--- 1/draft-ietf-bfd-mib-20.txt 2014-05-30 09:14:26.757815005 -0700 +++ 2/draft-ietf-bfd-mib-21.txt 2014-05-30 09:14:26.829816774 -0700 @@ -1,20 +1,20 @@ Network Working Group T. Nadeau Internet-Draft Brocade Intended status: Standards Track Z. Ali Expires: November 10, 2014 N. Akiya Cisco Systems - May 9, 2014 + May 30, 2014 BFD Management Information Base - draft-ietf-bfd-mib-20 + draft-ietf-bfd-mib-21 Abstract This draft defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes managed objects for modeling Bidirectional Forwarding Detection (BFD) protocol. Requirements Language @@ -38,20 +38,22 @@ time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on November 10, 2014. Copyright Notice Copyright (c) 2014 IETF Trust and the persons identified as the document authors. All rights reserved. + BFD-STD-MIB May 30, 2014 + This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. @@ -86,32 +88,39 @@ This memo does not define a compliance requirement for a system that only implements BFD version 0. This is a reflection of a considered and deliberate decision by the BFD WG, because the BFD version 0 protocol is primarily of historical interest by comparison to the widespread deployment of the BFD version 1 protocol. 2. The Internet-Standard Management Framework For a detailed overview of the documents that describe the current + BFD-STD-MIB May 30, 2014 + Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580]. + As with all MIB modules, an attempt to SET or CREATE an object to a + value that is not supported by the implementation will result in a + failure using a return code that indicates that the value is not + supported. + 3. Terminology This document adopts the definitions, acronyms and mechanisms described in [RFC5880], [RFC5881], [RFC5883] and [RFC7130]. Unless otherwise stated, the mechanisms described therein will not be re- described here. 4. Brief Description of MIB Objects This section describes objects pertaining to BFD. The MIB objects @@ -128,20 +137,21 @@ The session table is used to identify a BFD session between a pair of nodes. 4.3. Session Performance Table (bfdSessionPerfTable) The session performance table is used for collecting BFD performance counters on a per session basis. This table is an AUGMENT to the bfdSessionTable. 4.4. BFD Session Discriminator Mapping Table (bfdSessDiscMapTable) + BFD-STD-MIB May 30, 2014 The BFD Session Discriminator Mapping Table provides a mapping between a local discriminator value to the associated BFD session found in the bfdSessionTable. 4.5. BFD Session IP Mapping Table (bfdSessIpMapTable) The BFD Session IP Mapping Table maps, given bfdSessInterface, bfdSessSrcAddrType, bfdSessSrcAddr, bfdSessDstAddrType, and bfdSessDstAddr, to an associated BFD session found in the @@ -176,20 +186,22 @@ IndexIntegerNextFree FROM DIFFSERV-MIB -- [RFC3289] BfdSessIndexTC, BfdIntervalTC, BfdMultiplierTC, BfdCtrlDestPortNumberTC, BfdCtrlSourcePortNumberTC FROM BFD-TC-STD-MIB IANAbfdDiagTC, IANAbfdSessTypeTC, IANAbfdSessOperModeTC, IANAbfdSessStateTC, IANAbfdSessAuthenticationTypeTC, IANAbfdSessAuthenticationKeyTC + BFD-STD-MIB May 30, 2014 + FROM IANA-BFD-TC-STD-MIB; bfdMIB MODULE-IDENTITY LAST-UPDATED "201405091200Z" -- 9 May 2014 12:00:00 EST ORGANIZATION "IETF Bidirectional Forwarding Detection Working Group" CONTACT-INFO "Thomas D. Nadeau Brocade Email: tnadeau@lucidvision.com @@ -224,20 +236,22 @@ bfdScalarObjects OBJECT IDENTIFIER ::= { bfdObjects 1 } -- BFD General Variables -- These parameters apply globally to the Systems' -- BFD Process. bfdAdminStatus OBJECT-TYPE SYNTAX INTEGER { + BFD-STD-MIB May 30, 2014 + enabled(1), disabled(2), adminDown(3), down(4) } MAX-ACCESS read-write STATUS current DESCRIPTION "The desired global administrative status of the BFD system in this device." @@ -272,20 +286,22 @@ emitted." REFERENCE "See also RFC3413 for explanation that notifications are under the ultimate control of the MIB modules in this document." DEFVAL { false } ::= { bfdScalarObjects 3 } bfdSessIndexNext OBJECT-TYPE SYNTAX IndexIntegerNextFree (0..4294967295) + BFD-STD-MIB May 30, 2014 + MAX-ACCESS read-only STATUS current DESCRIPTION "This object contains an unused value for bfdSessIndex that can be used when creating entries in the table. A zero indicates that no entries are available, but MUST NOT be used as a valid index. " ::= { bfdScalarObjects 4 } @@ -320,20 +336,22 @@ bfdSessDiscriminator Unsigned32, bfdSessRemoteDiscr Unsigned32, bfdSessDestinationUdpPort BfdCtrlDestPortNumberTC, bfdSessSourceUdpPort BfdCtrlSourcePortNumberTC, bfdSessEchoSourceUdpPort InetPortNumber, bfdSessAdminStatus INTEGER, bfdSessOperStatus INTEGER, bfdSessState IANAbfdSessStateTC, bfdSessRemoteHeardFlag TruthValue, bfdSessDiag IANAbfdDiagTC, + BFD-STD-MIB May 30, 2014 + bfdSessOperMode IANAbfdSessOperModeTC, bfdSessDemandModeDesiredFlag TruthValue, bfdSessControlPlaneIndepFlag TruthValue, bfdSessMultipointFlag TruthValue, bfdSessInterface InterfaceIndexOrZero, bfdSessSrcAddrType InetAddressType, bfdSessSrcAddr InetAddress, bfdSessDstAddrType InetAddressType, bfdSessDstAddr InetAddress, bfdSessGTSM TruthValue, @@ -368,20 +386,22 @@ SYNTAX Unsigned32 (0..7) MAX-ACCESS read-create STATUS current DESCRIPTION "The version number of the BFD protocol that this session is running in. Write access is available for this object to provide ability to set desired version for this BFD session." REFERENCE + BFD-STD-MIB May 30, 2014 + "Katz, D. and D. Ward, Bidirectional Forwarding Detection (BFD), RFC 5880, June 2012." DEFVAL { 1 } ::= { bfdSessEntry 2 } bfdSessType OBJECT-TYPE SYNTAX IANAbfdSessTypeTC MAX-ACCESS read-create STATUS current DESCRIPTION @@ -416,20 +436,22 @@ MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies the destination UDP port number used for this BFD session's control packets. The value may be zero(0) if the session is in adminDown(1) state." DEFVAL { 0 } ::= { bfdSessEntry 6 } bfdSessSourceUdpPort OBJECT-TYPE + BFD-STD-MIB May 30, 2014 + SYNTAX BfdCtrlSourcePortNumberTC MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies the source UDP port number used for this BFD session's control packets. The value may be zero(0) if the session is in adminDown(1) state. Upon creation of a new BFD session via this MIB, the value of zero(0) specified would permit the implementation to choose its own source port number." @@ -464,20 +486,22 @@ "Denotes the desired operational status of the BFD Session. A transition to enabled(1) will start the BFD state machine for the session. The state machine will have an initial state of down(2). A transition to disabled(2) will stop the BFD state machine for the session. The state machine may first transition to adminDown(1) prior to stopping. + BFD-STD-MIB May 30, 2014 + A transition to adminDown(3) will cause the BFD state machine to transition to adminDown(1), and will cause the session to remain in this state. A transition to down(4) will cause the BFD state machine to transition to down(2), and will cause the session to remain in this state. Care should be used in providing write access to this object without adequate authentication." @@ -512,20 +536,21 @@ MAX-ACCESS read-only STATUS current DESCRIPTION "This object specifies status of BFD packet reception from the remote system. Specifically, it is set to true(1) if the local system is actively receiving BFD packets from the remote system, and is set to false(2) if the local system has not received BFD packets recently (within the detection time) or if the local system is attempting to tear down the BFD session." + BFD-STD-MIB May 30, 2014 REFERENCE "Katz, D. and D. Ward, Bidirectional Forwarding Detection (BFD), RFC 5880, June 2012." ::= { bfdSessEntry 12 } bfdSessDiag OBJECT-TYPE SYNTAX IANAbfdDiagTC MAX-ACCESS read-only STATUS current @@ -560,20 +585,22 @@ SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates that the local system's ability to continue to function through a disruption of the control plane. Specifically, it is set to true(1) if the local system BFD implementation is independent of the control plane. Otherwise, the value is set to false(2)" + BFD-STD-MIB May 30, 2014 + DEFVAL { false } ::= { bfdSessEntry 16 } bfdSessMultipointFlag OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates the Multipoint (M) bit for this session. It is set to true(1) if Multipoint (M) bit is @@ -608,20 +635,22 @@ ::= { bfdSessEntry 19 } bfdSessSrcAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies the source IP address of this BFD session. The format of this object is controlled by the bfdSessSrcAddrType object." + BFD-STD-MIB May 30, 2014 + ::= { bfdSessEntry 20 } bfdSessDstAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies IP address type of the neighboring IP address which is being monitored with this BFD session. The value of unknown(0) is allowed only when the session is @@ -656,20 +685,22 @@ DEFVAL { true } ::= { bfdSessEntry 23 } bfdSessGTSMTTL OBJECT-TYPE SYNTAX Unsigned32 (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "This object is valid only when bfdSessGTSM protection is enabled on the system. This object indicates the minimum + BFD-STD-MIB May 30, 2014 + allowed TTL for received BFD control packets. For a singleHop(1) session, if GTSM protection is enabled, this object SHOULD be set to maximum TTL value allowed for single hop. By default, GTSM is enabled and TTL value is 255. For a multihop session, updating of maximum TTL value allowed is likely required." REFERENCE "RFC5082, The Generalized TTL Security Mechanism (GTSM). @@ -704,20 +735,22 @@ does not want the remote system to send any periodic BFD control packets." REFERENCE "Section 4.1 from Katz, D. and D. Ward, Bidirectional Forwarding Detection (BFD), RFC 5880, June 2012." ::= { bfdSessEntry 26 } bfdSessReqMinEchoRxInterval OBJECT-TYPE SYNTAX BfdIntervalTC MAX-ACCESS read-create + BFD-STD-MIB May 30, 2014 + STATUS current DESCRIPTION "This object specifies the minimum interval, in microseconds, between received BFD Echo packets that this system is capable of supporting. Value must be zero(0) if this is a multihop BFD session." ::= { bfdSessEntry 27 } bfdSessDetectMult OBJECT-TYPE SYNTAX BfdMultiplierTC @@ -752,20 +785,22 @@ SYNTAX BfdMultiplierTC MAX-ACCESS read-only STATUS current DESCRIPTION "This object specifies the Detect time multiplier." ::= { bfdSessEntry 31 } bfdSessAuthPresFlag OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create + BFD-STD-MIB May 30, 2014 + STATUS current DESCRIPTION "This object indicates that the local system's desire to use Authentication. Specifically, it is set to true(1) if the local system wishes the session to be authenticated or false(2) if not." REFERENCE "Sections 4.2 - 4.4 from Katz, D. and D. Ward, Bidirectional Forwarding Detection (BFD), RFC 5880, June 2012." @@ -800,20 +835,22 @@ DESCRIPTION "The authentication key ID in use for this session. This object permits multiple keys to be active simultaneously. The value -1 indicates that no Authentication Key ID will be present in the optional BFD Authentication Section." REFERENCE "Sections 4.2 - 4.4 from Katz, D. and D. Ward, Bidirectional Forwarding Detection (BFD), RFC 5880, June 2012." DEFVAL { -1 } + BFD-STD-MIB May 30, 2014 + ::= { bfdSessEntry 34 } bfdSessAuthenticationKey OBJECT-TYPE SYNTAX IANAbfdSessAuthenticationKeyTC MAX-ACCESS read-create STATUS current DESCRIPTION "The authentication key. When the bfdSessAuthenticationType is simplePassword(1), the value of this object is the password present in the BFD packets. @@ -848,20 +885,22 @@ delete a row in this table. When a row in this table has a row in the active(1) state, no objects in this row can be modified except the bfdSessRowStatus and bfdSessStorageType." ::= { bfdSessEntry 37 } -- BFD Session Performance Table bfdSessPerfTable OBJECT-TYPE SYNTAX SEQUENCE OF BfdSessPerfEntry + BFD-STD-MIB May 30, 2014 + MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table specifies BFD Session performance counters." ::= { bfdObjects 3 } bfdSessPerfEntry OBJECT-TYPE SYNTAX BfdSessPerfEntry MAX-ACCESS not-accessible STATUS current @@ -896,20 +935,22 @@ bfdSessPerfEchoPktOutHC Counter64, bfdSessPerfEchoPktDropHC Counter64 } bfdSessPerfCtrlPktIn OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of BFD control messages received for this + BFD-STD-MIB May 30, 2014 + BFD session. It MUST be equal to the least significant 32 bits of bfdSessPerfCtrlPktInHC if supported, and MUST do so with the rules spelled out in RFC 2863." ::= { bfdSessPerfEntry 1 } bfdSessPerfCtrlPktOut OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only @@ -944,20 +985,22 @@ "The value of sysUpTime on the most recent occasion at which received BFD control message for this session was dropped. If no such up event exists, this object contains a zero value." ::= { bfdSessPerfEntry 4 } bfdSessPerfEchoPktIn OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current + BFD-STD-MIB May 30, 2014 + DESCRIPTION "The total number of BFD echo messages received for this BFD session. It MUST be equal to the least significant 32 bits of bfdSessPerfEchoPktInHC if supported, and MUST do so with the rules spelled out in RFC 2863." ::= { bfdSessPerfEntry 5 } bfdSessPerfEchoPktOut OBJECT-TYPE @@ -992,20 +1035,22 @@ STATUS current DESCRIPTION "The value of sysUpTime on the most recent occasion at which received BFD echo message for this session was dropped. If no such up event has been issued, this object contains a zero value." ::= { bfdSessPerfEntry 8 } bfdSessUpTime OBJECT-TYPE SYNTAX TimeStamp + BFD-STD-MIB May 30, 2014 + MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime on the most recent occasion at which the session came up. If no such event has been issued, this object contains a zero value." ::= { bfdSessPerfEntry 9 } bfdSessPerfLastSessDownTime OBJECT-TYPE SYNTAX TimeStamp @@ -1040,20 +1085,22 @@ bfdSessPerfDiscTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime on the most recent occasion at which any one or more of the session counters suffered a discontinuity. The relevant counters are the specific instances associated + BFD-STD-MIB May 30, 2014 + with this BFD session of any Counter32 object contained in the BfdSessPerfTable. If no such discontinuities have occurred since the last re-initialization of the local management subsystem, then this object contains a zero value." ::= { bfdSessPerfEntry 13 } bfdSessPerfCtrlPktInHC OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only @@ -1088,20 +1135,22 @@ "This value represents the total number of BFD control messages received for this BFD session yet dropped for being invalid. The least significant 32 bits MUST equal to bfdSessPerfCtrlPktDrop, and MUST do so with the rules spelled out in RFC 2863." ::= { bfdSessPerfEntry 16 } bfdSessPerfEchoPktInHC OBJECT-TYPE + BFD-STD-MIB May 30, 2014 + SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "This value represents the total number of BFD echo messages received for this BFD session. The least significant 32 bits MUST equal to bfdSessPerfEchoPktIn, and MUST do so with the rules spelled out in RFC 2863." @@ -1136,20 +1185,22 @@ -- BFD Session Discriminator Mapping Table bfdSessDiscMapTable OBJECT-TYPE SYNTAX SEQUENCE OF BfdSessDiscMapEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The BFD Session Discriminator Mapping Table maps a local discriminator value to associated BFD session's + BFD-STD-MIB May 30, 2014 + bfdSessIndex found in the bfdSessionTable." ::= { bfdObjects 4 } bfdSessDiscMapEntry OBJECT-TYPE SYNTAX BfdSessDiscMapEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The BFD Session Discriminator Mapping Entry specifies a mapping between a local discriminator @@ -1183,20 +1234,22 @@ bfdSessDstAddrType and bfdSessDstAddr to an associated BFD session found in the bfdSessionTable." ::= { bfdObjects 5 } bfdSessIpMapEntry OBJECT-TYPE SYNTAX BfdSessIpMapEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION + BFD-STD-MIB May 30, 2014 + "The BFD Session IP Map Entry contains a mapping from the IP information for a session, to the session in the bfdSessionTable." INDEX { bfdSessInterface, bfdSessSrcAddrType, bfdSessSrcAddr, bfdSessDstAddrType, bfdSessDstAddr } @@ -1231,20 +1284,22 @@ state from some other state. The included values of bfdSessDiag MUST both be set equal to this new state (i.e: up(4)). The two instances of bfdSessDiag in this notification indicate the range of indexes that are affected. Note that all the indexes of the two ends of the range can be derived from the instance identifiers of these two objects. For the cases where a contiguous range of sessions have transitioned into the up(4) state at roughly the same time, the device SHOULD issue a single + BFD-STD-MIB May 30, 2014 + notification for each range of contiguous indexes in an effort to minimize the emission of a large number of notifications. If a notification has to be issued for just a single bfdSessEntry, then the instance identifier (and values) of the two bfdSessDiag objects MUST be the identical." ::= { bfdNotifications 1 } bfdSessDown NOTIFICATION-TYPE OBJECTS { @@ -1279,20 +1334,22 @@ bfdGroups OBJECT IDENTIFIER ::= { bfdConformance 1 } bfdCompliances OBJECT IDENTIFIER ::= { bfdConformance 2 } -- Compliance requirement for fully compliant implementations. bfdModuleFullCompliance MODULE-COMPLIANCE STATUS current + BFD-STD-MIB May 30, 2014 + DESCRIPTION "Compliance statement for agents that provide full support for the BFD-MIB module. Such devices can then be monitored and also be configured using this MIB module." MODULE -- This module. MANDATORY-GROUPS { bfdSessionGroup, @@ -1327,20 +1384,22 @@ OBJECT bfdSessDstAddr SYNTAX InetAddress (SIZE (0|4|16|20)) DESCRIPTION "An implementation is only required to support unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes." OBJECT bfdSessRowStatus SYNTAX RowStatus { active(1), notInService(2) } WRITE-SYNTAX RowStatus { active(1), notInService(2), createAndGo(4), destroy(6) } DESCRIPTION "Support for createAndWait and notReady is not + BFD-STD-MIB May 30, 2014 + required." ::= { bfdCompliances 1 } bfdModuleReadOnlyCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "Compliance requirement for implementations that only provide read-only support for BFD-MIB. Such devices can then be monitored but cannot be configured using @@ -1375,24 +1434,26 @@ MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT bfdSessSourceUdpPort MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT bfdSessEchoSourceUdpPort MIN-ACCESS read-only DESCRIPTION "Write access is not required." + BFD-STD-MIB May 30, 2014 OBJECT bfdSessAdminStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required." + OBJECT bfdSessOperMode MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT bfdSessDemandModeDesiredFlag MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT bfdSessControlPlaneIndepFlag MIN-ACCESS read-only @@ -1422,20 +1483,22 @@ OBJECT bfdSessDstAddrType SYNTAX InetAddressType { unknown(0), ipv4(1), ipv6(2), ipv6z(4) } MIN-ACCESS read-only DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4) support are required. ipv4z(3) is not required and dns(16) is not allowed." OBJECT bfdSessDstAddr + BFD-STD-MIB May 30, 2014 + SYNTAX InetAddress (SIZE (0|4|16|20)) MIN-ACCESS read-only DESCRIPTION "An implementation is only required to support unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes." OBJECT bfdSessGTSM MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT bfdSessGTSMTTL @@ -1470,20 +1533,21 @@ MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT bfdSessAuthenticationKey MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT bfdSessStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required." + BFD-STD-MIB May 30, 2014 OBJECT bfdSessRowStatus SYNTAX RowStatus { active(1) } MIN-ACCESS read-only DESCRIPTION "Write access is not required." ::= { bfdCompliances 2 } -- Units of conformance. bfdSessionGroup OBJECT-GROUP @@ -1518,20 +1582,22 @@ bfdSessAuthPresFlag, bfdSessAuthenticationType, bfdSessAuthenticationKeyID, bfdSessAuthenticationKey, bfdSessStorageType, bfdSessRowStatus } STATUS current DESCRIPTION "Collection of objects needed for BFD sessions." + BFD-STD-MIB May 30, 2014 + ::= { bfdGroups 1 } bfdSessionReadOnlyGroup OBJECT-GROUP OBJECTS { bfdSessRemoteDiscr, bfdSessState, bfdSessRemoteHeardFlag, bfdSessDiag, bfdSessNegotiatedInterval, bfdSessNegotiatedEchoInterval, @@ -1566,20 +1632,22 @@ performance of BFD sessions." ::= { bfdGroups 3 } bfdSessionPerfHCGroup OBJECT-GROUP OBJECTS { bfdSessPerfCtrlPktInHC, bfdSessPerfCtrlPktOutHC, bfdSessPerfCtrlPktDropHC, bfdSessPerfEchoPktInHC, bfdSessPerfEchoPktOutHC, + BFD-STD-MIB May 30, 2014 + bfdSessPerfEchoPktDropHC } STATUS current DESCRIPTION "Collection of objects needed to monitor the performance of BFD sessions for which the values of bfdSessPerfPktIn, bfdSessPerfPktOut wrap around too quickly." ::= { bfdGroups 4 } @@ -1614,20 +1682,22 @@ environment without proper protection can have a negative effect on network operations. These are the tables and objects and their sensitivity/vulnerability: o bfdAdminStatus - Improper change of bfdAdminStatus, to disabled(2), adminDown(3) or down(4), can cause significant disruption of the connectivity to those portions of the Internet reached via all the applicable remote BFD peers. o bfdSessAdminStatus - Improper change of bfdSessAdminStatus, to + BFD-STD-MIB May 30, 2014 + disabled(2), adminDown(3) or down(4), can cause significant disruption of the connectivity to those portions of the Internet reached via all the applicable remote BFD peers. o bfdSessDesiredMinTxInterval, bfdSessReqMinRxInterval, bfdSessReqMinEchoRxInterval, bfdSessDetectMult - Improper change of this object can cause connections to be disrupted for extremely long time periods when otherwise they would be restored in a relatively short period of time. @@ -1662,20 +1732,22 @@ objects may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. o The bfdSessTable may be used to directly configure BFD sessions. The bfdSessMapTable can be used indirectly in the same way. Unauthorized access to objects in this table could result in disruption of traffic on the network. This is especially true if an unauthorized user configures enough tables to invoke a denial + BFD-STD-MIB May 30, 2014 + of service attack on the device where they are configured, or on a remote device where the sessions terminate. Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. These are the tables and objects and their sensitivity/vulnerability: @@ -1710,20 +1782,22 @@ instance of this MIB module, is properly configured to give access to the objects only to those principals "users" that have legitimate rights to indeed GET or SET "change/create/delete" them. 7. IANA Considerations The MIB module in this document uses the following IANA-assigned OBJECT IDENTIFIER values recorded in the SMI Numbers registry: Descriptor OBJECT IDENTIFIER value + BFD-STD-MIB May 30, 2014 + ---------- ----------------------- bfdMib { mib-2 XXX } [RFC-Editor's Note (to be removed prior to publication): the IANA is requested to assign a value for "XXX" under the 'mib-2' subtree and to record the assignment in the SMI Numbers registry. When the assignment has been made, the RFC Editor is asked to replace "XXX" (here and in the MIB module) with the assigned value and to remove this note.] @@ -1758,34 +1832,36 @@ [RFC5082] Gill, V., Heasley, J., Meyer, D., Savola, P., and C. Pignataro, "The Generalized TTL Security Mechanism (GTSM)", RFC 5082, October 2007. [RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection (BFD)", RFC 5880, June 2010. [RFC5881] Katz, D. and D. Ward, "Bidirectional Forwarding Detection (BFD) for IPv4 and IPv6 (Single Hop)", RFC 5881, June + BFD-STD-MIB May 30, 2014 + 2010. [RFC5883] Katz, D. and D. Ward, "Bidirectional Forwarding Detection (BFD) for Multihop Paths", RFC 5883, June 2010. [RFC7130] Bhatia, M., Chen, M., Boutros, S., Binderberger, M., and J. Haas, "Bidirectional Forwarding Detection (BFD) on Link Aggregation Group (LAG) Interfaces", RFC 7130, February 2014. [I-D.ietf-bfd-tc-mib] Nadeau, T., Ali, Z., and N. Akiya, "Definitions of Textual Conventions (TCs) for Bidirectional Forwarding Detection - (BFD) Management", draft-ietf-bfd-tc-mib-07 (work in + (BFD) Management", draft-ietf-bfd-tc-mib-08 (work in progress), April 2014. 9.2. Informative References [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet- Standard Management Framework", RFC 3410, December 2002. [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group MIB", RFC 2863, June 2000. @@ -1804,13 +1880,15 @@ Brocade EMail: tnadeau@lucidvision.com Zafar Ali Cisco Systems EMail: zali@cisco.com Nobo Akiya + BFD-STD-MIB May 30, 2014 + Cisco Systems EMail: nobo@cisco.com