| draft-ietf-bfd-mib-01.txt | draft-ietf-bfd-mib-02.txt | |||
|---|---|---|---|---|
| BFD Working Group Thomas D. Nadeau | BFD Working Group Thomas D. Nadeau | |||
| Standard Track Zafar Ali | Standard Track Zafar Ali | |||
| Cisco Systems, Inc. | Cisco Systems, Inc. | |||
| Document: draft-ietf-bfd-mib-01.txt | ||||
| Expires: January 2006 July 2005 | Expires: January 2006 July 2005 | |||
| Bidirectional Forwarding Detection Management Information Base | Bidirectional Forwarding Detection Management Information Base | |||
| draft-ietf-bfd-mib-01.txt | draft-ietf-bfd-mib-02.txt | |||
| Status of this Memo | Status of this Memo | |||
| By submitting this Internet-Draft, each author represents that any | By submitting this Internet-Draft, each author represents that any | |||
| applicable patent or other IPR claims of which he or she is aware | applicable patent or other IPR claims of which he or she is aware | |||
| have been or will be disclosed, and any of which he or she becomes | have been or will be disclosed, and any of which he or she becomes | |||
| aware will be disclosed, in accordance with Section 6 of BCP 79. | aware will be disclosed, in accordance with Section 6 of BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF), its areas, and its working groups. Note that other | Task Force (IETF), its areas, and its working groups. Note that other | |||
| skipping to change at page 1, line 41 | skipping to change at page 1, line 40 | |||
| The list of Internet-Draft Shadow Directories can be accessed at | The list of Internet-Draft Shadow Directories can be accessed at | |||
| http://www.ietf.org/shadow.html. | http://www.ietf.org/shadow.html. | |||
| Abstract | Abstract | |||
| This draft defines a portion of the Management Information Base | This draft defines a portion of the Management Information Base | |||
| (MIB) for use with network management protocols in the Internet | (MIB) for use with network management protocols in the Internet | |||
| community. In particular, it describes managed objects for modeling | community. In particular, it describes managed objects for modeling | |||
| Bidirectional Forwarding Detection (BFD) protocol [BFD]. | Bidirectional Forwarding Detection (BFD) protocol [BFD]. | |||
| Conventions used in this document | Contents | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL | ||||
| NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in | ||||
| this document are to be interpreted as described in RFC 2119 | ||||
| [RFC2119]. | ||||
| SUMMARY | ||||
| This draft defines Management Information Base (MIB) for | ||||
| Bidirectional Forwarding Detection (BFD) protocol [BFD]. | ||||
| RELATED REFERENCES | ||||
| Please refer to the reference section. | ||||
| Table of Contents | ||||
| 1. Introduction...................................................2 | 1. Introduction...................................................2 | |||
| 2. Terminology....................................................3 | 2. Terminology....................................................3 | |||
| 3. The Internet-Standard Management Framework.....................3 | 3. The Internet-Standard Management Framework.....................3 | |||
| 3. Brief Description of MIB Objects...............................3 | 3. Brief Description of MIB Objects...............................3 | |||
| 3.1 General Variables..........................................3 | 3.1 General Variables..........................................3 | |||
| 3.2 Session Table (bfdSessionTable)............................3 | 3.2 Session Table (bfdSessionTable)............................3 | |||
| 3.3 Session Performance Table (bfdSessionPerfTable)............3 | 3.3 Session Performance Table (bfdSessionPerfTable)............3 | |||
| 3.4 Session Mapping Table (bfdSessMapTable)....................3 | 3.4 Session Mapping Table (bfdSessMapTable)....................3 | |||
| 4. BFD MIB Module Definitions.....................................4 | 4. BFD MIB Module Definitions.....................................4 | |||
| 5. Security Considerations.......................................21 | 5. Security Considerations.......................................21 | |||
| 6. Acknowledgements..............................................22 | 6. Acknowledgements..............................................22 | |||
| 7. Reference.....................................................23 | 7. References....................................................23 | |||
| 7.1 Normative References.........................................23 | 7.1 Normative References.........................................23 | |||
| 7.2 Informative References.......................................23 | 7.2 Informative References.......................................23 | |||
| 8. Author's Addresses............................................23 | 8. Author's Addresses............................................23 | |||
| 9. Full Copyright Statement......................................24 | 9. Full Copyright Statement......................................24 | |||
| 10. IANA Considerations.........................................41 | 10. IANA Considerations.........................................41 | |||
| 10.1. IANA Considerations for BFD-STD-MIB.......................41 | 10.1. IANA Considerations for BFD-STD-MIB.......................41 | |||
| 11. Intellectual Property Statement.............................41 | 11. Intellectual Property Statement.............................41 | |||
| 1. Introduction | 1. Introduction | |||
| This memo defines an portion of the Management | This memo defines an portion of the Management | |||
| Information Base (MIB) for use with network management protocols | Information Base (MIB) for use with network management protocols | |||
| in the Internet community. In particular, it describes managed | in the Internet community. In particular, it describes managed | |||
| objects to configure and/or monitor Bi-Directional Forwarding | objects to configure and/or monitor Bi-Directional Forwarding | |||
| Detection on devices supporting this feature. | Detection on devices supporting this feature. | |||
| This document adopts the definitions, acronyms and mechanisms | This document adopts the definitions, acronyms and mechanisms | |||
| described in [BFD], [BFD-SHARED] and [BFD-LSP]. Unless otherwise | described in [BFD], [BFD-MH] and [BFD-LSP]. Unless otherwise | |||
| stated, the mechanisms described therein will not be re-described | stated, the mechanisms described therein will not be re-described | |||
| here. | here. | |||
| Comments should be made directly to the BFD mailing list at | Comments should be made directly to the BFD mailing list at | |||
| rtg-bfd@ietf.org. | rtg-bfd@ietf.org. | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL | |||
| NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and | NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and | |||
| "OPTIONAL" in this document are to be interpreted as described in | "OPTIONAL" in this document are to be interpreted as described in | |||
| [RFC2119]. | [RFC2119]. | |||
| 2. Terminology | 2. Terminology | |||
| This document adopts the definitions, acronyms and mechanisms | This document adopts the definitions, acronyms and mechanisms | |||
| described in [BFD], [BFD-SHARED] and [BFD-LSP]. Unless otherwise | described in [BFD], [BFD-MH] and [BFD-LSP]. Unless otherwise | |||
| stated, the mechanisms described therein will not be re-described | stated, the mechanisms described therein will not be re-described | |||
| here. | here. | |||
| 3. The Internet-Standard Management Framework | 3. The Internet-Standard Management Framework | |||
| For a detailed overview of the documents that describe the current | For a detailed overview of the documents that describe the current | |||
| Internet-Standard Management Framework, please refer to section 7 of | Internet-Standard Management Framework, please refer to section 7 of | |||
| RFC 3410 [RFC3410]. | RFC 3410 [RFC3410]. | |||
| Managed objects are accessed via a virtual information store, termed | Managed objects are accessed via a virtual information store, termed | |||
| skipping to change at page 4, line 7 | skipping to change at page 3, line 39 | |||
| performance counts on a per session basis. This table is an AUGMENT | performance counts on a per session basis. This table is an AUGMENT | |||
| to the bfdSessionTable. | to the bfdSessionTable. | |||
| 3.4 Session Mapping Table (bfdSessMapTable) | 3.4 Session Mapping Table (bfdSessMapTable) | |||
| The BFD Session Mapping Table maps the complex indexing of the BFD | The BFD Session Mapping Table maps the complex indexing of the BFD | |||
| sessions to the flat BFDIndex used in the BfdSessionTable. | sessions to the flat BFDIndex used in the BfdSessionTable. | |||
| 5. BFD MIB Module Definitions | 5. BFD MIB Module Definitions | |||
| BFD-DRAFT-01-MIB DEFINITIONS ::= BEGIN | BFD-STD-MIB DEFINITIONS ::= BEGIN | |||
| -- RFC-editor pls change BFD-DRAFT-*-MIB to | ||||
| -- BFD-STD-MIB | ||||
| IMPORTS | IMPORTS | |||
| MODULE-IDENTITY, OBJECT-TYPE, | MODULE-IDENTITY, OBJECT-TYPE, | |||
| Unsigned32, Counter32, Counter64, | Unsigned32, Counter32, Counter64, | |||
| NOTIFICATION-TYPE, mib-2 | NOTIFICATION-TYPE, mib-2 | |||
| FROM SNMPv2-SMI | FROM SNMPv2-SMI -- [RFC2578] | |||
| MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP | MODULE-COMPLIANCE, OBJECT-GROUP, | |||
| FROM SNMPv2-CONF | NOTIFICATION-GROUP | |||
| FROM SNMPv2-CONF -- [RFC2580] | ||||
| TEXTUAL-CONVENTION, TruthValue, RowStatus, StorageType, | TEXTUAL-CONVENTION, TruthValue, | |||
| TimeStamp | RowStatus, StorageType, TimeStamp | |||
| FROM SNMPv2-TC | FROM SNMPv2-TC -- [RFC2579] | |||
| InetAddress, InetAddressType, InetPortNumber | InetAddress, InetAddressType, InetPortNumber | |||
| FROM INET-ADDRESS-MIB | FROM INET-ADDRESS-MIB -- [RFC3291] | |||
| ; | ; | |||
| bfdMIB MODULE-IDENTITY | bfdMIB MODULE-IDENTITY | |||
| LAST-UPDATED "200507221200Z" -- 04 July 2005 12:00:00 EST | LAST-UPDATED "200507221200Z" -- 04 July 2005 12:00:00 EST | |||
| ORGANIZATION "IETF" | ORGANIZATION "IETF" | |||
| CONTACT-INFO | CONTACT-INFO | |||
| " Thomas D. Nadeau | " Thomas D. Nadeau | |||
| Cisco Systems, Inc. | Cisco Systems, Inc. | |||
| Email: tnadeau@cisco.com | Email: tnadeau@cisco.com | |||
| Zafar Ali | Zafar Ali | |||
| Cisco Systems, Inc. | Cisco Systems, Inc. | |||
| Email: zali@cisco.com | Email: zali@cisco.com | |||
| " | " | |||
| DESCRIPTION | DESCRIPTION | |||
| "Bidirectional Forwarding Management Information Base." | "Bidirectional Forwarding Management Information Base." | |||
| -- Revision history. | -- Revision history. | |||
| REVISION | REVISION | |||
| "200507221200Z" -- 04 July 2005 12:00:00 EST | "200508221200Z" -- 04 August 2005 12:00:00 EST | |||
| DESCRIPTION | DESCRIPTION | |||
| "Initial version. Published as RFC xxxx." -- RFC-editor pls fill | "Initial version. Published as RFC xxxx." -- RFC-editor pls fill | |||
| -- in xxx | -- in xxxx | |||
| ::= { mib-2 XXX } -- assigned by IANA, see section 18.1 for details | ::= { mib-2 XXX } -- assigned by IANA, see section 18.1 for details | |||
| -- Top level components of this MIB module. | -- Top level components of this MIB module. | |||
| bfdNotifications OBJECT IDENTIFIER ::= { bfdMIB 0 } | bfdNotifications OBJECT IDENTIFIER ::= { bfdMIB 0 } | |||
| bfdObjects OBJECT IDENTIFIER ::= { bfdMIB 1 } | bfdObjects OBJECT IDENTIFIER ::= { bfdMIB 1 } | |||
| bfdConformance OBJECT IDENTIFIER ::= { bfdMIB 3 } | bfdConformance OBJECT IDENTIFIER ::= { bfdMIB 3 } | |||
| skipping to change at page 15, line 11 | skipping to change at page 14, line 41 | |||
| DESCRIPTION | DESCRIPTION | |||
| "The number of times this session has gone into the Up | "The number of times this session has gone into the Up | |||
| state since the router last rebooted." | state since the router last rebooted." | |||
| ::= { bfdSessPerfEntry 6 } | ::= { bfdSessPerfEntry 6 } | |||
| bfdSessPerfDiscTime OBJECT-TYPE | bfdSessPerfDiscTime OBJECT-TYPE | |||
| SYNTAX TimeStamp | SYNTAX TimeStamp | |||
| MAX-ACCESS read-only | MAX-ACCESS read-only | |||
| STATUS current | STATUS current | |||
| DESCRIPTION | DESCRIPTION | |||
| "The value of sysUpTime on the most recent occasion at which | "The value of sysUpTime on the most recent occasion at | |||
| any | which any one or more of the session counters suffered | |||
| one or more of the session counters suffered a | a discontinuity. | |||
| discontinuity. | ||||
| The relevant counters are the specific instances associated | The relevant counters are the specific instances associated | |||
| with this BFD session of any Counter32 object contained in | with this BFD session of any Counter32 object contained in | |||
| the | the BfdSessPerfTable. If no such discontinuities have occurred | |||
| BfdSessPerfTable. If no such discontinuities have occurred | ||||
| since the last re-initialization of the local management | since the last re-initialization of the local management | |||
| subsystem, | subsystem, then this object contains a zero value." | |||
| then this object contains a zero value." | ||||
| ::= { bfdSessPerfEntry 7 } | ::= { bfdSessPerfEntry 7 } | |||
| bfdSessPerfPktInHC OBJECT-TYPE | bfdSessPerfPktInHC OBJECT-TYPE | |||
| SYNTAX Counter64 | SYNTAX Counter64 | |||
| MAX-ACCESS read-only | MAX-ACCESS read-only | |||
| STATUS current | STATUS current | |||
| DESCRIPTION | DESCRIPTION | |||
| "This value represents the total number of BFD messages | "This value represents the total number of BFD messages | |||
| received for this BFD session. It MUST be equal to the | received for this BFD session. It MUST be equal to the | |||
| least significant 32 bits of bfdSessPerfPktIn | least significant 32 bits of bfdSessPerfPktIn | |||
| if bfdSessPerfPktInHC is supported according to | if bfdSessPerfPktInHC is supported according to | |||
| the rules spelled out in RFC2863." | the rules spelled out in RFC2863." | |||
| skipping to change at page 21, line 37 | skipping to change at page 21, line 17 | |||
| 6. Security Considerations | 6. Security Considerations | |||
| There are a number of management objects defined in this MIB | There are a number of management objects defined in this MIB | |||
| module with a MAX-ACCESS clause of read-write and/or read-create. | module with a MAX-ACCESS clause of read-write and/or read-create. | |||
| Such objects may be considered sensitive or vulnerable in some | Such objects may be considered sensitive or vulnerable in some | |||
| network environments. It is thus important to control even GET and/or | network environments. It is thus important to control even GET and/or | |||
| NOTIFY access to these objects and possibly to even encrypt the | NOTIFY access to these objects and possibly to even encrypt the | |||
| values of these objects when sending them over the network via SNMP. | values of these objects when sending them over the network via SNMP. | |||
| o The bfdSessTable may be used to directly configure BFD | ||||
| sessions. The bfdSessMapTable can be used indirectly | ||||
| in the same way. Unauthorized access to objects in | ||||
| this table could result in disruption of traffic on | ||||
| the network. This is especially true if an unauthorized | ||||
| user configures enough tables to invoke a denial of | ||||
| service attack on the device where they are configured, | ||||
| or on a remote device where the sessions terminate. | ||||
| Some of the readable objects in this MIB module (i.e., objects | Some of the readable objects in this MIB module (i.e., objects | |||
| with a MAX-ACCESS other than not-accessible) may be considered | with a MAX-ACCESS other than not-accessible) may be considered | |||
| sensitive or vulnerable in some network environments. It is thus | sensitive or vulnerable in some network environments. It is thus | |||
| important to control even GET and/or NOTIFY access to these objects | important to control even GET and/or NOTIFY access to these objects | |||
| and possibly to even encrypt the values of these objects when sending | and possibly to even encrypt the values of these objects when sending | |||
| them over the network via SNMP. | them over the network via SNMP. These are the tables and objects and | |||
| their sensitivity/vulnerability: | ||||
| o The bfdSessPerfTable both allows access to the performance | ||||
| characteristics of BFD sessions. Network administrators not | ||||
| wishing to show this information should consider this | ||||
| table sensative. | ||||
| SNMP versions prior to SNMPv3 did not include adequate security. | SNMP versions prior to SNMPv3 did not include adequate security. | |||
| Even if the network itself is secure "for example by using IPSec", | Even if the network itself is secure "for example by using IPSec", | |||
| even then, there is no control as to who on the secure network is | even then, there is no control as to who on the secure network is | |||
| allowed to access and GET/SET "read/change/create/delete" the objects | allowed to access and GET/SET "read/change/create/delete" the objects | |||
| in these MIB modules. | in these MIB modules. | |||
| It is RECOMMENDED that implementers consider the security features | It is RECOMMENDED that implementers consider the security features | |||
| as provided by the SNMPv3 framework "see [RFC3410], section 8", | as provided by the SNMPv3 framework "see [RFC3410], section 8", | |||
| including full support for the SNMPv3 cryptographic mechanisms "for | including full support for the SNMPv3 cryptographic mechanisms "for | |||
| skipping to change at page 22, line 19 | skipping to change at page 22, line 14 | |||
| enable cryptographic security. It is then a customer/operator | enable cryptographic security. It is then a customer/operator | |||
| responsibility to ensure that the SNMP entity giving access to an | responsibility to ensure that the SNMP entity giving access to an | |||
| instance of this MIB module, is properly configured to give access to | instance of this MIB module, is properly configured to give access to | |||
| the objects only to those principals "users" that have legitimate | the objects only to those principals "users" that have legitimate | |||
| rights to indeed GET or SET "change/create/delete" them. | rights to indeed GET or SET "change/create/delete" them. | |||
| 7. Acknowledgements | 7. Acknowledgements | |||
| We would like to thank David Ward for his comments and suggestions. | We would like to thank David Ward for his comments and suggestions. | |||
| 8. Reference | 8. References | |||
| 8.1 Normative References | 8.1 Normative References | |||
| [BFD] Katz, D., and Ward, D., "Bidirectional Forwarding | [BFD] Katz, D., and Ward, D., "Bidirectional Forwarding | |||
| Detection", draft-ietf-bfd-base-02.txt. | Detection", draft-ietf-bfd-base-02.txt. | |||
| [BFD-SHARED] Bidirectional Forwarding Detection over Shared | [BFD-MH] Katz, D., and Ward, D., "BFD for Multihop Paths", | |||
| Interfaces, work in progress. | draft-ietf-bfd-multihop-03.txt. | |||
| [BFD-LSP] Aggarwal, R., Kompella, K., T. D. Nadeau, and G. Swallow | [BFD-LSP] Aggarwal, R., Kompella, K., T. D. Nadeau, and G. Swallow | |||
| BFD For MPLS LSPs, draft-ietf-bfd-mpls-01.txt. | BFD For MPLS LSPs, draft-ietf-bfd-mpls-02.txt. | |||
| [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., | ||||
| Rose, M. and S. Waldbusser, "Structure of Management | ||||
| Information Version 2 (SMIv2)", STD 58, RFC 2578, April | ||||
| 1999. | ||||
| [RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., | ||||
| Rose, M. and S. Waldbusser, "Textual Conventions for | ||||
| SMIv2", STD 58, RFC 2579, April 1999. | ||||
| [RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., | ||||
| Rose, M. and S. Waldbusser, "Conformance Statements for | ||||
| SMIv2", STD 58, RFC 2580, April 1999. | ||||
| [RFC3291] Daniele, M., Haberman, B., Routhier, S., and J. | ||||
| Schoenwaelder, "Textual Conventions for Internet | ||||
| Network Addresses", RFC 3291, May 2002. | ||||
| 8.2 Informative References | 8.2 Informative References | |||
| [RFC2119] Bradner, S., "Key Words for use in RFCs to Indicate | ||||
| Requirement Levels", RFC 2119, BCP 14, March 1997. | ||||
| [RFC3410] Case, J., Mundy, R., Partain, D. and B. Stewart, | [RFC3410] Case, J., Mundy, R., Partain, D. and B. Stewart, | |||
| "Introduction and Applicability Statements for | "Introduction and Applicability Statements for | |||
| Internet-Standard Management Framework", RFC 3410, | Internet-Standard Management Framework", RFC 3410, | |||
| December 2002. | December 2002. | |||
| [RFC3413] Levi, D., Meyer, P., Stewart, B., | [RFC3413] Levi, D., Meyer, P., Stewart, B., | |||
| "SNMP Applications", RFC 3413, December 2002. | "SNMP Applications", RFC 3413, December 2002. | |||
| [RFC2434] Narten, T. and H. Alvestrand., "Guidelines for Writing | [RFC2434] Narten, T. and H. Alvestrand., "Guidelines for Writing | |||
| an IANA Considerations Section in RFCs", BCP 26, RFC | an IANA Considerations Section in RFCs", BCP 26, RFC | |||
| End of changes. | ||||
This html diff was produced by rfcdiff 1.25, available from http://www.levkowetz.com/ietf/tools/rfcdiff/ | ||||