Network Working Group Glenn M. Keeni INTERNET-DRAFT Cyber Solutions Inc. Expires: April 19, 2004 Kazuhide Koide Network Working Group Tohoku University Kenichi Nagami INTEC NetCore Inc. Sri Gundavelli Cisco Systems Inc. October 20, 2003 The Mobile IPv6 MIB Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on April 19, 2004. Copyright Notice Copyright (C) The Internet Society (2003). All Rights Reserved. Abstract This memo defines a portion of the Management Information Base (MIB), the the Mobile-IPv6 MIB, for use with network management protocols Expires: April 19, 2004 [Page 1] Internet Draft October 20, 2003 in the Internet community. In particular, Mobile-IPv6 MIB will be used to monitor and control Mobile Node, Home Agent and Correspondent Node functions of an MIPv6 entity. Table of Contents 1. The Internet-Standard Management Framework .................... 3 2. Overview ...................................................... 3 3. Mobile IPv6 Monitoring and Control Requirements ............... 4 4. MIB Design .................................................... 5 5. The Mobile-IPv6 MIB ........................................... 7 6. Intellectual Property .........................................39 7. Acknowledgments ...............................................39 References ........................................................40 Security Considerations ...........................................42 Authors' Addresses ................................................44 Full Copyright Statement ..........................................45 Expires: April 19, 2004 [Page 2] Internet Draft October 20, 2003 1. The Internet-Standard Management Framework For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580]. 2. Overview 2.1 The Mobile IPv6 Protocol entities. Mobile IPv6 (mipv6) [MIPv6] specifies a protocol which allows nodes to remain reachable while moving around in the IPv6 Internet. An entity which implements the mipv6 protocol is an mipv6 entity. There are three types of entities envisaged by the mipv6 protocol. mobile node (MN): A node that can change its point of attachment from one link to another, while still being reachable via its home address. correspondent node (CN): A peer node with which a mobile node is communicating. The correspondent node may be either mobile or stationary. [Note that a corespondent node does not necessarily require mipv6 support.] home agent (HA): A router on a mobile node's home link with which the mobile node has registered its current care-of address. While the mobile node is away from home, the home agent intercepts packets on the home link destined to the mobile node's home address, ecapsulates them, and tunnels them to the mobile node's registered care-of address. This document defines the managed objects that will be required to monitor and control mipv6 entities. Expires: April 19, 2004 [Page 3] Internet Draft October 20, 2003 2.2 Terminology. The terminolgy used in this document is consistent with the definitions used in Mobile IPv6 protocol specification[MIPv6]. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14, RFC 2119 [RFC2119]. 3. Mobile IPv6 Monitoring and Control Requirements For managing an MIPv6 entity it is necessary to monitor the following o capabilities of MIPv6 entities o traffic due to MIPv6 o binding related statistics (at HA, CN, MN ) o binding details (at HA, CN) o history of binding updates (at HA, CN, MN) The MIPv6 protocol document stipulates that several MIPv6 related parameters should be manually configurable. The MIPv6 MIB should define managed objects that can be used to configure the related parameters. Expires: April 19, 2004 [Page 4] Internet Draft October 20, 2003 4. MIB Design. The basic principle has been to keep the MIB as simple as possible and at the same time to make it effective enough so that the essential needs of monitoring and control are met. It is envisaged that wherever possible existing MIBS will be used (e.g. IPSec MIB, Neighbour Discovery MIB, Tunnel MIB..) for monitor and control of MIPv6 entities. The MIPv6MIB comprises of following sets of groups - mipv6IP: a generic group containing objects that are common to all the mobile IPv6 entities. - mipv6HA: this group models the Home Agent service. It comprises of objects specific to the services and associated advertisement parameters offerred by the Home Agent on each of its links It also contains objects pertaining to the maintenance of the Home Agent list on each of the links on which the service is offered. - mipv6MN: this group models the Mobile Node service. It comprises of objects specific to the Dynamic Home Agent discovery function and related parameters. It also contains objects that record the movement of the mobile node. - mipv6CN: models the Correspondent Node and is primarily scoped to its participation in the Return Routability procedure for achieving Route Optimization triggered by the mobile node. - mipv6Notifications: defines the set of notifications that will be used to asynchronously monitor the mobile IPv6 entities. The tables contained in the above groups are as follows- mipv6IPBindingCacheTable : contains the BindingCache. mipv6IPBindingHistoryTable : the history of the Bindings. mipv6NodeTrafficTable : the mobile node-wise traffic counters. mnBLTable : contains information about the registration requests sent by the mobile node and the corresponding results. cnCounterTable : contains the mobile node-wise registration statistics. haAdvConfTable : contains the configurable advertisement parameters for all the interfaces on which the which the home agent service is advertised. haCounterTable : contains registration statistics for all mobile nodes registered Expires: April 19, 2004 [Page 5] Internet Draft October 20, 2003 with the home agent. haListTable : contains the list of all routers that are acting as home agents on each of the interfaces on which the home agent service is offered by this router. Expires: April 19, 2004 [Page 6] Internet Draft October 20, 2003 5. The Mobile-IPv6 MIB. MOBILEIPV6-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, experimental, Unsigned32, Integer32, Gauge32, OBJECT-TYPE, NOTIFICATION-TYPE FROM SNMPv2-SMI -- TEXTUAL-CONVENTION, TruthValue, TimeStamp FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF -- SnmpAdminString -- FROM SNMP-FRAMEWORK-MIB InetAddressType, InetAddress FROM INET-ADDRESS-MIB ipv6IfIndex FROM IPV6-MIB ; mipv6MIB MODULE-IDENTITY LAST-UPDATED "200308250000Z" -- 25th August, 2003 ORGANIZATION "Cyber Solutions NetMan Working Group" CONTACT-INFO " Glenn Mansfield Keeni Postal: Cyber Solutions Inc. 6-6-3, Minami Yoshinari Aoba-ku, Sendai, Japan 989-3204. Tel: +81-22-303-4012 Fax: +81-22-303-4015 E-mail: glenn@cysols.com Support Group E-mail: mibsupport@cysols.com" DESCRIPTION " The MIB for monitoring Mobile-IPv6 entities. Copyright (C) The Internet Society (2003). This version of this MIB module is part of RFC xxxx; see the RFC itself for full legal notices. " -- RFC Ed.: replace xxxx with actual RFC number & remove this note REVISION "200308250000Z" -- 25th August, 2003 DESCRIPTION "Initial version, published as RFC yyyy." -- RFC Ed.: replace yyyy with actual RFC number & remove this note Expires: April 19, 2004 [Page 7] Internet Draft October 20, 2003 ::= { experimental 999 } -- will be assigned by IANA -- The major groups mipv6IP OBJECT IDENTIFIER ::= { mipv6MIB 1 } mipv6MN OBJECT IDENTIFIER ::= { mipv6MIB 2 } mipv6CN OBJECT IDENTIFIER ::= { mipv6MIB 3 } mipv6HA OBJECT IDENTIFIER ::= { mipv6MIB 4 } mipv6AR OBJECT IDENTIFIER ::= { mipv6MIB 5 } -- The sub groups mipv6IPSystem OBJECT IDENTIFIER ::= { mipv6IP 1 } mipv6IPBindings OBJECT IDENTIFIER ::= { mipv6IP 2 } mipv6IPTraffic OBJECT IDENTIFIER ::= { mipv6IP 3 } mipv6MNSystem OBJECT IDENTIFIER ::= { mipv6MN 1 } mipv6MNDiscovery OBJECT IDENTIFIER ::= { mipv6MN 2 } mipv6MNRegistration OBJECT IDENTIFIER ::= { mipv6MN 3 } mipv6CNSystem OBJECT IDENTIFIER ::= { mipv6CN 1 } mipv6HAAdvertisement OBJECT IDENTIFIER ::= { mipv6HA 1 } mipv6HAStats OBJECT IDENTIFIER ::= { mipv6HA 2 } mipv6ARRegn OBJECT IDENTIFIER ::= { mipv6AR 1 } mipv6Entities OBJECT-TYPE SYNTAX BITS { mobileNode (0), homeAgent (1), correspondentNode (2) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object describes which Mobile IP entities are supported by this managed entity. The entity may support more than one Mobile IP entities. For example, the entity supports both Mobile Node (MN) and Home Agent (HA). Therefore, bit 0 and bit 1 are set to 1 for this object." ::= { mipv6IPSystem 1 } mipv6Enable OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } MAX-ACCESS read-write Expires: April 19, 2004 [Page 8] Internet Draft October 20, 2003 STATUS current DESCRIPTION "Indicates whether the Mobile IP protocol should be enabled for the managed entity. If it is disabled, the entity should disable both agent discovery and registration functions." ::= { mipv6IPSystem 2 } mipv6BindingCacheSupported OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates whether binding cache is supported. " ::= { mipv6IPSystem 3 } -- Mobile IP security -- -- The IPSec MIB should be usable here -- -- mipv6BindingCache mipv6BindingCacheTable OBJECT-TYPE SYNTAX SEQUENCE OF Mipv6BindingCacheEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing BindingCache." ::= { mipv6IPBindings 1 } mipv6BindingCacheEntry OBJECT-TYPE SYNTAX Mipv6BindingCacheEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The details of a particular Binding." INDEX { mipv6BindingHomeAddressType, mipv6BindingHomeAddress } ::= { mipv6BindingCacheTable 1 } Mipv6BindingCacheEntry ::= SEQUENCE { mipv6BindingHomeAddressType InetAddressType, mipv6BindingHomeAddress InetAddress, mipv6BindingCOAType InetAddressType, Expires: April 19, 2004 [Page 9] Internet Draft October 20, 2003 mipv6BindingCOA InetAddress, mipv6BindingMaxSeq Unsigned32, mipv6BindingTimeGranted Unsigned32, mipv6BindingTimeCreated TimeStamp, mipv6BindingTimeRemaining Gauge32 } mipv6BindingHomeAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS not-accessible STATUS current DESCRIPTION "The InetAddressType of the mipv6BindingHomeAddress that follows. " ::= { mipv6BindingCacheEntry 1 } mipv6BindingHomeAddress OBJECT-TYPE SYNTAX InetAddress (SIZE (16|20)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Mobile node's home address. " ::= { mipv6BindingCacheEntry 2 } mipv6BindingCOAType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-only STATUS current DESCRIPTION "The InetAddressType of the mipv6BindingCOA that follows. " ::= { mipv6BindingCacheEntry 3 } mipv6BindingCOA OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Mobile node's care-of-address. One mobile node can have multiple bindings with different care-of-addresses." ::= { mipv6BindingCacheEntry 4 } mipv6BindingMaxSeq OBJECT-TYPE SYNTAX Unsigned32 Expires: April 19, 2004 [Page 10] Internet Draft October 20, 2003 MAX-ACCESS read-only STATUS current DESCRIPTION "The maximum value of the Sequence Number field sent in previous Binding Updates to this node. " ::= { mipv6BindingCacheEntry 5 } mipv6BindingTimeGranted OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The lifetime in seconds granted to the mobile node for this registration." ::= { mipv6BindingCacheEntry 6 } mipv6BindingTimeCreated OBJECT-TYPE SYNTAX TimeStamp UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The time when this binding cache entry was created by registering the binding. " ::= { mipv6BindingCacheEntry 7 } mipv6BindingTimeRemaining OBJECT-TYPE SYNTAX Gauge32 UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The lifetime remaining for this entry. " ::= { mipv6BindingCacheEntry 8 } -- mipv6BindingHistory -- This table records the history of the Bindings. The size of the -- will be left to implementors. mipv6BindingHistoryTable OBJECT-TYPE SYNTAX SEQUENCE OF Mipv6BindingHistoryEntry MAX-ACCESS not-accessible STATUS current Expires: April 19, 2004 [Page 11] Internet Draft October 20, 2003 DESCRIPTION "A table containing history of the bindings. " ::= { mipv6IPBindings 2 } mipv6BindingHistoryEntry OBJECT-TYPE SYNTAX Mipv6BindingHistoryEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The record of a binding ." INDEX { mipv6BindingHstHomeAddressType, mipv6BindingHstHomeAddress , mipv6BindingHstIndex} ::= { mipv6BindingHistoryTable 1 } Mipv6BindingHistoryEntry ::= SEQUENCE { mipv6BindingHstHomeAddressType InetAddressType, mipv6BindingHstHomeAddress InetAddress, mipv6BindingHstCOAType InetAddressType, mipv6BindingHstCOA InetAddress, mipv6BindingHstIndex Unsigned32, mipv6BindingHstTimeStamp TimeStamp } mipv6BindingHstHomeAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS not-accessible STATUS current DESCRIPTION "The InetAddressType of the mipv6BindingHomeAddress that follows. " ::= { mipv6BindingHistoryEntry 1 } mipv6BindingHstHomeAddress OBJECT-TYPE SYNTAX InetAddress (SIZE (16|20)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Mobile node's home (IP) address. " ::= { mipv6BindingHistoryEntry 2 } mipv6BindingHstCOAType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-only Expires: April 19, 2004 [Page 12] Internet Draft October 20, 2003 STATUS current DESCRIPTION "The InetAddressType of the mipv6BindingCOA that follows. " ::= { mipv6BindingHistoryEntry 3 } mipv6BindingHstCOA OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Mobile node's care-of-address. One mobile node can have multiple bindings with different care-of-addresses." ::= { mipv6BindingHistoryEntry 4 } mipv6BindingHstIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "The index to uniquely identify this record along with the Mobile nodes HomeAddress type and HomeAddress. It should be monotonically increasing. And may wrap after reaching its max value." ::= { mipv6BindingHistoryEntry 5 } mipv6BindingHstTimeStamp OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The timestamp when the binding was registered." ::= { mipv6BindingHistoryEntry 6 } -- mipv6MNSystem Group mnState OBJECT-TYPE SYNTAX INTEGER { home(1), registered(2), pending(3), isolated(4), unknown(5) } MAX-ACCESS read-only STATUS current DESCRIPTION Expires: April 19, 2004 [Page 13] Internet Draft October 20, 2003 "Indicates mobile node's state of Mobile IP: home, -- MN is connected to home network. registered, -- MN is on a foreign network and has registered with the Home agent pending, -- MN has sent registration request -- and is waiting for the reply isolated, -- MN is isolated from network unknown -- MN can not determine its state." ::= { mipv6MNSystem 1 } mnHomeAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-only STATUS current DESCRIPTION "The InetAddressType of the mnHomeAddress that follows. " ::= { mipv6MNSystem 2 } -- Specify the default value mnHomeAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-only STATUS current DESCRIPTION "An IP address that is assigned for an extended period of time to the mobile node. It remains unchanged regardless of the mobile node's current point of attachment. If mobile node doesn't have home address assigned yet then this object will take the default value." ::= { mipv6MNSystem 3 } -- This needs to be in a history table too. mnRecentAdvReceived OBJECT IDENTIFIER ::= { mipv6MNDiscovery 1 } mnAdvSourceAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-only STATUS current DESCRIPTION "The InetAddressType of the mnAdvSourceAddress that follows. " ::= { mnRecentAdvReceived 1 } Expires: April 19, 2004 [Page 14] Internet Draft October 20, 2003 mnAdvSourceAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The source IP address of the most recently received Agent Advertisement. This address could be the address of a home agent or a foreign agent." ::= { mnRecentAdvReceived 2 } mnAdvMaxAdvLifetime OBJECT-TYPE SYNTAX Integer32 (1..65535) UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The maximum length of time that the Advertisement is considered valid in the absence of further Advertisements." REFERENCE "AdvertisementLifeTime in RFC1256." ::= { mnRecentAdvReceived 3 } mnAdvTimeReceived OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The time at which the most recently received advertisement was received." ::= { mnRecentAdvReceived 4 } -- mipv6TrafficCounters mipv6TotalTraffic OBJECT IDENTIFIER ::= { mipv6IPTraffic 1 } mipv6InOctets OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The mipv6 Octets received by the mipv6 entity. " ::= { mipv6TotalTraffic 1 } mipv6InPkts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only Expires: April 19, 2004 [Page 15] Internet Draft October 20, 2003 STATUS current DESCRIPTION "The mipv6 Pkts received by the mipv6 entity. " ::= { mipv6TotalTraffic 2 } mipv6OutOctets OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of mipv6 Octets sent by the mipv6 entity. " ::= { mipv6TotalTraffic 3 } mipv6OutPkts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of mipv6 Pkts sent by the mipv6 entity. " ::= { mipv6TotalTraffic 4 } -- mipv6NodeTrafficCounters mipv6NodeTrafficTable OBJECT-TYPE SYNTAX SEQUENCE OF Mipv6NodeTrafficEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing Traffic counters per mobile node." ::= { mipv6IPTraffic 2 } mipv6NodeTrafficEntry OBJECT-TYPE SYNTAX Mipv6NodeTrafficEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The traffic counters for a mobile node." INDEX { mipv6BindingHomeAddressType, mipv6BindingHomeAddress } ::= { mipv6NodeTrafficTable 1 } Mipv6NodeTrafficEntry ::= SEQUENCE { mipv6NodeInOctets Counter32, -- mipv6NodeHCInOctets Counter64, mipv6NodeInPkts Counter32, Expires: April 19, 2004 [Page 16] Internet Draft October 20, 2003 -- mipv6NodeHCInPkts Counter64, mipv6NodeOutOctets Counter32, -- mipv6NodeHCOutOctets Counter64, mipv6NodeOutPkts Counter32 -- mipv6NodeHCOutPkts Counter64 } mipv6NodeInOctets OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The mipv6 octets received for the mobile node. " ::= { mipv6NodeTrafficEntry 1 } mipv6NodeInPkts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The mipv6 packets received for the mobile node. " ::= { mipv6NodeTrafficEntry 2 } mipv6NodeOutOctets OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of mipv6Node octets sent to the mobile node. " ::= { mipv6NodeTrafficEntry 3 } mipv6NodeOutPkts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of mipv6 packets sent to the mobile node. " ::= { mipv6NodeTrafficEntry 4 } -- Mobile Node Discovery Group Counter mnSolicitationsSent OBJECT-TYPE SYNTAX Counter32 Expires: April 19, 2004 [Page 17] Internet Draft October 20, 2003 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of solicitations sent by the mobile node." ::= { mipv6MNDiscovery 2 } mnAdvertisementsReceived OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of advertisements received by the mobile node." ::= { mipv6MNDiscovery 3 } mnAdvertisementsIgnored OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of advertisements discarded by the validity check. " ::= { mipv6MNDiscovery 4 } mnMoveFromFNToFN OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Number of times that the mobile node has decided to move from one foreign network to another foreign network." ::= { mipv6MNDiscovery 5 } mnMoveFromFNToHN OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Number of times that the mobile node has decided to move from a foreign network to its home network." ::= { mipv6MNDiscovery 6 } mnAgentRebootsDectected OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only Expires: April 19, 2004 [Page 18] Internet Draft October 20, 2003 STATUS current DESCRIPTION "Total number of home agent reboots detected by the mobile node through sequence number of the advertisement." ::= { mipv6MNDiscovery 7 } -- Mobile Node Registration Group -- Registration table of mobile node mnBLTable OBJECT-TYPE SYNTAX SEQUENCE OF MnRegistrationEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing information about the mobile node's attempted registration(s). The mobile node updates this table based upon Registration Requests sent and Registration Replies received in response to these requests. Certain variables within this table are also updated if when Registration Requests are retransmitted." ::= { mipv6MNRegistration 1 } mnBLEntry OBJECT-TYPE SYNTAX MnRegistrationEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information about one registration attempt." INDEX { mnBLNodeAddressType, mnBLNodeAddress, mnBLCOAType, mnBLCOA } ::= { mnBLTable 1 } MnRegistrationEntry ::= SEQUENCE { mnBLNodeAddressType InetAddressType, mnBLNodeAddress InetAddress, mnBLCOAType InetAddressType, mnBLCOA InetAddress, mnBLMaxSeq Unsigned32, mnBLLifeTime Unsigned32, mnBLLifeTimeRemaining Gauge32, mnBLTimeSent TimeStamp, mnBLIsAccepted TruthValue, -- mnBLSendState Integer32, Expires: April 19, 2004 [Page 19] Internet Draft October 20, 2003 mnBLRetransmissions Integer32, mnBLRetransTime TimeStamp } mnBLNodeAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS not-accessible STATUS current DESCRIPTION "The InetAddressType of the mnBLNodeAddress that follows. " ::= { mnBLEntry 1 } mnBLNodeAddress OBJECT-TYPE SYNTAX InetAddress (SIZE (16|20)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "IP address of the agent as used in the destination IP address of the Registration Request. The agent may be a home agent or a Corresponding Node." ::= { mnBLEntry 2 } mnBLCOAType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS not-accessible STATUS current DESCRIPTION "The InetAddressType of the mnBLCOA that follows. " ::= { mnBLEntry 3 } mnBLCOA OBJECT-TYPE SYNTAX InetAddress (SIZE (16|20)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Care-of address for the registration." ::= { mnBLEntry 4 } mnBLMaxSeq OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The maximum value of the Sequence Number field sent in previous Binding Updates to this destination. Expires: April 19, 2004 [Page 20] Internet Draft October 20, 2003 " ::= { mnBLEntry 5 } mnBLLifeTime OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "If the registration is pending, then this is the lifetime requested by the mobile node (in seconds). If the registration has been accepted, then this is the lifetime actually granted by the home agent in the reply." ::= { mnBLEntry 6 } mnBLLifeTimeRemaining OBJECT-TYPE SYNTAX Gauge32 UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of seconds remaining until this registration expires. It has the same initial value as mnBLTimeRequested and is only valid if mnBLIsAccepted is TRUE." ::= { mnBLEntry 7 } mnBLTimeSent OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The time when the last (re-)transmission occurred." ::= { mnBLEntry 8 } mnBLIsAccepted OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "true(1) if the mobile node has received a Registration Reply indicating that service has been accepted; false(2) otherwise. false(2) implies that the registration is still pending." ::= { mnBLEntry 9 } mnBLRetransmissions OBJECT-TYPE Expires: April 19, 2004 [Page 21] Internet Draft October 20, 2003 SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Binding Update retransmissions sent. " ::= { mnBLEntry 10 } mnBLRetransTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The time when the last Binding Update retransmission was sent. " ::= { mnBLEntry 11 } -- Mobile Node Registration Group Counters mnRegnCounters OBJECT IDENTIFIER ::= { mipv6MNRegistration 2 } mnControlMessagePackets OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of of MobileIPv6 control messages sent by the Mobile Node. These are the IPv6 datagrams with a mobility header." ::= { mnRegnCounters 1 } mnBUsToHA OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Binding Updates sent to Home Agent. " ::= { mnRegnCounters 2 } mnBUAcksFromHA OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of valid Binding Update Acks received from all the Home Agents. " Expires: April 19, 2004 [Page 22] Internet Draft October 20, 2003 ::= { mnRegnCounters 3 } mnBUToCN OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Binding Updates sent to all the Correspondent Nodes by the MN. " ::= { mnRegnCounters 4 } mnBUAcksFromCN OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of valid Binding Update ACKs received from all the Correspondent Nodes. " ::= { mnRegnCounters 5 } mnBindingErrorsFromHA OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Binding Error messages received by MN from HA. " ::= { mnRegnCounters 6 } mnBindingErrorsFromCN OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Binding Error messages received by MN from CN. " ::= { mnRegnCounters 7 } mnICMPErrorReceived OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of ICMP Error messages received by Expires: April 19, 2004 [Page 23] Internet Draft October 20, 2003 MN from CN. " ::= { mnRegnCounters 8 } mnBRRequestsReceived OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of Binding Refresh requests received by the mobile node from all CNs." ::= { mnRegnCounters 9 } mnBLDynamicAgentDiscoverySent OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " " ::= { mnRegnCounters 10 } -- Registration Group counters used for both CN and HA mipv6RegnBUAccepted OBJECT-TYPE -- (Code 0) SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " Total number of Binding Updates Accepted." ::= { mipv6ARRegn 1 } mipv6RegnPrefDiscoverReqd OBJECT-TYPE -- (Code 1) SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " " ::= { mipv6ARRegn 2 } mipv6RegnReasonUnspecified OBJECT-TYPE -- (Code 128) SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by home agent -- reason unspecified (Code 128)." ::= { mipv6ARRegn 3 } Expires: April 19, 2004 [Page 24] Internet Draft October 20, 2003 mipv6RegnAdmProhibited OBJECT-TYPE -- (Code 129) SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by home agent -- administratively prohibited (Code 129)." ::= { mipv6ARRegn 4 } mipv6RegnInsufficientResource OBJECT-TYPE -- (Code 130) SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by home agent -- insufficient resources (Code 130)." ::= { mipv6ARRegn 5 } mipv6RegnHomeRegnNotSupported OBJECT-TYPE -- (Code 131) SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by home agent -- mobile node failed authentication (Code 131)." ::= { mipv6ARRegn 6 } mipv6RegnNotHomeSubnet OBJECT-TYPE -- (Code 132) SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " " ::= { mipv6ARRegn 7 } mipv6RegnNotHomeAgentForThisMN OBJECT-TYPE -- (Code 133) SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " " ::= { mipv6ARRegn 8 } mipv6RegnDupAddrDetectionFailed OBJECT-TYPE -- (Code 134) SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION Expires: April 19, 2004 [Page 25] Internet Draft October 20, 2003 " " ::= { mipv6ARRegn 9 } mipv6RegnSeqNumberOutOfWindow OBJECT-TYPE -- (Code 135) SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " " ::= { mipv6ARRegn 10 } mipv6RegnExpiredHomeNonceIndex OBJECT-TYPE -- (Code 136) SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " " ::= { mipv6ARRegn 11 } mipv6RegnExpiredCareOfNonceIndex OBJECT-TYPE -- (Code 137) SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " " ::= { mipv6ARRegn 12 } mipv6RegnExpiredNonce OBJECT-TYPE -- (Code 138) SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " " ::= { mipv6ARRegn 13 } mipv6RegnRegTypeChangeDisallowed OBJECT-TYPE -- (Code 139) SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " " ::= { mipv6ARRegn 14 } mipv6RegnCareOfTestInitReceived OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION Expires: April 19, 2004 [Page 26] Internet Draft October 20, 2003 " " ::= { mipv6ARRegn 15 } mipv6RegnHomeTestInitReceived OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " " ::= { mipv6ARRegn 16 } mipv6RegnCareOfTestSent OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " " ::= { mipv6ARRegn 17 } mipv6RegnHomeTestSent OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " " ::= { mipv6ARRegn 18 } mipv6RegnBUReceived OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " " ::= { mipv6ARRegn 19 } mipv6RegnBURepliesSent OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " " ::= { mipv6ARRegn 20 } mipv6RegnBRReceived OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION Expires: April 19, 2004 [Page 27] Internet Draft October 20, 2003 " " ::= { mipv6ARRegn 21 } mipv6RegnBRRepliesSent OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " " ::= { mipv6ARRegn 22 } mipv6RegnMobilityBindingCount OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " " ::= { mipv6ARRegn 23 } mipv6RegnBRAdviceSent OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " " ::= { mipv6ARRegn 24 } mipv6RegnEncapsUnavailable OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by the home agent -- requested encapsulation unavailable (Code 72)." ::= { mipv6ARRegn 25 } mipv6RegnBindingErrors OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION " " ::= { mipv6ARRegn 26 } -- Mobile IP security association table Expires: April 19, 2004 [Page 28] Internet Draft October 20, 2003 cnCounterTable OBJECT-TYPE SYNTAX SEQUENCE OF CnCounterEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing CN counters." ::= { mipv6CNSystem 1 } cnCounterEntry OBJECT-TYPE SYNTAX CnCounterEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "One set of CN counters." INDEX { mipv6BindingHomeAddressType, mipv6BindingHomeAddress } ::= { cnCounterTable 1 } CnCounterEntry ::= SEQUENCE { cnServiceRequestsAccepted Counter32, cnServiceRequestsDenied Counter32, cnOverallServiceTime Counter32, cnRecentServiceAcceptedTime TimeStamp, cnRecentServiceDeniedTime TimeStamp, cnRecentServiceDeniedCode INTEGER } cnServiceRequestsAccepted OBJECT-TYPE --(Code 0+1) SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of binding acknowledgment messages sent with accepted by corespondent node. Values of the status field of the binding acknowledgment message is less than 128. " ::= { cnCounterEntry 1 } cnServiceRequestsDenied OBJECT-TYPE -- (Code 128 through Code 159) SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of binding service request refusal messages sent by corespondent node. Values of the Status field of Expires: April 19, 2004 [Page 29] Internet Draft October 20, 2003 the binding acknowledgment message is equal to or greater than 128. " ::= { cnCounterEntry 2 } cnOverallServiceTime OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Overall service time (in seconds) that has accumulated for the mobile node. " ::= { cnCounterEntry 3 } cnRecentServiceAcceptedTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The time at which the most recent binding update message was accepted by the corespondent node. " ::= { cnCounterEntry 4 } cnRecentServiceDeniedTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The time at which the most recent binding update message was denied by the corespondent node. " ::= { cnCounterEntry 5 } cnRecentServiceDeniedCode OBJECT-TYPE SYNTAX INTEGER { reasonUnspecified (128), admProhibited (129), insufficientResource (130), homeRegistrationNotSupported (131), notHomeSubnet (132), notHomeAgentForThisMobileNode (133), duplicateAddressDetectionFailed (134), sequenceNumberOutOfWindow (135), expiredHomeNonceIndex (136), expiredCareofNonceIndex (137), expiredNonces (138), Expires: April 19, 2004 [Page 30] Internet Draft October 20, 2003 registrationTypeChangeDisallowed(139) } MAX-ACCESS read-only STATUS current DESCRIPTION "The Code indicating the reason why the most recent Registration Request for this mobile node was rejected by the corespondent node. " ::= { cnCounterEntry 6 } -- Home agent group haAdvertisementsReceived OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of valid Router Advertisements received with the Home Agent (H) bit set on all the links on which it is serving as a Home Agent. " ::= { mipv6HAAdvertisement 1 } haAdvConfTable OBJECT-TYPE SYNTAX SEQUENCE OF HaAdvertConfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing configurable advertisement parameters for all interfaces on which the which the home agent service is advertised. " ::= { mipv6HAAdvertisement 2 } haAdvConfEntry OBJECT-TYPE SYNTAX HaAdvertConfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Advertisement parameters for one advertisement interface. " INDEX { ipv6IfIndex } ::= { haAdvConfTable 1 } HaAdvertConfEntry ::= SEQUENCE { haAdvLifetime Integer32, Expires: April 19, 2004 [Page 31] Internet Draft October 20, 2003 haAdvPreference Integer32 } haAdvLifetime OBJECT-TYPE SYNTAX Integer32 (1..65535) UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The lifetime value for the home agent to be used in the Router advertisements. " ::= { haAdvConfEntry 1 } haAdvPreference OBJECT-TYPE SYNTAX Integer32 (4..1800) MAX-ACCESS read-create STATUS current DESCRIPTION "The preference value for the home agent to be used in the Router advertisements. Higher value denotes greater preferable. " ::= { haAdvConfEntry 2 } -- Home agent registration Counters per node haCounterTable OBJECT-TYPE SYNTAX SEQUENCE OF HaCounterEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing registration statistics for all mobile nodes registered with the home agent. " ::= { mipv6HAStats 1 } haCounterEntry OBJECT-TYPE SYNTAX HaCounterEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "HA registration statistics for one mobile node." INDEX { mipv6BindingHomeAddressType, mipv6BindingHomeAddress } ::= { haCounterTable 1 } Expires: April 19, 2004 [Page 32] Internet Draft October 20, 2003 HaCounterEntry ::= SEQUENCE { haServiceRequestsAccepted Counter32, haServiceRequestsDenied Counter32, haOverallServiceTime Counter32, haRecentServiceAcceptedTime TimeStamp, haRecentServiceDeniedTime TimeStamp, haRecentServiceDeniedCode INTEGER } haServiceRequestsAccepted OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of service requests for the mobile node accepted by the home agent. " ::= { haCounterEntry 1 } haServiceRequestsDenied OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of service requests for the mobile node denied by the home agent. " ::= { haCounterEntry 2 } haOverallServiceTime OBJECT-TYPE SYNTAX Counter32 UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "Overall service time (in seconds) that has accumulated for the mobile node since the home agent last rebooted. " ::= { haCounterEntry 3 } haRecentServiceAcceptedTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The time at which the most recent Registration Request was accepted by the home agent for this mobile Expires: April 19, 2004 [Page 33] Internet Draft October 20, 2003 node." ::= { haCounterEntry 4 } haRecentServiceDeniedTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The time at which the most recent Registration Request was denied by the home agent for this mobile node." ::= { haCounterEntry 5 } haRecentServiceDeniedCode OBJECT-TYPE SYNTAX INTEGER { reasonUnspecified(128), admProhibited(129), insufficientResource(130), homeRegistrationNotSupported(131), notHomeSubnet(132), notHomeAgentForThisMobileNode(133), duplicateAddressDetectionFailed(134), sequenceNumberOutOfWindow(135), expiredHomeNonceIndex(136), expiredCareofNonceIndex(137), expiredNonces(138), registrationTypeChangeDisallowed(139) } MAX-ACCESS read-only STATUS current DESCRIPTION "The Code indicating the reason why the most recent Registration Request for this mobile node was rejected by the home agent." ::= { haCounterEntry 6 } -- Home Agent List Table haListTable OBJECT-TYPE SYNTAX SEQUENCE OF HaListEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains the list of all routers that are acting as home agents on each of the interfaces on which the home agent service is offered by this router. " Expires: April 19, 2004 [Page 34] Internet Draft October 20, 2003 ::= { mipv6HAAdvertisement 3 } haListEntry OBJECT-TYPE SYNTAX HaListEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information about a router offering the home agent service. " INDEX { ipv6IfIndex, haLinkLocalAddressType, haLinkLocalAddressType } ::= { haListTable 1 } HaListEntry ::= SEQUENCE { haLinkLocalAddressType InetAddressType, haLinkLocalAddress InetAddress, haGlobalAddressType InetAddressType, haGlobalAddress InetAddress, haPreference Integer32, haRecvLifeTime Gauge32, haRecvTimeStamp TimeStamp } haLinkLocalAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS not-accessible STATUS current DESCRIPTION "The address type for the link-local address of the home agent that follows. " ::= { haListEntry 1 } haLinkLocalAddress OBJECT-TYPE SYNTAX InetAddress (SIZE (16|20)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The link-local address of the home agent. " ::= { haListEntry 2 } haGlobalAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-only STATUS current DESCRIPTION "The address type for the global address of the Expires: April 19, 2004 [Page 35] Internet Draft October 20, 2003 home agent that follows. " ::= { haListEntry 3 } haGlobalAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The global address of the home agent. " ::= { haListEntry 4 } haPreference OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The preference value of this home agent. Higher values indicate a more preferable home agent. The preference value is obtained from the preference field of the received Router Advertisement. " ::= { haListEntry 5 } haRecvLifeTime OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The lifetime for this home agent. " ::= { haListEntry 6 } haRecvTimeStamp OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The time when the HA advertisement was received. " ::= { haListEntry 7 } -- -- Notifications -- Expires: April 19, 2004 [Page 36] Internet Draft October 20, 2003 mipv6Notifications OBJECT IDENTIFIER ::= { mipv6MIB 6 } mipv6HANotifications OBJECT IDENTIFIER ::= { mipv6Notifications 1 } mipv6MNRegistered NOTIFICATION-TYPE OBJECTS { mipv6BindingTimeCreated, mipv6BindingCOAType, mipv6BindingCOA } STATUS current DESCRIPTION "This notification is sent every time a mobile node registers with the home agent for the first time. Notifications will not be sent for subsequent updates and/or refreshes. " ::= { mipv6HANotifications 1 } mipv6MNMoved NOTIFICATION-TYPE OBJECTS { mipv6BindingTimeCreated, mipv6BindingCOAType, mipv6BindingCOA } STATUS current DESCRIPTION "This notification is sent every time a mobile node sends a binding update with a new Care-of address. Notifications will not be sent for subsequent updates and/or refreshes for the same Care-of address. " ::= { mipv6HANotifications 2 } mipv6MNBindingExpired NOTIFICATION-TYPE OBJECTS { mipv6BindingTimeCreated, mipv6BindingCOAType, mipv6BindingCOA } STATUS current DESCRIPTION "This notification is sent when a binding for the mobile node expires and no timely binding updates are received. " ::= { mipv6HANotifications 3 } Expires: April 19, 2004 [Page 37] Internet Draft October 20, 2003 -- Conformance information mipv6Conformance OBJECT IDENTIFIER ::= { mipv6MIB 7 } mipv6Groups OBJECT IDENTIFIER ::= { mipv6Conformance 1 } mipv6Compliances OBJECT IDENTIFIER ::= { mipv6Conformance 2 } -- Units of conformance mipv6SystemGroup OBJECT-GROUP OBJECTS { mipv6Entities, mipv6Enable, mipv6BindingCacheSupported } STATUS current DESCRIPTION " A collection of objects for basic mipv6 monitoring." ::= { mipv6Groups 1 } mipv6BindingCacheGroup OBJECT-GROUP OBJECTS { -- mipv6BindingHomeAddressType, -- mipv6BindingHomeAddress, mipv6BindingCOAType, mipv6BindingCOA, mipv6BindingMaxSeq, mipv6BindingTimeGranted, mipv6BindingTimeCreated, mipv6BindingTimeRemaining } STATUS current DESCRIPTION " A collection of objects for monitoring the Binding cache. " ::= { mipv6Groups 2 } mipv6BindingHstGroup OBJECT-GROUP OBJECTS { -- mipv6BindingHstHomeAddressType, -- mipv6BindingHstHomeAddress, mipv6BindingHstCOAType, mipv6BindingHstCOA, -- mipv6BindingHstIndex, mipv6BindingHstTimeStamp } STATUS current DESCRIPTION " A collection of objects for monitoring the Expires: April 19, 2004 [Page 38] Internet Draft October 20, 2003 binding history. This can be used to monitor the movement of the mobile node. " ::= { mipv6Groups 3 } mipv6TotalTrafficGroup OBJECT-GROUP OBJECTS { mipv6InOctets, mipv6InPkts, mipv6OutOctets, mipv6OutPkts } STATUS current DESCRIPTION " A collection of objects for monitoring the total MIPv6 traffic. " ::= { mipv6Groups 4 } mipv6NodeTrafficGroup OBJECT-GROUP OBJECTS { mipv6NodeInOctets, mipv6NodeInPkts, mipv6NodeOutOctets, mipv6NodeOutPkts } STATUS current DESCRIPTION " A collection of objects for monitoring the MIPv6 traffic due to a mobile node. " ::= { mipv6Groups 5 } mipv6MNSystemGroup OBJECT-GROUP OBJECTS { mnState, mnHomeAddressType, mnHomeAddress } STATUS current DESCRIPTION " A collection of objects for basic monitoring of the Mobile Node. " ::= { mipv6Groups 6 } mipv6MNDiscoveryGroup OBJECT-GROUP OBJECTS { Expires: April 19, 2004 [Page 39] Internet Draft October 20, 2003 mnAdvSourceAddress, mnAdvSourceAddressType, mnAdvMaxAdvLifetime, mnAdvTimeReceived, mnSolicitationsSent, mnAdvertisementsReceived, mnAdvertisementsIgnored, mnMoveFromFNToFN, mnMoveFromFNToHN, mnAgentRebootsDectected } STATUS current DESCRIPTION " A collection of objects for monitoring the advertisement related info on the Mobile Node. " ::= { mipv6Groups 7 } mipv6MNRegistrationGroup OBJECT-GROUP OBJECTS { -- mnBLNodeAddressType, -- mnBLNodeAddress, -- mnBLCOAType, -- mnBLCOA, mnBLMaxSeq, mnBLLifeTime, mnBLLifeTimeRemaining, mnBLTimeSent, mnBLIsAccepted, mnBLRetransmissions, mnBLRetransTime, mnControlMessagePackets, mnBUsToHA, mnBUAcksFromHA, mnBUToCN, mnBUAcksFromCN, mnBindingErrorsFromHA, mnBindingErrorsFromCN, mnICMPErrorReceived, mnBRRequestsReceived, mnBLDynamicAgentDiscoverySent } STATUS current DESCRIPTION " A collection of objects for monitoring the registration statistics for the mobile node. " Expires: April 19, 2004 [Page 40] Internet Draft October 20, 2003 ::= { mipv6Groups 8 } mipv6CNSystemGroup OBJECT-GROUP OBJECTS { cnServiceRequestsAccepted, cnServiceRequestsDenied, cnOverallServiceTime, cnRecentServiceAcceptedTime, cnRecentServiceDeniedTime, cnRecentServiceDeniedCode } STATUS current DESCRIPTION " A collection of objects for monitoring the control messages and corresponding statistics for each mobile node communicating with the Correspondent Node. " ::= { mipv6Groups 9 } mipv6HASystemGroup OBJECT-GROUP OBJECTS { haAdvertisementsReceived, haAdvLifetime, haAdvPreference } STATUS current DESCRIPTION " A collection of objects for monitoring the Advertisement related parameters and statistics for the Home Agent. " ::= { mipv6Groups 10 } mipv6HAListGroup OBJECT-GROUP OBJECTS { -- haLinkLocalAddressType, -- haLinkLocalAddress, haGlobalAddressType, haGlobalAddress, haPreference, haRecvLifeTime, haRecvTimeStamp } STATUS current Expires: April 19, 2004 [Page 41] Internet Draft October 20, 2003 DESCRIPTION " A collection of objects for monitoring Home Agent list on the Home Agent. " ::= { mipv6Groups 11 } mipv6HAStatsGroup OBJECT-GROUP OBJECTS { haServiceRequestsAccepted, haServiceRequestsDenied, haOverallServiceTime, haRecentServiceAcceptedTime, haRecentServiceDeniedTime, haRecentServiceDeniedCode } STATUS current DESCRIPTION " A collection of objects for monitoring registration related statistics on the Home Agent. " ::= { mipv6Groups 12 } mipv6ARStatsGroup OBJECT-GROUP OBJECTS { mipv6RegnBUAccepted, mipv6RegnPrefDiscoverReqd, mipv6RegnReasonUnspecified, mipv6RegnAdmProhibited, mipv6RegnInsufficientResource, mipv6RegnHomeRegnNotSupported, mipv6RegnNotHomeSubnet, mipv6RegnNotHomeAgentForThisMN, mipv6RegnDupAddrDetectionFailed, mipv6RegnSeqNumberOutOfWindow, mipv6RegnExpiredHomeNonceIndex, mipv6RegnExpiredCareOfNonceIndex, mipv6RegnExpiredNonce, mipv6RegnRegTypeChangeDisallowed, mipv6RegnCareOfTestInitReceived, mipv6RegnHomeTestInitReceived, mipv6RegnCareOfTestSent, mipv6RegnHomeTestSent, mipv6RegnBUReceived, mipv6RegnBURepliesSent, mipv6RegnBRReceived, mipv6RegnBRRepliesSent, mipv6RegnMobilityBindingCount, Expires: April 19, 2004 [Page 42] Internet Draft October 20, 2003 mipv6RegnBRAdviceSent, mipv6RegnEncapsUnavailable, mipv6RegnBindingErrors } STATUS current DESCRIPTION " A collection of objects for monitoring advertisement and registration statistics on a Home Agent or a Correspondent node. " ::= { mipv6Groups 13 } mipv6NotificationGroup OBJECT-GROUP OBJECTS { mipv6MNRegistered, mipv6MNMoved, mipv6MNBindingExpired } STATUS current DESCRIPTION " A collection of objects for sending Notifications from a Home Agent to the Manager about the status of a mobile node. " ::= { mipv6Groups 14 } -- Compliance statements mipv6CoreCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for SNMP entities which implement the MOBILE-IPV6-MIB." MODULE -- this module MANDATORY-GROUPS { mipv6SystemGroup } ::= { mipv6Compliances 1 } mipv6Compliance2 MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for SNMP entities which implement the MOBILE-IPV6-MIB and support monitoring of the BindingCache and the Total Traffic. " MODULE -- this module MANDATORY-GROUPS { mipv6SystemGroup, mipv6BindingCacheGroup, Expires: April 19, 2004 [Page 43] Internet Draft October 20, 2003 mipv6TotalTrafficGroup } ::= { mipv6Compliances 2 } mipv6Compliance3 MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for SNMP entities which implement the MOBILE-IPV6-MIB and support monitoring of the BindingCache, the Binding History, the total traffic and the mobile node-wide traffic. " MODULE -- this module MANDATORY-GROUPS { mipv6SystemGroup, mipv6BindingCacheGroup, mipv6BindingHstGroup, mipv6TotalTrafficGroup, mipv6NodeTrafficGroup } ::= { mipv6Compliances 3 } mipv6MNCoreCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for SNMP entities which implement the MOBILE-IPV6-MIB and support monitoring of the basic Mobile Node functionality. " MODULE -- this module MANDATORY-GROUPS { mipv6MNSystemGroup } ::= { mipv6Compliances 4 } mipv6MNCompliance2 MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for SNMP entities which implement the MOBILE-IPV6-MIB and support monitoring of the Mobile Node functionality specifically the Discovery and Registration related statistics, " MODULE -- this module MANDATORY-GROUPS { mipv6MNSystemGroup, mipv6MNDiscoveryGroup, mipv6MNRegistrationGroup Expires: April 19, 2004 [Page 44] Internet Draft October 20, 2003 } ::= { mipv6Compliances 5 } mipv6CNCoreCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for SNMP entities which implement the MOBILE-IPV6-MIB and support monitoring of the basic Correspondent Node functionality. " MODULE -- this module MANDATORY-GROUPS { mipv6CNSystemGroup } ::= { mipv6Compliances 6 } mipv6HACoreCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for SNMP entities which implement the MOBILE-IPV6-MIB and support monitoring of the basic Home Agent functionality. " MODULE -- this module MANDATORY-GROUPS { mipv6HASystemGroup } ::= { mipv6Compliances 8 } mipv6HACompliance2 MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for SNMP entities which implement the MOBILE-IPV6-MIB and support monitoring of the Home Agent functionality specifically the Home Agent list and the Home Agent Registration related statistics, " MODULE -- this module MANDATORY-GROUPS { mipv6HASystemGroup, mipv6HAListGroup, mipv6HAStatsGroup } ::= { mipv6Compliances 9 } mipv6ARCompliance2 MODULE-COMPLIANCE STATUS current DESCRIPTION Expires: April 19, 2004 [Page 45] Internet Draft October 20, 2003 "The compliance statement for SNMP entities which implement the MOBILE-IPV6-MIB and support monitoring of the Advertisement and Registration related statistics. " MODULE -- this module MANDATORY-GROUPS { mipv6ARStatsGroup } ::= { mipv6Compliances 10 } mipv6NotificationCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for SNMP entities which implement the MOBILE-IPV6-MIB and support Notification from HA to management stations about the mobile node status. " MODULE -- this module MANDATORY-GROUPS { mipv6NotificationGroup } ::= { mipv6Compliances 11 } END Expires: April 19, 2004 [Page 46] Internet Draft October 20, 2003 6. Intellectual Property The IETF takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on the IETF's procedures with respect to rights in standards-track and standards-related documentation can be found in BCP-11. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementors or users of this specification can be obtained from the IETF Secretariat. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may cover technology that may be required to practice this standard. Please address the information to the IETF Executive Director. 7. Acknowledgments This draft is the product of discussions and deliberations carried out in the WIDE-netman group. Expires: April 19, 2004 [Page 47] Internet Draft October 20, 2003 References [Normative References] [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999 [RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999 [RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999 [MIPv6] Johnson, D., Perkins, C., Arkko J., "Mobility Support in IPv6" draft-ietf-mobileip-ipv6-24.txt, work in progress, June 30, 2003. [Informative References] [RFC2570] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction to Version 3 of the Internet-standard Network Management Framework", RFC 2570, April 1999 [RFC2571] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for Describing SNMP Management Frameworks", RFC 2571, April 1999 [RFC2572] Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)", RFC 2572, April 1999 [RFC2573] Levi, D., Meyer, P., and B. Stewart, "SNMPv3 Applications", RFC 2573, April 1999 [RFC2574] Blumenthal, U., and B. Wijnen, "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 2574, April 1999 [RFC2575] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)", RFC 2575, April 1999. [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for the Internet-Standard Management Framework", RFC 3410, Expires: April 19, 2004 [Page 48] Internet Draft October 20, 2003 December 2002. Expires: April 19, 2004 [Page 49] Internet Draft October 20, 2003 Security Considerations There are a number of management objects defined in this MIB module with a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. These are the tables and objects and their sensitivity/vulnerability: mipv6Enable: This value of this object is used to enable or disable the mipv6 functionality on a mipv6 entity. Access to this MO may be abused to disrupt the mipv6 communication. haAdvLifetime: Access to this object may be abused to set the advertised lifetime to incorrect values. That will have an adverse impact on the mipv6 communication. haAdvPreference: Access to this object may be abused to force MNs into selecting the wrong HA. Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. These are the tables and objects and their sensitivity/vulnerability: The address related objects in this MIB may be considered to be particularly sensitive and/or private. The care of address related objects reveal the location and movement of the mobile node. This information may be considered to be private and sensitive and must be carefully handled. mipv6BindingHstCOAType mipv6BindingHstCOA mnBLCOAType mnBLCOA The mobile node's home address and home agent related information may be considered to be sensitive too as these may provide clues to a malicious party on ways to disrupt the mobile nodes communication channels. mipv6BindingHstHomeAddressType, mipv6BindingHstHomeAddress, mnHomeAddressType, mnHomeAddress The Correspondent node's addresses related MOs will reveal the nodes with whom the MN is corresponding. This information may be considered private and sensitive. Expires: April 19, 2004 [Page 50] Internet Draft October 20, 2003 mnBLNodeAddressType, mnBLNodeAddress SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPSec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module. It is RECOMMENDED that implementers consider the security features as provided by the SNMPv3 framework (see [RFC3410], section 8), including full support for the SNMPv3 cryptographic mechanisms (for authentication and privacy). Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them. Expires: April 19, 2004 [Page 51] Internet Draft October 20, 2003 Authors' Addresses Glenn Mansfield Keeni Cyber Solutions Inc. 6-6-3 Minami Yoshinari Aoba-ku, Sendai 989-3204 Japan Phone: +81-22-303-4012 EMail: glenn@cysols.com Kenichi Nagami INTEC NetCore Inc. 1-3-3, Shin-suna Koto-ku, Tokyo, 135-0075 Japan Phone: +81-3-5665-5069 E-mail: nagami@inetcore.com Kazuhide Koide Tohoku University Katahira Campus Sendai Japan Phone: +81-22-217-5454 E-mail: koide@shiratori.riec.tohoku.ac.jp Sri Gundavelli Cisco Systems 170 W.Tasman Drive, San Jose, CA 95134 USA Phone: 001-408-527-6109 Email: sgundave@cisco.com Expires: April 19, 2004 [Page 52] Internet Draft October 20, 2003 Full Copyright statement "Copyright (C) The Internet Society (2003). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implmentation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE." Expires: April 19, 2004 [Page 53]