Network Working Group Riza Cetin, Ed. Internet Draft Alcatel Thomas D. Nadeau, Ed. Cisco Systems, Inc. Expiration Date: Febuary 2006 August 2005 Multiprotocol Label Switching (MPLS) Traffic Engineering Management Information Base for Fast Reroute draft-ietf-mpls-fastreroute-mib-04.txt Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/1id-abstracts.html The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Abstract This memo defines a portion of the Management Information Base for use with network management protocols in the Internet community. In particular, it describes managed objects for Multiprotocol Label Switching fast rerouting. IETF MPLS WG Expires March 2006 [Page 1] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 Table of Contents Abstract...................................................2 1. Introduction...............................................2 2. Terminology................................................2 3. The Internet-Standard Management Framework.................3 4. Brief Description of MIB Objects...........................3 5. MPLS-FRR-STD-MIB DEFINITIONS...............................4 6. Acknowledgments...........................................30 7. Editors' Addresses........................................30 8. Contributors' Addresses...................................30 9 . Full Copyright Statement..................................30 10. Security Considerations...................................41 11. References...............................................29 11.1 Normative References......................................37 11.2 Informative References....................................37 12. IANA Considerations.......................................41 12.1 IANA Considerations for MPLS-FRR-STD-MIB..................41 13. Intellectual Property Statement...........................41 1. Introduction This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes managed objects for Multiprotocol Label Switching (MPLS) based fast rerouting. This MIB should be used in conjunction with [RFC3812] and [RFC3813]. Comments should be made directly to the MPLS mailing list at mpls@uu.net. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. 2. Terminology This document uses terminology from the document describing the MPLS architecture [RFC3031] and from the document describing MPLS Fast Reroute [RFC4090]. 3. The Internet-Standard Management Framework For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410]. IETF MPLS WG Expires March 2006 [Page 2] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580]. 4. Brief Description of MIB Objects. The objects described in this section support the detour functionality described in Section 3 of [RFC4090]. 4.1. mplsFrrConstTable This table contains fast-reroute constraints such as setup and holding priorities and bandwidth for a tunnel instance to be protected by using backup LSPs (detour LSPs or by-pass tunnels). This table is used at the ingress node of the protected tunnel instance to configure backup LSP setup constraints. 4.2. mplsFrrPLRTable The mplsFrrPLRTable is an optional table that contains lists of PLRs that initiated detour LSPs to protect tunnel instances. When detour LSPs initiated by different PLRs to protect the same tunnel instance, are merged together before entering an LSR then at this LSR, entries of those PLRs point to the same detour LSP entry in the mplsFrrDetourTable. 4.3. mplsFrrDetourTable The mplsFrrDetourTable shows the detour LSPs in each node (ingress, transit and egress nodes). An entry of this table represents a detour LSP. Each detour is identified by the following indexes: - mplsTunnelIndex [RFC3812]: set to the tunnel-id of an LSP protected by a detour. - mplsTunnelInstance [RFC3812]: consists of two parts 1) lower 16 bits: - protected tunnel instance IETF MPLS WG Expires March 2006 [Page 3] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 - uniquely identifies a protected LSP within a tunnel. 2) higher 16 bits: - detour instance - uniquely identifies a detour LSP of a protected tunnel instance. Multiple detours of the same protected LSP may go through the same node. In this case, higher 16 bits of the tunnel instance object is used as a detour instance. - ingress node's LSR ID (mplsFrrOne2OnePlrTunIngrLSRId): set to the ingress node of an LSP protected by a detour. - egress node's LSR ID (mplsFrrOne2OnePlrTunEgrLSRId): set to the egress node of an LSP protected by a detour. A detour LSP is also considered as an instance of a protected tunnel.Therefore, each detour LSP will have an entry in the mplsTunnelTable (defined in the MPLS-TE-STD-MIB[RFC3812]). In the mplsTunnelTable, higher 16 bits of the tunnel instance will be used as detour instance. Note that for the protected tunnel instances, higher 16 bits of the tunnel instance must be all zeros. This table is optional and is only required in case mplsFrrPLRTable is supported. 4.4. mplsFrrTunnelARHopTable This table extends mplsTunnelARHop table (defined in the MPLS-TE-STD-MIB) with fast-reroute objects which specifies the local protection type or types of availability as well as what type or types are actally in-use for each hop traversed by a protected tunnel. The support of this table is optional since not all MPLS signalling protocols may support mplsTunnelARHopTable. 5. MPLS Fast Reroute MIB Definitions MPLS-FRR-STD-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Integer32, Unsigned32, NOTIFICATION-TYPE, Gauge32 FROM SNMPv2-SMI -- [RFC2578] IETF MPLS WG Expires March 2006 [Page 4] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP FROM SNMPv2-CONF -- [RFC2580] TruthValue, RowStatus, StorageType FROM SNMPv2-TC -- [RFC2579] InterfaceIndex, InterfaceIndexOrZero FROM IF-MIB -- [RFC2863] MplsTunnelIndex, MplsTunnelInstanceIndex, MplsTunnelAffinity, MplsLsrIdentifier, mplsStdMIB FROM MPLS-TC-STD-MIB -- [RFC3811] mplsTunnelARHopEntry FROM MPLS-TE-STD-MIB -- [RFC3812] InetAddressType, InetAddress FROM INET-ADDRESS-MIB -- [RFC3291] ; mplsFrrMIB MODULE-IDENTITY LAST-UPDATED "200508011200Z" -- 01 August 2005 12:00:00 GMT ORGANIZATION "Multiprotocol Label Switching (MPLS) Working Group" CONTACT-INFO " Riza Cetin Email: riza.cetin@alcatel.be Thomas D. Nadeau Email: tnadeau@cisco.com Stefaan De Cnodder Email: Stefaan.de_cnodder@alcatel.be Der-Hwa Gan Email: dhg@juniper.net " DESCRIPTION "This MIB module contains managed object definitions for MPLS Fast Reroute (FRR) as defined in RFC4090." -- Revision history. REVISION "200508011200Z" -- 01 August 2005 12:00:00 GMT DESCRIPTION "Initial version. Published as RFC xxxx." -- RFC-editor pls fill in xxxx ::= { mplsStdMIB XXX } -- RFC-editor please fill in -- XXX with value assigned by IANA, -- see section 18.1 for details IETF MPLS WG Expires March 2006 [Page 5] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 -- Top level components of this MIB. mplsFrrNotif OBJECT IDENTIFIER ::= { mplsFrrMIB 0 } mplsFrrScalars OBJECT IDENTIFIER ::= { mplsFrrMIB 1 } mplsFrrObjects OBJECT IDENTIFIER ::= { mplsFrrMIB 2 } -- objects that work for either method of FRR mplsFrrGeneralObjects OBJECT IDENTIFIER ::= { mplsFrrObjects 1 } -- objects defined for 1-to-1 style FRR mplsFrrOne2OneObjects OBJECT IDENTIFIER ::= { mplsFrrObjects 2 } -- objects defined for Facility Backup style FRR mplsFrrFacObjects OBJECT IDENTIFIER ::= { mplsFrrObjects 3 } mplsFrrConformance OBJECT IDENTIFIER ::= { mplsFrrMIB 3 } -- MPLS Fast Reroute scalars. mplsFrrDetourIncoming OBJECT-TYPE SYNTAX Integer32 (-1|0..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The number of detour LSPs entering the device (greater than or equal to 0) if mplsFrrConstFrrProtectionMethod is set to oneToOneBackup(1), or -1 if mplsFrrConstFrrProtectionMethod is set to facilityBackup(2)." DEFVAL { 0 } ::= { mplsFrrScalars 1 } mplsFrrDetourOutgoing OBJECT-TYPE SYNTAX Integer32 (-1|0..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The number of detour LSPs leaving the device (greater than or equal to 0) if mplsFrrConstFrrProtectionMethod is set to oneToOneBackup(1), or -1 if mplsFrrConstFrrProtectionMethod is set to facilityBackup(2)." DEFVAL { 0 } ::= { mplsFrrScalars 2 } mplsFrrDetourOriginating OBJECT-TYPE SYNTAX Integer32(-1|0..2147483647) IETF MPLS WG Expires March 2006 [Page 6] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of detour LSPs originating at this PLR (greater than or equal to 0) if mplsFrrConstFrrProtectionMethod is set to oneToOneBackup(1). This object MUST return 01 if the mplsFrrConstFrrProtectionMethod is set to facilityBackup(2)." DEFVAL { 0 } ::= { mplsFrrScalars 3 } mplsFrrSwitchover OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of tunnel instances that are switched over to their corresponding detour LSP if mplsFrrConstFrrProtectionMethod is set to oneToOneBackup(1), or tunnel instances being switched over if mplsFrrConstFrrProtectionMethod is set to facilityBackup(2)." DEFVAL { 0 } ::= { mplsFrrScalars 4 } mplsFrrConfIfs OBJECT-TYPE SYNTAX Integer32(-1|0..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the number of MPLS interfaces configured for protection by the FRR feature if mplsFrrConstProtectionMethod is set to facilityBackup(2), otherwise this value MUST return -1 to indicate that LSPs traversing any interface may not be protected." DEFVAL { 0 } ::= { mplsFrrScalars 5 } mplsFrrActProtectedIfs OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the number of interfaces currently being protected by the FRR feature if mplsFrrConstFrrProtectionMethod is set to IETF MPLS WG Expires March 2006 [Page 7] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 facilityBackup(2), otherwise this value should return 0 to indicate that LSPs traversing any interface may not be protected. This value MUST be less than or equal to mplsFrrConfIfs." DEFVAL { 0 } ::= { mplsFrrScalars 6 } mplsFrrConfProtectedTuns OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the number of bypass tunnels configured to protect facilities on this LSR using the FRR feature if mplsFrrConstFrrProtectionMethod is set to facilityBackup(2), otherwise this value MUST return 0." DEFVAL { 0 } ::= { mplsFrrScalars 7 } mplsFrrActProtectedTuns OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the number of bypass tunnels indicated in mplsFrrConfProtectedTuns whose operStatus is up(1) indicating that they are currently protecting facilities on this LSR using the FRR feature. This object MUST return 0 if mplsFrrConstFrrProtectionMethod is set to oneToOneBackup(1)." DEFVAL { 0 } ::= { mplsFrrScalars 8 } mplsFrrActivelyProtectedLSPs OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the number of LSPs currently protected by the FRR feature on a per-device basis. If mplsFrrConstFrrProtectionMethod is set to oneToOneBackup(1) this object MUST return 0." DEFVAL { 0 } ::= { mplsFrrScalars 9 } mplsFrrConstFrrProtectionMethod OBJECT-TYPE IETF MPLS WG Expires March 2006 [Page 8] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 SYNTAX INTEGER { oneToOneBackup(1), facilityBackup(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates which protection method is to be used for fast reroute on this device. Some devices may require a reboot if this variable is to take affect after being modified." ::= { mplsFrrScalars 10 } mplsFrrNotifsEnabled OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Enables or disables FRR notifications defined in this MIB module. Notifications are disabled by default." DEFVAL { false } ::= { mplsFrrScalars 11 } mplsFrrNotifMaxRate OBJECT-TYPE SYNTAX Unsigned32 UNITS "milliseconds" MAX-ACCESS read-write STATUS current DESCRIPTION "This variable indicates the number of milliseconds that must elapse between notification emissions. If events occur more rapidly, the implementation may simply fail to emit these notifications during that period, or may queue them until an appropriate time in the future. A value of 0 means no minimum elapsed period is specified." DEFVAL { 0 } ::= { mplsFrrScalars 12 } -- -- General FRR Table Section -- -- These tables apply to both types of FRR -- and should be implemented by all LSRs supporting -- FRR. -- -- MPLS Fast Reroute Constraints table mplsFrrConstTable OBJECT-TYPE IETF MPLS WG Expires March 2006 [Page 9] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 SYNTAX SEQUENCE OF MplsFrrConstEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table shows backup LSP setup constraints." ::= { mplsFrrGeneralObjects 1 } mplsFrrConstEntry OBJECT-TYPE SYNTAX MplsFrrConstEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in this table represents detour LSP or bypass tunnel setup constraints for a tunnel instance to be protected by detour LSPs or a tunnel. Agents must allow entries in this table to be created only for tunnel instances that require fast-reroute. Entries indexed with mplsFrrConstIfIndex set to 0 apply to all interfaces on this device for which the FRR feature can operate on." INDEX { mplsFrrConstIfIndex, mplsFrrConstTunnelIndex, mplsFrrConstTunnelInstance } ::= { mplsFrrConstTable 1 } MplsFrrConstEntry ::= SEQUENCE { mplsFrrConstIfIndex InterfaceIndexOrZero, mplsFrrConstTunnelIndex MplsTunnelIndex, mplsFrrConstTunnelInstance MplsTunnelInstanceIndex, mplsFrrConstProtectionType INTEGER, mplsFrrConstSetupPrio Unsigned32, mplsFrrConstHoldingPrio Unsigned32, mplsFrrConstInclAnyAffinity MplsTunnelAffinity, mplsFrrConstInclAllAffinity MplsTunnelAffinity, mplsFrrConstExclAnyAffinity MplsTunnelAffinity, mplsFrrConstHopLimit Unsigned32, mplsFrrConstBandwidth Integer32, mplsFrrConstStorageType StorageType, mplsFrrConstRowStatus RowStatus } mplsFrrConstIfIndex OBJECT-TYPE SYNTAX InterfaceIndexOrZero MAX-ACCESS not-accessible STATUS current DESCRIPTION IETF MPLS WG Expires March 2006 [Page 10] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 "Uniquely identifies an interface for which a fast reroute protection tunnel is configured to potentially protect in the event of a fault. Entries with this index set to 0 indicates that the protection tunnel configured protects all interfaces on this device (i.e.: node protection)." ::= { mplsFrrConstEntry 1 } mplsFrrConstTunnelIndex OBJECT-TYPE SYNTAX MplsTunnelIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "Uniquely identifies a tunnel for which is configured to possibly protect the interface(s) specified by mplsFrrConstIfIndex in the event of a fault as must exist in the mplsTunnelTable." REFERENCE "mplsTunnelTable from RFC3812." ::= { mplsFrrConstEntry 2 } mplsFrrConstTunnelInstance OBJECT-TYPE SYNTAX MplsTunnelInstanceIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "Uniquely identifies an existing instance of this tunnel for which fast reroute is requested. Note that a value of 0 indicates that the configuration points at a tunnel head (as specified in RFC3812). This is typically how configuration of this feature is performed on devices where the actual protection LSP used is left up to the protecting tunnel. However, in cases where static configuration is possible, any valid tunnel instance is permissible. In these cases, it is recommended that the instance index follow the following convention as to make identication of backup LSPs easier: - lower 16 bits : protected tunnel instance - higher 16 bits: must be all zeros" ::= { mplsFrrConstEntry 3 } mplsFrrConstProtectionType OBJECT-TYPE SYNTAX INTEGER { linkProtection(1), nodeProtection(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "Indicates type of the resource protection: IETF MPLS WG Expires March 2006 [Page 11] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 linkProtection(1) indicates that this tunnel is setup to protect a particular link's resources. nodeProtection(2) indicates that this tunnel is setup to protect an entire node from failure. " DEFVAL { nodeProtection } ::= { mplsFrrConstEntry 4 } mplsFrrConstSetupPrio OBJECT-TYPE SYNTAX Unsigned32 (0..7) MAX-ACCESS read-create STATUS current DESCRIPTION "Indicates the setup priority of detour LSP." REFERENCE "RFC 3209" DEFVAL { 7 } ::= { mplsFrrConstEntry 5 } mplsFrrConstHoldingPrio OBJECT-TYPE SYNTAX Unsigned32 (0..7) MAX-ACCESS read-create STATUS current DESCRIPTION "Indicates the holding priority for detour LSP." REFERENCE "RFC 3209" DEFVAL { 0 } ::= { mplsFrrConstEntry 6 } mplsFrrConstInclAnyAffinity OBJECT-TYPE SYNTAX MplsTunnelAffinity MAX-ACCESS read-create STATUS current DESCRIPTION "A link satisfies the include-any constraint if and only if the constraint is zero, or the link and the constraint have a resource class in common." REFERENCE "RFC 3209" DEFVAL { 0 } ::= { mplsFrrConstEntry 7 } mplsFrrConstInclAllAffinity OBJECT-TYPE SYNTAX MplsTunnelAffinity MAX-ACCESS read-create IETF MPLS WG Expires March 2006 [Page 12] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 STATUS current DESCRIPTION "A link satisfies the include-all constraint if and only if the link contains all of the administrative groups specified in the constraint." REFERENCE "RFC 3209" DEFVAL { 0 } ::= { mplsFrrConstEntry 8 } mplsFrrConstExclAnyAffinity OBJECT-TYPE SYNTAX MplsTunnelAffinity MAX-ACCESS read-create STATUS current DESCRIPTION "A link satisfies the exclude-all constraint if and only if the link contains none of the administrative groups specified in the constraint." REFERENCE "RFC 3209" DEFVAL { 0 } ::= { mplsFrrConstEntry 9 } mplsFrrConstHopLimit OBJECT-TYPE SYNTAX Unsigned32 (1..255) MAX-ACCESS read-create STATUS current DESCRIPTION "The maximum number of hops that the detour LSP may traverse." REFERENCE "RFC4090." DEFVAL { 32 } ::= { mplsFrrConstEntry 10 } mplsFrrConstBandwidth OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "This variable represents the bandwidth for detour LSPs of this tunnel, in units of thousands of bits per second (Kbps)." DEFVAL { 0 } ::= { mplsFrrConstEntry 11 } mplsFrrConstStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current IETF MPLS WG Expires March 2006 [Page 13] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 DESCRIPTION "The storage type for this configuration entry. Conceptual rows having the value 'permanent' need not allow write-access to any columnar objects in the row." REFERENCE "RFC2579" DEFVAL { volatile } ::= { mplsFrrConstEntry 12 } mplsFrrConstRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object is used to create, modify, and/or delete a row in this table." ::= { mplsFrrConstEntry 13 } -- MPLS Fast Reroute Tunnel Actual Route Hop table mplsFrrTunARHopTable OBJECT-TYPE SYNTAX SEQUENCE OF MplsFrrTunARHopEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table extends mplsTunnelARHop table defined in the MPLS-TE-STD-MIB with fast-reroute objects which specifies the status of local protection (availability and in-use) per-hop traversed by a protected tunnel." ::= { mplsFrrGeneralObjects 2 } mplsFrrTunARHopEntry OBJECT-TYPE SYNTAX MplsFrrTunARHopEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This entry contains fast-reroute protection status of a single protected tunnel hop." AUGMENTS { mplsTunnelARHopEntry } ::= { mplsFrrTunARHopTable 1 } MplsFrrTunARHopEntry ::= SEQUENCE { mplsFrrTunARHopProtectType BITS, mplsFrrTunARHopProtectTypeInUse BITS } mplsFrrTunARHopProtectType OBJECT-TYPE IETF MPLS WG Expires March 2006 [Page 14] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 SYNTAX BITS { path(0), node(1), link(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the protection type or types of the associated path hop object. Note that since this object is a BITS type, one, none or all of the bits may be set to indicate various combinations of protection types." ::= { mplsFrrTunARHopEntry 1 } mplsFrrTunARHopProtectTypeInUse OBJECT-TYPE SYNTAX BITS { path(0), node(1), link(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the protection type or types that are currently in use by the associated path hop object. Note that since this object is a BITS type, one, none or all of the bits may be set to indicate various combinations of protection types. If no bits are set, this indicates that no protection types are in use." ::= { mplsFrrTunARHopEntry 2 } -- -- One-to-One Specific Tables -- -- Tables in this section pertain only to the 1-1 -- style of FRR. -- -- MPLS Fast Reroute Point of Local Repair table mplsFrrOne2OnePlrTable OBJECT-TYPE SYNTAX SEQUENCE OF MplsFrrOne2OnePlrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table shows the lists of PLRs that initiated detour LSPs which affect this node." ::= { mplsFrrOne2OneObjects 1 } mplsFrrOne2OnePlrEntry OBJECT-TYPE SYNTAX MplsFrrOne2OnePlrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in this table represents a PLR together with its IETF MPLS WG Expires March 2006 [Page 15] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 detour instance. An entry in this table is only created by an SNMP agent as instructed by an MPLS signaling protocol." INDEX { mplsFrrOne2OnePlrTunIdx, -- from MPLS-TE-STD-MIB mplsFrrOne2OnePlrTunDetourInst,-- mplsTunnelTable mplsFrrOne2OnePlrTunIngrLSRId, -- Tunnels must exist mplsFrrOne2OnePlrTunEgrLSRId, -- a priori mplsFrrOne2OnePlrId } ::= { mplsFrrOne2OnePlrTable 1 } MplsFrrOne2OnePlrEntry ::= SEQUENCE { mplsFrrOne2OnePlrTunIdx MplsTunnelIndex, mplsFrrOne2OnePlrTunDetourInst MplsTunnelInstanceIndex, mplsFrrOne2OnePlrTunIngrLSRId MplsLsrIdentifier, mplsFrrOne2OnePlrTunEgrLSRId MplsLsrIdentifier, mplsFrrOne2OnePlrId MplsLsrIdentifier, mplsFrrOne2OnePlrSenderAddrType InetAddressType, mplsFrrOne2OnePlrSenderAddr InetAddress, mplsFrrOne2OnePlrAvoidNAddrType InetAddressType, mplsFrrOne2OnePlrAvoidNAddr InetAddress } mplsFrrOne2OnePlrTunIdx OBJECT-TYPE SYNTAX MplsTunnelIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "Uniquely identifies a tunnel between a pair of LSRs from the mplsTunnelEntry." ::= { mplsFrrOne2OnePlrEntry 1 } mplsFrrOne2OnePlrTunDetourInst OBJECT-TYPE SYNTAX MplsTunnelInstanceIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "Uniquely identifies a detour instance of a tunnel from the mplsTunnelEntry. - lower 16 bits : protected tunnel instance - higher 16 bits: detour instance" ::= { mplsFrrOne2OnePlrEntry 2 } mplsFrrOne2OnePlrTunIngrLSRId OBJECT-TYPE SYNTAX MplsLsrIdentifier MAX-ACCESS not-accessible STATUS current DESCRIPTION "The purpose of this object is to uniquely identity a IETF MPLS WG Expires March 2006 [Page 16] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 tunnel within a network. When the MPLS signalling protocol is rsvp(2) this value SHOULD mimic the Extended Tunnel Id field in the SESSION object. When the MPLS signalling protocol is crldp(3) this value SHOULD mimic the Ingress LSR Router ID field in the LSPID TLV object." REFERENCE "RFC3209, RFC3212" ::= { mplsFrrOne2OnePlrEntry 3 } mplsFrrOne2OnePlrTunEgrLSRId OBJECT-TYPE SYNTAX MplsLsrIdentifier MAX-ACCESS not-accessible STATUS current DESCRIPTION "Specifies the egress LSR ID." ::= { mplsFrrOne2OnePlrEntry 4 } mplsFrrOne2OnePlrId OBJECT-TYPE SYNTAX MplsLsrIdentifier MAX-ACCESS not-accessible STATUS current DESCRIPTION "This value represents the PLR that has initiated a detour LSP to protect a tunnel instance." ::= { mplsFrrOne2OnePlrEntry 5 } mplsFrrOne2OnePlrSenderAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "Denotes the address type of this detour instance's sender address." DEFVAL { ipv4 } ::= { mplsFrrOne2OnePlrEntry 6 } mplsFrrOne2OnePlrSenderAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-create STATUS current DESCRIPTION "If mplsFrrOne2OnePlrSenderAddrType is set to ipv4(1), then this value will contain the IPv4 address of this detour instance's sender. This object is otherwise insignificant and should contain a value of 0." ::= { mplsFrrOne2OnePlrEntry 7 } IETF MPLS WG Expires March 2006 [Page 17] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 mplsFrrOne2OnePlrAvoidNAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-only STATUS current DESCRIPTION "Denotes the address type of the node that this PLR tries to avoid." DEFVAL { ipv4 } ::= { mplsFrrOne2OnePlrEntry 8 } mplsFrrOne2OnePlrAvoidNAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-only STATUS current DESCRIPTION "If mplsFrrOne2OnePlrAvoidNAddrType is set to ipv4(1), then this value will contain the IPv4 address of the avoid node. This object is otherwise insignificant and should contain a value of 0.0.0.0, which should be ignored." ::= { mplsFrrOne2OnePlrEntry 9 } -- MPLS One-To-One Fast Reroute Detour table. mplsFrrDetourTable OBJECT-TYPE SYNTAX SEQUENCE OF MplsFrrDetourEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table shows detour LSPs." ::= { mplsFrrOne2OneObjects 2 } mplsFrrDetourEntry OBJECT-TYPE SYNTAX MplsFrrDetourEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in this table represents a detour. An entry in this table is only created by an SNMP agent as instructed by an MPLS signaling protocol. " INDEX { mplsFrrOne2OnePlrTunIdx, -- from MPLS-TE-STD-MIB mplsFrrOne2OnePlrTunDetourInst, -- mplsTunnelTable mplsFrrOne2OnePlrTunIngrLSRId, -- Tunnels must exist mplsFrrOne2OnePlrTunEgrLSRId -- a priori } ::= { mplsFrrDetourTable 1 } IETF MPLS WG Expires March 2006 [Page 18] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 MplsFrrDetourEntry ::= SEQUENCE { mplsFrrDetourActive TruthValue, mplsFrrDetourMerging INTEGER, mplsFrrDetourMergedDetourInst MplsTunnelInstanceIndex } mplsFrrDetourActive OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates whether or not the main LSP has switched over to this detour LSP. This is only relevant for detours originated by this node." ::= { mplsFrrDetourEntry 1 } mplsFrrDetourMerging OBJECT-TYPE SYNTAX INTEGER { none(1), protectedTunnel(2), detour(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "This value represents whether or not this detour is merged. This value MUST be set to none(1) if this detour is not merged. This value MUST be set to protectedTunnel(2) if this detour is merged with the protected tunnel. This value MUST be set to detour(3) if this detour is merged with another detour protecting the same tunnel." ::= { mplsFrrDetourEntry 2 } mplsFrrDetourMergedDetourInst OBJECT-TYPE SYNTAX MplsTunnelInstanceIndex MAX-ACCESS read-only STATUS current DESCRIPTION "This value represents the instance of the detour with which this detour is merged. This object is only valid when mplsFrrDetourMerging is set to detour(3). - lower 16 bits : protected tunnel instance - higher 16 bits: detour instance" ::= { mplsFrrDetourEntry 3 } -- IETF MPLS WG Expires March 2006 [Page 19] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 -- Facility-based FRR-specific Tables -- mplsFrrFacRouteDBTable OBJECT-TYPE SYNTAX SEQUENCE OF MplsFrrFacRouteDBEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The mplsFrrDBTable provides information about the fast reroute database. Each entry belongs to an interface, protecting backup tunnel and protected tunnel. MPLS interfaces defined on this node are protected by backup tunnels and are indexed by mplsInterfaceConfIndex. Backup tunnels defined to protect the tunnels traversing an interface, and are indexed by mplsTunnelIndex. Note that the tunnel instance index is not required, since it is implied to be 0, which indicates the tunnel head interface for the protecting tunnel. The protecting tunnel is defined to exist on the PLR in the FRR specification. Protected tunnels are the LSPs that traverse the protected link. These LSPs are uniquely identified by mplsTunnelIndex, mplsTunnelInstance, mplsTunnelIngressLSRId, and mplsTunnelEgressLSRId." REFERENCE "RFC3812" ::= { mplsFrrFacObjects 1 } mplsFrrFacRouteDBEntry OBJECT-TYPE SYNTAX MplsFrrFacRouteDBEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the mplsFrrDBTable represents a single protected LSP, protected by a backup tunnel and defined for a specific protected interface. Note that for brevity, managers should consult the mplsTunnelTable present in the MPLS-TE-STD-MIB for additional information about the protecting and protected tunnels, and the ifEntry in the IF-MIB for the protected interface." REFERENCE "RFC3812" INDEX { mplsFrrFacRouteProtIfIdx, -- from MPLS-TE-STD-MIB mplsFrrFacRouteProtTunIdx, -- from MPLS-TE-STD-MIB mplsFrrFacRouteBkupTunIdx, -- from MPLS-TE-STD-MIB mplsFrrFacRouteBkupTunInst, -- mplsTunnelTable IETF MPLS WG Expires March 2006 [Page 20] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 mplsFrrFacRouteBkupTunIngrLSRId, -- Tunnels must exist mplsFrrFacRouteBkupTunEgrLSRId } -- a priori ::= { mplsFrrFacRouteDBTable 1 } MplsFrrFacRouteDBEntry ::= SEQUENCE { mplsFrrFacRouteProtIfIdx InterfaceIndex, mplsFrrFacRouteProtTunIdx MplsTunnelIndex, mplsFrrFacRouteBkupTunIdx MplsTunnelIndex, mplsFrrFacRouteBkupTunInst MplsTunnelInstanceIndex, mplsFrrFacRouteBkupTunIngrLSRId MplsLsrIdentifier, mplsFrrFacRouteBkupTunEgrLSRId MplsLsrIdentifier, mplsFrrFacRouteDBNumProtTunOnIf Gauge32, mplsFrrFacRouteDBNumProtLspOnIf Gauge32, mplsFrrFacRouteDBNumProtTun Gauge32, mplsFrrFacRouteDBProtTunStatus INTEGER, mplsFrrFacRouteDBProtTunResvBw Unsigned32 } mplsFrrFacRouteProtIfIdx OBJECT-TYPE SYNTAX InterfaceIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "Uniquely identifies the interface configured for FRR protection." ::= { mplsFrrFacRouteDBEntry 1 } mplsFrrFacRouteProtTunIdx OBJECT-TYPE SYNTAX MplsTunnelIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "Uniquely identifies the mplsTunnelEntry primary index for the tunnel head interface designated to protect the interface as specified in the mplsFrrFacRouteIfProtIdx (and all of the tunnels using this interface)." ::= { mplsFrrFacRouteDBEntry 2 } mplsFrrFacRouteBkupTunIdx OBJECT-TYPE SYNTAX MplsTunnelIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "Uniquely identifies an mplsTunnelEntry that is being protected by FRR." ::= { mplsFrrFacRouteDBEntry 3 } mplsFrrFacRouteBkupTunInst OBJECT-TYPE IETF MPLS WG Expires March 2006 [Page 21] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 SYNTAX MplsTunnelInstanceIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "Uniquely identifies an mplsTunnelEntry that is being protected by FRR." ::= { mplsFrrFacRouteDBEntry 4 } mplsFrrFacRouteBkupTunIngrLSRId OBJECT-TYPE SYNTAX MplsLsrIdentifier MAX-ACCESS not-accessible STATUS current DESCRIPTION "Uniquely identifies an mplsTunnelEntry that is being protected by FRR." REFERENCE "RFC3209, RFC3212" ::= { mplsFrrFacRouteDBEntry 5 } mplsFrrFacRouteBkupTunEgrLSRId OBJECT-TYPE SYNTAX MplsLsrIdentifier MAX-ACCESS not-accessible STATUS current DESCRIPTION "Uniquely identifies an mplsTunnelEntry that is being protected by FRR." ::= { mplsFrrFacRouteDBEntry 6 } mplsFrrFacRouteDBNumProtTunOnIf OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of backup tunnels protecting the specified interface." ::= { mplsFrrFacRouteDBEntry 7 } mplsFrrFacRouteDBNumProtLspOnIf OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of LSPs currently being protected on the specified interface." ::= { mplsFrrFacRouteDBEntry 8 } mplsFrrFacRouteDBNumProtTun OBJECT-TYPE SYNTAX Gauge32 IETF MPLS WG Expires March 2006 [Page 22] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of tunnels protected on this interface." ::= { mplsFrrFacRouteDBEntry 9 } mplsFrrFacRouteDBProtTunStatus OBJECT-TYPE SYNTAX INTEGER { active(1), ready(2), partial(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the state of the protected tunnel. active This tunnel's label has been placed in the LFIB and is ready to be applied to incoming packets. ready - This tunnel's label entry has been created but is not yet in the LFIB. partial - This tunnel's label entry as not been fully created." ::= { mplsFrrFacRouteDBEntry 10 } mplsFrrFacRouteDBProtTunResvBw OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the amount of bandwidth in megabytes per second that is actually reserved by the protection tunnel for facility backup. This value is repeated here from the MPLS- TE-STD-MIB because the tunnel entry will reveal the bandwidth reserved by the signaling protocol, which is typically 0 for backup tunnels so as to not over-book bandwidth. However, internal reservations are typically made on the PLR, thus this value should be revealed here as it is often different from the one found in the MPLS-TE-STD-MIB." ::= { mplsFrrFacRouteDBEntry 11 } -- Notifications mplsFrrProtected NOTIFICATION-TYPE IETF MPLS WG Expires March 2006 [Page 23] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 OBJECTS { mplsFrrFacRouteDBNumProtTunOnIf, mplsFrrFacRouteDBNumProtLspOnIf, mplsFrrFacRouteDBNumProtTun, mplsFrrFacRouteDBProtTunStatus, mplsFrrFacRouteDBProtTunResvBw } STATUS current DESCRIPTION "This notification is generated when a tunnel running over an interface as specified in the mplsFrrConstTable is initially protected by the backup tunnel also specified in the mplsFrrConstTable. This notification should not be generated for each subsequent tunnel that is backed up by the FRR feature on this LSR, as this may result in potential scaling issues with regard to LSR performance and network loading. Note also that notifications MUST be generated in accordance with the mplsFrrNotifMaxRate." ::= { mplsFrrNotif 1 } mplsFrrUnProtected NOTIFICATION-TYPE OBJECTS { mplsFrrFacRouteDBNumProtTunOnIf, mplsFrrFacRouteDBNumProtLspOnIf, mplsFrrFacRouteDBNumProtTun, mplsFrrFacRouteDBProtTunStatus, mplsFrrFacRouteDBProtTunResvBw } STATUS current DESCRIPTION "This notification is generated when the final tunnel that is being protected by a backup tunnel as specified in the mplsFrrConstTable is restored to normal operation. This notification should not be generated for each restored tunnel, as this may result in potential scaling issues with regard to LSR performance and network loading. Note also that notifications MUST be generated in accordance with the mplsFrrNotifMaxRate." ::= { mplsFrrNotif 2 } -- Module Conformance Statement mplsFrrGroups OBJECT IDENTIFIER ::= {mplsFrrConformance 1 } mplsFrrCompliances OBJECT IDENTIFIER ::= {mplsFrrConformance 2 } mplsFrrModuleFullCompliance MODULE-COMPLIANCE IETF MPLS WG Expires March 2006 [Page 24] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 STATUS current DESCRIPTION "Compliance statements for agents that support the MPLS FRR MIB." MODULE IF-MIB -- The Interfaces Group MIB, RFC 2863. MANDATORY-GROUPS { ifGeneralInformationGroup, ifCounterDiscontinuityGroup } MODULE MPLS-TE-STD-MIB -- The MPLS Traffic Engineering -- MIB, RFC 3812 MANDATORY-GROUPS { mplsTunnelGroup, mplsTunnelScalarGroup } MODULE -- this module MANDATORY-GROUPS { mplsFrrScalarGroup, mplsFrrTunARHopGroup, mplsFrrConstGroup } OBJECT mplsFrrConstRowStatus SYNTAX RowStatus { active(1), notInService(2) } WRITE-SYNTAX RowStatus { active(1), notInService(2), createAndGo(4), destroy(6) } DESCRIPTION "Support for createAndWait and notReady is not required." GROUP mplsFrrOne2OnePLRDetourGroup DESCRIPTION "This group is mandatory for devices which support the one-to-one FRR mechanism, and is optional for those which do not." GROUP mplsFrrOne2OnePlrGroup DESCRIPTION "This group is mandatory for devices which support the one-to-one FRR mechanism, and is optional for those which do not." GROUP mplsFrrFacRouteDBGroup DESCRIPTION "This group is mandatory for devices which support IETF MPLS WG Expires March 2006 [Page 25] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 the Facility Backup FRR mechanism, and is optional for those which do not." GROUP mplsFrrNotifGroup DESCRIPTION "This group is mandatory for devices which support the Facility Backup FRR mechanism, and is optional for those which do not." ::= { mplsFrrCompliances 1 } mplsFrrModuleReadOnlyCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "Compliance statements for agents that support the MPLS FRR MIB." MODULE MANDATORY-GROUPS { mplsFrrScalarGroup, mplsFrrTunARHopGroup, mplsFrrConstGroup } GROUP mplsFrrOne2OnePLRDetourGroup DESCRIPTION "This group is mandatory for devices which support the one-to-one FRR mechanism, and is optional for those which do not." GROUP mplsFrrOne2OnePlrGroup DESCRIPTION "This group is mandatory for devices which support the one-to-one FRR mechanism, and is optional for those which do not." GROUP mplsFrrFacRouteDBGroup DESCRIPTION "This group is mandatory for devices which support the Facility Backup FRR mechanism, and is optional for those which do not." GROUP mplsFrrNotifGroup DESCRIPTION "This group is mandatory for devices which support the Facility Backup FRR mechanism, and is optional for those which do not." -- mplsFrrConstTable IETF MPLS WG Expires March 2006 [Page 26] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 OBJECT mplsFrrConstFrrProtectionMethod MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mplsFrrConstProtectionType MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mplsFrrConstSetupPrio MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mplsFrrConstHoldingPrio MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mplsFrrConstInclAnyAffinity MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mplsFrrConstInclAllAffinity MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mplsFrrConstHopLimit MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mplsFrrConstBandwidth MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mplsFrrConstStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mplsFrrConstRowStatus IETF MPLS WG Expires March 2006 [Page 27] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 MIN-ACCESS read-only DESCRIPTION "Write access is not required." ::= { mplsFrrCompliances 2 } -- Units of conformance mplsFrrScalarGroup OBJECT-GROUP OBJECTS { mplsFrrDetourIncoming, mplsFrrDetourOutgoing, mplsFrrDetourOriginating, mplsFrrSwitchover, mplsFrrConfIfs, mplsFrrActProtectedIfs, mplsFrrConfProtectedTuns, mplsFrrActProtectedTuns, mplsFrrActivelyProtectedLSPs, mplsFrrConstFrrProtectionMethod, mplsFrrNotifsEnabled, mplsFrrNotifMaxRate } STATUS current DESCRIPTION "Objects that are required to gather fast reroute statistics." ::= { mplsFrrGroups 1 } mplsFrrConstGroup OBJECT-GROUP OBJECTS { mplsFrrConstProtectionType, mplsFrrConstSetupPrio, mplsFrrConstHoldingPrio, mplsFrrConstInclAnyAffinity, mplsFrrConstInclAllAffinity, mplsFrrConstExclAnyAffinity, mplsFrrConstHopLimit, mplsFrrConstBandwidth, mplsFrrConstStorageType, mplsFrrConstRowStatus } STATUS current DESCRIPTION "Objects that are required to configure fast reroute constraints at the ingress LSR of the tunnel that requires fast reroute service." ::= { mplsFrrGroups 2 } IETF MPLS WG Expires March 2006 [Page 28] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 mplsFrrTunARHopGroup OBJECT-GROUP OBJECTS { mplsFrrTunARHopProtectType, mplsFrrTunARHopProtectTypeInUse } STATUS current DESCRIPTION "Objects that are required to present per hop fast-reroute protection status." ::= { mplsFrrGroups 3} mplsFrrOne2OnePLRDetourGroup OBJECT-GROUP OBJECTS { mplsFrrDetourActive, mplsFrrDetourMerging, mplsFrrDetourMergedDetourInst } STATUS current DESCRIPTION "Objects that are required to present the detour LSP information at the detour ingress, transit and egress LSRs." ::= { mplsFrrGroups 4 } mplsFrrOne2OnePlrGroup OBJECT-GROUP OBJECTS { mplsFrrOne2OnePlrSenderAddrType, mplsFrrOne2OnePlrSenderAddr, mplsFrrOne2OnePlrAvoidNAddrType, mplsFrrOne2OnePlrAvoidNAddr } STATUS current DESCRIPTION "Objects that are required to represent the FRR One-2-One PLR information." ::= { mplsFrrGroups 5 } mplsFrrFacRouteDBGroup OBJECT-GROUP OBJECTS { mplsFrrFacRouteDBNumProtTunOnIf, mplsFrrFacRouteDBNumProtLspOnIf, mplsFrrFacRouteDBNumProtTun, mplsFrrFacRouteDBProtTunStatus, mplsFrrFacRouteDBProtTunResvBw } STATUS current DESCRIPTION "Objects that are required to represent the FRR Facility Route Database information." ::= { mplsFrrGroups 6 } IETF MPLS WG Expires March 2006 [Page 29] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 mplsFrrNotifGroup NOTIFICATION-GROUP NOTIFICATIONS { mplsFrrProtected, mplsFrrUnProtected } STATUS current DESCRIPTION "Objects that are required to represent FRR notifications." ::= { mplsFrrGroups 7 } END -- End of MPLS-FRR-STD-MIB 6. Acknowledgments We would like to thank Alia Atlas, Yeong Tai, Walter Vanhimbeeck, Mike Piecuch, Adrien Grise, and Kiran Koushik for the helpful discussions and contributions to this document. 7. Editors' Addresses Riza Cetin Alcatel Francis Wellesplein 1 B-2018 Antwerp, Belgium Email: riza.cetin@alcatel.be Thomas D. Nadeau Cisco Systems, Inc. 300 Beaverbrook Drive Boxborough, MA Phone: +1-978-936-1470 Email: tnadeau@cisco.com 8. Contributors' Addresses Stefaan De Cnodder Alcatel Francis Wellesplein 1 B-2018 Antwerp, Belgium Email: stefaan.de_cnodder@alcatel.be Der-Hwa Gan Juniper Networks, Inc. 1194 N. Mathilda Avenue Sunnyvale, CA 94089 IETF MPLS WG Expires March 2006 [Page 30] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 Email: dhg@juniper.net 9. Full Copyright Statement Copyright (C) The Internet Society (2005). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 10. Security Considerations It is clear that these MIB modules are potentially useful for monitoring of MPLS LSRs supporting fast reroute. This MIB module can also be used for configuration of certain objects, and anything that can be configured can be incorrectly configured, with potentially disastrous results. There are a number of management objects defined in this MIB module with a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. These are the tables and objects and their sensitivity/vulnerability: o the mplsFrrConst table and some objects in the mplsFrrScalarGroup contain objects which may be used to provision MPLS fast reroute features. Unauthorized access to these objects could result in disruption of traffic on the network. This is especially true if the objects in question refer to previously provisioned protection tunnels and configuration. The use of stronger mechanisms such as SNMPv3 security should be considered where possible. Specifically, SNMPv3 VACM and USM MUST be used with any v3 agent which implements this MIB module. Administrators should consider whether read access to these objects should be allowed, since read access may be undesirable under certain IETF MPLS WG Expires March 2006 [Page 31] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 circumstances. Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. These are the tables and objects and their sensitivity/vulnerability: o the mplsFrrPLRTable, mplsFrrDetourTable, and mplsFrrTunnelARHopTable tables and some objects contained in the mplsFrrScalarGroup collectively show the MPLS fast reroute interfaces, tunnels, and other associated fast reroute feature configurations as well as their linkages to other MPLS-related configuration and/or performanc statistics. Administrators not wishing to reveal this information should consider these objects sensitive/vulnerable and take precautions so they are not revealed. SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPSec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module. It is RECOMMENDED that implementers consider the security features as provided by the SNMPv3 framework (see [RFC3410], section 8), including full support for the SNMPv3 cryptographic mechanisms (for authentication and privacy). Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module, is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them. 11. References 11.1 Normative References [RFC4090] Pan, P., Swallow, G., Atlas, A., "Fast Reroute Extensions to RSVP-TE for LSP Tunnels", RFC4090, May 2005. IETF MPLS WG Expires March 2006 [Page 32] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 [RFC3812] Srinivasan, C., Viswanathan, A. and T. Nadeau, "Multiprotocol Label Switching (MPLS) Traffic Engineering Management Information Base", RFC 3814, June 2004 [RFC3813] Srinivasan, C., Viswanathan, A. and Nadeau, T., "MPLS Label Switch Router Management Information Base ", RFC 3813, June 2004 [RFC3811] Nadeau, T. and J. Cucchiara, "Definition of Textual Conventions and for Multiprotocol Label Switching (MPLS) Management", RFC 3811, June 2004. [RFC2119] S. Bradner, "Key Words for use in RFCs to Indicate Requirement Levels", RFC 2119, BCP 14, March 1997. [RFC3291] Daniele, M., Haberman, B., Routhier, S., and J. Schoenwaelder, "TextualConventions for Internet Network Addresses", RFC 3291, May 2002. [RFC2863] McCloghrie, K. and F. Kastenholtz, "The Interfaces Group MIB ", RFC 2863, June 2000. [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999. 11.2 Informative Referencse [RFC3031] Rosen, E., Viswanathan, A., and R. Callon, "Multiprotocol Label Switching Architecture", RFC 3031, January 2001. [RFC3410] Case, J., Mundy, R., Partain, D. and B. Stewart, "Introduction and Applicability Statements for Internet-Standard Management Framework", RFC 3410, December 2002. [RFC2434] Narten, T. and H. Alvestrand., "Guidelines for Writing an IETF MPLS WG Expires March 2006 [Page 33] Internet Draft MPLS-FRR-STD-MIB August 19, 2005 IANA Considerations Section in RFCs", BCP 26, RFC 2434, October 1998. 12. IANA Considerations As described in MPLS-TC-STD-MIB [RFC3811], MPLS related standards track MIB modules should be rooted under the mplsStdMIB subtree. There is one MPLS-related MIB module contained in this document. The following "IANA Considerations" subsect requests IANA for a new assignment under the mplsStdMIB subtree. New assignments can only be made via a Standards Action as specified in [RFC2434]. 12.1. IANA Considerations for MPLS-FRR-STD-MIB The IANA is requested to assign { mplsStdMIB 12 } to the MPLS-FRR-STD-MIB module specified in this document. 13. Intellectual Property Statement The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf- ipr@ietf.org. IETF MPLS WG Expires March 2006 [Page 34]