idnits 2.17.1 draft-ietf-bfd-mpls-mib-04.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- -- The document has examples using IPv4 documentation addresses according to RFC6890, but does not use any IPv6 documentation addresses. Maybe there should be IPv6 examples, too? Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (June 27, 2014) is 3584 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-11) exists of draft-ietf-mpls-tp-oam-id-mib-05 Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group 3 INTERNET-DRAFT Sam Aldrin 4 Intended Status: Standards Track Huawei Technologies 5 Expires: December 29, 2014 M.Venkatesan 6 Dell Inc. 7 Kannan KV Sampath 8 Redeem Software 9 Thomas D. Nadeau 10 Brocade 12 June 27, 2014 14 BFD Management Information Base (MIB) extensions 15 for MPLS and MPLS-TP Networks 16 draft-ietf-bfd-mpls-mib-04 18 Abstract 20 This draft defines a portion of the Management Information Base (MIB) 21 for use with network management protocols in the Internet community. 22 In particular, it extends the BFD Management Information Base BFD- 23 STD-MIB and describes the managed objects for modeling Bidirectional 24 Forwarding Detection (BFD) protocol for MPLS and MPLS-TP networks. 26 Status of this Memo 28 This Internet-Draft is submitted to IETF in full conformance with the 29 provisions of BCP 78 and BCP 79. 31 Internet-Drafts are working documents of the Internet Engineering 32 Task Force (IETF), its areas, and its working groups. Note that 33 other groups may also distribute working documents as Internet- 34 Drafts. 36 Internet-Drafts are draft documents valid for a maximum of six months 37 and may be updated, replaced, or obsoleted by other documents at any 38 time. It is inappropriate to use Internet-Drafts as reference 39 material or to cite them other than as "work in progress." 41 The list of current Internet-Drafts can be accessed at 42 http://www.ietf.org/ietf/1id-abstracts.txt. 44 The list of Internet-Draft Shadow Directories can be accessed at 45 http://www.ietf.org/shadow.html. 47 This Internet-Draft will expire on December 29, 2014. 49 Copyright Notice 51 Copyright (c) 2014 IETF Trust and the persons identified as the 52 document authors. All rights reserved. 54 This document is subject to BCP 78 and the IETF Trust's Legal 55 Provisions Relating to IETF Documents 56 (http://trustee.ietf.org/license-info) in effect on the date of 57 publication of this document. Please review these documents 58 carefully, as they describe your rights and restrictions with respect 59 to this document. Code Components extracted from this document must 60 include Simplified BSD License text as described in Section 4.e of 61 the Trust Legal Provisions and are provided without warranty as 62 described in the Simplified BSD License. 64 Table of Contents 66 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 67 2. The Internet-Standard Management Framework . . . . . . . . . . 3 68 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 69 3.1 Conventions used in this document . . . . . . . . . . . . . 3 70 3.2 Terminology . . . . . . . . . . . . . . . . . . . . . . . . 3 71 4. Acronyms . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 72 5. Brief description of MIB Objects . . . . . . . . . . . . . . . 4 73 5.1. Extensions to the BFD session table (bfdSessionTable) . . . 4 74 5.2. Example of BFD session configuration . . . . . . . . . . . 6 75 5.2.1 Example of BFD Session configuration for MPLS TE 76 tunnel . . . . . . . . . . . . . . . . . . . . . . . . . 6 77 5.2.2 Example of BFD Session configuration for ME of MPLS-TP 78 TE tunnel . . . . . . . . . . . . . . . . . . . . . . . 7 79 5.3. BFD objects for session performance counters . . . . . . . 9 80 6. BFD-EXT-STD-MIB Module Definition . . . . . . . . . . . . . . . 10 81 7. Security Considerations . . . . . . . . . . . . . . . . . . . . 18 82 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 20 83 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 20 84 9.1 Normative References . . . . . . . . . . . . . . . . . . . . 20 85 9.2 Informative References . . . . . . . . . . . . . . . . . . . 21 86 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 22 87 11. Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 22 89 1 Introduction 91 The current MIB for BFD as defined by BFD-STD-MIB is used for 92 neighbor monitoring in IP networks. The BFD session association to 93 the neighbors being monitored is done using the source and 94 destination IP addresses of the neighbors configured using the 95 respective MIB objects. 97 To monitor MPLS/MPLS-TP paths like tunnels or Pseudowires, there is a 98 necessity to identify or associate the BFD session to those paths. 100 This memo defines an portion of the Management Information Base (MIB) 101 for use with network management protocols in the Internet community. 102 In particular, it extends the BFD Management Information Base BFD- 103 STD-MIB and describes the managed objects to configure and/or monitor 104 Bidirectional Forwarding Detection (BFD) protocol for MPLS [RFC5884] 105 and MPLS-TP networks [RFC6428]. 107 2. The Internet-Standard Management Framework 109 For a detailed overview of the documents that describe the current 110 Internet-Standard Management Framework, please refer to section 7 of 111 RFC3410 [RFC3410]. 113 Managed objects are accessed via a virtual information store, termed 114 the Management Information Base or MIB. MIB objects are generally 115 accessed through the Simple Network Management Protocol (SNMP). 116 Objects in the MIB are defined using the mechanisms defined in the 117 Structure of Management Information (SMI). This memo specifies a MIB 118 module that is compliant to the SMIv2, which is described in STD 58, 119 RFC2578, STD 58, RFC2579 and STD58, RFC2580. 121 3. Overview 123 3.1 Conventions used in this document 125 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 126 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 127 document are to be interpreted as described in RFC-2119 [RFC2119]. 129 3.2 Terminology 131 This document adopts the definitions, acronyms and mechanisms 132 described in [BFD], [BFD-1HOP], [BFD-MH], [RFC5884], [RFC6428]. 133 Unless otherwise stated, the mechanisms described therein will not be 134 re-described here. 136 4. Acronyms 138 BFD: Bidirectional Forwarding Detection 139 CC: Continuity Check 140 CV: Connectivity Verification 141 IP: Internet Protocol 142 LDP: Label Distribution Protocol 143 LOC: Loss Of Continuity 144 LSP: Label Switching Path 145 LSR: Label Switching Router 146 ME: Maintenance Entity 147 MEG: Maintenance Entity Group 148 MEP: Maintenance Entity End-Point 149 MIP: Maintenance Entity Group Intermediate Point 150 MIB: Management Information Base 151 MPLS: Multi-Protocol Label Switching 152 MPLS-TP: MPLS Transport Profile 153 OAM: Operations, Administration, and Maintenance 154 PW: Pseudo Wire 155 RDI: Remote Defect Indication 156 TE: Traffic Engineering 157 TP: Transport Profile 159 5. Brief description of MIB Objects 161 The objects described in this section support the functionality 162 described in documents [RFC5884] and [RFC6428]. The objects are 163 defined as an extension to the BFD base MIB defined by BFD-STD-MIB. 165 5.1. Extensions to the BFD session table (bfdSessionTable) 167 The BFD session table used to identify a BFD session between a pair 168 of nodes, as defined in BFD-STD-MIB, is extended with managed objects 169 to achieve the required functionality in MPLS and MPLS-TP networks as 170 described below: 172 1. SessionRole - Active/Passive role specification for the BFD 173 session configured on the node. Either end of a BFD session 174 can be configured as Active/Passive to determine which 175 end starts transmitting the BFD control packets. 177 2. SessionMode - Defines the mode in which BFD 178 session is running, defined as below: 179 i. CC - Indicates Continuity Check and RDI operations. 181 ii. CV - Indicates Continuity Check, Connectivity 182 Verification and RDI operations. 184 3. Timer Negotiation Flag - Provides for timer negotiation 185 to be enabled or disabled. This object can be used to tune 186 the detection of period mis-configuration. 188 4. Map Type - Indicates the type of the path being monitored by 189 the BFD session. 190 This object can take the following values: 192 For BFD session over MPLS based paths: 194 nonTeIpv4 (1) - BFD session configured for Non-TE 195 IPv4 path 196 nonTeIpv6 (2) - BFD session configured for Non-TE 197 IPv6 path 198 teIpv4 (3) - BFD session configured for a TE 199 IPv4 path 200 teIpv6 (4) - BFD session configured for a TE 201 IPv6 path 202 pw (5) - BFD session configured for a pseudowire 204 For MPLS-TP based paths: 206 mep (6) - BFD session configured for an MPLS-TP path 207 (Bidirectional tunnel, PW or Sections) will map to 208 the corresponding maintenance entity. 210 5. Map Pointer 212 A Row Pointer object which can be used to point to the first 213 accessible object in the respective instance of the table entry 214 identifying the path being monitored (mplsXCEntry[RFC3813]/ 215 mplsTunnelEntry[RFC3812]/pwEntry[RFC5601] respectively for 216 LSP/Tunnel/PW). 218 For NON-TE LSP, the map pointer points to the corresponding 219 mplsXCEntry. 221 For TE based tunnel, the map pointer points to the corresponding 222 instance of the mplsTunnelEntry. 224 For PW, this object points to the corresponding instance of 225 pwEntry. 227 For MPLS-TP paths, this object points to the corresponding 228 instance of mplsOamIdMeEntry[MPLS-OAM-ID-STD-MIB] configured to 229 monitor the MPLS-TP path associated with the BFD session. 231 6. Usage of existing object bfdSessType: 233 Additionally existing object "bfdSessType" in the BFD base MIB 234 [BFD-STD-MIB] can be used with the already defined value 235 multiHopOutOfBandSignaling(3) to specify an OOB (Out of band) 236 mechanism [E.g. LSP Ping] for bootstrapping the BFD session. 238 5.2. Example of BFD session configuration 240 This section provides an example of BFD session configuration 241 for an MPLS and MPLS-TP TE tunnel. This example is only meant 242 to enable an understanding of the proposed extension and does not 243 illustrate every permutation of the MIB. 245 5.2.1 Example of BFD Session configuration for MPLS TE tunnel 247 This section provides an example BFD session configuration 248 for an MPLS TE tunnel. 250 The following denotes the configured tunnel "head" entry: 252 In mplsTunnelTable: 253 { 254 mplsTunnelIndex = 100, 255 mplsTunnelInstance = 1, 256 mplsTunnelIngressLSRId = 192.0.2.1, 257 mplsTunnelEgressLSRId = 192.0.2.3, 258 mplsTunnelName = "Tunnel", 259 ... 260 mplsTunnelSignallingProto = none (1), 261 mplsTunnelSetupPrio = 0, 262 mplsTunnelHoldingPrio = 0, 263 mplsTunnelSessionAttributes = 0, 264 mplsTunnelLocalProtectInUse = false (0), 265 mplsTunnelResourcePointer = mplsTunnelResourceMaxRate.5, 266 mplsTunnelInstancePriority = 1, 267 mplsTunnelHopTableIndex = 1, 268 mplsTunnelIncludeAnyAffinity = 0, 269 mplsTunnelIncludeAllAffinity = 0, 270 mplsTunnelExcludeAnyAffinity = 0, 271 mplsTunnelPathInUse = 1, 272 mplsTunnelRole = head (1), 273 ... 274 mplsTunnelRowStatus = Active 275 } 277 BFD session parameters used to monitor this tunnel should be 278 configured on head-end as follows: 280 In bfdSessTable: 281 BfdSessEntry ::= SEQUENCE { 282 -- BFD session index 283 bfdSessIndex = 2, 284 bfdSessVersionNumber = 1, 285 -- LSP Ping used for OOB bootstrapping 286 bfdSessType = multiHopOutOfBandSignaling, 287 ... 288 bfdSessAdminStatus = start, 289 ... 290 bfdSessDemandModeDesiredFlag = false, 291 bfdSessControlPlaneIndepFlag = false, 292 bfdSessMultipointFlag = false, 293 bfdSessDesiredMinTxInterval = 100000, 294 bfdSessReqMinRxInterval = 100000, 295 ... 296 -- Indicates that the BFD session is to monitor 297 -- an MPLS TE tunnel 298 bfdMplsSessMapType = teIpv4(3), 300 -- OID of the first accessible object (mplsTunnelName) of 301 -- the mplsTunnelEntry identifying the MPLS TE tunnel (being 302 -- monitored using BFD) in the MPLS tunnel table. 303 -- A value of zeroDotzero indicates that no association 304 -- has been made as yet between the BFD session and the path 305 -- being monitored. 306 -- In the above OID example: 307 -- 100 -> Tunnel Index 308 -- 1 -> Tunnel instance 309 -- 3221225985 -> Ingress LSR Id 192.0.2.1 310 -- 3221225987 -> Egress LSR Id 192.0.2.3 311 bfdMplsSessMapPointer 312 = mplsTunnelName.100.1.3221225985.3221225987, 313 bfdSessRowStatus = createAndGo 314 } 316 Similarly BFD session would be configured on the tail-end of 317 the tunnel. Creating the above row will trigger 318 the bootstrapping of the session using LSP Ping and its 319 subsequent establishment over the path by de-multiplexing of 320 the control packets using the BFD session discriminators. 322 5.2.2 Example of BFD Session configuration for ME of MPLS-TP TE tunnel 324 This example considers the OAM identifiers configuration on a 325 head-end LSR to manage and monitor a co-routed bidirectional MPLS 326 tunnel. 327 Only relevant objects which are applicable for IP based OAM 328 identifiers of co-routed MPLS tunnel are illustrated here. 330 In mplsOamIdMegTable: 331 { 332 -- MEG index (Index to the table) 333 mplsOamIdMegIndex = 1, 334 mplsOamIdMegName = "MEG1", 335 mplsOamIdMegOperatorType = ipCompatible (1), 336 mplsOamIdMegServiceType = lsp (1), 337 mplsOamIdMegMpLocation = perNode(1), 338 -- Mandatory parameters needed to activate the row go here 339 mplsOamIdMegRowStatus = createAndGo (4) 340 } 342 This will create an entry in the mplsOamIdMegTable to manage and 343 monitor the MPLS tunnel. 345 The following ME table is used to associate the path information 346 to a MEG. 348 In mplsOamIdMeTable: 349 { 350 -- ME index (Index to the table) 351 mplsOamIdMeIndex = 1, 352 -- MP index (Index to the table) 353 mplsOamIdMeMpIndex = 1, 354 mplsOamIdMeName = "ME1", 355 mplsOamIdMeMpIfIndex = 0, 356 -- Source MEP id is derived from the IP compatible MPLS tunnel 357 mplsOamIdMeSourceMepIndex = 0, 358 -- Source MEP id is derived from the IP compatible MPLS tunnel 359 mplsOamIdMeSinkMepIndex = 0, 360 mplsOamIdMeMpType = mep (1), 361 mplsOamIdMeMepDirection = down (2), 362 mplsOamIdMeProactiveOamPhbTCValue = 0, 363 mplsOamIdMeOnDemandOamPhbTCValue = 0, 364 -- RowPointer MUST point to the first accessible column of an 365 -- MPLS tunnel 366 mplsOamIdMeServicePointer = mplsTunnelName.1.1.1.2, 367 -- Mandatory parameters needed to activate the row go here 368 mplsOamIdMeRowStatus = createAndGo (4) 369 } 371 BFD session parameters used to monitor this tunnel should be 372 configured on head-end as follows: 374 In bfdSessTable: 375 BfdSessEntry ::= SEQUENCE { 376 -- BFD session index 377 bfdSessIndex = 2, 378 bfdSessVersionNumber = 1, 379 -- LSP Ping used for OOB bootstrapping 380 bfdSessType = multiHopOutOfBandSignaling, 381 ... 382 bfdSessAdminStatus = start, 383 ... 384 bfdSessDemandModeDesiredFlag = false, 385 bfdSessControlPlaneIndepFlag = false, 386 bfdSessMultipointFlag = false, 387 bfdSessDesiredMinTxInterval = 100000, 388 bfdSessReqMinRxInterval = 100000, 389 ... 390 -- Indicates that the BFD session is to monitor 391 -- a ME of an MPLS-TP TE tunnel 392 bfdMplsSessMapType = mep(6), 394 bfdMplsSessMapPointer 395 = mplsOamIdMeName.1.1.1, 396 bfdSessRowStatus = createAndGo 397 } 399 Similarly BFD session would be configured on the tail-end of 400 the tunnel and creating the above row will trigger 401 the bootstrapping of the session using LSP Ping and its subsequent 402 establishment over the path by de-multiplexing of the control 403 packets using the BFD session discriminators. 405 5.3. BFD objects for session performance counters 407 BFD-STD-MIB defines BFD Session Performance Table 408 (bfdSessionPerfTable), for collecting per-session BFD performance 409 counters, as an extension to the bfdSessionTable. 411 The bfdSessionPerfTable is extended with the performance counters 412 to collect Mis-connectivity Defect, Loss of Continuity Defect 413 and RDI (Remote Defect Indication) counters. 415 1. bfdMplsSessPerfMisDefCount - Mis-connectivity defect count 416 for this BFD session. 417 2. bfdMplsSessPerfLocDefCount - Loss of continuity defect count for 418 this BFD session. 419 3. bfdMplsSessPerfRdiInCount - Total number of RDI messages 420 received for this BFD session. 421 4. bfdMplsSessPerfRdiOutCount - Total number of RDI messages sent 422 for this BFD session. 424 6. BFD-EXT-STD-MIB Module Definition 425 BFD-EXT-STD-MIB DEFINITIONS ::= BEGIN 427 IMPORTS 428 MODULE-IDENTITY, OBJECT-TYPE, mib-2, 429 Counter32, zeroDotZero 430 FROM SNMPv2-SMI -- [RFC2578] 432 RowPointer,TruthValue,TEXTUAL-CONVENTION 433 FROM SNMPv2-TC -- [RFC2579] 435 MODULE-COMPLIANCE, OBJECT-GROUP 436 FROM SNMPv2-CONF -- [RFC2580] 438 bfdSessIndex 439 FROM BFD-STD-MIB; 441 bfdMplsMib MODULE-IDENTITY 442 LAST-UPDATED "201406270000Z" -- June 27 2014 443 ORGANIZATION "IETF Bidirectional Forwarding Detection 444 Working Group" 445 CONTACT-INFO 446 " 447 Sam Aldrin 448 Huawei Technologies 449 2330 Central Express Way, 450 Santa Clara, CA 95051, USA 451 Email: aldrin.ietf@gmail.com 453 Venkatesan Mahalingam 454 Dell Inc. 455 5450 Great America Parkway, 456 Santa Clara, CA 95054, USA 457 Email: venkat.mahalingams@gmail.com 459 Kannan KV Sampath 460 Redeem Software 461 India 462 Email: kannankvs@gmail.com 464 Thomas D. Nadeau 465 Email: tnadeau@lucidvision.com" 467 DESCRIPTION 468 " Copyright (c) 2014 IETF Trust and the persons identified 469 as the document authors. All rights reserved. 470 This MIB module is an initial version containing objects 471 to provide a proactive mechanism to detect faults using 472 BFD for MPLS and MPLS-TP networks." 473 REVISION "201406270000Z" -- June 27 2014 474 DESCRIPTION 475 -- RFC Ed.: RFC-editor pls fill in xxxx 476 ::= { mib-2 XXX } -- XXX to be replaced with correct value 477 -- RFC Ed.: assigned by IANA 479 -- ------------------------------------------------------------ 480 -- groups in the MIB 481 -- ------------------------------------------------------------ 483 bfdMplsObjects OBJECT IDENTIFIER ::= { bfdMplsMib 0 } 484 bfdMplsConformance OBJECT IDENTIFIER ::= { bfdMplsMib 1 } 486 -- ------------------------------------------------------------ 487 -- Textual Conventions 488 -- ------------------------------------------------------------ 490 SessionMapTypeTC ::= TEXTUAL-CONVENTION 491 STATUS current 492 DESCRIPTION 493 "Used to indicate the type of MPLS or MPLS-TP path 494 associated to the session" 495 SYNTAX INTEGER { 496 nonTeIpv4(1), -- mapping into LDP IPv4 497 nonTeIpv6(2), -- mapping into LDP IPv6 498 teIpv4(3), -- mapping into TE IPv4 499 teIpv6(4), -- mapping into TE IPv6 500 pw(5), -- mapping into Pseudowires 501 mep(6) -- mapping into MEPs in MPLS-TP 502 } 504 DefectActionTC ::= TEXTUAL-CONVENTION 505 STATUS current 506 DESCRIPTION 507 "The action to be taken when the mis-connectivity/loss of 508 connectivity defect occurs in the MPLS or MPLS-TP 509 path associated to the session" 510 SYNTAX INTEGER { 511 alarmOnly(1), -- Alarm only 512 alarmAndBlockData(2) -- Alarm and block the data 513 } 515 -- ------------------------------------------------------------------ 516 -- BFD session table extensions for MPLS and MPLS-TP BFD sessions 517 -- ------------------------------------------------------------------ 518 -- bfdMplsSessTable - bfdSessTable Extension 519 bfdMplsSessTable OBJECT-TYPE 520 SYNTAX SEQUENCE OF BfdMplsSessEntry 521 MAX-ACCESS not-accessible 522 STATUS current 523 DESCRIPTION 524 "This table is an extension to the bfdSessTable for 525 configuring BFD sessions for MPLS or MPLS-TP paths." 526 ::= { bfdMplsObjects 1 } 528 bfdMplsSessEntry OBJECT-TYPE 529 SYNTAX BfdMplsSessEntry 530 MAX-ACCESS not-accessible 531 STATUS current 532 DESCRIPTION 533 "A row in this table extends a row in bfdSessTable." 534 INDEX { bfdSessIndex } 535 ::= { bfdMplsSessTable 1 } 537 BfdMplsSessEntry ::= SEQUENCE { 538 bfdMplsSessRole INTEGER, 539 bfdMplsSessMode INTEGER, 540 bfdMplsSessTmrNegotiate TruthValue, 541 bfdMplsSessMapType SessionMapTypeTC, 542 bfdMplsSessMapPointer RowPointer, 543 bfdMplsSessMisConnectivityDefectAction DefectActionTC, 544 bfdMplsSessLOCDefect DefectActionTC 545 } 547 bfdMplsSessRole OBJECT-TYPE 548 SYNTAX INTEGER { 549 active(1), 550 passive(2) 551 } 552 MAX-ACCESS read-create 553 STATUS current 554 DESCRIPTION 555 "This object specifies whether the system is playing the 556 active(1) role or the passive(2) role for this 557 BFD session." 558 REFERENCE 559 "RFC 5880, Section 6.1" 560 DEFVAL { active } 561 ::= { bfdMplsSessEntry 1 } 563 bfdMplsSessMode OBJECT-TYPE 564 SYNTAX INTEGER { 565 cc(1), 566 cv(2) 568 } 569 MAX-ACCESS read-create 570 STATUS current 571 DESCRIPTION 572 "This object specifies whether the BFD session is running 573 in Continuity Check(CC) or the Connectivity 574 Verification(CV) mode." 575 REFERENCE 576 "1.RFC6428, Proactive Connectivity Verification, 577 Continuity Check and Remote Defect Indication 578 for MPLS Transport Profile." 579 DEFVAL { cc } 580 ::= { bfdMplsSessEntry 2 } 582 bfdMplsSessTmrNegotiate OBJECT-TYPE 583 SYNTAX TruthValue 584 MAX-ACCESS read-create 585 STATUS current 586 DESCRIPTION 587 "This object specifies if timer negotiation is required for 588 the BFD session. When set to false, timer negotiation is 589 disabled." 590 DEFVAL { true } 591 ::= { bfdMplsSessEntry 3 } 593 bfdMplsSessMapType OBJECT-TYPE 594 SYNTAX SessionMapTypeTC 595 MAX-ACCESS read-create 596 STATUS current 597 DESCRIPTION 598 "This object indicates the type of path being monitored 599 by this BFD session entry." 600 DEFVAL { nonTeIpv4 } 601 ::= { bfdMplsSessEntry 4 } 603 bfdMplsSessMapPointer OBJECT-TYPE 604 SYNTAX RowPointer 605 MAX-ACCESS read-create 606 STATUS current 607 DESCRIPTION 608 "If bfdMplsSessMapType is nonTeIpv4(1) or nonTeIpv6(2), 609 then this object MUST contain zeroDotZero or point to 610 an instance of the mplsXCEntry indicating the LDP-based 611 LSP associated with this BFD session. 613 If bfdMplsSessMapType is teIpv4(3) or teIpv6(4), then 614 this object MUST contain zeroDotZero or point to 615 an instance of the mplsTunnelEntry indicating 616 the RSVP-based MPLS TE tunnel associated with this 617 BFD session. 619 If bfdMplsSessMapType is pw(5), then this object MUST 620 contain zeroDotZero or point to an instance of 621 the pwEntry indicating the MPLS Pseudowire associated 622 with this BFD session. 624 If bfdMplsSessMapTpye is mep(6). then this object MUST 625 contain zeroDotZero or point to an instance identifying 626 the mplsOamIdMeEntry configured for monitoring the MPLS-TP 627 path associated with this BFD session. 629 If this object points to a conceptual row instance 630 in a table consistent with bfdMplsSessMapType but this 631 instance does not currently exist then no valid 632 path is associated with this session entry. 634 If this object contains zeroDotZero then no valid path is 635 associated with this BFD session entry till it is 636 populated with a valid pointer consistent with 637 the value of bfdMplsSessMapType as explained above." 638 REFERENCE 639 "1. Multiprotocol Label Switching (MPLS) Traffic 640 Engineering (TE)Management Information Base (MIB), 641 [RFC3812]. 642 2. Multiprotocol Label Switching (MPLS) Label Switching 643 Router (LSR) Management Information Base (MIB), 644 [RFC3813]. 645 3. Pseudowire (PW) Management Information Base (MIB, 646 [RFC5601]. 647 4. MPLS-TP Operations, Administration, and Management 648 (OAM) Identifiers Management Information Base (MIB), ID 649 draft-ietf-mpls-tp-oam-id-mib-04, December 2013." 650 DEFVAL { zeroDotZero } 651 ::= { bfdMplsSessEntry 5 } 653 bfdMplsSessMisConnectivityDefectAction OBJECT-TYPE 654 SYNTAX DefectActionTC 655 MAX-ACCESS read-create 656 STATUS current 657 DESCRIPTION 658 "This object indicates the action to be taken when 659 the mis-connectivity defect is detected on 660 this BFD session." 661 DEFVAL { alarmOnly } 662 ::= { bfdMplsSessEntry 6 } 663 bfdMplsSessLOCDefect OBJECT-TYPE 664 SYNTAX DefectActionTC 665 MAX-ACCESS read-create 666 STATUS current 667 DESCRIPTION 668 "This object indicates the action to be taken when 669 the loss of continuity defect is detected on 670 this BFD session." 671 DEFVAL { alarmOnly } 672 ::= { bfdMplsSessEntry 7 } 674 -- ------------------------------------------------------------------ 675 -- BFD Objects for Session performance 676 -- ----------------------------------------------------------------- 677 -- bfdMplsSessPerfTable - bfdSessPerfTable Extension 679 bfdMplsSessPerfTable OBJECT-TYPE 680 SYNTAX SEQUENCE OF BfdMplsSessPerfEntry 681 MAX-ACCESS not-accessible 682 STATUS current 683 DESCRIPTION 684 "This table is an extension to the bfdSessPerfTable" 685 ::= { bfdMplsObjects 2 } 687 bfdMplsSessPerfEntry OBJECT-TYPE 688 SYNTAX BfdMplsSessPerfEntry 689 MAX-ACCESS not-accessible 690 STATUS current 691 DESCRIPTION 692 "A row in this table extends the bfdSessPerfTable" 693 INDEX { bfdSessIndex } 694 ::= { bfdMplsSessPerfTable 1 } 696 BfdMplsSessPerfEntry ::= SEQUENCE { 697 bfdMplsSessPerfMisDefCount Counter32, 698 bfdMplsSessPerfLocDefCount Counter32, 699 bfdMplsSessPerfRdiInCount Counter32, 700 bfdMplsSessPerfRdiOutCount Counter32 701 } 703 bfdMplsSessPerfMisDefCount OBJECT-TYPE 704 SYNTAX Counter32 705 MAX-ACCESS read-only 706 STATUS current 707 DESCRIPTION 708 "This object gives a count of the mis-connectivity defects 709 detected for the BFD session. For instance, this count 710 will be incremented when the received BFD control packet 711 carries an incorrect globally unique source 712 MEP identifier." 713 ::= { bfdMplsSessPerfEntry 1 } 715 bfdMplsSessPerfLocDefCount OBJECT-TYPE 716 SYNTAX Counter32 717 MAX-ACCESS read-only 718 STATUS current 719 DESCRIPTION 720 "This object gives a count of the Loss of continuity 721 defects detected in MPLS and MPLS-TP paths" 722 ::= { bfdMplsSessPerfEntry 2 } 724 bfdMplsSessPerfRdiInCount OBJECT-TYPE 725 SYNTAX Counter32 726 MAX-ACCESS read-only 727 STATUS current 728 DESCRIPTION 729 "This object gives a count of the Remote Defect 730 Indications received for the BFD session." 731 ::= { bfdMplsSessPerfEntry 3 } 733 bfdMplsSessPerfRdiOutCount OBJECT-TYPE 734 SYNTAX Counter32 735 MAX-ACCESS read-only 736 STATUS current 737 DESCRIPTION 738 "This object gives a count of the Remote Defect 739 Indications sent by the BFD session" 740 ::= { bfdMplsSessPerfEntry 4 } 742 -- Module compliance 744 bfdMplsGroups 745 OBJECT IDENTIFIER ::= { bfdMplsConformance 1 } 747 bfdMplsCompliances 748 OBJECT IDENTIFIER ::= { bfdMplsConformance 2 } 750 -- Compliance requirement for fully compliant implementations. 752 bfdMplsModuleFullCompliance MODULE-COMPLIANCE 753 STATUS current 754 DESCRIPTION 755 "Compliance statement for agents that provide full 756 support for the BFD-EXT-STD-MIB module. " 758 MODULE -- This module. 760 MANDATORY-GROUPS { 761 bfdSessionExtGroup, 762 bfdSessionExtPerfGroup 763 } 764 ::= { bfdMplsCompliances 1 } 766 -- Compliance requirement for read-only implementations. 768 bfdMplsModuleReadOnlyCompliance MODULE-COMPLIANCE 769 STATUS current 770 DESCRIPTION 771 "Compliance requirement for implementations that only 772 provide read-only support for BFD-EXT-STD-MIB. Such devices 773 can then be monitored but cannot be configured using 774 this MIB module." 776 MODULE -- This module. 778 MANDATORY-GROUPS { 779 bfdSessionExtGroup, 780 bfdSessionExtPerfGroup 781 } 783 OBJECT bfdMplsSessRole 784 MIN-ACCESS read-only 785 DESCRIPTION "Write access is not required." 787 OBJECT bfdMplsSessMode 788 MIN-ACCESS read-only 789 DESCRIPTION "Write access is not required." 791 OBJECT bfdMplsSessTmrNegotiate 792 MIN-ACCESS read-only 793 DESCRIPTION "Write access is not required." 795 OBJECT bfdMplsSessMapType 796 MIN-ACCESS read-only 797 DESCRIPTION "Write access is not required." 799 OBJECT bfdMplsSessMapPointer 800 MIN-ACCESS read-only 801 DESCRIPTION "Write access is not required." 803 ::= { bfdMplsCompliances 2 } 805 -- Units of conformance. 807 bfdSessionExtGroup OBJECT-GROUP 808 OBJECTS { 809 bfdMplsSessRole, 810 bfdMplsSessMode, 811 bfdMplsSessTmrNegotiate, 812 bfdMplsSessMapType, 813 bfdMplsSessMapPointer, 814 bfdMplsSessMisConnectivityDefectAction, 815 bfdMplsSessLOCDefect 816 } 817 STATUS current 818 DESCRIPTION 819 "Collection of objects needed for BFD monitoring for 820 MPLS and MPLS-TP paths" 821 ::= { bfdMplsGroups 1 } 823 bfdSessionExtPerfGroup OBJECT-GROUP 824 OBJECTS { 825 bfdMplsSessPerfMisDefCount, 826 bfdMplsSessPerfLocDefCount, 827 bfdMplsSessPerfRdiInCount, 828 bfdMplsSessPerfRdiOutCount 829 } 830 STATUS current 831 DESCRIPTION 832 "Collection of objects needed to monitor the 833 performance of BFD sessions on MPLS and MPLS-TP 834 paths" 835 ::= { bfdMplsGroups 2 } 837 END 839 7. Security Considerations 841 As BFD session for MPLS path may be tied into the stability of 842 the MPLS network infrastructure, the effects of an attack on a BFD 843 session may be very serious. This ultimately has denial-of-service 844 effects, as links may be declared to be down (or falsely declared to 845 be up.) As such, improper configuration of the objects represented 846 by this MIB may result in denial of service to a large number of end- 847 users. 849 There are a number of management objects defined in this MIB module 850 with a MAX-ACCESS clause of read-write and/or read-create. Such 851 objects may be considered sensitive or vulnerable in some network 852 environments. The support for SET operations in a non-secure 853 environment without proper protection can have a negative effect on 854 network operations. 856 There are a number of management objects defined in this MIB module 857 with a MAX-ACCESS clause of read-write and/or read-create. Such 858 objects may be considered sensitive or vulnerable in some network 859 environments. It is thus important to control even GET and/or NOTIFY 860 access to these objects and possibly to even encrypt the values of 861 these objects when sending them over the network via SNMP. 863 o The bfdMplsSessTable may be used to directly configure BFD 864 sessions for MPLS path. 865 Unauthorized access to objects in this table could result in 866 disruption of traffic on the network. This is especially true if 867 an unauthorized user configures enough tables to invoke a denial 868 of service attack on the device where they are configured, or on 869 a remote device where the sessions terminate. 871 Some of the readable objects in this MIB module (i.e., objects with a 872 MAX-ACCESS other than not-accessible) may be considered sensitive or 873 vulnerable in some network environments. It is thus important to 874 control even GET and/or NOTIFY access to these objects and possibly 875 to even encrypt the values of these objects when sending them over 876 the network via SNMP. These are the tables and objects and their 877 sensitivity/vulnerability: 879 o The bfdSessPerfTable and bfdMplsSessPerfTable both allows access 880 to the performance characteristics of BFD sessions for MPLS 881 paths. Network administrators not wishing to show 882 this information should consider this table sensitive. 884 The bfdSessAuthenticationType, bfdSessAuthenticationKeyID, and 885 bfdSessAuthenticationKey objects hold security methods and 886 associated security keys of BFD sessions for MPLS paths. These 887 objects SHOULD be considered highly sensitive objects. In order 888 for these sensitive information from being improperly accessed, 889 implementers MAY wish to disallow read and create access to these 890 objects. 892 SNMP versions prior to SNMPv3 did not include adequate security. 893 Even if the network itself is secure "for example by using IPSec", 894 even then, there is no control as to who on the secure network is 895 allowed to access and GET/SET "read/change/create/delete" the objects 896 in these MIB modules. 898 It is RECOMMENDED that implementers consider the security features as 899 provided by the SNMPv3 framework (see [RFC3410], section 8), 900 including full support for the SNMPv3 cryptographic mechanisms "for 901 authentication and privacy". 903 Further, deployment of SNMP versions prior to SNMPv3 is not 904 recommended. Instead, it is RECOMMENDED to deploy SNMPv3 and to 905 enable cryptographic security. It is then a customer/operator 906 responsibility to ensure that the SNMP entity giving access to an 907 instance of this MIB module, is properly configured to give access to 908 the objects only to those principals "users" that have legitimate 909 rights to indeed GET or SET "change/create/delete" them. 911 8. IANA Considerations 913 The MIB module in this document uses the following IANA-assigned 914 OBJECT IDENTIFIER values recorded in the SMI Numbers registry: 916 Descriptor OBJECT IDENTIFIER value 917 ---------- ----------------------- 919 bfdMplsMib { mib-2 XXX } 921 [Editor's Note (to be removed prior to publication): the IANA is 922 requested to assign a value for "XXX" under the 'mib-2' subtree 923 and to record the assignment in the SMI Numbers registry. When 924 the assignment has been made, the RFC Editor is asked to replace 925 "XXX" here and in the MIB module) with the assigned value and 926 to remove this note.] 928 9. References 930 9.1 Normative References 932 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 933 Requirement Levels", BCP 14, RFC 2119, March 1997. 935 [BFD] Katz, D. and D. Ward, "Bidirectional Forwarding 936 Detection (BFD)", RFC 5880, June 2010. 938 [BFD-1HOP] Katz, D. and D. Ward, "Bidirectional Forwarding 939 Detection (BFD) for IPv4 and IPv6 (Single Hop)", 940 RFC 5881, June 2010. 942 [BFD-MH] Katz, D. and D. Ward, "Bidirectional Forwarding 943 Detection (BFD) for Multihop Paths", RFC 5883, 944 June 2010. 946 [RFC5884] Aggarwal, R. et.al., "Bidirectional Forwarding 947 Detection (BFD) for MPLS Label Switched Paths (LSPs)", 948 RFC 5884, June 2010 950 [RFC6428] Allan, D., Swallow, G., Drake, J., "Proactive 951 Connectivity Verification, Continuity Check and Remote 952 Defect indication for MPLS Transport Profile", RFC 953 6428, November 2011. 955 [RFC2578] McCloghrie, K., Perkins, D., and J. Schoenwaelder, 956 "Structure of Management Information Version 2 (SMIv2)", 957 STD 58, RFC 2578, April 1999. 959 [RFC2579] McCloghrie, K., Perkins, D., and J. Schoenwaelder, 960 "Textual Conventions for SMIv2", STD 58, RFC 2579, April 961 1999. 963 [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, 964 "Conformance Statements for SMIv2", STD 58, RFC 2580, 965 April 1999. 967 9.2 Informative References 969 [RFC3410] J. Case, R. Mundy, D. pertain, B.Stewart, "Introduction 970 and Applicability Statement for Internet Standard 971 Management Framework", RFC 3410, December 2002. 973 [RFC3812] Srinivasan, C., Viswanathan, A., and T. Nadeau, 974 "Multiprotocol Label Switching (MPLS) Traffic Engineering 975 (TE) Management Information Base (MIB)", RFC 3812, June 976 2004. 978 [RFC3813] Srinivasan, C., Viswanathan, A., and T. Nadeau, 979 "Multiprotocol Label Switching (MPLS) Label Switching 980 (LSR) Router Management Information Base (MIB)", 981 RFC 3813, June 2004. 983 [RFC5601] T. Nadeau, Ed., D. Zelig, Ed., "Pseudowire (PW) 984 Management Information Base (MIB)", RFC 5601, 985 July 2009 987 [BFD-STD-MIB] T. Nadeau, Z. Ali, N. Akiya "BFD Management 988 Information Base", ID draft-ietf-bfd-mib-22, 989 June 2014. 991 [MPLS-OAM-ID-STD-MIB] Sam Aldrin, M.Venkatesan, Kannan KV Sampath, 992 Thomas D. Nadeau, Sami Boutros, Ping Pan, 993 "MPLS-TP Operations, Administration, and 994 Management (OAM) Identifiers Management 995 Information Base (MIB)", ID 996 draft-ietf-mpls-tp-oam-id-mib-05, 997 June 2014. 999 10. Acknowledgments 1001 The authors would like to thank Jeffrey Haas, Mukund Mani, 1002 Lavanya Srivatsa, Muly Ilan and John Salloway for their valuable 1003 comments. 1005 11. Authors' Addresses 1007 Sam Aldrin 1008 Huawei Technologies 1009 2330 Central Express Way, 1010 Santa Clara, CA 95051, USA 1011 Email: aldrin.ietf@gmail.com 1013 Venkatesan Mahalingam 1014 Dell Inc. 1015 5450 Great America Parkway, 1016 Santa Clara, CA 95054, USA 1017 Email: venkat.mahalingams@gmail.com 1019 Kannan KV Sampath 1020 Redeem Software 1021 India 1022 Email: kannankvs@gmail.com 1024 Thomas D. Nadeau 1025 Brocade 1026 Email: tnadeau@lucidvision.com