idnits 2.17.1 draft-ietf-bfd-mib-22.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (June 4, 2014) is 3608 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) No issues found here. Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group T. Nadeau 3 Internet-Draft Brocade 4 Intended status: Standards Track Z. Ali 5 Expires: December 6, 2014 N. Akiya 6 Cisco Systems 7 June 4, 2014 9 BFD Management Information Base 10 draft-ietf-bfd-mib-22 12 Abstract 14 This draft defines a portion of the Management Information Base (MIB) 15 for use with network management protocols in the Internet community. 16 In particular, it describes managed objects for modeling 17 Bidirectional Forwarding Detection (BFD) protocol. 19 Requirements Language 21 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 22 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 23 "OPTIONAL" in this document are to be interpreted as described in BCP 24 14, RFC 2119 [RFC2119]. 26 Status of This Memo 28 This Internet-Draft is submitted in full conformance with the 29 provisions of BCP 78 and BCP 79. 31 Internet-Drafts are working documents of the Internet Engineering 32 Task Force (IETF). Note that other groups may also distribute 33 working documents as Internet-Drafts. The list of current Internet- 34 Drafts is at http://datatracker.ietf.org/drafts/current/. 36 Internet-Drafts are draft documents valid for a maximum of six months 37 and may be updated, replaced, or obsoleted by other documents at any 38 time. It is inappropriate to use Internet-Drafts as reference 39 material or to cite them other than as "work in progress." 41 This Internet-Draft will expire on December 6, 2014. 43 Copyright Notice 45 Copyright (c) 2014 IETF Trust and the persons identified as the 46 document authors. All rights reserved. 48 This document is subject to BCP 78 and the IETF Trust's Legal 49 Provisions Relating to IETF Documents 50 (http://trustee.ietf.org/license-info) in effect on the date of 51 publication of this document. Please review these documents 52 carefully, as they describe your rights and restrictions with respect 53 to this document. Code Components extracted from this document must 54 include Simplified BSD License text as described in Section 4.e of 55 the Trust Legal Provisions and are provided without warranty as 56 described in the Simplified BSD License. 58 Table of Contents 60 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 61 2. The Internet-Standard Management Framework . . . . . . . . . 3 62 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 63 4. Brief Description of MIB Objects . . . . . . . . . . . . . . 3 64 4.1. General Variables . . . . . . . . . . . . . . . . . . . . 3 65 4.2. Session Table (bfdSessionTable) . . . . . . . . . . . . . 3 66 4.3. Session Performance Table (bfdSessionPerfTable) . . . . . 3 67 4.4. BFD Session Discriminator Mapping Table 68 (bfdSessDiscMapTable) . . . . . . . . . . . . . . . . . . 4 69 4.5. BFD Session IP Mapping Table (bfdSessIpMapTable) . . . . 4 70 5. BFD MIB Module Definitions . . . . . . . . . . . . . . . . . 4 71 6. Security Considerations . . . . . . . . . . . . . . . . . . . 34 72 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 36 73 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 37 74 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 37 75 9.1. Normative References . . . . . . . . . . . . . . . . . . 37 76 9.2. Informative References . . . . . . . . . . . . . . . . . 38 78 1. Introduction 80 This memo defines a portion of the Management Information Base (MIB) 81 for use with network management protocols in the Internet community. 82 In particular, it describes managed objects to configure and/or 83 monitor Bidirectional Forwarding Detection for [RFC5880], [RFC5881], 84 [RFC5883] and [RFC7130], BFD versions 0 and/or 1, on devices 85 supporting this feature. 87 This memo does not define a compliance requirement for a system that 88 only implements BFD version 0. This is a reflection of a considered 89 and deliberate decision by the BFD WG, because the BFD version 0 90 protocol is primarily of historical interest by comparison to the 91 widespread deployment of the BFD version 1 protocol. 93 2. The Internet-Standard Management Framework 95 For a detailed overview of the documents that describe the current 96 Internet-Standard Management Framework, please refer to section 7 of 97 RFC 3410 [RFC3410]. 99 Managed objects are accessed via a virtual information store, termed 100 the Management Information Base or MIB. MIB objects are generally 101 accessed through the Simple Network Management Protocol (SNMP). 102 Objects in the MIB are defined using the mechanisms defined in the 103 Structure of Management Information (SMI). This memo specifies a MIB 104 module that is compliant to the SMIv2, which is described in STD 58, 105 RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 106 [RFC2580]. 108 As with all MIB modules, an attempt to SET or CREATE an object to a 109 value that is not supported by the implementation will result in a 110 failure using a return code that indicates that the value is not 111 supported. 113 3. Terminology 115 This document adopts the definitions, acronyms and mechanisms 116 described in [RFC5880], [RFC5881], [RFC5883] and [RFC7130]. Unless 117 otherwise stated, the mechanisms described therein will not be re- 118 described here. 120 4. Brief Description of MIB Objects 122 This section describes objects pertaining to BFD. The MIB objects 123 are derived from [RFC5880], [RFC5881], [RFC5883] and [RFC7130], and 124 also include textual conventions defined in [I-D.ietf-bfd-tc-mib]. 126 4.1. General Variables 128 The General Variables are used to identify parameters that are global 129 to the BFD process. 131 4.2. Session Table (bfdSessionTable) 133 The session table is used to identify a BFD session between a pair of 134 nodes. 136 4.3. Session Performance Table (bfdSessionPerfTable) 138 The session performance table is used for collecting BFD performance 139 counters on a per session basis. This table is an AUGMENT to the 140 bfdSessionTable. 142 4.4. BFD Session Discriminator Mapping Table (bfdSessDiscMapTable) 144 The BFD Session Discriminator Mapping Table provides a mapping 145 between a local discriminator value to the associated BFD session 146 found in the bfdSessionTable. 148 4.5. BFD Session IP Mapping Table (bfdSessIpMapTable) 150 The BFD Session IP Mapping Table maps, given bfdSessInterface, 151 bfdSessSrcAddrType, bfdSessSrcAddr, bfdSessDstAddrType, and 152 bfdSessDstAddr, to an associated BFD session found in the 153 bfdSessionTable. This table SHOULD contain those BFD sessions that 154 are of type IP. 156 5. BFD MIB Module Definitions 158 This MIB module makes references to the following documents. 159 [RFC2578], [RFC2579], [RFC2580], [RFC2863], [RFC3289], [RFC3413], 160 [RFC5082] and [RFC5880]. 162 BFD-STD-MIB DEFINITIONS ::= BEGIN 164 IMPORTS 165 MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, 166 mib-2, Integer32, Unsigned32, Counter32, Counter64 167 FROM SNMPv2-SMI -- [RFC2578] 169 TruthValue, RowStatus, StorageType, TimeStamp 170 FROM SNMPv2-TC -- [RFC2579] 172 MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP 173 FROM SNMPv2-CONF -- [RFC2580] 175 InterfaceIndexOrZero 176 FROM IF-MIB -- [RFC2863] 178 InetAddress, InetAddressType, InetPortNumber 179 FROM INET-ADDRESS-MIB 181 IndexIntegerNextFree 182 FROM DIFFSERV-MIB -- [RFC3289] 184 BfdSessIndexTC, BfdIntervalTC, BfdMultiplierTC, 185 BfdCtrlDestPortNumberTC, BfdCtrlSourcePortNumberTC 186 FROM BFD-TC-STD-MIB 188 IANAbfdDiagTC, IANAbfdSessTypeTC, IANAbfdSessOperModeTC, 189 IANAbfdSessStateTC, IANAbfdSessAuthenticationTypeTC, 190 IANAbfdSessAuthenticationKeyTC 191 FROM IANA-BFD-TC-STD-MIB; 193 bfdMIB MODULE-IDENTITY 194 LAST-UPDATED "201405091200Z" -- 9 May 2014 12:00:00 EST 195 ORGANIZATION "IETF Bidirectional Forwarding Detection 196 Working Group" 197 CONTACT-INFO 198 "Thomas D. Nadeau 199 Brocade 200 Email: tnadeau@lucidvision.com 202 Zafar Ali 203 Cisco Systems, Inc. 204 Email: zali@cisco.com 206 Nobo Akiya 207 Cisco Systems, Inc. 208 Email: nobo@cisco.com 210 Comments about this document should be emailed directly 211 to the BFD working group mailing list at 212 rtg-bfd@ietf.org" 213 DESCRIPTION 214 "Bidirectional Forwarding Management Information Base." 215 REVISION "201405091200Z" -- 9 May 2014 12:00:00 EST 216 DESCRIPTION 217 "Initial version. Published as RFC xxxx." 218 -- RFC Ed.: RFC-editor pls fill in xxxx 219 ::= { mib-2 XXX } 220 -- RFC Ed.: assigned by IANA, see section 7.1 for details 222 -- Top level components of this MIB module. 224 bfdNotifications OBJECT IDENTIFIER ::= { bfdMIB 0 } 226 bfdObjects OBJECT IDENTIFIER ::= { bfdMIB 1 } 228 bfdConformance OBJECT IDENTIFIER ::= { bfdMIB 2 } 230 bfdScalarObjects OBJECT IDENTIFIER ::= { bfdObjects 1 } 232 -- BFD General Variables 234 -- These parameters apply globally to the Systems' 235 -- BFD Process. 237 bfdAdminStatus OBJECT-TYPE 238 SYNTAX INTEGER { 239 enabled(1), 240 disabled(2), 241 adminDown(3), 242 down(4) 243 } 244 MAX-ACCESS read-write 245 STATUS current 246 DESCRIPTION 247 "The desired global administrative status of the BFD 248 system in this device." 249 ::= { bfdScalarObjects 1 } 251 bfdOperStatus OBJECT-TYPE 252 SYNTAX INTEGER { 253 up(1), 254 down(2), 255 adminDown(3) 256 } 257 MAX-ACCESS read-only 258 STATUS current 259 DESCRIPTION 260 "Indicates the actual operational status of the 261 BFD system in this device. When this value is 262 down(2), all entries in the bfdSessTable MUST have 263 their bfdSessOperStatus as down(2) as well. When 264 this value is adminDown(3), all entries in the 265 bfdSessTable MUST have their bfdSessOperStatus 266 as adminDown(3) as well." 267 ::= { bfdScalarObjects 2 } 269 bfdNotificationsEnable OBJECT-TYPE 270 SYNTAX TruthValue 271 MAX-ACCESS read-write 272 STATUS current 273 DESCRIPTION 274 "If this object is set to true(1), then it enables 275 the emission of bfdSessUp and bfdSessDown 276 notifications; otherwise these notifications are not 277 emitted." 278 REFERENCE 279 "See also RFC3413 for explanation that 280 notifications are under the ultimate control of the 281 MIB modules in this document." 282 DEFVAL { false } 283 ::= { bfdScalarObjects 3 } 285 bfdSessIndexNext OBJECT-TYPE 286 SYNTAX IndexIntegerNextFree (0..4294967295) 287 MAX-ACCESS read-only 288 STATUS current 289 DESCRIPTION 290 "This object contains an unused value for 291 bfdSessIndex that can be used when creating 292 entries in the table. A zero indicates that 293 no entries are available, but MUST NOT be used 294 as a valid index. " 295 ::= { bfdScalarObjects 4 } 297 -- BFD Session Table 298 -- The BFD Session Table specifies BFD session specific 299 -- information. 301 bfdSessTable OBJECT-TYPE 302 SYNTAX SEQUENCE OF BfdSessEntry 303 MAX-ACCESS not-accessible 304 STATUS current 305 DESCRIPTION 306 "The BFD Session Table describes the BFD sessions." 307 REFERENCE 308 "Katz, D. and D. Ward, Bidirectional Forwarding 309 Detection (BFD), RFC 5880, June 2012." 310 ::= { bfdObjects 2 } 312 bfdSessEntry OBJECT-TYPE 313 SYNTAX BfdSessEntry 314 MAX-ACCESS not-accessible 315 STATUS current 316 DESCRIPTION 317 "The BFD Session Entry describes BFD session." 318 INDEX { bfdSessIndex } 319 ::= { bfdSessTable 1 } 321 BfdSessEntry ::= SEQUENCE { 322 bfdSessIndex BfdSessIndexTC, 323 bfdSessVersionNumber Unsigned32, 324 bfdSessType IANAbfdSessTypeTC, 325 bfdSessDiscriminator Unsigned32, 326 bfdSessRemoteDiscr Unsigned32, 327 bfdSessDestinationUdpPort BfdCtrlDestPortNumberTC, 328 bfdSessSourceUdpPort BfdCtrlSourcePortNumberTC, 329 bfdSessEchoSourceUdpPort InetPortNumber, 330 bfdSessAdminStatus INTEGER, 331 bfdSessOperStatus INTEGER, 332 bfdSessState IANAbfdSessStateTC, 333 bfdSessRemoteHeardFlag TruthValue, 334 bfdSessDiag IANAbfdDiagTC, 335 bfdSessOperMode IANAbfdSessOperModeTC, 336 bfdSessDemandModeDesiredFlag TruthValue, 337 bfdSessControlPlaneIndepFlag TruthValue, 338 bfdSessMultipointFlag TruthValue, 339 bfdSessInterface InterfaceIndexOrZero, 340 bfdSessSrcAddrType InetAddressType, 341 bfdSessSrcAddr InetAddress, 342 bfdSessDstAddrType InetAddressType, 343 bfdSessDstAddr InetAddress, 344 bfdSessGTSM TruthValue, 345 bfdSessGTSMTTL Unsigned32, 346 bfdSessDesiredMinTxInterval BfdIntervalTC, 347 bfdSessReqMinRxInterval BfdIntervalTC, 348 bfdSessReqMinEchoRxInterval BfdIntervalTC, 349 bfdSessDetectMult BfdMultiplierTC, 350 bfdSessNegotiatedInterval BfdIntervalTC, 351 bfdSessNegotiatedEchoInterval BfdIntervalTC, 352 bfdSessNegotiatedDetectMult BfdMultiplierTC, 353 bfdSessAuthPresFlag TruthValue, 354 bfdSessAuthenticationType IANAbfdSessAuthenticationTypeTC, 355 bfdSessAuthenticationKeyID Integer32, 356 bfdSessAuthenticationKey IANAbfdSessAuthenticationKeyTC, 357 bfdSessStorageType StorageType, 358 bfdSessRowStatus RowStatus 359 } 361 bfdSessIndex OBJECT-TYPE 362 SYNTAX BfdSessIndexTC 363 MAX-ACCESS not-accessible 364 STATUS current 365 DESCRIPTION 366 "This object contains an index used to represent a 367 unique BFD session on this device. Managers 368 should obtain new values for row creation in this 369 table by reading bfdSessIndexNext." 370 ::= { bfdSessEntry 1 } 372 bfdSessVersionNumber OBJECT-TYPE 373 SYNTAX Unsigned32 (0..7) 374 MAX-ACCESS read-create 375 STATUS current 376 DESCRIPTION 377 "The version number of the BFD protocol that this session 378 is running in. Write access is available for this object 379 to provide ability to set desired version for this 380 BFD session." 382 REFERENCE 383 "Katz, D. and D. Ward, Bidirectional Forwarding 384 Detection (BFD), RFC 5880, June 2012." 385 DEFVAL { 1 } 386 ::= { bfdSessEntry 2 } 388 bfdSessType OBJECT-TYPE 389 SYNTAX IANAbfdSessTypeTC 390 MAX-ACCESS read-create 391 STATUS current 392 DESCRIPTION 393 "This object specifies the type of this BFD session." 394 ::= { bfdSessEntry 3 } 396 bfdSessDiscriminator OBJECT-TYPE 397 SYNTAX Unsigned32 (1..4294967295) 398 MAX-ACCESS read-create 399 STATUS current 400 DESCRIPTION 401 "This object specifies the local discriminator for this BFD 402 session, used to uniquely identify it." 403 ::= { bfdSessEntry 4 } 405 bfdSessRemoteDiscr OBJECT-TYPE 406 SYNTAX Unsigned32 (0 | 1..4294967295) 407 MAX-ACCESS read-only 408 STATUS current 409 DESCRIPTION 410 "This object specifies the session discriminator chosen 411 by the remote system for this BFD session. The value may 412 be zero(0) if the remote discriminator is not yet known 413 or if the session is in the down or adminDown(1) state." 414 REFERENCE 415 "Section 6.8.6, from Katz, D. and D. Ward, Bidirectional 416 Forwarding Detection (BFD), RFC 5880, June 2012." 417 ::= { bfdSessEntry 5 } 419 bfdSessDestinationUdpPort OBJECT-TYPE 420 SYNTAX BfdCtrlDestPortNumberTC 421 MAX-ACCESS read-create 422 STATUS current 423 DESCRIPTION 424 "This object specifies the destination UDP port number 425 used for this BFD session's control packets. The value 426 may be zero(0) if the session is in adminDown(1) state." 427 DEFVAL { 0 } 428 ::= { bfdSessEntry 6 } 430 bfdSessSourceUdpPort OBJECT-TYPE 431 SYNTAX BfdCtrlSourcePortNumberTC 432 MAX-ACCESS read-create 433 STATUS current 434 DESCRIPTION 435 "This object specifies the source UDP port number used 436 for this BFD session's control packets. The value may be 437 zero(0) if the session is in adminDown(1) state. Upon 438 creation of a new BFD session via this MIB, the value of 439 zero(0) specified would permit the implementation to 440 choose its own source port number." 441 DEFVAL { 0 } 442 ::= { bfdSessEntry 7 } 444 bfdSessEchoSourceUdpPort OBJECT-TYPE 445 SYNTAX InetPortNumber 446 MAX-ACCESS read-create 447 STATUS current 448 DESCRIPTION 449 "This object specifies the source UDP port number used for 450 this BFD session's echo packets. The value may be zero(0) 451 if the session is not running in the echo mode, or the 452 session is in adminDown(1) state. Upon creation of a new 453 BFD session via this MIB, the value of zero(0) would 454 permit the implementation to choose its own source port 455 number." 456 DEFVAL { 0 } 457 ::= { bfdSessEntry 8 } 459 bfdSessAdminStatus OBJECT-TYPE 460 SYNTAX INTEGER { 461 enabled(1), 462 disabled(2), 463 adminDown(3), 464 down(4) 465 } 466 MAX-ACCESS read-create 467 STATUS current 468 DESCRIPTION 469 "Denotes the desired operational status of the BFD Session. 471 A transition to enabled(1) will start the BFD state machine 472 for the session. The state machine will have an initial 473 state of down(2). 475 A transition to disabled(2) will stop the BFD state machine 476 for the session. The state machine may first transition to 477 adminDown(1) prior to stopping. 479 A transition to adminDown(3) will cause the BFD state 480 machine to transition to adminDown(1), and will cause the 481 session to remain in this state. 483 A transition to down(4) will cause the BFD state machine 484 to transition to down(2), and will cause the session to 485 remain in this state. 487 Care should be used in providing write access to this 488 object without adequate authentication." 489 ::= { bfdSessEntry 9 } 491 bfdSessOperStatus OBJECT-TYPE 492 SYNTAX INTEGER { 493 up(1), 494 down(2), 495 adminDown(3) 496 } 497 MAX-ACCESS read-only 498 STATUS current 499 DESCRIPTION 500 "Denotes the actual operational status of the BFD Session. 501 If the value of bfdOperStatus is down(2), this value MUST 502 eventually be down(2) as well. If the value of 503 bfdOperStatus is adminDown(3), this value MUST eventually 504 be adminDown(3) as well." 505 ::= { bfdSessEntry 10 } 507 bfdSessState OBJECT-TYPE 508 SYNTAX IANAbfdSessStateTC 509 MAX-ACCESS read-only 510 STATUS current 511 DESCRIPTION 512 "Configured BFD session state." 513 ::= { bfdSessEntry 11 } 515 bfdSessRemoteHeardFlag OBJECT-TYPE 516 SYNTAX TruthValue 517 MAX-ACCESS read-only 518 STATUS current 519 DESCRIPTION 520 "This object specifies status of BFD packet reception from 521 the remote system. Specifically, it is set to true(1) if 522 the local system is actively receiving BFD packets from the 523 remote system, and is set to false(2) if the local system 524 has not received BFD packets recently (within the detection 525 time) or if the local system is attempting to tear down 526 the BFD session." 528 REFERENCE 529 "Katz, D. and D. Ward, Bidirectional 530 Forwarding Detection (BFD), RFC 5880, June 2012." 531 ::= { bfdSessEntry 12 } 533 bfdSessDiag OBJECT-TYPE 534 SYNTAX IANAbfdDiagTC 535 MAX-ACCESS read-only 536 STATUS current 537 DESCRIPTION 538 "A diagnostic code specifying the local system's reason 539 for the last transition of the session from up(4) 540 to some other state." 541 ::= { bfdSessEntry 13 } 543 bfdSessOperMode OBJECT-TYPE 544 SYNTAX IANAbfdSessOperModeTC 545 MAX-ACCESS read-create 546 STATUS current 547 DESCRIPTION 548 "This object specifies the operational mode of this 549 BFD session." 550 ::= { bfdSessEntry 14 } 552 bfdSessDemandModeDesiredFlag OBJECT-TYPE 553 SYNTAX TruthValue 554 MAX-ACCESS read-create 555 STATUS current 556 DESCRIPTION 557 "This object indicates that the local system's 558 desire to use Demand mode. Specifically, it is set 559 to true(1) if the local system wishes to use 560 Demand mode or false(2) if not" 561 DEFVAL { false } 562 ::= { bfdSessEntry 15 } 564 bfdSessControlPlaneIndepFlag OBJECT-TYPE 565 SYNTAX TruthValue 566 MAX-ACCESS read-create 567 STATUS current 568 DESCRIPTION 569 "This object indicates that the local system's 570 ability to continue to function through a disruption of 571 the control plane. Specifically, it is set 572 to true(1) if the local system BFD implementation is 573 independent of the control plane. Otherwise, the 574 value is set to false(2)" 575 DEFVAL { false } 576 ::= { bfdSessEntry 16 } 578 bfdSessMultipointFlag OBJECT-TYPE 579 SYNTAX TruthValue 580 MAX-ACCESS read-create 581 STATUS current 582 DESCRIPTION 583 "This object indicates the Multipoint (M) bit for this 584 session. It is set to true(1) if Multipoint (M) bit is 585 set to 1. Otherwise, the value is set to false(2)" 586 DEFVAL { false } 587 ::= { bfdSessEntry 17 } 589 bfdSessInterface OBJECT-TYPE 590 SYNTAX InterfaceIndexOrZero 591 MAX-ACCESS read-create 592 STATUS current 593 DESCRIPTION 594 "This object contains an interface index used to indicate 595 the interface which this BFD session is running on. This 596 value can be zero if there is no interface associated 597 with this BFD session." 598 ::= { bfdSessEntry 18 } 600 bfdSessSrcAddrType OBJECT-TYPE 601 SYNTAX InetAddressType 602 MAX-ACCESS read-create 603 STATUS current 604 DESCRIPTION 605 "This object specifies IP address type of the source IP 606 address of this BFD session. The value of unknown(0) is 607 allowed only when the session is singleHop(1) and the 608 source IP address of this BFD session is derived from 609 the outgoing interface, or when the BFD session is not 610 associated with a specific interface. If any other 611 unsupported values are attempted in a set operation, the 612 agent MUST return an inconsistentValue error." 613 ::= { bfdSessEntry 19 } 615 bfdSessSrcAddr OBJECT-TYPE 616 SYNTAX InetAddress 617 MAX-ACCESS read-create 618 STATUS current 619 DESCRIPTION 620 "This object specifies the source IP address of this BFD 621 session. The format of this object is controlled by the 622 bfdSessSrcAddrType object." 623 ::= { bfdSessEntry 20 } 625 bfdSessDstAddrType OBJECT-TYPE 626 SYNTAX InetAddressType 627 MAX-ACCESS read-create 628 STATUS current 629 DESCRIPTION 630 "This object specifies IP address type of the neighboring IP 631 address which is being monitored with this BFD session. 632 The value of unknown(0) is allowed only when the session is 633 singleHop(1) and the outgoing interface is of type 634 point-to-point, or when the BFD session is not associated 635 with a specific interface. If any other unsupported values 636 are attempted in a set operation, the agent MUST return an 637 inconsistentValue error." 638 ::= { bfdSessEntry 21 } 640 bfdSessDstAddr OBJECT-TYPE 641 SYNTAX InetAddress 642 MAX-ACCESS read-create 643 STATUS current 644 DESCRIPTION 645 "This object specifies the neighboring IP address which is 646 being monitored with this BFD session. The format of this 647 object is controlled by the bfdSessDstAddrType object." 648 ::= { bfdSessEntry 22 } 650 bfdSessGTSM OBJECT-TYPE 651 SYNTAX TruthValue 652 MAX-ACCESS read-create 653 STATUS current 654 DESCRIPTION 655 "Setting the value of this object to false(2) will disable 656 GTSM protection of the BFD session. GTSM MUST be enabled 657 on a singleHop(1) session if no authentication is in use." 658 REFERENCE 659 "RFC5082, The Generalized TTL Security Mechanism (GTSM). 660 RFC5881, Section 5" 661 DEFVAL { true } 662 ::= { bfdSessEntry 23 } 664 bfdSessGTSMTTL OBJECT-TYPE 665 SYNTAX Unsigned32 (0..255) 666 MAX-ACCESS read-create 667 STATUS current 668 DESCRIPTION 669 "This object is valid only when bfdSessGTSM protection is 670 enabled on the system. This object indicates the minimum 671 allowed TTL for received BFD control packets. For a 672 singleHop(1) session, if GTSM protection is enabled, 673 this object SHOULD be set to maximum TTL value allowed 674 for single hop. 676 By default, GTSM is enabled and TTL value is 255. For a 677 multihop session, updating of maximum TTL value allowed 678 is likely required." 679 REFERENCE 680 "RFC5082, The Generalized TTL Security Mechanism (GTSM). 681 RFC5881, Section 5" 682 DEFVAL { 255 } 683 ::= { bfdSessEntry 24 } 685 bfdSessDesiredMinTxInterval OBJECT-TYPE 686 SYNTAX BfdIntervalTC 687 MAX-ACCESS read-create 688 STATUS current 689 DESCRIPTION 690 "This object specifies the minimum interval, in 691 microseconds, that the local system would like to use 692 when transmitting BFD Control packets. The value of 693 zero(0) is reserved in this case, and should not be 694 used." 695 REFERENCE 696 "Section 4.1 from Katz, D. and D. Ward, Bidirectional 697 Forwarding Detection (BFD), RFC 5880, June 2012." 698 ::= { bfdSessEntry 25 } 700 bfdSessReqMinRxInterval OBJECT-TYPE 701 SYNTAX BfdIntervalTC 702 MAX-ACCESS read-create 703 STATUS current 704 DESCRIPTION 705 "This object specifies the minimum interval, in 706 microseconds, between received BFD Control packets the 707 local system is capable of supporting. The value of 708 zero(0) can be specified when the transmitting system 709 does not want the remote system to send any periodic BFD 710 control packets." 711 REFERENCE 712 "Section 4.1 from Katz, D. and D. Ward, Bidirectional 713 Forwarding Detection (BFD), RFC 5880, June 2012." 714 ::= { bfdSessEntry 26 } 716 bfdSessReqMinEchoRxInterval OBJECT-TYPE 717 SYNTAX BfdIntervalTC 718 MAX-ACCESS read-create 719 STATUS current 720 DESCRIPTION 721 "This object specifies the minimum interval, in 722 microseconds, between received BFD Echo packets that this 723 system is capable of supporting. Value must be zero(0) if 724 this is a multihop BFD session." 725 ::= { bfdSessEntry 27 } 727 bfdSessDetectMult OBJECT-TYPE 728 SYNTAX BfdMultiplierTC 729 MAX-ACCESS read-create 730 STATUS current 731 DESCRIPTION 732 "This object specifies the Detect time multiplier." 733 ::= { bfdSessEntry 28 } 735 bfdSessNegotiatedInterval OBJECT-TYPE 736 SYNTAX BfdIntervalTC 737 MAX-ACCESS read-only 738 STATUS current 739 DESCRIPTION 740 "This object specifies the negotiated interval, in 741 microseconds, that the local system is transmitting 742 BFD Control packets." 743 ::= { bfdSessEntry 29 } 745 bfdSessNegotiatedEchoInterval OBJECT-TYPE 746 SYNTAX BfdIntervalTC 747 MAX-ACCESS read-only 748 STATUS current 749 DESCRIPTION 750 "This object specifies the negotiated interval, in 751 microseconds, that the local system is transmitting 752 BFD echo packets. Value is expected to be zero if 753 the sessions is not running in echo mode." 754 ::= { bfdSessEntry 30 } 756 bfdSessNegotiatedDetectMult OBJECT-TYPE 757 SYNTAX BfdMultiplierTC 758 MAX-ACCESS read-only 759 STATUS current 760 DESCRIPTION 761 "This object specifies the Detect time multiplier." 762 ::= { bfdSessEntry 31 } 764 bfdSessAuthPresFlag OBJECT-TYPE 765 SYNTAX TruthValue 766 MAX-ACCESS read-create 767 STATUS current 768 DESCRIPTION 769 "This object indicates that the local system's 770 desire to use Authentication. Specifically, it is set 771 to true(1) if the local system wishes the session 772 to be authenticated or false(2) if not." 773 REFERENCE 774 "Sections 4.2 - 4.4 from Katz, D. and D. Ward, 775 Bidirectional Forwarding Detection (BFD), RFC 5880, 776 June 2012." 777 DEFVAL { false } 778 ::= { bfdSessEntry 32 } 780 bfdSessAuthenticationType OBJECT-TYPE 781 SYNTAX IANAbfdSessAuthenticationTypeTC 782 MAX-ACCESS read-create 783 STATUS current 784 DESCRIPTION 785 "The Authentication Type used for this BFD session. 786 This field is valid only when the Authentication 787 Present bit is set. Max-access to this object as well as 788 other authentication related objects are set to 789 read-create in order to support management of a single 790 key ID at a time, key rotation is not handled. Key update 791 in practice must be done by atomic update using a set 792 containing all affected objects in the same varBindList 793 or otherwise risk the session dropping." 794 REFERENCE 795 "Sections 4.2 - 4.4 from Katz, D. and D. Ward, 796 Bidirectional Forwarding Detection (BFD), RFC 5880, 797 June 2012." 798 DEFVAL { noAuthentication } 799 ::= { bfdSessEntry 33 } 801 bfdSessAuthenticationKeyID OBJECT-TYPE 802 SYNTAX Integer32 (-1 | 0..255) 803 MAX-ACCESS read-create 804 STATUS current 805 DESCRIPTION 806 "The authentication key ID in use for this session. This 807 object permits multiple keys to be active simultaneously. 808 The value -1 indicates that no Authentication Key ID will 809 be present in the optional BFD Authentication Section." 810 REFERENCE 811 "Sections 4.2 - 4.4 from Katz, D. and D. Ward, 812 Bidirectional Forwarding Detection (BFD), RFC 5880, 813 June 2012." 814 DEFVAL { -1 } 815 ::= { bfdSessEntry 34 } 817 bfdSessAuthenticationKey OBJECT-TYPE 818 SYNTAX IANAbfdSessAuthenticationKeyTC 819 MAX-ACCESS read-create 820 STATUS current 821 DESCRIPTION 822 "The authentication key. When the 823 bfdSessAuthenticationType is simplePassword(1), the value 824 of this object is the password present in the BFD packets. 826 When the bfdSessAuthenticationType is one of the keyed 827 authentication types, this value is used in the 828 computation of the key present in the BFD authentication 829 packet." 830 REFERENCE 831 "Sections 4.2 - 4.4 from Katz, D. and D. Ward, 832 Bidirectional Forwarding Detection (BFD), RFC 5880, 833 June 2012." 834 ::= { bfdSessEntry 35 } 836 bfdSessStorageType OBJECT-TYPE 837 SYNTAX StorageType 838 MAX-ACCESS read-create 839 STATUS current 840 DESCRIPTION 841 "This variable indicates the storage type for this 842 object. Conceptual rows having the value 843 'permanent' need not allow write-access to any 844 columnar objects in the row." 845 ::= { bfdSessEntry 36 } 847 bfdSessRowStatus OBJECT-TYPE 848 SYNTAX RowStatus 849 MAX-ACCESS read-create 850 STATUS current 851 DESCRIPTION 852 "This variable is used to create, modify, and/or 853 delete a row in this table. When a row in this 854 table has a row in the active(1) state, no 855 objects in this row can be modified except the 856 bfdSessRowStatus and bfdSessStorageType." 857 ::= { bfdSessEntry 37 } 859 -- BFD Session Performance Table 861 bfdSessPerfTable OBJECT-TYPE 862 SYNTAX SEQUENCE OF BfdSessPerfEntry 863 MAX-ACCESS not-accessible 864 STATUS current 865 DESCRIPTION 866 "This table specifies BFD Session performance counters." 867 ::= { bfdObjects 3 } 869 bfdSessPerfEntry OBJECT-TYPE 870 SYNTAX BfdSessPerfEntry 871 MAX-ACCESS not-accessible 872 STATUS current 873 DESCRIPTION 874 "An entry in this table is created by a BFD-enabled node 875 for every BFD Session. bfdSessPerfDiscTime is used to 876 indicate potential discontinuity for all counter objects 877 in this table." 878 AUGMENTS { bfdSessEntry } 879 ::= { bfdSessPerfTable 1 } 881 BfdSessPerfEntry ::= SEQUENCE { 882 bfdSessPerfCtrlPktIn Counter32, 883 bfdSessPerfCtrlPktOut Counter32, 884 bfdSessPerfCtrlPktDrop Counter32, 885 bfdSessPerfCtrlPktDropLastTime TimeStamp, 886 bfdSessPerfEchoPktIn Counter32, 887 bfdSessPerfEchoPktOut Counter32, 888 bfdSessPerfEchoPktDrop Counter32, 889 bfdSessPerfEchoPktDropLastTime TimeStamp, 890 bfdSessUpTime TimeStamp, 891 bfdSessPerfLastSessDownTime TimeStamp, 892 bfdSessPerfLastCommLostDiag IANAbfdDiagTC, 893 bfdSessPerfSessUpCount Counter32, 894 bfdSessPerfDiscTime TimeStamp, 896 -- High Capacity Counters 897 bfdSessPerfCtrlPktInHC Counter64, 898 bfdSessPerfCtrlPktOutHC Counter64, 899 bfdSessPerfCtrlPktDropHC Counter64, 900 bfdSessPerfEchoPktInHC Counter64, 901 bfdSessPerfEchoPktOutHC Counter64, 902 bfdSessPerfEchoPktDropHC Counter64 903 } 905 bfdSessPerfCtrlPktIn OBJECT-TYPE 906 SYNTAX Counter32 907 MAX-ACCESS read-only 908 STATUS current 909 DESCRIPTION 910 "The total number of BFD control messages received for this 911 BFD session. 913 It MUST be equal to the least significant 32 bits of 914 bfdSessPerfCtrlPktInHC if supported, and MUST do so 915 with the rules spelled out in RFC 2863." 916 ::= { bfdSessPerfEntry 1 } 918 bfdSessPerfCtrlPktOut OBJECT-TYPE 919 SYNTAX Counter32 920 MAX-ACCESS read-only 921 STATUS current 922 DESCRIPTION 923 "The total number of BFD control messages sent for this BFD 924 session. 926 It MUST be equal to the least significant 32 bits of 927 bfdSessPerfCtrlPktOutHC if supported, and MUST do so 928 with the rules spelled out in RFC 2863." 929 ::= { bfdSessPerfEntry 2 } 931 bfdSessPerfCtrlPktDrop OBJECT-TYPE 932 SYNTAX Counter32 933 MAX-ACCESS read-only 934 STATUS current 935 DESCRIPTION 936 "The total number of BFD control messages received for this 937 session yet dropped for being invalid. 939 It MUST be equal to the least significant 32 bits of 940 bfdSessPerfCtrlPktDropHC if supported, and MUST do so 941 with the rules spelled out in RFC 2863." 942 ::= { bfdSessPerfEntry 3 } 944 bfdSessPerfCtrlPktDropLastTime OBJECT-TYPE 945 SYNTAX TimeStamp 946 MAX-ACCESS read-only 947 STATUS current 948 DESCRIPTION 949 "The value of sysUpTime on the most recent occasion at 950 which received BFD control message for this session was 951 dropped. If no such up event exists, this object contains 952 a zero value." 953 ::= { bfdSessPerfEntry 4 } 955 bfdSessPerfEchoPktIn OBJECT-TYPE 956 SYNTAX Counter32 957 MAX-ACCESS read-only 958 STATUS current 959 DESCRIPTION 960 "The total number of BFD echo messages received for this 961 BFD session. 963 It MUST be equal to the least significant 32 bits of 964 bfdSessPerfEchoPktInHC if supported, and MUST do so 965 with the rules spelled out in RFC 2863." 966 ::= { bfdSessPerfEntry 5 } 968 bfdSessPerfEchoPktOut OBJECT-TYPE 969 SYNTAX Counter32 970 MAX-ACCESS read-only 971 STATUS current 972 DESCRIPTION 973 "The total number of BFD echo messages sent for this BFD 974 session. 976 It MUST be equal to the least significant 32 bits of 977 bfdSessPerfEchoPktOutHC if supported, and MUST do so 978 with the rules spelled out in RFC 2863." 979 ::= { bfdSessPerfEntry 6 } 981 bfdSessPerfEchoPktDrop OBJECT-TYPE 982 SYNTAX Counter32 983 MAX-ACCESS read-only 984 STATUS current 985 DESCRIPTION 986 "The total number of BFD echo messages received for this 987 session yet dropped for being invalid. 989 It MUST be equal to the least significant 32 bits of 990 bfdSessPerfEchoPktDropHC if supported, and MUST do so 991 with the rules spelled out in RFC 2863." 992 ::= { bfdSessPerfEntry 7 } 994 bfdSessPerfEchoPktDropLastTime OBJECT-TYPE 995 SYNTAX TimeStamp 996 MAX-ACCESS read-only 997 STATUS current 998 DESCRIPTION 999 "The value of sysUpTime on the most recent occasion at 1000 which received BFD echo message for this session was 1001 dropped. If no such up event has been issued, this 1002 object contains a zero value." 1003 ::= { bfdSessPerfEntry 8 } 1005 bfdSessUpTime OBJECT-TYPE 1006 SYNTAX TimeStamp 1007 MAX-ACCESS read-only 1008 STATUS current 1009 DESCRIPTION 1010 "The value of sysUpTime on the most recent occasion at which 1011 the session came up. If no such event has been issued, 1012 this object contains a zero value." 1013 ::= { bfdSessPerfEntry 9 } 1015 bfdSessPerfLastSessDownTime OBJECT-TYPE 1016 SYNTAX TimeStamp 1017 MAX-ACCESS read-only 1018 STATUS current 1019 DESCRIPTION 1020 "The value of sysUpTime on the most recent occasion at 1021 which the last time communication was lost with the 1022 neighbor. If no down event has been issued this object 1023 contains a zero value." 1024 ::= { bfdSessPerfEntry 10 } 1026 bfdSessPerfLastCommLostDiag OBJECT-TYPE 1027 SYNTAX IANAbfdDiagTC 1028 MAX-ACCESS read-only 1029 STATUS current 1030 DESCRIPTION 1031 "The BFD diag code for the last time communication was lost 1032 with the neighbor. If such an event has not been issued 1033 this object contains a zero value." 1034 ::= { bfdSessPerfEntry 11 } 1036 bfdSessPerfSessUpCount OBJECT-TYPE 1037 SYNTAX Counter32 1038 MAX-ACCESS read-only 1039 STATUS current 1040 DESCRIPTION 1041 "The number of times this session has gone into the Up 1042 state since the system last rebooted." 1043 ::= { bfdSessPerfEntry 12 } 1045 bfdSessPerfDiscTime OBJECT-TYPE 1046 SYNTAX TimeStamp 1047 MAX-ACCESS read-only 1048 STATUS current 1049 DESCRIPTION 1050 "The value of sysUpTime on the most recent occasion at 1051 which any one or more of the session counters suffered 1052 a discontinuity. 1054 The relevant counters are the specific instances associated 1055 with this BFD session of any Counter32 object contained in 1056 the BfdSessPerfTable. If no such discontinuities have 1057 occurred since the last re-initialization of the local 1058 management subsystem, then this object contains a zero 1059 value." 1060 ::= { bfdSessPerfEntry 13 } 1062 bfdSessPerfCtrlPktInHC OBJECT-TYPE 1063 SYNTAX Counter64 1064 MAX-ACCESS read-only 1065 STATUS current 1066 DESCRIPTION 1067 "This value represents the total number of BFD control 1068 messages received for this BFD session. 1070 The least significant 32 bits MUST equal to 1071 bfdSessPerfCtrlPktIn, and MUST do so with 1072 the rules spelled out in RFC 2863." 1073 ::= { bfdSessPerfEntry 14 } 1075 bfdSessPerfCtrlPktOutHC OBJECT-TYPE 1076 SYNTAX Counter64 1077 MAX-ACCESS read-only 1078 STATUS current 1079 DESCRIPTION 1080 "This value represents the total number of BFD control 1081 messages transmitted for this BFD session. 1083 The least significant 32 bits MUST equal to 1084 bfdSessPerfCtrlPktOut, and MUST do so with 1085 the rules spelled out in RFC 2863." 1086 ::= { bfdSessPerfEntry 15 } 1088 bfdSessPerfCtrlPktDropHC OBJECT-TYPE 1089 SYNTAX Counter64 1090 MAX-ACCESS read-only 1091 STATUS current 1092 DESCRIPTION 1093 "This value represents the total number of BFD control 1094 messages received for this BFD session yet dropped for 1095 being invalid. 1097 The least significant 32 bits MUST equal to 1098 bfdSessPerfCtrlPktDrop, and MUST do so with 1099 the rules spelled out in RFC 2863." 1100 ::= { bfdSessPerfEntry 16 } 1102 bfdSessPerfEchoPktInHC OBJECT-TYPE 1103 SYNTAX Counter64 1104 MAX-ACCESS read-only 1105 STATUS current 1106 DESCRIPTION 1107 "This value represents the total number of BFD echo 1108 messages received for this BFD session. 1110 The least significant 32 bits MUST equal to 1111 bfdSessPerfEchoPktIn, and MUST do so with 1112 the rules spelled out in RFC 2863." 1113 ::= { bfdSessPerfEntry 17 } 1115 bfdSessPerfEchoPktOutHC OBJECT-TYPE 1116 SYNTAX Counter64 1117 MAX-ACCESS read-only 1118 STATUS current 1119 DESCRIPTION 1120 "This value represents the total number of BFD echo 1121 messages transmitted for this BFD session. 1123 The least significant 32 bits MUST equal to 1124 bfdSessPerfEchoPktOut, and MUST do so with 1125 the rules spelled out in RFC 2863." 1126 ::= { bfdSessPerfEntry 18 } 1128 bfdSessPerfEchoPktDropHC OBJECT-TYPE 1129 SYNTAX Counter64 1130 MAX-ACCESS read-only 1131 STATUS current 1132 DESCRIPTION 1133 "This value represents the total number of BFD echo 1134 messages received for this BFD session yet dropped 1135 for being invalid. 1137 The least significant 32 bits MUST equal to 1138 bfdSessPerfEchoPktDrop, and MUST do so with 1139 the rules spelled out in RFC 2863." 1140 ::= { bfdSessPerfEntry 19 } 1142 -- BFD Session Discriminator Mapping Table 1144 bfdSessDiscMapTable OBJECT-TYPE 1145 SYNTAX SEQUENCE OF BfdSessDiscMapEntry 1146 MAX-ACCESS not-accessible 1147 STATUS current 1148 DESCRIPTION 1149 "The BFD Session Discriminator Mapping Table maps a 1150 local discriminator value to associated BFD session's 1151 bfdSessIndex found in the bfdSessionTable." 1152 ::= { bfdObjects 4 } 1154 bfdSessDiscMapEntry OBJECT-TYPE 1155 SYNTAX BfdSessDiscMapEntry 1156 MAX-ACCESS not-accessible 1157 STATUS current 1158 DESCRIPTION 1159 "The BFD Session Discriminator Mapping Entry 1160 specifies a mapping between a local discriminator 1161 and a BFD session." 1162 INDEX { bfdSessDiscriminator } 1163 ::= { bfdSessDiscMapTable 1 } 1165 BfdSessDiscMapEntry ::= SEQUENCE { 1166 bfdSessDiscMapIndex BfdSessIndexTC 1167 } 1169 bfdSessDiscMapIndex OBJECT-TYPE 1170 SYNTAX BfdSessIndexTC 1171 MAX-ACCESS read-only 1172 STATUS current 1173 DESCRIPTION 1174 "This object specifies a mapping between a 1175 local discriminator and a BFD Session in 1176 the BfdSessTable." 1177 ::= { bfdSessDiscMapEntry 1 } 1179 -- BFD Session IP Mapping Table 1181 bfdSessIpMapTable OBJECT-TYPE 1182 SYNTAX SEQUENCE OF BfdSessIpMapEntry 1183 MAX-ACCESS not-accessible 1184 STATUS current 1185 DESCRIPTION 1186 "The BFD Session IP Mapping Table maps given 1187 bfdSessInterface, bfdSessSrcAddrType, bfdSessSrcAddr, 1188 bfdSessDstAddrType and bfdSessDstAddr 1189 to an associated BFD session found in the 1190 bfdSessionTable." 1191 ::= { bfdObjects 5 } 1193 bfdSessIpMapEntry OBJECT-TYPE 1194 SYNTAX BfdSessIpMapEntry 1195 MAX-ACCESS not-accessible 1196 STATUS current 1197 DESCRIPTION 1198 "The BFD Session IP Map Entry contains a mapping 1199 from the IP information for a session, to the session 1200 in the bfdSessionTable." 1201 INDEX { 1202 bfdSessInterface, 1203 bfdSessSrcAddrType, 1204 bfdSessSrcAddr, 1205 bfdSessDstAddrType, 1206 bfdSessDstAddr 1207 } 1208 ::= { bfdSessIpMapTable 1 } 1210 BfdSessIpMapEntry ::= SEQUENCE { 1211 bfdSessIpMapIndex BfdSessIndexTC 1212 } 1214 bfdSessIpMapIndex OBJECT-TYPE 1215 SYNTAX BfdSessIndexTC 1216 MAX-ACCESS read-only 1217 STATUS current 1218 DESCRIPTION 1219 "This object specifies the BfdSessIndexTC referred 1220 to by the indexes of this row. In essence, a mapping is 1221 provided between these indexes and the BfdSessTable." 1222 ::= { bfdSessIpMapEntry 1 } 1224 -- Notification Configuration 1226 bfdSessUp NOTIFICATION-TYPE 1227 OBJECTS { 1228 bfdSessDiag, -- low range value 1229 bfdSessDiag -- high range value 1230 } 1231 STATUS current 1232 DESCRIPTION 1233 "This notification is generated when the 1234 bfdSessState object for one or more contiguous 1235 entries in bfdSessTable are about to enter the up(4) 1236 state from some other state. The included values of 1237 bfdSessDiag MUST both be set equal to this 1238 new state (i.e: up(4)). The two instances of 1239 bfdSessDiag in this notification indicate the range 1240 of indexes that are affected. Note that all the indexes 1241 of the two ends of the range can be derived from the 1242 instance identifiers of these two objects. For the 1243 cases where a contiguous range of sessions 1244 have transitioned into the up(4) state at roughly 1245 the same time, the device SHOULD issue a single 1246 notification for each range of contiguous indexes in 1247 an effort to minimize the emission of a large number 1248 of notifications. If a notification has to be 1249 issued for just a single bfdSessEntry, then 1250 the instance identifier (and values) of the two 1251 bfdSessDiag objects MUST be the identical." 1252 ::= { bfdNotifications 1 } 1254 bfdSessDown NOTIFICATION-TYPE 1255 OBJECTS { 1256 bfdSessDiag, -- low range value 1257 bfdSessDiag -- high range value 1258 } 1259 STATUS current 1260 DESCRIPTION 1261 "This notification is generated when the 1262 bfdSessState object for one or more contiguous 1263 entries in bfdSessTable are about to enter the down(2) 1264 or adminDown(1) states from some other state. The included 1265 values of bfdSessDiag MUST both be set equal to this new 1266 state (i.e: down(2) or adminDown(1)). The two instances 1267 of bfdSessDiag in this notification indicate the range 1268 of indexes that are affected. Note that all the indexes 1269 of the two ends of the range can be derived from the 1270 instance identifiers of these two objects. For 1271 cases where a contiguous range of sessions 1272 have transitioned into the down(2) or adminDown(1) states 1273 at roughly the same time, the device SHOULD issue a single 1274 notification for each range of contiguous indexes in 1275 an effort to minimize the emission of a large number 1276 of notifications. If a notification has to be 1277 issued for just a single bfdSessEntry, then 1278 the instance identifier (and values) of the two 1279 bfdSessDiag objects MUST be the identical." 1280 ::= { bfdNotifications 2 } 1282 -- Module compliance. 1284 bfdGroups 1285 OBJECT IDENTIFIER ::= { bfdConformance 1 } 1287 bfdCompliances 1288 OBJECT IDENTIFIER ::= { bfdConformance 2 } 1290 -- Compliance requirement for fully compliant implementations. 1292 bfdModuleFullCompliance MODULE-COMPLIANCE 1293 STATUS current 1294 DESCRIPTION 1295 "Compliance statement for agents that provide full 1296 support for the BFD-MIB module. Such devices can 1297 then be monitored and also be configured using 1298 this MIB module." 1300 MODULE -- This module. 1302 MANDATORY-GROUPS { 1303 bfdSessionGroup, 1304 bfdSessionReadOnlyGroup, 1305 bfdSessionPerfGroup, 1306 bfdNotificationGroup 1307 } 1309 GROUP bfdSessionPerfHCGroup 1310 DESCRIPTION "This group is mandatory for all systems that 1311 are able to support the Counter64 date type." 1313 OBJECT bfdSessSrcAddrType 1314 SYNTAX InetAddressType { unknown(0), ipv4(1), 1315 ipv6(2), ipv6z(4) } 1316 DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4) 1317 support are required. ipv4z(3) is not required 1318 and dns(16) is not allowed." 1320 OBJECT bfdSessSrcAddr 1321 SYNTAX InetAddress (SIZE (0|4|16|20)) 1322 DESCRIPTION "An implementation is only required to support 1323 unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes." 1325 OBJECT bfdSessDstAddrType 1326 SYNTAX InetAddressType { unknown(0), ipv4(1), 1327 ipv6(2), ipv6z(4) } 1328 DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4) 1329 support are required. ipv4z(3) is not required 1330 and dns(16) is not allowed." 1332 OBJECT bfdSessDstAddr 1333 SYNTAX InetAddress (SIZE (0|4|16|20)) 1334 DESCRIPTION "An implementation is only required to support 1335 unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes." 1337 OBJECT bfdSessRowStatus 1338 SYNTAX RowStatus { active(1), notInService(2) } 1339 WRITE-SYNTAX RowStatus { active(1), notInService(2), 1340 createAndGo(4), destroy(6) } 1341 DESCRIPTION "Support for createAndWait and notReady is not 1342 required." 1344 ::= { bfdCompliances 1 } 1346 bfdModuleReadOnlyCompliance MODULE-COMPLIANCE 1347 STATUS current 1348 DESCRIPTION 1349 "Compliance requirement for implementations that only 1350 provide read-only support for BFD-MIB. Such devices 1351 can then be monitored but cannot be configured using 1352 this MIB module." 1354 MODULE -- This module. 1356 MANDATORY-GROUPS { 1357 bfdSessionGroup, 1358 bfdSessionReadOnlyGroup, 1359 bfdSessionPerfGroup, 1360 bfdNotificationGroup 1361 } 1363 GROUP bfdSessionPerfHCGroup 1364 DESCRIPTION "This group is mandatory for all systems that 1365 are able to support the Counter64 date type." 1367 OBJECT bfdSessVersionNumber 1368 MIN-ACCESS read-only 1369 DESCRIPTION "Write access is not required." 1371 OBJECT bfdSessType 1372 MIN-ACCESS read-only 1373 DESCRIPTION "Write access is not required." 1375 OBJECT bfdSessDiscriminator 1376 MIN-ACCESS read-only 1377 DESCRIPTION "Write access is not required." 1379 OBJECT bfdSessDestinationUdpPort 1380 MIN-ACCESS read-only 1381 DESCRIPTION "Write access is not required." 1383 OBJECT bfdSessSourceUdpPort 1384 MIN-ACCESS read-only 1385 DESCRIPTION "Write access is not required." 1387 OBJECT bfdSessEchoSourceUdpPort 1388 MIN-ACCESS read-only 1389 DESCRIPTION "Write access is not required." 1391 OBJECT bfdSessAdminStatus 1392 MIN-ACCESS read-only 1393 DESCRIPTION "Write access is not required." 1394 OBJECT bfdSessOperMode 1395 MIN-ACCESS read-only 1396 DESCRIPTION "Write access is not required." 1398 OBJECT bfdSessDemandModeDesiredFlag 1399 MIN-ACCESS read-only 1400 DESCRIPTION "Write access is not required." 1402 OBJECT bfdSessControlPlaneIndepFlag 1403 MIN-ACCESS read-only 1404 DESCRIPTION "Write access is not required." 1406 OBJECT bfdSessMultipointFlag 1407 MIN-ACCESS read-only 1408 DESCRIPTION "Write access is not required." 1410 OBJECT bfdSessInterface 1411 MIN-ACCESS read-only 1412 DESCRIPTION "Write access is not required." 1414 OBJECT bfdSessSrcAddrType 1415 SYNTAX InetAddressType { unknown(0), ipv4(1), 1416 ipv6(2), ipv6z(4) } 1417 MIN-ACCESS read-only 1418 DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4) 1419 support are required. ipv4z(3) is not required 1420 and dns(16) is not allowed." 1422 OBJECT bfdSessSrcAddr 1423 SYNTAX InetAddress (SIZE (0|4|16|20)) 1424 MIN-ACCESS read-only 1425 DESCRIPTION "An implementation is only required to support 1426 unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes." 1428 OBJECT bfdSessDstAddrType 1429 SYNTAX InetAddressType { unknown(0), ipv4(1), 1430 ipv6(2), ipv6z(4) } 1431 MIN-ACCESS read-only 1432 DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4) 1433 support are required. ipv4z(3) is not required 1434 and dns(16) is not allowed." 1436 OBJECT bfdSessDstAddr 1437 SYNTAX InetAddress (SIZE (0|4|16|20)) 1438 MIN-ACCESS read-only 1439 DESCRIPTION "An implementation is only required to support 1440 unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes." 1442 OBJECT bfdSessGTSM 1443 MIN-ACCESS read-only 1444 DESCRIPTION "Write access is not required." 1446 OBJECT bfdSessGTSMTTL 1447 MIN-ACCESS read-only 1448 DESCRIPTION "Write access is not required." 1450 OBJECT bfdSessDesiredMinTxInterval 1451 MIN-ACCESS read-only 1452 DESCRIPTION "Write access is not required." 1454 OBJECT bfdSessReqMinRxInterval 1455 MIN-ACCESS read-only 1456 DESCRIPTION "Write access is not required." 1458 OBJECT bfdSessReqMinEchoRxInterval 1459 MIN-ACCESS read-only 1460 DESCRIPTION "Write access is not required." 1462 OBJECT bfdSessDetectMult 1463 MIN-ACCESS read-only 1464 DESCRIPTION "Write access is not required." 1466 OBJECT bfdSessAuthPresFlag 1467 MIN-ACCESS read-only 1468 DESCRIPTION "Write access is not required." 1470 OBJECT bfdSessAuthenticationType 1471 MIN-ACCESS read-only 1472 DESCRIPTION "Write access is not required." 1474 OBJECT bfdSessAuthenticationKeyID 1475 MIN-ACCESS read-only 1476 DESCRIPTION "Write access is not required." 1478 OBJECT bfdSessAuthenticationKey 1479 MIN-ACCESS read-only 1480 DESCRIPTION "Write access is not required." 1482 OBJECT bfdSessStorageType 1483 MIN-ACCESS read-only 1484 DESCRIPTION "Write access is not required." 1486 OBJECT bfdSessRowStatus 1487 SYNTAX RowStatus { active(1) } 1488 MIN-ACCESS read-only 1489 DESCRIPTION "Write access is not required." 1490 ::= { bfdCompliances 2 } 1492 -- Units of conformance. 1494 bfdSessionGroup OBJECT-GROUP 1495 OBJECTS { 1496 bfdAdminStatus, 1497 bfdOperStatus, 1498 bfdNotificationsEnable, 1499 bfdSessVersionNumber, 1500 bfdSessType, 1501 bfdSessIndexNext, 1502 bfdSessDiscriminator, 1503 bfdSessDestinationUdpPort, 1504 bfdSessSourceUdpPort, 1505 bfdSessEchoSourceUdpPort, 1506 bfdSessAdminStatus, 1507 bfdSessOperStatus, 1508 bfdSessOperMode, 1509 bfdSessDemandModeDesiredFlag, 1510 bfdSessControlPlaneIndepFlag, 1511 bfdSessMultipointFlag, 1512 bfdSessInterface, 1513 bfdSessSrcAddrType, 1514 bfdSessSrcAddr, 1515 bfdSessDstAddrType, 1516 bfdSessDstAddr, 1517 bfdSessGTSM, 1518 bfdSessGTSMTTL, 1519 bfdSessDesiredMinTxInterval, 1520 bfdSessReqMinRxInterval, 1521 bfdSessReqMinEchoRxInterval, 1522 bfdSessDetectMult, 1523 bfdSessAuthPresFlag, 1524 bfdSessAuthenticationType, 1525 bfdSessAuthenticationKeyID, 1526 bfdSessAuthenticationKey, 1527 bfdSessStorageType, 1528 bfdSessRowStatus 1529 } 1530 STATUS current 1531 DESCRIPTION 1532 "Collection of objects needed for BFD sessions." 1533 ::= { bfdGroups 1 } 1535 bfdSessionReadOnlyGroup OBJECT-GROUP 1536 OBJECTS { 1537 bfdSessRemoteDiscr, 1538 bfdSessState, 1539 bfdSessRemoteHeardFlag, 1540 bfdSessDiag, 1541 bfdSessNegotiatedInterval, 1542 bfdSessNegotiatedEchoInterval, 1543 bfdSessNegotiatedDetectMult, 1544 bfdSessDiscMapIndex, 1545 bfdSessIpMapIndex 1546 } 1547 STATUS current 1548 DESCRIPTION 1549 "Collection of read-only objects needed for BFD sessions." 1550 ::= { bfdGroups 2 } 1552 bfdSessionPerfGroup OBJECT-GROUP 1553 OBJECTS { 1554 bfdSessPerfCtrlPktIn, 1555 bfdSessPerfCtrlPktOut, 1556 bfdSessPerfCtrlPktDrop, 1557 bfdSessPerfCtrlPktDropLastTime, 1558 bfdSessPerfEchoPktIn, 1559 bfdSessPerfEchoPktOut, 1560 bfdSessPerfEchoPktDrop, 1561 bfdSessPerfEchoPktDropLastTime, 1562 bfdSessUpTime, 1563 bfdSessPerfLastSessDownTime, 1564 bfdSessPerfLastCommLostDiag, 1565 bfdSessPerfSessUpCount, 1566 bfdSessPerfDiscTime 1567 } 1568 STATUS current 1569 DESCRIPTION 1570 "Collection of objects needed to monitor the 1571 performance of BFD sessions." 1572 ::= { bfdGroups 3 } 1574 bfdSessionPerfHCGroup OBJECT-GROUP 1575 OBJECTS { 1576 bfdSessPerfCtrlPktInHC, 1577 bfdSessPerfCtrlPktOutHC, 1578 bfdSessPerfCtrlPktDropHC, 1579 bfdSessPerfEchoPktInHC, 1580 bfdSessPerfEchoPktOutHC, 1581 bfdSessPerfEchoPktDropHC 1582 } 1584 STATUS current 1585 DESCRIPTION 1586 "Collection of objects needed to monitor the 1587 performance of BFD sessions for which the 1588 values of bfdSessPerfPktIn, bfdSessPerfPktOut 1589 wrap around too quickly." 1590 ::= { bfdGroups 4 } 1592 bfdNotificationGroup NOTIFICATION-GROUP 1593 NOTIFICATIONS { 1594 bfdSessUp, 1595 bfdSessDown 1596 } 1597 STATUS current 1598 DESCRIPTION 1599 "Set of notifications implemented in this 1600 module." 1601 ::= { bfdGroups 5 } 1603 END 1605 6. Security Considerations 1607 As BFD may be tied into the stability of the network infrastructure 1608 (such as routing protocols), the effects of an attack on a BFD 1609 session may be very serious. This ultimately has denial-of-service 1610 effects, as links may be declared to be down (or falsely declared to 1611 be up.) As such, improper manipulation of the objects represented by 1612 this MIB may result in denial of service to a large number of end- 1613 users. 1615 There are a number of management objects defined in this MIB module 1616 with a MAX-ACCESS clause of read-write and/or read-create. Such 1617 objects may be considered sensitive or vulnerable in some network 1618 environments. The support for SET operations in a non-secure 1619 environment without proper protection can have a negative effect on 1620 network operations. These are the tables and objects and their 1621 sensitivity/vulnerability: 1623 o bfdAdminStatus - Improper change of bfdAdminStatus, to 1624 disabled(2), adminDown(3) or down(4), can cause significant 1625 disruption of the connectivity to those portions of the Internet 1626 reached via all the applicable remote BFD peers. 1628 o bfdSessAdminStatus - Improper change of bfdSessAdminStatus, to 1629 disabled(2), adminDown(3) or down(4), can cause significant 1630 disruption of the connectivity to those portions of the Internet 1631 reached via all the applicable remote BFD peers. 1633 o bfdSessDesiredMinTxInterval, bfdSessReqMinRxInterval, 1634 bfdSessReqMinEchoRxInterval, bfdSessDetectMult - Improper change 1635 of this object can cause connections to be disrupted for extremely 1636 long time periods when otherwise they would be restored in a 1637 relatively short period of time. 1639 o Some management objects define the BFD session whilst other 1640 management objects define the parameter of the BFD session. It is 1641 particularly important to control the support for SET access to 1642 those management objects that define the BFD session, as changes 1643 to them can be disruptive. Implementation SHOULD NOT allow 1644 changes to following management objects when bfdSessState is 1645 up(4): 1647 * bfdSessVersionNumber 1649 * bfdSessType 1651 * bfdSessDestinationUdpPort 1653 * bfdSessMultipointFlag 1655 * bfdSessInterface 1657 * bfdSessSrcAddrType 1659 * bfdSessSrcAddr 1661 * bfdSessDstAddrType 1663 * bfdSessDstAddr 1665 There are a number of management objects defined in this MIB module 1666 with a MAX-ACCESS clause of read-write and/or read-create. Such 1667 objects may be considered sensitive or vulnerable in some network 1668 environments. It is thus important to control even GET and/or NOTIFY 1669 access to these objects and possibly to even encrypt the values of 1670 these objects when sending them over the network via SNMP. 1672 o The bfdSessTable may be used to directly configure BFD sessions. 1673 The bfdSessMapTable can be used indirectly in the same way. 1674 Unauthorized access to objects in this table could result in 1675 disruption of traffic on the network. This is especially true if 1676 an unauthorized user configures enough tables to invoke a denial 1677 of service attack on the device where they are configured, or on a 1678 remote device where the sessions terminate. 1680 Some of the readable objects in this MIB module (i.e., objects with a 1681 MAX-ACCESS other than not-accessible) may be considered sensitive or 1682 vulnerable in some network environments. It is thus important to 1683 control even GET and/or NOTIFY access to these objects and possibly 1684 to even encrypt the values of these objects when sending them over 1685 the network via SNMP. These are the tables and objects and their 1686 sensitivity/vulnerability: 1688 o The bfdSessPerfTable both allows access to the performance 1689 characteristics of BFD sessions. Network administrators not 1690 wishing to show this information should consider this table 1691 sensitive. 1693 The bfdSessAuthenticationType, bfdSessAuthenticationKeyID, and 1694 bfdSessAuthenticationKey objects hold security methods and associated 1695 security keys of BFD sessions. These objects are highly sensitive. 1696 In order to prevent this sensitive information from being improperly 1697 accessed, implementers SHOULD disallow access to these objects. 1699 SNMP versions prior to SNMPv3 did not include adequate security. 1700 Even if the network itself is secure (for example by using IPSec), 1701 even then, there is no control as to who on the secure network is 1702 allowed to access and GET/SET (read/change/create/delete) the objects 1703 in this MIB module. 1705 It is RECOMMENDED that implementers consider the security features as 1706 provided by the SNMPv3 framework (see [RFC3410], section 8), 1707 including full support for the SNMPv3 cryptographic mechanisms (for 1708 authentication and privacy). 1710 Further, deployment of SNMP versions prior to SNMPv3 is NOT 1711 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 1712 enable cryptographic security. It is then a customer/operator 1713 responsibility to ensure that the SNMP entity giving access to an 1714 instance of this MIB module, is properly configured to give access to 1715 the objects only to those principals "users" that have legitimate 1716 rights to indeed GET or SET "change/create/delete" them. 1718 7. IANA Considerations 1720 The MIB module in this document uses the following IANA-assigned 1721 OBJECT IDENTIFIER values recorded in the SMI Numbers registry: 1723 Descriptor OBJECT IDENTIFIER value 1724 ---------- ----------------------- 1726 bfdMib { mib-2 XXX } 1728 [RFC-Editor's Note (to be removed prior to publication): the IANA is 1729 requested to assign a value for "XXX" under the 'mib-2' subtree and 1730 to record the assignment in the SMI Numbers registry. When the 1731 assignment has been made, the RFC Editor is asked to replace "XXX" 1732 (here and in the MIB module) with the assigned value and to remove 1733 this note.] 1735 8. Acknowledgments 1737 Authors would like to thank Adrian Farrel and Jeffrey Haas for 1738 performing thorough reviews and providing number of suggestions. 1739 Authors would also like to thank David Ward, Reshad Rahman, David 1740 Toscano, Sylvain Masse, Mark Tooker, Kiran Koushik Agrahara 1741 Sreenivasa, David Black and Bert Wijnen for their comments and 1742 suggestions. 1744 9. References 1746 9.1. Normative References 1748 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1749 Requirement Levels", BCP 14, RFC 2119, March 1997. 1751 [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. 1752 Schoenwaelder, Ed., "Structure of Management Information 1753 Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. 1755 [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. 1756 Schoenwaelder, Ed., "Textual Conventions for SMIv2", STD 1757 58, RFC 2579, April 1999. 1759 [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, 1760 "Conformance Statements for SMIv2", STD 58, RFC 2580, 1761 April 1999. 1763 [RFC5082] Gill, V., Heasley, J., Meyer, D., Savola, P., and C. 1764 Pignataro, "The Generalized TTL Security Mechanism 1765 (GTSM)", RFC 5082, October 2007. 1767 [RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection 1768 (BFD)", RFC 5880, June 2010. 1770 [RFC5881] Katz, D. and D. Ward, "Bidirectional Forwarding Detection 1771 (BFD) for IPv4 and IPv6 (Single Hop)", RFC 5881, June 1772 2010. 1774 [RFC5883] Katz, D. and D. Ward, "Bidirectional Forwarding Detection 1775 (BFD) for Multihop Paths", RFC 5883, June 2010. 1777 [RFC7130] Bhatia, M., Chen, M., Boutros, S., Binderberger, M., and 1778 J. Haas, "Bidirectional Forwarding Detection (BFD) on Link 1779 Aggregation Group (LAG) Interfaces", RFC 7130, February 1780 2014. 1782 [I-D.ietf-bfd-tc-mib] 1783 Nadeau, T., Ali, Z., and N. Akiya, "Definitions of Textual 1784 Conventions (TCs) for Bidirectional Forwarding Detection 1785 (BFD) Management", draft-ietf-bfd-tc-mib-08 (work in 1786 progress), May 2014. 1788 9.2. Informative References 1790 [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, 1791 "Introduction and Applicability Statements for Internet- 1792 Standard Management Framework", RFC 3410, December 2002. 1794 [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group 1795 MIB", RFC 2863, June 2000. 1797 [RFC3413] Levi, D., Meyer, P., and B. Stewart, "Simple Network 1798 Management Protocol (SNMP) Applications", STD 62, RFC 1799 3413, December 2002. 1801 [RFC3289] Baker, F., Chan, K., and A. Smith, "Management Information 1802 Base for the Differentiated Services Architecture", RFC 1803 3289, May 2002. 1805 Authors' Addresses 1807 Thomas D. Nadeau 1808 Brocade 1810 EMail: tnadeau@lucidvision.com 1812 Zafar Ali 1813 Cisco Systems 1815 EMail: zali@cisco.com 1817 Nobo Akiya 1818 Cisco Systems 1820 EMail: nobo@cisco.com