YANG:如何在没有键的情况下对嵌套列表配置数据建模

YANG: how to model nested lists configuration data without key

我正在尝试为这个包含没有键的列表的配置文件构建 YANG 模型。但是,由于 YANG 列表中的键的必要性,我无法构建精确的 YANG 模型。 有没有知道如何在 YANG 中表示没有键的列表列表。

该文件包含acls,其中可以有多个acl,如acl1、acl2,由用户命名,并具有如下示例中的规则。

acls:
  acl1:
  - rule:
      nw_src: 192.168.1.1/24  
      actions:
        allow: 1
  - rule:
      actions:
        allow: 0
  acl2:
  - rule:
      nw_src: 192.168.1.1/24  
      actions:
        allow: 0
  - rule:
      actions:
        allow: 1

我的 YANG 模型是

list acls{
     description "list of acls ";
      key "acl-name";
      ordered-by user;
      leaf acl-name {
        type string {
          length "1..64";
        }
      }
 list acle {
      description "This is a list of users in the system.";
      key "acle-name";
      ordered-by user;
      leaf acle-name {
        type string {
          length "1..64";
        }
        description
          "The name of access-list. A device MAY restrict the length
           and value of this name, possibly space and special
           characters are not allowed.";
      }

      container actions {
        description "actions for this acl entry ";    
        leaf allow {
          type uint8;
         }              
      } // end actions container       
   container match{
        description "match fields for this acl entry ";
    leaf nw_src{
         type inet:ipv4-address;
         }
    }
 }//match cont
 }//acle
} //acls

因此相应的有效数据文件具有 YANG 所需的额外字段,但在我上面的原始配置文件中不存在,如 (aclname、acle、aclename)。

acls:
  acl1:
    aclname: acl1
    acle:
      rule11:
        aclename: rule11
        nw_src: 192.168.1.1/24
        actions:
          allow: 1
      rule12:
        aclename: rule12
        actions:
          allow: 0
  acl2:
    aclname: acl2
    acle:
      rule21:
        nw_src: 192.168.1.1/24    
        aclename: rule21
        actions:
          allow: 0
      rule22:
        aclename: rule22
        actions:
          allow: 1

RFC7950, 7.8.2. The list's "key" Statement

The "key" statement, which MUST be present if the list represents configuration and MAY be present otherwise, takes as an argument a string that specifies a space-separated list of one or more leaf identifiers of this list. A leaf identifier MUST NOT appear more than once in the key. Each such leaf identifier MUST refer to a child leaf of the list. The leafs can be defined directly in substatements to the list or in groupings used in the list.

The combined values of all the leafs specified in the key are used to uniquely identify a list entry. All key leafs MUST be given values when a list entry is created. Thus, any default values in the key leafs or their types are ignored. Any "mandatory" statements in the key leafs are ignored.

列出模型配置数据(无论是否嵌套)必须有一个键。没有办法解决这个问题,因为每个配置列表实例都必须是唯一可识别的,这样 instance-identifiers 这样的结构才能按预期工作。如果没有密钥,您将很难告诉设备修改(甚至只是获取)配置中的特定条目。因此,你打算做的事情是无法实现的——这不是 YANG 的做事方式。

只有状态数据 (config false;) 列表可能没有密钥存在,因为它们不必以标准方式修改 - 它们 instantiation/modification/removal 受设备实现细节的约束。

此外,您已经在示例中使用了键。 “acl1”和“acl2”显然是“acl”列表的实例,它们的密钥被编码到它们的名称中。