--- 1/draft-ietf-mpls-lsr-mib-11.txt 2006-02-05 00:41:36.000000000 +0100 +++ 2/draft-ietf-mpls-lsr-mib-12.txt 2006-02-05 00:41:37.000000000 +0100 @@ -1,26 +1,26 @@ Network Working Group Cheenu Srinivasan -Internet Draft Parama Networks, Inc. -Expires: December 2003 +Internet Draft Bloomberg L.P. +Expires: March 2004 Arun Viswanathan Force10 Networks, Inc. Thomas D. Nadeau Cisco Systems, Inc. - June 2003 + August 2003 Multiprotocol Label Switching (MPLS) Label Switching Router (LSR) Management Information Base - draft-ietf-mpls-lsr-mib-11.txt + draft-ietf-mpls-lsr-mib-12.txt Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC 2026. Internet-Drafts are working documents of the In ternet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. @@ -54,36 +54,38 @@ 4. Outline ..................................................3 4.1 Summary of LSR MIB Module ................................3 5. Brief Description of MIB Module Objects ..................4 5.1. mplsInterfaceTable .......................................4 5.2. mplsInterfacePerfTable ...................................4 5.3. mplsInSegmentTable .......................................4 5.4. mplsInSegmentPerfTable ...................................5 5.5. mplsOutSegmentTable ......................................5 5.6. mplsOutSegmentPerfTable ..................................5 5.7. mplsXCTable ..............................................5 - 5.8. mplsLabelStackTable ......................................5 + 5.8. mplsLabelStackTable ......................................6 5.9 mplsInSegmentMapTable ....................................6 6. Use of 32-bit and 64-bit Counters ........................6 7. Example of LSP Setup .....................................6 8. Application of the Interface Group to MPLS ...............8 8.1. Support of the MPLS Layer by ifTable .....................8 9. The Use of RowPointer ....................................10 10. MPLS Label Switching Router MIB Module Definitions .......10 11. Security Considerations ..................................52 - 12. Acknowledgments ..........................................53 - 13. References ...............................................53 - 13.1. Normative References ....................................53 - 13.2. Informative References ..................................54 - 14. Authors' Addresses .........................................55 - 15. Full Copyright Statement ...................................55 - 16. Intellectual Property Notice ...............................56 + 12. Acknowledgments ..........................................54 + 13. IANA Considerations ......................................54 + 13.1. IANA Considerations for MPLS-LSR-STD-MIB ................54 + 14. References ...............................................54 + 14.1. Normative References ....................................54 + 14.2. Informative References ..................................56 + 15. Authors' Addresses .........................................56 + 16. Full Copyright Statement ...................................56 + 17. Intellectual Property Notice ...............................57 1. Introduction This memo defines an portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes managed objects for modeling a Multi-Protocol Label Switching (MPLS) [RFC3031] Label Switching Router (LSR). Comments should be made directly to the MPLS mailing list at @@ -312,25 +315,25 @@ operation. A subsequent retrieval operation on the conceptual row will return a different value, such as active(1). Please see [RFC2579] for a detailed discussion on the use of RowStatus. We first create a cross-connect entry that associates the desired segments together. In mplsXCTable: { mplsXCIndex = 0x02, - mplsXcInSegmentIndex = 0x00000015, - mplsXcOutSegmentIndex = 0x01, + mplsXCInSegmentIndex = 0x00000015, + mplsXCOutSegmentIndex = 0x01, - mplsXCLspId = 'c021041502'H, -- 192.33.4.21.2 - mplsXcLabelStackIndex = 0x00, -- only a single + mplsXCLspId = 0x0102 -- unique ID + mplsXCLabelStackIndex = 0x00, -- only a single -- outgoing label mplsXCRowStatus = createAndGo(4) } Next, we create the appropriate in-segment and out-segment entries based on the cross-connect. Note that some agents may wish to automatically create the in and out-segments based on the cross-connect creation. In mplsInSegmentTable: @@ -487,38 +490,39 @@ IMPORTS MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, Integer32, Counter32, Unsigned32, Counter64, Gauge32, zeroDotZero FROM SNMPv2-SMI MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP FROM SNMPv2-CONF TruthValue, RowStatus, StorageType, RowPointer, TimeStamp, TEXTUAL-CONVENTION FROM SNMPv2-TC - InterfaceIndexOrZero + InterfaceIndexOrZero, ifGeneralInformationGroup, + ifCounterDiscontinuityGroup FROM IF-MIB mplsStdMIB, MplsLSPID, MplsLabel, MplsBitRate, MplsOwner FROM MPLS-TC-STD-MIB AddressFamilyNumbers FROM IANA-ADDRESS-FAMILY-NUMBERS-MIB InetAddress, InetAddressType FROM INET-ADDRESS-MIB ; mplsLsrStdMIB MODULE-IDENTITY - LAST-UPDATED "200306291200Z" -- 29 June 2003 12:00:00 GMT + LAST-UPDATED "200308061200Z" -- 06 August 2003 12:00:00 GMT ORGANIZATION "Multiprotocol Label Switching (MPLS) Working Group" CONTACT-INFO - " - Cheenu Srinivasan - Email: cheenu@alumni.princeton.edu + " Cheenu Srinivasan + Blomberg L.P. + Email: cheenu@bloomberg.net Arun Viswanathan Force10 Networks, Inc. Email: arunv@force10networks.com Thomas D. Nadeau Cisco Systems, Inc. Email: tnadeau@cisco.com Comments about this document should be emailed @@ -531,21 +535,21 @@ defined in: Rosen, E., Viswanathan, A., and R. Callon, Multiprotocol Label Switching Architecture, RFC 3031, January 2001. Copyright (C) The Internet Society (2003). This version of this MIB module is part of RFCXXX; see the RFC itself for full legal notices." -- Revision history. REVISION - "200306291200Z" -- 29 June 2003 12:00:00 GMT + "200308061200Z" -- 06 August 2003 12:00:00 GMT DESCRIPTION "Initial revision, published as part of RFC XXXX." ::= { mplsStdMIB 2 } -- Textual Conventions MplsIndexType ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "This is an octet string that can be used as a table @@ -586,24 +590,25 @@ string) for an index that is not currently used in the relevant table. The Command Generator (Network Management Application) reads this variable and uses the (non-zero-length string) value read when creating a new row with an SNMP SET. When the SET is performed, the Command Responder (agent) must determine whether the value is indeed still unused; Two Network Management Applications may attempt to create a row (configuration entry) simultaneously and use the same value. If it is currently unused, the SET succeeds and the Command - Responder (agent) changes the value of this object, according to - an implementation-specific algorithm. If the value is in use, - however, the SET fails. The Network Management Application must - then re-read this variable to obtain a new usable value. + Responder (agent) changes the value of this object, according + to an implementation-specific algorithm. If the value is in + use, however, the SET fails. The Network Management + Application must then re-read this variable to obtain a new + usable value. Note that the string containing the single octet with the value 0x00 is a reserved value used to represent the special case where no additional indexes can be provisioned, or in systems that do not offer write access, objects defined using this textual convention MUST return the string containing the single octet with the value 0x00." SYNTAX OCTET STRING (SIZE(1..24)) @@ -1131,29 +1137,25 @@ objects in this row can be modified except the mplsInSegmentRowStatus and mplsInSegmentStorageType." ::= { mplsInSegmentEntry 10 } mplsInSegmentStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This variable indicates the storage type for this - object. If this object is set to readOnly(5), and the - corresponding LFIB entry is removed, then the agent - MUST remove this row shortly thereafter. - The agent MUST ensure that this object's value - remains consistent with the associated mplsXCEntry. - Conceptual rows having the value 'permanent' - need not allow write-access to any columnar - objects in the row. - The default value is volatile(2)." + object. The agent MUST ensure that this object's + value remains consistent with the associated + mplsXCEntry. Conceptual rows having the value + 'permanent' need not allow write-access to any + columnar objects in the row." REFERENCE "See RFC2579." DEFVAL { volatile } ::= { mplsInSegmentEntry 11 } -- End of mplsInSegmentTable -- in-segment performance table. mplsInSegmentPerfTable OBJECT-TYPE @@ -1508,29 +1510,25 @@ except the mplsOutSegmentRowStatus or mplsOutSegmentStorageType." ::= { mplsOutSegmentEntry 11 } mplsOutSegmentStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This variable indicates the storage type for this - object. If this object is set to readOnly(5), and the - corresponding LFIB entry is removed, then the agent - MUST remove this row shortly thereafter RFC2579. - The agent MUST ensure that this object's value + object. The agent MUST ensure that this object's value remains consistent with the associated mplsXCEntry. Conceptual rows having the value 'permanent' need not allow write-access to any columnar - objects in the row. - The default value is volatile(2)." + objects in the row." DEFVAL { volatile } ::= { mplsOutSegmentEntry 12 } -- End of mplsOutSegmentTable -- out-segment performance table. mplsOutSegmentPerfTable OBJECT-TYPE SYNTAX SEQUENCE OF MplsOutSegmentPerfEntry MAX-ACCESS not-accessible @@ -1542,21 +1540,21 @@ the interface." ::= { mplsLsrObjects 8 } mplsOutSegmentPerfEntry OBJECT-TYPE SYNTAX MplsOutSegmentPerfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in this table contains statistical information about one outgoing segment configured in - mplsOutSegmentTable. + mplsOutSegmentTable. The object mplsOutSegmentPerfDiscontinuityTime indicates the time of the last discontinuity in these objects. " AUGMENTS { mplsOutSegmentEntry } ::= { mplsOutSegmentPerfTable 1 } MplsOutSegmentPerfEntry ::= SEQUENCE { mplsOutSegmentPerfOctets Counter32, mplsOutSegmentPerfPackets Counter32, mplsOutSegmentPerfErrors Counter32, mplsOutSegmentPerfDiscards Counter32, @@ -1810,29 +1808,25 @@ Modification of mplsXCStorateType MUST be done as specified in the description of that object." ::= { mplsXCEntry 7 } mplsXCStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This variable indicates the storage type for this - object. If this variable is set to readOnly(5), and - the corresponding LFIB entry is removed, then the - agent MUST remove this row shortly thereafter. - - The agent MUST ensure that the associated in and out - segments also have the same StorageType value and are - restored consistently upon system restart. This value - SHOULD be set to permanent(4) if created as a - result of a static LSP configuration. + object. The agent MUST ensure that the associated in + and out segments also have the same StorageType value + and are restored consistently upon system restart. + This value SHOULD be set to permanent(4) if created + as a result of a static LSP configuration. Conceptual rows having the value 'permanent' need not allow write-access to any columnar objects in the row." DEFVAL { volatile } ::= { mplsXCEntry 8 } mplsXCAdminStatus OBJECT-TYPE SYNTAX INTEGER { up(1), -- ready to pass packets @@ -1983,27 +1977,25 @@ and the mplsLabelStackStorageType can be modified." ::= { mplsLabelStackEntry 5 } mplsLabelStackStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This variable indicates the storage type for this object. This object cannot be modified if - mplsLabelStackRowStatus is active(1). If this - variable is set to readOnly(5), and the - corresponding LFIB entry is removed, then the agent - MUST remove this row shortly thereafter RFC2579. + mplsLabelStackRowStatus is active(1). No objects are required to be writable for rows in this table with this object set to - permanent(4). The default value is volatile(2). + permanent(4). + The agent MUST ensure that all related entries in this table retain the same value for this object. Agents MUST ensure that the storage type for all entries related to a particular mplsXCEntry retain the same value for this object as the mplsXCEntry's StorageType." DEFVAL { volatile } ::= { mplsLabelStackEntry 6 } -- End of mplsLabelStackTable @@ -2031,21 +2023,28 @@ "An entry in this table represents one interface and incoming label pair. In cases where the label cannot fit into the mplsInSegmentLabel object, the mplsInSegmentLabelPtr will indicate this by being set to the first accessible colum in the appropriate extension table's row, and the mplsInSegmentLabel SHOULD be set to 0. In all other cases when the label is represented within the mplsInSegmentLabel object, the - mplsInSegmentLabelPtr MUST be 0.0." + mplsInSegmentLabelPtr MUST be 0.0. + + Implementors need to be aware that if the value of + the mplsInSegmentMapLabelPtrIndex (an OID) has more + that 111 sub-identifiers, then OIDs of column + instances in this table will have more than 128 + sub-identifiers and cannot be accessed using SNMPv1, + SNMPv2c, or SNMPv3." INDEX { mplsInSegmentMapInterface, mplsInSegmentMapLabel, mplsInSegmentMapLabelPtrIndex } ::= { mplsInSegmentMapTable 1 } MplsInSegmentMapEntry ::= SEQUENCE { mplsInSegmentMapInterface InterfaceIndexOrZero, mplsInSegmentMapLabel MplsLabel, mplsInSegmentMapLabelPtrIndex RowPointer, mplsInSegmentMapIndex MplsIndexType @@ -2179,221 +2178,274 @@ -- End of notifications. -- Module compliance. mplsLsrGroups OBJECT IDENTIFIER ::= { mplsLsrConformance 1 } mplsLsrCompliances OBJECT IDENTIFIER ::= { mplsLsrConformance 2 } --- Compliance requirement for fully compliant implementations. mplsLsrModuleFullCompliance MODULE-COMPLIANCE +-- Compliance requirement for fully compliant implementations. + +mplsLsrModuleFullCompliance MODULE-COMPLIANCE STATUS current - DESCRIPTION - "Compliance statement for agents that provide full - support for MPLS-LSR-STD-MIB." + DESCRIPTION "Compliance statement for agents that provide full + support for MPLS-LSR-STD-MIB. Such devices can + then be monitored and also be configured using + this MIB module." MODULE IF-MIB -- The Interfaces Group MIB, RFC 2863. MANDATORY-GROUPS { ifGeneralInformationGroup, ifCounterDiscontinuityGroup } MODULE -- This module. MANDATORY-GROUPS { mplsInterfaceGroup, mplsInSegmentGroup, mplsOutSegmentGroup, mplsXCGroup, - mplsPerfGroup, - mplsLsrNotificationGroup + mplsPerfGroup } + GROUP mplsLabelStackGroup + DESCRIPTION "This group is only mandatory for LSRs that wish to + support the modification of LSP label stacks. + " + + GROUP mplsHCInSegmentPerfGroup + DESCRIPTION "This group is mandatory for those in-segment entries + for which the object mplsInSegmentOutOctets wraps + around too quickly based on the criteria specified in + RFC 2863 for high-capacity counters. + " + + GROUP mplsHCOutSegmentPerfGroup + DESCRIPTION "This group is mandatory for those out-segment entries + for which the object mplsOutSegmentPerfOctets wraps + around too quickly based on the criteria specified in + RFC 2863 for high-capacity counters. + " + + GROUP mplsLsrNotificationGroup + DESCRIPTION "This group is only mandatory for those implementations + which can efficiently implement the notifications + contained in this group." + + OBJECT mplsInSegmentRowStatus + SYNTAX RowStatus { active(1), notInService(2) } + WRITE-SYNTAX RowStatus { active(1), notInService(2), + createAndGo(4), destroy(6) + } + DESCRIPTION "Support for notInservice, createAndWait and notReady + is not required. + " + OBJECT mplsOutSegmentNextHopAddrType + SYNTAX InetAddressType { unknown(0), ipv4(1), ipv6(2) } + MIN-ACCESS read-only + DESCRIPTION "Write access is not required. Only unknown(0), + ipv4(1) and ipv6(2) support is required. + " + + OBJECT mplsOutSegmentNextHopAddr + SYNTAX InetAddress (SIZE(0|4|16)) + MIN-ACCESS read-only + DESCRIPTION "Write access is not required. An implementation is + only required to support unknown(0), ipv4(1) and + ipv6(2) sizes." + + OBJECT mplsOutSegmentRowStatus + SYNTAX RowStatus { active(1), notInService(2) } + WRITE-SYNTAX RowStatus { active(1), notInService(2), + createAndGo(4), destroy(6) + } + DESCRIPTION "Support for notInservice, createAndWait and notReady + is not required. + " + + OBJECT mplsLabelStackRowStatus + SYNTAX RowStatus { active(1), notInService(2) } + WRITE-SYNTAX RowStatus { active(1), notInService(2), + createAndGo(4), destroy(6) + } + DESCRIPTION "Support for notInservice, createAndWait and notReady + is not required. + " + + OBJECT mplsXCRowStatus + SYNTAX RowStatus { active(1), notInService(2) } + WRITE-SYNTAX RowStatus { active(1), notInService(2), + createAndGo(4), destroy(6) + } + DESCRIPTION "Support for notInservice, createAndWait and notReady + is not required. + " + ::= { mplsLsrCompliances 1 } --- Compliance requirement for read-only implementations. mplsLsrModuleReadOnlyCompliance MODULE-COMPLIANCE +-- Compliance requirement for read-only implementations. + +mplsLsrModuleReadOnlyCompliance MODULE-COMPLIANCE STATUS current - DESCRIPTION - "Compliance requirement for implementations that only + DESCRIPTION "Compliance requirement for implementations that only provide read-only support for MPLS-LSR-STD-MIB. Such devices can then be monitored but cannot be configured - using this MIB modules." + using this MIB modules. + " MODULE IF-MIB -- The interfaces Group MIB, RFC 2863 MANDATORY-GROUPS { ifGeneralInformationGroup, ifCounterDiscontinuityGroup } MODULE -- This module MANDATORY-GROUPS { mplsInterfaceGroup, mplsInSegmentGroup, mplsOutSegmentGroup, mplsXCGroup, mplsPerfGroup } GROUP mplsLabelStackGroup - DESCRIPTION - "This group is only mandatory for LSRs - that wish to support the modification - of LSP label stacks." + DESCRIPTION "This group is only mandatory for LSRs that wish to + support the modification of LSP label stacks. + " GROUP mplsHCInSegmentPerfGroup - DESCRIPTION - "This group is mandatory for those in-segment - entries for which the object - mplsInSegmentOutOctets wraps around too - quickly based on the criteria specified in - RFC2863 for high-capacity counters." + DESCRIPTION "This group is mandatory for those in-segment entries + for which the object mplsInSegmentOutOctets wraps + around too quickly based on the criteria specified in + RFC 2863 for high-capacity counters. + " GROUP mplsHCOutSegmentPerfGroup - DESCRIPTION - "This group is mandatory for those out-segment - entries for which the object - mplsOutSegmentPerfOctets wraps around too quickly - based on the criteria specified in RFC2863 - for high-capacity counters." + DESCRIPTION "This group is mandatory for those out-segment entries + for which the object mplsOutSegmentPerfOctets wraps + around too quickly based on the criteria specified in + RFC 2863 for high-capacity counters. + " + + GROUP mplsLsrNotificationGroup + DESCRIPTION "This group is only mandatory for those implementations + which can efficiently implement the notifications + contained in this group. + " -- mplsInSegmentTable OBJECT mplsInSegmentLabel MIN-ACCESS read-only - DESCRIPTION - "Write access is not required." + DESCRIPTION "Write access is not required." OBJECT mplsInSegmentLabelPtr MIN-ACCESS read-only - DESCRIPTION - "Write access is not required." + DESCRIPTION "Write access is not required." OBJECT mplsInSegmentNPop + SYNTAX Integer32 (1..1) MIN-ACCESS read-only - DESCRIPTION - "Write access is not required. This object - SHOULD be set to 1 if it is read-only." + DESCRIPTION "Write access is not required. This object + SHOULD be set to 1 if it is read-only. + " OBJECT mplsInSegmentAddrFamily - DESCRIPTION - "Write access is not required. A value of - other(0) should be supported because there may - be cases where the agent may not know about or - support any address types." + MIN-ACCESS read-only + DESCRIPTION "Write access is not required. A value of other(0) + should be supported because there may be cases where + the agent may not know about or support any address + types. + " OBJECT mplsInSegmentRowStatus - SYNTAX RowStatus { active(1), notInService(2) } - WRITE-SYNTAX RowStatus { notInService(2), createAndGo(4), - destroy(6) } + SYNTAX RowStatus { active(1) } MIN-ACCESS read-only - DESCRIPTION - "Write access is not required." + DESCRIPTION "Write access is not required." + OBJECT mplsInSegmentStorageType MIN-ACCESS read-only - DESCRIPTION - "Only readOnly(5) needs to be supported." + DESCRIPTION "Write access is not required." -- mplsOutSegmentTable OBJECT mplsOutSegmentInterface MIN-ACCESS read-only - DESCRIPTION - "Write access is not required." + DESCRIPTION "Write access is not required." OBJECT mplsOutSegmentPushTopLabel MIN-ACCESS read-only - DESCRIPTION - "Write access is not required." + DESCRIPTION "Write access is not required." OBJECT mplsOutSegmentTopLabel MIN-ACCESS read-only - DESCRIPTION - "Write access is not required." + DESCRIPTION "Write access is not required." OBJECT mplsOutSegmentTopLabelPtr MIN-ACCESS read-only - DESCRIPTION - "Write access is not required." + DESCRIPTION "Write access is not required." OBJECT mplsOutSegmentNextHopAddrType SYNTAX InetAddressType { unknown(0), ipv4(1), ipv6(2) } MIN-ACCESS read-only - DESCRIPTION - "Write access is not required. Only - IPv4(1), IPv6(2) and unknown(3) sizes - are required." - + DESCRIPTION "Write access is not required. Only unknown(0), + ipv4(1) and ipv6(2) support is required. + " OBJECT mplsOutSegmentNextHopAddr SYNTAX InetAddress (SIZE(0|4|16)) MIN-ACCESS read-only - DESCRIPTION - "An implementation is only required to support unknown(0), - IPv4(1) and IPv6(2) addresses. Write access is not - required." + DESCRIPTION "Write access is not required. An implementation is + only required to support unknown(0), ipv4(1) and + ipv6(2) sizes." OBJECT mplsOutSegmentRowStatus - SYNTAX RowStatus { active(1), notInService(2) } - WRITE-SYNTAX RowStatus { notInService(2), createAndGo(4), - destroy(6) } + SYNTAX RowStatus { active(1) } MIN-ACCESS read-only - DESCRIPTION - "Read only support is required." + DESCRIPTION "Write access is not required." + OBJECT mplsOutSegmentStorageType MIN-ACCESS read-only - DESCRIPTION - "Only readOnly(5) needs to be supported." + DESCRIPTION "Write access is not required." -- mplsXCTable OBJECT mplsXCLabelStackIndex MIN-ACCESS read-only - DESCRIPTION - "Write access is not required." + DESCRIPTION "Write access is not required." OBJECT mplsXCAdminStatus MIN-ACCESS read-only - DESCRIPTION - "Read only support is required." + DESCRIPTION "Read only support is required." OBJECT mplsXCRowStatus - SYNTAX RowStatus { active(1), notInService(2) } - WRITE-SYNTAX RowStatus { notInService(2), createAndGo(4), - destroy(6) } + SYNTAX RowStatus { active(1) } MIN-ACCESS read-only - DESCRIPTION - "Read only support required." + DESCRIPTION "Write access is not required." OBJECT mplsXCStorageType MIN-ACCESS read-only - DESCRIPTION - "Write access is not required." + DESCRIPTION "Write access is not required." OBJECT mplsLabelStackLabel MIN-ACCESS read-only - DESCRIPTION - "Write access is not required." + DESCRIPTION "Write access is not required." OBJECT mplsLabelStackLabelPtr MIN-ACCESS read-only - DESCRIPTION - "Write access is not required." + DESCRIPTION "Write access is not required." OBJECT mplsLabelStackRowStatus - SYNTAX RowStatus { active(1), notInService(2) } - WRITE-SYNTAX RowStatus { notInService(2), createAndGo(4), - destroy(6) } MIN-ACCESS read-only - DESCRIPTION - "Write access is not required." + DESCRIPTION "Write access is not required." OBJECT mplsLabelStackStorageType MIN-ACCESS read-only - DESCRIPTION - "Write access is not required." - + DESCRIPTION "Write access is not required." ::= { mplsLsrCompliances 2 } -- Units of conformance. mplsInterfaceGroup OBJECT-GROUP OBJECTS { mplsInterfaceLabelMinIn, mplsInterfaceLabelMaxIn, mplsInterfaceLabelMinOut, mplsInterfaceLabelMaxOut, @@ -2517,33 +2568,32 @@ OBJECTS { mplsLabelStackLabel, mplsLabelStackLabelPtr, mplsLabelStackRowStatus, mplsLabelStackStorageType, mplsMaxLabelStackDepth, mplsLabelStackIndexNext } STATUS current DESCRIPTION - "Objects needed to support label stacking which - is an optional feature for an LSR." + "Objects needed to support label stacking." ::= { mplsLsrGroups 8 } mplsLsrNotificationGroup NOTIFICATION-GROUP NOTIFICATIONS { mplsXCUp, mplsXCDown } STATUS current DESCRIPTION - "Set of notifications implemented in this module. - None is mandatory." + "Set of notifications implemented in this + module." ::= { mplsLsrGroups 9 } END 11. Security Considerations It is clear that this MIB module is potentially useful for monitoring of MPLS LSRs. This MIB can also be used for configuration of certain objects, and anything that can be configured can be incorrectly configured, with potentially disastrous results. @@ -2561,21 +2611,22 @@ and mplsInSegmentPerfTable collectively contain objects to provision MPLS interfaces, LSPs and their associated parameters on an Label Switching Router (LSR). Unauthorized access to objects in these tables, could result in disruption of traffic on the network. This is especially true if an LSP has been established. The use of stronger mechanisms such as SNMPv3 security should be considered where possible. Specifically, SNMPv3 VACM and USM MUST be used with any v3 agent which implements this MIB module. Administrators should consider whether read access to these objects should be allowed, - since read access may be undesirable under certain circumstances. + since read access may be undesirable under certain + circumstances. Some of the readable objects in this MIB module "i.e., objects with a MAX-ACCESS other than not-accessible" may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. These are the tables and objects and their sensitivity/vulnerability: o the mplsLsrInSegmentTable, mplsLsrOutSegmentTable, @@ -2594,34 +2645,48 @@ It is RECOMMENDED that implementers consider the security features as provided by the SNMPv3 framework "see [RFC3410], section 8", including full support for the SNMPv3 cryptographic mechanisms "for authentication and privacy". Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an - instance of this MIB module, is properly configured to give access to - the objects only to those principals "users" that have legitimate + instance of this MIB module, is properly configured to give access + to the objects only to those principals "users" that have legitimate + rights to indeed GET or SET "change/create/delete" them. 12. Acknowledgments We wish to thank Ron Bonica, Adrian Farrel, Eric Gray, Tim Mancour, Keith McCloghrie, Bala Rajagopalan, Dan Tappan, Vasanthi - Thirumalai, Joseph Benoit, Mike Piecuch, and Joan Cucchiara. + Thirumalai, Joseph Benoit, Mike Piecuch, Joan Cucchiara. A special thanks to Bert Wijnen and Mike MacFaden for really getting the MIB module into shape. -13. References +13. IANA Considerations + As described in [MPLSMGMT] and as requested in the MPLS-TC-STD-MIB + [MPLSTCMIB], MPLS related standards track MIB modules should be + rooted under the mplsStdMIB subtree. There are 4 MPLS MIB Modules + contained in this document, each of the following "IANA + Considerations" subsections requests IANA for a new assignment under + the mplsStdMIB subtree. New assignments can only be made via a + Standards Action as specified in [RFC2434]. -13.1. Normative References +13.1. IANA Considerations for MPLS-LSR-STD-MIB + The IANA is requested to assign { mplsStdMIB 2 } to the + MPLS-LSR-STD-MIB module specified in this document. + +14. References + +14.1. Normative References [RFC2119] S. Bradner, "Key Words for use in RFCs to Indicate Requirement Levels", RFC 2119, BCP 14, March 1997. [RFC2515] Tesink, K., et al., "Definitions of Managed Objects for ATM Management", RFC 2515, February 1999. [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC @@ -2647,70 +2712,73 @@ for Internet Network Addresses", RFC3291, May 2002. [RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks", RFC 3411, December 2002. [TEMIB] Srinivasan, C., Viswanathan, A. and Nadeau, T., "MPLS Traffic Engineering Management Information Base ", - Internet Draft , - June, 2003. + Internet Draft , + November 2002. [TCMIB] Nadeau, T., Cucchiara, J., Srinivasan, C., Viswanathan, A., Sjostrand, H. and K. Kompella, "Definition of Textual Conventions and OBJECT- IDENTITIES for Multi-Protocol Label Switching (MPLS) Management", Internet Draft , June 2003. + 06.txt>, April 2003. [IANAFamily] Internet Assigned Numbers Authority (IANA), ADDRESS FAMILY NUMBERS, (http://www.isi.edu/in- notes/iana/assignements/address-family-numbers), for MIB see: ftp://ftp.isi.edu/mib/iana.mib/ianaaddressfamilynum bers.mib -13.2. Informative References +14.2. Informative References [RFC2026] S. Bradner, "The Internet Standards Process -- Revision 3", RFC 2026, October 1996. [RFC3413] Levi, D., Meyer, P., Stewart, B., "SNMP Applications", RFC 3413, December 2002. [RFC3410] Case, J., Mundy, R., Partain, D. and B. Stewart, "Introduction and Applicability Statements for Internet-Standard Management Framework", RFC 3410, December 2002. -14. Authors' Addresses +15. Authors' Addresses Cheenu Srinivasan - Email: cheenu@alumni.princeton.edu + Bloomberg L.P. + 499 Park Ave., New York, NY 10022 + Phone: +1-212-893-3682 + Email: cheenu@bloomberg.net Arun Viswanathan Force10 Networks, Inc. 1440 McCarthy Blvd Milpitas, CA 95035 Phone: +1-408-571-3516 Email: arunv@force10networks.com Thomas D. Nadeau Cisco Systems, Inc. 300 Beaver Brook Road Boxboro, MA 01719 Phone: +1-978-936-1470 Email: tnadeau@cisco.com -15. Full Copyright Statement +16. Full Copyright Statement Copyright (C) The Internet Society (2003). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any @@ -2723,21 +2791,21 @@ The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. -16. Intellectual Property Notice +17. Intellectual Property Notice The IETF takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on the IETF's procedures with respect to rights in standards-track and standards-related documentation can be found in BCP-11 [RFC2028]. Copies of claims of rights made available for publication and any