--- 1/draft-ietf-bfd-mib-19.txt 2014-05-11 12:14:18.721220839 -0700 +++ 2/draft-ietf-bfd-mib-20.txt 2014-05-11 12:14:18.793222670 -0700 @@ -1,20 +1,20 @@ Network Working Group T. Nadeau Internet-Draft Brocade Intended status: Standards Track Z. Ali -Expires: October 31, 2014 N. Akiya +Expires: November 10, 2014 N. Akiya Cisco Systems - April 29, 2014 + May 9, 2014 BFD Management Information Base - draft-ietf-bfd-mib-19 + draft-ietf-bfd-mib-20 Abstract This draft defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes managed objects for modeling Bidirectional Forwarding Detection (BFD) protocol. Requirements Language @@ -31,21 +31,21 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on October 31, 2014. + This Internet-Draft will expire on November 10, 2014. Copyright Notice Copyright (c) 2014 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents @@ -179,42 +179,42 @@ BfdSessIndexTC, BfdIntervalTC, BfdMultiplierTC, BfdCtrlDestPortNumberTC, BfdCtrlSourcePortNumberTC FROM BFD-TC-STD-MIB IANAbfdDiagTC, IANAbfdSessTypeTC, IANAbfdSessOperModeTC, IANAbfdSessStateTC, IANAbfdSessAuthenticationTypeTC, IANAbfdSessAuthenticationKeyTC FROM IANA-BFD-TC-STD-MIB; bfdMIB MODULE-IDENTITY - LAST-UPDATED "201404131200Z" -- 13 April 2014 12:00:00 EST + LAST-UPDATED "201405091200Z" -- 9 May 2014 12:00:00 EST ORGANIZATION "IETF Bidirectional Forwarding Detection Working Group" CONTACT-INFO "Thomas D. Nadeau Brocade Email: tnadeau@lucidvision.com Zafar Ali Cisco Systems, Inc. Email: zali@cisco.com Nobo Akiya Cisco Systems, Inc. Email: nobo@cisco.com Comments about this document should be emailed directly to the BFD working group mailing list at rtg-bfd@ietf.org" DESCRIPTION "Bidirectional Forwarding Management Information Base." - REVISION "201404131200Z" -- 13 April 2014 12:00:00 EST + REVISION "201405091200Z" -- 9 May 2014 12:00:00 EST DESCRIPTION "Initial version. Published as RFC xxxx." -- RFC Ed.: RFC-editor pls fill in xxxx ::= { mib-2 XXX } -- RFC Ed.: assigned by IANA, see section 7.1 for details -- Top level components of this MIB module. bfdNotifications OBJECT IDENTIFIER ::= { bfdMIB 0 } @@ -225,21 +225,23 @@ bfdScalarObjects OBJECT IDENTIFIER ::= { bfdObjects 1 } -- BFD General Variables -- These parameters apply globally to the Systems' -- BFD Process. bfdAdminStatus OBJECT-TYPE SYNTAX INTEGER { enabled(1), - disabled(2) + disabled(2), + adminDown(3), + down(4) } MAX-ACCESS read-write STATUS current DESCRIPTION "The desired global administrative status of the BFD system in this device." ::= { bfdScalarObjects 1 } bfdOperStatus OBJECT-TYPE SYNTAX INTEGER { @@ -444,32 +447,44 @@ session is in adminDown(1) state. Upon creation of a new BFD session via this MIB, the value of zero(0) would permit the implementation to choose its own source port number." DEFVAL { 0 } ::= { bfdSessEntry 8 } bfdSessAdminStatus OBJECT-TYPE SYNTAX INTEGER { enabled(1), - disabled(2) + disabled(2), + adminDown(3), + down(4) } MAX-ACCESS read-create STATUS current DESCRIPTION "Denotes the desired operational status of the BFD Session. - A transition from disabled(2) to enabled(1) will start - the BFD state machine for the session. The state - machine will have an initial state of down(2). - A transition from enabled(1) to disabled(2) will cause - the BFD session to be brought down to adminDown(1). + A transition to enabled(1) will start the BFD state machine + for the session. The state machine will have an initial + state of down(2). + + A transition to disabled(2) will stop the BFD state machine + for the session. The state machine may first transition to + adminDown(1) prior to stopping. + + A transition to adminDown(3) will cause the BFD state + machine to transition to adminDown(1), and will cause the + session to remain in this state. + + A transition to down(4) will cause the BFD state machine + to transition to down(2), and will cause the session to + remain in this state. Care should be used in providing write access to this object without adequate authentication." ::= { bfdSessEntry 9 } bfdSessOperStatus OBJECT-TYPE SYNTAX INTEGER { up(1), down(2), adminDown(3) @@ -576,63 +591,62 @@ value can be zero if there is no interface associated with this BFD session." ::= { bfdSessEntry 18 } bfdSessSrcAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies IP address type of the source IP - address of this BFD session. Only values unknown(0), - ipv4(1), ipv6(2), or ipv6z(4) have to be supported. - The value of unknown(0) is allowed only when the session - is singleHop(1) and the source IP address of this BFD - session is derived from the outgoing interface, or when - the BFD session is not associated with a specific - interface. If any other unsupported values are attempted - in a set operation, the agent MUST return an - inconsistentValue error." + address of this BFD session. The value of unknown(0) is + allowed only when the session is singleHop(1) and the + source IP address of this BFD session is derived from + the outgoing interface, or when the BFD session is not + associated with a specific interface. If any other + unsupported values are attempted in a set operation, the + agent MUST return an inconsistentValue error." ::= { bfdSessEntry 19 } bfdSessSrcAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies the source IP address of this BFD - session." + session. The format of this object is controlled by the + bfdSessSrcAddrType object." ::= { bfdSessEntry 20 } bfdSessDstAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies IP address type of the neighboring IP address which is being monitored with this BFD session. - Only values unknown(0), ipv4(1), ipv6(2), or ipv6z(4) - have to be supported. The value of unknown(0) is allowed - only when the session is singleHop(1) and the outgoing - interface is of type point-to-point, or when the BFD - session is not associated with a specific interface. If any - other unsupported values are attempted in a set operation, - the agent MUST return an inconsistentValue error." + The value of unknown(0) is allowed only when the session is + singleHop(1) and the outgoing interface is of type + point-to-point, or when the BFD session is not associated + with a specific interface. If any other unsupported values + are attempted in a set operation, the agent MUST return an + inconsistentValue error." ::= { bfdSessEntry 21 } bfdSessDstAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies the neighboring IP address which is - being monitored with this BFD session." + being monitored with this BFD session. The format of this + object is controlled by the bfdSessDstAddrType object." ::= { bfdSessEntry 22 } bfdSessGTSM OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "Setting the value of this object to false(2) will disable GTSM protection of the BFD session. GTSM MUST be enabled on a singleHop(1) session if no authentication is in use." @@ -1288,32 +1302,34 @@ } GROUP bfdSessionPerfHCGroup DESCRIPTION "This group is mandatory for all systems that are able to support the Counter64 date type." OBJECT bfdSessSrcAddrType SYNTAX InetAddressType { unknown(0), ipv4(1), ipv6(2), ipv6z(4) } DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4) - support are required." + support are required. ipv4z(3) is not required + and dns(16) is not allowed." OBJECT bfdSessSrcAddr SYNTAX InetAddress (SIZE (0|4|16|20)) DESCRIPTION "An implementation is only required to support unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes." OBJECT bfdSessDstAddrType SYNTAX InetAddressType { unknown(0), ipv4(1), ipv6(2), ipv6z(4) } DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4) - support are required." + support are required. ipv4z(3) is not required + and dns(16) is not allowed." OBJECT bfdSessDstAddr SYNTAX InetAddress (SIZE (0|4|16|20)) DESCRIPTION "An implementation is only required to support unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes." OBJECT bfdSessRowStatus SYNTAX RowStatus { active(1), notInService(2) } WRITE-SYNTAX RowStatus { active(1), notInService(2), createAndGo(4), destroy(6) } @@ -1389,34 +1404,36 @@ OBJECT bfdSessInterface MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT bfdSessSrcAddrType SYNTAX InetAddressType { unknown(0), ipv4(1), ipv6(2), ipv6z(4) } MIN-ACCESS read-only DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4) - support are required." + support are required. ipv4z(3) is not required + and dns(16) is not allowed." OBJECT bfdSessSrcAddr SYNTAX InetAddress (SIZE (0|4|16|20)) MIN-ACCESS read-only DESCRIPTION "An implementation is only required to support unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes." OBJECT bfdSessDstAddrType SYNTAX InetAddressType { unknown(0), ipv4(1), ipv6(2), ipv6z(4) } MIN-ACCESS read-only DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4) - support are required." + support are required. ipv4z(3) is not required + and dns(16) is not allowed." OBJECT bfdSessDstAddr SYNTAX InetAddress (SIZE (0|4|16|20)) MIN-ACCESS read-only DESCRIPTION "An implementation is only required to support unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes." OBJECT bfdSessGTSM MIN-ACCESS read-only DESCRIPTION "Write access is not required." @@ -1592,39 +1608,29 @@ users. There are a number of management objects defined in this MIB module with a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. These are the tables and objects and their sensitivity/vulnerability: - o bfdAdminStatus - Improper change of bfdAdminStatus, from - enabled(1) to disabled(2), can cause significant disruption of the - connectivity to those portions of the Internet reached via all the - applicable remote BFD peers. - - o bfdOperStatus - Improper change of bfdOperStatus, from up(1) to - down(2) or up(1) to adminDown(3), can cause significant disruption - of the connectivity to those portions of the Internet reached via - all the applicable remote BFD peers. - - o bfdSessAdminStatus - Improper change of bfdSessAdminStatus, from - enabled(1) to disabled(2), can cause significant disruption of the - connectivity to those portions of the Internet reached via the - applicable remote BFD peer. + o bfdAdminStatus - Improper change of bfdAdminStatus, to + disabled(2), adminDown(3) or down(4), can cause significant + disruption of the connectivity to those portions of the Internet + reached via all the applicable remote BFD peers. - o bfdSessOperStatus - Improper change of bfdSessOperStatus, from - up(1) to down(2) or up(1) to adminDown(3), can cause significant + o bfdSessAdminStatus - Improper change of bfdSessAdminStatus, to + disabled(2), adminDown(3) or down(4), can cause significant disruption of the connectivity to those portions of the Internet - reached via the applicable remote BFD peer. + reached via all the applicable remote BFD peers. o bfdSessDesiredMinTxInterval, bfdSessReqMinRxInterval, bfdSessReqMinEchoRxInterval, bfdSessDetectMult - Improper change of this object can cause connections to be disrupted for extremely long time periods when otherwise they would be restored in a relatively short period of time. o Some management objects define the BFD session whilst other management objects define the parameter of the BFD session. It is particularly important to control the support for SET access to @@ -1721,21 +1727,22 @@ assignment has been made, the RFC Editor is asked to replace "XXX" (here and in the MIB module) with the assigned value and to remove this note.] 8. Acknowledgments Authors would like to thank Adrian Farrel and Jeffrey Haas for performing thorough reviews and providing number of suggestions. Authors would also like to thank David Ward, Reshad Rahman, David Toscano, Sylvain Masse, Mark Tooker, Kiran Koushik Agrahara - Sreenivasa and David Black for their comments and suggestions. + Sreenivasa, David Black and Bert Wijnen for their comments and + suggestions. 9. References 9.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Structure of Management Information @@ -1764,21 +1771,21 @@ (BFD) for Multihop Paths", RFC 5883, June 2010. [RFC7130] Bhatia, M., Chen, M., Boutros, S., Binderberger, M., and J. Haas, "Bidirectional Forwarding Detection (BFD) on Link Aggregation Group (LAG) Interfaces", RFC 7130, February 2014. [I-D.ietf-bfd-tc-mib] Nadeau, T., Ali, Z., and N. Akiya, "Definitions of Textual Conventions (TCs) for Bidirectional Forwarding Detection - (BFD) Management", draft-ietf-bfd-tc-mib-05 (work in + (BFD) Management", draft-ietf-bfd-tc-mib-07 (work in progress), April 2014. 9.2. Informative References [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet- Standard Management Framework", RFC 3410, December 2002. [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group MIB", RFC 2863, June 2000.