Internet Draft Thomas D. Nadeau (Ed.) Expires: Dec 2007 A S Kiran Koushik (Ed.) Cisco Systems, Inc. June 2007 Pseudo Wire (PW) over L2TPv3 Management Information Base draft-nadeau-l2tpext-pw-l2tpv3-mib-01.txt Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Copyright Notice Copyright (C) The IETF Trust (2007). Abstract This memo defines an experimental portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes a MIB module for PW operation over Layer Two Tunneling Protocol (Version 3) "L2TPV3". Table of Contents Abstract..........................................................1 1 Introduction.................................................2 IETF L2TPEXT Working Group Expires Dec 2007 [Page 1] draft-nadeau-l2tpext-pw-l2tpv3-mib-01 PW-L2TPV3-MIB June 27, 2007 2 Terminology..................................................3 3 The Internet-Standard Management Framework...................3 4 Feature Checklist............................................4 5 MIB module usage.............................................4 5.1 PW L2TPv3 MIB module usage...................................4 6 Object definitions...........................................6 7 Security Considerations.....................................24 8 IANA considerations.........................................25 9 References..................................................25 9.1 Normative references........................................25 9.2 Informative references......................................26 10 Author's Addresses..........................................27 11 Full Copyright Statement....................................28 12 Intellectual Property Notice................................28 1 Introduction This document describes a model for managing pseudo wire services for transmission over different flavors of L2TP tunnels and IP. The general PW MIB module [PW-MIB] defines the parameters global to the PW regardless of underlying PSN and emulated service. Indicating PSN type of L2TP or IP in PW-MIB references this module. This document describes the MIB objects that define pseudo wire association to the L2TP PSN and IP PSN, in a way that is not specific to the carried service. Conventions used in this document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119 [BCP14]. 2 Terminology This document uses terminology from the document describing the PW architecture [RFC3985], [RFC3916] and [RFC4447]. "PSN Tunnel" is a general term indicating a virtual connection between the two PWE3 edge devices. Each tunnel may potentially carry multiple PWs inside. In the scope of this document, it is L2TPv3 tunnel or IP. In L2TPv3 PSN, a PW connection typically uses L2TPv3 session to carry the traffic. IETF L2TPEXT Working Group Expires Dec 2007 [Page 2] draft-nadeau-l2tpext-pw-l2tpv3-mib-01 PW-L2TPV3-MIB June 27, 2007 3 The Internet-Standard Management Framework For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580]. 4 Feature Checklist The PW L2TP and IP MIB modules are designed to satisfy the following requirements and constraints: - The MIB module supports both manually configured and signaled PWs. - The MIB module supports point-to-point PW connections. - The MIB module enables the use of any emulated service. 5 MIB module usage The MIB module structure for defining a PW service is composed from three types of modules. The first type is the PW MIB module [PW-MIB], which configures general parameters of the PW that are common to all types of emulated services and PSN. The second type of modules is per PSN module. There is a separate module for each type of PSN. This document defines the MIB module for L2TPV3 and IP (PW-L2TPV3-MIB and PW-GEN-IP-MIB). The third type of modules is service-specific module, which is emulated signal type dependent. These modules are defined in other documents; see for example [CEPMIB]. [PWTC] defines some of the object types used in this module. IETF L2TPEXT Working Group Expires Dec 2007 [Page 3] draft-nadeau-l2tpext-pw-l2tpv3-mib-01 PW-L2TPV3-MIB June 27, 2007 5.1 PW L2TP or IP MIB module usage - The PW table (pwTable) in [PW-MIB] is used for all PW types (ATM, FR, Ethernet, SONET, etc.). This table contains high level generic parameters related to the PW creation. The operator or the agent create a row for each PW. - If the selected PSN type in pwTable is L2TP, the agent creates a row in the L2TP specific parameters table (pwL2tpv3Table) in this module, which contains L2TP specific parameters such as session ids etc. - The operator configures the association to the desired L2TPv3 tunnel (required for manually configured PWs) through the pwL2tpMappingTable[TBD]. - If the selected PSN type in pwTable is IP, the agent creates a row in the IP specific parameters table (pwGenIpTable ) in this module, which contains IP specific parameters such as address etc. 6 Object definitions 6.1 PW L2TPv3 MIB definitions: PW-L2TPv3-DRAFT-00-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Unsigned32, transmission FROM SNMPv2-SMI -- [RFC2578] MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF -- [RFC2580] StorageType, RowStatus FROM SNMPv2-TC -- [RFC2579] InterfaceIndexOrZero FROM IF-MIB -- [RFC2863] SnmpAdminString FROM SNMP-FRAMEWORK-MIB pwIndex -- [RFCxxxx] -- RFC Editor: Please replace XXXX with RFC number & remove this -- note. FROM PW-STD-MIB IETF L2TPEXT Working Group Expires Dec 2007 [Page 4] draft-nadeau-l2tpext-pw-l2tpv3-mib-01 PW-L2TPV3-MIB June 27, 2007 ; pwL2tpv3Draft00MIB MODULE-IDENTITY LAST-UPDATED "200610051200Z" -- 05 Oct 2006 12:00:00 GMT ORGANIZATION "IETF L2TP Working Group" CONTACT-INFO "Layer Two Tunneling Protocol Extensions WG Working Group Area: Internet Working Group Name: l2tpext General Discussion: l2tp@l2tp.net" DESCRIPTION "This MIB module complements the PW-STD-MIB module for PW operation over L2TPv3. Copyright (C) The Internet Society (2006). This version of this MIB module is part of RFC yyyy; see the RFC itself for full legal notices. -- RFC Ed.: replace yyyy with actual RFC number & remove -- this note " -- Revision history. REVISION "200610051200Z" -- 05 Oct 2006 12:00:00 GMT DESCRIPTION " First published as RFCWXYZ. " -- RFC Editor: Please replace WXYZ with correct # and remove this -- note ::= { transmission XXX } -- RFC Editor: To be assigned by IANA. Please replace XXX -- with the assigned value and remove this note. -- Top-level components of this MIB. -- Notifications pwL2tpv3Notifications OBJECT IDENTIFIER ::= { pwL2tpv3Draft00MIB 0 } -- Tables, Scalars pwL2tpv3Objects OBJECT IDENTIFIER ::= { pwL2tpv3Draft00MIB 1 } -- Conformance pwL2tpv3Conformance OBJECT IDENTIFIER ::= { pwL2tpv3Draft00MIB 2 } IETF L2TPEXT Working Group Expires Dec 2007 [Page 5] draft-nadeau-l2tpext-pw-l2tpv3-mib-01 PW-L2TPV3-MIB June 27, 2007 -- PW L2TPv3 table pwL2tpv3Table OBJECT-TYPE SYNTAX SEQUENCE OF PwL2tpv3Entry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table controls L2TPv3 specific parameters when the PW is going to be carried over L2TPv3." ::= { pwL2tpv3Objects 1 } pwL2tpv3Entry OBJECT-TYPE SYNTAX PwL2tpv3Entry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A row in this table represents parameters specific to L2TPv3 for a pseudo wire (PW). A row MUST be created automatically by the local agent for every entry in the pwTable if the pwPsnType is l2tp. Each entry is indexed by pwIndex, which uniquely identifies a singular PW. A row can also be created manually in this table. " INDEX { pwIndex } -- Ed Note: Do we need to have pwL2tpv3CtrlCfgIfIndex as an index? ::= { pwL2tpv3Table 1 } PwL2tpv3Entry ::= SEQUENCE { pwL2tpv3SessionCfgIfIndex InterfaceIndexOrZero, pwL2tpv3CtrlCfgRouterID SnmpAdminString, pwL2tpv3LocalSessionID Unsigned32, pwL2tpv3RemoteSessionID Unsigned32, pwL2tpv3OperType BITS, pwL2tpv3DataSequencing INTEGER, pwL2tpv3AddrResol INTEGER, pwL2tpv3Mtu Unsigned32, pwL2tpv3StorageType StorageType, pwL2tpv3RowStatus RowStatus } pwL2tpv3SessionCfgIfIndex OBJECT-TYPE SYNTAX InterfaceIndexOrZero MAX-ACCESS read-create IETF L2TPEXT Working Group Expires Dec 2007 [Page 6] draft-nadeau-l2tpext-pw-l2tpv3-mib-01 PW-L2TPV3-MIB June 27, 2007 STATUS current DESCRIPTION "The interface index for the corresponding L2TP interface to which this PW session is associated. The value of this object must correspond to the value of l2tpv3SessionCfgIfIndex in the l2tpv3SessionCfgTable." ::= { pwL2tpv3Entry 1 } pwL2tpv3CtrlCfgRouterID OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-create STATUS current DESCRIPTION "The local router ID of this peer, as communicated via the Router ID AVP for this control connection. The value of this object corresponds to the value of l2tpv3CtrlCfgRouterID in l2tpv3CtrlCfgTable." ::= { pwL2tpv3Entry 2 } pwL2tpv3LocalSessionID OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "The local L2TPv3 session id for this PW. The value of this object corresponds to the l2tpv3SessionCfgLocalID in l2tpv3SessionCfgTable." ::= { pwL2tpv3Entry 3 } pwL2tpv3RemoteSessionID OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "The remote L2TPv3 session id for this PW. The value of this object corresponds to the l2tpv3SessionCfgRemoteID in l2tpv3SessionCfgTable." ::= { pwL2tpv3Entry 4 } pwL2tpv3OperType OBJECT-TYPE SYNTAX BITS { ifToIf (0), vcToVc (1), IETF L2TPEXT Working Group Expires Dec 2007 [Page 7] draft-nadeau-l2tpext-pw-l2tpv3-mib-01 PW-L2TPV3-MIB June 27, 2007 ifToVc (2), vcToIf (3) } MAX-ACCESS read-create STATUS current DESCRIPTION "Set by the operator to indicate the operation type of this PW. " REFERENCE "[PW-IP] section 6." ::= { pwL2tpv3Entry 5 } pwL2tpv3DataSequencing OBJECT-TYPE SYNTAX INTEGER { noSeq (0), nonIpSeq (1), allSeq (2) } MAX-ACCESS read-create STATUS current DESCRIPTION "Set by the operator to indicate data sequencing. noSeq(0) - No incoming data packets require sequencing. nonIpSeq(0)- Only non-IP data packets require sequencing. allSeq(2) - All incoming data packets require sequencing." REFERENCE "[PW-IP] section 4.2." DEFVAL { allSeq } ::= { pwL2tpv3Entry 6 } pwL2tpv3AddrResol OBJECT-TYPE SYNTAX INTEGER { static (0), dynamic (1) } MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object indicates the point-to-point address resolution mechanism for this PW." REFERENCE "[PW-IP] section 5." DEFVAL { static } ::= { pwL2tpv3Entry 7 } pwL2tpv3Mtu OBJECT-TYPE SYNTAX Unsigned32 IETF L2TPEXT Working Group Expires Dec 2007 [Page 8] draft-nadeau-l2tpext-pw-l2tpv3-mib-01 PW-L2TPV3-MIB June 27, 2007 MAX-ACCESS read-create STATUS current DESCRIPTION "Set by the operator to indicate the PW MTU value to be used on the PW." REFERENCE "[PW-IP] section 4.3." DEFVAL { 1500 } ::= { pwL2tpv3Entry 8 } pwL2tpv3StorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This variable indicates the storage type for this row. Conceptual rows having the value 'permanent' need not allow write-access to any columnar objects in the row." DEFVAL { volatile } ::= { pwL2tpv3Entry 9 } pwL2tpv3RowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This variable is used to create, modify, and/or delete a row in this table. When a row in this table is in active(1) state, no objects in that row can be modified by the agent except pwL2tpv3RowStatus and pwL2tpv3StorageType." ::= { pwL2tpv3Entry 10 } -- End of PW L2TPv3 table -- conformance information pwL2tpv3Groups OBJECT IDENTIFIER ::= { pwL2tpv3Conformance 1 } pwL2tpv3Compliances OBJECT IDENTIFIER ::= { pwL2tpv3Conformance 2 } -- Compliance requirement for fully compliant implementations. pwL2tpv3ModuleFullCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION IETF L2TPEXT Working Group Expires Dec 2007 [Page 9] draft-nadeau-l2tpext-pw-l2tpv3-mib-01 PW-L2TPV3-MIB June 27, 2007 "The compliance statement for agents that provide full support for PW-L2TP MIB Module. Such devices can then be monitored and also be configured using this MIB module." MODULE -- this module MANDATORY-GROUPS { pwL2tpv3Group } ::= { pwL2tpv3Compliances 1 } -- Compliance requirement for Read Only compliant implementations. pwL2tpv3ModuleReadOnlyCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for agents that provide read only support for PW-L2TP MIB Module. Such devices can then be monitored but cannot be configured using this MIB module." MODULE -- this module MANDATORY-GROUPS { pwL2tpv3Group } ::= { pwL2tpv3Compliances 2 } -- Units of conformance. pwL2tpv3Group OBJECT-GROUP OBJECTS { pwL2tpv3SessionCfgIfIndex, pwL2tpv3CtrlCfgRouterID, pwL2tpv3LocalSessionID, pwL2tpv3RemoteSessionID, pwL2tpv3OperType, pwL2tpv3DataSequencing, pwL2tpv3AddrResol, pwL2tpv3Mtu, pwL2tpv3StorageType, pwL2tpv3RowStatus } STATUS current DESCRIPTION "Collection of objects needed for PW over L2TPv3 PSN IETF L2TPEXT Working Group Expires Dec 2007 [Page 10] draft-nadeau-l2tpext-pw-l2tpv3-mib-01 PW-L2TPV3-MIB June 27, 2007 configuration." ::= { pwL2tpv3Groups 1 } END 6.1 PW GENERIC IP MIB definitions: -- PW-GEN-IP-MIB module PW-GEN-IP-DRAFT-00-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Unsigned32, transmission FROM SNMPv2-SMI -- [RFC2578] MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF -- [RFC2580] StorageType, RowStatus FROM SNMPv2-TC -- [RFC2579] InterfaceIndexOrZero FROM IF-MIB -- [RFC2863] SnmpAdminString FROM SNMP-FRAMEWORK-MIB InetAddress, InetAddressType FROM INET-ADDRESS-MIB -- [RFC4001] pwIndex -- [RFCxxxx] -- RFC Editor: Please replace XXXX with RFC number & remove this -- note. FROM PW-STD-MIB ; pwGenIpDraft00MIB MODULE-IDENTITY LAST-UPDATED "200702011200Z" -- 01 Feb 2007 12:00:00 GMT ORGANIZATION "IETF L2TP Working Group" CONTACT-INFO "Layer Two Tunneling Protocol Extensions WG Working Group Area: Internet Working Group Name: l2tpext General Discussion: l2tp@l2tp.net" DESCRIPTION "This MIB module complements the PW-STD-MIB module for PW IETF L2TPEXT Working Group Expires Dec 2007 [Page 11] draft-nadeau-l2tpext-pw-l2tpv3-mib-01 PW-L2TPV3-MIB June 27, 2007 operation over IP. Copyright (C) The Internet Society (2006). This version of this MIB module is part of RFC yyyy; see the RFC itself for full legal notices. -- RFC Ed.: replace yyyy with actual RFC number & remove -- this note " -- Revision history. REVISION "200702011200Z" -- 01 Feb 2007 12:00:00 GMT DESCRIPTION " First published as RFCWXYZ. " -- RFC Editor: Please replace WXYZ with correct # and remove this -- note ::= { transmission XXX } -- RFC Editor: To be assigned by IANA. Please replace XXX -- with the assigned value and remove this note. -- Top-level components of this MIB. -- Notifications pwGenIpNotifications OBJECT IDENTIFIER ::= { pwGenIpDraft00MIB 0 } -- Tables, Scalars pwGenIpObjects OBJECT IDENTIFIER ::= { pwGenIpDraft00MIB 1 } -- Conformance pwGenIpConformance OBJECT IDENTIFIER ::= { pwGenIpDraft00MIB 2 } -- PW IP table pwGenIpTable OBJECT-TYPE SYNTAX SEQUENCE OF PwGenIpEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains the Pseudo wire objects for Generic IP PSN type." ::= { pwGenIpObjects 2 } pwGenIpEntry OBJECT-TYPE SYNTAX PwGenIpEntry IETF L2TPEXT Working Group Expires Dec 2007 [Page 12] draft-nadeau-l2tpext-pw-l2tpv3-mib-01 PW-L2TPV3-MIB June 27, 2007 MAX-ACCESS not-accessible STATUS current DESCRIPTION "A row in this table represents Generic parameters specific to pseudo wire (PW) over IP PSN . A row MUST be created automatically by the local agent for every entry in the pwTable if the pwPsnType is udpOverIp. Each entry is indexed by pwIndex, which uniquely identifies a singular PW. " INDEX { pwIndex } ::= { pwGenIpTable 1 } PwGenIpEntry ::= SEQUENCE { pwGenSourceIpAddressType InetAddressType, pwGenSourceIpAddress InetAddress, pwGenIpTos Unsigned32, pwGenIpTosDropPrecedence Unsigned32 } pwGenSourceIpAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-write STATUS current DESCRIPTION "This object indicates the type of IP address stored in pwGenSourceIpAddress." ::= { pwGenIpEntry 1 } pwGenSourceIpAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-write STATUS current DESCRIPTION "This object indicates source IP Address for PW having pwPsnType= udpOverIp (3)" ::= { pwGenIpEntry 2 } pwGenIpTos OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION IETF L2TPEXT Working Group Expires Dec 2007 [Page 13] draft-nadeau-l2tpext-pw-l2tpv3-mib-01 PW-L2TPV3-MIB June 27, 2007 "This object indicates TOS field value for PW having pwPsnType= udpOverIp (3), IP precedence (bits 0-2 in IP TOS byte),DSCP (bits 0-5 in IP TOS byte)." ::= { pwGenIpEntry 3 } pwGenIpTosDropPrecedence OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "In implementations that support two level of drop precedence marking, this object defines the DSCP or TOS field to be used for packets with higher drop precedence compared to packets marked with pwGenIpTos, otherwise this object should return the the value equal to pwGenIpTos ." ::= { pwGenIpEntry 4 } -- End of PW IP table -- conformance information pwGenIpGroups OBJECT IDENTIFIER ::= { pwGenIpConformance 1 } pwGenIpCompliances OBJECT IDENTIFIER ::= { pwGenIpConformance 2 } -- Compliance requirement for fully compliant implementations. pwGenIpModuleFullCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for agents that provide full support for PW-IP MIB Module. Such devices can then be monitored and also be configured using this MIB module." MODULE -- this module MANDATORY-GROUPS { pwGenIpGroup } ::= { pwGenIpCompliances 1 } -- Compliance requirement for Read Only compliant implementations. pwGenIpModuleReadOnlyCompliance MODULE-COMPLIANCE STATUS current IETF L2TPEXT Working Group Expires Dec 2007 [Page 14] draft-nadeau-l2tpext-pw-l2tpv3-mib-01 PW-L2TPV3-MIB June 27, 2007 DESCRIPTION "The compliance statement for agents that provide read only support for PW-IP MIB Module. Such devices can then be monitored but cannot be configured using this MIB module." MODULE -- this module MANDATORY-GROUPS { pwGenIpGroup } ::= { pwGenIpCompliances 2 } -- Units of conformance. pwGenIpGroup OBJECT-GROUP OBJECTS { pwGenSourceIpAddressType, pwGenSourceIpAddress, pwGenIpTos, pwGenIpTosDropPrecedence } STATUS current DESCRIPTION "Collection of objects needed for PW over IP PSN configuration." ::= { pwGenIpGroups 1 } END 7 Security Considerations It is clear that this MIB module is potentially useful for monitoring of PW capable PEs. This MIB module can also be used for configuration of certain objects, and anything that can be configured can be incorrectly configured, with potentially disastrous results. There are a number of management objects defined in this MIB module with a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. These are the tables and objects and their sensitivity/vulnerability: IETF L2TPEXT Working Group Expires Dec 2007 [Page 15] draft-nadeau-l2tpext-pw-l2tpv3-mib-01 PW-L2TPV3-MIB June 27, 2007 o The pwL2tpv3Table and pwL2tpv3MappingTable[TBD] collectively contain objects to provision PW over L2TPV3 tunnels. Unauthorized access to objects in these tables, could result in disruption of traffic on the network. The use of stronger mechanisms such as SNMPv3 security should be considered where possible. Specifically, SNMPv3 VACM and USM MUST be used with any v3 agent which implements this MIB module. Administrators should consider whether read access to these objects should be allowed, since read access may be undesirable under certain circumstances. Some of the readable objects in this MIB module "i.e., objects with a MAX-ACCESS other than not-accessible" may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. These are the tables and objects and their sensitivity/vulnerability: o the pwL2tpv3Table and pwL2tpv3MappingTable[TBD], collectively show the PW over L2TPV3 association. If an Administrator does not want to reveal this information, then these tables should be considered sensitive/vulnerable. SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure "for example by using IPSec", even then, there is no control as to who on the secure network is allowed to access and GET/SET "read/change/create/delete" the objects in this MIB module. It is RECOMMENDED that implementers consider the security features as provided by the SNMPv3 framework "see [RFC3410], section 8", including full support for the SNMPv3 cryptographic mechanisms "for authentication and privacy". Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module, is properly configured to give access to the objects only to those principals "users" that have legitimate rights to indeed GET or SET "change/create/delete" them. 8 IANA considerations IETF L2TPEXT Working Group Expires Dec 2007 [Page 16] draft-nadeau-l2tpext-pw-l2tpv3-mib-01 PW-L2TPV3-MIB June 27, 2007 9 References 9.1 Normative references [PW-IP] C. Pignataro, W. Luo, "Signaling and Encapsulation for the Transport of IP over L2TPv3", work-in-progress. [L2TPv3-MIB] Nadeau,T., et al, "Layer Two Tunneling Protocol (Version 3) L2TPv3 Management Information Base", work-in-progress. [PWTC] Nadeau, T., et al, "Definitions for Textual Conventions and OBJECT-IDENTITIES for Pseudo-Wires Management", work-in-progress. [PW-MIB] Zelig, D., et al, "Pseudo Wire (PW) Management Information Base", work-in-progress. [BCP14] Bradner, S., "Key words for use in RFCs to Indicate requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,Rose, M. and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M. and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M. and S. Waldbusser, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999. [RFC2863] McCloghrie, K., F. Kastenholz, "The Interfaces Group MIB using SMIv2", RFC 2863, June 2000. [RFC3031] Rosen, E., Viswanathan, A., and R. Callon, "Multiprotocol Label Switching Architecture", RFC 3031, Jan 2001. [RFC3036] Andersson, L., et al, "LDP specification", RFC 3036, January 2001. [RFC3811] Nadeau, T., Cucchiara, J., "Definitions of Textual Conventions (TCs) for Multiprotocol Label Switching (MPLS) Management", RFC 3811, June 2004. IETF L2TPEXT Working Group Expires Dec 2007 [Page 17] draft-nadeau-l2tpext-pw-l2tpv3-mib-01 PW-L2TPV3-MIB June 27, 2007 [RFC3812] Srinivasan, C., Viswanathan, A., and Nadeau, T., "Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) Management Information Base (MIB)", RFC 3812, June 2004. [RFC3813] Srinivasan, C., Viswanathan, A., and Nadeau, T., "Multiprotocol Label Switching (MPLS) Label Switching Router (LSR) Management Information Base (MIB)", RFC 3813, June 2004. [RFC4447] Martini et al, "Pseudowire Setup and Maintenance using the Label Distribution Protocol (LDP)", RFC 4447, April 2006. 9.2 Informative references [RFC2434] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP: 26, RFC 2434, October 1998. [RFC3410] Case, J., Mundy, R., Partain, D. and B. Stewart, "Introduction and Applicability Statements for Internet-Standard Management Framework", RFC 3410, December 2002. [RFC3916] Xio, X., et al, "Requirements for Pseudo-Wire Emulation Edge-to-Edge (PWE3)", RFC 3916, September 2004. [RFC3985] Bryant, S., and Pate, P., "Pseudo Wire Emulation Edge- to-Edge (PWE3) Architecture", RFC 3985, March 2005. 10 Author's Addresses Thomas D. Nadeau Cisco Systems, Inc. 1414 Massachusetts Ave, Boxborough, MA 01719 Email: tnadeau@cisco.com A S Kiran Koushik Cisco Systems, Inc. 12515 Research Blvd, Bldg 4 Austin, TX 78759 Email: kkoushik@cisco.com Carlos Pignataro IETF L2TPEXT Working Group Expires Dec 2007 [Page 18] draft-nadeau-l2tpext-pw-l2tpv3-mib-01 PW-L2TPV3-MIB June 27, 2007 cisco Systems, Inc. 7025-1 Kit Creek Rd PO Box 14987 Research Triangle Park, NC 27709-4987 cpignata@cisco.com Orly Nicklass RAD Data Communications 24 Raoul Wallenberg St., Bldg C Tel Aviv 69719 ISRAEL Phone: +972 3 7659969 Email: orly_n@rad.com 11 Full Copyright Statement Copyright (C) The IETF Trust (2007). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 12 Intellectual Property Notice The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. IETF L2TPEXT Working Group Expires Dec 2007 [Page 19] draft-nadeau-l2tpext-pw-l2tpv3-mib-01 PW-L2TPV3-MIB June 27, 2007 Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf- ipr@ietf.org. Disclaimer of Validity This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. IETF L2TPEXT Working Group Expires Dec 2007 [Page 20]