idnits 2.17.1 draft-ietf-bfd-mpls-mib-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- -- The document has examples using IPv4 documentation addresses according to RFC6890, but does not use any IPv6 documentation addresses. Maybe there should be IPv6 examples, too? Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (December 26, 2013) is 3745 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-22) exists of draft-ietf-bfd-mib-16 == Outdated reference: A later version (-11) exists of draft-ietf-mpls-tp-oam-id-mib-04 Summary: 0 errors (**), 0 flaws (~~), 3 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group 3 INTERNET-DRAFT Sam Aldrin 4 Intended Status: Standards Track Huawei Technologies 5 Expires: June 29, 2014 M.Venkatesan 6 Dell Inc. 7 Kannan KV Sampath 8 Redeem Software 9 Thomas D. Nadeau 11 December 26, 2013 13 BFD Management Information Base (MIB) extensions 14 for MPLS and MPLS-TP Networks 15 draft-ietf-bfd-mpls-mib-03 17 Abstract 19 This draft defines a portion of the Management Information Base (MIB) 20 for use with network management protocols in the Internet community. 21 In particular, it extends the BFD Management Information Base BFD- 22 STD-MIB and describes the managed objects for modeling Bidirectional 23 Forwarding Detection (BFD) protocol for MPLS and MPLS-TP networks. 25 Status of this Memo 27 This Internet-Draft is submitted to IETF in full conformance with the 28 provisions of BCP 78 and BCP 79. 30 Internet-Drafts are working documents of the Internet Engineering 31 Task Force (IETF), its areas, and its working groups. Note that 32 other groups may also distribute working documents as Internet- 33 Drafts. 35 Internet-Drafts are draft documents valid for a maximum of six months 36 and may be updated, replaced, or obsoleted by other documents at any 37 time. It is inappropriate to use Internet-Drafts as reference 38 material or to cite them other than as "work in progress." 40 The list of current Internet-Drafts can be accessed at 41 http://www.ietf.org/ietf/1id-abstracts.txt. 43 The list of Internet-Draft Shadow Directories can be accessed at 44 http://www.ietf.org/shadow.html. 46 This Internet-Draft will expire on June 29, 2014. 48 Copyright Notice 50 Copyright (c) 2013 IETF Trust and the persons identified as the 51 document authors. All rights reserved. 53 This document is subject to BCP 78 and the IETF Trust's Legal 54 Provisions Relating to IETF Documents 55 (http://trustee.ietf.org/license-info) in effect on the date of 56 publication of this document. Please review these documents 57 carefully, as they describe your rights and restrictions with respect 58 to this document. Code Components extracted from this document must 59 include Simplified BSD License text as described in Section 4.e of 60 the Trust Legal Provisions and are provided without warranty as 61 described in the Simplified BSD License. 63 Table of Contents 65 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 66 2. The Internet-Standard Management Framework . . . . . . . . . . 3 67 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 68 3.1 Conventions used in this document . . . . . . . . . . . . . 3 69 3.2 Terminology . . . . . . . . . . . . . . . . . . . . . . . . 3 70 4. Acronyms . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 71 5. Brief description of MIB Objects . . . . . . . . . . . . . . . 4 72 5.1. Extensions to the BFD session table (bfdSessionTable) . . . 4 73 5.2. Example of BFD session configuration . . . . . . . . . . . 6 74 5.2.1 Example of BFD Session configuration for MPLS TE 75 tunnel . . . . . . . . . . . . . . . . . . . . . . . . . 6 76 5.2.2 Example of BFD Session configuration for ME of MPLS-TP 77 TE tunnel . . . . . . . . . . . . . . . . . . . . . . . 7 78 5.3. BFD objects for session performance counters . . . . . . . 9 79 6. BFD-EXT-STD-MIB Module Definition . . . . . . . . . . . . . . . 10 80 7. Security Considerations . . . . . . . . . . . . . . . . . . . . 18 81 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 20 82 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 20 83 9.1 Normative References . . . . . . . . . . . . . . . . . . . . 20 84 9.2 Informative References . . . . . . . . . . . . . . . . . . . 21 85 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 22 86 11. Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 22 88 1 Introduction 90 The current MIB for BFD as defined by BFD-STD-MIB is used for 91 neighbor monitoring in IP networks. The BFD session association to 92 the neighbors being monitored is done using the source and 93 destination IP addresses of the neighbors configured using the 94 respective MIB objects. 96 To monitor MPLS/MPLS-TP paths like tunnels or Pseudowires, there is a 97 necessity to identify or associate the BFD session to those paths. 99 This memo defines an portion of the Management Information Base (MIB) 100 for use with network management protocols in the Internet community. 101 In particular, it extends the BFD Management Information Base BFD- 102 STD-MIB and describes the managed objects to configure and/or monitor 103 Bidirectional Forwarding Detection (BFD) protocol for MPLS [RFC5884] 104 and MPLS-TP networks [RFC6428]. 106 2. The Internet-Standard Management Framework 108 For a detailed overview of the documents that describe the current 109 Internet-Standard Management Framework, please refer to section 7 of 110 RFC3410 [RFC3410]. 112 Managed objects are accessed via a virtual information store, termed 113 the Management Information Base or MIB. MIB objects are generally 114 accessed through the Simple Network Management Protocol (SNMP). 115 Objects in the MIB are defined using the mechanisms defined in the 116 Structure of Management Information (SMI). This memo specifies a MIB 117 module that is compliant to the SMIv2, which is described in STD 58, 118 RFC2578, STD 58, RFC2579 and STD58, RFC2580. 120 3. Overview 122 3.1 Conventions used in this document 124 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 125 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 126 document are to be interpreted as described in RFC-2119 [RFC2119]. 128 3.2 Terminology 130 This document adopts the definitions, acronyms and mechanisms 131 described in [BFD], [BFD-1HOP], [BFD-MH], [RFC5884], [RFC6428]. 132 Unless otherwise stated, the mechanisms described therein will not be 133 re-described here. 135 4. Acronyms 137 BFD: Bidirectional Forwarding Detection 138 CC: Continuity Check 139 CV: Connectivity Verification 140 IP: Internet Protocol 141 LDP: Label Distribution Protocol 142 LOC: Loss Of Continuity 143 LSP: Label Switching Path 144 LSR: Label Switching Router 145 ME: Maintenance Entity 146 MEG: Maintenance Entity Group 147 MEP: Maintenance Entity End-Point 148 MIP: Maintenance Entity Group Intermediate Point 149 MIB: Management Information Base 150 MPLS: Multi-Protocol Label Switching 151 MPLS-TP: MPLS Transport Profile 152 OAM: Operations, Administration, and Maintenance 153 PW: Pseudo Wire 154 RDI: Remote Defect Indication 155 TE: Traffic Engineering 156 TP: Transport Profile 158 5. Brief description of MIB Objects 160 The objects described in this section support the functionality 161 described in documents [RFC5884] and [RFC6428]. The objects are 162 defined as an extension to the BFD base MIB defined by BFD-STD-MIB. 164 5.1. Extensions to the BFD session table (bfdSessionTable) 166 The BFD session table used to identify a BFD session between a pair 167 of nodes, as defined in BFD-STD-MIB, is extended with managed objects 168 to achieve the required functionality in MPLS and MPLS-TP networks as 169 described below: 171 1. SessionRole - Active/Passive role specification for the BFD 172 session configured on the node. Either end of a BFD session 173 can be configured as Active/Passive to determine which 174 end starts transmitting the BFD control packets. 176 2. SessionMode - Defines the mode in which BFD 177 session is running, defined as below: 178 i. CC - Indicates Continuity Check and RDI operations. 180 ii. CV - Indicates Continuity Check, Connectivity 181 Verification and RDI operations. 183 3. Timer Negotiation Flag - Provides for timer negotiation 184 to be enabled or disabled. This object can be used to tune 185 the detection of period mis-configuration. 187 4. Map Type - Indicates the type of the path being monitored by 188 the BFD session. 189 This object can take the following values: 191 For BFD session over MPLS based paths: 193 nonTeIpv4 (1) - BFD session configured for Non-TE 194 IPv4 path 195 nonTeIpv6 (2) - BFD session configured for Non-TE 196 IPv6 path 197 teIpv4 (3) - BFD session configured for a TE 198 IPv4 path 199 teIpv6 (4) - BFD session configured for a TE 200 IPv6 path 201 pw (5) - BFD session configured for a pseudowire 203 For MPLS-TP based paths: 205 mep (6) - BFD session configured for an MPLS-TP path 206 (Bidirectional tunnel, PW or Sections) will map to 207 the corresponding maintenance entity. 209 5. Map Pointer 211 A Row Pointer object which can be used to point to the first 212 accessible object in the respective instance of the table entry 213 identifying the path being monitored (mplsXCEntry[RFC3813]/ 214 mplsTunnelEntry[RFC3812]/pwEntry[RFC5601] respectively for 215 LSP/Tunnel/PW). 217 For NON-TE LSP, the map pointer points to the corresponding 218 mplsXCEntry. 220 For TE based tunnel, the map pointer points to the corresponding 221 instance of the mplsTunnelEntry. 223 For PW, this object points to the corresponding instance of 224 pwEntry. 226 For MPLS-TP paths, this object points to the corresponding 227 instance of mplsOamIdMeEntry[MPLS-OAM-ID-STD-MIB] configured to 228 monitor the MPLS-TP path associated with the BFD session. 230 6. Usage of existing object bfdSessType: 232 Additionally existing object "bfdSessType" in the BFD base MIB 233 [BFD-STD-MIB] can be used with the already defined value 234 multiHopOutOfBandSignaling(3) to specify an OOB (Out of band) 235 mechanism [E.g. LSP Ping] for bootstrapping the BFD session. 237 5.2. Example of BFD session configuration 239 This section provides an example of BFD session configuration 240 for an MPLS and MPLS-TP TE tunnel. This example is only meant 241 to enable an understanding of the proposed extension and does not 242 illustrate every permutation of the MIB. 244 5.2.1 Example of BFD Session configuration for MPLS TE tunnel 246 This section provides an example BFD session configuration 247 for an MPLS TE tunnel. 249 The following denotes the configured tunnel "head" entry: 251 In mplsTunnelTable: 252 { 253 mplsTunnelIndex = 100, 254 mplsTunnelInstance = 1, 255 mplsTunnelIngressLSRId = 192.0.2.1, 256 mplsTunnelEgressLSRId = 192.0.2.3, 257 mplsTunnelName = "Tunnel", 258 ... 259 mplsTunnelSignallingProto = none (1), 260 mplsTunnelSetupPrio = 0, 261 mplsTunnelHoldingPrio = 0, 262 mplsTunnelSessionAttributes = 0, 263 mplsTunnelLocalProtectInUse = false (0), 264 mplsTunnelResourcePointer = mplsTunnelResourceMaxRate.5, 265 mplsTunnelInstancePriority = 1, 266 mplsTunnelHopTableIndex = 1, 267 mplsTunnelIncludeAnyAffinity = 0, 268 mplsTunnelIncludeAllAffinity = 0, 269 mplsTunnelExcludeAnyAffinity = 0, 270 mplsTunnelPathInUse = 1, 271 mplsTunnelRole = head (1), 272 ... 273 mplsTunnelRowStatus = Active 274 } 276 BFD session parameters used to monitor this tunnel should be 277 configured on head-end as follows: 279 In bfdSessTable: 280 BfdSessEntry ::= SEQUENCE { 281 -- BFD session index 282 bfdSessIndex = 2, 283 bfdSessVersionNumber = 1, 284 -- LSP Ping used for OOB bootstrapping 285 bfdSessType = multiHopOutOfBandSignaling, 286 ... 287 bfdSessAdminStatus = start, 288 ... 289 bfdSessDemandModeDesiredFlag = false, 290 bfdSessControlPlaneIndepFlag = false, 291 bfdSessMultipointFlag = false, 292 bfdSessDesiredMinTxInterval = 100000, 293 bfdSessReqMinRxInterval = 100000, 294 ... 295 -- Indicates that the BFD session is to monitor 296 -- an MPLS TE tunnel 297 bfdMplsSessMapType = teIpv4(3), 299 -- OID of the first accessible object (mplsTunnelName) of 300 -- the mplsTunnelEntry identifying the MPLS TE tunnel (being 301 -- monitored using BFD) in the MPLS tunnel table. 302 -- A value of zeroDotzero indicates that no association 303 -- has been made as yet between the BFD session and the path 304 -- being monitored. 305 -- In the above OID example: 306 -- 100 -> Tunnel Index 307 -- 1 -> Tunnel instance 308 -- 3221225985 -> Ingress LSR Id 192.0.2.1 309 -- 3221225987 -> Egress LSR Id 192.0.2.3 310 bfdMplsSessMapPointer 311 = mplsTunnelName.100.1.3221225985.3221225987, 312 bfdSessRowStatus = createAndGo 313 } 315 Similarly BFD session would be configured on the tail-end of 316 the tunnel. Creating the above row will trigger 317 the bootstrapping of the session using LSP Ping and its 318 subsequent establishment over the path by de-multiplexing of 319 the control packets using the BFD session discriminators. 321 5.2.2 Example of BFD Session configuration for ME of MPLS-TP TE tunnel 323 This example considers the OAM identifiers configuration on a 324 head-end LSR to manage and monitor a co-routed bidirectional MPLS 325 tunnel. 326 Only relevant objects which are applicable for IP based OAM 327 identifiers of co-routed MPLS tunnel are illustrated here. 329 In mplsOamIdMegTable: 330 { 331 -- MEG index (Index to the table) 332 mplsOamIdMegIndex = 1, 333 mplsOamIdMegName = "MEG1", 334 mplsOamIdMegOperatorType = ipCompatible (1), 335 mplsOamIdMegServiceType = lsp (1), 336 mplsOamIdMegMpLocation = perNode(1), 337 -- Mandatory parameters needed to activate the row go here 338 mplsOamIdMegRowStatus = createAndGo (4) 339 } 341 This will create an entry in the mplsOamIdMegTable to manage and 342 monitor the MPLS tunnel. 344 The following ME table is used to associate the path information 345 to a MEG. 347 In mplsOamIdMeTable: 348 { 349 -- ME index (Index to the table) 350 mplsOamIdMeIndex = 1, 351 -- MP index (Index to the table) 352 mplsOamIdMeMpIndex = 1, 353 mplsOamIdMeName = "ME1", 354 mplsOamIdMeMpIfIndex = 0, 355 -- Source MEP id is derived from the IP compatible MPLS tunnel 356 mplsOamIdMeSourceMepIndex = 0, 357 -- Source MEP id is derived from the IP compatible MPLS tunnel 358 mplsOamIdMeSinkMepIndex = 0, 359 mplsOamIdMeMpType = mep (1), 360 mplsOamIdMeMepDirection = down (2), 361 mplsOamIdMeProactiveOamPhbTCValue = 0, 362 mplsOamIdMeOnDemandOamPhbTCValue = 0, 363 -- RowPointer MUST point to the first accessible column of an 364 -- MPLS tunnel 365 mplsOamIdMeServicePointer = mplsTunnelName.1.1.1.2, 366 -- Mandatory parameters needed to activate the row go here 367 mplsOamIdMeRowStatus = createAndGo (4) 368 } 370 BFD session parameters used to monitor this tunnel should be 371 configured on head-end as follows: 373 In bfdSessTable: 374 BfdSessEntry ::= SEQUENCE { 375 -- BFD session index 376 bfdSessIndex = 2, 377 bfdSessVersionNumber = 1, 378 -- LSP Ping used for OOB bootstrapping 379 bfdSessType = multiHopOutOfBandSignaling, 380 ... 381 bfdSessAdminStatus = start, 382 ... 383 bfdSessDemandModeDesiredFlag = false, 384 bfdSessControlPlaneIndepFlag = false, 385 bfdSessMultipointFlag = false, 386 bfdSessDesiredMinTxInterval = 100000, 387 bfdSessReqMinRxInterval = 100000, 388 ... 389 -- Indicates that the BFD session is to monitor 390 -- a ME of an MPLS-TP TE tunnel 391 bfdMplsSessMapType = mep(6), 393 bfdMplsSessMapPointer 394 = mplsOamIdMeName.1.1.1, 395 bfdSessRowStatus = createAndGo 396 } 398 Similarly BFD session would be configured on the tail-end of 399 the tunnel and creating the above row will trigger 400 the bootstrapping of the session using LSP Ping and its subsequent 401 establishment over the path by de-multiplexing of the control 402 packets using the BFD session discriminators. 404 5.3. BFD objects for session performance counters 406 BFD-STD-MIB defines BFD Session Performance Table 407 (bfdSessionPerfTable), for collecting per-session BFD performance 408 counters, as an extension to the bfdSessionTable. 410 The bfdSessionPerfTable is extended with the performance counters 411 to collect Mis-connectivity Defect, Loss of Continuity Defect 412 and RDI (Remote Defect Indication) counters. 414 1. bfdMplsSessPerfMisDefCount - Mis-connectivity defect count 415 for this BFD session. 416 2. bfdMplsSessPerfLocDefCount - Loss of continuity defect count for 417 this BFD session. 418 3. bfdMplsSessPerfRdiInCount - Total number of RDI messages 419 received for this BFD session. 420 4. bfdMplsSessPerfRdiOutCount - Total number of RDI messages sent 421 for this BFD session. 423 6. BFD-EXT-STD-MIB Module Definition 424 BFD-EXT-STD-MIB DEFINITIONS ::= BEGIN 426 IMPORTS 427 MODULE-IDENTITY, OBJECT-TYPE, mib-2, 428 Counter32, zeroDotZero 429 FROM SNMPv2-SMI -- [RFC2578] 431 RowPointer,TruthValue,TEXTUAL-CONVENTION 432 FROM SNMPv2-TC -- [RFC2579] 434 MODULE-COMPLIANCE, OBJECT-GROUP 435 FROM SNMPv2-CONF -- [RFC2580] 437 bfdSessIndex 438 FROM BFD-STD-MIB; 440 bfdMplsMib MODULE-IDENTITY 441 LAST-UPDATED "201312260000Z" -- December 26 2013 442 ORGANIZATION "IETF Bidirectional Forwarding Detection 443 Working Group" 444 CONTACT-INFO 445 " 446 Sam Aldrin 447 Huawei Technologies 448 2330 Central Express Way, 449 Santa Clara, CA 95051, USA 450 Email: aldrin.ietf@gmail.com 452 Venkatesan Mahalingam 453 Dell Inc. 454 350 Holger Way, 455 San Jose, CA 95134, USA 456 Email: venkat.mahalingams@gmail.com 458 Kannan KV Sampath 459 Redeem Software 460 India 461 Email: kannankvs@gmail.com 463 Thomas D. Nadeau 464 Email: tnadeau@lucidvision.com" 466 DESCRIPTION 467 " Copyright (c) 2013 IETF Trust and the persons identified 468 as the document authors. All rights reserved. 469 This MIB module is an initial version containing objects 470 to provide a proactive mechanism to detect faults using 471 BFD for MPLS and MPLS-TP networks." 472 REVISION "201312260000Z" -- December 26 2013 473 DESCRIPTION 474 -- RFC Ed.: RFC-editor pls fill in xxxx 475 ::= { mib-2 XXX } -- XXX to be replaced with correct value 476 -- RFC Ed.: assigned by IANA 478 -- ------------------------------------------------------------ 479 -- groups in the MIB 480 -- ------------------------------------------------------------ 482 bfdMplsObjects OBJECT IDENTIFIER ::= { bfdMplsMib 0 } 483 bfdMplsConformance OBJECT IDENTIFIER ::= { bfdMplsMib 1 } 485 -- ------------------------------------------------------------ 486 -- Textual Conventions 487 -- ------------------------------------------------------------ 489 SessionMapTypeTC ::= TEXTUAL-CONVENTION 490 STATUS current 491 DESCRIPTION 492 "Used to indicate the type of MPLS or MPLS-TP path 493 associated to the session" 494 SYNTAX INTEGER { 495 nonTeIpv4(1), -- mapping into LDP IPv4 496 nonTeIpv6(2), -- mapping into LDP IPv6 497 teIpv4(3), -- mapping into TE IPv4 498 teIpv6(4), -- mapping into TE IPv6 499 pw(5), -- mapping into Pseudowires 500 mep(6) -- mapping into MEPs in MPLS-TP 501 } 503 DefectActionTC ::= TEXTUAL-CONVENTION 504 STATUS current 505 DESCRIPTION 506 "The action to be taken when the mis-connectivity/loss of 507 connectivity defect occurs in the MPLS or MPLS-TP 508 path associated to the session" 509 SYNTAX INTEGER { 510 alarmOnly(1), -- Alarm only 511 alarmAndBlockData(2) -- Alarm and block the data 512 } 514 -- ------------------------------------------------------------------ 515 -- BFD session table extensions for MPLS and MPLS-TP BFD sessions 516 -- ------------------------------------------------------------------ 517 -- bfdMplsSessTable - bfdSessTable Extension 518 bfdMplsSessTable OBJECT-TYPE 519 SYNTAX SEQUENCE OF BfdMplsSessEntry 520 MAX-ACCESS not-accessible 521 STATUS current 522 DESCRIPTION 523 "This table is an extension to the bfdSessTable for 524 configuring BFD sessions for MPLS or MPLS-TP paths." 525 ::= { bfdMplsObjects 1 } 527 bfdMplsSessEntry OBJECT-TYPE 528 SYNTAX BfdMplsSessEntry 529 MAX-ACCESS not-accessible 530 STATUS current 531 DESCRIPTION 532 "A row in this table extends a row in bfdSessTable." 533 INDEX { bfdSessIndex } 534 ::= { bfdMplsSessTable 1 } 536 BfdMplsSessEntry ::= SEQUENCE { 537 bfdMplsSessRole INTEGER, 538 bfdMplsSessMode INTEGER, 539 bfdMplsSessTmrNegotiate TruthValue, 540 bfdMplsSessMapType SessionMapTypeTC, 541 bfdMplsSessMapPointer RowPointer, 542 bfdMplsSessMisConnectivityDefectAction DefectActionTC, 543 bfdMplsSessLOCDefect DefectActionTC 544 } 546 bfdMplsSessRole OBJECT-TYPE 547 SYNTAX INTEGER { 548 active(1), 549 passive(2) 550 } 551 MAX-ACCESS read-create 552 STATUS current 553 DESCRIPTION 554 "This object specifies whether the system is playing the 555 active(1) role or the passive(2) role for this 556 BFD session." 557 REFERENCE 558 "RFC 5880, Section 6.1" 559 DEFVAL { active } 560 ::= { bfdMplsSessEntry 1 } 562 bfdMplsSessMode OBJECT-TYPE 563 SYNTAX INTEGER { 564 cc(1), 565 cv(2) 567 } 568 MAX-ACCESS read-create 569 STATUS current 570 DESCRIPTION 571 "This object specifies whether the BFD session is running 572 in Continuity Check(CC) or the Connectivity 573 Verification(CV) mode." 574 REFERENCE 575 "1.RFC6428, Proactive Connectivity Verification, 576 Continuity Check and Remote Defect Indication 577 for MPLS Transport Profile." 578 DEFVAL { cc } 579 ::= { bfdMplsSessEntry 2 } 581 bfdMplsSessTmrNegotiate OBJECT-TYPE 582 SYNTAX TruthValue 583 MAX-ACCESS read-create 584 STATUS current 585 DESCRIPTION 586 "This object specifies if timer negotiation is required for 587 the BFD session. When set to false, timer negotiation is 588 disabled." 589 DEFVAL { true } 590 ::= { bfdMplsSessEntry 3 } 592 bfdMplsSessMapType OBJECT-TYPE 593 SYNTAX SessionMapTypeTC 594 MAX-ACCESS read-create 595 STATUS current 596 DESCRIPTION 597 "This object indicates the type of path being monitored 598 by this BFD session entry." 599 DEFVAL { nonTeIpv4 } 600 ::= { bfdMplsSessEntry 4 } 602 bfdMplsSessMapPointer OBJECT-TYPE 603 SYNTAX RowPointer 604 MAX-ACCESS read-create 605 STATUS current 606 DESCRIPTION 607 "If bfdMplsSessMapType is nonTeIpv4(1) or nonTeIpv6(2), 608 then this object MUST contain zeroDotZero or point to 609 an instance of the mplsXCEntry indicating the LDP-based 610 LSP associated with this BFD session. 612 If bfdMplsSessMapType is teIpv4(3) or teIpv6(4), then 613 this object MUST contain zeroDotZero or point to 614 an instance of the mplsTunnelEntry indicating 615 the RSVP-based MPLS TE tunnel associated with this 616 BFD session. 618 If bfdMplsSessMapType is pw(5), then this object MUST 619 contain zeroDotZero or point to an instance of 620 the pwEntry indicating the MPLS Pseudowire associated 621 with this BFD session. 623 If bfdMplsSessMapTpye is mep(6). then this object MUST 624 contain zeroDotZero or point to an instance identifying 625 the mplsOamIdMeEntry configured for monitoring the MPLS-TP 626 path associated with this BFD session. 628 If this object points to a conceptual row instance 629 in a table consistent with bfdMplsSessMapType but this 630 instance does not currently exist then no valid 631 path is associated with this session entry. 633 If this object contains zeroDotZero then no valid path is 634 associated with this BFD session entry till it is 635 populated with a valid pointer consistent with 636 the value of bfdMplsSessMapType as explained above." 637 REFERENCE 638 "1. Multiprotocol Label Switching (MPLS) Traffic 639 Engineering (TE)Management Information Base (MIB), 640 [RFC3812]. 641 2. Multiprotocol Label Switching (MPLS) Label Switching 642 Router (LSR) Management Information Base (MIB), 643 [RFC3813]. 644 3. Pseudowire (PW) Management Information Base (MIB, 645 [RFC5601]. 646 4. MPLS-TP Operations, Administration, and Management 647 (OAM) Identifiers Management Information Base (MIB), ID 648 draft-ietf-mpls-tp-oam-id-mib-04, December 2013." 649 DEFVAL { zeroDotZero } 650 ::= { bfdMplsSessEntry 5 } 652 bfdMplsSessMisConnectivityDefectAction OBJECT-TYPE 653 SYNTAX DefectActionTC 654 MAX-ACCESS read-create 655 STATUS current 656 DESCRIPTION 657 "This object indicates the action to be taken when 658 the mis-connectivity defect is detected on 659 this BFD session." 660 DEFVAL { alarmOnly } 661 ::= { bfdMplsSessEntry 6 } 662 bfdMplsSessLOCDefect OBJECT-TYPE 663 SYNTAX DefectActionTC 664 MAX-ACCESS read-create 665 STATUS current 666 DESCRIPTION 667 "This object indicates the action to be taken when 668 the loss of continuity defect is detected on 669 this BFD session." 670 DEFVAL { alarmOnly } 671 ::= { bfdMplsSessEntry 7 } 673 -- ------------------------------------------------------------------ 674 -- BFD Objects for Session performance 675 -- ----------------------------------------------------------------- 676 -- bfdMplsSessPerfTable - bfdSessPerfTable Extension 678 bfdMplsSessPerfTable OBJECT-TYPE 679 SYNTAX SEQUENCE OF BfdMplsSessPerfEntry 680 MAX-ACCESS not-accessible 681 STATUS current 682 DESCRIPTION 683 "This table is an extension to the bfdSessPerfTable" 684 ::= { bfdMplsObjects 2 } 686 bfdMplsSessPerfEntry OBJECT-TYPE 687 SYNTAX BfdMplsSessPerfEntry 688 MAX-ACCESS not-accessible 689 STATUS current 690 DESCRIPTION 691 "A row in this table extends the bfdSessPerfTable" 692 INDEX { bfdSessIndex } 693 ::= { bfdMplsSessPerfTable 1 } 695 BfdMplsSessPerfEntry ::= SEQUENCE { 696 bfdMplsSessPerfMisDefCount Counter32, 697 bfdMplsSessPerfLocDefCount Counter32, 698 bfdMplsSessPerfRdiInCount Counter32, 699 bfdMplsSessPerfRdiOutCount Counter32 700 } 702 bfdMplsSessPerfMisDefCount OBJECT-TYPE 703 SYNTAX Counter32 704 MAX-ACCESS read-only 705 STATUS current 706 DESCRIPTION 707 "This object gives a count of the mis-connectivity defects 708 detected for the BFD session. For instance, this count 709 will be incremented when the received BFD control packet 710 carries an incorrect globally unique source 711 MEP identifier." 712 ::= { bfdMplsSessPerfEntry 1 } 714 bfdMplsSessPerfLocDefCount OBJECT-TYPE 715 SYNTAX Counter32 716 MAX-ACCESS read-only 717 STATUS current 718 DESCRIPTION 719 "This object gives a count of the Loss of continuity 720 defects detected in MPLS and MPLS-TP paths" 721 ::= { bfdMplsSessPerfEntry 2 } 723 bfdMplsSessPerfRdiInCount OBJECT-TYPE 724 SYNTAX Counter32 725 MAX-ACCESS read-only 726 STATUS current 727 DESCRIPTION 728 "This object gives a count of the Remote Defect 729 Indications received for the BFD session." 730 ::= { bfdMplsSessPerfEntry 3 } 732 bfdMplsSessPerfRdiOutCount OBJECT-TYPE 733 SYNTAX Counter32 734 MAX-ACCESS read-only 735 STATUS current 736 DESCRIPTION 737 "This object gives a count of the Remote Defect 738 Indications sent by the BFD session" 739 ::= { bfdMplsSessPerfEntry 4 } 741 -- Module compliance 743 bfdMplsGroups 744 OBJECT IDENTIFIER ::= { bfdMplsConformance 1 } 746 bfdMplsCompliances 747 OBJECT IDENTIFIER ::= { bfdMplsConformance 2 } 749 -- Compliance requirement for fully compliant implementations. 751 bfdMplsModuleFullCompliance MODULE-COMPLIANCE 752 STATUS current 753 DESCRIPTION 754 "Compliance statement for agents that provide full 755 support for the BFD-EXT-STD-MIB module. " 757 MODULE -- This module. 759 MANDATORY-GROUPS { 760 bfdSessionExtGroup, 761 bfdSessionExtPerfGroup 762 } 763 ::= { bfdMplsCompliances 1 } 765 -- Compliance requirement for read-only implementations. 767 bfdMplsModuleReadOnlyCompliance MODULE-COMPLIANCE 768 STATUS current 769 DESCRIPTION 770 "Compliance requirement for implementations that only 771 provide read-only support for BFD-EXT-STD-MIB. Such devices 772 can then be monitored but cannot be configured using 773 this MIB module." 775 MODULE -- This module. 777 MANDATORY-GROUPS { 778 bfdSessionExtGroup, 779 bfdSessionExtPerfGroup 780 } 782 OBJECT bfdMplsSessRole 783 MIN-ACCESS read-only 784 DESCRIPTION "Write access is not required." 786 OBJECT bfdMplsSessMode 787 MIN-ACCESS read-only 788 DESCRIPTION "Write access is not required." 790 OBJECT bfdMplsSessTmrNegotiate 791 MIN-ACCESS read-only 792 DESCRIPTION "Write access is not required." 794 OBJECT bfdMplsSessMapType 795 MIN-ACCESS read-only 796 DESCRIPTION "Write access is not required." 798 OBJECT bfdMplsSessMapPointer 799 MIN-ACCESS read-only 800 DESCRIPTION "Write access is not required." 802 ::= { bfdMplsCompliances 2 } 804 -- Units of conformance. 806 bfdSessionExtGroup OBJECT-GROUP 807 OBJECTS { 808 bfdMplsSessRole, 809 bfdMplsSessMode, 810 bfdMplsSessTmrNegotiate, 811 bfdMplsSessMapType, 812 bfdMplsSessMapPointer, 813 bfdMplsSessMisConnectivityDefectAction, 814 bfdMplsSessLOCDefect 815 } 816 STATUS current 817 DESCRIPTION 818 "Collection of objects needed for BFD monitoring for 819 MPLS and MPLS-TP paths" 820 ::= { bfdMplsGroups 1 } 822 bfdSessionExtPerfGroup OBJECT-GROUP 823 OBJECTS { 824 bfdMplsSessPerfMisDefCount, 825 bfdMplsSessPerfLocDefCount, 826 bfdMplsSessPerfRdiInCount, 827 bfdMplsSessPerfRdiOutCount 828 } 829 STATUS current 830 DESCRIPTION 831 "Collection of objects needed to monitor the 832 performance of BFD sessions on MPLS and MPLS-TP 833 paths" 834 ::= { bfdMplsGroups 2 } 836 END 838 7. Security Considerations 840 As BFD session for MPLS path may be tied into the stability of 841 the MPLS network infrastructure, the effects of an attack on a BFD 842 session may be very serious. This ultimately has denial-of-service 843 effects, as links may be declared to be down (or falsely declared to 844 be up.) As such, improper configuration of the objects represented 845 by this MIB may result in denial of service to a large number of end- 846 users. 848 There are a number of management objects defined in this MIB module 849 with a MAX-ACCESS clause of read-write and/or read-create. Such 850 objects may be considered sensitive or vulnerable in some network 851 environments. The support for SET operations in a non-secure 852 environment without proper protection can have a negative effect on 853 network operations. 855 There are a number of management objects defined in this MIB module 856 with a MAX-ACCESS clause of read-write and/or read-create. Such 857 objects may be considered sensitive or vulnerable in some network 858 environments. It is thus important to control even GET and/or NOTIFY 859 access to these objects and possibly to even encrypt the values of 860 these objects when sending them over the network via SNMP. 862 o The bfdMplsSessTable may be used to directly configure BFD 863 sessions for MPLS path. 864 Unauthorized access to objects in this table could result in 865 disruption of traffic on the network. This is especially true if 866 an unauthorized user configures enough tables to invoke a denial 867 of service attack on the device where they are configured, or on 868 a remote device where the sessions terminate. 870 Some of the readable objects in this MIB module (i.e., objects with a 871 MAX-ACCESS other than not-accessible) may be considered sensitive or 872 vulnerable in some network environments. It is thus important to 873 control even GET and/or NOTIFY access to these objects and possibly 874 to even encrypt the values of these objects when sending them over 875 the network via SNMP. These are the tables and objects and their 876 sensitivity/vulnerability: 878 o The bfdSessPerfTable and bfdMplsSessPerfTable both allows access 879 to the performance characteristics of BFD sessions for MPLS 880 paths. Network administrators not wishing to show 881 this information should consider this table sensitive. 883 The bfdSessAuthenticationType, bfdSessAuthenticationKeyID, and 884 bfdSessAuthenticationKey objects hold security methods and 885 associated security keys of BFD sessions for MPLS paths. These 886 objects SHOULD be considered highly sensitive objects. In order 887 for these sensitive information from being improperly accessed, 888 implementers MAY wish to disallow read and create access to these 889 objects. 891 SNMP versions prior to SNMPv3 did not include adequate security. 892 Even if the network itself is secure "for example by using IPSec", 893 even then, there is no control as to who on the secure network is 894 allowed to access and GET/SET "read/change/create/delete" the objects 895 in these MIB modules. 897 It is RECOMMENDED that implementers consider the security features as 898 provided by the SNMPv3 framework (see [RFC3410], section 8), 899 including full support for the SNMPv3 cryptographic mechanisms "for 900 authentication and privacy". 902 Further, deployment of SNMP versions prior to SNMPv3 is not 903 recommended. Instead, it is RECOMMENDED to deploy SNMPv3 and to 904 enable cryptographic security. It is then a customer/operator 905 responsibility to ensure that the SNMP entity giving access to an 906 instance of this MIB module, is properly configured to give access to 907 the objects only to those principals "users" that have legitimate 908 rights to indeed GET or SET "change/create/delete" them. 910 8. IANA Considerations 912 The MIB module in this document uses the following IANA-assigned 913 OBJECT IDENTIFIER values recorded in the SMI Numbers registry: 915 Descriptor OBJECT IDENTIFIER value 916 ---------- ----------------------- 918 bfdMplsMib { mib-2 XXX } 920 [Editor's Note (to be removed prior to publication): the IANA is 921 requested to assign a value for "XXX" under the 'mib-2' subtree 922 and to record the assignment in the SMI Numbers registry. When 923 the assignment has been made, the RFC Editor is asked to replace 924 "XXX" here and in the MIB module) with the assigned value and 925 to remove this note.] 927 9. References 929 9.1 Normative References 931 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 932 Requirement Levels", BCP 14, RFC 2119, March 1997. 934 [BFD] Katz, D. and D. Ward, "Bidirectional Forwarding 935 Detection (BFD)", RFC 5880, June 2010. 937 [BFD-1HOP] Katz, D. and D. Ward, "Bidirectional Forwarding 938 Detection (BFD) for IPv4 and IPv6 (Single Hop)", 939 RFC 5881, June 2010. 941 [BFD-MH] Katz, D. and D. Ward, "Bidirectional Forwarding 942 Detection (BFD) for Multihop Paths", RFC 5883, 943 June 2010. 945 [RFC5884] Aggarwal, R. et.al., "Bidirectional Forwarding 946 Detection (BFD) for MPLS Label Switched Paths (LSPs)", 947 RFC 5884, June 2010 949 [RFC6428] Allan, D., Swallow, G., Drake, J., "Proactive 950 Connectivity Verification, Continuity Check and Remote 951 Defect indication for MPLS Transport Profile", RFC 952 6428, November 2011. 954 [RFC2578] McCloghrie, K., Perkins, D., and J. Schoenwaelder, 955 "Structure of Management Information Version 2 (SMIv2)", 956 STD 58, RFC 2578, April 1999. 958 [RFC2579] McCloghrie, K., Perkins, D., and J. Schoenwaelder, 959 "Textual Conventions for SMIv2", STD 58, RFC 2579, April 960 1999. 962 [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, 963 "Conformance Statements for SMIv2", STD 58, RFC 2580, 964 April 1999. 966 9.2 Informative References 968 [RFC3410] J. Case, R. Mundy, D. pertain, B.Stewart, "Introduction 969 and Applicability Statement for Internet Standard 970 Management Framework", RFC 3410, December 2002. 972 [RFC3812] Srinivasan, C., Viswanathan, A., and T. Nadeau, 973 "Multiprotocol Label Switching (MPLS) Traffic Engineering 974 (TE) Management Information Base (MIB)", RFC 3812, June 975 2004. 977 [RFC3813] Srinivasan, C., Viswanathan, A., and T. Nadeau, 978 "Multiprotocol Label Switching (MPLS) Label Switching 979 (LSR) Router Management Information Base (MIB)", 980 RFC 3813, June 2004. 982 [RFC5601] T. Nadeau, Ed., D. Zelig, Ed., "Pseudowire (PW) 983 Management Information Base (MIB)", RFC 5601, 984 July 2009 986 [BFD-STD-MIB] T. Nadeau, Z. Ali, N. Akiya "BFD Management 987 Information Base", ID draft-ietf-bfd-mib-16, 988 November 2013. 990 [MPLS-OAM-ID-STD-MIB] Sam Aldrin, M.Venkatesan, Kannan KV Sampath, 991 Thomas D. Nadeau, Sami Boutros, Ping Pan, 992 "MPLS-TP Operations, Administration, and 993 Management (OAM) Identifiers Management 994 Information Base (MIB)", ID 995 draft-ietf-mpls-tp-oam-id-mib-04, 996 December 2013. 998 10. Acknowledgments 1000 The authors would like to thank Jeffrey Haas, Mukund Mani, 1001 Lavanya Srivatsa, Muly Ilan and John Salloway for their valuable 1002 comments. 1004 11. Authors' Addresses 1006 Sam Aldrin 1007 Huawei Technologies 1008 2330 Central Express Way, 1009 Santa Clara, CA 95051, USA 1010 Email: aldrin.ietf@gmail.com 1012 Venkatesan Mahalingam 1013 Dell Inc. 1014 350 Holger Way, 1015 San Jose, CA 95134, USA 1016 Email: venkat.mahalingams@gmail.com 1018 Kannan KV Sampath 1019 Redeem Software 1020 India 1021 Email: kannankvs@gmail.com 1023 Thomas D. Nadeau 1024 Email: tnadeau@lucidvision.com