idnits 2.17.1 draft-ietf-bfd-mpls-mib-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- -- The document has examples using IPv4 documentation addresses according to RFC6890, but does not use any IPv6 documentation addresses. Maybe there should be IPv6 examples, too? Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (December 28, 2014) is 3406 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-11) exists of draft-ietf-mpls-tp-oam-id-mib-06 Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group 3 INTERNET-DRAFT Sam Aldrin 4 Intended Status: Standards Track Huawei Technologies 5 Expires: July 01, 2015 M.Venkatesan 6 Dell Inc. 7 Kannan KV Sampath 8 Redeem Software 9 Thomas D. Nadeau 10 Brocade 12 December 28, 2014 14 BFD Management Information Base (MIB) extensions 15 for MPLS and MPLS-TP Networks 16 draft-ietf-bfd-mpls-mib-05 18 Abstract 20 This draft defines a portion of the Management Information Base (MIB) 21 for use with network management protocols in the Internet community. 22 In particular, it extends the BFD Management Information Base and 23 describes the managed objects for modeling Bidirectional Forwarding 24 Detection (BFD) protocol for MPLS and MPLS-TP networks. 26 Status of this Memo 28 This Internet-Draft is submitted to IETF in full conformance with the 29 provisions of BCP 78 and BCP 79. 31 Internet-Drafts are working documents of the Internet Engineering 32 Task Force (IETF), its areas, and its working groups. Note that 33 other groups may also distribute working documents as Internet- 34 Drafts. 36 Internet-Drafts are draft documents valid for a maximum of six months 37 and may be updated, replaced, or obsoleted by other documents at any 38 time. It is inappropriate to use Internet-Drafts as reference 39 material or to cite them other than as "work in progress." 41 The list of current Internet-Drafts can be accessed at 42 http://www.ietf.org/ietf/1id-abstracts.txt. 44 The list of Internet-Draft Shadow Directories can be accessed at 45 http://www.ietf.org/shadow.html. 47 This Internet-Draft will expire on July 01, 2015. 49 Copyright Notice 51 Copyright (c) 2014 IETF Trust and the persons identified as the 52 document authors. All rights reserved. 54 This document is subject to BCP 78 and the IETF Trust's Legal 55 Provisions Relating to IETF Documents 56 (http://trustee.ietf.org/license-info) in effect on the date of 57 publication of this document. Please review these documents 58 carefully, as they describe your rights and restrictions with respect 59 to this document. Code Components extracted from this document must 60 include Simplified BSD License text as described in Section 4.e of 61 the Trust Legal Provisions and are provided without warranty as 62 described in the Simplified BSD License. 64 Table of Contents 66 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 67 2. The Internet-Standard Management Framework . . . . . . . . . . 3 68 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 69 3.1 Conventions used in this document . . . . . . . . . . . . . 3 70 3.2 Terminology . . . . . . . . . . . . . . . . . . . . . . . . 3 71 4. Acronyms . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 72 5. Brief description of MIB Objects . . . . . . . . . . . . . . . 4 73 5.1. Extensions to the BFD session table (bfdSessionTable) . . . 4 74 5.2. Example of BFD session configuration . . . . . . . . . . . 6 75 5.2.1 Example of BFD Session configuration for MPLS TE 76 tunnel . . . . . . . . . . . . . . . . . . . . . . . . . 6 77 5.2.2 Example of BFD Session configuration for ME of MPLS-TP 78 TE tunnel . . . . . . . . . . . . . . . . . . . . . . . 7 79 5.3. BFD objects for session performance counters . . . . . . . 9 80 6. BFD-EXT-STD-MIB Module Definition . . . . . . . . . . . . . . . 10 81 7. Security Considerations . . . . . . . . . . . . . . . . . . . . 18 82 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 20 83 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 20 84 9.1 Normative References . . . . . . . . . . . . . . . . . . . . 20 85 9.2 Informative References . . . . . . . . . . . . . . . . . . . 21 86 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 22 87 11. Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 22 89 1 Introduction 91 The current MIB for BFD as defined by [RFC7331] is used for neighbor 92 monitoring in IP networks. The BFD session association to the 93 neighbors being monitored is done using the source and destination IP 94 addresses of the neighbors configured using the respective MIB 95 objects. 97 To monitor MPLS/MPLS-TP paths like tunnels or Pseudowires, there is a 98 necessity to identify or associate the BFD session to those paths. 100 This memo defines an portion of the Management Information Base (MIB) 101 for use with network management protocols in the Internet community. 102 In particular, it extends the BFD Management Information Base 103 [RFC7331] and describes the managed objects to configure and/or 104 monitor Bidirectional Forwarding Detection (BFD) protocol for MPLS 105 [RFC5884] and MPLS-TP networks [RFC6428]. 107 2. The Internet-Standard Management Framework 109 For a detailed overview of the documents that describe the current 110 Internet-Standard Management Framework, please refer to section 7 of 111 RFC3410 [RFC3410]. 113 Managed objects are accessed via a virtual information store, termed 114 the Management Information Base or MIB. MIB objects are generally 115 accessed through the Simple Network Management Protocol (SNMP). 116 Objects in the MIB are defined using the mechanisms defined in the 117 Structure of Management Information (SMI). This memo specifies a MIB 118 module that is compliant to the SMIv2, which is described in STD 58, 119 RFC2578, STD 58, RFC2579 and STD58, RFC2580. 121 3. Overview 123 3.1 Conventions used in this document 125 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 126 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 127 "OPTIONAL" in this document are to be interpreted as described in 128 RFC-2119 [RFC2119]. 130 3.2 Terminology 132 This document adopts the definitions, acronyms and mechanisms 133 described in [BFD], [BFD-1HOP], [BFD-MH], [RFC5884], [RFC6428]. 134 Unless otherwise stated, the mechanisms described therein will not be 135 re-described here. 137 4. Acronyms 139 BFD: Bidirectional Forwarding Detection 140 CC: Continuity Check 141 CV: Connectivity Verification 142 IP: Internet Protocol 143 LDP: Label Distribution Protocol 144 LOC: Loss Of Continuity 145 LSP: Label Switching Path 146 LSR: Label Switching Router 147 ME: Maintenance Entity 148 MEG: Maintenance Entity Group 149 MEP: Maintenance Entity End-Point 150 MIP: Maintenance Entity Group Intermediate Point 151 MIB: Management Information Base 152 MPLS: Multi-Protocol Label Switching 153 MPLS-TP: MPLS Transport Profile 154 OAM: Operations, Administration, and Maintenance 155 PW: Pseudo Wire 156 RDI: Remote Defect Indication 157 TE: Traffic Engineering 158 TP: Transport Profile 160 5. Brief description of MIB Objects 162 The objects described in this section support the functionality 163 described in documents [RFC5884] and [RFC6428]. The objects are 164 defined as an extension to the BFD base MIB defined by [RFC7331]. 166 5.1. Extensions to the BFD session table (bfdSessionTable) 168 The BFD session table used to identify a BFD session between a pair 169 of nodes, as defined in [RFC7331], is extended with managed objects 170 to achieve the required functionality in MPLS and MPLS-TP networks as 171 described below: 173 1. SessionRole - Active/Passive role specification for the BFD 174 session configured on the node. Either end of a BFD session 175 can be configured as Active/Passive to determine which 176 end starts transmitting the BFD control packets. 178 2. SessionMode - Defines the mode in which BFD 179 session is running, defined as below: 180 i. CC - Indicates Continuity Check and RDI operations. 182 ii. CV - Indicates Continuity Check, Connectivity 183 Verification and RDI operations. 185 3. Timer Negotiation Flag - Provides for timer negotiation 186 to be enabled or disabled. This object can be used to tune 187 the detection of period mis-configuration. 189 4. Map Type - Indicates the type of the path being monitored by 190 the BFD session. 191 This object can take the following values: 193 For BFD session over MPLS based paths: 195 nonTeIpv4 (1) - BFD session configured for Non-TE 196 IPv4 path 197 nonTeIpv6 (2) - BFD session configured for Non-TE 198 IPv6 path 199 teIpv4 (3) - BFD session configured for a TE 200 IPv4 path 201 teIpv6 (4) - BFD session configured for a TE 202 IPv6 path 203 pw (5) - BFD session configured for a pseudowire 205 For MPLS-TP based paths: 207 mep (6) - BFD session configured for an MPLS-TP path 208 (Bidirectional tunnel, PW or Sections) will map to 209 the corresponding maintenance entity. 211 5. Map Pointer 213 A Row Pointer object which can be used to point to the first 214 accessible object in the respective instance of the table entry 215 identifying the path being monitored (mplsXCEntry[RFC3813]/ 216 mplsTunnelEntry[RFC3812]/pwEntry[RFC5601] respectively for 217 LSP/Tunnel/PW). 219 For NON-TE LSP, the map pointer points to the corresponding 220 mplsXCEntry. 222 For TE based tunnel, the map pointer points to the corresponding 223 instance of the mplsTunnelEntry. 225 For PW, this object points to the corresponding instance of 226 pwEntry. 228 For MPLS-TP paths, this object points to the corresponding 229 instance of mplsOamIdMeEntry[MPLS-OAM-ID-STD-MIB] configured to 230 monitor the MPLS-TP path associated with the BFD session. 232 6. Usage of existing object bfdSessType: 234 Additionally existing object "bfdSessType" in the BFD base MIB 235 [RFC7331] can be used with the already defined value 236 multiHopOutOfBandSignaling(3) to specify an OOB (Out of band) 237 mechanism [E.g. LSP Ping] for bootstrapping the BFD session. 239 5.2. Example of BFD session configuration 241 This section provides an example of BFD session configuration 242 for an MPLS and MPLS-TP TE tunnel. This example is only meant 243 to enable an understanding of the proposed extension and does not 244 illustrate every permutation of the MIB. 246 5.2.1 Example of BFD Session configuration for MPLS TE tunnel 248 This section provides an example BFD session configuration 249 for an MPLS TE tunnel. 251 The following denotes the configured tunnel "head" entry: 253 In mplsTunnelTable: 254 { 255 mplsTunnelIndex = 100, 256 mplsTunnelInstance = 1, 257 mplsTunnelIngressLSRId = 192.0.2.1, 258 mplsTunnelEgressLSRId = 192.0.2.3, 259 mplsTunnelName = "Tunnel", 260 ... 261 mplsTunnelSignallingProto = none (1), 262 mplsTunnelSetupPrio = 0, 263 mplsTunnelHoldingPrio = 0, 264 mplsTunnelSessionAttributes = 0, 265 mplsTunnelLocalProtectInUse = false (0), 266 mplsTunnelResourcePointer = mplsTunnelResourceMaxRate.5, 267 mplsTunnelInstancePriority = 1, 268 mplsTunnelHopTableIndex = 1, 269 mplsTunnelIncludeAnyAffinity = 0, 270 mplsTunnelIncludeAllAffinity = 0, 271 mplsTunnelExcludeAnyAffinity = 0, 272 mplsTunnelPathInUse = 1, 273 mplsTunnelRole = head (1), 274 ... 275 mplsTunnelRowStatus = Active 276 } 278 BFD session parameters used to monitor this tunnel should be 279 configured on head-end as follows: 281 In bfdSessTable: 282 BfdSessEntry ::= SEQUENCE { 283 -- BFD session index 284 bfdSessIndex = 2, 285 bfdSessVersionNumber = 1, 286 -- LSP Ping used for OOB bootstrapping 287 bfdSessType = multiHopOutOfBandSignaling, 288 ... 289 bfdSessAdminStatus = start, 290 ... 291 bfdSessDemandModeDesiredFlag = false, 292 bfdSessControlPlaneIndepFlag = false, 293 bfdSessMultipointFlag = false, 294 bfdSessDesiredMinTxInterval = 100000, 295 bfdSessReqMinRxInterval = 100000, 296 ... 297 -- Indicates that the BFD session is to monitor 298 -- an MPLS TE tunnel 299 bfdMplsSessMapType = teIpv4(3), 301 -- OID of the first accessible object (mplsTunnelName) of 302 -- the mplsTunnelEntry identifying the MPLS TE tunnel (being 303 -- monitored using BFD) in the MPLS tunnel table. 304 -- A value of zeroDotzero indicates that no association 305 -- has been made as yet between the BFD session and the path 306 -- being monitored. 307 -- In the above OID example: 308 -- 100 -> Tunnel Index 309 -- 1 -> Tunnel instance 310 -- 3221225985 -> Ingress LSR Id 192.0.2.1 311 -- 3221225987 -> Egress LSR Id 192.0.2.3 312 bfdMplsSessMapPointer 313 = mplsTunnelName.100.1.3221225985.3221225987, 314 bfdSessRowStatus = createAndGo 315 } 317 Similarly BFD session would be configured on the tail-end of 318 the tunnel. Creating the above row will trigger 319 the bootstrapping of the session using LSP Ping and its 320 subsequent establishment over the path by de-multiplexing of 321 the control packets using the BFD session discriminators. 323 5.2.2 Example of BFD Session configuration for ME of MPLS-TP TE tunnel 325 This example considers the OAM identifiers configuration on a 326 head-end LSR to manage and monitor a co-routed bidirectional MPLS 327 tunnel. 328 Only relevant objects which are applicable for IP based OAM 329 identifiers of co-routed MPLS tunnel are illustrated here. 331 In mplsOamIdMegTable: 332 { 333 -- MEG index (Index to the table) 334 mplsOamIdMegIndex = 1, 335 mplsOamIdMegName = "MEG1", 336 mplsOamIdMegOperatorType = ipCompatible (1), 337 mplsOamIdMegServiceType = lsp (1), 338 mplsOamIdMegMpLocation = perNode(1), 339 -- Mandatory parameters needed to activate the row go here 340 mplsOamIdMegRowStatus = createAndGo (4) 341 } 343 This will create an entry in the mplsOamIdMegTable to manage and 344 monitor the MPLS tunnel. 346 The following ME table is used to associate the path information 347 to a MEG. 349 In mplsOamIdMeTable: 350 { 351 -- ME index (Index to the table) 352 mplsOamIdMeIndex = 1, 353 -- MP index (Index to the table) 354 mplsOamIdMeMpIndex = 1, 355 mplsOamIdMeName = "ME1", 356 mplsOamIdMeMpIfIndex = 0, 357 -- Source MEP id is derived from the IP compatible MPLS tunnel 358 mplsOamIdMeSourceMepIndex = 0, 359 -- Source MEP id is derived from the IP compatible MPLS tunnel 360 mplsOamIdMeSinkMepIndex = 0, 361 mplsOamIdMeMpType = mep (1), 362 mplsOamIdMeMepDirection = down (2), 363 mplsOamIdMeProactiveOamPhbTCValue = 0, 364 mplsOamIdMeOnDemandOamPhbTCValue = 0, 365 -- RowPointer MUST point to the first accessible column of an 366 -- MPLS tunnel 367 mplsOamIdMeServicePointer = mplsTunnelName.1.1.1.2, 368 -- Mandatory parameters needed to activate the row go here 369 mplsOamIdMeRowStatus = createAndGo (4) 370 } 372 BFD session parameters used to monitor this tunnel should be 373 configured on head-end as follows: 375 In bfdSessTable: 376 BfdSessEntry ::= SEQUENCE { 377 -- BFD session index 378 bfdSessIndex = 2, 379 bfdSessVersionNumber = 1, 380 -- LSP Ping used for OOB bootstrapping 381 bfdSessType = multiHopOutOfBandSignaling, 382 ... 383 bfdSessAdminStatus = start, 384 ... 385 bfdSessDemandModeDesiredFlag = false, 386 bfdSessControlPlaneIndepFlag = false, 387 bfdSessMultipointFlag = false, 388 bfdSessDesiredMinTxInterval = 100000, 389 bfdSessReqMinRxInterval = 100000, 390 ... 391 -- Indicates that the BFD session is to monitor 392 -- a ME of an MPLS-TP TE tunnel 393 bfdMplsSessMapType = mep(6), 395 bfdMplsSessMapPointer 396 = mplsOamIdMeName.1.1.1, 397 bfdSessRowStatus = createAndGo 398 } 400 Similarly BFD session would be configured on the tail-end of 401 the tunnel and creating the above row will trigger 402 the bootstrapping of the session using LSP Ping and its subsequent 403 establishment over the path by de-multiplexing of the control 404 packets using the BFD session discriminators. 406 5.3. BFD objects for session performance counters 408 [RFC7331] defines BFD Session Performance Table 409 (bfdSessionPerfTable), for collecting per-session BFD performance 410 counters, as an extension to the bfdSessionTable. 412 The bfdSessionPerfTable is extended with the performance counters 413 to collect Mis-connectivity Defect, Loss of Continuity Defect 414 and RDI (Remote Defect Indication) counters. 416 1. bfdMplsSessPerfMisDefCount - Mis-connectivity defect count 417 for this BFD session. 418 2. bfdMplsSessPerfLocDefCount - Loss of continuity defect count for 419 this BFD session. 420 3. bfdMplsSessPerfRdiInCount - Total number of RDI messages 421 received for this BFD session. 422 4. bfdMplsSessPerfRdiOutCount - Total number of RDI messages sent 423 for this BFD session. 425 6. BFD-EXT-STD-MIB Module Definition 426 BFD-EXT-STD-MIB DEFINITIONS ::= BEGIN 428 IMPORTS 429 MODULE-IDENTITY, OBJECT-TYPE, mib-2, 430 Counter32, zeroDotZero 431 FROM SNMPv2-SMI -- [RFC2578] 433 RowPointer,TruthValue,TEXTUAL-CONVENTION 434 FROM SNMPv2-TC -- [RFC2579] 436 MODULE-COMPLIANCE, OBJECT-GROUP 437 FROM SNMPv2-CONF -- [RFC2580] 439 bfdSessIndex 440 FROM BFD-STD-MIB; 442 bfdMplsMib MODULE-IDENTITY 443 LAST-UPDATED "201406270000Z" -- June 27 2014 444 ORGANIZATION "IETF Bidirectional Forwarding Detection 445 Working Group" 446 CONTACT-INFO 447 " 448 Sam Aldrin 449 Huawei Technologies 450 2330 Central Express Way, 451 Santa Clara, CA 95051, USA 452 Email: aldrin.ietf@gmail.com 454 Venkatesan Mahalingam 455 Dell Inc. 456 5450 Great America Parkway, 457 Santa Clara, CA 95054, USA 458 Email: venkat.mahalingams@gmail.com 460 Kannan KV Sampath 461 Redeem Software 462 India 463 Email: kannankvs@gmail.com 465 Thomas D. Nadeau 466 Email: tnadeau@lucidvision.com" 468 DESCRIPTION 469 " Copyright (c) 2014 IETF Trust and the persons identified 470 as the document authors. All rights reserved. 471 This MIB module is an initial version containing objects 472 to provide a proactive mechanism to detect faults using 473 BFD for MPLS and MPLS-TP networks." 474 REVISION "201406270000Z" -- June 27 2014 475 DESCRIPTION 476 -- RFC Ed.: RFC-editor pls fill in xxxx 477 ::= { mib-2 XXX } -- XXX to be replaced with correct value 478 -- RFC Ed.: assigned by IANA 480 -- ------------------------------------------------------------ 481 -- groups in the MIB 482 -- ------------------------------------------------------------ 484 bfdMplsObjects OBJECT IDENTIFIER ::= { bfdMplsMib 0 } 485 bfdMplsConformance OBJECT IDENTIFIER ::= { bfdMplsMib 1 } 487 -- ------------------------------------------------------------ 488 -- Textual Conventions 489 -- ------------------------------------------------------------ 491 SessionMapTypeTC ::= TEXTUAL-CONVENTION 492 STATUS current 493 DESCRIPTION 494 "Used to indicate the type of MPLS or MPLS-TP path 495 associated to the session" 496 SYNTAX INTEGER { 497 nonTeIpv4(1), -- mapping into LDP IPv4 498 nonTeIpv6(2), -- mapping into LDP IPv6 499 teIpv4(3), -- mapping into TE IPv4 500 teIpv6(4), -- mapping into TE IPv6 501 pw(5), -- mapping into Pseudowires 502 mep(6) -- mapping into MEPs in MPLS-TP 503 } 505 DefectActionTC ::= TEXTUAL-CONVENTION 506 STATUS current 507 DESCRIPTION 508 "The action to be taken when the mis-connectivity/loss of 509 connectivity defect occurs in the MPLS or MPLS-TP 510 path associated to the session" 511 SYNTAX INTEGER { 512 alarmOnly(1), -- Alarm only 513 alarmAndBlockData(2) -- Alarm and block the data 514 } 516 -- ------------------------------------------------------------------ 517 -- BFD session table extensions for MPLS and MPLS-TP BFD sessions 518 -- ------------------------------------------------------------------ 519 -- bfdMplsSessTable - bfdSessTable Extension 520 bfdMplsSessTable OBJECT-TYPE 521 SYNTAX SEQUENCE OF BfdMplsSessEntry 522 MAX-ACCESS not-accessible 523 STATUS current 524 DESCRIPTION 525 "This table is an extension to the bfdSessTable for 526 configuring BFD sessions for MPLS or MPLS-TP paths." 527 ::= { bfdMplsObjects 1 } 529 bfdMplsSessEntry OBJECT-TYPE 530 SYNTAX BfdMplsSessEntry 531 MAX-ACCESS not-accessible 532 STATUS current 533 DESCRIPTION 534 "A row in this table extends a row in bfdSessTable." 535 INDEX { bfdSessIndex } 536 ::= { bfdMplsSessTable 1 } 538 BfdMplsSessEntry ::= SEQUENCE { 539 bfdMplsSessRole INTEGER, 540 bfdMplsSessMode INTEGER, 541 bfdMplsSessTmrNegotiate TruthValue, 542 bfdMplsSessMapType SessionMapTypeTC, 543 bfdMplsSessMapPointer RowPointer, 544 bfdMplsSessMisConnectivityDefectAction DefectActionTC, 545 bfdMplsSessLOCDefect DefectActionTC 546 } 548 bfdMplsSessRole OBJECT-TYPE 549 SYNTAX INTEGER { 550 active(1), 551 passive(2) 552 } 553 MAX-ACCESS read-create 554 STATUS current 555 DESCRIPTION 556 "This object specifies whether the system is playing the 557 active(1) role or the passive(2) role for this 558 BFD session." 559 REFERENCE 560 "RFC 5880, Section 6.1" 561 DEFVAL { active } 562 ::= { bfdMplsSessEntry 1 } 564 bfdMplsSessMode OBJECT-TYPE 565 SYNTAX INTEGER { 566 cc(1), 567 cv(2) 569 } 570 MAX-ACCESS read-create 571 STATUS current 572 DESCRIPTION 573 "This object specifies whether the BFD session is running 574 in Continuity Check(CC) or the Connectivity 575 Verification(CV) mode." 576 REFERENCE 577 "1.RFC6428, Proactive Connectivity Verification, 578 Continuity Check and Remote Defect Indication 579 for MPLS Transport Profile." 580 DEFVAL { cc } 581 ::= { bfdMplsSessEntry 2 } 583 bfdMplsSessTmrNegotiate OBJECT-TYPE 584 SYNTAX TruthValue 585 MAX-ACCESS read-create 586 STATUS current 587 DESCRIPTION 588 "This object specifies if timer negotiation is required for 589 the BFD session. When set to false, timer negotiation is 590 disabled." 591 DEFVAL { true } 592 ::= { bfdMplsSessEntry 3 } 594 bfdMplsSessMapType OBJECT-TYPE 595 SYNTAX SessionMapTypeTC 596 MAX-ACCESS read-create 597 STATUS current 598 DESCRIPTION 599 "This object indicates the type of path being monitored 600 by this BFD session entry." 601 DEFVAL { nonTeIpv4 } 602 ::= { bfdMplsSessEntry 4 } 604 bfdMplsSessMapPointer OBJECT-TYPE 605 SYNTAX RowPointer 606 MAX-ACCESS read-create 607 STATUS current 608 DESCRIPTION 609 "If bfdMplsSessMapType is nonTeIpv4(1) or nonTeIpv6(2), 610 then this object MUST contain zeroDotZero or point to 611 an instance of the mplsXCEntry indicating the LDP-based 612 LSP associated with this BFD session. 614 If bfdMplsSessMapType is teIpv4(3) or teIpv6(4), then 615 this object MUST contain zeroDotZero or point to 616 an instance of the mplsTunnelEntry indicating 617 the RSVP-based MPLS TE tunnel associated with this 618 BFD session. 620 If bfdMplsSessMapType is pw(5), then this object MUST 621 contain zeroDotZero or point to an instance of 622 the pwEntry indicating the MPLS Pseudowire associated 623 with this BFD session. 625 If bfdMplsSessMapTpye is mep(6). then this object MUST 626 contain zeroDotZero or point to an instance identifying 627 the mplsOamIdMeEntry configured for monitoring the MPLS-TP 628 path associated with this BFD session. 630 If this object points to a conceptual row instance 631 in a table consistent with bfdMplsSessMapType but this 632 instance does not currently exist then no valid 633 path is associated with this session entry. 635 If this object contains zeroDotZero then no valid path is 636 associated with this BFD session entry till it is 637 populated with a valid pointer consistent with 638 the value of bfdMplsSessMapType as explained above." 639 REFERENCE 640 "1. Multiprotocol Label Switching (MPLS) Traffic 641 Engineering (TE)Management Information Base (MIB), 642 [RFC3812]. 643 2. Multiprotocol Label Switching (MPLS) Label Switching 644 Router (LSR) Management Information Base (MIB), 645 [RFC3813]. 646 3. Pseudowire (PW) Management Information Base (MIB, 647 [RFC5601]. 648 4. MPLS-TP Operations, Administration, and Management 649 (OAM) Identifiers Management Information Base (MIB), ID 650 draft-ietf-mpls-tp-oam-id-mib-04, December 2013." 651 DEFVAL { zeroDotZero } 652 ::= { bfdMplsSessEntry 5 } 654 bfdMplsSessMisConnectivityDefectAction OBJECT-TYPE 655 SYNTAX DefectActionTC 656 MAX-ACCESS read-create 657 STATUS current 658 DESCRIPTION 659 "This object indicates the action to be taken when 660 the mis-connectivity defect is detected on 661 this BFD session." 662 DEFVAL { alarmOnly } 663 ::= { bfdMplsSessEntry 6 } 664 bfdMplsSessLOCDefect OBJECT-TYPE 665 SYNTAX DefectActionTC 666 MAX-ACCESS read-create 667 STATUS current 668 DESCRIPTION 669 "This object indicates the action to be taken when 670 the loss of continuity defect is detected on 671 this BFD session." 672 DEFVAL { alarmOnly } 673 ::= { bfdMplsSessEntry 7 } 675 -- ------------------------------------------------------------------ 676 -- BFD Objects for Session performance 677 -- ----------------------------------------------------------------- 678 -- bfdMplsSessPerfTable - bfdSessPerfTable Extension 680 bfdMplsSessPerfTable OBJECT-TYPE 681 SYNTAX SEQUENCE OF BfdMplsSessPerfEntry 682 MAX-ACCESS not-accessible 683 STATUS current 684 DESCRIPTION 685 "This table is an extension to the bfdSessPerfTable" 686 ::= { bfdMplsObjects 2 } 688 bfdMplsSessPerfEntry OBJECT-TYPE 689 SYNTAX BfdMplsSessPerfEntry 690 MAX-ACCESS not-accessible 691 STATUS current 692 DESCRIPTION 693 "A row in this table extends the bfdSessPerfTable" 694 INDEX { bfdSessIndex } 695 ::= { bfdMplsSessPerfTable 1 } 697 BfdMplsSessPerfEntry ::= SEQUENCE { 698 bfdMplsSessPerfMisDefCount Counter32, 699 bfdMplsSessPerfLocDefCount Counter32, 700 bfdMplsSessPerfRdiInCount Counter32, 701 bfdMplsSessPerfRdiOutCount Counter32 702 } 704 bfdMplsSessPerfMisDefCount OBJECT-TYPE 705 SYNTAX Counter32 706 MAX-ACCESS read-only 707 STATUS current 708 DESCRIPTION 709 "This object gives a count of the mis-connectivity defects 710 detected for the BFD session. For instance, this count 711 will be incremented when the received BFD control packet 712 carries an incorrect globally unique source 713 MEP identifier." 714 ::= { bfdMplsSessPerfEntry 1 } 716 bfdMplsSessPerfLocDefCount OBJECT-TYPE 717 SYNTAX Counter32 718 MAX-ACCESS read-only 719 STATUS current 720 DESCRIPTION 721 "This object gives a count of the Loss of continuity 722 defects detected in MPLS and MPLS-TP paths" 723 ::= { bfdMplsSessPerfEntry 2 } 725 bfdMplsSessPerfRdiInCount OBJECT-TYPE 726 SYNTAX Counter32 727 MAX-ACCESS read-only 728 STATUS current 729 DESCRIPTION 730 "This object gives a count of the Remote Defect 731 Indications received for the BFD session." 732 ::= { bfdMplsSessPerfEntry 3 } 734 bfdMplsSessPerfRdiOutCount OBJECT-TYPE 735 SYNTAX Counter32 736 MAX-ACCESS read-only 737 STATUS current 738 DESCRIPTION 739 "This object gives a count of the Remote Defect 740 Indications sent by the BFD session" 741 ::= { bfdMplsSessPerfEntry 4 } 743 -- Module compliance 745 bfdMplsGroups 746 OBJECT IDENTIFIER ::= { bfdMplsConformance 1 } 748 bfdMplsCompliances 749 OBJECT IDENTIFIER ::= { bfdMplsConformance 2 } 751 -- Compliance requirement for fully compliant implementations. 753 bfdMplsModuleFullCompliance MODULE-COMPLIANCE 754 STATUS current 755 DESCRIPTION 756 "Compliance statement for agents that provide full 757 support for the BFD-EXT-STD-MIB module. " 759 MODULE -- This module. 761 MANDATORY-GROUPS { 762 bfdSessionExtGroup, 763 bfdSessionExtPerfGroup 764 } 765 ::= { bfdMplsCompliances 1 } 767 -- Compliance requirement for read-only implementations. 769 bfdMplsModuleReadOnlyCompliance MODULE-COMPLIANCE 770 STATUS current 771 DESCRIPTION 772 "Compliance requirement for implementations that only 773 provide read-only support for BFD-EXT-STD-MIB. Such devices 774 can then be monitored but cannot be configured using 775 this MIB module." 777 MODULE -- This module. 779 MANDATORY-GROUPS { 780 bfdSessionExtGroup, 781 bfdSessionExtPerfGroup 782 } 784 OBJECT bfdMplsSessRole 785 MIN-ACCESS read-only 786 DESCRIPTION "Write access is not required." 788 OBJECT bfdMplsSessMode 789 MIN-ACCESS read-only 790 DESCRIPTION "Write access is not required." 792 OBJECT bfdMplsSessTmrNegotiate 793 MIN-ACCESS read-only 794 DESCRIPTION "Write access is not required." 796 OBJECT bfdMplsSessMapType 797 MIN-ACCESS read-only 798 DESCRIPTION "Write access is not required." 800 OBJECT bfdMplsSessMapPointer 801 MIN-ACCESS read-only 802 DESCRIPTION "Write access is not required." 804 ::= { bfdMplsCompliances 2 } 806 -- Units of conformance. 808 bfdSessionExtGroup OBJECT-GROUP 809 OBJECTS { 810 bfdMplsSessRole, 811 bfdMplsSessMode, 812 bfdMplsSessTmrNegotiate, 813 bfdMplsSessMapType, 814 bfdMplsSessMapPointer, 815 bfdMplsSessMisConnectivityDefectAction, 816 bfdMplsSessLOCDefect 817 } 818 STATUS current 819 DESCRIPTION 820 "Collection of objects needed for BFD monitoring for 821 MPLS and MPLS-TP paths" 822 ::= { bfdMplsGroups 1 } 824 bfdSessionExtPerfGroup OBJECT-GROUP 825 OBJECTS { 826 bfdMplsSessPerfMisDefCount, 827 bfdMplsSessPerfLocDefCount, 828 bfdMplsSessPerfRdiInCount, 829 bfdMplsSessPerfRdiOutCount 830 } 831 STATUS current 832 DESCRIPTION 833 "Collection of objects needed to monitor the 834 performance of BFD sessions on MPLS and MPLS-TP 835 paths" 836 ::= { bfdMplsGroups 2 } 838 END 840 7. Security Considerations 842 As BFD session for MPLS path may be tied into the stability of 843 the MPLS network infrastructure, the effects of an attack on a BFD 844 session may be very serious. This ultimately has denial-of-service 845 effects, as links may be declared to be down (or falsely declared to 846 be up.) As such, improper configuration of the objects represented 847 by this MIB may result in denial of service to a large number of end- 848 users. 850 There are a number of management objects defined in this MIB module 851 with a MAX-ACCESS clause of read-write and/or read-create. Such 852 objects may be considered sensitive or vulnerable in some network 853 environments. The support for SET operations in a non-secure 854 environment without proper protection can have a negative effect on 855 network operations. 857 There are a number of management objects defined in this MIB module 858 with a MAX-ACCESS clause of read-write and/or read-create. Such 859 objects may be considered sensitive or vulnerable in some network 860 environments. It is thus important to control even GET and/or NOTIFY 861 access to these objects and possibly to even encrypt the values of 862 these objects when sending them over the network via SNMP. 864 o The bfdMplsSessTable may be used to directly configure BFD 865 sessions for MPLS path. 866 Unauthorized access to objects in this table could result in 867 disruption of traffic on the network. This is especially true if 868 an unauthorized user configures enough tables to invoke a denial 869 of service attack on the device where they are configured, or on 870 a remote device where the sessions terminate. 872 Some of the readable objects in this MIB module (i.e., objects with a 873 MAX-ACCESS other than not-accessible) may be considered sensitive or 874 vulnerable in some network environments. It is thus important to 875 control even GET and/or NOTIFY access to these objects and possibly 876 to even encrypt the values of these objects when sending them over 877 the network via SNMP. These are the tables and objects and their 878 sensitivity/vulnerability: 880 o The bfdSessPerfTable and bfdMplsSessPerfTable both allows access 881 to the performance characteristics of BFD sessions for MPLS 882 paths. Network administrators not wishing to show 883 this information should consider this table sensitive. 885 The bfdSessAuthenticationType, bfdSessAuthenticationKeyID, and 886 bfdSessAuthenticationKey objects hold security methods and 887 associated security keys of BFD sessions for MPLS paths. These 888 objects SHOULD be considered highly sensitive objects. In order 889 for these sensitive information from being improperly accessed, 890 implementers MAY wish to disallow read and create access to these 891 objects. 893 SNMP versions prior to SNMPv3 did not include adequate security. Even 894 if the network itself is secure (for example by using IPsec), there 895 is no control as to who on the secure network is allowed to access 896 and GET/SET (read/change/create/delete) the objects in this MIB 897 module. 899 Implementations SHOULD provide the security features described by the 900 SNMPv3 framework (see [RFC3410]), and implementations claiming 901 compliance to the SNMPv3 standard MUST include full support for 902 authentication and privacy via the User-based Security Model (USM) 904 [RFC3414] with the AES cipher algorithm [RFC3826]. Implementations 905 MAY also provide support for the Transport Security Model (TSM) 906 [RFC5591] in combination with a secure transport such as SSH 907 [RFC5592] or TLS/DTLS [RFC6353]. 909 Further, deployment of SNMP versions prior to SNMPv3 is NOT 910 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 911 enable cryptographic security. It is then a customer/operator 912 responsibility to ensure that the SNMP entity giving access to an 913 instance of this MIB module is properly configured to give access to 914 the objects only to those principals (users) that have legitimate 915 rights to indeed GET or SET (change/create/delete) them. 917 8. IANA Considerations 919 The MIB module in this document uses the following IANA-assigned 920 OBJECT IDENTIFIER values recorded in the SMI Numbers registry: 922 Descriptor OBJECT IDENTIFIER value 923 ---------- ----------------------- 925 bfdMplsMib { mib-2 XXX } 927 [Editor's Note (to be removed prior to publication): the IANA is 928 requested to assign a value for "XXX" under the 'mib-2' subtree 929 and to record the assignment in the SMI Numbers registry. When 930 the assignment has been made, the RFC Editor is asked to replace 931 "XXX" here and in the MIB module) with the assigned value and 932 to remove this note.] 934 9. References 936 9.1 Normative References 938 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 939 Requirement Levels", BCP 14, RFC 2119, March 1997. 941 [BFD] Katz, D. and D. Ward, "Bidirectional Forwarding 942 Detection (BFD)", RFC 5880, June 2010. 944 [BFD-1HOP] Katz, D. and D. Ward, "Bidirectional Forwarding 945 Detection (BFD) for IPv4 and IPv6 (Single Hop)", 946 RFC 5881, June 2010. 948 [BFD-MH] Katz, D. and D. Ward, "Bidirectional Forwarding 949 Detection (BFD) for Multihop Paths", RFC 5883, 950 June 2010. 952 [RFC5884] Aggarwal, R. et.al., "Bidirectional Forwarding 953 Detection (BFD) for MPLS Label Switched Paths (LSPs)", 954 RFC 5884, June 2010 956 [RFC6428] Allan, D., Swallow, G., Drake, J., "Proactive 957 Connectivity Verification, Continuity Check and Remote 958 Defect indication for MPLS Transport Profile", RFC 959 6428, November 2011. 961 [RFC2578] McCloghrie, K., Perkins, D., and J. Schoenwaelder, 962 "Structure of Management Information Version 2 (SMIv2)", 963 STD 58, RFC 2578, April 1999. 965 [RFC2579] McCloghrie, K., Perkins, D., and J. Schoenwaelder, 966 "Textual Conventions for SMIv2", STD 58, RFC 2579, April 967 1999. 969 [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, 970 "Conformance Statements for SMIv2", STD 58, RFC 2580, 971 April 1999. 973 9.2 Informative References 975 [RFC3410] J. Case, R. Mundy, D. pertain, B.Stewart, "Introduction 976 and Applicability Statement for Internet Standard 977 Management Framework", RFC 3410, December 2002. 979 [RFC3414] Blumenthal, U. and B. Wijnen, "User-based Security 980 Model(USM) for version 3 of the Simple Network 981 Management Protocol (SNMPv3)", STD 62, RFC 3414, 982 December 2002. 984 [RFC3812] Srinivasan, C., Viswanathan, A., and T. Nadeau, 985 "Multiprotocol Label Switching (MPLS) Traffic Engineering 986 (TE) Management Information Base (MIB)", RFC 3812, June 987 2004. 989 [RFC3813] Srinivasan, C., Viswanathan, A., and T. Nadeau, 990 "Multiprotocol Label Switching (MPLS) Label Switching 991 (LSR) Router Management Information Base (MIB)", 992 RFC 3813, June 2004. 994 [RFC3826] Blumenthal, U., F. Maino and K. McCloghrie, "The 995 Advanced Encryption Standard (AES) Cipher Algorithm in 996 the SNMP User-based Security Model", RFC 3826, June 997 2004. 999 [RFC5591] Harrington, D. and W. Hardaker, "Transport Security 1000 Model for the Simple Network Management Protocol 1001 (SNMP)",RFC 5591, June 2009. 1003 [RFC5592] Harrington, D., Salowey, J., and W. Hardaker, "Secure 1004 Shell Transport Model for the Simple Network Management 1005 Protocol (SNMP)", RFC 5592, June 2009. 1007 [RFC5601] T. Nadeau, Ed., D. Zelig, Ed., "Pseudowire (PW) 1008 Management Information Base (MIB)", RFC 5601, 1009 July 2009. 1011 [RFC6353] Hardaker, W., "Transport Layer Security (TLS) Transport 1012 Model for the Simple Network Management Protocol 1013 (SNMP)", STD 78, RFC 6353, July 2011. 1015 [RFC7331] T. Nadeau, Z. Ali, N. Akiya "BFD Management 1016 Information Base", RFC 7331, August 2014. 1018 [MPLS-OAM-ID-STD-MIB] Sam Aldrin, M.Venkatesan, Kannan KV Sampath, 1019 Thomas D. Nadeau, Sami Boutros, Ping Pan, 1020 "MPLS-TP Operations, Administration, and 1021 Management (OAM) Identifiers Management 1022 Information Base (MIB)", ID 1023 draft-ietf-mpls-tp-oam-id-mib-06, 1024 December 2014. 1026 10. Acknowledgments 1028 The authors would like to thank Jeffrey Haas, Mukund Mani, 1029 Lavanya Srivatsa, Muly Ilan and John Salloway for their valuable 1030 comments. 1032 11. Authors' Addresses 1034 Sam Aldrin 1035 Huawei Technologies 1036 2330 Central Express Way, 1037 Santa Clara, CA 95051, USA 1038 Email: aldrin.ietf@gmail.com 1040 Venkatesan Mahalingam 1041 Dell Inc. 1042 5450 Great America Parkway, 1043 Santa Clara, CA 95054, USA 1044 Email: venkat.mahalingams@gmail.com 1046 Kannan KV Sampath 1047 Redeem Software 1048 India 1049 Email: kannankvs@gmail.com 1051 Thomas D. Nadeau 1052 Brocade 1053 Email: tnadeau@lucidvision.com