This document registers two URIs in the IETF XML registry . Following the format in
RFC 3688, the following registration is requested to be made:Registrant Contact: The IESG.XML: N/A, the requested URI is an XML namespace.This document registers two YANG module in the YANG Module Names
registry YANG.The YANG modules defined in this document are designed to be accessed via
the NETCONF protocol RFC 6241. The
lowest NETCONF layer is the secure transport layer and the mandatory
to implement secure transport is SSH RFC
6242. The NETCONF access control model RFC 6536 provides the means to restrict access
for particular NETCONF users to a pre-configured subset of all
available NETCONF protocol operations and content.There are a number of data nodes defined in this YANG module which
are writable/creatable/deletable (i.e. config true, which is the
default). These data nodes may be considered sensitive or vulnerable
in some network environments. Write operations (e.g. edit-config) to
these data nodes without proper protection can have a negative effect
on network operations. These are the subtrees and data nodes and
their sensitivity/vulnerability:
The ietf-traffic-generator YANG module controls a stateless traffic generator which is intended to be used for testing and verification purposes but can be used for malicious purposes like generating network traffic part of a Denial-of-Service (DoS) attack.
This should be taken into consideration when granting write access to the following container and descendant data nodes:
/if:interfaces/if:interface/nttg:traffic-generator
The ietf-traffic-analyzer YANG module controls a traffic analyzer which is designed for use in testing and verification but can be used for reading information contained in packets sent and received on any of the interfaces on systems that implement the capture feature.
This should be taken into consideration when granting read access to the following container and descendant data nodes:
/if:interfaces/if:interface/ntta:traffic-analyzer/ntta:captureIEEE 802.3-2014IEEE WG802.3 - Ethernet Working GroupIEEE 1588-2008IEEE
The following topology will be used for the examples in this section:
This pseudo code program orchestrates a network test and shows how the model can be used:
In sec. C.2.6.4 Test Frames a detailed format is specified. The frame-data leaf allows full control over the generated frames payload.