--- 1/draft-ietf-idr-bgp4-mib-12.txt 2006-02-04 23:30:50.000000000 +0100 +++ 2/draft-ietf-idr-bgp4-mib-13.txt 2006-02-04 23:30:50.000000000 +0100 @@ -1,20 +1,20 @@ Network Working Group Editors of this version: INTERNET DRAFT J. Haas S. Hares NextHop Technologies - September 2003 + October 2003 Definitions of Managed Objects for the Fourth Version of Border Gateway Protocol (BGP-4) - + Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC 2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. @@ -29,26 +29,28 @@ The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Copyright Notice Copyright (C) The Internet Society (2003). All Rights Reserved. Abstract - This memo is an extension to the SNMP MIB. The origin of this memo - is from RFC 1269 "Definitions of Managed Objects for the Border - Gateway Protocol (Version 3)", which was updated to support BGP-4 in - RFC 1657. This memo fixes errors introduced when the MIB was - converted to use the SNMPv2 SMI, as well as updates references to the - current SNMP framework documents. + This memo is an extension to the SNMP MIB. It obsoletes RFC 1657 and + RFC 1269. + + The origin of this memo is from RFC 1269 "Definitions of Managed + Objects for the Border Gateway Protocol (Version 3)", which was + updated to support BGP-4 in RFC 1657. This memo fixes errors + introduced when the MIB was converted to use the SNMPv2 SMI, as well + as updates references to the current SNMP framework documents. This memo is intended to document deployed implementations of this MIB in a historical context, provide clarifications of some items and also note errors where the MIB fails to fully represent the BGP protocol. Work is currently in progress to replace this MIB with a new one representing the current state of the BGP protocol and its extensions. Distribution of this memo is unlimited. Please forward comments to idr@ietf.org. @@ -67,20 +69,22 @@ 10. Editors' Address ............................................. 35 11. Full Copyright Statement ..................................... 35 1. Introduction This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes managed objects used for managing the Border Gateway Protocol Version 4 or lower [BGP, BGP4APP]. + This memo obsoletes RFC 1657 and RFC 1269. + 2. The Internet-Standard Management Framework For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the @@ -109,21 +113,21 @@ BGP4-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, IpAddress, Integer32, Counter32, Gauge32, mib-2 FROM SNMPv2-SMI MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP FROM SNMPv2-CONF; bgp MODULE-IDENTITY - LAST-UPDATED "200309050000Z" + LAST-UPDATED "200310090000Z" ORGANIZATION "IETF IDR Working Group" CONTACT-INFO "E-mail: idr@ietf.org Jeffrey Haas, Susan Hares (Editors) NextHop Technologies 825 Victors Way Suite 100 Ann Arbor, MI 48108-2738 Tel: +1 734 222-1600 Fax: +1 734 222-1602 @@ -132,21 +136,21 @@ DESCRIPTION "The MIB module for the BGP-4 protocol. Copyright (C) The Internet Society (2003). This version of this MIB module is part of RFC yyyy; see the RFC itself for full legal notices." -- RFC Ed.: replace yyyy with actual RFC number & remove this note - REVISION "200309050000Z" + REVISION "200310090000Z" DESCRIPTION "Changes from RFC 1657: 1) Fixed the definitions of the traps to make them equivalent to their initial definition in RFC 1269. 2) Added compliance and conformance info. 3) Updated information for the values of bgpPeerNegotiatedVersion, bgp4PathAttrLocalPref, bgp4PathAttrCalcLocalPref, bgp4PathAttrMultiExitDisc, @@ -155,21 +159,33 @@ needed. 5) Noted where objects do not fully reflect the protocol as Known Issues. 6) Updated the DESCRIPTION for the bgp4PathAttrAtomicAggregate object. 7) The following objects have had their DESCRIPTION clause modified to remove the requirement to reset the counter to zero on a transition to the established state: bgpPeerInUpdates, bgpPeerOutUpdates, - bgpPeerInTotalMessages, bgpPeerOutTotalMessages" + bgpPeerInTotalMessages, bgpPeerOutTotalMessages + + Published as RFC yyyy." +-- RFC Ed.: replace yyyy with actual RFC number & remove this note + + REVISION "199405050000Z" + DESCRIPTION + "Translated to SMIv2 and published as RFC 1657." + + REVISION "199110261839Z" + DESCRIPTION + "Initial version, published as RFC 1269." + ::= { mib-2 15 } bgpVersion OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "Vector of supported BGP protocol version numbers. Each peer negotiates the version from this vector. Versions are identified @@ -294,28 +309,28 @@ bgpPeerAdminStatus OBJECT-TYPE SYNTAX INTEGER { stop(1), start(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "The desired state of the BGP connection. - A transition from 'stop' to 'start' will - cause the BGP Start Event to be generated. - A transition from 'start' to 'stop' will - cause the BGP Stop Event to be generated. - This parameter can be used to restart BGP - peer connections. Care should be used in - providing write access to this object - without adequate authentication." + A transition from 'stop' to 'start' will cause + the BGP Manual Start Event to be generated. + A transition from 'start' to 'stop' will cause + the BGP Manual Stop Event to be generated. + This parameter can be used to restart BGP peer + connections. Care should be used in providing + write access to this object without adequate + authentication." ::= { bgpPeerEntry 3 } bgpPeerNegotiatedVersion OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The negotiated version of BGP running between the two peers. @@ -576,38 +592,38 @@ SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The BGP Identifier of local system." ::= { bgp 4 } -- BGP Received Path Attribute Table. This table contains, -- one entry per path to a network, path attributes -- received from all peers running BGP version 3 or less. - -- This table is deprecated, having been replaced in + -- This table is obsolete, having been replaced in -- functionality with the bgp4PathAttrTable. bgpRcvdPathAttrTable OBJECT-TYPE SYNTAX SEQUENCE OF BgpPathAttrEntry MAX-ACCESS not-accessible - STATUS deprecated + STATUS obsolete DESCRIPTION "The BGP Received Path Attribute Table contains information about paths to destination networks received from all peers running BGP version 3 or less." ::= { bgp 5 } bgpPathAttrEntry OBJECT-TYPE SYNTAX BgpPathAttrEntry MAX-ACCESS not-accessible - STATUS deprecated + STATUS obsolete DESCRIPTION "Information about a path to a network." INDEX { bgpPathAttrDestNetwork, bgpPathAttrPeer } ::= { bgpRcvdPathAttrTable 1 } BgpPathAttrEntry ::= SEQUENCE { bgpPathAttrPeer IpAddress, bgpPathAttrDestNetwork @@ -618,33 +634,33 @@ OCTET STRING, bgpPathAttrNextHop IpAddress, bgpPathAttrInterASMetric Integer32 } bgpPathAttrPeer OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only - STATUS deprecated + STATUS obsolete DESCRIPTION "The IP address of the peer where the path information was learned." ::= { bgpPathAttrEntry 1 } - bgpPathAttrDestNetwork OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only - STATUS deprecated + STATUS obsolete DESCRIPTION "The address of the destination network." ::= { bgpPathAttrEntry 2 } + bgpPathAttrOrigin OBJECT-TYPE SYNTAX INTEGER { igp(1),-- networks are interior egp(2),-- networks learned via the -- EGP protocol incomplete(3) -- networks that -- are learned by some other -- means } MAX-ACCESS read-only @@ -641,54 +657,54 @@ bgpPathAttrOrigin OBJECT-TYPE SYNTAX INTEGER { igp(1),-- networks are interior egp(2),-- networks learned via the -- EGP protocol incomplete(3) -- networks that -- are learned by some other -- means } MAX-ACCESS read-only - STATUS deprecated + STATUS obsolete DESCRIPTION "The ultimate origin of the path information." ::= { bgpPathAttrEntry 3 } bgpPathAttrASPath OBJECT-TYPE SYNTAX OCTET STRING (SIZE (2..255)) MAX-ACCESS read-only - STATUS deprecated + STATUS obsolete DESCRIPTION "The set of ASs that must be traversed to reach the network. This object is probably best represented as SEQUENCE OF INTEGER. For SMI compatibility, though, it is represented as OCTET STRING. Each AS is represented as a pair of octets according to the following algorithm: first-byte-of-pair = ASNumber / 256; second-byte-of-pair = ASNumber & 255;" ::= { bgpPathAttrEntry 4 } bgpPathAttrNextHop OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only - STATUS deprecated + STATUS obsolete DESCRIPTION "The address of the border router that should be used for the destination network." ::= { bgpPathAttrEntry 5 } bgpPathAttrInterASMetric OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only - STATUS deprecated + STATUS obsolete DESCRIPTION "The optional inter-AS metric. If this attribute has not been provided for this route, the value for this object is 0." ::= { bgpPathAttrEntry 6 } -- BGP-4 Received Path Attribute Table. This table -- contains, one entry per path to a network, path -- attributes received from all peers running BGP-4. @@ -1073,32 +1086,40 @@ "Implementation of BGP Notifications are completely optional in this MIB." ::= { bgp4MIBCompliances 1 } bgp4MIBDeprecatedCompliances MODULE-COMPLIANCE STATUS deprecated DESCRIPTION "The compliance statement documenting deprecated objects in the BGP4 mib." MODULE -- this module - GROUP bgp4MIBRcvdPathAttrGroup - DESCRIPTION - "Group containing objects relevant to BGP-3 - and earlier objects." GROUP bgp4MIBTrapGroup DESCRIPTION "Group containing TRAP objects that were improperly converted from SMIv1 in RFC 1657. The proper semantics have been restored with the objects in bgp4MIBNotificationGroup." ::= { bgp4MIBCompliances 2 } + bgp4MIBObsoleteCompliances MODULE-COMPLIANCE + STATUS obsolete + DESCRIPTION + "The compliance statement documenting obsolete + objects in the BGP4 mib." + MODULE -- this module + GROUP bgpRcvdPathAttrGroup + DESCRIPTION + "Group containing objects relevant to BGP-3 + and earlier objects." + ::= { bgp4MIBCompliances 3 } + -- Units of conformance bgp4MIBGlobalsGroup OBJECT-GROUP OBJECTS { bgpVersion, bgpLocalAs, bgpIdentifier } STATUS current DESCRIPTION "A collection of objects providing information on global BGP state." @@ -1128,33 +1149,33 @@ bgpPeerKeepAliveConfigured, bgpPeerMinASOriginationInterval, bgpPeerMinRouteAdvertisementInterval, bgpPeerInUpdateElapsedTime } STATUS current DESCRIPTION "A collection of objects for managing BGP peers." ::= { bgp4MIBGroups 2 } - bgp4MIBRcvdPathAttrGroup OBJECT-GROUP + bgpRcvdPathAttrGroup OBJECT-GROUP OBJECTS { bgpPathAttrPeer, bgpPathAttrDestNetwork, bgpPathAttrOrigin, bgpPathAttrASPath, bgpPathAttrNextHop, bgpPathAttrInterASMetric } - STATUS deprecated + STATUS obsolete DESCRIPTION "A collection of objects for managing BGP-3 and earlier path entries. - This conformance group is deprecated." + This conformance group, like BGP-3, is obsolete." ::= { bgp4MIBGroups 3 } bgp4MIBPathAttrGroup OBJECT-GROUP OBJECTS { bgp4PathAttrPeer, bgp4PathAttrIpAddrPrefixLen, bgp4PathAttrIpAddrPrefix, bgp4PathAttrOrigin, bgp4PathAttrASPathSegment, bgp4PathAttrNextHop, bgp4PathAttrMultiExitDisc, @@ -1182,21 +1204,21 @@ ::= { bgp4MIBGroups 5 } bgp4MIBNotificationGroup NOTIFICATION-GROUP NOTIFICATIONS { bgpEstablishedNotification, bgpBackwardTransNotification } STATUS current DESCRIPTION "A collection of notifications for signaling changes in BGP peer relationships. - Obsoletes bgp4MIBNotificationGroup." + Obsoletes bgp4MIBTrapGroup." ::= { bgp4MIBGroups 6 } END 5. Intellectual Property The IETF takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights @@ -1222,40 +1244,40 @@ such, improper manipulation of the objects represented by this MIB may result in denial of service to a large number of end-users. There are several management objects defined in this MIB that have a MAX-ACCESS clause of read-write and/or read-create. Such objects should be considered sensitive or vulnerable in most network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. These objects include: - o bgpPeerAdminStatus + +o bgpPeerAdminStatus Improper change of bgpPeerAdminStatus from start to stop can cause significant disruption of the connectivity to those portions of the Internet reached via the applicable remote BGP peer. - o bgpPeerConnectRetryInterval + +o bgpPeerConnectRetryInterval Improper change of this object can cause connections to be disrupted for extremely long time periods when otherwise they would be restored in a relatively short period of time. - o bgpPeerHoldTimeConfigured, bgpPeerKeepAliveConfigured + +o bgpPeerHoldTimeConfigured, bgpPeerKeepAliveConfigured Misconfiguration of these objects can make BGP sessions more fragile and less resilient to denial of service attacks on the inter-domain routing system. - o bgpPeerMinASOriginationInterval, + +o bgpPeerMinASOriginationInterval, bgpPeerMinRouteAdvertisementInterval Misconfiguration of these objects may adversely affect global Internet convergence of the routes advertised by this BGP speaker. This may result in long-lived routing loops and blackholes for the portions of the Internet that utilize these routes." There are a number of managed objects in this MIB that contain sensitive information regarding the operation of a network.